about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2005-10-18 * Oops, that should be Berkeley DB 4.3. Reported by Gerco Ballintijn.Eelco Dolstra1-1/+1
2005-10-17 * Also kill all processes of the build user after the build. This isEelco Dolstra1-0/+8
critical to prevent certain kinds of 0wnage.
2005-10-17 * Before starting a build under some uid, kill all current processesEelco Dolstra1-0/+48
running under that uid.
2005-10-17 * Check that the build result is owned by the build user, and thatEelco Dolstra1-2/+13
nobody else has write permission to the build result. This catches most hack attempts.
2005-10-17 * Don't use FIFOs to make Nix create the output path on behalf of theEelco Dolstra1-68/+17
builder. Instead, require that the Nix store has sticky permission (S_ISVTX); everyone can created files in the Nix store, but they cannot delete, rename or modify files created by others.
2005-10-17 * Beginning of secure multi-user Nix stores. If Nix is started asEelco Dolstra4-58/+219
root (or setuid root), then builds will be performed under one of the users listed in the `build-users' configuration variables. This is to make it impossible to influence build results externally, allowing locally built derivations to be shared safely between users (see ASE-2005 paper). To do: only one builder should be active per build user.
2005-10-11 add @coreutils@ to correctly use coreutils to create a profile. This is neededArmijn Hemel1-1/+1
for NixOS, where we might not know our PATH in advance.
2005-10-11 * Use ATerm 2.4.2.Eelco Dolstra1-4/+4
2005-10-06 * Swap the system and version comparion columns.Eelco Dolstra1-2/+2
2005-10-06 * Document `nix-env --compare-versions'.Eelco Dolstra1-10/+69
2005-10-06 * Only colorise if we are attached to a terminal.Eelco Dolstra1-0/+3
2005-10-06 * New query option: `--compare-versions' or `-c' to compare installedEelco Dolstra2-19/+89
versions to available versions, or vice versa. For example, the following compares installed versions to available versions: $ nix-env -qc autoconf-2.59 = 2.59 automake-1.9.4 < 1.9.6 f-spot-0.0.10 - ? firefox-1.0.4 < 1.0.7 ... I.e., there are newer versions available (in the current default Nix expression) for Automake and Firefox, but not for Autoconf, and F-Spot is missing altogether. Conversely, the available versions can be compared to the installed versions: $ nix-env -qac autoconf-2.59 = 2.59 automake-1.9.6 > 1.9.4 bash-3.0 - ? firefox-1.0.7 > 1.0.4 ... Note that bash is available but no version of it is installed. If multiple versions are available for comparison, then the highest is used. E.g., if Subversion 1.2.0 is installed, and Subversion 1.1.4 and 1.2.3 are available, then `nix-env -qc' will print `< 1.2.3', not `> 1.1.4'. If higher versions are available, the version column is printed in red (using ANSI escape codes).
2005-10-05 * Update NEWS in the root directory properly.Eelco Dolstra1-1/+1
2005-10-05 * log2xml -> nix-log2xml.Eelco Dolstra8-2/+2
2005-10-05 * Install the XSL stylesheets for log to html conversion.Eelco Dolstra1-6/+14
2005-09-28 * Use "source" instead of ".".Eelco Dolstra1-4/+4
2005-09-22 * Lets not go wild with templates.Eelco Dolstra1-4/+6
2005-09-22 * Parse multi-valued options.Eelco Dolstra5-16/+54
2005-09-22 * Merge release notes.Eelco Dolstra1-0/+35
2005-09-21 * Remove other uses of IPC::Open2.Eelco Dolstra1-20/+8
2005-09-21 * Don't use IPC::Open2, it has a subtle race bug on Mac OS X 10.4. IfEelco Dolstra1-8/+2
the parent runs before the child, it closes some pipe file descriptors which causes the child to fail due to a bad file descriptor. So we just use the normal open() function instead. This fixes NIX-14 (intermittent nix-pull failures).
2005-09-21 * This doesn't parse for now.Eelco Dolstra1-1/+1
2005-09-21 * Configuration options for trusted local builds.Eelco Dolstra3-5/+43
2005-09-21 * Use -all_load on Mac OS X.Eelco Dolstra1-0/+7
2005-09-20 * Typo.Eelco Dolstra1-1/+1
2005-09-18 * Use a statically linked ATerm library and build it at -O1, sinceEelco Dolstra1-1/+2
higher optimisation levels cause statically linked libraries to barf.
2005-09-16 * Bump the version number to 0.10.Eelco Dolstra1-1/+1
2005-09-16 * Updated release notes.Eelco Dolstra1-1/+19
2005-09-16 * svn:ignores.Eelco Dolstra1-1/+1
* Add missing file to dist.
2005-09-16 * svn:ignore.Eelco Dolstra0-0/+0
2005-09-16 * Remove dead file.Eelco Dolstra1-2/+0
2005-09-16 * Set the current directory to something well-defined. Might help inEelco Dolstra1-0/+2
setuid installations.
2005-09-16 * Include the release notes in the manual.Eelco Dolstra1-0/+5
2005-09-15 * Force release notes in ASCII, not UTF-8.Eelco Dolstra1-1/+1
2005-09-15 * Check for w3m.Eelco Dolstra3-3/+10
2005-09-15 * Use a proper temporary directory.Eelco Dolstra1-7/+19
2005-09-15 * This is not a GNU project :-PEelco Dolstra1-1/+1
2005-09-14 * Remove dead code.Eelco Dolstra1-6/+0
2005-09-14 * Release notes in Docbook; ASCII release notes (i.e., the `NEWS'Eelco Dolstra6-332/+581
file) is now generated from that using `w3m' and some XSL hackery.
2005-09-14 * List concatenation must be right-associative for efficiency.Eelco Dolstra1-1/+1
2005-09-13 * Remove debugging code.Eelco Dolstra1-9/+0
2005-09-13 * More debugging.Eelco Dolstra1-0/+7
2005-09-13 * Debugging.Eelco Dolstra1-0/+2
2005-09-13 * Missing #include.Eelco Dolstra1-0/+2
2005-09-13 * Release notes.Eelco Dolstra1-3/+53
2005-09-01 * Use aterm 2.4.Eelco Dolstra1-3/+3
2005-09-01 * `nix-env -e' corrupts memory due to incorrect use of iterators.Eelco Dolstra1-2/+6
Reported by Rob Vermaas.
2005-08-14 * `dependencyClosure' now allows a search path, e.g.,Eelco Dolstra5-33/+90
dependencyClosure { ... searchPath = [ ../foo ../bar ]; ... } * Primop `dirOf' to return the directory part of a path (e.g., dirOf /a/b/c == /a/b). * Primop `relativise' (according to Webster that's a real word!) that given paths A and B returns a string representing path B relative path to A; e.g., relativise /a/b/c a/b/x/y => "../x/y".
2005-08-14 * A primitive operation `dependencyClosure' to do automatic dependencyEelco Dolstra6-30/+147
determination (e.g., finding the header files dependencies of a C file) in Nix low-level builds automatically. For instance, in the function `compileC' in make/lib/default.nix, we find the header file dependencies of C file `main' as follows: localIncludes = dependencyClosure { scanner = file: import (findIncludes { inherit file; }); startSet = [main]; }; The function works by "growing" the set of dependencies, starting with the set `startSet', and calling the function `scanner' for each file to get its dependencies (which should yield a list of strings representing relative paths). For instance, when `scanner' is called on a file `foo.c' that includes the line #include "../bar/fnord.h" then `scanner' should yield ["../bar/fnord.h"]. This list of dependencies is absolutised relative to the including file and added to the set of dependencies. The process continues until no more dependencies are found (hence its a closure). `dependencyClosure' yields a list that contains in alternation a dependency, and its relative path to the directory of the start file, e.g., [ /bla/bla/foo.c "foo.c" /bla/bar/fnord.h "../bar/fnord.h" ] These relative paths are necessary for the builder that compiles foo.c to reconstruct the relative directory structure expected by foo.c. The advantage of `dependencyClosure' over the old approach (using the impure `__currentTime') is that it's completely pure, and more efficient because it only rescans for dependencies (i.e., by building the derivations yielded by `scanner') if sources have actually changed. The old approach rescanned every time.
2005-08-14 * Cleanup; sync with thesis.Eelco Dolstra3-19/+12