Commit graph

7517 commits

Author SHA1 Message Date
Eelco Dolstra 5885e20404
Merge pull request #3429 from LnL7/darwin-sandbox
darwin sandbox
2020-03-23 09:13:36 +01:00
Greg Price 26851dd2c2 installer: Set files read-only when copying into store
After installing Nix, I found that all the files and directories
initially copied into the store were writable, with mode 644 or 755:

  drwxr-xr-x 9 root root 4096 Dec 31  1969 /nix/store/ddmmzn4ggz1f66lwxjy64n89864yj9w9-nix-2.3.3

The reason is that that's how they were in the unpacked tarball, and
the install-multi-user script used `rsync -p` without doing anything
else to affect the permissions.

The plain `install` script for a single-user install takes care to
do a `chmod -R a-w` on each store path copied.  We could do the same
here with one more command; or we can pass `--chmod` to rsync, to
have it write the files with the desired modes in the first place.

Tested the new `rsync` command on both a Linux machine with a
reasonably-modern rsync (3.1.3) and a Mac with its default, ancient,
rsync 2.6.9, and it works as expected on both.  Thankfully the latter
is just new enough to have `--chmod`, which dates to rsync 2.6.7.
2020-03-22 23:07:20 -07:00
Ben Burdette f694f43d7d straightforward port of rust mockup code 2020-03-22 12:25:47 -06:00
Domen Kožar 7bc1961e1f
Merge pull request #3431 from pmiddend/install-script-test-for-xz
installer: also test for xz to unpack
2020-03-21 10:40:16 +01:00
Philipp Middendorf 9450dece24 installer: also test for xz to unpack 2020-03-21 09:31:39 +01:00
Daiderd Jordan 2e9bc1245c
sandbox: fix /bin/sh on catalina
Sadly 10.15 changed /bin/sh to a shim which executes bash, this means it
can't be used anymore without also opening up the sandbox to allow bash.

    Failed to exec /bin/bash as variant for /bin/sh (1: Operation not permitted).
2020-03-20 22:12:30 +01:00
Daiderd Jordan f6c122aaeb
sandbox: allow pty devices
Nix now runs builds with a pseudo-terminal to enable colored build
output.
2020-03-20 21:58:45 +01:00
Daiderd Jordan 7f2df903d9
libstore: relax default sandbox-paths on darwin 2020-03-20 21:31:20 +01:00
Daiderd Jordan afb78ebd34
libstore: disable resolve-system-dependencies hook
This is used to determine the dependency tree of impure libraries so nix
knows what paths to open in the sandbox.  With the less restrictive
defaults it isn't needed anymore.
2020-03-20 21:21:56 +01:00
Eelco Dolstra 4ef43198f3
Merge pull request #3426 from jakobrs/remote-gc-delete-opt
Remove the --delete option for --gc. Fixes #3343
2020-03-20 09:34:20 +01:00
jakobrs c5a488afc0 Remove the --delete option for --gc
Running `nix-store --gc --delete` will, as of Nix 2.3.3, simply fail
because the --delete option conflicts with the --delete operation.

  $ nix-store --gc --delete
  error: only one operation may be specified
  Try 'nix-store --help' for more information.

Furthermore, it has been broken since at least Nix 0.16 (which was
released sometime in 2010), which means that any scripts which depend
on it should have been broken at least nine years ago. This commit
simply formally removes the option. There should be no actual difference
in behaviour as far as the user is concerned: it errors with the exact
same error message. The manual has been edited to remove any references
to the (now gone) --delete option.

Other information:
* Path for Nix 0.16 used:
  /nix/store/rp3sgmskn0p0pj1ia2qwd5al6f6pinz4-nix-0.16
2020-03-19 19:41:23 +01:00
Eelco Dolstra ef74fafc03
nix repl: Put EvalState on the heap
See 0629601da1.
2020-03-19 13:52:28 +01:00
Eelco Dolstra b244e65cdb
nix repl: Scan NixRepl for GC roots
Fixes #3175.
2020-03-19 13:50:01 +01:00
Eelco Dolstra b79b81dd2d
Merge pull request #3413 from Ericson2314/include-regex
Add missing `#include <regex>`
2020-03-14 09:25:06 +01:00
John Ericson 68fe0d9809 Add missing #include <regex> 2020-03-13 21:24:35 -04:00
Eelco Dolstra 779ef8f5ef
Merge pull request #3380 from contrun/no-attr-path-for-installed
display attr-path only when queried available
2020-03-13 19:26:20 +01:00
Eelco Dolstra 59c37112a9 README.md: Remove reference to OpenSSL
The OpenSSL files were removed in a6ca68a70c.

https://salsa.debian.org/debian/nix/issues/3
2020-03-13 18:42:53 +01:00
Eelco Dolstra 5392884eb1 Remove the 'release' job
Unless the 'tested' job in the Nixpkgs/NixOS jobsets, this job isn't
actually used for anything (e.g. we don't update a channel based on
whether 'release' succeeds).
2020-03-13 18:34:10 +01:00
Eelco Dolstra a692f90c80
Merge pull request #3410 from edolstra/no-tarball
Remove the tarball job
2020-03-13 18:20:09 +01:00
Eelco Dolstra 7c39201bcb
Remove the tarball job
Source tarballs are not very useful anymore. People who want to build
from source can also just build from the Git repository. Once upon a
time, the source tarball also saved users from needing a few
dependencies (e.g. bison and flex) but those are dwarfed by the other
dependencies, so it's no longer worth it.

Note: the release script should be updated to copy the vendoredCrates
tarball.
2020-03-13 18:05:22 +01:00
YI b6d794fb8d display attr-path only when queried available 2020-03-14 00:36:26 +08:00
Eelco Dolstra eab7d790a3
Merge pull request #3409 from NixOS/github-actions
Add CI with github actions
2020-03-13 16:53:35 +01:00
Eelco Dolstra c0a3ff7d47
Fix macOS 2020-03-13 16:39:35 +01:00
Eelco Dolstra 858ad7a4b3 Remove callout graphics
Fixes #3396.
2020-03-13 16:32:43 +01:00
Eelco Dolstra 90b805ef25
Remove build and binaryTarball since they're included in installerScript 2020-03-13 15:56:25 +01:00
Domen Kožar 30962d21be
Add CI with github actions 2020-03-13 15:41:16 +01:00
Eelco Dolstra 9c7e90f414
style.css: Remove
This file is licensed under the GPL. Originally, Nix was also
GPL-licensed so that was fine. However, we later changed the license
to the LGPL but missed the fact that style.css has an incompatible
license.

Since the Nix manual at nixos.org uses its own styling, we can remove
this file.

Fixes #3392.
2020-03-13 15:02:32 +01:00
Eelco Dolstra cc5c81822d
mk/README.md: Remove
The make-rules repo is not maintained.
2020-03-13 14:50:51 +01:00
Eelco Dolstra b816515f61
Fix ca-references feature check
Fixes #3406.
2020-03-13 13:15:51 +01:00
Eelco Dolstra d048577909
Merge pull request #3403 from hercules-ci/issue-3398-path-info-cache-ttls
pathInfoCache: Respect disk cache TTLs #3398
2020-03-12 11:43:31 +01:00
Robert Hensing 3f55f8a8fb pathInfoCache: Respect disk cache TTLs #3398 2020-03-12 10:30:28 +01:00
Will Dietz 15edd2349e local.mk: fix user-env.cc dep on buildenv.nix.gen.hh, resolve occasional build failure 2020-03-12 00:51:56 +01:00
Robert Hensing 9080d5d924 README, error msg: http -> https 2020-03-11 19:41:22 +01:00
Eelco Dolstra 9950cdec35 Move some corepkgs into the nix binary 2020-03-11 16:57:48 +01:00
Eelco Dolstra e02481ded2 parseExprFromString(): Use std::string_view 2020-03-11 16:56:29 +01:00
Eelco Dolstra e063c71a79
nixos.org/releases -> releases.nixos.org 2020-03-11 10:33:23 +01:00
Eelco Dolstra 8a1d8701f6
nix-store -q --graph: Fix edges
Fixes #3389.
2020-03-10 11:11:46 +01:00
Eelco Dolstra 983fab7ea9
dotgraph.cc: Remove dead code 2020-03-10 11:06:55 +01:00
Eelco Dolstra 5e086ba8c3
nix-perl: Fix segfault in queryPathInfo) 2020-03-10 11:00:17 +01:00
Eelco Dolstra d37dc71e3c
nix-build: Fix !<output> handling
This was broken by 22a754c091.

https://hydra.nixos.org/eval/1573669
2020-03-04 13:56:17 +01:00
Eelco Dolstra 887030f211
Merge branch 'emacs_lambda_indentation' of https://github.com/tbsmoest/nix-1 2020-03-04 11:58:45 +01:00
Eelco Dolstra 75db069f92
Optimise Derivation::unparse()
In

  nix-instantiate --dry-run '<nixpkgs/nixos/release-combined.nix>' -A nixos.tests.simple.x86_64-linux

this reduces time spent in unparse() from 9.15% to 4.31%. The main
culprit was appending characters one at a time to the destination
string. Even though the string has enough capacity, push_back() still
needs to check this on every call.
2020-03-04 11:44:45 +01:00
Eelco Dolstra 401b5bc541
builtins.cache: Cache regular expressions
The evaluator was spending about 1% of its time compiling a small
number of regexes over and over again.
2020-03-04 11:44:33 +01:00
Eelco Dolstra d700eecea9
Add test for foldl' 2020-03-04 11:43:48 +01:00
Eelco Dolstra 22a754c091
Fix GC failures on bad store path names
It failed on names like '/nix/store/9ip48nkc9rfy0a4yaw98lp6gipqlib1a-'.
2020-02-28 18:07:10 +01:00
Tobias Möst f6fd01bd19 .dir-locals.el: Set additional lambda indentation to zero 2020-02-20 07:56:35 +01:00
Eelco Dolstra 2e953b567e
Merge pull request #3325 from xzfc/clean-tmpdir
nix-shell: clean up the tmpDir and escape variables
2020-02-19 21:29:18 +01:00
Albert Safin f2a03acf3f nix-shell: clean up the tmpDir and escape variables
The problem fixed: each nix-shell invocation creates a new temporary
directory (`/tmp/nix-shell-*`) and never cleans up.

And while I'm here, shellescape all variables inlined into the rcfile.
See what might happen without escaping:

    $ export TZ="';echo pwned'"
    $ nix-shell -p hello --run hello
    pwned
    Hello, world!
2020-02-19 14:28:49 +00:00
Eelco Dolstra 2ba67da053
Merge pull request #3332 from Calvin-L/patch-1
Document that autoconf is a dependency
2020-02-19 13:02:35 +01:00
Eelco Dolstra 2a14c28669
Merge pull request #3357 from carlosdagos/pure-nix-shell-proxy-env
Pass through http proxy env vars in pure shell
2020-02-19 13:02:02 +01:00