Commit Graph

369 Commits

Author SHA1 Message Date
Vladimír Čunát
3299c31f44
stdenv: avoid setuid issues
See #300635.  Maybe in time we'll have a better solution.
2024-04-10 07:52:44 +02:00
binarycat
f9094faf70 stdenv: pass --mode=+w to tar, ensuring extraction is possible
fixes #191137
2024-03-18 20:54:31 -04:00
Vladimír Čunát
eff11adc57
Merge #286721: stdenv: fix rare tar.xz decompression issues
...into staging
2024-02-17 08:45:01 +01:00
Isidor Zeuner
11a19109b6 stdenv: disregard xz exit status in order to fix subtle decompression issues
There is a subtle bug with unpacking `tar.xz` archives which seems to happen only on some setups, and sometimes not in a reproducible manner (https://github.com/NixOS/nixpkgs/issues/278130, https://github.com/NixOS/nixpkgs/issues/20950). On the last occurrence, it could be tracked down to `xz` failing from a `SIGPIPE`, which can happen when it's connected to `tar` through a pipe and `tar` exits earlier (see e.g. https://www.linuxquestions.org/questions/slackware-14/%5Bpatch%5D-tar-issuing-a-sigpipe-in-installpkg-4175637923/ or https://bugs.gentoo.org/573642#c5).

Since `tar` should be able by itself to detect whether the archive is complete, I suggest to disregard the exit code from the `xz` invocation, done in this PR.

Fixes  https://github.com/NixOS/nixpkgs/issues/278130 (script tested here: https://github.com/NixOS/nixpkgs/pull/286579)
Probably also fixes https://github.com/NixOS/nixpkgs/issues/20950 (issue not reproduced here, feedback therefore welcome)
2024-02-13 17:00:48 +01:00
Kait Lam
355ab764b4 stdenv: refactor of --replace-{quiet,warn,fail} logic
This is a small simplification of the control flow surrounding these cases. It should make it more obvious when each case happens, and also explicitly defines the current behaviour of --replace.
2024-02-11 10:48:37 +10:00
Peder Bergebakken Sundt
cb4c41f93a stdenv: fix substituteStream --replace-quiet deprecation warning 2024-02-05 17:28:02 +01:00
Peder Bergebakken Sundt
4c1b74bac7 stdenv: substituteStream: escape echoed pattern in --replace mismatch warning 2024-01-14 22:08:03 +01:00
Peder Bergebakken Sundt
e07a2fab7f stdenv: substituteStream: deprecate --replace in favor of --replace-{fail,warn,quiet} 2024-01-14 22:07:58 +01:00
Martin Weinelt
570af7d909
Merge pull request #263446 from emilylange/stdenv-xz-multithread
stdenv: enable multithreading for `xz` decompression
2023-12-06 15:41:01 +01:00
Artturi
4b27e14f8c
Merge pull request #265738 from Artturin/patchshebangcon
stdenv: run patchShebangs on the configure script when it's a file
2023-11-26 01:28:41 +02:00
Artturin
e68001550d stdenv: run patchShebangs on the configure script when it's a file
if the configure script has a `/usr/bin/env` or some other shebang which
is not in the sandbox then there will be errors such as

`...-stdenv-linux/setup: line 1299: ./configure: cannot execute: required file not found`

There are 250 files which `patchShebangs` `./configure`

https://github.com/search?q=NOT+is%3Afork+lang%3Anix+%2FpatchShebangs+.%5C%2Fconfigure%2F&type=code
2023-11-25 18:16:12 +02:00
Ivan Mincik
3b4b805561 stdenv: consistent phases header
Make phases header consistent for all phases.

`Running phase:` is from an old nix ux doc from 2020

https://github.com/tweag/nix-ux/blob/master/first_steps_with_nix_v2.md

Co-authored-by: Artturin <Artturin@artturin.com>
2023-11-17 03:11:48 +02:00
Artturi
71f42b7f1a
Merge pull request #230874 from Ninlives/runPhase 2023-11-07 20:00:47 +02:00
mlatus
707a5c09db stdenv: wrap phase running actions of genericBuild
Provide a `runPhase` function which wraps the phase running action of
genericBuild. The new function can be used as an interface by `nix
develop`, i.e. `nix develop some#flake --build` may just call `runPhase
build`, which makes its behavior more consistent with `nix build`.
In preparation of fixing https://github.com/NixOS/nix/issues/6202
2023-11-07 03:31:26 +02:00
emilylange
80627bfe8f
stdenv: enable multithreading for xz decompression
(only if the implementation supports it)

This speeds up the decompression of huge tar.xz tarballs (e.g. chromium)
on high core count systems.
2023-10-31 16:14:08 +01:00
Maximilian Bosch
53c5f08415
stdenv: refactor .attrs.sh detection
Relying on `.attrs.sh` to exist in `$NIX_BUILD_TOP` is problematic
because that's not compatible with how `nix-shell(1)` behaves. It places
`.attrs.{json,sh}` into a temporary directory and makes them accessible via
`$NIX_ATTRS_{SH,JSON}_FILE` in the environment[1]. The sole reason that
`nix-shell(1)` still works with structured-attrs enabled derivations
is that the contents of `.attrs.sh` are sourced into the
shell before sourcing `$stdenv/setup` (if `$stdenv` exists) by `nix-shell`.

However, the assumption that two files called `.attrs.sh` and
`.attrs.json` exist in `$NIX_BUILD_TOP` is wrong in an interactive shell
session and thus an inconsistency between shell debug session and actual
builds which can lead to unexpected problems.

To be precise, we currently have the following problem: an expression
like

  with import ./. {};
  runCommand "foo" { __structuredAttrs = true; foo.bar = [ 1 2 3 ]; }
    ''
      echo "''${__structuredAttrs@Q}"
      touch $out
    ''

prints `1` in its build-log. However when building interactively in a
`nix-shell`, it doesn't.

Because of that, I'm considering to propose a full deprecation of
`$NIX_BUILD_TOP/.attrs.{json,sh}`. A first step is to only mention the
environment variables, but not the actual paths anymore in Nix's
manual[2]. The second step - this patch - is to fix nixpkgs' stdenv
accordingly.

Please note that we cannot check for `-e "$NIX_ATTRS_JSON_FILE"` because
certain outdated Nix minors (that are still in the range of supported
Nix versions in `nixpkgs`) have a bug where `NIX_ATTRS_JSON_FILE` points
to the wrong file while building[3].

Also, for compatibility with Nix 2.3 which doesn't provide these
environment variables at all we still need to check for the existence of
.attrs.json/.attrs.sh here. As soon as we bump nixpkgs' minver to 2.4,
this can be dropped.

Finally, dropped the check for ATTRS_SH_FILE because that was never
relevant. In nix#4770 the ATTRS_SH_FILE variable was introduced[4] and
in a review iteration prefixed with NIX_[5]. In other words, these
variables were never part of a release and you'd only have this problem
if you'd use a Nix from a git revision of my branch from back then. In
other words, that's dead code.

[1] https://github.com/nixos/nix/pull/4770#issuecomment-834718851
[2] https://github.com/NixOS/nix/pull/9032
[3] https://github.com/NixOS/nix/issues/6736
[4] 3944a120ec
[5] 27ce722638
2023-10-04 18:35:30 +02:00
Artturi
d5139e3017
Merge pull request #245909 from Artturin/setupshchanges2 2023-09-04 20:41:16 +03:00
Artturin
1db1e3c467 stdenv: Fix possible issues discovered with
```
set -o errexit -o nounset -o pipefail
shopt -s inherit_errexit
```

in `stdenv/default-builder.sh`
2023-09-02 03:25:36 +03:00
Artturin
87db45704f stdenv: Print _allFlags debug output to stderr
In the default `fixupPhase` the output of `substituteAllStream` is
streamed to setup-hook.

`stdenv.cc.bintools.overrideAttrs { NIX_DEBUG = 6; }`

With `NIX_DEBUG` contains:

```
@expandResponseParams@ -> /nix/store/yl01rd58vp4m8bbhkihpk132cprfmx6f-expand-response-params/bin/expand-response-params
...
```
2023-08-10 17:35:07 +03:00
Artturin
9816ca55c2 stdenv: Make condition clearer
-z checks for a empty string
-n checks for a not empty string

It makes more sense to run the chmod if the string is not empty
2023-07-28 04:20:26 +03:00
Robert Hensing
dae6b98a90
Merge pull request #234883 from sternenseemann/nix-structured-attrs
stdenv/setup.sh: deal with Nix < 2.4 structured attrs
2023-05-31 19:41:58 +02:00
sternenseemann
1a29857b8a stdenv/setup.sh: deal with Nix < 2.4 structured attrs
Nix does not (as far it is documented) guarantee that NIX_ATTRS_*_FILE
is set, the only [documented] guarantee seems to be:

> […] made available to the builder via the file .attrs.json in the
> builder’s temporary directory.

This guarantee is of course affected by https://github.com/NixOS/nix/issues/6736,
so it seems to be prudent to fall back to the Nix 2.3 style ATTRS_*_FILE
env vars before defaulting to the expected location in case neither is
available.

See also:

- https://github.com/NixOS/nixpkgs/pull/214937#discussion_r1178101895
- https://github.com/nixos/nixpkgs/commit/afef6588e250

[documented]: https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-structuredAttrs
2023-05-29 23:12:24 +02:00
Elias Naur
88fd6601d8 stdenv: remove the NIX_LIB*_IN_SELF_RPATH environment variables
The NIX_LIB64|32_IN_SELF_RPATH environment variables control whether
to add lib64 and lib32 to rpaths. However, they're set depending
on the build paltform, not the target platform and thus their values
are incorrect for for cross-builds.

On the other hand, setting them according to the build platform introduce
pointless differences in build outputs; see #221350 for details.

This change fixes the issues by boldly removes the NIX_LIB*_IN_SELF_RPATH
facility altogether, in the hope that it is no longer necessary. They
were introduced in 2009, long before nixpkgs had good support for
cross-builds.

Fixes #221350
2023-03-31 10:47:16 -06:00
Sergei Trofimovich
69cf5181c3 stdenv/generic/setup.sh: enable parallel installs by default
The primary motivating example is openssl:

Before the change full package build took 1m54s minutes.
After the change full package build takes 59s.

About a 2x speedup.

The difference is visible because openssl builds hundreds of manpages
spawning a perl process per manual in `install` phase. Such a workload
is very easy to parallelize.

Another example would be `autotools`+`libtool` based build system where
install step requires relinking. The more binaries there are to relink
the more gain it will be to do it in parallel.

The change enables parallel installs by default only for buiilds that
already have parallel builds enabled. There is a high chance those build
systems already handle parallelism well but some packages will fail.

Consistently propagated the enableParallelBuilding to:
- cmake (enabled by default, similar to builds)
- ninja (set parallelism explicitly, don't rely on default)
- bmake (enable when requested)
- scons (enable when requested)
- meson (set parallelism explicitly, don't rely on default)
- waf (set parallelism explicitly, don't rely on default)
- qmake-4/5/6 (enable by default, similar to builds)
- xorg (always enable, similar to builds)
2023-02-26 22:02:09 +00:00
Artturin
84e37a10ec stdenv: allow propagating propagated dependencies separately from the
fixup phase

for makeSetupHook
2023-02-07 21:00:18 +02:00
Robert Hensing
afef6588e2 stdenv/setup.sh: Allow NIX_ATTRS_{JSON,SH}_FILE to be set correctly by Nix 2023-02-06 14:17:59 +01:00
Jeff Huffman
183939da54
improve error when srcs is used with directories with the same post-hash name 2023-01-29 04:27:24 -05:00
Andrew Childs
68f1182b65 stdenv: don't clobber useArray and type in {prepend,append}ToVar
Some other packages, for example ruby gems via buildRubyGem, use a
variable called "type" internally, which is overwritten here and
causes failures like:

    failure: $gempkg path unspecified

Fix for changes in 11c3127e38.
2023-01-18 11:59:47 +09:00
Artturin
e525ae1e1e stdenv: disable shellcheck rule SC2068 & SC1091
this is intentional to support both structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 614:
for pkg in ${depsBuildBuild[@]} ${depsBuildBuildPropagated[@]}; do
           ^------------------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.

In pkgs/stdenv/generic/setup.sh line 521:
    local varRef="$varVar[$((targetOffset - hostOffset))]"
                  ^-- SC1087 (error): Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
2023-01-16 23:54:14 +02:00
Artturin
f2c27018f0 stdenv: fix SC2242
exit -1 == exit 255 but we don't have a reason to use 255

In pkgs/stdenv/generic/setup.sh line 518:
    (( hostOffset <= targetOffset )) || exit -1
                                             ^-- SC2242 (error): Can only exit with status 0-255. Other data should be wri
tten to stdout/stderr.
2023-01-16 23:03:21 +02:00
Artturin
e58785bf41 stdenv: disable shellcheck rule SC2048
we use [*] to support structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 1542:
    for curPhase in ${phases[*]}; do
                    ^----------^ SC2048 (warning): Use "${array[@]}" (with quotes) to prevent whitespace problems.
2023-01-16 08:23:04 +02:00
Artturin
4db439c599 stdenv: disable shellcheck rules
In pkgs/stdenv/generic/setup.sh line 101:
        source "$hookName"
               ^---------^ SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.

In pkgs/stdenv/generic/setup.sh line 166:
            mkdir -p "$out/nix-support"
                      ^--^ SC2154 (warning): out is referenced but not assigned.

In pkgs/stdenv/generic/setup.sh line 407:
PATH=
^--^ SC2123 (warning): PATH is the shell search path. Use another name.

In pkgs/stdenv/generic/setup.sh line 452:
declare -a pkgBuildAccumVars=(pkgsBuildBuild pkgsBuildHost pkgsBuildTarget)
           ^---------------^ SC2034 (warning): pkgBuildAccumVars appears unused. Verify use (or export if used e
xternally).
because pkgBuildAccumVars is used

In pkgs/stdenv/generic/setup.sh line 235:
        nameref="$* ${nameref-}"
        ^-----^ SC2178 (warning): Variable was used as an array but is now assigned a string.
because we theres a useArray conditional
2023-01-16 08:01:38 +02:00
Artturin
0417f953e2 stdenv: fix SC2004 & SC2086
SC2004 (style): $/${} is unnecessary on arithmetic variables.
SC2086 (info): Double quote to prevent globbing and word splitting.
2023-01-16 07:54:19 +02:00
Artturin
0e8263ce73 stdenv: fix SC2223
In pkgs/stdenv/generic/setup.sh line 36:
    : ${outputs:=out}
      ^-------------^ SC2223 (info): This default assignment may cause DoS due to globbing. Quote it.
2023-01-16 07:54:19 +02:00
Artturin
856f3a46b2 stdenv: drop remove unnecessary env var
and the associated obsolete functions

support for log nesting was removed in 2017 6669a3b477
2023-01-15 23:56:23 +02:00
Artturi
f338f1422e
Merge pull request #209371 from Artturin/gziprepro
gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
2023-01-15 00:04:51 +02:00
Artturin
88f36d2694 gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
the logic can be tested with

```
$ GZIP_NO_TIMESTAMPS=1 && echo "${GZIP_NO_TIMESTAMPS:+-n }"
-n
$ unset GZIP_NO_TIMESTAMPS && echo "${GZIP_NO_TIMESTAMPS:+-n }"

```
2023-01-12 01:30:29 +02:00
Artturin
314b03125f stdenv: don't fail installPhase on missing makefile
otherwise the build just fails with 'make: *** No rule to make target 'install'.  Stop.'

and update buildPhase message

i don't know if the 'makefile may have been created in buildPhase' is
true but i guess it might be possible
2023-01-06 03:01:39 +02:00
Naïm Favier
e14de22618
stdenv: handle env gracefully
Derivations not using `__structuredAttrs` should not attempt to set
environment variables from `env`.

Derivations using `__structuredAttrs` should fail if `env` is not
exportable.
2022-12-15 13:27:11 +01:00
Artturin
11c3127e38 stdenv: detect the type of variable in {prepend,append}ToVar
stdenv: error if using {prepend,append}ToVar on associative array

i don't know how to prepend to associative array
2022-12-10 04:42:36 +02:00
Artturin
bb914d8676 stdenv: export system pname name version for substituteAll
so we don't have to add these to the env attrset
2022-12-08 21:09:02 +02:00
Artturin
1c4820efdd work around a nix bug 2022-12-08 06:13:19 +02:00
Artturin
238a6053c4 stdenv: support opt-in __structuredAttrs
Co-authored-by: Robin Gloster <mail@glob.in>

stdenv: print message if structuredAttrs is enabled

stdenv: add _append

reduces the chance of a user doing it wrong

fix nix develop issue

output hooks don't work yet in nix develop though

making $outputs be the same on non-structuredAttrs and structuredAttrs
is too much trouble.

lets instead make a function that gets the output names

reading environment file '/nix/store/2x7m69a2sm2kh0r6v0q5s9z1dh41m4xf-xz-5.2.5-env-bin'
nix: src/nix/develop.cc:299: std::string Common::makeRcScript(nix::ref<nix::Store>, const BuildEnvironment&, const Path&): Assertion `outputs != buildEnvironment.vars.end()' failed.

use a function to get all output names instead of using $outputs

copy env functionality from https://github.com/NixOS/nixpkgs/pull/76732/commits
2022-12-08 06:13:19 +02:00
Sandro Jäckel
9f4143e964
stdenv: fix succeedOnFailure 2022-11-12 19:25:14 +01:00
Graham Christensen
c2b898da76 treewide: drop -l$NIX_BUILD_CORES
Passing `-l$NIX_BUILD_CORES` improperly limits the overall system load.

For a build machine which is configured to run `$B` builds where each
build gets `total cores / B` cores (`$C`), passing `-l $C` to make will
improperly limit the load to `$C` instead of `$B * $C`.

This effect becomes quite pronounced on machines with 80 cores, with
40 simultaneous builds and a cores limit of 2. On a machine with this
configuration, Nix will run 40 builds and make will limit the overall
system load to approximately 2. A build machine with this many cores
can happily run with a load approaching 80.

A non-solution is to oversubscribe the machine, by picking a larger
`$C`. However, there is no way to divide the number of cores in a way
which fairly subdivides the available cores when `$B` is greater than
1.

There has been exploration of passing a jobserver in to the sandbox,
or sharing a jobserver between all the builds. This is one option, but
relatively complicated and only supports make. Lots of other software
uses its own implementation of `-j` and doesn't support either `-l` or
the Make jobserver.

For the case of an interactive user machine, the user should limit
overall system load using `$B`, `$C`, and optionally systemd's
cpu/network/io limiting features.

Making this change should significantly improve the utilization of our
build farm, and improve the throughput of Hydra.
2022-09-22 16:01:23 -04:00
Matthew Bauer
ec4019f6dc Set inherit_errexit after bash version check
inherit_errexit wasn’t available in bash 3. We have a check to show a
nice error message, but that check is after we set inherit_errexit in
setup.sh. So we can just move this to below the BASH_VERSINFO check.
2022-08-21 23:01:55 -04:00
Artturin
ba1efa71ae stdenv: substituteInPlace: accept multiple filenames
I don't know if getopt is available everywhere, so I did not use it.

in any case, it can be changed to use getopt in the future if
needed.
2022-06-29 22:03:19 +03:00
Rick van Schijndel
adafa1cb42
Merge pull request #178626 from a-m-joseph/pr/168413fallout/mktemp
setup.sh: use six `X` characters in `mktemp` invocation
2022-06-23 06:45:40 +02:00
Adam Joseph
97bf76b3b3 setup.sh: use six X characters in mktemp invocation
Closes #178625

The `busybox` version of `mktemp` requires exactly six `X` characters
in the argument to `mktemp`, unlike the `coreutils` version of `mktemp`.

Let's accomodate packages, like `epson-escpr2`, which fool `setup.sh`
into using the `busybox` version instead of the `stdenv` version.
2022-06-22 12:46:22 -07:00
Adam Joseph
64fc13ff1d setup.sh: use -exec rather than -execdir
Busybox's `find` does not support `-execdir`, so let's uses `-exec`
instead, in the spirit of requiring the minimum features needed for
the task.
2022-06-15 12:10:44 -07:00