about summary refs log tree commit diff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2007-02-21 * `nix-store --import' now also works in remote mode. The workerEelco Dolstra4-9/+62
always requires a signature on the archive. This is to ensure that unprivileged users cannot add Trojan horses to the Nix store.
2007-02-21 * Support exportPath() in remote mode.Eelco Dolstra4-5/+42
2007-02-21 * importPath(): set the deriver.Eelco Dolstra1-3/+13
* exportPath(): lock the path, use a transaction.
2007-02-21 * `nix-store --import': import an archive created by `nix-storeEelco Dolstra8-10/+142
--export' into the Nix store, and optionally check the cryptographic signatures against /nix/etc/nix/signing-key.pub. (TODO: verify against a set of public keys.)
2007-02-21 * `nix-store --export --sign': sign the Nix archive using the RSA keyEelco Dolstra7-29/+122
in /nix/etc/nix/signing-key.sec
2007-02-20 * Start of `nix-store --export' operation for serialising a storeEelco Dolstra6-0/+50
path. This is like `nix-store --dump', only it also dumps the meta-information of the store path (references, deriver). Will add a `--sign' flag later to add a cryptographic signature, which we will use for exchanging store paths between build farm machines in a secure manner.
2007-02-06 * Fix 64-bit compiler warnings.Eelco Dolstra2-4/+4
2007-02-02 * nix-env now maintains meta info (from the `meta' derivationEelco Dolstra5-16/+89
attribute) about installed packages in user environments. Thus, an operation like `nix-env -q --description' shows useful information not only on available packages but also on installed packages. * nix-env now passes the entire manifest as an argument to the Nix expression of the user environment builder (not just a list of paths), so that in particular the user environment builder has access to the meta attributes. * New operation `--set-flag' in nix-env to change meta info of installed packages. This will be useful to pass per-package policies to the user environment builder (e.g., how to resolve collision or whether to disable a package (NIX-80)) or upgrade policies in nix-env (e.g., that a package should be "masked", that is, left untouched by upgrade actions). Example: $ nix-env --set-flag enabled false ghc-6.4
2007-01-29 * Doh!Eelco Dolstra1-2/+0
2007-01-29 * computeStorePathForText: take the references into account whenEelco Dolstra5-6/+18
computing the store path (NIX-77). This is an important security property in multi-user Nix stores. Note that this changes the store paths of derivations (since the derivation aterms are added using addTextToStore), but not most outputs (unless they use builtins.toFile).
2007-01-29 * Don't capitalise the primop functions.Eelco Dolstra1-76/+81
2007-01-29 * Organise primops.cc a bit better.Eelco Dolstra1-321/+376
2007-01-29 New primitives:Eelco Dolstra1-1/+43
* `sub' to subtract two numbers. * `stringLength' to get the length of a string. * `substring' to get a substring of a string. These should be enough to allow most string operations to be expressed.
2007-01-29 * filterSource: pass strings to the predicate function instead ofEelco Dolstra1-1/+1
paths. Paths can have unexpected semantics.
2007-01-24 * Nasty: Glibc clears the TMPDIR environment variable in setuidEelco Dolstra1-1/+8
programs, so if a builder uses TMPDIR, then it will fail when executed through nix-setuid-helper. In fact Glibc clears a whole bunch of variables (see sysdeps/generic/unsecvars.h in the Glibc sources), but only TMPDIR should matter in practice. As a workaround, we reinitialise TMPDIR from NIX_BUILD_TOP.
2007-01-23 * exportReferencesGraph: work on paths within store paths as well.Eelco Dolstra1-2/+10
2007-01-15 * Handle multiple indirect symlinks when loading a Nix expression.Eelco Dolstra2-7/+7
2007-01-15 * builtins.filterSource: pass the type of the file ("regular",Eelco Dolstra1-1/+18
"directory", "symlink") as the second argument to the filter predicate.
2007-01-14 * `nix-store --verify': revive checking the referrers table. This isEelco Dolstra1-42/+56
important to get garbage collection to work if there is any inconsistency in the database (because the referrer table is used to determine whether it is safe to delete a path). * `nix-store --verify': show some progress.
2007-01-14 * Make the garbage collector more resilient to certain consistencyEelco Dolstra3-4/+10
errors: in-use paths now cause a warning, not a fatal error.
2007-01-14 * Option --argstr for passing string arguments easily. (NIX-75)Eelco Dolstra6-27/+63
2007-01-13 * nix-pack-closure: store the top-level store paths in the closure.Eelco Dolstra1-1/+9
* nix-unpack-closure: extract the top-level paths from the closure and print them on stdout. This allows them to be installed, e.g., "nix-env -i $(nix-unpack-closure)". (NIX-64)
2007-01-13 * Allow multiple --attr / -A arguments in nix-build / nix-instantiateEelco Dolstra1-15/+20
(NIX-74).
2007-01-13 * Removed chroot support.Eelco Dolstra1-6/+0
2007-01-13 * Canonicalise ASTs in `nix-instantiate --eval': remove positionEelco Dolstra3-1/+45
info, sort attribute sets.
2007-01-13 * Memoize strict evaluation.Eelco Dolstra2-13/+29
2007-01-13 * printTermAsXML: treat derivations specially; emit an elementEelco Dolstra1-11/+55
<derivation outPath=... drvPath=...> attrs </derivation>. Only emit the attributes of any specific derivation only. This prevents exponententially large XML output due to the absense of sharing.
2007-01-13 * Make printing an expression as XML interruptible.Eelco Dolstra2-0/+7
2007-01-13 * Cleanup.Eelco Dolstra6-16/+16
2006-12-13 * Remove debug message.Eelco Dolstra1-1/+0
2006-12-12 * New primop builtins.filterSource, which can be used to filter filesEelco Dolstra15-66/+114
from a source directory. All files for which a predicate function returns true are copied to the store. Typical example is to leave out the .svn directory: stdenv.mkDerivation { ... src = builtins.filterSource (path: baseNameOf (toString path) != ".svn") ./source-dir; # as opposed to # src = ./source-dir; } This is important because the .svn directory influences the hash in a rather unpredictable and variable way.
2006-12-12 * In dumpPath(): pass a function object that allows files to beEelco Dolstra2-14/+28
selectively in/excluded from the dump.
2006-12-12 * New operation `nix-env --set' which sets a user environment to aEelco Dolstra2-0/+28
single derivation specified by the argument. This is useful when we want to have a profile for a single derivation, such as a server configuration. Then we can just say (e.g.) $ nix-env -p /.../server-profile -f server.nix --set -A server We can't do queries or upgrades on such a profile, but we can do rollbacks. The advantage over -i is that we don't have to worry about other packages having been installed in the profile previously; --set gets rid of them.
2006-12-12 * New built-in function `builtins.attrNames' that returns theEelco Dolstra1-0/+21
names of the attributes in an attribute set.
2006-12-09 * Use lchown() instead of chown() in canonicalisePathMetaData(). ThisEelco Dolstra1-8/+38
matters when running as root, since then we don't use the setuid helper (which already used lchown()). * Also check for an obscure security problem on platforms that don't have lchown. Then we can't change the ownership of symlinks, which doesn't matter *except* when the containing directory is writable by the owner (which is the case with the top-level Nix store directory).
2006-12-09 * Use deletePathWrapped() in more places.Eelco Dolstra3-22/+31
2006-12-08 * Goal cancellation inside the waitForInput() loop needs to be handledEelco Dolstra1-38/+85
very carefully, since it can invalidate iterators into the `children' map.
2006-12-08 * Some refactoring.Eelco Dolstra1-95/+118
* Throw more exceptions as BuildErrors instead of Errors. This matters when --keep-going is turned on. (A BuildError is caught and terminates the goal in question, an Error terminates the program.)
2006-12-08 * Kill a build if it has gone for more than a certain number ofEelco Dolstra4-20/+79
seconds without producing output on stdout or stderr (NIX-65). This timeout can be specified using the `--max-silent-time' option or the `build-max-silent-time' configuration setting. The default is infinity (0). * Fix a tricky race condition: if we kill the build user before the child has done its setuid() to the build user uid, then it won't be killed, and we'll potentially lock up in pid.wait(). So also send a conventional kill to the child.
2006-12-08 * Also for convenience, change the ownership of the build output evenEelco Dolstra1-22/+36
in case of failure.
2006-12-07 * Remove ancient terminology.Eelco Dolstra1-3/+3
2006-12-07 * When keeping the temporary build directory (-K), change the ownerEelco Dolstra1-1/+4
back to the Nix account.
2006-12-07 * Doh!Eelco Dolstra4-4/+4
2006-12-07 * Be less verbose.Eelco Dolstra1-1/+1
2006-12-07 * Rename all those main.cc files.Eelco Dolstra10-5/+5
2006-12-07 * Check for lchown.Eelco Dolstra1-0/+7
2006-12-07 * Don't count on the Pid deconstructor to kill the child process,Eelco Dolstra1-2/+14
since if we're running a build user in non-root mode, we can't. Let the setuid helper do it.
2006-12-07 * Move setuidCleanup() to libutil.Eelco Dolstra5-27/+23
2006-12-07 * If not running as root, let the setuid helper kill the build user'sEelco Dolstra2-31/+69
processes before and after the build.
2006-12-07 * In the garbage collector, if deleting a path fails, try to fix itsEelco Dolstra3-6/+31
ownership, then try again.