about summary refs log tree commit diff
path: root/src/libutil
AgeCommit message (Collapse)AuthorFilesLines
2009-06-30 * Don't show trace information by default (`--show-trace' to enable).Eelco Dolstra2-1/+3
NixOS evaluation errors in particular look intimidating and generally aren't very useful. Ideally the builtins.throw messages should be self-contained.
2009-05-04 Add an ftruncate call paired with fallocate to play safe with some FSes ↵Michael Raskin2-0/+9
(namely, BtrFS fallocate sets file size to allocated size, i.e. multiple of block size)
2009-04-16 * Fix a few "comparison is always false/true due to limited range ofEelco Dolstra1-3/+3
data type" warnings on 64-bit platforms. The one in parser.y is likely to be a real bug.
2009-03-28 * Simplify communication with the hook a bit (don't use fileEelco Dolstra2-0/+33
descriptors 3/4, just use stdin/stderr).
2009-03-22 * NAR archives: handle files larger than 2^32 bytes. Previously itEelco Dolstra4-13/+40
would just silently store only (fileSize % 2^32) bytes. * Use posix_fallocate if available when unpacking archives. * Provide a better error message when trying to unpack something that isn't a NAR archive.
2008-12-11 * Open the connection to the daemon lazily (on demand) so thatEelco Dolstra1-2/+2
read-only operations (like nix-env -qa) work properly when the daemon isn't running.
2008-12-04 * Don't ignore errors from writing to stderr. That way, whenEelco Dolstra1-5/+1
nix-store -r (or some other operation) is started via ssh, it will at least have a chance of terminating quickly when the connection is killed. Right now it just runs to completion, because it never notices that stderr is no longer connected to anything. Of course it would be better if sshd would just send a SIGHUP, but it doesn't (https://bugzilla.mindrot.org/show_bug.cgi?id=396).
2008-12-03 * A simple API for parsing NAR archives.Eelco Dolstra3-26/+80
2008-12-03 * Pass HashType values instead of strings.Eelco Dolstra2-0/+12
2008-09-17 * Garbage collector: added an option `--use-atime' to delete paths inEelco Dolstra1-0/+23
order of ascending last access time. This is useful in conjunction with --max-freed or --max-links to prefer deleting non-recently used garbage, which is good (especially in the build farm) since garbage may become live again. The code could easily be modified to accept other criteria for ordering garbage by changing the comparison operator used by the priority queue in collectGarbage().
2008-08-25 * Doh.Eelco Dolstra1-1/+0
2008-08-25 * Strip off the `.nix' suffix from the attribute name for files inEelco Dolstra3-0/+11
~/.nix-defexpr, otherwise the attribute cannot be selected with the `-A' option. Useful if you want to stick a Nix expression directly in ~/.nix-defexpr.
2008-08-02 * Make nix-env --dry-run print the paths to be substituted correctlyEelco Dolstra2-2/+24
again. (After the previous substituter mechanism refactoring I didn't update the code that obtains the references of substitutable paths.) This required some refactoring: the substituter programs are now kept running and receive/respond to info requests via stdin/stdout.
2008-06-18 * --max-freed: support values >= 4 GB.Eelco Dolstra2-0/+9
2008-06-18 * Some refactoring: put the GC options / results in separate structs.Eelco Dolstra4-15/+61
* The garbage collector now also prints the number of blocks freed.
2008-06-09 * Merged the no-bdb branch (-r10900:HEADEelco Dolstra2-2/+7
https://svn.nixos.org/repos/nix/nix/branches/no-bdb).
2008-05-21 * GCC 4.3.0 (Fedora 9) compatibility fixes. Reported by Gour andEelco Dolstra5-2/+9
Armijn Hemel.
2008-03-27 * Use /tmp/nix-build-<drvpath>-<counter> instead ofEelco Dolstra2-7/+16
/tmp/nix-<pid>-<counter> for temporary build directories. This increases purity a bit: many packages store the temporary build path in their output, causing (generally unimportant) binary differences.
2007-12-14 * Use strsignal if available to give better error messages forEelco Dolstra1-2/+10
builders that fail due to a signal.
2007-11-29 * nix-env -e: support uninstalling by path, so that one can sayEelco Dolstra1-2/+1
$ nix-env -e $(which firefox) or $ nix-env -e /nix/store/nywzlygrkfcgz7dfmhm5xixlx1l0m60v-pan-0.132 * nix-env -i: if an argument contains a slash anywhere, treat it as a path and follow it through symlinks into the Nix store. This allows things like $ nix-build -A firefox $ nix-env -i ./result * nix-env -q/-i/-e: don't complain when the `*' selector doesn't match anything. In particular, `nix-env -q \*' doesn't fail anymore on an empty profile.
2007-10-27 * Delete the chroot directory automatically.Eelco Dolstra2-5/+5
* Removed some debug messages.
2007-10-27 * Support for doing builds in a chroot under Linux. The builder isEelco Dolstra2-12/+28
executed in a chroot that contains just the Nix store, the temporary build directory, and a configurable set of additional directories (/dev and /proc by default). This allows a bit more purity enforcement: hidden build-time dependencies on directories such as /usr or /nix/var/nix/profiles are no longer possible. As an added benefit, accidental network downloads (cf. NIXPKGS-52) are prevented as well (because files such as /etc/resolv.conf are not available in the chroot). However the usefulness of chroots is diminished by the fact that many builders depend on /bin/sh, so you need /bin in the list of additional directories. (And then on non-NixOS you need /lib as well...)
2007-09-17 * nix-env: allow ~/.nix-defexpr to be a directory. If it is, then theEelco Dolstra1-0/+1
Nix expressions in that directory are combined into an attribute set {file1 = import file1; file2 = import file2; ...}, i.e. each Nix expression is an attribute with the file name as the attribute name. Also recurses into directories. * nix-env: removed the "--import" (-I) option which set the ~/.nix-defexpr symlink. * nix-channel: don't use "nix-env --import", instead symlink ~/.nix-defexpr/channels. So finally nix-channel --update doesn't override any default Nix expressions but combines with them. This means that you can have (say) a local Nixpkgs SVN tree and use it as a default for nix-env: $ ln -s .../path-to-nixpkgs-tree ~/.nix-defexpr/nixpkgs_svn and be subscribed to channels (including Nixpkgs) at the same time. (If there is any ambiguity, the -A flag can be used to disambiguate, e.g. "nix-env -i -A nixpkgs_svn.pan".)
2007-08-12 * Get rid of the substitutes database table (NIX-47). Instead, if weEelco Dolstra3-14/+21
need any info on substitutable paths, we just call the substituters (such as download-using-manifests.pl) directly. This means that it's no longer necessary for nix-pull to register substitutes or for nix-channel to clear them, which makes those operations much faster (NIX-95). Also, we don't have to worry about keeping nix-pull manifests (in /nix/var/nix/manifests) and the database in sync with each other. The downside is that there is some overhead in calling an external program to get the substitutes info. For instance, "nix-env -qas" takes a bit longer. Abolishing the substitutes table also makes the logic in local-store.cc simpler, as we don't need to store info for invalid paths. On the downside, you cannot do things like "nix-store -qR" on a substitutable but invalid path (but nobody did that anyway). * Never catch interrupts (the Interrupted exception).
2007-05-01 * Set a terminate() handler to ensure that we leave the BDBEelco Dolstra2-3/+22
environment cleanly even when an exception is thrown from a destructor. We still crash, but we don't take all other Nix processes with us.
2007-03-19 * Terminate build hooks and substitutes with a TERM signal, not a KILLEelco Dolstra2-4/+14
signal. This is necessary because those processes may have joined the BDB environment, so they have to be given a chance to clean up. (NIX-85)
2007-02-21 * `nix-store --import': import an archive created by `nix-storeEelco Dolstra2-6/+6
--export' into the Nix store, and optionally check the cryptographic signatures against /nix/etc/nix/signing-key.pub. (TODO: verify against a set of public keys.)
2007-02-21 * `nix-store --export --sign': sign the Nix archive using the RSA keyEelco Dolstra4-20/+56
in /nix/etc/nix/signing-key.sec
2007-01-13 * Cleanup.Eelco Dolstra1-1/+1
2006-12-12 * New primop builtins.filterSource, which can be used to filter filesEelco Dolstra6-19/+50
from a source directory. All files for which a predicate function returns true are copied to the store. Typical example is to leave out the .svn directory: stdenv.mkDerivation { ... src = builtins.filterSource (path: baseNameOf (toString path) != ".svn") ./source-dir; # as opposed to # src = ./source-dir; } This is important because the .svn directory influences the hash in a rather unpredictable and variable way.
2006-12-12 * In dumpPath(): pass a function object that allows files to beEelco Dolstra2-14/+28
selectively in/excluded from the dump.
2006-12-07 * Move setuidCleanup() to libutil.Eelco Dolstra2-0/+20
2006-12-07 * Change the ownership of store paths to the Nix account beforeEelco Dolstra1-1/+1
deleting them using the setuid helper.
2006-12-07 * Move killUser() to libutil so that the setuid helper can use it.Eelco Dolstra2-0/+52
2006-12-05 * The determination of the root set should be made by the privilegedEelco Dolstra2-0/+2
process, so forward the operation. * Spam the user about GC misconfigurations (NIX-71). * findRoots: skip all roots that are unreadable - the warnings with which we spam the user should be enough.
2006-12-04 * Daemon mode (`nix-worker --daemon'). Clients connect to the serverEelco Dolstra4-19/+24
via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes.
2006-12-03 * Pid::kill() should be interruptable.Eelco Dolstra1-1/+3
2006-12-03 * Some hackery to propagate the worker's stderr and exceptions to theEelco Dolstra2-1/+12
client.
2006-12-02 * Move addTempRoot() to the store API, and add another functionEelco Dolstra1-2/+2
syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock.
2006-12-02 * Remove most of the old setuid code.Eelco Dolstra2-134/+1
* Much simpler setuid code for the worker in slave mode.
2006-12-02 * Remove SwitchToOriginalUser, we're not going to need it anymore.Eelco Dolstra2-37/+0
2006-11-30 * More remote operations.Eelco Dolstra2-1/+21
* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0.
2006-11-30 * When NIX_REMOTE is set to "slave", fork off nix-worker in slaveEelco Dolstra1-0/+10
mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure.
2006-11-30 * Skeleton of the privileged worker program.Eelco Dolstra6-100/+177
* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation.
2006-11-29 * Don't spam.Eelco Dolstra1-0/+2
2006-11-29 * Example script to set permissions for setuid operation.Roy van den Broek1-1/+1
2006-11-29 * Remove --enable-setuid, --with-nix-user and --with-nix-group.Eelco Dolstra1-26/+45
Rather, setuid support is now always compiled in (at least on platforms that have the setresuid system call, e.g., Linux and FreeBSD), but it must enabled by chowning/chmodding the Nix binaries.
2006-11-24 * Doh! Path sizes need to be computed recursively of course.Eelco Dolstra2-0/+26
(NIX-70)
2006-10-30 * readFile: don't overflow the stack on large files.Eelco Dolstra1-1/+15
2006-10-16 * Big cleanup of the semantics of paths, strings, contexts, stringEelco Dolstra2-0/+11
concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Semantic change: paths are now copied to the store when they're in a concatenation (and in most other situations - that's the formalisation of the meaning of a path). So "foo " + ./bla evaluates to "foo /nix/store/hash...-bla", not "foo /path/to/current-dir/bla". This prevents accidental impurities, and is more consistent with the treatment of derivation outputs, e.g., `"foo " + bla' where `bla' is a derivation. (Here `bla' would be replaced by the output path of `bla'.)