about summary refs log tree commit diff
path: root/src/libstore
AgeCommit message (Collapse)AuthorFilesLines
2012-03-05 Set the close-on-exec flag on file descriptorsEelco Dolstra3-3/+5
2012-03-05 Don't leak a file descriptor in commonChildInit()Eelco Dolstra1-0/+1
2012-03-05 Restore progress indication during nix-copy-closureEelco Dolstra1-0/+2
2012-03-01 Remove dependency on sqlite3_table_column_metadataEelco Dolstra1-7/+0
Not all SQLite builds have the function sqlite3_table_column_metadata. We were only using it in a schema upgrade check for compatibility with databases that were probably never seen in the wild. So remove it.
2012-03-01 Fix an uninitialised variableEelco Dolstra1-0/+1
The variable ‘useChroot’ was not initialised properly. This caused random failures if using the build hook. Seen on Mac OS X 10.7 with Clang. Thanks to KolibriFX for finding this :-)
2012-02-18 Fix chroots buildsEelco Dolstra1-0/+16
Chroots are initialised by hard-linking inputs from the Nix store to the chroot. This doesn't work if the input has its immutable bit set, because it's forbidden to create hard links to immutable files. So temporarily clear the immutable bit when creating and destroying the chroot. Note that making regular files in the Nix store immutable isn't very reliable, since the bit can easily become cleared: for instance, if we run the garbage collector after running ‘nix-store --optimise’. So maybe we should only make directories immutable.
2012-02-15 On Linux, make the Nix store really read-only by using the immutable bitEelco Dolstra2-2/+31
I was bitten one time too many by Python modifying the Nix store by creating *.pyc files when run as root. On Linux, we can prevent this by setting the immutable bit on files and directories (as in ‘chattr +i’). This isn't supported by all filesystems, so it's not an error if setting the bit fails. The immutable bit is cleared by the garbage collector before deleting a path. The only tricky aspect is in optimiseStore(), since it's forbidden to create hard links to an immutable file. Thus optimiseStore() temporarily clears the immutable bit before creating the link.
2012-02-15 Fix a broken guard around utime()Eelco Dolstra1-2/+5
Because of an outdated check for a timestamp of 0, we were calling utime() even when it wasn't necessary.
2012-02-15 Don't use deletePath() to delete a single fileEelco Dolstra1-1/+1
2012-02-09 Use data() instead of c_str() where appropriateEelco Dolstra4-9/+9
2011-12-30 * Oops.Eelco Dolstra1-1/+1
2011-12-30 * Move topoSortPaths() out of gc.cc.Eelco Dolstra2-36/+36
2011-12-30 * Reject a build if there is a cycle among the outputs. This isEelco Dolstra4-9/+24
necessary because existing code assumes that the references graph is acyclic.
2011-12-30 * Sync with the trunk.Eelco Dolstra3-20/+44
2011-12-25 * Make sure that lock files are cleaned up properly when buildingEelco Dolstra1-7/+7
through the build hook.
2011-12-22 * Oops.Eelco Dolstra1-1/+1
2011-12-22 * In the garbage collector, delete invalid paths before deletingEelco Dolstra1-11/+35
unreachable paths. This matters when using --max-freed etc.: unreachable paths could become reachable again, so it's nicer to keep them if there is "real" garbage to be deleted. Also, don't use readDirectory() but read the Nix store and delete invalid paths in parallel. This reduces GC latency on very large Nix stores.
2011-12-22 * Drop unnecessary call to canonPath() (nixStore is already canonical).Eelco Dolstra1-1/+1
2011-12-21 * Another case of lock file permissions being too liberal.Eelco Dolstra1-1/+1
2011-12-21 Revert previous commitShea Levy1-9/+0
It doesn't detect indirect references
2011-12-21 Detect and reject mutually-referential outputsShea Levy1-0/+9
There is probably a more efficient way to do this.
2011-12-20 * Fix the build.Eelco Dolstra1-1/+1
2011-12-16 * Sync with the trunk.Eelco Dolstra12-74/+157
2011-12-16 * importPath() -> importPaths(). Because of buffering of the inputEelco Dolstra6-29/+45
stream it's now necessary for the daemon to process the entire sequence of exported paths, rather than letting the client do it.
2011-12-16 * Make the import operation through the daemon much more efficientEelco Dolstra3-7/+8
(way fewer roundtrips) by allowing the client to send data in bigger chunks. * Some refactoring.
2011-12-15 * Refactoring: move sink/source buffering into separate classes.Eelco Dolstra3-9/+6
* Buffer the HashSink. This speeds up hashing a bit because it prevents lots of calls to the hash update functions (e.g. nix-hash went from 9.3s to 8.7s of user time on the closure of my /var/run/current-system).
2011-12-14 * Buffer writes in FdSink. This significantly reduces the number ofEelco Dolstra1-0/+4
system calls / context switches when dumping a NAR and in the worker protocol.
2011-12-05 * Remove unnecessary quotes. showPaths() already adds quotes.Eelco Dolstra1-1/+1
2011-12-02 * In ‘nix-store --verify --check-contents’, repair missing hashesEelco Dolstra1-4/+20
rather than complain about them.
2011-12-01 * When doing "nix-store --add-fixed" without "--recursive" via the NixEelco Dolstra2-4/+2
daemon (which is an error), print a nicer error message than "Connection reset by peer" or "broken pipe". * In the daemon, log errors that occur during request parameter processing.
2011-11-29 * Get rid of some superfluous error messages if a substituter fails.Eelco Dolstra1-15/+6
* Say "fetch" instead of "substitute".
2011-11-23 * Add an API function exportPaths() that provides the functionality ofEelco Dolstra3-1/+18
‘nix-store --export’. * Add a Perl module that provides the functionality of ‘nix-copy-closure --to’. This is used by build-remote.pl so it no longer needs to start a separate nix-copy-closure process. Also, it uses the Perl API to do the export, so it doesn't need to start a separate nix-store process either. As a result, nix-copy-closure and build-remote.pl should no longer fail on very large closures due to an "Argument list too long" error. (Note that having very many dependencies in a single derivation can still fail because the environment can become too large. Can't be helped though.)
2011-11-22 * Move initialisation of variables like nixConfDir from libmain toEelco Dolstra3-2/+43
libstore so that the Perl bindings can use it as well. It's vital that the Perl bindings use the configuration file, because otherwise nix-copy-closure will fail with a ‘database locked’ message if the value of ‘use-sqlite-wal’ is changed from the default.
2011-11-21 nix: add /etc/hosts with localhost entry to chroot builds.Rob Vermaas1-0/+3
2011-11-07 * Boldly make SQLite WAL mode the default again. Hopefully theEelco Dolstra1-4/+3
intermittent problems are gone by now. WAL mode is preferrable because it does way fewer fsyncs.
2011-11-06 Include all outputs of derivations in the closure of explicitly-passed ↵Shea Levy6-0/+40
derivation paths This required adding a queryOutputDerivationNames function in the store API
2011-09-12 * Ouch. A store upgrade could cause a substituter to be triggered,Eelco Dolstra3-5/+6
causing a deadlock.
2011-08-31 * Eliminate all uses of the global variable ‘store’ from libstore.Eelco Dolstra8-61/+66
This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-07-20 * Fix a huuuuge security hole in the Nix daemon. It didn't check thatEelco Dolstra7-16/+177
derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build *any* desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2011-06-30 Add support for the `build-timeout' and `--timeout' options.Ludovic Courtès3-4/+35
2011-04-19 * Handle error messages from the Nix worker containing the `%'Eelco Dolstra1-1/+1
character. (Nix/216)
2010-12-17 * Do a short sleep after SQLITE_BUSY.Eelco Dolstra1-0/+11
2010-12-17 * Propagate the "100" exit status for failed builds through the NixEelco Dolstra2-3/+6
daemon.
2010-12-14 * I forgot to catch SQLiteBusy in registerValidPaths(). SoEelco Dolstra1-38/+31
registerValidPaths() now handles busy errors and registerValidPath() is simply a wrapper around it.
2010-12-13 * nix-instantiate: return exit status 100 to denote a permanent buildEelco Dolstra1-3/+16
failure. The build hook can use this to distinguish between transient and permanent failures on the remote side.
2010-12-13 * Create /nix/var/nix/db if it's missing.Eelco Dolstra1-0/+1
2010-12-13 * Update some comments.Eelco Dolstra1-1/+1
2010-12-08 * Ignore the result of sqlite3_reset().Eelco Dolstra1-3/+4
2010-12-06 * `nix-store --verify --check-contents': don't hold the global GC lockEelco Dolstra2-11/+49
while checking the contents, since this operation can take a very long time to finish. Also, fill in missing narSize fields in the DB while doing this.
2010-12-05 * Retry a transaction if SQLite returns SQLITE_BUSY. This can happenEelco Dolstra1-61/+83
even with a very long busy timeout, because SQLITE_BUSY is also returned to resolve deadlocks. This should get rid of random "database is locked" errors. This is kind of hard to test though. * Fix a horrible bug in deleteFromStore(): deletePathWrapped() should be called after committing the transaction, not before, because the commit might not succeed.