/etc/init.d/

ut icon' href='/cgit-static/favicon.ico'/>
aboutsummaryrefslogtreecommitdiff
path: root/nix
AgeCommit message (Expand)Author
2024-12-30daemon: Explicitly unlock output path in the has-become-valid case....Fixes <https://issues.guix.gnu.org/31785>. Similar to <https://github.com/NixOS/nix/issues/178>, fixed in <https://github.com/NixOS/nix/commit/29cde917fe6b8f2e669c8bf10b38f640045c83b8>. We can't rely on Goal deletion to release our locks in a timely manner. In the case in which multiple guix-daemon processes simultaneously try producing an output path path1, the one that gets there first (P1) will get the lock, and the second one (P2) will continue trying to acquire the lock until it is released. Once it has acquired the lock, it checks to see whether the path has already become valid in the meantime, and if so it reports success to those Goals waiting on its completion and finishes. Unfortunately, it fails to release the locks it holds first, so those stay held until that Goal gets deleted. Suppose we have the following store path dependency graph: path4 / | \ path1 path2 path3 P2 is now sitting on path1's lock, and will continue to do so until path4 is completed. Suppose there is also a P3, and it has been blocked while P1 builds path2. Now P3 is sitting on path2's lock, and can't acquire path1's lock to determine that it has been completed. Likewise P2 is sitting on path1's lock, and now can't acquire path2's lock to determine that it has been completed. Finally, P3 completes path3 while P2 is blocked. Now: - P1 knows that path1 and path2 are complete, and holds no locks, but can't determine that path3 is complete - P2 knows that path1 and path3 are complete, and holds locks on path1 and path3, but can't determine that path2 is complete - P3 knows that path2 and path3 are complete, and holds a lock on path2, but can't determine that path1 is complete And none of these locks will be released until path4 is complete. Thus, we have a deadlock. To resolve this, we should explicitly release these locks as soon as they should be released. * nix/libstore/build.cc (DerivationGoal::tryToBuild, SubstitutionGoal::tryToRun): Explicitly release locks in the has-become-valid case. * tests/store-deadlock.scm: New file. * Makefile.am (SCM_TESTS): Add it. Change-Id: Ie510f84828892315fe6776c830db33d0f70bcef8 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reepca Russelstein
2024-12-09daemon: Fix linking gcrypt when --as-needed linker arg is used...This is a followup to 8a7bd211d21f06c1234fbb82bb905d202d58f598. As it is mentioned in autoconf manual that library names should be specified in LIBS, not LDFLAGS. See: https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.72/html_node/Preset-Output-Variables.html#index-LDFLAGS-2 This change also brings back the save_* vars trick that was there before. I missed in my earlier change that nix/local.mk was referring LIBGCRYPT_* vars directly. And, instead of CXXFLAGS, CPPFLAGS is used since the latter is probably more correct as this is used for
2023-05-18etc: gitconfig: Do not enforced signed commits....This change was more invasive than initially thought, and cannot be disabled easily, as raised by a few people. Let's revert it for now. At least the pre-push hook should be deployed automatically and catch any unsigned commits attempted to be pushed to Savannah. * etc/git/gitconfig [commit]: Remove section. Maxim Cournoyer
2023-05-01
2024-11-17daemon: Improve error message in ‘checkStoreName’....* nix/libstore/store-api.cc (checkStoreName): Clarify message when NAME starts with a dot. Change-Id: I045a663bc6cd9844677c65b38a31d3941cf212b5 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Brennan Vincent
2024-10-212021-10-14Add git configuration templates to improve diff hunk header detection....This is a follow-up to commit 9fc8ae4171e5da4939a64fc6d684c8b9d85bbe84, which missed two hunks from <https://issues.guix.gnu.org/50363>. Reported by hackeryarn on #guix. * .gitattributes, etc/git/gitconfig: New files. Signed-off-by: Marius Bakke <marius@gnu.org> Sarah Morgensen
2024-10-21daemon: Sanitize failed build outputs prior to exposing them....The only thing keeping a rogue builder and a local user from collaborating to usurp control over the builder's user during the build is the fact that whatever files the builder may produce are not accessible to any other users yet. If we're going to make them accessible, we should probably do some sanity checking to ensure that sort of collaborating can't happen. Currently this isn't happening when failed build outputs are moved from the chroot as an aid to debugging. * nix/libstore/build.cc (secureFilePerms): new function. (DerivationGoal::buildDone): use it. Change-Id: I9dce1e3d8813b31cabd87a0e3219bf9830d8be96 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reepca Russelstein
2024-06-26etc: Add explicit ‘--substitute-urls’ in guix-daemon service files....Having substitute URLs explicitly listed in the service startup file makes it clearer what should be modified to permanently change the list of substitute URLs. * config-daemon.ac: Rename ‘guix_substitute_urls’ to ‘GUIX_SUBSTITUTE_URLS’ and substitute it. * nix/local.mk (etc/guix-%.service, etc/init.d/guix-daemon) (etc/guix-%.conf): Substitute it. * etc/guix-daemon.conf.in, etc/guix-daemon.service.in, etc/init.d/guix-daemon.in: Add an explicit ‘--substitute-urls’ option. Change-Id: Ie491b7fab5c42e54dca582801c03805a85de2bf9 Ludovic Courtès
2024-05-13daemon: Loop over ‘copy_file_range’ upon short writes....Fixes <https://issues.guix.gnu.org/70877>. * nix/libutil/util.cc (copyFile): Loop over ‘copy_file_range’ instead of throwing upon short write. Reported-by: Ricardo Wurmus <rekado@elephly.net> Change-Id: Id7b8a65ea59006c2d91bc23732309a68665b9ca0 Ludovic Courtès