about summary refs log tree commit diff
path: root/src/libstore
AgeCommit message (Collapse)AuthorFilesLines
2015-07-17 Allow remote builds without sending the derivation closureEelco Dolstra8-143/+300
Previously, to build a derivation remotely, we had to copy the entire closure of the .drv file to the remote machine, even though we only need the top-level derivation. This is very wasteful: the closure can contain thousands of store paths, and in some Hydra use cases, include source paths that are very large (e.g. Git/Mercurial checkouts). So now there is a new operation, StoreAPI::buildDerivation(), that performs a build from an in-memory representation of a derivation (BasicDerivation) rather than from a on-disk .drv file. The only files that need to be in the Nix store are the sources of the derivation (drv.inputSrcs), and the needed output paths of the dependencies (as described by drv.inputDrvs). "nix-store --serve" exposes this interface. Note that this is a privileged operation, because you can construct a derivation that builds any store path whatsoever. Fixing this will require changing the hashing scheme (i.e., the output paths should be computed from the other fields in BasicDerivation, allowing them to be verified without access to other derivations). However, this would be quite nice because it would allow .drv-free building (e.g. "nix-env -i" wouldn't have to write any .drv files to disk). Fixes #173.
2015-07-02 TypoEelco Dolstra1-1/+1
2015-07-01 Preserve supplementary groups of build usersLudovic Courtès1-2/+18
The following patch is an attempt to address this bug (see <http://bugs.gnu.org/18994>) by preserving the supplementary groups of build users in the build environment. In practice, I would expect that supplementary groups would contain only one or two groups: the build users group, and possibly the “kvm” group. [Changed &at(0) to data() and removed tabs - Eelco]
2015-06-30 GC: Handle ENOSPC creating/moving to the trash directoryEelco Dolstra1-8/+23
Issue #564.
2015-06-22 Use posix_fallocate to create /nix/var/nix/db/reservedEelco Dolstra1-1/+11
2015-06-22 Make /nix/var/nix/db/reserved biggerEelco Dolstra1-1/+1
Issue #564.
2015-06-10 Export outputPaths functionEelco Dolstra3-11/+12
This is useful for the new hydra-queue-runner.
2015-06-09 Use std::vector::data()Eelco Dolstra1-5/+2
2015-06-04 Allow substitutes for builds that have preferLocalBuild setEelco Dolstra3-10/+18
Not substituting builds with "preferLocalBuild = true" was a bad idea, because it didn't take the cost of dependencies into account. For instance, if we can't substitute a fetchgit call, then we have to download/build git and all its dependencies. Partially reverts 5558652709f27e8a887580b77b93c705659d7a4b and adds a new derivation attribute "allowSubstitutes" to specify whether a derivation may be substituted.
2015-06-04 Chown files created for passAsFileEelco Dolstra1-2/+7
Nixpkgs' writeTextAsFile does this: mv "$textPath" "$n" Since $textPath was owned by root, if $textPath is on the same filesystem as $n, $n will be owned as root. As a result, the build result was rejected as having suspicious ownership. http://hydra.nixos.org/build/22836807
2015-06-02 Add a ‘verifyStore’ RPCLudovic Courtès4-1/+17
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2015-05-21 nix-collect-garbage: Don't call nix-envEelco Dolstra2-1/+91
Also, make sure --delete-older-than doesn't delete the current generation.
2015-05-21 Move profiles.{cc,hh} to libstoreEelco Dolstra2-0/+210
2015-05-13 cygwin: explicitly include required c headersRok Garbas2-0/+2
2015-05-12 Don't try to map /bin/sh to a store path on non-LinuxShea Levy1-0/+2
2015-04-18 Add the pre-build hook.Shea Levy3-0/+41
This hook can be used to set system-specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files through the interface, but it also has full access to the chroot root. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-support system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-18 Revert "Add the pre-build hook."Shea Levy3-112/+0
Going to reimplement differently. This reverts commit 1e4a4a2e9fc382f47f58b448f3ee034cdd28218a.
2015-04-16 Fix using restricted mode with chrootsEelco Dolstra3-0/+4
2015-04-12 Add the pre-build hook.Shea Levy3-0/+112
This hook can be used to set system specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-supported system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-09 Implement a TTL on cached fetchurl/fetchTarball resultsEelco Dolstra2-0/+10
This is because we don't want to do HTTP requests on every evaluation, even though we can prevent a full redownload via the cached ETag. The default is one hour.
2015-04-07 Revert /nix/store permission back to 01775Eelco Dolstra2-2/+2
This broke NixOS VM tests. Mostly reverts 27b7b94923d2f207781b438bb7a57669bddf7d2b, 5ce50cd99e740d0d0f18c30327ae687be9356553, afa433e58c3fe6029660a43fdc2073c9d15b4210.
2015-04-02 Chroot builds: Provide world-readable /nix/storeEelco Dolstra1-1/+1
This was causing NixOS VM tests to fail mysteriously since 5ce50cd99e740d0d0f18c30327ae687be9356553. Nscd could (sometimes) no longer read /etc/hosts: open("/etc/hosts", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) Probably there was some wacky interaction between the guest kernel and the 9pfs implementation in QEMU.
2015-03-25 addToStore(): Take explicit name argumentEelco Dolstra5-29/+29
2015-03-24 Improve setting the default chroot dirsEelco Dolstra2-2/+7
2015-03-24 Add the closure of store paths to the chrootEelco Dolstra1-0/+8
Thus, for example, to get /bin/sh in a chroot, you only need to specify /bin/sh=${pkgs.bash}/bin/sh in build-chroot-dirs. The dependencies of sh will be added automatically.
2015-03-24 Tighten permissions on chroot directoriesEelco Dolstra1-2/+12
2015-03-06 Fix typos: s/the the/the/Daniel Hahler1-1/+1
2015-03-04 Don't use vfork() before clone()Eelco Dolstra1-1/+3
I'm seeing hangs in Glibc's setxid_mark_thread() again. This is probably because the use of an intermediate process to make clone() safe from a multi-threaded program (see 524f89f1399724e596f61faba2c6861b1bb7b9c5) is defeated by the use of vfork(), since the intermediate process will have a copy of Glibc's threading data structures due to the vfork(). So use a regular fork() again.
2015-03-03 Merge branch 'allow-system-library' of git://github.com/copumpkin/nixShea Levy1-1/+1
Make the default impure prefix include all of /System/Library
2015-03-02 Make the default impure prefix (not actual allowed impurities!) include all ↵Dan Peebles1-1/+1
of /System/Library, since we also want PrivateFrameworks from there and (briefly) TextEncodings, and who knows what else. Yay infectious impurities?
2015-03-02 Allow local networking in the darwin sandbox to appease testsDan Peebles1-0/+3
2015-02-23 More graceful fallback for chroots on Linux < 2.13Eelco Dolstra1-6/+5
2015-02-23 Use chroots for all derivationsEelco Dolstra3-17/+35
If ‘build-use-chroot’ is set to ‘true’, fixed-output derivations are now also chrooted. However, unlike normal derivations, they don't get a private network namespace, so they can still access the network. Also, the use of the ‘__noChroot’ derivation attribute is no longer allowed. Setting ‘build-use-chroot’ to ‘relaxed’ gives the old behaviour.
2015-02-17 Use $<attr>Path instead of $<attr> for passAsFileEelco Dolstra1-1/+1
2015-02-17 Allow passing attributes via files instead of environment variablesEelco Dolstra1-4/+16
Closes #473.
2015-02-16 Use pivot_root in addition to chroot when possibleHarald van Dijk1-7/+28
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use.
2015-02-04 Require linux 3.13 or later for chrootShea Levy1-1/+6
Fixes #453
2015-01-18 Make inputs writeable in the sandbox (builds still can’t actually write ↵Daniel Peebles1-2/+7
due to user permissions)
2015-01-13 Allow using /bin and /usr/bin as impure prefixes on non-darwin by defaultShea Levy1-1/+1
These directories are generally world-readable anyway, and give us the two most common linux impurities (env and sh)
2015-01-13 SysError -> ErrorEelco Dolstra1-1/+1
2015-01-13 Don't resolve symlinks while checking __impureHostDepsEelco Dolstra1-2/+5
Since these come from untrusted users, we shouldn't do any I/O on them before we've checked that they're in an allowed prefix.
2015-01-12 Add basic Apple sandbox supportDaniel Peebles1-17/+169
2015-01-08 Doh^2Eelco Dolstra1-1/+1
2015-01-08 DohEelco Dolstra1-3/+3
2015-01-08 Set /nix/store permission to 1737Eelco Dolstra2-19/+6
I.e., not readable to the nixbld group. This improves purity a bit for non-chroot builds, because it prevents a builder from enumerating store paths (i.e. it can only access paths it knows about).
2015-01-06 Fix building on DarwinEelco Dolstra1-1/+4
Fixes #433.
2014-12-29 LocalStore initialization: Don't die if build-users-group doesn't existShea Levy1-11/+12
See NixOS/nixpkgs@9245516
2014-12-23 Revive running builds in a PID namespaceEelco Dolstra1-30/+59
2014-12-14 PedantryEelco Dolstra1-1/+1
2014-12-14 Merge branch 'cygwin-master' of https://github.com/ternaris/nixEelco Dolstra2-0/+2