aboutsummaryrefslogtreecommitdiff
path: root/src/nix-store
AgeCommit message (Collapse)Author
2014-02-26nix-store -r: Respect --add-root for non-derivationsEelco Dolstra
Fixes #68. Fixes #117.
2014-02-18Add a flag ‘--check’ to verify build determinismEelco Dolstra
The flag ‘--check’ to ‘nix-store -r’ or ‘nix-build’ will cause Nix to redo the build of a derivation whose output paths are already valid. If the new output differs from the original output, an error is printed. This makes it easier to test if a build is deterministic. (Obviously this cannot catch all sources of non-determinism, but it catches the most common one, namely the current time.) For example: $ nix-build '<nixpkgs>' -A patchelf ... $ nix-build '<nixpkgs>' -A patchelf --check error: derivation `/nix/store/1ipvxsdnbhl1rw6siz6x92s7sc8nwkkb-patchelf-0.6' may not be deterministic: hash mismatch in output `/nix/store/4pc1dmw5xkwmc6q3gdc9i5nbjl4dkjpp-patchelf-0.6.drv' The --check build fails if not all outputs are valid. Thus the first call to nix-build is necessary to ensure that all outputs are valid. The current outputs are left untouched: the new outputs are either put in a chroot or diverted to a different location in the store using hash rewriting.
2014-02-17nix-store --gc --max-freed: Support a unit specifierEelco Dolstra
E.g. "--max-freed 10G" means "free ten gigabytes".
2014-02-14download-via-ssh: Use readStorePathEelco Dolstra
2014-02-14Minor style fixesEelco Dolstra
2014-02-12Indendation fixShea Levy
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-12error messages start in lowercaseShea Levy
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-10nix-store --serve: Use a versioned protocolShea Levy
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-10Move StoreApi::serve into opServeShea Levy
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-08nix-store --serve: Use dump instead of exportShea Levy
Also remove signing support Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-08Add the nix-store --serve commandShea Levy
This is essentially the substituter API operating on the local store, which will be used by the ssh substituter. It runs in a loop rather than just taking one command so that in the future nix will be able to keep one connection open for multiple instances of the substituter. Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-01Remove AutomakefilesEelco Dolstra
2014-02-01Update Makefile variable namesEelco Dolstra
2014-01-30Rename Makefile -> local.mkEelco Dolstra
2014-01-21Merge branch 'master' into makeEelco Dolstra
Conflicts: src/libexpr/eval.cc
2014-01-09Update MakefilesEelco Dolstra
2013-12-20DohEelco Dolstra
2013-12-20nix-shell: Handle --option correctlyEelco Dolstra
Fixes #181.
2013-11-25Rename Makefile.new -> MakefileEelco Dolstra
2013-11-22Support building dynamic librariesEelco Dolstra
2013-11-22Rename $(here) to $(d) for brevity, and remove trailing slashEelco Dolstra
2013-11-22New non-recursive, plain Make-based build systemEelco Dolstra
2013-05-23nix-store --export: Export paths in topologically sorted orderEelco Dolstra
Fixes #118.
2013-03-08Revert "Prevent config.h from being clobbered"Eelco Dolstra
This reverts commit 28bba8c44f484eae38e8a15dcec73cfa999156f6.
2013-03-07Prevent config.h from being clobberedEelco Dolstra
2013-02-26Security: Don't allow builders to change permissions on files they don't ownEelco Dolstra
It turns out that in multi-user Nix, a builder may be able to do ln /etc/shadow $out/foo Afterwards, canonicalisePathMetaData() will be applied to $out/foo, causing /etc/shadow's mode to be set to 444 (readable by everybody but writable by nobody). That's obviously Very Bad. Fortunately, this fails in NixOS's default configuration because /nix/store is a bind mount, so "ln" will fail with "Invalid cross-device link". It also fails if hard-link restrictions are enabled, so a workaround is: echo 1 > /proc/sys/fs/protected_hardlinks The solution is to check that all files in $out are owned by the build user. This means that innocuous operations like "ln ${pkgs.foo}/some-file $out/" are now rejected, but that already failed in chroot builds anyway.
2013-01-30Support the coloniesEelco Dolstra
2013-01-22Correctly handle missing logsEelco Dolstra
2013-01-17Store build logs in /nix/var/log/nix/drvs/<XX>Eelco Dolstra
...where <XX> is the first two characters of the derivation. Otherwise /nix/var/log/nix/drvs may become so large that we run into all sorts of weird filesystem limits/inefficiences. For instance, ext3/ext4 filesystems will barf with "ext4_dx_add_entry:1551: Directory index full!" once you hit a few million files.
2012-12-20nix-store -q --roots: Respect the gc-keep-outputs/gc-keep-derivations settingsEelco Dolstra
So if a path is not garbage solely because it's reachable from a root due to the gc-keep-outputs or gc-keep-derivations settings, ‘nix-store -q --roots’ now shows that root.
2012-11-26Make "nix-build -A <derivation>.<output>" do the right thingEelco Dolstra
For example, given a derivation with outputs "out", "man" and "bin": $ nix-build -A pkg produces ./result pointing to the "out" output; $ nix-build -A pkg.man produces ./result-man pointing to the "man" output; $ nix-build -A pkg.all produces ./result, ./result-man and ./result-bin; $ nix-build -A pkg.all -A pkg2 produces ./result, ./result-man, ./result-bin and ./result-2.
2012-11-20nix-store -r: Add ‘--ignore-unknown’ flagEelco Dolstra
This flag causes paths that do not have a known substitute to be quietly ignored. This is mostly useful for Charon, allowing it to speed up deployment by letting a machine use substitutes for all substitutable paths, instead of uploading them. The latter is frequently faster, e.g. if the target machine has a fast Internet connection while the source machine is on a slow ADSL line.
2012-11-19nix-store -r: Don't quietly ignore missing pathsEelco Dolstra
2012-10-03When ‘--help’ is given, just run ‘man’ to show the manual pageEelco Dolstra
I.e. do what git does. I'm too lazy to keep the builtin help text up to date :-) Also add ‘--help’ to various commands that lacked it (e.g. nix-collect-garbage).
2012-10-02Add a --repair flag to ‘nix-store -r’ to repair derivation outputsEelco Dolstra
With this flag, if any valid derivation output is missing or corrupt, it will be recreated by using a substitute if available, or by rebuilding the derivation. The latter may use hash rewriting if chroots are not available.
2012-10-02nix-store -r: Get rid of an unnecessary call to buildPaths/ensurePathsEelco Dolstra
2012-10-02nix-store --verify: Add an option ‘--repair’ to repair all ↵Eelco Dolstra
missing/corrupt paths Also, return a non-zero exit code if errors remain after verifying/repairing.
2012-10-02Add operation ‘nix-store --repair-path’Eelco Dolstra
This operation allows fixing corrupted or accidentally deleted store paths by redownloading them using substituters, if available. Since the corrupted path cannot be replaced atomically, there is a very small time window (one system call) during which neither the old (corrupted) nor the new (repaired) contents are available. So repairing should be used with some care on critical packages like Glibc.
2012-08-27Merge branch 'master' into no-manifestsEelco Dolstra
2012-08-24Include the output name in the GC root linkEelco Dolstra
Output names are now appended to resulting GC symlinks, e.g. by nix-build. For backwards compatibility, if the output is named "out", nothing is appended. E.g. doing "nix-build -A foo" on a derivation that produces outputs "out", "bin" and "dev" will produce symlinks "./result", "./result-bin" and "./result-dev", respectively.
2012-08-01Drop the block count in the garbage collectorEelco Dolstra
2012-08-01nix-store --gc: Make ‘--max-freed 0’ do the right thingEelco Dolstra
That is, delete almost nothing (it will still remove unused links from /nix/store/.links).
2012-07-30Refactor settings processingEelco Dolstra
Put all Nix configuration flags in a Settings object.
2012-07-26Merge branch 'master' into no-manifestsEelco Dolstra
2012-07-23optimiseStore(): Use a content-addressed file store in /nix/store/.linksEelco Dolstra
optimiseStore() now creates persistent, content-addressed hard links in /nix/store/.links. For instance, if it encounters a file P with hash H, it will create a hard link P' = /nix/store/.link/<H> to P if P' doesn't already exist; if P' exist, then P is replaced by a hard link to P'. This is better than the previous in-memory map, because it had the tendency to unnecessarily replace hard links with a hard link to whatever happened to be the first file with a given hash it encountered. It also allows on-the-fly, incremental optimisation.
2012-07-18Use "#pragma once" to prevent repeated header file inclusionEelco Dolstra
2012-07-11Rename queryValidPaths() to queryAllValidPaths()Eelco Dolstra
2012-06-27nix-store -r: do substitutions in parallelEelco Dolstra
I.e. when multiple non-derivation arguments are passed to ‘nix-store -r’ to be substituted, do them in parallel.
2012-05-30"nix-store -l": support compressed logsEelco Dolstra
2012-05-29Reserve some disk space for the garbage collectorEelco Dolstra
We can't open a SQLite database if the disk is full. Since this prevents the garbage collector from running when it's most needed, we reserve some dummy space that we can free just before doing a garbage collection. This actually revives some old code from the Berkeley DB days. Fixes #27.