diff options
-rw-r--r-- | corepkgs/fetchurl.nix | 7 | ||||
-rw-r--r-- | doc/dev/release-procedures.txt | 33 | ||||
-rw-r--r-- | doc/manual/builtins.xml | 12 | ||||
-rw-r--r-- | doc/manual/opt-common.xml | 9 | ||||
-rw-r--r-- | doc/manual/release-notes.xml | 57 | ||||
-rw-r--r-- | perl/lib/Nix/Store.xs | 21 | ||||
-rwxr-xr-x | scripts/build-remote.pl.in | 5 | ||||
-rw-r--r-- | src/libexpr/eval.cc | 2 | ||||
-rw-r--r-- | src/libexpr/nixexpr.hh | 4 | ||||
-rw-r--r-- | src/libexpr/parser.y | 6 | ||||
-rw-r--r-- | src/libexpr/primops.cc | 16 | ||||
-rw-r--r-- | src/libmain/shared.cc | 7 | ||||
-rw-r--r-- | src/libstore/build.cc | 18 | ||||
-rw-r--r-- | src/libstore/gc.cc | 5 | ||||
-rw-r--r-- | src/libstore/globals.cc | 9 | ||||
-rw-r--r-- | src/libstore/globals.hh | 3 | ||||
-rw-r--r-- | src/libstore/local-store.cc | 116 | ||||
-rw-r--r-- | src/libstore/local-store.hh | 4 | ||||
-rw-r--r-- | src/libstore/optimise-store.cc | 2 | ||||
-rw-r--r-- | src/libstore/remote-store.cc | 2 | ||||
-rw-r--r-- | src/libstore/worker-protocol.hh | 8 | ||||
-rw-r--r-- | src/nix-daemon/nix-daemon.cc | 2 | ||||
-rw-r--r-- | src/nix-store/nix-store.cc | 77 | ||||
-rw-r--r-- | substitute.mk | 3 | ||||
-rw-r--r-- | tests/nix-copy-closure.nix | 8 | ||||
-rw-r--r-- | tests/remote-builds.nix | 4 | ||||
-rw-r--r-- | version | 2 |
27 files changed, 277 insertions, 165 deletions
diff --git a/corepkgs/fetchurl.nix b/corepkgs/fetchurl.nix index 4a0ae8279..39b9dd508 100644 --- a/corepkgs/fetchurl.nix +++ b/corepkgs/fetchurl.nix @@ -1,6 +1,6 @@ with import <nix/config.nix>; -{system ? builtins.currentSystem, url, outputHash ? "", outputHashAlgo ? "", md5 ? "", sha1 ? "", sha256 ? ""}: +{system ? builtins.currentSystem, url, outputHash ? "", outputHashAlgo ? "", md5 ? "", sha1 ? "", sha256 ? "", executable ? false}: assert (outputHash != "" && outputHashAlgo != "") || md5 != "" || sha1 != "" || sha256 != ""; @@ -8,10 +8,10 @@ assert (outputHash != "" && outputHashAlgo != "") let builder = builtins.toFile "fetchurl.sh" - '' + ('' echo "downloading $url into $out" ${curl} --fail --location --max-redirs 20 --insecure "$url" > "$out" - ''; + '' + (if executable then "${coreutils}/chmod +x $out" else "")); in @@ -25,6 +25,7 @@ derivation { if sha256 != "" then "sha256" else if sha1 != "" then "sha1" else "md5"; outputHash = if outputHash != "" then outputHash else if sha256 != "" then sha256 else if sha1 != "" then sha1 else md5; + outputHashMode = if executable then "recursive" else "flat"; inherit system url; diff --git a/doc/dev/release-procedures.txt b/doc/dev/release-procedures.txt deleted file mode 100644 index 1e95a9ee9..000000000 --- a/doc/dev/release-procedures.txt +++ /dev/null @@ -1,33 +0,0 @@ -To produce a `stable' release from the trunk: - --1. Update the release notes; make sure that the release date is - correct. - -0. Make sure that the trunk builds in the release supervisor. - -1. Branch the trunk, e.g., `svn cp .../trunk - .../branches/0.5-release'. - -2. Switch to the branch, e.g., `svn switch .../branches/0.5-release'. - -3. In `configure.ac', change `STABLE=0' into `STABLE=1' and commit. - -4. In the release supervisor, add a one-time job to build - `.../branches/0.5-release'. - -5. Make sure that the release succeeds. - -6. Move the branch to a tag, e.g., `svn mv .../branches/0.5-release - .../tags/0.5'. - - Note that the branch should not be used for maintenance; it should - be deleted after the release has been created. A maintenance - branch (e.g., `.../branches/0.5') should be created from the - original revision of the trunk (since maintenance releases should - also be tested first; hence, we cannot have `STABLE=1'). The same - procedure can then be followed to produce maintenance releases; - just substitute `.../branches/VERSION' for the trunk. - -7. Switch back to the trunk. - -8. Bump the version number in `configure.ac' (in AC_INIT). diff --git a/doc/manual/builtins.xml b/doc/manual/builtins.xml index 9f5f4438c..b75f58e21 100644 --- a/doc/manual/builtins.xml +++ b/doc/manual/builtins.xml @@ -302,6 +302,18 @@ stdenv.mkDerivation { </varlistentry> + <varlistentry><term><function>builtins.hashString</function> + <replaceable>type</replaceable> <replaceable>s</replaceable></term> + + <listitem><para>Return a base-16 representation of the + cryptographic hash of string <replaceable>s</replaceable>. The + hash algorithm specified by <replaceable>type</replaceable> must + be one of <literal>"md5"</literal>, <literal>"sha1"</literal> or + <literal>"sha256"</literal>.</para></listitem> + + </varlistentry> + + <varlistentry><term><function>builtins.head</function> <replaceable>list</replaceable></term> diff --git a/doc/manual/opt-common.xml b/doc/manual/opt-common.xml index 72971bd6a..329345773 100644 --- a/doc/manual/opt-common.xml +++ b/doc/manual/opt-common.xml @@ -343,10 +343,11 @@ <varlistentry><term><option>-I</option> <replaceable>path</replaceable></term> - <listitem><para>Add a path to the Nix expression search path. See - the <envar>NIX_PATH</envar> environment variable for details. Paths - added through <option>-I</option> take precedence over - <envar>NIX_PATH</envar>.</para></listitem> + <listitem><para>Add a path to the Nix expression search path. This + option may be given multiple times. See the <envar>NIX_PATH</envar> + environment variable for information on the semantics of the Nix + search path. Paths added through <option>-I</option> take + precedence over <envar>NIX_PATH</envar>.</para></listitem> </varlistentry> diff --git a/doc/manual/release-notes.xml b/doc/manual/release-notes.xml index e7e9bf3c5..a078be83d 100644 --- a/doc/manual/release-notes.xml +++ b/doc/manual/release-notes.xml @@ -8,6 +8,63 @@ <!--==================================================================--> +<section xml:id="ssec-relnotes-1.5.1"><title>Release 1.5.1 (February 28, 2013)</title> + +<para>The bug fix to the bug fix had a bug itself, of course. But +this time it will work for sure!</para> + +</section> + + +<!--==================================================================--> + +<section xml:id="ssec-relnotes-1.5"><title>Release 1.5 (February 27, 2013)</title> + +<para>This is a brown paper bag release to fix a regression introduced +by the hard link security fix in 1.4.</para> + +</section> + + +<!--==================================================================--> + +<section xml:id="ssec-relnotes-1.4"><title>Release 1.4 (February 26, 2013)</title> + +<para>This release fixes a security bug in multi-user operation. It +was possible for derivations to cause the mode of files outside of the +Nix store to be changed to 444 (read-only but world-readable) by +creating hard links to those files (<link +xlink:href="https://github.com/NixOS/nix/commit/5526a282b5b44e9296e61e07d7d2626a79141ac4">details</link>).</para> + +<para>There are also the following improvements:</para> + +<itemizedlist> + + <listitem><para>New built-in function: + <function>builtins.hashString</function>.</para></listitem> + + <listitem><para>Build logs are now stored in + <filename>/nix/var/log/nix/drvs/<replaceable>XX</replaceable>/</filename>, + where <replaceable>XX</replaceable> is the first two characters of + the derivation. This is useful on machines that keep a lot of build + logs (such as Hydra servers).</para></listitem> + + <listitem><para>The function <function>corepkgs/fetchurl</function> + can now make the downloaded file executable. This will allow + getting rid of all bootstrap binaries in the Nixpkgs source + tree.</para></listitem> + + <listitem><para>Language change: The expression <literal>"${./path} + ..."</literal> now evaluates to a string instead of a + path.</para></listitem> + +</itemizedlist> + +</section> + + +<!--==================================================================--> + <section xml:id="ssec-relnotes-1.3"><title>Release 1.3 (January 4, 2013)</title> <para>This is primarily a bug fix release. When this version is first diff --git a/perl/lib/Nix/Store.xs b/perl/lib/Nix/Store.xs index 00311aa8f..8154bcbb0 100644 --- a/perl/lib/Nix/Store.xs +++ b/perl/lib/Nix/Store.xs @@ -15,7 +15,7 @@ using namespace nix; -void doInit() +void doInit() { if (!store) { try { @@ -237,32 +237,35 @@ SV * derivationFromPath(char * drvPath) doInit(); Derivation drv = derivationFromPath(*store, drvPath); hash = newHV(); - - /* TODO: handle drv.outputs */ - + + HV * outputs = newHV(); + for (DerivationOutputs::iterator i = drv.outputs.begin(); i != drv.outputs.end(); ++i) + hv_store(outputs, i->first.c_str(), i->first.size(), newSVpv(i->second.path.c_str(), 0), 0); + hv_stores(hash, "outputs", newRV((SV *) outputs)); + AV * inputDrvs = newAV(); for (DerivationInputs::iterator i = drv.inputDrvs.begin(); i != drv.inputDrvs.end(); ++i) av_push(inputDrvs, newSVpv(i->first.c_str(), 0)); // !!! ignores i->second hv_stores(hash, "inputDrvs", newRV((SV *) inputDrvs)); - + AV * inputSrcs = newAV(); for (PathSet::iterator i = drv.inputSrcs.begin(); i != drv.inputSrcs.end(); ++i) av_push(inputSrcs, newSVpv(i->c_str(), 0)); hv_stores(hash, "inputSrcs", newRV((SV *) inputSrcs)); - + hv_stores(hash, "platform", newSVpv(drv.platform.c_str(), 0)); hv_stores(hash, "builder", newSVpv(drv.builder.c_str(), 0)); - + AV * args = newAV(); for (Strings::iterator i = drv.args.begin(); i != drv.args.end(); ++i) av_push(args, newSVpv(i->c_str(), 0)); hv_stores(hash, "args", newRV((SV *) args)); - + HV * env = newHV(); for (StringPairs::iterator i = drv.env.begin(); i != drv.env.end(); ++i) hv_store(env, i->first.c_str(), i->first.size(), newSVpv(i->second.c_str(), 0), 0); hv_stores(hash, "env", newRV((SV *) env)); - + RETVAL = newRV_noinc((SV *)hash); } catch (Error & e) { croak(e.what()); diff --git a/scripts/build-remote.pl.in b/scripts/build-remote.pl.in index 458d31be9..dddd9e959 100755 --- a/scripts/build-remote.pl.in +++ b/scripts/build-remote.pl.in @@ -258,8 +258,9 @@ close UPLOADLOCK; # Perform the build. my $buildFlags = - "--max-silent-time $maxSilentTime --option build-timeout $buildTimeout " - . "--fallback --add-root $rootsDir/\$PPID.out --option verbosity 0"; + "--max-silent-time $maxSilentTime --option build-timeout $buildTimeout" + . " --fallback --add-root $rootsDir/\$PPID.out --quiet" + . " --option build-keep-log false"; # We let the remote side kill its process group when the connection is # closed unexpectedly. This is necessary to ensure that no processes diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 676dd3ac4..a1613a420 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -966,7 +966,7 @@ void ExprConcatStrings::eval(EvalState & state, Env & env, Value & v) since paths are copied when they are used in a derivation), and none of the strings are allowed to have contexts. */ if (first) { - isPath = vStr.type == tPath; + isPath = !forceString && vStr.type == tPath; first = false; } diff --git a/src/libexpr/nixexpr.hh b/src/libexpr/nixexpr.hh index bc6c3287c..86a7bfd50 100644 --- a/src/libexpr/nixexpr.hh +++ b/src/libexpr/nixexpr.hh @@ -277,8 +277,10 @@ MakeBinOp(OpConcatLists, "++") struct ExprConcatStrings : Expr { + bool forceString; vector<Expr *> * es; - ExprConcatStrings(vector<Expr *> * es) : es(es) { }; + ExprConcatStrings(bool forceString, vector<Expr *> * es) + : forceString(forceString), es(es) { }; COMMON_METHODS }; diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y index 1819da5e1..66edfb548 100644 --- a/src/libexpr/parser.y +++ b/src/libexpr/parser.y @@ -203,7 +203,7 @@ static Expr * stripIndentation(SymbolTable & symbols, vector<Expr *> & es) es2->push_back(new ExprString(symbols.create(s2))); } - return es2->size() == 1 ? (*es2)[0] : new ExprConcatStrings(es2); + return es2->size() == 1 ? (*es2)[0] : new ExprConcatStrings(true, es2); } @@ -318,7 +318,7 @@ expr_op { vector<Expr *> * l = new vector<Expr *>; l->push_back($1); l->push_back($3); - $$ = new ExprConcatStrings(l); + $$ = new ExprConcatStrings(false, l); } | expr_op CONCAT expr_op { $$ = new ExprOpConcatLists($1, $3); } | expr_app @@ -349,7 +349,7 @@ expr_simple /* For efficiency, and to simplify parse trees a bit. */ if ($2->empty()) $$ = new ExprString(data->symbols.create("")); else if ($2->size() == 1) $$ = $2->front(); - else $$ = new ExprConcatStrings($2); + else $$ = new ExprConcatStrings(true, $2); } | IND_STRING_OPEN ind_string_parts IND_STRING_CLOSE { $$ = stripIndentation(data->symbols, *$2); diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index f8f893d69..f66b24b77 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1107,6 +1107,21 @@ static void prim_unsafeDiscardOutputDependency(EvalState & state, Value * * args } +/* Return the cryptographic hash of a string in base-16. */ +static void prim_hashString(EvalState & state, Value * * args, Value & v) +{ + string type = state.forceStringNoCtx(*args[0]); + HashType ht = parseHashType(type); + if (ht == htUnknown) + throw Error(format("unknown hash type `%1%'") % type); + + PathSet context; // discarded + string s = state.forceString(*args[1], context); + + mkString(v, printHash(hashString(ht, s)), context); +}; + + /************************************************************* * Versions *************************************************************/ @@ -1234,6 +1249,7 @@ void EvalState::createBaseEnv() addPrimOp("__stringLength", 1, prim_stringLength); addPrimOp("__unsafeDiscardStringContext", 1, prim_unsafeDiscardStringContext); addPrimOp("__unsafeDiscardOutputDependency", 1, prim_unsafeDiscardOutputDependency); + addPrimOp("__hashString", 2, prim_hashString); // Versions addPrimOp("__parseDrvName", 1, prim_parseDrvName); diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index e869ef037..4796629dc 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -168,11 +168,10 @@ static void initAndRun(int argc, char * * argv) remaining.clear(); /* Process default options. */ - int verbosityDelta = lvlInfo; for (Strings::iterator i = args.begin(); i != args.end(); ++i) { string arg = *i; - if (arg == "--verbose" || arg == "-v") verbosityDelta++; - else if (arg == "--quiet") verbosityDelta--; + if (arg == "--verbose" || arg == "-v") verbosity = (Verbosity) (verbosity + 1); + else if (arg == "--quiet") verbosity = verbosity > lvlError ? (Verbosity) (verbosity - 1) : lvlError; else if (arg == "--log-type") { string s = getArg(arg, i, args.end()); setLogType(s); @@ -219,8 +218,6 @@ static void initAndRun(int argc, char * * argv) else remaining.push_back(arg); } - verbosity = (Verbosity) (verbosityDelta < 0 ? 0 : verbosityDelta); - settings.update(); run(remaining); diff --git a/src/libstore/build.cc b/src/libstore/build.cc index 75802c324..73223bc1a 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -43,6 +43,12 @@ #include <sched.h> #endif +/* In GNU libc 2.11, <sys/mount.h> does not define `MS_PRIVATE', but + <linux/fs.h> does. */ +#if !defined MS_PRIVATE && defined HAVE_LINUX_FS_H +#include <linux/fs.h> +#endif + #define CHROOT_ENABLED HAVE_CHROOT && HAVE_UNSHARE && HAVE_SYS_MOUNT_H && defined(MS_BIND) && defined(MS_PRIVATE) && defined(CLONE_NEWNS) #if CHROOT_ENABLED @@ -2281,7 +2287,7 @@ void DerivationGoal::computeClosure() } /* Get rid of all weird permissions. */ - canonicalisePathMetaData(path); + canonicalisePathMetaData(path, buildUser.enabled() ? buildUser.getUID() : -1); /* For this output path, find the references to other paths contained in it. Compute the SHA-256 NAR hash at the same @@ -2343,13 +2349,15 @@ Path DerivationGoal::openLogFile() { if (!settings.keepLog) return ""; + string baseName = baseNameOf(drvPath); + /* Create a log file. */ - Path dir = (format("%1%/%2%") % settings.nixLogDir % drvsLogDir).str(); + Path dir = (format("%1%/%2%/%3%/") % settings.nixLogDir % drvsLogDir % string(baseName, 0, 2)).str(); createDirs(dir); if (settings.compressLog) { - Path logFileName = (format("%1%/%2%.bz2") % dir % baseNameOf(drvPath)).str(); + Path logFileName = (format("%1%/%2%.bz2") % dir % string(baseName, 2)).str(); AutoCloseFD fd = open(logFileName.c_str(), O_CREAT | O_WRONLY | O_TRUNC, 0666); if (fd == -1) throw SysError(format("creating log file `%1%'") % logFileName); closeOnExec(fd); @@ -2364,7 +2372,7 @@ Path DerivationGoal::openLogFile() return logFileName; } else { - Path logFileName = (format("%1%/%2%") % dir % baseNameOf(drvPath)).str(); + Path logFileName = (format("%1%/%2%") % dir % string(baseName, 2)).str(); fdLogFile = open(logFileName.c_str(), O_CREAT | O_WRONLY | O_TRUNC, 0666); if (fdLogFile == -1) throw SysError(format("creating log file `%1%'") % logFileName); closeOnExec(fdLogFile); @@ -2831,7 +2839,7 @@ void SubstitutionGoal::finished() return; } - canonicalisePathMetaData(destPath); + canonicalisePathMetaData(destPath, -1); worker.store.optimisePath(destPath); // FIXME: combine with hashPath() diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index a6b1a35e7..113a7da15 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -659,7 +659,10 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) increase, since we hold locks on everything. So everything that is not reachable from `roots'. */ - if (state.shouldDelete) createDirs(state.trashDir); + if (state.shouldDelete) { + if (pathExists(state.trashDir)) deleteGarbage(state, state.trashDir); + createDirs(state.trashDir); + } /* Now either delete all garbage paths, or just the specified paths (for gcDeleteSpecific). */ diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 596d4774c..b5a2a20be 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -10,6 +10,14 @@ namespace nix { +/* The default location of the daemon socket, relative to nixStateDir. + The socket is in a directory to allow you to control access to the + Nix daemon by setting the mode/ownership of the directory + appropriately. (This wouldn't work on the socket itself since it + must be deleted and recreated on startup.) */ +#define DEFAULT_SOCKET_PATH "/daemon-socket/socket" + + Settings settings; @@ -58,6 +66,7 @@ void Settings::processEnvironment() nixConfDir = canonPath(getEnv("NIX_CONF_DIR", NIX_CONF_DIR)); nixLibexecDir = canonPath(getEnv("NIX_LIBEXEC_DIR", NIX_LIBEXEC_DIR)); nixBinDir = canonPath(getEnv("NIX_BIN_DIR", NIX_BIN_DIR)); + nixDaemonSocketFile = canonPath(nixStateDir + DEFAULT_SOCKET_PATH); string subs = getEnv("NIX_SUBSTITUTERS", "default"); if (subs == "default") { diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index be287698c..f129d9a11 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -50,6 +50,9 @@ struct Settings { /* The directory where the main programs are stored. */ Path nixBinDir; + /* File name of the socket the daemon listens to. */ + Path nixDaemonSocketFile; + /* Whether to keep temporary directories of failed builds. */ bool keepFailed; diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 333feb2a5..4b8203efe 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -47,7 +47,11 @@ static void throwSQLiteError(sqlite3 * db, const format & f) { int err = sqlite3_errcode(db); if (err == SQLITE_BUSY) { - printMsg(lvlError, "warning: SQLite database is busy"); + static bool warned = false; + if (!warned) { + printMsg(lvlError, "warning: SQLite database is busy"); + warned = true; + } /* Sleep for a while since retrying the transaction right away is likely to fail again. */ #if HAVE_NANOSLEEP @@ -461,36 +465,8 @@ void LocalStore::makeStoreWritable() const time_t mtimeStore = 1; /* 1 second into the epoch */ -void canonicalisePathMetaData(const Path & path, bool recurse) +static void canonicaliseTimestampAndPermissions(const Path & path, const struct stat & st) { - checkInterrupt(); - - struct stat st; - if (lstat(path.c_str(), &st)) - throw SysError(format("getting attributes of path `%1%'") % path); - - /* Really make sure that the path is of a supported type. This - has already been checked in dumpPath(). */ - assert(S_ISREG(st.st_mode) || S_ISDIR(st.st_mode) || S_ISLNK(st.st_mode)); - - /* Change ownership to the current uid. If it's a symlink, use - lchown if available, otherwise don't bother. Wrong ownership - of a symlink doesn't matter, since the owning user can't change - the symlink and can't delete it because the directory is not - writable. The only exception is top-level paths in the Nix - store (since that directory is group-writable for the Nix build - users group); we check for this case below. */ - if (st.st_uid != geteuid()) { -#if HAVE_LCHOWN - if (lchown(path.c_str(), geteuid(), (gid_t) -1) == -1) -#else - if (!S_ISLNK(st.st_mode) && - chown(path.c_str(), geteuid(), (gid_t) -1) == -1) -#endif - throw SysError(format("changing owner of `%1%' to %2%") - % path % geteuid()); - } - if (!S_ISLNK(st.st_mode)) { /* Mask out all type related bits. */ @@ -521,18 +497,84 @@ void canonicalisePathMetaData(const Path & path, bool recurse) #endif throw SysError(format("changing modification time of `%1%'") % path); } +} + + +void canonicaliseTimestampAndPermissions(const Path & path) +{ + struct stat st; + if (lstat(path.c_str(), &st)) + throw SysError(format("getting attributes of path `%1%'") % path); + canonicaliseTimestampAndPermissions(path, st); +} + + +typedef std::pair<dev_t, ino_t> Inode; +typedef set<Inode> InodesSeen; - if (recurse && S_ISDIR(st.st_mode)) { + +static void canonicalisePathMetaData_(const Path & path, uid_t fromUid, InodesSeen & inodesSeen) +{ + checkInterrupt(); + + struct stat st; + if (lstat(path.c_str(), &st)) + throw SysError(format("getting attributes of path `%1%'") % path); + + /* Really make sure that the path is of a supported type. This + has already been checked in dumpPath(). */ + assert(S_ISREG(st.st_mode) || S_ISDIR(st.st_mode) || S_ISLNK(st.st_mode)); + + /* Fail if the file is not owned by the build user. This prevents + us from messing up the ownership/permissions of files + hard-linked into the output (e.g. "ln /etc/shadow $out/foo"). + However, ignore files that we chown'ed ourselves previously to + ensure that we don't fail on hard links within the same build + (i.e. "touch $out/foo; ln $out/foo $out/bar"). */ + if (fromUid != (uid_t) -1 && st.st_uid != fromUid) { + assert(!S_ISDIR(st.st_mode)); + if (inodesSeen.find(Inode(st.st_dev, st.st_ino)) == inodesSeen.end()) + throw BuildError(format("invalid ownership on file `%1%'") % path); + mode_t mode = st.st_mode & ~S_IFMT; + assert(S_ISLNK(st.st_mode) || (st.st_uid == geteuid() && (mode == 0444 || mode == 0555) && st.st_mtime == mtimeStore)); + return; + } + + inodesSeen.insert(Inode(st.st_dev, st.st_ino)); + + canonicaliseTimestampAndPermissions(path, st); + + /* Change ownership to the current uid. If it's a symlink, use + lchown if available, otherwise don't bother. Wrong ownership + of a symlink doesn't matter, since the owning user can't change + the symlink and can't delete it because the directory is not + writable. The only exception is top-level paths in the Nix + store (since that directory is group-writable for the Nix build + users group); we check for this case below. */ + if (st.st_uid != geteuid()) { +#if HAVE_LCHOWN + if (lchown(path.c_str(), geteuid(), (gid_t) -1) == -1) +#else + if (!S_ISLNK(st.st_mode) && + chown(path.c_str(), geteuid(), (gid_t) -1) == -1) +#endif + throw SysError(format("changing owner of `%1%' to %2%") + % path % geteuid()); + } + + if (S_ISDIR(st.st_mode)) { Strings names = readDirectory(path); foreach (Strings::iterator, i, names) - canonicalisePathMetaData(path + "/" + *i, true); + canonicalisePathMetaData_(path + "/" + *i, fromUid, inodesSeen); } } -void canonicalisePathMetaData(const Path & path) +void canonicalisePathMetaData(const Path & path, uid_t fromUid) { - canonicalisePathMetaData(path, true); + InodesSeen inodesSeen; + + canonicalisePathMetaData_(path, fromUid, inodesSeen); /* On platforms that don't have lchown(), the top-level path can't be a symlink, since we can't change its ownership. */ @@ -1194,7 +1236,7 @@ Path LocalStore::addToStoreFromDump(const string & dump, const string & name, } else writeFile(dstPath, dump); - canonicalisePathMetaData(dstPath); + canonicalisePathMetaData(dstPath, -1); /* Register the SHA-256 hash of the NAR serialisation of the path in the database. We may just have computed it @@ -1259,7 +1301,7 @@ Path LocalStore::addTextToStore(const string & name, const string & s, writeFile(dstPath, s); - canonicalisePathMetaData(dstPath); + canonicalisePathMetaData(dstPath, -1); HashResult hash = hashPath(htSHA256, dstPath); @@ -1494,7 +1536,7 @@ Path LocalStore::importPath(bool requireSignature, Source & source) throw SysError(format("cannot move `%1%' to `%2%'") % unpacked % dstPath); - canonicalisePathMetaData(dstPath); + canonicalisePathMetaData(dstPath, -1); /* !!! if we were clever, we could prevent the hashPath() here. */ diff --git a/src/libstore/local-store.hh b/src/libstore/local-store.hh index 2b0d71380..14a826b3a 100644 --- a/src/libstore/local-store.hh +++ b/src/libstore/local-store.hh @@ -307,9 +307,9 @@ private: without execute permission; setuid bits etc. are cleared) - the owner and group are set to the Nix user and group, if we're in a setuid Nix installation. */ -void canonicalisePathMetaData(const Path & path); +void canonicalisePathMetaData(const Path & path, uid_t fromUid); -void canonicalisePathMetaData(const Path & path, bool recurse); +void canonicaliseTimestampAndPermissions(const Path & path); MakeError(PathInUse, Error); diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index e91c2b1ce..d833f3aa0 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -32,7 +32,7 @@ struct MakeReadOnly { try { /* This will make the path read-only. */ - if (path != "") canonicalisePathMetaData(path, false); + if (path != "") canonicaliseTimestampAndPermissions(path); } catch (...) { ignoreException(); } diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 0e62914c0..2b5a93213 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -91,7 +91,7 @@ void RemoteStore::connectToDaemon() throw SysError("cannot create Unix domain socket"); closeOnExec(fdSocket); - string socketPath = settings.nixStateDir + DEFAULT_SOCKET_PATH; + string socketPath = settings.nixDaemonSocketFile; /* Urgh, sockaddr_un allows path names of only 108 characters. So chdir to the socket directory so that we can pass a relative diff --git a/src/libstore/worker-protocol.hh b/src/libstore/worker-protocol.hh index 46035f457..07f825b92 100644 --- a/src/libstore/worker-protocol.hh +++ b/src/libstore/worker-protocol.hh @@ -53,14 +53,6 @@ typedef enum { #define STDERR_ERROR 0x63787470 -/* The default location of the daemon socket, relative to nixStateDir. - The socket is in a directory to allow you to control access to the - Nix daemon by setting the mode/ownership of the directory - appropriately. (This wouldn't work on the socket itself since it - must be deleted and recreated on startup.) */ -#define DEFAULT_SOCKET_PATH "/daemon-socket/socket" - - Path readStorePath(Source & from); template<class T> T readStorePaths(Source & from); diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc index 35e5c546e..9c6766557 100644 --- a/src/nix-daemon/nix-daemon.cc +++ b/src/nix-daemon/nix-daemon.cc @@ -774,7 +774,7 @@ static void daemonLoop() if (fdSocket == -1) throw SysError("cannot create Unix domain socket"); - string socketPath = settings.nixStateDir + DEFAULT_SOCKET_PATH; + string socketPath = settings.nixDaemonSocketFile; createDirs(dirOf(socketPath)); diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index af4f264a6..151ed97e4 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -238,12 +238,6 @@ static void printTree(const Path & path, PathSet references; store->queryReferences(path, references); -#if 0 - for (PathSet::iterator i = drv.inputSrcs.begin(); - i != drv.inputSrcs.end(); ++i) - cout << format("%1%%2%\n") % (tailPad + treeConn) % *i; -#endif - /* Topologically sort under the relation A < B iff A \in closure(B). That is, if derivation A is an (possibly indirect) input of B, then A is printed first. This has the effect of @@ -251,7 +245,7 @@ static void printTree(const Path & path, Paths sorted = topoSortPaths(*store, references); reverse(sorted.begin(), sorted.end()); - for (Paths::iterator i = sorted.begin(); i != sorted.end(); ++i) { + foreach (Paths::iterator, i, sorted) { Paths::iterator j = i; ++j; printTree(*i, tailPad + treeConn, j == sorted.end() ? tailPad + treeNull : tailPad + treeLine, @@ -293,7 +287,7 @@ static void opQuery(Strings opFlags, Strings opArgs) else if (*i == "--resolve") query = qResolve; else if (*i == "--roots") query = qRoots; else if (*i == "--use-output" || *i == "-u") useOutput = true; - else if (*i == "--force-realise" || *i == "-f") forceRealise = true; + else if (*i == "--force-realise" || *i == "--force-realize" || *i == "-f") forceRealise = true; else if (*i == "--include-outputs") includeOutputs = true; else throw UsageError(format("unknown flag `%1%'") % *i); @@ -460,35 +454,42 @@ static void opReadLog(Strings opFlags, Strings opArgs) foreach (Strings::iterator, i, opArgs) { Path path = useDeriver(followLinksToStorePath(*i)); - Path logPath = (format("%1%/%2%/%3%") % - settings.nixLogDir % drvsLogDir % baseNameOf(path)).str(); - Path logBz2Path = logPath + ".bz2"; - - if (pathExists(logPath)) { - /* !!! Make this run in O(1) memory. */ - string log = readFile(logPath); - writeFull(STDOUT_FILENO, (const unsigned char *) log.data(), log.size()); - } + for (int j = 0; j <= 2; j++) { + if (j == 2) throw Error(format("build log of derivation `%1%' is not available") % path); + + string baseName = baseNameOf(path); + Path logPath = + j == 0 + ? (format("%1%/%2%/%3%/%4%") % settings.nixLogDir % drvsLogDir % string(baseName, 0, 2) % string(baseName, 2)).str() + : (format("%1%/%2%/%3%") % settings.nixLogDir % drvsLogDir % baseName).str(); + Path logBz2Path = logPath + ".bz2"; + + if (pathExists(logPath)) { + /* !!! Make this run in O(1) memory. */ + string log = readFile(logPath); + writeFull(STDOUT_FILENO, (const unsigned char *) log.data(), log.size()); + break; + } - else if (pathExists(logBz2Path)) { - AutoCloseFD fd = open(logBz2Path.c_str(), O_RDONLY); - FILE * f = 0; - if (fd == -1 || (f = fdopen(fd.borrow(), "r")) == 0) - throw SysError(format("opening file `%1%'") % logBz2Path); - int err; - BZFILE * bz = BZ2_bzReadOpen(&err, f, 0, 0, 0, 0); - if (!bz) throw Error(format("cannot open bzip2 file `%1%'") % logBz2Path); - unsigned char buf[128 * 1024]; - do { - int n = BZ2_bzRead(&err, bz, buf, sizeof(buf)); - if (err != BZ_OK && err != BZ_STREAM_END) - throw Error(format("error reading bzip2 file `%1%'") % logBz2Path); - writeFull(STDOUT_FILENO, buf, n); - } while (err != BZ_STREAM_END); - BZ2_bzReadClose(&err, bz); + else if (pathExists(logBz2Path)) { + AutoCloseFD fd = open(logBz2Path.c_str(), O_RDONLY); + FILE * f = 0; + if (fd == -1 || (f = fdopen(fd.borrow(), "r")) == 0) + throw SysError(format("opening file `%1%'") % logBz2Path); + int err; + BZFILE * bz = BZ2_bzReadOpen(&err, f, 0, 0, 0, 0); + if (!bz) throw Error(format("cannot open bzip2 file `%1%'") % logBz2Path); + unsigned char buf[128 * 1024]; + do { + int n = BZ2_bzRead(&err, bz, buf, sizeof(buf)); + if (err != BZ_OK && err != BZ_STREAM_END) + throw Error(format("error reading bzip2 file `%1%'") % logBz2Path); + writeFull(STDOUT_FILENO, buf, n); + } while (err != BZ_STREAM_END); + BZ2_bzReadClose(&err, bz); + break; + } } - - else throw Error(format("build log of derivation `%1%' is not available") % path); } } @@ -514,7 +515,7 @@ static void registerValidity(bool reregister, bool hashGiven, bool canonicalise) if (!store->isValidPath(info.path) || reregister) { /* !!! races */ if (canonicalise) - canonicalisePathMetaData(info.path); + canonicalisePathMetaData(info.path, -1); if (!hashGiven) { HashResult hash = hashPath(htSHA256, info.path); info.hash = hash.first; @@ -842,7 +843,7 @@ void run(Strings args) Operation oldOp = op; - if (arg == "--realise" || arg == "-r") + if (arg == "--realise" || arg == "--realize" || arg == "-r") op = opRealise; else if (arg == "--add" || arg == "-A") op = opAdd; @@ -884,7 +885,7 @@ void run(Strings args) op = opVerifyPath; else if (arg == "--repair-path") op = opRepairPath; - else if (arg == "--optimise") + else if (arg == "--optimise" || arg == "--optimize") op = opOptimise; else if (arg == "--query-failed-paths") op = opQueryFailedPaths; diff --git a/substitute.mk b/substitute.mk index 967ad257b..940b1206b 100644 --- a/substitute.mk +++ b/substitute.mk @@ -37,6 +37,3 @@ -e "s^@testPath\@^$(coreutils):$$(dirname $$(type -p expr))^g" \ < $< > $@ || rm $@ if test -x $<; then chmod +x $@; fi - -$(CONFIG_HEADER): - true diff --git a/tests/nix-copy-closure.nix b/tests/nix-copy-closure.nix index db6103b9c..ca09dffac 100644 --- a/tests/nix-copy-closure.nix +++ b/tests/nix-copy-closure.nix @@ -13,14 +13,14 @@ makeTest ({ pkgs, ... }: let pkgA = pkgs.aterm; pkgB = pkgs.wget; in { virtualisation.pathsInNixDB = [ pkgA ]; environment.nix = nix; }; - + server = { config, pkgs, ... }: { services.openssh.enable = true; virtualisation.writableStore = true; virtualisation.pathsInNixDB = [ pkgB ]; environment.nix = nix; - }; + }; }; testScript = { nodes }: @@ -36,8 +36,8 @@ makeTest ({ pkgs, ... }: let pkgA = pkgs.aterm; pkgB = pkgs.wget; in { # Install the SSH key on the server. $server->succeed("mkdir -m 700 /root/.ssh"); $server->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); - $server->waitForJob("sshd"); - $client->waitForJob("network-interfaces"); + $server->waitForUnit("sshd"); + $client->waitForUnit("network.target"); $client->succeed("ssh -o StrictHostKeyChecking=no " . $server->name() . " 'echo hello world'"); # Copy the closure of package A from the client to the server. diff --git a/tests/remote-builds.nix b/tests/remote-builds.nix index b0d2547c6..6d38fb568 100644 --- a/tests/remote-builds.nix +++ b/tests/remote-builds.nix @@ -72,11 +72,11 @@ in $client->succeed("chmod 600 /root/.ssh/id_dsa"); # Install the SSH key on the slaves. - $client->waitForJob("network-interfaces"); + $client->waitForUnit("network.target"); foreach my $slave ($slave1, $slave2) { $slave->succeed("mkdir -m 700 /root/.ssh"); $slave->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); - $slave->waitForJob("sshd"); + $slave->waitForUnit("sshd"); $client->succeed("ssh -o StrictHostKeyChecking=no " . $slave->name() . " 'echo hello world'"); } @@ -1 +1 @@ -1.3
\ No newline at end of file +1.5.1
\ No newline at end of file |