aboutsummaryrefslogtreecommitdiff
path: root/src/nix/run.cc
AgeCommit message (Collapse)Author
2020-04-09Merge remote-tracking branch 'origin/master' into flakesEelco Dolstra
2020-04-07`nix run` using $SHELL as default commandmlatus
2020-03-30Backport 'nix dev-shell' from the flakes branchEelco Dolstra
This also adds a '--profile' option to 'nix build' (replacing 'nix-env --set').
2019-12-11Merge remote-tracking branch 'origin/master' into flakesEelco Dolstra
2019-12-10Make the Store API more type-safeEelco Dolstra
Most functions now take a StorePath argument rather than a Path (which is just an alias for std::string). The StorePath constructor ensures that the path is syntactically correct (i.e. it looks like <store-dir>/<base32-hash>-<name>). Similarly, functions like buildPaths() now take a StorePathWithOutputs, rather than abusing Path by adding a '!<outputs>' suffix. Note that the StorePath type is implemented in Rust. This involves some hackery to allow Rust values to be used directly in C++, via a helper type whose destructor calls the Rust type's drop() function. The main issue is the dynamic nature of C++ move semantics: after we have moved a Rust value, we should not call the drop function on the original value. So when we move a value, we set the original value to bitwise zero, and the destructor only calls drop() if the value is not bitwise zero. This should be sufficient for most types. Also lots of minor cleanups to the C++ API to make it more modern (e.g. using std::optional and std::string_view in some places).
2019-12-05Make subcommand construction in MultiCommand lazyEelco Dolstra
(cherry picked from commit a0de58f471c9087d8e6cc60a6078f9940a125b15)
2019-12-04Merge remote-tracking branch 'origin/master' into flakesEelco Dolstra
2019-11-22getEnv(): Return std::optionalEelco Dolstra
This allows distinguishing between an empty value and no value.
2019-11-07use MixEnvironment in run and shellmatthew
2019-11-07changesmatthew
2019-11-07environment fixes in runmatthew
Move environment related code to a separate function. Create a new char** if ignoreEnvironment is set rather than calling clearEnv
2019-10-31change deprecated attribute syntax in run examplesmatthew
2019-10-15Support non-x86_64-linux system types in flakesEelco Dolstra
A command like $ nix run nixpkgs#hello will now build the attribute 'packages.${system}.hello' rather than 'packages.hello'. Note that this does mean that the flake needs to export an attribute for every system type it supports, and you can't build on unsupported systems. So 'packages' typically looks like this: packages = nixpkgs.lib.genAttrs ["x86_64-linux" "i686-linux"] (system: { hello = ...; }); The 'checks', 'defaultPackage', 'devShell', 'apps' and 'defaultApp' outputs similarly are now attrsets that map system types to derivations/apps. 'nix flake check' checks that the derivations for all platforms evaluate correctly, but only builds the derivations in 'checks.${system}'. Fixes #2861. (That issue also talks about access to ~/.config/nixpkgs and --arg, but I think it's reasonable to say that flakes shouldn't support those.) The alternative to attribute selection is to pass the system type as an argument to the flake's 'outputs' function, e.g. 'outputs = { self, nixpkgs, system }: ...'. However, that approach would be at odds with hermetic evaluation and make it impossible to enumerate the packages provided by a flake.
2019-08-29Merge remote-tracking branch 'origin/master' into flakesEelco Dolstra
2019-07-25Disable CLONE_NEWUSER when it’s unavailableMatthew Bauer
Some kernels disable "unpriveleged user namespaces". This is unfortunate, but we can still use mount namespaces. Anyway, since each builder has its own nixbld user, we already have most of the benefits of user namespaces.
2019-06-18Make subcommand construction in MultiCommand lazyEelco Dolstra
2019-06-17nix app: Accept argumentsEelco Dolstra
Example: $ nix app blender-bin -- --version Blender 2.80 (sub 74)
2019-06-17nix app: Search for installable in the 'apps' outputEelco Dolstra
I.e. you can write $ nix app blender-bin:blender_2_80 which is equivalent to $ nix app blender-bin:apps.blender_2_80
2019-06-03Add 'nix app' commandEelco Dolstra
This is like 'nix run', except that the command to execute is defined in a flake output, e.g. defaultApp = { type = "app"; program = "${packages.blender_2_80}/bin/blender"; }; Thus you can do $ nix app blender-bin to start Blender from the 'blender-bin' flake. In the future, we can extend this with sandboxing. (For example we would want to be able to specify that Blender should not have network access by default and should only have access to certain paths in the user's home directory.)
2019-02-05Revert "Restore parent mount namespace before executing a child process"Eelco Dolstra
This reverts commit a0ef21262f4d5652bfb65cfacaec01d89c475a93. This doesn't work in 'nix run' and nix-shell because setns() fails in multithreaded programs, and Boehm GC mark threads are uncancellable. Fixes #2646.
2018-11-13Restore parent mount namespace before executing a child processEelco Dolstra
This ensures that they can't write to /nix/store. Fixes #2535.
2018-08-19nix run: Restore CPU affinityEelco Dolstra
Fixes #2359.
2018-08-09nix run: Respect propagated-user-env-packagesEelco Dolstra
Also, add $path/bin to $PATH even if it doesn't exist. This makes 'man' work properly (since it looks for ../share/man relative to $PATH entries).
2018-02-26nix run: Fix segfault on macOSEelco Dolstra
Note that clearenv() is not available on macOS. Fixes #1907.
2018-02-19Update release notesEelco Dolstra
Also add some examples to nix --help.
2017-11-20nix run: Fix "flag '--command' requires 2 argument(s)"Eelco Dolstra
2017-11-20nix run: Fix accidental removal of /nix/store existence checkEelco Dolstra
Parenthetical to #1686, we don't need to create a new root if we can just bind-mount on top of the existing /nix/store.
2017-11-20nix run: Ignore non-directories while setting up the chrootEelco Dolstra
Fixes #1686.
2017-10-24nix: Respect -I, --arg, --argstrEelco Dolstra
Also, random cleanup to argument handling.
2017-09-28nix run: Restore signalsEelco Dolstra
Otherwise Ctrl-C doesn't work.
2017-09-10nix build: Only download the requested derivation outputsEelco Dolstra
Also some refactoring.
2017-09-07nix run: Add some examplesEelco Dolstra
2017-09-06nix build: Add --out-link and --no-link optionsEelco Dolstra
2017-08-31More macOS build fixesEelco Dolstra
2017-08-31Fix build failure on non-LinuxEelco Dolstra
https://hydra.nixos.org/build/59649086
2017-08-29nix run: Flush the progress bar before starting the commandEelco Dolstra
2017-08-29nix run: Add some flags for clearing/keeping the environmentEelco Dolstra
This is useful for testing commands in isolation. For example, $ nix run nixpkgs.geeqie -i -k DISPLAY -k XAUTHORITY -c geeqie runs geeqie in an empty environment, except for $DISPLAY and $XAUTHORITY.
2017-08-29nix run: Allow passing a command to executeEelco Dolstra
E.g. nix run nixpkgs.hello -c hello --greeting Hallo Note that unlike "nix-shell --command", no quoting of arguments is necessary. "-c" (short for "--command") cannot be combined with "--" because they both consume all remaining arguments. But since installables shouldn't start with a dash, this is unlikely to cause problems.
2017-08-29nix run: Fix chroot executionEelco Dolstra
Running "nix run" with a diverted store, e.g. $ nix run --store local?root=/tmp/nix nixpkgs.hello stopped working when Nix became multithreaded, because unshare(CLONE_NEWUSER) doesn't work in multithreaded processes. The obvious solution is to terminate all other threads first, but 1) there is no way to terminate Boehm GC marker threads; and 2) it appears that the kernel has a race where unshare(CLONE_NEWUSER) will still fail for some indeterminate amount of time after joining other threads. So instead, "nix run" will now exec() a single-threaded helper ("nix __run_in_chroot") that performs the actual unshare()/chroot()/exec().
2017-07-30Replace Unicode quotes in user-facing strings by ASCIIJörg Thalheim
Relevant RFC: NixOS/rfcs#4 $ ag -l | xargs sed -i -e "/\"/s/’/'/g;/\"/s/‘/'/g"
2017-07-14StorePathsCommand: Don't build installablesEelco Dolstra
On second though this was annoying. E.g. "nix log nixpkgs.hello" would build/download Hello first, even though the log can be fetched directly from the binary cache. May need to revisit this.
2017-04-25StorePathCommands: Build installablesEelco Dolstra
So for instance "nix copy --to ... nixpkgs.hello" will build nixpkgs.hello first. It's debatable whether this is a good idea. It seems desirable for commands like "nix copy" but maybe not for commands like "nix path-info".
2017-04-25Move code aroundEelco Dolstra
2017-04-25Restructure installables handling in the "nix" commandEelco Dolstra
2016-11-26Revert "Get rid of unicode quotes (#1140)"Eelco Dolstra
This reverts commit f78126bfd6b6c8477fcdbc09b2f98772dbe9a1e7. There really is no need for such a massive change...
2016-11-25Get rid of unicode quotes (#1140)Guillaume Maudoux
2016-06-02nix run: Set a reasonable uid/gidEelco Dolstra
2016-06-02nix run: Handle the case where the /nix/store mount point doesn't existEelco Dolstra
2016-06-02nix run: Mount the Nix store in a private namespaceEelco Dolstra
This is a convenience command to allow users who are not privileged to create /nix/store to use Nix with regular binary caches. For example, $ NIX_REMOTE="local?state=$HOME/nix/var&real=/$HOME/nix/store" nix run firefox bashInteractive will download Firefox and bash from cache.nixos.org, then start a shell in which $HOME/nix/store is mounted on /nix/store.
2016-06-02Add basic "nix run" commandEelco Dolstra