Commit graph

12532 commits

Author SHA1 Message Date
Bernardo Meurer 931930feb1 fix(libstore/lock): support users that belong to more than 10 groups
The manpage for `getgrouplist` says:

> If the number of groups of which user is a member is less than or
> equal to *ngroups, then the value *ngroups is returned.
>
> If the user is a member of more than *ngroups groups, then
> getgrouplist() returns -1.  In this case, the value returned in
> *ngroups can be used to resize the buffer passed to a further
> call getgrouplist().

In our original code, however, we allocated a list of size `10` and, if
`getgrouplist` returned `-1` threw an exception. In practice, this
caused the code to fail for any user belonging to more than 10 groups.

While unusual for single-user systems, large companies commonly have a
huge number of POSIX groups users belong to, causing this issue to crop
up and make multi-user Nix unusable in such settings.

The fix is relatively simple, when `getgrouplist` fails, it stores the
real number of GIDs in `ngroups`, so we must resize our list and retry.
Only then, if it errors once more, we can raise an exception.

This should be backported to, at least, 2.9.x.
2022-06-08 13:45:41 -04:00
Eelco Dolstra 12e86c0735
Merge pull request #6630 from edolstra/boost-dylib
Remove ${boost}/lib from the RPATH
2022-06-08 17:55:21 +02:00
Eelco Dolstra 7b968af930
Update docker.nix
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2022-06-08 17:41:31 +02:00
Eelco Dolstra 4a3f217bde
Remove ${boost}/lib from the RPATH 2022-06-08 15:51:35 +02:00
Théophane Hufschmitt 694b12052a
Merge pull request #6624 from NixOS/new-flake-style
flake.nix: Convert to new naming convention
2022-06-08 13:34:09 +02:00
Eelco Dolstra e88892dc21
Merge pull request #6627 from asymmetric/key-comment
Fix missing ` in key manual
2022-06-08 12:10:52 +02:00
Lorenzo Manacorda 814ddfa5f5 Fix missing ` in key manual 2022-06-08 11:46:50 +02:00
Jonpez2 a7d25d339d
Add security.csm to the default ignore list 2022-06-08 09:32:14 +01:00
Eelco Dolstra b2dea231cf
Merge pull request #6618 from afishhh/search-exclude
Add `-e`/`--exclude` flag to `nix search`
2022-06-07 19:01:36 +02:00
Fishhh 9ae22b1fde
Use grep -c instead of grep|wc -l in some nix search tests 2022-06-07 18:25:59 +02:00
Fishhh 0338cf5539
Add tests for --exclude flag in nix search 2022-06-07 18:25:52 +02:00
Fishhh e009367c8d
Remove redundant std::moves in calls to hiliteMatches 2022-06-07 18:25:52 +02:00
Fishhh b42358b9be
Add --exclude flag to nix search
If a package's attribute path, description or name contains matches for any of the
regexes specified via `-e` or `--exclude` that package is excluded from
the final output.
2022-06-07 18:25:48 +02:00
Eelco Dolstra 8977cdee6a
Merge pull request #6598 from cole-h/update-flake-for-real
flake: update to 22.05
2022-06-07 15:13:16 +02:00
Eelco Dolstra faf80fa920
Convert to new flake style
https://github.com/NixOS/nix/issues/5532
2022-06-07 14:36:23 +02:00
Eelco Dolstra 0f8754cd30
Fix 22.05 eval warnings 2022-06-07 14:27:10 +02:00
Eelco Dolstra 5a9d83aa59
Disable cross builds on platforms other than x86_64-linux
Needed because evaluation was broken on x86_64-darwin.
2022-06-07 14:27:06 +02:00
Eelco Dolstra 739c358c68
Merge pull request #6602 from cw789/patch-2
Explain exactly what nix-upgrade nix does
2022-06-07 13:08:56 +02:00
Malte Brandy bf2f25e3d8 respect print-missing variable in new-style build command
Currently nix-build prints the "printMissing" information by default,
nix build doesn’t.
People generally don‘t notice this because the standard log-format of
nix build would not display the printMissing
output long enough to perceive the information.

This addresses https://github.com/NixOS/nix/issues/6561
2022-06-06 21:15:31 +02:00
Jonpez2 0cd560c95d
Add security.csm to ignored-acls
The security.csm ACL is, as far as I know, never reasonable to remove, so let's add it to the ignore-list in the vanilla nix image.  This makes this image usable on GKE.
2022-06-06 16:56:42 +01:00
Fishhh d137ceccef
Fix incorrect comment in hiliteMatches 2022-06-05 20:30:18 +02:00
Eelco Dolstra 1dd7253133
Merge pull request #6603 from abathur/installer_fix_vi_swapfile
darwin-install: work around existing vim swap files
2022-06-03 08:51:48 +02:00
Eelco Dolstra 2097c30b08
Merge pull request #6600 from asymmetric/hash-comment
schema.sql: add comment about hash being in base16
2022-06-03 08:51:07 +02:00
Eelco Dolstra b2edca1def
Merge pull request #6610 from edolstra/random-fixes
Random fixes/improvements from the lazy-trees branch
2022-06-03 08:50:16 +02:00
Tom Bereknyei ffd41d1757 Merge branch 'master' into nix-repl-flakes 2022-06-02 16:58:35 -04:00
Eelco Dolstra 28e08822a3
Avoid unnecessary string copy 2022-06-02 21:26:28 +02:00
Eelco Dolstra abb80cfa4c
Add operator for concatenating strings and string_views 2022-06-02 21:26:21 +02:00
Eelco Dolstra 24b3a500a7
Typo 2022-06-02 21:21:10 +02:00
Eelco Dolstra 81a486c607
Shut up clang warnings 2022-06-02 21:19:54 +02:00
Eelco Dolstra 2868acb4a5
tests/flakes.sh: Fix some ignored breakage 2022-06-02 21:19:16 +02:00
Ben Burdette 8cf6ae8664 use Counter class to count tryEval levels 2022-06-02 12:29:38 -06:00
Ben Burdette bc0d41e9ba print message with exceptions in a try clause 2022-06-02 12:17:28 -06:00
Ben Burdette 9151dbff88 ignore-try flag 2022-06-02 10:26:46 -06:00
Chris Wögi 51b3cc151e Explain exactly what nix-upgrade nix does 2022-06-02 15:05:27 +02:00
Théophane Hufschmitt 1892355766
Merge pull request #5813 from pennae/lto
enable LTO in optimized builds
2022-06-01 19:07:58 +02:00
Théophane Hufschmitt a5f7b934bd
Merge branch 'master' into lto 2022-06-01 17:55:03 +02:00
Travis A. Everett 505d6ee5e2 darwin-install: work around existing vim swapfiles
User on Matrix reported install problems which presented as
"vifs:editing error" which we traced back to vim griping about an
existing swap file. When opened interactively, it did this:

E325: ATTENTION
Found a swap file by the name "/etc/.fstab.swp"
owned by: root dated: Sön Apr 24 16:54:10 2022
file name: /private/etc/fstab
modified: YES
user name: root host name: MBP.local
process ID: 1698
While opening file "/etc/fstab"
dated: Sön Apr 24 16:56:27 2022
NEWER than swap file!
...
2022-06-01 09:41:00 -05:00
Lorenzo Manacorda a9358a6097 schema.sql: add comment about hash being in base16 2022-06-01 14:59:57 +02:00
Maximilian Bosch 159b5815b5
repl: --option pure-eval true actually enables pure eval mode
To quote Eelco in #5867:

> Unfortunately we can't do
>
>     evalSettings.pureEval.setDefault(false);
>
> because then we have to do the same in main.cc (where
> pureEval is set to true), and that would allow pure-eval
> to be disabled globally from nix.conf.

Instead, a command should specify that it should be impure by
default. Then, `evalSettings.pureEval` will be set to `false;` unless
it's overridden by e.g. a CLI flag.

In that case it's IMHO OK to be (theoretically) able to override
`pure-eval` via `nix.conf` because it doesn't have an effect on commands
where `forceImpureByDefault` returns `false` (i.e. everything where pure
eval actually matters).

Closes #5867
2022-05-31 22:20:11 +02:00
Cole Helbling dbf0d3a150 tests/nss-preload: move nix-fetch binding 2022-05-31 12:14:34 -07:00
Cole Helbling bd0192d0bb flake: update to 22.05
The static build works now :)
2022-05-31 11:51:17 -07:00
Eelco Dolstra 078c80f750
Merge pull request #6582 from NixOS/debug-fetchgit-sigsev
Fix a segfault in the git fetcher
2022-05-31 17:17:37 +02:00
Eelco Dolstra 04a699b8a9
Typo 2022-05-31 10:38:03 +02:00
Eelco Dolstra 403201e011
Merge pull request #6537 from cole-h/update-flake
flake: use github: reference to nixpkgs
2022-05-31 08:30:42 +02:00
Eelco Dolstra 929ab5b195
Bump version 2022-05-30 21:11:20 +02:00
Eelco Dolstra de13b44573
Branch 2.9 release notes 2022-05-30 20:42:55 +02:00
Eelco Dolstra af23d38019
Merge pull request #6590 from edolstra/fix-noexcept
Fix noexcept violations
2022-05-30 17:45:44 +02:00
Eelco Dolstra 452dba510d
Mark nix-perl as a Perl module
The call to perl.withPackages in nix-serve expects this.
2022-05-30 14:10:26 +02:00
Eelco Dolstra a72e75e6b6
Merge pull request #6589 from edolstra/respect-output-specified
Respect the outputSpecified attribute
2022-05-30 13:40:07 +02:00
Eelco Dolstra 948515efb7
Set meta.platforms
'nix-serve' in nixpkgs expects the nix package to set this.
2022-05-30 13:35:28 +02:00