aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-03-20sandbox: fix /bin/sh on catalinaDaiderd Jordan
Sadly 10.15 changed /bin/sh to a shim which executes bash, this means it can't be used anymore without also opening up the sandbox to allow bash. Failed to exec /bin/bash as variant for /bin/sh (1: Operation not permitted).
2020-03-20sandbox: allow pty devicesDaiderd Jordan
Nix now runs builds with a pseudo-terminal to enable colored build output.
2020-03-20libstore: relax default sandbox-paths on darwinDaiderd Jordan
2020-03-20libstore: disable resolve-system-dependencies hookDaiderd Jordan
This is used to determine the dependency tree of impure libraries so nix knows what paths to open in the sandbox. With the less restrictive defaults it isn't needed anymore.
2020-02-04Merge pull request #3344 from LnL7/ssh-ng-remote-paramsEelco Dolstra
ssh-store: add remote-store and remote-program query params
2020-02-03ssh-store: add remote-store and remote-program query paramsDaiderd Jordan
Brings the functionality of ssh-ng:// in sync with the legacy ssh:// implementation. Specifying the remote store uri enables various useful things. eg. $ nix copy --to ssh-ng://cache?remote-store=file://mnt/cache --all
2020-02-01Show "warning:" in yellow instead of redEelco Dolstra
2020-01-29Merge pull request #3335 from domenkozar/retry-429Eelco Dolstra
retry on HTTP status code 429
2020-01-29retry on HTTP status code 429Domen Kožar
2020-01-23structured-attrs: chown .attrs.* files to builderRobin Gloster
Otherwise `chmod .`'ing the build directory doesn't work anymore, which is done in nixpkgs if sourceRoot is set to '.'.
2020-01-22Fix clang warningEelco Dolstra
2020-01-21Fix derivation computation with __structuredAttrs and multiple outputsEelco Dolstra
Fixes error: derivation '/nix/store/klivma7r7h5lndb99f7xxmlh5whyayvg-zlib-1.2.11.drv' has incorrect output '/nix/store/fv98nnx5ykgbq8sqabilkgkbc4169q05-zlib-1.2.11-dev', should be '/nix/store/adm7pilzlj3z5k249s8b4wv3scprhzi1-zlib-1.2.11-dev'
2020-01-13build: remove warning when in sandboxing test modeDaiderd Jordan
Introduced in 66fccd5832d125e9162abc5ed351aa37708e9623, but somehow breaks the secure-drv-outputs test.
2020-01-13Tweak error messageEelco Dolstra
2020-01-13Merge branch 'assert-show-expression' of https://github.com/LnL7/nixEelco Dolstra
2020-01-13unbreak build without pchJohn Ericson
2020-01-13Fix buildEelco Dolstra
https://hydra.nixos.org/eval/1564374
2020-01-11libexpr: show expression in assertion errorsDaiderd Jordan
Includes the expression of the condition in the assertion message if the assertion failed, making assertions much easier to debug. eg. error: assertion (withPython -> (python2Packages != null)) failed at pkgs/tools/security/nmap/default.nix:11:1
2020-01-09json-to-value: use unique_ptr instead of raw pointersYorick van Pelt
2020-01-09builtins.fromJSON: use nlohmann/json parser instead of custom parserYorick van Pelt
2020-01-07Add support for \u escape in fromJSONNikola Knezevic
As fromTOML supports \u and \U escapes, bring fromJSON on par. As JSON defaults to UTF-8 encoding (every JSON parser must support UTF-8), this change parses the `\u hex hex hex hex` sequence (\u followed by 4 hexadecimal digits) into an UTF-8 representation. Add a test to verify correct parsing, using all escape sequences from json.org.
2020-01-07Remove redundant check in parseJSONStringNikola Knezevic
2020-01-06Fix use of uninitialized store pathEelco Dolstra
Fixes 'building of '/nix/store/00000000000000000000000000000000-': ...'.
2020-01-06Merge pull request #3303 from LnL7/darwin-sandboxEelco Dolstra
build: fix sandboxing on darwin
2020-01-05build: fix sandboxing on darwinDaiderd Jordan
Starting ba87b08f8529e4d9f8c58d8c625152058ceadb75 getEnv now returns an std::optional which means these getEnv() != "" conditions no longer happen if the variables are not defined.
2020-01-05Merge pull request #3302 from LnL7/darwin-repair-with-sandboxEelco Dolstra
build: fix path repairing with the darwin sandbox
2020-01-05Hide FunctionCallTrace constructor/destructorEelco Dolstra
This prevents them from being inlined. On gcc 9, this reduces the stack size needed for nix-instantiate '<nixpkgs>' -A texlive.combined.scheme-full --dry-run from 12.9 MiB to 4.8 MiB.
2020-01-04build: fix path repairing when hash rewriting is requiredDaiderd Jordan
Handle store path repairing on darwin when sandboxing is enabled. Unlike on linux sandboxing on darwin still requires hash rewriting.
2020-01-04build: recover store path when replacing failsDaiderd Jordan
This shouldn't happen in normal circumstances, but just in case attempt to move the temporary path back if possible.
2020-01-02passAsFile: leave out the hash prefixedef
Having a colon in the path may cause issues, and having the hash function indicated isn't actually necessary. We now verify the path format in the tests to prevent regressions.
2020-01-02passAsFile: hash the attribute name instead of numbering sequentiallyPuck Meerburg
This makes the paths consistent without relying on ordering. Co-authored-by: edef <edef@edef.eu>
2020-01-01exportReferencesGraph: support workingGraham Christensen
Before, we would get: [deploy@bastion:~]$ nix-store -r /nix/store/grfnl76cahwls0igd2by2pqv0dimi8h2-nixos-system-eris-19.09.20191213.03f3def.drv these derivations will be built: /nix/store/3ka4ihvwh6wsyhpd2qa9f59506mnxvx1-initrd-linux-4.19.88.drv /nix/store/ssxwmll7v21did1c8j027q0m8w6pg41i-unit-prometheus-alertmanager-irc-notifier.service.drv /nix/store/mvyvkj46ay7pp7b1znqbkck2mq98k0qd-unit-script-network-local-commands-start.drv /nix/store/vsl1y9mz38qfk6pyirjwnfzfggz5akg6-unit-network-local-commands.service.drv /nix/store/wi5ighfwwb83fdmav6z6n2fw6npm9ffl-unit-prometheus-hydra-exporter.service.drv /nix/store/x0qkv535n75pbl3xn6nn1w7qkrg9wwyg-unit-prometheus-packet-sd.service.drv /nix/store/lv491znsjxdf51xnfxh9ld7r1zg14d52-unit-script-packet-sd-env-key-pre-start.drv /nix/store/nw4nzlca49agsajvpibx7zg5b873gk9f-unit-script-packet-sd-env-key-start.drv /nix/store/x674wwabdwjrkhnykair4c8mpxa9532w-unit-packet-sd-env-key.service.drv /nix/store/ywivz64ilb1ywlv652pkixw3vxzfvgv8-unit-wireguard-wg0.service.drv /nix/store/v3b648293g3zl8pnn0m1345nvmyd8dwb-unit-script-acme-selfsigned-status.nixos.org-start.drv /nix/store/zci5d3zvr6fgdicz6k7jjka6lmx0v3g4-unit-acme-selfsigned-status.nixos.org.service.drv /nix/store/f6pwvnm63d0kw5df0v7sipd1rkhqxk5g-system-units.drv /nix/store/iax8071knxk9c7krpm9jqg0lcrawf4lc-etc.drv /nix/store/grfnl76cahwls0igd2by2pqv0dimi8h2-nixos-system-eris-19.09.20191213.03f3def.drv error: invalid file name 'closure-init-0' in 'exportReferencesGraph' This was tough to debug, I didn't figure out which one was broken until I did: nix-store -r /nix/store/grfnl76cahwls0igd2by2pqv0dimi8h2-nixos-system-eris-19.09.20191213.03f3def.drv 2>&1 | grep nix/store | xargs -n1 nix-store -r and then looking at the remaining build graph: $ nix-store -r /nix/store/grfnl76cahwls0igd2by2pqv0dimi8h2-nixos-system-eris-19.09.20191213.03f3def.drv these derivations will be built: /nix/store/3ka4ihvwh6wsyhpd2qa9f59506mnxvx1-initrd-linux-4.19.88.drv /nix/store/grfnl76cahwls0igd2by2pqv0dimi8h2-nixos-system-eris-19.09.20191213.03f3def.drv error: invalid file name 'closure-init-0' in 'exportReferencesGraph' and knowing the initrd build is before the system, then: $ nix show-derivation /nix/store/3ka4ihvwh6wsyhpd2qa9f59506mnxvx1-initrd-linux-4.19.88.drv { "/nix/store/3ka4ihvwh6wsyhpd2qa9f59506mnxvx1-initrd-linux-4.19.88.drv": { [...] "exportReferencesGraph": "closure-init-0 /nix/store/...-stage-1-init.sh closure-mdadm.conf-1 /nix/store/...-mdadm.conf closure-ubuntu.conf-2 ...", [...] } } I then searched the repo for "in 'exportReferencesGraph'", found this recently updated regex, and realized it was missing a "-".
2019-12-21Disable use-sqlite-wal under WSLBrian McKenna
Before: $ nix-channel --update unpacking channels... warning: SQLite database '/nix/var/nix/db/db.sqlite' is busy (SQLITE_PROTOCOL) warning: SQLite database '/nix/var/nix/db/db.sqlite' is busy (SQLITE_PROTOCOL) warning: SQLite database '/nix/var/nix/db/db.sqlite' is busy (SQLITE_PROTOCOL) warning: SQLite database '/nix/var/nix/db/db.sqlite' is busy (SQLITE_PROTOCOL) warning: SQLite database '/nix/var/nix/db/db.sqlite' is busy (SQLITE_PROTOCOL) After: $ inst/bin/nix-channel --update unpacking channels... created 1 symlinks in user environment I've seen complaints that "sandbox" caused problems under WSL but I'm having no problems. I think recent changes could have fixed the issue.
2019-12-19tarfile.cc: Restore timestampsEelco Dolstra
This is needed to get the lastModified attribute of GitHub flakes.
2019-12-19tarfile.cc: Don't change the cwdEelco Dolstra
Nix is multithreaded so it's not safe to change the cwd.
2019-12-19tarfile.cc: Style fixesEelco Dolstra
2019-12-19Merge branch 'libarchive' of https://github.com/yorickvP/nixEelco Dolstra
2019-12-18nix make-content-addressable: Add --json flagEelco Dolstra
Fixes #3274.
2019-12-17Add priority setting to storesEelco Dolstra
This allows overriding the priority of substituters, e.g. $ nix-store --store ~/my-nix/ -r /nix/store/df3m4da96d84ljzxx4mygfshm1p0r2n3-geeqie-1.4 \ --substituters 'http://cache.nixos.org?priority=100 daemon?priority=10' Fixes #3264.
2019-12-16nix-store -r: Handle symlinks to store pathsEelco Dolstra
Fixes #3270.
2019-12-15Tweak error messageEelco Dolstra
2019-12-15Merge branch 'limit_depth_resolveExprPath' of https://github.com/d-goldin/nixEelco Dolstra
2019-12-14Merge pull request #3269 from xzfc/nix-shellEelco Dolstra
nix-shell: don't check for "nix-shell" in shebang script name
2019-12-14Fix progress barEelco Dolstra
2019-12-14nix-shell: don't check for "nix-shell" in shebang script nameAlbert Safin
2019-12-13Move some codeEelco Dolstra
2019-12-13Don't leak exceptionsEelco Dolstra
2019-12-13Improve gzip error messageEelco Dolstra
2019-12-13Get rid of CBoxEelco Dolstra
2019-12-13bugfix: Adding depth limit to resolveExprPathDima
There is no termination condition for evaluation of cyclical expression paths which can lead to infinite loops. This addresses one spot in the parser in a similar fashion as utils.cc/canonPath does. This issue can be reproduced by something like: ``` ln -s a b ln -s b a nix-instantiate -E 'import ./a' ```