Commit graph

104 commits

Author SHA1 Message Date
Eelco Dolstra 42d80d1170 * On FreeBSD, sys/mount.h needs sys/param.h. 2007-10-29 10:03:07 +00:00
Eelco Dolstra d91cd30563 * Detect whether chroot / bind-mount support is available. 2007-10-27 16:51:55 +00:00
Eelco Dolstra 93aefd9fc0 * Give unpacked channels more sensible names than 0, 1, ... They now
get the basename of the channel URL (e.g., nixpkgs-unstable).  The
  top-level Nix expression of the channel is now an attribute set, the
  attributes of which are the individual channels (e.g.,
  {nixpkgs_unstable = ...; strategoxt_unstable = ...}).  This makes
  attribute paths ("nix-env -qaA" and "nix-env -iA") more sensible,
  e.g., "nix-env -iA nixpkgs_unstable.subversion".
2007-05-01 23:16:38 +00:00
Eelco Dolstra 2716f9bc5f * It seems that svnversion prints a carriage return on Cygwin, so we
get a invalid #define VERSION.  Use "svnversion -n" to leave out the
  newline.  Fix provided by Marc Weber.
2007-04-16 12:00:13 +00:00
Eelco Dolstra db1973d012 * Look for the openssl program at compile time. If not found, call
openssl through $PATH at runtime.
2007-03-01 13:30:46 +00:00
Eelco Dolstra d03f0d4117 * Check for lchown. 2006-12-07 18:51:11 +00:00
Eelco Dolstra 9f0efa6611 * Start of the setuid helper (the program that performs the operations
that have to be done as root: running builders under different uids,
  changing ownership of build results, and deleting paths in the store
  with the wrong ownership).
2006-12-06 01:24:02 +00:00
Eelco Dolstra 84d6459bd5 * Use setreuid if setresuid is not available. 2006-12-03 14:32:22 +00:00
Eelco Dolstra 40b3f64b55 * Skeleton of the privileged worker program.
* Some refactoring: put the NAR archive integer/string serialisation
  code in a separate file so it can be reused by the worker protocol
  implementation.
2006-11-30 19:19:59 +00:00
Eelco Dolstra 71e867c5f5 * Remove --enable-setuid, --with-nix-user and --with-nix-group.
Rather, setuid support is now always compiled in (at least on
  platforms that have the setresuid system call, e.g., Linux and
  FreeBSD), but it must enabled by chowning/chmodding the Nix
  binaries.
2006-11-29 21:06:58 +00:00
Eelco Dolstra e790404318 * Don't use the result of `uname -p' on x86_64 as it gives wacky
results on some machines. (NIX-69)
2006-11-13 14:54:18 +00:00
Eelco Dolstra 1d694eef4c * Require Perl 5.8.0 or newer. I mean, it *is* more than four years
old...
2006-10-19 19:20:18 +00:00
Eelco Dolstra 7bada48b36 * Bumped the version number to 0.11. 2006-10-06 13:45:29 +00:00
Eelco Dolstra 4cab35d1a6 * Build with -D_FILE_OFFSET_BITS=64 to support files >= 2^31 bytes
(NIX-22).
2006-09-22 11:13:12 +00:00
Eelco Dolstra 22d13d6ec2 * Check for patch (NIX-59). 2006-09-20 15:28:47 +00:00
Eelco Dolstra aab8812732 * Store the Nix libraries in ${libdir}/nix instead of ${libdir}. 2006-09-04 15:12:24 +00:00
Eelco Dolstra e5678b3435 * Map "ppc" to "powerpc" so that Linux on PowerPC will be reported as
"powerpc-linux".
2006-08-25 16:23:42 +00:00
Eelco Dolstra 1a9a1f2768 * Convert to DocBook 5.
* Use Jing for RelaxNG validation, xmllint seems buggy.
2006-08-21 16:05:11 +00:00
Eelco Dolstra 2d456fc35a * On Cygwin, set the system type to i686-cygwin, and disable dynamic
linking.
2006-05-31 11:50:14 +00:00
Eelco Dolstra 03162f8f47 * Unless --with-bzip2 is specified, use a copy of bzip2 in the
externals directory.  This is in particular useful because though
  most systems have bzip2/bunzip2, they don't always have libbz2,
  which we need for bsdiff/bspatch.
2006-04-25 10:45:53 +00:00
Eelco Dolstra a4c63c6e8e * Make it easy to run individual tests from the command line. 2006-03-01 12:15:33 +00:00
Eelco Dolstra ddb78dfc3d * Check whether "nix-store -q --graph" generates a valid dot graph.
* Test "nix-store -q --tree" as well.
2006-02-22 13:55:41 +00:00
Eelco Dolstra d6f586d0ea * Optional switch "--with-openssl=<PATH>" to use OpenSSL's
implementations of MD5, SHA-1 and SHA-256.  The main benefit is that
  we get assembler-optimised implementations of MD5 and SHA-1 (though
  not SHA-256 (at least on x86), unfortunately).  OpenSSL's SHA-1
  implementation on Intel is twice as fast as ours.
2006-02-13 19:52:43 +00:00
Eelco Dolstra 8291f6d968 * bsdiff updated to 4.3. This makes Nix depend on libbz2. 2006-02-01 16:48:49 +00:00
Eelco Dolstra 0e38578433 * log2xml -> nix-log2xml. 2005-10-05 09:42:13 +00:00
Eelco Dolstra 89cd0f57b1 * Use -all_load on Mac OS X. 2005-09-21 11:12:43 +00:00
Eelco Dolstra f4fe3bd5b1 * Bump the version number to 0.10. 2005-09-16 13:47:03 +00:00
Eelco Dolstra d1d0271996 * Check for w3m. 2005-09-15 15:21:57 +00:00
Eelco Dolstra 896c0b92f3 * This is not a GNU project :-P 2005-09-15 09:18:21 +00:00
Eelco Dolstra 4c20a08293 * Build dynamic libraries. 2005-07-22 14:52:45 +00:00
Eelco Dolstra 6c88d67780 * Build .tar.bz2 files in `make dist'. 2005-05-07 15:45:38 +00:00
Eelco Dolstra 1d86790910 * Bump the version number to 0.9. 2005-04-11 13:04:54 +00:00
Eelco Dolstra 90905634ed * Doh. 2005-04-08 09:28:50 +00:00
Eelco Dolstra ab75a50ba4 * Fink compatibility. 2005-03-21 10:06:11 +00:00
Eelco Dolstra 62dbfbc45b * Remove Docbook EBNF dependency. 2005-03-15 14:38:22 +00:00
Eelco Dolstra bacd3a6cfa * Purify all corepkgs builders. 2005-03-15 12:03:15 +00:00
Eelco Dolstra d46b4262dc * Bump version number to 0.8. 2005-01-12 13:23:12 +00:00
Eelco Dolstra 4f07ebc67e * Integrated bsdiff/bspatch 4.2 (from
http://www.daemonology.net/bsdiff/bsdiff-4.2.tar.gz) into the source
  tree.  The license is a bit peculiar, but it does allow verbatim
  copying, which is what we do here (i.e., so don't make any changes
  to the sources).
2004-12-29 22:08:48 +00:00
Eelco Dolstra 3d1b2101cc * Place manifests in /nix/var/nix/manifests.
* Use the new patch downloader.
2004-12-20 16:38:50 +00:00
Eelco Dolstra 5d5318c2ff * Bump version number to 0.7. 2004-11-14 14:00:45 +00:00
Eelco Dolstra ed09821859 * Use atdiff' instead of cmp' for checking test output.
* Don't use local file names in tests since they will produce
  different parse trees depending on the current directory.
2004-10-27 13:12:58 +00:00
Eelco Dolstra 3ade3e7721 * Revert r1594 - it didn't solve the problem. Instead add
svn-revision to distributions, which should fix it.
2004-10-25 13:51:34 +00:00
Eelco Dolstra 2248becfd3 * Make sure that the prerelease version is included in `--version'. 2004-10-25 12:15:50 +00:00
Eelco Dolstra 47f87072ad * A very dirty hack to make setuid installations a bit nicer to use.
Previously there was the problem that all files read by nix-env
  etc. should be reachable and readable by the Nix user.  So for
  instance building a Nix expression in your home directory meant that
  the home directory should have at least g+x or o+x permission so
  that the Nix user could reach the Nix expression.  Now we just
  switch back to the original user just prior to reading sources and
  the like.  The places where this happens are somewhat arbitrary,
  however.  Any scope that has a live SwitchToOriginalUser object in
  it is executed as the original user.

* Back out r1385.  setreuid() sets the saved uid to the new
  real/effective uid, which prevents us from switching back to the
  original uid.  setresuid() doesn't have this problem (although the
  manpage has a bug: specifying -1 for the saved uid doesn't leave it
  unchanged; an explicit value must be specified).
2004-09-09 21:12:53 +00:00
Eelco Dolstra 5396304c73 * Use setre[ug]id() instead of setres[ug]id(), since the former is
more common than the latter (which exists only on Linux and
  FreeBSD).  We don't really care about dropping the saved IDs since
  there apparently is no way to quiry them in any case, so it can't
  influence the build (unlike the effective IDs which are checked by
  Perl for instance).
2004-09-09 15:55:31 +00:00
Eelco Dolstra e77fbe0fa2 * On systems that have the setresuid() and setresgid() system calls to
set the real uid and gid to the effective uid and gid, the Nix
  binaries can be installed as owned by the Nix user and group instead
  of root, so no root involvement of any kind is necessary.

  Linux and FreeBSD have these functions.
2004-08-20 15:22:33 +00:00
Eelco Dolstra 2d35116c13 * Setuid support for sharing a Nix installation between multiple
users.

  If the configure flag `--enable-setuid' is used, the Nix programs
  nix-env, nix-store, etc. are installed with the setuid bit turned on
  so that they are executed as the user and group specified by
  `--with-nix-user=USER' and `--with-nix-group=GROUP', respectively
  (with defaults `nix' and `nix').

  The setuid programs drop all special privileges if they are executed
  by a user who is not a member of the Nix group.

  The setuid feature is a quick hack to enable sharing of a Nix
  installation between users who trust each other.  It is not
  generally secure, since any user in the Nix group can modify (by
  building an appropriate derivation) any object in the store, and for
  instance inject trojans into binaries used by other users.

  The setuid programs are owned by root, not the Nix user.  This is
  because on Unix normal users cannot change the real uid, only the
  effective uid.  Many programs don't work properly when the real uid
  differs from the effective uid.  For instance, Perl will turn on
  taint mode.  However, the setuid programs drop all root privileges
  immediately, changing all uids and gids to the Nix user and group.
2004-08-20 14:49:05 +00:00
Eelco Dolstra 966bd9d19f * WTF? More canonical system name problems ("athlon-linux" instead of
"i686-linux").
2004-08-13 09:57:51 +00:00
Eelco Dolstra 39eaecbc98 * Slightly better heuristic for picking the canonical system type.
Now SuSE and Red Hat should yield the same type (`i686-linux').  Mac
  OS X should now give `powerpc-darwin' (i.e., the version number is
  gone).
2004-07-18 21:07:27 +00:00
Eelco Dolstra 37ee6cef99 * Adapted nix-pull to use the new substitute mechanism. 2004-06-21 09:51:23 +00:00