Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-11-28 | Add a setting for enabling cgroups | Eelco Dolstra | |
2022-11-28 | Check that auto-allocated UIDs don't clash with existing accounts | Eelco Dolstra | |
2022-11-27 | Fix evaluation | Eelco Dolstra | |
2022-11-27 | Add tests for auto-uid-allocation, uid-range and cgroups | Eelco Dolstra | |
2022-11-23 | Include UID in hex | Eelco Dolstra | |
2022-11-23 | Add release notes | Eelco Dolstra | |
2022-11-23 | Merge remote-tracking branch 'origin/master' into auto-uid-allocation | Eelco Dolstra | |
2022-11-22 | Merge pull request #7328 from edolstra/nix-build-stats | Eelco Dolstra | |
nix build --json: Include build statistics | |||
2022-11-22 | Merge pull request #7333 from fricklerhandwerk/language-overview | Eelco Dolstra | |
fix error in language overview | |||
2022-11-22 | fix error in language overview | Valentin Gagarin | |
it is not possible to antiquote numbers. | |||
2022-11-22 | SimpleUserLock::getSupplementaryGIDs(): Filter out main gid | Eelco Dolstra | |
This avoids having the user's gid in the supplementary group list as well. | |||
2022-11-22 | Always call setgroups() | Eelco Dolstra | |
We shouldn't skip this if the supplementary group list is empty, because then the sandbox won't drop the supplementary groups of the parent (like "root"). | |||
2022-11-21 | Merge pull request #6456 from amjoseph-nixpkgs/seccomp-mips | Eelco Dolstra | |
local-derivation-goal.cc: enable seccomp filters for mips{32,64} | |||
2022-11-21 | Use hex for startId | Eelco Dolstra | |
Co-authored-by: Linus Heckemann <git@sphalerite.org> | |||
2022-11-21 | AutoUserLock: If sandboxing is disabled, use the build users group | Eelco Dolstra | |
We have to use a gid that has write access to the Nix store. | |||
2022-11-21 | nix build --json: Include build statistics | Eelco Dolstra | |
Example: # nix build -L --extra-experimental-features cgroups --impure --expr 'with import <nixpkgs> {}; runCommand "foo" {} "dd if=/dev/urandom bs=1M count=1024 | md5sum; mkdir $out"' --json [ { "cpuSystem": 1.911431, "cpuUser": 1.214249, "drvPath": "/nix/store/xzdqz67xba18hljhycp0hwfigzrs2z69-foo.drv", "outputs": { "out": "/nix/store/rh9mc9l2gkpq8kn2sgzndr6ll7ffjh6l-foo" }, "startTime": 1669024076, "stopTime": 1669024079 } ] | |||
2022-11-21 | Rename derivedPathsWithHintsToJSON -> builtPathsToJSON | Eelco Dolstra | |
2022-11-21 | Fix macOS build | Eelco Dolstra | |
2022-11-21 | Merge remote-tracking branch 'origin/master' into auto-uid-allocation | Eelco Dolstra | |
2022-11-21 | Fix indentation | Eelco Dolstra | |
2022-11-21 | nix build --json: Include build statistics | Eelco Dolstra | |
Example: # nix build -L --extra-experimental-features cgroups --impure --expr 'with import <nixpkgs> {}; runCommand "foo" {} "dd if=/dev/urandom bs=1M count=1024 | md5sum; mkdir $out"' --json [ { "cpuSystem": 1.911431, "cpuUser": 1.214249, "drvPath": "/nix/store/xzdqz67xba18hljhycp0hwfigzrs2z69-foo.drv", "outputs": { "out": "/nix/store/rh9mc9l2gkpq8kn2sgzndr6ll7ffjh6l-foo" }, "startTime": 1669024076, "stopTime": 1669024079 } ] | |||
2022-11-21 | Rename derivedPathsWithHintsToJSON -> builtPathsToJSON | Eelco Dolstra | |
2022-11-18 | Use cgroup.kill to quickly kill cgroups | Eelco Dolstra | |
2022-11-18 | Get CPU stats from the cgroup | Eelco Dolstra | |
2022-11-18 | Indentation | Eelco Dolstra | |
2022-11-18 | Separate cgroup support from auto-uid-allocation | Eelco Dolstra | |
The new experimental feature 'cgroups' enables the use of cgroups for all builds. This allows better containment and enables setting resource limits and getting some build stats. | |||
2022-11-18 | createTempDir(): Use std::atomic | Eelco Dolstra | |
2022-11-17 | Fix segfault in unprivileged mode | Eelco Dolstra | |
2022-11-16 | Merge pull request #7134 from yorickvP/disable-dbg-on-complete | Théophane Hufschmitt | |
Temporarily disable the debugger during completion evaluation | |||
2022-11-16 | Swallow the error in a more idiomatic way | Théophane Hufschmitt | |
2022-11-15 | Merge pull request #7294 from tobim/support-aws-sdk-1.10 | Théophane Hufschmitt | |
libstore: link to aws-crt-cpp | |||
2022-11-15 | Merge pull request #7283 from hercules-ci/issue-6572 | Théophane Hufschmitt | |
Fix #6572 `requires non-existent output` | |||
2022-11-15 | Merge pull request #7260 from ncfavier/readFile-scan-references | Théophane Hufschmitt | |
Restrict `readFile` context to references that appear in the string | |||
2022-11-14 | tests: Reproduce #6572 | Robert Hensing | |
2022-11-14 | derivation-goal: Fix `requires non-existing output` error | Robert Hensing | |
It occurred when a output of the dependency was already available, so it didn't need rebuilding and didn't get added to the inputDrvOutputs. This process-related info wasn't suitable for the purpose of finding the actual input paths for the builder. It is better to do this in absolute terms by querying the store. | |||
2022-11-14 | Test that the result of `readFile` gets ref-scanned | Théophane Hufschmitt | |
2022-11-14 | Merge pull request #7295 from Et7f3/pkg-config-lowdown | Eelco Dolstra | |
build: use pkg-config for lowdown | |||
2022-11-14 | Add release-notes for the context-restriction in readFile | Théophane Hufschmitt | |
2022-11-14 | Merge remote-tracking branch 'nixos/master' into readFile-scan-references | Théophane Hufschmitt | |
2022-11-12 | build: use pkg-config for lowdown | Et7f3 | |
2022-11-12 | libstore: link to aws-crt-cpp | Tobias Mayer | |
This change is needed to support aws-sdk-cpp 1.10 and newer. I opted not to make this dependent on the sdk version because the crt dependency has been in the interface of the older sdk as well, and it was only coincidence that libstore didn't make use of any privately defined symbols directly. | |||
2022-11-11 | Merge pull request #7279 from fricklerhandwerk/uninstall | Théophane Hufschmitt | |
add removing users to uninstall instructions | |||
2022-11-11 | remove stray comma | Valentin Gagarin | |
2022-11-11 | Merge pull request #7229 from Mic92/ci | Valentin Gagarin | |
Auto-assign reviewers by file | |||
2022-11-11 | Restrict `readFile` context to references that appear in the string | Naïm Favier | |
When calling `builtins.readFile` on a store path, the references of that path are currently added to the resulting string's context. This change makes those references the *possible* context of the string, but filters them to keep only the references whose hash actually appears in the string, similarly to what is done for determining the runtime references of a path. | |||
2022-11-10 | Merge pull request #7258 from ncfavier/fix-eval-error-fmt | Théophane Hufschmitt | |
Fix printing of eval errors with two format placeholders | |||
2022-11-10 | Remove the SystemdCgroup feature | Eelco Dolstra | |
2022-11-09 | Merge pull request #7006 from fricklerhandwerk/redirects | Théophane Hufschmitt | |
manual: generalize anchor redirects | |||
2022-11-09 | add removing users to uninstall instructions | Valentin Gagarin | |
2022-11-09 | Merge pull request #6906 from fricklerhandwerk/language-overview | Valentin Gagarin | |
add syntax overview from NixOS manual |