Eelco Dolstra
f398949b40
Make LocalStore thread-safe
...
Necessary for multi-threaded commands like "nix verify-paths".
2016-04-08 18:07:13 +02:00
Eelco Dolstra
e39999ed48
Sign locally-built paths
...
Locally-built paths are now signed automatically using the secret keys
specified by the ‘secret-key-files’ option.
2016-04-07 15:16:57 +02:00
Eelco Dolstra
d0f5719c2a
Add "nix copy-sigs" command
...
This imports signatures from one store into another. E.g.
$ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/
imported 595 signatures
2016-04-05 16:39:23 +02:00
Eelco Dolstra
9cee600c88
LocalStore: Keep track of ultimately trusted paths
...
These are content-addressed paths or outputs of locally performed
builds. They are trusted even if they don't have signatures, so "nix
verify-paths" won't complain about them.
2016-03-30 17:35:48 +02:00
Eelco Dolstra
3d119f0a3b
Improve the SQLite wrapper API
...
In particular, this eliminates a bunch of boilerplate code.
2016-03-30 15:50:45 +02:00
Eelco Dolstra
d9c5e3bbf0
Factour out SQLite handling
2016-03-30 13:27:25 +02:00
Eelco Dolstra
2ae43ced9a
Turn retrying SQLite transactions into a higher-order function
2016-03-30 12:04:27 +02:00
Eelco Dolstra
bb1034316d
Don't overload dumpPath()
2016-03-22 14:21:45 +01:00
Eelco Dolstra
1c5f73f529
Add Store::dumpPath() method
...
This allows applying nix-store --verify-path to binary cache stores:
NIX_REMOTE=https://cache.nixos.org nix-store --verify-path /nix/store/s5c7...
2016-03-21 17:55:57 +01:00
Eelco Dolstra
87295b9844
Drop support for upgrading from Nix <= 0.12
2016-03-21 15:09:03 +01:00
Eelco Dolstra
42bc395b63
Eliminate some large string copying
2016-03-04 16:49:56 +01:00
Eelco Dolstra
bcc9943cee
importPaths(): Optionally add NARs to binary cache accessor
...
This enables an optimisation in hydra-queue-runner, preventing a
download of a NAR it just uploaded to the cache when reading files
like hydra-build-products.
2016-02-26 15:20:10 +01:00
Eelco Dolstra
152b1d6bf9
deletePath(): Succeed if path doesn't exist
...
Also makes it robust against concurrent deletions.
2016-02-24 17:44:55 +01:00
Eelco Dolstra
28e7e29abd
Eliminate reserveSpace flag
2016-02-24 17:44:55 +01:00
Eelco Dolstra
5a64e66268
LocalStore::addTextToStore(): Don't read the path we just wrote
...
This eliminates some unnecessary (presumably cached) I/O.
2016-02-24 17:11:31 +01:00
Eelco Dolstra
b49d323ce2
Fix build without sodium
...
http://hydra.nixos.org/build/32085949
2016-02-17 12:42:14 +01:00
Eelco Dolstra
5ac27053e9
Rename ValidPathInfo::hash -> narHash for consistency
2016-02-16 11:49:12 +01:00
Eelco Dolstra
c8f4d89a34
Expose the export magic value and move LocalStore::queryReferences to Store
2016-02-15 15:01:26 +01:00
Eelco Dolstra
d089372565
Add function to extract hash part of a store path
2016-02-15 15:01:26 +01:00
Eelco Dolstra
c10c61449f
Eliminate the "store" global variable
...
Also, move a few free-standing functions into StoreAPI and Derivation.
Also, introduce a non-nullable smart pointer, ref<T>, which is just a
wrapper around std::shared_ptr ensuring that the pointer is never
null. (For reference-counted values, this is better than passing a
"T&", because the latter doesn't maintain the refcount. Usually, the
caller will have a shared_ptr keeping the value alive, but that's not
always the case, e.g., when passing a reference to a std::thread via
std::bind.)
2016-02-04 14:28:26 +01:00
Eelco Dolstra
9e7c1a4bbd
Use the daemon when we don't have write access to the Nix database
2016-01-31 10:28:48 +01:00
Eelco Dolstra
8906eda2f9
Canonicalize gids to 0
...
Previously files in the Nix store were owned by root or by nixbld,
depending on whether they were created by a substituter or by a
builder. This doesn't matter much, but causes spurious diffoscope
differences. So use root everywhere.
2016-01-12 17:27:40 +01:00
Eelco Dolstra
8f67325a7c
Build sandbox support etc. unconditionally on Linux
...
Also, use "#if __APPLE__" instead of "#if SANDBOX_ENABLED" to prevent
ambiguity.
2015-12-10 11:47:17 +01:00
Eelco Dolstra
ccf31dbc25
nix-copy-closure: Add -v flag
...
And make exportPath() less spammy by default.
2015-07-20 01:52:07 +02:00
Eelco Dolstra
b3491c781c
More cleanup
2015-07-20 01:16:16 +02:00
Eelco Dolstra
6bd2c7bb38
OCD: foreach -> C++11 ranged for
2015-07-17 20:13:56 +02:00
Eelco Dolstra
2bc9c84327
Use posix_fallocate to create /nix/var/nix/db/reserved
2015-06-22 15:54:55 +02:00
Rok Garbas
000de699e9
cygwin: explicitly include required c headers
2015-05-13 09:37:12 +02:00
Eelco Dolstra
1711679ea5
Revert /nix/store permission back to 01775
...
This broke NixOS VM tests.
Mostly reverts 27b7b94923
,
5ce50cd99e
,
afa433e58c
.
2015-04-07 13:21:26 +02:00
Eelco Dolstra
7ea6ecf855
addToStore(): Take explicit name argument
2015-03-25 17:06:12 +01:00
Eelco Dolstra
57d64d24aa
Doh^2
2015-01-08 16:59:22 +01:00
Eelco Dolstra
57b82256b0
Doh
2015-01-08 16:49:31 +01:00
Eelco Dolstra
27b7b94923
Set /nix/store permission to 1737
...
I.e., not readable to the nixbld group. This improves purity a bit for
non-chroot builds, because it prevents a builder from enumerating
store paths (i.e. it can only access paths it knows about).
2015-01-08 16:39:07 +01:00
Shea Levy
3d97b8d1e7
LocalStore initialization: Don't die if build-users-group doesn't exist
...
See NixOS/nixpkgs@9245516
2014-12-29 14:40:13 +01:00
Eelco Dolstra
46f3eb6fdd
Shut up a Valgrind warning
2014-12-12 15:10:02 +01:00
Eelco Dolstra
e529823635
Don't wait for PID -1
...
The pid field can be -1 if forking the substituter process failed.
2014-12-10 13:53:04 +01:00
Eelco Dolstra
1256ab3b44
Clean up temp roots in a more C++ way
2014-11-19 17:07:29 +01:00
Eelco Dolstra
2a4dbcff74
Improved error message when encountering unsupported file types
...
Fixes #269 .
2014-10-14 10:51:19 +02:00
Eelco Dolstra
11849a320e
Use proper quotes everywhere
2014-08-20 18:03:48 +02:00
Eelco Dolstra
98873ff7de
Remove unnecessary call to addTempRoot()
2014-08-05 16:41:42 +02:00
Eelco Dolstra
daf3f2c11f
Make readDirectory() return inode / file type
2014-08-01 17:14:28 +02:00
Eelco Dolstra
edbfe2232e
Replace message "importing path <...>" with "exporting path <...>"
...
This causes nix-copy-closure to show what it's doing before rather
than after.
2014-07-10 21:30:22 +02:00
Eelco Dolstra
8e9140cfde
Refactoring: Move all fork handling into a higher-order function
...
C++11 lambdas ftw.
2014-07-10 16:58:09 +02:00
Eelco Dolstra
7911e4c27a
Remove maybeVfork
2014-07-10 13:35:44 +02:00
Eelco Dolstra
696f960dee
Set up directories and permissions for multi-user install automatically
...
This automatically creates /nix/var/nix/profiles/per-user and sets the
permissions/ownership on /nix/store to 1775 and root:nixbld.
2014-05-02 14:31:15 +02:00
Eelco Dolstra
dfa2f77d2e
If a .drv cannot be parsed, show its path
...
Otherwise you just get ‘expected string `Derive(['’ which isn't very helpful.
2014-04-08 19:24:29 +02:00
Eelco Dolstra
3fd01b171a
Set up a minimal /dev in chroots
...
Not bind-mounting the /dev from the host also solves the problem with
/dev/shm being a symlink to something not in the chroot.
2014-02-27 23:17:53 +01:00
Eelco Dolstra
00d30496ca
Heuristically detect if a build may have failed due to a full disk
...
This will allow Hydra to detect that a build should not be marked as
"permanently failed", allowing it to be retried later.
2014-02-17 14:15:56 +01:00
Eelco Dolstra
d210cdc435
Fix assertion failure in ‘nix-store --load-db’
...
Namely:
nix-store: derivations.cc:242: nix::Hash nix::hashDerivationModulo(nix::StoreAPI&, nix::Derivation): Assertion `store.isValidPath(i->first)' failed.
This happened because of the derivation output correctness check being
applied before the references of a derivation are valid.
2014-02-03 22:36:07 +01:00
Eelco Dolstra
d6582c04c1
Give a friendly error message if the DB directory is not writable
...
Previously we would say "error: setting synchronous mode: unable to
open database file" which isn't very helpful.
2014-02-01 16:57:38 +01:00