aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-08-17ProgressBar: Delay before showing a new activityEelco Dolstra
Some activities are numerous but usually very short (e.g. copying a source file to the store) which would cause a lot of flickering. So only show activities that have been running for at least 10 ms.
2022-08-17nix flake metadata: Don't show "Inputs" if there are no inputsEelco Dolstra
2022-08-17Show when we're evaluating a flakeEelco Dolstra
2022-08-10docfix: bundlersDavid Arnold
2022-08-10Merge pull request #6850 from NinjaTrappeur/nin/build-checkThéophane Hufschmitt
Fix Nix build --check flag
2022-08-09nix-shell: specify which outputs from bashInteractive to buildWinter
2022-08-08Merge remote-tracking branch 'upstream/master' into ↵Théophane Hufschmitt
fix-mv-in-different-filesystems
2022-08-08Remove the explicit `c++fs` linkage on darwinThéophane Hufschmitt
Doesn't seem needed on a recent-enough clang anymore (and even seems to break stuff)
2022-08-07Do not spam logs if the owned-homedir check results in a noopDave Nicponski
2022-08-04docs/flake-update: fix exampleErik Arvstedt
2022-08-04libexpr/flake: remove `FIXME`Erik Arvstedt
Line 593 checks that all overrides (i.e. all elements of `lockFlags.inputOverrides`) are members of `overridesUsed`.
2022-08-04flakeref: fix commentErik Arvstedt
2022-08-03Fix NIX_COUNT_CALLS=1Eelco Dolstra
Also, make the JSON writer support std::string_view. Fixes #6857.
2022-08-03Make `moveFile` more atomicThéophane Hufschmitt
Rather than directly copying the source to its dest, copy it first to a temporary location, and eventually move that temporary. That way, the move is at least atomic from the point-of-view of the destination
2022-08-03Only use `renameFile` where neededThéophane Hufschmitt
In most places the fallback to copying isn’t needed and can actually be bad, so we’d rather not transparently fallback
2022-08-03moveFile -> renameFileThéophane Hufschmitt
`move` tends to have this `mv` connotation of “I will copy it for you if needs be”
2022-08-03Link against c++fs on darwinThéophane Hufschmitt
Required by the old clang version
2022-08-03Re-implement the recursive directory copyThéophane Hufschmitt
The recursive copy from the stl doesn’t exactly do what we need because 1. It doesn’t delete things as we go 2. It doesn’t keep the mtime, which change the nars So re-implement it ourselves. A bit dull, but that way we have what we want
2022-08-03rename: Fallback to a copy if the filesystems mismatchThéophane Hufschmitt
In `nix::rename`, if the call to `rename` fails with `EXDEV` (failure because the source and the destination are in a different filesystems) switch to copying and removing the source. To avoid having to re-implement the copy manually, I switched the function to use the c++17 `filesystem` library (which has a `copy` function that should do what we want). Fix #6262
2022-08-03Create a wrapper around stdlib’s `rename`Théophane Hufschmitt
Directly takes some c++ strings, and gently throws an exception on error (rather than having to inline this logic everywhere)
2022-08-03Move some fs-related functions to their own fileThéophane Hufschmitt
Unclutter `util.cc` a bit
2022-08-01derivation-goal.cc: remove bmCheck custom return branch on buildDoneFélix Baylac-Jacqué
Once a derivation goal has been completed, we check whether or not this goal was meant to be repeated to check its output. An early return branch was preventing the worker to reach that repeat code branch, hence breaking the --check command (#2619). It seems like this early return branch is an artifact of a passed refactoring. As far as I can tell, buildDone's main branch also cleanup the tmp directory before returning.
2022-07-22Merge pull request #6814 from amjoseph-nixpkgs/pr/sandbox-error-messagesThéophane Hufschmitt
local-derivation-goal.cc: improve error messages when sandboxing fails
2022-07-21nix shell: example shouldn't use an absolute path for the shellSolène Rapenne
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2022-07-20nix shell: document how to invoke multiple commands from the command lineSolène Rapenne
2022-07-20Merge branch 'master' into parallel-nix-copyThéophane Hufschmitt
2022-07-19libstore/globals.cc: Move cgroup detection to libutilAlex Wied
2022-07-19libstore/globals.cc: Automatically set cores based on cgroup CPU limitAlex Wied
By default, Nix sets the "cores" setting to the number of CPUs which are physically present on the machine. If cgroups are used to limit the CPU and memory consumption of a large Nix build, the OOM killer may be invoked. For example, consider a GitLab CI pipeline which builds a large software package. The GitLab runner spawns a container whose CPU is limited to 4 cores and whose memory is limited to 16 GiB. If the underlying machine has 64 cores, Nix will invoke the build with -j64. In many cases, that level of parallelism will invoke the OOM killer and the build will completely fail. This change sets the default value of "cores" to be ceil(cpu_quota / cpu_period), with a fallback to std::thread::hardware_concurrency() if cgroups v2 is not detected.
2022-07-19Don't ultimately trust the signed pathsThéophane Hufschmitt
Like the old implem did (and like you'd want it to be anyways)
2022-07-19local-derivation-goal.cc: save global errno to the stack before performing ↵Adam Joseph
tests which might clobber it
2022-07-19error.hh: add additional constructor with explicit errno argumentAdam Joseph
2022-07-19as requested by @thufschmitt ↵Adam Joseph
https://github.com/NixOS/nix/pull/6814#discussion_r924275777
2022-07-19change warn() to notice()Adam Joseph
2022-07-17local-derivation-goal.cc: detect unprivileged_userns_clone failure modeAdam Joseph
The workaround for "Some distros patch Linux" mentioned in local-derivation-goal.cc will not help in the `--option sandbox-fallback false` case. To provide the user more helpful guidance on how to get the sandbox working, let's check to see if the `/proc` node created by the aforementioned patch is present and configured in a way that will cause us problems. If so, give the user a suggestion for how to troubleshoot the problem.
2022-07-17local-derivation-goal.cc: add comment re: CLONE_NEWUSERAdam Joseph
local-derivation-goal.cc contains a comment stating that "Some distros patch Linux to not allow unprivileged user namespaces." Let's give a pointer to a common version of this patch for those who want more details about this failure mode.
2022-07-16local-derivation-goal.cc: warn if failing and /proc/self/ns/user missingAdam Joseph
This commit causes nix to `warn()` if sandbox setup has failed and `/proc/self/ns/user` does not exist. This is usually a sign that the kernel was compiled without `CONFIG_USER_NS=y`, which is required for sandboxing.
2022-07-16local-derivation-goal.cc: warn if failing due to max_user_namespaces==0Adam Joseph
This commit uses `warn()` to notify the user if sandbox setup fails with errno==EPERM and /proc/sys/user/max_user_namespaces is missing or zero, since that is at least part of the reason why sandbox setup failed. Note that `echo -n 0 > /proc/sys/user/max_user_namespaces` or equivalent at boot time has been the recommended mitigation for several Linux LPE vulnerabilities over the past few years. Many users have applied this mitigation and then forgotten that they have done so.
2022-07-16local-derivation-goal.cc: improve error messages when sandboxing failsAdam Joseph
The failure modes for nix's sandboxing setup are pretty complicated. When nix is unable to set up the sandbox, let's provide more detail about what went wrong. Specifically: * Make sure the error message includes the word "sandbox" so the user knows that the failure was related to sandboxing. * If `--option sandbox-fallback false` was provided, and removing it would have allowed further attempts to make progress, let the user know.
2022-07-15fix(libstore): allow Nix to access all Rosetta 2 paths on MacOSAlex Wied
Fixes: #5884
2022-07-15Merge pull request #6810 from jfly/jfly/do-not-assume-savedvars-existEelco Dolstra
nix develop: do not assume that saved vars are set
2022-07-15Disable auto-chroot if $NIX_STATE_DIR is setEelco Dolstra
Issue #6732.
2022-07-14nix develop: do not assume that saved vars are setJeremy Fleischman
This fixes https://github.com/NixOS/nix/issues/6809
2022-07-14Disable auto-chroot if $NIX_STORE_DIR is setEelco Dolstra
Fixes #6732.
2022-07-13Simplify the check for overrides on non-existent inputsEelco Dolstra
2022-07-13Fix typo in flake.ccIkko Ashimine
non-existant -> non-existent
2022-07-12Merge pull request #6663 from Ma27/follows-invalid-inputThéophane Hufschmitt
flakes: throw an error if `follows`-declaration for an input is invalid
2022-07-12Fix debug messageEelco Dolstra
2022-07-12Move follows-check into its own functionMaximilian Bosch
2022-07-12Turn error for non-existant follows into a warningMaximilian Bosch
2022-07-12flakes: throw an error if `follows`-declaration for an input is invalidMaximilian Bosch
I recently got fairly confused why the following expression didn't have any effect { description = "Foobar"; inputs.sops-nix = { url = github:mic92/sops-nix; inputs.nixpkgs_22_05.follows = "nixpkgs"; }; } until I found out that the input was called `nixpkgs-22_05` (please note the dash vs. underscore). IMHO it's not a good idea to not throw an error in that case and probably leave end-users rather confused, so I implemented a small check for that which basically checks whether `follows`-declaration from overrides actually have corresponding inputs in the transitive flake. In fact this was done by accident already in our own test-suite where the removal of a `follows` was apparently forgotten[1]. Since the key of the `std::map` that holds the `overrides` is a vector and we have to find the last element of each vector (i.e. the override) this has to be done with a for loop in O(n) complexity with `n` being the total amount of overrides (which shouldn't be that large though). Please note that this doesn't work with nested expressions, i.e. inputs.fenix.inputs.nixpkgs.follows = "..."; which is a known problem[2]. For the expression demonstrated above, an error like this will be thrown: error: sops-nix has a `follows'-declaration for a non-existant input nixpkgs_22_05! [1] 2664a216e57169ec57d7f51be1b8383c1be83fd5 [2] https://github.com/NixOS/nix/issues/5790