lix -

Age	Commit message (Collapse)	Author
2007-05-01	* Set a terminate() handler to ensure that we leave the BDB	Eelco Dolstra
	environment cleanly even when an exception is thrown from a destructor. We still crash, but we don't take all other Nix processes with us.
2007-03-19	* Terminate build hooks and substitutes with a TERM signal, not a KILL	Eelco Dolstra
	signal. This is necessary because those processes may have joined the BDB environment, so they have to be given a chance to clean up. (NIX-85)
2007-02-21	* `nix-store --import': import an archive created by `nix-store	Eelco Dolstra
	--export' into the Nix store, and optionally check the cryptographic signatures against /nix/etc/nix/signing-key.pub. (TODO: verify against a set of public keys.)
2007-02-21	* `nix-store --export --sign': sign the Nix archive using the RSA key	Eelco Dolstra
	in /nix/etc/nix/signing-key.sec
2007-01-13	* Cleanup.	Eelco Dolstra

2006-12-12	* New primop builtins.filterSource, which can be used to filter files	Eelco Dolstra
	from a source directory. All files for which a predicate function returns true are copied to the store. Typical example is to leave out the .svn directory: stdenv.mkDerivation { ... src = builtins.filterSource (path: baseNameOf (toString path) != ".svn") ./source-dir; # as opposed to # src = ./source-dir; } This is important because the .svn directory influences the hash in a rather unpredictable and variable way.
2006-12-12	* In dumpPath(): pass a function object that allows files to be	Eelco Dolstra
	selectively in/excluded from the dump.
2006-12-07	* Move setuidCleanup() to libutil.	Eelco Dolstra

2006-12-07	* Change the ownership of store paths to the Nix account before	Eelco Dolstra
	deleting them using the setuid helper.
2006-12-07	* Move killUser() to libutil so that the setuid helper can use it.	Eelco Dolstra

2006-12-05	* The determination of the root set should be made by the privileged	Eelco Dolstra
	process, so forward the operation. * Spam the user about GC misconfigurations (NIX-71). * findRoots: skip all roots that are unreadable - the warnings with which we spam the user should be enough.
2006-12-04	* Daemon mode (`nix-worker --daemon'). Clients connect to the server	Eelco Dolstra
	via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes.
2006-12-03	* Pid::kill() should be interruptable.	Eelco Dolstra

2006-12-03	* Some hackery to propagate the worker's stderr and exceptions to the	Eelco Dolstra
	client.
2006-12-02	* Move addTempRoot() to the store API, and add another function	Eelco Dolstra
	syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock.
2006-12-02	* Remove most of the old setuid code.	Eelco Dolstra
	* Much simpler setuid code for the worker in slave mode.
2006-12-02	* Remove SwitchToOriginalUser, we're not going to need it anymore.	Eelco Dolstra

2006-11-30	* More remote operations.	Eelco Dolstra
	* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0.
2006-11-30	* When NIX_REMOTE is set to "slave", fork off nix-worker in slave	Eelco Dolstra
	mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure.
2006-11-30	* Skeleton of the privileged worker program.	Eelco Dolstra
	* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation.
2006-11-29	* Don't spam.	Eelco Dolstra

2006-11-29	* Example script to set permissions for setuid operation.	Roy van den Broek

2006-11-29	* Remove --enable-setuid, --with-nix-user and --with-nix-group.	Eelco Dolstra
	Rather, setuid support is now always compiled in (at least on platforms that have the setresuid system call, e.g., Linux and FreeBSD), but it must enabled by chowning/chmodding the Nix binaries.
2006-11-24	* Doh! Path sizes need to be computed recursively of course.	Eelco Dolstra
	(NIX-70)
2006-10-30	* readFile: don't overflow the stack on large files.	Eelco Dolstra

2006-10-16	* Big cleanup of the semantics of paths, strings, contexts, string	Eelco Dolstra
	concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Semantic change: paths are now copied to the store when they're in a concatenation (and in most other situations - that's the formalisation of the meaning of a path). So "foo " + ./bla evaluates to "foo /nix/store/hash...-bla", not "foo /path/to/current-dir/bla". This prevents accidental impurities, and is more consistent with the treatment of derivation outputs, e.g., `"foo " + bla' where `bla' is a derivation. (Here `bla' would be replaced by the output path of `bla'.)
2006-09-27	* Fix setuid builds.	Eelco Dolstra

2006-09-20	* Print a better error message for wrong hashes (NIX-49).	Eelco Dolstra

2006-09-04	* Move setuid stuff to libutil.	Eelco Dolstra
	* Install libexpr header files.
2006-09-04	* Install header files in /nix/include/nix.	Eelco Dolstra

2006-09-04	* Remove unnecessary inclusions of aterm2.h.	Eelco Dolstra

2006-09-04	* Don't need extern "C".	Eelco Dolstra

2006-09-04	* Use a proper namespace.	Eelco Dolstra
	* Optimise header file usage a bit. * Compile the parser as C++.
2006-09-04	* Store the Nix libraries in ${libdir}/nix instead of ${libdir}.	Eelco Dolstra

2006-08-31	* Doh! Doh! Doh!	Eelco Dolstra

2006-08-31	* Better error checking.	Eelco Dolstra

2006-08-29	* Fix the ~ operator.	Eelco Dolstra

2006-08-26	* Refactoring.	Eelco Dolstra

2006-08-24	* Escape newlines in XML attributes to prevent them from being	Eelco Dolstra
	normalised away.
2006-08-16	* `nix-instantiate --{eval\|parse}-only --xml': print an XML	Eelco Dolstra
	representation instead of an ATerm. * Indent XML output.
2006-08-04	* Weird issue on Cygwin with the include file order.	Eelco Dolstra

2006-08-03	* `nix-env -q --xml': show query result in XML format for easier	Eelco Dolstra
	automated processing.
2006-08-03	* `nix-instantiate --print-args': produce XML output so that the	Eelco Dolstra
	result can be used more easily by scripts.
2006-08-03	* Simple class for writing XML files.	Eelco Dolstra

2006-07-20	* Call find-runtime-roots.pl from the garbage collector to prevent	Eelco Dolstra
	running applications etc. from being garbage collected.
2006-07-06	* Allow the canonical system name to be specified at runtime in the	Eelco Dolstra
	Nix config file.
2006-06-19	* Write messages to stderr in a slightly more atomic way. Useful when	Eelco Dolstra
	there are several parallel processes.
2006-06-14	* Fix for a problem with BSD's group ownership semantics when the user	Eelco Dolstra
	is not in the "wheel" group.
2006-05-24	* Some Cygwin fixes.	Eelco Dolstra

2006-05-12	* Support for srcdir != builddir (NIX-41).	Eelco Dolstra