Commit graph

74 commits

Author SHA1 Message Date
Eelco Dolstra
e3b051aeeb * Include the size of the bzipped archive (necessary for computing the
cheapest download path), as well as the hash of the contents of the
  path (necessary for checking patch applicability).
2004-12-13 16:56:18 +00:00
Eelco Dolstra
2d35116c13 * Setuid support for sharing a Nix installation between multiple
users.

  If the configure flag `--enable-setuid' is used, the Nix programs
  nix-env, nix-store, etc. are installed with the setuid bit turned on
  so that they are executed as the user and group specified by
  `--with-nix-user=USER' and `--with-nix-group=GROUP', respectively
  (with defaults `nix' and `nix').

  The setuid programs drop all special privileges if they are executed
  by a user who is not a member of the Nix group.

  The setuid feature is a quick hack to enable sharing of a Nix
  installation between users who trust each other.  It is not
  generally secure, since any user in the Nix group can modify (by
  building an appropriate derivation) any object in the store, and for
  instance inject trojans into binaries used by other users.

  The setuid programs are owned by root, not the Nix user.  This is
  because on Unix normal users cannot change the real uid, only the
  effective uid.  Many programs don't work properly when the real uid
  differs from the effective uid.  For instance, Perl will turn on
  taint mode.  However, the setuid programs drop all root privileges
  immediately, changing all uids and gids to the Nix user and group.
2004-08-20 14:49:05 +00:00
Eelco Dolstra
21655a70f5 * Channels. These allow you to stay current with an evolving set of
Nix expressions.

  To subscribe to a channel (needs to be done only once):

    nix-channel --add \
      http://catamaran.labs.cs.uu.nl/dist/nix/channels/nixpkgs-unstable

  This just adds the given URL to ~/.nix-channels (which can also be
  edited manually).

  To update from all channels:

    nix-channel --update

  This fetches the latest expressions and pulls cache manifests.  The
  default Nix expression (~/.nix-defexpr) is made to point to the
  conjunction of the expressions downloaded from all channels.

  So to update all installed derivations in the current user
  environment:

    nix-channel --update
    nix-env --upgrade '*'

  If you are really courageous, you can put this in a cronjob or
  something.

  You can subscribe to multiple channels.  It is not entirely clear
  what happens when there are name clashes between derivations from
  different channels.  From nix-env/main.cc it appears that the one
  with the lowest (highest?) hash will be used, which is pretty
  meaningless.
2004-04-21 14:54:05 +00:00
Eelco Dolstra
7cce0c34e1 * Allow extra parameters to be passed to Curl through the `CURL_FLAGS'
environment variable.  This is useful for passing authentication
  information (it won't show up in `ps').  Hacky - nix-push should
  abstract over the use of Curl.
2004-04-15 15:14:16 +00:00
Eelco Dolstra
03f1d1ecb5 * Switched from wget to curl.
* Made the dependencies on bzip2 and the shell explicit.
2004-04-06 08:18:51 +00:00
Eelco Dolstra
beda10f5a2 * Make perl a dependency of Nix. 2004-03-15 15:23:53 +00:00
Eelco Dolstra
1ad9d11247 * Only include predecessors that are themselves being pushed.
Otherwise the substitute mechanism can break in subtle ways.
2004-02-13 10:43:31 +00:00
Eelco Dolstra
92e832348d * Lots of manual stuff. Reference pages for most Nix commands.
* nix-pull now requires the full url to the manifest, i.e.,
  `/MANIFEST/' is no longer automatically appended.
* nix-prefetch-url works again.
2004-02-10 16:14:47 +00:00
Eelco Dolstra
9a404e45c9 * Synchronous nix-pull' with nix-push'.
* Use curl instead of wget.
2004-01-14 14:20:33 +00:00
Eelco Dolstra
16f9b133ec * Improved `nix-push': it now uses HTTP PUT (instead of rsync) to copy
files.  Target location is no longer hard-coded; it accepts a number
  of URLs on the command line.

* `nix-install-package': compatibility fixes.
2004-01-14 11:13:08 +00:00
Eelco Dolstra
397c8ba898 * Missing semicolons. 2003-12-21 21:56:54 +00:00
Eelco Dolstra
a3ca74a1c3 * Bug fix in nix-push. 2003-12-01 16:34:35 +00:00
Eelco Dolstra
5d2b424804 * Use a system name that does not include the OS manufacturer (i.e.,
"i686-linux" instead of "i686-suse-linux").
2003-12-01 14:36:50 +00:00
Eelco Dolstra
9486dda115 * Fix nix-push. 2003-11-22 20:39:51 +00:00
Eelco Dolstra
0eab306466 * NarPath -> NarName. 2003-10-20 09:08:44 +00:00
Eelco Dolstra
ab5e8767fa * Get nix-push to work again.
* Fixed svn:ignore on externals/.
2003-10-16 13:13:39 +00:00
Eelco Dolstra
5d4171f7fb * Synchronise terminology with the ICSE paper (e.g., slice -> closure,
fstate -> Nix expression).
* Fix src/test.cc.
2003-10-07 12:27:49 +00:00
Eelco Dolstra
c4f1f49574 * nix-push generated invalid (old-style) slices.
* nar.sh needs a path.
2003-08-28 10:10:12 +00:00
Eelco Dolstra
b9c9b461ea * Made nix-push much faster. 2003-08-05 12:30:06 +00:00
Eelco Dolstra
a01629894d * Use `--query --requisites' and include successors when pushing. Don't
use `--query --generators' anymore.
2003-07-29 15:19:03 +00:00
Eelco Dolstra
c7bdb76fe4 * Syntax fixes.
* When pushing, put the hash in the file name so that the 
  client can verify (proof-carrying file names?).
2003-07-21 21:34:56 +00:00
Eelco Dolstra
54664b6fb7 * The write() system call can write less than the requested
number of bytes, e.g., in case of a signal like SIGSTOP.  
  This caused `nix --dump' to fail sometimes.

  Note that this bug went unnoticed because the call to `nix 
  --dump' is in a pipeline, and the shell ignores non-zero 
  exit codes from all but the last element in the pipeline.  
  Is there any way to check the result of the initial elements
  in the pipeline?  (In other words, is it at all possible to 
  write reliable shell scripts?)
2003-07-16 21:24:02 +00:00
Eelco Dolstra
9d56ca219f * Substitute fixes. 2003-07-16 20:00:51 +00:00
Eelco Dolstra
9c620e4afa * Generate the scripts so that we can substitute the prefix
etc. correctly.
* Fixed nix-switch.
2003-07-13 18:58:03 +00:00
Renamed from scripts/nix-push (Browse further)