about summary refs log tree commit diff
path: root/src/libstore/store-api.cc
AgeCommit message (Collapse)AuthorFilesLines
2016-10-07 Add copyClosure utility function for HydraEelco Dolstra1-0/+24
2016-09-21 printMsg(lvlError, ...) -> printError(...) etc.Eelco Dolstra1-1/+1
2016-09-16 Make computeFSClosure() single-threaded againEelco Dolstra1-34/+64
The fact that queryPathInfo() is synchronous meant that we needed a thread for every concurrent binary cache lookup, even though they end up being handled by the same download thread. Requiring hundreds of threads is not a good idea. So now there is an asynchronous version of queryPathInfo() that takes a callback function to process the result. Similarly, enqueueDownload() now takes a callback rather than returning a future. Thus, a command like nix path-info --store https://cache.nixos.org/ -r /nix/store/slljrzwmpygy1daay14kjszsr9xix063-nixos-16.09beta231.dccf8c5 that returns 4941 paths now takes 1.87s using only 2 threads (the main thread and the downloader thread). (This is with a prewarmed CloudFront.)
2016-08-10 Mark content-addressed paths in the Nix database and in .narinfoEelco Dolstra1-12/+48
This allows such paths to be imported without signatures.
2016-07-26 makeFixedOutputPath(): Drop superfluous HashType argumentEelco Dolstra1-6/+5
2016-06-20 Re-implement negative binary cache lookup cachingEelco Dolstra1-3/+7
2016-06-02 Allow setting the state directory as a store parameterEelco Dolstra1-2/+3
E.g. "local?store=/tmp/store&state=/tmp/var".
2016-06-01 Make the store directory a member variable of StoreEelco Dolstra1-33/+38
2016-05-30 Fix repair during substitutionEelco Dolstra1-2/+2
2016-05-04 Add a Store::addToStore() variant that accepts a NAREelco Dolstra1-13/+2
As a side effect, this ensures that signatures are propagated when copying paths between stores. Also refactored import/export to make use of this.
2016-05-04 Remove OpenSSL-based signingEelco Dolstra1-5/+4
2016-05-04 Add a copyStorePath() utility functionEelco Dolstra1-0/+13
2016-04-29 Allow parameters in store URIsEelco Dolstra1-3/+18
This is to allow store-specific configuration, e.g. s3://my-cache?compression=bzip2&secret-key=/path/to/key.
2016-04-29 Eliminate the substituter mechanismEelco Dolstra1-0/+35
Substitution is now simply a Store -> Store copy operation, most typically from BinaryCacheStore to LocalStore.
2016-04-21 Fix test failuresEelco Dolstra1-0/+1
2016-04-21 Implement S3BinaryCacheStore::queryAllValidPaths()Eelco Dolstra1-11/+23
This allows commands like "nix verify --all" or "nix path-info --all" to work on S3 caches. Unfortunately, this requires some ugly hackery: when querying the contents of the bucket, we don't want to have to read every .narinfo file. But the S3 bucket keys only include the hash part of each store path, not the name part. So as a special exception queryAllValidPaths() can now return store paths *without* the name part, and queryPathInfo() accepts such store paths (returning a ValidPathInfo object containing the full name).
2016-04-20 Cache path info lookups in SQLiteEelco Dolstra1-2/+48
This re-implements the binary cache database in C++, allowing it to be used by other Store backends, in particular the S3 backend.
2016-04-19 Move path info caching from BinaryCacheStore to StoreEelco Dolstra1-9/+53
Caching path info is generally useful. For instance, it speeds up "nix path-info -rS /run/current-system" (i.e. showing the closure sizes of all paths in the closure of the current system) from 5.6s to 0.15s. This also eliminates some APIs like Store::queryDeriver() and Store::queryReferences().
2016-04-07 nix verify-paths: Add ‘--sigs-needed <N>’ flagEelco Dolstra1-1/+7
This specifies the number of distinct signatures required to consider each path "trusted". Also renamed ‘--no-sigs’ to ‘--no-trust’ for the flag that disables verifying whether a path is trusted (since a path can also be trusted if it has no signatures, but was built locally).
2016-04-05 Add "nix sign-paths" commandEelco Dolstra1-0/+3
E.g. $ nix sign-paths -k ./secret -r $(type -p geeqie) signs geeqie and all its dependencies using the key in ./secret.
2016-03-24 Move signature support from NarInfo to ValidPathInfoEelco Dolstra1-1/+28
2016-03-24 TyposEelco Dolstra1-2/+2
2016-02-29 Make store implementations pluggableEelco Dolstra1-19/+24
This for instance allows hydra-queue-runner to add the S3 backend at runtime.
2016-02-25 Add NAR / Store accessor abstractionEelco Dolstra1-1/+3
This is primary to allow hydra-queue-runner to extract files like "nix-support/hydra-build-products" from NARs in binary caches.
2016-02-24 Eliminate reserveSpace flagEelco Dolstra1-4/+4
2016-02-24 openStoreAt(): Initialise the binary cacheEelco Dolstra1-1/+3
2016-02-24 Move BinaryCacheStore / LocalBinaryCacheStore from HydraEelco Dolstra1-3/+15
So you can now do: $ NIX_REMOTE=file:///tmp/binary-cache nix-store -qR /nix/store/...
2016-02-16 Rename ValidPathInfo::hash -> narHash for consistencyEelco Dolstra1-2/+2
2016-02-15 Expose the export magic value and move LocalStore::queryReferences to StoreEelco Dolstra1-0/+7
2016-02-15 Add function to extract hash part of a store pathEelco Dolstra1-1/+8
2016-02-11 ref<T>: Add cast operatorEelco Dolstra1-2/+2
2016-02-04 StoreAPI -> StoreEelco Dolstra1-5/+5
Calling a class an API is a bit redundant...
2016-02-04 Eliminate the "store" global variableEelco Dolstra1-8/+5
Also, move a few free-standing functions into StoreAPI and Derivation. Also, introduce a non-nullable smart pointer, ref<T>, which is just a wrapper around std::shared_ptr ensuring that the pointer is never null. (For reference-counted values, this is better than passing a "T&", because the latter doesn't maintain the refcount. Usually, the caller will have a shared_ptr keeping the value alive, but that's not always the case, e.g., when passing a reference to a std::thread via std::bind.)
2016-01-31 Use the daemon when we don't have write access to the Nix databaseEelco Dolstra1-4/+16
2015-08-21 nix-collect-garbage: Revive --max-freedEelco Dolstra1-10/+0
Fixes #609.
2015-07-20 More cleanupEelco Dolstra1-2/+2
2015-07-17 OCD: foreach -> C++11 ranged forEelco Dolstra1-22/+22
2014-08-20 Use proper quotes everywhereEelco Dolstra1-6/+6
2014-03-30 boost::shared_ptr -> std::shared_ptrEelco Dolstra1-4/+4
2013-07-12 Garbage collector: Don't follow symlinks arbitrarilyEelco Dolstra1-4/+1
Only indirect roots (symlinks to symlinks to the Nix store) are now supported.
2012-08-27 Merge branch 'master' into no-manifestsEelco Dolstra1-2/+2
2012-08-01 nix-store --gc: Make ‘--max-freed 0’ do the right thingEelco Dolstra1-2/+2
That is, delete almost nothing (it will still remove unused links from /nix/store/.links).
2012-07-30 Refactor settings processingEelco Dolstra1-8/+8
Put all Nix configuration flags in a Settings object.
2012-05-29 Reserve some disk space for the garbage collectorEelco Dolstra1-2/+2
We can't open a SQLite database if the disk is full. Since this prevents the garbage collector from running when it's most needed, we reserve some dummy space that we can free just before doing a garbage collection. This actually revives some old code from the Berkeley DB days. Fixes #27.
2012-03-26 Remove the --max-links GC optionEelco Dolstra1-1/+0
We don't need this anymore now that current filesystems support more than 32,000 files in a directory.
2011-11-23 * Add an API function exportPaths() that provides the functionality ofEelco Dolstra1-0/+11
‘nix-store --export’. * Add a Perl module that provides the functionality of ‘nix-copy-closure --to’. This is used by build-remote.pl so it no longer needs to start a separate nix-copy-closure process. Also, it uses the Perl API to do the export, so it doesn't need to start a separate nix-store process either. As a result, nix-copy-closure and build-remote.pl should no longer fail on very large closures due to an "Argument list too long" error. (Note that having very many dependencies in a single derivation can still fail because the environment can become too large. Can't be helped though.)
2011-07-20 * Fix a huuuuge security hole in the Nix daemon. It didn't check thatEelco Dolstra1-3/+21
derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build *any* desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2010-11-16 * Store the size of a store path in the database (to be precise, theEelco Dolstra1-10/+13
size of the NAR serialisation of the path, i.e., `nix-store --dump PATH'). This is useful for Hydra.
2010-02-22 * Revert r19650 (implement gc-keep-outputs by looking for derivationsEelco Dolstra1-13/+0
with the same name as the output) and instead use the DerivationOutputs table in the database, which is the correct way to to do things.
2010-01-25 * Make the garbage collector do the right thing when `gc-keep-outputs'Eelco Dolstra1-0/+13
is enabled by not depending on the deriver.