Commit graph

13056 commits

Author SHA1 Message Date
Andrew Brooks 84fe75a12a Keep created temp dirs inside store, but protect from GC
Implements the approach suggested by feedback on PR #6994, where
tempdir paths are created in the store (now with an exclusive lock).

As part of this work, the currently-broken and unused
`createTempDirInStore` function is updated to create an exclusive lock
on the temp directory in the store.

The GC now makes a non-blocking attempt to lock any store directories
that "look like" the temp directories created by this function, and if
it can't acquire one, ignores the directory.
2022-09-06 17:48:00 -05:00
Eelco Dolstra ece12a97d9 lockfile -> lock file for consistency 2022-09-06 19:20:31 +02:00
Eelco Dolstra 27be54ca53 nix develop: Ignore stdenv's $SHELL
Stdenv sets this to a bash that doesn't have readline/completion
support, so running 'nix (develop|shell)' inside a 'nix develop' gives
you a crippled shell. So let's just ignore the derivation's $SHELL.

This could break interactive use of build phases that use $SHELL, but
they appear to be fairly rare.
2022-09-06 18:27:39 +02:00
Eelco Dolstra 9600109879
Merge pull request #6995 from matthewbauer/disable-sa-restart-on-macos
Disable SA_RESTART for some signals on macOS
2022-09-06 17:36:31 +02:00
Jonathan Ringer 6ce2e96c88
Docs: Add nix develop --command entry
Add example of nix develop being used to execuate a series of script
commands. This is common when doing things like CI/CD, and should be
represented in the official documentation.

Also useful for people looking for the 'nix develop' equivalent of
'nix-shell --run'.

Related:
 - https://github.com/NixOS/nix/issues/6908
 - https://github.com/NixOS/nix/issues/6908#issuecomment-1229266853
2022-09-06 08:18:29 -07:00
Matthew Bauer 77d3d3d18d Remove some signals 2022-09-06 09:47:53 -05:00
Eelco Dolstra 7f31c08224
Merge pull request #7002 from tweag/reset-timestamps-in-installer
Installer: Reset the timestamps in the tarball
2022-09-06 13:19:56 +02:00
Valentin Gagarin 59be1e500a generalize anchor redirects
renaming section headers and changing manually set `id`s will break URLs
in the wild.

this change allows keeping track of all changes to ensure backwards
compatibility.
2022-09-06 00:49:16 +02:00
Théophane Hufschmitt 089f584173
Merge pull request #6980 from virusdave/patch-1
Set `HOME` var to `root`'s home when running `nix-store` as `root`
2022-09-05 16:21:05 +02:00
Théophane Hufschmitt 3fca5f6c69 Installer: Reset the timestamps in the tarball
Otherwise it isn't reproducible.

Fix https://github.com/NixOS/nix/issues/7001
2022-09-05 14:44:01 +02:00
Théophane Hufschmitt df5159e7d3
Merge pull request #6993 from matthewbauer/dont-read-derivation-in-goal
Don’t readDerivation if impure derivations feature is disabled
2022-09-05 11:20:58 +02:00
Matthew Bauer a47b5476e1 Add more signals 2022-09-03 16:06:33 -05:00
Matthew Bauer 102434e4cb Disable SA_RESTART for some signals on macOS
Disables the SA_RESTART behavior on macOS which causes:

> Restarting of pending calls is requested by setting the SA_RESTART bit
> in sa_flags. The affected system calls include read(2), write(2),
> sendto(2), recvfrom(2), sendmsg(2) and recvmsg(2) on a communications
> channel or a slow device (such as a terminal, but not a regular file)
> and during a wait(2) or ioctl(2).

From: https://man.openbsd.org/sigaction#SA_RESTART

This being set on macOS caused a bug where read() calls to the daemon
socket were blocking after a SIGINT was received. As a result,
checkInterrupt was never reached even though the signal was received
by the signal handler thread.

On Linux, SA_RESTART is disabled by default. This probably effects
other BSDs but I don’t have the ability to test it there right now.
2022-09-03 00:27:16 -05:00
Andrew Brooks 1f041ac54f Prevent tempdir from being GC-ed before addToStoreFromDump has renamed it
This fixes issue 6823 by placing the tempdir used in LocalStore::addToStoreFromDump
outside the Nix store, where automatic GC is no longer a concern.
2022-09-02 18:32:35 -05:00
Eelco Dolstra 0c7f213c87
Merge pull request #6990 from matthewbauer/no-space-in-zsh
Don’t add a space after attrs completion in zsh
2022-09-02 19:01:52 +02:00
Matthew Bauer 4894e567fb Don’t readDerivation if impure derivations feature is disabled
readDerivation is pretty slow, and while it may not be significant for
some use cases, on things like ghc-nix where we have thousands of
derivations is really slows things down.

So, this just doesn’t do the impure derivation check if the impure
derivation experimental feature is disabled. Perhaps we could cache
the result of isPure() and keep the check, but this is a quick fix to
for the slowdown introduced with impure derivations features in 2.8.0.
2022-09-02 11:46:34 -05:00
Matthew Bauer dd3cd1a167
Apply suggestions from code review 2022-09-02 10:50:02 -05:00
Eelco Dolstra a9af12e658
Merge pull request #6987 from matthewbauer/update-boehmgc-coroutine-sp-fallback-for-darwin
Update boehmgc-coroutine-sp-fallback.diff for darwin
2022-09-02 13:22:55 +02:00
Matthew Bauer bd63ae7e18 Don’t add a space after attrs completion in zsh
This matches the behavior of bash. We don’t want to add a space after
completion on attrs. Uses -S.

Switches to new compadd style comppletions instead of _describe.
Shouldn’t have any negative issues from what I can tell.
2022-09-01 23:16:55 -05:00
Adam Joseph e90f2fcfc7 glossary: add entry for chroot store (used 11 times in nix) 2022-09-01 18:28:05 -07:00
Adam Joseph e6f5352e71 #binary-cache -> #gloss-binary-cache 2022-09-01 18:27:00 -07:00
Adam Joseph 1ab913467e linkify mention of other options 2022-09-01 18:03:35 -07:00
Adam Joseph 59dc8346ca move substituter signature-checking conditions to configuration file documentation 2022-09-01 17:51:56 -07:00
Adam Joseph f6c750e8b2 glossary: remove extraneous comma 2022-09-01 17:48:34 -07:00
Adam Joseph 887e922be2 glossary: outputHash, not __outputHash 2022-09-01 17:47:13 -07:00
Adam Joseph d5e064d816 glossary: fix broken link 2022-09-01 17:46:31 -07:00
Adam Joseph 57f12df5e4 input-addressed store object: include FODOs 2022-09-01 15:09:10 -07:00
Adam Joseph 8139bbe2ba implement https://github.com/NixOS/nix/pull/6870#pullrequestreview-1093700220 2022-09-01 15:01:07 -07:00
Adam Joseph def4fb9a0f __outputHash: add link 2022-09-01 14:47:33 -07:00
Adam Joseph 1b2b8c39fd fix link to language/advanced-attributes.md#adv-attr-contentAddressed 2022-09-01 14:47:17 -07:00
Adam Joseph 0a98d564b3 glossary: resolve FIXME in #gloss-fixed-output-derivation 2022-09-01 14:41:27 -07:00
Adam Joseph 1f56b5d772 doc/manual: un-inline definitions from substitute 2022-09-01 14:13:21 -07:00
Adam Joseph 41153f30bd glossary: substituter: merge output-addressed cases 2022-09-01 14:13:21 -07:00
Adam Joseph 9cb8412143
Update doc/manual/src/glossary.md
Co-authored-by: John Ericson <git@JohnEricson.me>
2022-09-01 20:41:04 +00:00
Adam Joseph 2812682ebe
Update doc/manual/src/glossary.md
Co-authored-by: John Ericson <git@JohnEricson.me>
2022-09-01 20:40:39 +00:00
Adam Joseph 520587b9a0 glossary: local store: clarify 2022-09-01 13:39:48 -07:00
Matthew Bauer f4d7208e23 Update boehmgc-coroutine-sp-fallback.diff for darwin
The darwin_stop_world implementation is slightly different. sp goes to
altstack_lo instead of lo in this case. Assuming that is an
implementation detail.

But the fix is the same, when we detect alstack_lo outside of the
expected stack range, we reset it to hi - stack_limit.

Here stack_limit is calculated with pthread_get_stacksize_np since
that is the BSD equivalent to pthread_attr_getstacksize.
2022-09-01 11:48:50 -05:00
Eelco Dolstra 4823067247
Merge pull request #6983 from edolstra/revert-6621
Revert "Merge pull request #6621 from Kha/nested-follows"
2022-09-01 16:07:17 +02:00
Eelco Dolstra a8b3d777fb Revert "Merge pull request #6621 from Kha/nested-follows"
This reverts commit c530cda345, reversing
changes made to 4adcdff5c1.
2022-09-01 15:26:19 +02:00
Théophane Hufschmitt c530cda345
Merge pull request #6621 from Kha/nested-follows
Fix nested flake input overrides
2022-09-01 12:04:00 +02:00
Rok Garbas 4adcdff5c1
Merge pull request #6973 from Enzime/skip-docker-push
Only push Docker image when Docker secrets are set
2022-08-31 23:52:37 +02:00
Dave Nicponski a2b7baa42f
Set HOME var to root's home when running nix-store as root
A [recent-ish change](https://github.com/NixOS/nix/pull/6676) logs a warning when a potentially counterintuitive situation happens.

This now causes the multi-user installer to [emit a warning](https://github.com/NixOS/nixpkgs/issues/189043) when it's doing
the "seed the Nix database" step via a low-level `nix-store --load-db` invocation.

`nix-store` functionality implementations don't actually use profiles or channels or homedir as far as i can tell.  So why are we 
hitting this code at all?  

Well, the current command approach for functionality here builds a [fat `nix` binary](https://github.com/NixOS/nix/blob/master/src/nix/local.mk#L23-L26) which has _all_ the functionality of
previous individual binaries (nix-env, nix-store, etc) bundled in, then [uses the invocation name](https://github.com/NixOS/nix/blob/master/src/nix/main.cc#L274-L277) to select the
set of commands to expose.  `nix` itself has this behavior, even when just trying to parse the (sub)command and arguments:

```
dave @ davembp2
$ nix
error: no subcommand specified
Try 'nix --help' for more information.

dave @ davembp2
$ sudo nix
warning: $HOME ('/Users/dave') is not owned by you, falling back to the one defined in the 'passwd' file
error: no subcommand specified
Try 'nix --help' for more information.

dave @ davembp2
$ HOME=~root sudo nix
error: no subcommand specified
Try 'nix --help' for more information.
```

This behavior can also be seen pretty easily with an arbitrary `nix-store` invocation:
```
dave @ davembp2 
$ nix-store --realize

dave @ davembp2 
$ sudo nix-store --realize  # what installer is doing now
warning: $HOME ('/Users/dave') is not owned by you, falling back to the one defined in the 'passwd' file

dave @ davembp2
$ sudo HOME=~root nix-store --realize  # what this PR effectively does

dave @ davembp2
$ 
```
2022-08-31 17:25:26 -04:00
Valentin Gagarin f35b3aa47b do not use unwarranted pkgs in example 2022-08-31 09:16:37 +02:00
Michael Hoang 85248543b5 Only push Docker image when Docker secrets are set 2022-08-29 23:59:57 +10:00
Eelco Dolstra ddb82ffda9
Merge pull request #6972 from sashashura/patch-1
GitHub Workflows security hardening
2022-08-29 09:29:51 +02:00
Eelco Dolstra 1f2b12b30e
Merge pull request #6968 from fricklerhandwerk/man-no-weblinks
do not render relative links in help pages
2022-08-29 08:46:35 +02:00
Alex 90ba893329
Update backport.yml 2022-08-28 21:59:29 +01:00
Sebastian Ullrich 6f65c11780 Fix overlapping flake follows 2022-08-28 11:50:25 +02:00
Sebastian Ullrich 2b9d381301 Fix nested flake input overrides 2022-08-28 11:47:25 +02:00
Valentin Gagarin e7dcacbd7c do not render relative links in help pages
this simplifies the setup a lot, and avoids weird looking `./file.md`
links showing up.

it also does not show regular URLs any more. currently the command
reference only has few of them, and not showing them in the offline
documentation is hopefully not a big deal.

instead of building more special-case solutions, clumsily preprocessing
the input, or issuing verbal rules on dealing with URLs, should better
be solved sustainably by not rendering relative links in `lowdown`:

https://github.com/kristapsdz/lowdown/issues/105
2022-08-26 17:10:41 +02:00