Age | Commit message (Collapse) | Author |
|
The new experimental feature 'cgroups' enables the use of cgroups for
all builds. This allows better containment and enables setting
resource limits and getting some build stats.
|
|
|
|
|
|
|
|
|
|
Cgroups are now only used for derivations that require the uid-range
range feature. This allows auto UID allocation even on systems that
don't have cgroups (like macOS).
Also, make things work on modern systems that use cgroups v2 (where
there is a single hierarchy and no "systemd" controller).
|
|
|
|
|
|
|
|
Move savedArgv into libmain
|
|
libfetchers: avoid api.github.com ratelimit if no github token is set
|
|
`savedArgv` is not accessible by plugins when defined in main binary.
Moving it into one of the nix lib fix the problem.
|
|
Fix `nix __build-remote`
|
|
Call it as `['nix', '__build-remote', ... ]` rather than the previous
`["__build-remote", "nix __build-remote", ... ]` which seemed to have
been most likely unintended
|
|
Prevent fetchGit from using incorrect cached rev for different refs
|
|
Because of a wrong index, `nix __build-remote` wasn't working.
Fix the index to restore the command (and the build hook).
|
|
|
|
Defer to SSH config files for ForwardAgent option
|
|
Mark flakes with ._type = "flake".
|
|
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
|
|
The description of the --profile option talks about the "update" operation.
This is probably meant for operations such as "nix profile install", but the
same option is reused in other subcommands, which do not update the profile,
such as "nix profile {list,history,diff-closures}".
We update the description to make sense in both contexts.
|
|
Fixes #7186
|
|
Currently, Nix passes `-a` when it runs commands on a remote machine via
SSH, which disables agent forwarding. This causes issues when the
`ForwardAgent` option is set in SSH config files, as the command line
operation always overrides those.
In particular, this causes issues if the command being run is `sudo`
and the remote machine is configured with the equivalent of NixOS's
`security.pam.enableSSHAgentAuth` option. Not allowing SSH agent
forwarding can cause authentication to fail unexpectedly.
This can currently be worked around by setting `NIX_SSHOPTS="-A"`, but
we should defer to the options in the SSH config files to be least
surprising for users.
|
|
Fix typo -- dashes not underscores
|
|
|
|
This exposes the Store::queryPathFromHashPart() interface in the CLI.
|
|
|
|
When fetching a non-local git repo by ref (and no rev), don't consider unrelated
cached revs for the same repository.
|
|
Improve Rosetta detection
|
|
|
|
|
|
We haven't parsed the '-v' command line flags yet when this code executes,
so we can't actually get debug output here.
|
|
|
|
After we've send "\2\n" to the parent, we can't send a serialized
exception anymore. It will show up garbled like
$ nix-build --store /tmp/nix --expr 'derivation { name = "foo"; system = "x86_64-linux"; builder = "/foo/bar"; }'
this derivation will be built:
/nix/store/xmdip0z5x1zqpp6gnxld3vqng7zbpapp-foo.drv
building '/nix/store/xmdip0z5x1zqpp6gnxld3vqng7zbpapp-foo.drv'...
ErrorErrorEexecuting '/foo/bar': No such file or directory
error: builder for '/nix/store/xmdip0z5x1zqpp6gnxld3vqng7zbpapp-foo.drv' failed with exit code 1
|
|
Turns out that one of those *.plist files can exist even if Rosetta is
not installed. So let's just try to run an x86_64-darwin binary
directly.
|
|
|
|
Make warning about chroot store location more accurate
|
|
While trying to use an alternate directory for my Nix installation, I
noticed that nix's output didn't reflect the updated state
directory. This patch corrects that and now prints the warning before
attempting to create the directory (if the directory creation fails,
it wouldn't have been obvious why nix was attempting to create the
directory in the first place).
With this patch, I now get the following warning:
warning: '/home/deck/.var/app/org.nixos.nix/var/nix' does not
exist, so Nix will use '/home/deck/.local/share/nix/root' as a
chroot store
|
|
This unclutters the per-command options a bit by moving out some
global options.
|
|
|
|
parseDrvName: remove doc/impl discrepancy, add test covering the gap
|
|
The documentation for `parseDrvName` does not agree with the implementation when
the derivation name contains a dash which is followed by something that is
neither a letter nor a digit. This commit corrects the documentation to agree
with the implementation.
|
|
|
|
amjoseph-nixpkgs/pr/doc/explain-local-remote-binary-substituter
|
|
If we don't have any github token, we won't be able to fetch private
repos, but we are also more likely to run into API limits since
we don't have a token. To mitigate this only ever use the github api
if we actually have a token.
|
|
archive: check close errors when extracting nars
|
|
Fixes #1982
|
|
Mention `--accept-flake-config` in the related warning
|
|
The current definition of `intersectAttrs` is incorrect:
> Return a set consisting of the attributes in the set e2 that also exist in the
> set e1.
Recall that (Nix manual, section 5.1):
> An attribute set is a collection of name-value-pairs (called attributes)
According to the existing description of `intersectAttrs`, the following should
evaluate to the empty set, since no key-value *pair* (i.e. attribute) exists in
both sets:
```
builtins.intersectAttrs { x=3; } {x="foo";}
```
And yet:
```
nix-repl> builtins.intersectAttrs { x=3; } {x="foo";}
{ x = "foo"; }
```
Clearly the intent here was for the *names* of the resulting attribute set to be
the intersection of the *names* of the two arguments, and for the values of the
resulting attribute set to be the values from the second argument.
This commit corrects the definition, making it match the implementation and intent.
|
|
nix develop: Ignore stdenv's $SHELL
|