Skip to content

Infinisil patch 2#5

Merged
Bot-wxt1221 merged 12 commits intoBot-wxt1221:mainfrom
tweag:infinisil-patch-2
Nov 19, 2024
Merged

Infinisil patch 2#5
Bot-wxt1221 merged 12 commits intoBot-wxt1221:mainfrom
tweag:infinisil-patch-2

Conversation

@Bot-wxt1221
Copy link
Owner

@Bot-wxt1221 Bot-wxt1221 commented Nov 19, 2024

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

infinisil and others added 12 commits November 14, 2024 23:22
@infinisil
[WIP] Parallel GH actions workflow for Nixpkgs eval
4874faf 
Partly taken from NixOS#352808 and NixOS#269403
@Mic92
ci/parallel.nix: nixfmt
f2d312a
@Mic92
ci/eval: drop swap
1074648 
Turns out we don't actually need it
@Mic92
ci/eval: reformat with shfmt
7d887a5 
the file was using mixed indentation (2 vs 4 spaces)
@Mic92
ci/eval: depend on coreutils
7993364 
nproc is only part of coreutils and not present on macOS
@Mic92
ci/eval: allow to override cores
c5ec387 
this is useful to control how much RAM is used during evaluation
@Mic92
ci/eval: use xargs instead of parallel
000b067 
saves us from having to install perl for this script.
@Mic92
ci/eval: add quick test flag
8a5ee19
@Mic92
ci/eval: seperate different outputs in json
af2417f
@infinisil
Merge pull request #100 from Mic92/gha-eval-fixes
3364d66 
ci/parallel.nix: nixfmt
@infinisil
WIP
50e150a
@infinisil
Update README.md
fd9b8c9
@Bot-wxt1221 Bot-wxt1221 merged this pull request into Bot-wxt1221:main Nov 19, 2024
Bot-wxt1221 added a commit that referenced this pull request Nov 19, 2024
@Bot-wxt1221 @infinisil @Mic92
Infinisil patch 2 (#5)
0b76e80 
* [WIP] Parallel GH actions workflow for Nixpkgs eval

Partly taken from NixOS#352808 and NixOS#269403

* ci/parallel.nix: nixfmt

* ci/eval: drop swap

Turns out we don't actually need it

* ci/eval: reformat with shfmt

the file was using mixed indentation (2 vs 4 spaces)

* ci/eval: depend on coreutils

nproc is only part of coreutils and not present on macOS

* ci/eval: allow to override cores

this is useful to control how much RAM is used during evaluation

* ci/eval: use xargs instead of parallel

saves us from having to install perl for this script.

* ci/eval: add quick test flag

* ci/eval: seperate different outputs in json

* WIP

* Update README.md

---------

Co-authored-by: Silvan Mosberger <silvan.mosberger@tweag.io>
Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-authored-by: Silvan Mosberger <github@infinisil.com>
Bot-wxt1221 pushed a commit that referenced this pull request Jan 6, 2025
@martinetd
nixos/cryptpad: fix service with nodejs 22.11
cf498c1 
nixosTests.cryptpad started failing recently.

Investigating the issue shows that seccomp has become problematic during
the init phase, (e.g. this can be reproduced by removing the customize
directory in /var/lib/cryptpad):

machine # [   10.774365] systemd-coredump[864]: Process 756 (node) of user 65513 dumped core.
machine #
machine # Module libgcc_s.so.1 without build-id.
machine # Module libstdc++.so.6 without build-id.
machine # Module libicudata.so.74 without build-id.
machine # Module libicuuc.so.74 without build-id.
machine # Module libicui18n.so.74 without build-id.
machine # Module libz.so.1 without build-id.
machine # Module node without build-id.
machine # Stack trace of thread 756:
machine # #0  0x00007ff951974dcb fchown (libc.so.6 + 0x107dcb)
machine # #1  0x00007ff95490d0c0 uv__fs_copyfile (libuv.so.1 + 0x150c0)
machine # #2  0x00007ff95490d89a uv__fs_work (libuv.so.1 + 0x1589a)
machine # #3  0x00007ff954910c76 uv_fs_copyfile (libuv.so.1 + 0x18c76)
machine # #4  0x0000000000eb8a39 _ZN4node2fsL8CopyFileERKN2v820FunctionCallbackInfoINS1_5ValueEEE (node + 0xab8a39)
machine # #5  0x0000000001cda5e2 Builtins_CallApiCallbackGeneric (node + 0x18da5e2)
[...]
machine # [   10.877468] cryptpad[685]: /nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/bin/cryptpad: line 3:   756 Bad system call         (core dumped) "/nix/store/fkyp1bm5gll9adnfcj92snyym524mdrj-nodejs-22.11.0/bin/node" "/nix/store/h4yhhxpfm03c5rgz91q7jrvknh596ly2-cryptpad-2024.12.0/lib/node_modules/cryptpad/scripts/build.js"

nodejs 20.18 rightly did not require chown when the source and
destination are the same owner (heck, the script does not run as
root so even if it is not blocked there is no way it'd work with a
different owner...)

For now just allow chown calls again, this is not worth wasting more
time.

Fixes NixOS#370717
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Bot-wxt1221 @infinisil @Mic92