about summary refs log tree commit diff
path: root/src/libstore/store.cc
AgeCommit message (Collapse)AuthorFilesLines
2005-01-17 * Removed the `id' attribute hack.Eelco Dolstra1-5/+5
* Formalise the notion of fixed-output derivations, i.e., derivations for which a cryptographic hash of the output is known in advance. Changes to such derivations should not propagate upwards through the dependency graph. Previously this was done by specifying the hash component of the output path through the `id' attribute, but this is insecure since you can lie about it (i.e., you can specify any hash and then produce a completely different output). Now the responsibility for checking the output is moved from the builder to Nix itself. A fixed-output derivation can be created by specifying the `outputHash' and `outputHashAlgo' attributes, the latter taking values `md5', `sha1', and `sha256', and the former specifying the actual hash in hexadecimal or in base-32 (auto-detected by looking at the length of the attribute value). MD5 is included for compatibility but should be considered deprecated. * Removed the `drvPath' pseudo-attribute in derivation results. It's no longer necessary. * Cleaned up the support for multiple output paths in derivation store expressions. Each output now has a unique identifier (e.g., `out', `devel', `docs'). Previously there was no way to tell output paths apart at the store expression level. * `nix-hash' now has a flag `--base32' to specify that the hash should be printed in base-32 notation. * `fetchurl' accepts parameters `sha256' and `sha1' in addition to `md5'. * `nix-prefetch-url' now prints out a SHA-1 hash in base-32. (TODO: a flag to specify the hash.)
2005-01-14 * Shorten SHA-256 hashes used in store path name generation to 160Eelco Dolstra1-7/+5
bits, then encode them in a radix-32 representation (using digits and letters except e, o, u, and t). This produces store paths like /nix/store/4i0zb0z7f88mwghjirkz702a71dcfivn-aterm-2.3.1. The nice thing about this is that the hash part of the file name is still 32 characters, as before with MD5. (Of course, shortening SHA-256 to 160 bits makes it no better than SHA-160 in theory, but hopefully it's a bit more resistant to attacks; it's certainly a lot slower.)
2005-01-14 * Start move towards SHA-256 hashes instead of MD5.Eelco Dolstra1-6/+30
* Start cleaning up unique store path generation (they weren't always unique; in particular the suffix ("-aterm-2.2", "-builder.sh") was not part of the hash, therefore changes to the suffix would cause multiple store objects with the same hash).
2005-01-13 * Added SHA-1 support. `nix-hash' now has an option `--type sha1' toEelco Dolstra1-1/+1
select SHA-1 hashing.
2005-01-13 * Refactoring to support SHA-1.Eelco Dolstra1-1/+1
2004-12-20 * An operation `nix-store --clear-substitutes' to remove allEelco Dolstra1-8/+35
registered substitute mappings.
2004-12-20 * Simplify the substitute mechanism:Eelco Dolstra1-80/+19
- Drop the store expression. So now a substitute is just a command-line invocation (a program name + arguments). If you register a substitute you are responsible for registering the expression that built it (if any) as a root of the garbage collector. - Drop the substitutes-rev DB table.
2004-10-25 * Allow certain operations to succeed even if we don't have writeEelco Dolstra1-7/+17
permission to the Nix store or database. E.g., `nix-env -qa' will work, but `nix-env -qas' won't (the latter needs DB access). The option `--readonly-mode' forces this mode; otherwise, it's only activated when the database cannot be opened.
2004-09-09 * Remove write permission from store objects after they have beenEelco Dolstra1-0/+4
added to the store. Bug reported by Martin.
2004-09-09 * A very dirty hack to make setuid installations a bit nicer to use.Eelco Dolstra1-2/+9
Previously there was the problem that all files read by nix-env etc. should be reachable and readable by the Nix user. So for instance building a Nix expression in your home directory meant that the home directory should have at least g+x or o+x permission so that the Nix user could reach the Nix expression. Now we just switch back to the original user just prior to reading sources and the like. The places where this happens are somewhat arbitrary, however. Any scope that has a live SwitchToOriginalUser object in it is executed as the original user. * Back out r1385. setreuid() sets the saved uid to the new real/effective uid, which prevents us from switching back to the original uid. setresuid() doesn't have this problem (although the manpage has a bug: specifying -1 for the saved uid doesn't leave it unchanged; an explicit value must be specified).
2004-08-31 * Main the `substitutes-rev' table again, but now in a way thatEelco Dolstra1-18/+33
doesn't take \Theta(n^2) space/time complexity.
2004-08-25 * Put the garbage collector in nix-store: operation `--gc',Eelco Dolstra1-1/+1
suboperations `--print-live', `--print-dead', and `--delete'. The roots are not determined by nix-store; they are read from standard input. This is to make it easy to customise what the roots are. The collector now no longer fails when store expressions are missing (which legally happens when using substitutes). It never tries to fetch paths through substitutes. TODO: acquire a global lock on the store while garbage collecting. * Removed `nix-store --delete'.
2004-06-28 * Added a switch `--fallback'. From the manual:Eelco Dolstra1-4/+25
Whenever Nix attempts to realise a derivation for which a closure is already known, but this closure cannot be realised, fall back on normalising the derivation. The most common scenario in which this is useful is when we have registered substitutes in order to perform binary distribution from, say, a network repository. If the repository is down, the realisation of the derivation will fail. When this option is specified, Nix will build the derivation instead. Thus, binary installation falls back on a source installation. This option is not the default since it is generally not desirable for a transient failure in obtaining the substitutes to lead to a full build from source (with the related consumption of resources).
2004-06-22 * Put WEXITSTATUS stuff somewhere else.Eelco Dolstra1-1/+1
2004-06-22 * Wrapper class around pids.Eelco Dolstra1-13/+11
2004-06-22 * Refactoring.Eelco Dolstra1-1/+2
2004-06-21 * Remove obstructing invalid store paths add[Text]ToStore().Eelco Dolstra1-0/+6
2004-06-21 * Wrap calls to registerSubstitute() in a single transaction toEelco Dolstra1-8/+4
improve throughput. * Don't build the `substitute-rev' table for now, since it caused Theta(N^2) time and log file consumption when adding N substitutes. Maybe we can do without it.
2004-06-20 * Re-enable support for substitutes in the normaliser.Eelco Dolstra1-58/+107
* A better substitute mechanism. Instead of generating a store expression for each store path for which we have a substitute, we can have a single store expression that builds a generic program that is invoked to build the desired store path, which is passed as an argument. This means that operations like `nix-pull' only produce O(1) files instead of O(N) files in the store when registering N substitutes. (It consumes O(N) database storage, of course, but that's not a performance problem). * Added a test for the substitute mechanism. * `nix-store --substitute' reads the substitutes from standard input, instead of from the command line. This prevents us from running into the kernel's limit on command line length.
2004-04-14 * Be stricter in verifying store paths.Eelco Dolstra1-4/+5
2004-02-14 * The environment variable NIX_ROOT can now be set to execute Nix in aEelco Dolstra1-9/+29
chroot() environment. * A operation `--validpath' to register path validity. Useful for bootstrapping in a pure Nix environment. * Safety checks: ensure that files involved in store operations are in the store.
2004-01-15 * Catch SIGINT to terminate cleanly when the user tries to interruptEelco Dolstra1-1/+1
Nix. This is to prevent Berkeley DB from becoming wedged. Unfortunately it is not possible to throw C++ exceptions from a signal handler. In fact, you can't do much of anything except change variables of type `volatile sig_atomic_t'. So we set an interrupt flag in the signal handler and check it at various strategic locations in the code (by calling checkInterrupt()). Since this is unlikely to cover all cases (e.g., (semi-)infinite loops), sometimes SIGTERM may now be required to kill Nix.
2004-01-13 * Print error messages, not debug messages.Eelco Dolstra1-5/+9
2003-12-22 * GCC 2.95 compatibility.Eelco Dolstra1-0/+1
2003-12-05 * Allow successors that don't exist but have a substitute.Eelco Dolstra1-34/+73
* Integrity: check in successor / substitute registration whether the target path exists or has a substitute.
2003-11-24 * Bug fix in path invalidation.Eelco Dolstra1-23/+41
* More consistency checks.
2003-11-22 * Maintain integrity of the substitute and successor mappings whenEelco Dolstra1-37/+54
deleting a path in the store. * Allow absolute paths in Nix expressions. * Get nix-prefetch-url to work again. * Various other fixes.
2003-11-22 * Fix the garbage collector.Eelco Dolstra1-8/+1
2003-11-18 * libnix -> libstore.Eelco Dolstra1-0/+407