* [PATCH] Add a ‘verifyStore’ RPC
@ 2015-06-01 21:20 Ludovic Courtès
2015-06-02 11:18 ` Eelco Dolstra
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2015-06-01 21:20 UTC (permalink / raw)
To: Eelco Dolstra; +Cc: guix-devel, nix-dev
[-- Attachment #1: Type: text/plain, Size: 151 bytes --]
Hello!
The patch below adds a ‘verifyStore’ RPC with the same signature as the
current LocalStore::verifyStore method.
Thanks,
Ludo’.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: the patch --]
[-- Type: text/x-patch, Size: 2978 bytes --]
From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Mon, 1 Jun 2015 23:17:10 +0200
Subject: [PATCH] Add a 'verifyStore' remote procedure call.
---
src/libstore/remote-store.cc | 10 ++++++++++
src/libstore/remote-store.hh | 1 +
src/libstore/store-api.hh | 4 ++++
src/libstore/worker-protocol.hh | 3 ++-
src/nix-daemon/nix-daemon.cc | 10 ++++++++++
5 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc
index 3b2825c..ab87d9d 100644
--- a/src/libstore/remote-store.cc
+++ b/src/libstore/remote-store.cc
@@ -587,6 +587,16 @@ void RemoteStore::optimiseStore()
readInt(from);
}
+bool RemoteStore::verifyStore(bool checkContents, bool repair)
+{
+ openConnection();
+ writeInt(wopVerifyStore, to);
+ writeInt(checkContents, to);
+ writeInt(repair, to);
+ processStderr();
+ return readInt(from) != 0;
+}
+
void RemoteStore::processStderr(Sink * sink, Source * source)
{
to.flush();
diff --git a/src/libstore/remote-store.hh b/src/libstore/remote-store.hh
index 14209cb..030120d 100644
--- a/src/libstore/remote-store.hh
+++ b/src/libstore/remote-store.hh
@@ -85,6 +85,7 @@ public:
void optimiseStore();
+ bool verifyStore(bool checkContents, bool repair);
private:
AutoCloseFD fdSocket;
FdSink to;
diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh
index 97a60a6..3764f3e 100644
--- a/src/libstore/store-api.hh
+++ b/src/libstore/store-api.hh
@@ -254,6 +254,10 @@ public:
/* Optimise the disk space usage of the Nix store by hard-linking files
with the same contents. */
virtual void optimiseStore() = 0;
+
+ /* Check the integrity of the Nix store. Returns true if errors
+ remain. */
+ virtual bool verifyStore(bool checkContents, bool repair) = 0;
};
diff --git a/src/libstore/worker-protocol.hh b/src/libstore/worker-protocol.hh
index 4b040b7..d037d74 100644
--- a/src/libstore/worker-protocol.hh
+++ b/src/libstore/worker-protocol.hh
@@ -42,7 +42,8 @@ typedef enum {
wopQueryValidPaths = 31,
wopQuerySubstitutablePaths = 32,
wopQueryValidDerivers = 33,
- wopOptimiseStore = 34
+ wopOptimiseStore = 34,
+ wopVerifyStore = 35
} WorkerOp;
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index bed7de0..b3552a9 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -519,6 +519,16 @@ static void performOp(bool trusted, unsigned int clientVersion,
writeInt(1, to);
break;
+ case wopVerifyStore: {
+ bool checkContents = readInt(from) != 0;
+ bool repair = readInt(from) != 0;
+ startWork();
+ bool errors = store->verifyStore(checkContents, repair);
+ stopWork();
+ writeInt(errors, to);
+ break;
+ }
+
default:
throw Error(format("invalid operation %1%") % op);
}
--
2.2.1
[-- Attachment #3: Type: text/plain, Size: 149 bytes --]
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] Add a ‘verifyStore’ RPC
2015-06-01 21:20 [PATCH] Add a ‘verifyStore’ RPC Ludovic Courtès
@ 2015-06-02 11:18 ` Eelco Dolstra
2015-06-03 8:27 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Eelco Dolstra @ 2015-06-02 11:18 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel, nix-dev
Hi,
On 01/06/15 23:20, Ludovic Courtès wrote:
> The patch below adds a ‘verifyStore’ RPC with the same signature as the
> current LocalStore::verifyStore method.
Thanks! I've applied this with the following change to disallow repairing by
unprivileged users (since it's a potentially dangerous operation):
https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Add a ‘verifyStore’ RPC
2015-06-02 11:18 ` Eelco Dolstra
@ 2015-06-03 8:27 ` Ludovic Courtès
2015-06-03 14:19 ` Eelco Dolstra
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2015-06-03 8:27 UTC (permalink / raw)
To: Eelco Dolstra; +Cc: guix-devel, nix-dev
Hello!
Eelco Dolstra <eelco.dolstra@logicblox.com> skribis:
> On 01/06/15 23:20, Ludovic Courtès wrote:
>
>> The patch below adds a ‘verifyStore’ RPC with the same signature as the
>> current LocalStore::verifyStore method.
>
> Thanks! I've applied this with the following change to disallow repairing by
> unprivileged users (since it's a potentially dangerous operation):
>
> https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f
Sounds good, although I’m unclear on how things could go wrong:
repairing can only rebuild or use approved substitutes, right?
Thank you!
Ludo’.
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Add a ‘verifyStore’ RPC
2015-06-03 8:27 ` Ludovic Courtès
@ 2015-06-03 14:19 ` Eelco Dolstra
2015-06-03 15:23 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Eelco Dolstra @ 2015-06-03 14:19 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel, nix-dev
Hi,
On 03/06/15 10:27, Ludovic Courtès wrote:
>>> The patch below adds a ‘verifyStore’ RPC with the same signature as the
>>> current LocalStore::verifyStore method.
>>
>> Thanks! I've applied this with the following change to disallow repairing by
>> unprivileged users (since it's a potentially dangerous operation):
>>
>> https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f
>
> Sounds good, although I’m unclear on how things could go wrong:
> repairing can only rebuild or use approved substitutes, right?
Repair may replace store paths non-atomically, which, if interrupted, can leave
the system in a broken state. (E.g. if you try to replace glibc and it fails
half-way through.)
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Add a ‘verifyStore’ RPC
2015-06-03 14:19 ` Eelco Dolstra
@ 2015-06-03 15:23 ` Ludovic Courtès
0 siblings, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2015-06-03 15:23 UTC (permalink / raw)
To: Eelco Dolstra; +Cc: guix-devel, nix-dev
Eelco Dolstra <eelco.dolstra@logicblox.com> skribis:
> On 03/06/15 10:27, Ludovic Courtès wrote:
>
>>>> The patch below adds a ‘verifyStore’ RPC with the same signature as the
>>>> current LocalStore::verifyStore method.
>>>
>>> Thanks! I've applied this with the following change to disallow repairing by
>>> unprivileged users (since it's a potentially dangerous operation):
>>>
>>> https://github.com/NixOS/nix/commit/d8ddf994e70f97994e0f1fbd382df93cd071b90f
>>
>> Sounds good, although I’m unclear on how things could go wrong:
>> repairing can only rebuild or use approved substitutes, right?
>
> Repair may replace store paths non-atomically, which, if interrupted, can leave
> the system in a broken state. (E.g. if you try to replace glibc and it fails
> half-way through.)
I see, thanks for explaining.
Ludo’.
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-06-03 15:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-06-01 21:20 [PATCH] Add a ‘verifyStore’ RPC Ludovic Courtès
2015-06-02 11:18 ` Eelco Dolstra
2015-06-03 8:27 ` Ludovic Courtès
2015-06-03 14:19 ` Eelco Dolstra
2015-06-03 15:23 ` Ludovic Courtès
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).