Commit graph

13259 commits

Author SHA1 Message Date
Théophane Hufschmitt
16c6c6c963
Merge pull request #6676 from virusdave/dnicponski/scratch/swap_homedir_check_master
Verify this if `$HOME` exists, it is owned by current user in `getHome()`
2022-06-20 21:17:22 +02:00
Fishhh
df21173b70
Add another test for --exclude in nix search 2022-06-20 19:21:45 +02:00
Fishhh
4ade8a5f25
Fix arity of --exclude flag in nix search
Due to incorrectly using the Handler(vector<string>*) constructor the
`--exclude` flag would swallow all proceeding arguments instead of just
one.
2022-06-20 18:00:32 +02:00
Naïm Favier
d6d0e781bb
Complete flake inputs for all given flakes
Allow `nix build flake1 flake2 --update-input <Tab>` to complete the
inputs of both flakes.

Also do tilde expansion so that `nix build ~/flake --update-input <Tab>`
works.
2022-06-20 04:17:13 +02:00
Dave Nicponski
ca2be509b9 Verify $HOME is owned by current user in getHome(), if it exists.
Useful because a default `sudo` on darwin doesn't clear `$HOME`, so things like `sudo nix-channel --list`
will surprisingly return the USER'S channels, rather than `root`'s.

Other counterintuitive outcomes can be seen in this PR description:
  https://github.com/NixOS/nix/pull/6622
2022-06-17 17:42:08 -04:00
Travis A. Everett
fe76b9f4b4 doc: fix some darwin uninstall gaps 2022-06-16 09:37:52 -05:00
Théophane Hufschmitt
7e301fd74e
Merge pull request #6620 from maralorn/fix-print-missing
respect print-missing variable in new-style build command
2022-06-16 13:23:15 +02:00
Lorenzo Manacorda
475249db8a libstore: improve warning message on missing sig
Clarifies that the substitute will be ignored/skipped.
2022-06-15 17:34:28 +02:00
Tom Bereknyei
51268ceb79 Merge branch 'master' into nix-repl-flakes 2022-06-15 09:17:03 -04:00
tomberek
dae4a8a6c8
Apply suggestions from code review
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2022-06-15 09:02:36 -04:00
Théophane Hufschmitt
63df0fda94
Merge pull request #6615 from WhyNotHugo/man-improvements
Add disambiguation to man page
2022-06-15 10:41:52 +02:00
Eelco Dolstra
3720a4f6cf
Merge pull request #6662 from tweag/stiky-non-flake-overrides
flake.cc: Make non-flake overrides sticky
2022-06-14 19:47:11 +02:00
Hugo Osvaldo Barrera
fd7f795750 Add disambiguation to man page
This should help future lost newcomers like myself understand where to
find the docs for both of these commands and how they differ.
2022-06-14 18:13:35 +02:00
Maximilian Bosch
98946e2d9c
nix-shell: restore backwards-compat with old nixpkgs
Basically an attempt to resume fixing #5543 for a breakage introduced
earlier[1]. Basically, when evaluating an older `nixpkgs` with
`nix-shell` the following error occurs:

    λ ma27 [~] → nix-shell -I nixpkgs=channel:nixos-18.03 -p nix
    error: anonymous function at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/default.nix:20:1 called with unexpected argument 'inNixShell'

           at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/impure.nix:82:1:

               81|
               82| import ./. (builtins.removeAttrs args [ "system" "platform" ] // {
                 | ^
               83|   inherit config overlays crossSystem;

This is a problem because one of the main selling points of Nix is that
you can evaluate any old Nix expression and still get the same result
(which also means that it *still evaluates*). In fact we're deprecating,
but not removing a lot of stuff for that reason such as unquoted URLs[2]
or `builtins.toPath`. However this property was essentially thrown away
here.

The change is rather simple: check if `inNixShell` is specified in the
formals of an auto-called function. This means that

    { inNixShell ? false }:
    builtins.trace inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will show `trace: true` while

    args@{ ... }:
    builtins.trace args.inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will throw the following error:

    error: attribute 'inNixShell' missing

This is explicitly needed because the function in
`pkgs/top-level/impure.nix` of e.g. NixOS 18.03 has an ellipsis[3], but
passes the attribute-set on to another lambda with formals that doesn't
have an ellipsis anymore (hence the error from above). This was perhaps
a mistake, but we can't fix it anymore. This also means that there's
AFAICS no proper way to check if the attr-set that's passed to the Nix
code via `EvalState::autoCallFunction` is eventually passed to a lambda
with formals where `inNixShell` is missing.

However, this fix comes with a certain price. Essentially every
`shell.nix` that assumes `inNixShell` to be passed to the formals even
without explicitly specifying it would break with this[4]. However I think
that this is ugly, but preferable:

* Nix 2.3 was declared stable by NixOS up until recently (well, it still
  is as long as 21.11 is alive), so most people might not have even
  noticed that feature.

* We're talking about a way shorter time-span with this change being
  in the wild, so the fallout should be smaller IMHO.

[1] 9d612c393a
[2] https://github.com/NixOS/rfcs/pull/45#issuecomment-488232537
[3] https://github.com/NixOS/nixpkgs/blob/release-18.03/pkgs/top-level/impure.nix#L75
[4] See e.g. the second expression in this commit-message or the changes
    for `tests/ca/nix-shell.sh`.
2022-06-13 23:29:28 +02:00
Alexander Bantyev
d82a3dc70d
flake.cc: Make non-flake overrides sticky
Overrides for inputs with flake=false were non-sticky, since they
changed the `original` in `flake.lock`. This fixes it, by using the same
locked original for both flake and non-flake inputs.
2022-06-13 20:49:16 +04:00
Eelco Dolstra
9f58df4c91
Merge pull request #6619 from Jonpez2/patch-1
Add security.csm to ignored-acls
2022-06-13 16:23:13 +02:00
Eelco Dolstra
798efdf10b
Merge pull request #6027 from Ma27/pure-repl
repl: `--option pure-eval true` actually enables pure eval mode
2022-06-13 16:11:46 +02:00
Eelco Dolstra
2fef24f528
Merge pull request #6634 from lovesegfault/fix-getgrouplist
fix(libstore/lock): support users that belong to more than 10 groups
2022-06-13 15:45:09 +02:00
Eelco Dolstra
9a26a01475
Merge pull request #6639 from Artturin/checkse
install-multi-user: check if selinux is enabled and if it is then abort
2022-06-13 15:42:43 +02:00
Eelco Dolstra
95eccfd5db
Merge pull request #6648 from andersk/missing-rethrow
Add missing rethrows in conditional exception handlers
2022-06-13 15:37:38 +02:00
Théophane Hufschmitt
03226aa053
Merge pull request #6651 from ncfavier/nix-build-stop-logger
nix-build: stop logger when appropriate
2022-06-13 10:43:14 +02:00
Théophane Hufschmitt
84c4666467
Merge pull request #6653 from Misterio77/readd-sourcehut-regex-matching
fix sourcehut brach/tag resolving regression
2022-06-13 08:57:34 +02:00
Gabriel Fontes
9f6b4639c2
fix sourcehut brach/tag resolving regression
nixos/nix#6290 introduced a regex pattern to account for tags when
resolving sourcehut refs. nixos/nix#4638 reafactored the code,
accidentally treating the pattern as a regular string, causing all
non-HEAD ref resolving to break.

This fixes the regression and adds more test cases to avoid future
breakage.
2022-06-11 16:52:20 -03:00
Travis A. Everett
edfcc8256e doc: add install test info to hacking.md 2022-06-11 13:30:51 -05:00
Naïm Favier
502d7d9092
nix-build: stop logger when appropriate
Reverts b944b588fa in `nix-build.cc`.
2022-06-11 15:17:35 +02:00
Théophane Hufschmitt
37fc4d73bb
Merge pull request #6646 from YorikSar/file-impure-doc
Mention that -f implies --impure for eval in docs
2022-06-11 08:48:16 +02:00
Ben Burdette
49ff4ef637 remove unused parameter 2022-06-10 12:22:36 -06:00
Anders Kaseorg
754cd53faf Add missing rethrows in conditional exception handlers
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-06-10 10:52:41 -07:00
Yuriy Taraday
65d09fce22 Mention that -f implies --impure for eval in docs
Right now this is not mentioned anywhere and it is unexpected.
2022-06-10 19:16:17 +04:00
Théophane Hufschmitt
45ebaab665
Merge pull request #6643 from ncfavier/fix-git-again
libfetchers/git: add missing `--git-dir` flags
2022-06-10 14:33:32 +02:00
Théophane Hufschmitt
e557f86490
Merge pull request #6641 from NixOS/fix-docker-ci-job
Correctly get the nix version in the docker job
2022-06-10 13:36:30 +02:00
Naïm Favier
da8f8668ca
libfetchers/git: add missing --git-dir flags 2022-06-10 12:57:13 +02:00
Théophane Hufschmitt
460117a238 Correctly get the nix version in the docker job
`defaultPackage` doesn't exist anymore, so we can't use it.
Instead just use the new CLI which should be more robust to these
changes

Fix #6640
2022-06-10 12:09:09 +02:00
Théophane Hufschmitt
17e54a602e
Merge pull request #6637 from sidkshatriya/small-move-optimization-2
nix-env: A small std::move() optimization
2022-06-10 10:28:37 +02:00
Jonpez2
3f5f84258d
Update docker.nix
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2022-06-10 09:17:28 +01:00
Artturin
bd3a17d00c install-multi-user: check if selinux is enabled and if it is then abort 2022-06-10 05:12:03 +03:00
Sidharth Kshatriya
7868405d58 nix-env: A small std::move() optimization
Avoids doing a O(n) copy of Strings i.e. std::list<std::string>
2022-06-09 20:01:01 +05:30
Eelco Dolstra
1bc17ae617
Merge pull request #6635 from sidkshatriya/small-move-optimization
nix-store: small std::move() optimization
2022-06-09 13:48:48 +02:00
Sidharth Kshatriya
3efea3d28a nix-store: small std::move() optimization 2022-06-09 16:25:26 +05:30
Bernardo Meurer
931930feb1 fix(libstore/lock): support users that belong to more than 10 groups
The manpage for `getgrouplist` says:

> If the number of groups of which user is a member is less than or
> equal to *ngroups, then the value *ngroups is returned.
>
> If the user is a member of more than *ngroups groups, then
> getgrouplist() returns -1.  In this case, the value returned in
> *ngroups can be used to resize the buffer passed to a further
> call getgrouplist().

In our original code, however, we allocated a list of size `10` and, if
`getgrouplist` returned `-1` threw an exception. In practice, this
caused the code to fail for any user belonging to more than 10 groups.

While unusual for single-user systems, large companies commonly have a
huge number of POSIX groups users belong to, causing this issue to crop
up and make multi-user Nix unusable in such settings.

The fix is relatively simple, when `getgrouplist` fails, it stores the
real number of GIDs in `ngroups`, so we must resize our list and retry.
Only then, if it errors once more, we can raise an exception.

This should be backported to, at least, 2.9.x.
2022-06-08 13:45:41 -04:00
Eelco Dolstra
12e86c0735
Merge pull request #6630 from edolstra/boost-dylib
Remove ${boost}/lib from the RPATH
2022-06-08 17:55:21 +02:00
Eelco Dolstra
7b968af930
Update docker.nix
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2022-06-08 17:41:31 +02:00
Eelco Dolstra
4a3f217bde
Remove ${boost}/lib from the RPATH 2022-06-08 15:51:35 +02:00
Théophane Hufschmitt
34d90fbe22 Mention the parallel copy in the release notes 2022-06-08 15:25:52 +02:00
Théophane Hufschmitt
480c2b6699 Rewrite the CA paths when moving them between store
Bring back the possibility to copy CA paths with no reference (like the
outputs of FO derivations or stuff imported at eval time) between stores
that have a different prefix.
2022-06-08 15:13:11 +02:00
Théophane Hufschmitt
cb0553ecd0 Restore the "low-latency" ssh copying 2022-06-08 14:03:46 +02:00
Théophane Hufschmitt
694b12052a
Merge pull request #6624 from NixOS/new-flake-style
flake.nix: Convert to new naming convention
2022-06-08 13:34:09 +02:00
Eelco Dolstra
e88892dc21
Merge pull request #6627 from asymmetric/key-comment
Fix missing ` in key manual
2022-06-08 12:10:52 +02:00
Lorenzo Manacorda
814ddfa5f5 Fix missing ` in key manual 2022-06-08 11:46:50 +02:00
Jonpez2
a7d25d339d
Add security.csm to the default ignore list 2022-06-08 09:32:14 +01:00