Commit graph

7385 commits

Author SHA1 Message Date
Eelco Dolstra e77fbe0fa2 * On systems that have the setresuid() and setresgid() system calls to
set the real uid and gid to the effective uid and gid, the Nix
  binaries can be installed as owned by the Nix user and group instead
  of root, so no root involvement of any kind is necessary.

  Linux and FreeBSD have these functions.
2004-08-20 15:22:33 +00:00
Eelco Dolstra 2d35116c13 * Setuid support for sharing a Nix installation between multiple
users.

  If the configure flag `--enable-setuid' is used, the Nix programs
  nix-env, nix-store, etc. are installed with the setuid bit turned on
  so that they are executed as the user and group specified by
  `--with-nix-user=USER' and `--with-nix-group=GROUP', respectively
  (with defaults `nix' and `nix').

  The setuid programs drop all special privileges if they are executed
  by a user who is not a member of the Nix group.

  The setuid feature is a quick hack to enable sharing of a Nix
  installation between users who trust each other.  It is not
  generally secure, since any user in the Nix group can modify (by
  building an appropriate derivation) any object in the store, and for
  instance inject trojans into binaries used by other users.

  The setuid programs are owned by root, not the Nix user.  This is
  because on Unix normal users cannot change the real uid, only the
  effective uid.  Many programs don't work properly when the real uid
  differs from the effective uid.  For instance, Perl will turn on
  taint mode.  However, the setuid programs drop all root privileges
  immediately, changing all uids and gids to the Nix user and group.
2004-08-20 14:49:05 +00:00
Eelco Dolstra 8f1dcdfc0a * Make sure that no build hook is set by default in the tests.
* Don't use `seq' - some primitive, obsolete operating systems
  (Darwin) don't have it.
2004-08-19 09:09:09 +00:00
Eelco Dolstra 1eddee59f2 * The default verbosity level of all Nix commands is now lvlInfo.
* Builder output is written to standard error by default.
  * The option `-B' is gone.
  * The option `-Q' suppresses builder output.

The result of this is that most Nix invocations shouldn't need any
flags w.r.t. logging.
2004-08-18 12:19:06 +00:00
Eelco Dolstra 937ce0cd21 * Flag `--no-link' suppresses symlinking to the output path.
* Handle multiple derivations correctly.
2004-08-18 12:11:31 +00:00
Eelco Dolstra 966bd9d19f * WTF? More canonical system name problems ("athlon-linux" instead of
"i686-linux").
2004-08-13 09:57:51 +00:00
Eelco Dolstra 62fe5c4a22 * The predecessor of a successor need not be present. This in
particular happens on distributed builds or when using push/pull.
2004-08-11 19:03:13 +00:00
Eelco Dolstra ae1a1efa41 * Clean up the temporary directory for hook communication (and don't
print out incorrect "build failed" messages).
2004-08-05 14:53:27 +00:00
Eelco Dolstra d8989b1fb4 * Every real language has a `map' function. 2004-08-04 11:27:53 +00:00
Eelco Dolstra bbfdd64741 * Allow primops with more that 1 arguments. 2004-08-04 10:59:20 +00:00
Eelco Dolstra e3a50f7e25 * Creating a file nix-support/no-scan in the output path of a
derivation disables scanning for dependencies.  Use at your own
  risk.  This is a quick hack to speed up UML image generation (image
  are very big, say 1 GB).

  It would be better if the scanner were faster, and didn't read the
  whole file into memory.
2004-08-04 09:25:21 +00:00
Eelco Dolstra 18ebd7b030 * Doh! 2004-07-30 14:18:48 +00:00
Eelco Dolstra 5373aed1a8 * Use ATerm 2.2.
* Include bootstrap.sh in dist.
2004-07-30 14:17:05 +00:00
Eelco Dolstra 16c8b4c8e5 * A script to generate the Auto* stuff. 2004-07-30 13:45:13 +00:00
Eelco Dolstra e8a95108c0 * Nix-build places a symlink `result' in the current directory to the
store object just built.
2004-07-28 13:32:45 +00:00
Eelco Dolstra 9bf7a5f516 * Don't pass `--with-system'. 2004-07-18 21:08:24 +00:00
Eelco Dolstra 39eaecbc98 * Slightly better heuristic for picking the canonical system type.
Now SuSE and Red Hat should yield the same type (`i686-linux').  Mac
  OS X should now give `powerpc-darwin' (i.e., the version number is
  gone).
2004-07-18 21:07:27 +00:00
Eelco Dolstra 064a36cb54 * Hardcode the system id to be `i686-linux'. 2004-07-09 13:06:12 +00:00
Eelco Dolstra c1a18f543e * Fixed format string error. 2004-07-06 11:21:34 +00:00
Eelco Dolstra 056cd1d3b7 * Don't go into a (sometimes infinite) loop calling the build hook. 2004-07-01 16:24:35 +00:00
Eelco Dolstra 638ce339a5 * Nix-instantiate now accepts sets of derivations (just like nix-env). 2004-07-01 14:25:26 +00:00
Eelco Dolstra 292d6468ec * Nix-env operations now by default filter out any derivations for
system types other than the current system.  I.e., `nix-env -i'
  won't install derivations for other system types, and `nix-env -q'
  won't show them.  The flag `--system-filter SYSTEM' can be used to
  override the system type used for filtering (but not for
  building!).  The value `*' can be used not to filter anything.
2004-07-01 13:56:56 +00:00
Eelco Dolstra 8f6254e823 * Align the columns in the output of `nix-env -q'. 2004-07-01 13:35:10 +00:00
Eelco Dolstra 593bc23d8b * Allow the system attribute of derivations to be queried in
`nix-env -q'.
* Queries can now be combined, e.g., `nix-env -q --status --system'.
2004-07-01 13:13:37 +00:00
Eelco Dolstra b584253af4 * Include some missing headers. 2004-07-01 11:11:16 +00:00
Eelco Dolstra f5d5ffe536 * Write build logs to disk again. 2004-06-29 09:41:50 +00:00
Eelco Dolstra 00aadf478b * Use ATerm 2.1. 2004-06-28 14:51:42 +00:00
Eelco Dolstra 151e61fa5a * By default, `nix-env -i' now deletes previously installed
derivations with names matching the derivations being installed.
  The option `--preserve-installed / -P' overrides this behaviour.
2004-06-28 14:40:26 +00:00
Eelco Dolstra 4d2946c516 * In a realisation goal, check the result of the corresponding
normalisation goal.
2004-06-28 13:51:24 +00:00
Eelco Dolstra 24286e15c9 * `nix-env -u' now allows a specific version to be specified when
upgrading.

  This fixes a bug reported by Martin:

    $ nix-env -i foo-1.0
    $ nix-env -u foo-1.0
    upgrading foo-1.0 to foo-1.1
2004-06-28 13:37:05 +00:00
Eelco Dolstra 2746a879e2 * Typo. 2004-06-28 12:07:07 +00:00
Eelco Dolstra 91dc023665 * Added a switch `--fallback'. From the manual:
Whenever Nix attempts to realise a derivation for which a closure is
  already known, but this closure cannot be realised, fall back on
  normalising the derivation.

  The most common scenario in which this is useful is when we have
  registered substitutes in order to perform binary distribution from,
  say, a network repository.  If the repository is down, the
  realisation of the derivation will fail.  When this option is
  specified, Nix will build the derivation instead.  Thus, binary
  installation falls back on a source installation.  This option is
  not the default since it is generally not desirable for a transient
  failure in obtaining the substitutes to lead to a full build from
  source (with the related consumption of resources).
2004-06-28 10:42:57 +00:00
Eelco Dolstra b113edeab7 * A flag `--keep-going / -k' to keep building goals if one fails, as
much as possible.  (This is similar to GNU Make's `-k' flag.)

* Refactoring to implement this: previously we just bombed out when
  a build failed, but now we have to clean up.  In particular this
  means that goals must be freed quickly --- they shouldn't hang
  around until the worker exits.  So the worker now maintains weak
  pointers in order not to prevent garbage collection.

* Documented the `-k' and `-j' flags.
2004-06-25 15:36:09 +00:00
Eelco Dolstra e4883211f9 * Don't throw an exception when a build fails. Just terminate the
goal and allow the problem to be handled elsewhere (e.g., at
  top-level).
2004-06-25 10:21:44 +00:00
Eelco Dolstra 795d9f8b08 * Obsolete. 2004-06-24 14:36:50 +00:00
Eelco Dolstra a29c8ac51c * Add a test to check that when we cannot realise a closure
expression, we should invalidate it and go back to the derivation
  for which it is a successor.
2004-06-24 14:35:01 +00:00
Eelco Dolstra ec32627621 * Multiple and/or failing substitutes now work. 2004-06-24 13:40:38 +00:00
Eelco Dolstra 8052aef486 * A test for multiple and/or failing substitutes. 2004-06-24 12:56:24 +00:00
Eelco Dolstra 66c7f34759 * Arghhhhhh 2004-06-22 17:07:32 +00:00
Eelco Dolstra 05a5362d63 * Some more diagnostics changes. 2004-06-22 17:04:10 +00:00
Eelco Dolstra d051cd40e1 * Nix-instantiate can return multiple store expressions. 2004-06-22 15:17:04 +00:00
Eelco Dolstra 3093af58a7 * A utility script `nix-build' that builds Nix expressions and prints
their output paths (and only that) on standard output.
2004-06-22 15:12:34 +00:00
Eelco Dolstra b302e5f63b * We don't really need this here. 2004-06-22 15:06:43 +00:00
Eelco Dolstra 83ae1723da * Well, it's better than printf. 2004-06-22 15:01:01 +00:00
Eelco Dolstra 72bc9a522f * Started making Nix's diagnostic messages a bit more useful. 2004-06-22 14:48:59 +00:00
Eelco Dolstra 5e2cf44a4d * Put WEXITSTATUS stuff somewhere else. 2004-06-22 11:03:41 +00:00
Eelco Dolstra 84007a0958 * Reduce gratuitous cut & pasting. 2004-06-22 10:21:44 +00:00
Eelco Dolstra c9fbd2dfd5 * Wrapper class around pids. 2004-06-22 09:51:44 +00:00
Eelco Dolstra 155d7c8dfa * Substitutes should occupy a build slot. 2004-06-22 09:00:31 +00:00
Eelco Dolstra c4cb6ea2bc * Refactoring. 2004-06-22 08:50:25 +00:00