about summary refs log tree commit diff
path: root/src/libstore/build.cc
AgeCommit message (Collapse)AuthorFilesLines
2017-01-09 Merge pull request #1139 from Mic92/masterEelco Dolstra1-6/+2
Simplify remouting with MS_PRIVATE in sandbox build
2017-01-02 Provide /var/run/nscd/socket in the sandboxEelco Dolstra1-0/+1
Otherwise sandbox builds can fail, e.g. $ NIX_REMOTE=local?root=/tmp/nix nix-build '<nixpkgs>' -A hello --option build-use-substitutes false ... downloading ‘http://ftpmirror.gnu.org/bash/bash-4.3-patches/bash43-047’... error: unable to download ‘http://ftpmirror.gnu.org/bash/bash-4.3-patches/bash43-047’: Couldn't resolve host name (6)
2016-12-22 Add commentEelco Dolstra1-1/+2
2016-12-19 Revert "Merge branch 'seccomp' of https://github.com/aszlig/nix"Eelco Dolstra1-65/+29
This reverts commit 9f3f2e21edb17dbcd674539dff96efb6cceca10c, reversing changes made to 47f587700d646f5b03a42f2fa57c28875a31efbe.
2016-12-19 Revert "Give root a valid home directory"Eelco Dolstra1-3/+3
This reverts commit ec7d498b72b0e283814c27cbc6c064496f95445d.
2016-12-15 Give root a valid home directoryEelco Dolstra1-3/+3
Some programs barf if the current user has a non-writable home directory, e.g. http://hydra.nixos.org/build/44818144.
2016-12-15 Merge branch 'seccomp' of https://github.com/aszlig/nixEelco Dolstra1-29/+65
2016-12-08 Don't delete .check directories of running buildsEelco Dolstra1-2/+2
We need to keep them around for diffoscope.
2016-12-08 Fix buildEelco Dolstra1-2/+2
http://hydra.nixos.org/build/44628517
2016-12-07 Add a hook to run diffoscope when non-determinism is detectedEelco Dolstra1-7/+32
2016-12-07 Keep track of the exact build start/stop timesEelco Dolstra1-0/+4
2016-12-07 Bail out early when non-determinism is detectedEelco Dolstra1-0/+1
2016-12-07 Add an option to make non-determinism non-fatalEelco Dolstra1-11/+13
That is, when build-repeat > 0, and the output of two rounds differ, then print a warning rather than fail the build. This is primarily to let Hydra check reproducibility of all packages.
2016-12-06 Use a steady clock for timeoutsEelco Dolstra1-22/+28
Fixes #1146.
2016-12-06 nix-store --serve: Suppress log output on stderr when repeating a buildEelco Dolstra1-1/+2
2016-11-26 Revert "Get rid of unicode quotes (#1140)"Eelco Dolstra1-101/+101
This reverts commit f78126bfd6b6c8477fcdbc09b2f98772dbe9a1e7. There really is no need for such a massive change...
2016-11-25 Get rid of unicode quotes (#1140)Guillaume Maudoux1-101/+101
2016-11-25 Simplify remouting with MS_PRIVATE in sandbox buildJörg Thalheim1-6/+2
also fix race condition if mounts are added after mountinfo is read.
2016-11-17 Update darwin build for optional sandbox pathsShea Levy1-3/+6
Fixes #1132
2016-11-16 seccomp: Forge return values for *chown32aszlig1-0/+4
These syscalls are only available in 32bit architectures, but libseccomp should handle them correctly even if we're on native architectures that do not have these syscalls. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-16 seccomp: Forge return codes for POSIX ACL syscallsaszlig1-0/+4
Commands such as "cp -p" also use fsetxattr() in addition to fchown(), so we need to make sure these syscalls always return successful as well in order to avoid nasty "Invalid value" errors. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-16 libstore/build: Forge chown() to return successaszlig1-0/+41
What we basically want is a seccomp mode 2 BPF program like this but for every architecture: BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_chown, 4, 0), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_fchown, 3, 0), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_fchownat, 2, 0), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_lchown, 1, 0), BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO) However, on 32 bit architectures we do have chown32, lchown32 and fchown32, so we'd need to add all the architecture blurb which libseccomp handles for us. So we only need to make sure that we add the 32bit seccomp arch while we're on x86_64 and otherwise we just stay at the native architecture which was set during seccomp_init(), which more or less replicates setting 32bit personality during runChild(). The FORCE_SUCCESS() macro here could be a bit less ugly but I think repeating the seccomp_rule_add() all over the place is way uglier. Another way would have been to create a vector of syscalls to iterate over, but that would make error messages uglier because we can either only print the (libseccomp-internal) syscall number or use seccomp_syscall_resolve_num_arch() to get the name or even make the vector a pair number/name, essentially duplicating everything again. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-16 Run builds as root in user namespace againaszlig1-29/+16
This reverts commit ff0c0b645cc1448959126185bb2fafe41cf0bddf. We're going to use seccomp to allow "cp -p" and force chown-related syscalls to always return 0. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-14 buildPaths(): Handle ecIncompleteClosureEelco Dolstra1-1/+1
buildPaths() on a non-derivation would incorrectly not throw an error if the path didn't have a substitute.
2016-11-10 Store::computeFSClosure(): Support a set of pathsEelco Dolstra1-2/+1
This way, callers can exploits the parallelism of computeFSClosure() when they have multiple paths that they need the (combined) closure of.
2016-11-08 TypoEelco Dolstra1-1/+1
2016-10-31 Support optional sandbox pathsEelco Dolstra1-9/+26
For example, you can now set build-sandbox-paths = /dev/nvidiactl? to specify that /dev/nvidiactl should only be mounted in the sandbox if it exists in the host filesystem. This is useful e.g. for EC2 images that should support both CUDA and non-CUDA instances.
2016-10-26 Fix build log output in nix-store --serveEelco Dolstra1-1/+1
2016-10-14 Fix /dev/ptmx in sandboxesEelco Dolstra1-1/+6
This was broken since ff0c0b645cc1448959126185bb2fafe41cf0bddf. Since I can't figure out how to mount a devpts instance in the sandbox, let's just bind-mount the host devpts.
2016-09-21 Add sandbox-dev-shm-size optionEelco Dolstra1-1/+2
Fixes #1069.
2016-09-21 printMsg(lvlError, ...) -> printError(...) etc.Eelco Dolstra1-21/+21
2016-09-21 Some notational convenience for formatting stringsEelco Dolstra1-3/+3
We can now write throw Error("file '%s' not found", path); instead of throw Error(format("file '%s' not found") % path); and similarly printError("file '%s' not found", path); instead of printMsg(lvlError, format("file '%s' not found") % path);
2016-09-08 Don't run builds as root in the user namespaceEelco Dolstra1-16/+31
This largely reverts c68e5913c71badc89ff346d1c6948517ba720c93. Running builds as root breaks "cp -p", since when running as root, "cp -p" assumes that it can succesfully chown() files. But that's not actually the case since the user namespace doesn't provide a complete uid mapping. So it barfs with a fatal error message ("cp: failed to preserve ownership for 'foo': Invalid argument").
2016-09-08 Give a better error message if a path in build-sandbox-paths is invalidEelco Dolstra1-2/+6
2016-09-08 Fix assertion failure after early build setup failureEelco Dolstra1-1/+1
2016-08-30 Fix --fallbackEelco Dolstra1-7/+10
This fixes an assertion failure in "assert(goal);" in Worker::waitForInput() after a substitution goal is cancelled by the termination of another goal. The problem was the line //worker.childTerminated(shared_from_this()); // FIXME in the SubstitutionGoal destructor. This was disabled because shared_from_this() obviously doesn't work from a destructor. So we now use a real pointer for object identity.
2016-08-17 Add a mechanism for derivation attributes to reference the derivation's outputsEelco Dolstra1-14/+15
For example, you can now say: configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}"; The strings returned by the ‘placeholder’ builtin are replaced at build time by the actual store paths corresponding to the specified outputs. Previously, you had to work around the inability to self-reference by doing stuff like: preConfigure = '' configureFlags+=" --prefix $out --includedir=$dev" ''; or rely on ad-hoc variable interpolation semantics in Autoconf or Make (e.g. --prefix=\$(out)), which doesn't always work.
2016-08-10 Mark content-addressed paths in the Nix database and in .narinfoEelco Dolstra1-1/+1
This allows such paths to be imported without signatures.
2016-08-10 Add a "root" parameter to local storesEelco Dolstra1-1/+1
This makes it easier to create a diverted store, i.e. NIX_REMOTE="local?root=/tmp/root" instead of NIX_REMOTE="local?real=/tmp/root/nix/store&state=/tmp/root/nix/var/nix" NIX_LOG_DIR=/tmp/root/nix/var/log
2016-07-26 makeFixedOutputPath(): Drop superfluous HashType argumentEelco Dolstra1-5/+5
2016-07-23 Respect --keep-going when a substituter fails.Shea Levy1-2/+4
Fixes #977
2016-07-11 Modernize AutoCloseFDShea Levy1-44/+42
2016-06-09 Run builds in a user namespaceEelco Dolstra1-14/+65
This way, all builds appear to have a uid/gid of 0 inside the chroot. In the future, this may allow using programs like systemd-nspawn inside builds, but that will require assigning a larger UID/GID map to the build. Issue #625.
2016-06-09 Use O_CLOEXEC in most placesEelco Dolstra1-2/+1
2016-06-03 Support sandbox builds by non-root usersEelco Dolstra1-53/+63
This allows an unprivileged user to perform builds on a diverted store (i.e. where the physical store location differs from the logical location). Example: $ NIX_LOG_DIR=/tmp/log NIX_REMOTE="local?real=/tmp/store&state=/tmp/var" nix-build -E \ 'with import <nixpkgs> {}; runCommand "foo" { buildInputs = [procps nettools]; } "id; ps; ifconfig; echo $out > $out"' will do a build in the Nix store physically in /tmp/store but logically in /nix/store (and thus using substituters for the latter).
2016-06-03 Don't call shared_from_this() from a destructorEelco Dolstra1-1/+1
2016-06-02 LocalStore: Allow the physical and logical store directories to differEelco Dolstra1-0/+3
This is primarily to subsume the functionality of the copy-from-other-stores substituter. For example, in the NixOS installer, we can now do (assuming we're in the target chroot, and the Nix store of the installation CD is bind-mounted on /tmp/nix): $ nix-build ... --option substituters 'local?state=/tmp/nix/var&real=/tmp/nix/store' However, unlike copy-from-other-stores, this also allows write access to such a store. One application might be fetching substitutes for /nix/store in a situation where the user doesn't have sufficient privileges to create /nix, e.g.: $ NIX_REMOTE="local?state=/home/alice/nix/var&real=/home/alice/nix/store" nix-build ...
2016-06-02 Respect build-use-substitutesEelco Dolstra1-1/+1
2016-06-01 Skip substituters with an incompatible store directoryEelco Dolstra1-0/+5
2016-06-01 Make the store directory a member variable of StoreEelco Dolstra1-15/+15