From 1aa19b24b27c6bbf4d46cdd7f6d06b534dd67c19 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 18 Feb 2014 01:01:14 +0100 Subject: =?UTF-8?q?Add=20a=20flag=20=E2=80=98--check=E2=80=99=20to=20verif?= =?UTF-8?q?y=20build=20determinism?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The flag ‘--check’ to ‘nix-store -r’ or ‘nix-build’ will cause Nix to redo the build of a derivation whose output paths are already valid. If the new output differs from the original output, an error is printed. This makes it easier to test if a build is deterministic. (Obviously this cannot catch all sources of non-determinism, but it catches the most common one, namely the current time.) For example: $ nix-build '' -A patchelf ... $ nix-build '' -A patchelf --check error: derivation `/nix/store/1ipvxsdnbhl1rw6siz6x92s7sc8nwkkb-patchelf-0.6' may not be deterministic: hash mismatch in output `/nix/store/4pc1dmw5xkwmc6q3gdc9i5nbjl4dkjpp-patchelf-0.6.drv' The --check build fails if not all outputs are valid. Thus the first call to nix-build is necessary to ensure that all outputs are valid. The current outputs are left untouched: the new outputs are either put in a chroot or diverted to a different location in the store using hash rewriting. --- src/libstore/remote-store.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/libstore/remote-store.cc') diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 3017254ba..461920693 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -447,9 +447,9 @@ Paths RemoteStore::importPaths(bool requireSignature, Source & source) } -void RemoteStore::buildPaths(const PathSet & drvPaths, bool repair) +void RemoteStore::buildPaths(const PathSet & drvPaths, BuildMode buildMode) { - if (repair) throw Error("repairing is not supported when building through the Nix daemon"); + if (buildMode != bmNormal) throw Error("repairing or checking is not supported when building through the Nix daemon"); openConnection(); writeInt(wopBuildPaths, to); if (GET_PROTOCOL_MINOR(daemonVersion) >= 13) -- cgit v1.2.3