about summary refs log tree commit diff
path: root/src/libutil
AgeCommit message (Collapse)AuthorFilesLines
2006-12-07 * Move killUser() to libutil so that the setuid helper can use it.Eelco Dolstra2-0/+52
2006-12-05 * The determination of the root set should be made by the privilegedEelco Dolstra2-0/+2
process, so forward the operation. * Spam the user about GC misconfigurations (NIX-71). * findRoots: skip all roots that are unreadable - the warnings with which we spam the user should be enough.
2006-12-04 * Daemon mode (`nix-worker --daemon'). Clients connect to the serverEelco Dolstra4-19/+24
via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes.
2006-12-03 * Pid::kill() should be interruptable.Eelco Dolstra1-1/+3
2006-12-03 * Some hackery to propagate the worker's stderr and exceptions to theEelco Dolstra2-1/+12
client.
2006-12-02 * Move addTempRoot() to the store API, and add another functionEelco Dolstra1-2/+2
syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock.
2006-12-02 * Remove most of the old setuid code.Eelco Dolstra2-134/+1
* Much simpler setuid code for the worker in slave mode.
2006-12-02 * Remove SwitchToOriginalUser, we're not going to need it anymore.Eelco Dolstra2-37/+0
2006-11-30 * More remote operations.Eelco Dolstra2-1/+21
* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0.
2006-11-30 * When NIX_REMOTE is set to "slave", fork off nix-worker in slaveEelco Dolstra1-0/+10
mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure.
2006-11-30 * Skeleton of the privileged worker program.Eelco Dolstra6-100/+177
* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation.
2006-11-29 * Don't spam.Eelco Dolstra1-0/+2
2006-11-29 * Example script to set permissions for setuid operation.Roy van den Broek1-1/+1
2006-11-29 * Remove --enable-setuid, --with-nix-user and --with-nix-group.Eelco Dolstra1-26/+45
Rather, setuid support is now always compiled in (at least on platforms that have the setresuid system call, e.g., Linux and FreeBSD), but it must enabled by chowning/chmodding the Nix binaries.
2006-11-24 * Doh! Path sizes need to be computed recursively of course.Eelco Dolstra2-0/+26
(NIX-70)
2006-10-30 * readFile: don't overflow the stack on large files.Eelco Dolstra1-1/+15
2006-10-16 * Big cleanup of the semantics of paths, strings, contexts, stringEelco Dolstra2-0/+11
concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Semantic change: paths are now copied to the store when they're in a concatenation (and in most other situations - that's the formalisation of the meaning of a path). So "foo " + ./bla evaluates to "foo /nix/store/hash...-bla", not "foo /path/to/current-dir/bla". This prevents accidental impurities, and is more consistent with the treatment of derivation outputs, e.g., `"foo " + bla' where `bla' is a derivation. (Here `bla' would be replaced by the output path of `bla'.)
2006-09-27 * Fix setuid builds.Eelco Dolstra1-5/+9
2006-09-20 * Print a better error message for wrong hashes (NIX-49).Eelco Dolstra2-1/+10
2006-09-04 * Move setuid stuff to libutil.Eelco Dolstra2-3/+139
* Install libexpr header files.
2006-09-04 * Install header files in /nix/include/nix.Eelco Dolstra1-5/+5
2006-09-04 * Remove unnecessary inclusions of aterm2.h.Eelco Dolstra2-1/+4
2006-09-04 * Don't need extern "C".Eelco Dolstra1-2/+0
2006-09-04 * Use a proper namespace.Eelco Dolstra14-91/+178
* Optimise header file usage a bit. * Compile the parser as C++.
2006-09-04 * Store the Nix libraries in ${libdir}/nix instead of ${libdir}.Eelco Dolstra1-1/+1
2006-08-31 * Doh! Doh! Doh!Eelco Dolstra1-1/+1
2006-08-31 * Better error checking.Eelco Dolstra1-11/+6
2006-08-29 * Fix the ~ operator.Eelco Dolstra2-0/+11
2006-08-26 * Refactoring.Eelco Dolstra2-4/+10
2006-08-24 * Escape newlines in XML attributes to prevent them from beingEelco Dolstra1-0/+3
normalised away.
2006-08-16 * `nix-instantiate --{eval|parse}-only --xml': print an XMLEelco Dolstra2-3/+19
representation instead of an ATerm. * Indent XML output.
2006-08-04 * Weird issue on Cygwin with the include file order.Eelco Dolstra1-4/+4
2006-08-03 * `nix-env -q --xml': show query result in XML format for easierEelco Dolstra2-2/+2
automated processing.
2006-08-03 * `nix-instantiate --print-args': produce XML output so that theEelco Dolstra3-57/+69
result can be used more easily by scripts.
2006-08-03 * Simple class for writing XML files.Eelco Dolstra1-0/+161
2006-07-20 * Call find-runtime-roots.pl from the garbage collector to preventEelco Dolstra2-0/+98
running applications etc. from being garbage collected.
2006-07-06 * Allow the canonical system name to be specified at runtime in theEelco Dolstra2-7/+0
Nix config file.
2006-06-19 * Write messages to stderr in a slightly more atomic way. Useful whenEelco Dolstra1-1/+2
there are several parallel processes.
2006-06-14 * Fix for a problem with BSD's group ownership semantics when the user Eelco Dolstra1-1/+13
is not in the "wheel" group.
2006-05-24 * Some Cygwin fixes.Eelco Dolstra1-6/+6
2006-05-12 * Support for srcdir != builddir (NIX-41).Eelco Dolstra1-1/+1
2006-05-11 * 64-bit compatibility fixes (for problems revealed by building on an AthlonEelco Dolstra3-11/+12
64 running 64-bit SUSE). A patched ATerm library is required to run Nix succesfully.
2006-05-08 * GCC 2.95 compatibility.Eelco Dolstra1-0/+2
2006-05-08 * Allow function argument default values to refer to other argumentsEelco Dolstra2-3/+8
of the function. Implements NIX-45.
2006-05-08 * Show evaluation stats when NIX_SHOW_STATS=1.Eelco Dolstra2-14/+26
2006-05-04 * Use the new ATermMap.Eelco Dolstra3-1/+428
2006-03-09 * Ugh, printHash() was very inefficient because it usedEelco Dolstra1-5/+7
ostringstreams. Around 11% of execution time was spent here (now it's 0.5%).
2006-03-08 * Some refactoring of the exception handling code so that we can catchEelco Dolstra2-5/+16
Nix expression assertion failures.
2006-03-01 * Ouch, parseHash32 was completely broken. All digits >= 4 wereEelco Dolstra1-1/+1
parsed as 4. For a moment I worried that printHash32 was broken, and that would have been really, *really* bad ;-)
2006-02-13 * Optional switch "--with-openssl=<PATH>" to use OpenSSL'sEelco Dolstra6-40/+48
implementations of MD5, SHA-1 and SHA-256. The main benefit is that we get assembler-optimised implementations of MD5 and SHA-1 (though not SHA-256 (at least on x86), unfortunately). OpenSSL's SHA-1 implementation on Intel is twice as fast as ours.