Show message about --update-input being replaced by nix flake update

Change-Id: I6ee23874cb09f51d788521273076a25ba8764859
Accept multiple arguments to nix flake update
2024-05-17 22:05:34 +02:00 · 2024-05-17 22:05:34 +02:00 · 2024-05-17 18:17:05 +00:00 · 2024-05-17 01:10:44 +00:00 · 2024-05-17 00:41:35 +00:00 · 2024-05-16 17:11:21 -07:00
10 changed files with 90 additions and 8 deletions
--- a/doc/manual/change-authors.yml
+++ b/doc/manual/change-authors.yml
@ -61,3 +61,8 @@ edolstra:
 roberth:
  display_name: Robert Hensing
  github: roberth
+
+midnightveil:
+  display_name: julia
+  forgejo: midnightveil
+  github: midnightveil
--- a/doc/manual/rl-next/enable-coredumps.md
+++ b/doc/manual/rl-next/enable-coredumps.md
@ -0,0 +1,13 @@
+---
+synopsis: "Add an option `enable-core-dumps` that enables core dumps from builds"
+cls: 1088
+credits: midnightveil
+category: Features
+---
+
+In the past, Lix disabled core dumps by setting the soft `RLIMIT_CORE` to 0
+unconditionally. Although this rlimit could be altered from the builder since
+it is just the soft limit, this was kind of annoying to do. By passing
+`--option enable-core-dumps true` to an offending build, one can now cause the
+core dumps to be handled by the system in the normal way (winding up in
+`coredumpctl`, say, on Linux).
--- a/src/libexpr/eval-settings.hh
+++ b/src/libexpr/eval-settings.hh
@ -14,8 +14,11 @@ struct EvalSettings : Config

    static std::string resolvePseudoUrl(std::string_view url);

-    Setting<bool> enableNativeCode{this, false, "allow-unsafe-native-code-during-evaluation",
-        "Whether builtin functions that allow executing native code should be enabled."};
+    Setting<bool> enableNativeCode{this, false, "allow-unsafe-native-code-during-evaluation", R"(
+        Whether builtin functions that allow executing native code should be enabled.
+
+        In particular, this adds the `importNative` and `exec` builtins.
+    )"};

    Setting<Strings> nixPath{
        this, getDefaultNixPath(), "nix-path",
--- a/src/libstore/build/local-derivation-goal.cc
+++ b/src/libstore/build/local-derivation-goal.cc
@ -1977,6 +1977,9 @@ void LocalDerivationGoal::runChild()

        /* Disable core dumps by default. */
        struct rlimit limit = { 0, RLIM_INFINITY };
+        if (settings.enableCoreDumps) {
+            limit.rlim_cur = RLIM_INFINITY;
+        }
        setrlimit(RLIMIT_CORE, &limit);

        // FIXME: set other limits to deterministic values?
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@ -290,6 +290,15 @@ public:
    Setting<off_t> reservedSize{this, 8 * 1024 * 1024, "gc-reserved-space",
        "Amount of reserved disk space for the garbage collector."};

+    Setting<bool> enableCoreDumps{
+        this, false, "enable-core-dumps",
+        R"(
+          If set to `false` (the default), `RLIMIT_CORE` has a soft limit of zero.
+          If set to `true`, the soft limit is infinite.
+
+          The hard limit is always infinite.
+        )"};
+
    Setting<bool> fsyncMetadata{
        this, true, "fsync-metadata",
        R"(
--- a/src/nix/flake.cc
+++ b/src/nix/flake.cc
@ -87,11 +87,13 @@ public:
        expectArgs({
            .label="inputs",
            .optional=true,
-            .handler={[&](std::string inputToUpdate){
-                auto inputPath = flake::parseInputPath(inputToUpdate);
-                if (lockFlags.inputUpdates.contains(inputPath))
-                    warn("Input '%s' was specified multiple times. You may have done this by accident.");
-                lockFlags.inputUpdates.insert(inputPath);
+            .handler={[&](std::vector<std::string> inputsToUpdate) {
+                for (const auto & inputToUpdate : inputsToUpdate) {
+                    auto inputPath = flake::parseInputPath(inputToUpdate);
+                    if (lockFlags.inputUpdates.contains(inputPath))
+                        warn("Input '%s' was specified multiple times. You may have done this by accident.", inputToUpdate);
+                    lockFlags.inputUpdates.insert(inputPath);
+                }
            }},
            .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) {
                completeFlakeInputPath(completions, getEvalState(), getFlakeRefsForCompletion(), prefix);
@ -132,6 +134,15 @@ struct CmdFlakeLock : FlakeCommand

    CmdFlakeLock()
    {
+        addFlag({
+            .longName="update-input",
+            .description="Replaced with `nix flake update input...`",
+            .labels={"input-path"},
+            .handler={[&](std::string inputToUpdate){
+                throw UsageError("`nix flake lock --update-input %1%` has been replaced by `nix flake update %1%`", inputToUpdate);
+            }}
+        });
+
        /* Remove flags that don't make sense. */
        removeFlag("no-write-lock-file");
    }
--- a/tests/nixos/coredumps/default.nix
+++ b/tests/nixos/coredumps/default.nix
@ -0,0 +1,15 @@
+let
+  inherit (import ../util.nix) mkNixBuildTest;
+in mkNixBuildTest rec {
+  name = "coredumps";
+  extraMachineConfig = { pkgs, ... }: {
+    boot.kernel.sysctl."kernel.core_pattern" = "core";
+  };
+
+  expressionFile = ./package.nix;
+
+  testScriptPost = ''
+    # do a test, but this time with coredumps enabled.
+    machine.succeed('nix-build --option enable-core-dumps true --expr "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ${expressionFile} { shouldBePresent = true; }"')
+  '';
+}
--- a/tests/nixos/coredumps/package.nix
+++ b/tests/nixos/coredumps/package.nix
@ -0,0 +1,16 @@
+{ lib, runCommand, shouldBePresent ? false }:
+
+runCommand "core-dump-now" { } ''
+  set -m
+  sleep infinity &
+
+  # make a coredump
+  kill -SIGSEGV %1
+
+  if ${lib.optionalString (shouldBePresent) "!"} test -n "$(find . -maxdepth 1 -name 'core*' -print -quit)"; then
+    echo "core file was in wrong presence state, expected: ${if shouldBePresent then "present" else "missing"}"
+    exit 1
+  fi
+
+  touch $out
+''
--- a/tests/nixos/default.nix
+++ b/tests/nixos/default.nix
@ -166,4 +166,6 @@ in
  rootInSandbox = runNixOSTestFor "x86_64-linux" ./root-in-sandbox;

  broken-userns = runNixOSTestFor "x86_64-linux" ./broken-userns.nix;
+
+  coredumps = runNixOSTestFor "x86_64-linux" ./coredumps;
 }
--- a/tests/nixos/util.nix
+++ b/tests/nixos/util.nix
@ -1,5 +1,6 @@
 {
-  mkNixBuildTest = { name, expressionFile, extraMachineConfig ? {} }:
+  mkNixBuildTest =
+    { name, expressionFile, extraMachineConfig ? {}, testScriptPre ? "", testScriptPost ? "" }:
    { lib, pkgs, ... }:
    {
      inherit name;
@ -17,7 +18,11 @@
      testScript = { nodes }: ''
        start_all()

+        ${testScriptPre}
+
        machine.succeed('nix-build --expr "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ${expressionFile} {}"')
+
+        ${testScriptPost}
      '';
    };
 }
Author	SHA1	Message	Date
Nikodem Rabuliński	551fa55939	Show message about `--update-input` being replaced by `nix flake update` Change-Id: `I6ee23874cb09f51d788521273076a25ba8764859`	2024-05-17 22:05:34 +02:00
Nikodem Rabuliński	4879178a81	Accept multiple arguments to `nix flake update` Change-Id: `Ia7bd4f7640384be9827dbb7e2c594f0aa5f1aff8`	2024-05-17 22:05:34 +02:00
Qyriad	93b7edfd07	Merge "docs: mention importNative/exec in allow-unsafe-native-code-during-evaluation" into main	2024-05-17 18:17:05 +00:00
julia	005ee33a9a	Merge "Allow enabling core dumps from builds for nix & child processes" into main	2024-05-17 01:10:44 +00:00
Qyriad	5ff076d8ad	docs: mention importNative/exec in allow-unsafe-native-code-during-evaluation Both of these still needs their own actual documentation, but they are at least now mentioned that they exist and what they're enabled by. Change-Id: `I235b9e8e627e04ed06611423c8e67a8eca233120`	2024-05-17 00:41:35 +00:00
julia	5b7dcb3005	Allow enabling core dumps from builds for nix & child processes Fixes lix-project/lix#268 Change-Id: `I3f1b0ddf064f891cca8b53229c5c31c74cea3d9f`	2024-05-16 17:11:21 -07:00