Eelco Dolstra
ddc58e7896
Enable sandbox builds on Linux by default
...
The overhead of sandbox builds is a problem on NixOS (since building a
NixOS configuration involves a lot of small derivations) but not for
typical non-NixOS use cases. So outside of NixOS we can enable it.
Issue #179 .
2018-02-22 12:27:25 +01:00
Eelco Dolstra
6964131cd7
Merge branch 'fix/sandbox-shell-features' of https://github.com/dtzWill/nix
2018-02-22 12:20:13 +01:00
Eelco Dolstra
de4c03d201
Merge branch 'fix/dry-run-partially' of https://github.com/dtzWill/nix
2018-02-22 12:18:20 +01:00
Eelco Dolstra
88c90d5e6d
Manual: Put configuration options in sorted order
2018-02-21 18:08:47 +01:00
Eelco Dolstra
0d54671b7b
Manual: Update chapter on remote builds
...
Alos add a command "nix ping-store" to make it easier to see if Nix
can connect to a remote builder (e.g. 'nix ping-store --store
ssh://mac').
2018-02-21 16:24:26 +01:00
Eelco Dolstra
e2d71bd186
Revert "libexpr: Fix prim_replaceStrings() to work on an empty source string"
...
This reverts commit 4ea9707591
.
It causes an infinite loop in Nixpkgs evaluation,
e.g. "nix-instantiate -A hello" hung.
PR #1886 .
2018-02-21 15:35:28 +01:00
Shea Levy
a6c497f526
Merge branch 'nix-copy' of git://github.com/Mic92/nix-1
2018-02-20 21:05:17 -05:00
fa7fd76c5e
nix-copy: fix examples
...
maybe a left-over from nix-store -r ?
2018-02-21 01:13:46 +00:00
Shea Levy
7c377dc5cc
Merge remote-tracking branch 'dezgeg/afl-fixes'
2018-02-20 16:32:48 -05:00
Eelco Dolstra
4e44025ac5
Release notes: Add contributors
2018-02-20 15:20:14 +01:00
Eelco Dolstra
cea4fb3a31
Fix evaluation of binaryTarball.aarch64-linux
2018-02-20 12:33:32 +01:00
Tuomas Tynkkynen
546f98dace
libutil: Fix invalid assert on decoding base64 hashes
...
The assertion is broken because there is no one-to-one mapping from
length of a base64 string to the length of the output.
E.g.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9q=" results in a 32-byte output.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy" results in a 33-byte output.
To reproduce, evaluate:
builtins.derivationStrict {
name = "0";
builder = "0";
system = "0";
outputHashAlgo = "sha256";
outputHash = "1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy";
}
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
4ea9707591
libexpr: Fix prim_replaceStrings() to work on an empty source string
...
Otherwise, running e.g.
nix-instantiate --eval -E --strict 'builtins.replaceStrings [""] ["X"] "abc"'
would just hang in an infinite loop.
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
1d0e42879f
libutil: Fix infinite loop in filterANSIEscapes on '\r'
...
E.g. nix-instantiate --eval -E 'abort "\r"' hangs.
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
056d28a601
libexpr: Don't create lots of temporary strings in Bindings::lexicographicOrder
...
Avoids ~180,000 string temporaries created when evaluating a headless
NixOS system.
2018-02-19 22:47:25 +02:00
Eelco Dolstra
d4e93532e2
Fix incorrect (and unnecessary) format string
...
https://hydra.nixos.org/eval/1434547#tabs-now-fail
2018-02-19 20:46:39 +01:00
Eelco Dolstra
d7fdfe322b
Remove macOS multi-user instructions
...
This is already handled by the installer.
2018-02-19 20:40:25 +01:00
Eelco Dolstra
70eb64147e
Update release notes
...
Also add some examples to nix --help.
2018-02-19 20:38:53 +01:00
Will Dietz
a6c0b773b7
configure.ac: define HAVE_SECCOMP macro when using seccomp, fix build/tests
...
Happily the failing tests should prevent anyone from using such a Nix
in situations where they expect sandboxing to be on,
which would otherwise be a risk.
2018-02-19 12:13:51 -06:00
Eelco Dolstra
623fcb071e
Merge pull request #1882 from shlevy/no-seccomp-no-filterSyscalls
...
Don't silently succeed seccomp setup when !HAVE_SECCOMP.
2018-02-19 17:39:46 +01:00
Shea Levy
e1eb63a586
Merge branch 'perf-fixes' of git://github.com/dezgeg/nix
2018-02-19 10:11:52 -05:00
Shea Levy
e59a8a63e1
Don't silently succeed seccomp setup when !HAVE_SECCOMP.
...
Running Nix with build users without seccomp on Linux is dangerous,
and administrators should very explicitly opt-in to it.
2018-02-19 09:56:24 -05:00
Eelco Dolstra
ed73d40c3b
Config::handleUnknownSettings(): Remove unused 'fatal' argument
2018-02-19 14:00:34 +01:00
Eelco Dolstra
75a1d96cfd
Merge branch 'register-settings' of https://github.com/shlevy/nix
2018-02-19 13:58:34 +01:00
Eelco Dolstra
7fe5910bf8
Merge pull request #1857 from dtzWill/fix/check-for-lzma-mt
...
configure.ac: check if lzma has MT support, fix deb build/etc.
2018-02-19 13:06:14 +01:00
Shea Levy
690ac7c90b
configure: Add a flag to disable seccomp.
...
This is needed for new arches where libseccomp support doesn't exist
yet.
Fixes #1878 .
2018-02-18 02:35:01 -05:00
Tuomas Tynkkynen
37264ed0ad
libexpr: Avoid an unnecessary string copy in prim_derivationStrict
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
66eeff3345
libexpr: Remove unnecessary drvName assignment in prim_derivationStrict
...
drvName is already assigned to the same value right at the start of the
function.
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
7e0360504d
libexpr: Optimize prim_derivationStrict by using more symbol comparisons
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
0845cdf944
libexpr: Rely on Boehm returning zeroed memory in EvalState::allocEnv()
...
Boehm guarantees that memory returned by GC_malloc() is zeroed, so take
advantage of that.
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
b8bed7da14
libexpr: Optimize prim_attrNames a bit
...
Instead of having lexicographicOrder() create a temporary sorted array
of Attr*:s and copying attr names from that, copy the attr names
first and then sort that.
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
f67a7007a2
libexpr: Pre-reserve space in string in unescapeStr()
...
Avoids some malloc() traffic.
2018-02-16 04:39:43 +02:00
Eelco Dolstra
3a5a241b32
Merge pull request #1873 from matthewbauer/fix-manpath
...
Set MANPATH in case man path isn’t set correctly.
2018-02-15 17:37:21 +01:00
Matthew Bauer
8f186722a9
Set backup MANPATH in case man path isn’t set correctly.
...
Previously, this would fail at startup for non-NixOS installs:
nix-env --help
The fix for this is to just use "nixManDir" as the value for MANPATH
when spawning "man".
To test this, I’m using the following:
$ nix-build release.nix -A build
$ MANPATH= ./result/bin/nix-env --help
Fixes #1627
2018-02-15 10:20:02 -06:00
Eelco Dolstra
d26b71fda6
Merge pull request #1872 from shlevy/macOS-poll-fix
...
monitor-fds: Fix on macOS.
2018-02-15 11:43:56 +01:00
Shea Levy
ac973a6d3c
monitor-fds: Fix on macOS.
...
Fixes #1871 .
2018-02-14 18:26:37 -05:00
Eelco Dolstra
96d48318cb
Merge pull request #1870 from shlevy/split-version
...
Add splitVersion primop.
2018-02-14 16:39:53 +01:00
Shea Levy
b095c06139
Add splitVersion primop.
...
Fixes #1868 .
2018-02-14 09:55:43 -05:00
Shea Levy
de4934ab3b
Allow plugins to define new settings.
2018-02-13 14:43:32 -05:00
Shea Levy
3fe9767dd3
Fix plugin tests on darwin
2018-02-13 12:49:14 -05:00
Eelco Dolstra
52c777a793
Merge pull request #1863 from shlevy/conf-includes
...
Allow includes from nix.conf
2018-02-13 17:33:07 +01:00
Eelco Dolstra
7253113fd2
Merge pull request #1862 from shlevy/plugin-dirs
...
Enable specifying directories in plugin-files.
2018-02-13 17:32:32 +01:00
Shea Levy
b8739f2fb3
Enable specifying directories in plugin-files.
2018-02-13 11:25:01 -05:00
78ac3eb4eb
Fix #1762
...
nix-store --export, nix-store --dump, and nix dump-path would previously
fail silently if writing the data out failed, because
a) FdSink::write ignored exceptions, and
b) the commands relied on FdSink's destructor, which ignores
exceptions, to flush the data out.
This could cause rather opaque issues with installing nixos, because
nix-store --export would happily proceed even if it couldn't write its
data out (e.g. if nix-store --import on the other side of the pipe
failed).
This commit adds tests that expose these issues in the nix-store
commands, and fixes them for all three.
2018-02-13 14:26:19 +00:00
Shea Levy
6eb1040e90
Allow includes from nix.conf
2018-02-13 08:16:32 -05:00
Eelco Dolstra
f471aacff2
Merge pull request #1775 from LnL7/darwin-build-users
...
installer: create 'enough' build users
2018-02-13 12:31:53 +01:00
Eelco Dolstra
7828dca9e8
Merge branch 'register-constant' of https://github.com/shlevy/nix
2018-02-13 12:24:48 +01:00
Eelco Dolstra
1c10a74c73
Merge branch 'plugins' of https://github.com/shlevy/nix
2018-02-13 12:15:27 +01:00
Eelco Dolstra
c5cc57e962
Merge pull request #1859 from FRidh/flatten
...
Nix stats: flatten statistics
2018-02-13 11:11:12 +01:00
Eelco Dolstra
9bcb4d2dd9
Fix hang in build-remote
2018-02-12 22:48:55 +01:00