max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-24 14:56:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Commit graph

  • 74033a844f * Add indirect root registration to the protocol so that unprivileged processes can register indirect roots. Of course, there is still the problem that the garbage collector can only read the targets of the indirect roots when it's running as root... Eelco Dolstra 2006-12-04 23:29:16 +0000
  • 0d40f6d7bb * Not every OS knows about SIGPOLL. Eelco Dolstra 2006-12-04 22:58:44 +0000
  • 7751160e9f * Don't redirect stderr. Eelco Dolstra 2006-12-04 19:10:23 +0000
  • 40c3529909 * Handle exceptions and stderr for all protocol functions. * SIGIO -> SIGPOLL (POSIX calls it that). * Use sigaction instead of signal to register the SIGPOLL handler. Sigaction is better defined, and a handler registered with signal appears not to interrupt fcntl(..., F_SETLKW, ...), which is bad. Eelco Dolstra 2006-12-04 17:55:14 +0000
  • 0130ef88ea * Daemon mode (`nix-worker --daemon'). Clients connect to the server via the Unix domain socket in /nix/var/nix/daemon.socket. The server forks a worker process per connection. * readString(): use the heap, not the stack. * Some protocol fixes. Eelco Dolstra 2006-12-04 17:17:13 +0000
  • 4740baf3a6 * When NIX_REMOTE=daemon, connect to /nix/var/nix/daemon.socket instead of forking a worker. Eelco Dolstra 2006-12-04 14:21:39 +0000
  • f5f0cf423f * Refactoring. Eelco Dolstra 2006-12-04 13:28:14 +0000
  • 052b6fb149 * Pass the verbosity level to the worker. Eelco Dolstra 2006-12-04 13:15:29 +0000
  • 1e16d20655 * Install the worker in bindir, not libexecdir. * Allow the worker path to be overriden through the NIX_WORKER environment variable. Eelco Dolstra 2006-12-04 13:09:16 +0000
  • 9322b399f3 * Doh. Eelco Dolstra 2006-12-03 20:41:22 +0000
  • f4279bcde0 * Don't run setuid root when build-users is empty. * Send startup errors to the client. Eelco Dolstra 2006-12-03 16:25:19 +0000
  • 35247c4c9f * Removed build-allow-root'. * Added build-users-group', the group under which builds are to be performed. * Check that /nix/store has 1775 permission and is owner by the build-users-group. Eelco Dolstra 2006-12-03 15:32:38 +0000
  • 84d6459bd5 * Use setreuid if setresuid is not available. Eelco Dolstra 2006-12-03 14:32:22 +0000
  • a9f9241054 * Handle a subtle race condition: the client closing the socket between the last worker read/write and the enabling of the signal handler. Eelco Dolstra 2006-12-03 03:16:27 +0000
  • 3ed9e4ad9b * Some hardcore magic to handle asynchronous client disconnects. The problem is that when we kill the client while the worker is building, and the builder is not writing anything to stderr, then the worker never notice that the socket is closed on the other side, so it just continues indefinitely. The solution is to catch SIGIO, which is sent when the far side of the socket closes, and simulate an normal interruption. Of course, SIGIO is also sent every time the client sends data over the socket, so we only enable the signal handler when we're not expecting any data... Eelco Dolstra 2006-12-03 03:03:36 +0000
  • 4251f94b32 * Use a Unix domain socket instead of pipes. Eelco Dolstra 2006-12-03 02:36:44 +0000
  • 8c76df93e6 * Better error message if the worker doesn't start. Eelco Dolstra 2006-12-03 02:22:04 +0000
  • 363f40022f * Pid::kill() should be interruptable. Eelco Dolstra 2006-12-03 02:12:26 +0000
  • 7951c3c546 * Some hackery to propagate the worker's stderr and exceptions to the client. Eelco Dolstra 2006-12-03 02:08:13 +0000
  • 714fa24cfb * Run the worker in a separate session to prevent terminal signals from interfering. Eelco Dolstra 2006-12-03 00:52:27 +0000
  • e25fad691a * Move addTempRoot() to the store API, and add another function syncWithGC() to allow clients to register GC roots without needing write access to the global roots directory or the GC lock. Eelco Dolstra 2006-12-02 16:41:36 +0000
  • 30bf547f4f * Doh. Eelco Dolstra 2006-12-02 15:46:17 +0000
  • 536595b072 * Remove most of the old setuid code. * Much simpler setuid code for the worker in slave mode. Eelco Dolstra 2006-12-02 15:45:51 +0000
  • 9c9cdb06d0 * Remove SwitchToOriginalUser, we're not going to need it anymore. Eelco Dolstra 2006-12-02 14:34:14 +0000
  • 626f8ee42f * Clear NIX_REMOTE in the tests. Eelco Dolstra 2006-12-02 14:33:39 +0000
  • 8ba5d32769 * Remove queryPathHash(). * Help for nix-worker. Eelco Dolstra 2006-12-02 14:27:24 +0000
  • fcd9900d74 * Replace read-only calls to addTextToStore. Eelco Dolstra 2006-12-01 21:00:39 +0000
  • a824d58b56 * Merge addToStore and addToStoreFixed. * addToStore now adds unconditionally, it doesn't use readOnlyMode. Read-only operation is up to the caller (who can call computeStorePathForPath). Eelco Dolstra 2006-12-01 20:51:18 +0000
  • ceb982a1be * Right name. Eelco Dolstra 2006-12-01 18:02:05 +0000
  • b0d8e05be1 * More operations. * addToStore() and friends: don't do a round-trip to the worker if we're only interested in the path (i.e., in read-only mode). Eelco Dolstra 2006-12-01 18:00:01 +0000
  • 0565b5f2b3 * More remote operations. * Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0. Eelco Dolstra 2006-11-30 22:43:55 +0000
  • aac547a8b3 * Doh. Eelco Dolstra 2006-11-30 21:32:46 +0000
  • 0263279071 * More operations. Eelco Dolstra 2006-11-30 20:45:20 +0000
  • a711689368 * First remote operation: isValidPath(). Eelco Dolstra 2006-11-30 20:13:59 +0000
  • 765bdfe542 * When NIX_REMOTE is set to "slave", fork off nix-worker in slave mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. Eelco Dolstra 2006-11-30 19:54:43 +0000
  • 40b3f64b55 * Skeleton of the privileged worker program. * Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation. Eelco Dolstra 2006-11-30 19:19:59 +0000
  • 9adc074dc3 * Oops. Eelco Dolstra 2006-11-30 18:35:50 +0000
  • 9cf1948993 * Skeleton of remote store implementation. Eelco Dolstra 2006-11-30 18:35:36 +0000
  • 6ecb840fd1 * Put building in the store API. Eelco Dolstra 2006-11-30 18:02:04 +0000
  • e2ef5e07fd * Refactoring. There is now an abstract interface class StoreAPI containing functions that operate on the Nix store. One implementation is LocalStore, which operates on the Nix store directly. The next step, to enable secure multi-user Nix, is to create a different implementation RemoteStore that talks to a privileged daemon process that uses LocalStore to perform the actual operations. Eelco Dolstra 2006-11-30 17:43:04 +0000
  • 5f0b9de6d8 * Benchmarking Unix domain sockets. Eelco Dolstra 2006-11-30 15:06:46 +0000
  • fe15f991e3 * Troubleshooting information on fixing a b0rked Berkeley DB database. Eelco Dolstra 2006-11-30 11:24:10 +0000
  • 80b742dd52 * Don't spam. Eelco Dolstra 2006-11-29 22:07:49 +0000
  • 92417600a1 * Example script to set permissions for setuid operation. Roy van den Broek 2006-11-29 21:58:09 +0000
  • 71e867c5f5 * Remove --enable-setuid, --with-nix-user and --with-nix-group. Rather, setuid support is now always compiled in (at least on platforms that have the setresuid system call, e.g., Linux and FreeBSD), but it must enabled by chowning/chmodding the Nix binaries. Eelco Dolstra 2006-11-29 21:06:58 +0000
  • c6a97e3b74 * Doh! Path sizes need to be computed recursively of course. (NIX-70) Eelco Dolstra 2006-11-24 20:24:14 +0000
  • a76efaeb3f * Dead files. Eelco Dolstra 2006-11-24 20:07:30 +0000
  • d941186289 * Show more progress. Eelco Dolstra 2006-11-18 19:03:45 +0000
  • 0541ddc7e3 * Turn off synchronisation between C and C++ I/O functions. This gives a huge speedup in operations that read or write from standard input/output. (So libstdc++'s I/O isn't that bad, you just have to call std::ios::sync_with_stdio(false).) For instance, `nix-store --register-substitutes' went from 1.4 seconds to 0.1 seconds on a certain input. Another victory for Valgrind. Eelco Dolstra 2006-11-18 18:56:30 +0000
  • 471749ca7e * Grrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr... Eelco Dolstra 2006-11-14 19:18:52 +0000
  • 17d18b1a9c * Doh! Eelco Dolstra 2006-11-14 19:11:36 +0000
  • 0ddaee756e * Doh. Eelco Dolstra 2006-11-14 19:08:46 +0000
  • bce9ff7ece * Use the patched ATerm library. Eelco Dolstra 2006-11-14 15:36:27 +0000
  • 745e354b19 * Push. Eelco Dolstra 2006-11-14 10:23:21 +0000
  • f459a5bb3a * Remove the undocumented `noscan' feature. It's no longer necessary now that reference scanning is sufficiently streamy. Eelco Dolstra 2006-11-13 18:19:05 +0000
  • e2a70b7ec0 * Magic attribute exportReferencesGraph' that allows the references graph to be passed to a builder. This attribute should be a list of pairs [name1 path1 name2 path2 ...]. The references graph of each pathN' will be stored in a text file nameN' in the temporary build directory. The text files have the format used by nix-store --register-validity'. However, the deriver fields are left empty. Eelco Dolstra 2006-11-13 18:18:13 +0000
  • e40d4a5604 * Option --reregister' in nix-store --register-validity'. We need this in the NixOS installer (or in the buildfarm) to ensure that the cryptographic hash of the path contents still matches the actual contents. Eelco Dolstra 2006-11-13 16:48:27 +0000
  • e790404318 * Don't use the result of `uname -p' on x86_64 as it gives wacky results on some machines. (NIX-69) Eelco Dolstra 2006-11-13 14:54:18 +0000
  • 983c5e3fce * Fix the locking patch for Berkeley DB 4.5. Eelco Dolstra 2006-11-07 14:51:28 +0000
  • 7e85a2af5f * Fix importing of derivation outputs. Eelco Dolstra 2006-11-03 16:17:39 +0000
  • b3f916995a * Oops, `nix-build --no-out-link' was broken. Eelco Dolstra 2006-10-31 18:45:17 +0000
  • 005eecfc4d * Release notes. Eelco Dolstra 2006-10-30 16:29:05 +0000
  • 8478cd260f * readFile: don't overflow the stack on large files. Eelco Dolstra 2006-10-30 11:56:09 +0000
  • 8d17265ac4 * Don't use EPSV. Eelco Dolstra 2006-10-28 22:07:09 +0000
  • ae6fb27f18 * `nix-store --read-log / -l PATH' shows the build log of PATH, if available. For instance, Eelco Dolstra 2006-10-28 16:33:54 +0000
  • 99b0ea7c67 * Typo reported by Arie Middelkoop. * Left out close-quote in example. Eelco Dolstra 2006-10-26 23:06:47 +0000
  • dd300fb48d * Some better error messages. Eelco Dolstra 2006-10-23 16:45:19 +0000
  • 1d694eef4c * Require Perl 5.8.0 or newer. I mean, it *is* more than four years old... Eelco Dolstra 2006-10-19 19:20:18 +0000
  • 7a4497d98c * Checks for allowedReferences and some other features. * Use nix-build in a test. Eelco Dolstra 2006-10-19 17:44:51 +0000
  • 17f4883bfe * Better message. Eelco Dolstra 2006-10-19 17:43:58 +0000
  • 9bd93f7606 * toFile: maintain the references. Eelco Dolstra 2006-10-19 17:39:02 +0000
  • b3d3700e11 * nix-build: check the exit status of `nix-store -r'. Eelco Dolstra 2006-10-19 17:30:09 +0000
  • 6a67556f71 * Special derivation attribute `allowedReferences' that causes Nix to check that the references of the output of a derivation are in the specified set. For instance, Eelco Dolstra 2006-10-19 16:09:24 +0000
  • daa8f85fcd * Backwards compatibility hack for user environments made by Nix <= 0.10. Eelco Dolstra 2006-10-17 14:13:15 +0000
  • 24737f279e * Backwards compatibility with old user environment manifests. Eelco Dolstra 2006-10-17 14:01:45 +0000
  • 4bd5cdb90b * Print out the offending path. Eelco Dolstra 2006-10-17 14:01:28 +0000
  • 58ff6939f4 * An awful backwards compatibility hack. Eelco Dolstra 2006-10-17 12:58:42 +0000
  • 3059df0f1e * baseNameOf: paths don't have to be absolute. Eelco Dolstra 2006-10-17 12:34:13 +0000
  • 822dba2210 * Maintain the references for the user environment properly. Eelco Dolstra 2006-10-17 12:15:15 +0000
  • dfc042a0c1 * Another test. Eelco Dolstra 2006-10-17 11:16:02 +0000
  • 9e30694f98 * Fix the tests wrt the AST changes, i.e., Str(s) -> Str(s, []), and the semantic changes. Eelco Dolstra 2006-10-17 11:08:59 +0000
  • be1961c9f8 * toPath: should be the identity on paths. Eelco Dolstra 2006-10-17 11:07:11 +0000
  • cba913c521 * dirOf: return a path if the argument is a path. Eelco Dolstra 2006-10-17 11:05:34 +0000
  • cf705eaf78 * toString: don't copy paths. So toString can be used to pass non-store paths to a builder. Eelco Dolstra 2006-10-17 10:58:12 +0000
  • 7de5fe2fc2 * Do the path check on the normal form. Eelco Dolstra 2006-10-17 10:57:25 +0000
  • 46b631b6c4 * Don't generate an empty drvPath attribute in the manifest. Eelco Dolstra 2006-10-17 10:15:42 +0000
  • d7efd76394 * Big cleanup of the semantics of paths, strings, contexts, string concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Eelco Dolstra 2006-10-16 15:55:34 +0000
  • 4c9aa821b9 * Fix version. Eelco Dolstra 2006-10-13 14:08:14 +0000
  • 142863a89d * Use Berkeley DB 4.5. Eelco Dolstra 2006-10-13 12:11:30 +0000
  • 37c8a664f3 * A helpful message. Eelco Dolstra 2006-10-13 11:49:55 +0000
  • e4af398681 * Don't crash when upgrading the Berkeley DB environment. Eelco Dolstra 2006-10-13 11:15:53 +0000
  • 2a535689fe * Reduce the maximum archive size for patch generation to 100 MB to prevent trashing on nix.cs.uu.nl. Eelco Dolstra 2006-10-12 20:13:29 +0000
  • 7d4567f2cc * Removed URIs from the evaluator (NIX-66). They are now just another kind of notation for strings. Eelco Dolstra 2006-10-11 21:59:33 +0000
  • b4e012ab4d * Merge 0.10.1 release notes. Eelco Dolstra 2006-10-11 13:39:00 +0000
  • 0c4c5c2020 * Quick hack to fix NIX-67: evaluation result differing if the Nix expression resides in the store. Eelco Dolstra 2006-10-10 21:23:35 +0000
  • bd0c40e1e9 * import': unwrap the context. Necessary to make import (x + y)' work, where x is a store path. Eelco Dolstra 2006-10-10 15:07:23 +0000
  • 7bada48b36 * Bumped the version number to 0.11. Eelco Dolstra 2006-10-06 13:45:29 +0000
  • e1cc84259c * Too lazy to document nix-push --copy. Eelco Dolstra 2006-10-06 09:59:02 +0000
  • b3fc016061 * Translate Unicode quote characters to ASCII equivalents when generating NEWS.txt. Eelco Dolstra 2006-10-06 09:03:39 +0000
  • 3815d2d463 * Typos etc. * Set the release date. Eelco Dolstra 2006-10-06 07:47:56 +0000