about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2015-07-20 More cleanupEelco Dolstra9-296/+184
2015-07-17 OCD: foreach -> C++11 ranged forEelco Dolstra30-874/+849
2015-07-17 Allow remote builds without sending the derivation closureEelco Dolstra12-154/+372
Previously, to build a derivation remotely, we had to copy the entire closure of the .drv file to the remote machine, even though we only need the top-level derivation. This is very wasteful: the closure can contain thousands of store paths, and in some Hydra use cases, include source paths that are very large (e.g. Git/Mercurial checkouts). So now there is a new operation, StoreAPI::buildDerivation(), that performs a build from an in-memory representation of a derivation (BasicDerivation) rather than from a on-disk .drv file. The only files that need to be in the Nix store are the sources of the derivation (drv.inputSrcs), and the needed output paths of the dependencies (as described by drv.inputDrvs). "nix-store --serve" exposes this interface. Note that this is a privileged operation, because you can construct a derivation that builds any store path whatsoever. Fixing this will require changing the hashing scheme (i.e., the output paths should be computed from the other fields in BasicDerivation, allowing them to be verified without access to other derivations). However, this would be quite nice because it would allow .drv-free building (e.g. "nix-env -i" wouldn't have to write any .drv files to disk). Fixes #173.
2015-07-17 Make printValue() interruptibleEelco Dolstra1-0/+2
Fixes #572.
2015-07-17 nix-collect-garbage: Handle ENOENTEelco Dolstra1-1/+6
Don't barf trying to read a link that just got deleted. Fixes #575.
2015-07-17 Add DockerfileJaka Hudoklin1-0/+23
2015-07-03 Fix the parsing of "$"'s in strings.Guillaume Maudoux3-7/+8
2015-07-03 Fix the hack that resets the scanner state.Guillaume Maudoux2-42/+19
2015-07-02 TypoEelco Dolstra1-1/+1
2015-07-01 Preserve supplementary groups of build usersLudovic Courtès1-2/+18
The following patch is an attempt to address this bug (see <http://bugs.gnu.org/18994>) by preserving the supplementary groups of build users in the build environment. In practice, I would expect that supplementary groups would contain only one or two groups: the build users group, and possibly the “kvm” group. [Changed &at(0) to data() and removed tabs - Eelco]
2015-07-01 Revert "add the manpath to the installer"Eelco Dolstra1-1/+0
This reverts commit 76f985b92d95fef967c1f3193d05244ced15420b. We shouldn't mess with $MANPATH, because on some "man" implementations (like NixOS'), the default value on $MANPATH is derived from $PATH. So if you set $MANPATH, you lose the default locations.
2015-06-30 GC: Handle ENOSPC creating/moving to the trash directoryEelco Dolstra1-8/+23
Issue #564.
2015-06-22 Use posix_fallocate to create /nix/var/nix/db/reservedEelco Dolstra1-1/+11
2015-06-22 Make /nix/var/nix/db/reserved biggerEelco Dolstra1-1/+1
Issue #564.
2015-06-17 Support URLs in $NIX_PATHEelco Dolstra3-1/+32
This didn't work (despite claims in the manual), because the colon in "http://" was parsed as a element separator. So handle "://" specially.
2015-06-17 Debian package: Declare runtime dependency on libsodium13Eelco Dolstra1-1/+3
Fixes #558.
2015-06-15 BumpEelco Dolstra1-1/+1
2015-06-12 TyposEelco Dolstra1-12/+12
2015-06-12 nix-channel: Fix bogus error message caused by ↵Eelco Dolstra1-3/+3
8a84bd8c8bda1e4c6764c10ecdef9d74e4884800
2015-06-12 Update release notesEelco Dolstra1-1/+1
2015-06-10 Export outputPaths functionEelco Dolstra3-11/+12
This is useful for the new hydra-queue-runner.
2015-06-09 Install serve-protocol.hhEelco Dolstra1-1/+2
2015-06-09 Use std::vector::data()Eelco Dolstra3-12/+8
2015-06-08 nix-push: Support -jEelco Dolstra1-1/+6
Fixes #548.
2015-06-08 Update cacert locationsEelco Dolstra2-5/+9
2015-06-08 Fix manualEelco Dolstra1-3/+3
2015-06-04 Allow substitutes for builds that have preferLocalBuild setEelco Dolstra3-10/+18
Not substituting builds with "preferLocalBuild = true" was a bad idea, because it didn't take the cost of dependencies into account. For instance, if we can't substitute a fetchgit call, then we have to download/build git and all its dependencies. Partially reverts 5558652709f27e8a887580b77b93c705659d7a4b and adds a new derivation attribute "allowSubstitutes" to specify whether a derivation may be substituted.
2015-06-04 copy-from-other-stores: Use cpEelco Dolstra1-1/+1
2015-06-04 Chown files created for passAsFileEelco Dolstra1-2/+7
Nixpkgs' writeTextAsFile does this: mv "$textPath" "$n" Since $textPath was owned by root, if $textPath is on the same filesystem as $n, $n will be owned as root. As a result, the build result was rejected as having suspicious ownership. http://hydra.nixos.org/build/22836807
2015-06-03 Handle base-16 NarHash fields in signed .narinfo filesEelco Dolstra3-3/+17
2015-06-03 Be more robust wrt broken .narinfo filesEelco Dolstra1-3/+10
2015-06-03 NamingEelco Dolstra1-2/+2
2015-06-02 Fix tarball testEelco Dolstra1-0/+3
The tarball cache is stored in $HOME, so the test should set up its own $HOME.
2015-06-02 Build against libsodium on Ubuntu 15.04 and Debian 8Eelco Dolstra1-19/+21
2015-06-02 Don't let unprivileged users repair pathsEelco Dolstra1-7/+9
2015-06-02 Use StoreAPI::verifyStore()Eelco Dolstra1-1/+1
2015-06-02 Add a ‘verifyStore’ RPCLudovic Courtès5-1/+27
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2015-06-01 Document setting up signed binary cachesEelco Dolstra3-3/+138
2015-06-01 Include the cache.nixos.org signing key by defaultEelco Dolstra1-1/+3
2015-06-01 Add tarball testsEelco Dolstra3-2/+22
2015-06-01 Document tarball downloadingEelco Dolstra6-15/+171
2015-06-01 Fix fetchurl/fetchTarballEelco Dolstra1-1/+2
2015-06-01 readFile: Check against nul bytesEelco Dolstra1-1/+4
2015-06-01 Document nix-shell #!-scriptsEelco Dolstra1-0/+124
2015-06-01 nix-shell: Support multiple "#! nix-shell" linesEelco Dolstra1-1/+1
2015-06-01 TypoEelco Dolstra1-1/+1
2015-06-01 Nix 1.9 release notesEelco Dolstra2-0/+217
2015-05-29 Add Debian 8.0 buildsBenjamin Staffin1-0/+2
Change-Id: I68a54a0c3f97da2d062f43b638de817fd40f2dcd
2015-05-22 Build on Ubuntu 15.04Eelco Dolstra1-4/+8
2015-05-22 Fix import-from-derivation in restricted eval modeEelco Dolstra1-0/+7
This relaxes restricted mode to allow access to anything in the store. In the future, it would be better to allow access to only paths that have been constructed in the current evaluation (so a hard-coded /nix/store/blabla in a Nix expression would still be rejected). However, note that reading /nix/store itself is still rejected, so you can't use this so get access to things you don't know about.