Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-03-25 | addToStore(): Take explicit name argument | Eelco Dolstra | 8 | -35/+35 | |
2015-03-24 | Improve setting the default chroot dirs | Eelco Dolstra | 2 | -2/+7 | |
2015-03-24 | Add the closure of store paths to the chroot | Eelco Dolstra | 1 | -0/+8 | |
Thus, for example, to get /bin/sh in a chroot, you only need to specify /bin/sh=${pkgs.bash}/bin/sh in build-chroot-dirs. The dependencies of sh will be added automatically. | |||||
2015-03-24 | Tighten permissions on chroot directories | Eelco Dolstra | 1 | -2/+12 | |
2015-03-24 | Don't rely on __noChroot for corepkgs | Eelco Dolstra | 1 | -2/+5 | |
This doesn't work anymore if the "strict" chroot mode is enabled. Instead, add Nix's store path as a dependency. This ensures that its closure is present in the chroot. | |||||
2015-03-19 | Disable scanning for interior pointers | Eelco Dolstra | 1 | -0/+2 | |
This may remove the "Repeated allocation of very large block" warnings. | |||||
2015-03-19 | Fix Boehm API violation | Eelco Dolstra | 4 | -38/+48 | |
We were calling GC_INIT() after doing an allocation (in the baseEnv construction), which is not allowed. | |||||
2015-03-19 | Check return values from malloc/strdup | Eelco Dolstra | 1 | -11/+34 | |
2015-03-18 | Print some Boehm GC stats | Eelco Dolstra | 1 | -0/+7 | |
2015-03-18 | valueSize(): Take into account list/bindings/env size | Eelco Dolstra | 1 | -6/+15 | |
2015-03-06 | Fix typos: s/the the/the/ | Daniel Hahler | 2 | -2/+2 | |
2015-03-06 | forceValueDeep: Add to error prefix | Eelco Dolstra | 1 | -2/+7 | |
2015-03-06 | Improve error message | Eelco Dolstra | 2 | -19/+25 | |
2015-03-04 | Add option to hide display of missing paths | Eelco Dolstra | 1 | -1/+2 | |
2015-03-04 | Don't use vfork() before clone() | Eelco Dolstra | 1 | -1/+3 | |
I'm seeing hangs in Glibc's setxid_mark_thread() again. This is probably because the use of an intermediate process to make clone() safe from a multi-threaded program (see 524f89f1399724e596f61faba2c6861b1bb7b9c5) is defeated by the use of vfork(), since the intermediate process will have a copy of Glibc's threading data structures due to the vfork(). So use a regular fork() again. | |||||
2015-03-03 | Merge branch 'allow-system-library' of git://github.com/copumpkin/nix | Shea Levy | 1 | -1/+1 | |
Make the default impure prefix include all of /System/Library | |||||
2015-03-02 | Make the default impure prefix (not actual allowed impurities!) include all ↵ | Dan Peebles | 1 | -1/+1 | |
of /System/Library, since we also want PrivateFrameworks from there and (briefly) TextEncodings, and who knows what else. Yay infectious impurities? | |||||
2015-03-02 | Allow local networking in the darwin sandbox to appease tests | Dan Peebles | 1 | -0/+3 | |
2015-02-23 | More graceful fallback for chroots on Linux < 2.13 | Eelco Dolstra | 1 | -6/+5 | |
2015-02-23 | Use chroots for all derivations | Eelco Dolstra | 3 | -17/+35 | |
If ‘build-use-chroot’ is set to ‘true’, fixed-output derivations are now also chrooted. However, unlike normal derivations, they don't get a private network namespace, so they can still access the network. Also, the use of the ‘__noChroot’ derivation attribute is no longer allowed. Setting ‘build-use-chroot’ to ‘relaxed’ gives the old behaviour. | |||||
2015-02-23 | Add restricted evaluation mode | Eelco Dolstra | 5 | -11/+50 | |
If ‘--option restrict-eval true’ is given, the evaluator will throw an exception if an attempt is made to access any file outside of the Nix search path. This is primarily intended for Hydra, where we don't want people doing ‘builtins.readFile ~/.ssh/id_dsa’ or stuff like that. | |||||
2015-02-19 | Merge branch 'tilde-paths' of https://github.com/shlevy/nix | Eelco Dolstra | 3 | -2/+6 | |
2015-02-19 | tilde paths: The rest of the string has to start with a slash anyway | Shea Levy | 1 | -1/+1 | |
2015-02-19 | tilde paths: construct the entire path at parse time | Shea Levy | 1 | -6/+1 | |
2015-02-19 | tilde paths: get HOME at parse time | Shea Levy | 1 | -3/+1 | |
2015-02-19 | Remove obsolete reference to ~ operator | Eelco Dolstra | 1 | -1/+0 | |
2015-02-19 | ExprConcatStrings: canonicalize concatenated paths | Shea Levy | 1 | -1/+2 | |
2015-02-19 | Allow the leading component of a path to be a ~ | Shea Levy | 2 | -1/+11 | |
2015-02-18 | nix-store --generate-binary-cache-key: Write key to disk | Eelco Dolstra | 1 | -4/+8 | |
This ensures proper permissions for the secret key. | |||||
2015-02-17 | Use $<attr>Path instead of $<attr> for passAsFile | Eelco Dolstra | 1 | -1/+1 | |
2015-02-17 | Allow passing attributes via files instead of environment variables | Eelco Dolstra | 1 | -4/+16 | |
Closes #473. | |||||
2015-02-16 | Use pivot_root in addition to chroot when possible | Harald van Dijk | 1 | -7/+28 | |
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use. | |||||
2015-02-10 | Make libsodium an optional dependency | Eelco Dolstra | 1 | -0/+6 | |
2015-02-10 | Add base64 encoder/decoder | Eelco Dolstra | 3 | -8/+66 | |
2015-02-05 | Remove tab | Eelco Dolstra | 1 | -1/+1 | |
2015-02-04 | Require linux 3.13 or later for chroot | Shea Levy | 1 | -1/+6 | |
Fixes #453 | |||||
2015-02-04 | Use libsodium instead of OpenSSL for binary cache signing | Eelco Dolstra | 4 | -10/+53 | |
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key. | |||||
2015-02-03 | Simplify parseHash32 | Eelco Dolstra | 1 | -37/+10 | |
2015-02-03 | Simplify printHash32 | Eelco Dolstra | 1 | -35/+17 | |
2015-01-29 | Merge remote-tracking branch 'shlevy/baseNameOf-no-copy' | Shea Levy | 1 | -1/+1 | |
baseNameOf: Don't copy paths to the store first | |||||
2015-01-18 | Make inputs writeable in the sandbox (builds still can’t actually write ↵ | Daniel Peebles | 1 | -2/+7 | |
due to user permissions) | |||||
2015-01-15 | Fix assertion failure in nix-env | Eelco Dolstra | 2 | -4/+8 | |
$ nix-env -f ~/Dev/nixops/ -iA foo nix-env: src/libexpr/eval.hh:57: void nix::Bindings::push_back(const nix::Attr&): Assertion `size_ < capacity' failed. Aborted | |||||
2015-01-13 | Allow using /bin and /usr/bin as impure prefixes on non-darwin by default | Shea Levy | 1 | -1/+1 | |
These directories are generally world-readable anyway, and give us the two most common linux impurities (env and sh) | |||||
2015-01-13 | SysError -> Error | Eelco Dolstra | 1 | -1/+1 | |
2015-01-13 | Don't resolve symlinks while checking __impureHostDeps | Eelco Dolstra | 1 | -2/+5 | |
Since these come from untrusted users, we shouldn't do any I/O on them before we've checked that they're in an allowed prefix. | |||||
2015-01-12 | Add basic Apple sandbox support | Daniel Peebles | 1 | -17/+169 | |
2015-01-09 | Fix builtins.readDir on XFS | Eelco Dolstra | 1 | -1/+1 | |
The DT_UNKNOWN fallback code was getting the type of the wrong path, causing readDir to report "directory" as the type of every file. Reported by deepfire on IRC. | |||||
2015-01-08 | Doh^2 | Eelco Dolstra | 1 | -1/+1 | |
2015-01-08 | Doh | Eelco Dolstra | 1 | -3/+3 | |
2015-01-08 | Set /nix/store permission to 1737 | Eelco Dolstra | 2 | -19/+6 | |
I.e., not readable to the nixbld group. This improves purity a bit for non-chroot builds, because it prevents a builder from enumerating store paths (i.e. it can only access paths it knows about). |