| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2015-02-16 | Use pivot_root in addition to chroot when possible | Harald van Dijk | 1 | -7/+28 | |
| chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use. | |||||
| 2015-02-04 | Require linux 3.13 or later for chroot | Shea Levy | 1 | -1/+6 | |
| Fixes #453 | |||||
| 2015-01-18 | Make inputs writeable in the sandbox (builds still can’t actually write ↵ | Daniel Peebles | 1 | -2/+7 | |
| due to user permissions) | |||||
| 2015-01-13 | Allow using /bin and /usr/bin as impure prefixes on non-darwin by default | Shea Levy | 1 | -1/+1 | |
| These directories are generally world-readable anyway, and give us the two most common linux impurities (env and sh) | |||||
| 2015-01-13 | SysError -> Error | Eelco Dolstra | 1 | -1/+1 | |
| 2015-01-13 | Don't resolve symlinks while checking __impureHostDeps | Eelco Dolstra | 1 | -2/+5 | |
| Since these come from untrusted users, we shouldn't do any I/O on them before we've checked that they're in an allowed prefix. | |||||
| 2015-01-12 | Add basic Apple sandbox support | Daniel Peebles | 1 | -17/+169 | |
| 2015-01-08 | Doh^2 | Eelco Dolstra | 1 | -1/+1 | |
| 2015-01-08 | Doh | Eelco Dolstra | 1 | -3/+3 | |
| 2015-01-08 | Set /nix/store permission to 1737 | Eelco Dolstra | 2 | -19/+6 | |
| I.e., not readable to the nixbld group. This improves purity a bit for non-chroot builds, because it prevents a builder from enumerating store paths (i.e. it can only access paths it knows about). | |||||
| 2015-01-06 | Fix building on Darwin | Eelco Dolstra | 1 | -1/+4 | |
| Fixes #433. | |||||
| 2014-12-29 | LocalStore initialization: Don't die if build-users-group doesn't exist | Shea Levy | 1 | -11/+12 | |
| See NixOS/nixpkgs@9245516 | |||||
| 2014-12-23 | Revive running builds in a PID namespace | Eelco Dolstra | 1 | -30/+59 | |
| 2014-12-14 | Pedantry | Eelco Dolstra | 1 | -1/+1 | |
| 2014-12-14 | Merge branch 'cygwin-master' of https://github.com/ternaris/nix | Eelco Dolstra | 2 | -0/+2 | |
| 2014-12-13 | Better error message | Eelco Dolstra | 1 | -1/+1 | |
| 2014-12-12 | Silence some warnings on GCC 4.9 | Eelco Dolstra | 2 | -3/+5 | |
| 2014-12-12 | Shut up a Valgrind warning | Eelco Dolstra | 1 | -1/+1 | |
| 2014-12-12 | Fix some memory leaks | Eelco Dolstra | 1 | -29/+9 | |
| 2014-12-12 | Ensure we're writing to stderr in the builder | Eelco Dolstra | 3 | -6/+6 | |
| http://hydra.nixos.org/build/17862041 | |||||
| 2014-12-12 | Remove chatty message | Eelco Dolstra | 1 | -2/+0 | |
| This broke building with "-vv", because the builder is not allowed to write to stderr at this point. | |||||
| 2014-12-12 | Doh | Eelco Dolstra | 1 | -1/+1 | |
| 2014-12-10 | Don't do vfork in conjunction with setuid | Eelco Dolstra | 1 | -0/+2 | |
| 2014-12-10 | Rename function | Eelco Dolstra | 1 | -4/+4 | |
| 2014-12-10 | Don't wait for PID -1 | Eelco Dolstra | 1 | -1/+2 | |
| The pid field can be -1 if forking the substituter process failed. | |||||
| 2014-12-09 | Explicitly include required C headers | Marko Durkovic | 2 | -0/+2 | |
| 2014-11-24 | Build derivations in a more predictable order | Eelco Dolstra | 1 | -7/+41 | |
| Derivations are now built in order of derivation name, so a package named "aardvark" is built before "baboon". Fixes #399. | |||||
| 2014-11-24 | Don't create unnecessary substitution goals for derivations | Eelco Dolstra | 1 | -0/+5 | |
| 2014-11-19 | Disable vacuuming the DB after garbage collection | Eelco Dolstra | 1 | -1/+1 | |
| Especially in WAL mode on a highly loaded machine, this is not a good idea because it results in a WAL file of approximately the same size ad the database, which apparently cannot be deleted while anybody is accessing it. | |||||
| 2014-11-19 | Clean up temp roots in a more C++ way | Eelco Dolstra | 3 | -26/+13 | |
| 2014-11-17 | Fix message | Eelco Dolstra | 1 | -1/+1 | |
| 2014-11-14 | Don't use ADDR_LIMIT_3GB | Eelco Dolstra | 1 | -1/+1 | |
| This gives 32-bit builds on x86_64-linux more memory. | |||||
| 2014-11-12 | Make ~DerivationGoal more reliable | Eelco Dolstra | 1 | -7/+3 | |
| 2014-11-04 | nix-store --gc: Don't warn about missing manifests directory | Eelco Dolstra | 1 | -1/+2 | |
| 2014-10-31 | Improve error message if the daemon worker fails to start | Eelco Dolstra | 1 | -2/+1 | |
| 2014-10-29 | Remove comments claiming we use a private PID namespace | Eelco Dolstra | 1 | -8/+1 | |
| This is no longer the case since 524f89f1399724e596f61faba2c6861b1bb7b9c5. | |||||
| 2014-10-14 | Improved error message when encountering unsupported file types | Eelco Dolstra | 1 | -3/+3 | |
| Fixes #269. | |||||
| 2014-10-03 | Remove some duplicate code | Eelco Dolstra | 1 | -6/+2 | |
| 2014-09-18 | Update spec file | Eelco Dolstra | 1 | -1/+1 | |
| http://hydra.nixos.org/build/14344391 | |||||
| 2014-09-18 | Install some pkgconfig files | Eelco Dolstra | 2 | -0/+11 | |
| 2014-09-17 | On Linux, disable address space randomization | Eelco Dolstra | 1 | -5/+9 | |
| 2014-09-17 | Settings: Add bool get() | Eelco Dolstra | 3 | -2/+12 | |
| 2014-09-01 | Add an 'optimiseStore' remote procedure call. | Ludovic Courtès | 6 | -1/+34 | |
| 2014-08-28 | Add disallowedReferences / disallowedRequisites | Eelco Dolstra | 1 | -26/+29 | |
| For the "stdenv accidentally referring to bootstrap-tools", it seems easier to specify the path that we don't want to depend on, e.g. disallowedRequisites = [ bootstrapTools ]; | |||||
| 2014-08-28 | Introduce allowedRequisites feature | Gergely Risko | 1 | -1/+18 | |
| 2014-08-21 | fix disappearing bash arguments | Joel Taylor | 1 | -2/+7 | |
| 2014-08-21 | Use unshare() instead of clone() | Eelco Dolstra | 1 | -55/+35 | |
| It turns out that using clone() to start a child process is unsafe in a multithreaded program. It can cause the initialisation of a build child process to hang in setgroups(), as seen several times in the build farm: The reason is that Glibc thinks that the other threads of the parent exist in the child, so in setxid_mark_thread() it tries to get a futex that has been acquired by another thread just before the clone(). With fork(), Glibc runs pthread_atfork() handlers that take care of this (in particular, __reclaim_stacks()). But clone() doesn't do that. Fortunately, we can use fork()+unshare() instead of clone() to set up private namespaces. See also https://www.mail-archive.com/lxc-devel@lists.linuxcontainers.org/msg03434.html. | |||||
| 2014-08-20 | Use proper quotes everywhere | Eelco Dolstra | 11 | -234/+234 | |
| 2014-08-20 | Add some color | Eelco Dolstra | 1 | -37/+1 | |
| 2014-08-20 | Filter Nix-specific ANSI escape sequences from stderr | Eelco Dolstra | 1 | -1/+37 | |
| The Nixpkgs stdenv prints some custom escape sequences to denote nesting and stuff like that. Most terminals (e.g. xterm, konsole) ignore them, but some do not (e.g. xfce4-terminal). So for the benefit of the latter, filter them out. | |||||
 |
depot | |
| monorepo for the virus lounge | The Virus Lounge |
| about summary refs log tree commit diff |