Re: [Nix-dev] Nix 1.4 released
On 02/28/2013 01:08 PM, Eelco Dolstra wrote: I'm pleased to announce the availability of a new stable release of the Nix package manager. Release 1.5 can be found at http://hydra.nixos.org/release/nix/nix-1.5 This is a brown paper bag release to fix a regression introduced by the hard link security fix in 1.4. Nice. Personally I wouldn't bump the minor version number on bug fixes, but never mind. Vlada smime.p7s Description: S/MIME Cryptographic Signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Nix 1.4 released
Hi,
On 26/02/13 21:25, Vladimír Čunát wrote:
On 02/26/2013 02:46 PM, Eelco Dolstra wrote:
* Language change: The expression ${./path} ... now evaluates to a
string
instead of a path.
That means the such a file isn't copied into the store, and is included as a
plain ./path string, etc. Right?
It *is* copied, so an expression ${./file.sh} foo will evaluate to
/nix/store/...-file.sh foo. Previously it would try to copy ./file.sh foo,
which presumably doesn't exist.
BTW, I believe the hardlink concept is one of worst original UNIX features.
COW copy would make sense, but hardlinks are usually more trouble than worth.
Well, the main problem is that you can make hard links to files you don't own.
We should enable the kernel's hard link restrictions feature in NixOS...
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Nix 1.4 released
On 02/27/2013 12:00 PM, Eelco Dolstra wrote:
On 26/02/13 21:25, Vladimír Čunát wrote:
On 02/26/2013 02:46 PM, Eelco Dolstra wrote:
* Language change: The expression ${./path} ... now evaluates to a string
instead of a path.
That means the such a file isn't copied into the store, and is included as a
plain ./path string, etc. Right?
It *is* copied, so an expression ${./file.sh} foo will evaluate to
/nix/store/...-file.sh foo. Previously it would try to copy ./file.sh foo,
which presumably doesn't exist.
Ah :-) thanks for explaining.
BTW, I believe the hardlink concept is one of worst original UNIX features. COW
copy would make sense, but hardlinks are usually more trouble than worth.
Well, the main problem is that you can make hard links to files you don't own.
We should enable the kernel's hard link restrictions feature in NixOS...
I certainly won't mind it. The option seems to be in-tree since around 3.6.
Vlada
smime.p7s
Description: S/MIME Cryptographic Signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Nix 1.4 released
On 02/26/2013 02:46 PM, Eelco Dolstra wrote:
* Language change: The expression ${./path} ... now evaluates to a string
instead of a path.
That means the such a file isn't copied into the store, and is included
as a plain ./path string, etc. Right?
BTW, I believe the hardlink concept is one of worst original UNIX
features. COW copy would make sense, but hardlinks are usually more
trouble than worth.
Vlada
smime.p7s
Description: S/MIME Cryptographic Signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
