Shea Levy
14ca85688c
Actually fix nixDataDir in non-canonical path
2018-02-28 06:19:40 -05:00
Eelco Dolstra
8a5da93841
Merge pull request #1912 from dezgeg/replacestrings-take-2
...
libexpr: Fix prim_replaceStrings() to work on an empty source string, take 2
2018-02-27 12:53:19 +01:00
Tuomas Tynkkynen
77e9e1ed91
libexpr: Fix prim_replaceStrings() to work on an empty source string
...
Otherwise, running e.g.
nix-instantiate --eval -E --strict 'builtins.replaceStrings [""] ["X"] "abc"'
would just hang in an infinite loop.
Found by afl-fuzz.
First attempt of this was reverted in e2d71bd186
because it caused
another infinite loop, which is fixed now and a test added.
2018-02-26 19:49:13 +02:00
Eelco Dolstra
24ec750003
nix run: Fix segfault on macOS
...
Note that clearenv() is not available on macOS.
Fixes #1907 .
2018-02-26 18:29:40 +01:00
Will Dietz
009cf9cd23
nix search: explicitly handle empty search string, fixes #1893
...
This is important since this is given as an example.
Other patterns containing "empty search string" will still
be handled differently on different platforms ("asdf|")
but that's less of an issue.
2018-02-25 16:40:56 -06:00
Will Dietz
3cac8734ac
nix search: fix bug where we wrote to cache when shouldn't, breaking
...
This is exposed by the tests added previously,
and resolves the error reported in #1892 :
"expected JSON value".
2018-02-25 16:40:05 -06:00
Will Dietz
8282c60d74
tests: test nix search behavior
2018-02-25 16:40:05 -06:00
Graham Christensen
9432f3fb7d
Merge pull request #1901 from veprbl/patch-5
...
Fix a small typo in the release notes
2018-02-24 10:26:14 -05:00
Graham Christensen
ab435463d0
Merge pull request #1903 from primeos/release-notes-2.0-url-fix
...
doc: Fix a URL in the release notes for Nix 2.0
2018-02-24 10:19:39 -05:00
Michael Weiss
bd94e63853
doc: Fix a URL in the release notes for Nix 2.0
2018-02-24 16:07:10 +01:00
Dmitry Kalinkin
d9d8a84a96
Fix a small typo in the release notes
2018-02-23 23:45:42 -05:00
Eelco Dolstra
64e486ab63
Fix downloadCached() with a chroot store
...
E.g.
nix run --store ~/my-nix -f channel:nixos-17.03 hello -c hello
This problem was mentioned in #1897 .
2018-02-23 13:00:42 +01:00
Eelco Dolstra
39b4177500
Fix example in release notes
2018-02-22 17:42:06 +01:00
Eelco Dolstra
2691d51a33
Doh
2018-02-22 17:14:35 +01:00
Eelco Dolstra
b6dec2f3ca
Release script tweaks
2018-02-22 17:11:17 +01:00
Eelco Dolstra
179b896acb
Merge branch 'data-dir-non-canon' of https://github.com/shlevy/nix
2018-02-22 14:20:43 +01:00
Eelco Dolstra
e8d53bfdc9
Revert "Enable sandbox builds on Linux by default"
...
This reverts commit ddc58e7896
.
https://hydra.nixos.org/eval/1435322
2018-02-22 14:20:07 +01:00
Shea Levy
ddbcd01c83
Fix restricted mode when installing in non-canonical data dir
2018-02-22 07:18:14 -05:00
Eelco Dolstra
eaa52c34b4
Set release date
2018-02-22 12:44:46 +01:00
Eelco Dolstra
ddc58e7896
Enable sandbox builds on Linux by default
...
The overhead of sandbox builds is a problem on NixOS (since building a
NixOS configuration involves a lot of small derivations) but not for
typical non-NixOS use cases. So outside of NixOS we can enable it.
Issue #179 .
2018-02-22 12:27:25 +01:00
Eelco Dolstra
6964131cd7
Merge branch 'fix/sandbox-shell-features' of https://github.com/dtzWill/nix
2018-02-22 12:20:13 +01:00
Eelco Dolstra
de4c03d201
Merge branch 'fix/dry-run-partially' of https://github.com/dtzWill/nix
2018-02-22 12:18:20 +01:00
Eelco Dolstra
88c90d5e6d
Manual: Put configuration options in sorted order
2018-02-21 18:08:47 +01:00
Eelco Dolstra
0d54671b7b
Manual: Update chapter on remote builds
...
Alos add a command "nix ping-store" to make it easier to see if Nix
can connect to a remote builder (e.g. 'nix ping-store --store
ssh://mac').
2018-02-21 16:24:26 +01:00
Eelco Dolstra
e2d71bd186
Revert "libexpr: Fix prim_replaceStrings() to work on an empty source string"
...
This reverts commit 4ea9707591
.
It causes an infinite loop in Nixpkgs evaluation,
e.g. "nix-instantiate -A hello" hung.
PR #1886 .
2018-02-21 15:35:28 +01:00
Shea Levy
a6c497f526
Merge branch 'nix-copy' of git://github.com/Mic92/nix-1
2018-02-20 21:05:17 -05:00
fa7fd76c5e
nix-copy: fix examples
...
maybe a left-over from nix-store -r ?
2018-02-21 01:13:46 +00:00
Shea Levy
7c377dc5cc
Merge remote-tracking branch 'dezgeg/afl-fixes'
2018-02-20 16:32:48 -05:00
Eelco Dolstra
4e44025ac5
Release notes: Add contributors
2018-02-20 15:20:14 +01:00
Eelco Dolstra
cea4fb3a31
Fix evaluation of binaryTarball.aarch64-linux
2018-02-20 12:33:32 +01:00
Tuomas Tynkkynen
546f98dace
libutil: Fix invalid assert on decoding base64 hashes
...
The assertion is broken because there is no one-to-one mapping from
length of a base64 string to the length of the output.
E.g.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9q=" results in a 32-byte output.
"1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy" results in a 33-byte output.
To reproduce, evaluate:
builtins.derivationStrict {
name = "0";
builder = "0";
system = "0";
outputHashAlgo = "sha256";
outputHash = "1q69lz7Empb06nzfkj651413n9icx0njmyr3xzq1j9qy";
}
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
4ea9707591
libexpr: Fix prim_replaceStrings() to work on an empty source string
...
Otherwise, running e.g.
nix-instantiate --eval -E --strict 'builtins.replaceStrings [""] ["X"] "abc"'
would just hang in an infinite loop.
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
1d0e42879f
libutil: Fix infinite loop in filterANSIEscapes on '\r'
...
E.g. nix-instantiate --eval -E 'abort "\r"' hangs.
Found by afl-fuzz.
2018-02-19 23:20:26 +02:00
Tuomas Tynkkynen
056d28a601
libexpr: Don't create lots of temporary strings in Bindings::lexicographicOrder
...
Avoids ~180,000 string temporaries created when evaluating a headless
NixOS system.
2018-02-19 22:47:25 +02:00
Eelco Dolstra
d4e93532e2
Fix incorrect (and unnecessary) format string
...
https://hydra.nixos.org/eval/1434547#tabs-now-fail
2018-02-19 20:46:39 +01:00
Eelco Dolstra
d7fdfe322b
Remove macOS multi-user instructions
...
This is already handled by the installer.
2018-02-19 20:40:25 +01:00
Eelco Dolstra
70eb64147e
Update release notes
...
Also add some examples to nix --help.
2018-02-19 20:38:53 +01:00
Will Dietz
a6c0b773b7
configure.ac: define HAVE_SECCOMP macro when using seccomp, fix build/tests
...
Happily the failing tests should prevent anyone from using such a Nix
in situations where they expect sandboxing to be on,
which would otherwise be a risk.
2018-02-19 12:13:51 -06:00
Eelco Dolstra
623fcb071e
Merge pull request #1882 from shlevy/no-seccomp-no-filterSyscalls
...
Don't silently succeed seccomp setup when !HAVE_SECCOMP.
2018-02-19 17:39:46 +01:00
Shea Levy
e1eb63a586
Merge branch 'perf-fixes' of git://github.com/dezgeg/nix
2018-02-19 10:11:52 -05:00
Shea Levy
e59a8a63e1
Don't silently succeed seccomp setup when !HAVE_SECCOMP.
...
Running Nix with build users without seccomp on Linux is dangerous,
and administrators should very explicitly opt-in to it.
2018-02-19 09:56:24 -05:00
Eelco Dolstra
ed73d40c3b
Config::handleUnknownSettings(): Remove unused 'fatal' argument
2018-02-19 14:00:34 +01:00
Eelco Dolstra
75a1d96cfd
Merge branch 'register-settings' of https://github.com/shlevy/nix
2018-02-19 13:58:34 +01:00
Eelco Dolstra
7fe5910bf8
Merge pull request #1857 from dtzWill/fix/check-for-lzma-mt
...
configure.ac: check if lzma has MT support, fix deb build/etc.
2018-02-19 13:06:14 +01:00
Shea Levy
690ac7c90b
configure: Add a flag to disable seccomp.
...
This is needed for new arches where libseccomp support doesn't exist
yet.
Fixes #1878 .
2018-02-18 02:35:01 -05:00
Tuomas Tynkkynen
37264ed0ad
libexpr: Avoid an unnecessary string copy in prim_derivationStrict
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
66eeff3345
libexpr: Remove unnecessary drvName assignment in prim_derivationStrict
...
drvName is already assigned to the same value right at the start of the
function.
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
7e0360504d
libexpr: Optimize prim_derivationStrict by using more symbol comparisons
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
0845cdf944
libexpr: Rely on Boehm returning zeroed memory in EvalState::allocEnv()
...
Boehm guarantees that memory returned by GC_malloc() is zeroed, so take
advantage of that.
2018-02-17 16:54:21 +02:00
Tuomas Tynkkynen
b8bed7da14
libexpr: Optimize prim_attrNames a bit
...
Instead of having lexicographicOrder() create a temporary sorted array
of Attr*:s and copying attr names from that, copy the attr names
first and then sort that.
2018-02-17 16:54:21 +02:00