[Nix-dev] Cam non-root users open new ports
Cai Chen
ecaichen at gmail.com
Sat Jun 1 18:07:48 CEST 2013
Hi All,
I like the approach in Nix(os) that non-privileged users can securely
install their own package. But say if they wanted to install their own
version of apache httpd with their own set of modules and http.conf, would
they be able to open new port say 9090 for new install without root user?
>From what I read from nixos's papers, non-privileged users can build the
packages and their own configuration files as packages, but they
cannot activate
it via activation script, which normally alter the "global" state in the
system and make the system "stateful". Opening new ports or manipulating
netfilter (iptable) still need to be done in root user.
Am I understanding it right?
Cai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130601/6534bb5e/attachment.html
More information about the nix-dev
mailing list