about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2017-07-14 Prompt for sudo before validating assumptions, and check ourselves for ↵Graham Christensen1-25/+13
root-owned files instead of making a scary warning.
2017-07-14 multi-user install: move the profile in to the nix etc/profiles.d outputGraham Christensen1-68/+1
2017-07-14 Switch to a fancy multi-user installer on DarwinGraham Christensen3-8/+831
2017-07-14 Shellcheck the existing installerGraham Christensen1-1/+4
2017-07-14 nix: Show help when no arguments are givenEelco Dolstra4-10/+14
Fixes #1464.
2017-07-14 Tarball job: Include libseccomp on Linux onlyEelco Dolstra1-2/+1
2017-07-14 Shut up a memory leak warningEelco Dolstra1-1/+2
2017-07-11 replaceSymlink(): Handle the case where the temporary file already existsEelco Dolstra1-4/+13
Not really necessary anymore for #849, but still nice to have.
2017-07-11 fetchTarball: Prevent concurrent downloads of the same fileEelco Dolstra1-0/+4
Fixes #849.
2017-07-10 Merge pull request #1422 from nh2/fix-potential-hash-comparison-crashEelco Dolstra1-0/+2
Fix potential crash/wrong result two hashes of unequal length are compared
2017-07-10 Merge branch 'man2' of git://github.com/robx/nixShea Levy9-50/+65
2017-07-10 fix buggy nix-shell man pageRobert Vollmert1-1/+1
2017-07-10 Merge pull request #1428 from rimmington/clearer-regex-space-errorEelco Dolstra1-2/+7
Clearer error message when regex exceeds space limit
2017-07-10 Clearer error message when regex exceeds space limitRhys1-2/+7
2017-07-07 man page (nix-shell): Fix grouping of -p optionRobert Vollmert1-4/+4
Not sure about the raw ellipsis.
2017-07-07 man page (nix-prefetch-url): Add some missing optionsRobert Vollmert1-2/+4
2017-07-07 man page (nix-instantiate): -E is optionalRobert Vollmert1-1/+1
2017-07-07 man page (nix-instantiate): Add --json to synopsis, order variablesRobert Vollmert1-16/+17
2017-07-07 man page (nix-instantiate): Remove non-existent nix-build argument -rRobert Vollmert1-1/+1
2017-07-07 man pages: Consistently separate alternatives by /Robert Vollmert2-12/+6
2017-07-07 man pages: Argument for --max-jobsRobert Vollmert1-2/+2
2017-07-07 man pages: Grouping for option alternativesRobert Vollmert2-10/+28
2017-07-07 glossary: Fix word orderRobert Vollmert1-1/+1
2017-07-07 Merge pull request #1445 from matthewbauer/macos-skip-hardlinkEelco Dolstra1-0/+14
Don’t hardlink disallowed paths in OS X.
2017-07-07 Merge pull request #1444 from robx/manEelco Dolstra2-3/+2
Fix nix-instantiate manpage indentation
2017-07-06 Don’t hardlink disallowed paths in OS X.Matthew Bauer1-0/+14
Fixes #1443
2017-07-06 Remove unused variable from test scriptRobert Vollmert1-2/+0
2017-07-06 Fix nix-instantiate manpage indentationRobert Vollmert1-1/+2
The second command variant is now its own cmdsynopsis, which ensures it's not indented as was the case using sbrk.
2017-07-04 Add X32 to the seccomp filterEelco Dolstra1-0/+4
Fixes #1432.
2017-07-04 Sort substituters by priorityEelco Dolstra3-0/+11
Fixes #1438.
2017-07-04 getDefaultSubstituters(): Simplify initialisationEelco Dolstra1-20/+14
As shlevy pointed out, static variables in C++11 have thread-safe initialisation.
2017-07-04 Add allow-new-privileges optionEelco Dolstra3-0/+26
This allows builds to call setuid binaries. This was previously possible until we started using seccomp. Turns out that seccomp by default disallows processes from acquiring new privileges. Generally, any use of setuid binaries (except those created by the builder itself) is by definition impure, but some people were relying on this ability for certain tests. Example: $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --no-allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 2 log lines: cannot raise the capability into the Ambient set : Operation not permitted $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 6 log lines: PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=15.2 ms Fixes #1429.
2017-07-04 Fix handling of expression installables with a / in themEelco Dolstra1-4/+4
2017-07-04 Support base-64 hashesEelco Dolstra23-213/+205
Also simplify the Hash API. Fixes #1437.
2017-07-04 <nix/fetchurl.nix>: Support sha512 argumentEelco Dolstra1-3/+3
2017-07-03 nix-shell: Respect --dry-runEelco Dolstra1-0/+2
Fixes #824.
2017-07-03 Replace a few bool flags with enumsEelco Dolstra22-141/+138
Functions like copyClosure() had 3 bool arguments, which creates a severe risk of mixing up arguments. Also, implement copyClosure() using copyPaths().
2017-07-03 processGraph(): Call getEdges in parallelEelco Dolstra1-28/+47
2017-06-30 Merge pull request #1417 from corngood/cygwin-fixEelco Dolstra1-0/+14
Call SetDllDirectory("") after sqlite3 init on cygwin
2017-06-24 Fix potential crash/wrong result two hashes of unequal length are comparedNiklas Hambüchen1-0/+2
2017-06-20 Call SetDllDirectory("") after sqlite3 init on cygwinDavid McFarland1-0/+14
Cygwin sqlite3 is patched to call SetDllDirectory("/usr/bin") on init, which affects the current process and is inherited by child processes. It causes DLLs to be loaded from /usr/bin/ before $PATH, which breaks all sorts of things. A typical failures would be header/lib version mismatches (e.g. openssl when running checkPhase on openssh). We'll just set it back to the default value. Note that this is a problem with the cygwin version of sqlite3 (currently 3.18.0). nixpkgs doesn't have the problematic patch.
2017-06-20 Restore thunks on any exceptionEelco Dolstra1-1/+1
There's no reason to restrict this to Error exceptions. This shouldn't matter to #1407 since the repl doesn't catch non-Error exceptions anyway, but you never know...
2017-06-19 Let hydra choose an alternate list of systemsShea Levy1-3/+1
2017-06-19 Disable use of virtual hosting in aws-sdk-cppEelco Dolstra1-1/+1
Recently aws-sdk-cpp quietly switched to using S3 virtual host URIs (https://github.com/aws/aws-sdk-cpp/commit/69d9c53882), i.e. it sends requests to http://<bucket>.<region>.s3.amazonaws.com rather than http://<region>.s3.amazonaws.com/<bucket>. However this interacts badly with curl connection reuse. For example, if we do the following: 1) Check whether a bucket exists using GetBucketLocation. 2) If it doesn't, create it using CreateBucket. 3) Do operations on the bucket. then 3) will fail for a minute or so with a NoSuchBucket exception, presumably because the server being hit is a fallback for cases when buckets don't exist. Disabling the use of virtual hosts ensures that 3) succeeds immediately. (I don't know what S3's consistency guarantees are for bucket creation, but in practice buckets appear to be available immediately.)
2017-06-19 Support creating S3 caches in other regions than us-east-1Eelco Dolstra1-4/+10
2017-06-19 Handle S3Errors::RESOURCE_NOT_FOUND from aws-sdk-cppEelco Dolstra1-2/+4
This is returned by recent versions. Also handle NO_SUCH_KEY even though the library doesn't actually return that at the moment.
2017-06-19 Suppress "will retry in N ms" for non-retriable errorsEelco Dolstra1-5/+6
Newer versions of aws-sdk-cpp call CalculateDelayBeforeNextRetry() even for non-retriable errors (like NoSuchKey) whih causes log spam in hydra-queue-runner.
2017-06-19 Show aws-sdk-cpp log messagesEelco Dolstra1-0/+22
2017-06-19 macOS: Ugly hack to make the tests succeedEelco Dolstra2-3/+6
Sandboxes cannot be nested, so if Nix's build runs inside a sandbox, it cannot use a sandbox itself. I don't see a clean way to detect whether we're in a sandbox, so use a test-specific hack. https://github.com/NixOS/nix/issues/1413
2017-06-19 macOS: Remove flagsEelco Dolstra1-0/+10
In particular, UF_IMMUTABLE (uchg) needs to be cleared to allow the path to be garbage-collected or optimised. See https://github.com/NixOS/nixpkgs/issues/25819. + the file from being garbage-collected.