HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: emacs-emms: Update to 7.1.
[jackhill/guix/guix.git] / nix / nix-daemon / guix-daemon.cc
1 /* GNU Guix --- Functional package management for GNU
2 Copyright (C) 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2021 Ludovic Courtès <ludo@gnu.org>
3 Copyright (C) 2006, 2010, 2012, 2014 Eelco Dolstra <e.dolstra@tudelft.nl>
4
5 This file is part of GNU Guix.
6
7 GNU Guix is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or (at
10 your option) any later version.
11
12 GNU Guix is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. */
19
20 #include <config.h>
21
22 #include <types.hh>
23 #include "shared.hh"
24 #include <globals.hh>
25 #include <util.hh>
26
27 #include <gcrypt.h>
28
29 #include <stdlib.h>
30 #include <argp.h>
31 #include <unistd.h>
32 #include <sys/types.h>
33 #include <sys/stat.h>
34 #include <sys/socket.h>
35 #include <sys/un.h>
36 #include <netdb.h>
37 #include <strings.h>
38 #include <exception>
39 #include <iostream>
40
41 #include <libintl.h>
42 #include <locale.h>
43
44 /* Variables used by `nix-daemon.cc'. */
45 volatile ::sig_atomic_t blockInt;
46 char **argvSaved;
47
48 using namespace nix;
49
50 /* Entry point in `nix-daemon.cc'. */
51 extern void run (const std::vector<int> &);
52
53 \f
54 /* Command-line options. */
55
56 #define n_(str) str
57 #define _(str) gettext (str)
58 static const char guix_textdomain[] = "guix";
59
60
61 const char *argp_program_version =
62 "guix-daemon (" PACKAGE_NAME ") " PACKAGE_VERSION;
63 const char *argp_program_bug_address = PACKAGE_BUGREPORT;
64
65 static char doc[] =
66 n_("guix-daemon -- perform derivation builds and store accesses")
67 "\v\n"
68 n_("This program is a daemon meant to run in the background. It serves \
69 requests sent over a Unix-domain socket. It accesses the store, and \
70 builds derivations on behalf of its clients.");
71
72 #define GUIX_OPT_SYSTEM 1
73 #define GUIX_OPT_DISABLE_CHROOT 2
74 #define GUIX_OPT_BUILD_USERS_GROUP 3
75 #define GUIX_OPT_CACHE_FAILURES 4
76 #define GUIX_OPT_LOSE_LOGS 5
77 #define GUIX_OPT_DISABLE_LOG_COMPRESSION 6
78 #define GUIX_OPT_DISABLE_DEDUPLICATION 7
79 #define GUIX_OPT_IMPERSONATE_LINUX_26 8
80 #define GUIX_OPT_DEBUG 9
81 #define GUIX_OPT_CHROOT_DIR 10
82 #define GUIX_OPT_LISTEN 11
83 #define GUIX_OPT_NO_SUBSTITUTES 12
84 #define GUIX_OPT_SUBSTITUTE_URLS 13
85 #define GUIX_OPT_NO_BUILD_HOOK 14
86 #define GUIX_OPT_GC_KEEP_OUTPUTS 15
87 #define GUIX_OPT_GC_KEEP_DERIVATIONS 16
88 #define GUIX_OPT_BUILD_ROUNDS 17
89 #define GUIX_OPT_TIMEOUT 18
90 #define GUIX_OPT_MAX_SILENT_TIME 19
91 #define GUIX_OPT_LOG_COMPRESSION 20
92 #define GUIX_OPT_DISCOVER 21
93
94 static const struct argp_option options[] =
95 {
96 { "system", GUIX_OPT_SYSTEM, n_("SYSTEM"), 0,
97 n_("assume SYSTEM as the current system type") },
98 { "cores", 'c', n_("N"), 0,
99 n_("use N CPU cores to build each derivation; 0 means as many as available")
100 },
101 { "max-jobs", 'M', n_("N"), 0,
102 n_("allow at most N build jobs") },
103 { "timeout", GUIX_OPT_TIMEOUT, n_("SECONDS"), 0,
104 n_("mark builds as failed after SECONDS of activity") },
105 { "max-silent-time", GUIX_OPT_MAX_SILENT_TIME, n_("SECONDS"), 0,
106 n_("mark builds as failed after SECONDS of silence") },
107 { "disable-chroot", GUIX_OPT_DISABLE_CHROOT, 0, 0,
108 n_("disable chroot builds") },
109 { "chroot-directory", GUIX_OPT_CHROOT_DIR, n_("DIR"), 0,
110 n_("add DIR to the build chroot") },
111 { "build-users-group", GUIX_OPT_BUILD_USERS_GROUP, n_("GROUP"), 0,
112 n_("perform builds as a user of GROUP") },
113 { "no-substitutes", GUIX_OPT_NO_SUBSTITUTES, 0, 0,
114 n_("do not use substitutes") },
115 { "substitute-urls", GUIX_OPT_SUBSTITUTE_URLS, n_("URLS"), 0,
116 n_("use URLS as the default list of substitute providers") },
117 { "no-offload", GUIX_OPT_NO_BUILD_HOOK, 0, 0,
118 n_("do not attempt to offload builds") },
119 { "no-build-hook", GUIX_OPT_NO_BUILD_HOOK, 0,
120 OPTION_HIDDEN, // deprecated
121 n_("do not attempt to offload builds") },
122 { "cache-failures", GUIX_OPT_CACHE_FAILURES, 0, 0,
123 n_("cache build failures") },
124 { "rounds", GUIX_OPT_BUILD_ROUNDS, "N", 0,
125 n_("build each derivation N times in a row") },
126 { "lose-logs", GUIX_OPT_LOSE_LOGS, 0, 0,
127 n_("do not keep build logs") },
128 { "disable-log-compression", GUIX_OPT_DISABLE_LOG_COMPRESSION, 0,
129 OPTION_HIDDEN, // deprecated
130 n_("disable compression of the build logs") },
131 { "log-compression", GUIX_OPT_LOG_COMPRESSION, "TYPE", 0,
132 n_("use the specified compression type for build logs") },
133 { "discover", GUIX_OPT_DISCOVER, "yes/no", OPTION_ARG_OPTIONAL,
134 n_("use substitute servers discovered on the local network") },
135
136 /* '--disable-deduplication' was known as '--disable-store-optimization'
137 up to Guix 0.7 included, so keep the alias around. */
138 { "disable-deduplication", GUIX_OPT_DISABLE_DEDUPLICATION, 0, 0,
139 n_("disable automatic file \"deduplication\" in the store") },
140 { "disable-store-optimization", GUIX_OPT_DISABLE_DEDUPLICATION, 0,
141 OPTION_ALIAS | OPTION_HIDDEN, NULL },
142
143 { "impersonate-linux-2.6", GUIX_OPT_IMPERSONATE_LINUX_26, 0,
144 #ifdef HAVE_SYS_PERSONALITY_H
145 0,
146 #else
147 OPTION_HIDDEN,
148 #endif
149 n_("impersonate Linux 2.6")
150 },
151 { "gc-keep-outputs", GUIX_OPT_GC_KEEP_OUTPUTS,
152 "yes/no", OPTION_ARG_OPTIONAL,
153 n_("tell whether the GC must keep outputs of live derivations") },
154 { "gc-keep-derivations", GUIX_OPT_GC_KEEP_DERIVATIONS,
155 "yes/no", OPTION_ARG_OPTIONAL,
156 n_("tell whether the GC must keep derivations corresponding \
157 to live outputs") },
158
159 { "listen", GUIX_OPT_LISTEN, n_("SOCKET"), 0,
160 n_("listen for connections on SOCKET") },
161 { "debug", GUIX_OPT_DEBUG, 0, 0,
162 n_("produce debugging output") },
163 { 0, 0, 0, 0, 0 }
164 };
165
166
167 /* Default port for '--listen' on TCP/IP. */
168 #define DEFAULT_GUIX_PORT "44146"
169
170 /* List of '--listen' options. */
171 static std::list<std::string> listen_options;
172
173 static bool useDiscover = false;
174
175 /* Convert ARG to a Boolean value, or throw an error if it does not denote a
176 Boolean. */
177 static bool
178 string_to_bool (const char *arg, bool dflt = true)
179 {
180 if (arg == NULL)
181 return dflt;
182 else if (strcasecmp (arg, "yes") == 0)
183 return true;
184 else if (strcasecmp (arg, "no") == 0)
185 return false;
186 else
187 throw nix::Error (format ("'%1%': invalid Boolean value") % arg);
188 }
189
190 /* Parse a single option. */
191 static error_t
192 parse_opt (int key, char *arg, struct argp_state *state)
193 {
194 switch (key)
195 {
196 case GUIX_OPT_DISABLE_CHROOT:
197 settings.useChroot = false;
198 break;
199 case GUIX_OPT_CHROOT_DIR:
200 {
201 std::string chroot_dirs;
202
203 chroot_dirs = settings.get ("build-extra-chroot-dirs",
204 (std::string) "");
205 if (chroot_dirs == "")
206 chroot_dirs = arg;
207 else
208 chroot_dirs = chroot_dirs + " " + arg;
209 settings.set("build-extra-chroot-dirs", chroot_dirs);
210 break;
211 }
212 case GUIX_OPT_LOG_COMPRESSION:
213 if (strcmp (arg, "none") == 0)
214 settings.logCompression = COMPRESSION_NONE;
215 else if (strcmp (arg, "gzip") == 0)
216 settings.logCompression = COMPRESSION_GZIP;
217 #if HAVE_BZLIB_H
218 else if (strcmp (arg, "bzip2") == 0)
219 settings.logCompression = COMPRESSION_BZIP2;
220 #endif
221 else
222 {
223 fprintf (stderr, _("error: %s: unknown compression type\n"), arg);
224 exit (EXIT_FAILURE);
225 }
226 break;
227 case GUIX_OPT_DISABLE_LOG_COMPRESSION:
228 settings.logCompression = COMPRESSION_NONE;
229 break;
230 case GUIX_OPT_BUILD_USERS_GROUP:
231 settings.buildUsersGroup = arg;
232 break;
233 case GUIX_OPT_DISABLE_DEDUPLICATION:
234 settings.autoOptimiseStore = false;
235 break;
236 case GUIX_OPT_CACHE_FAILURES:
237 settings.cacheFailure = true;
238 break;
239 case GUIX_OPT_BUILD_ROUNDS:
240 {
241 char *end;
242 unsigned long n = strtoul (arg, &end, 10);
243 if (end != arg + strlen (arg))
244 {
245 fprintf (stderr, _("error: %s: invalid number of rounds\n"), arg);
246 exit (EXIT_FAILURE);
247 }
248 settings.set ("build-repeat", std::to_string (std::max (0UL, n - 1)));
249 break;
250 }
251 case GUIX_OPT_IMPERSONATE_LINUX_26:
252 settings.impersonateLinux26 = true;
253 break;
254 case GUIX_OPT_LOSE_LOGS:
255 settings.keepLog = false;
256 break;
257 case GUIX_OPT_LISTEN:
258 listen_options.push_back (arg);
259 break;
260 case GUIX_OPT_SUBSTITUTE_URLS:
261 settings.set ("substitute-urls", arg);
262 break;
263 case GUIX_OPT_NO_SUBSTITUTES:
264 settings.set ("build-use-substitutes", "false");
265 break;
266 case GUIX_OPT_NO_BUILD_HOOK:
267 settings.useBuildHook = false;
268 break;
269 case GUIX_OPT_DISCOVER:
270 useDiscover = string_to_bool (arg);
271 settings.set ("discover", useDiscover ? "true" : "false");
272 break;
273 case GUIX_OPT_DEBUG:
274 verbosity = lvlDebug;
275 break;
276 case GUIX_OPT_GC_KEEP_OUTPUTS:
277 settings.gcKeepOutputs = string_to_bool (arg);
278 break;
279 case GUIX_OPT_GC_KEEP_DERIVATIONS:
280 settings.gcKeepDerivations = string_to_bool (arg);
281 break;
282 case 'c':
283 settings.set ("build-cores", arg);
284 break;
285 case 'M':
286 settings.set ("build-max-jobs", arg);
287 break;
288 case GUIX_OPT_TIMEOUT:
289 settings.set ("build-timeout", arg);
290 break;
291 case GUIX_OPT_MAX_SILENT_TIME:
292 settings.set ("build-max-silent-time", arg);
293 break;
294 case GUIX_OPT_SYSTEM:
295 settings.thisSystem = arg;
296 break;
297 default:
298 return (error_t) ARGP_ERR_UNKNOWN;
299 }
300
301 return (error_t) 0;
302 }
303
304 /* Argument parsing. */
305 static const struct argp argp =
306 {
307 options, parse_opt,
308 NULL, doc,
309 NULL, NULL, // children and help_filter
310 guix_textdomain
311 };
312
313 \f
314 static int
315 open_unix_domain_socket (const char *file)
316 {
317 /* Create and bind to a Unix domain socket. */
318 AutoCloseFD fdSocket = socket (PF_UNIX, SOCK_STREAM, 0);
319 if (fdSocket == -1)
320 throw SysError (_("cannot create Unix domain socket"));
321
322 createDirs (dirOf (file));
323
324 /* Urgh, sockaddr_un allows path names of only 108 characters.
325 So chdir to the socket directory so that we can pass a
326 relative path name. */
327 if (chdir (dirOf (file).c_str ()) == -1)
328 throw SysError (_("cannot change current directory"));
329 Path fileRel = "./" + baseNameOf (file);
330
331 struct sockaddr_un addr;
332 addr.sun_family = AF_UNIX;
333 if (fileRel.size () >= sizeof (addr.sun_path))
334 throw Error (format (_("socket file name '%1%' is too long")) % fileRel);
335 strcpy (addr.sun_path, fileRel.c_str ());
336
337 unlink (file);
338
339 /* Make sure that the socket is created with 0666 permission
340 (everybody can connect --- provided they have access to the
341 directory containing the socket). */
342 mode_t oldMode = umask (0111);
343 int res = bind (fdSocket, (struct sockaddr *) &addr, sizeof addr);
344 umask (oldMode);
345 if (res == -1)
346 throw SysError (format (_("cannot bind to socket '%1%'")) % file);
347
348 if (chdir ("/") == -1) /* back to the root */
349 throw SysError (_("cannot change current directory"));
350
351 if (listen (fdSocket, 5) == -1)
352 throw SysError (format (_("cannot listen on socket '%1%'")) % file);
353
354 return fdSocket.borrow ();
355 }
356
357 /* Return a listening socket for ADDRESS, which has the given LENGTH. */
358 static int
359 open_inet_socket (const struct sockaddr *address, socklen_t length)
360 {
361 AutoCloseFD fd = socket (address->sa_family, SOCK_STREAM, 0);
362 if (fd == -1)
363 throw SysError (_("cannot create TCP socket"));
364
365 int res = bind (fd, address, length);
366 if (res == -1)
367 throw SysError (_("cannot bind TCP socket"));
368
369 if (listen (fd, 5) == -1)
370 throw SysError (format (_("cannot listen on TCP socket")));
371
372 return fd.borrow ();
373 }
374
375 /* Return a list of file descriptors of listening sockets. */
376 static std::vector<int>
377 listening_sockets (const std::list<std::string> &options)
378 {
379 std::vector<int> result;
380
381 if (options.empty ())
382 {
383 /* Open the default Unix-domain socket. */
384 auto fd = open_unix_domain_socket (settings.nixDaemonSocketFile.c_str ());
385 result.push_back (fd);
386 return result;
387 }
388
389 /* Open the user-specified sockets. */
390 for (const std::string& option: options)
391 {
392 if (option[0] == '/')
393 {
394 /* Assume OPTION is the file name of a Unix-domain socket. */
395 settings.nixDaemonSocketFile = canonPath (option);
396 int fd =
397 open_unix_domain_socket (settings.nixDaemonSocketFile.c_str ());
398 result.push_back (fd);
399 }
400 else
401 {
402 /* Assume OPTIONS has the form "HOST" or "HOST:PORT". */
403 auto colon = option.find_last_of (":");
404 auto host = colon == std::string::npos
405 ? option : option.substr (0, colon);
406 auto port = colon == std::string::npos
407 ? DEFAULT_GUIX_PORT
408 : option.substr (colon + 1, option.size () - colon - 1);
409
410 struct addrinfo *res, hints;
411
412 memset (&hints, '\0', sizeof hints);
413 hints.ai_socktype = SOCK_STREAM;
414 hints.ai_flags = AI_NUMERICSERV | AI_ADDRCONFIG;
415
416 int err = getaddrinfo (host.c_str(), port.c_str (),
417 &hints, &res);
418
419 if (err != 0)
420 throw Error(format ("failed to look up '%1%': %2%")
421 % option % gai_strerror (err));
422
423 printMsg (lvlDebug, format ("listening on '%1%', port '%2%'")
424 % host % port);
425
426 /* XXX: Pick the first result, RES. */
427 result.push_back (open_inet_socket (res->ai_addr,
428 res->ai_addrlen));
429
430 freeaddrinfo (res);
431 }
432 }
433
434 return result;
435 }
436
437 \f
438 int
439 main (int argc, char *argv[])
440 {
441 setlocale (LC_ALL, "");
442 bindtextdomain (guix_textdomain, LOCALEDIR);
443 textdomain (guix_textdomain);
444
445 /* Initialize libgcrypt. */
446 if (!gcry_check_version (GCRYPT_VERSION))
447 {
448 fprintf (stderr, _("error: libgcrypt version mismatch\n"));
449 exit (EXIT_FAILURE);
450 }
451
452 /* Tell Libgcrypt that initialization has completed, as per the Libgcrypt
453 1.6.0 manual (although this does not appear to be strictly needed.) */
454 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
455
456 /* Set the umask so that the daemon does not end up creating group-writable
457 files, which would lead to "suspicious ownership or permission" errors.
458 See <http://lists.gnu.org/archive/html/bug-guix/2013-07/msg00033.html>. */
459 umask (S_IWGRP | S_IWOTH);
460
461 #ifndef HAVE_CHROOT
462 # error chroot is assumed to be available
463 #endif
464
465 /* Always use chroots by default. */
466 settings.useChroot = true;
467
468 /* Turn automatic deduplication on by default. */
469 settings.autoOptimiseStore = true;
470
471 /* Default to using as many cores as possible and one job at a time. */
472 settings.buildCores = 0;
473 settings.maxBuildJobs = 1;
474
475 argvSaved = argv;
476
477 try
478 {
479 settings.processEnvironment ();
480
481 /* Enable substitutes by default. */
482 settings.set ("build-use-substitutes", "true");
483
484 /* Use our substitute server by default. */
485 settings.set ("substitute-urls", GUIX_SUBSTITUTE_URLS);
486
487 #ifdef HAVE_DAEMON_OFFLOAD_HOOK
488 /* Use 'guix offload' for distributed builds by default. */
489 settings.useBuildHook = true;
490 #else
491 /* We are not installing any build hook, so disable it. */
492 settings.useBuildHook = false;
493 #endif
494
495 argp_parse (&argp, argc, argv, 0, 0, 0);
496
497 auto sockets = listening_sockets (listen_options);
498
499 /* Effect all the changes made via 'settings.set'. */
500 settings.update ();
501 printMsg(lvlDebug,
502 format ("build log compression: %1%") % settings.logCompression);
503
504 if (geteuid () == 0 && settings.buildUsersGroup.empty ())
505 fprintf (stderr, _("warning: daemon is running as root, so \
506 using `--build-users-group' is highly recommended\n"));
507
508 if (settings.useChroot)
509 {
510 std::string chroot_dirs;
511
512 chroot_dirs = settings.get ("build-extra-chroot-dirs",
513 (std::string) "");
514 printMsg (lvlDebug,
515 format ("extra chroot directories: '%1%'") % chroot_dirs);
516 }
517
518 if (useDiscover)
519 {
520 Strings args;
521
522 args.push_back("guix");
523 args.push_back("discover");
524
525 startProcess([&]() {
526 execv(settings.guixProgram.c_str(), stringsToCharPtrs(args).data());
527 });
528 }
529
530 printMsg (lvlDebug,
531 format ("automatic deduplication set to %1%")
532 % settings.autoOptimiseStore);
533
534 printMsg (lvlDebug,
535 format ("listening on `%1%'") % settings.nixDaemonSocketFile);
536
537 run (sockets);
538 }
539 catch (std::exception &e)
540 {
541 fprintf (stderr, _("error: %s\n"), e.what ());
542 return EXIT_FAILURE;
543 }
544
545 return EXIT_SUCCESS; /* never reached */
546 }
jackhill's copy of GNU Guix: https://guix.gnu.org/