diff options
Diffstat (limited to 'src/nix/verify.cc')
| -rw-r--r-- | src/nix/verify.cc | 77 |
1 files changed, 37 insertions, 40 deletions
diff --git a/src/nix/verify.cc b/src/nix/verify.cc index 39a4395cfe5b..fd904f465687 100644 --- a/src/nix/verify.cc +++ b/src/nix/verify.cc @@ -1,6 +1,4 @@ -#include "affinity.hh" // FIXME #include "command.hh" -#include "progress-bar.hh" #include "shared.hh" #include "store-api.hh" #include "sync.hh" @@ -36,40 +34,38 @@ struct CmdVerify : StorePathsCommand return "verify the integrity of store paths"; } - void run(ref<Store> store, Paths storePaths) override + Examples examples() override { - restoreAffinity(); // FIXME + return { + Example{ + "To verify the entire Nix store:", + "nix verify --all" + }, + Example{ + "To check whether each path in the closure of Firefox has at least 2 signatures:", + "nix verify -r -n2 --no-contents $(type -p firefox)" + }, + }; + } + void run(ref<Store> store, Paths storePaths) override + { std::vector<ref<Store>> substituters; for (auto & s : substituterUris) substituters.push_back(openStoreAt(s)); auto publicKeys = getDefaultPublicKeys(); + std::atomic<size_t> done{0}; std::atomic<size_t> untrusted{0}; std::atomic<size_t> corrupted{0}; - std::atomic<size_t> done{0}; std::atomic<size_t> failed{0}; - ProgressBar progressBar; - - auto showProgress = [&](bool final) { - std::string s; - if (final) - s = (format("checked %d paths") % storePaths.size()).str(); - else - s = (format("[%d/%d checked") % done % storePaths.size()).str(); - if (corrupted > 0) - s += (format(", %d corrupted") % corrupted).str(); - if (untrusted > 0) - s += (format(", %d untrusted") % untrusted).str(); - if (failed > 0) - s += (format(", %d failed") % failed).str(); - if (!final) s += "]"; - return s; - }; - - progressBar.updateStatus(showProgress(false)); + std::string doneLabel("paths checked"); + std::string untrustedLabel("untrusted"); + std::string corruptedLabel("corrupted"); + std::string failedLabel("failed"); + logger->setExpected(doneLabel, storePaths.size()); ThreadPool pool; @@ -77,22 +73,23 @@ struct CmdVerify : StorePathsCommand try { checkInterrupt(); - auto activity(progressBar.startActivity(format("checking ‘%s’") % storePath)); + Activity act(*logger, lvlInfo, format("checking ‘%s’") % storePath); auto info = store->queryPathInfo(storePath); if (!noContents) { - HashSink sink(info.narHash.type); - store->narFromPath(storePath, sink); + HashSink sink(info->narHash.type); + store->narFromPath(info->path, sink); auto hash = sink.finish(); - if (hash.first != info.narHash) { + if (hash.first != info->narHash) { + logger->incProgress(corruptedLabel); corrupted = 1; printMsg(lvlError, format("path ‘%s’ was modified! expected hash ‘%s’, got ‘%s’") - % storePath % printHash(info.narHash) % printHash(hash.first)); + % info->path % printHash(info->narHash) % printHash(hash.first)); } } @@ -101,7 +98,7 @@ struct CmdVerify : StorePathsCommand bool good = false; - if (info.ultimate && !sigsNeeded) + if (info->ultimate && !sigsNeeded) good = true; else { @@ -114,18 +111,18 @@ struct CmdVerify : StorePathsCommand for (auto sig : sigs) { if (sigsSeen.count(sig)) continue; sigsSeen.insert(sig); - if (info.checkSignature(publicKeys, sig)) + if (info->checkSignature(publicKeys, sig)) validSigs++; } }; - doSigs(info.sigs); + doSigs(info->sigs); for (auto & store2 : substituters) { if (validSigs >= actualSigsNeeded) break; try { - if (!store2->isValidPath(storePath)) continue; - doSigs(store2->queryPathInfo(storePath).sigs); + doSigs(store2->queryPathInfo(info->path)->sigs); + } catch (InvalidPath &) { } catch (Error & e) { printMsg(lvlError, format(ANSI_RED "error:" ANSI_NORMAL " %s") % e.what()); } @@ -136,18 +133,19 @@ struct CmdVerify : StorePathsCommand } if (!good) { + logger->incProgress(untrustedLabel); untrusted++; - printMsg(lvlError, format("path ‘%s’ is untrusted") % storePath); + printMsg(lvlError, format("path ‘%s’ is untrusted") % info->path); } } + logger->incProgress(doneLabel); done++; - progressBar.updateStatus(showProgress(false)); - } catch (Error & e) { printMsg(lvlError, format(ANSI_RED "error:" ANSI_NORMAL " %s") % e.what()); + logger->incProgress(failedLabel); failed++; } }; @@ -157,9 +155,8 @@ struct CmdVerify : StorePathsCommand pool.process(); - progressBar.done(); - - printMsg(lvlInfo, showProgress(true)); + printMsg(lvlInfo, format("%d paths checked, %d untrusted, %d corrupted, %d failed") + % done % untrusted % corrupted % failed); throw Exit( (corrupted ? 1 : 0) | |