aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
AgeCommit message (Collapse)Author
2016-12-19Revert "Merge branch 'seccomp' of https://github.com/aszlig/nix"Eelco Dolstra
This reverts commit 9f3f2e21edb17dbcd674539dff96efb6cceca10c, reversing changes made to 47f587700d646f5b03a42f2fa57c28875a31efbe.
2016-12-15Merge branch 'seccomp' of https://github.com/aszlig/nixEelco Dolstra
2016-12-08Drop unused dblatex referenceEelco Dolstra
2016-12-06Drop unused WWW::Curl dependencyEelco Dolstra
2016-11-16Add build dependency for libseccompaszlig
We're going to use libseccomp instead of creating the raw BPF program, because we have different syscall numbers on different architectures. Although our initial seccomp rules will be quite small it really doesn't make sense to generate the raw BPF program because we need to duplicate it and/or make branches on every single architecture we want to suuport. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-20Add a new option to disable documentation generation at configure timeAdrien Devresse
2016-08-13remove otool checkJude Taylor
2016-06-09Use O_CLOEXEC in most placesEelco Dolstra
2016-05-30fix tarball jobDomen Kožar
2016-05-04Make the aws-cpp-sdk dependency optionalEelco Dolstra
2016-05-04Remove obsolete err.h checkEelco Dolstra
2016-05-04Remove OpenSSL-based signingEelco Dolstra
2016-03-11Handle ARM triples without an endianness suffixNathan Zadoks
Alpine seems to use this, and it results in a wrong builtins.currentSystem. Big-endian ARM systems have triples starting with armv6eb- or armv7eb-, so this doesn't change any systems that already worked.
2016-03-03configure.ac: strip -musl in the same way as -gnuNathan Zadoks
2016-01-12Revert "Do not override environment CFLAGS and CXXFLAGS"Eelco Dolstra
This reverts commit 80ebd60e7ca3c48a19b94ddaeebb23182b703178. The reason why we cleared CFLAGS/CXXFLAGS was because otherwise we get a default value of -O2, which interferes with the defaults set in the Makefile. (E.g. "make OPTIMIZE=0" should not pass -O2.)
2016-01-05Do not override environment CFLAGS and CXXFLAGSIlya Novoselov
Looks like 5a05cf4063fc6ea666f3e24c60bd2e9e5526ef4e removed usage of environment CFLAGS and CXXFLAGS by mistake. That change broke building of nix on fedora core 23.
2016-01-05Merge pull request #685 from vizanto/masterEelco Dolstra
POSIX compliant directory access (fixes build on Solaris)
2015-12-10Build sandbox support etc. unconditionally on LinuxEelco Dolstra
Also, use "#if __APPLE__" instead of "#if SANDBOX_ENABLED" to prevent ambiguity.
2015-11-07Fix build on SolarisDanny Wilson
d_type is not part of the POSIX spec unfortunately.
2015-11-04Require OpenSSLEelco Dolstra
2015-10-30<nix/fetchurl.nix>: Support xz-compressed NARsEelco Dolstra
2015-10-21Add resolve-system-dependencies.plJude Taylor
2015-03-27Add dependency on libcurl-devEelco Dolstra
http://hydra.nixos.org/eval/1179370
2015-02-16Use pivot_root in addition to chroot when possibleHarald van Dijk
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use.
2015-02-10Make libsodium an optional dependencyEelco Dolstra
2015-02-04Use libsodium instead of OpenSSL for binary cache signingEelco Dolstra
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key.
2014-11-25Rely on XML catalogs to find the DocBook schemas and stylesheetsEelco Dolstra
2014-09-22configure: Force regeneration of Makefile.configEelco Dolstra
2014-09-17Remove unused w3m dependencyEelco Dolstra
2014-09-17On Linux, disable address space randomizationEelco Dolstra
2014-09-17Add Make flag to disable optimizationEelco Dolstra
2014-07-10Remove maybeVforkEelco Dolstra
2014-05-26Use std::unordered_setEelco Dolstra
2014-02-01Build/install manualEelco Dolstra
2014-01-21Fix buildEelco Dolstra
2014-01-09Handle systems where "echo -n" doesn't workEelco Dolstra
2013-11-25Expand configure variables before writing config.statusEelco Dolstra
This way, we can use config.status for generating scripts/* (without ending up with lines like "#! /usr/bin/perl -I${libexecdir}/...").
2013-11-25Remove obsolete setting of $CC_FOR_BUILDEelco Dolstra
2013-11-25Don't install LibtoolEelco Dolstra
2013-11-25Don't instantiate Automake makefilesEelco Dolstra
2013-11-22Drop the dependency on AutomakeEelco Dolstra
2013-11-22New non-recursive, plain Make-based build systemEelco Dolstra
2013-11-14Remove nix-setuid-helperEelco Dolstra
AFAIK, nobody uses it, it's not maintained, and it has no tests.
2013-08-19Turn on -WallEelco Dolstra
2013-08-07Run the daemon worker on the same CPU as the clientEelco Dolstra
On a system with multiple CPUs, running Nix operations through the daemon is significantly slower than "direct" mode: $ NIX_REMOTE= nix-instantiate '<nixos>' -A system real 0m0.974s user 0m0.875s sys 0m0.088s $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m2.118s user 0m1.463s sys 0m0.218s The main reason seems to be that the client and the worker get moved to a different CPU after every call to the worker. This patch adds a hack to lock them to the same CPU. With this, the overhead of going through the daemon is very small: $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m1.074s user 0m0.809s sys 0m0.098s
2013-08-06Set the default GCC optimisation level to -O3Eelco Dolstra
2013-07-12Add gzip support for channel unpackingGergely Risko
2013-03-25makeStoreWritable: Use statvfs instead of /proc/self/mountinfo to find out ↵Shea Levy
if /nix/store is a read-only bind mount /nix/store could be a read-only bind mount even if it is / in its own filesystem, so checking the 4th field in mountinfo is insufficient. Signed-off-by: Shea Levy <shea@shealevy.com>
2013-01-02UrggghEelco Dolstra
http://hydra.nixos.org/build/3661100
2012-11-15Disable use of vfork()Eelco Dolstra
vfork() is just too weird. For instance, in this build: http://hydra.nixos.org/build/3330487 the value fromHook.writeSide becomes corrupted in the parent, even though the child only reads from it. At -O0 the problem goes away. Probably the child is overriding some spilled temporary variable. If I get bored I may implement using posix_spawn() instead.