Nix, the purely functional package manager
Go to file
Puck Meerburg e393ee3fdb fix passing CA files into builtins:fetchurl sandbox
This patch has been manually adapted from
14dc84ed03

Tested with:

$ NIX_SSL_CERT_FILE=$(nix-build '<nixpkgs>' -A cacert)/etc/ssl/certs/ca-bundle.crt nix-build --store $(mktemp -d) -E 'import <nix/fetchurl.nix> { url = https://google.com; }'
warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='
this derivation will be built:
  /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv
building '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv'...
error:
       … writing file '/nix/store/0zynn4n8yx59bczy1mgh1lq2rnprvvrc-google.com'

       error: unable to download 'https://google.com': Problem with the SSL CA cert (path? access rights?) (77)
error: builder for '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv' failed with exit code 1

Now returns:

nix-env % NIX_SSL_CERT_FILE=$(nix-build '<nixpkgs>' -A cacert)/etc/ssl/certs/ca-bundle.crt nix-build --store $(mktemp -d) -E 'import <nix/fetchurl.nix> { url = https://google.com; }'
this derivation will be built:
  /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv
building '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv'...
error: hash mismatch in fixed-output derivation '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv':
         specified: sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
            got:    sha256-5xXEhGtnRdopaUTqaz2M1o2NE7ovhU0SjcSOPwntqwY=

(cherry picked from commit 1fbdf409524bb350b8614f3d95067cb9ba3c57f2)
(cherry picked from commit 9b818f14dd)

# Conflicts:
#	src/libstore/build/local-derivation-goal.cc
#	src/libstore/builtins/fetchurl.cc
2024-10-29 20:11:31 +00:00
.github build(deps): bump zeebe-io/backport-action from 2.1.0 to 2.1.1 2023-11-13 22:01:50 +00:00
config Run autoupdate 2021-06-01 11:42:38 +02:00
contrib function-trace: always show the trace 2019-09-18 23:23:21 +02:00
doc Typo 2024-09-26 00:19:00 +02:00
m4 Add configure test to ensure GCC bug is fixed 2023-10-31 12:09:46 -04:00
maintainers maintainers: refine the mission statement phrasing 2023-11-07 01:12:39 +01:00
misc Choose a reasonable number similar to LimitNOFile 2023-07-07 07:52:16 -07:00
mk Move tests to separate directories, and document 2023-12-01 11:37:01 -05:00
perl Split up util.{hh,cc} 2023-11-05 12:20:02 -05:00
scripts Merge branch '2.19-maintenance' into mergify/bp/2.19-maintenance/pr-10919 2024-09-10 23:41:18 -04:00
src fix passing CA files into builtins:fetchurl sandbox 2024-10-29 20:11:31 +00:00
tests Test the inclusion of transitive symlinks in the sandbox 2024-10-14 15:23:37 +02:00
.dir-locals.el .dir-locals.el: Set c-block-comment-prefix 2020-07-10 11:21:06 +02:00
.editorconfig .editorconfig: Also affect Perl FFI xs file 2023-11-09 23:11:52 -05:00
.gitignore Move tests to separate directories, and document 2023-12-01 11:37:01 -05:00
.version Bump version 2024-07-08 14:16:43 +02:00
boehmgc-coroutine-sp-fallback.diff Fix boehmgc-coroutine-sp-fallback.diff for FreeBSD 2023-09-20 09:04:42 -04:00
configure.ac Allow installing unit tests 2023-11-16 09:55:42 -05:00
CONTRIBUTING.md Merge pull request #9182 from fricklerhandwerk/popular-issues 2023-10-19 16:25:36 -04:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
default.nix add flake-compat to flake.nix and use sha256 in default.nix 2023-03-06 21:11:24 +01:00
docker.nix fix "add an option to include flake-registry..." 2023-05-16 14:35:31 +02:00
flake.lock flake.lock: Update 2023-12-01 11:01:20 -05:00
flake.nix installerScriptForGHA: aarch64-darwin 2024-09-09 16:44:02 +00:00
local.mk Use positive source filtering for the standalone functional tests job 2023-10-09 08:29:27 -04:00
Makefile Move tests to separate directories, and document 2023-12-01 11:37:01 -05:00
Makefile.config.in Allow installing unit tests 2023-11-16 09:55:42 -05:00
precompiled-headers.h Config: Use nlohmann/json 2020-08-20 11:02:16 +02:00
README.md fix: Remove extra to from README.md (#9213) 2023-10-23 19:20:23 +02:00
shell.nix Remove url literals 2022-01-24 13:28:21 +01:00

Nix

Open Collective supporters Test

Nix is a powerful package manager for Linux and other Unix systems that makes package management reliable and reproducible. Please refer to the Nix manual for more details.

Installation and first steps

Visit nix.dev for installation instructions and beginner tutorials.

Full reference documentation can be found in the Nix manual.

Building And Developing

See our Hacking guide in our manual for instruction on how to set up a development environment and build Nix from source.

Contributing

Check the contributing guide if you want to get involved with developing Nix.

Additional Resources

License

Nix is released under the LGPL v2.1.