about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2016-04-14 Add tests for restricted eval modeEelco Dolstra2-1/+19
2016-04-14 Set RLIMIT_CORE to 0, infinity in buildersEelco Dolstra1-0/+7
This prevents the builder from being affected by whatever the host system limits happen to be.
2016-04-14 Make primop registration pluggableEelco Dolstra4-3/+33
This way we don't have to put all primops in one giant file.
2016-04-14 Fix std::atomic_flag build failureEelco Dolstra1-0/+1
http://hydra.nixos.org/build/34453794
2016-04-14 install-nix-from-closure: Don't run nix-store --verifyEelco Dolstra1-5/+0
Verification is slow. Also, we really shouldn't advise users to nuke their store.
2016-04-14 Remove PDF manualEelco Dolstra2-28/+1
More spring cleaning.
2016-04-13 nix-profile test: Set USERShea Levy1-2/+3
2016-04-12 Merge branch 'patch-2' of git://github.com/wmertens/nixShea Levy1-1/+9
install-nix-from-closure improvments
2016-04-11 Remove manifest supportEelco Dolstra37-2143/+20
Manifests have been superseded by binary caches for years. This also gets rid of nix-pull, nix-generate-patches and bsdiff/bspatch.
2016-04-10 Bring nix-profile.sh in line with NixOSWout Mertens1-13/+63
Use the same logic as NixOS' profile and environment setup. Closes #414
2016-04-10 Remove information about nix-store --optimiseWout Mertens1-9/+0
2016-04-10 Always verify nix store on installwmertens1-1/+18
Just wasted a couple hours chasing shadows because the nix store got corrupted and there was no indication of that anywhere. Since an install is one-time only, might as well verify. Optimization showed that the copied files aren't read-only; fixed that as well. Also, use /bin/sh since there's a good chance that this script will be run on systems without /bin/bash
2016-04-08 Remove failed build cachingEelco Dolstra17-335/+12
This feature was implemented for Hydra, but Hydra no longer uses it.
2016-04-08 Make LocalStore thread-safeEelco Dolstra5-217/+246
Necessary for multi-threaded commands like "nix verify-paths".
2016-04-07 nix verify-paths: Add ‘--sigs-needed <N>’ flagEelco Dolstra3-16/+41
This specifies the number of distinct signatures required to consider each path "trusted". Also renamed ‘--no-sigs’ to ‘--no-trust’ for the flag that disables verifying whether a path is trusted (since a path can also be trusted if it has no signatures, but was built locally).
2016-04-07 Use secret-key-files for verifyingEelco Dolstra1-1/+14
2016-04-07 Sign locally-built pathsEelco Dolstra3-1/+24
Locally-built paths are now signed automatically using the secret keys specified by the ‘secret-key-files’ option.
2016-04-06 Fix "tar: This does not look like a tar archive" with fetchTarball / -I http://Eelco Dolstra1-2/+1
The 304 Not Modified was not handled correctly, so the empty result from the conditional request would overwrite the previous tarball.
2016-04-05 Add "nix sign-paths" commandEelco Dolstra2-1/+52
E.g. $ nix sign-paths -k ./secret -r $(type -p geeqie) signs geeqie and all its dependencies using the key in ./secret.
2016-04-05 Add "nix copy-sigs" commandEelco Dolstra9-3/+185
This imports signatures from one store into another. E.g. $ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/ imported 595 signatures
2016-04-05 Probably fix SQLITE_BUSY errorsEelco Dolstra2-0/+7
2016-04-04 throwSQLiteError(): Check for SIGINT so we don't loop foreverEelco Dolstra1-0/+1
2016-03-31 Add missing -pthreadEelco Dolstra1-1/+1
https://hydra.nixos.org/build/33908385
2016-03-30 LocalStore: Keep track of ultimately trusted pathsEelco Dolstra7-12/+51
These are content-addressed paths or outputs of locally performed builds. They are trusted even if they don't have signatures, so "nix verify-paths" won't complain about them.
2016-03-30 Fix nix-copy-closure test on 16.03Eelco Dolstra1-1/+1
2016-03-30 Improve the SQLite wrapper APIEelco Dolstra5-224/+157
In particular, this eliminates a bunch of boilerplate code.
2016-03-30 Factour out SQLite handlingEelco Dolstra4-204/+224
2016-03-30 Turn retrying SQLite transactions into a higher-order functionEelco Dolstra1-33/+42
2016-03-30 nix verify: Support checking against signatures in other storesEelco Dolstra1-2/+33
Typical usage is to check local paths using the signatures from a binary cache: $ nix verify-paths -r /run/current-system -s https://cache.nixos.org path ‘/nix/store/c1k4zqfb74wba5sn4yflb044gvap0x6k-nixos-system-mandark-16.03.git.fc2d7a5M’ is untrusted ... checked 844 paths, 119 untrusted
2016-03-30 HttpBinaryCacheStore: Treat 403 errors as 404Eelco Dolstra1-1/+3
2016-03-30 CurlDownloader: Fix HTTP error processingEelco Dolstra1-1/+0
2016-03-29 Improve SIGINT handling in multi-threaded programsEelco Dolstra4-14/+12
The flag remembering whether an Interrupted exception was thrown is now thread-local. Thus, all threads will (eventually) throw Interrupted. Previously, one thread would throw Interrupted, and then the other threads wouldn't see that they were supposed to quit.
2016-03-29 Add "nix verify-store" commandEelco Dolstra1-13/+53
Like "nix-store --verify --check-contents", but with the same advantages as "nix verify-paths".
2016-03-29 Add "nix verify-paths" commandEelco Dolstra11-2/+432
Unlike "nix-store --verify-path", this command verifies signatures in addition to store path contents, is multi-threaded (especially useful when verifying binary caches), and has a progress indicator. Example use: $ nix verify-paths --store https://cache.nixos.org -r $(type -p thunderbird) ... [17/132 checked] checking ‘/nix/store/rawakphadqrqxr6zri2rmnxh03gqkrl3-autogen-5.18.6’
2016-03-29 Re-enable sync_with_stdioEelco Dolstra1-3/+0
Otherwise writing to std::cerr is not thread-safe (in particular, lines will be randomly duplicated).
2016-03-29 Merge pull request #864 from copumpkin/remove-hackEelco Dolstra1-3/+2
Kill the temporary darwin-specific channel
2016-03-28 Kill the temporary darwin-specific channelDan Peebles1-3/+2
The issues have been resolved upstream in the main nixpkgs channel now
2016-03-24 Use shorter daemon socket path in testsEelco Dolstra3-5/+5
Otherwise we hit the 104 character limit. http://hydra.nixos.org/build/33562028
2016-03-24 Move signature support from NarInfo to ValidPathInfoEelco Dolstra4-39/+43
2016-03-24 TyposEelco Dolstra1-2/+2
2016-03-24 HttpBinaryCacheStore: Make thread-safeEelco Dolstra1-2/+6
2016-03-23 Drop support for daemon socket path >= 108 charactersEelco Dolstra1-15/+3
Doing a chdir() is a bad idea in multi-threaded programs, leading to failures such as error: cannot connect to daemon at ‘/nix/var/nix/daemon-socket/socket’: No such file or directory Since Linux doesn't have a connectat() syscall like FreeBSD, there is no way we can support this in a race-free way.
2016-03-23 LocalStoreAccessor::stat: Handle ENOTDIREelco Dolstra1-1/+1
Closes https://github.com/NixOS/hydra/pull/286.
2016-03-22 Remove references to old-school signingEelco Dolstra2-42/+0
2016-03-22 Don't overload dumpPath()Eelco Dolstra7-11/+13
2016-03-21 Move signatures from NarInfo to ValidPathInfoEelco Dolstra4-11/+21
This allows queryPathInfo() to return signatures.
2016-03-21 nix: Add --store flagEelco Dolstra2-4/+10
This is a bit user-friendlier than using $NIX_REMOTE.
2016-03-21 Add Store::dumpPath() methodEelco Dolstra7-7/+29
This allows applying nix-store --verify-path to binary cache stores: NIX_REMOTE=https://cache.nixos.org nix-store --verify-path /nix/store/s5c7...
2016-03-21 Drop support for upgrading from Nix <= 0.12Eelco Dolstra1-84/+7
2016-03-17 Merge pull request #852 from domenkozar/docker/1.11.2Eelco Dolstra1-13/+10
Dockerfile: 1.9 -> 1.11.2, add more users