Commit graph

13214 commits

Author SHA1 Message Date
Linus Heckemann d533a88546 nar-info-disk-cache: refresh nix-cache-info weekly
This allows changes to nix-cache-info to be picked up by existing
clients. Previously, the only way for this to happen would be for
clients to delete binary-cache-v6.sqlite, which is quite awkward for
users.

On the other hand, updates to nix-cache-info should be pretty rare,
hence the choice of a fairly long TTL. Configurability is probably not
useful enough to warrant implementing it.
2022-06-22 10:49:18 -04:00
Eelco Dolstra f6cf644e5f Style 2022-06-22 15:35:52 +02:00
Manu [tennox] 3a85fd077c #6542 Apply flake templates partially on conflicts
Will still exit with non-zero exit code and clearly prompt which files to merge:
 ```
nixx flake init -t github:numtide/devshell
wrote: /home/manu/dev/stuff/gopassbridge/.envrc
refusing to overwrite existing file '/home/manu/dev/stuff/gopassbridge/.gitignore'
-> merge manually with '/nix/store/ksmwhyghjwb4d9dw6hcpbvng1msdvjim-source/template/.gitignore'
wrote: /home/manu/dev/stuff/gopassbridge/devshell.toml
wrote: /home/manu/dev/stuff/gopassbridge/flake.nix
error: Encountered 1 conflicts - please merge manually
 ```
2022-06-21 17:37:02 +01:00
Eelco Dolstra bbe7187db9
Merge pull request #6695 from afishhh/search-fix-exclude
Fix arity of `--exclude` flag in `nix search`
2022-06-21 16:12:04 +02:00
Théophane Hufschmitt 983efdbde4 Forbid the tilde expansion in pure eval mode
Fix #6684
2022-06-21 14:08:18 +02:00
Théophane Hufschmitt 16c6c6c963
Merge pull request #6676 from virusdave/dnicponski/scratch/swap_homedir_check_master
Verify this if `$HOME` exists, it is owned by current user in `getHome()`
2022-06-20 21:17:22 +02:00
Fishhh df21173b70
Add another test for --exclude in nix search 2022-06-20 19:21:45 +02:00
Fishhh 4ade8a5f25
Fix arity of --exclude flag in nix search
Due to incorrectly using the Handler(vector<string>*) constructor the
`--exclude` flag would swallow all proceeding arguments instead of just
one.
2022-06-20 18:00:32 +02:00
Naïm Favier d6d0e781bb
Complete flake inputs for all given flakes
Allow `nix build flake1 flake2 --update-input <Tab>` to complete the
inputs of both flakes.

Also do tilde expansion so that `nix build ~/flake --update-input <Tab>`
works.
2022-06-20 04:17:13 +02:00
Dave Nicponski ca2be509b9 Verify $HOME is owned by current user in getHome(), if it exists.
Useful because a default `sudo` on darwin doesn't clear `$HOME`, so things like `sudo nix-channel --list`
will surprisingly return the USER'S channels, rather than `root`'s.

Other counterintuitive outcomes can be seen in this PR description:
  https://github.com/NixOS/nix/pull/6622
2022-06-17 17:42:08 -04:00
Travis A. Everett fe76b9f4b4 doc: fix some darwin uninstall gaps 2022-06-16 09:37:52 -05:00
Théophane Hufschmitt 7e301fd74e
Merge pull request #6620 from maralorn/fix-print-missing
respect print-missing variable in new-style build command
2022-06-16 13:23:15 +02:00
Lorenzo Manacorda 475249db8a libstore: improve warning message on missing sig
Clarifies that the substitute will be ignored/skipped.
2022-06-15 17:34:28 +02:00
Tom Bereknyei 51268ceb79 Merge branch 'master' into nix-repl-flakes 2022-06-15 09:17:03 -04:00
tomberek dae4a8a6c8
Apply suggestions from code review
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2022-06-15 09:02:36 -04:00
Théophane Hufschmitt 63df0fda94
Merge pull request #6615 from WhyNotHugo/man-improvements
Add disambiguation to man page
2022-06-15 10:41:52 +02:00
Eelco Dolstra 3720a4f6cf
Merge pull request #6662 from tweag/stiky-non-flake-overrides
flake.cc: Make non-flake overrides sticky
2022-06-14 19:47:11 +02:00
Hugo Osvaldo Barrera fd7f795750 Add disambiguation to man page
This should help future lost newcomers like myself understand where to
find the docs for both of these commands and how they differ.
2022-06-14 18:13:35 +02:00
Maximilian Bosch 98946e2d9c
nix-shell: restore backwards-compat with old nixpkgs
Basically an attempt to resume fixing #5543 for a breakage introduced
earlier[1]. Basically, when evaluating an older `nixpkgs` with
`nix-shell` the following error occurs:

    λ ma27 [~] → nix-shell -I nixpkgs=channel:nixos-18.03 -p nix
    error: anonymous function at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/default.nix:20:1 called with unexpected argument 'inNixShell'

           at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/impure.nix:82:1:

               81|
               82| import ./. (builtins.removeAttrs args [ "system" "platform" ] // {
                 | ^
               83|   inherit config overlays crossSystem;

This is a problem because one of the main selling points of Nix is that
you can evaluate any old Nix expression and still get the same result
(which also means that it *still evaluates*). In fact we're deprecating,
but not removing a lot of stuff for that reason such as unquoted URLs[2]
or `builtins.toPath`. However this property was essentially thrown away
here.

The change is rather simple: check if `inNixShell` is specified in the
formals of an auto-called function. This means that

    { inNixShell ? false }:
    builtins.trace inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will show `trace: true` while

    args@{ ... }:
    builtins.trace args.inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will throw the following error:

    error: attribute 'inNixShell' missing

This is explicitly needed because the function in
`pkgs/top-level/impure.nix` of e.g. NixOS 18.03 has an ellipsis[3], but
passes the attribute-set on to another lambda with formals that doesn't
have an ellipsis anymore (hence the error from above). This was perhaps
a mistake, but we can't fix it anymore. This also means that there's
AFAICS no proper way to check if the attr-set that's passed to the Nix
code via `EvalState::autoCallFunction` is eventually passed to a lambda
with formals where `inNixShell` is missing.

However, this fix comes with a certain price. Essentially every
`shell.nix` that assumes `inNixShell` to be passed to the formals even
without explicitly specifying it would break with this[4]. However I think
that this is ugly, but preferable:

* Nix 2.3 was declared stable by NixOS up until recently (well, it still
  is as long as 21.11 is alive), so most people might not have even
  noticed that feature.

* We're talking about a way shorter time-span with this change being
  in the wild, so the fallout should be smaller IMHO.

[1] 9d612c393a
[2] https://github.com/NixOS/rfcs/pull/45#issuecomment-488232537
[3] https://github.com/NixOS/nixpkgs/blob/release-18.03/pkgs/top-level/impure.nix#L75
[4] See e.g. the second expression in this commit-message or the changes
    for `tests/ca/nix-shell.sh`.
2022-06-13 23:29:28 +02:00
Alexander Bantyev d82a3dc70d
flake.cc: Make non-flake overrides sticky
Overrides for inputs with flake=false were non-sticky, since they
changed the `original` in `flake.lock`. This fixes it, by using the same
locked original for both flake and non-flake inputs.
2022-06-13 20:49:16 +04:00
Eelco Dolstra 9f58df4c91
Merge pull request #6619 from Jonpez2/patch-1
Add security.csm to ignored-acls
2022-06-13 16:23:13 +02:00
Eelco Dolstra 798efdf10b
Merge pull request #6027 from Ma27/pure-repl
repl: `--option pure-eval true` actually enables pure eval mode
2022-06-13 16:11:46 +02:00
Eelco Dolstra 2fef24f528
Merge pull request #6634 from lovesegfault/fix-getgrouplist
fix(libstore/lock): support users that belong to more than 10 groups
2022-06-13 15:45:09 +02:00
Eelco Dolstra 9a26a01475
Merge pull request #6639 from Artturin/checkse
install-multi-user: check if selinux is enabled and if it is then abort
2022-06-13 15:42:43 +02:00
Eelco Dolstra 95eccfd5db
Merge pull request #6648 from andersk/missing-rethrow
Add missing rethrows in conditional exception handlers
2022-06-13 15:37:38 +02:00
Théophane Hufschmitt 03226aa053
Merge pull request #6651 from ncfavier/nix-build-stop-logger
nix-build: stop logger when appropriate
2022-06-13 10:43:14 +02:00
Théophane Hufschmitt 84c4666467
Merge pull request #6653 from Misterio77/readd-sourcehut-regex-matching
fix sourcehut brach/tag resolving regression
2022-06-13 08:57:34 +02:00
Gabriel Fontes 9f6b4639c2
fix sourcehut brach/tag resolving regression
nixos/nix#6290 introduced a regex pattern to account for tags when
resolving sourcehut refs. nixos/nix#4638 reafactored the code,
accidentally treating the pattern as a regular string, causing all
non-HEAD ref resolving to break.

This fixes the regression and adds more test cases to avoid future
breakage.
2022-06-11 16:52:20 -03:00
Travis A. Everett edfcc8256e doc: add install test info to hacking.md 2022-06-11 13:30:51 -05:00
Naïm Favier 502d7d9092
nix-build: stop logger when appropriate
Reverts b944b588fa in `nix-build.cc`.
2022-06-11 15:17:35 +02:00
Théophane Hufschmitt 37fc4d73bb
Merge pull request #6646 from YorikSar/file-impure-doc
Mention that -f implies --impure for eval in docs
2022-06-11 08:48:16 +02:00
Ben Burdette 49ff4ef637 remove unused parameter 2022-06-10 12:22:36 -06:00
Anders Kaseorg 754cd53faf Add missing rethrows in conditional exception handlers
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-06-10 10:52:41 -07:00
Yuriy Taraday 65d09fce22 Mention that -f implies --impure for eval in docs
Right now this is not mentioned anywhere and it is unexpected.
2022-06-10 19:16:17 +04:00
Théophane Hufschmitt 45ebaab665
Merge pull request #6643 from ncfavier/fix-git-again
libfetchers/git: add missing `--git-dir` flags
2022-06-10 14:33:32 +02:00
Théophane Hufschmitt e557f86490
Merge pull request #6641 from NixOS/fix-docker-ci-job
Correctly get the nix version in the docker job
2022-06-10 13:36:30 +02:00
Naïm Favier da8f8668ca
libfetchers/git: add missing --git-dir flags 2022-06-10 12:57:13 +02:00
Théophane Hufschmitt 460117a238 Correctly get the nix version in the docker job
`defaultPackage` doesn't exist anymore, so we can't use it.
Instead just use the new CLI which should be more robust to these
changes

Fix #6640
2022-06-10 12:09:09 +02:00
Théophane Hufschmitt 17e54a602e
Merge pull request #6637 from sidkshatriya/small-move-optimization-2
nix-env: A small std::move() optimization
2022-06-10 10:28:37 +02:00
Jonpez2 3f5f84258d
Update docker.nix
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2022-06-10 09:17:28 +01:00
Artturin bd3a17d00c install-multi-user: check if selinux is enabled and if it is then abort 2022-06-10 05:12:03 +03:00
Sidharth Kshatriya 7868405d58 nix-env: A small std::move() optimization
Avoids doing a O(n) copy of Strings i.e. std::list<std::string>
2022-06-09 20:01:01 +05:30
Eelco Dolstra 1bc17ae617
Merge pull request #6635 from sidkshatriya/small-move-optimization
nix-store: small std::move() optimization
2022-06-09 13:48:48 +02:00
Sidharth Kshatriya 3efea3d28a nix-store: small std::move() optimization 2022-06-09 16:25:26 +05:30
Bernardo Meurer 931930feb1 fix(libstore/lock): support users that belong to more than 10 groups
The manpage for `getgrouplist` says:

> If the number of groups of which user is a member is less than or
> equal to *ngroups, then the value *ngroups is returned.
>
> If the user is a member of more than *ngroups groups, then
> getgrouplist() returns -1.  In this case, the value returned in
> *ngroups can be used to resize the buffer passed to a further
> call getgrouplist().

In our original code, however, we allocated a list of size `10` and, if
`getgrouplist` returned `-1` threw an exception. In practice, this
caused the code to fail for any user belonging to more than 10 groups.

While unusual for single-user systems, large companies commonly have a
huge number of POSIX groups users belong to, causing this issue to crop
up and make multi-user Nix unusable in such settings.

The fix is relatively simple, when `getgrouplist` fails, it stores the
real number of GIDs in `ngroups`, so we must resize our list and retry.
Only then, if it errors once more, we can raise an exception.

This should be backported to, at least, 2.9.x.
2022-06-08 13:45:41 -04:00
Eelco Dolstra 12e86c0735
Merge pull request #6630 from edolstra/boost-dylib
Remove ${boost}/lib from the RPATH
2022-06-08 17:55:21 +02:00
Eelco Dolstra 7b968af930
Update docker.nix
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2022-06-08 17:41:31 +02:00
Eelco Dolstra 4a3f217bde
Remove ${boost}/lib from the RPATH 2022-06-08 15:51:35 +02:00
Théophane Hufschmitt 34d90fbe22 Mention the parallel copy in the release notes 2022-06-08 15:25:52 +02:00
Théophane Hufschmitt 480c2b6699 Rewrite the CA paths when moving them between store
Bring back the possibility to copy CA paths with no reference (like the
outputs of FO derivations or stuff imported at eval time) between stores
that have a different prefix.
2022-06-08 15:13:11 +02:00