Age | Commit message (Expand) | Author |
2021-01-22 | store: Add 'find-roots' RPC....* guix/serialization.scm (read-string-pairs): New procedure.
* guix/store.scm (read-arg): Add support for 'string-pairs'.
(find-roots): New procedure.
* tests/store.scm ("add-indirect-root and find-roots"): New test.
| Ludovic Courtès |
2020-12-19 | tests: Make sure substituted items are deduplicated....* tests/store.scm ("substitute, deduplication"): New test.
| Ludovic Courtès |
2020-12-19 | tests: Check the mtime and permissions of substituted items....* tests/store.scm ("substitute")
("substitute + build-things with output path")
("substitute + build-things with specific output"): Call 'canonical-file?'.
* tests/substitute.scm ("substitute, authorized key"): Check the mtime
and permissions of "substitute-retrieved".
| Ludovic Courtès |
2020-12-19 | tests: Check the build trace for hash mismatches on substitutes....* tests/store.scm ("substitute, corrupt output hash, build trace"): New
test.
| Ludovic Courtès |
2020-09-14 | tests: Remove one 'delete-paths' call in 'tests/store.scm'....This makes the test slightly less expensive.
* tests/store.scm ("add-text-to-store vs. delete-paths")
("add-to-store vs. delete-paths"): Delete and merge into...
("add-text-to-store/add-to-store vs. delete-paths"): ... this test.
| Ludovic Courtès |
2020-09-14 | daemon: Spawn 'guix authenticate' once for all....Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
| Ludovic Courtès |
2020-09-11 | store: Test 'import-paths' with unauthorized and unsigned nar bundles....* tests/store.scm ("import not signed")
("import signed by unauthorized key"): New tests.
| Ludovic Courtès |
2020-08-28 | store: 'with-store' returns as many values as its body....Fixes <https://bugs.gnu.org/42912>.
Reported by Ricardo Wurmus <rekado@elephly.net>.
* guix/store.scm (call-with-store)[thunk]: Wrap call to PROC in
'call-with-values'.
* tests/store.scm ("with-store, multiple values"): New test.
| Ludovic Courtès |
2020-06-27 | daemon: Recognize SHA3 and BLAKE2s....* nix/libutil/hash.hh (HashType): Add htSHA3_256, htSHA3_512, and
htBLAKE2s_256.
* nix/libutil/hash.cc (parseHashType, printHashType): Recognize them.
* tests/store.scm ("add-to-store"): Test these algorithms.
| Ludovic Courtès |
2020-05-22 | packages: Introduce <content-hash> and use it in <origin>....* guix/packages.scm (<content-hash>): New record type.
(define-content-hash-constructor, build-content-hash)
(content-hash): New macros.
(print-content-hash): New procedure.
(<origin>): Rename constructor to '%origin'.
[sha256]: Remove field.
[hash]: New field. Adjust users.
(origin-compatibility-helper, origin): New macros.
(origin-sha256): New deprecated procedure.
(origin->derivation): Adjust accordingly.
* tests/packages.scm ("package-source-derivation, origin, sha512"): New
test.
* guix/tests.scm: Hide (gcrypt hash) 'sha256' for proper syntax
matching.
* tests/challenge.scm: Add #:prefix for (gcrypt hash) and adjust users.
* tests/derivations.scm: Likewise.
* tests/store.scm: Likewise.
* tests/graph.scm ("bag DAG, including origins"): Provide 'sha256' field
with the right length.
* gnu/packages/aspell.scm (aspell-dictionary)
(aspell-dict-ca, aspell-dict-it): Use 'hash' and 'content-hash' for
proper syntax matching.
* gnu/packages/bash.scm (bash-patch): Rename 'sha256' to 'sha256-bv'.
* gnu/packages/bootstrap.scm (bootstrap-executable): Rename 'sha256' to 'bv'.
* gnu/packages/readline.scm (readline-patch): Likewise.
* gnu/packages/virtualization.scm (qemu-patch): Rename 'sha256' to
'sha256-bv'.
* guix/import/utils.scm: Hide (gcrypt hash) 'sha256'.
| Ludovic Courtès |
2020-05-22 | tests: Test 'add-to-store' with several hash algorithms....* tests/store.scm ("add-to-store"): New test.
| Ludovic Courtès |
2020-05-14 | store: 'mapm/accumulate-builds' preserves '%current-target-system'....Fixes <https://bugs.gnu.org/41182>.
* guix/store.scm (mapm/accumulate-builds): Pass #:system and #:target to
'run-with-store'.
* tests/store.scm ("mapm/accumulate-builds, %current-target-system"):
New test.
* tests/guix-pack.sh: Add 'guix pack -d --target' test.
| Ludovic Courtès |
2020-04-04 | store: 'with-store' doesn't close the store upon abort....Fixes <https://bugs.gnu.org/40428>.
Reported by Marius Bakke <mbakke@fastmail.com> and 白い熊.
Regression introduced with the first uses of 'with-build-handler' in
commit 62195b9a8fd6846117c5d7698842748300d13e31 and subsequent.
* guix/store.scm (call-with-store): Use 'catch #t' instead of
'dynamic-wind'. This ensures STORE remains open when a non-local exit
other than an exception occurs, such as an abort to the build handler
prompt.
* tests/store.scm ("with-build-handler + with-store"): New test.
| Ludovic Courtès |
2020-03-29 | store: Add 'map/accumulate-builds'....* guix/store.scm (<unresolved>): New record type.
(build-accumulator, map/accumulate-builds, mapm/accumulate-builds): New
procedures.
* tests/store.scm ("map/accumulate-builds", "mapm/accumulate-builds"):
New tests.
| Ludovic Courtès |
2020-03-22 | store: Add 'with-build-handler'....* guix/store.scm (current-build-prompt): New variable.
(call-with-build-handler, invoke-build-handler): New procedures.
(with-build-handler): New macro.
* tests/store.scm ("with-build-handler"): New test.
| Ludovic Courtès |
2019-10-16 | daemon: Make 'profiles/per-user' non-world-writable....Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
| Ludovic Courtès |