Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2006-12-07 | * Change the ownership of store paths to the Nix account before | Eelco Dolstra | 1 | -1/+1 | |
deleting them using the setuid helper. | |||||
2006-12-07 | * Move killUser() to libutil so that the setuid helper can use it. | Eelco Dolstra | 2 | -0/+52 | |
2006-12-05 | * The determination of the root set should be made by the privileged | Eelco Dolstra | 2 | -0/+2 | |
process, so forward the operation. * Spam the user about GC misconfigurations (NIX-71). * findRoots: skip all roots that are unreadable - the warnings with which we spam the user should be enough. | |||||
2006-12-04 | * Daemon mode (`nix-worker --daemon'). Clients connect to the server | Eelco Dolstra | 4 | -19/+24 | |
via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes. | |||||
2006-12-03 | * Pid::kill() should be interruptable. | Eelco Dolstra | 1 | -1/+3 | |
2006-12-03 | * Some hackery to propagate the worker's stderr and exceptions to the | Eelco Dolstra | 2 | -1/+12 | |
client. | |||||
2006-12-02 | * Move addTempRoot() to the store API, and add another function | Eelco Dolstra | 1 | -2/+2 | |
syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock. | |||||
2006-12-02 | * Remove most of the old setuid code. | Eelco Dolstra | 2 | -134/+1 | |
* Much simpler setuid code for the worker in slave mode. | |||||
2006-12-02 | * Remove SwitchToOriginalUser, we're not going to need it anymore. | Eelco Dolstra | 2 | -37/+0 | |
2006-11-30 | * More remote operations. | Eelco Dolstra | 2 | -1/+21 | |
* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0. | |||||
2006-11-30 | * When NIX_REMOTE is set to "slave", fork off nix-worker in slave | Eelco Dolstra | 1 | -0/+10 | |
mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure. | |||||
2006-11-30 | * Skeleton of the privileged worker program. | Eelco Dolstra | 6 | -100/+177 | |
* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation. | |||||
2006-11-29 | * Don't spam. | Eelco Dolstra | 1 | -0/+2 | |
2006-11-29 | * Example script to set permissions for setuid operation. | Roy van den Broek | 1 | -1/+1 | |
2006-11-29 | * Remove --enable-setuid, --with-nix-user and --with-nix-group. | Eelco Dolstra | 1 | -26/+45 | |
Rather, setuid support is now always compiled in (at least on platforms that have the setresuid system call, e.g., Linux and FreeBSD), but it must enabled by chowning/chmodding the Nix binaries. | |||||
2006-11-24 | * Doh! Path sizes need to be computed recursively of course. | Eelco Dolstra | 2 | -0/+26 | |
(NIX-70) | |||||
2006-10-30 | * readFile: don't overflow the stack on large files. | Eelco Dolstra | 1 | -1/+15 | |
2006-10-16 | * Big cleanup of the semantics of paths, strings, contexts, string | Eelco Dolstra | 2 | -0/+11 | |
concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Semantic change: paths are now copied to the store when they're in a concatenation (and in most other situations - that's the formalisation of the meaning of a path). So "foo " + ./bla evaluates to "foo /nix/store/hash...-bla", not "foo /path/to/current-dir/bla". This prevents accidental impurities, and is more consistent with the treatment of derivation outputs, e.g., `"foo " + bla' where `bla' is a derivation. (Here `bla' would be replaced by the output path of `bla'.) | |||||
2006-09-27 | * Fix setuid builds. | Eelco Dolstra | 1 | -5/+9 | |
2006-09-20 | * Print a better error message for wrong hashes (NIX-49). | Eelco Dolstra | 2 | -1/+10 | |
2006-09-04 | * Move setuid stuff to libutil. | Eelco Dolstra | 2 | -3/+139 | |
* Install libexpr header files. | |||||
2006-09-04 | * Install header files in /nix/include/nix. | Eelco Dolstra | 1 | -5/+5 | |
2006-09-04 | * Remove unnecessary inclusions of aterm2.h. | Eelco Dolstra | 2 | -1/+4 | |
2006-09-04 | * Don't need extern "C". | Eelco Dolstra | 1 | -2/+0 | |
2006-09-04 | * Use a proper namespace. | Eelco Dolstra | 14 | -91/+178 | |
* Optimise header file usage a bit. * Compile the parser as C++. | |||||
2006-09-04 | * Store the Nix libraries in ${libdir}/nix instead of ${libdir}. | Eelco Dolstra | 1 | -1/+1 | |
2006-08-31 | * Doh! Doh! Doh! | Eelco Dolstra | 1 | -1/+1 | |
2006-08-31 | * Better error checking. | Eelco Dolstra | 1 | -11/+6 | |
2006-08-29 | * Fix the ~ operator. | Eelco Dolstra | 2 | -0/+11 | |
2006-08-26 | * Refactoring. | Eelco Dolstra | 2 | -4/+10 | |
2006-08-24 | * Escape newlines in XML attributes to prevent them from being | Eelco Dolstra | 1 | -0/+3 | |
normalised away. | |||||
2006-08-16 | * `nix-instantiate --{eval|parse}-only --xml': print an XML | Eelco Dolstra | 2 | -3/+19 | |
representation instead of an ATerm. * Indent XML output. | |||||
2006-08-04 | * Weird issue on Cygwin with the include file order. | Eelco Dolstra | 1 | -4/+4 | |
2006-08-03 | * `nix-env -q --xml': show query result in XML format for easier | Eelco Dolstra | 2 | -2/+2 | |
automated processing. | |||||
2006-08-03 | * `nix-instantiate --print-args': produce XML output so that the | Eelco Dolstra | 3 | -57/+69 | |
result can be used more easily by scripts. | |||||
2006-08-03 | * Simple class for writing XML files. | Eelco Dolstra | 1 | -0/+161 | |
2006-07-20 | * Call find-runtime-roots.pl from the garbage collector to prevent | Eelco Dolstra | 2 | -0/+98 | |
running applications etc. from being garbage collected. | |||||
2006-07-06 | * Allow the canonical system name to be specified at runtime in the | Eelco Dolstra | 2 | -7/+0 | |
Nix config file. | |||||
2006-06-19 | * Write messages to stderr in a slightly more atomic way. Useful when | Eelco Dolstra | 1 | -1/+2 | |
there are several parallel processes. | |||||
2006-06-14 | * Fix for a problem with BSD's group ownership semantics when the user | Eelco Dolstra | 1 | -1/+13 | |
is not in the "wheel" group. | |||||
2006-05-24 | * Some Cygwin fixes. | Eelco Dolstra | 1 | -6/+6 | |
2006-05-12 | * Support for srcdir != builddir (NIX-41). | Eelco Dolstra | 1 | -1/+1 | |
2006-05-11 | * 64-bit compatibility fixes (for problems revealed by building on an Athlon | Eelco Dolstra | 3 | -11/+12 | |
64 running 64-bit SUSE). A patched ATerm library is required to run Nix succesfully. | |||||
2006-05-08 | * GCC 2.95 compatibility. | Eelco Dolstra | 1 | -0/+2 | |
2006-05-08 | * Allow function argument default values to refer to other arguments | Eelco Dolstra | 2 | -3/+8 | |
of the function. Implements NIX-45. | |||||
2006-05-08 | * Show evaluation stats when NIX_SHOW_STATS=1. | Eelco Dolstra | 2 | -14/+26 | |
2006-05-04 | * Use the new ATermMap. | Eelco Dolstra | 3 | -1/+428 | |
2006-03-09 | * Ugh, printHash() was very inefficient because it used | Eelco Dolstra | 1 | -5/+7 | |
ostringstreams. Around 11% of execution time was spent here (now it's 0.5%). | |||||
2006-03-08 | * Some refactoring of the exception handling code so that we can catch | Eelco Dolstra | 2 | -5/+16 | |
Nix expression assertion failures. | |||||
2006-03-01 | * Ouch, parseHash32 was completely broken. All digits >= 4 were | Eelco Dolstra | 1 | -1/+1 | |
parsed as 4. For a moment I worried that printHash32 was broken, and that would have been really, *really* bad ;-) |