#pragma once

namespace nix {


#define WORKER_MAGIC_1 0x6e697863
#define WORKER_MAGIC_2 0x6478696f

#define PROTOCOL_VERSION 0x163
#define GET_PROTOCOL_MAJOR(x) ((x) & 0xff00)
#define GET_PROTOCOL_MINOR(x) ((x) & 0x00ff)


typedef enum {
    wopIsValidPath = 1,
    wopHasSubstitutes = 3,
    wopQueryPathHash = 4,
    wopQueryReferences = 5,
    wopQueryReferrers = 6,
    wopAddToStore = 7,
    wopAddTextToStore = 8,
    wopBuildPaths = 9,
    wopEnsurePath = 10,
    wopAddTempRoot = 11,
    wopAddIndirectRoot = 12,
    wopSyncWithGC = 13,
    wopFindRoots = 14,
    wopExportPath = 16,
    wopQueryDeriver = 18,
    wopSetOptions = 19,
    wopCollectGarbage = 20,
    wopQuerySubstitutablePathInfo = 21,
    wopQueryDerivationOutputs = 22,
    wopQueryAllValidPaths = 23,
    wopQueryFailedPaths = 24,
    wopClearFailedPaths = 25,
    wopQueryPathInfo = 26,
    wopImportPaths = 27,
    wopQueryDerivationOutputNames = 28,
    wopQueryPathFromHashPart = 29,
    wopQuerySubstitutablePathInfos = 30,
    wopQueryValidPaths = 31,
    wopQuerySubstitutablePaths = 32,
    wopQueryValidDerivers = 33,
    wopOptimiseStore = 34,
    wopVerifyStore = 35,
    wopBuiltinBuilders = 80
} WorkerOp;


#define STDERR_NEXT  0x6f6c6d67
#define STDERR_READ  0x64617461 // data needed from source
#define STDERR_WRITE 0x64617416 // data for sink
#define STDERR_LAST  0x616c7473
#define STDERR_ERROR 0x63787470


Path readStorePath(Source & from);
template<class T> T readStorePaths(Source & from);


}
4ad57ae3e5249ee7402b2ab3c41104ce9c01529'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/etc/guix-daemon.cil.in'>
<input type='hidden' name='id' value='b4ad57ae3e5249ee7402b2ab3c41104ce9c01529'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=b4ad57ae3e5249ee7402b2ab3c41104ce9c01529'>root</a>/<a href='/guix/log/etc?id=b4ad57ae3e5249ee7402b2ab3c41104ce9c01529'>etc</a>/<a href='/guix/log/etc/guix-daemon.cil.in?id=b4ad57ae3e5249ee7402b2ab3c41104ce9c01529'>guix-daemon.cil.in</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/etc/guix-daemon.cil.in?id=b4ad57ae3e5249ee7402b2ab3c41104ce9c01529&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2020-12-10 23:48:42 +0100'>2020-12-10</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=d677f3d6231d352fdb65b70f67d85fb5744e912c'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and
unlink for the guix_daemon_exec_t type.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-27 21:33:59 +0100'>2020-11-27</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=1807632393d0723f3085c457517965c32715717a'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit more operations required for
various build jobs.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-26 00:31:47 +0100'>2020-11-26</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=402ebffe195890c9826cfa7519034dd12a48ae6a'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit file appending, setattr,
read/write UDP sockets, access to tmpfs and hugetlbfs, and connecting to
PostgreSQL.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-25 23:24:52 +0100'>2020-11-25</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=d64e0261d0007413a795c4cf01f9d06b170da3f5'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is needed for some package test suites.

* etc/guix-daemon.cil.in (guix_daemon): Permit unix_dgram_socket operations.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-15 16:08:47 +0100'>2020-11-15</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=62343288ef6dc56027d268ef773ae699a4bbb76d'>etc: Updates for the guix-daemon SELinux policy.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Specify more permissions for
guix-daemon to account for daemon updates and newer SELinux.

I can't promise that this is a complete list of everything that guix-daemon
needs, but it's probably most of them. It can search for, install, upgrade,
and remove packages, create virtual machines and containers, update itself,
and so on.

Signed-off-by: Marius Bakke &lt;marius@gnu.org&gt;
</span></span></td><td>Daniel Brooks</td></tr>
<tr><td><span title='2019-09-08 11:49:25 +0200'>2019-09-08</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=cc98b00857e29074de96a6ed60e325cdfffaea1a'>etc: Remove references to libexec/guix* from SELinux policy.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in: Remove references to libexec/guix*.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2018-02-07 15:41:23 +0100'>2018-02-07</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=b617a9fe239ea645c816d6afcb81d5476f760d84'>etc: Add SELinux policy for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in: New file.
* Makefile.am (dist_selinux_policy_DATA): Define it.
* configure.ac: Handle --with-selinux-policy-dir.
* doc/guix.texi (SELinux Support): New section.
</span></span></td><td>Ricardo Wurmus</td></tr>