Commit graph

634 commits

Author SHA1 Message Date
Aneesh Agrawal d3acf9891c stdenv: More useful error message on bad meta attrs
This helps in debugging meta attribute type errors,
which are now enforced as of commit
90b9719f4f.
2017-05-02 01:45:30 -04:00
Dan Peebles f3a05a0fb3 stdenv: disable checkMeta by default until issues resolved
https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426
2017-05-01 13:51:12 -04:00
Eric Sagnes 7004919243 stdenv-generic: add meta attributes checks 2017-04-29 17:07:01 +09:00
Dan Peebles 90b9719f4f treewide: fix the remaining issues with meta attributes 2017-04-29 04:24:34 +00:00
Dan Peebles 1a4ca220e1 treewide: fix assorted issues revealed by the meta checker
Turns out a couple of the licenses were wrong, as well as being strings.
2017-04-28 23:07:42 -04:00
Dan Peebles 32ae4bfc20 stdenv-generic: add meta attribute checking
This is turned off by default but I think we should fix all packages to
respect it and then turn it on by default
2017-04-28 18:12:18 -04:00
Tuomas Tynkkynen ce56c99edc mkDerivation: Don't pass buildInputs to stdenv builder in nativeBuildInputs
When not cross compiling, nativeBuildInputs and buildInputs have
identical behaviour. Currently that is implemented by having
mkDerivation do a concatenation of those variables in Nix code and pass
that to the builder via the nativeBuildInputs attribute.

However, that has some annoying side effects, like `foo.buildInputs`
evaluating to `[ ]` even if buildInputs were specified in the nix
expression for foo.

Instead, pass buildInputs and nativeBuildInputs in separate variables as
usual, and move the logic of cross compilation vs. native compilation to
the stdenv builder script. This is probably a tiny bit uglier but
fixes the previous problem.

Issue #4855.
2017-03-02 03:26:48 +02:00
Graham Christensen a9c875fc2e
nixpkgs: allow packages to be marked insecure
If a package's meta has `knownVulnerabilities`, like so:

    stdenv.mkDerivation {
      name = "foobar-1.2.3";

      ...

      meta.knownVulnerabilities = [
        "CVE-0000-00000: remote code execution"
        "CVE-0000-00001: local privilege escalation"
      ];
    }

and a user attempts to install the package, they will be greeted with
a warning indicating that maybe they don't want to install it:

    error: Package ‘foobar-1.2.3’ in ‘...default.nix:20’ is marked as insecure, refusing to evaluate.

    Known issues:

     - CVE-0000-00000: remote code execution
     - CVE-0000-00001: local privilege escalation

    You can install it anyway by whitelisting this package, using the
    following methods:

    a) for `nixos-rebuild` you can add ‘foobar-1.2.3’ to
       `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
       like so:

         {
           nixpkgs.config.permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

    b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
    ‘foobar-1.2.3’ to `permittedInsecurePackages` in
    ~/.config/nixpkgs/config.nix, like so:

         {
           permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

Adding either of these configurations will permit this specific
version to be installed. A third option also exists:

  NIXPKGS_ALLOW_INSECURE=1 nix-build ...

though I specifically avoided having a global file-based toggle to
disable this check. This way, users don't disable it once in order to
get a single package, and then don't realize future packages are
insecure.
2017-02-24 07:41:05 -05:00
Graham Christensen 59d61ef34a Revert "nixpkgs: allow packages to be marked insecure" 2017-02-23 09:41:42 -05:00
Graham Christensen 38771badd3
nixpkgs: allow packages to be marked insecure
If a package's meta has `knownVulnerabilities`, like so:

    stdenv.mkDerivation {
      name = "foobar-1.2.3";

      ...

      meta.knownVulnerabilities = [
        "CVE-0000-00000: remote code execution"
        "CVE-0000-00001: local privilege escalation"
      ];
    }

and a user attempts to install the package, they will be greeted with
a warning indicating that maybe they don't want to install it:

    error: Package ‘foobar-1.2.3’ in ‘...default.nix:20’ is marked as insecure, refusing to evaluate.

    Known issues:

     - CVE-0000-00000: remote code execution
     - CVE-0000-00001: local privilege escalation

    You can install it anyway by whitelisting this package, using the
    following methods:

    a) for `nixos-rebuild` you can add ‘foobar-1.2.3’ to
       `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
       like so:

         {
           nixpkgs.config.permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

    b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
    ‘foobar-1.2.3’ to `permittedInsecurePackages` in
    ~/.config/nixpkgs/config.nix, like so:

         {
           permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

Adding either of these configurations will permit this specific
version to be installed. A third option also exists:

  NIXPKGS_ALLOW_INSECURE=1 nix-build ...

though I specifically avoided having a global file-based toggle to
disable this check. This way, users don't disable it once in order to
get a single package, and then don't realize future packages are
insecure.
2017-02-17 20:49:49 -05:00
Eelco Dolstra 9d6a55aefd
~/.nixpkgs -> ~/.config/nixpkgs
The former is still respected as a fallback for config.nix for
backwards compatibility (but not for overlays because they're a new
feature).
2017-02-01 16:07:55 +01:00
Tuomas Tynkkynen 18599495c4 stdenv: make is64bit evaluate true on aarch64
This should fix the NSS build.
2017-01-29 20:28:14 +02:00
Tuomas Tynkkynen 7c8a060c09 stdenv: Bringup aarch64 architecture support 2017-01-25 00:01:51 +02:00
John Ericson bf17d6dacf top-level: Introduce buildPackages for resolving build-time deps
[N.B., this package also applies to the commits that follow it in the same
PR.]

In most cases, buildPackages = pkgs so things work just as before. For
cross compiling, however, buildPackages is resolved as the previous
bootstrapping stage. This allows us to avoid the mkDerivation hacks cross
compiling currently uses today.

To avoid a massive refactor, callPackage will splice together both package
sets. Again to avoid churn, it uses the old `nativeDrv` vs `crossDrv` to do
so. So now, whether cross compiling or not, packages with get a `nativeDrv`
and `crossDrv`---in the non-cross-compiling case they are simply the same
derivation. This is good because it reduces the divergence between the
cross and non-cross dataflow. See `pkgs/top-level/splice.nix` for a comment
along the lines of the preceding paragraph, and the code that does this
splicing.

Also, `forceNativeDrv` is replaced with `forceNativePackages`. The latter
resolves `pkgs` unless the host platform is different from the build
platform, in which case it resolves to `buildPackages`. Note that the
target platform is not important here---it will not prevent
`forcedNativePackages` from resolving to `pkgs`.

--------

Temporarily, we make preserve some dubious decisions in the name of preserving
hashes:

Most importantly, we don't distinguish between "host" and "target" in the
autoconf sense. This leads to the proliferation of *Cross derivations
currently used. What we ought to is resolve native deps of the cross "build
packages" (build = host != target) package set against the "vanilla
packages" (build = host = target) package set. Instead, "build packages"
uses itself, with (informally) target != build in all cases.

This is wrong because it violates the "sliding window" principle of
bootstrapping stages that shifting the platform triple of one stage to the
left coincides with the next stage's platform triple. Only because we don't
explicitly distinguish between "host" and "target" does it appear that the
"sliding window" principle is preserved--indeed it is over the reductionary
"platform double" of just "build" and "host/target".

Additionally, we build libc, libgcc, etc in the same stage as the compilers
themselves, which is wrong because they are used at runtime, not build
time. Fixing this is somewhat subtle, and the solution and problem will be
better explained in the commit that does fix it.

Commits after this will solve both these issues, at the expense of breaking
cross hashes. Native hashes won't be broken, thankfully.

--------

Did the temporary ugliness pan out? Of the packages that currently build in
`release-cross.nix`, the only ones that have their hash changed are
`*.gcc.crossDrv` and `bootstrapTools.*.coreutilsMinimal`. In both cases I
think it doesn't matter.

 1. GCC when doing a `build = host = target = foreign` build (maximally
    cross), still defines environment variables like `CPATH`[1] with
    packages.  This seems assuredly wrong because whether gcc dynamically
    links those, or the programs built by gcc dynamically link those---I
    have no idea which case is reality---they should be foreign. Therefore,
    in all likelihood, I just made the gcc less broken.

 2. Coreutils (ab)used the old cross-compiling infrastructure to depend on
    a native version of itself. When coreutils was overwritten to be built
    with fewer features, the native version it used would also be
    overwritten because the binding was tight. Now it uses the much looser
    `BuildPackages.coreutils` which is just fine as a richer build dep
    doesn't cause any problems and avoids a rebuild.

So, in conclusion I'd say the conservatism payed off. Onward to actually
raking the muck in the next PR!

[1]: https://gcc.gnu.org/onlinedocs/gcc/Environment-Variables.html
2017-01-24 11:37:56 -05:00
John Ericson 0ef8b69d12 top-level: Modernize stdenv.overrides giving it self and super
Document breaking change in 17.03 release notes
2017-01-13 10:36:11 -05:00
Domen Kožar 45f579b9e7 allowUnfree: mention the solution that works for nix-shell as well 2016-11-16 15:14:19 +01:00
Domen Kožar 62edf873aa Merge pull request #18660 from aneeshusa/add-override-attrs
mkDerivation: add overrideAttrs function
2016-10-30 11:32:15 +01:00
Joachim F 3d5630fac9 Merge pull request #19769 from groxxda/license
stdenv.hasLicense: ? supports nested lookup
2016-10-24 15:19:12 +02:00
Alexander Ried a0ac2ae35e stdenv: throwEvalHelp performance (#19779) 2016-10-22 20:24:56 +02:00
Alexander Ried 43ce115ca9 stdenv.hasLicense: ? supports nested lookup
this avoids one copy of the attrset
2016-10-22 02:43:13 +02:00
Vladimír Čunát af38c05587 stdenv stripHash(): fixup after #19324 2016-10-12 23:45:30 +02:00
Profpatsch bef6bef0d2
stdenv/stripHash: print to stdout, not to variable
`stripHash` documentation states that it prints out the stripped name to
the stdout, but the function stored the value in `strippedName`
instead.

Basically all usages did something like
`$(stripHash $foo | echo $strippedName)` which is just braindamaged.
Fixed the implementation and all invocations.
2016-10-11 18:34:36 +02:00
Aneesh Agrawal 39b64b52ed mkDerivation: add overrideAttrs function
This is similar to `overrideDerivation`, but overrides the arguments to
`mkDerivation` instead of the underlying `derivation` call.

Also update `makeOverridable` so that uses of `overrideAttrs` can be
followed by `override` and `overrideDerivation`, i.e. they can be
mix-and-matched.
2016-10-02 11:08:34 -04:00
Chris Martin 10f2befa58 stdenv.mkDerivation: add comments w/ manual links (#18707) 2016-09-18 11:20:53 +02:00
Nikolay Amiantov adaee7352b stdenv: leave SSL_CERT_FILE in shells (#15571) 2016-09-01 20:50:08 +02:00
Tuomas Tynkkynen 5326e85f3d stdenv.mkDerivation: Use chooseDevOutputs 2016-08-29 14:49:51 +03:00
Robin Gloster e17bc25943
Merge remote-tracking branch 'upstream/master' into staging 2016-08-29 00:24:47 +00:00
Tuomas Tynkkynen ff9491917f stdenv: Add platforms 2016-08-28 18:04:09 +03:00
Eelco Dolstra 8a84fc0217 Tweak error message 2016-08-26 18:58:49 +02:00
Robin Gloster b6c204f088
stdenv substitute: fail on non-existant input file
fixes #9744
2016-08-26 16:27:36 +00:00
Domen Kožar 7a5b85cdda pkgs.runCommand: passAsFile (buildCommand can be very long)
Close #15803. This avoids the error:

while setting up the build environment: executing
‘/nix/store/7sb42axk5lrxqz45nldrb2pchlys14s1-bash-4.3-p42/bin/bash’:
Argument list too long

Note: I wanted to make it optional based on buildCommand length,
but that seems pointless as I'm sure it's less performant.

Amended by vcunat:
https://github.com/NixOS/nixpkgs/pull/15803#issuecomment-224841225
2016-06-10 10:49:26 +02:00
Joachim Fasting 6648b04381
stdenv: fix paxmark
On Linux, paxctl's setup hook should overwrite the paxmark stub, but the
stub is defined after the setup hooks are sourced, so the stub ends up
overwriting the real function.  The result is that paxmark fails to do
anything.  The fix is to define the stub before any setup hooks are
sourced.  Thanks to @vcunat for figuring this out.

Closes #15492
2016-05-27 18:57:59 +02:00
Vladimír Čunát 81df035429 stdenv setup.sh: revert most of changes around #14907
I'm giving this up. Feel free to find some reasonable variant that works
at least on Linux and Darwin. Problems encountered:
- During bootstrap of Darwin stdenv `env -0` and some bash features
  don't work.
- Without `env -0` the contents of some multi-line phases is taken as
  variable declarations, which wouldn't typically matter, but the PR
  wanted to refuse bash-invalid names which would be occasionally
  triggered. This commit dowgrades that to a warning with explanation.
2016-05-12 04:53:37 +02:00
Vladimír Čunát 62fc8859c1 stdenv substituteAll: use yet another implementation
It turned out that process substitution fed into a while-cycle
isn't recognized during darwin bootstrap:
http://hydra.nixos.org/build/35382446/nixlog/1/raw

Also fix broken NIX_DEBUG output, noticed by abbradar.
2016-05-08 19:41:50 +02:00
Vladimír Čunát 9e0d0423fe stdenv substituteAll: use more robust code
The set/env fix in #14907 wasn't very good, so let's use a null-delimited
approach. Suggested by Aszlig.
In particular, this should fix a mass-breakage on Darwin, though I was
unable to test that.
2016-05-07 11:23:30 +02:00
Vladimír Čunát 1dc36904d8 Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
Nikolay Amiantov 62616ec5e2 Merge commit 'refs/pull/14907/head' of git://github.com/NixOS/nixpkgs into staging 2016-04-25 18:02:47 +03:00
Nikolay Amiantov d4794c3630 stdenv: clarify how outputsToInstall is chosen
See https://github.com/NixOS/nixpkgs/pull/14694/files#r60013871
2016-04-25 13:24:39 +03:00
Nikolay Amiantov 5ff40ddedf add get* helper functions and mass-replace manual outputs search with them 2016-04-25 13:24:39 +03:00
Profpatsch a2d38bc7fc doc/stdenv.xml document substitution env variables
The filtering of environment variables that start with an uppercase
letter is documented in the manual.
2016-04-23 21:41:35 +02:00
Profpatsch 77fa336849 setup.hs: substitute uses only valid bash names
bash variable names may only contain alphanumeric ASCII-symbols and _,
and must not start with a number. Nix expression attribute names however
might contain nearly every character (in particular spaces and dashes).

Previously, a substitution that was not a valid bash name would be
expanded to an empty string. This commit introduce a check that throws
a (hopefully) helpful error when a wrong name is used in a substitution.
2016-04-23 17:54:32 +02:00
Vladimír Čunát 6e7787e666 stdenv for windows: auto-link dependency DLLs
For every *.{exe,dll} in $output/bin/ we try to find all (potential)
transitive dependencies and symlink those DLLs into $output/bin
so they are found on invocation.
(DLLs are first searched in the directory of the running exe file.)

The links are relative, so relocating whole /nix/store won't break them.
The hook is activated on cygwin and when cross-compiling to mingw.
2016-04-23 10:52:00 +02:00
Vladimír Čunát 710573ce6d Merge #12653: rework default outputs 2016-04-07 16:00:09 +02:00
Vladimír Čunát 2995439003 buildEnv: respect meta.outputsToInstall
As a result `systemPackages` now also respect it.
Only nix-env remains and that has a PR filed:
    https://github.com/NixOS/nix/pull/815
2016-04-07 15:59:44 +02:00
Vladimír Čunát 3342f717da stdenv: set meta.outputsToInstall unless overridden 2016-04-07 15:59:43 +02:00
Vladimír Čunát d1df28f8e5 Merge 'staging' into closure-size
This is mainly to get the update of bootstrap tools.
Otherwise there were mysterious segfaults:
https://github.com/NixOS/nixpkgs/pull/7701#issuecomment-203389817
2016-04-07 14:40:51 +02:00
Charles Strahan bde82098b8 stdenv: don't complain about configure script not existing
Close #14335.
Since 89036ef76a, when a package doesn't include a configure script,
the build complains with:

    grep: : No such file or directory
    grep: : No such file or directory

This prevents that.
2016-04-02 20:52:19 +02:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Vladimír Čunát 09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra 2040a9ac57 stdenv-linux: Ensure binutils comes before bootstrapTools in $PATH
Otherwise, when building glibc and other packages, the "strip" from
bootstrapTools is used, which doesn't recognise some tags produced by
the newer "ld" from binutils.
2016-02-28 01:13:15 +01:00
Nikolay Amiantov 39609a0c94 stdenv: set SSL_CERT_FILE only if it isn't already 2016-02-25 13:53:29 +03:00
Eelco Dolstra d71a4851e8 Don't try to apply patchelf to non-ELF binaries 2016-02-18 22:54:11 +01:00
Vladimír Čunát 89036ef76a stdenv: accept wider range of $configureScript options
Fixes #12632.

I think it's better to quote this variable in general, because it is
common and even documented to pass space-separated commands in there.
The greps should just fail in that case and `if` won't proceed
which seems fine for such cases, and it's certainly better than
passing additional unintended parameters to grep
(which was happening all the time before).
2016-02-03 17:15:11 +01:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Eelco Dolstra 917ca8920d Move setting $SSL_CERT_FILE to stdenv
Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
2016-02-03 13:59:10 +01:00
Eelco Dolstra f4553d7219 defaultUnpack: Preserve timestamps when copying files
Commit 6d928ab684 changed this to not
preserve timestamps. However, that results in non-determinism; in
particular, it gives us a broken $SOURCE_DATE_EPOCH (especially for
everything using fetchFromGitHub). Builds affected by timestamps <
1980 should be fixed in some other way (e.g. changing the timestamp to
some fixed date > 1980).
2016-01-26 16:24:32 +01:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Eelco Dolstra 81e530a749 Set SOURCE_DATE_EPOCH to latest source file
This provides a timestamp that's more useful than 1970-01-01 yet still
deterministic.
2016-01-05 17:21:48 +01:00
Eelco Dolstra f31fbadac3 Set a fallback default value for SOURCE_DATE_EPOCH
This is used by some build tools to provide reproducible builds. See

  https://reproducible-builds.org/specs/source-date-epoch/

for more info.

Later, we'll want to set this to a more intelligent value (such as the
most recent mtime of any source file).
2016-01-05 17:21:48 +01:00
Vladimír Čunát 1ebff73b88 stdenv/setup.sh: don't skip post-hooks (close #12032)
So far if no configure script is found or no makefile,
the rest of the phase is skipped, *including* post-hooks.
I find that behavior unexpected/unintuitive.

Earlier version of this patch had problems due to me assuming
that $configureScript is always a simple path, but that turned out
to be false in many cases, e.g. perl.
2016-01-05 09:34:02 +01:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Domen Kožar 781b9eab61 allow{reason}: a bit more explicit error message 2015-12-09 17:01:46 +01:00
Vladimír Čunát 263fd55d4b Merge recent staging built on Hydra
http://hydra.nixos.org/eval/1231884
Only Darwin jobs seem to be queued now,
but we can't afford to wait for that single build slave.
2015-12-05 11:11:51 +01:00
Luca Bruno 920b1d3591 Merge branch 'master' into closure-size 2015-11-29 16:50:26 +01:00
Profpatsch ee07543ccd stdenv: licenseAllowed -> checkValidity
Rename and make it a true function (that can be re-used and could be
moved to the library).
2015-11-27 21:56:28 +01:00
Jude Taylor f5609a4d2a reintroduce impure host deps to all derivations 2015-11-21 15:51:48 -08:00
Jude Taylor 69e7f3bb74 switch to zero underscores for sandbox profiles; remove generateFrameworkProfile 2015-11-21 12:10:33 -08:00
Jude Taylor a63346e33c use single underscore for sandboxProfile 2015-11-21 11:17:30 -08:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Jude Taylor df80090d09 use per-derivation sandbox profiles 2015-11-19 11:31:06 -08:00
Jude Taylor 914e9baefe start on sandbox stuff 2015-11-19 11:31:06 -08:00
Wout Mertens 774f74b875 Don't fail if env-vars cannot be written to
env-vars is a debugging aid, see
3e5dbb2433
for a rationale for this change.
2015-11-04 16:32:59 +01:00
Vladimír Čunát 5227fb1dd5 Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
Eelco Dolstra 2a28bc6691 separateDebugInfo: Assert Linux
Also remove some unintended setting of separateDebugInfo.
2015-09-22 20:21:10 +02:00
Eelco Dolstra ec5b66eb4a Enable separate debug info
You can now pass

  separateDebugInfo = true;

to mkDerivation. This causes debug info to be separated from ELF
binaries and stored in the "debug" output. The advantage is that it
enables installing lean binaries, while still having the ability to
make sense of core dumps, etc.
2015-09-17 15:56:33 +02:00
Eelco Dolstra f15270833a Don't barf JSON at users in error messages 2015-08-27 15:32:45 +02:00
William A. Kennington III 4f22eadf2c Merge branch 'master.upstream' into staging.upstream 2015-08-19 20:52:17 -07:00
Peter Simons 81ce9be104 Revert "Move licenseAllowed check into the builder attribute (fixes #7541)"
This reverts commit 4d6452ba. The change affects Hydra in a way we didn't
expect: https://github.com/NixOS/nixpkgs/pull/9305#issuecomment-132791730.
2015-08-19 23:37:45 +02:00
William A. Kennington III 901482ad99 Merge branch 'master.upstream' into staging.upstream 2015-08-19 13:54:48 -07:00
Mathnerd314 4d6452bab9 Move licenseAllowed check into the builder attribute (fixes #7541) 2015-08-17 10:54:38 -06:00
Eelco Dolstra 32caa604e3 Force Nixpkgs rebuild
Gratuitous change to force Hydra to rebuild Nixpkgs after some
derivations had their references corrupted by a Hydra bug
(ff3f5eb4d8).
2015-08-03 20:03:11 +02:00
Jude Taylor cb3e282cda unique host deps, otherwise we get 600000 char derivations 2015-07-08 14:15:03 -07:00
Vladimír Čunát 61596bf405 Merge #8363: pure-darwin stdenv 2015-06-18 22:38:08 +02:00
Jude Taylor fe75f16032 move pure stdenv into a new directory, bring back the old one
remove __impure from non-darwin OSes
2015-06-18 13:19:34 -07:00
Jude Taylor 87bca3698a remove sort and unique from stdenv 2015-06-18 12:37:42 -07:00
Jude Taylor fa9c81f694 pure darwin stdenv 2015-06-18 12:37:41 -07:00
Eelco Dolstra 42d94b6f15 Barf on non-existant build inputs
Previously saying

  buildInputs = [ "bla" ];

was quietly ignored. Now it's a fatal error.
2015-06-15 11:24:55 +02:00
Eelco Dolstra 41e1900ea1 Define closeNest before exitHandler
This prevents "closeNest: command not found" messages if setup fails
early.
2015-06-15 11:24:11 +02:00
Eelco Dolstra 4970574409 Merge remote-tracking branch 'origin/gcc-4.9' into staging
Conflicts:
	pkgs/development/libraries/wayland/default.nix
2015-06-11 00:23:03 +02:00
Eelco Dolstra 3096d03435 Revert "Refactor mkFlag / shouldUsePkg into the nixpkgs libraries"
This reverts commit 25a148fa19.
2015-06-04 14:54:48 +02:00
Eelco Dolstra 553abf71ba Merge remote-tracking branch 'origin/staging' into gcc-4.9
Conflicts:
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/development/libraries/wayland/default.nix
	pkgs/development/tools/build-managers/cmake/default.nix
	pkgs/top-level/all-packages.nix
2015-06-01 20:08:43 +02:00
Florian Friesdorf 88e58a4fa2 cygwin: stdenv 2015-05-28 10:53:34 +02:00
William A. Kennington III 25a148fa19 Refactor mkFlag / shouldUsePkg into the nixpkgs libraries 2015-05-22 13:26:55 -07:00
Eelco Dolstra 9ae86dc3fc Ensure that errexit is honoured in hooks
Partial fix for #7524.
2015-05-13 18:17:25 +02:00
Vladimír Čunát 375bc8def7 Merge staging into closure-size 2015-05-05 11:49:03 +02:00
Vladimír Čunát 30f31c9afc Merge 'master' into staging
(relatively simple conflicts)
2015-04-26 22:52:08 +02:00
William A. Kennington III 232b71c6e8 Fix some platforms 2015-04-25 21:27:53 -07:00
Vladimír Čunát d484c392aa stdenv multiple-outputs: change propagation rules
Now development stuff is propagated from the first output,
and userEnvPkgs from the one with binaries.

Also don't move *.la files (yet). It causes problems, and they're small.
2015-04-18 19:30:28 +02:00
Vladimír Čunát bf414c9d4f Merge 'staging' into closure-size
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes

Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
2015-04-18 11:22:20 +02:00
William A. Kennington III 7ccccc15ba Merge branch 'master' into staging 2015-03-27 16:03:03 -07:00
Eelco Dolstra 5c0eb64d43 Set more precise meta.position for Haskell packages 2015-03-27 16:17:48 +01:00
Eelco Dolstra 8b2f209838 mkDerivation: Use function arguments 2015-03-27 16:17:48 +01:00
William A. Kennington III afa998eb32 stdenv: Substitute correctly chmods instead of .tmp which never exists 2015-03-26 15:44:54 -07:00
Eelco Dolstra bda440a7b3 substitute: Fix "No such file or directory" message on Darwin
On Darwin, "chmod -f" does not suppress an error message if the file
doesn't exist. So just check if the file exists.
2015-03-24 14:12:24 +01:00
codyopel e29b0da9c7 remove stdenv.isBSD 2015-02-24 22:15:51 -05:00
Vladimír Čunát dbae4f109f Merge branch 'master' into staging
Conflicts (relatively simple):
	pkgs/applications/audio/spotify/default.nix
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/development/compilers/cryptol/1.8.x.nix
2015-01-31 19:34:57 +01:00
Wout Mertens ef2e0ffdea stdenv: fix eval - the return 2015-01-29 10:54:07 +01:00
Wout Mertens 006769be70 stdenv: fix eval
silly 💩
2015-01-29 10:46:35 +01:00
Wout Mertens 0feb19b6b4 stdenv: take license parameter checks out of mkDerivation path 2015-01-29 10:38:33 +01:00
Matthias Beyer aca361fa49 Add (optional) license white/blacklisting 2015-01-24 17:28:50 +01:00
Wout Mertens 4b82bd683e Merge pull request #5714 from vcunat/p/stdenv-subst
stdenv substitute: avoid using a temporary file
2015-01-23 23:15:16 +01:00
Vladimír Čunát 1575bc652e Merge branch 'master' into staging
Conflicts (simple):
	pkgs/os-specific/linux/util-linux/default.nix

It seems this merge creates a new stdenv hash,
because we had changes on both branches :-/
2015-01-13 18:07:11 +01:00
Vladimír Čunát 2533a11241 stdenv substitute: avoid using a temporary file
- IMO using a temporary is not needed here (anymore),
- temporary at that location can cause a problem (in a specific case):
for example, when using the substituteAll function from nixpkgs
on a single file directly under /nix/store/ (or ./foo-file),
the stdenv's substitute tries to create a temporary directly under
/nix/store, which causes problems on chrooted darwin
(according to @copumpkin earlier today on IRC)
2015-01-13 10:53:57 +01:00
Eelco Dolstra 71c3c19638 stdenv: Remove redundant "building ..." message
Nix already shows what paths are being built.
2015-01-12 13:04:26 +01:00
Vladimír Čunát e98a443e71 stdenv: improve message on evaluation check (no hash changes) 2015-01-11 21:38:19 +01:00
Vladimír Čunát 123a8bf9a5 stdenv: refactor code for evaluation errors (no hash changes) 2015-01-11 21:37:50 +01:00
John Wiegley 28b6fb61e6 Change occurrences of gcc to the more general cc
This is done for the sake of Yosemite, which does not have gcc, and yet
this change is also compatible with Linux.
2014-12-26 11:06:21 -06:00
Eelco Dolstra 5a0b79f955 Merge remote-tracking branch 'origin/bash-4.3' into staging 2014-11-16 22:18:08 +01:00
Vladimír Čunát b4af993c3f Merge branch 'master' into staging
Conflicts (simple):
	pkgs/development/lisp-modules/clwrapper/setup-hook.sh
2014-11-14 14:28:23 +01:00
Ricardo M. Correia e9affb4274 nixos: Add system-wide option to set the hostid
The old boot.spl.hostid option was not working correctly due to an
upstream bug.

Instead, now we will create the /etc/hostid file so that all applications
(including the ZFS kernel modules, ZFS user-space applications and other
unrelated programs) pick-up the same system-wide host id. Note that glibc
(and by extension, the `hostid` program) also respect the host id configured in
/etc/hostid, if it exists.

The hostid option is now mandatory when using ZFS because otherwise, ZFS will
require you to force-import your ZFS pools if you want to use them, which is
undesirable because it disables some of the checks that ZFS does to make sure it
is safe to import a ZFS pool.

The /etc/hostid file must also exist when booting the initrd, before the SPL
kernel module is loaded, so that ZFS picks up the hostid correctly.

The complexity in creating the /etc/hostid file is due to having to
write the host ID as a 32-bit binary value, taking into account the
endianness of the machine, while using only shell commands and/or simple
utilities (to avoid exploding the size of the initrd).
2014-11-12 22:31:49 +01:00
Eelco Dolstra 1455ecee73 Ensure a correct value for $BASH
Previously it was set to /run/current-system/sw/sbin/nologin or
similar.
2014-11-10 14:09:53 +01:00
Eelco Dolstra 78b01de68d substituteAll: Enumerate environment variables more reliably
Getting the names of all environment variables is tricky. The previous
implementation easily got confused by multi-line variables. The new
one is more reliable but not still not perfect.

This works around a segfault in Bash 4.3, where the expression
"${!var}" (where var="-9") crashes under certain conditions.

http://hydra.nixos.org/build/16693445
2014-11-10 13:35:09 +01:00
Eelco Dolstra e3ef797901 Fix stdenv allowedRequisites check
It has to include the default build inputs now (like
"compress-man-pages.sh").
2014-11-06 15:33:36 +01:00
Eelco Dolstra 328f7a621e stdenv: Remove propagatedUserEnvPkgs
Stdenv is not really intended as an installable package. Nowadays it's
much better to use "nix-shell -p" to get a build environment.
2014-11-06 12:15:08 +01:00
Eelco Dolstra 1014620bce stdenv: Statically include the default build inputs
Otherwise, stdenv won't have a reference to e.g. patchelf on Linux
(because it was passed in by mkDerivation). This causes the installer
tests to fail, because having "stdenv" in the installation CD closure
is not enough to pull in all stdenv packages.

http://hydra.nixos.org/build/16546643
2014-11-06 12:10:28 +01:00
Eelco Dolstra 8e9e4b05f7 Fix running preHook
Accidentally (?) lost in e3875297fa.
2014-11-06 11:26:09 +01:00
Eelco Dolstra 0518ccf5af Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/stdenv/generic/default.nix
2014-11-06 10:16:39 +01:00
Eelco Dolstra af0557cf82 Allow marking licenses as unfree
This allows licenses like the Amazon Software License to be identified
properly while still preventing packages with those licenses from
being distributed in the Nixpkgs/NixOS channels.
2014-11-05 15:15:00 +01:00
Eelco Dolstra 7495c61d49 Merge remote-tracking branch 'origin/darwin-clang-stdenv' into staging
Conflicts:
	pkgs/applications/editors/vim/macvim.nix
2014-11-04 14:30:43 +01:00
Wout Mertens c04e492898 stdenv: Prevent issues like #4266
Don't preserve hardlinks, and instead use reflinks if they're available.
2014-10-31 11:13:03 +01:00
Eelco Dolstra 3a0db27b90 Fix indent 2014-10-26 01:59:05 +02:00
Nikolay Amiantov 66d89ef2a4 stdenv: Use "pipefail" in setup.sh 2014-10-10 14:02:15 +04:00
Nikolay Amiantov ca3ecb56ae stdenv: change 'echo -n' to 'printf "%s"'
[Bjørn: rationale is portability, "echo -n" isn't in POSIX]
2014-10-09 22:15:07 +02:00
Nikolay Amiantov 2ec4704961 stdenv: Fix handling spaces in 'substitute' 2014-10-09 22:15:07 +02:00
Nikolay Amiantov d59327b938 stdenv: added escaping for patches 2014-10-09 22:15:05 +02:00
Nikolay Amiantov d15e52f25f stdenv: fail if the patch does not exist 2014-10-09 22:14:38 +02:00
Eelco Dolstra 811de3bfaa Merge remote-tracking branch 'origin/staging' into darwin-clang-stdenv
Conflicts:
	pkgs/tools/security/gnupg/default.nix
2014-10-09 10:57:57 +02:00
Eelco Dolstra 51f1b4ec48 Automatically move stuff in lib64 to lib 2014-10-07 15:04:13 +02:00
Eelco Dolstra ab04b7d0bb Automatically move programs in sbin to bin
This should fix the OpenJDK build, which was failing because paxctl is
in sbin and therefore not automatically added to $PATH.

http://hydra.nixos.org/build/15658346
2014-10-07 14:43:56 +02:00
Eelco Dolstra a85dcf4a00 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/development/libraries/libav/default.nix
	pkgs/shells/bash/bash-4.2-patches.nix
	pkgs/stdenv/generic/default.nix
2014-10-07 00:09:37 +02:00
Eelco Dolstra ce61353a9f Eliminate some optionals/optionalAttrs calls on the hot path 2014-10-05 01:59:24 +02:00
Eelco Dolstra cd71f7a2e6 Merge branch 'darwin-stdenv' of github.com:joelteon/nixpkgs into staging
Conflicts:
	pkgs/development/interpreters/ruby/ruby-19.nix
	pkgs/development/libraries/libc++/default.nix
	pkgs/development/libraries/libc++abi/default.nix
	pkgs/tools/text/sgml/opensp/default.nix
2014-09-23 11:27:53 +02:00
Gergely Risko efcb00d002 Do allowed requisites check in stdenv/linux
Use the new allowedRequisites feature in stdenvLinux.

This way we properly check that the end-result stdenv of the quite
complicated multi-stage stdenvLinux building procedure is sane, and only
depends on the stuff that we know about.

Alternative would be to just disallowRequisites bootstrapTools, which is
the most common offender, but we have had other offenders in the past.

For these checks to actually fire, you currently have to use nixUnstable,
as the necessary feature will be released in Nix 1.8.
2014-09-14 21:14:41 +02:00
Joel Taylor 3e8344d334 suitable clang stdenv 2014-09-09 13:54:24 -07:00
Vladimír Čunát 1e389c976c merge 'staging' into modular-stdenv
In 2c62a36b77 the messages in pkgs/stdenv/generic/default.nix
were not merged correctly.

Conflicts:
	pkgs/stdenv/generic/default.nix
2014-09-08 18:16:54 +02:00
Vladimír Čunát 2990145170 remerge to retrieve refactoring lost 10 days ago
In 2c62a36b77 the messages in pkgs/stdenv/generic/default.nix
were not merged correctly.

Conflicts:
	pkgs/stdenv/generic/default.nix
2014-08-31 13:09:15 +02:00
Vladimír Čunát 2c09066dfd TMP
Conflicts:
	pkgs/stdenv/generic/default.nix
2014-08-31 13:00:19 +02:00
Eelco Dolstra 3360fa1afb Revert "stdenv/setup.sh: unbreak *.lz sources on darwin"
This reverts commit fcafdd2761. We're
trying to modularise stdenv, not add more ad-hoc compression support.
2014-08-30 22:41:56 +02:00
Vladimír Čunát fcafdd2761 stdenv/setup.sh: unbreak *.lz sources on darwin 2014-08-30 13:28:44 +02:00
Vladimír Čunát a70180ba73 mutiout: make it builtin 2014-08-30 08:27:43 +02:00
Vladimír Čunát 4dccb224c5 WIP2 2014-08-26 01:10:56 +02:00
Vladimír Čunát 3ec413cece WIP 2014-08-25 15:30:46 +02:00
Vladimír Čunát def75f0282 stdenv: add first iteration of the multiout hook
Now it should contain *all* information from stdenv/setup.sh of
the original mutiple-output branch.
However, the configurability of the output paths is much greater.
2014-08-24 19:07:47 +02:00
Vladimír Čunát 4e72b61de9 stdenv/setup.sh: add $propagateIntoInput
This is needed for multiple-output derivations,
where it is desirable to propagate deps and setup-hooks into $dev instead of $out.

Also drop an unused simple function which will not even make sense.
2014-08-24 18:37:23 +02:00
Eelco Dolstra 2c62a36b77 Merge remote-tracking branch 'origin/staging' into modular-stdenv
Conflicts:
	pkgs/stdenv/generic/default.nix
2014-08-22 00:07:05 +02:00
Luca Bruno b83aceaecb Merge branch 'master' into staging 2014-08-14 23:09:59 +02:00
Vladimír Čunát d1ed0f44cd Merge #2823: better cygwin support, also add x86_64
Conflicts (easy):
	pkgs/development/interpreters/perl/5.16/default.nix
2014-08-14 20:38:09 +02:00
Vladimír Čunát e80f41f35e Merge pull request #2455 from bjornfor/helpful-messages-when-refusing-eval
More helpful message when refusing to evaluate "broken" package
2014-08-12 20:18:10 +02:00
Eelco Dolstra 9e31c66d1b stdenv: Put moving docs to $out/share in a separate setup hook 2014-08-09 12:47:05 +02:00
Eelco Dolstra 2db867eec9 fixupPhase: Fix making the outputs writable 2014-08-09 12:47:05 +02:00
Eelco Dolstra 11dc9036d0 Allow passing arguments to hooks
This allows envHooks and crossEnvHooks to be handled using the regular
hook mechanism.
2014-08-09 12:47:05 +02:00
Eelco Dolstra 2def8e7499 Remove addHook
Just use bash arrays directly. I.e.

  addHook preConfigure myPreConfigure

is now

  preConfigureHooks+=(myPreConfigure)
2014-08-09 12:45:53 +02:00
Eelco Dolstra e3875297fa stdenv: Don't use sed to build the setup script 2014-08-09 12:45:52 +02:00
Eelco Dolstra cd948c093f stdenv: Reindent 2014-08-09 12:44:50 +02:00
Eelco Dolstra 15103e5e5f stdenv: Remove the special handling of gcc
Now gcc is just another build input, making it possible in the future
to have a stdenv that doesn't depend on a C compiler. This is very
useful on NixOS, since it would allow trivial builders like
writeTextFile to work without pulling in the C compiler.
2014-08-09 12:44:50 +02:00
Eelco Dolstra 9f822e5477 stdenv: Move paxmark function to paxctl's setup hook 2014-08-09 12:44:50 +02:00
Eelco Dolstra d7b356f73b stdenv: Move unzip support to unzip's setup hook 2014-08-09 12:44:50 +02:00
Eelco Dolstra 3e33c975fb stdenv: Make unpackFile extensible via the hook mechanism
unpackCmd is now a regular hook, so there can be multiple functions
hooking into it.
2014-08-09 12:44:49 +02:00
Eelco Dolstra 1a44dbbbb9 unpackFile: Always copy directories
If $src refers to a directory, then always copy it. Previously, we
checked the extension first, so if the directory had an extension like
.tar, unpackPhase would fail.
2014-08-09 12:44:49 +02:00
Eelco Dolstra daa66b8b1c Factor out fixup phase stuff into separate setup hooks 2014-08-09 12:44:49 +02:00
Eelco Dolstra 83a41771ab Move RPATH shrinking from stdenv to a setup hook provided by patchelf 2014-08-09 12:44:49 +02:00
Eelco Dolstra b23dbb1a5d Allow buildInputs to be regular files
If a build input is a regular file, use it as a setup hook. This makes
setup hooks more efficient to create: you don't need a derivation that
copies them to $out/nix-support/setup-hook, instead you can use the
file as is.
2014-08-09 12:44:49 +02:00
Eelco Dolstra 0a8605ded1 Formatting 2014-08-09 12:44:48 +02:00
Eelco Dolstra 37889e2b5e Provide a hook for per-output fixup 2014-08-09 12:44:48 +02:00
Eelco Dolstra b0f2d3419c Allow multiple hooks with the same name
You can now register multiple values per named hook, e.g.

  addHook preConfigure "echo foo"
  addHook preConfigure "echo bar"

will cause ‘runHook preConfigure’ to run both ‘echo foo’ and ‘echo
bar’ (in that order). It will also call the shell function
preConfigure() or eval the shell variable $preConfigure, if
defined. Thus, if you don't call addHook, it works like the old hook
mechanism.

Allowing multiple hooks makes stdenv more modular and extensible. For
instance, multiple setup hooks can define a preFixup hook, and all of
these will be executed.
2014-08-09 12:44:48 +02:00
Michael Raskin 0769fc5b77 Set CONFIG_SHELL to stdenv.shell in the default builder, just like SHELL 2014-07-30 16:44:28 +02:00
Eelco Dolstra 0da7fadce3 stdenv: Fix __ignoreNulls
Commit 262c21ed46 purported to enable
ignoreNulls, but it was bogus because it set the flag on the wrong
derivation (i.e. stdenv rather than the result of mkDerivation).
2014-07-01 16:56:36 +02:00
Eelco Dolstra b3b9c51b34 Add a deprecation warning to ensureDir 2014-06-30 14:57:12 +02:00
Bjørn Forsman ff999c31aa Factor out allowUnfree,allowBroken help message
DRY.
2014-06-21 15:05:48 +02:00
Bjørn Forsman abfaf42333 More helpful message when refusing to evaluate "broken" package
A "broken" package is one where either "meta.broken = true" or build
platform != meta.platforms.
2014-06-21 15:04:39 +02:00
Eelco Dolstra e5d63646a0 Don't suggest using --arg config '{ allowUnfree = true; }'
This doesn't work when using the Nixpkgs/NixOS channel.

Issue #2998.
2014-06-17 15:00:24 -05:00
Vladimír Čunát 9757785295 Merge recent master 2014-06-15 17:55:35 +02:00
Michael Raskin a076a60735 Allow specifying allowUnfreePredicate instead of allowUnfree. The predicate will have access to the arguments of mkDerivation call. Should be an improvement for #2188 2014-06-14 13:01:12 +04:00
Sander van der Burg 9ec52d6323 Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin 2014-05-29 14:47:07 +02:00
Vladimír Čunát 3d3aea09b9 fix paxmark on non-linux (a bug in grsecurity PR #1187) 2014-05-15 13:25:49 +02:00
Ricardo M. Correia 8d5ce245a2 grsecurity: Add paxctl, paxmark and stdenv.needsPax to stdenv 2014-05-15 13:25:46 +02:00
Domen Kožar 73e82b9e07 s/config.allowUnfree = true/allowUnfree = true/ 2014-05-03 15:13:01 +02:00
Eelco Dolstra 1d6ac39d21 Fix indentation 2014-04-18 21:50:00 +02:00
Domen Kožar 753639e548 typo 2014-04-14 10:27:36 +02:00
Domen Kožar 722143a5d3 fix typo 2014-04-14 09:29:41 +02:00
Alexander Kjeldaas ebe8fab999 Make the user aware of the allowUnfree option. 2014-04-14 09:24:01 +02:00
Eelco Dolstra 331fa06c79 Add a flag ‘config.allowBroken’ 2014-04-09 00:13:52 +02:00
Eelco Dolstra 627923d5b7 Replace $HYDRA_DISALLOW_UNFREE with $NIXPKGS_ALLOW_UNFREE
We've never used this environment variable in Hydra (except for a few
days). This is also more consistent with $NIXPKGS_ALLOW_BROKEN.
2014-04-09 00:12:48 +02:00
Eelco Dolstra e09250d41c Disable allowUnfree by default
Fixes #2134.
2014-04-09 00:09:31 +02:00
Vladimír Čunát c4371afd06 stdenv/setup.sh: make substitute* not drop EOF newline
This should solve #1982.
2014-04-02 19:07:59 +02:00
Vladimír Čunát 1f6a15d7de Merge #1901: add preFixupPhases to stdenv; for gsettings
Without this stdenv change it seems difficult to fix some glib's gsettings issues,
as the folders in question may (not) be created in installPhase.
2014-04-02 19:06:41 +02:00
Eelco Dolstra 14af15dbff Explicitly require Nix 1.6
People using Nix < 1.6 previously got an unhelpful "infinite
recursion" error.
2014-03-17 11:33:36 +01:00
Eelco Dolstra 80647127a3 Turn the coverage analysis stdenv adapters into setup hooks
Stdenv adapters are kinda weird and un-idiomatic (especially when they
don't actually change stdenv).  It's more idiomatic to say

  buildInputs = [ makeCoverageAnalysisReport ];
2014-02-05 19:18:33 +01:00
Eelco Dolstra 58a863268a stdenv: Simplify 2014-02-05 19:18:33 +01:00
Eelco Dolstra c3d84d15ce Apply makeOverridable to stdenv
This removes the need for hacks like stdenv.regenerate.  It also
ensures that overrideGCC is now stackable (so ‘stdenv = useGoldLinker
clangStdenv’ works).
2014-02-05 19:18:33 +01:00