maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:NixOS/nix into no-manifests

Browse source
This commit is contained in:
Eelco Dolstra 2012-07-11 18:53:27 -04:00
commit 04559a0d45
12 changed files with 88 additions and 206 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Makefile.am
View file

@ -1,6 +1,6 @@
SUBDIRS = src perl scripts corepkgs doc misc tests SUBDIRS = src perl scripts corepkgs doc misc tests
EXTRA_DIST = substitute.mk nix.spec nix.spec.in bootstrap.sh \ EXTRA_DIST = substitute.mk nix.spec nix.spec.in bootstrap.sh \
nix.conf.example NEWS version misc/systemd/nix-worker.service NEWS version misc/systemd/nix-worker.service
pkginclude_HEADERS = config.h pkginclude_HEADERS = config.h
@ -10,10 +10,6 @@ nix.spec: nix.spec.in
install-data-local: init-state install-data-local: init-state
$(INSTALL) -d $(DESTDIR)$(sysconfdir)/nix $(INSTALL) -d $(DESTDIR)$(sysconfdir)/nix
$(INSTALL_DATA) $(srcdir)/nix.conf.example $(DESTDIR)$(sysconfdir)/nix
if ! test -e $(DESTDIR)$(sysconfdir)/nix/nix.conf; then \
$(INSTALL_DATA) $(srcdir)/nix.conf.example $(DESTDIR)$(sysconfdir)/nix/nix.conf; \
fi
$(INSTALL) -d $(DESTDIR)$(docdir) $(INSTALL) -d $(DESTDIR)$(docdir)
$(INSTALL_DATA) README $(DESTDIR)$(docdir)/ $(INSTALL_DATA) README $(DESTDIR)$(docdir)/

2
corepkgs/Makefile.am
View file

@ -1,6 +1,6 @@
all-local: config.nix all-local: config.nix
files = nar.nix buildenv.nix buildenv.pl unpack-channel.nix unpack-channel.sh derivation.nix files = nar.nix buildenv.nix buildenv.pl unpack-channel.nix unpack-channel.sh derivation.nix fetchurl.nix
install-exec-local: install-exec-local:
$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs $(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs

1
corepkgs/config.nix.in
View file

@ -10,5 +10,6 @@ in {
xz = "@xz@"; xz = "@xz@";
tar = "@tar@"; tar = "@tar@";
tr = "@tr@"; tr = "@tr@";
curl = "@curl@";
nixBinDir = fromEnv "NIX_BIN_DIR" "@bindir@"; nixBinDir = fromEnv "NIX_BIN_DIR" "@bindir@";
} }

36
corepkgs/fetchurl.nix Normal file
View file

@ -0,0 +1,36 @@
with import <nix/config.nix>;
{system ? builtins.currentSystem, url, outputHash ? "", outputHashAlgo ? "", md5 ? "", sha1 ? "", sha256 ? ""}:
assert (outputHash != "" && outputHashAlgo != "")
|| md5 != "" || sha1 != "" || sha256 != "";
let
builder = builtins.toFile "fetchurl.sh"
''
echo "downloading $url into $out"
${curl} --fail --location --max-redirs 20 --insecure "$url" > "$out"
'';
in
derivation {
name = baseNameOf (toString url);
builder = shell;
args = [ "-e" builder ];
# New-style output content requirements.
outputHashAlgo = if outputHashAlgo != "" then outputHashAlgo else
if sha256 != "" then "sha256" else if sha1 != "" then "sha1" else "md5";
outputHash = if outputHash != "" then outputHash else
if sha256 != "" then sha256 else if sha1 != "" then sha1 else md5;
inherit system url;
# No need to double the amount of network traffic
preferLocalBuild = true;
# Don't build in a chroot because Nix's dependencies may not be there.
__noChroot = true;
}

2
doc/manual/Makefile.am
View file

@ -21,6 +21,8 @@ man1_MANS = nix-env.1 nix-build.1 nix-store.1 nix-instantiate.1 \
nix-prefetch-url.1 nix-channel.1 \ nix-prefetch-url.1 nix-channel.1 \
nix-install-package.1 nix-hash.1 nix-copy-closure.1 nix-install-package.1 nix-hash.1 nix-copy-closure.1
man5_MANS = nix.conf.5
man8_MANS = nix-worker.8 man8_MANS = nix-worker.8
FIGURES = figures/user-environments.png FIGURES = figures/user-environments.png

32
doc/manual/conf-file.xml
View file

@ -1,27 +1,36 @@
<section xmlns="http://docbook.org/ns/docbook" <refentry xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="sec-conf-file"> xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-conf-file">
<title>Nix configuration file</title> <refmeta>
<refentrytitle>nix.conf</refentrytitle>
<manvolnum>5</manvolnum>
<refmiscinfo class="source">Nix</refmiscinfo>
<refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo>
</refmeta>
<refnamediv>
<refname>nix.conf</refname>
<refpurpose>Nix configuration file</refpurpose>
</refnamediv>
<refsection><title>Description</title>
<para>A number of persistent settings of Nix are stored in the file <para>A number of persistent settings of Nix are stored in the file
<filename><replaceable>sysconfdir</replaceable>/nix/nix.conf</filename>. <filename><replaceable>sysconfdir</replaceable>/nix/nix.conf</filename>.
This file is a list of <literal><replaceable>name</replaceable> = This file is a list of <literal><replaceable>name</replaceable> =
<replaceable>value</replaceable></literal> pairs, one per line. <replaceable>value</replaceable></literal> pairs, one per line.
Comments start with a <literal>#</literal> character. An example Comments start with a <literal>#</literal> character. Here is an example
configuration file is shown in <xref linkend="ex-nix-conf" />.</para> configuration file:</para>
<example xml:id='ex-nix-conf'><title>Nix configuration file</title>
<programlisting> <programlisting>
gc-keep-outputs = true # Nice for developers gc-keep-outputs = true # Nice for developers
gc-keep-derivations = true # Idem gc-keep-derivations = true # Idem
env-keep-derivations = false env-keep-derivations = false
</programlisting> </programlisting>
</example>
<para>The following variables are currently available: <para>The following settings are currently available:
<variablelist> <variablelist>
@ -343,5 +352,6 @@ build-use-chroot = /dev /proc /bin</programlisting>
</para> </para>
</refsection>
</section> </refentry>

6
doc/manual/manual.xml
View file

@ -40,7 +40,6 @@
<title>Command Reference</title> <title>Command Reference</title>
<xi:include href="opt-common.xml" /> <xi:include href="opt-common.xml" />
<xi:include href="env-common.xml" /> <xi:include href="env-common.xml" />
<xi:include href="conf-file.xml" />
<section> <section>
<title>Main commands</title> <title>Main commands</title>
@ -63,6 +62,11 @@
<xi:include href="nix-worker.xml" /> <xi:include href="nix-worker.xml" />
</section> </section>
<section>
<title>Files</title>
<xi:include href="conf-file.xml" />
</section>
</appendix> </appendix>
<xi:include href="troubleshooting.xml" /> <xi:include href="troubleshooting.xml" />

181
nix.conf.example
View file

@ -1,181 +0,0 @@
### Option `gc-keep-outputs'
#
# If `true', the garbage collector will keep the outputs of
# non-garbage derivations. If `false' (default), outputs will be
# deleted unless they are GC roots themselves (or reachable from other
# roots).
#
# In general, outputs must be registered as roots separately.
# However, even if the output of a derivation is registered as a root,
# the collector will still delete store paths that are used only at
# build time (e.g., the C compiler, or source tarballs downloaded from
# the network). To prevent it from doing so, set this option to
# `true'.
#gc-keep-outputs = false
### Option `gc-keep-derivations'
#
# If `true' (default), the garbage collector will keep the derivations
# from which non-garbage store paths were built. If `false', they
# will be deleted unless explicitly registered as a root (or reachable
# from other roots).
#
# Keeping derivation around is useful for querying and traceability
# (e.g., it allows you to ask with what dependencies or options a
# store path was built), so by default this option is on. Turn it off
# to safe a bit of disk space (or a lot if `gc-keep-outputs' is also
# turned on).
#gc-keep-derivations = true
### Option `env-keep-derivations'
#
# If `false' (default), derivations are not stored in Nix user
# environments. That is, the derivation any build-time-only
# dependencies may be garbage-collected.
#
# If `true', when you add a Nix derivation to a user environment, the
# path of the derivation is stored in the user environment. Thus, the
# derivation will not be garbage-collected until the user environment
# generation is deleted (`nix-env --delete-generations'). To prevent
# build-time-only dependencies from being collected, you should also
# turn on `gc-keep-outputs'.
#
# The difference between this option and `gc-keep-derivations' is that
# this one is `sticky': it applies to any user environment created
# while this option was enabled, while `gc-keep-derivations' only
# applies at the moment the garbage collector is run.
#env-keep-derivations = false
### Option `build-max-jobs'
#
# This option defines the maximum number of jobs that Nix will try to
# build in parallel. The default is 1. You should generally set it
# to the number of CPUs in your system (e.g., 2 on a Athlon 64 X2).
# It can be overriden using the `--max-jobs' / `-j' command line
# switch.
#build-max-jobs = 1
### Option `build-cores'
#
# This option defines the number of CPU cores to utilize in parallel
# within a build job, i.e. by passing an appropriate `-jN' flag to GNU
# Make. The default is 1, meaning that parallel building within jobs
# is disabled. Passing the special value `0' causes Nix to try and
# auto-detect the number of available cores on the local host. This
# setting can be overridden using the `--cores' command line switch.
#build-cores = 1
### Option `build-max-silent-time'
#
# This option defines the maximum number of seconds that a builder can
# go without producing any data on standard output or standard error.
# This is useful (for instance in a automated build system) to catch
# builds that are stuck in an infinite loop, or to catch remote builds
# that are hanging due to network problems. It can be overriden using
# the `--max-silent-time' command line switch.
#
# The value 0 means that there is no timeout. This is also the
# default.
#
# Example:
# build-max-silent-time = 600 # = 10 minutes
#build-max-silent-time = 0
### Option `build-users-group'
#
# This options specifies the Unix group containing the Nix build user
# accounts. In multi-user Nix installations, builds should not
# be performed by the Nix account since that would allow users to
# arbitrarily modify the Nix store and database by supplying specially
# crafted builders; and they cannot be performed by the calling user
# since that would allow him/her to influence the build result.
#
# Therefore, if this option is non-empty and specifies a valid group,
# builds will be performed under the user accounts that are a member
# of the group specified here (as listed in /etc/group). Those user
# accounts should not be used for any other purpose!
#
# Nix will never run two builds under the same user account at the
# same time. This is to prevent an obvious security hole: a malicious
# user writing a Nix expression that modifies the build result of a
# legitimate Nix expression being built by another user. Therefore it
# is good to have as many Nix build user accounts as you can spare.
# (Remember: uids are cheap.)
#
# The build users should have permission to create files in the Nix
# store, but not delete them. Therefore, /nix/store should be owned
# by the Nix account, its group should be the group specified here,
# and its mode should be 1775.
#
# If the build users group is empty, builds will be performed under
# the uid of the Nix process (that is, the uid of the caller if
# $NIX_REMOTE is empty, the uid under which the Nix daemon runs if
# $NIX_REMOTE is `daemon', or the uid that owns the setuid nix-worker
# program if $NIX_REMOTE is `slave'). Obviously, this should not be
# used in multi-user settings with untrusted users.
#
# The default is empty.
#
# Example:
# build-users-group = nix-builders
#build-users-group =
### Option `build-use-chroot'
#
# If set to `true', builds will be performed in a chroot environment,
# i.e., the build will be isolated from the normal file system
# hierarchy and will only see the Nix store, the temporary build
# directory, and the directories configured with the
# `build-chroot-dirs' option (such as /proc and /dev). This is useful
# to prevent undeclared dependencies on files in directories such as
# /usr/bin.
#
# The use of a chroot requires that Nix is run as root (but you can
# still use the "build users" feature to perform builds under
# different users than root). Currently, chroot builds only work on
# Linux because Nix uses "bind mounts" to make the Nix store and other
# directories available inside the chroot.
#
# The default is `false'.
#
# Example:
# build-use-chroot = true
#build-use-chroot = false
### Option `build-chroot-dirs'
#
# When builds are performed in a chroot environment, Nix will mount
# (using `mount --bind' on Linux) some directories from the normal
# file system hierarchy inside the chroot. These are the Nix store,
# the temporary build directory (usually /tmp/nix-<pid>-<number>) and
# the directories listed here. The default is "/dev /dev/pts /proc".
# Files in /dev (such as /dev/null) are needed by many builds, and
# some files in /proc may also be needed occasionally.
#
# Example:
# build-use-chroot = /dev /proc /bin
#build-chroot-dirs = /dev /dev/pts /proc
### Option `build-cache-failure'
#
# If this option is enabled, Nix will do negative caching; that is, it
# will remember failed builds, and won't attempt to try to build them
# again if you ask for it. Negative caching is disabled by default
# because Nix cannot distinguish between permanent build errors (e.g.,
# a syntax error in a source file) and transient build errors (e.g., a
# full disk), as they both cause the builder to return a non-zero exit
# code. You can clear the cache by doing `rm -f
# /nix/var/nix/db/failed/*'.
#
# Example:
# build-cache-failure = true
#build-cache-failure = false

10
nix.spec.in
View file

@ -121,10 +121,7 @@ ln -sf %{_libdir}/nix/libNixStore.so.0 Store.so
popd popd
# Specify build users group # Specify build users group
sed -i "s|#build-users-group =$|build-users-group = %{nixbld_group}|" \ echo "build-users-group = %{nixbld_group}" > $RPM_BUILD_ROOT%{_sysconfdir}/nix/nix.conf
$RPM_BUILD_ROOT%{_sysconfdir}/nix/nix.conf
# ... and delete the example configuration
rm $RPM_BUILD_ROOT%{_sysconfdir}/nix/nix.conf.example
# make per-user directories # make per-user directories
for d in profiles gcroots; for d in profiles gcroots;
@ -192,8 +189,9 @@ systemctl start nix-worker.service
%endif %endif
%{_datadir}/emacs/site-lisp/nix-mode.el %{_datadir}/emacs/site-lisp/nix-mode.el
%{_datadir}/nix %{_datadir}/nix
%{_mandir}/man1/nix-*.1* %{_mandir}/man1/*.1*
%{_mandir}/man8/nix-*.8* %{_mandir}/man5/*.5*
%{_mandir}/man8/*.8*
%config(noreplace) %{_sysconfdir}/profile.d/nix.sh %config(noreplace) %{_sysconfdir}/profile.d/nix.sh
/nix /nix
%dir %{_sysconfdir}/nix %dir %{_sysconfdir}/nix

3
tests/Makefile.am
View file

@ -9,7 +9,7 @@ TESTS = init.sh hash.sh lang.sh add.sh simple.sh dependencies.sh \
gc-runtime.sh install-package.sh check-refs.sh filter-source.sh \ gc-runtime.sh install-package.sh check-refs.sh filter-source.sh \
remote-store.sh export.sh export-graph.sh negative-caching.sh \ remote-store.sh export.sh export-graph.sh negative-caching.sh \
binary-patching.sh timeout.sh secure-drv-outputs.sh nix-channel.sh \ binary-patching.sh timeout.sh secure-drv-outputs.sh nix-channel.sh \
multiple-outputs.sh import-derivation.sh multiple-outputs.sh import-derivation.sh fetchurl.sh
XFAIL_TESTS = XFAIL_TESTS =
@ -38,6 +38,7 @@ EXTRA_DIST = $(TESTS) \
secure-drv-outputs.nix \ secure-drv-outputs.nix \
multiple-outputs.nix \ multiple-outputs.nix \
import-derivation.nix \ import-derivation.nix \
fetchurl.nix \
$(wildcard lang/*.nix) $(wildcard lang/*.exp) $(wildcard lang/*.exp.xml) $(wildcard lang/*.flags) $(wildcard lang/dir*/*.nix) \ $(wildcard lang/*.nix) $(wildcard lang/*.exp) $(wildcard lang/*.exp.xml) $(wildcard lang/*.flags) $(wildcard lang/dir*/*.nix) \
common.sh.in common.sh.in

6
tests/fetchurl.nix Normal file
View file

@ -0,0 +1,6 @@
{ filename, sha256 }:
import <nix/fetchurl.nix> {
url = "file://${filename}";
inherit sha256;
}

9
tests/fetchurl.sh Normal file
View file

@ -0,0 +1,9 @@
source common.sh
clearStore
hash=$(nix-hash --flat --type sha256 ./fetchurl.nix)
outPath=$(nix-build ./fetchurl.nix --argstr filename $(pwd)/fetchurl.nix --argstr sha256 $hash)
cmp $outPath fetchurl.nix