From 3e347220c82d1537723f49aa03a93a6f9d294417 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20M=C3=B6st?= Date: Fri, 14 Feb 2020 07:47:48 +0100 Subject: [PATCH 1/9] Fix PR_SET_PDEATHSIG results in Broken pipe (#2395) The ssh client is lazily started by the first worker thread, that requires a ssh connection. To avoid the ssh client to be killed, when the worker process is stopped, do not set PR_SET_PDEATHSIG. --- src/libstore/ssh.cc | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index 2ee7115c5..84548a6e4 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -33,6 +33,9 @@ std::unique_ptr SSHMaster::startCommand(const std::string out.create(); auto conn = std::make_unique(); + ProcessOptions options; + options.dieWithParent = false; + conn->sshPid = startProcess([&]() { restoreSignals(); @@ -64,7 +67,7 @@ std::unique_ptr SSHMaster::startCommand(const std::string // could not exec ssh/bash throw SysError("unable to execute '%s'", args.front()); - }); + }, options); in.readSide = -1; @@ -91,6 +94,9 @@ Path SSHMaster::startMaster() Pipe out; out.create(); + ProcessOptions options; + options.dieWithParent = false; + state->sshMaster = startProcess([&]() { restoreSignals(); @@ -110,7 +116,7 @@ Path SSHMaster::startMaster() execvp(args.begin()->c_str(), stringsToCharPtrs(args).data()); throw SysError("unable to execute '%s'", args.front()); - }); + }, options); out.writeSide = -1; From 762febafe2694e7e1b2276181c7ec5564fca0b85 Mon Sep 17 00:00:00 2001 From: Benjamin Hipple Date: Sat, 15 Feb 2020 01:37:44 -0500 Subject: [PATCH 2/9] doc: mention how to turn on pure evaluation mode in manual The flag is `--pure-eval`, which can be found by looking at the test suite; it should be in the notes describing the feature as well, since otherwise users may assume this is referencing something like `nix-shell --pure`. --- doc/manual/release-notes/rl-2.0.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/manual/release-notes/rl-2.0.xml b/doc/manual/release-notes/rl-2.0.xml index fc9a77b08..bf6a679a1 100644 --- a/doc/manual/release-notes/rl-2.0.xml +++ b/doc/manual/release-notes/rl-2.0.xml @@ -503,14 +503,14 @@ - Pure evaluation mode. This is a variant - of the existing restricted evaluation mode. In pure mode, the Nix - evaluator forbids access to anything that could cause different - evaluations of the same command line arguments to produce a + Pure evaluation mode. With the + --pure-eval flag, nix enables a variant of the existing + restricted evaluation mode that forbids access to anything that could cause + different evaluations of the same command line arguments to produce a different result. This includes builtin functions such as builtins.getEnv, but more importantly, - all filesystem or network access unless a - content hash or commit hash is specified. For example, calls to + all filesystem or network access unless a content hash + or commit hash is specified. For example, calls to builtins.fetchGit are only allowed if a rev attribute is specified. From d8fd31f50ff55f7f334a2b9e58a82570e82ec28d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 18 Feb 2020 17:47:53 +0100 Subject: [PATCH 3/9] Disable the progress bar if $TERM == dumb or unset Fixes #3363. --- src/nix/progress-bar.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/nix/progress-bar.cc b/src/nix/progress-bar.cc index c445f31cc..26631416c 100644 --- a/src/nix/progress-bar.cc +++ b/src/nix/progress-bar.cc @@ -446,7 +446,9 @@ public: void startProgressBar(bool printBuildLogs) { - logger = new ProgressBar(printBuildLogs, isatty(STDERR_FILENO)); + logger = new ProgressBar( + printBuildLogs, + isatty(STDERR_FILENO) && getEnv("TERM").value_or("dumb") != "dumb"); } void stopProgressBar() From 553e584f9231394212bb4d556c4a3eebc8444a63 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2020 15:46:07 +0100 Subject: [PATCH 4/9] LocalStore::checkDerivationOutputs(): Improve error message --- src/libstore/local-store.cc | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index b254d766a..e59624cd3 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -547,6 +547,18 @@ void LocalStore::checkDerivationOutputs(const StorePath & drvPath, const Derivat std::string drvName(drvPath.name()); drvName = string(drvName, 0, drvName.size() - drvExtension.size()); + auto check = [&](const StorePath & expected, const StorePath & actual, const std::string & varName) + { + if (actual != expected) + throw Error("derivation '%s' has incorrect output '%s', should be '%s'", + printStorePath(drvPath), printStorePath(actual), printStorePath(expected)); + auto j = drv.env.find(varName); + if (j == drv.env.end() || parseStorePath(j->second) != actual) + throw Error("derivation '%s' has incorrect environment variable '%s', should be '%s'", + printStorePath(drvPath), varName, printStorePath(actual)); + }; + + if (drv.isFixedOutput()) { DerivationOutputs::const_iterator out = drv.outputs.find("out"); if (out == drv.outputs.end()) @@ -554,24 +566,14 @@ void LocalStore::checkDerivationOutputs(const StorePath & drvPath, const Derivat bool recursive; Hash h; out->second.parseHashInfo(recursive, h); - auto outPath = makeFixedOutputPath(recursive, h, drvName); - StringPairs::const_iterator j = drv.env.find("out"); - if (out->second.path != outPath || j == drv.env.end() || parseStorePath(j->second) != outPath) - throw Error("derivation '%s' has incorrect output '%s', should be '%s'", - printStorePath(drvPath), printStorePath(out->second.path), printStorePath(outPath)); + check(makeFixedOutputPath(recursive, h, drvName), out->second.path, "out"); } else { Hash h = hashDerivationModulo(*this, drv, true); - - for (auto & i : drv.outputs) { - auto outPath = makeOutputPath(i.first, h, drvName); - StringPairs::const_iterator j = drv.env.find(i.first); - if (i.second.path != outPath || j == drv.env.end() || parseStorePath(j->second) != outPath) - throw Error("derivation '%s' has incorrect output '%s', should be '%s'", - printStorePath(drvPath), printStorePath(i.second.path), printStorePath(outPath)); - } + for (auto & i : drv.outputs) + check(makeOutputPath(i.first, h, drvName), i.second.path, i.first); } } From f46bc0e8eb079f7d2613bfabfbcff31f4401b42c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 15 Feb 2020 21:30:26 +0100 Subject: [PATCH 5/9] Enable debug symbols --- release.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/release.nix b/release.nix index db2b5ef05..3dc12cd81 100644 --- a/release.nix +++ b/release.nix @@ -135,6 +135,8 @@ let doInstallCheck = true; installCheckFlags = "sysconfdir=$(out)/etc"; + + separateDebugInfo = true; }); From 583d06385de82ab5c7fc77d26cd138d3c6d5f4b5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 15 Feb 2020 21:48:28 +0100 Subject: [PATCH 6/9] Build with large config Boehm GC --- release-common.nix | 6 +++++- release.nix | 6 ++++-- shell.nix | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/release-common.nix b/release-common.nix index 60c8849d1..eb35d7917 100644 --- a/release-common.nix +++ b/release-common.nix @@ -48,7 +48,7 @@ rec { buildDeps = [ curl bzip2 xz brotli zlib editline - openssl pkgconfig sqlite boehmgc + openssl pkgconfig sqlite libarchive boost nlohmann_json @@ -73,6 +73,10 @@ rec { */ })); + propagatedDeps = + [ (boehmgc.override { enableLargeConfig = true; }) + ]; + perlDeps = [ perl perlPackages.DBDSQLite diff --git a/release.nix b/release.nix index 3dc12cd81..fdf7d0174 100644 --- a/release.nix +++ b/release.nix @@ -67,7 +67,7 @@ let src = nix; inherit officialRelease; - buildInputs = tarballDeps ++ buildDeps; + buildInputs = tarballDeps ++ buildDeps ++ propagatedDeps; postUnpack = '' (cd $sourceRoot && find . -type f) | cut -c3- > $sourceRoot/.dist-files @@ -111,6 +111,8 @@ let buildInputs = buildDeps; + propagatedBuildInputs = propagatedDeps; + preConfigure = # Copy libboost_context so we don't get all of Boost in our closure. # https://github.com/NixOS/nixpkgs/issues/45462 @@ -244,7 +246,7 @@ let enableParallelBuilding = true; - buildInputs = buildDeps; + buildInputs = buildDeps ++ propagatedDeps; dontInstall = false; diff --git a/shell.nix b/shell.nix index e5a2b2c91..4408b34ab 100644 --- a/shell.nix +++ b/shell.nix @@ -7,7 +7,7 @@ with import ./release-common.nix { inherit pkgs; }; (if useClang then clangStdenv else stdenv).mkDerivation { name = "nix"; - buildInputs = buildDeps ++ tarballDeps ++ perlDeps ++ [ pkgs.rustfmt ]; + buildInputs = buildDeps ++ propagatedDeps ++ tarballDeps ++ perlDeps ++ [ pkgs.rustfmt ]; inherit configureFlags; From 82de90961b79636c8a4989f46cc73ee449441e0f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2020 12:26:59 +0100 Subject: [PATCH 7/9] Add dev output Necessary since we're now propagating boehm-gc. --- release.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/release.nix b/release.nix index fdf7d0174..211f2b56e 100644 --- a/release.nix +++ b/release.nix @@ -109,6 +109,8 @@ let name = "nix"; src = tarball; + outputs = [ "out" "dev" ]; + buildInputs = buildDeps; propagatedBuildInputs = propagatedDeps; From 16e9a752871560434468c88d2cc302386bfc1e5d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2020 12:32:33 +0100 Subject: [PATCH 8/9] Typo --- doc/manual/release-notes/rl-2.0.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/release-notes/rl-2.0.xml b/doc/manual/release-notes/rl-2.0.xml index bf6a679a1..4c683dd3d 100644 --- a/doc/manual/release-notes/rl-2.0.xml +++ b/doc/manual/release-notes/rl-2.0.xml @@ -504,7 +504,7 @@ Pure evaluation mode. With the - --pure-eval flag, nix enables a variant of the existing + --pure-eval flag, Nix enables a variant of the existing restricted evaluation mode that forbids access to anything that could cause different evaluations of the same command line arguments to produce a different result. This includes builtin functions such as From 906afedd238e4d83ef9ea4cf5a3aca77e980d582 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2020 12:32:45 +0100 Subject: [PATCH 9/9] Use Nixpkgs 20.03 --- release.nix | 2 +- shell.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/release.nix b/release.nix index 211f2b56e..1f592424b 100644 --- a/release.nix +++ b/release.nix @@ -1,5 +1,5 @@ { nix ? builtins.fetchGit ./. -, nixpkgs ? builtins.fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-19.09.tar.gz +, nixpkgs ? builtins.fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-20.03-small.tar.gz , officialRelease ? false , systems ? [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ] }: diff --git a/shell.nix b/shell.nix index 4408b34ab..0cabcc15a 100644 --- a/shell.nix +++ b/shell.nix @@ -1,6 +1,6 @@ { useClang ? false }: -with import (builtins.fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-19.09.tar.gz) {}; +with import (builtins.fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-20.03-small.tar.gz) {}; with import ./release-common.nix { inherit pkgs; };