diff options
| -rw-r--r-- | configure.ac | 4 | ||||
| -rw-r--r-- | doc/manual/installation/env-variables.xml | 2 | ||||
| -rw-r--r-- | doc/manual/installation/installing-binary.xml | 178 | ||||
| -rw-r--r-- | doc/manual/installation/prerequisites-source.xml | 3 | ||||
| -rw-r--r-- | doc/manual/installation/supported-platforms.xml | 2 | ||||
| -rw-r--r-- | doc/manual/installation/upgrading.xml | 21 | ||||
| -rw-r--r-- | doc/manual/manual.xml | 1 | ||||
| -rw-r--r-- | doc/manual/release-notes/rl-2.1.xml | 25 | ||||
| -rw-r--r-- | scripts/install-nix-from-closure.sh | 25 | ||||
| -rw-r--r-- | src/libstore/builtins/fetchurl.cc | 5 | ||||
| -rw-r--r-- | src/libstore/download.cc | 2 | ||||
| -rw-r--r-- | src/libutil/util.cc | 2 | ||||
| -rwxr-xr-x | src/nix-channel/nix-channel.cc | 2 | ||||
| -rw-r--r-- | version | 2 |
14 files changed, 212 insertions, 62 deletions
diff --git a/configure.ac b/configure.ac index cc354f6f3028..9c85182efbf9 100644 --- a/configure.ac +++ b/configure.ac @@ -152,9 +152,9 @@ PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"] # Look for libbz2, a required dependency. AC_CHECK_LIB([bz2], [BZ2_bzWriteOpen], [true], - [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2. See http://www.bzip.org/.])]) + [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2. See https://web.archive.org/web/20180624184756/http://www.bzip.org/.])]) AC_CHECK_HEADERS([bzlib.h], [true], - [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2. See http://www.bzip.org/.])]) + [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2. See https://web.archive.org/web/20180624184756/http://www.bzip.org/.])]) # Look for SQLite, a required dependency. diff --git a/doc/manual/installation/env-variables.xml b/doc/manual/installation/env-variables.xml index 91ecd114f6d4..d1ee0bb2e096 100644 --- a/doc/manual/installation/env-variables.xml +++ b/doc/manual/installation/env-variables.xml @@ -39,7 +39,7 @@ bundle.</para> <step><para>Set the environment variable and install Nix</para> <screen> $ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt -$ curl https://nixos.org/nix/install | sh +$ sh <(curl https://nixos.org/nix/install) </screen></step> <step><para>In the shell profile and rc files (for example, diff --git a/doc/manual/installation/installing-binary.xml b/doc/manual/installation/installing-binary.xml index 7e8dfb0db3d4..394d8053b942 100644 --- a/doc/manual/installation/installing-binary.xml +++ b/doc/manual/installation/installing-binary.xml @@ -6,13 +6,30 @@ <title>Installing a Binary Distribution</title> -<para>If you are using Linux or macOS, the easiest way to install -Nix is to run the following command: +<para>If you are using Linux or macOS, the easiest way to install Nix +is to run the following command: <screen> -$ bash <(curl https://nixos.org/nix/install) + $ sh <(curl https://nixos.org/nix/install) </screen> +As of Nix 2.1.0, the Nix installer will always default to creating a +single-user installation, however opting in to the multi-user +installation is highly recommended. +</para> + +<section xml:id="sect-single-user-installation"> + <title>Single User Installation</title> + + <para> + To explicitly select a single-user installation on your system: + + <screen> + sh <(curl https://nixos.org/nix/install) --no-daemon +</screen> + </para> + +<para> This will perform a single-user installation of Nix, meaning that <filename>/nix</filename> is owned by the invoking user. You should run this under your usual user account, <emphasis>not</emphasis> as @@ -33,58 +50,141 @@ and <filename>.profile</filename> to source the <command>NIX_INSTALLER_NO_MODIFY_PROFILE</command> environment variable before executing the install script to disable this behaviour. - </para> -<!-- -<para>You can also manually download and install a binary package. -Binary packages of the latest stable release are available for Fedora, -Debian, Ubuntu, macOS and various other systems from the <link -xlink:href="http://nixos.org/nix/download.html">Nix homepage</link>. -You can also get builds of the latest development release from our -<link -xlink:href="http://hydra.nixos.org/job/nix/master/release/latest-finished#tabs-constituents">continuous -build system</link>.</para> -<para>For Fedora, RPM packages are available. These can be installed -or upgraded using <command>rpm -U</command>. For example, +<para>You can uninstall Nix simply by running: <screen> -$ rpm -U nix-1.8-1.i386.rpm</screen> +$ rm -rf /nix +</screen> </para> - -<para>For Debian and Ubuntu, you can download a Deb package and -install it like this: +</section> + +<section xml:id="sect-multi-user-installation"> + <title>Multi User Installation</title> + <para> + The multi-user Nix installation creates system users, and a system + service for the Nix daemon. + </para> + + <itemizedlist> + <title>Supported Systems</title> + + <listitem> + <para>Linux running systemd, with SELinux disabled</para> + </listitem> + <listitem><para>macOS</para></listitem> + </itemizedlist> + + <para> + You can instruct the installer to perform a multi-user + installation on your system: + + <screen> + sh <(curl https://nixos.org/nix/install) --daemon +</screen> + </para> + + <para> + The multi-user installation of Nix will create build users between + the user IDs 30001 and 30032, and a group with the group ID 30000. + + You should run this under your usual user account, + <emphasis>not</emphasis> as root. The script will invoke + <command>sudo</command> as needed. + </para> + + <note><para> + If you need Nix to use a different group ID or user ID set, you + will have to download the tarball manually and <link + linkend="sect-nix-install-binary-tarball">edit the install + script</link>. + </para></note> + + <para> + The installer will modify <filename>/etc/bashrc</filename>, and + <filename>/etc/zshrc</filename> if they exist. The installer will + first back up these files with a + <literal>.backup-before-nix</literal> extension. The installer + will also create <filename>/etc/profile.d/nix.sh</filename>. + </para> + + <para>You can uninstall Nix with the following commands: <screen> -$ dpkg -i nix_1.8-1_amd64.deb</screen> +sudo rm -rf /etc/profile/nix.sh /etc/nix /nix ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels + +# If you are on Linux with systemd, you will need to run: +sudo systemctl stop nix-daemon.socket +sudo systemctl stop nix-daemon.service +sudo systemctl disable nix-daemon.socket +sudo systemctl disable nix-daemon.service +sudo systemctl daemon-reload + +# If you are on macOS, you will need to run: +sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist +sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist +</screen> -</para> ---> + There may also be references to Nix in + <filename>/etc/profile</filename>, + <filename>/etc/bashrc</filename>, and + <filename>/etc/zshrc</filename> which you may remove. + </para> -<para>You can also download a binary tarball that contains Nix and all -its dependencies. (This is what the install script at -<uri>https://nixos.org/nix/install</uri> does automatically.) You -should unpack it somewhere (e.g. in <filename>/tmp</filename>), and -then run the script named <command>install</command> inside the binary -tarball: +</section> -<screen> -alice$ cd /tmp -alice$ tar xfj nix-1.8-x86_64-darwin.tar.bz2 -alice$ cd nix-1.8-x86_64-darwin -alice$ ./install -</screen> +<section xml:id="sect-nix-install-pinned-version-url"> + <title>Installing a pinned Nix version from a URL</title> -</para> + <para> + NixOS.org hosts version-specific installation URLs for all Nix + versions since 1.11.16, at + <literal>https://nixos.org/releases/nix/nix-VERSION/install</literal>. + </para> -<para>You can uninstall Nix simply by running: + <para> + These install scripts can be used the same as the main + NixOS.org installation script: -<screen> -$ rm -rf /nix + <screen> + sh <(curl https://nixos.org/nix/install) </screen> + </para> -</para> + <para> + In the same directory of the install script are sha256 sums, and + gpg signature files. + </para> +</section> + +<section xml:id="sect-nix-install-binary-tarball"> + <title>Installing from a binary tarball</title> + <para> + You can also download a binary tarball that contains Nix and all + its dependencies. (This is what the install script at + <uri>https://nixos.org/nix/install</uri> does automatically.) You + should unpack it somewhere (e.g. in <filename>/tmp</filename>), + and then run the script named <command>install</command> inside + the binary tarball: + + +<screen> +alice$ cd /tmp +alice$ tar xfj nix-1.8-x86_64-darwin.tar.bz2 +alice$ cd nix-1.8-x86_64-darwin +alice$ ./install +</screen> + </para> + + <para> + If you need to edit the multi-user installation script to use + different group ID or a different user ID range, modify the + variables set in the file named + <filename>install-multi-user</filename>. + </para> +</section> </chapter> diff --git a/doc/manual/installation/prerequisites-source.xml b/doc/manual/installation/prerequisites-source.xml index 01e9688d635f..ef14a1d753db 100644 --- a/doc/manual/installation/prerequisites-source.xml +++ b/doc/manual/installation/prerequisites-source.xml @@ -29,7 +29,8 @@ <literal>libbz2</literal> library. Thus you must have bzip2 installed, including development headers and libraries. If your distribution does not provide these, you can obtain bzip2 from <link - xlink:href="http://www.bzip.org/"/>.</para></listitem> + xlink:href="https://web.archive.org/web/20180624184756/http://www.bzip.org/" + />.</para></listitem> <listitem><para><literal>liblzma</literal>, which is provided by XZ Utils. If your distribution does not provide this, you can diff --git a/doc/manual/installation/supported-platforms.xml b/doc/manual/installation/supported-platforms.xml index 6858573ff407..3e74be49d1f7 100644 --- a/doc/manual/installation/supported-platforms.xml +++ b/doc/manual/installation/supported-platforms.xml @@ -10,7 +10,7 @@ <itemizedlist> - <listitem><para>Linux (i686, x86_64).</para></listitem> + <listitem><para>Linux (i686, x86_64, aarch64).</para></listitem> <listitem><para>macOS (x86_64).</para></listitem> diff --git a/doc/manual/installation/upgrading.xml b/doc/manual/installation/upgrading.xml new file mode 100644 index 000000000000..a3f86ade95cd --- /dev/null +++ b/doc/manual/installation/upgrading.xml @@ -0,0 +1,21 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="ch-upgrading-nix"> + + <title>Upgrading Nix</title> + + <para> + Multi-user Nix users on macOS can upgrade Nix by running + <command>sudo -i sh -c 'nix-channel --update && nix-env + -iA nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo + launchctl start org.nixos.nix-daemon</command>. + </para> + + <para> + Single-user installations of Nix should run <command>nix-channel + --update; nix-env -iA nixpkgs.nix</command>. + </para> + +</chapter> diff --git a/doc/manual/manual.xml b/doc/manual/manual.xml index b408b6817727..87d9de28ab14 100644 --- a/doc/manual/manual.xml +++ b/doc/manual/manual.xml @@ -32,6 +32,7 @@ <xi:include href="introduction/introduction.xml" /> <xi:include href="installation/installation.xml" /> + <xi:include href="installation/upgrading.xml" /> <xi:include href="packages/package-management.xml" /> <xi:include href="expressions/writing-nix-expressions.xml" /> <xi:include href="advanced-topics/advanced-topics.xml" /> diff --git a/doc/manual/release-notes/rl-2.1.xml b/doc/manual/release-notes/rl-2.1.xml index 9a5f37f6625d..16c243fc191a 100644 --- a/doc/manual/release-notes/rl-2.1.xml +++ b/doc/manual/release-notes/rl-2.1.xml @@ -4,7 +4,7 @@ version="5.0" xml:id="ssec-relnotes-2.1"> -<title>Release 2.1 (2018-08-31)</title> +<title>Release 2.1 (2018-09-02)</title> <para>This is primarily a bug fix release. It also reduces memory consumption in certain situations. In addition, it has the following @@ -13,6 +13,29 @@ new features:</para> <itemizedlist> <listitem> + <para>The Nix installer will no longer default to the Multi-User + installation for macOS. You can still <link + linkend="sect-multi-user-installation">instruct the installer to + run in multi-user mode</link>. + </para> + </listitem> + + <listitem> + <para>The Nix installer now supports performing a Multi-User + installation for Linux computers which are running systemd. You + can <link + linkend="sect-multi-user-installation">select a Multi-User installation</link> by passing the + <option>--daemon</option> flag to the installer: <command>sh <(curl + https://nixos.org/nix/install) --daemon</command>. + </para> + + <para>The multi-user installer cannot handle systems with SELinux. + If your system has SELinux enabled, you can <link + linkend="sect-single-user-installation">force the installer to run + in single-user mode</link>.</para> + </listitem> + + <listitem> <para>New builtin functions: <literal>builtins.bitAnd</literal>, <literal>builtins.bitOr</literal>, diff --git a/scripts/install-nix-from-closure.sh b/scripts/install-nix-from-closure.sh index cd71d7947d77..ab20774bbf03 100644 --- a/scripts/install-nix-from-closure.sh +++ b/scripts/install-nix-from-closure.sh @@ -30,15 +30,14 @@ if [ "$(uname -s)" = "Darwin" ]; then fi fi -# Determine if we should punt to the single-user installer or not +# Determine if we could use the multi-user installer or not if [ "$(uname -s)" = "Darwin" ]; then - INSTALL_MODE=daemon + echo "Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation" >&2 elif [ "$(uname -s)" = "Linux" ] && [ -e /run/systemd/system ]; then - INSTALL_MODE=daemon -else - INSTALL_MODE=no-daemon + echo "Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation" >&2 fi +INSTALL_MODE=no-daemon # Trivially handle the --daemon / --no-daemon options if [ "x${1:-}" = "x--no-daemon" ]; then INSTALL_MODE=no-daemon @@ -47,14 +46,18 @@ elif [ "x${1:-}" = "x--daemon" ]; then elif [ "x${1:-}" != "x" ]; then ( echo "Nix Installer [--daemon|--no-daemon]" + + echo "Choose installation method." echo "" - echo " --daemon: Force the installer to use the Daemon" - echo " based installer, even though it may not" - echo " work." + echo " --daemon: Installs and configures a background daemon that manages the store," + echo " providing multi-user support and better isolation for local builds." + echo " Both for security and reproducibility, this method is recommended if" + echo " supported on your platform." + echo " See https://nixos.org/nix/manual/#sect-multi-user-installation" echo "" - echo " --no-daemon: Force a no-daemon, single-user" - echo " installation even when the preferred" - echo " method is with the daemon." + echo " --no-daemon: Simple, single-user installation that does not require root and is" + echo " trivial to uninstall." + echo " (default)" echo "" ) >&2 exit diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index b4dcb35f951a..92aec63a0379 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -24,6 +24,7 @@ void builtinFetchurl(const BasicDerivation & drv, const std::string & netrcData) Path storePath = getAttr("out"); auto mainUrl = getAttr("url"); + bool unpack = get(drv.env, "unpack", "") == "1"; /* Note: have to use a fresh downloader here because we're in a forked process. */ @@ -40,12 +41,12 @@ void builtinFetchurl(const BasicDerivation & drv, const std::string & netrcData) request.decompress = false; auto decompressor = makeDecompressionSink( - hasSuffix(mainUrl, ".xz") ? "xz" : "none", sink); + unpack && hasSuffix(mainUrl, ".xz") ? "xz" : "none", sink); downloader->download(std::move(request), *decompressor); decompressor->finish(); }); - if (get(drv.env, "unpack", "") == "1") + if (unpack) restorePath(storePath, *source); else writeFile(storePath, *source); diff --git a/src/libstore/download.cc b/src/libstore/download.cc index 973fca0b130f..13913d031daa 100644 --- a/src/libstore/download.cc +++ b/src/libstore/download.cc @@ -345,7 +345,7 @@ struct CurlDownloader : public Downloader done = true; try { - act.progress(result.data->size(), result.data->size()); + act.progress(result.bodySize, result.bodySize); callback(std::move(result)); } catch (...) { done = true; diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 6bc64ae75a42..04c98dc80bf2 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -468,7 +468,7 @@ static Lazy<Path> getHome2([]() { std::vector<char> buf(16384); struct passwd pwbuf; struct passwd * pw; - if (getpwuid_r(getuid(), &pwbuf, buf.data(), buf.size(), &pw) != 0 + if (getpwuid_r(geteuid(), &pwbuf, buf.data(), buf.size(), &pw) != 0 || !pw || !pw->pw_dir || !pw->pw_dir[0]) throw Error("cannot determine user's home directory"); homeDir = pw->pw_dir; diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index 55ebda438965..2083d3df5cab 100755 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -169,7 +169,7 @@ int main(int argc, char ** argv) // Figure out the name of the channels profile. ; - auto pw = getpwuid(getuid()); + auto pw = getpwuid(geteuid()); std::string name = pw ? pw->pw_name : getEnv("USER", ""); if (name.empty()) throw Error("cannot figure out user name"); diff --git a/version b/version index 42f7d2336ea8..616187889b6f 100644 --- a/version +++ b/version @@ -1 +1 @@ -2.1 \ No newline at end of file +2.2 \ No newline at end of file |