nixos/nix
1
1
Fork 0
mirror of https://github.com/NixOS/nix.git synced 2025-11-26 12:10:59 +01:00
Code Activity
1588 commits 187 branches 219 tags 164 MiB
Commit graph

102 commits

Author SHA1 Message Date
Wouter den Breejen
bdecf3bdbc In the middle of adding state references to derivations and the db... 2007-06-18 19:54:31 +00:00
Wouter den Breejen
184443d18d Before adjusting getStateReferencesClosure_ 2007-06-13 15:18:57 +00:00
Wouter den Breejen
76f5c8ba07 Almost finished the identifier/user/multiple-derivations mod 2007-06-12 21:01:55 +00:00
Wouter den Breejen
fe04276aef before adjusting derivers table 2007-06-12 12:48:35 +00:00
Wouter den Breejen
95ce7e04b7 Nix now includes the username into the hash calculation, statepaths are also recomputed at buildtime so they cannot be spoofed 2007-06-11 16:43:32 +00:00
Wouter den Breejen
79d5604780 Changed commit script: it recursively walkes through all dirs itself now, uses svn stat where needed, and doesnt use svn add *,svn revert anymore and is much faster 2007-06-07 13:16:38 +00:00
Wouter den Breejen
bcf9d3ab2f 2007-06-04 16:51:15 +00:00
Wouter den Breejen
9c46444641 Before creating multiple derivation - component instances 2007-05-31 17:18:13 +00:00
Wouter den Breejen
653e557e81 Before modifying commit shell script 2007-05-30 11:27:01 +00:00
Wouter den Breejen
0a303ea2c0 before changing db schema 2007-05-25 12:27:36 +00:00
Wouter den Breejen
97eb8c32a0 created sub commit scripts 2007-05-22 16:57:36 +00:00
Wouter den Breejen
86b053dd80 Fixed backwards compatible hack & added state creation call after build 2007-05-22 13:19:27 +00:00
Wouter den Breejen
09b8b7efbc Added backwards compatib. but still something... remains that changes the hashes .... :( 2007-05-21 23:42:20 +00:00
Wouter den Breejen
5cac336820 Repositorys are created, state dirs are checked out automatically 2007-05-21 21:34:49 +00:00
Wouter den Breejen
8a7874d77d in the middle of adding nixStoreState ... 2007-05-18 19:50:58 +00:00
Eelco Dolstra
803cb6e3b9 * Override the setuid helper using NIX_SETUID_HELPER. 2007-03-20 22:04:25 +00:00
Eelco Dolstra
8ab229ddf2 * Terminate build hooks and substitutes with a TERM signal, not a KILL 
signal.  This is necessary because those processes may have joined
  the BDB environment, so they have to be given a chance to clean up.
  (NIX-85)
 2007-03-19 12:48:45 +00:00
Eelco Dolstra
917e06bf63 * Delete the output paths before invoking the build hook. 2007-03-07 15:53:11 +00:00
Eelco Dolstra
46e0919ced * `nix-store --export --sign': sign the Nix archive using the RSA key 
in /nix/etc/nix/signing-key.sec
 2007-02-21 14:31:42 +00:00
Eelco Dolstra
fac63d6416 * exportReferencesGraph: work on paths within store paths as well. 2007-01-23 16:57:43 +00:00
Eelco Dolstra
a3e6415ba8 * New primop builtins.filterSource, which can be used to filter files 
from a source directory.  All files for which a predicate function
  returns true are copied to the store.  Typical example is to leave
  out the .svn directory:

    stdenv.mkDerivation {
      ...
      src = builtins.filterSource
        (path: baseNameOf (toString path) != ".svn")
        ./source-dir;
      # as opposed to
      #   src = ./source-dir;
    }

  This is important because the .svn directory influences the hash in
  a rather unpredictable and variable way.
 2006-12-12 23:05:01 +00:00
Eelco Dolstra
5f681988f2 * Use deletePathWrapped() in more places. 2006-12-09 00:26:24 +00:00
Eelco Dolstra
fa33303146 * Goal cancellation inside the waitForInput() loop needs to be handled 
very carefully, since it can invalidate iterators into the
  `children' map.
 2006-12-08 18:41:48 +00:00
Eelco Dolstra
06c4929958 * Some refactoring. 
* Throw more exceptions as BuildErrors instead of Errors.  This
  matters when --keep-going is turned on.  (A BuildError is caught
  and terminates the goal in question, an Error terminates the
  program.)
 2006-12-08 17:26:21 +00:00
Eelco Dolstra
9dbfe242e3 * Kill a build if it has gone for more than a certain number of 
seconds without producing output on stdout or stderr (NIX-65).  This
  timeout can be specified using the `--max-silent-time' option or the
  `build-max-silent-time' configuration setting.  The default is
  infinity (0).

* Fix a tricky race condition: if we kill the build user before the
  child has done its setuid() to the build user uid, then it won't be
  killed, and we'll potentially lock up in pid.wait().  So also send a
  conventional kill to the child.
 2006-12-08 15:44:00 +00:00
Eelco Dolstra
d3fe6ab024 * Also for convenience, change the ownership of the build output even 
in case of failure.
 2006-12-08 00:19:50 +00:00
Eelco Dolstra
096194ab29 * Remove ancient terminology. 2006-12-07 23:58:36 +00:00
Eelco Dolstra
6833e8bbe8 * When keeping the temporary build directory (-K), change the owner 
back to the Nix account.
 2006-12-07 23:27:40 +00:00
Eelco Dolstra
2819eb36a4 * Be less verbose. 2006-12-07 21:43:35 +00:00
Eelco Dolstra
c3286ec020 * Don't count on the Pid deconstructor to kill the child process, 
since if we're running a build user in non-root mode, we can't.  Let
  the setuid helper do it.
 2006-12-07 17:52:58 +00:00
Eelco Dolstra
f76fdb6d42 * If not running as root, let the setuid helper kill the build user's 
processes before and after the build.
 2006-12-07 16:33:31 +00:00
Eelco Dolstra
ec23ecc64d * In the garbage collector, if deleting a path fails, try to fix its 
ownership, then try again.
 2006-12-07 15:54:52 +00:00
Eelco Dolstra
a0a43c3206 * When not running as root, call the setuid helper to change the 
ownership of the build result after the build.
 2006-12-07 15:18:14 +00:00
Eelco Dolstra
6a07ff1ec0 * Change the ownership of store paths to the Nix account before 
deleting them using the setuid helper.
 2006-12-07 14:14:35 +00:00
Eelco Dolstra
7d8cf316ee * Pass the actual build user to the setuid helper. 2006-12-07 11:27:32 +00:00
Eelco Dolstra
a45c498e4e * If Nix is not running as root, call the setuid helper to start the 
builder under the desired build user.
 2006-12-07 00:42:30 +00:00
Eelco Dolstra
813a7c65c9 * Sanity check. 2006-12-07 00:19:27 +00:00
Eelco Dolstra
6a8e60913a * Move killUser() to libutil so that the setuid helper can use it. 2006-12-07 00:16:07 +00:00
Eelco Dolstra
6e5ec1029a * Get rid of `build-users'. We'll just take all the members of 
`build-users-group'.  This makes configuration easier: you can just
  add users in /etc/group.
 2006-12-06 20:00:15 +00:00
Eelco Dolstra
9f0efa6611 * Start of the setuid helper (the program that performs the operations 
that have to be done as root: running builders under different uids,
  changing ownership of build results, and deleting paths in the store
  with the wrong ownership).
 2006-12-06 01:24:02 +00:00
Eelco Dolstra
2b558843a2 * Be less chatty. 2006-12-05 19:01:19 +00:00
Eelco Dolstra
44cad9630f * Urgh. Do setgid() before setuid(), because the semantics of setgid() 
changes completely depending on whether you're root...
 2006-12-05 18:28:15 +00:00
Eelco Dolstra
4c1c37d0b6 * FreeBSD returns ESRCH when there are no processes to kill. 2006-12-05 18:07:46 +00:00
Eelco Dolstra
a9c4f66cfb * Allow unprivileged users to run the garbage collector and to do 
`nix-store --delete'.  But unprivileged users are not allowed to
  ignore liveness.
* `nix-store --delete --ignore-liveness': ignore the runtime roots as
  well.
 2006-12-05 02:18:46 +00:00
Eelco Dolstra
35247c4c9f * Removed `build-allow-root'. 
* Added `build-users-group', the group under which builds are to be
  performed.
* Check that /nix/store has 1775 permission and is owner by the
  build-users-group.
 2006-12-03 15:32:38 +00:00
Eelco Dolstra
7951c3c546 * Some hackery to propagate the worker's stderr and exceptions to the 
client.
 2006-12-03 02:08:13 +00:00
Eelco Dolstra
e25fad691a * Move addTempRoot() to the store API, and add another function 
syncWithGC() to allow clients to register GC roots without needing
  write access to the global roots directory or the GC lock.
 2006-12-02 16:41:36 +00:00
Eelco Dolstra
0565b5f2b3 * More remote operations. 
* Added new operation hasSubstitutes(), which is more efficient than
  querySubstitutes().size() > 0.
 2006-11-30 22:43:55 +00:00
Eelco Dolstra
6ecb840fd1 * Put building in the store API. 2006-11-30 18:02:04 +00:00
Eelco Dolstra
e2ef5e07fd * Refactoring. There is now an abstract interface class StoreAPI 
containing functions that operate on the Nix store.  One
  implementation is LocalStore, which operates on the Nix store
  directly.  The next step, to enable secure multi-user Nix, is to
  create a different implementation RemoteStore that talks to a
  privileged daemon process that uses LocalStore to perform the actual
  operations.
 2006-11-30 17:43:04 +00:00