about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2017-05-04 Linux sandbox: Use /build instead of /tmp as $TMPDIREelco Dolstra1-5/+15
There is a security issue when a build accidentally stores its $TMPDIR in some critical place, such as an RPATH. If TMPDIR=/tmp/nix-build-..., then any user on the system can recreate that directory and inject libraries into the RPATH of programs executed by other users. Since /build probably doesn't exist (or isn't world-writable), this mitigates the issue.
2017-05-04 nix dump-path: AddEelco Dolstra3-0/+55
This is primarily useful for extracting NARs from other stores (like binary caches), which "nix-store --dump" cannot do.
2017-05-03 Fix Ubuntu 16.10 buildEelco Dolstra1-9/+9
http://hydra.nixos.org/build/52420073
2017-05-03 perl-bindings: Remove unused --with-store-dir flagEelco Dolstra1-5/+0
2017-05-03 Fix build on gcc 4.9Eelco Dolstra2-3/+6
http://hydra.nixos.org/build/52408843
2017-05-03 nix-shell: Implement passAsFileEelco Dolstra1-2/+15
2017-05-03 nix eval: Add a --raw flagEelco Dolstra1-1/+13
Similar to "jq -r", this prints the evaluation result (which must be a string value) unquoted.
2017-05-03 Fix perlBindings.x86_64-darwinEelco Dolstra1-1/+1
http://hydra.nixos.org/build/52401151
2017-05-03 Merge pull request #1371 from regnat/doc_--xml_fixEelco Dolstra1-10/+8
fix the description of --xml and --json
2017-05-03 doc: fix the description of --xml and --jsonregnat1-10/+8
Those options seem to only apply with --eval and not with --parse.
2017-05-02 build-remote: Add a basic testEelco Dolstra3-1/+27
This only runs on Linux because it requires a diverted store (which uses mount/user namespaces).
2017-05-02 Fix "nix ... --all"Eelco Dolstra2-12/+16
When "--all" is used, we should not fill in a default installable.
2017-05-02 Add a test for diverted storesEelco Dolstra2-1/+29
2017-05-02 LocalStoreAccessor: Fix handling of diverted storesEelco Dolstra1-3/+4
2017-05-02 Replace $NIX_REMOTE_SYSTEMS with an option "builder-files"Eelco Dolstra4-14/+34
Also, to unify with hydra-queue-runner, allow it to be a list of files.
2017-05-02 build-remote: Fix fallback to other machines when connecting failsEelco Dolstra5-1/+19
Opening an SSHStore or LegacySSHStore does not actually establish a connection, so the try/catch block here did nothing. Added a Store::connect() method to test whether a connection can be established.
2017-05-02 Add an option for specifying remote buildersEelco Dolstra6-12/+27
This is useful for one-off situations where you want to specify a builder on the command line instead of having to mess with nix.machines. E.g. $ nix-build -A hello --argstr system x86_64-darwin \ --option builders 'root@macstadium1 x86_64-darwin' will perform the specified build on "macstadium1". It also removes the need for a separate nix.machines file since you can specify builders in nix.conf directly. (In fact nix.machines is yet another hack that predates the general nix.conf configuration file, IIRC.) Note: this option is supported by the daemon for trusted users. The fact that this allows trusted users to specify paths to SSH keys to which they don't normally have access is maybe a bit too much trust...
2017-05-02 Factor out machines.conf parsingEelco Dolstra3-87/+108
This allows hydra-queue-runner to use it.
2017-05-02 build-hook: If there are no machines defined, quit permanentlyEelco Dolstra2-2/+14
2017-05-02 Fix build hook testEelco Dolstra1-2/+2
2017-05-02 build-remote: Ugly hackery to get build logs to workEelco Dolstra4-3/+11
The build hook mechanism expects build log output to go to file descriptor 4, so do that.
2017-05-01 build-remote: Don't require signaturesEelco Dolstra6-16/+20
This restores the old behaviour.
2017-05-01 Support arbitrary store URIs in nix.machinesEelco Dolstra4-46/+66
For backwards compatibility, if the URI is just a hostname, ssh:// (i.e. LegacySSHStore) is prepended automatically. Also, all fields except the URI are now optional. For example, this is a valid nix.machines file: local?root=/tmp/nix This is useful for testing the remote build machinery since you don't have to mess around with ssh.
2017-05-01 Minor cleanupEelco Dolstra1-2/+2
2017-05-01 Implement LegacySSHStore::buildDerivation()Eelco Dolstra1-5/+32
This makes LegacySSHStore usable by build-remote and hydra-queue-runner.
2017-05-01 Chomp log output from the build hookEelco Dolstra1-1/+1
2017-05-01 Remove $NIX_BUILD_HOOK and $NIX_CURRENT_LOADEelco Dolstra6-156/+12
This is to simplify remote build configuration. These environment variables predate nix.conf. The build hook now has a sensible default (namely build-remote). The current load is kept in the Nix state directory now.
2017-05-01 build-remote: Don't copy the .drv closureEelco Dolstra2-16/+8
Since build-remote uses buildDerivation() now, we don't need to copy the .drv file anymore. This greatly reduces the set of input paths copied to the remote side (e.g. from 392 to 51 store paths for GNU hello on x86_64-darwin).
2017-05-01 Pass verbosity level to build hookEelco Dolstra2-6/+10
2017-05-01 Reduce severity of EMLINK warningsEelco Dolstra1-2/+1
Fixes #1357.
2017-05-01 Add a dummy Store::buildPaths() methodEelco Dolstra5-38/+36
This default implementation of buildPaths() does nothing if all requested paths are already valid, and throws an "unsupported operation" error otherwise. This fixes a regression introduced by c30330df6f67c81986dfb124631bc756c8e58c0d in binary cache and legacy SSH stores.
2017-05-01 Merge pull request #1366 from Mic92/fix-nix-daemon-serviceEelco Dolstra1-0/+1
nix-daemon.service: fix startup
2017-05-01 Merge branch 'remove-catchall' of https://github.com/layus/nixEelco Dolstra3-13/+29
2017-05-01 lexer: remove catch-all rules hiding real errorsGuillaume Maudoux1-10/+17
With catch-all rules, we hide potential errors. It turns out that a4744254 made one cath-all useless. Flex detected that is was impossible to reach. The other is more subtle, as it can only trigger on unfinished escapes in unfinished strings, which only occurs at EOF.
2017-05-01 Fix lexer to support `$'` in multiline strings.Guillaume Maudoux3-3/+12
2017-04-29 nix-daemon.service: set XDG_CONFIG_HOMEJörg Thalheim1-0/+1
Otherwise starting nix-daemon fails ● nix-daemon.service - Nix Daemon Loaded: loaded (/nix/store/mnf00a6gc55xl47smk0b32gmi7xpvlfp-nix-1.12pre5308_2f21d522/lib/systemd/system/nix-daemon.service; enabled; vendor preset: enabled) Drop-In: /nix/store/m2rgjp71n4kyp8j5fxgbrlv13scd5vvv-system-units/nix-daemon.service.d └─overrides.conf Active: failed (Result: exit-code) since Sat 2017-04-29 11:29:21 CEST; 9s ago Process: 7299 ExecStart=nix-daemon --daemon (code=exited, status=1/FAILURE) Main PID: 7299 (code=exited, status=1/FAILURE) CPU: 19ms ... systemd[1]: Started Nix Daemon. ... nix-daemon[7299]: error: $XDG_CONFIG_HOME and $HOME are not set ... systemd[1]: nix-daemon.service: Main process exited, code=exited, status=1/FAILURE ... systemd[1]: nix-daemon.service: Unit entered failed state. ... systemd[1]: nix-daemon.service: Failed with result 'exit-code'. ... systemd[1]: nix-daemon.service: Start request repeated too quickly. ... systemd[1]: Failed to start Nix Daemon. ... systemd[1]: nix-daemon.service: Failed with result 'exit-code'.
2017-04-28 Hopefully fix the Darwin buildEelco Dolstra1-0/+1
http://hydra.nixos.org/build/52080911
2017-04-28 Suppress warning about ssh-auth-sockEelco Dolstra1-1/+3
2017-04-28 Check for libreadlineEelco Dolstra7-5/+22
2017-04-28 Fix brainfartEelco Dolstra1-1/+1
2017-04-28 Fix hash computation when importing NARs greater than 4 GiBEelco Dolstra1-1/+1
This caused "nix-store --import" to compute an incorrect hash on NARs that don't fit in an unsigned int. The import would succeed, but "nix-store --verify-path" or subsequent exports would detect an incorrect hash. A deeper issue is that the export/import format does not contain a hash, so we can't detect such issues early. Also, I learned that -Wall does not warn about this.
2017-04-26 Merge pull request #1358 from shlevy/store-nestingEelco Dolstra2-0/+18
Add Store nesting to fix import-from-derivation within filterSource
2017-04-26 Add Store nesting to fix import-from-derivation within filterSourceShea Levy2-0/+18
2017-04-26 DohEelco Dolstra1-1/+1
2017-04-26 Simplify building nix-perl in nix-shellEelco Dolstra5-6/+15
2017-04-25 nix repl: Fix Ctrl-CEelco Dolstra1-0/+10
2017-04-25 Minor cleanupEelco Dolstra1-10/+7
2017-04-25 Fix nix-shell testEelco Dolstra1-2/+4
2017-04-25 "using namespace std" considered harmfulEelco Dolstra1-6/+5
2017-04-25 nix repl: Use $XDG_DATA_HOME for the readline historyEelco Dolstra3-3/+19