9 files changed, 42 insertions, 28 deletions
diff --git a/tests/build-remote.sh b/tests/build-remote.sh
index 9bca0f4a3856..ddd68f327a15 100644
--- a/tests/build-remote.sh
+++ b/tests/build-remote.sh
@@ -11,7 +11,8 @@ rm -rf $TEST_ROOT/store0 $TEST_ROOT/store1
 
 nix build -f build-hook.nix -o $TEST_ROOT/result --max-jobs 0 \
   --sandbox-paths /nix/store --sandbox-build-dir /build-tmp \
-  --builders "$TEST_ROOT/store0; $TEST_ROOT/store1 - - 1 1 foo"
+  --builders "$TEST_ROOT/store0; $TEST_ROOT/store1 - - 1 1 foo" \
+  --system-features foo
 
 outPath=$TEST_ROOT/result
 
diff --git a/tests/check-refs.sh b/tests/check-refs.sh
index 34ee22cfc8f7..16bbabc40985 100644
--- a/tests/check-refs.sh
+++ b/tests/check-refs.sh
@@ -1,5 +1,7 @@
 source common.sh
 
+clearStore
+
 RESULT=$TEST_ROOT/result
 
 dep=$(nix-build -o $RESULT check-refs.nix -A dep)
diff --git a/tests/check-reqs.sh b/tests/check-reqs.sh
index 77689215def1..e9f65fc2a6d3 100644
--- a/tests/check-reqs.sh
+++ b/tests/check-reqs.sh
@@ -1,5 +1,7 @@
 source common.sh
 
+clearStore
+
 RESULT=$TEST_ROOT/result
 
 nix-build -o $RESULT check-reqs.nix -A test1
diff --git a/tests/common.sh.in b/tests/common.sh.in
index 2ee2f589dae4..6a523ca9d832 100644
--- a/tests/common.sh.in
+++ b/tests/common.sh.in
@@ -85,16 +85,13 @@ killDaemon() {
     trap "" EXIT
 }
 
-canUseSandbox() {
-    if [[ $(uname) != Linux ]]; then return 1; fi
-
-    if [ ! -L /proc/self/ns/user ]; then
-        echo "Kernel doesn't support user namespaces, skipping this test..."
-        return 1
-    fi
+if [[ $(uname) == Linux ]] && [[ -L /proc/self/ns/user ]] && unshare --user true; then
+    _canUseSandbox=1
+fi
 
-    if ! unshare --user true ; then
-        echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
+canUseSandbox() {
+    if [[ ! $_canUseSandbox ]]; then
+        echo "Sandboxing not supported, skipping this test..."
         return 1
     fi
 
diff --git a/tests/init.sh b/tests/init.sh
index e5353598bcc4..19a12c1e2d9e 100644
--- a/tests/init.sh
+++ b/tests/init.sh
@@ -16,6 +16,7 @@ mkdir "$NIX_CONF_DIR"
 cat > "$NIX_CONF_DIR"/nix.conf <<EOF
 build-users-group =
 keep-derivations = false
+sandbox = false
 include nix.conf.extra
 EOF
 
diff --git a/tests/lang/eval-okay-float.exp b/tests/lang/eval-okay-float.exp
new file mode 100644
index 000000000000..3c50a8adce86
--- /dev/null
+++ b/tests/lang/eval-okay-float.exp
@@ -0,0 +1 @@
+[ 3.4 3.5 2.5 1.5 ]
diff --git a/tests/lang/eval-okay-float.nix b/tests/lang/eval-okay-float.nix
new file mode 100644
index 000000000000..b2702c7b1668
--- /dev/null
+++ b/tests/lang/eval-okay-float.nix
@@ -0,0 +1,6 @@
+[
+  (1.1 + 2.3)
+  (builtins.add (0.5 + 0.5) (2.0 + 0.5))
+  ((0.5 + 0.5) * (2.0 + 0.5))
+  ((1.5 + 1.5) / (0.5 * 4.0))
+]
diff --git a/tests/remote-builds.nix b/tests/remote-builds.nix
index d7a4b21989e5..b867f13b4995 100644
--- a/tests/remote-builds.nix
+++ b/tests/remote-builds.nix
@@ -8,8 +8,8 @@ makeTest (
 
 let
 
-  # The configuration of the build slaves.
-  slave =
+  # The configuration of the remote builders.
+  builder =
     { config, pkgs, ... }:
     { services.openssh.enable = true;
       virtualisation.writableStore = true;
@@ -36,21 +36,21 @@ in
 {
 
   nodes =
-    { slave1 = slave;
-      slave2 = slave;
+    { builder1 = builder;
+      builder2 = builder;
 
       client =
         { config, pkgs, ... }:
         { nix.maxJobs = 0; # force remote building
           nix.distributedBuilds = true;
           nix.buildMachines =
-            [ { hostName = "slave1";
+            [ { hostName = "builder1";
                 sshUser = "root";
                 sshKey = "/root/.ssh/id_ed25519";
                 system = "i686-linux";
                 maxJobs = 1;
               }
-              { hostName = "slave2";
+              { hostName = "builder2";
                 sshUser = "root";
                 sshKey = "/root/.ssh/id_ed25519";
                 system = "i686-linux";
@@ -75,33 +75,33 @@ in
       $client->copyFileFromHost("key", "/root/.ssh/id_ed25519");
       $client->succeed("chmod 600 /root/.ssh/id_ed25519");
 
-      # Install the SSH key on the slaves.
+      # Install the SSH key on the builders.
       $client->waitForUnit("network.target");
-      foreach my $slave ($slave1, $slave2) {
-          $slave->succeed("mkdir -p -m 700 /root/.ssh");
-          $slave->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys");
-          $slave->waitForUnit("sshd");
-          $client->succeed("ssh -o StrictHostKeyChecking=no " . $slave->name() . " 'echo hello world'");
+      foreach my $builder ($builder1, $builder2) {
+          $builder->succeed("mkdir -p -m 700 /root/.ssh");
+          $builder->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys");
+          $builder->waitForUnit("sshd");
+          $client->succeed("ssh -o StrictHostKeyChecking=no " . $builder->name() . " 'echo hello world'");
       }
 
-      # Perform a build and check that it was performed on the slave.
+      # Perform a build and check that it was performed on the builder.
       my $out = $client->succeed(
         "nix-build ${expr nodes.client.config 1} 2> build-output",
         "grep -q Hello build-output"
       );
-      $slave1->succeed("test -e $out");
+      $builder1->succeed("test -e $out");
 
       # And a parallel build.
       my ($out1, $out2) = split /\s/,
           $client->succeed('nix-store -r $(nix-instantiate ${expr nodes.client.config 2})\!out $(nix-instantiate ${expr nodes.client.config 3})\!out');
-      $slave1->succeed("test -e $out1 -o -e $out2");
-      $slave2->succeed("test -e $out1 -o -e $out2");
+      $builder1->succeed("test -e $out1 -o -e $out2");
+      $builder2->succeed("test -e $out1 -o -e $out2");
 
       # And a failing build.
       $client->fail("nix-build ${expr nodes.client.config 5}");
 
-      # Test whether the build hook automatically skips unavailable slaves.
-      $slave1->block;
+      # Test whether the build hook automatically skips unavailable builders.
+      $builder1->block;
       $client->succeed("nix-build ${expr nodes.client.config 4}");
     '';
 
diff --git a/tests/signing.sh b/tests/signing.sh
index 46929639199d..9e29e3fbf063 100644
--- a/tests/signing.sh
+++ b/tests/signing.sh
@@ -62,6 +62,10 @@ outPathCA=$(IMPURE_VAR1=foo IMPURE_VAR2=bar nix-build ./fixed.nix -A good.0 --no
 nix verify $outPathCA
 nix verify $outPathCA --sigs-needed 1000
 
+# Check that signing a content-addressed path doesn't overflow validSigs
+nix sign-paths --key-file $TEST_ROOT/sk1 $outPathCA
+nix verify -r $outPathCA --sigs-needed 1000 --trusted-public-keys $pk1
+
 # Copy to a binary cache.
 nix copy --to file://$cacheDir $outPath2