| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Flakes are now fetched using an extensible mechanism. Also lots of
other flake cleanups.
|
|
|
|
Most functions now take a StorePath argument rather than a Path (which
is just an alias for std::string). The StorePath constructor ensures
that the path is syntactically correct (i.e. it looks like
<store-dir>/<base32-hash>-<name>). Similarly, functions like
buildPaths() now take a StorePathWithOutputs, rather than abusing Path
by adding a '!<outputs>' suffix.
Note that the StorePath type is implemented in Rust. This involves
some hackery to allow Rust values to be used directly in C++, via a
helper type whose destructor calls the Rust type's drop()
function. The main issue is the dynamic nature of C++ move semantics:
after we have moved a Rust value, we should not call the drop function
on the original value. So when we move a value, we set the original
value to bitwise zero, and the destructor only calls drop() if the
value is not bitwise zero. This should be sufficient for most types.
Also lots of minor cleanups to the C++ API to make it more modern
(e.g. using std::optional and std::string_view in some places).
|
|
Previously, SANDBOX_SHELL was set to empty when unavailable. This
caused issues when actually generating the sandbox. Instead, just set
SANDBOX_SHELL when --with-sandbox-shell= is non-empty. Alternative
implementation to https://github.com/NixOS/nix/pull/3038.
|
|
|
|
5Gb.
|
|
|
|
This is needed for new arches where libseccomp support doesn't exist
yet.
Fixes #1878.
|
|
Previously, this would fail at startup for non-NixOS installs:
nix-env --help
The fix for this is to just use "nixManDir" as the value for MANPATH
when spawning "man".
To test this, I’m using the following:
$ nix-build release.nix -A build
$ MANPATH= ./result/bin/nix-env --help
Fixes #1627
|
|
All plugins in plugin-files will be dlopened, allowing them to
statically construct instances of the various Register* types Nix
supports.
|
|
This makes it slightly more manageable to see at a glance what in a
build's sandbox profile is unique to the build and what is standard. Also
a first step to factoring more of our Darwin logic into scheme functions
that will allow us a bit more flexibility. And of course less of that
nasty codegen in C++! 😀
|
|
Even with "build-use-sandbox = false", we now use sandboxing with a
permissive profile that allows everything except the creation of
setuid/setgid binaries.
|
|
Also, add rules to allow fixed-output derivations to access the
network.
These rules are sufficient to build stdenvDarwin without any
__sandboxProfile magic.
|
|
Issue #759.
Also, remove nix.conf from the sandbox since I don't really see a
legitimate reason for builders to access the Nix configuration.
|
|
This prevents builders from setting the S_ISUID or S_ISGID bits,
preventing users from using a nixbld* user to create a setuid/setgid
binary to interfere with subsequent builds under the same nixbld* uid.
This is based on aszlig's seccomp code
(47f587700d646f5b03a42f2fa57c28875a31efbe).
Reported by Linus Heckemann.
|
|
And add a 116 KiB ash shell from busybox to the release build. This
helps to make sandbox builds work out of the box on non-NixOS systems
and with diverted stores.
|
|
Also, don't use lsof on Linux since it's not needed.
Fixes #1328.
|
|
This reverts commit 9f3f2e21edb17dbcd674539dff96efb6cceca10c, reversing
changes made to 47f587700d646f5b03a42f2fa57c28875a31efbe.
|
|
We're going to use libseccomp instead of creating the raw BPF program,
because we have different syscall numbers on different architectures.
Although our initial seccomp rules will be quite small it really doesn't
make sense to generate the raw BPF program because we need to duplicate
it and/or make branches on every single architecture we want to suuport.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
Substitution is now simply a Store -> Store copy operation, most
typically from BinaryCacheStore to LocalStore.
|
|
This allows running arbitrary Nix commands against an S3 binary cache.
To do: make this a compile time option to prevent a dependency on
aws-sdk-cpp.
|
|
This is currently only used by the Hydra queue runner rework, but like
eff5021eaa6dc69f65ea1a8abe8f3ab11ef5eb0a it presumably will be useful
for the C++ rewrite of nix-push and
download-from-binary-cache. (@shlevy)
|
|
FreeBSD support with knowledge about Linux emulation
|
|
As discussed in NixOS/nixpkgs#11001, we still need some of the old
sandbox mechanism.
This reverts commit d760c2638c9e1f4b8cd9b4ec90d68bf0c76a800b.
|
|
|
|
|
|
|
|
Previously, pkg-config was already queried for libsqlite3's and
libcurl's link flags. However they were not used, but hardcoded
instead. This commit replaces the hardcoded LDFLAGS by the ones
provided by pkg-config in a similar pattern as already used for
libsodium.
|
|
This ensures that 1) the derivation doesn't change when Nix changes;
2) the derivation closure doesn't contain Nix and its dependencies; 3)
we don't have to rely on ugly chroot hacks.
|
|
|
|
|
|
http://hydra.nixos.org/build/14344391
|
|
|
|
This is useful for extending (rather than overriding) the default set
of chroot paths.
|
|
|
|
|
|
|
|
|
|
|
