about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2011-10-11 * Move SSH.pm.Eelco Dolstra5-11/+8
2011-10-11 * Work around a race condition starting the Nix daemon.Eelco Dolstra1-1/+8
2011-10-11 * Set svn:ignore.Eelco Dolstra0-0/+0
2011-10-11 * Distribute GeneratePatches.pm.Eelco Dolstra1-4/+6
2011-10-10 * Set the executable bit on scripts.Eelco Dolstra14-0/+3
2011-10-10 * Refactoring: remove unnecessary variables from the tests.Eelco Dolstra33-235/+220
2011-10-10 (no commit message)Eelco Dolstra1-2/+0
2011-10-10 * Install NixManifest.pm, NixConfig.pm and GeneratePatches.pm underEelco Dolstra20-147/+108
the Nix:: namespace.
2011-10-10 * Hopefully perl-devel contains the required headers (untested).Eelco Dolstra2-1/+2
2011-10-10 * Include the Nix Perl bindings in Nix itself. This will allow theEelco Dolstra6-1/+186
bindings to be used in Nix's own Perl scripts. The only downside is that Perl XS and Automake/libtool don't really like each other, so building is a bit tricky.
2011-09-17 * Don't assume that we want a shared Nix store.Eelco Dolstra1-1/+1
2011-09-12 * Ouch. A store upgrade could cause a substituter to be triggered,Eelco Dolstra3-5/+6
causing a deadlock.
2011-09-06 bootstrap: Simplify & make more robust.Ludovic Courtès1-5/+1
2011-09-06 * Added a command ‘nix-store --verify-paths PATHS’ to check whetherEelco Dolstra5-7/+39
the contents of any of the given store paths have been modified. E.g. $ nix-store --verify-path $(nix-store -qR /var/run/current-system) path `/nix/store/m2smyiwbxidlprfxfz4rjlvz2c3mg58y-etc' was modified! expected hash `fc87e271c5fdf179b47939b08ad13440493805584b35e3014109d04d8436e7b8', got `20f1a47281b3c0cbe299ce47ad5ca7340b20ab34246426915fce0ee9116483aa' All paths are checked; the exit code is 1 if any path has been modified, 0 otherwise.
2011-09-06 * Add some -f flags, never hurts.Eelco Dolstra1-4/+4
2011-08-31 * Eliminate all uses of the global variable ‘store’ from libstore.Eelco Dolstra15-89/+95
This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-08-27 * Update the cleanup script.Eelco Dolstra3-8/+12
2011-08-17 * Use last_insert_id instead of sqlite_last_insert_rowid, which you'reEelco Dolstra1-1/+1
not really supposed to use according to the DBD::SQLite docs, and fails on some systems (e.g. http://hydra.nixos.org/build/1246662).
2011-08-08 * On FreeBSD, ‘touch’ is not in the test $PATH, so don't use it.Eelco Dolstra1-2/+2
2011-08-08 * Add perl-DBD-SQLite as a dependency of the RPM builds.Eelco Dolstra2-12/+14
2011-08-08 * Add DBD-SQLite as a dependency to the Debian/Ubuntu builds.Eelco Dolstra1-25/+23
* Drop some old Fedora/Debian/Ubuntu releases.
2011-08-06 * Cache the result of file evaluation (i.e, memoize evalFile()). ThisEelco Dolstra2-11/+22
prevents files from being evaluated and stored as values multiple times. For instance, evaluation of the ‘system’ attribute in NixOS causes ‘nixpkgs/pkgs/lib/lists.nix’ to be evaluated 2019 times. Caching gives a modest speedup and a decent memory footprint reduction (e.g., from 1.44s to 1.28s, and from 81 MiB to 59 MiB with GC_INITIAL_HEAP_SIZE=100000 on my system).
2011-08-06 * Handle <path> syntax.Eelco Dolstra1-0/+2
2011-08-06 * Handle the case where the search path element is a regular file.Eelco Dolstra1-1/+2
2011-08-06 * Remove a debug statement.Eelco Dolstra1-1/+0
2011-08-06 * Add the Nix corepkgs to the end of the search path. This makes itEelco Dolstra3-3/+5
possible for other Nix expressions to use corepkgs (mostly useful for the buildenv function).
2011-08-06 * Allow redirections in search path entries. E.g. if you have aEelco Dolstra5-9/+28
directory /home/eelco/src/stdenv-updates that you want to use as the directory for import such as with (import <nixpkgs> { }); then you can say $ nix-build -I nixpkgs=/home/eelco/src/stdenv-updates
2011-08-06 * Add lang/dir* to the distribution.Eelco Dolstra1-1/+2
2011-08-06 * Add a Nix expression search path feature. Paths between angleEelco Dolstra24-9/+98
brackets, e.g. import <nixpkgs/pkgs/lib> are resolved by looking them up relative to the elements listed in the search path. This allows us to get rid of hacks like import "${builtins.getEnv "NIXPKGS_ALL"}/pkgs/lib" The search path can be specified through the ‘-I’ command-line flag and through the colon-separated ‘NIX_PATH’ environment variable, e.g., $ nix-build -I /etc/nixos ... If a file is not found in the search path, an error message is lazily thrown.
2011-08-06 * Refactoring: move parseExprFromFile() and parseExprFromString() intoEelco Dolstra10-52/+37
the EvalState class.
2011-07-20 * Don't allow derivations with fixed and non-fixed outputs.Eelco Dolstra1-43/+38
2011-07-20 * Fix a huuuuge security hole in the Nix daemon. It didn't check thatEelco Dolstra9-81/+180
derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build *any* desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2011-07-20 * Added a test that make sure that users cannot registerEelco Dolstra3-1/+62
specially-crafted derivations that produce output paths belonging to other derivations. This could be used to inject malware into the store.
2011-07-20 * Refactoring.Eelco Dolstra2-12/+17
2011-07-20 * Create a symlink to /nix/var/nix/manifests in /nix/var/nix/gcrootsEelco Dolstra1-0/+8
if it doesn't exist.
2011-07-18 * Support multiple outputs. A derivation can declare multiple outputsEelco Dolstra1-45/+84
by setting the ‘outputs’ attribute. For example: stdenv.mkDerivation { name = "aterm-2.5"; src = ...; outputs = [ "out" "tools" "dev" ]; configureFlags = "--bindir=$(tools)/bin --includedir=$(dev)/include"; } This derivation creates three outputs, named like this: /nix/store/gcnqgllbh01p3d448q8q6pzn2nc2gpyl-aterm-2.5 /nix/store/gjf1sgirwfnrlr0bdxyrwzpw2r304j02-aterm-2.5-tools /nix/store/hp6108bqfgxvza25nnxfs7kj88xi2vdx-aterm-2.5-dev That is, the symbolic name of the output is suffixed to the store path (except for the ‘out’ output). Each path is passed to the builder through the corresponding environment variable, e.g., ${tools}. The main reason for multiple outputs is to allow parts of a package to be distributed and garbage-collected separately. For instance, most packages depend on Glibc for its libraries, but don't need its header files. If these are separated into different store paths, then a package that depends on the Glibc libraries only causes the libraries and not the headers to be downloaded. The main problem with multiple outputs is that if one output exists while the others have been garbage-collected (or never downloaded in the first place), and we want to rebuild the other outputs, then this isn't possible because we can't clobber a valid output (it might be in active use). This currently gives an error message like: error: derivation `/nix/store/1s9zw4c8qydpjyrayxamx2z7zzp5pcgh-aterm-2.5.drv' is blocked by its output paths There are two solutions: 1) Do the build in a chroot. Then we don't need to overwrite the existing path. 2) Use hash rewriting (see the ASE-2005 paper). Scary but it should work. This is not finished yet. There is not yet an easy way to refer to non-default outputs in Nix expressions. Also, mutually recursive outputs aren't detected yet and cause the garbage collector to crash.
2011-07-13 * Show the default for --with-store-dir (Nix/211).Eelco Dolstra1-1/+1
2011-07-13 * Allow attribute names to be strings. Based on theEelco Dolstra3-0/+23
allow-arbitrary-strinsg-in-names patch by Marc Weber.
2011-07-13 * Fix concurrency issues in download-using-manifests' handling of theEelco Dolstra2-1/+12
SQLite manifest cache. The DBI AutoCommit feature caused every process to have an active transaction at all times, which could indefinitely block processes wanting to update the manifest cache. * Disable fsync() in the manifest cache because we don't need integrity (the cache can always be recreated if it gets corrupted).
2011-07-13 * Allow a default value in attribute selection by writingEelco Dolstra9-22/+70
x.y.z or default (as originally proposed in https://mail.cs.uu.nl/pipermail/nix-dev/2009-September/002989.html). For instance, an expression like stdenv.lib.attrByPath ["features" "ckSched"] false args can now be written as args.features.ckSched or false
2011-07-06 * Change the right-hand side of the ‘.’ operator from an attribute toEelco Dolstra4-18/+33
an attribute path. This is a refactoring to support default values.
2011-07-06 * Test case.Eelco Dolstra2-0/+8
2011-07-06 * In the ‘?’ operator, allow attribute paths. For instance, you canEelco Dolstra4-24/+47
write ‘attrs ? a.b’ to test whether ‘attrs’ has an attribute ‘a’ containing an attribute ‘b’. This is more convenient than ‘attrs ? a && attrs.a ? b’. Slight change in the semantics: it's no longer an error if the left-hand side of ‘?’ is not an attribute set. In that case it just returns false. So, ‘null ? foo’ no longer throws an error.
2011-07-04 (no commit message)Eelco Dolstra1-1/+1
2011-06-30 doc: Fix typo.Ludovic Courtès1-0/+2
2011-06-30 Add support for the `build-timeout' and `--timeout' options.Ludovic Courtès12-5/+115
2011-06-27 (no commit message)Eelco Dolstra1-1/+1
2011-06-27 (no commit message)Eelco Dolstra1-1/+1
2011-05-03 * Use SQLite 3.7.6.2.Eelco Dolstra1-1/+1
2011-04-19 * nix-install-package: unset NIX_REMOTE because $NIX_MANIFESTS_DIREelco Dolstra1-1/+4
doesn't work when building through the Nix daemon. This also ensures an error message when the user doesn't have sufficient privileges to do nix-pull.