aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-04-25gc: Find roots using libproc on DarwinArtemis Tosini
Previously, the garbage collector found runtime roots on Darwin by shelling out to `lsof -n -w -F n` then parsing the result. However, this requires an lsof binary and can be extremely slow. The official Apple lsof returns in a reasonable amount of time, about 250ms in my tests, but the lsof packaged in nixpkgs is quite slow, taking about 40 seconds to run the command. Using libproc directly is about the same speed as Apple lsof, and allows us to reënable several tests that were disabled on Darwin. Change-Id: Ifa0adda7984e13c15535693baba835aae79a3577
2024-04-25filetransfer: drop errorSinkeldritch horrors
just accumulate error data into result.data as we would for successful transfers without a dataCallback. errorSink and data would contain the same data in error cases anyway, so splitting them is not very useful. Change-Id: I00e449866454389ac6a564ab411c903fd357dabf
2024-04-25filetransfer: restore http status line reportingeldritch horrors
this was broken in 75b62e52600a44b42693944b50638bf580a2c86e. Change-Id: If8583e802afbcde822623036bf41a9708fbc7c8d
2024-04-25filetransfer: remove decompress request parametereldritch horrors
this is never read. Change-Id: I4c46f140519843a21e452958900e81edd2f78be2
2024-04-24Merge "libstore: Create platform LocalStore subclasses" into mainArtemis Tosini
2024-04-23meson: remove unnecessary parts of cross fileQyriad
Meson cross files layer, the last value of each key takes effect. https: //mesonbuild.com/Machine-files.html#loading-multiple-machine-files Change-Id: I22d886f71cd51f0ce520d3fc22aed4bcf074bb91
2024-04-23libstore: Create platform LocalStore subclassesArtemis Tosini
This creates new subclasses of LocalStore for each OS to include platform-specific functionality. Currently this just includes garbage collector roots but it could be extended to sandboxing as well. In order to make sure that the generic LocalStore is not accidentally constructed, its constructor is protected. A Fallback is provided which implements no functionality except constructors. Change-Id: I836a28e90b68309873f75afb83e0f1b2e2c89fb3
2024-04-23Merge changes Ia3e7b1e6,If09be814 into mainQyriad
* changes: meson: flip the switch!! meson: fix cross compilation
2024-04-22meson: flip the switch!!Qyriad
This commit makes Meson the default buildsystem for Lix. The Make buildsystem is now deprecated and will be removed soon, but has not yet, which will be done in a later commit when all seems good. The mesonBuild jobs have been removed, and have not been replaced with equivalent jobs to ensure the Make buildsystem still works. The full, new commands in a development shell are: $ meson setup ./build "--prefix=$out" $mesonFlags (A simple `meson setup ./build` will also build, but will do a different thing, not having the settings from package.nix applied.) $ meson compile -C build $ meson test -C build --suite=check $ meson install -C build $ meson test -C build --suite=installcheck (Check and installcheck may both be done after install, allowing you to omit the --suite argument entirely, but this is the order package.nix runs them in.) If tests fail and Meson helpfully has no output for why, use the `--print-error-logs` option to `meson test`. Why this is not the default I cannot explain. If you change a setting in the buildsystem, most cases will automatically regenerate the Meson configuration, but some cases, like trying to build a specific target whose name is new to the buildsystem (e.g. `meson compile -C build src/libmelt/libmelt.dylib`, when `libmelt.dylib` did not exist as a target the last time the buildsystem was generated), then you can reconfigure using new settings but existing options, and only recompiling stuff affected by the changes: $ meson setup --reconfigure build Note that changes to the default values in `meson.options` or in the `default_options :` argument to project() are NOT propagated with `--reconfigure`. If you want a totally clean build, you can use: $ meson setup --wipe build That will work regardless of if `./build` exists or not. Specific, named targets may be addressed in `meson build -C build <target>` with the "target ID" if there is one, which is the first string argument passed to target functions that have one, and unrelated to the variable name, e.g.: libexpr_dylib = library('nixexpr', …) can be addressed with: $ meson compile -C build nixexpr All targets may be addressed as their output, relative to the build directory, e.g.: $ meson compile -C build src/libexpr/libnixexpr.so But Meson does not consider intermediate files like object files targets. To build a specific object file, use Ninja directly and specify the output file relative to the build directory: $ ninja -C build src/libexpr/libnixexpr.so.p/nixexpr.cc.o To inspect the canonical source of truth on what the state of the buildsystem configuration is, use: $ meson introspect Have fun! Change-Id: Ia3e7b1e6fae26daf3162e655b4ded611a5cd57ad
2024-04-22meson: fix cross compilationQyriad
This should fix cross compilation in the base case, but this is difficult to test as cross compilation is broken in many different places right now. This should bring Meson back up to cross parity with the Make buildsystem though. Change-Id: If09be8142d1fc975a82b994143ff35be1297dad8
2024-04-23libstore: use curl functions for reading headerseldritch horrors
don't reimplement header parsing. this was only really needed due to the ancient github bug we no longer care about, everything else we have done in custom code can also be done using curl itself. doing this also fixes possible sources of header smuggling (because the header function didn't unfold headers and we'd trim them before parsing, which would've made us read contents of one header as a fully formed header in itself). this is a slight behavior change because we now honor only the first instance of a given header where previous behavior was to honor either the last or a combination of all of them (accept-ranges was logical-or'd by accident). Change-Id: I93cb93ddb91ab98c8991f846014926f6ef039fdb
2024-04-23libstore: remove github etag workaroundeldritch horrors
this was a workaround for a *github* bug that happend *in 2015*. not only is github no longer buggy, it shouldn't have been nix's responsibility to work around these bugs like this to begin with while we're at it we'll also remove another workaround—again for github specifically and again for etag handling—from 2021 that's also not needed any more. future workarounds for serverside bugs should probably come with an expiration date that mutates into a build warning after a while, otherwise this *will* happen again. Change-Id: I74f739ae3e36d40350f78bebcb5869aa8cc9adcd
2024-04-22tests: add error messages to the asserts in tarball flakes testQyriad
In hopes of avoiding opaque error messages like the one in https://buildbot.lix.systems/#/builders/49/builds/1054/steps/1/logs/stdio Traceback (most recent call last): File "/nix/store/wj6wh89jhd2492r781qsr09r9wydfs6m-nixos-test-driver-1.1/bin/.nixos-test-driver-wrapped", line 9, in <module> sys.exit(main()) ^^^^^^ File "/nix/store/wj6wh89jhd2492r781qsr09r9wydfs6m-nixos-test-driver-1.1/lib/python3.11/site-packages/test_driver/__init__.py", line 126, in main driver.run_tests() File "/nix/store/wj6wh89jhd2492r781qsr09r9wydfs6m-nixos-test-driver-1.1/lib/python3.11/site-packages/test_driver/driver.py", line 159, in run_tests self.test_script() File "/nix/store/wj6wh89jhd2492r781qsr09r9wydfs6m-nixos-test-driver-1.1/lib/python3.11/site-packages/test_driver/driver.py", line 151, in test_script exec(self.tests, symbols, None) File "<string>", line 13, in <module> AssertionError Change-Id: Idd2212a1c3714ce58c7c3a9f34c2ca4313eb6d55
2024-04-22libstore: use curl_multi_{poll,wakeup}eldritch horrors
the previous solution to the wakeup problem (adding a pipe and passing it as an additional fd to curl_multi_wait) worked, but there have been builtin alternatives for this since 2020. not only do these save code, they're also a lot more likely to work natively on windows when needed Change-Id: Iab751b900997110a8d15de45ea3ab0c42f7e5973
2024-04-22libstore: remove ancient libcurl feature checkseldritch horrors
the oldest version checked for here is 7.47, which was released in 2016. it's probably safe to say that we do not need these any more Change-Id: I003411f6b2ce6d56f7ca337390df3ea86bd59a99
2024-04-21Merge "Fix exportReferencesGraph when given store subpath" into mainPuck Meerburg
2024-04-21remove extraneous cache entry from github fetcherPuck Meerburg
This isn't necessary, as it's already covered by the tarball fetcher's cache. Change-Id: I85e35f5a61594f27b8f30d82145f92c5d6559e1f
2024-04-21Fix exportReferencesGraph when given store subpathAlyssa Ross
With Nix 2.3, it was possible to pass a subpath of a store path to exportReferencesGraph: with import <nixpkgs> {}; let hello = writeShellScriptBin "hello" '' echo ${toString builtins.currentTime} ''; in writeClosure [ "${hello}/bin/hello" ] This regressed with Nix 2.4, with a very confusing error message, that presumably indicates it was unintentional: error: path '/nix/store/3gl7kgjr4pwf03f0x70dgx9ln3bhl7zc-hello/bin/hello' is not in the Nix store (cherry picked from commit 0774e8ba33c060f56bad3ff696796028249e915a) Change-Id: I00920fb33077b831a1bb4a1b68d515ba8c3c2a69
2024-04-18meson: correctly embed sandbox shell when askedQyriad
Change-Id: I2f6c0d42245204a516d2e424eea26a6391e975ad
2024-04-18tests: unhaunt the flakes nixos testseldritch horrors
these should really wait for networks to come up, otherwise they can fail. fixes #235 Change-Id: I08989e8bdb0de280df74660ac43983de5c34fa9d
2024-04-18meson: embed source paths as relative to the source root and avoid ../srcQyriad
Change-Id: Ifab83cb7a3bfde717a4d6032ede8be75dc61f2b1
2024-04-18meson: correctly set -DSANDBOX_SHELL if we have itQyriad
The statically embedded busybox is not required for Lix to work, but package.nix explicitly sets this, which was accidentally being ignored. Change-Id: Ieeff830ac7d1f5fabe84d1a6cfd82f13d79035bf
2024-04-17Merge "build internal API docs with Meson" into mainQyriad
2024-04-16Merge "libstore/build: set NO_NEW_PRIVS for the sandbox" into mainIlya K
2024-04-15build internal API docs with MesonQyriad
This commit adds the capability for building the Doxygen internal API docs in the Meson buildsystem, and also makes doing so the default for the internal-api-docs hydra job. Aside from the /nix-support directory, which differed only by the hash part of a store path, the outputs of hydraJobs.internal-api-docs before and after this commit were bit-for-bit identical on my machine. Change-Id: I98f0017891c25b06866c15f7652fe74f706ec8e1
2024-04-15fix probable format bug in DerivationGoal::buildDoneQyriad
Either the contents of `line` could cause format errors, or this usage is Technically safe. However, I trust nothing, especially with boost::format. Change-Id: I07933b20bde3b305a6e5d61c2a7bab6ecb042ad9
2024-04-15abort with a descriptive message on bad HintFmt usageQyriad
Change-Id: Ic2f05572042343a8160fd971394372f5f2706fc4
2024-04-15libstore/build: set NO_NEW_PRIVS for the sandboxK900
Change-Id: I711f64e2b68495ed9c85c1a4bd5025405805e43a
2024-04-14don't throw an exception for the trivial case of isStorePath()...Qyriad
Previously if isStorePath() was called on anything other than a top-level /nix/store/some-path, it would throw a BadStorePath exception. This commit duplicates the absolutely trivial check, into maybeParseStorePath(), and leaves exception throwing to parseStorePath(), the function that assumes you're already giving a valid path instead of the one whose purpose is to check if its valid or not... Change-Id: I8dda548f0f88d14ca8c3ee927d64e0ec0681fc7b
2024-04-14Merge "don't boost::to_few_args when an eval cached string type errors" into ↵Qyriad
main
2024-04-13Merge "libstore/build: just copy the magic /etc files into the sandbox" into ↵Ilya K
main
2024-04-13libstore/build: just copy the magic /etc files into the sandboxK900
Saves us a bunch of thinking about how to handle symlinks, and prevents the DNS config from changing on the fly under the build, which may or may not be a good thing? Change-Id: I071e6ae7e220884690b788d94f480866f428db71
2024-04-12Merge changes I60d8e6f7,Ic635687b into mainQyriad
* changes: binary tarball: include cacert in root paths flake: factor out binary tarball into its own file
2024-04-12binary tarball: include cacert in root pathsQyriad
93cc06334 removed nss-cacert from the binary tarball, but they're necessary for global compatibility (and for our installer). This is what results in cacerts being in the default profile, so e.g. the daemon has TLS certs without having to use the system ones. There's a fallback behavior in the daemon script in case these wind up missing from the profile, but we don't want to have to rely on that, since the fallback fails if it doesn't recognize one of a handful of distros. Change-Id: I60d8e6f734469548e80d5f38113ef168f67cbf7d
2024-04-12flake: factor out binary tarball into its own fileQyriad
Bit-for-bit identical, and this one is callPackage-able Change-Id: Ic635687b0054e107271a9c24ae69101f5e0fba9e
2024-04-11Merge "Merge pull request #10456 from NixOS/fixpermdeniedbind" into mainIlya K
2024-04-11Merge changes Iedf46484,I76b51eac,I6a084827,I60193f9f into maineldritch horrors
* changes: meson: fix log-dir manual: build docs with dummy envs libcmd: install generated headers as well docs: redo content generation for mdbook and manual
2024-04-11Merge "Merge pull request #10362 from obsidiansystems/maybeLstat" into mainIlya K
2024-04-11meson: fix log-direldritch horrors
the make build system sets this with an extra /nix segment. Change-Id: Iedf464843196faeae5b59698837faca3a4f23586
2024-04-11manual: build docs with dummy envseldritch horrors
this was previously used because the macOS docs build would otherwise pull files out of the host nix store. or something. not sure about it Change-Id: I76b51eac1ebc5de5f00e2e4be086dd8db3eeb8e6
2024-04-11libcmd: install generated headers as welleldritch horrors
these seem to have been forgotten. Change-Id: I6a084827d087f8098c19b62f2060a874d87202a1
2024-04-11docs: redo content generation for mdbook and manualeldritch horrors
manpages can be rendered using the markdown output of mdbook, the rest of the manual can generated out of the main doc/manual source tree. we still use lowdown to actually render manpages instead of eg mdbook-man because lowdown does generate reasonably good manpages (though that is also somewhat debatable, but they're a lot better than mdbook-man). doing this not only lets us drastically simplify the lowdown pipeline, but also remove all custom {{#include}} handling since now mdbook does all of it, even for the manpage builds. even the lowdown wrapper isn't entirely necessary because lowdown can take all wrapper arguments with command line flags rather than bits of input file content. This also implements running mdbook in Meson, in order to generate the manpages. The mdbook outputs are also installed in the usual location. Co-authored-by: Qyriad <qyriad@qyriad.me> Change-Id: I60193f9fd0f15d48872f071af35855cda2a0f40b
2024-04-11Merge pull request #10456 from NixOS/fixpermdeniedbindThéophane Hufschmitt
Fix adding symlink to the sandbox paths (cherry-picked from commit da1e977bf48cff2a635034c85e7c13878e38efc2) Change-Id: I221c85a38180800ec6552d2e86a88df48398fad8
2024-04-11Merge pull request #10362 from obsidiansystems/maybeLstatJohn Ericson
Factor out `nix::maybeLstat` (cherry-picked from commit 9b88e5284608116b7db0dbd3d5dd7a33b90d52d7) Change-Id: Id890525e847c890fad6593c594772826ac4d1d50
2024-04-11libstore: fix glossary link in documentationeldritch horrors
this should be a link, not an anchor. it should also point to the `gloss-store` element, not the `#gloss-store` element. Change-Id: I1f2803093179549637e10f917ad73399a419131b
2024-04-10don't boost::to_few_args when an eval cached string type errorsQyriad
Change-Id: Id3cb762622e156ceaf9d5bb95c2c704ffe474d0e
2024-04-10Merge "Print top-level errors normally in `nix repl`" into mainrebecca “wiggles” turner
2024-04-10Merge "docs: generalize manpage generation script as json-to-tree.py" into mainQyriad
2024-04-10docs: generalize manpage generation script as json-to-tree.pyQyriad
This should be capable of replacing every invocation of nix eval --write-to. Change-Id: I60387bc9b0fc54a91244eddb639beaa64d705878
2024-04-09Print top-level errors normally in `nix repl`Rebecca Turner
Previously, errors while printing values in `nix repl` would be printed in `«error: ...»` brackets rather than displayed normally: ``` nix-repl> legacyPackages.aarch64-darwin.pythonPackages.APScheduler «error: Package ‘python-2.7.18.7’ in /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/cpython/2.7/default.nix:335 is marked as insecure, refusing to evaluate.» ``` Now, errors will be displayed normally if they're emitted at the top-level of an expression: ``` nix-repl> legacyPackages.aarch64-darwin.pythonPackages.APScheduler error: … in the condition of the assert statement at /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/lib/customisation.nix:268:17: 267| in commonAttrs // { 268| drvPath = assert condition; drv.drvPath; | ^ 269| outPath = assert condition; drv.outPath; … in the left operand of the OR (||) operator at /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/passthrufun.nix:28:45: 27| if lib.isDerivation value then 28| lib.extendDerivation (valid value || throw "${name} should use `buildPythonPackage` or `toPythonModule` if it is to be part of the Python packages set.") {} value | ^ 29| else (stack trace truncated; use '--show-trace' to show the full trace) error: Package ‘python-2.7.18.7’ in /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/cpython/2.7/default.nix:335 is marked as insecure, refusing to evaluate. ``` Errors emitted in nested structures (like e.g. when printing `nixpkgs`) will still be printed in brackets. Change-Id: I25aeddf08c017582718cb9772a677bf51b9fc2ad