aboutsummaryrefslogtreecommitdiff
path: root/src/libstore
AgeCommit message (Collapse)Author
2015-07-17OCD: foreach -> C++11 ranged forEelco Dolstra
2015-07-17Allow remote builds without sending the derivation closureEelco Dolstra
Previously, to build a derivation remotely, we had to copy the entire closure of the .drv file to the remote machine, even though we only need the top-level derivation. This is very wasteful: the closure can contain thousands of store paths, and in some Hydra use cases, include source paths that are very large (e.g. Git/Mercurial checkouts). So now there is a new operation, StoreAPI::buildDerivation(), that performs a build from an in-memory representation of a derivation (BasicDerivation) rather than from a on-disk .drv file. The only files that need to be in the Nix store are the sources of the derivation (drv.inputSrcs), and the needed output paths of the dependencies (as described by drv.inputDrvs). "nix-store --serve" exposes this interface. Note that this is a privileged operation, because you can construct a derivation that builds any store path whatsoever. Fixing this will require changing the hashing scheme (i.e., the output paths should be computed from the other fields in BasicDerivation, allowing them to be verified without access to other derivations). However, this would be quite nice because it would allow .drv-free building (e.g. "nix-env -i" wouldn't have to write any .drv files to disk). Fixes #173.
2015-07-02TypoEelco Dolstra
2015-07-01Preserve supplementary groups of build usersLudovic Courtès
The following patch is an attempt to address this bug (see <http://bugs.gnu.org/18994>) by preserving the supplementary groups of build users in the build environment. In practice, I would expect that supplementary groups would contain only one or two groups: the build users group, and possibly the “kvm” group. [Changed &at(0) to data() and removed tabs - Eelco]
2015-06-30GC: Handle ENOSPC creating/moving to the trash directoryEelco Dolstra
Issue #564.
2015-06-22Use posix_fallocate to create /nix/var/nix/db/reservedEelco Dolstra
2015-06-22Make /nix/var/nix/db/reserved biggerEelco Dolstra
Issue #564.
2015-06-10Export outputPaths functionEelco Dolstra
This is useful for the new hydra-queue-runner.
2015-06-09Use std::vector::data()Eelco Dolstra
2015-06-04Allow substitutes for builds that have preferLocalBuild setEelco Dolstra
Not substituting builds with "preferLocalBuild = true" was a bad idea, because it didn't take the cost of dependencies into account. For instance, if we can't substitute a fetchgit call, then we have to download/build git and all its dependencies. Partially reverts 5558652709f27e8a887580b77b93c705659d7a4b and adds a new derivation attribute "allowSubstitutes" to specify whether a derivation may be substituted.
2015-06-04Chown files created for passAsFileEelco Dolstra
Nixpkgs' writeTextAsFile does this: mv "$textPath" "$n" Since $textPath was owned by root, if $textPath is on the same filesystem as $n, $n will be owned as root. As a result, the build result was rejected as having suspicious ownership. http://hydra.nixos.org/build/22836807
2015-06-02Add a ‘verifyStore’ RPCLudovic Courtès
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2015-05-21nix-collect-garbage: Don't call nix-envEelco Dolstra
Also, make sure --delete-older-than doesn't delete the current generation.
2015-05-21Move profiles.{cc,hh} to libstoreEelco Dolstra
2015-05-13cygwin: explicitly include required c headersRok Garbas
2015-05-12Don't try to map /bin/sh to a store path on non-LinuxShea Levy
2015-04-18Add the pre-build hook.Shea Levy
This hook can be used to set system-specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files through the interface, but it also has full access to the chroot root. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-support system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-18Revert "Add the pre-build hook."Shea Levy
Going to reimplement differently. This reverts commit 1e4a4a2e9fc382f47f58b448f3ee034cdd28218a.
2015-04-16Fix using restricted mode with chrootsEelco Dolstra
2015-04-12Add the pre-build hook.Shea Levy
This hook can be used to set system specific per-derivation build settings that don't fit into the derivation model and are too complex or volatile to be hard-coded into nix. Currently, the pre-build hook can only add chroot dirs/files. The specific use case for this is systems where the operating system ABI is more complex than just the kernel-supported system calls. For example, on OS X there is a set of system-provided frameworks that can reliably be accessed by any program linked to them, no matter the version the program is running on. Unfortunately, those frameworks do not necessarily live in the same locations on each version of OS X, nor do their dependencies, and thus nix needs to know the specific version of OS X currently running in order to make those frameworks available. The pre-build hook is a perfect mechanism for doing just that.
2015-04-09Implement a TTL on cached fetchurl/fetchTarball resultsEelco Dolstra
This is because we don't want to do HTTP requests on every evaluation, even though we can prevent a full redownload via the cached ETag. The default is one hour.
2015-04-07Revert /nix/store permission back to 01775Eelco Dolstra
This broke NixOS VM tests. Mostly reverts 27b7b94923d2f207781b438bb7a57669bddf7d2b, 5ce50cd99e740d0d0f18c30327ae687be9356553, afa433e58c3fe6029660a43fdc2073c9d15b4210.
2015-04-02Chroot builds: Provide world-readable /nix/storeEelco Dolstra
This was causing NixOS VM tests to fail mysteriously since 5ce50cd99e740d0d0f18c30327ae687be9356553. Nscd could (sometimes) no longer read /etc/hosts: open("/etc/hosts", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) Probably there was some wacky interaction between the guest kernel and the 9pfs implementation in QEMU.
2015-03-25addToStore(): Take explicit name argumentEelco Dolstra
2015-03-24Improve setting the default chroot dirsEelco Dolstra
2015-03-24Add the closure of store paths to the chrootEelco Dolstra
Thus, for example, to get /bin/sh in a chroot, you only need to specify /bin/sh=${pkgs.bash}/bin/sh in build-chroot-dirs. The dependencies of sh will be added automatically.
2015-03-24Tighten permissions on chroot directoriesEelco Dolstra
2015-03-06Fix typos: s/the the/the/Daniel Hahler
2015-03-04Don't use vfork() before clone()Eelco Dolstra
I'm seeing hangs in Glibc's setxid_mark_thread() again. This is probably because the use of an intermediate process to make clone() safe from a multi-threaded program (see 524f89f1399724e596f61faba2c6861b1bb7b9c5) is defeated by the use of vfork(), since the intermediate process will have a copy of Glibc's threading data structures due to the vfork(). So use a regular fork() again.
2015-03-03Merge branch 'allow-system-library' of git://github.com/copumpkin/nixShea Levy
Make the default impure prefix include all of /System/Library
2015-03-02Make the default impure prefix (not actual allowed impurities!) include all ↵Dan Peebles
of /System/Library, since we also want PrivateFrameworks from there and (briefly) TextEncodings, and who knows what else. Yay infectious impurities?
2015-03-02Allow local networking in the darwin sandbox to appease testsDan Peebles
2015-02-23More graceful fallback for chroots on Linux < 2.13Eelco Dolstra
2015-02-23Use chroots for all derivationsEelco Dolstra
If ‘build-use-chroot’ is set to ‘true’, fixed-output derivations are now also chrooted. However, unlike normal derivations, they don't get a private network namespace, so they can still access the network. Also, the use of the ‘__noChroot’ derivation attribute is no longer allowed. Setting ‘build-use-chroot’ to ‘relaxed’ gives the old behaviour.
2015-02-17Use $<attr>Path instead of $<attr> for passAsFileEelco Dolstra
2015-02-17Allow passing attributes via files instead of environment variablesEelco Dolstra
Closes #473.
2015-02-16Use pivot_root in addition to chroot when possibleHarald van Dijk
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use.
2015-02-04Require linux 3.13 or later for chrootShea Levy
Fixes #453
2015-01-18Make inputs writeable in the sandbox (builds still can’t actually write ↵Daniel Peebles
due to user permissions)
2015-01-13Allow using /bin and /usr/bin as impure prefixes on non-darwin by defaultShea Levy
These directories are generally world-readable anyway, and give us the two most common linux impurities (env and sh)
2015-01-13SysError -> ErrorEelco Dolstra
2015-01-13Don't resolve symlinks while checking __impureHostDepsEelco Dolstra
Since these come from untrusted users, we shouldn't do any I/O on them before we've checked that they're in an allowed prefix.
2015-01-12Add basic Apple sandbox supportDaniel Peebles
2015-01-08Doh^2Eelco Dolstra
2015-01-08DohEelco Dolstra
2015-01-08Set /nix/store permission to 1737Eelco Dolstra
I.e., not readable to the nixbld group. This improves purity a bit for non-chroot builds, because it prevents a builder from enumerating store paths (i.e. it can only access paths it knows about).
2015-01-06Fix building on DarwinEelco Dolstra
Fixes #433.
2014-12-29LocalStore initialization: Don't die if build-users-group doesn't existShea Levy
See NixOS/nixpkgs@9245516
2014-12-23Revive running builds in a PID namespaceEelco Dolstra
2014-12-14PedantryEelco Dolstra