This is essentially a backport of
<f52b6c944e>
by Eelco Dolstra <eelco.dolstra@logicblox.com>.
The use-after-free bug would typically manifest when building with
GCC 5.1.
* config-daemon.ac: Error out when $ac_cv_func_chroot is not "yes".
* nix/nix-daemon/guix-daemon.cc (options): Remove #ifdef HAVE_CHROOT.
(main): Likewise.
* nix/nix-daemon/guix-daemon.cc (main): Set 'autoStoreOptimise' to
true. Add 'printMsg' call.
* tests/derivations.scm ("identical files are deduplicated"): New test.
* nix/guix-register/guix-register.cc (GUIX_OPT_STATE_DIRECTORY): New
macro.
(parse_opt): Honor it.
* tests/guix-register.sh: Add test with '--state-directory'.
* guix/store.scm (register-path): Add #:state-directory parameter.
* nix/nix-daemon/guix-daemon.cc (main): Check whether getenv ("PATH")
returns NULL before blindly initializing 'search_path'. Before that
'guix-daemon' would abort when run in an environment where 'PATH' is
undefined.
* nix/nix-daemon/guix-daemon.cc (main): When --no-substitutes is used,
clear NIX_SUBSTITUTERS. Before that, and after
89faa5c75c, '--no-substitutes' would
lead to attempts to use 'download-using-manifests.pl', which in
practice would gracelessly fail.
* nix/nix-daemon/guix-daemon.cc (parse_opt): Use 'settings.set' instead
of direct field access for 'buildCores', 'maxBuildJobs', and
'useSubstitutes'.
(main): Call 'settings.update' after 'argp_parse'.
* nix/nix-daemon/guix-daemon.cc (GUIX_OPT_NO_BUILD_HOOK): New macro.
(options): Add '--no-build-hook'.
(parse_opt): Handle it.
(main)[HAVE_DAEMON_OFFLOAD_HOOK]: Set 'useBuildHook' by default.
Set $NIX_BUILD_HOOK to our offload hook unless otherwise specified.
[!HAVE_DAEMON_OFFLOAD_HOOK]: Clear 'useBuildHook'.
* pre-inst-env.in: Set and export NIX_BUILD_HOOK.
* nix/scripts/offload.in, guix/scripts/offload.scm: New files.
* guix/ui.scm (show-guix-help)[internal?]: Add "offload".
* config-daemon.ac: Call 'GUIX_CHECK_UNBUFFERED_CBIP'.
Instantiate 'nix/scripts/offload'. Set 'BUILD_DAEMON_OFFLOAD'
conditional, and optionally define 'HAVE_DEAMON_OFFLOAD_HOOK' cpp
macro.
* daemon.am (nodist_pkglibexec_SCRIPTS)[BUILD_DAEMON_OFFLOAD]: Add it.
* Makefile.am (MODULES)[BUILD_DAEMON_OFFLOAD]: Add
'guix/scripts/offload.scm'.
(EXTRA_DIST)[!BUILD_DAEMON_OFFLOAD]: Likewise.
* m4/guix.m4 (GUIX_CHECK_UNBUFFERED_CBIP): New macro.
* doc/guix.texi (Setting Up the Daemon): Move most of the body to...
(Build Environment Setup): ... this. New subsection.
(Daemon Offload Setup): New subsection.
* nix/guix-register/guix-register.cc (register_validity): Leave
'info.path' unmodified when PREFIX is empty.
(main): Call 'settings.processEnvironment' early on.
Leave 'settings.nixStore' unmodified when PREFIX is empty.
Before that, calls to 'HashSink::currentHash()' would eventually lead to
a segfault because the underlying gcrypt handle has been closed. (Note
that this method is only used via 'importPaths' and 'exportPath', though.)
* nix/libutil/gcrypt-hash.hh (struct guix_hash_context): Add a
constructor and a copy constructor; move out of 'extern "C"'.
* nix/libutil/gcrypt-hash.cc (guix_hash_final): Clear 'md_handle' upon
exit.
* nix/sync-with-upstream (top_srcdir): Change hash.{cc,hh} to read
'struct Ctx' instead of 'union Ctx'.
Inspired by <772b70952f...4ddd077bfa>.
* nix/scripts/list-runtime-roots.in (%store-directory): New variable.
(proc-environ-roots): New procedure.
(<top-level>): Use it.
This fixes a bug whereby 'guix-register' would bail out when trying to
create NIX_STORE_DIR/.links when NIX_STORE_DIR is read-only.
* nix/guix-register/guix-register.cc (parse_opt): Initialize
'settings.nixStore' to PREFIX + NIX_STORE_DIR.
(main): Change 'settings.nixStore' once the 'LocalStore' has been
instantiated.
* nix/guix-register/guix-register.cc (prefix): New variable.
(parse_opt): Use it.
(register_validity): Change 'info.path' to the final store name.
Hash the final under its real path.
* tests/guix-register.sh: Adjust the contents of $closure accordingly.
Rename 'NIX_LOCALSTATE_DIR' to 'NIX_STATE_DIR'. Don't try to call
'valid-path?'. Add test using 'sqlite3'.
Fixes compilation with the forthcoming libgcrypt 1.6.x.
Reported by Matthias Wachs <wachs@net.in.tum.de>
and NIIBE Yutaka <gniibe@fsij.org>.
* nix/libutil/gcrypt-hash.cc (guix_hash_init, guix_hash_final): Use
'int' as the type of the 'algo' parameter.
* nix/libutil/gcrypt-hash.hh: Update declarations accordingly.
Suggested by Mark H. Weaver.
* nix/nix-daemon/guix-daemon.cc (GUIX_OPT_NO_SUBSTITUTES): New macro.
(options): Add `--no-substitutes'.
(parse_opt): Add `GUIX_OPT_NO_SUBSTITUTES' case.
(main): Leave `settings.substituters' empty when
`settings.useSubstitutes' is false.
* guix/scripts/substitute-binary.scm: New file.
* Makefile.am (MODULES): Add it.
* nix/scripts/substitute-binary.in: New file.
* config-daemon.ac: Produce nix/scripts/substitute-binary.
* daemon.am (nodist_pkglibexec_SCRIPTS): Add
nix/scripts/substitute-binary.
* guix/store.scm (substitutable-path-info): Use the
`query-substitutable-path-infos' RPC.
* nix/nix-daemon/guix-daemon.cc (main): Honor `NIX_SUBSTITUTERS'.
* pre-inst-env.in: Set `NIX_SUBSTITUTERS'.
* test-env.in: Leave `NIX_SUBSTITUTERS' unchanged. Set
`GUIX_BINARY_SUBSTITUTE_URL, and create
$NIX_STATE_DIR/substituter-data.
Run `guix-daemon' within `./pre-inst-env'.
* tests/store.scm ("substitute query"): New test.
* nix/scripts/list-runtime-roots.in: New file.
* config-daemon.ac: Add `AC_CONFIG_FILES' invocation for it.
* daemon.am (nodist_pkglibexec_SCRIPTS): New variable.
(AM_TESTS_ENVIRONMENT): Define `top_builddir'.
* tests/guix-daemon.sh: Export `NIX_ROOT_FINDER'.
* nix/sync-with-upstream: Substitute the path to the root finder in
libstore/gc.cc.
* nix/nix-daemon/guix-daemon.cc (options)[!HAVE_CHROOT]: Mention that
`--disable-chroot' has no effect.
(main)[!HAVE_CHROOT]: Set `useChroot' to false.
* nix/libutil/md5.h (MD5_Final): Pass RESBUF as the first argument to
`guix_hash_final'.
* nix/libutil/sha1.h (SHA1_Final): Likewise.
* nix/libutil/sha256.h (SHA256_Final): Likewise.