Commit graph

15412 commits

Author SHA1 Message Date
puck 6f36a8834c Copy the output of fixed-output derivations before registering them
It is possible to exfiltrate a file descriptor out of the build sandbox
of FODs, and use it to modify the store path after it has been
registered. To avoid that issue, don't register the output of the build,
but a copy of it (that will be free of any leaked file descriptor).

Test that we can't leverage abstract unix domain sockets to leak file
descriptors out of the sandbox and modify the path after it has been
registered.

(cherry picked from commit 2dadfeb690e7f4b8f97298e29791d202fdba5ca6)
(tests cherry picked from commit c854ae5b3078ac5d99fa75fe148005044809e18c)

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Theophane Hufschmitt <theophane.hufschmitt@tweag.io>
Co-authored-by: Tom Bereknyei <tomberek@gmail.com>

Change-Id: I87cd58f1c0a4f7b7a610d354206b33301e47b1a4
2024-03-07 01:44:58 +00:00
eldritch horrors 89e99d94e4 Merge pull request #9634 from 9999years/combine-abstract-pos-and-pos
Combine `AbstractPos`, `PosAdapter`, and `Pos`

(cherry picked from commit 113499d16fc87d53b73fb62fe6242154909756ed)

===

this is a bit cursed because originally it was based on InputAccessor
code that we don't have and moved/patched features we likewise don't
have (fetchToStore caching, all the individual accessors,
ContentAddressMethod). the commit is adjusted accordingly to
match (remove caching, ignore accessors, use FileIngestionMethod).

note that `state.rootPath . CanonPath == abs` and
computeStorePathForPath works relative to cwd, so the slight rewrite in
the moved fetchToStore is legal.

Change-Id: I05fd340c273f0bcc8ffabfebdc4a88b98083bce5
2024-03-05 23:46:18 -07:00
eldritch horrors e9b5929b22 Merge pull request #9860 from 9999years/set-stack-darwin
Increase stack size on macOS as well as Linux

(cherry picked from commit efb91d5979a625d5c50558aeabfd24e802ed9173,
4a2444b3f32a2f5d42c4d65302793b987d1ac667)
Change-Id: Ieb72283c61bb9e360683f531d6635697b293c313
2024-03-05 23:36:42 -07:00
eldritch horrors a499383187 Merge pull request #10085 from ShamrockLee/ignore-obsolete-testdir
.gitignore: ignore historical test binaries

(cherry picked from commit cd2d8b6d4c3f8cec1a21a4d0a7d1ea626aa2a78e)
Change-Id: Ieb01910ab7722df78d8570ca6e408f1de5839fb8
2024-03-05 23:36:31 -07:00
eldritch horrors c67b392385 Merge pull request #9608 from NixOS/default-lowdown
Remove custom lowdown

(cherry picked from commit 790cf13c268c7197c276cc02efda4cfe64a3a688)
Change-Id: Ie01f9a69e81e793fc7ac869de943da370dc75e36
2024-03-05 23:36:11 -07:00
eldritch horrors bfe2facede Merge pull request #9443 from ivan770/reproducibility
doc: fix machine-specific capabilities leaking
(cherry picked from commit dda0e34ecf16bb1c736d585414122a7e3587db70)
Change-Id: I3d07cc5039ee954b215a7a27caa3bf7359d92c26
2024-03-05 23:35:22 -07:00
eldritch horrors e8f1acfb18 Merge pull request #5145 from fedepell/local_doc_build_5140
Docs build: depend on locally built nix executable and not installed one

(cherry picked from commit ca72e3e7e8f69526f028475a7a9b40812da1acdd)

===

includes changes from (because not doing so removes manpages):

Merge pull request #9976 from alois31/restore-manual-pages

Restore manual pages

(cherry picked from commit d3c1997127e0fc08576e842b2bfe046d8a28d2f4)

Change-Id: I685ff16163ac552a1754570c03c992c63a461d50
2024-03-05 23:01:05 +01:00
eldritch horrors 13d2f96257 Merge pull request #9541 from obsidiansystems/config-buildprefix-fix
Including `config.h` also needs `$(buildprefix)`

(cherry picked from commit 96fdea3394ff61e24c53358644a5064218218d13)
Change-Id: I8b5c0b1826aa007aa681c8b199f9b1489cac6784
2024-03-05 21:16:55 +01:00
eldritch horrors 2e1f5e2666 Merge pull request #9105 from Ericson2314/split-out-nixos-tests
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix`

(cherry picked from commit c29b8ba142a0650d1182ca838ddc1b2d273dcd2a)
Change-Id: Ieae1b6476d95024485df7067e008013bc5542039
2024-03-05 21:11:59 +01:00
eldritch horrors 5bda6d9dc8 Merge pull request #9915 from 9999years/evaluating-attribute-position
Add position information to `while evaluating the attribute` errors in the debugger

(cherry picked from commit ffe67c86a8ef3695e5c8b9c9800c192ac633dded)
Change-Id: I177ea5ec60898abe09fb9d80d9602b2a32ff8f44
2024-03-04 09:25:17 +01:00
eldritch horrors 4551dd0f2c Merge pull request #10010 from 9999years/fix-9941
Fix "Failed tcsetattr(TCSADRAIN)" when `nix repl` is not a TTY

(cherry picked from commit 864fc85fc88ff092725ba99907611b2b8d2205fb)
Change-Id: I8198674b935fabd741a349cc74544e61c53ea7b3
2024-03-04 09:25:17 +01:00
eldritch horrors 41b7876b32 Merge pull request #10067 from ramboman/fix-proxy-nix
`nix`: Fix `haveInternet` to check for proxy

(cherry picked from commit accae60e7710a18f6f2bd7d2f4cd836bcd76b684)
Change-Id: I996dafdcd266f4bc5806386c86b19040120842bf
2024-03-04 09:25:17 +01:00
eldritch horrors 82075c8ebd Merge pull request #10054 from syvb/channel-unpack-count
Say how many channels were unpacked in nix-channel

(cherry picked from commit 9ae665b9e1dc64c507ab6002fc5d7824208f3777)
Change-Id: Ie0950cf32123b550c5b83981a020e513f72a9b7c
2024-03-04 09:25:17 +01:00
eldritch horrors 523250d18b Merge pull request #10055 from GrahamDennis/gdennis/faster-flake-lock-parsing
Faster flake.lock parsing

(cherry picked from commit ff4fa4dbd307fb155155421a7ec0625383dcedeb)
Change-Id: I34325834770db66fa56f0d8d02d3d2322dea3c65
2024-03-04 09:25:17 +01:00
eldritch horrors edb8e24ee0 Merge pull request #10001 from abathur/fix_macos_daemon_perms
install-darwin: fix symbolic perms for install cmd
(cherry picked from commit ee9f6d022f33663501503cf7d2b3d0cf605ac268)
Change-Id: I83240e1e93aa9a2ba34d5ac3abd8ef4f7ec54ac3
2024-03-04 09:25:17 +01:00
eldritch horrors 96a3683308 Ban building Nix with NDEBUG
When reviewing old PRs, I found that #9997 adds some code to ensure one
particular assert is always present. But, removing asserts isn't
something we do in our own release builds either in the flake here or in
nixpkgs, and is plainly a bad idea that increases support burden,
especially if other distros make bad choices of build flags in their Nix
packaging.

For context, the assert macro in the C standard is defined to do nothing
if NDEBUG is set.

There is no way in our build system to set -DNDEBUG without manually
adding it to CFLAGS, so this is simply a configuration we do not use.
Let's ban it at compile time.

I put this preprocessor directive in src/libutil.cc because it is not
obvious where else to put it, and it seems like the most logical file
since you are not getting a usable nix without it.

Upstream-PR: https://github.com/NixOS/nix/pull/10126
Original-Change-Id: I513cceaac1371decb3d96231e6ef9181c910c218
Change-Id: I531a51f6348a746e8e41d88203b08f614898356c
2024-03-04 09:24:58 +01:00
eldritch horrors c6064390e8 Merge pull request #9992 from edolstra/fix-warning
Fix "may be used uninitialized" warning

(cherry picked from commit c4ebb82da4eade975e874da600dc50e9dec610cb)
Change-Id: I0ce99bf102ad12902f7055c29a56e665b8320ca8
2024-03-04 08:59:58 +01:00
eldritch horrors bbf69a4898 Merge pull request #9974 from edolstra/less-chatty-post-build-hook
runPostBuildHook(): Be less chatty

(cherry picked from commit 28a988bdde7b20abff9000162015500c44a5812b)
Change-Id: Ibb49b71bf631d04d08970d719f091221b15c5036
2024-03-04 08:59:18 +01:00
eldritch horrors 647d762ab5 Merge pull request #9933 from pennae/debugger-fix
fix debugger crashing while printing envs

(cherry picked from commit 9b8b4860913afdb7f9cb1e1e81f9a9dd192cd1c1)
Change-Id: Ica6a17e4b3e3b8b8093719f442c28be7f13be09d
2024-03-04 08:57:44 +01:00
eldritch horrors 542a19104e Merge pull request #9918 from 9999years/debugger-locals-for-let-expressions
Expose locals from `let` expressions to the debugger

(cherry picked from commit acef4f17a2daab4ccdf656bdf229792db2f779e4)
Change-Id: Ib3623254f67ac762f4e7230d625e9f87dff38a84
2024-03-04 08:54:52 +01:00
eldritch horrors cd654451c9 Merge pull request #9924 from 9999years/rename-yellowtxt
Rename `yellowtxt` -> `magentatxt`

(cherry picked from commit fb78a99e04206e7b1df84a362bb87d3300b41855)
Change-Id: I9ade553d9f499e6713aeff3463c9a653a880a051
2024-03-04 08:53:10 +01:00
eldritch horrors 43cedec6c5 Merge pull request #9919 from 9999years/reduce-debugger-clutter
Reduce visual clutter in the debugger

(cherry picked from commit f388a6148dae0fc999f1a67d0b96d76788f9b97f)
Change-Id: I21bfe3e9f75816484b0f46dbe09e0ff40b22c6d9
2024-03-04 08:52:57 +01:00
eldritch horrors 9ef32cf3b8 Merge pull request #9930 from rvl/print-dev-env-unbound-variables
print-dev-env: Avoid using unbound shellHook variable
(cherry picked from commit 25385a408ef7281d966c8732608833e224b32586)
Change-Id: Id1aca13942adfa628f7bdcfc0b6fc03bb3bab9ea
2024-03-04 08:51:49 +01:00
eldritch horrors 625df32afc Merge pull request #9913 from 9999years/debugger-positions
Print positions in `--debugger`, instead of pointers

(cherry picked from commit 49cf090cb2f51d6935756a6cf94d568cab063f81)
Change-Id: Ic27917b2aab3657c28d599898377bf0c14753f8a
2024-03-04 08:51:02 +01:00
eldritch horrors 74272a9bc4 Merge pull request #9861 from 9999years/colored-diff-in-lang-tests
Color `diff` output in `tests/functional/lang` tests

(cherry picked from commit 1dc55c0f2f034bce6e3de4a5cda96d686b10a7f8)
Change-Id: Ie9b3fc3446bd3caa0fd8885de88639516a2ff862
2024-03-04 08:50:00 +01:00
eldritch horrors 78422bdbab Merge pull request #9848 from obsidiansystems/default-system-features-static
Make `StoreConfig::getDefaultSystemFeatures` a static method

(cherry picked from commit 5a9513cdbae31ea5e6f6e7afa7b3c2e3a9a26474)
Change-Id: Ia9c0ae2b7de419bd60aea8bf905154b96c428276
2024-03-04 08:47:55 +01:00
eldritch horrors 50ef364dbe Merge pull request #9844 from NixOS/pkg-config-gmock
Link both gmock and gtest, not just gtest

(cherry picked from commit 979b00bce9efa9560a58a10661865f4e896d0903)
Change-Id: Ic12d596e635057d67de277fbeb1602017e7623d0
2024-03-04 08:47:39 +01:00
eldritch horrors 2bb0a06346 Merge pull request #9841 from obsidiansystems/float-speed-factor
Convert `Machine::speedFactor` from a non-neg int to a non-neg float

(cherry picked from commit 69d0ae27e376e7c7c4f237716b0149223b8a805a)
Change-Id: I2afb5cf9e4fe1384985c58353946135c3d102b42
2024-03-04 08:40:38 +01:00
eldritch horrors 044c117a9f Merge pull request #9481 from iFreilicht/disallow-nix-search-without-search-terms
nix search: Disallow empty regex

(cherry picked from commit 1c260fa6d1f47d83954792771d0614db163cc3bc)
Change-Id: Iaaf3605c24a342fcb05d0b534a9f305533d3b5fa
2024-03-04 08:40:12 +01:00
eldritch horrors 20d7b93b0c Merge pull request #9838 from obsidiansystems/systemTypes-set
Make `Machine::systemTypes` a set not vector

(cherry picked from commit f1b030415376e81c5804647c055d71eaba4aa725)
Change-Id: I6d4f5c0bfc226e9bd66c58c360cd99e3fac9a129
2024-03-04 08:39:24 +01:00
eldritch horrors fad1a25e17 Merge pull request #9805 from yshui/prefetch-unpack
Add --unpack to nix store prefetch-file

(cherry picked from commit f51409cf98e9b18f27a6d0240a0aa0c3f37c2fd0)
Change-Id: I974b04f3efc8b210a9399a71d3704490cfc2c80c
2024-03-04 08:24:18 +01:00
eldritch horrors b6bb869e52 Merge pull request #9632 from cole-h/nix-daemon-testing
Use `nix daemon` in the test suite

(cherry picked from commit e6e160a0758c0354ed810b0ec9846ed885adcc11)
Change-Id: I537a25d3d48f609cd77b2c3a8ad68e87aebabfe8
2024-03-04 08:17:32 +01:00
eldritch horrors 298db5d1cd Merge pull request #9804 from edolstra/missing-nar-crash
Fix crash when NAR is missing from binary cache

(cherry picked from commit 3b20cca9625a1701a10a883735e7315185629563)
Change-Id: I50ff18f4a6de69c323473b4a8e3e098d1f365145
2024-03-04 08:16:28 +01:00
eldritch horrors 68f148ed45 Merge pull request #9798 from edolstra/remote-store-eof
Print a more helpful message if the daemon crashes

(cherry picked from commit 32706b14a7531c2c21b9f96da083a540a0031ec4)
Change-Id: Ief7c465bca7666e2b7e7c9d1dd0c01c5f9014146
2024-03-04 08:12:15 +01:00
eldritch horrors 5dd872363a Merge pull request #9797 from edolstra/fix-error-message
Store: :buildPaths(): Fix display of store paths
(cherry picked from commit b5ed36e6633cac844fe4388dcc0cc8055a18ef9e)
Change-Id: Ic6008491088dc6febd4a1e44dc2dbb96c47661f4
2024-03-04 08:11:46 +01:00
eldritch horrors e81ee8b337 Merge pull request #9785 from hercules-ci/test-substring-negative
tests/functional/lang: Test substring with negative length

(cherry picked from commit 86156d05dd33f856d8804f89669a7fe9b81f1a0d)
Change-Id: I2e2086027a43f8111ba5068ac16590eaa0b798d4
2024-03-04 08:07:16 +01:00
eldritch horrors 2c85fcce87 Merge pull request #9747 from awakesecurity/mz/fix-quadratic-splitString
Fix performance of builtins.substring for empty substrings

(cherry picked from commit b2deff1947c2fe57fdbf1a472eb9003eb407f8d3)
Change-Id: I4ddfc8d26a4781c9520fff9807849a073ee7bed8
2024-03-04 08:06:36 +01:00
eldritch horrors 64b077cdaa Merge pull request #9763 from L-as/avoid-unnecessary-copy
Avoid unnecessary copy of goal log

(cherry picked from commit 268c49264ae2657c602f84f9bff3eb31306253ea)
Change-Id: I5d9de9e43a7ddcb09d25bbc7367c9d83f58c7a75
2024-03-04 08:01:03 +01:00
eldritch horrors e310bbf913 Merge pull request #8043 from bobvanderlinden/pr-shell-env
nix: develop: use SHELL from rc script
(cherry picked from commit 0d55d660d5ea081630aa9606b047eb755cff1528)
Change-Id: I83be6c63b282d7f01a0defa78d9e787c77f1f02d
2024-03-04 07:59:32 +01:00
eldritch horrors 180984178d Merge pull request #9648 from cole-h/nix-shell-ordering
nix shell: reflect command line order in PATH order

(cherry picked from commit b91c935c2faf08ced2c763dcd2a831f26d84fa86)
Change-Id: If16c120bb74857c2817366e74e5b0877eb997260
2024-03-04 07:50:55 +01:00
eldritch horrors aaf1ed1a4c Merge pull request #9726 from DavHau/gitignore
gitignore: add result-*
(cherry picked from commit 47633ceec3b228490a7bcab06c679d9a3de9d9ff)
Change-Id: I4480d7dd8146600d1334c75b39ff3b3b2f9496eb
2024-03-04 07:50:42 +01:00
eldritch horrors 5f2eaa1b35 Merge pull request #9662 from shlevy/flat-fixed-references-assert
Improve error message for fixed-outputs with references.

(cherry picked from commit ff6de4a9ee6c3862db9ee5f09ff9c3f43ae7a088)
Change-Id: I733c49760b9a3f1b76a6bece3b250b8579cd6cac
2024-03-04 07:50:02 +01:00
eldritch horrors aac8416eac Merge pull request #9670 from DavHau/log-lines
saner default for log-lines: change to 25

(cherry picked from commit dedbbbb451bb8f2bd0925e59a8b3d127157015f8)
Change-Id: I8847df4aeb6e5c2d2be0e04f2a0a1aa595cb3b2f
2024-03-04 07:48:57 +01:00
eldritch horrors 4c56629a52 Merge pull request #9692 from 9999years/update-clang-stdenv
Remove `clang11Stdenv`

(cherry picked from commit cbf99c71c6f58579174c1c7649a5421c1d2ba9b0)
Change-Id: I716ce1a54f2006c4a9dc9716e8529fe7858ecebb
2024-03-04 07:48:42 +01:00
eldritch horrors 298be50d7d Merge pull request #9690 from obsidiansystems/nixos-23.05-small-again
flake: Go back to regular `nixos-23.05-small`
(cherry picked from commit 1ed245a60672c123c1348a63061fb4d64fb95212)
Change-Id: I33f5fe20cd6bc658a461f560e458b440b3b7e18e
2024-03-04 07:47:58 +01:00
eldritch horrors 8f5d0d4c05 Merge pull request #9687 from edolstra/withFramedSink-ctrl-c-hang
withFramedSink(): Receive interrupts on the stderr thread

(cherry picked from commit 965cfe96886c988c3aa94bfc7fefdd37325f4536)
Change-Id: I8320a96957c01ec0e3450d1b3ae38a3baff78d49
2024-03-04 07:40:17 +01:00
eldritch horrors 137673de56 Merge pull request #9681 from edolstra/eval-optimisations
Optimize empty list constants

(cherry picked from commit 315aade89d00c692715e5953c36a1b7d6528b703)
Change-Id: I0f28ef8a27ccedc45acf44243eec9dc35b733300
2024-03-04 07:39:12 +01:00
eldritch horrors 6b279cd10e Merge pull request #9658 from pennae/env-diet
reduce the size of Env by one pointer

(cherry picked from commit 83f5622545a2fc31eb7e7d5105f64ed6dd3058b3)
Change-Id: I5636290526d0165cfc61aee1e7a5b94db4a26cef
2024-03-04 07:37:45 +01:00
eldritch horrors cd326a2aa4 Merge pull request #9673 from pennae/drv-parse-opts
optimize derivation parsing

(cherry picked from commit 3511430902941f0f26dc71313a54bb5096f57305)
Change-Id: I00f76dcd464a5811944613731501af504b6e8c29
2024-03-04 07:36:51 +01:00
eldritch horrors 96f1a404d0 Merge pull request #9617 from 9999years/stack-overflow-segfault
Fix segfault on infinite recursion in some cases

(cherry picked from commit bf1b294bd81ca76c5ec9fe3ecd52196bf52a8300)
Change-Id: Id137541426ec8536567835953fccf986a3aebf16
2024-03-04 07:35:20 +01:00