/etc/openrc/

aboutsummaryrefslogtreecommitdiff
path: root/nix/libstore/build.cc
AgeCommit message (Expand)Author
2019-06-13daemon: Replace "illegal" by "invalid" in error messages....* nix/libstore/build.cc (parseReferenceSpecifiers): Replace "illegal" by "invalid". * nix/libstore/globals.cc (Settings::pack): Likewise. * nix/libstore/store-api.cc (checkStoreName): Likewise. Ludovic Courtès
2019-02-06daemon: Emit a 'build-succeeded' event in check mode....Until now, something like "guix build sed -v1 --check" would not get a 'build-succeeded' event, which in turn meant that the spinner would not be erased upon build completion. * nix/libstore/build.cc (DerivationGoal::registerOutputs): When 'buildMode' is bmCheck and 'settings.printBuildTrace' emit a "@ build-succeeded" trace upon success. * tests/store.scm ("build-succeeded trace in check mode"): New test. Ludovic Courtès
2018-12-16daemon: Use unbranded phrases in comments and messages....* nix/libstore/build.cc, nix/libstore/globals.cc, nix/libstore/gc.cc, nix/libstore/local-store.cc, nix/libstore/optimise-store.cc, nix/libstore/store-api.cc, nix/libutil/archive.cc, nix/nix-daemon/nix-daemon.cc: Replace "Nix store" by "store", and "Nix daemon" by "build daemon". Ludovic Courtès
2018-10-15daemon: Support multiplexed build output....This allows clients to tell whether output comes from the daemon or, if it comes from a builder, from which builder it comes. The latter is particularly useful when MAX-BUILD-JOBS > 1. * nix/libstore/build.cc (DerivationGoal::tryBuildHook) (DerivationGoal::startBuilder): Print the child's PID in "@ build-started" traces. (DerivationGoal::handleChildOutput): Define 'prefix', pass it to 'writeToStderr'. * nix/libstore/globals.cc (Settings:Settings): Initialize 'multiplexedBuildOutput'. (Settings::update): Likewise. * nix/libstore/globals.hh (Settings)[multiplexedBuildOutput]: New field. Update 'printBuildTrace' documentation. * nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0.163. * nix/nix-daemon/nix-daemon.cc (performOp) <wopSetOptions>: Special-case "multiplexed-build-output" and remove "use-ssh-substituter". * guix/store.scm (set-build-options): Add #:multiplexed-build-output? and honor it. (%protocol-version): Bump to #x163. * tests/store.scm ("multiplexed-build-output"): New test. fixlet Ludovic Courtès
2018-09-27Add (guix status) and use it for pretty colored output....* guix/progress.scm (progress-reporter/trace): New procedure. (%progress-interval): New variable. (progress-reporter/file): Use it. * guix/scripts/build.scm (set-build-options-from-command-line): Pass #:print-extended-build-trace?. (%default-options): Add 'print-extended-build-trace?'. (guix-build): Parameterize CURRENT-TERMINAL-COLUMNS. Use 'build-status-updater'. * guix/scripts/environment.scm (%default-options): Add 'print-extended-build-trace?'. (guix-environment): Wrap body in 'with-status-report'. * guix/scripts/pack.scm (%default-options): Add 'print-build-trace?' and 'print-extended-build-trace?'. (guix-pack): Wrap body in 'with-status-report'. * guix/scripts/package.scm (%default-options, guix-package): Likewise. * guix/scripts/system.scm (%default-options, guix-system): Likewise. * guix/scripts/pull.scm (%default-options, guix-pull): Likewise. * guix/scripts/substitute.scm (progress-report-port): Don't call STOP when TOTAL is zero. (process-substitution): Add #:print-build-trace? and honor it. (guix-substitute)[print-build-trace?]: New variable. Pass #:print-build-trace? to 'process-substitution'. * guix/status.scm: New file. * guix/store.scm (set-build-options): Add #:print-extended-build-trace?; pass it into PAIRS. (%protocol-version): Bump. (protocol-version, nix-server-version): New procedures. (current-store-protocol-version): New variable. (with-store, build-things): Parameterize it. * guix/ui.scm (build-output-port): Remove. (colorize-string): Export. * po/guix/POTFILES.in: Add guix/status.scm. * tests/status.scm: New file. * Makefile.am (SCM_TESTS): Add it. * nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0x162. * nix/libstore/build.cc (DerivationGoal::registerOutputs) (SubstitutionGoal::finished): Print a "@ hash-mismatch" trace before throwing. Ludovic Courtès
2018-05-17daemon: Allow building for armhf-linux on aarch64-linux....* nix/libstore/build.cc (canBuildLocally): Allow building armhf-linux builds on aarch64-linux. (DerivationGoal::runChild) Throw error if attempting to build for armhf-linux on an unsupported platform. * doc/guix.texi (Invoking guix build): Document how to build natively for armhf-linux on aarch64-linux. Add note that on some aarch64 machines this is unsupported. Efraim Flashner
2018-01-11daemon: Always try to execute the builder regardless of the platform....* nix/libstore/build.cc (runChild): Move platform check after 'execve' call. Check specifically for ENOEXEC. Ludovic Courtès
2018-01-07daemon: Make libbz2 an optional dependency....* config-daemon.ac: Don't bail out when libbz2 is missing. Define 'HAVE_LIBBZ2' Automake conditional. * nix/libstore/build.cc: Wrap relevant bits in '#if HAVE_BZLIB_H'. * nix/libstore/globals.cc (Settings::Settings): 'logCompression' defaults to COMPRESSION_GZIP when HAVE_BZLIB_H is false. * nix/libstore/globals.hh (CompressionType): Make 'COMPRESSION_BZIP2' conditional on HAVE_BZLIB_H. * nix/local.mk (guix_register_LDADD, guix_daemon_LDADD): Add -lbz2 only when HAVE_LIBBZ2. * nix/nix-daemon/guix-daemon.cc (parse_opt): Ignore "bzip2" when not HAVE_BZLIB_H. Ludovic Courtès
2018-01-07daemon: Add gzip log compression....* nix/nix-daemon/guix-daemon.cc (GUIX_OPT_LOG_COMPRESSION): New macro. (options): Mark "disable-log-compression" as hidden and add "log-compression". (parse_opt): Handle GUIX_OPT_LOG_COMPRESSION. * nix/libstore/build.cc (DerivationGoal): Add 'gzLogFile'. (openLogFile): Initialize it when 'logCompression' is COMPRESSION_GZIP. (closeLogFile, handleChildOutput): Honor 'gzLogFile'. * nix/libstore/globals.hh (Settings)[compressLog]: Remove. [logCompression]: New field. (CompressionType): New enum. * nix/libstore/globals.cc (Settings::Settings): Initialize it. (update): Remove '_get' call for 'compressLog'. * nix/local.mk (guix_daemon_LDADD, guix_register_LDADD): Add -lz. * guix/store.scm (log-file): Handle '.gz' log files. * tests/guix-daemon.sh: Add test with '--log-compression=gzip'. * doc/guix.texi (Invoking guix-daemon): Adjust accordingly. * config-daemon.ac: Check for libz and zlib.h. Ludovic Courtès
2017-08-18Simplify remouting with MS_PRIVATE in sandbox build...also fix race condition if mounts are added after mountinfo is read. Jörg Thalheim
2017-08-07daemon: Ensure the child stack is aligned on a 16-byte boundary....* nix/libstore/build.cc (DerivationGoal::startBuilder): When calling 'clone', ensure that the stack is aligned on a 16-byte boundary. Mark H Weaver
2017-08-05daemon: On aarch64, use increments of 16 on the stack....* nix/libstore/build.cc (DerivationGoal::startBuilder): When on aarch64, when calling clone(), increment the stack by 16. Efraim Flashner
2017-08-05Revert "daemon: Ensure proper alignment on the stack."...This reverts commit ab4ccc8fcfaf2215d4b33b1376147e4c2c70426a. Mark H Weaver
2017-05-30daemon: Report hash mismatches in a cleaner way....Suggested by Hartmut Goebel. * nix/libstore/build.cc (DerivationGoal::registerOutputs): Report hash mismatches on 3 lines for clarity. (SubstitutionGoal::finished): Likewise. Ludovic Courtès
2017-02-20daemon: Ensure proper alignment on the stack....* nix/libstore/build.cc (startBuilder): When calling 'clone', increase the step to 16 and ensure it aligns properly on the stack. Efraim Flashner
2017-01-11daemon: Allow check builds of 'builtin:download' derivations....Fixes <http://bugs.gnu.org/25089>. Reported by Leo Famulari <leo@famulari.name>. * nix/libstore/build.cc (DerivationGoal::runChild): In the 'isBuiltin' case, check whether DRV's output is in 'redirectedOutputs', and pass an 'output' argument to the built-in builder. (DerivationGoal::addHashRewrite): Add 'printMsg' call. * nix/libstore/builtins.hh (derivationBuilder): Add 'output' parameter. * nix/libstore/builtins.cc (builtinDownload): Likewise. Add OUTPUT to ARGV. * guix/scripts/perform-download.scm (perform-download): Add 'output' parameter. (guix-perform-download): Adjust 'match' clauses accordingly. * tests/derivations.scm ("'download' built-in builder, check mode"): New test. Ludovic Courtès
2016-12-29daemon: Allow fixed-output derivation builds with TMPDIR set....Fixes <http://bugs.gnu.org/25242>. Reported by Leo Famulari <leo@famulari.name>. The regression was introduced in 94d92c7796a3dd50c27d532315f7d497ac99f08e. * nix/libstore/build.cc (DerivationGoal::startBuilder): Set 'useChroot' as a function 'of isBuiltin(drv)'. (DerivationGoal::runChild): Use 'useChroot' instead of 'useChroot && !isBuiltin(drv)'. Ludovic Courtès
2016-12-09daemon: Set ownership of kept build directories to the calling user....Fixes <http://bugs.gnu.org/15890>. * nix/libstore/globals.hh (Settings) Add clientUid and clientGid. * nix/nix-daemon/nix-daemon.cc (daemonLoop] Store UID and GID of the caller in settings. * nix/libstore/build.cc (_chown): New function. (DerivationGoal::deleteTmpDir): Use it, change ownership of build directory if it is kept and the new owner is not root. Hartmut Goebel
2016-11-16daemon: Add "builtin:download" derivation builder....This ensures that 1) the derivation doesn't change when Guix changes; 2) the derivation closure doesn't contain Guix and its dependencies; 3) we don't have to rely on ugly chroot hacks. Adapted from Nix commit 0a2bee307b20411f5b0dda0c662b1f9bb9e0e131. * nix/libstore/build.cc (DerivationGoal::runChild): Add special case for 'isBuiltin(drv)'. Disable chroot when 'isBuiltin(drv)'. * nix/libstore/builtins.cc, nix/libstore/builtins.hh, nix/scripts/download.in, guix/scripts/perform-download.scm: New files. * guix/ui.scm (show-guix-help)[internal?]: Add 'perform-download'. * nix/local.mk (libstore_a_SOURCES): Add builtins.cc. (libstore_headers): Add builtins.hh. (nodist_pkglibexec_SCRIPTS): Add 'scripts/download'. * config-daemon.ac: Emit 'scripts/download'. * Makefile.am (MODULES): Add 'guix/scripts/perform-download.scm'. * tests/derivations.scm ("unknown built-in builder") ("'download' built-in builder") ("'download' built-in builder, invalid hash") ("'download' built-in builder, not found") ("'download' built-in builder, not fixed-output"): New tests. Co-authored-by: Eelco Dolstra <eelco.dolstra@logicblox.com> Ludovic Courtès
2016-05-31daemon: Fix typo....Fixes a regression/typo introduced in e08380fb6cefd3fd67c3c220a3ddaf385e6413cf. * nix/libstore/build.cc (DerivationGoal::startBuilder): Canonicalize "/tmp", not "/tmp/guix-build". Ludovic Courtès
2016-05-31daemon: rounds: Keep the differing output if -K is given....Regardless of -K, we now also print which output differs. Eelco Dolstra
2016-05-31daemon: check: Keep the differing output if -K is given....This makes it easier to investigate the non-determinism, e.g. $ nix-build pkgs/stdenv/linux -A stage1.pkgs.zlib --check -K error: derivation ‘/nix/store/l54i8wlw22656i4pk05c52ngv9rpl39q-zlib-1.2.8.drv’ may not be deterministic: output ‘/nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8’ differs from ‘/nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8-check’ $ diffoscope /nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8 /nix/store/11a27shh6n2ivi4a7s964i65ql80cf27-zlib-1.2.8-check ... ├── lib/libz.a │ ├── metadata │ │ @@ -1,15 +1,15 @@ │ │ -rw-r--r-- 30001/30000 3096 Jan 12 15:20 2016 adler32.o ... │ │ +rw-r--r-- 30001/30000 3096 Jan 12 15:28 2016 adler32.o ... Co-authored-by: Ludovic Courtès <ludo@gnu.org> Eelco Dolstra
2016-05-31daemon: check: Fix "failed to produce output path"....This occured when sandbox building is disabled, at least one output exists, and at least one other output does not. Eelco Dolstra
2016-05-31daemon: check: Fix assertion failure when some outputs are missing....E.g. $ nix-build pkgs/stdenv/linux/ -A stage1.pkgs.perl --check nix-store: src/libstore/build.cc:1323: void nix::DerivationGoal::tryToBuild(): Assertion `buildMode != bmCheck || validPaths.size() == drv->outputs.size()' failed. when perl.out exists but perl.man doesn't. The fix is to only check the outputs that exist. Note that "nix-build -A stage1.pkgs.all --check" will still give a (proper) error in this case. Eelco Dolstra
2016-05-31daemon: When repairing, rebuild if there is no substituter.Eelco Dolstra
2016-05-31daemon: Fix --repair failure on multiple-output derivations....If repair found a corrupted/missing path that depended on a multiple-output derivation, and some of the outputs of the latter were not present, it failed with a message like error: path ‘/nix/store/cnfn9d5fjys1y93cz9shld2xwaibd7nn-bash-4.3-p42-doc’ is not valid Co-authored-by: Ludovic Courtès <ludo@gnu.org> Eelco Dolstra
2016-05-31daemon: Handle /tmp being a symlink....* nix/libstore/build.cc (DerivationGoal::startBuilder): Call 'canonPath' on "/tmp". Eelco Dolstra
2015-12-30daemon: Build in /tmp/guix-build-*....* nix/libstore/build.cc (DerivationGoal::startBuilder): Use "guix-build" instead of "nix-build" for TMPDIR. * doc/guix.texi (Build Environment Setup): Adjust accordingly. Ludovic Courtès
2015-12-13daemon: Better distinguish build statuses....In Nix itself, the new 'BuildResult' type is returned by the new 'buildDerivation' method, which we don't have and need. * nix/libstore/build.cc (Goal)[cancel]: Remove. [timeOut]: New pure virtual method. (DerivationGoal)[result]: New field. [cancel]: Remove. [timedOut, getResult, done]: New methods. (DerivationGoal::cancel): Remove. (DerivationGoal::timedOut): New method. (DerivationGoal::haveDerivation): Call 'done' instead of 'amDone'. (DerivationGoal::outputsSubstituted): Ditto. (DerivationGoal::inputsRealised): Ditto. (DerivationGoal::buildDone): Ditto. (DerivationGoal::handleChildOutput): Call 'timedOut' instead of 'cancel'. (DerivationGoal::done): New method. (SubstitutionGoal)[cancel]: Remove. [timedOut]: New method. (SubstitutionGoal::cancel): Remove. (SubstitutionGoal::timedOut): New method. (Worker::waitForInput): Use it. * nix/libstore/store-api.hh (BuildResult): New struct. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Eelco Dolstra
2015-12-09daemon: Use deterministic $TMPDIR in chroot....Rather than using $<host-TMPDIR>/nix-build-<drvname>-<number>, the temporary directory is now always /tmp/nix-build-<drvname>-0. This improves bitwise-exact reproducibility for builds that store $TMPDIR in their build output. (Of course, those should still be fixed...) * nix/libstore/build.cc (DerivationGoal)[tmpDirInSandbox]: New field. (DerivationGoal::startBuilder): Initialize 'useChroot' earlier. Compute 'tmpDirInSandbox', and use it when populating 'dirsInChroot'. * doc/guix.texi (Build Environment Setup): Document it. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Eelco Dolstra
2015-12-08daemon: Allow builds to be repeated....This makes it easy to detect non-deterministic builds. * nix/libstore/build.cc (DerivationGoal): Remove 'InodesSeen'; add 'curRound', 'nrRound', and 'prevInfos'. (DerivationGoal::inputsRealised): Initialize 'nrRound'. (NotDeterministic): New error type. (DerivationGoal::buildDone): Check whether we need to repeat. (DerivationGoal::startBuilder): Adjust message. (DerivationGoal::registerOutputs): Check whether we get the same result. * nix/libstore/globals.cc (Settings::get(const string & name, int def)): New method. * nix/libstore/globals.hh (Settings): Add it. * nix/libstore/store-api.hh (ValidPathInfo): Add operator ==. * nix/nix-daemon/nix-daemon.cc (performOp): Allow "build-repeat" for "untrusted" users. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Eelco Dolstra
2015-12-02daemon: Filter build-chroot-dirs entries that conflict with derivation outputs....Fixes https://github.com/NixOS/nixpkgs/issues/9504. Note that this means we may have a non-functional /bin/sh in the chroot while rebuilding Bash or one of its dependencies. Ideally those packages don't rely on /bin/sh though. Eelco Dolstra
2015-12-02daemon: Prevent .chroot from being GC'ed when using LocalStore::buildDerivati......Fixes #616. Eelco Dolstra
2015-11-01Remove unneeded HAVE_UNSHARE....* src/libstore/build.cc (CHROOT_ENABLED): Remove HAVE_UNSHARE. Manolis Ragkousis
2015-07-03Merge branch 'nix'....This is a squashed commit of the following: commit 0dccab9f417b406f5d4aedc81900fc7b2f16c9f6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 2 00:30:16 2015 +0200 Typo commit 2cd28517b13524c242c7758783b0b2d8250fdded Author: Ludovic Courtès <ludo@gnu.org> Date: Wed Jul 1 14:56:34 2015 +0200 Preserve supplementary groups of build users The following patch is an attempt to address this bug (see <http://bugs.gnu.org/18994>) by preserving the supplementary groups of build users in the build environment. In practice, I would expect that supplementary groups would contain only one or two groups: the build users group, and possibly the “kvm” group. [Changed &at(0) to data() and removed tabs - Eelco] commit 6e38685ef65284093df79ebe7378bac33b0e7e5d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jun 30 21:41:26 2015 +0200 GC: Handle ENOSPC creating/moving to the trash directory Issue #564. commit 5e0a9ae2e25a1016389f4893a6ed6682aadcf51d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jun 22 15:54:55 2015 +0200 Use posix_fallocate to create /nix/var/nix/db/reserved commit 4e5ab98d6d14f8b0e3bd1d77b2f4f2354e7a49a8 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jun 22 15:47:40 2015 +0200 Make /nix/var/nix/db/reserved bigger Issue #564. commit 60bda60fc06135aa97a93301b1a9e2270768f5b3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jun 10 16:17:06 2015 +0200 Export outputPaths function This is useful for the new hydra-queue-runner. commit 5dfea34048aa8541f20aeb2fbcd163561b609a49 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 2 22:51:33 2015 +0200 Use std::vector::data() commit 2459458bc8257734ca78cb7a2db3df20bd730ec0 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jun 4 16:04:41 2015 +0200 Allow substitutes for builds that have preferLocalBuild set Not substituting builds with "preferLocalBuild = true" was a bad idea, because it didn't take the cost of dependencies into account. For instance, if we can't substitute a fetchgit call, then we have to download/build git and all its dependencies. Partially reverts 5558652709f27e8a887580b77b93c705659d7a4b and adds a new derivation attribute "allowSubstitutes" to specify whether a derivation may be substituted. Ludovic Courtès
2015-06-03Merge branch 'nix'....* config-daemon.ac: Add check for sys/syscall.h, remove check tr1/unordered_set. The nix/ part is a squashed commit of the following: commit e531520ddcd54903bbea0f3ce08dfbed830f40aa Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jun 2 02:21:54 2015 +0200 Don't let unprivileged users repair paths commit 715478fe09a73cec70f5c6f869cac482f004596f Author: Ludovic Courtès <ludo@gnu.org> Date: Mon Jun 1 23:20:11 2015 +0200 Add a ‘verifyStore’ RPC Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call. commit 64a998ebcb6ebf8c11efa0a0332cce3d8f1c538e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 7 13:21:26 2015 +0200 Revert /nix/store permission back to 01775 This broke NixOS VM tests. Mostly reverts 27b7b94923d2f207781b438bb7a57669bddf7d2b, 5ce50cd99e740d0d0f18c30327ae687be9356553, afa433e58c3fe6029660a43fdc2073c9d15b4210. commit 44f1b1851ccf836411ca09f5ebc50fc08d92e7e8 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Apr 2 16:59:40 2015 +0200 Chroot builds: Provide world-readable /nix/store This was causing NixOS VM tests to fail mysteriously since 5ce50cd99e740d0d0f18c30327ae687be9356553. Nscd could (sometimes) no longer read /etc/hosts: open("/etc/hosts", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) Probably there was some wacky interaction between the guest kernel and the 9pfs implementation in QEMU. commit b6ecbd266f614288db3468f9f054abea694105b1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Mar 25 17:06:12 2015 +0100 addToStore(): Take explicit name argument commit 1f595ba474d8112e73df1ef7578014e59ebfccd0 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Mar 24 11:35:53 2015 +0100 Tighten permissions on chroot directories commit ba5888bccd2c5dfd0de73b91c3a5c18fa8c4866e Author: Daniel Hahler <git@thequod.de> Date: Fri Mar 6 16:39:48 2015 +0100 Fix typos: s/the the/the/ commit 67af480244250409c8cf41e66a4995258b8ccc9b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Feb 23 15:41:41 2015 +0100 Use chroots for all derivations If ‘build-use-chroot’ is set to ‘true’, fixed-output derivations are now also chrooted. However, unlike normal derivations, they don't get a private network namespace, so they can still access the network. Also, the use of the ‘__noChroot’ derivation attribute is no longer allowed. Setting ‘build-use-chroot’ to ‘relaxed’ gives the old behaviour. Note for Guix: unlike Nix commit 99897f6, we keep 'settings.useChroot'. commit 638f3675e140af1214b82ff162baadd3ef1bb6e6 Author: Harald van Dijk <harald@gigawatt.nl> Date: Fri Feb 13 16:05:49 2015 +0000 Use pivot_root in addition to chroot when possible chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use. commit 8ab23f2924b70ac572ad0bcf950b4649361bfae2 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Feb 3 18:56:47 2015 +0100 Simplify parseHash32 commit 70c3d2f1767a724db1e66d137a1d6b4cdee00738 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Feb 3 18:35:11 2015 +0100 Simplify printHash32 commit 7a7a15877f8f391a8a8a74f7a6e919a07dc19237 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jan 8 16:59:22 2015 +0100 Doh^2 commit 8c94a864d806647736410326d496a8d668109f5a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jan 8 16:49:31 2015 +0100 Doh commit 35605c4407a677752ed51a0f829cc0f42047b115 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jan 8 16:39:07 2015 +0100 Set /nix/store permission to 1737 I.e., not readable to the nixbld group. This improves purity a bit for non-chroot builds, because it prevents a builder from enumerating store paths (i.e. it can only access paths it knows about). commit 0b9c4a8b80b199ce82ca5bd08ed24b8d5d5c71f5 Author: aszlig <aszlig@redmoonstudios.org> Date: Fri Jan 2 03:45:47 2015 +0100 libutil: Limit readLink() error to only overflows. Let's not just improve the error message itself, but also the behaviour to actually work around the ntfs-3g symlink bug. If the readlink() call returns a smaller size than the stat() call, this really isn't a problem even if the symlink target really has changed between the calls. So if stat() reports the size for the absolute path, it's most likely that the relative path is smaller and thus it should also work for file system bugs as mentioned in 93002d69fc58c2b71e2dfad202139230c630c53a. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Tested-by: John Ericson <Ericson2314@Yahoo.com> commit 0fed5fde65e4a0cd600dc181e5b3c42d1147df51 Author: aszlig <aszlig@redmoonstudios.org> Date: Fri Jan 2 03:27:39 2015 +0100 libutil: Improve errmsg on readLink size mismatch. A message like "error: reading symbolic link `...' : Success" really is quite confusing, so let's not indicate "success" but rather point out the real issue. We could also limit the check of this to just check for non-negative values, but this would introduce a race condition between stat() and readlink() if the link target changes between those two calls, thus leading to a buffer overflow vulnerability. Reported by @Ericson2314 on IRC. Happened due to a possible ntfs-3g bug where a relative symlink returned the absolute path (st_)size in stat() while readlink() returned the relative size. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Tested-by: John Ericson <Ericson2314@Yahoo.com> commit 7dfd3f5c8f1fd1e47a737fdb3be9255000862ddb Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sun Dec 14 01:51:14 2014 +0100 Pedantry commit 45a145c8b2b60d8500ad9bbb7fed226c46af0d7e Author: Marko Durkovic <marko@miding.de> Date: Tue Dec 9 12:16:27 2014 +0100 Explicitly include required C headers commit 66d086cc26c55bf317184b08dd8e04c9736c9514 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Dec 13 16:54:40 2014 +0100 Better error message commit b499d2efbfbe83c4683e2c778494541937c816f3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 17:14:28 2014 +0100 Silence some warnings on GCC 4.9 commit 159b7103a7331db16f5db93e146217659e546cd8 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 15:10:02 2014 +0100 Shut up a Valgrind warning commit 7930b2cb76d3d2f9874f99502f10114c9a413b08 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 15:01:16 2014 +0100 Fix some memory leaks commit 5c84e4950d8504e386fc1f454fb4653993a8fbea Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 14:35:44 2014 +0100 Ensure we're writing to stderr in the builder http://hydra.nixos.org/build/17862041 commit ccade8c120c53d56863aeda27bcd2f1f484779cb Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 14:01:14 2014 +0100 Get rid of unnecessary "interrupted by the user" message with -vvv commit 8d9a0be27880d690e8045d27ea2ff5edad967750 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Dec 12 12:39:50 2014 +0100 Remove tabs commit 1f8456ff13dadb96c8540df240505a2d01a22f6c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Aug 21 15:31:43 2014 +0200 Use PR_SET_PDEATHSIG to ensure child cleanup commit 909f1260e269e354c86c833ffb4ca27c9fb135f4 Author: Ludovic Courtès <ludo@gnu.org> Date: Wed Jun 3 17:45:32 2015 +0200 Rename 'initChild' to 'runChild'. This is similar to commit b5ed5b6 in upstream Nix. commit 3bfa70b7963e12be346900e64ae45fa019850675 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Dec 10 13:53:04 2014 +0100 Don't wait for PID -1 The pid field can be -1 if forking the substituter process failed. commit 5241aec531e9c9a4b2dd5e5b6ee3f07ff049d9a5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Nov 24 16:48:04 2014 +0100 Build derivations in a more predictable order Derivations are now built in order of derivation name, so a package named "aardvark" is built before "baboon". Fixes #399. commit 9f355738e106f4ca49bba7276e8d520a2fc2955d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Nov 24 16:44:35 2014 +0100 Don't create unnecessary substitution goals for derivations commit 554eaf5e8c82ddd6a42e4301f6d3dd5419c04060 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Nov 19 18:02:39 2014 +0100 Disable vacuuming the DB after garbage collection Especially in WAL mode on a highly loaded machine, this is not a good idea because it results in a WAL file of approximately the same size ad the database, which apparently cannot be deleted while anybody is accessing it. commit 4eb62b5230c29e2f6ab17352439521083846c259 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Nov 19 17:09:27 2014 +0100 nix-daemon: Call exit(), not _exit() This was preventing destructors from running. In particular, it was preventing the deletion of the temproot file for each worker process. It may also have been responsible for the excessive WAL growth on Hydra (due to the SQLite database not being closed properly). Apparently broken by accident in 8e9140cfdef9dbd1eb61e4c75c91d452ab5e4a74. commit f160a30d5612506de41a8206a57eccee1cd85fb7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Nov 19 17:07:29 2014 +0100 Clean up temp roots in a more C++ way commit a64744477d95e6932ae0fefc7cc358b56b8c397f Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Nov 17 01:00:39 2014 +0100 Fix message commit b73de6e49b64d01974649a1e67a77113b768c2b1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Nov 14 14:16:20 2014 +0100 Don't use ADDR_LIMIT_3GB This gives 32-bit builds on x86_64-linux more memory. commit e0825bd36b43f3c1d408745a9c61f92fdaf7dace Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Nov 12 11:35:53 2014 +0100 Make ~DerivationGoal more reliable commit 86b9e6d4575e5c93f428b8563ae259f0f4014173 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Nov 4 10:41:29 2014 +0100 nix-store --gc: Don't warn about missing manifests directory commit 1129a982c4e77ff465fd6102627477900af2f7f4 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Oct 31 09:36:09 2014 +0100 Improve error message if the daemon worker fails to start commit bed17f40fce27e1a31f70957b1d0dd912b58700d Author: Shea Levy <shea@shealevy.com> Date: Mon Oct 20 12:15:50 2014 -0400 Fix build on gcc < 4.7 commit ee8601cac4b353e551b238f546a0e7e8fcdcd3be Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Oct 14 10:51:19 2014 +0200 Improved error message when encountering unsupported file types Fixes #269. commit c2b65dd197a1b2e14d517b0b5ff307b149538917 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Oct 3 22:37:51 2014 +0200 Remove some duplicate code commit c95742283595cb01b44ddc8e6ff5e9c1d66db444 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Oct 3 16:53:28 2014 +0200 createDirs(): Handle ‘path’ being a symlink In particular, this fixes "nix-build -o /tmp/result" on Mac OS X (where /tmp is a symlink). commit 6092a48603ea7888f8a1f69db87835bc339c973a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Sep 25 18:45:43 2014 +0200 nix-daemon: Close unnecessary fd commit e74390a16f74233283572661f64ed4f03ae1650d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Sep 19 15:07:22 2014 +0200 Remove bogus comment commit e63c8aaa0511d1d0a5487c45dec9f8cbd66b4cc6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Sep 17 17:21:13 2014 +0200 On Linux, disable address space randomization commit 55939b1a4b34b904eedba90ac6c14efc6258f40d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Sep 17 15:18:13 2014 +0200 Settings: Add bool get() commit 6621195e48f8e0cbbe6e19dbcde30bd8a7da0399 Author: Ludovic Courtès <ludo@gnu.org> Date: Mon Sep 1 22:21:42 2014 +0200 Add an 'optimiseStore' remote procedure call. commit 3bb89c3a31b9cf6e056f3659389e2d2e7afd17fa Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Aug 28 18:57:13 2014 +0200 Add disallowedReferences / disallowedRequisites For the "stdenv accidentally referring to bootstrap-tools", it seems easier to specify the path that we don't want to depend on, e.g. disallowedRequisites = [ bootstrapTools ]; commit abd9d61e6201ddbde3305dd27c286e883e950bec Author: Gergely Risko <errge@nilcons.com> Date: Wed Aug 27 16:46:02 2014 +0200 Introduce allowedRequisites feature commit 8c766e48d5c4741b63a4f24dc91138f587c04a5a Author: Joel Taylor <me@joelt.io> Date: Thu Aug 21 14:06:49 2014 -0700 fix disappearing bash arguments commit d4e7c195fabf0f24c2ffbd4ca8f189489bbbf44d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Aug 19 17:44:59 2014 +0200 Make hook shutdown more reliable commit ea837e470f70900481d00b0d1cd73e6855c4f70d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Aug 18 11:35:50 2014 +0200 Doh commit 790271559cb8b36cd8fcdc533f41be88ec15ad08 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sun Aug 17 19:11:50 2014 +0200 Reduce verbosity commit 3f6d4f63ec0d1d6cfc3233998b7dd9608b2f6ff3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sun Aug 17 19:09:03 2014 +0200 Propagate remote timeouts properly commit aa98ba506739b885b3ce0b392dade5e1e1bb07f7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Aug 13 17:44:41 2014 +0200 Use regular file GC roots if possible This makes hydra-eval-jobs create roots as regular files. See 1c208f2b7ef8ffb5e6d435d703dad83223a67bd6. commit 5fe5ff77800c2911c011f582d8dfa90c44d4a3a5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Aug 5 16:41:42 2014 +0200 Remove unnecessary call to addTempRoot() commit 1820845c44c8cbe1121e78d5f16e7778532477f6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Aug 5 10:19:57 2014 +0200 Doh commit e9070bf4226b225a0b42798b20ea3947abf58a6f Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Aug 4 18:13:14 2014 +0200 Move some options out of globals commit 31909515634d74e4c3d92be6186c5c48244582ae Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Aug 4 18:02:29 2014 +0200 Refactor commit f530ee6f356f4299ca343dde7f4c0742300ffa08 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Aug 4 18:00:00 2014 +0200 Add option ‘build-extra-chroot-dirs’ This is useful for extending (rather than overriding) the default set of chroot paths. commit 75f746f018e34868b8057bed87c90d2cbe2c0b6c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Aug 4 17:27:45 2014 +0200 Get rid of "killing <pid>" message for unused build hooks commit 42c6246f674ca2d5ea166d1ae676b7087ea1b0d8 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 19:38:21 2014 +0200 Remove ugly hack for detecting build environment setup errors commit b732ffd28ddf50d3150e4f276a0e8488e38eaacb Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 19:29:03 2014 +0200 Call commonChildInit() before doing chroot init This ensures that daemon clients see error messages from the chroot setup. commit c51374c128cbe1f06acd95ba2d627a118a95aabf Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 17:30:51 2014 +0200 Eliminate redundant copy commit 666c9b7108e460f0d3450015a3379bfeb3e3a497 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 17:20:25 2014 +0200 findRoots(): Prevent a call to lstat() This means that getting the roots from /nix/var/nix/.../hydra-roots doesn't need any I/O other than reading the directory. commit 82d463d9cacbf2a93b95ab5313567d593fd00d02 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 16:37:47 2014 +0200 Make readDirectory() return inode / file type commit a98fa2d9e2b06e2561330c5ef845ffaf131e95ac Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Aug 1 16:46:01 2014 +0200 Allow regular files as GC roots If a root is a regular file, then its name must denote a store path. For instance, the existence of the file /nix/var/nix/gcroots/per-user/eelco/hydra-roots/wzc3cy1wwwd6d0dgxpa77ijr1yp50s6v-libxml2-2.7.7 would cause /nix/store/wzc3cy1wwwd6d0dgxpa77ijr1yp50s6v-libxml2-2.7.7 to be a root. This is useful because it involves less I/O (no need for a readlink() call) and takes up less disk space (the symlink target typically takes up a full disk block, while directory entries are packed more efficiently). This is particularly important for hydra.nixos.org, which has hundreds of thousands of roots, and where reading the roots can take 25 minutes. commit 4ab4b0c109734bd6e265ca5f1b6415c31c03ab11 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 24 00:00:53 2014 +0200 Remove some dead code commit 1cffdf5847b065183c9aac86df3a9578020e6712 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 23 19:43:46 2014 +0200 nix-daemon: Less verbosity commit bb07dfe96f0d07aa18db385d3ec93b24b5568213 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 23 19:37:40 2014 +0200 nix-daemon: Simplify stderr handling commit 766481d606e4b1860307692d6a44723983662d45 Merge: c69944c fdee1ce Author: Ludovic Courtès <ludo@gnu.org> Date: Mon May 11 17:04:26 2015 +0200 Merge commit 'fdee1ced43fb495d612a29e955141cdf6b9a95ba' into nix commit c69944c511b89d3fdbffe00353e27d1e1c5f670c Merge: a1dd396 8e9140c Author: Ludovic Courtès <ludo@gnu.org> Date: Wed May 6 23:22:04 2015 +0200 Merge commit '8e9140cfdef9dbd1eb61e4c75c91d452ab5e4a74' into nix Conflicts: Makefile.config.in configure.ac dev-shell doc/manual/builtins.xml doc/manual/conf-file.xml doc/manual/local.mk doc/manual/nix-instantiate.xml doc/manual/nix-store.xml doc/manual/writing-nix-expressions.xml misc/emacs/nix-mode.el perl/lib/Nix/CopyClosure.pm release.nix scripts/nix-build.in scripts/nix-copy-closure.in src/download-via-ssh/download-via-ssh.cc src/libexpr/common-opts.cc src/libexpr/common-opts.hh src/libexpr/eval.cc src/libexpr/eval.hh src/libexpr/local.mk src/libexpr/nixexpr.cc src/libexpr/nixexpr.hh src/libexpr/parser.y src/libexpr/primops.cc src/libexpr/symbol-table.hh src/libmain/shared.cc src/libstore/local.mk src/nix-env/nix-env.cc src/nix-instantiate/nix-instantiate.cc src/nix-store/local.mk src/nix-store/nix-store.cc src/nix-store/serve-protocol.hh tests/lang.sh tests/lang/eval-okay-context.nix tests/lang/eval-okay-search-path.exp tests/lang/eval-okay-search-path.nix tests/local.mk tests/nix-copy-closure.nix commit a1dd396cc02922372314c35c8035a38bfeea08df Merge: 0a75126 8d5f472 Author: Ludovic Courtès <ludo@gnu.org> Date: Sun Jan 4 23:01:14 2015 +0100 Merge commit '8d5f472f2c49c79a0d3ae2e506f4d4d76224b328' into nix Conflicts: .gitignore Makefile doc/manual/installation.xml doc/manual/introduction.xml doc/manual/local.mk doc/manual/manual.xml doc/manual/nix-collect-garbage.xml doc/manual/nix-env.xml doc/manual/nix-install-package.xml doc/manual/nix-store.xml doc/manual/quick-start.xml doc/manual/release-notes.xml local.mk misc/emacs/nix-mode.el mk/functions.mk mk/install.mk mk/lib.mk mk/libraries.mk mk/patterns.mk mk/programs.mk nix.spec.in release.nix scripts/install-nix-from-closure.sh scripts/nix-build.in src/libexpr/eval-inline.hh src/libexpr/eval.cc src/libexpr/eval.hh src/libexpr/get-drvs.cc src/libexpr/nixexpr.cc src/libexpr/nixexpr.hh src/libexpr/parser.y src/libexpr/primops.cc src/libstore/local.mk src/nix-daemon/local.mk src/nix-env/nix-env.cc src/nix-env/user-env.cc src/nix-instantiate/nix-instantiate.cc src/nix-store/nix-store.cc tests/init.sh tests/nix-copy-closure.nix tests/remote-builds.nix version commit 0a751260ae54bb37ae33e0f4fc3bcda2a4ea3ceb Author: Ludovic Courtès <ludo@gnu.org> Date: Wed Dec 17 11:10:25 2014 +0100 nix: Adjust code for Guix. * nix/libstore/gc.cc (addAdditionalRoots): Refer to 'list-runtime-roots' instead of 'find-runtime-roots.pl'. * nix/libutil/hash.cc, nix/libutil/hash.hh: Change 'union Ctx' to 'struct Ctx', like 'nix/sync-with-upstream' did. * nix/AUTHORS: New file. * nix/COPYING: New file, from upstream Nix. * nix/libutil/md32_common.h, nix/libutil/md5.c, nix/libutil/md5.h, nix/libutil/sha1.c, nix/libutil/sha1.h, nix/libutil/sha256.c, nix/libutil/sha256.h: Remove. commit d4e18b05e0ab149265d3d09ae017d7337fc4176f Author: Ludovic Courtès <ludo@gnu.org> Date: Wed Dec 17 10:44:19 2014 +0100 Keep only libstore, nix-daemon, and related stuff. commit fdee1ced43fb495d612a29e955141cdf6b9a95ba Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 23 19:11:26 2014 +0200 startProcess: Make writing error messages from the child more robust commit 5989966ed3bd58cd362aed8cba6cd5c90b380a32 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 23 14:46:28 2014 +0200 Remove dead code commit ee3c5d7916b48d0c3b1cc08044e27209c14acfdc Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Jul 19 02:25:47 2014 +0200 Revert old useBuildHook behaviour commit 2e77bd70faee34cb2518529318a54b39f2d9143e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 18 12:54:30 2014 +0200 Better fix for strcasecmp on Darwin commit f609eec71a25a9bb8c32dd9620b7deb88633a22a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 18 00:01:06 2014 +0200 Bump commit 8ddffe7aac414756809f43732effb8951858243b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 17 23:57:17 2014 +0200 Ugly hack to fix building on old Darwin http://hydra.nixos.org/build/12580878 commit 049c0eb49c621ae50f49c8a06dc6c3a9839ef388 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 17 16:57:07 2014 +0200 nix-daemon: Add trusted-users and allowed-users options ‘trusted-users’ is a list of users and groups that have elevated rights, such as the ability to specify binary caches. It defaults to ‘root’. A typical value would be ‘@wheel’ to specify all users in the wheel group. ‘allowed-users’ is a list of users and groups that are allowed to connect to the daemon. It defaults to ‘*’. A typical value would be ‘@users’ to specify the ‘users’ group. commit 0c730887c4ec4a03fb854490e422c134a1bf8139 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 17 15:49:33 2014 +0200 nix-daemon: Show name of connecting user commit 77c972c898b325997fa2f527264a9706f1e414a5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 17 15:41:11 2014 +0200 nix-daemon: Only print connection info if we have SO_PEERCRED commit 8f72e702a114458e92f644160950344a7bf7166a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 17 15:23:31 2014 +0200 nix-daemon: Fix compat with older clients commit 2304a7dd21639959dc4bcafa3e17374cc087cd0a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 16:32:26 2014 +0200 Get rid of a compiler warning commit 985f1595fe9f61095c7bc94b49be1179811ec630 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 16:30:50 2014 +0200 Be more strict about file names in NARs commit 276a40b31f631c188d6dcbdf603a738e1380ff74 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 16:02:05 2014 +0200 Handle case collisions on case-insensitive systems When running NixOps under Mac OS X, we need to be able to import store paths built on Linux into the local Nix store. However, HFS+ is usually case-insensitive, so if there are directories with file names that differ only in case, then importing will fail. The solution is to add a suffix ("~nix~case~hack~<integer>") to colliding files. For instance, if we have a directory containing xt_CONNMARK.h and xt_connmark.h, then the latter will be renamed to "xt_connmark.h~nix~case~hack~1". If a store path is dumped as a NAR, the suffixes are removed. Thus, importing and exporting via a case-insensitive Nix store is round-tripping. So when NixOps calls nix-copy-closure to copy the path to a Linux machine, you get the original file names back. Closes #119. commit bb65460feb265be4d938c7dc724a76ef41a8bfaf Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 11:19:12 2014 +0200 Make dev-shell script work on Darwin commit de8be7c3e06b52c313e0b452b641ad5f90dca2fe Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 11:16:54 2014 +0200 Install systemd and Upstart stuff only on Linux commit 048be62484537633e2523dd4d200619649ff860d Author: Shea Levy <shea@shealevy.com> Date: Wed Jul 16 01:11:24 2014 -0400 Pass *_proxy vars to bootstrap fetchurl commit a2c85b2ef85a34bf8e5238c315a4ca73606f5ae6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 16 11:09:01 2014 +0200 Manual: Typo commit 5bcb98271103c6c2ca3b993d8b1b0eb9eadcbc1c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jul 14 12:39:33 2014 +0200 Remove cruft commit fa13d3f4f3d8fb6dc3e3fc87ac5a2e26d8b32d84 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jul 14 12:19:27 2014 +0200 build-remote.pl: Fix building multiple output derivations We were importing paths without sorting them topologically, leading to "path is not valid" errors. See e.g. http://hydra.nixos.org/build/12451761 commit b2e0293f022123b11759dfd498d4eff72233d3f7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Jul 12 00:43:28 2014 +0200 build-remote.pl: Don't keep a shell process around commit a00a98548e994d1ea258e14793c7bcd8ea56cfdf Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Jul 12 00:09:43 2014 +0200 build-remote.pl: Fix build log commit 838138c5c4d21a207f3579c4f743698bd6dbb6b1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 11 16:20:12 2014 +0200 Fix test commit a5c6347ff06ba09530fdf0e01828aaec89f6ceb6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 11 16:02:19 2014 +0200 build-remote.pl: Use ‘nix-store --serve’ on the remote side This makes things more efficient (we don't need to use an SSH master connection, and we only start a single remote process) and gets rid of locking issues (the remote nix-store process will keep inputs and outputs locked as long as they're needed). It also makes it more or less secure to connect directly to the root account on the build machine, using a forced command (e.g. ‘command="nix-store --serve --write"’). This bypasses the Nix daemon and is therefore more efficient. Also, don't call nix-store to import the output paths. commit b8f24f253527e1cb071785c3b2d677ed2f734ab1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 11 14:27:17 2014 +0200 Fix closure size display commit e196eecbe6552d5afed89ad480544c90cf959922 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 11 13:55:06 2014 +0200 Allow $NIX_BUILD_HOOK to be relative to Nix libexec directory commit d0eb970fb4d3b5c347506b77f9657fc5eb6229e2 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 21:48:21 2014 +0200 Fix broken Pid constructor commit edbfe2232e275a9e6c10cd8eb4dc36ca992af084 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 21:30:22 2014 +0200 Replace message "importing path <...>" with "exporting path <...>" This causes nix-copy-closure to show what it's doing before rather than after. commit 42d91b079c5d0b468663511e7b2a8e2f4048c475 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 21:14:34 2014 +0200 Fix use of sysread commit 7bb632b02464febd8806ef4bd3fa0ac107f52650 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 20:43:04 2014 +0200 nix-copy-closure -s: Do substitutions via ‘nix-store --serve’ This means we no longer need an SSH master connection, since we only execute a single command on the remote host. commit 7c3a5090bff4e9cfe70f1d89619563b55af13d89 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 17:44:18 2014 +0200 nix-copy-closure: Fix --dry-run commit 43b64f503844a66c344780a11289678a001572db Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 17:32:21 2014 +0200 Remove tabs commit 8e9140cfdef9dbd1eb61e4c75c91d452ab5e4a74 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 16:50:51 2014 +0200 Refactoring: Move all fork handling into a higher-order function C++11 lambdas ftw. commit 1114c7bd57bcab16255d5db5e6f66ae8dece7b1e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 14:15:12 2014 +0200 nix-copy-closure: Restore compression and the progress viewer commit 7911e4c27a0020a61ace13cfdc44de4af02f315e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jun 23 09:15:35 2014 -0400 Remove maybeVfork commit 04170d06bf7d17f882c01d3ab98885e0f3e46d2f Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 11:51:22 2014 +0200 nix-copy-closure: Fix race condition There is a long-standing race condition when copying a closure to a remote machine, particularly affecting build-remote.pl: the client first asks the remote machine which paths it already has, then copies over the missing paths. If the garbage collector kicks in on the remote machine between the first and second step, the already-present paths may be deleted. The missing paths may then refer to deleted paths, causing nix-copy-closure to fail. The client now performs both steps using a single remote Nix call (using ‘nix-store --serve’), locking all paths in the closure while querying. I changed the --serve protocol a bit (getting rid of QueryCommand), so this breaks the SSH substituter from older versions. But it was marked experimental anyway. Fixes #141. commit 2c3a8f787ba9da49feafdec4022534184e0a96a3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 11:46:01 2014 +0200 Fix security hole in ‘nix-store --serve’ Since it didn't check that the path received from the client is a store path, the client could dump any path in the file system. commit 66dbc0fdeebf509c5d919e9c12b2645136d6deeb Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 10 01:50:29 2014 +0200 Add a test for the SSH substituter commit 0e5d0c15430cf82861a1ae213cbccff065f71107 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Jul 9 12:14:40 2014 +0200 Fix compilation error on some versions of GCC src/libexpr/primops.cc:42:8: error: looser throw specifier for 'virtual nix::InvalidPathError::~InvalidPathError()' src/libexpr/nixexpr.hh:12:1: error: overriding 'virtual nix::EvalError::~EvalError() noexcept (true)' http://hydra.nixos.org/build/12385750 commit beac05c206a801be6f83b4eaaffe75c30eeb7d37 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jul 8 20:41:25 2014 +0200 Don't build on Ubuntu 10.10 Its C++ compiler is too old. http://hydra.nixos.org/build/12385722 commit beaf3e90aff14664b98f2c7ab7387c9fa4354fd1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jul 4 13:34:15 2014 +0200 Add builtin function ‘fromJSON’ Fixes #294. commit e82951fe23daa961ef18b0c5cc9ba1f5d8906186 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jul 3 12:36:58 2014 +0200 Manual: html -> xhtml commit e477f0e9385d7825f005b7e9a32cd3ad6ee27aab Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jun 27 11:36:23 2014 +0200 Style fix commit 858b8f9760a81540b0a95068d96dc5c1628673c3 Author: Paul Colomiets <paul@colomiets.name> Date: Tue Jun 24 00:30:22 2014 +0300 Add `--json` argument to `nix-instantiate` commit 8504e7d60488cb12dd2597734ebd1d3cadf5d153 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jun 27 11:20:16 2014 +0200 allow-arbitrary-code-during-evaluation -> allow-unsafe-native-code-during-evaluation commit d7be6d45d97e89653b77686bdb39b833afbcf6ca Merge: 9d0709e d62f46e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Jun 27 11:18:54 2014 +0200 Merge branch 'shlevy-import-native' commit d62f46e500958bc97ae6837911e27c20a47cc181 Author: Shea Levy <shea@shealevy.com> Date: Tue Jun 24 10:50:03 2014 -0400 Only add the importNative primop if the allow-arbitrary-code-during-evaluation option is true (default false) commit 5cd022d6c099c583c0494bdacd06f4eb32661135 Author: Shea Levy <shea@shealevy.com> Date: Sun Jun 1 10:42:56 2014 -0400 Add importNative primop This can be used to import a dynamic shared object and return an arbitrary value, including new primops. This can be used both to test new primops without having to recompile nix every time, and to build specialized primops that probably don't belong upstream (e.g. a function that calls out to gpg to decrypt a nixops secret as-needed). The imported function should initialize the Value & as needed. A single import can define multiple values by creating an attrset or list, of course. An example initialization function might look like: extern "C" void initialize(nix::EvalState & state, nix::Value & v) { v.type = nix::tPrimOp; v.primOp = NEW nix::PrimOp(myFun, 1, state.symbols.create("myFun")); } Then `builtins.importNative ./example.so "initialize"` will evaluate to the primop defined in the myFun function. commit 9d0709e8c47082cec35d6412053eacfadae23bcd Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jun 12 17:30:37 2014 +0200 Don't use member initialisers They're a little bit too recent (only supported since GCC 4.7). http://hydra.nixos.org/build/11851475 commit 48495f67ed893c4ee056099ae0ca5a2afacde93c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jun 12 13:15:35 2014 +0200 Fix bogus warnings about dumping large paths Also, yay for C++11 non-static initialisers. commit 0960d674d48808eaaa3475899f45cfd6c7c3e51d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Jun 12 13:00:54 2014 +0200 Drop ImportError and FindError We're not catching these anywhere. commit 718f20da6d79466f91c49849bcf91a688aaa871e Author: Shea Levy <shea@shealevy.com> Date: Fri May 30 15:43:31 2014 -0400 findFile: Realise the context of the path attributes commit a8fb575c98726f195d0cf5c7e6b7e51c75a0a9b3 Author: Shea Levy <shea@shealevy.com> Date: Fri May 30 15:04:17 2014 -0400 Share code between scopedImport and import In addition to reducing duplication, this fixes both import from derivation and import of derivation for scopedImport commit 61c464f252271d3d6343e1bfa1e3b39d2c8473cd Author: Steve Purcell <steve@sanityinc.com> Date: Thu Jun 5 11:04:48 2014 +0100 Add autoloads, make code more concise & idiomatic - Use define-derived-mode to declare nix-mode - Use autoloads to ensure nix-mode is usable (and enabled) without needing `require` - Use set + make-local-variable instead of longer 2-step equivalent commit ee7fe64c0ac00f2be11604a2a6509eb86dc19f0a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jun 10 14:02:56 2014 +0200 == operator: Ignore string context There really is no case I can think of where taking the context into account is useful. Mostly it's just very inconvenient. commit b1beed97a0670befbfd5e105a81132e87e58ac37 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jun 10 13:45:50 2014 +0200 Report daemon OOM better When copying a large path causes the daemon to run out of memory, you now get: error: Nix daemon out of memory instead of: error: writing to file: Broken pipe commit 829af22759b8a99c3b44697365390a945f3acc04 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Jun 10 13:30:09 2014 +0200 Print a warning when loading a large path into memory I.e. if you have a derivation with src = ./huge-directory; you'll get a warning that this is not a good idea. commit 3c6b8a521561f5341652ffe37b869d5ab457227b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Jun 2 17:58:43 2014 +0200 nix-env -qa --json: Generate valid JSON even if there are invalid meta attrs commit ceed8192848760430c9c23659f9cb979aad1f9c3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 29 19:04:27 2014 +0200 Fix test commit becc2b01678c5742b3fe6c379430606a5ef8e34d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 29 19:02:14 2014 +0200 Sort nixPath attributes commit 54a34119f349d531557af9e90d21d04d689ee817 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 17:53:17 2014 +0200 Use std::unordered_set commit a457d5ad4d7f6cd4f817581de1b4f70cdad9c617 Author: Aristid Breitkreuz <aristidb@gmail.com> Date: Sun May 4 14:26:41 2014 +0200 nix-build: --add-root also takes 1 parameter commit b1d39d476544644b2de8addb5ad3289fede2f95a Author: Sönke Hahn <soenkehahn@gmail.com> Date: Fri May 23 11:41:09 2014 +0800 dev-shell is a bash script, not sh 'type -p' does not work in e.g. dash commit 8ea9fd7aa6b2152f95724e504ac61c57d90b113c Author: Adam Szkoda <adaszko@gmail.com> Date: Sun May 25 10:54:54 2014 +0200 Rephrase @ operator description commit d8c061e044a07f7516d76df12bc6920f4f04e5ff Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 17:14:28 2014 +0200 Remove ExprBuiltin It's slower than ExprVar since it doesn't compute a static displacement. Since we're not using the throw primop in the implementation of <...> anymore, it's also not really needed. commit 62a6eeb1f3da0a5954ad2da54c454eb7fc1c6e5d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 17:02:22 2014 +0200 Make the Nix search path declarative Nix search path lookups like <nixpkgs> are now desugared to ‘findFile nixPath <nixpkgs>’, where ‘findFile’ is a new primop. Thus you can override the search path simply by saying let nixPath = [ { prefix = "nixpkgs"; path = "/my-nixpkgs"; } ]; in ... <nixpkgs> ... In conjunction with ‘scopedImport’ (commit c273c15cb13bb86420dda1e5341a4e19517532b5), the Nix search path can be propagated across imports, e.g. let overrides = { nixPath = [ ... ] ++ builtins.nixPath; import = fn: scopedImport overrides fn; scopedImport = attrs: fn: scopedImport (overrides // attrs) fn; builtins = builtins // overrides; }; in scopedImport overrides ./nixos commit 39d72640c2459dc2fa689bfe8b756ee193f7b98a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 16:50:36 2014 +0200 Ensure that -I flags get included in nixPath Also fixes #261. commit a8edf185a9e1677088c8c30acc9d281c8350bca7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 14:55:47 2014 +0200 Add constant ‘nixPath’ It contains the Nix expression search path as a list of { prefix, path } sets, e.g. [ { path = "/nix/var/nix/profiles/per-user/root/channels/nixos"; prefix = ""; } { path = "/etc/nixos/configuration.nix"; prefix = "nixos-config"; } { path = "/home/eelco/Dev/nix/inst/share/nix/corepkgs"; prefix = "nix"; } ] commit c273c15cb13bb86420dda1e5341a4e19517532b5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 13:46:11 2014 +0200 Add primop ‘scopedImport’ ‘scopedImport’ works like ‘import’, except that it takes a set of attributes to be added to the lexical scope of the expression, essentially extending or overriding the builtin variables. For instance, the expression scopedImport { x = 1; } ./foo.nix where foo.nix contains ‘x’, will evaluate to 1. This has a few applications: * It allows getting rid of function argument specifications in package expressions. For instance, a package expression like: { stdenv, fetchurl, libfoo }: stdenv.mkDerivation { ... buildInputs = [ libfoo ]; } can now we written as just stdenv.mkDerivation { ... buildInputs = [ libfoo ]; } and imported in all-packages.nix as: bar = scopedImport pkgs ./bar.nix; So whereas we once had dependencies listed in three places (buildInputs, the function, and the call site), they now only need to appear in one place. * It allows overriding builtin functions. For instance, to trace all calls to ‘map’: let overrides = { map = f: xs: builtins.trace "map called!" (map f xs); # Ensure that our override gets propagated by calls to # import/scopedImport. import = fn: scopedImport overrides fn; scopedImport = attrs: fn: scopedImport (overrides // attrs) fn; # Also update ‘builtins’. builtins = builtins // overrides; }; in scopedImport overrides ./bla.nix * Similarly, it allows extending the set of builtin functions. For instance, during Nixpkgs/NixOS evaluation, the Nixpkgs library functions could be added to the default scope. There is a downside: calls to scopedImport are not memoized, unlike import. So importing a file multiple times leads to multiple parsings / evaluations. It would be possible to construct the AST only once, but that would require careful handling of variables/environments. commit f0fdbd0897ce63c138ec663ed89a94709a8441a7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 26 12:34:15 2014 +0200 Shut up some signedness warnings commit 0321ef9bb261958fe4d63210e9a9d3350737ef18 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 23 14:43:55 2014 +0200 Ugly hack to allow --argstr values starting with a dash Fixes #265. commit 3064a8215608eca391fcb9d492735a662f48242e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 22 11:38:50 2014 +0200 Disable parallel.sh test It breaks randomly: http://hydra.nixos.org/build/11152871 commit 9f9080e2c019f188ba679a7a89284d7eaf629710 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed May 21 17:19:36 2014 +0200 nix-store -l: Fetch build logs from the Internet If a build log is not available locally, then ‘nix-store -l’ will now try to download it from the servers listed in the ‘log-servers’ option in nix.conf. For instance, if you have: log-servers = http://hydra.nixos.org/log then it will try to get logs from http://hydra.nixos.org/log/<base name of the store path>. So you can do things like: $ nix-store -l $(which xterm) and get a log even if xterm wasn't built locally. commit eac5841970737b799c55ec78f6ace6d80762ff04 Author: Shea Levy <shea@shealevy.com> Date: Thu May 15 11:30:46 2014 -0400 Provide a more useful error message when a dynamic attr lookup fails commit 8d5f472f2c49c79a0d3ae2e506f4d4d76224b328 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 15 11:37:44 2014 +0200 lvlInfo -> lvlTalkative commit 84813af5b938246d9a4a785dfb08b86383ef62ae Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 15 11:33:46 2014 +0200 nix-store --optimise: Remove bogus statistics commit 690adeb03de039551c4d8b5b4e7dda21c9c8f9b9 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 15 11:19:16 2014 +0200 Remove tab commit a1b66f316e980b4b7e755de47604bdc30371b67e Merge: e384e7b 3b9ea84 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu May 15 11:18:29 2014 +0200 Merge branch 'master' of github.com:wmertens/nix commit 3b9ea8452f102595874826e349fa38f85c00aa39 Author: Wout Mertens <Wout.Mertens@gmail.com> Date: Thu May 15 09:02:22 2014 +0200 Shortcut store files before lstat readdir() already returns the inode numbers, so we don't need to call lstat to know if a file was already linked or not. commit d73ffc552f78e0d9048e3bcc1e84452d1e8d2ede Author: Wout Mertens <Wout.Mertens@gmail.com> Date: Wed May 14 22:52:10 2014 +0200 Use the inodes given by readdir directly commit e384e7b387c4745f30032ef431a06aa26cee73a5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed May 14 22:25:25 2014 +0200 Remove redundant code commit e974f20c9811c3efe09cfca9bda7816f9091c0d5 Author: Wout Mertens <Wout.Mertens@gmail.com> Date: Tue May 13 23:10:06 2014 +0200 Preload linked hashes to speed up lookups By preloading all inodes in the /nix/store/.links directory, we can quickly determine of a hardlinked file was already linked to the hashed links. This is tolerant of removing the .links directory, it will simply recalculate all hashes in the store. commit 36662eb5629c31cfd1b8472c9b7eb136b3937a4d Author: Ricky Elrod <ricky@elrod.me> Date: Sun May 11 18:57:53 2014 -0400 Prepare nix-mode to be uploaded to marmalade Signed-off-by: Ricky Elrod <ricky@elrod.me> commit 95501c4deea1d945022df18475340232bc6980be Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue May 13 12:54:28 2014 +0200 nix-instantiate --eval: Apply auto-arguments if the result is a function Fixes #254. commit a55e77ae10a76336728be6fbb0f0d7957422b56a Author: Charles Strahan <charles.c.strahan@gmail.com> Date: Mon May 12 14:31:16 2014 -0400 fix typo commit a84f503d863fd77de9b6ecf149399c2ca7642b75 Author: wmertens <Wout.Mertens@gmail.com> Date: Sat May 10 15:53:01 2014 +0200 Shortcut already-hardlinked files If an inode in the Nix store has more than 1 link, it probably means that it was linked into .links/ by us. If so, skip. There's a possibility that something else hardlinked the file, so it would be nice to be able to override this. Also, by looking at the number of hardlinks for each of the files in .links/, you can get deduplication numbers and space savings. commit aa9b1cf48e6482a74dcc19e6aef1d8236b57abe4 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue May 6 10:51:16 2014 +0200 Really fix the RPM builds http://hydra.nixos.org/build/10840199 commit 2c4affbaa88c8bfbee92093f0355b6e118fd5447 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon May 5 20:22:35 2014 +0200 Fix RPM build We don't install a nix.conf anymore. http://hydra.nixos.org/build/10826143 commit 93506e60d2f86079a6db260d376a92773900d0d3 Author: Rob Vermaas <rob.vermaas@gmail.com> Date: Sat May 3 17:54:48 2014 +0200 Add ubuntu 14.04 commit 40250f23a0a301bb758e7f0f21fcd09b702e0e1e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 19:04:10 2014 +0200 Don't install Upstart job on Fedora Also, don't install a nix.conf anymore, it's not needed. http://hydra.nixos.org/build/10775854 commit 6dd10873961d45fd246b48ad82b7f05ad3d4d077 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 19:02:10 2014 +0200 Fix Debian tests These actually run as root in a VM, so they get confused. http://hydra.nixos.org/build/10775854 commit a8c31d501185c42de477a7e833af956d68e095c3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 14:44:44 2014 +0200 Simplify multi-user installation instructions commit 696f960dee35889433adfa6c08a2dbfb6ea0724f Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 14:31:15 2014 +0200 Set up directories and permissions for multi-user install automatically This automatically creates /nix/var/nix/profiles/per-user and sets the permissions/ownership on /nix/store to 1775 and root:nixbld. commit 20668b136329da92be7c63e7f7c4918968ff0015 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 13:14:10 2014 +0200 Install an Upstart service commit de4cdd0d47adc70a4db12397a42c18ee50b4e662 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 12:51:43 2014 +0200 Set build-max-jobs to the number of available cores by default More zero configuration. commit ada3e3fa15bc14aebb2bafd1240c15cf1fd99351 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri May 2 12:46:03 2014 +0200 When running as root, use build users by default This removes the need to have a nix.conf, and prevents people from accidentally running Nix builds as root. commit eeffdb74dcdbd64bcdc44cff4e587b59c4f807b5 Author: Charles Strahan <charles.c.strahan@gmail.com> Date: Sun Apr 27 14:07:50 2014 -0400 doc fix: swap 'import' and 'export' commit 31fe55bb8e599702ac79b24b2109199be50a85a1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 25 14:55:13 2014 +0200 trunk -> master commit 700c678c2eed5e05c3e68d722c41c2b37d0a2f45 Author: Ricardo M. Correia <rcorreia@wizy.org> Date: Fri Apr 11 17:10:20 2014 +0200 nix-env: Minor change to '--delete-generations Nd' semantics The option '--delete-generations Nd' deletes all generations older than N days. However, most likely the user does not want to delete the generation that was active N days ago. For example, say that you have these 3 generations: 1: <30 days ago> 2: <15 days ago> 3: <1 hour ago> If you do --delete-generations 7d (say, as part of a cron job), most likely you still want to keep generation 2, i.e. the generation that was active 7 days ago (and for most of the past 7 days, in fact). This patch fixes this issue. Note that this also affects 'nix-collect-garbage --delete-older-than Nd'. Thanks to @roconnor for noticing the issue! commit fb5d76b89e8b0084fb147d79af5481e09b889386 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 15 15:32:27 2014 +0200 Fix test evaluation commit a1917208c025e0a029cb33bbf3cf69e4d4128a39 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 11 15:11:28 2014 +0200 Bump date commit 742933116fd803afbf8c36dbc1eab51612d4bb55 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 11 11:15:24 2014 +0200 Bump version to 1.8 commit 924e19341a5ee488634bc9ce1ea9758ac496afc3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Apr 10 23:42:48 2014 +0200 Don't barf when installing as root commit b0a09a6f320d3a0ac186e87edb1c1782d8d168d5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Apr 9 14:52:43 2014 +0200 Add docbook icons to the distribution Grmbl... commit dfa2f77d2e1118f32771c2fceefd683435554b9d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 19:24:29 2014 +0200 If a .drv cannot be parsed, show its path Otherwise you just get ‘expected string `Derive(['’ which isn't very helpful. commit e0a947cde6d11b5182500f024719b04b8997189a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 16:28:39 2014 +0200 Simplify quick start section commit d23931f3a448fddc43d81f774fa83797729910e7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 16:10:25 2014 +0200 Remove redundant stuff commit 48460057419ce651c9484a66d83e6b987b261d8c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 16:09:56 2014 +0200 Update installation instructions commit 2b6c8ef40121fdc418551e9b780bb909477c9a3c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 14:08:57 2014 +0200 nix-shell --pure: Keep the user's $PAGER commit 76cbf55a6d8953e393ba39896ccbb0948bac96d6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 8 13:51:34 2014 +0200 Ensure that systemd units to into lib, not lib64 http://hydra.nixos.org/build/10170940 commit 89f923281335f695d4199e1fafaaeeb1729ba2d3 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Apr 7 12:00:23 2014 +0200 Update release notes commit 84d6936371037559704337614c65007a8e61b5e1 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Apr 7 11:18:54 2014 +0200 Install systemd units commit 8e5fbf4d730b9fcf39eddf5539a206cf19d2cdce Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 22:52:14 2014 +0200 Show position info in attribute selection errors commit 4c5faad99408cdfc35a8b0923d1efdf288fd9990 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 22:43:52 2014 +0200 Show position info in Boolean operations commit bd9b1d97b42f307c8b595bb2de9b15bec1405b23 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 22:19:33 2014 +0200 Show position info in string concatenation / addition errors commit 8160f794e79a4a2a5269080b408d69fc93d7a305 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 21:53:47 2014 +0200 derivation: Don't require certain function arguments Turns out that in Nixpkgs, derivation is actually called without a ‘name’ argument in some places :-( commit a5fe73094016973a50741db0c5d51ca96c14147b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 21:14:11 2014 +0200 forceString: Show position info commit 27b44b8cf7072b09a1929ee44ba784b1c8d5211a Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 19:11:40 2014 +0200 forceAttrs: Show position info commit 96b695ccab4a4c8c4ef7f14ac261df43dcc00743 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 19:05:36 2014 +0200 forceList: Show position info commit b62d36963c45ccaebb328fceaf0bb40f9c02a14b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 18:58:15 2014 +0200 forceInt: Show position info commit c28de6d96e7bfea834a44deac5217d4696fa8d86 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 18:51:01 2014 +0200 Pass position information to primop calls For example: error: `tail' called on an empty list, at /home/eelco/Dev/nixpkgs/pkgs/applications/misc/hello/ex-2/default.nix:13:7 commit 8b31ffd10de44871a3912184fedbeca57d8cf60f Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 17:58:23 2014 +0200 Remove unnecessary quotes around file names commit b72c8d2e5b5bbdc218f7c00694027cdd75b6a584 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 17:53:52 2014 +0200 Include position info in function application This allows error messages like: error: the anonymous function at `/etc/nixos/configuration.nix:1:1' called without required argument `foo', at `/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/lib/modules.nix:77:59' commit 3f8e1f56825f3ec2a9d99715609e362fe5e5a218 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 14:51:07 2014 +0200 Update release notes commit 1f19fdbd45d902a48fd8bacb25ef1a88020a0cc7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Apr 4 13:49:53 2014 +0200 Document that we require a C++11 compiler commit ae6b631dc48f4b923a6ed17b8d6e59524c4ea883 Author: Danny Wilson <danny@decube.net> Date: Thu Apr 3 16:59:25 2014 +0200 Fix compile errors on Illumos commit daa16cca11304a0e91a188176959e2af28be1f57 Merge: f0de863 7191a73 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Apr 3 17:37:14 2014 +0200 Sync with make-rules repo commit 7191a7394a3091ed2856508674f84f3a87eda5a6 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Apr 3 17:35:16 2014 +0200 Support Illumos From https://github.com/NixOS/nix/pull/236 commit f0de86357c18e18eccd814c8bea3bfdaf10f75f5 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu Apr 3 15:24:02 2014 +0200 Tweak error message commit e7720aa10a1da63bb15a4587837d649268944943 Author: Ludovic Courtès <ludo@gnu.org> Date: Wed Apr 2 23:41:11 2014 +0200 Make sure /dev/pts/ptmx is world-writable While running Python 3’s test suite, we noticed that on some systems /dev/pts/ptmx is created with permissions 0 (that’s the case with my Nixpkgs-originating 3.0.43 kernel, but someone with a Debian-originating 3.10-3 reported not having this problem.) There’s still the problem that people without CONFIG_DEVPTS_MULTIPLE_INSTANCES=y are screwed (as noted in build.cc), but I don’t see how we could work around it. commit ac6ceea7641d6c19c71079e22b03b4c1519c0c94 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Apr 1 17:04:38 2014 +0200 Fix potential segfault The newEnv variable was accessed (via the dynamicEnv) pointer after it had gone out of scope. Fixes #234. commit 034b6f60626be014d00f68e02d8614ddf7ba44a0 Author: Ricardo M. Correia <rcorreia@wizy.org> Date: Tue Mar 11 22:16:00 2014 +0100 nix-collect-garbage: Add --delete-older-than option commit 7ef7597f71b282265a9f79afe4608cd3b1bc4127 Author: Ricardo M. Correia <rcorreia@wizy.org> Date: Tue Mar 11 21:47:21 2014 +0100 nix-env: Add support for --delete-generations 15d It will delete all generations older than the specified number of days. commit 59c90196850b6ac8c110e54c7f03d6417ed9bf61 Author: Maxim Ivanov <ivanov.maxim@gmail.com> Date: Sat Mar 29 11:43:11 2014 +0000 Fix nix-shell for derivation with multiple outputs If derivation declares multiple outputs and first (default) output if not "out", then "nix-instantiate" calls return path with output names appended after "!". Than suffix must be stripped before ant path checks are done. commit 1c2550a2ae826c422cf6d34f1c5c3e687474929d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sun Mar 30 00:49:23 2014 +0100 boost::shared_ptr -> std::shared_ptr commit 9becaa041f4a597dc085e58ebe8f66a4f95d018e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Mar 29 22:20:33 2014 +0100 Drop pointless #include commit acb8facbbc3ae0795987bd03a3dc2c17217d6172 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Mar 29 22:14:11 2014 +0100 Fix potential segfault in waitForInput() Since the addition of build-max-log-size, a call to handleChildOutput() can result in cancellation of a goal. This invalidated the "j" iterator in the waitForInput() loop, even though it was still used afterwards. Likewise for the maxSilentTime handling. Probably fixes #231. At least it gets rid of the valgrind warnings. commit 90dc50b07c3939dda44fde79f696f64bf8f2f4d7 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Sat Mar 29 20:20:14 2014 +0100 restoreSIGPIPE(): Fill in sa_mask Issue #231. commit 49009573bc2eacd823d57433daf1f59dfe415065 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri Mar 28 16:59:26 2014 +0100 Don't interpret strings as format strings Ludo reported this error: unexpected Nix daemon error: boost::too_few_args: format-string refered to more arguments than were passed coming from this line: printMsg(lvlError, run.program + ": " + string(err, 0, p)); The problem here is that the string ends up implicitly converted to a Boost format() object, so % characters are treated specially. I always assumed (wrongly) that strings are converted to a format object that outputs the string as-is. Since this assumption appears in several places that may be hard to grep for, I've added some C++ type hackery to ensures that the right thing happens. So you don't have to worry about % in statements like printMsg(lvlError, "foo: " + s); or throw Error("foo: " + s); commit 24cb65efc3c34e24fc653779a4d42cf4f31c6737 Author: Ludovic Courtès <ludo@gnu.org> Date: Fri Mar 21 13:54:53 2014 +0100 Make /dev/kvm optional The daemon now creates /dev deterministically (thanks!). However, it expects /dev/kvm to be present. The patch below restricts that requirement (1) to Linux-based systems, and (2) to systems where /dev/kvm already exists. I’m not sure about the way to handle (2). We could special-case /dev/kvm and create it (instead of bind-mounting it) in the chroot, so it’s always available; however, it wouldn’t help much since most likely, if /dev/kvm missing, then KVM support is missing. commit 3fc056927c962ec9778e94528f2f9ae316afca4e Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Mar 18 23:23:55 2014 +0100 Fix tabs commit 51800e06dec91282b81fc41e56d1e9325849d2c2 Author: Ludovic Courtès <ludo@gnu.org> Date: Tue Mar 18 23:17:14 2014 +0100 Allow recovery from isValidPath RPCs with an invalid path Currently, clients cannot recover from an isValidPath RPC with an invalid path parameter because the daemon closes the connection when that happens. More precisely: 1. in performOp, wopIsValidPath case, ‘readStorePath’ raises an ‘Error’ exception; 2. that exception is caught by the handler in ‘processConnection’; 3. the handler determines errorAllowed == false, and thus exits after sending the message. This last part is fixed by calling ‘startWork’ early on, as in the patch below. The same reasoning could be applied to all the RPCs that take one or more store paths as inputs, but isValidPath is, by definition, likely to be passed invalid paths in the first place, so it’s important for this one to allow recovery. commit f93e97517e449cb1b3c7bdf8076812276b4cb2cd Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Mar 17 17:35:11 2014 +0100 Fix -j and other flags when using the daemon commit 77e2cc6c8ed1206c029218d3bc22575202a73b4c Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon Mar 17 17:33:13 2014 +0100 nix-build: Fix --cores flag commit fb8d8f5428ec37a40656d64d9190fdc32b0c769b Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Mar 12 14:42:25 2014 +0100 Remove unnecessary null pointer checks Fixes #225. commit 006f24c7faf146d97742c1d7cc270ec107fa2e56 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Mar 12 14:25:48 2014 +0100 Document nix-env -q --json commit d435e46daa98ffd268b6bb7221b0f3841f3a63ef Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Mar 12 14:15:37 2014 +0100 Generate release notes again commit e9934bb5ada1a974744c61479ca50c75c82e5836 Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed Mar 12 13:58:06 2014 +0100 Update release notes for 1.7 commit 25386e5edc2d65c84ce824d2c964a5c029f4c30d Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Mar 11 17:31:13 2014 +0100 Fix passing meta attribute to buildenv.nix Since the meta attributes were not sorted, attribute lookup could fail, leading to package priorities and active flags not working correctly. Broken since 0f24400d90daf65cf20142a662f8245008437e2c. commit 92a848f674f371d675f461d2a7a6810d492dd4ea Author: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue Mar 11 13:16:21 2014 +0100 Fix typos commit 2f2a20ed18535ba819225fabe9a4cf2f37d2edb1 Author: Shea Levy <shea@shealevy.com> Date: Mon Mar 10 07:09:07 2014 -0400 Document null dynamic attrs commit 049a379ec6ca755bcc077fd0e8da186ff76b8679 Author: Shea Levy <shea@shealevy.com> Date: Sun Mar 9 14:41:02 2014 -0400 The expr of AttrNames/DynamicAttrDefs is always an ExprConcatStrings commit 908e9ce259710037ae9824a3246143e46e27e867 Author: Shea Levy <shea@shealevy.com