Commit graph

16 commits

Author SHA1 Message Date
Eelco Dolstra
4af2611bd1
Allow builders to create activities
Actually, currently they can only create download activities. Thus,
downloads by builtins.fetchurl show up in the progress bar.
2017-08-21 12:18:46 +02:00
Eelco Dolstra
6cc6c15a2d
Add a seccomp filter to prevent creating setuid/setgid binaries
This prevents builders from setting the S_ISUID or S_ISGID bits,
preventing users from using a nixbld* user to create a setuid/setgid
binary to interfere with subsequent builds under the same nixbld* uid.

This is based on aszlig's seccomp code
(47f587700d).

Reported by Linus Heckemann.
2017-05-29 16:14:10 +02:00
Eelco Dolstra
a2d92bb20e
Add --with-sandbox-shell configure flag
And add a 116 KiB ash shell from busybox to the release build. This
helps to make sandbox builds work out of the box on non-NixOS systems
and with diverted stores.
2017-05-15 17:36:32 +02:00
Eelco Dolstra
c5f23f10a8
Replace readline by linenoise
Using linenoise avoids a license compatibility issue (#1356), is a lot
smaller and doesn't pull in ncurses.
2017-05-10 18:37:42 +02:00
Eelco Dolstra
73bba12d8b
Check for libreadline 2017-04-28 16:53:56 +02:00
Eelco Dolstra
98a2adb135
Simplify building nix-perl in nix-shell 2017-04-26 17:04:45 +02:00
Eelco Dolstra
921a2aeb05
Make "nix repl" build 2017-04-25 18:48:40 +02:00
Eelco Dolstra
915f62fa19
shell.nix: Remove more dependencies
Thanks @copumpkin.
2017-04-10 17:23:15 +02:00
Eelco Dolstra
53edb55588
shell.nix: Remove obsolete flags 2017-04-10 11:50:01 +02:00
Eelco Dolstra
e8186085e0
Add support for brotli compression
Build logs on cache.nixos.org are compressed using Brotli (since this
allows them to be decompressed automatically by Chrome and Firefox),
so it's handy if "nix log" can decompress them.
2017-03-15 16:49:06 +01:00
Eelco Dolstra
1102c77919
shell.nix: Add a flag for using clang 2017-01-24 10:53:18 +01:00
Eelco Dolstra
11f0680f69
Revert "shell.nix: Add libseccomp"
This reverts commit 1df82b6245.
2016-12-19 11:52:18 +01:00
Eelco Dolstra
5278bb7c16
Merge branch 'master' of github.com:NixOS/nix 2016-12-15 12:31:52 +01:00
Eelco Dolstra
1df82b6245
shell.nix: Add libseccomp 2016-12-15 12:31:35 +01:00
Linus Heckemann
6b30e1462e Add missing DBD::SQLite to shell.nix 2016-12-11 17:13:18 +00:00
Eelco Dolstra
09191caea8
Add shell.nix 2016-12-06 17:17:29 +01:00