No description
Find a file
Dan Peebles 4a4a009f78 Allow optional localhost network access to sandboxed derivations
This will allow bind and connect to 127.0.0.1, which can reduce purity/
security (if you're running a vulnerable service on localhost) but is
also needed for a ton of test suites, so I'm leaving it turned off by
default but allowing certain derivations to turn it on as needed.

It also allows DNS resolution of arbitrary hostnames but I haven't found
a way to avoid that. In principle I'd just want to allow resolving
localhost but that doesn't seem to be possible.

I don't think this belongs under `build-use-sandbox = relaxed` because we
want it on Hydra and I don't think it's the end of the world.
2017-10-30 17:59:12 +01:00
config Add config.guess, config.sub and install-sh 2013-11-25 11:26:02 +00:00
corepkgs <nix/fetchurl.nix>: Support sha512 argument 2017-07-04 14:45:50 +02:00
doc/manual Update release notes 2017-09-18 11:07:17 +02:00
maintainers Update upload-release script 2017-01-03 11:42:56 +01:00
misc docker: ensure that the installation works for users other than 'root', too 2017-10-07 17:28:34 +02:00
mk Whitespace 2017-10-09 15:41:09 +02:00
perl Replace Unicode quotes in user-facing strings by ASCII 2017-07-30 12:32:45 +01:00
scripts Merge pull request #1591 from shlevy/darwin-installer-no-sudo-i 2017-10-12 13:08:15 +02:00
src Allow optional localhost network access to sandboxed derivations 2017-10-30 17:59:12 +01:00
tests Fix tests 2017-10-02 23:45:27 -04:00
.dir-locals.el Add .dir-locals.el for Emacs 2016-01-28 11:12:04 +01:00
.editorconfig Add .editorconfig 2017-06-05 22:57:28 +01:00
.gitignore Reverse retry logic to retry in all but a few cases 2017-10-02 23:22:02 -04:00
.travis.yml Test the installer 2017-07-14 12:11:04 -04:00
bootstrap.sh bootstrap: Simplify & make more robust. 2011-09-06 12:11:05 +00:00
configure.ac Add a seccomp filter to prevent creating setuid/setgid binaries 2017-05-29 16:14:10 +02:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
local.mk Allow builders to create activities 2017-08-21 12:18:46 +02:00
Makefile Remove nix-mode.el from Nix. 2017-08-19 21:16:30 -07:00
Makefile.config.in Add --with-sandbox-shell configure flag 2017-05-15 17:36:32 +02:00
nix.spec.in Remove nix-mode.el from Nix. 2017-08-19 21:16:30 -07:00
README.md Fix minor grammatical nitpick ("it's" vs. "its") in README.md. 2017-03-22 10:11:23 -04:00
release-common.nix release-common: Fix busybox builtins (busybox >= 1.27) 2017-10-07 07:43:55 -05:00
release.nix fixing bashisms in test code 2017-10-06 06:12:33 -05:00
shell.nix Allow builders to create activities 2017-08-21 12:18:46 +02:00
version Bump 2016-01-20 16:34:37 +01:00

Nix, the purely functional package manager

Nix is a new take on package management that is fairly unique. Because of its purity aspects, a lot of issues found in traditional package managers don't appear with Nix.

To find out more about the tool, usage and installation instructions, please read the manual, which is available on the Nix website at http://nixos.org/nix/manual.

Contributing

Take a look at the Hacking Section of the manual. It helps you to get started with building Nix from source.

License

Nix is released under the LGPL v2.1

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.