aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2019-10-21nix make-content-addressable: Add examplesEelco Dolstra
2019-10-21Fix buildEelco Dolstra
2019-10-21Allow content-addressable paths to have referencesEelco Dolstra
This adds a command 'nix make-content-addressable' that rewrites the specified store paths into content-addressable paths. The advantage of such paths is that 1) they can be imported without signatures; 2) they can enable deduplication in cases where derivation changes do not cause output changes (apart from store path hashes). For example, $ nix make-content-addressable -r nixpkgs.cowsay rewrote '/nix/store/g1g31ah55xdia1jdqabv1imf6mcw0nb1-glibc-2.25-49' to '/nix/store/48jfj7bg78a8n4f2nhg269rgw1936vj4-glibc-2.25-49' ... rewrote '/nix/store/qbi6rzpk0bxjw8lw6azn2mc7ynnn455q-cowsay-3.03+dfsg1-16' to '/nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16' We can then copy the resulting closure to another store without signatures: $ nix copy --trusted-public-keys '' ---to ~/my-nix /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16 In order to support self-references in content-addressable paths, these paths are hashed "modulo" self-references, meaning that self-references are zeroed out during hashing. Somewhat annoyingly, this means that the NAR hash stored in the Nix database is no longer necessarily equal to the output of "nix hash-path"; for content-addressable paths, you need to pass the --modulo flag: $ nix path-info --json /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16 | jq -r .[].narHash sha256:0ri611gdilz2c9rsibqhsipbfs9vwcqvs811a52i2bnkhv7w9mgw $ nix hash-path --type sha256 --base32 /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16 1ggznh07khq0hz6id09pqws3a8q9pn03ya3c03nwck1kwq8rclzs $ nix hash-path --type sha256 --base32 /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16 --modulo iq6g2x4q62xp7y7493bibx0qn5w7xz67 0ri611gdilz2c9rsibqhsipbfs9vwcqvs811a52i2bnkhv7w9mgw
2019-10-21Add experimental-features settingEelco Dolstra
Experimental features are now opt-in. There is currently one experimental feature: "nix-command" (which enables the "nix" command. This will allow us to merge experimental features more quickly, without committing to supporting them indefinitely. Typical usage: $ nix build --experimental-features 'nix-command flakes' nixpkgs#hello (cherry picked from commit 8e478c234100cf03ea1b777d4bd42a9be7be9e8c, without the "flakes" feature)
2019-10-21SourceExprCommand::getSourceExpr(): Allocate more spaceEelco Dolstra
Fixes #3140.
2019-10-11ssh-ng: Don't set CPU affinity on the remoteEelco Dolstra
Fixes #3138.
2019-10-10nix verify: Fix uninitialized variableEelco Dolstra
2019-10-10nix-env: Ignore failures creating ~/.nix-profile and ~/.nix-defexprEelco Dolstra
https://hydra.nixos.org/build/102803093
2019-10-10DohEelco Dolstra
https://hydra.nixos.org/build/102803044
2019-10-09Force per-user group to a known valueEelco Dolstra
2019-10-09Go back to 755 permission on per-user directoriesEelco Dolstra
700 is pointless since the store is world-readable anyway. And per-user/root/channels must be world-readable.
2019-10-09nix-env: Create ~/.nix-defexpr automaticallyEelco Dolstra
2019-10-09nix-env: Create ~/.nix-profile automaticallyEelco Dolstra
2019-10-09Remove world-writability from per-user directoriesEelco Dolstra
'nix-daemon' now creates subdirectories for users when they first connect. Fixes #509 (CVE-2019-17365). Should also fix #3127.
2019-10-09Filter ANSI escape sequences in -L outputEelco Dolstra
Otherwise, builds like NixOS VM tests may leave the terminal in a weird state and do resets.
2019-10-09Make std::uncaught_exception warning less noisyEelco Dolstra
2019-10-09Fix Bison 2.4 warningEelco Dolstra
2019-10-09OCD performance fix: {find,count}+insert => insertEelco Dolstra
2019-10-09getSourceExpr(): Handle channelsEelco Dolstra
Fixes #1892. Fixes #1865. Fixes #3119.
2019-10-09Merge pull request #3132 from matthewbauer/handle-sandbox-shellEelco Dolstra
Handle empty sandbox_shell
2019-10-09nix search: Don't quietly ignore errorsEelco Dolstra
2019-10-09nix-build: Fix compilationEelco Dolstra
2019-10-08Handle empty sandbox_shellMatthew Bauer
Previously, SANDBOX_SHELL was set to empty when unavailable. This caused issues when actually generating the sandbox. Instead, just set SANDBOX_SHELL when --with-sandbox-shell= is non-empty. Alternative implementation to https://github.com/NixOS/nix/pull/3038.
2019-10-08Don’t source bashrc in pure modeMatthew Bauer
Pure mode should not try to source the user’s bashrc file. These may have many impurities that the user does not expect to get into their shell. Fixes #3090
2019-10-07nix search: remove verbose exampleSam Doshi
2019-10-04Revert "std::uncaught_exception() -> std::uncaught_exceptions()"Eelco Dolstra
This reverts commit 6b83174ffffbdfc3f876d94d5178e0b83f675cae because it doesn't work on macOS yet. https://hydra.nixos.org/build/102617587
2019-10-02Fix indentationEelco Dolstra
2019-10-01Fix fetchTarball with chroot storesEelco Dolstra
Fixes #2405.
2019-09-30Merge pull request #2338 from bobvanderlinden/pr-cannot-delete-alive-whyDomen Kožar
mention `nix-store --query --roots` when a path cannot be deleted
2019-09-23Merge pull request #3103 from bhipple/fix/spellingEelco Dolstra
Fix spelling in comment
2019-09-23Merge pull request #3104 from zimbatm/no-show-trace-forwardingEelco Dolstra
libstore: don't forward --show-trace
2019-09-22Shut up some warningsEelco Dolstra
(cherry picked from commit 99e8e58f2de9941353b47ed14fbe4ed76d635519)
2019-09-22Don't catch exceptions by valueEelco Dolstra
(cherry picked from commit 893be6f5e36abb58bbaa9c49055a5218114dd514)
2019-09-22libstore: don't forward --show-tracezimbatm
2019-09-21Fix spelling in commentBenjamin Hipple
2019-09-18function-trace: always show the tracezimbatm
If the user invokes nix with --trace-function-calls it means that they want to see the trace.
2019-09-13std::uncaught_exception() -> std::uncaught_exceptions()Eelco Dolstra
The former is deprecated in C++17. Fixes a clang warning.
2019-09-04Disable OpenSSL lock callback on OpenSSL >= 1.1.1Eelco Dolstra
2019-09-04BinaryCacheStore: Add index-debug-info optionEelco Dolstra
This integrates the functionality of the index-debuginfo program in nixos-channel-scripts to maintain an index of DWARF debuginfo files in a format usable by dwarffs. Thus the debug info index is updated by Hydra rather than by the channel mirroring script. Example usage: $ nix copy --to 'file:///tmp/binary-cache?index-debug-info=true' /nix/store/vr9mhcch3fljzzkjld3kvkggvpq38cva-nix-2.2.2-debug $ cat /tmp/binary-cache/debuginfo/036b210b03bad75ab2d8fc80b7a146f98e7f1ecf.debug {"archive":"../nar/0313h2kdhk4v73xna9ysiksp2v8xrsk5xsw79mmwr3rg7byb4ka8.nar.xz","member":"lib/debug/.build-id/03/6b210b03bad75ab2d8fc80b7a146f98e7f1ecf.debug"} Fixes #3083.
2019-09-03Support allowSubstitutes attribute in structured attribute derivationsEelco Dolstra
Hopefully fixes #3081 (didn't test).
2019-09-03Add some noexceptsEelco Dolstra
This is to assert that callback functions should never throw (since the context in which they're called may not be able to handle the exception).
2019-09-03Ensure that Callback is called only onceEelco Dolstra
Also, make Callback movable but uncopyable.
2019-09-03Downloader: Remove a possible double call to CallbackEelco Dolstra
2019-08-29Merge pull request #3069 from matthewbauer/max-nameEelco Dolstra
Set maximum name length in Nix
2019-08-29Don't rely on st_blocksEelco Dolstra
It doesn't seem very reliable on ZFS.
2019-08-29CleanupEelco Dolstra
2019-08-28Merge pull request #2921 from matthewbauer/handle-sigwinchEelco Dolstra
Handle SIGWINCH in main thread
2019-08-28Set maximum name length in NixMatthew Bauer
Previously we allowed any length of name for Nix derivations. This is bad because different file systems have different max lengths. To make things predictable, I have picked a max. This was done by trying to build this derivation: derivation { name = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"; builder = "/no-such-path"; system = "x86_64-linux"; } Take off one a and it will not lead to file name too long. That ends up being 212 a’s. An even smaller max could be picked if we want to support more file systems. Working backwards, this is why: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-${name}.drv.chroot > 255 - 32 - 1 - 4 - 7 = 211
2019-08-28Don't send certain setting overrides to the daemonEelco Dolstra
These are already handled separately. This fixes warnings like warning: ignoring the user-specified setting 'max-jobs', because it is a restricted setting and you are not a trusted user when using the -j flag.
2019-08-27Merge branch 'test-sandboxing' of https://github.com/matthewbauer/nixEelco Dolstra