Commit graph

17277 commits

Author SHA1 Message Date
Eelco Dolstra
9600109879
Merge pull request #6995 from matthewbauer/disable-sa-restart-on-macos
Disable SA_RESTART for some signals on macOS
2022-09-06 17:36:31 +02:00
Jonathan Ringer
6ce2e96c88
Docs: Add nix develop --command entry
Add example of nix develop being used to execuate a series of script
commands. This is common when doing things like CI/CD, and should be
represented in the official documentation.

Also useful for people looking for the 'nix develop' equivalent of
'nix-shell --run'.

Related:
 - https://github.com/NixOS/nix/issues/6908
 - https://github.com/NixOS/nix/issues/6908#issuecomment-1229266853
2022-09-06 08:18:29 -07:00
Matthew Bauer
77d3d3d18d Remove some signals 2022-09-06 09:47:53 -05:00
Eelco Dolstra
7f31c08224
Merge pull request #7002 from tweag/reset-timestamps-in-installer
Installer: Reset the timestamps in the tarball
2022-09-06 13:19:56 +02:00
Valentin Gagarin
59be1e500a generalize anchor redirects
renaming section headers and changing manually set `id`s will break URLs
in the wild.

this change allows keeping track of all changes to ensure backwards
compatibility.
2022-09-06 00:49:16 +02:00
Théophane Hufschmitt
089f584173
Merge pull request #6980 from virusdave/patch-1
Set `HOME` var to `root`'s home when running `nix-store` as `root`
2022-09-05 16:21:05 +02:00
Sandro
408dcfc0d3
Improve experimental-features error wording 2022-09-05 15:42:10 +02:00
Théophane Hufschmitt
3fca5f6c69 Installer: Reset the timestamps in the tarball
Otherwise it isn't reproducible.

Fix https://github.com/NixOS/nix/issues/7001
2022-09-05 14:44:01 +02:00
Théophane Hufschmitt
df5159e7d3
Merge pull request #6993 from matthewbauer/dont-read-derivation-in-goal
Don’t readDerivation if impure derivations feature is disabled
2022-09-05 11:20:58 +02:00
Matthew Bauer
a47b5476e1 Add more signals 2022-09-03 16:06:33 -05:00
Matthew Bauer
102434e4cb Disable SA_RESTART for some signals on macOS
Disables the SA_RESTART behavior on macOS which causes:

> Restarting of pending calls is requested by setting the SA_RESTART bit
> in sa_flags. The affected system calls include read(2), write(2),
> sendto(2), recvfrom(2), sendmsg(2) and recvmsg(2) on a communications
> channel or a slow device (such as a terminal, but not a regular file)
> and during a wait(2) or ioctl(2).

From: https://man.openbsd.org/sigaction#SA_RESTART

This being set on macOS caused a bug where read() calls to the daemon
socket were blocking after a SIGINT was received. As a result,
checkInterrupt was never reached even though the signal was received
by the signal handler thread.

On Linux, SA_RESTART is disabled by default. This probably effects
other BSDs but I don’t have the ability to test it there right now.
2022-09-03 00:27:16 -05:00
Andrew Brooks
1f041ac54f Prevent tempdir from being GC-ed before addToStoreFromDump has renamed it
This fixes issue 6823 by placing the tempdir used in LocalStore::addToStoreFromDump
outside the Nix store, where automatic GC is no longer a concern.
2022-09-02 18:32:35 -05:00
Eelco Dolstra
0c7f213c87
Merge pull request #6990 from matthewbauer/no-space-in-zsh
Don’t add a space after attrs completion in zsh
2022-09-02 19:01:52 +02:00
Matthew Bauer
4894e567fb Don’t readDerivation if impure derivations feature is disabled
readDerivation is pretty slow, and while it may not be significant for
some use cases, on things like ghc-nix where we have thousands of
derivations is really slows things down.

So, this just doesn’t do the impure derivation check if the impure
derivation experimental feature is disabled. Perhaps we could cache
the result of isPure() and keep the check, but this is a quick fix to
for the slowdown introduced with impure derivations features in 2.8.0.
2022-09-02 11:46:34 -05:00
Matthew Bauer
dd3cd1a167
Apply suggestions from code review 2022-09-02 10:50:02 -05:00
Eelco Dolstra
a9af12e658
Merge pull request #6987 from matthewbauer/update-boehmgc-coroutine-sp-fallback-for-darwin
Update boehmgc-coroutine-sp-fallback.diff for darwin
2022-09-02 13:22:55 +02:00
Matthew Bauer
bd63ae7e18 Don’t add a space after attrs completion in zsh
This matches the behavior of bash. We don’t want to add a space after
completion on attrs. Uses -S.

Switches to new compadd style comppletions instead of _describe.
Shouldn’t have any negative issues from what I can tell.
2022-09-01 23:16:55 -05:00
Adam Joseph
e90f2fcfc7 glossary: add entry for chroot store (used 11 times in nix) 2022-09-01 18:28:05 -07:00
Adam Joseph
e6f5352e71 #binary-cache -> #gloss-binary-cache 2022-09-01 18:27:00 -07:00
Adam Joseph
1ab913467e linkify mention of other options 2022-09-01 18:03:35 -07:00
Adam Joseph
59dc8346ca move substituter signature-checking conditions to configuration file documentation 2022-09-01 17:51:56 -07:00
Adam Joseph
f6c750e8b2 glossary: remove extraneous comma 2022-09-01 17:48:34 -07:00
Adam Joseph
887e922be2 glossary: outputHash, not __outputHash 2022-09-01 17:47:13 -07:00
Adam Joseph
d5e064d816 glossary: fix broken link 2022-09-01 17:46:31 -07:00
Adam Joseph
57f12df5e4 input-addressed store object: include FODOs 2022-09-01 15:09:10 -07:00
Adam Joseph
8139bbe2ba implement https://github.com/NixOS/nix/pull/6870#pullrequestreview-1093700220 2022-09-01 15:01:07 -07:00
Adam Joseph
def4fb9a0f __outputHash: add link 2022-09-01 14:47:33 -07:00
Adam Joseph
1b2b8c39fd fix link to language/advanced-attributes.md#adv-attr-contentAddressed 2022-09-01 14:47:17 -07:00
Adam Joseph
0a98d564b3 glossary: resolve FIXME in #gloss-fixed-output-derivation 2022-09-01 14:41:27 -07:00
Adam Joseph
1f56b5d772 doc/manual: un-inline definitions from substitute 2022-09-01 14:13:21 -07:00
Adam Joseph
41153f30bd glossary: substituter: merge output-addressed cases 2022-09-01 14:13:21 -07:00
Adam Joseph
9cb8412143
Update doc/manual/src/glossary.md
Co-authored-by: John Ericson <git@JohnEricson.me>
2022-09-01 20:41:04 +00:00
Adam Joseph
2812682ebe
Update doc/manual/src/glossary.md
Co-authored-by: John Ericson <git@JohnEricson.me>
2022-09-01 20:40:39 +00:00
Adam Joseph
520587b9a0 glossary: local store: clarify 2022-09-01 13:39:48 -07:00
Max
02bff90e7b nix flake show: don't evaluate derivations for foreign systems by default 2022-09-01 22:04:22 +02:00
Matthew Bauer
f4d7208e23 Update boehmgc-coroutine-sp-fallback.diff for darwin
The darwin_stop_world implementation is slightly different. sp goes to
altstack_lo instead of lo in this case. Assuming that is an
implementation detail.

But the fix is the same, when we detect alstack_lo outside of the
expected stack range, we reset it to hi - stack_limit.

Here stack_limit is calculated with pthread_get_stacksize_np since
that is the BSD equivalent to pthread_attr_getstacksize.
2022-09-01 11:48:50 -05:00
Eelco Dolstra
4823067247
Merge pull request #6983 from edolstra/revert-6621
Revert "Merge pull request #6621 from Kha/nested-follows"
2022-09-01 16:07:17 +02:00
Eelco Dolstra
a8b3d777fb Revert "Merge pull request #6621 from Kha/nested-follows"
This reverts commit c530cda345, reversing
changes made to 4adcdff5c1.
2022-09-01 15:26:19 +02:00
Théophane Hufschmitt
c530cda345
Merge pull request #6621 from Kha/nested-follows
Fix nested flake input overrides
2022-09-01 12:04:00 +02:00
Rok Garbas
4adcdff5c1
Merge pull request #6973 from Enzime/skip-docker-push
Only push Docker image when Docker secrets are set
2022-08-31 23:52:37 +02:00
Dave Nicponski
a2b7baa42f
Set HOME var to root's home when running nix-store as root
A [recent-ish change](https://github.com/NixOS/nix/pull/6676) logs a warning when a potentially counterintuitive situation happens.

This now causes the multi-user installer to [emit a warning](https://github.com/NixOS/nixpkgs/issues/189043) when it's doing
the "seed the Nix database" step via a low-level `nix-store --load-db` invocation.

`nix-store` functionality implementations don't actually use profiles or channels or homedir as far as i can tell.  So why are we 
hitting this code at all?  

Well, the current command approach for functionality here builds a [fat `nix` binary](https://github.com/NixOS/nix/blob/master/src/nix/local.mk#L23-L26) which has _all_ the functionality of
previous individual binaries (nix-env, nix-store, etc) bundled in, then [uses the invocation name](https://github.com/NixOS/nix/blob/master/src/nix/main.cc#L274-L277) to select the
set of commands to expose.  `nix` itself has this behavior, even when just trying to parse the (sub)command and arguments:

```
dave @ davembp2
$ nix
error: no subcommand specified
Try 'nix --help' for more information.

dave @ davembp2
$ sudo nix
warning: $HOME ('/Users/dave') is not owned by you, falling back to the one defined in the 'passwd' file
error: no subcommand specified
Try 'nix --help' for more information.

dave @ davembp2
$ HOME=~root sudo nix
error: no subcommand specified
Try 'nix --help' for more information.
```

This behavior can also be seen pretty easily with an arbitrary `nix-store` invocation:
```
dave @ davembp2 
$ nix-store --realize

dave @ davembp2 
$ sudo nix-store --realize  # what installer is doing now
warning: $HOME ('/Users/dave') is not owned by you, falling back to the one defined in the 'passwd' file

dave @ davembp2
$ sudo HOME=~root nix-store --realize  # what this PR effectively does

dave @ davembp2
$ 
```
2022-08-31 17:25:26 -04:00
Valentin Gagarin
f35b3aa47b do not use unwarranted pkgs in example 2022-08-31 09:16:37 +02:00
Michael Hoang
85248543b5 Only push Docker image when Docker secrets are set 2022-08-29 23:59:57 +10:00
Eelco Dolstra
ddb82ffda9
Merge pull request #6972 from sashashura/patch-1
GitHub Workflows security hardening
2022-08-29 09:29:51 +02:00
Eelco Dolstra
1f2b12b30e
Merge pull request #6968 from fricklerhandwerk/man-no-weblinks
do not render relative links in help pages
2022-08-29 08:46:35 +02:00
Alex
90ba893329
Update backport.yml 2022-08-28 21:59:29 +01:00
Sebastian Ullrich
6f65c11780 Fix overlapping flake follows 2022-08-28 11:50:25 +02:00
Sebastian Ullrich
2b9d381301 Fix nested flake input overrides 2022-08-28 11:47:25 +02:00
Valentin Gagarin
e7dcacbd7c do not render relative links in help pages
this simplifies the setup a lot, and avoids weird looking `./file.md`
links showing up.

it also does not show regular URLs any more. currently the command
reference only has few of them, and not showing them in the offline
documentation is hopefully not a big deal.

instead of building more special-case solutions, clumsily preprocessing
the input, or issuing verbal rules on dealing with URLs, should better
be solved sustainably by not rendering relative links in `lowdown`:

https://github.com/kristapsdz/lowdown/issues/105
2022-08-26 17:10:41 +02:00
Eelco Dolstra
7918adbb62
Merge pull request #6954 from winterqt/darwin-sandbox-trustd
fix(libstore): allow access to trustd on macOS
2022-08-26 11:45:00 +02:00