I’m facing a problem which I haven’t been able to find a good solution for yet.
My NixOS configuration uses the NixOS home-manager module to configure all users settings which contain both root and non-root users however I want to prevent regular users from invoking any of the nix commands (nix shell, nix-env, nix run, etc.). It seems that the best way to do this is to use the nix.settings.allowed-users option and lock it down to only wheel group members however in doing so non-sudo user’s home-manager systemd unit fails to start since it runs as that user and now that user isn’t able to connect to the nix daemon.
So my question is how do I prevent non-sudo users from running nix commands while still allowing their systemd home-manager activation script to run?
I don’t think it’s possible to do what you are asking. You can’t disallow and allow users access to the daemon. Perhaps you might get a more satisfying answer if you can formulate your question in terms of some higher level objective. What threat are you trying to mitigate? Users with access to the nix-daemon (modulo root-escalation bugs) can’t change what executables are in anyone else’s path, and can’t change system level settings.
Sure, but they can install software and possibly poison the cache. (Not sure what the threat model is here.)
I guess the more pertinent question is why hm’s activation needs the nix daemon at all.
What does cache poisoning look like? If I am a user I can submit requests to build nix expressions to the daemon, so I can create store paths. But presumably (please poke holes) I can’t control the store paths, because that’s a pre-image attack on the hash function? Don’t I need to be a trusted user to write arbitrary content to a chose store path?
EDIT: Scanning through the generated activation script it calls nix-store to create a couple of gc-roots.
You can, because you control the build inputs. Nix assumes build reproducibility and therefore computes the store path based on inputs, the output isn’t separately hashed.
Nix also helps ensure reproducibility through various measures, but it isn’t guaranteed in the face of a malicious user. It’s difficult to exploit this, but not completely impossible - particularly when sandboxing is disabled.
Right, I can chose my inputs. But if I have computed path X, for nix expression Y, then to poison the store I need to come up surely with a new expression Z whose inputs hash to X? i.e a pre-image of the hash. But I suppose this is all assuming a polite user that knocks on the front door.
I will give you all the hearts if you can point me to a sketch of what this would look like. I’m going to stop posting on this thread because I’ve probably derailed it enough.