mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
16205 commits 5 branches 0 tags 172 MiB
Commit graph

16205 commits

This branch
This branch
All branches
Author SHA1 Message Date
William Carroll
b92bf435f2 Adds ansi-term improvements 2017-05-30 09:53:20 -04:00
William Carroll
03c752e500 Adds window swapping kbd 2017-05-30 09:45:52 -04:00
Eelco Dolstra
fe08d17934
Fix seccomp build failure on clang 
Fixes

  src/libstore/build.cc:2321:45: error: non-constant-expression cannot be narrowed from type 'int' to 'scmp_datum_t' (aka 'unsigned long') in initializer list [-Wc++11-narrowing]
 2017-05-30 14:37:24 +02:00
Eelco Dolstra
d552d38758
Shut up some clang warnings 2017-05-30 14:35:50 +02:00
Eelco Dolstra
2ac99a32da
Add a seccomp rule to disallow setxattr() 2017-05-30 13:59:24 +02:00
Eelco Dolstra
d798349ede
canonicalisePathMetaData(): Remove extended attributes / ACLs 
EAs/ACLs are not part of the NAR canonicalisation. Worse, setting an
ACL allows a builder to create writable files in the Nix store. So get
rid of them.

Closes #185.
 2017-05-30 13:47:41 +02:00
Eelco Dolstra
ff6becafa8
Require seccomp only in multi-user setups 2017-05-30 12:37:04 +02:00
Chris Feng
851ed8c280 Fix X display name comparison 
* exwm-workspace--add-frame-as-workspace
(exwm-workspace--add-frame-as-workspace): Manually compare X display
names as there's no built-in function handles this correctly.
 2017-05-30 01:25:58 +08:00
Eelco Dolstra
1d9ab273ba
Add test for setuid seccomp filter 2017-05-29 16:14:10 +02:00
Eelco Dolstra
cf93397d3f
Fix seccomp initialisation on i686-linux 2017-05-29 16:14:10 +02:00
Eelco Dolstra
6cc6c15a2d
Add a seccomp filter to prevent creating setuid/setgid binaries 
This prevents builders from setting the S_ISUID or S_ISGID bits,
preventing users from using a nixbld* user to create a setuid/setgid
binary to interfere with subsequent builds under the same nixbld* uid.

This is based on aszlig's seccomp code
(47f587700d).

Reported by Linus Heckemann.
 2017-05-29 16:14:10 +02:00
Eelco Dolstra
6e01ecd112
Fix nix-copy-closure test 
Fixes

  client# error: size mismatch importing path ‘/nix/store/ywf5fihjlxwijm6ygh6s0a353b5yvq4d-libidn2-0.16’; expected 0, got 120264

This is mostly an artifact of the NixOS VM test environment, where the
Nix database doesn't contain hashes/sizes.

http://hydra.nixos.org/build/53537471
 2017-05-29 16:08:56 +02:00
Eelco Dolstra
588dad4084
Fix build failure on Debian/Ubuntu 
http://hydra.nixos.org/build/53537463
 2017-05-29 15:59:18 +02:00
Eelco Dolstra
63145be2a5
Fix typo 2017-05-29 15:52:36 +02:00
Eelco Dolstra
d6064dd19b Merge pull request #1393 from pyrtsa/patch-1 
Fix variable name typo in derivations doc
 2017-05-29 11:32:06 +02:00
Eelco Dolstra
2740a22d2c Merge pull request #1394 from pyrtsa/patch-2 
Remove stray `>` in builtins doc
 2017-05-29 11:31:40 +02:00
Pyry Jahkola
370428f86d Remove stray > in builtins doc 2017-05-28 20:47:35 +03:00
Pyry Jahkola
86ea7d1566 Fix variable name typo in derivations doc 2017-05-28 15:48:57 +03:00
William Carroll
5c6b3d55d9 Updates Emacs config to specify font size 2017-05-27 16:24:12 -04:00
William Carroll
24f25f17c1 Adds keybinding support for fzf git branch finding 2017-05-27 16:24:02 -04:00
William Carroll
fd83169d4f Updates config script 2017-05-26 22:52:15 -04:00
William Carroll
f43ed77b12 Updates git aliases 2017-05-26 11:29:03 -04:00
William Carroll
a3cce605af Updates Emacs config 2017-05-26 11:27:07 -04:00
William Carroll
f0cd754a10 Adds useful Git aliases 2017-05-26 11:24:18 -04:00
William Carroll
a35d49f15d Updates slate config 2017-05-26 11:24:04 -04:00
Eelco Dolstra
a7e55151a8
Fix #1314 
Also, make nix-shell respect --option. (Previously it only passed it
along to nix-instantiate and nix-build.)
 2017-05-24 11:33:42 +02:00
Eelco Dolstra
fbe9fe0e75
Merge branch 'topic/cores-master' of https://github.com/neilmayhew/nix 2017-05-24 11:28:36 +02:00
Eelco Dolstra
9e43a4a041 Merge pull request #1376 from Mic92/patch-1 
nix-profile.sh: remove sbin from PATH
 2017-05-24 11:25:32 +02:00
Eelco Dolstra
9711524188
Fix #1380 
It lacked a backslash. Use a raw string and single quotes around PS1
to simplify this.
 2017-05-24 11:23:28 +02:00
Eelco Dolstra
01200d07d2
Merge branch 'prompt-terminator' of https://github.com/lheckemann/nix 2017-05-24 11:22:48 +02:00
Eelco Dolstra
b303ad012c Merge pull request #1382 from FRidh/patch-1 
Document fetchTarball can take a sha256
 2017-05-24 11:07:36 +02:00
Eelco Dolstra
edbb105e98
Merge branch 'nar-accessor-tree' of https://github.com/bennofs/nix 2017-05-24 11:04:43 +02:00
William Carroll
01c9965e1d Allows FZF to search hidden files (excluding .git) 2017-05-22 11:33:24 -04:00
William Carroll
27e80a070e Adds Slate as a window mgr 2017-05-22 11:22:30 -04:00
William Carroll
3fca7bedbc Increases line-height and misc style tweaks 2017-05-22 11:22:16 -04:00
Vincent Ambo
9923b1e64d docs README: Update installation instructions 2017-05-18 20:54:44 +02:00
Vincent Ambo
de4171da31 feat build: Add Homebrew binary formula 
Adds a Homebrew formula that downloads and installs the 1.0.2 binary release.

Users should be able to "tap" this formula from OS X, the README will be updated in a separate commit.

This fixes #41
 2017-05-18 20:35:00 +02:00
Vincent Ambo
f79b261079 chore: Version bump to 1.0.2 2017-05-18 19:41:18 +02:00
Vincent Ambo
aadea2f698 feat build: Add Repeatr formula for repeatable builds 
Adds a formula for Repeatr (http://repeatr.io/) that can be used to
build kontemplate in a repeatable way with pinned dependencies.

Fixes #47
 2017-05-18 19:38:21 +02:00
Eelco Dolstra
f134fc4cbe
Document that builtins.match takes a POSIX extended RE 2017-05-17 12:18:18 +02:00
Eelco Dolstra
e46090edb1
builtins.match: Improve error message for bad regular expression 
Issue #1331.
 2017-05-17 11:58:01 +02:00
Eelco Dolstra
b01d62285c
Improve progress indicator 2017-05-16 16:09:57 +02:00
Benno Fünfstück
a1f428b13b nar-accessor.cc: remove unused member NarIndexer::currentName 2017-05-15 19:41:59 +02:00
Benno Fünfstück
5ee06e612a nar-accessor: non-recursive NarMember::find 
This avoids a possible stack overflow if directories are very deeply nested.
 2017-05-15 19:34:18 +02:00
Eelco Dolstra
e80257f122
Simplify fixed-output check 2017-05-15 18:50:54 +02:00
Eelco Dolstra
c05d9ae7a5
Disallow outputHash being null or an empty string 
Fixes #1384.
 2017-05-15 18:47:13 +02:00
Eelco Dolstra
a2d92bb20e
Add --with-sandbox-shell configure flag 
And add a 116 KiB ash shell from busybox to the release build. This
helps to make sandbox builds work out of the box on non-NixOS systems
and with diverted stores.
 2017-05-15 17:36:32 +02:00
Eelco Dolstra
b30f5784d0
Linux sandbox: Don't barf on invalid paths 
This is useful when we're using a diverted store (e.g. "--store
local?root=/tmp/nix") in conjunction with a statically-linked sh from
the host store (e.g. "sandbox-paths =/bin/sh=/nix/store/.../bin/busybox").
 2017-05-15 17:36:32 +02:00
Eelco Dolstra
2b761d5f50
Make fmt() non-recursive 2017-05-15 17:36:32 +02:00
Benno Fünfstück
4412f7c083 nar-archive.cc: add tests for the nar index 2017-05-15 12:23:21 +02:00