4553 lines
143 KiB
C++
4553 lines
143 KiB
C++
#include <errno.h>
|
||
#include <fcntl.h>
|
||
#include <grp.h>
|
||
#include <limits.h>
|
||
#include <netdb.h>
|
||
#include <pwd.h>
|
||
#include <sys/resource.h>
|
||
#include <sys/select.h>
|
||
#include <sys/socket.h>
|
||
#include <sys/stat.h>
|
||
#include <sys/time.h>
|
||
#include <sys/types.h>
|
||
#include <sys/utsname.h>
|
||
#include <sys/wait.h>
|
||
#include <termios.h>
|
||
#include <unistd.h>
|
||
#include <algorithm>
|
||
#include <chrono>
|
||
#include <cstring>
|
||
#include <future>
|
||
#include <iostream>
|
||
#include <map>
|
||
#include <queue>
|
||
#include <regex>
|
||
#include <sstream>
|
||
#include <thread>
|
||
#include "affinity.hh"
|
||
#include "archive.hh"
|
||
#include "builtins.hh"
|
||
#include "compression.hh"
|
||
#include "download.hh"
|
||
#include "finally.hh"
|
||
#include "globals.hh"
|
||
#include "glog/logging.h"
|
||
#include "json.hh"
|
||
#include "local-store.hh"
|
||
#include "machines.hh"
|
||
#include "nar-info.hh"
|
||
#include "parsed-derivations.hh"
|
||
#include "pathlocks.hh"
|
||
#include "references.hh"
|
||
#include "util.hh"
|
||
|
||
/* Includes required for chroot support. */
|
||
#if __linux__
|
||
#include <net/if.h>
|
||
#include <netinet/ip.h>
|
||
#include <sched.h>
|
||
#include <sys/ioctl.h>
|
||
#include <sys/mman.h>
|
||
#include <sys/mount.h>
|
||
#include <sys/param.h>
|
||
#include <sys/personality.h>
|
||
#include <sys/socket.h>
|
||
#include <sys/syscall.h>
|
||
#if HAVE_SECCOMP
|
||
#include <seccomp.h>
|
||
#endif
|
||
#define pivot_root(new_root, put_old) \
|
||
(syscall(SYS_pivot_root, new_root, put_old))
|
||
#endif
|
||
|
||
#if HAVE_STATVFS
|
||
#include <sys/statvfs.h>
|
||
#endif
|
||
|
||
#include <nlohmann/json.hpp>
|
||
|
||
namespace nix {
|
||
|
||
using std::map;
|
||
|
||
static string pathNullDevice = "/dev/null";
|
||
|
||
/* Forward definition. */
|
||
class Worker;
|
||
struct HookInstance;
|
||
|
||
/* A pointer to a goal. */
|
||
class Goal;
|
||
class DerivationGoal;
|
||
typedef std::shared_ptr<Goal> GoalPtr;
|
||
typedef std::weak_ptr<Goal> WeakGoalPtr;
|
||
|
||
struct CompareGoalPtrs {
|
||
bool operator()(const GoalPtr& a, const GoalPtr& b) const;
|
||
};
|
||
|
||
/* Set of goals. */
|
||
typedef set<GoalPtr, CompareGoalPtrs> Goals;
|
||
typedef list<WeakGoalPtr> WeakGoals;
|
||
|
||
/* A map of paths to goals (and the other way around). */
|
||
typedef map<Path, WeakGoalPtr> WeakGoalMap;
|
||
|
||
class Goal : public std::enable_shared_from_this<Goal> {
|
||
public:
|
||
typedef enum {
|
||
ecBusy,
|
||
ecSuccess,
|
||
ecFailed,
|
||
ecNoSubstituters,
|
||
ecIncompleteClosure
|
||
} ExitCode;
|
||
|
||
protected:
|
||
/* Backlink to the worker. */
|
||
Worker& worker;
|
||
|
||
/* Goals that this goal is waiting for. */
|
||
Goals waitees;
|
||
|
||
/* Goals waiting for this one to finish. Must use weak pointers
|
||
here to prevent cycles. */
|
||
WeakGoals waiters;
|
||
|
||
/* Number of goals we are/were waiting for that have failed. */
|
||
unsigned int nrFailed;
|
||
|
||
/* Number of substitution goals we are/were waiting for that
|
||
failed because there are no substituters. */
|
||
unsigned int nrNoSubstituters;
|
||
|
||
/* Number of substitution goals we are/were waiting for that
|
||
failed because othey had unsubstitutable references. */
|
||
unsigned int nrIncompleteClosure;
|
||
|
||
/* Name of this goal for debugging purposes. */
|
||
string name;
|
||
|
||
/* Whether the goal is finished. */
|
||
ExitCode exitCode;
|
||
|
||
Goal(Worker& worker) : worker(worker) {
|
||
nrFailed = nrNoSubstituters = nrIncompleteClosure = 0;
|
||
exitCode = ecBusy;
|
||
}
|
||
|
||
virtual ~Goal() { trace("goal destroyed"); }
|
||
|
||
public:
|
||
virtual void work() = 0;
|
||
|
||
void addWaitee(GoalPtr waitee);
|
||
|
||
virtual void waiteeDone(GoalPtr waitee, ExitCode result);
|
||
|
||
virtual void handleChildOutput(int fd, const string& data) { abort(); }
|
||
|
||
virtual void handleEOF(int fd) { abort(); }
|
||
|
||
void trace(const FormatOrString& fs);
|
||
|
||
string getName() { return name; }
|
||
|
||
ExitCode getExitCode() { return exitCode; }
|
||
|
||
/* Callback in case of a timeout. It should wake up its waiters,
|
||
get rid of any running child processes that are being monitored
|
||
by the worker (important!), etc. */
|
||
virtual void timedOut() = 0;
|
||
|
||
virtual string key() = 0;
|
||
|
||
protected:
|
||
virtual void amDone(ExitCode result);
|
||
};
|
||
|
||
bool CompareGoalPtrs::operator()(const GoalPtr& a, const GoalPtr& b) const {
|
||
string s1 = a->key();
|
||
string s2 = b->key();
|
||
return s1 < s2;
|
||
}
|
||
|
||
typedef std::chrono::time_point<std::chrono::steady_clock> steady_time_point;
|
||
|
||
/* A mapping used to remember for each child process to what goal it
|
||
belongs, and file descriptors for receiving log data and output
|
||
path creation commands. */
|
||
struct Child {
|
||
WeakGoalPtr goal;
|
||
Goal* goal2; // ugly hackery
|
||
set<int> fds;
|
||
bool respectTimeouts;
|
||
bool inBuildSlot;
|
||
steady_time_point lastOutput; /* time we last got output on stdout/stderr */
|
||
steady_time_point timeStarted;
|
||
};
|
||
|
||
/* The worker class. */
|
||
class Worker {
|
||
private:
|
||
/* Note: the worker should only have strong pointers to the
|
||
top-level goals. */
|
||
|
||
/* The top-level goals of the worker. */
|
||
Goals topGoals;
|
||
|
||
/* Goals that are ready to do some work. */
|
||
WeakGoals awake;
|
||
|
||
/* Goals waiting for a build slot. */
|
||
WeakGoals wantingToBuild;
|
||
|
||
/* Child processes currently running. */
|
||
std::list<Child> children;
|
||
|
||
/* Number of build slots occupied. This includes local builds and
|
||
substitutions but not remote builds via the build hook. */
|
||
unsigned int nrLocalBuilds;
|
||
|
||
/* Maps used to prevent multiple instantiations of a goal for the
|
||
same derivation / path. */
|
||
WeakGoalMap derivationGoals;
|
||
WeakGoalMap substitutionGoals;
|
||
|
||
/* Goals waiting for busy paths to be unlocked. */
|
||
WeakGoals waitingForAnyGoal;
|
||
|
||
/* Goals sleeping for a few seconds (polling a lock). */
|
||
WeakGoals waitingForAWhile;
|
||
|
||
/* Last time the goals in `waitingForAWhile' where woken up. */
|
||
steady_time_point lastWokenUp;
|
||
|
||
/* Cache for pathContentsGood(). */
|
||
std::map<Path, bool> pathContentsGoodCache;
|
||
|
||
public:
|
||
/* Set if at least one derivation had a BuildError (i.e. permanent
|
||
failure). */
|
||
bool permanentFailure;
|
||
|
||
/* Set if at least one derivation had a timeout. */
|
||
bool timedOut;
|
||
|
||
/* Set if at least one derivation fails with a hash mismatch. */
|
||
bool hashMismatch;
|
||
|
||
/* Set if at least one derivation is not deterministic in check mode. */
|
||
bool checkMismatch;
|
||
|
||
LocalStore& store;
|
||
|
||
std::unique_ptr<HookInstance> hook;
|
||
|
||
uint64_t expectedBuilds = 0;
|
||
uint64_t doneBuilds = 0;
|
||
uint64_t failedBuilds = 0;
|
||
uint64_t runningBuilds = 0;
|
||
|
||
uint64_t expectedSubstitutions = 0;
|
||
uint64_t doneSubstitutions = 0;
|
||
uint64_t failedSubstitutions = 0;
|
||
uint64_t runningSubstitutions = 0;
|
||
uint64_t expectedDownloadSize = 0;
|
||
uint64_t doneDownloadSize = 0;
|
||
uint64_t expectedNarSize = 0;
|
||
uint64_t doneNarSize = 0;
|
||
|
||
/* Whether to ask the build hook if it can build a derivation. If
|
||
it answers with "decline-permanently", we don't try again. */
|
||
bool tryBuildHook = true;
|
||
|
||
Worker(LocalStore& store);
|
||
~Worker();
|
||
|
||
/* Make a goal (with caching). */
|
||
GoalPtr makeDerivationGoal(const Path& drvPath,
|
||
const StringSet& wantedOutputs,
|
||
BuildMode buildMode = bmNormal);
|
||
std::shared_ptr<DerivationGoal> makeBasicDerivationGoal(
|
||
const Path& drvPath, const BasicDerivation& drv,
|
||
BuildMode buildMode = bmNormal);
|
||
GoalPtr makeSubstitutionGoal(const Path& storePath,
|
||
RepairFlag repair = NoRepair);
|
||
|
||
/* Remove a dead goal. */
|
||
void removeGoal(GoalPtr goal);
|
||
|
||
/* Wake up a goal (i.e., there is something for it to do). */
|
||
void wakeUp(GoalPtr goal);
|
||
|
||
/* Return the number of local build and substitution processes
|
||
currently running (but not remote builds via the build
|
||
hook). */
|
||
unsigned int getNrLocalBuilds();
|
||
|
||
/* Registers a running child process. `inBuildSlot' means that
|
||
the process counts towards the jobs limit. */
|
||
void childStarted(GoalPtr goal, const set<int>& fds, bool inBuildSlot,
|
||
bool respectTimeouts);
|
||
|
||
/* Unregisters a running child process. `wakeSleepers' should be
|
||
false if there is no sense in waking up goals that are sleeping
|
||
because they can't run yet (e.g., there is no free build slot,
|
||
or the hook would still say `postpone'). */
|
||
void childTerminated(Goal* goal, bool wakeSleepers = true);
|
||
|
||
/* Put `goal' to sleep until a build slot becomes available (which
|
||
might be right away). */
|
||
void waitForBuildSlot(GoalPtr goal);
|
||
|
||
/* Wait for any goal to finish. Pretty indiscriminate way to
|
||
wait for some resource that some other goal is holding. */
|
||
void waitForAnyGoal(GoalPtr goal);
|
||
|
||
/* Wait for a few seconds and then retry this goal. Used when
|
||
waiting for a lock held by another process. This kind of
|
||
polling is inefficient, but POSIX doesn't really provide a way
|
||
to wait for multiple locks in the main select() loop. */
|
||
void waitForAWhile(GoalPtr goal);
|
||
|
||
/* Loop until the specified top-level goals have finished. */
|
||
void run(const Goals& topGoals);
|
||
|
||
/* Wait for input to become available. */
|
||
void waitForInput();
|
||
|
||
unsigned int exitStatus();
|
||
|
||
/* Check whether the given valid path exists and has the right
|
||
contents. */
|
||
bool pathContentsGood(const Path& path);
|
||
|
||
void markContentsGood(const Path& path);
|
||
};
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
void addToWeakGoals(WeakGoals& goals, GoalPtr p) {
|
||
// FIXME: necessary?
|
||
// FIXME: O(n)
|
||
for (auto& i : goals)
|
||
if (i.lock() == p) return;
|
||
goals.push_back(p);
|
||
}
|
||
|
||
void Goal::addWaitee(GoalPtr waitee) {
|
||
waitees.insert(waitee);
|
||
addToWeakGoals(waitee->waiters, shared_from_this());
|
||
}
|
||
|
||
void Goal::waiteeDone(GoalPtr waitee, ExitCode result) {
|
||
assert(waitees.find(waitee) != waitees.end());
|
||
waitees.erase(waitee);
|
||
|
||
trace(format("waitee '%1%' done; %2% left") % waitee->name % waitees.size());
|
||
|
||
if (result == ecFailed || result == ecNoSubstituters ||
|
||
result == ecIncompleteClosure)
|
||
++nrFailed;
|
||
|
||
if (result == ecNoSubstituters) ++nrNoSubstituters;
|
||
|
||
if (result == ecIncompleteClosure) ++nrIncompleteClosure;
|
||
|
||
if (waitees.empty() || (result == ecFailed && !settings.keepGoing)) {
|
||
/* If we failed and keepGoing is not set, we remove all
|
||
remaining waitees. */
|
||
for (auto& goal : waitees) {
|
||
WeakGoals waiters2;
|
||
for (auto& j : goal->waiters)
|
||
if (j.lock() != shared_from_this()) waiters2.push_back(j);
|
||
goal->waiters = waiters2;
|
||
}
|
||
waitees.clear();
|
||
|
||
worker.wakeUp(shared_from_this());
|
||
}
|
||
}
|
||
|
||
void Goal::amDone(ExitCode result) {
|
||
trace("done");
|
||
assert(exitCode == ecBusy);
|
||
assert(result == ecSuccess || result == ecFailed ||
|
||
result == ecNoSubstituters || result == ecIncompleteClosure);
|
||
exitCode = result;
|
||
for (auto& i : waiters) {
|
||
GoalPtr goal = i.lock();
|
||
if (goal) goal->waiteeDone(shared_from_this(), result);
|
||
}
|
||
waiters.clear();
|
||
worker.removeGoal(shared_from_this());
|
||
}
|
||
|
||
void Goal::trace(const FormatOrString& fs) {
|
||
DLOG(INFO) << name << ": " << fs.s;
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
/* Common initialisation performed in child processes. */
|
||
static void commonChildInit(Pipe& logPipe) {
|
||
restoreSignals();
|
||
|
||
/* Put the child in a separate session (and thus a separate
|
||
process group) so that it has no controlling terminal (meaning
|
||
that e.g. ssh cannot open /dev/tty) and it doesn't receive
|
||
terminal signals. */
|
||
if (setsid() == -1) throw SysError(format("creating a new session"));
|
||
|
||
/* Dup the write side of the logger pipe into stderr. */
|
||
if (dup2(logPipe.writeSide.get(), STDERR_FILENO) == -1)
|
||
throw SysError("cannot pipe standard error into log file");
|
||
|
||
/* Dup stderr to stdout. */
|
||
if (dup2(STDERR_FILENO, STDOUT_FILENO) == -1)
|
||
throw SysError("cannot dup stderr into stdout");
|
||
|
||
/* Reroute stdin to /dev/null. */
|
||
int fdDevNull = open(pathNullDevice.c_str(), O_RDWR);
|
||
if (fdDevNull == -1)
|
||
throw SysError(format("cannot open '%1%'") % pathNullDevice);
|
||
if (dup2(fdDevNull, STDIN_FILENO) == -1)
|
||
throw SysError("cannot dup null device into stdin");
|
||
close(fdDevNull);
|
||
}
|
||
|
||
void handleDiffHook(uid_t uid, uid_t gid, Path tryA, Path tryB, Path drvPath,
|
||
Path tmpDir) {
|
||
auto diffHook = settings.diffHook;
|
||
if (diffHook != "" && settings.runDiffHook) {
|
||
try {
|
||
RunOptions diffHookOptions(diffHook, {tryA, tryB, drvPath, tmpDir});
|
||
diffHookOptions.searchPath = true;
|
||
diffHookOptions.uid = uid;
|
||
diffHookOptions.gid = gid;
|
||
diffHookOptions.chdir = "/";
|
||
|
||
auto diffRes = runProgram(diffHookOptions);
|
||
if (!statusOk(diffRes.first))
|
||
throw ExecError(diffRes.first,
|
||
fmt("diff-hook program '%1%' %2%", diffHook,
|
||
statusToString(diffRes.first)));
|
||
|
||
if (diffRes.second != "") {
|
||
LOG(ERROR) << chomp(diffRes.second);
|
||
}
|
||
} catch (Error& error) {
|
||
LOG(ERROR) << "diff hook execution failed: " << error.what();
|
||
}
|
||
}
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
class UserLock {
|
||
private:
|
||
/* POSIX locks suck. If we have a lock on a file, and we open and
|
||
close that file again (without closing the original file
|
||
descriptor), we lose the lock. So we have to be *very* careful
|
||
not to open a lock file on which we are holding a lock. */
|
||
static Sync<PathSet> lockedPaths_;
|
||
|
||
Path fnUserLock;
|
||
AutoCloseFD fdUserLock;
|
||
|
||
string user;
|
||
uid_t uid;
|
||
gid_t gid;
|
||
std::vector<gid_t> supplementaryGIDs;
|
||
|
||
public:
|
||
UserLock();
|
||
~UserLock();
|
||
|
||
void kill();
|
||
|
||
string getUser() { return user; }
|
||
uid_t getUID() {
|
||
assert(uid);
|
||
return uid;
|
||
}
|
||
uid_t getGID() {
|
||
assert(gid);
|
||
return gid;
|
||
}
|
||
std::vector<gid_t> getSupplementaryGIDs() { return supplementaryGIDs; }
|
||
|
||
bool enabled() { return uid != 0; }
|
||
};
|
||
|
||
Sync<PathSet> UserLock::lockedPaths_;
|
||
|
||
UserLock::UserLock() {
|
||
assert(settings.buildUsersGroup != "");
|
||
|
||
/* Get the members of the build-users-group. */
|
||
struct group* gr = getgrnam(settings.buildUsersGroup.get().c_str());
|
||
if (!gr)
|
||
throw Error(
|
||
format(
|
||
"the group '%1%' specified in 'build-users-group' does not exist") %
|
||
settings.buildUsersGroup);
|
||
gid = gr->gr_gid;
|
||
|
||
/* Copy the result of getgrnam. */
|
||
Strings users;
|
||
for (char** p = gr->gr_mem; *p; ++p) {
|
||
DLOG(INFO) << "found build user " << *p;
|
||
users.push_back(*p);
|
||
}
|
||
|
||
if (users.empty())
|
||
throw Error(format("the build users group '%1%' has no members") %
|
||
settings.buildUsersGroup);
|
||
|
||
/* Find a user account that isn't currently in use for another
|
||
build. */
|
||
for (auto& i : users) {
|
||
DLOG(INFO) << "trying user " << i;
|
||
|
||
struct passwd* pw = getpwnam(i.c_str());
|
||
if (!pw)
|
||
throw Error(format("the user '%1%' in the group '%2%' does not exist") %
|
||
i % settings.buildUsersGroup);
|
||
|
||
createDirs(settings.nixStateDir + "/userpool");
|
||
|
||
fnUserLock =
|
||
(format("%1%/userpool/%2%") % settings.nixStateDir % pw->pw_uid).str();
|
||
|
||
{
|
||
auto lockedPaths(lockedPaths_.lock());
|
||
if (lockedPaths->count(fnUserLock))
|
||
/* We already have a lock on this one. */
|
||
continue;
|
||
lockedPaths->insert(fnUserLock);
|
||
}
|
||
|
||
try {
|
||
AutoCloseFD fd =
|
||
open(fnUserLock.c_str(), O_RDWR | O_CREAT | O_CLOEXEC, 0600);
|
||
if (!fd) throw SysError(format("opening user lock '%1%'") % fnUserLock);
|
||
|
||
if (lockFile(fd.get(), ltWrite, false)) {
|
||
fdUserLock = std::move(fd);
|
||
user = i;
|
||
uid = pw->pw_uid;
|
||
|
||
/* Sanity check... */
|
||
if (uid == getuid() || uid == geteuid())
|
||
throw Error(format("the Nix user should not be a member of '%1%'") %
|
||
settings.buildUsersGroup);
|
||
|
||
#if __linux__
|
||
/* Get the list of supplementary groups of this build user. This
|
||
is usually either empty or contains a group such as "kvm". */
|
||
supplementaryGIDs.resize(10);
|
||
int ngroups = supplementaryGIDs.size();
|
||
int err = getgrouplist(pw->pw_name, pw->pw_gid,
|
||
supplementaryGIDs.data(), &ngroups);
|
||
if (err == -1)
|
||
throw Error(
|
||
format("failed to get list of supplementary groups for '%1%'") %
|
||
pw->pw_name);
|
||
|
||
supplementaryGIDs.resize(ngroups);
|
||
#endif
|
||
|
||
return;
|
||
}
|
||
|
||
} catch (...) {
|
||
lockedPaths_.lock()->erase(fnUserLock);
|
||
}
|
||
}
|
||
|
||
throw Error(format("all build users are currently in use; "
|
||
"consider creating additional users and adding them to "
|
||
"the '%1%' group") %
|
||
settings.buildUsersGroup);
|
||
}
|
||
|
||
UserLock::~UserLock() {
|
||
auto lockedPaths(lockedPaths_.lock());
|
||
assert(lockedPaths->count(fnUserLock));
|
||
lockedPaths->erase(fnUserLock);
|
||
}
|
||
|
||
void UserLock::kill() { killUser(uid); }
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
struct HookInstance {
|
||
/* Pipes for talking to the build hook. */
|
||
Pipe toHook;
|
||
|
||
/* Pipe for the hook's standard output/error. */
|
||
Pipe fromHook;
|
||
|
||
/* Pipe for the builder's standard output/error. */
|
||
Pipe builderOut;
|
||
|
||
/* The process ID of the hook. */
|
||
Pid pid;
|
||
|
||
FdSink sink;
|
||
|
||
HookInstance();
|
||
|
||
~HookInstance();
|
||
};
|
||
|
||
HookInstance::HookInstance() {
|
||
DLOG(INFO) << "starting build hook " << settings.buildHook;
|
||
|
||
/* Create a pipe to get the output of the child. */
|
||
fromHook.create();
|
||
|
||
/* Create the communication pipes. */
|
||
toHook.create();
|
||
|
||
/* Create a pipe to get the output of the builder. */
|
||
builderOut.create();
|
||
|
||
/* Fork the hook. */
|
||
pid = startProcess([&]() {
|
||
commonChildInit(fromHook);
|
||
|
||
if (chdir("/") == -1) {
|
||
throw SysError("changing into /");
|
||
}
|
||
|
||
/* Dup the communication pipes. */
|
||
if (dup2(toHook.readSide.get(), STDIN_FILENO) == -1) {
|
||
throw SysError("dupping to-hook read side");
|
||
}
|
||
|
||
/* Use fd 4 for the builder's stdout/stderr. */
|
||
if (dup2(builderOut.writeSide.get(), 4) == -1) {
|
||
throw SysError("dupping builder's stdout/stderr");
|
||
}
|
||
|
||
/* Hack: pass the read side of that fd to allow build-remote
|
||
to read SSH error messages. */
|
||
if (dup2(builderOut.readSide.get(), 5) == -1) {
|
||
throw SysError("dupping builder's stdout/stderr");
|
||
}
|
||
|
||
Strings args = {
|
||
baseNameOf(settings.buildHook),
|
||
// std::to_string(verbosity), // TODO(tazjin): what?
|
||
};
|
||
|
||
execv(settings.buildHook.get().c_str(), stringsToCharPtrs(args).data());
|
||
|
||
throw SysError("executing '%s'", settings.buildHook);
|
||
});
|
||
|
||
pid.setSeparatePG(true);
|
||
fromHook.writeSide = -1;
|
||
toHook.readSide = -1;
|
||
|
||
sink = FdSink(toHook.writeSide.get());
|
||
std::map<std::string, Config::SettingInfo> settings;
|
||
globalConfig.getSettings(settings);
|
||
for (auto& setting : settings)
|
||
sink << 1 << setting.first << setting.second.value;
|
||
sink << 0;
|
||
}
|
||
|
||
HookInstance::~HookInstance() {
|
||
try {
|
||
toHook.writeSide = -1;
|
||
if (pid != -1) pid.kill();
|
||
} catch (...) {
|
||
ignoreException();
|
||
}
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
typedef map<std::string, std::string> StringRewrites;
|
||
|
||
std::string rewriteStrings(std::string s, const StringRewrites& rewrites) {
|
||
for (auto& i : rewrites) {
|
||
size_t j = 0;
|
||
while ((j = s.find(i.first, j)) != string::npos)
|
||
s.replace(j, i.first.size(), i.second);
|
||
}
|
||
return s;
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
typedef enum { rpAccept, rpDecline, rpPostpone } HookReply;
|
||
|
||
class SubstitutionGoal;
|
||
|
||
class DerivationGoal : public Goal {
|
||
private:
|
||
/* Whether to use an on-disk .drv file. */
|
||
bool useDerivation;
|
||
|
||
/* The path of the derivation. */
|
||
Path drvPath;
|
||
|
||
/* The specific outputs that we need to build. Empty means all of
|
||
them. */
|
||
StringSet wantedOutputs;
|
||
|
||
/* Whether additional wanted outputs have been added. */
|
||
bool needRestart = false;
|
||
|
||
/* Whether to retry substituting the outputs after building the
|
||
inputs. */
|
||
bool retrySubstitution;
|
||
|
||
/* The derivation stored at drvPath. */
|
||
std::unique_ptr<BasicDerivation> drv;
|
||
|
||
std::unique_ptr<ParsedDerivation> parsedDrv;
|
||
|
||
/* The remainder is state held during the build. */
|
||
|
||
/* Locks on the output paths. */
|
||
PathLocks outputLocks;
|
||
|
||
/* All input paths (that is, the union of FS closures of the
|
||
immediate input paths). */
|
||
PathSet inputPaths;
|
||
|
||
/* Referenceable paths (i.e., input and output paths). */
|
||
PathSet allPaths;
|
||
|
||
/* Outputs that are already valid. If we're repairing, these are
|
||
the outputs that are valid *and* not corrupt. */
|
||
PathSet validPaths;
|
||
|
||
/* Outputs that are corrupt or not valid. */
|
||
PathSet missingPaths;
|
||
|
||
/* User selected for running the builder. */
|
||
std::unique_ptr<UserLock> buildUser;
|
||
|
||
/* The process ID of the builder. */
|
||
Pid pid;
|
||
|
||
/* The temporary directory. */
|
||
Path tmpDir;
|
||
|
||
/* The path of the temporary directory in the sandbox. */
|
||
Path tmpDirInSandbox;
|
||
|
||
/* File descriptor for the log file. */
|
||
AutoCloseFD fdLogFile;
|
||
std::shared_ptr<BufferedSink> logFileSink, logSink;
|
||
|
||
/* Number of bytes received from the builder's stdout/stderr. */
|
||
unsigned long logSize;
|
||
|
||
/* The most recent log lines. */
|
||
std::list<std::string> logTail;
|
||
|
||
std::string currentLogLine;
|
||
size_t currentLogLinePos = 0; // to handle carriage return
|
||
|
||
std::string currentHookLine;
|
||
|
||
/* Pipe for the builder's standard output/error. */
|
||
Pipe builderOut;
|
||
|
||
/* Pipe for synchronising updates to the builder user namespace. */
|
||
Pipe userNamespaceSync;
|
||
|
||
/* The build hook. */
|
||
std::unique_ptr<HookInstance> hook;
|
||
|
||
/* Whether we're currently doing a chroot build. */
|
||
bool useChroot = false;
|
||
|
||
Path chrootRootDir;
|
||
|
||
/* RAII object to delete the chroot directory. */
|
||
std::shared_ptr<AutoDelete> autoDelChroot;
|
||
|
||
/* Whether this is a fixed-output derivation. */
|
||
bool fixedOutput;
|
||
|
||
/* Whether to run the build in a private network namespace. */
|
||
bool privateNetwork = false;
|
||
|
||
typedef void (DerivationGoal::*GoalState)();
|
||
GoalState state;
|
||
|
||
/* Stuff we need to pass to initChild(). */
|
||
struct ChrootPath {
|
||
Path source;
|
||
bool optional;
|
||
ChrootPath(Path source = "", bool optional = false)
|
||
: source(source), optional(optional) {}
|
||
};
|
||
typedef map<Path, ChrootPath>
|
||
DirsInChroot; // maps target path to source path
|
||
DirsInChroot dirsInChroot;
|
||
|
||
typedef map<string, string> Environment;
|
||
Environment env;
|
||
|
||
#if __APPLE__
|
||
typedef string SandboxProfile;
|
||
SandboxProfile additionalSandboxProfile;
|
||
#endif
|
||
|
||
/* Hash rewriting. */
|
||
StringRewrites inputRewrites, outputRewrites;
|
||
typedef map<Path, Path> RedirectedOutputs;
|
||
RedirectedOutputs redirectedOutputs;
|
||
|
||
BuildMode buildMode;
|
||
|
||
/* If we're repairing without a chroot, there may be outputs that
|
||
are valid but corrupt. So we redirect these outputs to
|
||
temporary paths. */
|
||
PathSet redirectedBadOutputs;
|
||
|
||
BuildResult result;
|
||
|
||
/* The current round, if we're building multiple times. */
|
||
size_t curRound = 1;
|
||
|
||
size_t nrRounds;
|
||
|
||
/* Path registration info from the previous round, if we're
|
||
building multiple times. Since this contains the hash, it
|
||
allows us to compare whether two rounds produced the same
|
||
result. */
|
||
std::map<Path, ValidPathInfo> prevInfos;
|
||
|
||
const uid_t sandboxUid = 1000;
|
||
const gid_t sandboxGid = 100;
|
||
|
||
const static Path homeDir;
|
||
|
||
std::unique_ptr<MaintainCount<uint64_t>> mcExpectedBuilds, mcRunningBuilds;
|
||
|
||
/* The remote machine on which we're building. */
|
||
std::string machineName;
|
||
|
||
public:
|
||
DerivationGoal(const Path& drvPath, const StringSet& wantedOutputs,
|
||
Worker& worker, BuildMode buildMode = bmNormal);
|
||
DerivationGoal(const Path& drvPath, const BasicDerivation& drv,
|
||
Worker& worker, BuildMode buildMode = bmNormal);
|
||
~DerivationGoal();
|
||
|
||
/* Whether we need to perform hash rewriting if there are valid output paths.
|
||
*/
|
||
bool needsHashRewrite();
|
||
|
||
void timedOut() override;
|
||
|
||
string key() override {
|
||
/* Ensure that derivations get built in order of their name,
|
||
i.e. a derivation named "aardvark" always comes before
|
||
"baboon". And substitution goals always happen before
|
||
derivation goals (due to "b$"). */
|
||
return "b$" + storePathToName(drvPath) + "$" + drvPath;
|
||
}
|
||
|
||
void work() override;
|
||
|
||
Path getDrvPath() { return drvPath; }
|
||
|
||
/* Add wanted outputs to an already existing derivation goal. */
|
||
void addWantedOutputs(const StringSet& outputs);
|
||
|
||
BuildResult getResult() { return result; }
|
||
|
||
private:
|
||
/* The states. */
|
||
void getDerivation();
|
||
void loadDerivation();
|
||
void haveDerivation();
|
||
void outputsSubstituted();
|
||
void closureRepaired();
|
||
void inputsRealised();
|
||
void tryToBuild();
|
||
void buildDone();
|
||
|
||
/* Is the build hook willing to perform the build? */
|
||
HookReply tryBuildHook();
|
||
|
||
/* Start building a derivation. */
|
||
void startBuilder();
|
||
|
||
/* Fill in the environment for the builder. */
|
||
void initEnv();
|
||
|
||
/* Setup tmp dir location. */
|
||
void initTmpDir();
|
||
|
||
/* Write a JSON file containing the derivation attributes. */
|
||
void writeStructuredAttrs();
|
||
|
||
/* Make a file owned by the builder. */
|
||
void chownToBuilder(const Path& path);
|
||
|
||
/* Run the builder's process. */
|
||
void runChild();
|
||
|
||
friend int childEntry(void*);
|
||
|
||
/* Check that the derivation outputs all exist and register them
|
||
as valid. */
|
||
void registerOutputs();
|
||
|
||
/* Check that an output meets the requirements specified by the
|
||
'outputChecks' attribute (or the legacy
|
||
'{allowed,disallowed}{References,Requisites}' attributes). */
|
||
void checkOutputs(const std::map<std::string, ValidPathInfo>& outputs);
|
||
|
||
/* Open a log file and a pipe to it. */
|
||
Path openLogFile();
|
||
|
||
/* Close the log file. */
|
||
void closeLogFile();
|
||
|
||
/* Delete the temporary directory, if we have one. */
|
||
void deleteTmpDir(bool force);
|
||
|
||
/* Callback used by the worker to write to the log. */
|
||
void handleChildOutput(int fd, const string& data) override;
|
||
void handleEOF(int fd) override;
|
||
void flushLine();
|
||
|
||
/* Return the set of (in)valid paths. */
|
||
PathSet checkPathValidity(bool returnValid, bool checkHash);
|
||
|
||
/* Abort the goal if `path' failed to build. */
|
||
bool pathFailed(const Path& path);
|
||
|
||
/* Forcibly kill the child process, if any. */
|
||
void killChild();
|
||
|
||
Path addHashRewrite(const Path& path);
|
||
|
||
void repairClosure();
|
||
|
||
void amDone(ExitCode result) override { Goal::amDone(result); }
|
||
|
||
void done(BuildResult::Status status, const string& msg = "");
|
||
|
||
PathSet exportReferences(PathSet storePaths);
|
||
};
|
||
|
||
const Path DerivationGoal::homeDir = "/homeless-shelter";
|
||
|
||
DerivationGoal::DerivationGoal(const Path& drvPath,
|
||
const StringSet& wantedOutputs, Worker& worker,
|
||
BuildMode buildMode)
|
||
: Goal(worker),
|
||
useDerivation(true),
|
||
drvPath(drvPath),
|
||
wantedOutputs(wantedOutputs),
|
||
buildMode(buildMode) {
|
||
state = &DerivationGoal::getDerivation;
|
||
name = (format("building of '%1%'") % drvPath).str();
|
||
trace("created");
|
||
|
||
mcExpectedBuilds =
|
||
std::make_unique<MaintainCount<uint64_t>>(worker.expectedBuilds);
|
||
}
|
||
|
||
DerivationGoal::DerivationGoal(const Path& drvPath, const BasicDerivation& drv,
|
||
Worker& worker, BuildMode buildMode)
|
||
: Goal(worker),
|
||
useDerivation(false),
|
||
drvPath(drvPath),
|
||
buildMode(buildMode) {
|
||
this->drv = std::unique_ptr<BasicDerivation>(new BasicDerivation(drv));
|
||
state = &DerivationGoal::haveDerivation;
|
||
name = (format("building of %1%") % showPaths(drv.outputPaths())).str();
|
||
trace("created");
|
||
|
||
mcExpectedBuilds =
|
||
std::make_unique<MaintainCount<uint64_t>>(worker.expectedBuilds);
|
||
|
||
/* Prevent the .chroot directory from being
|
||
garbage-collected. (See isActiveTempFile() in gc.cc.) */
|
||
worker.store.addTempRoot(drvPath);
|
||
}
|
||
|
||
DerivationGoal::~DerivationGoal() {
|
||
/* Careful: we should never ever throw an exception from a
|
||
destructor. */
|
||
try {
|
||
killChild();
|
||
} catch (...) {
|
||
ignoreException();
|
||
}
|
||
try {
|
||
deleteTmpDir(false);
|
||
} catch (...) {
|
||
ignoreException();
|
||
}
|
||
try {
|
||
closeLogFile();
|
||
} catch (...) {
|
||
ignoreException();
|
||
}
|
||
}
|
||
|
||
inline bool DerivationGoal::needsHashRewrite() {
|
||
#if __linux__
|
||
return !useChroot;
|
||
#else
|
||
/* Darwin requires hash rewriting even when sandboxing is enabled. */
|
||
return true;
|
||
#endif
|
||
}
|
||
|
||
void DerivationGoal::killChild() {
|
||
if (pid != -1) {
|
||
worker.childTerminated(this);
|
||
|
||
if (buildUser) {
|
||
/* If we're using a build user, then there is a tricky
|
||
race condition: if we kill the build user before the
|
||
child has done its setuid() to the build user uid, then
|
||
it won't be killed, and we'll potentially lock up in
|
||
pid.wait(). So also send a conventional kill to the
|
||
child. */
|
||
::kill(-pid, SIGKILL); /* ignore the result */
|
||
buildUser->kill();
|
||
pid.wait();
|
||
} else
|
||
pid.kill();
|
||
|
||
assert(pid == -1);
|
||
}
|
||
|
||
hook.reset();
|
||
}
|
||
|
||
void DerivationGoal::timedOut() {
|
||
killChild();
|
||
done(BuildResult::TimedOut);
|
||
}
|
||
|
||
void DerivationGoal::work() { (this->*state)(); }
|
||
|
||
void DerivationGoal::addWantedOutputs(const StringSet& outputs) {
|
||
/* If we already want all outputs, there is nothing to do. */
|
||
if (wantedOutputs.empty()) return;
|
||
|
||
if (outputs.empty()) {
|
||
wantedOutputs.clear();
|
||
needRestart = true;
|
||
} else
|
||
for (auto& i : outputs)
|
||
if (wantedOutputs.find(i) == wantedOutputs.end()) {
|
||
wantedOutputs.insert(i);
|
||
needRestart = true;
|
||
}
|
||
}
|
||
|
||
void DerivationGoal::getDerivation() {
|
||
trace("init");
|
||
|
||
/* The first thing to do is to make sure that the derivation
|
||
exists. If it doesn't, it may be created through a
|
||
substitute. */
|
||
if (buildMode == bmNormal && worker.store.isValidPath(drvPath)) {
|
||
loadDerivation();
|
||
return;
|
||
}
|
||
|
||
addWaitee(worker.makeSubstitutionGoal(drvPath));
|
||
|
||
state = &DerivationGoal::loadDerivation;
|
||
}
|
||
|
||
void DerivationGoal::loadDerivation() {
|
||
trace("loading derivation");
|
||
|
||
if (nrFailed != 0) {
|
||
LOG(ERROR) << "cannot build missing derivation '" << drvPath << "'";
|
||
done(BuildResult::MiscFailure);
|
||
return;
|
||
}
|
||
|
||
/* `drvPath' should already be a root, but let's be on the safe
|
||
side: if the user forgot to make it a root, we wouldn't want
|
||
things being garbage collected while we're busy. */
|
||
worker.store.addTempRoot(drvPath);
|
||
|
||
assert(worker.store.isValidPath(drvPath));
|
||
|
||
/* Get the derivation. */
|
||
drv = std::unique_ptr<BasicDerivation>(
|
||
new Derivation(worker.store.derivationFromPath(drvPath)));
|
||
|
||
haveDerivation();
|
||
}
|
||
|
||
void DerivationGoal::haveDerivation() {
|
||
trace("have derivation");
|
||
|
||
retrySubstitution = false;
|
||
|
||
for (auto& i : drv->outputs) worker.store.addTempRoot(i.second.path);
|
||
|
||
/* Check what outputs paths are not already valid. */
|
||
PathSet invalidOutputs = checkPathValidity(false, buildMode == bmRepair);
|
||
|
||
/* If they are all valid, then we're done. */
|
||
if (invalidOutputs.size() == 0 && buildMode == bmNormal) {
|
||
done(BuildResult::AlreadyValid);
|
||
return;
|
||
}
|
||
|
||
parsedDrv = std::make_unique<ParsedDerivation>(drvPath, *drv);
|
||
|
||
/* We are first going to try to create the invalid output paths
|
||
through substitutes. If that doesn't work, we'll build
|
||
them. */
|
||
if (settings.useSubstitutes && parsedDrv->substitutesAllowed())
|
||
for (auto& i : invalidOutputs)
|
||
addWaitee(worker.makeSubstitutionGoal(
|
||
i, buildMode == bmRepair ? Repair : NoRepair));
|
||
|
||
if (waitees.empty()) /* to prevent hang (no wake-up event) */
|
||
outputsSubstituted();
|
||
else
|
||
state = &DerivationGoal::outputsSubstituted;
|
||
}
|
||
|
||
void DerivationGoal::outputsSubstituted() {
|
||
trace("all outputs substituted (maybe)");
|
||
|
||
if (nrFailed > 0 && nrFailed > nrNoSubstituters + nrIncompleteClosure &&
|
||
!settings.tryFallback) {
|
||
done(BuildResult::TransientFailure,
|
||
(format("some substitutes for the outputs of derivation '%1%' failed "
|
||
"(usually happens due to networking issues); try '--fallback' "
|
||
"to build derivation from source ") %
|
||
drvPath)
|
||
.str());
|
||
return;
|
||
}
|
||
|
||
/* If the substitutes form an incomplete closure, then we should
|
||
build the dependencies of this derivation, but after that, we
|
||
can still use the substitutes for this derivation itself. */
|
||
if (nrIncompleteClosure > 0) retrySubstitution = true;
|
||
|
||
nrFailed = nrNoSubstituters = nrIncompleteClosure = 0;
|
||
|
||
if (needRestart) {
|
||
needRestart = false;
|
||
haveDerivation();
|
||
return;
|
||
}
|
||
|
||
auto nrInvalid = checkPathValidity(false, buildMode == bmRepair).size();
|
||
if (buildMode == bmNormal && nrInvalid == 0) {
|
||
done(BuildResult::Substituted);
|
||
return;
|
||
}
|
||
if (buildMode == bmRepair && nrInvalid == 0) {
|
||
repairClosure();
|
||
return;
|
||
}
|
||
if (buildMode == bmCheck && nrInvalid > 0)
|
||
throw Error(format("some outputs of '%1%' are not valid, so checking is "
|
||
"not possible") %
|
||
drvPath);
|
||
|
||
/* Otherwise, at least one of the output paths could not be
|
||
produced using a substitute. So we have to build instead. */
|
||
|
||
/* Make sure checkPathValidity() from now on checks all
|
||
outputs. */
|
||
wantedOutputs = PathSet();
|
||
|
||
/* The inputs must be built before we can build this goal. */
|
||
if (useDerivation)
|
||
for (auto& i : dynamic_cast<Derivation*>(drv.get())->inputDrvs)
|
||
addWaitee(worker.makeDerivationGoal(
|
||
i.first, i.second, buildMode == bmRepair ? bmRepair : bmNormal));
|
||
|
||
for (auto& i : drv->inputSrcs) {
|
||
if (worker.store.isValidPath(i)) continue;
|
||
if (!settings.useSubstitutes)
|
||
throw Error(format("dependency '%1%' of '%2%' does not exist, and "
|
||
"substitution is disabled") %
|
||
i % drvPath);
|
||
addWaitee(worker.makeSubstitutionGoal(i));
|
||
}
|
||
|
||
if (waitees.empty()) /* to prevent hang (no wake-up event) */
|
||
inputsRealised();
|
||
else
|
||
state = &DerivationGoal::inputsRealised;
|
||
}
|
||
|
||
void DerivationGoal::repairClosure() {
|
||
/* If we're repairing, we now know that our own outputs are valid.
|
||
Now check whether the other paths in the outputs closure are
|
||
good. If not, then start derivation goals for the derivations
|
||
that produced those outputs. */
|
||
|
||
/* Get the output closure. */
|
||
PathSet outputClosure;
|
||
for (auto& i : drv->outputs) {
|
||
if (!wantOutput(i.first, wantedOutputs)) continue;
|
||
worker.store.computeFSClosure(i.second.path, outputClosure);
|
||
}
|
||
|
||
/* Filter out our own outputs (which we have already checked). */
|
||
for (auto& i : drv->outputs) outputClosure.erase(i.second.path);
|
||
|
||
/* Get all dependencies of this derivation so that we know which
|
||
derivation is responsible for which path in the output
|
||
closure. */
|
||
PathSet inputClosure;
|
||
if (useDerivation) worker.store.computeFSClosure(drvPath, inputClosure);
|
||
std::map<Path, Path> outputsToDrv;
|
||
for (auto& i : inputClosure)
|
||
if (isDerivation(i)) {
|
||
Derivation drv = worker.store.derivationFromPath(i);
|
||
for (auto& j : drv.outputs) outputsToDrv[j.second.path] = i;
|
||
}
|
||
|
||
/* Check each path (slow!). */
|
||
PathSet broken;
|
||
for (auto& i : outputClosure) {
|
||
if (worker.pathContentsGood(i)) continue;
|
||
LOG(ERROR) << "found corrupted or missing path '" << i
|
||
<< "' in the output closure of '" << drvPath << "'";
|
||
Path drvPath2 = outputsToDrv[i];
|
||
if (drvPath2 == "")
|
||
addWaitee(worker.makeSubstitutionGoal(i, Repair));
|
||
else
|
||
addWaitee(worker.makeDerivationGoal(drvPath2, PathSet(), bmRepair));
|
||
}
|
||
|
||
if (waitees.empty()) {
|
||
done(BuildResult::AlreadyValid);
|
||
return;
|
||
}
|
||
|
||
state = &DerivationGoal::closureRepaired;
|
||
}
|
||
|
||
void DerivationGoal::closureRepaired() {
|
||
trace("closure repaired");
|
||
if (nrFailed > 0)
|
||
throw Error(format("some paths in the output closure of derivation '%1%' "
|
||
"could not be repaired") %
|
||
drvPath);
|
||
done(BuildResult::AlreadyValid);
|
||
}
|
||
|
||
void DerivationGoal::inputsRealised() {
|
||
trace("all inputs realised");
|
||
|
||
if (nrFailed != 0) {
|
||
if (!useDerivation)
|
||
throw Error(format("some dependencies of '%1%' are missing") % drvPath);
|
||
LOG(ERROR) << "cannot build derivation '" << drvPath << "': " << nrFailed
|
||
<< " dependencies couldn't be built";
|
||
done(BuildResult::DependencyFailed);
|
||
return;
|
||
}
|
||
|
||
if (retrySubstitution) {
|
||
haveDerivation();
|
||
return;
|
||
}
|
||
|
||
/* Gather information necessary for computing the closure and/or
|
||
running the build hook. */
|
||
|
||
/* The outputs are referenceable paths. */
|
||
for (auto& i : drv->outputs) {
|
||
DLOG(INFO) << "building path " << i.second.path;
|
||
allPaths.insert(i.second.path);
|
||
}
|
||
|
||
/* Determine the full set of input paths. */
|
||
|
||
/* First, the input derivations. */
|
||
if (useDerivation)
|
||
for (auto& i : dynamic_cast<Derivation*>(drv.get())->inputDrvs) {
|
||
/* Add the relevant output closures of the input derivation
|
||
`i' as input paths. Only add the closures of output paths
|
||
that are specified as inputs. */
|
||
assert(worker.store.isValidPath(i.first));
|
||
Derivation inDrv = worker.store.derivationFromPath(i.first);
|
||
for (auto& j : i.second)
|
||
if (inDrv.outputs.find(j) != inDrv.outputs.end())
|
||
worker.store.computeFSClosure(inDrv.outputs[j].path, inputPaths);
|
||
else
|
||
throw Error(format("derivation '%1%' requires non-existent output "
|
||
"'%2%' from input derivation '%3%'") %
|
||
drvPath % j % i.first);
|
||
}
|
||
|
||
/* Second, the input sources. */
|
||
worker.store.computeFSClosure(drv->inputSrcs, inputPaths);
|
||
|
||
DLOG(INFO) << "added input paths " << showPaths(inputPaths);
|
||
|
||
allPaths.insert(inputPaths.begin(), inputPaths.end());
|
||
|
||
/* Is this a fixed-output derivation? */
|
||
fixedOutput = drv->isFixedOutput();
|
||
|
||
/* Don't repeat fixed-output derivations since they're already
|
||
verified by their output hash.*/
|
||
nrRounds = fixedOutput ? 1 : settings.buildRepeat + 1;
|
||
|
||
/* Okay, try to build. Note that here we don't wait for a build
|
||
slot to become available, since we don't need one if there is a
|
||
build hook. */
|
||
state = &DerivationGoal::tryToBuild;
|
||
worker.wakeUp(shared_from_this());
|
||
|
||
result = BuildResult();
|
||
}
|
||
|
||
void DerivationGoal::tryToBuild() {
|
||
trace("trying to build");
|
||
|
||
/* Obtain locks on all output paths. The locks are automatically
|
||
released when we exit this function or Nix crashes. If we
|
||
can't acquire the lock, then continue; hopefully some other
|
||
goal can start a build, and if not, the main loop will sleep a
|
||
few seconds and then retry this goal. */
|
||
PathSet lockFiles;
|
||
for (auto& outPath : drv->outputPaths())
|
||
lockFiles.insert(worker.store.toRealPath(outPath));
|
||
|
||
if (!outputLocks.lockPaths(lockFiles, "", false)) {
|
||
worker.waitForAWhile(shared_from_this());
|
||
return;
|
||
}
|
||
|
||
/* Now check again whether the outputs are valid. This is because
|
||
another process may have started building in parallel. After
|
||
it has finished and released the locks, we can (and should)
|
||
reuse its results. (Strictly speaking the first check can be
|
||
omitted, but that would be less efficient.) Note that since we
|
||
now hold the locks on the output paths, no other process can
|
||
build this derivation, so no further checks are necessary. */
|
||
validPaths = checkPathValidity(true, buildMode == bmRepair);
|
||
if (buildMode != bmCheck && validPaths.size() == drv->outputs.size()) {
|
||
DLOG(INFO) << "skipping build of derivation '" << drvPath
|
||
<< "', someone beat us to it";
|
||
outputLocks.setDeletion(true);
|
||
done(BuildResult::AlreadyValid);
|
||
return;
|
||
}
|
||
|
||
missingPaths = drv->outputPaths();
|
||
if (buildMode != bmCheck)
|
||
for (auto& i : validPaths) missingPaths.erase(i);
|
||
|
||
/* If any of the outputs already exist but are not valid, delete
|
||
them. */
|
||
for (auto& i : drv->outputs) {
|
||
Path path = i.second.path;
|
||
if (worker.store.isValidPath(path)) continue;
|
||
DLOG(INFO) << "removing invalid path " << path;
|
||
deletePath(worker.store.toRealPath(path));
|
||
}
|
||
|
||
/* Don't do a remote build if the derivation has the attribute
|
||
`preferLocalBuild' set. Also, check and repair modes are only
|
||
supported for local builds. */
|
||
bool buildLocally = buildMode != bmNormal || parsedDrv->willBuildLocally();
|
||
|
||
auto started = [&]() {
|
||
auto msg = fmt(buildMode == bmRepair
|
||
? "repairing outputs of '%s'"
|
||
: buildMode == bmCheck
|
||
? "checking outputs of '%s'"
|
||
: nrRounds > 1 ? "building '%s' (round %d/%d)"
|
||
: "building '%s'",
|
||
drvPath, curRound, nrRounds);
|
||
|
||
if (hook) {
|
||
msg += fmt(" on '%s'", machineName);
|
||
}
|
||
LOG(INFO) << msg << "[" << drvPath << "]";
|
||
mcRunningBuilds =
|
||
std::make_unique<MaintainCount<uint64_t>>(worker.runningBuilds);
|
||
};
|
||
|
||
/* Is the build hook willing to accept this job? */
|
||
if (!buildLocally) {
|
||
switch (tryBuildHook()) {
|
||
case rpAccept:
|
||
/* Yes, it has started doing so. Wait until we get
|
||
EOF from the hook. */
|
||
result.startTime = time(0); // inexact
|
||
state = &DerivationGoal::buildDone;
|
||
started();
|
||
return;
|
||
case rpPostpone:
|
||
/* Not now; wait until at least one child finishes or
|
||
the wake-up timeout expires. */
|
||
worker.waitForAWhile(shared_from_this());
|
||
outputLocks.unlock();
|
||
return;
|
||
case rpDecline:
|
||
/* We should do it ourselves. */
|
||
break;
|
||
}
|
||
}
|
||
|
||
/* Make sure that we are allowed to start a build. If this
|
||
derivation prefers to be done locally, do it even if
|
||
maxBuildJobs is 0. */
|
||
unsigned int curBuilds = worker.getNrLocalBuilds();
|
||
if (curBuilds >= settings.maxBuildJobs && !(buildLocally && curBuilds == 0)) {
|
||
worker.waitForBuildSlot(shared_from_this());
|
||
outputLocks.unlock();
|
||
return;
|
||
}
|
||
|
||
try {
|
||
/* Okay, we have to build. */
|
||
startBuilder();
|
||
|
||
} catch (BuildError& e) {
|
||
LOG(ERROR) << e.msg();
|
||
outputLocks.unlock();
|
||
buildUser.reset();
|
||
worker.permanentFailure = true;
|
||
done(BuildResult::InputRejected, e.msg());
|
||
return;
|
||
}
|
||
|
||
/* This state will be reached when we get EOF on the child's
|
||
log pipe. */
|
||
state = &DerivationGoal::buildDone;
|
||
|
||
started();
|
||
}
|
||
|
||
void replaceValidPath(const Path& storePath, const Path tmpPath) {
|
||
/* We can't atomically replace storePath (the original) with
|
||
tmpPath (the replacement), so we have to move it out of the
|
||
way first. We'd better not be interrupted here, because if
|
||
we're repairing (say) Glibc, we end up with a broken system. */
|
||
Path oldPath =
|
||
(format("%1%.old-%2%-%3%") % storePath % getpid() % random()).str();
|
||
if (pathExists(storePath)) rename(storePath.c_str(), oldPath.c_str());
|
||
if (rename(tmpPath.c_str(), storePath.c_str()) == -1)
|
||
throw SysError(format("moving '%1%' to '%2%'") % tmpPath % storePath);
|
||
deletePath(oldPath);
|
||
}
|
||
|
||
MakeError(NotDeterministic, BuildError)
|
||
|
||
void DerivationGoal::buildDone() {
|
||
trace("build done");
|
||
|
||
/* Release the build user at the end of this function. We don't do
|
||
it right away because we don't want another build grabbing this
|
||
uid and then messing around with our output. */
|
||
Finally releaseBuildUser([&]() { buildUser.reset(); });
|
||
|
||
/* Since we got an EOF on the logger pipe, the builder is presumed
|
||
to have terminated. In fact, the builder could also have
|
||
simply have closed its end of the pipe, so just to be sure,
|
||
kill it. */
|
||
int status = hook ? hook->pid.kill() : pid.kill();
|
||
|
||
DLOG(INFO) << "builder process for '" << drvPath << "' finished";
|
||
|
||
result.timesBuilt++;
|
||
result.stopTime = time(0);
|
||
|
||
/* So the child is gone now. */
|
||
worker.childTerminated(this);
|
||
|
||
/* Close the read side of the logger pipe. */
|
||
if (hook) {
|
||
hook->builderOut.readSide = -1;
|
||
hook->fromHook.readSide = -1;
|
||
} else
|
||
builderOut.readSide = -1;
|
||
|
||
/* Close the log file. */
|
||
closeLogFile();
|
||
|
||
/* When running under a build user, make sure that all processes
|
||
running under that uid are gone. This is to prevent a
|
||
malicious user from leaving behind a process that keeps files
|
||
open and modifies them after they have been chown'ed to
|
||
root. */
|
||
if (buildUser) buildUser->kill();
|
||
|
||
bool diskFull = false;
|
||
|
||
try {
|
||
/* Check the exit status. */
|
||
if (!statusOk(status)) {
|
||
/* Heuristically check whether the build failure may have
|
||
been caused by a disk full condition. We have no way
|
||
of knowing whether the build actually got an ENOSPC.
|
||
So instead, check if the disk is (nearly) full now. If
|
||
so, we don't mark this build as a permanent failure. */
|
||
#if HAVE_STATVFS
|
||
unsigned long long required =
|
||
8ULL * 1024 * 1024; // FIXME: make configurable
|
||
struct statvfs st;
|
||
if (statvfs(worker.store.realStoreDir.c_str(), &st) == 0 &&
|
||
(unsigned long long)st.f_bavail * st.f_bsize < required)
|
||
diskFull = true;
|
||
if (statvfs(tmpDir.c_str(), &st) == 0 &&
|
||
(unsigned long long)st.f_bavail * st.f_bsize < required)
|
||
diskFull = true;
|
||
#endif
|
||
|
||
deleteTmpDir(false);
|
||
|
||
/* Move paths out of the chroot for easier debugging of
|
||
build failures. */
|
||
if (useChroot && buildMode == bmNormal)
|
||
for (auto& i : missingPaths)
|
||
if (pathExists(chrootRootDir + i))
|
||
rename((chrootRootDir + i).c_str(), i.c_str());
|
||
|
||
std::string msg =
|
||
(format("builder for '%1%' %2%") % drvPath % statusToString(status))
|
||
.str();
|
||
|
||
if (!settings.verboseBuild && !logTail.empty()) {
|
||
msg += (format("; last %d log lines:") % logTail.size()).str();
|
||
for (auto& line : logTail) msg += "\n " + line;
|
||
}
|
||
|
||
if (diskFull) {
|
||
msg +=
|
||
"\nnote: build failure may have been caused by lack of free disk "
|
||
"space";
|
||
}
|
||
|
||
throw BuildError(msg);
|
||
}
|
||
|
||
/* Compute the FS closure of the outputs and register them as
|
||
being valid. */
|
||
registerOutputs();
|
||
|
||
if (settings.postBuildHook != "") {
|
||
LOG(INFO) << "running post-build-hook '" << settings.postBuildHook
|
||
<< "' [" << drvPath << "]";
|
||
auto outputPaths = drv->outputPaths();
|
||
std::map<std::string, std::string> hookEnvironment = getEnv();
|
||
|
||
hookEnvironment.emplace("DRV_PATH", drvPath);
|
||
hookEnvironment.emplace("OUT_PATHS",
|
||
chomp(concatStringsSep(" ", outputPaths)));
|
||
|
||
RunOptions opts(settings.postBuildHook, {});
|
||
opts.environment = hookEnvironment;
|
||
|
||
struct LogSink : Sink {
|
||
std::string currentLine;
|
||
|
||
void operator()(const unsigned char* data, size_t len) override {
|
||
for (size_t i = 0; i < len; i++) {
|
||
auto c = data[i];
|
||
|
||
if (c == '\n') {
|
||
flushLine();
|
||
} else {
|
||
currentLine += c;
|
||
}
|
||
}
|
||
}
|
||
|
||
void flushLine() {
|
||
if (settings.verboseBuild) {
|
||
LOG(ERROR) << "post-build-hook: " << currentLine;
|
||
}
|
||
currentLine.clear();
|
||
}
|
||
|
||
~LogSink() {
|
||
if (currentLine != "") {
|
||
currentLine += '\n';
|
||
flushLine();
|
||
}
|
||
}
|
||
};
|
||
LogSink sink;
|
||
|
||
opts.standardOut = &sink;
|
||
opts.mergeStderrToStdout = true;
|
||
runProgram2(opts);
|
||
}
|
||
|
||
if (buildMode == bmCheck) {
|
||
done(BuildResult::Built);
|
||
return;
|
||
}
|
||
|
||
/* Delete unused redirected outputs (when doing hash rewriting). */
|
||
for (auto& i : redirectedOutputs) deletePath(i.second);
|
||
|
||
/* Delete the chroot (if we were using one). */
|
||
autoDelChroot.reset(); /* this runs the destructor */
|
||
|
||
deleteTmpDir(true);
|
||
|
||
/* Repeat the build if necessary. */
|
||
if (curRound++ < nrRounds) {
|
||
outputLocks.unlock();
|
||
state = &DerivationGoal::tryToBuild;
|
||
worker.wakeUp(shared_from_this());
|
||
return;
|
||
}
|
||
|
||
/* It is now safe to delete the lock files, since all future
|
||
lockers will see that the output paths are valid; they will
|
||
not create new lock files with the same names as the old
|
||
(unlinked) lock files. */
|
||
outputLocks.setDeletion(true);
|
||
outputLocks.unlock();
|
||
|
||
} catch (BuildError& e) {
|
||
LOG(ERROR) << e.msg();
|
||
|
||
outputLocks.unlock();
|
||
|
||
BuildResult::Status st = BuildResult::MiscFailure;
|
||
|
||
if (hook && WIFEXITED(status) && WEXITSTATUS(status) == 101)
|
||
st = BuildResult::TimedOut;
|
||
|
||
else if (hook && (!WIFEXITED(status) || WEXITSTATUS(status) != 100)) {
|
||
}
|
||
|
||
else {
|
||
st = dynamic_cast<NotDeterministic*>(&e)
|
||
? BuildResult::NotDeterministic
|
||
: statusOk(status)
|
||
? BuildResult::OutputRejected
|
||
: fixedOutput || diskFull ? BuildResult::TransientFailure
|
||
: BuildResult::PermanentFailure;
|
||
}
|
||
|
||
done(st, e.msg());
|
||
return;
|
||
}
|
||
|
||
done(BuildResult::Built);
|
||
}
|
||
|
||
HookReply DerivationGoal::tryBuildHook() {
|
||
if (!worker.tryBuildHook || !useDerivation) return rpDecline;
|
||
|
||
if (!worker.hook) worker.hook = std::make_unique<HookInstance>();
|
||
|
||
try {
|
||
/* Send the request to the hook. */
|
||
worker.hook->sink << "try"
|
||
<< (worker.getNrLocalBuilds() < settings.maxBuildJobs ? 1
|
||
: 0)
|
||
<< drv->platform << drvPath
|
||
<< parsedDrv->getRequiredSystemFeatures();
|
||
worker.hook->sink.flush();
|
||
|
||
/* Read the first line of input, which should be a word indicating
|
||
whether the hook wishes to perform the build. */
|
||
string reply;
|
||
while (true) {
|
||
string s = readLine(worker.hook->fromHook.readSide.get());
|
||
if (string(s, 0, 2) == "# ") {
|
||
reply = string(s, 2);
|
||
break;
|
||
} else {
|
||
s += "\n";
|
||
std::cerr << s;
|
||
}
|
||
}
|
||
|
||
DLOG(INFO) << "hook reply is " << reply;
|
||
|
||
if (reply == "decline") {
|
||
return rpDecline;
|
||
} else if (reply == "decline-permanently") {
|
||
worker.tryBuildHook = false;
|
||
worker.hook = 0;
|
||
return rpDecline;
|
||
} else if (reply == "postpone") {
|
||
return rpPostpone;
|
||
} else if (reply != "accept") {
|
||
throw Error(format("bad hook reply '%1%'") % reply);
|
||
}
|
||
} catch (SysError& e) {
|
||
if (e.errNo == EPIPE) {
|
||
LOG(ERROR) << "build hook died unexpectedly: "
|
||
<< chomp(drainFD(worker.hook->fromHook.readSide.get()));
|
||
worker.hook = 0;
|
||
return rpDecline;
|
||
} else {
|
||
throw;
|
||
}
|
||
}
|
||
|
||
hook = std::move(worker.hook);
|
||
|
||
machineName = readLine(hook->fromHook.readSide.get());
|
||
|
||
/* Tell the hook all the inputs that have to be copied to the
|
||
remote system. */
|
||
hook->sink << inputPaths;
|
||
|
||
/* Tell the hooks the missing outputs that have to be copied back
|
||
from the remote system. */
|
||
hook->sink << missingPaths;
|
||
|
||
hook->sink = FdSink();
|
||
hook->toHook.writeSide = -1;
|
||
|
||
/* Create the log file and pipe. */
|
||
Path logFile = openLogFile();
|
||
|
||
set<int> fds;
|
||
fds.insert(hook->fromHook.readSide.get());
|
||
fds.insert(hook->builderOut.readSide.get());
|
||
worker.childStarted(shared_from_this(), fds, false, false);
|
||
|
||
return rpAccept;
|
||
}
|
||
|
||
void chmod_(const Path& path, mode_t mode) {
|
||
if (chmod(path.c_str(), mode) == -1)
|
||
throw SysError(format("setting permissions on '%1%'") % path);
|
||
}
|
||
|
||
int childEntry(void* arg) {
|
||
((DerivationGoal*)arg)->runChild();
|
||
return 1;
|
||
}
|
||
|
||
PathSet DerivationGoal::exportReferences(PathSet storePaths) {
|
||
PathSet paths;
|
||
|
||
for (auto storePath : storePaths) {
|
||
/* Check that the store path is valid. */
|
||
if (!worker.store.isInStore(storePath))
|
||
throw BuildError(
|
||
format("'exportReferencesGraph' contains a non-store path '%1%'") %
|
||
storePath);
|
||
|
||
storePath = worker.store.toStorePath(storePath);
|
||
|
||
if (!inputPaths.count(storePath))
|
||
throw BuildError(
|
||
"cannot export references of path '%s' because it is not in the "
|
||
"input closure of the derivation",
|
||
storePath);
|
||
|
||
worker.store.computeFSClosure(storePath, paths);
|
||
}
|
||
|
||
/* If there are derivations in the graph, then include their
|
||
outputs as well. This is useful if you want to do things
|
||
like passing all build-time dependencies of some path to a
|
||
derivation that builds a NixOS DVD image. */
|
||
PathSet paths2(paths);
|
||
|
||
for (auto& j : paths2) {
|
||
if (isDerivation(j)) {
|
||
Derivation drv = worker.store.derivationFromPath(j);
|
||
for (auto& k : drv.outputs)
|
||
worker.store.computeFSClosure(k.second.path, paths);
|
||
}
|
||
}
|
||
|
||
return paths;
|
||
}
|
||
|
||
static std::once_flag dns_resolve_flag;
|
||
|
||
static void preloadNSS() {
|
||
/* builtin:fetchurl can trigger a DNS lookup, which with glibc can trigger a
|
||
dynamic library load of one of the glibc NSS libraries in a sandboxed
|
||
child, which will fail unless the library's already been loaded in the
|
||
parent. So we force a lookup of an invalid domain to force the NSS
|
||
machinery to
|
||
load its lookup libraries in the parent before any child gets a chance to.
|
||
*/
|
||
std::call_once(dns_resolve_flag, []() {
|
||
struct addrinfo* res = NULL;
|
||
|
||
if (getaddrinfo("this.pre-initializes.the.dns.resolvers.invalid.", "http",
|
||
NULL, &res) != 0) {
|
||
if (res) freeaddrinfo(res);
|
||
}
|
||
});
|
||
}
|
||
|
||
void DerivationGoal::startBuilder() {
|
||
/* Right platform? */
|
||
if (!parsedDrv->canBuildLocally())
|
||
throw Error(
|
||
"a '%s' with features {%s} is required to build '%s', but I am a '%s' "
|
||
"with features {%s}",
|
||
drv->platform,
|
||
concatStringsSep(", ", parsedDrv->getRequiredSystemFeatures()), drvPath,
|
||
settings.thisSystem, concatStringsSep(", ", settings.systemFeatures));
|
||
|
||
if (drv->isBuiltin()) preloadNSS();
|
||
|
||
#if __APPLE__
|
||
additionalSandboxProfile =
|
||
parsedDrv->getStringAttr("__sandboxProfile").value_or("");
|
||
#endif
|
||
|
||
/* Are we doing a chroot build? */
|
||
{
|
||
auto noChroot = parsedDrv->getBoolAttr("__noChroot");
|
||
if (settings.sandboxMode == smEnabled) {
|
||
if (noChroot)
|
||
throw Error(format("derivation '%1%' has '__noChroot' set, "
|
||
"but that's not allowed when 'sandbox' is 'true'") %
|
||
drvPath);
|
||
#if __APPLE__
|
||
if (additionalSandboxProfile != "")
|
||
throw Error(
|
||
format("derivation '%1%' specifies a sandbox profile, "
|
||
"but this is only allowed when 'sandbox' is 'relaxed'") %
|
||
drvPath);
|
||
#endif
|
||
useChroot = true;
|
||
} else if (settings.sandboxMode == smDisabled)
|
||
useChroot = false;
|
||
else if (settings.sandboxMode == smRelaxed)
|
||
useChroot = !fixedOutput && !noChroot;
|
||
}
|
||
|
||
if (worker.store.storeDir != worker.store.realStoreDir) {
|
||
#if __linux__
|
||
useChroot = true;
|
||
#else
|
||
throw Error(
|
||
"building using a diverted store is not supported on this platform");
|
||
#endif
|
||
}
|
||
|
||
/* If `build-users-group' is not empty, then we have to build as
|
||
one of the members of that group. */
|
||
if (settings.buildUsersGroup != "" && getuid() == 0) {
|
||
#if defined(__linux__) || defined(__APPLE__)
|
||
buildUser = std::make_unique<UserLock>();
|
||
|
||
/* Make sure that no other processes are executing under this
|
||
uid. */
|
||
buildUser->kill();
|
||
#else
|
||
/* Don't know how to block the creation of setuid/setgid
|
||
binaries on this platform. */
|
||
throw Error(
|
||
"build users are not supported on this platform for security reasons");
|
||
#endif
|
||
}
|
||
|
||
/* Create a temporary directory where the build will take
|
||
place. */
|
||
auto drvName = storePathToName(drvPath);
|
||
tmpDir = createTempDir("", "nix-build-" + drvName, false, false, 0700);
|
||
|
||
chownToBuilder(tmpDir);
|
||
|
||
/* Substitute output placeholders with the actual output paths. */
|
||
for (auto& output : drv->outputs)
|
||
inputRewrites[hashPlaceholder(output.first)] = output.second.path;
|
||
|
||
/* Construct the environment passed to the builder. */
|
||
initEnv();
|
||
|
||
writeStructuredAttrs();
|
||
|
||
/* Handle exportReferencesGraph(), if set. */
|
||
if (!parsedDrv->getStructuredAttrs()) {
|
||
/* The `exportReferencesGraph' feature allows the references graph
|
||
to be passed to a builder. This attribute should be a list of
|
||
pairs [name1 path1 name2 path2 ...]. The references graph of
|
||
each `pathN' will be stored in a text file `nameN' in the
|
||
temporary build directory. The text files have the format used
|
||
by `nix-store --register-validity'. However, the deriver
|
||
fields are left empty. */
|
||
string s = get(drv->env, "exportReferencesGraph");
|
||
Strings ss = tokenizeString<Strings>(s);
|
||
if (ss.size() % 2 != 0)
|
||
throw BuildError(
|
||
format("odd number of tokens in 'exportReferencesGraph': '%1%'") % s);
|
||
for (Strings::iterator i = ss.begin(); i != ss.end();) {
|
||
string fileName = *i++;
|
||
checkStoreName(fileName); /* !!! abuse of this function */
|
||
Path storePath = *i++;
|
||
|
||
/* Write closure info to <fileName>. */
|
||
writeFile(tmpDir + "/" + fileName,
|
||
worker.store.makeValidityRegistration(
|
||
exportReferences({storePath}), false, false));
|
||
}
|
||
}
|
||
|
||
if (useChroot) {
|
||
/* Allow a user-configurable set of directories from the
|
||
host file system. */
|
||
PathSet dirs = settings.sandboxPaths;
|
||
PathSet dirs2 = settings.extraSandboxPaths;
|
||
dirs.insert(dirs2.begin(), dirs2.end());
|
||
|
||
dirsInChroot.clear();
|
||
|
||
for (auto i : dirs) {
|
||
if (i.empty()) continue;
|
||
bool optional = false;
|
||
if (i[i.size() - 1] == '?') {
|
||
optional = true;
|
||
i.pop_back();
|
||
}
|
||
size_t p = i.find('=');
|
||
if (p == string::npos)
|
||
dirsInChroot[i] = {i, optional};
|
||
else
|
||
dirsInChroot[string(i, 0, p)] = {string(i, p + 1), optional};
|
||
}
|
||
dirsInChroot[tmpDirInSandbox] = tmpDir;
|
||
|
||
/* Add the closure of store paths to the chroot. */
|
||
PathSet closure;
|
||
for (auto& i : dirsInChroot) try {
|
||
if (worker.store.isInStore(i.second.source))
|
||
worker.store.computeFSClosure(
|
||
worker.store.toStorePath(i.second.source), closure);
|
||
} catch (InvalidPath& e) {
|
||
} catch (Error& e) {
|
||
throw Error(format("while processing 'sandbox-paths': %s") % e.what());
|
||
}
|
||
for (auto& i : closure) dirsInChroot[i] = i;
|
||
|
||
PathSet allowedPaths = settings.allowedImpureHostPrefixes;
|
||
|
||
/* This works like the above, except on a per-derivation level */
|
||
auto impurePaths =
|
||
parsedDrv->getStringsAttr("__impureHostDeps").value_or(Strings());
|
||
|
||
for (auto& i : impurePaths) {
|
||
bool found = false;
|
||
/* Note: we're not resolving symlinks here to prevent
|
||
giving a non-root user info about inaccessible
|
||
files. */
|
||
Path canonI = canonPath(i);
|
||
/* If only we had a trie to do this more efficiently :) luckily, these are
|
||
* generally going to be pretty small */
|
||
for (auto& a : allowedPaths) {
|
||
Path canonA = canonPath(a);
|
||
if (canonI == canonA || isInDir(canonI, canonA)) {
|
||
found = true;
|
||
break;
|
||
}
|
||
}
|
||
if (!found)
|
||
throw Error(format("derivation '%1%' requested impure path '%2%', but "
|
||
"it was not in allowed-impure-host-deps") %
|
||
drvPath % i);
|
||
|
||
dirsInChroot[i] = i;
|
||
}
|
||
|
||
#if __linux__
|
||
/* Create a temporary directory in which we set up the chroot
|
||
environment using bind-mounts. We put it in the Nix store
|
||
to ensure that we can create hard-links to non-directory
|
||
inputs in the fake Nix store in the chroot (see below). */
|
||
chrootRootDir = worker.store.toRealPath(drvPath) + ".chroot";
|
||
deletePath(chrootRootDir);
|
||
|
||
/* Clean up the chroot directory automatically. */
|
||
autoDelChroot = std::make_shared<AutoDelete>(chrootRootDir);
|
||
|
||
DLOG(INFO) << "setting up chroot environment in '" << chrootRootDir << "'";
|
||
|
||
if (mkdir(chrootRootDir.c_str(), 0750) == -1)
|
||
throw SysError(format("cannot create '%1%'") % chrootRootDir);
|
||
|
||
if (buildUser && chown(chrootRootDir.c_str(), 0, buildUser->getGID()) == -1)
|
||
throw SysError(format("cannot change ownership of '%1%'") %
|
||
chrootRootDir);
|
||
|
||
/* Create a writable /tmp in the chroot. Many builders need
|
||
this. (Of course they should really respect $TMPDIR
|
||
instead.) */
|
||
Path chrootTmpDir = chrootRootDir + "/tmp";
|
||
createDirs(chrootTmpDir);
|
||
chmod_(chrootTmpDir, 01777);
|
||
|
||
/* Create a /etc/passwd with entries for the build user and the
|
||
nobody account. The latter is kind of a hack to support
|
||
Samba-in-QEMU. */
|
||
createDirs(chrootRootDir + "/etc");
|
||
|
||
writeFile(chrootRootDir + "/etc/passwd",
|
||
fmt("root:x:0:0:Nix build user:%3%:/noshell\n"
|
||
"nixbld:x:%1%:%2%:Nix build user:%3%:/noshell\n"
|
||
"nobody:x:65534:65534:Nobody:/:/noshell\n",
|
||
sandboxUid, sandboxGid, settings.sandboxBuildDir));
|
||
|
||
/* Declare the build user's group so that programs get a consistent
|
||
view of the system (e.g., "id -gn"). */
|
||
writeFile(chrootRootDir + "/etc/group", (format("root:x:0:\n"
|
||
"nixbld:!:%1%:\n"
|
||
"nogroup:x:65534:\n") %
|
||
sandboxGid)
|
||
.str());
|
||
|
||
/* Create /etc/hosts with localhost entry. */
|
||
if (!fixedOutput)
|
||
writeFile(chrootRootDir + "/etc/hosts",
|
||
"127.0.0.1 localhost\n::1 localhost\n");
|
||
|
||
/* Make the closure of the inputs available in the chroot,
|
||
rather than the whole Nix store. This prevents any access
|
||
to undeclared dependencies. Directories are bind-mounted,
|
||
while other inputs are hard-linked (since only directories
|
||
can be bind-mounted). !!! As an extra security
|
||
precaution, make the fake Nix store only writable by the
|
||
build user. */
|
||
Path chrootStoreDir = chrootRootDir + worker.store.storeDir;
|
||
createDirs(chrootStoreDir);
|
||
chmod_(chrootStoreDir, 01775);
|
||
|
||
if (buildUser &&
|
||
chown(chrootStoreDir.c_str(), 0, buildUser->getGID()) == -1)
|
||
throw SysError(format("cannot change ownership of '%1%'") %
|
||
chrootStoreDir);
|
||
|
||
for (auto& i : inputPaths) {
|
||
Path r = worker.store.toRealPath(i);
|
||
struct stat st;
|
||
if (lstat(r.c_str(), &st))
|
||
throw SysError(format("getting attributes of path '%1%'") % i);
|
||
if (S_ISDIR(st.st_mode))
|
||
dirsInChroot[i] = r;
|
||
else {
|
||
Path p = chrootRootDir + i;
|
||
DLOG(INFO) << "linking '" << p << "' to '" << r << "'";
|
||
if (link(r.c_str(), p.c_str()) == -1) {
|
||
/* Hard-linking fails if we exceed the maximum
|
||
link count on a file (e.g. 32000 of ext3),
|
||
which is quite possible after a `nix-store
|
||
--optimise'. */
|
||
if (errno != EMLINK)
|
||
throw SysError(format("linking '%1%' to '%2%'") % p % i);
|
||
StringSink sink;
|
||
dumpPath(r, sink);
|
||
StringSource source(*sink.s);
|
||
restorePath(p, source);
|
||
}
|
||
}
|
||
}
|
||
|
||
/* If we're repairing, checking or rebuilding part of a
|
||
multiple-outputs derivation, it's possible that we're
|
||
rebuilding a path that is in settings.dirsInChroot
|
||
(typically the dependencies of /bin/sh). Throw them
|
||
out. */
|
||
for (auto& i : drv->outputs) dirsInChroot.erase(i.second.path);
|
||
|
||
#elif __APPLE__
|
||
/* We don't really have any parent prep work to do (yet?)
|
||
All work happens in the child, instead. */
|
||
#else
|
||
throw Error("sandboxing builds is not supported on this platform");
|
||
#endif
|
||
}
|
||
|
||
if (needsHashRewrite()) {
|
||
if (pathExists(homeDir))
|
||
throw Error(format("directory '%1%' exists; please remove it") % homeDir);
|
||
|
||
/* We're not doing a chroot build, but we have some valid
|
||
output paths. Since we can't just overwrite or delete
|
||
them, we have to do hash rewriting: i.e. in the
|
||
environment/arguments passed to the build, we replace the
|
||
hashes of the valid outputs with unique dummy strings;
|
||
after the build, we discard the redirected outputs
|
||
corresponding to the valid outputs, and rewrite the
|
||
contents of the new outputs to replace the dummy strings
|
||
with the actual hashes. */
|
||
if (validPaths.size() > 0)
|
||
for (auto& i : validPaths) addHashRewrite(i);
|
||
|
||
/* If we're repairing, then we don't want to delete the
|
||
corrupt outputs in advance. So rewrite them as well. */
|
||
if (buildMode == bmRepair)
|
||
for (auto& i : missingPaths)
|
||
if (worker.store.isValidPath(i) && pathExists(i)) {
|
||
addHashRewrite(i);
|
||
redirectedBadOutputs.insert(i);
|
||
}
|
||
}
|
||
|
||
if (useChroot && settings.preBuildHook != "" &&
|
||
dynamic_cast<Derivation*>(drv.get())) {
|
||
DLOG(INFO) << "executing pre-build hook '" << settings.preBuildHook << "'";
|
||
auto args =
|
||
useChroot ? Strings({drvPath, chrootRootDir}) : Strings({drvPath});
|
||
enum BuildHookState { stBegin, stExtraChrootDirs };
|
||
auto state = stBegin;
|
||
auto lines = runProgram(settings.preBuildHook, false, args);
|
||
auto lastPos = std::string::size_type{0};
|
||
for (auto nlPos = lines.find('\n'); nlPos != string::npos;
|
||
nlPos = lines.find('\n', lastPos)) {
|
||
auto line = std::string{lines, lastPos, nlPos - lastPos};
|
||
lastPos = nlPos + 1;
|
||
if (state == stBegin) {
|
||
if (line == "extra-sandbox-paths" || line == "extra-chroot-dirs") {
|
||
state = stExtraChrootDirs;
|
||
} else {
|
||
throw Error(format("unknown pre-build hook command '%1%'") % line);
|
||
}
|
||
} else if (state == stExtraChrootDirs) {
|
||
if (line == "") {
|
||
state = stBegin;
|
||
} else {
|
||
auto p = line.find('=');
|
||
if (p == string::npos)
|
||
dirsInChroot[line] = line;
|
||
else
|
||
dirsInChroot[string(line, 0, p)] = string(line, p + 1);
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
/* Run the builder. */
|
||
DLOG(INFO) << "executing builder '" << drv->builder << "'";
|
||
|
||
/* Create the log file. */
|
||
Path logFile = openLogFile();
|
||
|
||
/* Create a pipe to get the output of the builder. */
|
||
// builderOut.create();
|
||
|
||
builderOut.readSide = posix_openpt(O_RDWR | O_NOCTTY);
|
||
if (!builderOut.readSide) throw SysError("opening pseudoterminal master");
|
||
|
||
std::string slaveName(ptsname(builderOut.readSide.get()));
|
||
|
||
if (buildUser) {
|
||
if (chmod(slaveName.c_str(), 0600))
|
||
throw SysError("changing mode of pseudoterminal slave");
|
||
|
||
if (chown(slaveName.c_str(), buildUser->getUID(), 0))
|
||
throw SysError("changing owner of pseudoterminal slave");
|
||
} else {
|
||
if (grantpt(builderOut.readSide.get()))
|
||
throw SysError("granting access to pseudoterminal slave");
|
||
}
|
||
|
||
#if 0
|
||
// Mount the pt in the sandbox so that the "tty" command works.
|
||
// FIXME: this doesn't work with the new devpts in the sandbox.
|
||
if (useChroot)
|
||
dirsInChroot[slaveName] = {slaveName, false};
|
||
#endif
|
||
|
||
if (unlockpt(builderOut.readSide.get()))
|
||
throw SysError("unlocking pseudoterminal");
|
||
|
||
builderOut.writeSide = open(slaveName.c_str(), O_RDWR | O_NOCTTY);
|
||
if (!builderOut.writeSide) throw SysError("opening pseudoterminal slave");
|
||
|
||
// Put the pt into raw mode to prevent \n -> \r\n translation.
|
||
struct termios term;
|
||
if (tcgetattr(builderOut.writeSide.get(), &term))
|
||
throw SysError("getting pseudoterminal attributes");
|
||
|
||
cfmakeraw(&term);
|
||
|
||
if (tcsetattr(builderOut.writeSide.get(), TCSANOW, &term))
|
||
throw SysError("putting pseudoterminal into raw mode");
|
||
|
||
result.startTime = time(0);
|
||
|
||
/* Fork a child to build the package. */
|
||
ProcessOptions options;
|
||
|
||
#if __linux__
|
||
if (useChroot) {
|
||
/* Set up private namespaces for the build:
|
||
|
||
- The PID namespace causes the build to start as PID 1.
|
||
Processes outside of the chroot are not visible to those
|
||
on the inside, but processes inside the chroot are
|
||
visible from the outside (though with different PIDs).
|
||
|
||
- The private mount namespace ensures that all the bind
|
||
mounts we do will only show up in this process and its
|
||
children, and will disappear automatically when we're
|
||
done.
|
||
|
||
- The private network namespace ensures that the builder
|
||
cannot talk to the outside world (or vice versa). It
|
||
only has a private loopback interface. (Fixed-output
|
||
derivations are not run in a private network namespace
|
||
to allow functions like fetchurl to work.)
|
||
|
||
- The IPC namespace prevents the builder from communicating
|
||
with outside processes using SysV IPC mechanisms (shared
|
||
memory, message queues, semaphores). It also ensures
|
||
that all IPC objects are destroyed when the builder
|
||
exits.
|
||
|
||
- The UTS namespace ensures that builders see a hostname of
|
||
localhost rather than the actual hostname.
|
||
|
||
We use a helper process to do the clone() to work around
|
||
clone() being broken in multi-threaded programs due to
|
||
at-fork handlers not being run. Note that we use
|
||
CLONE_PARENT to ensure that the real builder is parented to
|
||
us.
|
||
*/
|
||
|
||
if (!fixedOutput) privateNetwork = true;
|
||
|
||
userNamespaceSync.create();
|
||
|
||
options.allowVfork = false;
|
||
|
||
Pid helper = startProcess(
|
||
[&]() {
|
||
/* Drop additional groups here because we can't do it
|
||
after we've created the new user namespace. FIXME:
|
||
this means that if we're not root in the parent
|
||
namespace, we can't drop additional groups; they will
|
||
be mapped to nogroup in the child namespace. There does
|
||
not seem to be a workaround for this. (But who can tell
|
||
from reading user_namespaces(7)?)
|
||
See also https://lwn.net/Articles/621612/. */
|
||
if (getuid() == 0 && setgroups(0, 0) == -1)
|
||
throw SysError("setgroups failed");
|
||
|
||
size_t stackSize = 1 * 1024 * 1024;
|
||
char* stack =
|
||
(char*)mmap(0, stackSize, PROT_WRITE | PROT_READ,
|
||
MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
|
||
if (stack == MAP_FAILED) throw SysError("allocating stack");
|
||
|
||
int flags = CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNS |
|
||
CLONE_NEWIPC | CLONE_NEWUTS | CLONE_PARENT | SIGCHLD;
|
||
if (privateNetwork) flags |= CLONE_NEWNET;
|
||
|
||
pid_t child = clone(childEntry, stack + stackSize, flags, this);
|
||
if (child == -1 && errno == EINVAL) {
|
||
/* Fallback for Linux < 2.13 where CLONE_NEWPID and
|
||
CLONE_PARENT are not allowed together. */
|
||
flags &= ~CLONE_NEWPID;
|
||
child = clone(childEntry, stack + stackSize, flags, this);
|
||
}
|
||
if (child == -1 && (errno == EPERM || errno == EINVAL)) {
|
||
/* Some distros patch Linux to not allow unpriveleged
|
||
* user namespaces. If we get EPERM or EINVAL, try
|
||
* without CLONE_NEWUSER and see if that works.
|
||
*/
|
||
flags &= ~CLONE_NEWUSER;
|
||
child = clone(childEntry, stack + stackSize, flags, this);
|
||
}
|
||
/* Otherwise exit with EPERM so we can handle this in the
|
||
parent. This is only done when sandbox-fallback is set
|
||
to true (the default). */
|
||
if (child == -1 && (errno == EPERM || errno == EINVAL) &&
|
||
settings.sandboxFallback)
|
||
_exit(1);
|
||
if (child == -1) throw SysError("cloning builder process");
|
||
|
||
writeFull(builderOut.writeSide.get(), std::to_string(child) + "\n");
|
||
_exit(0);
|
||
},
|
||
options);
|
||
|
||
int res = helper.wait();
|
||
if (res != 0 && settings.sandboxFallback) {
|
||
useChroot = false;
|
||
initTmpDir();
|
||
goto fallback;
|
||
} else if (res != 0)
|
||
throw Error("unable to start build process");
|
||
|
||
userNamespaceSync.readSide = -1;
|
||
|
||
pid_t tmp;
|
||
if (!string2Int<pid_t>(readLine(builderOut.readSide.get()), tmp)) abort();
|
||
pid = tmp;
|
||
|
||
/* Set the UID/GID mapping of the builder's user namespace
|
||
such that the sandbox user maps to the build user, or to
|
||
the calling user (if build users are disabled). */
|
||
uid_t hostUid = buildUser ? buildUser->getUID() : getuid();
|
||
uid_t hostGid = buildUser ? buildUser->getGID() : getgid();
|
||
|
||
writeFile("/proc/" + std::to_string(pid) + "/uid_map",
|
||
(format("%d %d 1") % sandboxUid % hostUid).str());
|
||
|
||
writeFile("/proc/" + std::to_string(pid) + "/setgroups", "deny");
|
||
|
||
writeFile("/proc/" + std::to_string(pid) + "/gid_map",
|
||
(format("%d %d 1") % sandboxGid % hostGid).str());
|
||
|
||
/* Signal the builder that we've updated its user
|
||
namespace. */
|
||
writeFull(userNamespaceSync.writeSide.get(), "1");
|
||
userNamespaceSync.writeSide = -1;
|
||
|
||
} else
|
||
#endif
|
||
{
|
||
fallback:
|
||
options.allowVfork = !buildUser && !drv->isBuiltin();
|
||
pid = startProcess([&]() { runChild(); }, options);
|
||
}
|
||
|
||
/* parent */
|
||
pid.setSeparatePG(true);
|
||
builderOut.writeSide = -1;
|
||
worker.childStarted(shared_from_this(), {builderOut.readSide.get()}, true,
|
||
true);
|
||
|
||
/* Check if setting up the build environment failed. */
|
||
while (true) {
|
||
string msg = readLine(builderOut.readSide.get());
|
||
if (string(msg, 0, 1) == "\1") {
|
||
if (msg.size() == 1) break;
|
||
throw Error(string(msg, 1));
|
||
}
|
||
DLOG(INFO) << msg;
|
||
}
|
||
}
|
||
|
||
void DerivationGoal::initTmpDir() {
|
||
/* In a sandbox, for determinism, always use the same temporary
|
||
directory. */
|
||
#if __linux__
|
||
tmpDirInSandbox = useChroot ? settings.sandboxBuildDir : tmpDir;
|
||
#else
|
||
tmpDirInSandbox = tmpDir;
|
||
#endif
|
||
|
||
/* In non-structured mode, add all bindings specified in the
|
||
derivation via the environment, except those listed in the
|
||
passAsFile attribute. Those are passed as file names pointing
|
||
to temporary files containing the contents. Note that
|
||
passAsFile is ignored in structure mode because it's not
|
||
needed (attributes are not passed through the environment, so
|
||
there is no size constraint). */
|
||
if (!parsedDrv->getStructuredAttrs()) {
|
||
StringSet passAsFile =
|
||
tokenizeString<StringSet>(get(drv->env, "passAsFile"));
|
||
int fileNr = 0;
|
||
for (auto& i : drv->env) {
|
||
if (passAsFile.find(i.first) == passAsFile.end()) {
|
||
env[i.first] = i.second;
|
||
} else {
|
||
string fn = ".attr-" + std::to_string(fileNr++);
|
||
Path p = tmpDir + "/" + fn;
|
||
writeFile(p, rewriteStrings(i.second, inputRewrites));
|
||
chownToBuilder(p);
|
||
env[i.first + "Path"] = tmpDirInSandbox + "/" + fn;
|
||
}
|
||
}
|
||
}
|
||
|
||
/* For convenience, set an environment pointing to the top build
|
||
directory. */
|
||
env["NIX_BUILD_TOP"] = tmpDirInSandbox;
|
||
|
||
/* Also set TMPDIR and variants to point to this directory. */
|
||
env["TMPDIR"] = env["TEMPDIR"] = env["TMP"] = env["TEMP"] = tmpDirInSandbox;
|
||
|
||
/* Explicitly set PWD to prevent problems with chroot builds. In
|
||
particular, dietlibc cannot figure out the cwd because the
|
||
inode of the current directory doesn't appear in .. (because
|
||
getdents returns the inode of the mount point). */
|
||
env["PWD"] = tmpDirInSandbox;
|
||
}
|
||
|
||
void DerivationGoal::initEnv() {
|
||
env.clear();
|
||
|
||
/* Most shells initialise PATH to some default (/bin:/usr/bin:...) when
|
||
PATH is not set. We don't want this, so we fill it in with some dummy
|
||
value. */
|
||
env["PATH"] = "/path-not-set";
|
||
|
||
/* Set HOME to a non-existing path to prevent certain programs from using
|
||
/etc/passwd (or NIS, or whatever) to locate the home directory (for
|
||
example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd
|
||
if HOME is not set, but they will just assume that the settings file
|
||
they are looking for does not exist if HOME is set but points to some
|
||
non-existing path. */
|
||
env["HOME"] = homeDir;
|
||
|
||
/* Tell the builder where the Nix store is. Usually they
|
||
shouldn't care, but this is useful for purity checking (e.g.,
|
||
the compiler or linker might only want to accept paths to files
|
||
in the store or in the build directory). */
|
||
env["NIX_STORE"] = worker.store.storeDir;
|
||
|
||
/* The maximum number of cores to utilize for parallel building. */
|
||
env["NIX_BUILD_CORES"] = (format("%d") % settings.buildCores).str();
|
||
|
||
initTmpDir();
|
||
|
||
/* Compatibility hack with Nix <= 0.7: if this is a fixed-output
|
||
derivation, tell the builder, so that for instance `fetchurl'
|
||
can skip checking the output. On older Nixes, this environment
|
||
variable won't be set, so `fetchurl' will do the check. */
|
||
if (fixedOutput) env["NIX_OUTPUT_CHECKED"] = "1";
|
||
|
||
/* *Only* if this is a fixed-output derivation, propagate the
|
||
values of the environment variables specified in the
|
||
`impureEnvVars' attribute to the builder. This allows for
|
||
instance environment variables for proxy configuration such as
|
||
`http_proxy' to be easily passed to downloaders like
|
||
`fetchurl'. Passing such environment variables from the caller
|
||
to the builder is generally impure, but the output of
|
||
fixed-output derivations is by definition pure (since we
|
||
already know the cryptographic hash of the output). */
|
||
if (fixedOutput) {
|
||
for (auto& i :
|
||
parsedDrv->getStringsAttr("impureEnvVars").value_or(Strings()))
|
||
env[i] = getEnv(i);
|
||
}
|
||
|
||
/* Currently structured log messages piggyback on stderr, but we
|
||
may change that in the future. So tell the builder which file
|
||
descriptor to use for that. */
|
||
env["NIX_LOG_FD"] = "2";
|
||
|
||
/* Trigger colored output in various tools. */
|
||
env["TERM"] = "xterm-256color";
|
||
}
|
||
|
||
static std::regex shVarName("[A-Za-z_][A-Za-z0-9_]*");
|
||
|
||
void DerivationGoal::writeStructuredAttrs() {
|
||
auto& structuredAttrs = parsedDrv->getStructuredAttrs();
|
||
if (!structuredAttrs) return;
|
||
|
||
auto json = *structuredAttrs;
|
||
|
||
/* Add an "outputs" object containing the output paths. */
|
||
nlohmann::json outputs;
|
||
for (auto& i : drv->outputs)
|
||
outputs[i.first] = rewriteStrings(i.second.path, inputRewrites);
|
||
json["outputs"] = outputs;
|
||
|
||
/* Handle exportReferencesGraph. */
|
||
auto e = json.find("exportReferencesGraph");
|
||
if (e != json.end() && e->is_object()) {
|
||
for (auto i = e->begin(); i != e->end(); ++i) {
|
||
std::ostringstream str;
|
||
{
|
||
JSONPlaceholder jsonRoot(str, true);
|
||
PathSet storePaths;
|
||
for (auto& p : *i) storePaths.insert(p.get<std::string>());
|
||
worker.store.pathInfoToJSON(jsonRoot, exportReferences(storePaths),
|
||
false, true);
|
||
}
|
||
json[i.key()] = nlohmann::json::parse(str.str()); // urgh
|
||
}
|
||
}
|
||
|
||
writeFile(tmpDir + "/.attrs.json",
|
||
rewriteStrings(json.dump(), inputRewrites));
|
||
chownToBuilder(tmpDir + "/.attrs.json");
|
||
|
||
/* As a convenience to bash scripts, write a shell file that
|
||
maps all attributes that are representable in bash -
|
||
namely, strings, integers, nulls, Booleans, and arrays and
|
||
objects consisting entirely of those values. (So nested
|
||
arrays or objects are not supported.) */
|
||
|
||
auto handleSimpleType =
|
||
[](const nlohmann::json& value) -> std::optional<std::string> {
|
||
if (value.is_string()) return shellEscape(value);
|
||
|
||
if (value.is_number()) {
|
||
auto f = value.get<float>();
|
||
if (std::ceil(f) == f) return std::to_string(value.get<int>());
|
||
}
|
||
|
||
if (value.is_null()) return std::string("''");
|
||
|
||
if (value.is_boolean())
|
||
return value.get<bool>() ? std::string("1") : std::string("");
|
||
|
||
return {};
|
||
};
|
||
|
||
std::string jsonSh;
|
||
|
||
for (auto i = json.begin(); i != json.end(); ++i) {
|
||
if (!std::regex_match(i.key(), shVarName)) continue;
|
||
|
||
auto& value = i.value();
|
||
|
||
auto s = handleSimpleType(value);
|
||
if (s)
|
||
jsonSh += fmt("declare %s=%s\n", i.key(), *s);
|
||
|
||
else if (value.is_array()) {
|
||
std::string s2;
|
||
bool good = true;
|
||
|
||
for (auto i = value.begin(); i != value.end(); ++i) {
|
||
auto s3 = handleSimpleType(i.value());
|
||
if (!s3) {
|
||
good = false;
|
||
break;
|
||
}
|
||
s2 += *s3;
|
||
s2 += ' ';
|
||
}
|
||
|
||
if (good) jsonSh += fmt("declare -a %s=(%s)\n", i.key(), s2);
|
||
}
|
||
|
||
else if (value.is_object()) {
|
||
std::string s2;
|
||
bool good = true;
|
||
|
||
for (auto i = value.begin(); i != value.end(); ++i) {
|
||
auto s3 = handleSimpleType(i.value());
|
||
if (!s3) {
|
||
good = false;
|
||
break;
|
||
}
|
||
s2 += fmt("[%s]=%s ", shellEscape(i.key()), *s3);
|
||
}
|
||
|
||
if (good) jsonSh += fmt("declare -A %s=(%s)\n", i.key(), s2);
|
||
}
|
||
}
|
||
|
||
writeFile(tmpDir + "/.attrs.sh", rewriteStrings(jsonSh, inputRewrites));
|
||
chownToBuilder(tmpDir + "/.attrs.sh");
|
||
}
|
||
|
||
void DerivationGoal::chownToBuilder(const Path& path) {
|
||
if (!buildUser) return;
|
||
if (chown(path.c_str(), buildUser->getUID(), buildUser->getGID()) == -1)
|
||
throw SysError(format("cannot change ownership of '%1%'") % path);
|
||
}
|
||
|
||
void setupSeccomp() {
|
||
#if __linux__
|
||
if (!settings.filterSyscalls) return;
|
||
#if HAVE_SECCOMP
|
||
scmp_filter_ctx ctx;
|
||
|
||
if (!(ctx = seccomp_init(SCMP_ACT_ALLOW)))
|
||
throw SysError("unable to initialize seccomp mode 2");
|
||
|
||
Finally cleanup([&]() { seccomp_release(ctx); });
|
||
|
||
if (nativeSystem == "x86_64-linux" &&
|
||
seccomp_arch_add(ctx, SCMP_ARCH_X86) != 0)
|
||
throw SysError("unable to add 32-bit seccomp architecture");
|
||
|
||
if (nativeSystem == "x86_64-linux" &&
|
||
seccomp_arch_add(ctx, SCMP_ARCH_X32) != 0)
|
||
throw SysError("unable to add X32 seccomp architecture");
|
||
|
||
if (nativeSystem == "aarch64-linux" &&
|
||
seccomp_arch_add(ctx, SCMP_ARCH_ARM) != 0) {
|
||
LOG(ERROR) << "unable to add ARM seccomp architecture; this may result in "
|
||
<< "spurious build failures if running 32-bit ARM processes";
|
||
}
|
||
|
||
/* Prevent builders from creating setuid/setgid binaries. */
|
||
for (int perm : {S_ISUID, S_ISGID}) {
|
||
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(chmod), 1,
|
||
SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t)perm,
|
||
(scmp_datum_t)perm)) != 0)
|
||
throw SysError("unable to add seccomp rule");
|
||
|
||
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(fchmod), 1,
|
||
SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t)perm,
|
||
(scmp_datum_t)perm)) != 0)
|
||
throw SysError("unable to add seccomp rule");
|
||
|
||
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(fchmodat), 1,
|
||
SCMP_A2(SCMP_CMP_MASKED_EQ, (scmp_datum_t)perm,
|
||
(scmp_datum_t)perm)) != 0)
|
||
throw SysError("unable to add seccomp rule");
|
||
}
|
||
|
||
/* Prevent builders from creating EAs or ACLs. Not all filesystems
|
||
support these, and they're not allowed in the Nix store because
|
||
they're not representable in the NAR serialisation. */
|
||
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(setxattr), 0) !=
|
||
0 ||
|
||
seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(lsetxattr), 0) !=
|
||
0 ||
|
||
seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(fsetxattr), 0) !=
|
||
0)
|
||
throw SysError("unable to add seccomp rule");
|
||
|
||
if (seccomp_attr_set(ctx, SCMP_FLTATR_CTL_NNP,
|
||
settings.allowNewPrivileges ? 0 : 1) != 0)
|
||
throw SysError("unable to set 'no new privileges' seccomp attribute");
|
||
|
||
if (seccomp_load(ctx) != 0)
|
||
throw SysError("unable to load seccomp BPF program");
|
||
#else
|
||
throw Error(
|
||
"seccomp is not supported on this platform; "
|
||
"you can bypass this error by setting the option 'filter-syscalls' to "
|
||
"false, but note that untrusted builds can then create setuid binaries!");
|
||
#endif
|
||
#endif
|
||
}
|
||
|
||
void DerivationGoal::runChild() {
|
||
/* Warning: in the child we should absolutely not make any SQLite
|
||
calls! */
|
||
|
||
try { /* child */
|
||
|
||
commonChildInit(builderOut);
|
||
|
||
try {
|
||
setupSeccomp();
|
||
} catch (...) {
|
||
if (buildUser) throw;
|
||
}
|
||
|
||
bool setUser = true;
|
||
|
||
/* Make the contents of netrc available to builtin:fetchurl
|
||
(which may run under a different uid and/or in a sandbox). */
|
||
std::string netrcData;
|
||
try {
|
||
if (drv->isBuiltin() && drv->builder == "builtin:fetchurl")
|
||
netrcData = readFile(settings.netrcFile);
|
||
} catch (SysError&) {
|
||
}
|
||
|
||
#if __linux__
|
||
if (useChroot) {
|
||
userNamespaceSync.writeSide = -1;
|
||
|
||
if (drainFD(userNamespaceSync.readSide.get()) != "1")
|
||
throw Error("user namespace initialisation failed");
|
||
|
||
userNamespaceSync.readSide = -1;
|
||
|
||
if (privateNetwork) {
|
||
/* Initialise the loopback interface. */
|
||
AutoCloseFD fd(socket(PF_INET, SOCK_DGRAM, IPPROTO_IP));
|
||
if (!fd) throw SysError("cannot open IP socket");
|
||
|
||
struct ifreq ifr;
|
||
strcpy(ifr.ifr_name, "lo");
|
||
ifr.ifr_flags = IFF_UP | IFF_LOOPBACK | IFF_RUNNING;
|
||
if (ioctl(fd.get(), SIOCSIFFLAGS, &ifr) == -1)
|
||
throw SysError("cannot set loopback interface flags");
|
||
}
|
||
|
||
/* Set the hostname etc. to fixed values. */
|
||
char hostname[] = "localhost";
|
||
if (sethostname(hostname, sizeof(hostname)) == -1)
|
||
throw SysError("cannot set host name");
|
||
char domainname[] = "(none)"; // kernel default
|
||
if (setdomainname(domainname, sizeof(domainname)) == -1)
|
||
throw SysError("cannot set domain name");
|
||
|
||
/* Make all filesystems private. This is necessary
|
||
because subtrees may have been mounted as "shared"
|
||
(MS_SHARED). (Systemd does this, for instance.) Even
|
||
though we have a private mount namespace, mounting
|
||
filesystems on top of a shared subtree still propagates
|
||
outside of the namespace. Making a subtree private is
|
||
local to the namespace, though, so setting MS_PRIVATE
|
||
does not affect the outside world. */
|
||
if (mount(0, "/", 0, MS_REC | MS_PRIVATE, 0) == -1) {
|
||
throw SysError("unable to make '/' private mount");
|
||
}
|
||
|
||
/* Bind-mount chroot directory to itself, to treat it as a
|
||
different filesystem from /, as needed for pivot_root. */
|
||
if (mount(chrootRootDir.c_str(), chrootRootDir.c_str(), 0, MS_BIND, 0) ==
|
||
-1)
|
||
throw SysError(format("unable to bind mount '%1%'") % chrootRootDir);
|
||
|
||
/* Set up a nearly empty /dev, unless the user asked to
|
||
bind-mount the host /dev. */
|
||
Strings ss;
|
||
if (dirsInChroot.find("/dev") == dirsInChroot.end()) {
|
||
createDirs(chrootRootDir + "/dev/shm");
|
||
createDirs(chrootRootDir + "/dev/pts");
|
||
ss.push_back("/dev/full");
|
||
if (settings.systemFeatures.get().count("kvm") &&
|
||
pathExists("/dev/kvm"))
|
||
ss.push_back("/dev/kvm");
|
||
ss.push_back("/dev/null");
|
||
ss.push_back("/dev/random");
|
||
ss.push_back("/dev/tty");
|
||
ss.push_back("/dev/urandom");
|
||
ss.push_back("/dev/zero");
|
||
createSymlink("/proc/self/fd", chrootRootDir + "/dev/fd");
|
||
createSymlink("/proc/self/fd/0", chrootRootDir + "/dev/stdin");
|
||
createSymlink("/proc/self/fd/1", chrootRootDir + "/dev/stdout");
|
||
createSymlink("/proc/self/fd/2", chrootRootDir + "/dev/stderr");
|
||
}
|
||
|
||
/* Fixed-output derivations typically need to access the
|
||
network, so give them access to /etc/resolv.conf and so
|
||
on. */
|
||
if (fixedOutput) {
|
||
ss.push_back("/etc/resolv.conf");
|
||
|
||
// Only use nss functions to resolve hosts and
|
||
// services. Don’t use it for anything else that may
|
||
// be configured for this system. This limits the
|
||
// potential impurities introduced in fixed outputs.
|
||
writeFile(chrootRootDir + "/etc/nsswitch.conf",
|
||
"hosts: files dns\nservices: files\n");
|
||
|
||
ss.push_back("/etc/services");
|
||
ss.push_back("/etc/hosts");
|
||
if (pathExists("/var/run/nscd/socket"))
|
||
ss.push_back("/var/run/nscd/socket");
|
||
}
|
||
|
||
for (auto& i : ss) dirsInChroot.emplace(i, i);
|
||
|
||
/* Bind-mount all the directories from the "host"
|
||
filesystem that we want in the chroot
|
||
environment. */
|
||
auto doBind = [&](const Path& source, const Path& target,
|
||
bool optional = false) {
|
||
DLOG(INFO) << "bind mounting '" << source << "' to '" << target << "'";
|
||
struct stat st;
|
||
if (stat(source.c_str(), &st) == -1) {
|
||
if (optional && errno == ENOENT)
|
||
return;
|
||
else
|
||
throw SysError("getting attributes of path '%1%'", source);
|
||
}
|
||
if (S_ISDIR(st.st_mode))
|
||
createDirs(target);
|
||
else {
|
||
createDirs(dirOf(target));
|
||
writeFile(target, "");
|
||
}
|
||
if (mount(source.c_str(), target.c_str(), "", MS_BIND | MS_REC, 0) ==
|
||
-1)
|
||
throw SysError("bind mount from '%1%' to '%2%' failed", source,
|
||
target);
|
||
};
|
||
|
||
for (auto& i : dirsInChroot) {
|
||
if (i.second.source == "/proc") continue; // backwards compatibility
|
||
doBind(i.second.source, chrootRootDir + i.first, i.second.optional);
|
||
}
|
||
|
||
/* Bind a new instance of procfs on /proc. */
|
||
createDirs(chrootRootDir + "/proc");
|
||
if (mount("none", (chrootRootDir + "/proc").c_str(), "proc", 0, 0) == -1)
|
||
throw SysError("mounting /proc");
|
||
|
||
/* Mount a new tmpfs on /dev/shm to ensure that whatever
|
||
the builder puts in /dev/shm is cleaned up automatically. */
|
||
if (pathExists("/dev/shm") &&
|
||
mount("none", (chrootRootDir + "/dev/shm").c_str(), "tmpfs", 0,
|
||
fmt("size=%s", settings.sandboxShmSize).c_str()) == -1)
|
||
throw SysError("mounting /dev/shm");
|
||
|
||
/* Mount a new devpts on /dev/pts. Note that this
|
||
requires the kernel to be compiled with
|
||
CONFIG_DEVPTS_MULTIPLE_INSTANCES=y (which is the case
|
||
if /dev/ptx/ptmx exists). */
|
||
if (pathExists("/dev/pts/ptmx") &&
|
||
!pathExists(chrootRootDir + "/dev/ptmx") &&
|
||
!dirsInChroot.count("/dev/pts")) {
|
||
if (mount("none", (chrootRootDir + "/dev/pts").c_str(), "devpts", 0,
|
||
"newinstance,mode=0620") == 0) {
|
||
createSymlink("/dev/pts/ptmx", chrootRootDir + "/dev/ptmx");
|
||
|
||
/* Make sure /dev/pts/ptmx is world-writable. With some
|
||
Linux versions, it is created with permissions 0. */
|
||
chmod_(chrootRootDir + "/dev/pts/ptmx", 0666);
|
||
} else {
|
||
if (errno != EINVAL) throw SysError("mounting /dev/pts");
|
||
doBind("/dev/pts", chrootRootDir + "/dev/pts");
|
||
doBind("/dev/ptmx", chrootRootDir + "/dev/ptmx");
|
||
}
|
||
}
|
||
|
||
/* Do the chroot(). */
|
||
if (chdir(chrootRootDir.c_str()) == -1)
|
||
throw SysError(format("cannot change directory to '%1%'") %
|
||
chrootRootDir);
|
||
|
||
if (mkdir("real-root", 0) == -1)
|
||
throw SysError("cannot create real-root directory");
|
||
|
||
if (pivot_root(".", "real-root") == -1)
|
||
throw SysError(format("cannot pivot old root directory onto '%1%'") %
|
||
(chrootRootDir + "/real-root"));
|
||
|
||
if (chroot(".") == -1)
|
||
throw SysError(format("cannot change root directory to '%1%'") %
|
||
chrootRootDir);
|
||
|
||
if (umount2("real-root", MNT_DETACH) == -1)
|
||
throw SysError("cannot unmount real root filesystem");
|
||
|
||
if (rmdir("real-root") == -1)
|
||
throw SysError("cannot remove real-root directory");
|
||
|
||
/* Switch to the sandbox uid/gid in the user namespace,
|
||
which corresponds to the build user or calling user in
|
||
the parent namespace. */
|
||
if (setgid(sandboxGid) == -1) throw SysError("setgid failed");
|
||
if (setuid(sandboxUid) == -1) throw SysError("setuid failed");
|
||
|
||
setUser = false;
|
||
}
|
||
#endif
|
||
|
||
if (chdir(tmpDirInSandbox.c_str()) == -1)
|
||
throw SysError(format("changing into '%1%'") % tmpDir);
|
||
|
||
/* Close all other file descriptors. */
|
||
closeMostFDs({STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO});
|
||
|
||
#if __linux__
|
||
/* Change the personality to 32-bit if we're doing an
|
||
i686-linux build on an x86_64-linux machine. */
|
||
struct utsname utsbuf;
|
||
uname(&utsbuf);
|
||
if (drv->platform == "i686-linux" &&
|
||
(settings.thisSystem == "x86_64-linux" ||
|
||
(!strcmp(utsbuf.sysname, "Linux") &&
|
||
!strcmp(utsbuf.machine, "x86_64")))) {
|
||
if (personality(PER_LINUX32) == -1)
|
||
throw SysError("cannot set i686-linux personality");
|
||
}
|
||
|
||
/* Impersonate a Linux 2.6 machine to get some determinism in
|
||
builds that depend on the kernel version. */
|
||
if ((drv->platform == "i686-linux" || drv->platform == "x86_64-linux") &&
|
||
settings.impersonateLinux26) {
|
||
int cur = personality(0xffffffff);
|
||
if (cur != -1) personality(cur | 0x0020000 /* == UNAME26 */);
|
||
}
|
||
|
||
/* Disable address space randomization for improved
|
||
determinism. */
|
||
int cur = personality(0xffffffff);
|
||
if (cur != -1) personality(cur | ADDR_NO_RANDOMIZE);
|
||
#endif
|
||
|
||
/* Disable core dumps by default. */
|
||
struct rlimit limit = {0, RLIM_INFINITY};
|
||
setrlimit(RLIMIT_CORE, &limit);
|
||
|
||
// FIXME: set other limits to deterministic values?
|
||
|
||
/* Fill in the environment. */
|
||
Strings envStrs;
|
||
for (auto& i : env)
|
||
envStrs.push_back(
|
||
rewriteStrings(i.first + "=" + i.second, inputRewrites));
|
||
|
||
/* If we are running in `build-users' mode, then switch to the
|
||
user we allocated above. Make sure that we drop all root
|
||
privileges. Note that above we have closed all file
|
||
descriptors except std*, so that's safe. Also note that
|
||
setuid() when run as root sets the real, effective and
|
||
saved UIDs. */
|
||
if (setUser && buildUser) {
|
||
/* Preserve supplementary groups of the build user, to allow
|
||
admins to specify groups such as "kvm". */
|
||
if (!buildUser->getSupplementaryGIDs().empty() &&
|
||
setgroups(buildUser->getSupplementaryGIDs().size(),
|
||
buildUser->getSupplementaryGIDs().data()) == -1)
|
||
throw SysError("cannot set supplementary groups of build user");
|
||
|
||
if (setgid(buildUser->getGID()) == -1 ||
|
||
getgid() != buildUser->getGID() || getegid() != buildUser->getGID())
|
||
throw SysError("setgid failed");
|
||
|
||
if (setuid(buildUser->getUID()) == -1 ||
|
||
getuid() != buildUser->getUID() || geteuid() != buildUser->getUID())
|
||
throw SysError("setuid failed");
|
||
}
|
||
|
||
/* Fill in the arguments. */
|
||
Strings args;
|
||
|
||
const char* builder = "invalid";
|
||
|
||
if (drv->isBuiltin()) {
|
||
;
|
||
}
|
||
#if __APPLE__
|
||
else if (getEnv("_NIX_TEST_NO_SANDBOX") == "") {
|
||
/* This has to appear before import statements. */
|
||
std::string sandboxProfile = "(version 1)\n";
|
||
|
||
if (useChroot) {
|
||
/* Lots and lots and lots of file functions freak out if they can't stat
|
||
* their full ancestry */
|
||
PathSet ancestry;
|
||
|
||
/* We build the ancestry before adding all inputPaths to the store
|
||
because we know they'll all have the same parents (the store), and
|
||
there might be lots of inputs. This isn't
|
||
particularly efficient... I doubt it'll be a bottleneck in practice
|
||
*/
|
||
for (auto& i : dirsInChroot) {
|
||
Path cur = i.first;
|
||
while (cur.compare("/") != 0) {
|
||
cur = dirOf(cur);
|
||
ancestry.insert(cur);
|
||
}
|
||
}
|
||
|
||
/* And we want the store in there regardless of how empty dirsInChroot.
|
||
We include the innermost path component this time, since it's
|
||
typically /nix/store and we care about that. */
|
||
Path cur = worker.store.storeDir;
|
||
while (cur.compare("/") != 0) {
|
||
ancestry.insert(cur);
|
||
cur = dirOf(cur);
|
||
}
|
||
|
||
/* Add all our input paths to the chroot */
|
||
for (auto& i : inputPaths) dirsInChroot[i] = i;
|
||
|
||
/* Violations will go to the syslog if you set this. Unfortunately the
|
||
* destination does not appear to be configurable */
|
||
if (settings.darwinLogSandboxViolations) {
|
||
sandboxProfile += "(deny default)\n";
|
||
} else {
|
||
sandboxProfile += "(deny default (with no-log))\n";
|
||
}
|
||
|
||
sandboxProfile += "(import \"sandbox-defaults.sb\")\n";
|
||
|
||
if (fixedOutput) sandboxProfile += "(import \"sandbox-network.sb\")\n";
|
||
|
||
/* Our rwx outputs */
|
||
sandboxProfile += "(allow file-read* file-write* process-exec\n";
|
||
for (auto& i : missingPaths) {
|
||
sandboxProfile += (format("\t(subpath \"%1%\")\n") % i.c_str()).str();
|
||
}
|
||
/* Also add redirected outputs to the chroot */
|
||
for (auto& i : redirectedOutputs) {
|
||
sandboxProfile +=
|
||
(format("\t(subpath \"%1%\")\n") % i.second.c_str()).str();
|
||
}
|
||
sandboxProfile += ")\n";
|
||
|
||
/* Our inputs (transitive dependencies and any impurities computed
|
||
above)
|
||
|
||
without file-write* allowed, access() incorrectly returns EPERM
|
||
*/
|
||
sandboxProfile += "(allow file-read* file-write* process-exec\n";
|
||
for (auto& i : dirsInChroot) {
|
||
if (i.first != i.second.source)
|
||
throw Error(format("can't map '%1%' to '%2%': mismatched impure "
|
||
"paths not supported on Darwin") %
|
||
i.first % i.second.source);
|
||
|
||
string path = i.first;
|
||
struct stat st;
|
||
if (lstat(path.c_str(), &st)) {
|
||
if (i.second.optional && errno == ENOENT) continue;
|
||
throw SysError(format("getting attributes of path '%1%'") % path);
|
||
}
|
||
if (S_ISDIR(st.st_mode))
|
||
sandboxProfile += (format("\t(subpath \"%1%\")\n") % path).str();
|
||
else
|
||
sandboxProfile += (format("\t(literal \"%1%\")\n") % path).str();
|
||
}
|
||
sandboxProfile += ")\n";
|
||
|
||
/* Allow file-read* on full directory hierarchy to self. Allows
|
||
* realpath() */
|
||
sandboxProfile += "(allow file-read*\n";
|
||
for (auto& i : ancestry) {
|
||
sandboxProfile += (format("\t(literal \"%1%\")\n") % i.c_str()).str();
|
||
}
|
||
sandboxProfile += ")\n";
|
||
|
||
sandboxProfile += additionalSandboxProfile;
|
||
} else
|
||
sandboxProfile += "(import \"sandbox-minimal.sb\")\n";
|
||
|
||
debug("Generated sandbox profile:");
|
||
debug(sandboxProfile);
|
||
|
||
Path sandboxFile = tmpDir + "/.sandbox.sb";
|
||
|
||
writeFile(sandboxFile, sandboxProfile);
|
||
|
||
bool allowLocalNetworking =
|
||
parsedDrv->getBoolAttr("__darwinAllowLocalNetworking");
|
||
|
||
/* The tmpDir in scope points at the temporary build directory for our
|
||
derivation. Some packages try different mechanisms to find temporary
|
||
directories, so we want to open up a broader place for them to dump
|
||
their files, if needed. */
|
||
Path globalTmpDir = canonPath(getEnv("TMPDIR", "/tmp"), true);
|
||
|
||
/* They don't like trailing slashes on subpath directives */
|
||
if (globalTmpDir.back() == '/') globalTmpDir.pop_back();
|
||
|
||
builder = "/usr/bin/sandbox-exec";
|
||
args.push_back("sandbox-exec");
|
||
args.push_back("-f");
|
||
args.push_back(sandboxFile);
|
||
args.push_back("-D");
|
||
args.push_back("_GLOBAL_TMP_DIR=" + globalTmpDir);
|
||
args.push_back("-D");
|
||
args.push_back("IMPORT_DIR=" + settings.nixDataDir + "/nix/sandbox/");
|
||
if (allowLocalNetworking) {
|
||
args.push_back("-D");
|
||
args.push_back(string("_ALLOW_LOCAL_NETWORKING=1"));
|
||
}
|
||
args.push_back(drv->builder);
|
||
}
|
||
#endif
|
||
else {
|
||
builder = drv->builder.c_str();
|
||
string builderBasename = baseNameOf(drv->builder);
|
||
args.push_back(builderBasename);
|
||
}
|
||
|
||
for (auto& i : drv->args) args.push_back(rewriteStrings(i, inputRewrites));
|
||
|
||
/* Indicate that we managed to set up the build environment. */
|
||
writeFull(STDERR_FILENO, string("\1\n"));
|
||
|
||
/* Execute the program. This should not return. */
|
||
if (drv->isBuiltin()) {
|
||
try {
|
||
BasicDerivation drv2(*drv);
|
||
for (auto& e : drv2.env)
|
||
e.second = rewriteStrings(e.second, inputRewrites);
|
||
|
||
if (drv->builder == "builtin:fetchurl")
|
||
builtinFetchurl(drv2, netrcData);
|
||
else if (drv->builder == "builtin:buildenv")
|
||
builtinBuildenv(drv2);
|
||
else
|
||
throw Error(format("unsupported builtin function '%1%'") %
|
||
string(drv->builder, 8));
|
||
_exit(0);
|
||
} catch (std::exception& e) {
|
||
writeFull(STDERR_FILENO, "error: " + string(e.what()) + "\n");
|
||
_exit(1);
|
||
}
|
||
}
|
||
|
||
execve(builder, stringsToCharPtrs(args).data(),
|
||
stringsToCharPtrs(envStrs).data());
|
||
|
||
throw SysError(format("executing '%1%'") % drv->builder);
|
||
|
||
} catch (std::exception& e) {
|
||
writeFull(STDERR_FILENO, "\1while setting up the build environment: " +
|
||
string(e.what()) + "\n");
|
||
_exit(1);
|
||
}
|
||
}
|
||
|
||
/* Parse a list of reference specifiers. Each element must either be
|
||
a store path, or the symbolic name of the output of the derivation
|
||
(such as `out'). */
|
||
PathSet parseReferenceSpecifiers(Store& store, const BasicDerivation& drv,
|
||
const Strings& paths) {
|
||
PathSet result;
|
||
for (auto& i : paths) {
|
||
if (store.isStorePath(i))
|
||
result.insert(i);
|
||
else if (drv.outputs.find(i) != drv.outputs.end())
|
||
result.insert(drv.outputs.find(i)->second.path);
|
||
else
|
||
throw BuildError(
|
||
format("derivation contains an illegal reference specifier '%1%'") %
|
||
i);
|
||
}
|
||
return result;
|
||
}
|
||
|
||
void DerivationGoal::registerOutputs() {
|
||
/* When using a build hook, the build hook can register the output
|
||
as valid (by doing `nix-store --import'). If so we don't have
|
||
to do anything here. */
|
||
if (hook) {
|
||
bool allValid = true;
|
||
for (auto& i : drv->outputs)
|
||
if (!worker.store.isValidPath(i.second.path)) allValid = false;
|
||
if (allValid) return;
|
||
}
|
||
|
||
std::map<std::string, ValidPathInfo> infos;
|
||
|
||
/* Set of inodes seen during calls to canonicalisePathMetaData()
|
||
for this build's outputs. This needs to be shared between
|
||
outputs to allow hard links between outputs. */
|
||
InodesSeen inodesSeen;
|
||
|
||
Path checkSuffix = ".check";
|
||
bool keepPreviousRound = settings.keepFailed || settings.runDiffHook;
|
||
|
||
std::exception_ptr delayedException;
|
||
|
||
/* Check whether the output paths were created, and grep each
|
||
output path to determine what other paths it references. Also make all
|
||
output paths read-only. */
|
||
for (auto& i : drv->outputs) {
|
||
Path path = i.second.path;
|
||
if (missingPaths.find(path) == missingPaths.end()) continue;
|
||
|
||
ValidPathInfo info;
|
||
|
||
Path actualPath = path;
|
||
if (useChroot) {
|
||
actualPath = chrootRootDir + path;
|
||
if (pathExists(actualPath)) {
|
||
/* Move output paths from the chroot to the Nix store. */
|
||
if (buildMode == bmRepair)
|
||
replaceValidPath(path, actualPath);
|
||
else if (buildMode != bmCheck &&
|
||
rename(actualPath.c_str(),
|
||
worker.store.toRealPath(path).c_str()) == -1)
|
||
throw SysError(format("moving build output '%1%' from the sandbox to "
|
||
"the Nix store") %
|
||
path);
|
||
}
|
||
if (buildMode != bmCheck) actualPath = worker.store.toRealPath(path);
|
||
}
|
||
|
||
if (needsHashRewrite()) {
|
||
Path redirected = redirectedOutputs[path];
|
||
if (buildMode == bmRepair &&
|
||
redirectedBadOutputs.find(path) != redirectedBadOutputs.end() &&
|
||
pathExists(redirected))
|
||
replaceValidPath(path, redirected);
|
||
if (buildMode == bmCheck && redirected != "") actualPath = redirected;
|
||
}
|
||
|
||
struct stat st;
|
||
if (lstat(actualPath.c_str(), &st) == -1) {
|
||
if (errno == ENOENT)
|
||
throw BuildError(
|
||
format("builder for '%1%' failed to produce output path '%2%'") %
|
||
drvPath % path);
|
||
throw SysError(format("getting attributes of path '%1%'") % actualPath);
|
||
}
|
||
|
||
#ifndef __CYGWIN__
|
||
/* Check that the output is not group or world writable, as
|
||
that means that someone else can have interfered with the
|
||
build. Also, the output should be owned by the build
|
||
user. */
|
||
if ((!S_ISLNK(st.st_mode) && (st.st_mode & (S_IWGRP | S_IWOTH))) ||
|
||
(buildUser && st.st_uid != buildUser->getUID()))
|
||
throw BuildError(format("suspicious ownership or permission on '%1%'; "
|
||
"rejecting this build output") %
|
||
path);
|
||
#endif
|
||
|
||
/* Apply hash rewriting if necessary. */
|
||
bool rewritten = false;
|
||
if (!outputRewrites.empty()) {
|
||
LOG(WARNING) << "rewriting hashes in '" << path << "'; cross fingers";
|
||
|
||
/* Canonicalise first. This ensures that the path we're
|
||
rewriting doesn't contain a hard link to /etc/shadow or
|
||
something like that. */
|
||
canonicalisePathMetaData(actualPath, buildUser ? buildUser->getUID() : -1,
|
||
inodesSeen);
|
||
|
||
/* FIXME: this is in-memory. */
|
||
StringSink sink;
|
||
dumpPath(actualPath, sink);
|
||
deletePath(actualPath);
|
||
sink.s = make_ref<std::string>(rewriteStrings(*sink.s, outputRewrites));
|
||
StringSource source(*sink.s);
|
||
restorePath(actualPath, source);
|
||
|
||
rewritten = true;
|
||
}
|
||
|
||
/* Check that fixed-output derivations produced the right
|
||
outputs (i.e., the content hash should match the specified
|
||
hash). */
|
||
if (fixedOutput) {
|
||
bool recursive;
|
||
Hash h;
|
||
i.second.parseHashInfo(recursive, h);
|
||
|
||
if (!recursive) {
|
||
/* The output path should be a regular file without
|
||
execute permission. */
|
||
if (!S_ISREG(st.st_mode) || (st.st_mode & S_IXUSR) != 0)
|
||
throw BuildError(
|
||
format(
|
||
"output path '%1%' should be a non-executable regular file") %
|
||
path);
|
||
}
|
||
|
||
/* Check the hash. In hash mode, move the path produced by
|
||
the derivation to its content-addressed location. */
|
||
Hash h2 = recursive ? hashPath(h.type, actualPath).first
|
||
: hashFile(h.type, actualPath);
|
||
|
||
Path dest = worker.store.makeFixedOutputPath(recursive, h2,
|
||
storePathToName(path));
|
||
|
||
if (h != h2) {
|
||
/* Throw an error after registering the path as
|
||
valid. */
|
||
worker.hashMismatch = true;
|
||
delayedException = std::make_exception_ptr(
|
||
BuildError("hash mismatch in fixed-output derivation '%s':\n "
|
||
"wanted: %s\n got: %s",
|
||
dest, h.to_string(), h2.to_string()));
|
||
|
||
Path actualDest = worker.store.toRealPath(dest);
|
||
|
||
if (worker.store.isValidPath(dest))
|
||
std::rethrow_exception(delayedException);
|
||
|
||
if (actualPath != actualDest) {
|
||
PathLocks outputLocks({actualDest});
|
||
deletePath(actualDest);
|
||
if (rename(actualPath.c_str(), actualDest.c_str()) == -1)
|
||
throw SysError(format("moving '%1%' to '%2%'") % actualPath % dest);
|
||
}
|
||
|
||
path = dest;
|
||
actualPath = actualDest;
|
||
} else
|
||
assert(path == dest);
|
||
|
||
info.ca = makeFixedOutputCA(recursive, h2);
|
||
}
|
||
|
||
/* Get rid of all weird permissions. This also checks that
|
||
all files are owned by the build user, if applicable. */
|
||
canonicalisePathMetaData(actualPath,
|
||
buildUser && !rewritten ? buildUser->getUID() : -1,
|
||
inodesSeen);
|
||
|
||
/* For this output path, find the references to other paths
|
||
contained in it. Compute the SHA-256 NAR hash at the same
|
||
time. The hash is stored in the database so that we can
|
||
verify later on whether nobody has messed with the store. */
|
||
DLOG(INFO) << "scanning for references inside '" << path << "'";
|
||
HashResult hash;
|
||
PathSet references = scanForReferences(actualPath, allPaths, hash);
|
||
|
||
if (buildMode == bmCheck) {
|
||
if (!worker.store.isValidPath(path)) continue;
|
||
auto info = *worker.store.queryPathInfo(path);
|
||
if (hash.first != info.narHash) {
|
||
worker.checkMismatch = true;
|
||
if (settings.runDiffHook || settings.keepFailed) {
|
||
Path dst = worker.store.toRealPath(path + checkSuffix);
|
||
deletePath(dst);
|
||
if (rename(actualPath.c_str(), dst.c_str()))
|
||
throw SysError(format("renaming '%1%' to '%2%'") % actualPath %
|
||
dst);
|
||
|
||
handleDiffHook(buildUser ? buildUser->getUID() : getuid(),
|
||
buildUser ? buildUser->getGID() : getgid(), path, dst,
|
||
drvPath, tmpDir);
|
||
|
||
throw NotDeterministic(
|
||
format("derivation '%1%' may not be deterministic: output '%2%' "
|
||
"differs from '%3%'") %
|
||
drvPath % path % dst);
|
||
} else
|
||
throw NotDeterministic(format("derivation '%1%' may not be "
|
||
"deterministic: output '%2%' differs") %
|
||
drvPath % path);
|
||
}
|
||
|
||
/* Since we verified the build, it's now ultimately
|
||
trusted. */
|
||
if (!info.ultimate) {
|
||
info.ultimate = true;
|
||
worker.store.signPathInfo(info);
|
||
worker.store.registerValidPaths({info});
|
||
}
|
||
|
||
continue;
|
||
}
|
||
|
||
/* For debugging, print out the referenced and unreferenced
|
||
paths. */
|
||
for (auto& i : inputPaths) {
|
||
PathSet::iterator j = references.find(i);
|
||
if (j == references.end())
|
||
DLOG(INFO) << "unreferenced input: '" << i << "'";
|
||
else
|
||
DLOG(INFO) << "referenced input: '" << i << "'";
|
||
}
|
||
|
||
if (curRound == nrRounds) {
|
||
worker.store.optimisePath(
|
||
actualPath); // FIXME: combine with scanForReferences()
|
||
worker.markContentsGood(path);
|
||
}
|
||
|
||
info.path = path;
|
||
info.narHash = hash.first;
|
||
info.narSize = hash.second;
|
||
info.references = references;
|
||
info.deriver = drvPath;
|
||
info.ultimate = true;
|
||
worker.store.signPathInfo(info);
|
||
|
||
if (!info.references.empty()) info.ca.clear();
|
||
|
||
infos[i.first] = info;
|
||
}
|
||
|
||
if (buildMode == bmCheck) return;
|
||
|
||
/* Apply output checks. */
|
||
checkOutputs(infos);
|
||
|
||
/* Compare the result with the previous round, and report which
|
||
path is different, if any.*/
|
||
if (curRound > 1 && prevInfos != infos) {
|
||
assert(prevInfos.size() == infos.size());
|
||
for (auto i = prevInfos.begin(), j = infos.begin(); i != prevInfos.end();
|
||
++i, ++j)
|
||
if (!(*i == *j)) {
|
||
result.isNonDeterministic = true;
|
||
Path prev = i->second.path + checkSuffix;
|
||
bool prevExists = keepPreviousRound && pathExists(prev);
|
||
auto msg =
|
||
prevExists
|
||
? fmt("output '%1%' of '%2%' differs from '%3%' from previous "
|
||
"round",
|
||
i->second.path, drvPath, prev)
|
||
: fmt("output '%1%' of '%2%' differs from previous round",
|
||
i->second.path, drvPath);
|
||
|
||
handleDiffHook(buildUser ? buildUser->getUID() : getuid(),
|
||
buildUser ? buildUser->getGID() : getgid(), prev,
|
||
i->second.path, drvPath, tmpDir);
|
||
|
||
if (settings.enforceDeterminism) {
|
||
throw NotDeterministic(msg);
|
||
}
|
||
|
||
LOG(ERROR) << msg;
|
||
curRound = nrRounds; // we know enough, bail out early
|
||
}
|
||
}
|
||
|
||
/* If this is the first round of several, then move the output out
|
||
of the way. */
|
||
if (nrRounds > 1 && curRound == 1 && curRound < nrRounds &&
|
||
keepPreviousRound) {
|
||
for (auto& i : drv->outputs) {
|
||
Path prev = i.second.path + checkSuffix;
|
||
deletePath(prev);
|
||
Path dst = i.second.path + checkSuffix;
|
||
if (rename(i.second.path.c_str(), dst.c_str()))
|
||
throw SysError(format("renaming '%1%' to '%2%'") % i.second.path % dst);
|
||
}
|
||
}
|
||
|
||
if (curRound < nrRounds) {
|
||
prevInfos = infos;
|
||
return;
|
||
}
|
||
|
||
/* Remove the .check directories if we're done. FIXME: keep them
|
||
if the result was not determistic? */
|
||
if (curRound == nrRounds) {
|
||
for (auto& i : drv->outputs) {
|
||
Path prev = i.second.path + checkSuffix;
|
||
deletePath(prev);
|
||
}
|
||
}
|
||
|
||
/* Register each output path as valid, and register the sets of
|
||
paths referenced by each of them. If there are cycles in the
|
||
outputs, this will fail. */
|
||
{
|
||
ValidPathInfos infos2;
|
||
for (auto& i : infos) infos2.push_back(i.second);
|
||
worker.store.registerValidPaths(infos2);
|
||
}
|
||
|
||
/* In case of a fixed-output derivation hash mismatch, throw an
|
||
exception now that we have registered the output as valid. */
|
||
if (delayedException) std::rethrow_exception(delayedException);
|
||
}
|
||
|
||
void DerivationGoal::checkOutputs(
|
||
const std::map<Path, ValidPathInfo>& outputs) {
|
||
std::map<Path, const ValidPathInfo&> outputsByPath;
|
||
for (auto& output : outputs)
|
||
outputsByPath.emplace(output.second.path, output.second);
|
||
|
||
for (auto& output : outputs) {
|
||
auto& outputName = output.first;
|
||
auto& info = output.second;
|
||
|
||
struct Checks {
|
||
bool ignoreSelfRefs = false;
|
||
std::optional<uint64_t> maxSize, maxClosureSize;
|
||
std::optional<Strings> allowedReferences, allowedRequisites,
|
||
disallowedReferences, disallowedRequisites;
|
||
};
|
||
|
||
/* Compute the closure and closure size of some output. This
|
||
is slightly tricky because some of its references (namely
|
||
other outputs) may not be valid yet. */
|
||
auto getClosure = [&](const Path& path) {
|
||
uint64_t closureSize = 0;
|
||
PathSet pathsDone;
|
||
std::queue<Path> pathsLeft;
|
||
pathsLeft.push(path);
|
||
|
||
while (!pathsLeft.empty()) {
|
||
auto path = pathsLeft.front();
|
||
pathsLeft.pop();
|
||
if (!pathsDone.insert(path).second) continue;
|
||
|
||
auto i = outputsByPath.find(path);
|
||
if (i != outputsByPath.end()) {
|
||
closureSize += i->second.narSize;
|
||
for (auto& ref : i->second.references) pathsLeft.push(ref);
|
||
} else {
|
||
auto info = worker.store.queryPathInfo(path);
|
||
closureSize += info->narSize;
|
||
for (auto& ref : info->references) pathsLeft.push(ref);
|
||
}
|
||
}
|
||
|
||
return std::make_pair(pathsDone, closureSize);
|
||
};
|
||
|
||
auto applyChecks = [&](const Checks& checks) {
|
||
if (checks.maxSize && info.narSize > *checks.maxSize)
|
||
throw BuildError(
|
||
"path '%s' is too large at %d bytes; limit is %d bytes", info.path,
|
||
info.narSize, *checks.maxSize);
|
||
|
||
if (checks.maxClosureSize) {
|
||
uint64_t closureSize = getClosure(info.path).second;
|
||
if (closureSize > *checks.maxClosureSize)
|
||
throw BuildError(
|
||
"closure of path '%s' is too large at %d bytes; limit is %d "
|
||
"bytes",
|
||
info.path, closureSize, *checks.maxClosureSize);
|
||
}
|
||
|
||
auto checkRefs = [&](const std::optional<Strings>& value, bool allowed,
|
||
bool recursive) {
|
||
if (!value) return;
|
||
|
||
PathSet spec = parseReferenceSpecifiers(worker.store, *drv, *value);
|
||
|
||
PathSet used =
|
||
recursive ? getClosure(info.path).first : info.references;
|
||
|
||
if (recursive && checks.ignoreSelfRefs) used.erase(info.path);
|
||
|
||
PathSet badPaths;
|
||
|
||
for (auto& i : used)
|
||
if (allowed) {
|
||
if (!spec.count(i)) badPaths.insert(i);
|
||
} else {
|
||
if (spec.count(i)) badPaths.insert(i);
|
||
}
|
||
|
||
if (!badPaths.empty()) {
|
||
string badPathsStr;
|
||
for (auto& i : badPaths) {
|
||
badPathsStr += "\n ";
|
||
badPathsStr += i;
|
||
}
|
||
throw BuildError(
|
||
"output '%s' is not allowed to refer to the following paths:%s",
|
||
info.path, badPathsStr);
|
||
}
|
||
};
|
||
|
||
checkRefs(checks.allowedReferences, true, false);
|
||
checkRefs(checks.allowedRequisites, true, true);
|
||
checkRefs(checks.disallowedReferences, false, false);
|
||
checkRefs(checks.disallowedRequisites, false, true);
|
||
};
|
||
|
||
if (auto structuredAttrs = parsedDrv->getStructuredAttrs()) {
|
||
auto outputChecks = structuredAttrs->find("outputChecks");
|
||
if (outputChecks != structuredAttrs->end()) {
|
||
auto output = outputChecks->find(outputName);
|
||
|
||
if (output != outputChecks->end()) {
|
||
Checks checks;
|
||
|
||
auto maxSize = output->find("maxSize");
|
||
if (maxSize != output->end())
|
||
checks.maxSize = maxSize->get<uint64_t>();
|
||
|
||
auto maxClosureSize = output->find("maxClosureSize");
|
||
if (maxClosureSize != output->end())
|
||
checks.maxClosureSize = maxClosureSize->get<uint64_t>();
|
||
|
||
auto get = [&](const std::string& name) -> std::optional<Strings> {
|
||
auto i = output->find(name);
|
||
if (i != output->end()) {
|
||
Strings res;
|
||
for (auto j = i->begin(); j != i->end(); ++j) {
|
||
if (!j->is_string())
|
||
throw Error(
|
||
"attribute '%s' of derivation '%s' must be a list of "
|
||
"strings",
|
||
name, drvPath);
|
||
res.push_back(j->get<std::string>());
|
||
}
|
||
checks.disallowedRequisites = res;
|
||
return res;
|
||
}
|
||
return {};
|
||
};
|
||
|
||
checks.allowedReferences = get("allowedReferences");
|
||
checks.allowedRequisites = get("allowedRequisites");
|
||
checks.disallowedReferences = get("disallowedReferences");
|
||
checks.disallowedRequisites = get("disallowedRequisites");
|
||
|
||
applyChecks(checks);
|
||
}
|
||
}
|
||
} else {
|
||
// legacy non-structured-attributes case
|
||
Checks checks;
|
||
checks.ignoreSelfRefs = true;
|
||
checks.allowedReferences = parsedDrv->getStringsAttr("allowedReferences");
|
||
checks.allowedRequisites = parsedDrv->getStringsAttr("allowedRequisites");
|
||
checks.disallowedReferences =
|
||
parsedDrv->getStringsAttr("disallowedReferences");
|
||
checks.disallowedRequisites =
|
||
parsedDrv->getStringsAttr("disallowedRequisites");
|
||
applyChecks(checks);
|
||
}
|
||
}
|
||
}
|
||
|
||
Path DerivationGoal::openLogFile() {
|
||
logSize = 0;
|
||
|
||
if (!settings.keepLog) return "";
|
||
|
||
string baseName = baseNameOf(drvPath);
|
||
|
||
/* Create a log file. */
|
||
Path dir = fmt("%s/%s/%s/", worker.store.logDir, worker.store.drvsLogDir,
|
||
string(baseName, 0, 2));
|
||
createDirs(dir);
|
||
|
||
Path logFileName = fmt("%s/%s%s", dir, string(baseName, 2),
|
||
settings.compressLog ? ".bz2" : "");
|
||
|
||
fdLogFile =
|
||
open(logFileName.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0666);
|
||
if (!fdLogFile)
|
||
throw SysError(format("creating log file '%1%'") % logFileName);
|
||
|
||
logFileSink = std::make_shared<FdSink>(fdLogFile.get());
|
||
|
||
if (settings.compressLog)
|
||
logSink = std::shared_ptr<CompressionSink>(
|
||
makeCompressionSink("bzip2", *logFileSink));
|
||
else
|
||
logSink = logFileSink;
|
||
|
||
return logFileName;
|
||
}
|
||
|
||
void DerivationGoal::closeLogFile() {
|
||
auto logSink2 = std::dynamic_pointer_cast<CompressionSink>(logSink);
|
||
if (logSink2) logSink2->finish();
|
||
if (logFileSink) logFileSink->flush();
|
||
logSink = logFileSink = 0;
|
||
fdLogFile = -1;
|
||
}
|
||
|
||
void DerivationGoal::deleteTmpDir(bool force) {
|
||
if (tmpDir != "") {
|
||
/* Don't keep temporary directories for builtins because they
|
||
might have privileged stuff (like a copy of netrc). */
|
||
if (settings.keepFailed && !force && !drv->isBuiltin()) {
|
||
LOG(INFO) << "note: keeping build directory '" << tmpDir << "'";
|
||
chmod(tmpDir.c_str(), 0755);
|
||
} else
|
||
deletePath(tmpDir);
|
||
tmpDir = "";
|
||
}
|
||
}
|
||
|
||
void DerivationGoal::handleChildOutput(int fd, const string& data) {
|
||
if ((hook && fd == hook->builderOut.readSide.get()) ||
|
||
(!hook && fd == builderOut.readSide.get())) {
|
||
logSize += data.size();
|
||
if (settings.maxLogSize && logSize > settings.maxLogSize) {
|
||
LOG(ERROR) << getName()
|
||
<< " killed after writing more than %2% bytes of log output"
|
||
<< settings.maxLogSize;
|
||
killChild();
|
||
done(BuildResult::LogLimitExceeded);
|
||
return;
|
||
}
|
||
|
||
for (auto c : data)
|
||
if (c == '\r') {
|
||
currentLogLinePos = 0;
|
||
} else if (c == '\n') {
|
||
flushLine();
|
||
} else {
|
||
if (currentLogLinePos >= currentLogLine.size())
|
||
currentLogLine.resize(currentLogLinePos + 1);
|
||
currentLogLine[currentLogLinePos++] = c;
|
||
}
|
||
|
||
if (logSink) (*logSink)(data);
|
||
}
|
||
|
||
if (hook && fd == hook->fromHook.readSide.get()) {
|
||
for (auto c : data)
|
||
if (c == '\n') {
|
||
currentHookLine.clear();
|
||
} else {
|
||
currentHookLine += c;
|
||
}
|
||
}
|
||
}
|
||
|
||
void DerivationGoal::handleEOF(int fd) {
|
||
if (!currentLogLine.empty()) flushLine();
|
||
worker.wakeUp(shared_from_this());
|
||
}
|
||
|
||
void DerivationGoal::flushLine() {
|
||
if (settings.verboseBuild && (settings.printRepeatedBuilds || curRound == 1))
|
||
LOG(INFO) << currentLogLine;
|
||
else {
|
||
logTail.push_back(currentLogLine);
|
||
if (logTail.size() > settings.logLines) logTail.pop_front();
|
||
}
|
||
|
||
currentLogLine = "";
|
||
currentLogLinePos = 0;
|
||
}
|
||
|
||
PathSet DerivationGoal::checkPathValidity(bool returnValid, bool checkHash) {
|
||
PathSet result;
|
||
for (auto& i : drv->outputs) {
|
||
if (!wantOutput(i.first, wantedOutputs)) {
|
||
continue;
|
||
}
|
||
bool good = worker.store.isValidPath(i.second.path) &&
|
||
(!checkHash || worker.pathContentsGood(i.second.path));
|
||
if (good == returnValid) {
|
||
result.insert(i.second.path);
|
||
}
|
||
}
|
||
return result;
|
||
}
|
||
|
||
Path DerivationGoal::addHashRewrite(const Path& path) {
|
||
string h1 = string(path, worker.store.storeDir.size() + 1, 32);
|
||
string h2 = string(hashString(htSHA256, "rewrite:" + drvPath + ":" + path)
|
||
.to_string(Base32, false),
|
||
0, 32);
|
||
Path p = worker.store.storeDir + "/" + h2 +
|
||
string(path, worker.store.storeDir.size() + 33);
|
||
deletePath(p);
|
||
assert(path.size() == p.size());
|
||
inputRewrites[h1] = h2;
|
||
outputRewrites[h2] = h1;
|
||
redirectedOutputs[path] = p;
|
||
return p;
|
||
}
|
||
|
||
void DerivationGoal::done(BuildResult::Status status, const string& msg) {
|
||
result.status = status;
|
||
result.errorMsg = msg;
|
||
amDone(result.success() ? ecSuccess : ecFailed);
|
||
if (result.status == BuildResult::TimedOut) worker.timedOut = true;
|
||
if (result.status == BuildResult::PermanentFailure)
|
||
worker.permanentFailure = true;
|
||
|
||
mcExpectedBuilds.reset();
|
||
mcRunningBuilds.reset();
|
||
|
||
if (result.success()) {
|
||
if (status == BuildResult::Built) worker.doneBuilds++;
|
||
} else {
|
||
if (status != BuildResult::DependencyFailed) worker.failedBuilds++;
|
||
}
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
class SubstitutionGoal : public Goal {
|
||
friend class Worker;
|
||
|
||
private:
|
||
/* The store path that should be realised through a substitute. */
|
||
Path storePath;
|
||
|
||
/* The remaining substituters. */
|
||
std::list<ref<Store>> subs;
|
||
|
||
/* The current substituter. */
|
||
std::shared_ptr<Store> sub;
|
||
|
||
/* Whether a substituter failed. */
|
||
bool substituterFailed = false;
|
||
|
||
/* Path info returned by the substituter's query info operation. */
|
||
std::shared_ptr<const ValidPathInfo> info;
|
||
|
||
/* Pipe for the substituter's standard output. */
|
||
Pipe outPipe;
|
||
|
||
/* The substituter thread. */
|
||
std::thread thr;
|
||
|
||
std::promise<void> promise;
|
||
|
||
/* Whether to try to repair a valid path. */
|
||
RepairFlag repair;
|
||
|
||
/* Location where we're downloading the substitute. Differs from
|
||
storePath when doing a repair. */
|
||
Path destPath;
|
||
|
||
std::unique_ptr<MaintainCount<uint64_t>> maintainExpectedSubstitutions,
|
||
maintainRunningSubstitutions, maintainExpectedNar,
|
||
maintainExpectedDownload;
|
||
|
||
typedef void (SubstitutionGoal::*GoalState)();
|
||
GoalState state;
|
||
|
||
public:
|
||
SubstitutionGoal(const Path& storePath, Worker& worker,
|
||
RepairFlag repair = NoRepair);
|
||
~SubstitutionGoal();
|
||
|
||
void timedOut() override { abort(); };
|
||
|
||
string key() override {
|
||
/* "a$" ensures substitution goals happen before derivation
|
||
goals. */
|
||
return "a$" + storePathToName(storePath) + "$" + storePath;
|
||
}
|
||
|
||
void work() override;
|
||
|
||
/* The states. */
|
||
void init();
|
||
void tryNext();
|
||
void gotInfo();
|
||
void referencesValid();
|
||
void tryToRun();
|
||
void finished();
|
||
|
||
/* Callback used by the worker to write to the log. */
|
||
void handleChildOutput(int fd, const string& data) override;
|
||
void handleEOF(int fd) override;
|
||
|
||
Path getStorePath() { return storePath; }
|
||
|
||
void amDone(ExitCode result) override { Goal::amDone(result); }
|
||
};
|
||
|
||
SubstitutionGoal::SubstitutionGoal(const Path& storePath, Worker& worker,
|
||
RepairFlag repair)
|
||
: Goal(worker), repair(repair) {
|
||
this->storePath = storePath;
|
||
state = &SubstitutionGoal::init;
|
||
name = (format("substitution of '%1%'") % storePath).str();
|
||
trace("created");
|
||
maintainExpectedSubstitutions =
|
||
std::make_unique<MaintainCount<uint64_t>>(worker.expectedSubstitutions);
|
||
}
|
||
|
||
SubstitutionGoal::~SubstitutionGoal() {
|
||
try {
|
||
if (thr.joinable()) {
|
||
// FIXME: signal worker thread to quit.
|
||
thr.join();
|
||
worker.childTerminated(this);
|
||
}
|
||
} catch (...) {
|
||
ignoreException();
|
||
}
|
||
}
|
||
|
||
void SubstitutionGoal::work() { (this->*state)(); }
|
||
|
||
void SubstitutionGoal::init() {
|
||
trace("init");
|
||
|
||
worker.store.addTempRoot(storePath);
|
||
|
||
/* If the path already exists we're done. */
|
||
if (!repair && worker.store.isValidPath(storePath)) {
|
||
amDone(ecSuccess);
|
||
return;
|
||
}
|
||
|
||
if (settings.readOnlyMode)
|
||
throw Error(
|
||
format(
|
||
"cannot substitute path '%1%' - no write access to the Nix store") %
|
||
storePath);
|
||
|
||
subs = settings.useSubstitutes ? getDefaultSubstituters()
|
||
: std::list<ref<Store>>();
|
||
|
||
tryNext();
|
||
}
|
||
|
||
void SubstitutionGoal::tryNext() {
|
||
trace("trying next substituter");
|
||
|
||
if (subs.size() == 0) {
|
||
/* None left. Terminate this goal and let someone else deal
|
||
with it. */
|
||
DLOG(WARNING)
|
||
<< "path '" << storePath
|
||
<< "' is required, but there is no substituter that can build it";
|
||
|
||
/* Hack: don't indicate failure if there were no substituters.
|
||
In that case the calling derivation should just do a
|
||
build. */
|
||
amDone(substituterFailed ? ecFailed : ecNoSubstituters);
|
||
|
||
if (substituterFailed) {
|
||
worker.failedSubstitutions++;
|
||
}
|
||
|
||
return;
|
||
}
|
||
|
||
sub = subs.front();
|
||
subs.pop_front();
|
||
|
||
if (sub->storeDir != worker.store.storeDir) {
|
||
tryNext();
|
||
return;
|
||
}
|
||
|
||
try {
|
||
// FIXME: make async
|
||
info = sub->queryPathInfo(storePath);
|
||
} catch (InvalidPath&) {
|
||
tryNext();
|
||
return;
|
||
} catch (SubstituterDisabled&) {
|
||
if (settings.tryFallback) {
|
||
tryNext();
|
||
return;
|
||
}
|
||
throw;
|
||
} catch (Error& e) {
|
||
if (settings.tryFallback) {
|
||
LOG(ERROR) << e.what();
|
||
tryNext();
|
||
return;
|
||
}
|
||
throw;
|
||
}
|
||
|
||
/* Update the total expected download size. */
|
||
auto narInfo = std::dynamic_pointer_cast<const NarInfo>(info);
|
||
|
||
maintainExpectedNar = std::make_unique<MaintainCount<uint64_t>>(
|
||
worker.expectedNarSize, info->narSize);
|
||
|
||
maintainExpectedDownload =
|
||
narInfo && narInfo->fileSize
|
||
? std::make_unique<MaintainCount<uint64_t>>(
|
||
worker.expectedDownloadSize, narInfo->fileSize)
|
||
: nullptr;
|
||
|
||
/* Bail out early if this substituter lacks a valid
|
||
signature. LocalStore::addToStore() also checks for this, but
|
||
only after we've downloaded the path. */
|
||
if (worker.store.requireSigs && !sub->isTrusted &&
|
||
!info->checkSignatures(worker.store, worker.store.getPublicKeys())) {
|
||
LOG(WARNING) << "substituter '" << sub->getUri()
|
||
<< "' does not have a valid signature for path '" << storePath
|
||
<< "'";
|
||
tryNext();
|
||
return;
|
||
}
|
||
|
||
/* To maintain the closure invariant, we first have to realise the
|
||
paths referenced by this one. */
|
||
for (auto& i : info->references)
|
||
if (i != storePath) /* ignore self-references */
|
||
addWaitee(worker.makeSubstitutionGoal(i));
|
||
|
||
if (waitees.empty()) /* to prevent hang (no wake-up event) */
|
||
referencesValid();
|
||
else
|
||
state = &SubstitutionGoal::referencesValid;
|
||
}
|
||
|
||
void SubstitutionGoal::referencesValid() {
|
||
trace("all references realised");
|
||
|
||
if (nrFailed > 0) {
|
||
DLOG(WARNING) << "some references of path '" << storePath
|
||
<< "' could not be realised";
|
||
amDone(nrNoSubstituters > 0 || nrIncompleteClosure > 0 ? ecIncompleteClosure
|
||
: ecFailed);
|
||
return;
|
||
}
|
||
|
||
for (auto& i : info->references)
|
||
if (i != storePath) /* ignore self-references */
|
||
assert(worker.store.isValidPath(i));
|
||
|
||
state = &SubstitutionGoal::tryToRun;
|
||
worker.wakeUp(shared_from_this());
|
||
}
|
||
|
||
void SubstitutionGoal::tryToRun() {
|
||
trace("trying to run");
|
||
|
||
/* Make sure that we are allowed to start a build. Note that even
|
||
if maxBuildJobs == 0 (no local builds allowed), we still allow
|
||
a substituter to run. This is because substitutions cannot be
|
||
distributed to another machine via the build hook. */
|
||
if (worker.getNrLocalBuilds() >=
|
||
std::max(1U, (unsigned int)settings.maxBuildJobs)) {
|
||
worker.waitForBuildSlot(shared_from_this());
|
||
return;
|
||
}
|
||
|
||
maintainRunningSubstitutions =
|
||
std::make_unique<MaintainCount<uint64_t>>(worker.runningSubstitutions);
|
||
|
||
outPipe.create();
|
||
|
||
promise = std::promise<void>();
|
||
|
||
thr = std::thread([this]() {
|
||
try {
|
||
/* Wake up the worker loop when we're done. */
|
||
Finally updateStats([this]() { outPipe.writeSide = -1; });
|
||
|
||
copyStorePath(ref<Store>(sub),
|
||
ref<Store>(worker.store.shared_from_this()), storePath,
|
||
repair, sub->isTrusted ? NoCheckSigs : CheckSigs);
|
||
|
||
promise.set_value();
|
||
} catch (...) {
|
||
promise.set_exception(std::current_exception());
|
||
}
|
||
});
|
||
|
||
worker.childStarted(shared_from_this(), {outPipe.readSide.get()}, true,
|
||
false);
|
||
|
||
state = &SubstitutionGoal::finished;
|
||
}
|
||
|
||
void SubstitutionGoal::finished() {
|
||
trace("substitute finished");
|
||
|
||
thr.join();
|
||
worker.childTerminated(this);
|
||
|
||
try {
|
||
promise.get_future().get();
|
||
} catch (std::exception& e) {
|
||
LOG(ERROR) << e.what();
|
||
|
||
/* Cause the parent build to fail unless --fallback is given,
|
||
or the substitute has disappeared. The latter case behaves
|
||
the same as the substitute never having existed in the
|
||
first place. */
|
||
try {
|
||
throw;
|
||
} catch (SubstituteGone&) {
|
||
} catch (...) {
|
||
substituterFailed = true;
|
||
}
|
||
|
||
/* Try the next substitute. */
|
||
state = &SubstitutionGoal::tryNext;
|
||
worker.wakeUp(shared_from_this());
|
||
return;
|
||
}
|
||
|
||
worker.markContentsGood(storePath);
|
||
|
||
DLOG(INFO) << "substitution of path '" << storePath << "' succeeded";
|
||
|
||
maintainRunningSubstitutions.reset();
|
||
|
||
maintainExpectedSubstitutions.reset();
|
||
worker.doneSubstitutions++;
|
||
|
||
if (maintainExpectedDownload) {
|
||
auto fileSize = maintainExpectedDownload->delta;
|
||
maintainExpectedDownload.reset();
|
||
worker.doneDownloadSize += fileSize;
|
||
}
|
||
|
||
worker.doneNarSize += maintainExpectedNar->delta;
|
||
maintainExpectedNar.reset();
|
||
|
||
amDone(ecSuccess);
|
||
}
|
||
|
||
void SubstitutionGoal::handleChildOutput(int fd, const string& data) {}
|
||
|
||
void SubstitutionGoal::handleEOF(int fd) {
|
||
if (fd == outPipe.readSide.get()) worker.wakeUp(shared_from_this());
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
static bool working = false;
|
||
|
||
Worker::Worker(LocalStore& store) : store(store) {
|
||
/* Debugging: prevent recursive workers. */
|
||
if (working) abort();
|
||
working = true;
|
||
nrLocalBuilds = 0;
|
||
lastWokenUp = steady_time_point::min();
|
||
permanentFailure = false;
|
||
timedOut = false;
|
||
hashMismatch = false;
|
||
checkMismatch = false;
|
||
}
|
||
|
||
Worker::~Worker() {
|
||
working = false;
|
||
|
||
/* Explicitly get rid of all strong pointers now. After this all
|
||
goals that refer to this worker should be gone. (Otherwise we
|
||
are in trouble, since goals may call childTerminated() etc. in
|
||
their destructors). */
|
||
topGoals.clear();
|
||
|
||
assert(expectedSubstitutions == 0);
|
||
assert(expectedDownloadSize == 0);
|
||
assert(expectedNarSize == 0);
|
||
}
|
||
|
||
GoalPtr Worker::makeDerivationGoal(const Path& path,
|
||
const StringSet& wantedOutputs,
|
||
BuildMode buildMode) {
|
||
GoalPtr goal = derivationGoals[path].lock();
|
||
if (!goal) {
|
||
goal =
|
||
std::make_shared<DerivationGoal>(path, wantedOutputs, *this, buildMode);
|
||
derivationGoals[path] = goal;
|
||
wakeUp(goal);
|
||
} else
|
||
(dynamic_cast<DerivationGoal*>(goal.get()))
|
||
->addWantedOutputs(wantedOutputs);
|
||
return goal;
|
||
}
|
||
|
||
std::shared_ptr<DerivationGoal> Worker::makeBasicDerivationGoal(
|
||
const Path& drvPath, const BasicDerivation& drv, BuildMode buildMode) {
|
||
auto goal = std::make_shared<DerivationGoal>(drvPath, drv, *this, buildMode);
|
||
wakeUp(goal);
|
||
return goal;
|
||
}
|
||
|
||
GoalPtr Worker::makeSubstitutionGoal(const Path& path, RepairFlag repair) {
|
||
GoalPtr goal = substitutionGoals[path].lock();
|
||
if (!goal) {
|
||
goal = std::make_shared<SubstitutionGoal>(path, *this, repair);
|
||
substitutionGoals[path] = goal;
|
||
wakeUp(goal);
|
||
}
|
||
return goal;
|
||
}
|
||
|
||
static void removeGoal(GoalPtr goal, WeakGoalMap& goalMap) {
|
||
/* !!! inefficient */
|
||
for (WeakGoalMap::iterator i = goalMap.begin(); i != goalMap.end();)
|
||
if (i->second.lock() == goal) {
|
||
WeakGoalMap::iterator j = i;
|
||
++j;
|
||
goalMap.erase(i);
|
||
i = j;
|
||
} else
|
||
++i;
|
||
}
|
||
|
||
void Worker::removeGoal(GoalPtr goal) {
|
||
nix::removeGoal(goal, derivationGoals);
|
||
nix::removeGoal(goal, substitutionGoals);
|
||
if (topGoals.find(goal) != topGoals.end()) {
|
||
topGoals.erase(goal);
|
||
/* If a top-level goal failed, then kill all other goals
|
||
(unless keepGoing was set). */
|
||
if (goal->getExitCode() == Goal::ecFailed && !settings.keepGoing)
|
||
topGoals.clear();
|
||
}
|
||
|
||
/* Wake up goals waiting for any goal to finish. */
|
||
for (auto& i : waitingForAnyGoal) {
|
||
GoalPtr goal = i.lock();
|
||
if (goal) wakeUp(goal);
|
||
}
|
||
|
||
waitingForAnyGoal.clear();
|
||
}
|
||
|
||
void Worker::wakeUp(GoalPtr goal) {
|
||
goal->trace("woken up");
|
||
addToWeakGoals(awake, goal);
|
||
}
|
||
|
||
unsigned Worker::getNrLocalBuilds() { return nrLocalBuilds; }
|
||
|
||
void Worker::childStarted(GoalPtr goal, const set<int>& fds, bool inBuildSlot,
|
||
bool respectTimeouts) {
|
||
Child child;
|
||
child.goal = goal;
|
||
child.goal2 = goal.get();
|
||
child.fds = fds;
|
||
child.timeStarted = child.lastOutput = steady_time_point::clock::now();
|
||
child.inBuildSlot = inBuildSlot;
|
||
child.respectTimeouts = respectTimeouts;
|
||
children.emplace_back(child);
|
||
if (inBuildSlot) nrLocalBuilds++;
|
||
}
|
||
|
||
void Worker::childTerminated(Goal* goal, bool wakeSleepers) {
|
||
auto i =
|
||
std::find_if(children.begin(), children.end(),
|
||
[&](const Child& child) { return child.goal2 == goal; });
|
||
if (i == children.end()) return;
|
||
|
||
if (i->inBuildSlot) {
|
||
assert(nrLocalBuilds > 0);
|
||
nrLocalBuilds--;
|
||
}
|
||
|
||
children.erase(i);
|
||
|
||
if (wakeSleepers) {
|
||
/* Wake up goals waiting for a build slot. */
|
||
for (auto& j : wantingToBuild) {
|
||
GoalPtr goal = j.lock();
|
||
if (goal) wakeUp(goal);
|
||
}
|
||
|
||
wantingToBuild.clear();
|
||
}
|
||
}
|
||
|
||
void Worker::waitForBuildSlot(GoalPtr goal) {
|
||
DLOG(INFO) << "wait for build slot";
|
||
if (getNrLocalBuilds() < settings.maxBuildJobs)
|
||
wakeUp(goal); /* we can do it right away */
|
||
else
|
||
addToWeakGoals(wantingToBuild, goal);
|
||
}
|
||
|
||
void Worker::waitForAnyGoal(GoalPtr goal) {
|
||
DLOG(INFO) << "wait for any goal";
|
||
addToWeakGoals(waitingForAnyGoal, goal);
|
||
}
|
||
|
||
void Worker::waitForAWhile(GoalPtr goal) {
|
||
DLOG(INFO) << "wait for a while";
|
||
addToWeakGoals(waitingForAWhile, goal);
|
||
}
|
||
|
||
void Worker::run(const Goals& _topGoals) {
|
||
for (auto& i : _topGoals) topGoals.insert(i);
|
||
|
||
DLOG(INFO) << "entered goal loop";
|
||
|
||
while (1) {
|
||
checkInterrupt();
|
||
|
||
store.autoGC(false);
|
||
|
||
/* Call every wake goal (in the ordering established by
|
||
CompareGoalPtrs). */
|
||
while (!awake.empty() && !topGoals.empty()) {
|
||
Goals awake2;
|
||
for (auto& i : awake) {
|
||
GoalPtr goal = i.lock();
|
||
if (goal) awake2.insert(goal);
|
||
}
|
||
awake.clear();
|
||
for (auto& goal : awake2) {
|
||
checkInterrupt();
|
||
goal->work();
|
||
if (topGoals.empty()) break; // stuff may have been cancelled
|
||
}
|
||
}
|
||
|
||
if (topGoals.empty()) break;
|
||
|
||
/* Wait for input. */
|
||
if (!children.empty() || !waitingForAWhile.empty())
|
||
waitForInput();
|
||
else {
|
||
if (awake.empty() && 0 == settings.maxBuildJobs)
|
||
throw Error(
|
||
"unable to start any build; either increase '--max-jobs' "
|
||
"or enable remote builds");
|
||
assert(!awake.empty());
|
||
}
|
||
}
|
||
|
||
/* If --keep-going is not set, it's possible that the main goal
|
||
exited while some of its subgoals were still active. But if
|
||
--keep-going *is* set, then they must all be finished now. */
|
||
assert(!settings.keepGoing || awake.empty());
|
||
assert(!settings.keepGoing || wantingToBuild.empty());
|
||
assert(!settings.keepGoing || children.empty());
|
||
}
|
||
|
||
void Worker::waitForInput() {
|
||
DLOG(INFO) << "waiting for children";
|
||
|
||
/* Process output from the file descriptors attached to the
|
||
children, namely log output and output path creation commands.
|
||
We also use this to detect child termination: if we get EOF on
|
||
the logger pipe of a build, we assume that the builder has
|
||
terminated. */
|
||
|
||
bool useTimeout = false;
|
||
struct timeval timeout;
|
||
timeout.tv_usec = 0;
|
||
auto before = steady_time_point::clock::now();
|
||
|
||
/* If we're monitoring for silence on stdout/stderr, or if there
|
||
is a build timeout, then wait for input until the first
|
||
deadline for any child. */
|
||
auto nearest = steady_time_point::max(); // nearest deadline
|
||
if (settings.minFree.get() != 0)
|
||
// Periodicallty wake up to see if we need to run the garbage collector.
|
||
nearest = before + std::chrono::seconds(10);
|
||
for (auto& i : children) {
|
||
if (!i.respectTimeouts) continue;
|
||
if (0 != settings.maxSilentTime)
|
||
nearest = std::min(
|
||
nearest, i.lastOutput + std::chrono::seconds(settings.maxSilentTime));
|
||
if (0 != settings.buildTimeout)
|
||
nearest = std::min(
|
||
nearest, i.timeStarted + std::chrono::seconds(settings.buildTimeout));
|
||
}
|
||
if (nearest != steady_time_point::max()) {
|
||
timeout.tv_sec = std::max(
|
||
1L,
|
||
(long)std::chrono::duration_cast<std::chrono::seconds>(nearest - before)
|
||
.count());
|
||
useTimeout = true;
|
||
}
|
||
|
||
/* If we are polling goals that are waiting for a lock, then wake
|
||
up after a few seconds at most. */
|
||
if (!waitingForAWhile.empty()) {
|
||
useTimeout = true;
|
||
if (lastWokenUp == steady_time_point::min())
|
||
DLOG(WARNING) << "waiting for locks or build slots...";
|
||
if (lastWokenUp == steady_time_point::min() || lastWokenUp > before)
|
||
lastWokenUp = before;
|
||
timeout.tv_sec = std::max(
|
||
1L,
|
||
(long)std::chrono::duration_cast<std::chrono::seconds>(
|
||
lastWokenUp + std::chrono::seconds(settings.pollInterval) - before)
|
||
.count());
|
||
} else
|
||
lastWokenUp = steady_time_point::min();
|
||
|
||
if (useTimeout) {
|
||
DLOG(INFO) << "sleeping " << timeout.tv_sec << " seconds";
|
||
}
|
||
|
||
/* Use select() to wait for the input side of any logger pipe to
|
||
become `available'. Note that `available' (i.e., non-blocking)
|
||
includes EOF. */
|
||
fd_set fds;
|
||
FD_ZERO(&fds);
|
||
int fdMax = 0;
|
||
for (auto& i : children) {
|
||
for (auto& j : i.fds) {
|
||
if (j >= FD_SETSIZE) throw Error("reached FD_SETSIZE limit");
|
||
FD_SET(j, &fds);
|
||
if (j >= fdMax) fdMax = j + 1;
|
||
}
|
||
}
|
||
|
||
if (select(fdMax, &fds, 0, 0, useTimeout ? &timeout : 0) == -1) {
|
||
if (errno == EINTR) return;
|
||
throw SysError("waiting for input");
|
||
}
|
||
|
||
auto after = steady_time_point::clock::now();
|
||
|
||
/* Process all available file descriptors. FIXME: this is
|
||
O(children * fds). */
|
||
decltype(children)::iterator i;
|
||
for (auto j = children.begin(); j != children.end(); j = i) {
|
||
i = std::next(j);
|
||
|
||
checkInterrupt();
|
||
|
||
GoalPtr goal = j->goal.lock();
|
||
assert(goal);
|
||
|
||
set<int> fds2(j->fds);
|
||
std::vector<unsigned char> buffer(4096);
|
||
for (auto& k : fds2) {
|
||
if (FD_ISSET(k, &fds)) {
|
||
ssize_t rd = read(k, buffer.data(), buffer.size());
|
||
// FIXME: is there a cleaner way to handle pt close
|
||
// than EIO? Is this even standard?
|
||
if (rd == 0 || (rd == -1 && errno == EIO)) {
|
||
DLOG(WARNING) << goal->getName() << ": got EOF";
|
||
goal->handleEOF(k);
|
||
j->fds.erase(k);
|
||
} else if (rd == -1) {
|
||
if (errno != EINTR)
|
||
throw SysError("%s: read failed", goal->getName());
|
||
} else {
|
||
DLOG(INFO) << goal->getName() << ": read " << rd << " bytes";
|
||
string data((char*)buffer.data(), rd);
|
||
j->lastOutput = after;
|
||
goal->handleChildOutput(k, data);
|
||
}
|
||
}
|
||
}
|
||
|
||
if (goal->getExitCode() == Goal::ecBusy && 0 != settings.maxSilentTime &&
|
||
j->respectTimeouts &&
|
||
after - j->lastOutput >= std::chrono::seconds(settings.maxSilentTime)) {
|
||
LOG(ERROR) << goal->getName() << " timed out after "
|
||
<< settings.maxSilentTime << " seconds of silence";
|
||
goal->timedOut();
|
||
}
|
||
|
||
else if (goal->getExitCode() == Goal::ecBusy &&
|
||
0 != settings.buildTimeout && j->respectTimeouts &&
|
||
after - j->timeStarted >=
|
||
std::chrono::seconds(settings.buildTimeout)) {
|
||
LOG(ERROR) << goal->getName() << " timed out after "
|
||
<< settings.buildTimeout << " seconds";
|
||
goal->timedOut();
|
||
}
|
||
}
|
||
|
||
if (!waitingForAWhile.empty() &&
|
||
lastWokenUp + std::chrono::seconds(settings.pollInterval) <= after) {
|
||
lastWokenUp = after;
|
||
for (auto& i : waitingForAWhile) {
|
||
GoalPtr goal = i.lock();
|
||
if (goal) wakeUp(goal);
|
||
}
|
||
waitingForAWhile.clear();
|
||
}
|
||
}
|
||
|
||
unsigned int Worker::exitStatus() {
|
||
/*
|
||
* 1100100
|
||
* ^^^^
|
||
* |||`- timeout
|
||
* ||`-- output hash mismatch
|
||
* |`--- build failure
|
||
* `---- not deterministic
|
||
*/
|
||
unsigned int mask = 0;
|
||
bool buildFailure = permanentFailure || timedOut || hashMismatch;
|
||
if (buildFailure) mask |= 0x04; // 100
|
||
if (timedOut) mask |= 0x01; // 101
|
||
if (hashMismatch) mask |= 0x02; // 102
|
||
if (checkMismatch) {
|
||
mask |= 0x08; // 104
|
||
}
|
||
|
||
if (mask) mask |= 0x60;
|
||
return mask ? mask : 1;
|
||
}
|
||
|
||
bool Worker::pathContentsGood(const Path& path) {
|
||
std::map<Path, bool>::iterator i = pathContentsGoodCache.find(path);
|
||
if (i != pathContentsGoodCache.end()) return i->second;
|
||
LOG(INFO) << "checking path '" << path << "'...";
|
||
auto info = store.queryPathInfo(path);
|
||
bool res;
|
||
if (!pathExists(path))
|
||
res = false;
|
||
else {
|
||
HashResult current = hashPath(info->narHash.type, path);
|
||
Hash nullHash(htSHA256);
|
||
res = info->narHash == nullHash || info->narHash == current.first;
|
||
}
|
||
pathContentsGoodCache[path] = res;
|
||
if (!res) {
|
||
LOG(ERROR) << "path '" << path << "' is corrupted or missing!";
|
||
}
|
||
return res;
|
||
}
|
||
|
||
void Worker::markContentsGood(const Path& path) {
|
||
pathContentsGoodCache[path] = true;
|
||
}
|
||
|
||
//////////////////////////////////////////////////////////////////////
|
||
|
||
static void primeCache(Store& store, const PathSet& paths) {
|
||
PathSet willBuild, willSubstitute, unknown;
|
||
unsigned long long downloadSize, narSize;
|
||
store.queryMissing(paths, willBuild, willSubstitute, unknown, downloadSize,
|
||
narSize);
|
||
|
||
if (!willBuild.empty() && 0 == settings.maxBuildJobs && getMachines().empty())
|
||
throw Error(
|
||
"%d derivations need to be built, but neither local builds "
|
||
"('--max-jobs') "
|
||
"nor remote builds ('--builders') are enabled",
|
||
willBuild.size());
|
||
}
|
||
|
||
void LocalStore::buildPaths(const PathSet& drvPaths, BuildMode buildMode) {
|
||
Worker worker(*this);
|
||
|
||
primeCache(*this, drvPaths);
|
||
|
||
Goals goals;
|
||
for (auto& i : drvPaths) {
|
||
DrvPathWithOutputs i2 = parseDrvPathWithOutputs(i);
|
||
if (isDerivation(i2.first))
|
||
goals.insert(worker.makeDerivationGoal(i2.first, i2.second, buildMode));
|
||
else
|
||
goals.insert(worker.makeSubstitutionGoal(
|
||
i, buildMode == bmRepair ? Repair : NoRepair));
|
||
}
|
||
|
||
worker.run(goals);
|
||
|
||
PathSet failed;
|
||
for (auto& i : goals) {
|
||
if (i->getExitCode() != Goal::ecSuccess) {
|
||
DerivationGoal* i2 = dynamic_cast<DerivationGoal*>(i.get());
|
||
if (i2)
|
||
failed.insert(i2->getDrvPath());
|
||
else
|
||
failed.insert(dynamic_cast<SubstitutionGoal*>(i.get())->getStorePath());
|
||
}
|
||
}
|
||
|
||
if (!failed.empty())
|
||
throw Error(worker.exitStatus(), "build of %s failed", showPaths(failed));
|
||
}
|
||
|
||
BuildResult LocalStore::buildDerivation(const Path& drvPath,
|
||
const BasicDerivation& drv,
|
||
BuildMode buildMode) {
|
||
Worker worker(*this);
|
||
auto goal = worker.makeBasicDerivationGoal(drvPath, drv, buildMode);
|
||
|
||
BuildResult result;
|
||
|
||
try {
|
||
worker.run(Goals{goal});
|
||
result = goal->getResult();
|
||
} catch (Error& e) {
|
||
result.status = BuildResult::MiscFailure;
|
||
result.errorMsg = e.msg();
|
||
}
|
||
|
||
return result;
|
||
}
|
||
|
||
void LocalStore::ensurePath(const Path& path) {
|
||
/* If the path is already valid, we're done. */
|
||
if (isValidPath(path)) return;
|
||
|
||
primeCache(*this, {path});
|
||
|
||
Worker worker(*this);
|
||
GoalPtr goal = worker.makeSubstitutionGoal(path);
|
||
Goals goals = {goal};
|
||
|
||
worker.run(goals);
|
||
|
||
if (goal->getExitCode() != Goal::ecSuccess)
|
||
throw Error(worker.exitStatus(),
|
||
"path '%s' does not exist and cannot be created", path);
|
||
}
|
||
|
||
void LocalStore::repairPath(const Path& path) {
|
||
Worker worker(*this);
|
||
GoalPtr goal = worker.makeSubstitutionGoal(path, Repair);
|
||
Goals goals = {goal};
|
||
|
||
worker.run(goals);
|
||
|
||
if (goal->getExitCode() != Goal::ecSuccess) {
|
||
/* Since substituting the path didn't work, if we have a valid
|
||
deriver, then rebuild the deriver. */
|
||
auto deriver = queryPathInfo(path)->deriver;
|
||
if (deriver != "" && isValidPath(deriver)) {
|
||
goals.clear();
|
||
goals.insert(worker.makeDerivationGoal(deriver, StringSet(), bmRepair));
|
||
worker.run(goals);
|
||
} else
|
||
throw Error(worker.exitStatus(), "cannot repair path '%s'", path);
|
||
}
|
||
}
|
||
|
||
} // namespace nix
|