about summary refs log tree commit diff
path: root/src/nix-daemon/nix-daemon.cc
AgeCommit message (Collapse)AuthorFilesLines
2016-04-05 Add "nix copy-sigs" commandEelco Dolstra1-0/+12
This imports signatures from one store into another. E.g. $ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/ imported 595 signatures
2016-03-30 LocalStore: Keep track of ultimately trusted pathsEelco Dolstra1-0/+4
These are content-addressed paths or outputs of locally performed builds. They are trusted even if they don't have signatures, so "nix verify-paths" won't complain about them.
2016-02-26 importPaths(): Optionally add NARs to binary cache accessorEelco Dolstra1-3/+3
This enables an optimisation in hydra-queue-runner, preventing a download of a NAR it just uploaded to the cache when reading files like hydra-build-products.
2016-02-24 Eliminate reserveSpace flagEelco Dolstra1-3/+2
2016-02-16 Rename ValidPathInfo::hash -> narHash for consistencyEelco Dolstra1-1/+1
2016-02-04 Eliminate the "store" global variableEelco Dolstra1-47/+42
Also, move a few free-standing functions into StoreAPI and Derivation. Also, introduce a non-nullable smart pointer, ref<T>, which is just a wrapper around std::shared_ptr ensuring that the pointer is never null. (For reference-counted values, this is better than passing a "T&", because the latter doesn't maintain the refcount. Usually, the caller will have a shared_ptr keeping the value alive, but that's not always the case, e.g., when passing a reference to a std::thread via std::bind.)
2015-12-02 daemon: Add 'buildMode' parameter to 'buildPaths' RPCLudovic Courtès1-1/+10
2015-11-24 Merge pull request #704 from ysangkok/freebsd-supportEelco Dolstra1-0/+4
FreeBSD support with knowledge about Linux emulation
2015-10-29 int2String() -> std::to_string()Eelco Dolstra1-8/+8
2015-10-06 Define SOL_LOCAL if not defined already (e.g. on FreeBSD).Manuel Jacob1-0/+4
Some evidence that defining it to be 0 is right: * OS X headers define it to be 0. * Other code uses 0 instead of SOL_LOCAL to check for peer credentials (e.g. FreeBSD's implementation of getpeereid).
2015-09-03 Implement buildDerivation() via the daemonEelco Dolstra1-0/+15
2015-07-20 More cleanupEelco Dolstra1-58/+42
2015-07-17 OCD: foreach -> C++11 ranged forEelco Dolstra1-9/+9
2015-06-02 Don't let unprivileged users repair pathsEelco Dolstra1-7/+9
2015-06-02 Add a ‘verifyStore’ RPCLudovic Courtès1-0/+10
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2014-12-12 Silence some warnings on GCC 4.9Eelco Dolstra1-3/+6
2014-12-12 Get rid of unnecessary "interrupted by the user" message with -vvvEelco Dolstra1-0/+2
2014-12-12 Remove tabsEelco Dolstra1-5/+5
2014-12-12 Remove dead codeEelco Dolstra1-9/+0
2014-12-10 Use vforkEelco Dolstra1-1/+6
2014-11-19 nix-daemon: Call exit(), not _exit()Eelco Dolstra1-2/+2
This was preventing destructors from running. In particular, it was preventing the deletion of the temproot file for each worker process. It may also have been responsible for the excessive WAL growth on Hydra (due to the SQLite database not being closed properly). Apparently broken by accident in 8e9140cfdef9dbd1eb61e4c75c91d452ab5e4a74.
2014-10-31 nix-daemon: Get peer credentials on Mac OS XEelco Dolstra1-19/+52
This makes allowed-users and trusted-users work on Mac OS X.
2014-10-31 Improve error message if the daemon worker fails to startEelco Dolstra1-1/+1
2014-09-25 nix-daemon: Close unnecessary fdEelco Dolstra1-0/+2
2014-09-01 Add an 'optimiseStore' remote procedure call.Ludovic Courtès1-0/+7
2014-08-21 Use PR_SET_PDEATHSIG to ensure child cleanupEelco Dolstra1-1/+1
2014-08-20 Use proper quotes everywhereEelco Dolstra1-5/+5
2014-08-13 Refactor option handlingEelco Dolstra1-11/+22
2014-08-05 DohEelco Dolstra1-2/+2
2014-08-04 Move some options out of globalsEelco Dolstra1-0/+3
2014-07-24 Remove some dead codeEelco Dolstra1-9/+0
2014-07-23 nix-daemon: Less verbosityEelco Dolstra1-1/+1
2014-07-23 nix-daemon: Simplify stderr handlingEelco Dolstra1-7/+1
2014-07-23 nix-daemon: Use a thread instead of SIGPOLL to catch client disconnectsEelco Dolstra1-146/+7
The thread calls poll() to wait until a HUP (or other error event) happens on the client connection. If so, it sends SIGINT to the main thread, which is then cleaned up normally. This is much nicer than messing around with SIGPOLL.
2014-07-19 Revert old useBuildHook behaviourEelco Dolstra1-1/+1
2014-07-17 nix-daemon: Add trusted-users and allowed-users optionsEelco Dolstra1-3/+35
‘trusted-users’ is a list of users and groups that have elevated rights, such as the ability to specify binary caches. It defaults to ‘root’. A typical value would be ‘@wheel’ to specify all users in the wheel group. ‘allowed-users’ is a list of users and groups that are allowed to connect to the daemon. It defaults to ‘*’. A typical value would be ‘@users’ to specify the ‘users’ group.
2014-07-17 nix-daemon: Show name of connecting userEelco Dolstra1-6/+7
2014-07-17 nix-daemon: Only print connection info if we have SO_PEERCREDEelco Dolstra1-9/+12
2014-07-17 nix-daemon: Fix compat with older clientsEelco Dolstra1-1/+1
2014-07-10 Refactoring: Move all fork handling into a higher-order functionEelco Dolstra1-32/+19
C++11 lambdas ftw.
2014-06-10 Report daemon OOM betterEelco Dolstra1-4/+2
When copying a large path causes the daemon to run out of memory, you now get: error: Nix daemon out of memory instead of: error: writing to file: Broken pipe
2014-03-30 boost::shared_ptr -> std::shared_ptrEelco Dolstra1-1/+1
2014-03-18 Fix tabsEelco Dolstra1-6/+6
2014-03-18 Allow recovery from isValidPath RPCs with an invalid pathLudovic Courtès1-1/+7
Currently, clients cannot recover from an isValidPath RPC with an invalid path parameter because the daemon closes the connection when that happens. More precisely: 1. in performOp, wopIsValidPath case, ‘readStorePath’ raises an ‘Error’ exception; 2. that exception is caught by the handler in ‘processConnection’; 3. the handler determines errorAllowed == false, and thus exits after sending the message. This last part is fixed by calling ‘startWork’ early on, as in the patch below. The same reasoning could be applied to all the RPCs that take one or more store paths as inputs, but isValidPath is, by definition, likely to be passed invalid paths in the first place, so it’s important for this one to allow recovery.
2014-03-17 Fix -j and other flags when using the daemonEelco Dolstra1-6/+6
2014-02-26 Simplify getting use-ssh-substituter from untrusted usersEelco Dolstra1-2/+3
2013-10-02 Report OOM errors betterEelco Dolstra1-1/+5
2013-10-02 Fix typoEelco Dolstra1-1/+1
2013-08-07 Run the daemon worker on the same CPU as the clientEelco Dolstra1-0/+4
On a system with multiple CPUs, running Nix operations through the daemon is significantly slower than "direct" mode: $ NIX_REMOTE= nix-instantiate '<nixos>' -A system real 0m0.974s user 0m0.875s sys 0m0.088s $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m2.118s user 0m1.463s sys 0m0.218s The main reason seems to be that the client and the worker get moved to a different CPU after every call to the worker. This patch adds a hack to lock them to the same CPU. With this, the overhead of going through the daemon is very small: $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m1.074s user 0m0.809s sys 0m0.098s
2013-07-07 Leave `HAVE_HUP_NOTIFICATION' undefined on GNU/Hurd.Ludovic Courtès1-2/+7