* nix/nix-daemon/nix-daemon.cc (performOp) <wopSetOptions>: When
'isRemoteConnection' is true, set 'settings.keepFailed' to zero.
* doc/guix.texi (Common Build Options): Document this behavior.
That way it is handled in the same way as other helper scripts.
* nix/scripts/guix-authenticate.in: Rename to...
* nix/scripts/authenticate.in: ... this.
* config-daemon.ac: Adjust accordingly.
* nix/local.mk (libstore_a_CPPFLAGS): Remove -DOPENSSL_PATH.
(nodist_libexec_SCRIPTS): Remove.
(nodist_pkglibexec_SCRIPTS): New variable.
* nix/nix-daemon/guix-daemon.cc (main): Remove 'setenv' call for
"PATH".
* nix/libstore/local-store.cc (runAuthenticationProgram): New function.
(LocalStore::exportPath, LocalStore::importPath): Use it instead of
'runProgram' and OPENSSL_PATH.
This allows clients to tell whether output comes from the daemon or, if
it comes from a builder, from which builder it comes. The latter is
particularly useful when MAX-BUILD-JOBS > 1.
* nix/libstore/build.cc (DerivationGoal::tryBuildHook)
(DerivationGoal::startBuilder): Print the child's PID in "@ build-started"
traces.
(DerivationGoal::handleChildOutput): Define 'prefix', pass it to
'writeToStderr'.
* nix/libstore/globals.cc (Settings:Settings): Initialize
'multiplexedBuildOutput'.
(Settings::update): Likewise.
* nix/libstore/globals.hh (Settings)[multiplexedBuildOutput]: New field.
Update 'printBuildTrace' documentation.
* nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0.163.
* nix/nix-daemon/nix-daemon.cc (performOp) <wopSetOptions>: Special-case
"multiplexed-build-output" and remove "use-ssh-substituter".
* guix/store.scm (set-build-options): Add #:multiplexed-build-output?
and honor it.
(%protocol-version): Bump to #x163.
* tests/store.scm ("multiplexed-build-output"): New test.
fixlet
This code has never been of any use in Guix.
* nix/libutil/archive.cc (useCaseHack): Remove.
(parse): Keep only the alternate branch in "if (useCaseHack)".
* guix/scripts/perform-download.scm (perform-download): Add
#:print-build-trace? and pass it to 'url-fetch'.
(guix-perform-download): Define 'print-build-trace?' and pass it to
'perform-download'.
* guix/build/download.scm (ftp-fetch): Add #:print-build-trace? and
honor it.
(url-fetch): Likewise.
* nix/libstore/builtins.cc (builtinDownload): Set _NIX_OPTIONS
environment variable.
* nix/libstore/build.cc (canBuildLocally): Allow building armhf-linux
builds on aarch64-linux.
(DerivationGoal::runChild) Throw error if attempting to build for
armhf-linux on an unsupported platform.
* doc/guix.texi (Invoking guix build): Document how to build natively
for armhf-linux on aarch64-linux. Add note that on some aarch64
machines this is unsupported.
* nix/nix-daemon/nix-daemon.cc (isRemoteConnection): New variable.
(performOp): For wopCollectGarbage, throw an error when isRemoteConnection
is set.
(acceptConnection): Set isRemoteConnection when connection is not AF_UNIX.
* tests/guix-daemon.sh: Add a test for the new behavior.
* config-daemon.ac: Don't bail out when libbz2 is missing. Define
'HAVE_LIBBZ2' Automake conditional.
* nix/libstore/build.cc: Wrap relevant bits in '#if HAVE_BZLIB_H'.
* nix/libstore/globals.cc (Settings::Settings): 'logCompression'
defaults to COMPRESSION_GZIP when HAVE_BZLIB_H is false.
* nix/libstore/globals.hh (CompressionType): Make 'COMPRESSION_BZIP2'
conditional on HAVE_BZLIB_H.
* nix/local.mk (guix_register_LDADD, guix_daemon_LDADD): Add -lbz2 only
when HAVE_LIBBZ2.
* nix/nix-daemon/guix-daemon.cc (parse_opt): Ignore "bzip2" when not
HAVE_BZLIB_H.
Fixes <https://bugs.gnu.org/29862>.
Reported by Danny Milosavljevic <dannym@scratchpost.org>.
* nix/scripts/list-runtime-roots.in (canonicalize-store-item): Define
'store' with a trailing "/". Have the 'string-prefix?' call match the
'string-drop' call.
This allows running as non-root.
Fixes a regression introduced in b8f59cdc20.
* nix/scripts/list-runtime-roots.in (referenced-files): Handle EACCES in
addition to ENOENT.
Looking at 'addAdditionalRoots' in libstore/gc.cc, it looks like it
should always have been this way. In practice it probably doesn't make
much of a difference.
* nix/scripts/list-runtime-roots.in (canonicalize-store-item): New
procedure.
<top level>: Use it.
This makes things a bit faster (0.8s instead of 1.4s on my laptop).
* nix/scripts/list-runtime-roots.in (lsof-roots): Remove.
(proc-fd-roots): Return the empty list when 'scandir' returns #f.
(referenced-files): New procedure.
Use it at the top level.
Prior to this change, errors such as wrong permissions on
/etc/guix/signing-key.sec would give:
guix-daemon: nix/libutil/serialise.cc:15: virtual nix::BufferedSink::~BufferedSink(): Assertion `!bufPos' failed.
This patch correctly propagates the error to the client and thus changes
that to:
error: build failed: file `/etc/guix/signing-key.sec' should be secret (inaccessible to everybody else)!
* nix/nix-daemon/nix-daemon.cc (performOp): Wrap 'exportPath' call in
'try' block.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Reported by Ricardo Wurmus.
* nix/nix-daemon/nix-daemon.cc (acceptConnection): Remove intermediate
'inaddr' variables that relied on implicit casts. This fixes
compilation with GCC 4.9.
* nix/nix-daemon/guix-daemon.cc (DEFAULT_GUIX_PORT): New macro.
(listen_options): New variable.
(parse_opt): Push back '--listen' options to LISTEN_OPTIONS.
(open_unix_domain_socket, open_inet_socket)
(listening_sockets): New functions.
(main): Use it. Pass SOCKETS to 'run'.
* nix/nix-daemon/nix-daemon.cc (matchUser): Remove.
(SD_LISTEN_FDS_START): Remove.
(acceptConnection): New function.
(daemonLoop): Rewrite to take a vector of file descriptors, to select(2)
on them, and to call 'acceptConnection'.
(run): Change to take a vector of file descriptors.
* tests/guix-daemon.sh: Add test.
Otherwise, users will be stuck running an old copy of guix and the guix-daemon
if they copy the service files instead of symlinking them.
* etc/guix-daemon.conf.in, etc/guix-daemon.service.in, etc/guix-publish.conf.in,
etc/guix-publish.service.in: Expand @localstatedir@ instead of @bindir@.
* nix/local.mk (etc/guix-%.service, etc/guix-%.conf): Use @localstatedir@
instead of @bindir@.
Reported by rohit yadav <rohityadav@utexas.edu>
at <https://lists.gnu.org/archive/html/guix-devel/2017-02/msg00191.html>.
This fixes a regression whereby 'guix perform-download' would always see
NIX_STORE as unset and thus use "/gnu/store", leading it to miscompute
the hydra.gnu.org content-addressed URLs when the store file name is not
"/gnu/store".
* nix/libstore/builtins.cc (builtinDownload): Add 'setenv' call for
'NIX_STORE'.
Fixes <http://bugs.gnu.org/20217>.
* nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0x161.
* nix/nix-daemon/nix-daemon.cc (performOp): "build-max-jobs",
"build-max-silent-time", and "build-cores" are no longer read upfront;
instead, read them from the key/value list at the end.
* nix/nix-daemon/guix-daemon.cc (main): Explicitly set
'settings.maxBuildJobs'.
* guix/store.scm (%protocol-version): Bump to #x161.
(set-build-options): #:max-build-jobs, #:max-silent-time, and
#:build-cores now default to #f. Adjust handshake to new protocol.
* tests/store.scm ("build-cores"): New test.
* tests/guix-daemon.sh: Add test for default "build-cores" value.
Fixes <http://bugs.gnu.org/25242>.
Reported by Leo Famulari <leo@famulari.name>.
The regression was introduced in 94d92c7796.
* nix/libstore/build.cc (DerivationGoal::startBuilder): Set 'useChroot'
as a function 'of isBuiltin(drv)'.
(DerivationGoal::runChild): Use 'useChroot' instead of
'useChroot && !isBuiltin(drv)'.
Fixes <http://bugs.gnu.org/15890>.
* nix/libstore/globals.hh (Settings) Add clientUid and clientGid.
* nix/nix-daemon/nix-daemon.cc (daemonLoop] Store UID and GID of the
caller in settings.
* nix/libstore/build.cc (_chown): New function.
(DerivationGoal::deleteTmpDir): Use it, change ownership of build
directory if it is kept and the new owner is not root.
Before that we'd have STDERR_WRITE round trips for very small amounts of
data, ranging from a few bytes for the metadata of nars to the size of
one file being exported.
With this change, something like:
guix archive --export /gnu/store/5rrsbaghh5ix1vjcicsl60gsxilhjnf2-coreutils-8.25 | dd of=/dev/null
reports a throughput of 35 MB/s instead of 25 MB/s before.
* nix/nix-daemon/nix-daemon.cc (TunnelSink): Inherit from 'BufferedSink'
rather than 'Sink'. Rename 'operator ()' to 'write'.
(performOp) <wopExportPath>: Add 'sink.flush' call.