about summary refs log tree commit diff
path: root/src/nix-store
AgeCommit message (Collapse)AuthorFilesLines
2013-03-07 Prevent config.h from being clobberedEelco Dolstra1-39/+38
2013-02-26 Security: Don't allow builders to change permissions on files they don't ownEelco Dolstra1-8/+2
It turns out that in multi-user Nix, a builder may be able to do ln /etc/shadow $out/foo Afterwards, canonicalisePathMetaData() will be applied to $out/foo, causing /etc/shadow's mode to be set to 444 (readable by everybody but writable by nobody). That's obviously Very Bad. Fortunately, this fails in NixOS's default configuration because /nix/store is a bind mount, so "ln" will fail with "Invalid cross-device link". It also fails if hard-link restrictions are enabled, so a workaround is: echo 1 > /proc/sys/fs/protected_hardlinks The solution is to check that all files in $out are owned by the build user. This means that innocuous operations like "ln ${pkgs.foo}/some-file $out/" are now rejected, but that already failed in chroot builds anyway.
2013-01-30 Support the coloniesEelco Dolstra1-3/+3
2013-01-22 Correctly handle missing logsEelco Dolstra1-1/+3
2013-01-17 Store build logs in /nix/var/log/nix/drvs/<XX>Eelco Dolstra1-27/+32
...where <XX> is the first two characters of the derivation. Otherwise /nix/var/log/nix/drvs may become so large that we run into all sorts of weird filesystem limits/inefficiences. For instance, ext3/ext4 filesystems will barf with "ext4_dx_add_entry:1551: Directory index full!" once you hit a few million files.
2012-12-20 nix-store -q --roots: Respect the gc-keep-outputs/gc-keep-derivations settingsEelco Dolstra1-1/+2
So if a path is not garbage solely because it's reachable from a root due to the gc-keep-outputs or gc-keep-derivations settings, ‘nix-store -q --roots’ now shows that root.
2012-11-26 Make "nix-build -A <derivation>.<output>" do the right thingEelco Dolstra1-5/+15
For example, given a derivation with outputs "out", "man" and "bin": $ nix-build -A pkg produces ./result pointing to the "out" output; $ nix-build -A pkg.man produces ./result-man pointing to the "man" output; $ nix-build -A pkg.all produces ./result, ./result-man and ./result-bin; $ nix-build -A pkg.all -A pkg2 produces ./result, ./result-man, ./result-bin and ./result-2.
2012-11-20 nix-store -r: Add ‘--ignore-unknown’ flagEelco Dolstra1-9/+25
This flag causes paths that do not have a known substitute to be quietly ignored. This is mostly useful for Charon, allowing it to speed up deployment by letting a machine use substitutes for all substitutable paths, instead of uploading them. The latter is frequently faster, e.g. if the target machine has a fast Internet connection while the source machine is on a slow ADSL line.
2012-11-19 nix-store -r: Don't quietly ignore missing pathsEelco Dolstra1-0/+1
2012-10-03 When ‘--help’ is given, just run ‘man’ to show the manual pageEelco Dolstra3-80/+3
I.e. do what git does. I'm too lazy to keep the builtin help text up to date :-) Also add ‘--help’ to various commands that lacked it (e.g. nix-collect-garbage).
2012-10-02 Add a --repair flag to ‘nix-store -r’ to repair derivation outputsEelco Dolstra1-1/+3
With this flag, if any valid derivation output is missing or corrupt, it will be recreated by using a substitute if available, or by rebuilding the derivation. The latter may use hash rewriting if chroots are not available.
2012-10-02 nix-store -r: Get rid of an unnecessary call to buildPaths/ensurePathsEelco Dolstra1-4/+4
2012-10-02 nix-store --verify: Add an option ‘--repair’ to repair all ↵Eelco Dolstra1-2/+6
missing/corrupt paths Also, return a non-zero exit code if errors remain after verifying/repairing.
2012-10-02 Add operation ‘nix-store --repair-path’Eelco Dolstra1-0/+17
This operation allows fixing corrupted or accidentally deleted store paths by redownloading them using substituters, if available. Since the corrupted path cannot be replaced atomically, there is a very small time window (one system call) during which neither the old (corrupted) nor the new (repaired) contents are available. So repairing should be used with some care on critical packages like Glibc.
2012-08-27 Merge branch 'master' into no-manifestsEelco Dolstra1-9/+12
2012-08-24 Include the output name in the GC root linkEelco Dolstra1-3/+7
Output names are now appended to resulting GC symlinks, e.g. by nix-build. For backwards compatibility, if the output is named "out", nothing is appended. E.g. doing "nix-build -A foo" on a derivation that produces outputs "out", "bin" and "dev" will produce symlinks "./result", "./result-bin" and "./result-dev", respectively.
2012-08-01 Drop the block count in the garbage collectorEelco Dolstra1-5/+4
2012-08-01 nix-store --gc: Make ‘--max-freed 0’ do the right thingEelco Dolstra1-1/+1
That is, delete almost nothing (it will still remove unused links from /nix/store/.links).
2012-07-30 Refactor settings processingEelco Dolstra1-35/+35
Put all Nix configuration flags in a Settings object.
2012-07-26 Merge branch 'master' into no-manifestsEelco Dolstra3-16/+4
2012-07-23 optimiseStore(): Use a content-addressed file store in /nix/store/.linksEelco Dolstra1-8/+2
optimiseStore() now creates persistent, content-addressed hard links in /nix/store/.links. For instance, if it encounters a file P with hash H, it will create a hard link P' = /nix/store/.link/<H> to P if P' doesn't already exist; if P' exist, then P is replaced by a hard link to P'. This is better than the previous in-memory map, because it had the tendency to unnecessarily replace hard links with a hard link to whatever happened to be the first file with a given hash it encountered. It also allows on-the-fly, incremental optimisation.
2012-07-18 Use "#pragma once" to prevent repeated header file inclusionEelco Dolstra2-8/+2
2012-07-11 Rename queryValidPaths() to queryAllValidPaths()Eelco Dolstra1-1/+1
2012-06-27 nix-store -r: do substitutions in parallelEelco Dolstra1-7/+5
I.e. when multiple non-derivation arguments are passed to ‘nix-store -r’ to be substituted, do them in parallel.
2012-05-30 "nix-store -l": support compressed logsEelco Dolstra2-9/+34
2012-05-29 Reserve some disk space for the garbage collectorEelco Dolstra1-1/+1
We can't open a SQLite database if the disk is full. Since this prevents the garbage collector from running when it's most needed, we reserve some dummy space that we can free just before doing a garbage collection. This actually revives some old code from the Berkeley DB days. Fixes #27.
2012-04-04 Include --keep-going in --helpEelco Dolstra1-0/+2
2012-03-26 Remove the --max-links GC optionEelco Dolstra1-1/+0
We don't need this anymore now that current filesystems support more than 32,000 files in a directory.
2012-02-09 Use data() instead of c_str() where appropriateEelco Dolstra1-1/+1
2012-01-17 * Added a command ‘nix-store --print-env $drvpath’ that prints out theEelco Dolstra1-0/+35
environment of the given derivation in a format that can be sourced by the shell, e.g. $ eval "$(nix-store --print-env $(nix-instantiate /etc/nixos/nixpkgs -A pkg))" $ NIX_BUILD_TOP=/tmp $ source $stdenv/setup This is especially useful to reproduce the environment used to build a package outside of its builder for development purposes. TODO: add a nix-build option to do the above and fetch the dependencies of the derivation as well.
2011-12-30 * Support multiple outputs in nix-store (specifically the ‘--query’Eelco Dolstra1-43/+63
and ‘--realise’ actions).
2011-12-16 * importPath() -> importPaths(). Because of buffering of the inputEelco Dolstra1-6/+4
stream it's now necessary for the daemon to process the entire sequence of exported paths, rather than letting the client do it.
2011-12-02 * Move parseHash16or32 into libutil, and use in nix-hash.Eelco Dolstra1-8/+0
2011-11-23 * Add an API function exportPaths() that provides the functionality ofEelco Dolstra1-5/+1
‘nix-store --export’. * Add a Perl module that provides the functionality of ‘nix-copy-closure --to’. This is used by build-remote.pl so it no longer needs to start a separate nix-copy-closure process. Also, it uses the Perl API to do the export, so it doesn't need to start a separate nix-store process either. As a result, nix-copy-closure and build-remote.pl should no longer fail on very large closures due to an "Argument list too long" error. (Note that having very many dependencies in a single derivation can still fail because the environment can become too large. Can't be helped though.)
2011-09-06 * Added a command ‘nix-store --verify-paths PATHS’ to check whetherEelco Dolstra2-1/+26
the contents of any of the given store paths have been modified. E.g. $ nix-store --verify-path $(nix-store -qR /var/run/current-system) path `/nix/store/m2smyiwbxidlprfxfz4rjlvz2c3mg58y-etc' was modified! expected hash `fc87e271c5fdf179b47939b08ad13440493805584b35e3014109d04d8436e7b8', got `20f1a47281b3c0cbe299ce47ad5ca7340b20ab34246426915fce0ee9116483aa' All paths are checked; the exit code is 1 if any path has been modified, 0 otherwise.
2011-08-31 * Eliminate all uses of the global variable ‘store’ from libstore.Eelco Dolstra1-13/+13
This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2010-11-17 * Add an operation `nix-store -q --size'.Eelco Dolstra2-5/+11
2010-11-16 * Store the size of a store path in the database (to be precise, theEelco Dolstra1-5/+7
size of the NAR serialisation of the path, i.e., `nix-store --dump PATH'). This is useful for Hydra.
2010-11-16 * Sync with the trunk.Eelco Dolstra1-3/+3
2010-10-04 * Make sure that config.h is included before the system headers,Eelco Dolstra1-3/+3
because it defines _FILE_OFFSET_BITS. Without this, on OpenSolaris the system headers define it to be 32, and then the 32-bit stat() ends up being called with a 64-bit "struct stat", or vice versa. This also ensures that we get 64-bit file sizes everywhere. * Remove the redundant call to stat() in parseExprFromFile(). The file cannot be a symlink because that's the exit condition of the loop before.
2010-06-21 * Sync with the trunk.Eelco Dolstra6-4/+101
2010-05-31 Add XML output to `nix-store'.Ludovic Courtès5-3/+100
* src/nix-store/Makefile.am (nix_store_SOURCES): Add `xmlgraph.cc' and `xmlgraph.hh'. * src/nix-store/help.txt (Operations): Document `--xml'. * src/nix-store/nix-store.cc (opQuery): Handle `--xml'. * src/nix-store/xmlgraph.cc, src/nix-store/xmlgraph.hh: New files.
2010-05-31 Comment out dead code in `nix-store'.Ludovic Courtès1-1/+1
* src/nix-store/dotgraph.cc (pathLabel): Move within #if 0 section.
2010-05-04 * Allow unprivileged users to do `nix-store --clear-failed-paths' andEelco Dolstra1-2/+2
`nix-store --query-failed-paths'.
2010-04-26 (no commit message)Eelco Dolstra1-0/+3
2010-04-26 * Added a command `nix-store --clear-failed-paths <PATHS>' to clearEelco Dolstra1-1/+11
the "failed" status of the given store paths. The special value `*' clears all failed paths.
2010-04-26 * Add an command `nix-store --query-failed-paths' to list the cachedEelco Dolstra1-3/+14
failed paths (when using the `build-cache-failure' option).
2010-04-19 * Drop the dependency on the ATerm library.Eelco Dolstra1-2/+2
2010-03-02 * When using the included sqlite/aterm libraries, build withEelco Dolstra1-2/+2
--enable-shared. * In libutil/libstore/libexpr etc., link against sqlite and aterm. * Some more header file hygiene.
2010-02-24 * `helpText' is now zero-terminated.Eelco Dolstra1-1/+1