about summary refs log tree commit diff
path: root/configure.ac
AgeCommit message (Collapse)AuthorFilesLines
2015-10-21 Add resolve-system-dependencies.plJude Taylor1-0/+17
2015-03-27 Add dependency on libcurl-devEelco Dolstra1-0/+4
http://hydra.nixos.org/eval/1179370
2015-02-16 Use pivot_root in addition to chroot when possibleHarald van Dijk1-0/+1
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use.
2015-02-10 Make libsodium an optional dependencyEelco Dolstra1-2/+6
2015-02-04 Use libsodium instead of OpenSSL for binary cache signingEelco Dolstra1-0/+4
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key.
2014-11-25 Rely on XML catalogs to find the DocBook schemas and stylesheetsEelco Dolstra1-11/+0
2014-09-22 configure: Force regeneration of Makefile.configEelco Dolstra1-0/+2
2014-09-17 Remove unused w3m dependencyEelco Dolstra1-1/+0
2014-09-17 On Linux, disable address space randomizationEelco Dolstra1-5/+0
2014-09-17 Add Make flag to disable optimizationEelco Dolstra1-2/+2
2014-07-10 Remove maybeVforkEelco Dolstra1-4/+0
2014-05-26 Use std::unordered_setEelco Dolstra1-6/+0
2014-02-01 Build/install manualEelco Dolstra1-6/+0
2014-01-21 Fix buildEelco Dolstra1-3/+3
2014-01-09 Handle systems where "echo -n" doesn't workEelco Dolstra1-1/+1
2013-11-25 Expand configure variables before writing config.statusEelco Dolstra1-1/+10
This way, we can use config.status for generating scripts/* (without ending up with lines like "#! /usr/bin/perl -I${libexecdir}/...").
2013-11-25 Remove obsolete setting of $CC_FOR_BUILDEelco Dolstra1-10/+0
2013-11-25 Don't install LibtoolEelco Dolstra1-16/+0
2013-11-25 Don't instantiate Automake makefilesEelco Dolstra1-25/+1
2013-11-22 Drop the dependency on AutomakeEelco Dolstra1-8/+4
2013-11-22 New non-recursive, plain Make-based build systemEelco Dolstra1-0/+1
2013-11-14 Remove nix-setuid-helperEelco Dolstra1-1/+0
AFAIK, nobody uses it, it's not maintained, and it has no tests.
2013-08-19 Turn on -WallEelco Dolstra1-2/+2
2013-08-07 Run the daemon worker on the same CPU as the clientEelco Dolstra1-0/+4
On a system with multiple CPUs, running Nix operations through the daemon is significantly slower than "direct" mode: $ NIX_REMOTE= nix-instantiate '<nixos>' -A system real 0m0.974s user 0m0.875s sys 0m0.088s $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m2.118s user 0m1.463s sys 0m0.218s The main reason seems to be that the client and the worker get moved to a different CPU after every call to the worker. This patch adds a hack to lock them to the same CPU. With this, the overhead of going through the daemon is very small: $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m1.074s user 0m0.809s sys 0m0.098s
2013-08-06 Set the default GCC optimisation level to -O3Eelco Dolstra1-0/+2
2013-07-12 Add gzip support for channel unpackingGergely Risko1-1/+1
2013-03-25 makeStoreWritable: Use statvfs instead of /proc/self/mountinfo to find out ↵Shea Levy1-0/+1
if /nix/store is a read-only bind mount /nix/store could be a read-only bind mount even if it is / in its own filesystem, so checking the 4th field in mountinfo is insufficient. Signed-off-by: Shea Levy <shea@shealevy.com>
2013-01-02 UrggghEelco Dolstra1-1/+0
http://hydra.nixos.org/build/3661100
2012-11-15 Disable use of vfork()Eelco Dolstra1-1/+1
vfork() is just too weird. For instance, in this build: http://hydra.nixos.org/build/3330487 the value fromHook.writeSide becomes corrupted in the parent, even though the child only reads from it. At -O0 the problem goes away. Probably the child is overriding some spilled temporary variable. If I get bored I may implement using posix_spawn() instead.
2012-11-09 Use vfork() instead of fork() if availableEelco Dolstra1-0/+4
Hopefully this reduces the chance of hitting ‘unable to fork: Cannot allocate memory’ errors. vfork() is used for everything except starting builders.
2012-10-10 Out-of-tree building of perl modules.Mats Erik Andersson1-1/+1
2012-10-03 Rename nix-worker to nix-daemonEelco Dolstra1-1/+1
2012-10-03 Remove bin2cEelco Dolstra1-1/+0
2012-09-14 Test whether GNU tar understands --warning=no-timestampEelco Dolstra1-2/+2
http://hydra.nixos.org/build/3031618
2012-08-27 WhitespaceEelco Dolstra1-7/+7
2012-08-01 Use a GNU tar flag to shut up warnings about implausibly old timestampEelco Dolstra1-0/+12
2012-07-26 Merge branch 'master' into no-manifestsEelco Dolstra1-0/+17
2012-07-23 Handle platforms that don't support linking to a symlinkEelco Dolstra1-0/+12
E.g. Darwin doesn't allow this.
2012-07-23 Use lutimes() if available to canonicalise the timestamp of symlinksEelco Dolstra1-0/+5
Also use utimes() instead of utime() if lutimes() is not available.
2012-07-09 Add WWW::Curl as a dependencyEelco Dolstra1-0/+11
2012-06-29 Use XZ compression in binary cachesEelco Dolstra1-0/+1
XZ compresses significantly better than bzip2. Here are the compression ratios and execution times (using 4 cores in parallel) on my /var/run/current-system (3.1 GiB): bzip2: total compressed size 849.56 MiB, 30.8% [2m08] xz -6: total compressed size 641.84 MiB, 23.4% [6m53] xz -7: total compressed size 621.82 MiB, 22.6% [7m19] xz -8: total compressed size 599.33 MiB, 21.8% [7m18] xz -9: total compressed size 588.18 MiB, 21.4% [7m40] Note that compression takes much longer. More importantly, however, decompression is much faster: bzip2: 1m47.274s xz -6: 0m55.446s xz -7: 0m54.119s xz -8: 0m52.388s xz -9: 0m51.842s The only downside to using -9 is that decompression takes a fair amount (~65 MB) of memory.
2012-05-10 Support building with the Perl XS bindings disabledEelco Dolstra1-9/+16
Since the Perl bindings require shared libraries, this is required on platforms such as Cygwin where we do a static build.
2012-05-04 Require SQLite >= 3.6.19Eelco Dolstra1-1/+1
Nix needs SQLite's foreign key constraint feature, which was introduced in 3.6.19. Without it, the database won't be cleaned up correctly when paths are deleted. See e.g. http://hydra.nixos.org/build/2494142.
2012-04-13 If "pv" is available at compile time, hard-code its pathEelco Dolstra1-0/+1
2012-03-19 Fix the optional dependency on OpenSSLEelco Dolstra1-1/+1
http://hydra.nixos.org/build/2306540
2012-03-18 Drop the externals directoryEelco Dolstra1-62/+22
Nix now requires SQLite and bzip2 to be pre-installed. SQLite is detected using pkg-config. We required DBD::SQLite anyway, so depending on SQLite is not a big problem. The --with-bzip2, --with-openssl and --with-sqlite flags are gone.
2012-02-15 On Linux, make the Nix store really read-only by using the immutable bitEelco Dolstra1-4/+8
I was bitten one time too many by Python modifying the Nix store by creating *.pyc files when run as root. On Linux, we can prevent this by setting the immutable bit on files and directories (as in ‘chattr +i’). This isn't supported by all filesystems, so it's not an error if setting the bit fails. The immutable bit is cleared by the garbage collector before deleting a path. The only tricky aspect is in optimiseStore(), since it's forbidden to create hard links to an immutable file. Thus optimiseStore() temporarily clears the immutable bit before creating the link.
2012-01-11 * Figure out the extension of dynamic libraries; don't hard-code .so.Eelco Dolstra1-0/+5
2012-01-05 * Add a -I flag to the Perl bindings to nix-build and some otherEelco Dolstra1-1/+9
scripts. * Include the version and architecture in the -I flag so that there is at least a chance that a Nix binary built for one Perl version will run on another version.
2012-01-04 * Let --disable-gc work.Eelco Dolstra1-2/+2