aboutsummaryrefslogtreecommitdiff
path: root/release.nix
AgeCommit message (Collapse)Author
2017-06-19Let hydra choose an alternate list of systemsShea Levy
2017-06-01Fix coverage jobEelco Dolstra
2017-06-01RPM, Deb: Add dependency on libseccompEelco Dolstra
2017-05-29Add test for setuid seccomp filterEelco Dolstra
2017-05-29Add a seccomp filter to prevent creating setuid/setgid binariesEelco Dolstra
This prevents builders from setting the S_ISUID or S_ISGID bits, preventing users from using a nixbld* user to create a setuid/setgid binary to interfere with subsequent builds under the same nixbld* uid. This is based on aszlig's seccomp code (47f587700d646f5b03a42f2fa57c28875a31efbe). Reported by Linus Heckemann.
2017-05-15Add --with-sandbox-shell configure flagEelco Dolstra
And add a 116 KiB ash shell from busybox to the release build. This helps to make sandbox builds work out of the box on non-NixOS systems and with diverted stores.
2017-05-10Replace readline by linenoiseEelco Dolstra
Using linenoise avoids a license compatibility issue (#1356), is a lot smaller and doesn't pull in ncurses.
2017-05-03Fix Ubuntu 16.10 buildEelco Dolstra
http://hydra.nixos.org/build/52420073
2017-05-03Fix perlBindings.x86_64-darwinEelco Dolstra
http://hydra.nixos.org/build/52401151
2017-04-28Check for libreadlineEelco Dolstra
2017-04-25Make "nix repl" buildEelco Dolstra
2017-04-14Build on aarch64-linuxEelco Dolstra
2017-04-11Drop WWW::Curl dependencyEelco Dolstra
Somehow this came back after d1da6967b8891763ce04d668027cf300c9bbf0b2.
2017-03-31Fix evaluation errorEelco Dolstra
2017-03-31Merge branch 'remove-perl' of https://github.com/shlevy/nixEelco Dolstra
2017-03-30Remove tabsShea Levy
2017-03-15Add support for brotli compressionEelco Dolstra
Build logs on cache.nixos.org are compressed using Brotli (since this allows them to be decompressed automatically by Chrome and Firefox), so it's handy if "nix log" can decompress them.
2017-03-05Add signing and s3 support on darwinShea Levy
2017-02-22DohEelco Dolstra
2017-02-22Fix 32-bit RPM/Deb buildsEelco Dolstra
http://hydra.nixos.org/build/49130529
2017-02-21Drop some Ubuntu releasesEelco Dolstra
2017-02-21Debian build: Use parallel make and add Ubuntu 16.10Eelco Dolstra
2017-02-21RPM build: Use parallel makeEelco Dolstra
2017-02-21Build RPMs for Fedora 25Eelco Dolstra
Disabled hardened build because it makes the linker fail with messages like relocation R_X86_64_PC32 against undefined symbol `BZ2_bzWriteOpen' can not be used when making a shared object; recompile with -fPIC See https://fedoraproject.org/wiki/Changes/Harden_All_Packages.
2017-02-07Add nix-perl package for the perl bindingsShea Levy
2017-02-07Remove perl dependency.Shea Levy
Fixes #341
2017-01-27release.nix: Drop nix-shell referencesEelco Dolstra
2016-12-19Revert "Merge branch 'seccomp' of https://github.com/aszlig/nix"Eelco Dolstra
This reverts commit 9f3f2e21edb17dbcd674539dff96efb6cceca10c, reversing changes made to 47f587700d646f5b03a42f2fa57c28875a31efbe.
2016-12-15Merge branch 'seccomp' of https://github.com/aszlig/nixEelco Dolstra
2016-12-06Drop unused WWW::Curl dependencyEelco Dolstra
2016-11-16release.nix: Add a test for sandboxingaszlig
Right now it only tests whether seccomp correctly forges the return value of chown, but the long-term goal is to test the full sandboxing functionality at some point in the future. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-16Add build dependency for libseccompaszlig
We're going to use libseccomp instead of creating the raw BPF program, because we have different syscall numbers on different architectures. Although our initial seccomp rules will be quite small it really doesn't make sense to generate the raw BPF program because we need to duplicate it and/or make branches on every single architecture we want to suuport. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-09Implement backwards-compatible RemoteStore::addToStore()Eelco Dolstra
The SSHStore PR adds this functionality to the daemon, but we have to handle the case where the Nix daemon is 1.11. Also, don't require signatures for trusted users. This restores 1.11 behaviour. Fixes https://github.com/NixOS/hydra/issues/398.
2016-08-30Drop Fedora 19/20 buildsEelco Dolstra
These don't support regex_replace either.
2016-08-30Drop Ubuntu 13.10, 14.04 buildsEelco Dolstra
These don't support regex_replace. http://hydra.nixos.org/build/39363999 http://hydra.nixos.org/build/39363981
2016-08-10Remove $NIX_DB_DIREelco Dolstra
This variable has no reason to exist, given $NIX_STATE_DIR.
2016-05-31Fix OOM in the installer testEelco Dolstra
http://hydra.nixos.org/build/36462209
2016-05-31DohEelco Dolstra
2016-05-31Fix Debian 8 buildEelco Dolstra
http://hydra.nixos.org/build/36462150
2016-05-31Fix clang build failureEelco Dolstra
Apparently opinion is divided on whether [[noreturn]] is allowed on a lambda: http://stackoverflow.com/questions/26888805/how-to-declare-a-lambdas-operator-as-noreturn http://hydra.nixos.org/build/36462100
2016-05-04Make the aws-cpp-sdk dependency optionalEelco Dolstra
2016-05-02Merge pull request #892 from domenkozar/ubuntu1604Eelco Dolstra
add Ubuntu 16.03 .deb builds
2016-04-29add Ubuntu 16.03 .deb buildsDomen Kožar
2016-04-21Move S3BinaryCacheStore from HydraEelco Dolstra
This allows running arbitrary Nix commands against an S3 binary cache. To do: make this a compile time option to prevent a dependency on aws-sdk-cpp.
2016-04-14Remove PDF manualEelco Dolstra
More spring cleaning.
2016-03-28Kill the temporary darwin-specific channelDan Peebles
The issues have been resolved upstream in the main nixpkgs channel now
2016-02-17Drop all distros that are not down with C++11Eelco Dolstra
2016-01-20Fix evalEelco Dolstra
2016-01-19Add tests for Nixpkgs/NixOS evaluationEelco Dolstra
2016-01-08Temporarily do Darwin builds from a different Nixpkgs branchEelco Dolstra