about summary refs log tree commit diff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2019-07-25 Disable CLONE_NEWUSER when it’s unavailableMatthew Bauer2-3/+16
Some kernels disable "unpriveleged user namespaces". This is unfortunate, but we can still use mount namespaces. Anyway, since each builder has its own nixbld user, we already have most of the benefits of user namespaces.
2019-07-13 Merge pull request #2975 from matthewbauer/fix-nsswitch-issueEelco Dolstra1-1/+7
Don’t use entire /etc/nsswitch.conf file
2019-07-10 Resume NAR downloadsEelco Dolstra1-7/+28
This is a much simpler fix to the 'error 9 while decompressing xz file' problem than 78fa47a7f08a4cb6ee7061bf0bd86a40e1d6dc91. We just do a ranged HTTP request starting after the data that we previously wrote into the sink. Fixes #2952, #379.
2019-07-10 HttpBinaryCacheStore: Use default number of retries for NARsEelco Dolstra1-1/+0
2019-07-10 Downloader: Use warn()Eelco Dolstra1-3/+3
2019-07-10 Revert "Fix 'error 9 while decompressing xz file'"Eelco Dolstra7-162/+125
This reverts commit 78fa47a7f08a4cb6ee7061bf0bd86a40e1d6dc91.
2019-07-10 nix copy: Rename --substitute to --substitute-on-destinationEelco Dolstra1-1/+1
'--substitute' was being shadowed by the regular '--substitute' (the short-hand for '--option substitute true'). Fixes #2983.
2019-07-03 Merge branch 'autoconf-ubuntu-16.04-fixes' of https://github.com/nh2/nixEelco Dolstra3-2/+9
2019-07-03 Get BOOST_LDFLAGS from autoconf, fix Ubuntu 16.04 build.Niklas Hambüchen2-2/+2
Our use of boost::coroutine2 depends on -lboost_context, which in turn depends on `-lboost_thread`, which in turn depends on `-lboost_system`. I suspect that this builds on nix only because of low-level hacks like NIX_LDFLAGS. This commit passes the proper linker flags, thus fixing bootstrap builds on non-nix distributions like Ubuntu 16.04. With these changes, I can build Nix on Ubuntu 16.04 using: ./bootstrap.sh ./configure --prefix=$HOME/editline-prefix \ --disable-doc-gen \ CXX=g++-7 \ --with-boost=$HOME/boost-prefix \ EDITLINE_CFLAGS=-I$HOME/editline-prefix/include \ EDITLINE_LIBS=-leditline \ LDFLAGS=-L$HOME/editline-prefix/lib make where * g++-7 comes from gcc-7 from https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test, * editline 1.14 from https://github.com/troglobit/editline/releases/tag/1.14.0 was installed into `$HOME/editline-prefix` (because Ubuntu 16.04's `editline` is too old to have the function nix uses), * boost 1.66 from https://www.boost.org/doc/libs/1_66_0/more/getting_started/unix-variants.html was installed into $HOME/boost-prefix (because Ubuntu 16.04 only has 1.58)
2019-07-03 Fix C++ compatibility with older editline versions.Niklas Hambüchen1-0/+7
For example, Ubuntu 16.04 and many similar long-term-support distros have older versions.
2019-07-02 Merge pull request #2779 from LnL7/build-exit-codesEelco Dolstra2-4/+37
build: add exit code for hash and check mismatches
2019-07-02 Merge pull request #2974 from grahamc/invalid-nameEelco Dolstra1-3/+10
checkStoreName: give more precise/verbose error information
2019-07-02 Merge pull request #2582 from LnL7/fetchgit-refsEelco Dolstra1-1/+5
fetchGit: allow fetching explicit refs
2019-07-02 checkStoreName: give more precise/verbose error informationGraham Christensen1-3/+10
$ sudo ./inst/bin/nix-instantiate -E '"${./.git}"' error: The path name '.git' is invalid: it is illegal to start the name with a period. Path names are alphanumeric and can include the symbols +-._?= and must not begin with a period. Note: If '.git' is a source file and you cannot rename it on disk, builtins.path { name = ... } can be used to give it an alternative name.
2019-07-02 build: replace 100 offset for build exit codesDaiderd Jordan1-5/+19
2019-07-02 build: use binary mask for build status flagsDaiderd Jordan1-1/+9
If multiple builds with fail with different errors it will be reflected in the status code. eg. 103 => timeout + hash mismatch 105 => timeout + check mismatch 106 => hash mismatch + check mismatch 107 => timeout + hash mismatch + check mismatch
2019-07-02 build: add exit code for hash and check mismatchesDaiderd Jordan2-4/+15
Makes it easier to identify the failure reason in other tooling, eg. differentiate between a non-deterministic --check vs a failed build. $ nix-build '<nix/fetchurl.nix>' --argstr url http://example.org --argstr sha256 0000000000000000000000000000000000000000000000000000 hash mismatch in fixed-output derivation '/nix/store/nzi9ck45rwlxzcwr25is7qlf3hs5xl83-example.org': wanted: sha256:0000000000000000000000000000000000000000000000000000 got: sha256:08y4734bm2zahw75b16bcmcg587vvyvh0n11gwiyir70divwp1rm $ echo $? 102 $ nix-build -E 'with import <nixpkgs> {}; runCommand "foo" {} "date +%s > $out"' --check warning: rewriting hashes in '/nix/store/g3k47g0399fvjmbm0p0mnad74k4w8vkz-foo'; cross fingers error: derivation '/nix/store/mggc8dz13ackb49qca6m23zq4fpq132q-foo.drv' may not be deterministic: output '/nix/store/g3k47g0399fvjmbm0p0mnad74k4w8vkz-foo' differs $ echo $? 104
2019-06-28 Fix `http2 = false` having no effect. Fixes #2971.Aniket Deshpande1-0/+2
Setting `http2 = false` in nix config (e.g. /etc/nix/nix.conf) had no effect, and `nix-env -vvvvv -i hello` still downloaded .nar packages using HTTP/2. In `src/libstore/download.cc`, the `CURL_HTTP_VERSION_2TLS` option was being explicitly set when `downloadSettings.enableHttp2` was `true`, but, `CURL_HTTP_VERSION_1_1` option was not being explicitly set when `downloadSettings.enableHttp2` was `false`. This may be because `https://curl.haxx.se/libcurl/c/libcurl-env.html` states: "You have to set this option if you want to use libcurl's HTTP/2 support." but, also, in the changelog, states: "DEFAULT Since curl 7.62.0: CURL_HTTP_VERSION_2TLS Before that: CURL_HTTP_VERSION_1_1" So, the default setting for `libcurl` is HTTP/2 for version >= 7.62.0. In this commit, option `CURLOPT_HTTP_VERSION` is explicitly set to `CURL_HTTP_VERSION_1_1` when `downloadSettings.enableHttp2` nix config setting is `false`. This can be tested by running `nix-env -vvvvv -i hello | grep HTTP`
2019-06-28 Fix macOS build failureEelco Dolstra1-2/+2
Issue #2976.
2019-06-27 Don’t use entire /etc/nsswitch.conf fileMatthew Bauer1-1/+7
The default nsswitch.conf(5) file in most distros can handle many different things including host name, user names, groups, etc. In Nix, we want to limit the amount of impurities that come from these things. As a result, we should only allow nss to be used for gethostbyname(3) and getservent(3). /cc @Ericson2314
2019-06-25 ProgressBar: Fix updatingEelco Dolstra1-11/+15
'updateCV.notify_one()' does nothing if the update thread is not waiting for updateCV (in particular this happens when it is sleeping on quitCV). So also set a variable to ensure that the update isn't lost.
2019-06-25 nix-channel: Don't fetch binary-cache-urlEelco Dolstra2-11/+1
This has been ignored since the Perl->C++ rewrite.
2019-06-25 Automatically use --no-net if there are no network interfacesEelco Dolstra2-11/+55
(cherry picked from commit 04a59769963fe2a28d10ba15de743fe499333c80)
2019-06-25 Add "warning" verbosity levelEelco Dolstra3-2/+4
This ensures that "nix" shows warnings. Previously these were hidden because they were at "info" level. (cherry picked from commit 615a9d031d22a6aee64f8511e15685e47b6f8796)
2019-06-24 Fix 32-bit overflow with --no-netEelco Dolstra3-10/+7
--no-net causes tarballTtl to be set to the largest 32-bit integer, which causes comparison like 'time + tarballTtl < other_time' to fail on 32-bit systems. So cast them to 64-bit first. https://hydra.nixos.org/build/95076624 (cherry picked from commit 29ccb2e9697ee2184012dd13854e487928ae4441)
2019-06-24 Refactor downloadCached() interfaceEelco Dolstra6-49/+63
(cherry picked from commit df3f5a78d5ab0a1f2dc9d288b271b38a9b8b33b5)
2019-06-24 Add '--no-net' convenience flagEelco Dolstra5-20/+35
This flag * Disables substituters. * Sets the tarball-ttl to infinity (ensuring e.g. that the flake registry and any downloaded flakes are considered current). * Disables retrying downloads and sets the connection timeout to the minimum. (So it doesn't completely disable downloads at the moment.) (cherry picked from commit 8ea842260b4fd93315d35c5ba94b1ff99ab391d8)
2019-06-24 Fix 'error 9 while decompressing xz file'Eelco Dolstra7-125/+162
Once we've started writing data to a Sink, we can't restart a download request, because then we end up writing duplicate data to the Sink. Therefore we shouldn't handle retries in Downloader but at a higher level (in particular, in copyStorePath()). Fixes #2952. (cherry picked from commit a67cf5a3585c41dd9f219a2c7aa9cf67fa69520b)
2019-06-24 Downloader: Propagate exceptions from decompressionSink->finish()Eelco Dolstra1-2/+7
(cherry picked from commit 15fa70cd1b853f5e62662b99ccb9ef3da6cfadff)
2019-06-24 CachedDownloadResult: Include store pathEelco Dolstra4-2/+7
Also, make fetchGit and fetchMercurial update allowedPaths properly. (Maybe the evaluator, rather than the caller of the evaluator, should apply toRealPath(), but that's a bigger change.) (cherry picked from commit 5c34d665386f4053d666b0899ecca0639e500fbd)
2019-06-24 downloadCached: Return ETagEelco Dolstra6-12/+29
(cherry picked from commit 529add316c5356a8060c35f987643b7bf5c796dc)
2019-06-24 Fix abort in fromTOMLEelco Dolstra1-0/+13
Fixes #2969.
2019-06-17 Another attempt at getting pseudoterminals to work on macOSEelco Dolstra1-0/+3
2019-06-16 Hopefully fix macOS testsEelco Dolstra1-4/+6
2019-06-16 Set $TERMEelco Dolstra1-0/+3
2019-06-16 Run builds in a pseudo-terminalEelco Dolstra1-8/+46
This allows many programs (e.g. gcc, clang, cmake) to print colorized log output (assuming $TERM is set to a value like "xterm"). There are other ways to get colors, in particular setting CLICOLOR_FORCE, but they're less widely supported and can break programs that parse tool output.
2019-06-16 Style fixEelco Dolstra1-1/+1
2019-06-15 nix: Add -L alias for --print-build-logsEelco Dolstra1-0/+1
2019-06-15 nix: Support -j flagEelco Dolstra2-4/+9
2019-06-15 Daemon: warn when an untrusted user cannot override a settingFélix Baylac-Jacqué1-1/+1
In a daemon-based Nix setup, some options cannot be overridden by a client unless the client's user is considered trusted. Currently, if an untrusted user tries to override one of those options, we are silently ignoring it. This can be pretty confusing in certain situations. e.g. a user thinks he disabled the sandbox when in reality he did not. We are now sending a warning message letting know the user some options have been ignored. Related to #1761.
2019-06-01 Fix segfault in builtin fetchurl with hashed mirrors + SRI hashesEelco Dolstra1-1/+2
2019-05-29 bump cpptoml to v0.1.1Ding Xiang Fei1-179/+390
2019-05-28 Iterate over referencesEelco Dolstra1-6/+6
2019-05-28 Merge branch 'attrPaths' of https://github.com/NinjaTrappeur/nixEelco Dolstra1-3/+23
2019-05-21 Merge pull request #2800 from flokli/progress-bar-hide-unknown-expectedEelco Dolstra1-4/+11
progress-bar: hide expected if expected is 0 (unknown)
2019-05-15 Merge pull request #2810 from NixOS/print-build-logsEelco Dolstra4-13/+39
nix: Add --print-build-logs flag
2019-05-15 nix: Add --print-build-logs flagEelco Dolstra4-13/+39
This causes 'nix' to print build log output to stderr rather than showing the last log line in the progress bar. Log lines are prefixed by the name of the derivation (minus the version string), e.g. binutils> make[1]: Leaving directory '/build/binutils-2.31.1' binutils-wrapper> unpacking sources binutils-wrapper> patching sources ... binutils-wrapper> Using dynamic linker: '/nix/store/kr51dlsj9v5cr4n8700jliyz8v5b2q7q-bootstrap-stage0-glibc/lib/ld-linux-x86-64.so.2' bootstrap-stage2-gcc-wrapper> unpacking sources ... linux-headers> unpacking sources linux-headers> unpacking source archive /nix/store/8javli69jhj3bkql2c35gsj5vl91p382-linux-4.19.16.tar.xz
2019-05-13 Merge pull request #2802 from LnL7/fix-needs-hashrewriteEelco Dolstra1-12/+16
build: move needsHashRewrite initialization to startBuilder
2019-05-12 runProgram: Uncomment chdir supportGraham Christensen1-2/+2
2019-05-12 build: make needsHashRewrite a methodDaiderd Jordan1-12/+16