* guix/store.scm (cache-object-mapping): Add #:vhash-cons parameter and
honor it.
(lookup-cached-object): Add #:vhash-fold* parameter and honor it.
(%mcached): Add #:vhash-fold* and #:vhash-cons and honor them.
(mcached): Add clauses with 'eq?' and 'equal?' as the first argument.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
This is a followup to dd0ee954c4, which
introduced a failure in tests/graph.scm.
* guix/store.scm (run-with-store): Check whether STORE and NEW-STORE are
true before calling 'store-connection-object-cache' etc. Fixes a
failure in tests/graph.scm related to %REVERSE-PACKAGE-NODE-TYPE, which
uses #f as the store.
This increases the hit rate of the object cache from 56% to 85% when
running something like 'guix build libreoffice -nd'.
* guix/store.scm (set-store-connection-object-cache!): New procedure.
(run-with-store): Copy 'object-cache' field of the new store into the
original one.
This allows callers to request the substitution of a single derivation
output.
* guix/store.scm (build-things): Accept derivation/output pairs among
THINGS.
* guix/derivations.scm (build-derivations): Likewise.
* tests/store.scm ("substitute + build-things with specific output"):
New test.
* tests/derivations.scm ("build-derivations with specific output"):
New test.
* doc/guix.texi (The Store): Adjust accordingly.
The caching strategy introduced in
40cc850aeb was ineffective since we
regularly start from an empty object cache. For example, "guix build
inkscape -n" would make 241 'built-in-builders' RPCs.
* guix/store.scm (<store-connection>)[built-in-builders]: New field.
(open-connection): Adjust '%make-store-connection' call accordingly.
(port->connection): Likewise.
(built-in-builders): Rename to...
(%built-in-builders): ... this.
(built-in-builders): New procedure.
* guix/download.scm (built-in-builders*): Remove 'mcached' call.
This leads to ~25% improvements on things like:
guix system build desktop.tmpl --no-grafts -d
* guix/store.scm (<nix-server>)[object-cache]: New field.
* guix/store.scm (open-connection): Initialize it.
(cache-object-mapping, lookup-cached-object, %mcached): New procedures.
(mcached): New macro.
* guix/gexp.scm (lower-object): Use it.
* guix/grafts.scm (grafting?): New procedure.
This allows clients to tell whether output comes from the daemon or, if
it comes from a builder, from which builder it comes. The latter is
particularly useful when MAX-BUILD-JOBS > 1.
* nix/libstore/build.cc (DerivationGoal::tryBuildHook)
(DerivationGoal::startBuilder): Print the child's PID in "@ build-started"
traces.
(DerivationGoal::handleChildOutput): Define 'prefix', pass it to
'writeToStderr'.
* nix/libstore/globals.cc (Settings:Settings): Initialize
'multiplexedBuildOutput'.
(Settings::update): Likewise.
* nix/libstore/globals.hh (Settings)[multiplexedBuildOutput]: New field.
Update 'printBuildTrace' documentation.
* nix/libstore/worker-protocol.hh (PROTOCOL_VERSION): Bump to 0.163.
* nix/nix-daemon/nix-daemon.cc (performOp) <wopSetOptions>: Special-case
"multiplexed-build-output" and remove "use-ssh-substituter".
* guix/store.scm (set-build-options): Add #:multiplexed-build-output?
and honor it.
(%protocol-version): Bump to #x163.
* tests/store.scm ("multiplexed-build-output"): New test.
fixlet
* guix/store.scm (derivation-log-file): New procedure.o
(log-file): Use it.
* guix/status.scm (print-build-event): Use 'derivation-log-file' instead
of 'log-file'. Check wheter the return value is #f.
This could result in deadlock in unusual situations, whereby we'd start
waiting for a reply while the query hasn't been flushed to the socket.
* guix/store.scm (buffering-output-port)[flush]: Add call to
'force-output'.
(add-to-store): Add call to 'write-buffered-output'.
* guix/store.scm (%not-slash): New variable.
(add-file-tree-to-store, interned-file-tree): New procedures.
* tests/store.scm ("add-file-tree-to-store"): New test.
Previously 'process-stderr' would always pass a bytevector of MAX-LEN to
then daemon in the %stderr-read case (i.e., 'import-paths'), instead of
LEN (where LEN <= MAX-LEN).
In practice the extra bytes didn't cause a protocol violation or
anything because they happen at the end of the stream, which typically
contains the canonical sexp of the signature, and the extra zeros were
just ignored.
* guix/serialization.scm (write-bytevector): Add optional 'l' parameter
and honor it.
* guix/store.scm (process-stderr): Pass LEN to 'write-bytevector'.
When current-processor-count is used without (ice-9 threads) being used, Guile
complains with the following warning:
Import (ice-9 threads) to have access to `current-processor-count'.
* guix/store.scm: Use (ice-9 threads).
Until now the cache was always empty because 'for-each' was passed ITEMS
as its second argument, and ITEMS was the empty list at that point.
* guix/store.scm (references/substitutes): Add 'requested' variable.
Use it as second argument of 'for-each' in base case.
* guix/store.scm (%default-guix-port): New variable.
(connect-to-daemon)[connect]: Use it when (uri-port uri) is #f.
* doc/guix.texi (The Store): Mention the default port number.
For a command like:
guix build python2-numpy -n
this reduces the number of 'write' syscalls from 9.5K to 2.0K.
* guix/store.scm (<nix-server>)[buffer, flush]: New fields.
(open-connection): Adjust accordingly. Call 'buffering-output-port' to
compute the two new fields.
(write-buffered-output, buffering-output-port): New procedures.
(operation): Write to (nix-server-output-port server). Call
'write-buffered-output'.
* guix/store.scm (%rpc-calls): New variable.
(show-rpc-profile, record-operation): New procedures.
(operation): Add call to 'record-operation'.
* guix/ui.scm (run-guix-command): Wrap COMMAND-MAIN in 'dynamic-wind'.
Run EXIT-HOOK.
* guix/monads.scm (%templates, %template-instances): New variables.
(register-template!, register-template-instance!): New procedures.
(template-directory, define-template): New macro.
(foldm, sequence, anym): Define using 'define-template'. Avoid replace
ellipses with dots.
(mapm): Likewise, but do not use 'foldm'.
* guix/store.scm: Add 'template-directory' invocation.
This allows 'guix' commands to talk to a remote store over SSH.
* guix/store.scm (connect-to-daemon)[connect]: Call 'resolve-interface'
for unknown URI schemes.
* guix/store/ssh.scm: New file.
* Makefile.am (MODULES): Add it.
* doc/guix.texi (The Store): Document it. Mark remote access as
experimental.