aboutsummaryrefslogtreecommitdiff
path: root/src/libstore
AgeCommit message (Collapse)Author
2012-03-01Fix an uninitialised variableEelco Dolstra
The variable ‘useChroot’ was not initialised properly. This caused random failures if using the build hook. Seen on Mac OS X 10.7 with Clang. Thanks to KolibriFX for finding this :-)
2012-02-18Fix chroots buildsEelco Dolstra
Chroots are initialised by hard-linking inputs from the Nix store to the chroot. This doesn't work if the input has its immutable bit set, because it's forbidden to create hard links to immutable files. So temporarily clear the immutable bit when creating and destroying the chroot. Note that making regular files in the Nix store immutable isn't very reliable, since the bit can easily become cleared: for instance, if we run the garbage collector after running ‘nix-store --optimise’. So maybe we should only make directories immutable.
2012-02-15On Linux, make the Nix store really read-only by using the immutable bitEelco Dolstra
I was bitten one time too many by Python modifying the Nix store by creating *.pyc files when run as root. On Linux, we can prevent this by setting the immutable bit on files and directories (as in ‘chattr +i’). This isn't supported by all filesystems, so it's not an error if setting the bit fails. The immutable bit is cleared by the garbage collector before deleting a path. The only tricky aspect is in optimiseStore(), since it's forbidden to create hard links to an immutable file. Thus optimiseStore() temporarily clears the immutable bit before creating the link.
2012-02-15Fix a broken guard around utime()Eelco Dolstra
Because of an outdated check for a timestamp of 0, we were calling utime() even when it wasn't necessary.
2012-02-15Don't use deletePath() to delete a single fileEelco Dolstra
2012-02-09Use data() instead of c_str() where appropriateEelco Dolstra
2011-12-30* Oops.Eelco Dolstra
2011-12-30* Move topoSortPaths() out of gc.cc.Eelco Dolstra
2011-12-30* Reject a build if there is a cycle among the outputs. This isEelco Dolstra
necessary because existing code assumes that the references graph is acyclic.
2011-12-30* Sync with the trunk.Eelco Dolstra
2011-12-25* Make sure that lock files are cleaned up properly when buildingEelco Dolstra
through the build hook.
2011-12-22* Oops.Eelco Dolstra
2011-12-22* In the garbage collector, delete invalid paths before deletingEelco Dolstra
unreachable paths. This matters when using --max-freed etc.: unreachable paths could become reachable again, so it's nicer to keep them if there is "real" garbage to be deleted. Also, don't use readDirectory() but read the Nix store and delete invalid paths in parallel. This reduces GC latency on very large Nix stores.
2011-12-22* Drop unnecessary call to canonPath() (nixStore is already canonical).Eelco Dolstra
2011-12-21* Another case of lock file permissions being too liberal.Eelco Dolstra
2011-12-21Revert previous commitShea Levy
It doesn't detect indirect references
2011-12-21Detect and reject mutually-referential outputsShea Levy
There is probably a more efficient way to do this.
2011-12-20* Fix the build.Eelco Dolstra
2011-12-16* Sync with the trunk.Eelco Dolstra
2011-12-16* importPath() -> importPaths(). Because of buffering of the inputEelco Dolstra
stream it's now necessary for the daemon to process the entire sequence of exported paths, rather than letting the client do it.
2011-12-16* Make the import operation through the daemon much more efficientEelco Dolstra
(way fewer roundtrips) by allowing the client to send data in bigger chunks. * Some refactoring.
2011-12-15* Refactoring: move sink/source buffering into separate classes.Eelco Dolstra
* Buffer the HashSink. This speeds up hashing a bit because it prevents lots of calls to the hash update functions (e.g. nix-hash went from 9.3s to 8.7s of user time on the closure of my /var/run/current-system).
2011-12-14* Buffer writes in FdSink. This significantly reduces the number ofEelco Dolstra
system calls / context switches when dumping a NAR and in the worker protocol.
2011-12-05* Remove unnecessary quotes. showPaths() already adds quotes.Eelco Dolstra
2011-12-02* In ‘nix-store --verify --check-contents’, repair missing hashesEelco Dolstra
rather than complain about them.
2011-12-01* When doing "nix-store --add-fixed" without "--recursive" via the NixEelco Dolstra
daemon (which is an error), print a nicer error message than "Connection reset by peer" or "broken pipe". * In the daemon, log errors that occur during request parameter processing.
2011-11-29* Get rid of some superfluous error messages if a substituter fails.Eelco Dolstra
* Say "fetch" instead of "substitute".
2011-11-23* Add an API function exportPaths() that provides the functionality ofEelco Dolstra
‘nix-store --export’. * Add a Perl module that provides the functionality of ‘nix-copy-closure --to’. This is used by build-remote.pl so it no longer needs to start a separate nix-copy-closure process. Also, it uses the Perl API to do the export, so it doesn't need to start a separate nix-store process either. As a result, nix-copy-closure and build-remote.pl should no longer fail on very large closures due to an "Argument list too long" error. (Note that having very many dependencies in a single derivation can still fail because the environment can become too large. Can't be helped though.)
2011-11-22* Move initialisation of variables like nixConfDir from libmain toEelco Dolstra
libstore so that the Perl bindings can use it as well. It's vital that the Perl bindings use the configuration file, because otherwise nix-copy-closure will fail with a ‘database locked’ message if the value of ‘use-sqlite-wal’ is changed from the default.
2011-11-21nix: add /etc/hosts with localhost entry to chroot builds.Rob Vermaas
2011-11-07* Boldly make SQLite WAL mode the default again. Hopefully theEelco Dolstra
intermittent problems are gone by now. WAL mode is preferrable because it does way fewer fsyncs.
2011-11-06Include all outputs of derivations in the closure of explicitly-passed ↵Shea Levy
derivation paths This required adding a queryOutputDerivationNames function in the store API
2011-09-12* Ouch. A store upgrade could cause a substituter to be triggered,Eelco Dolstra
causing a deadlock.
2011-08-31* Eliminate all uses of the global variable ‘store’ from libstore.Eelco Dolstra
This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-07-20* Fix a huuuuge security hole in the Nix daemon. It didn't check thatEelco Dolstra
derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build *any* desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2011-06-30Add support for the `build-timeout' and `--timeout' options.Ludovic Courtès
2011-04-19* Handle error messages from the Nix worker containing the `%'Eelco Dolstra
character. (Nix/216)
2010-12-17* Do a short sleep after SQLITE_BUSY.Eelco Dolstra
2010-12-17* Propagate the "100" exit status for failed builds through the NixEelco Dolstra
daemon.
2010-12-14* I forgot to catch SQLiteBusy in registerValidPaths(). SoEelco Dolstra
registerValidPaths() now handles busy errors and registerValidPath() is simply a wrapper around it.
2010-12-13* nix-instantiate: return exit status 100 to denote a permanent buildEelco Dolstra
failure. The build hook can use this to distinguish between transient and permanent failures on the remote side.
2010-12-13* Create /nix/var/nix/db if it's missing.Eelco Dolstra
2010-12-13* Update some comments.Eelco Dolstra
2010-12-08* Ignore the result of sqlite3_reset().Eelco Dolstra
2010-12-06* `nix-store --verify --check-contents': don't hold the global GC lockEelco Dolstra
while checking the contents, since this operation can take a very long time to finish. Also, fill in missing narSize fields in the DB while doing this.
2010-12-05* Retry a transaction if SQLite returns SQLITE_BUSY. This can happenEelco Dolstra
even with a very long busy timeout, because SQLITE_BUSY is also returned to resolve deadlocks. This should get rid of random "database is locked" errors. This is kind of hard to test though. * Fix a horrible bug in deleteFromStore(): deletePathWrapped() should be called after committing the transaction, not before, because the commit might not succeed.
2010-11-17* Before a build, show the disk space that the downloaded store pathsEelco Dolstra
will approximately require.
2010-11-17* Add an operation `nix-store -q --size'.Eelco Dolstra
2010-11-17* Implement RemoteStore::queryPathInfo().Eelco Dolstra
2010-11-16* Store the size of a store path in the database (to be precise, theEelco Dolstra
size of the NAR serialisation of the path, i.e., `nix-store --dump PATH'). This is useful for Hydra.