Graham Christensen
e0d39c8dc4
Rename PINCH_ME_IM_SILLY to ALLOW_PREEXISTING_INSTALLATION
2017-07-14 12:11:33 -04:00
Graham Christensen
12f6bb33d2
If there is no TTY, also skip verbose sudo messages
2017-07-14 12:11:30 -04:00
Graham Christensen
ce2281e6d8
Ensure PINCH_ME_IM_SILLY allows a /nix/store to stick around between builds
...
Also output in the status report that the user is very silly
2017-07-14 12:11:26 -04:00
Graham Christensen
1c7ce2a018
Assume yes if we have no TTY
...
Starve the TTY of input to ensure this works, but provide yes to the
current installer to handle the current broken case.
2017-07-14 12:11:23 -04:00
Graham Christensen
73a57a2f22
Cleanup and more specificity around set -e
2017-07-14 12:11:20 -04:00
Graham Christensen
3839dda2ec
Only clean if the file exists
2017-07-14 12:11:17 -04:00
Graham Christensen
92ca93528f
Clean up nix hints from the old insstaller
2017-07-14 12:11:13 -04:00
Graham Christensen
61ea9e9867
Run nix-build inside a fresh bash login
2017-07-14 12:11:10 -04:00
Graham Christensen
bc647fd299
chmod
2017-07-14 12:11:07 -04:00
Graham Christensen
a0369b14f4
Test the installer
2017-07-14 12:11:04 -04:00
Graham Christensen
657b47e1b3
Address feedback around printf & exec
2017-07-14 12:11:00 -04:00
Graham Christensen
6a4037ca05
Don't install a second nix after the initial installation, and the rsync change fixes a bug hidden by the nix replacement where the store files were being owned by the installing user due to rsync's -a implying -og.
2017-07-14 12:10:57 -04:00
Graham Christensen
092f447c6d
Clean up issues around uninstall directions, and only show
...
relevant directions
2017-07-14 12:10:54 -04:00
Graham Christensen
6f639943c2
Prompt for sudo before validating assumptions, and check ourselves for root-owned files instead of making a scary warning.
2017-07-14 12:10:51 -04:00
Graham Christensen
2b5ab03524
multi-user install: move the profile in to the nix etc/profiles.d output
2017-07-14 12:10:47 -04:00
Graham Christensen
fb40d73e23
Switch to a fancy multi-user installer on Darwin
2017-07-14 12:10:44 -04:00
Graham Christensen
a0ad8ba12e
Shellcheck the existing installer
2017-07-14 11:42:33 -04:00
Eelco Dolstra
112ff7833d
nix: Show help when no arguments are given
...
Fixes #1464 .
2017-07-14 13:44:45 +02:00
Eelco Dolstra
38374a9d35
Tarball job: Include libseccomp on Linux only
2017-07-14 11:41:37 +02:00
Eelco Dolstra
0681f8c907
Shut up a memory leak warning
2017-07-14 11:40:57 +02:00
Vincent Ambo
5e7bb55e00
refactor templater: Use resource set 'path' field when loading files
2017-07-13 16:07:08 +02:00
Vincent Ambo
7607f6dc0f
feat context: Allow overriding resource set paths
...
Instead of always inferring the path at which files in a resource set
are located, let users override the path by specifying a `path` field.
This makes it possible to add the same resource set multiple times
with different values while still keeping distinct names for
addressability (for example when using include/exclude).
This fixes #70
2017-07-13 16:07:08 +02:00
Eelco Dolstra
2965d40612
replaceSymlink(): Handle the case where the temporary file already exists
...
Not really necessary anymore for #849 , but still nice to have.
2017-07-11 23:21:40 +02:00
Eelco Dolstra
8e8caf7f3e
fetchTarball: Prevent concurrent downloads of the same file
...
Fixes #849 .
2017-07-11 23:21:24 +02:00
Eelco Dolstra
9c00fa4179
Merge pull request #1422 from nh2/fix-potential-hash-comparison-crash
...
Fix potential crash/wrong result two hashes of unequal length are compared
2017-07-10 18:09:49 +02:00
Shea Levy
62a8fe6388
Merge branch 'man2' of git://github.com/robx/nix
2017-07-10 08:43:19 -04:00
Robert Vollmert
30117fb35b
fix buggy nix-shell man page
2017-07-10 14:36:55 +02:00
Eelco Dolstra
1762b9616c
Merge pull request #1428 from rimmington/clearer-regex-space-error
...
Clearer error message when regex exceeds space limit
2017-07-10 11:45:05 +02:00
Rhys
17bb00d378
Clearer error message when regex exceeds space limit
2017-07-10 09:35:53 +10:00
Robert Vollmert
c85e662004
man page (nix-shell): Fix grouping of -p option
...
Not sure about the raw ellipsis.
2017-07-07 22:11:46 +02:00
Robert Vollmert
89771a8821
man page (nix-prefetch-url): Add some missing options
2017-07-07 22:11:46 +02:00
Robert Vollmert
772ef22c25
man page (nix-instantiate): -E is optional
2017-07-07 22:11:46 +02:00
Robert Vollmert
8ad898b2cd
man page (nix-instantiate): Add --json to synopsis, order variables
2017-07-07 22:11:46 +02:00
Robert Vollmert
b1f5995a20
man page (nix-instantiate): Remove non-existent nix-build argument -r
2017-07-07 22:11:46 +02:00
Robert Vollmert
56a1f8f499
man pages: Consistently separate alternatives by /
2017-07-07 22:11:46 +02:00
Robert Vollmert
d1643bdaa2
man pages: Argument for --max-jobs
2017-07-07 22:11:45 +02:00
Robert Vollmert
68c626c6b0
man pages: Grouping for option alternatives
2017-07-07 22:11:45 +02:00
Robert Vollmert
ce3095e141
glossary: Fix word order
2017-07-07 22:07:46 +02:00
Eelco Dolstra
d3713716b6
Merge pull request #1445 from matthewbauer/macos-skip-hardlink
...
Don’t hardlink disallowed paths in OS X.
2017-07-07 11:05:21 +02:00
Eelco Dolstra
eef09c220d
Merge pull request #1444 from robx/man
...
Fix nix-instantiate manpage indentation
2017-07-07 11:04:06 +02:00
Matthew Bauer
72e80c59b5
Don’t hardlink disallowed paths in OS X.
...
Fixes #1443
2017-07-06 19:30:19 -07:00
Robert Vollmert
01722b3d2c
Remove unused variable from test script
2017-07-06 22:37:53 +02:00
Robert Vollmert
60da5d2b8f
Fix nix-instantiate manpage indentation
...
The second command variant is now its own cmdsynopsis, which ensures
it's not indented as was the case using sbrk.
2017-07-06 22:35:36 +02:00
Eelco Dolstra
a3dc1e65ab
Add X32 to the seccomp filter
...
Fixes #1432 .
2017-07-04 19:00:51 +02:00
Eelco Dolstra
42c5774e78
Sort substituters by priority
...
Fixes #1438 .
2017-07-04 16:34:53 +02:00
Eelco Dolstra
b7203e853e
getDefaultSubstituters(): Simplify initialisation
...
As shlevy pointed out, static variables in C++11 have thread-safe
initialisation.
2017-07-04 16:26:48 +02:00
Eelco Dolstra
6cf23c3e8f
Add allow-new-privileges option
...
This allows builds to call setuid binaries. This was previously
possible until we started using seccomp. Turns out that seccomp by
default disallows processes from acquiring new privileges. Generally,
any use of setuid binaries (except those created by the builder
itself) is by definition impure, but some people were relying on this
ability for certain tests.
Example:
$ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --no-allow-new-privileges
builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 2 log lines:
cannot raise the capability into the Ambient set
: Operation not permitted
$ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --allow-new-privileges
builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 6 log lines:
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=15.2 ms
Fixes #1429 .
2017-07-04 15:48:25 +02:00
Eelco Dolstra
ad8b96f1f2
Fix handling of expression installables with a / in them
2017-07-04 15:38:23 +02:00
Eelco Dolstra
c0015e87af
Support base-64 hashes
...
Also simplify the Hash API.
Fixes #1437 .
2017-07-04 15:07:41 +02:00
Eelco Dolstra
fe97c69898
<nix/fetchurl.nix>: Support sha512 argument
2017-07-04 14:45:50 +02:00