diff options
-rw-r--r-- | NEWS | 22 | ||||
-rw-r--r-- | doc/manual/introduction.xml | 9 | ||||
-rw-r--r-- | doc/manual/writing-nix-expressions.xml | 11 |
3 files changed, 41 insertions, 1 deletions
diff --git a/NEWS b/NEWS index 4384e60cc1c7..f3b34a4732fc 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,25 @@ +Version 0.7 + +* Binary patching. When upgrading components using pre-built binaries + (through nix-pull / nix-channel), Nix can automatically download and + apply binary patches to already installed components instead of full + downloads. Patching is "smart": if there is a *sequence* of patches + to an installed component, Nix will use it. Patches are currently + generated automatically between Nixpkgs (pre-)releases. + +* Simplifications to the substitute mechanism. + +* Nix-pull now stores downloaded manifests in /nix/var/nix/manifests. + +* Metadata on files in the Nix store is canonicalised after builds: + the last-modified timestamp is set to 0 (00:00:00 1/1/1970), the + mode is set to 0444 or 0555 (readable and possibly executable by + all; setuid/setgid bits are dropped), and the group is set to the + default. This ensures that the result of a build and an + installation through a substitute is the same; and that timestamp + dependencies are revealed. + + Version 0.6 Major changes include the following: diff --git a/doc/manual/introduction.xml b/doc/manual/introduction.xml index 35f18dee2ce9..5eb43f3d77c5 100644 --- a/doc/manual/introduction.xml +++ b/doc/manual/introduction.xml @@ -75,7 +75,7 @@ be adapted easily to achieve similar policies.</para></listitem> <listitem><para>Nix component builds aim to be <quote>pure</quote>; that is, unaffected by anything other than the declared dependencies. -This means that if a component was built succesfully once, it can be +This means that if a component was built successfully once, it can be rebuilt again on another machine and the result will be the same. We cannot <emphasis>guarantee</emphasis> this (e.g., if the build depends on the time-of-day), but Nix (and the tools in the Nix Packages @@ -113,6 +113,13 @@ software deployment also apply here: for instance, the ability trivially to have multiple configurations at the same time, or the ability to do rollbacks.</para></listitem> +<listitem><para>Nix can efficiently upgrade between different versions +of a component through <emphasis>binary patching</emphasis>. If +patches are available on a server, and you try to install a new +version of some component, Nix will automatically apply a patch (or +sequence of patches), if available, to transform the installed +component into the new version.</para></listitem> + </itemizedlist> </para> diff --git a/doc/manual/writing-nix-expressions.xml b/doc/manual/writing-nix-expressions.xml index 0c4a85837198..28b70b786154 100644 --- a/doc/manual/writing-nix-expressions.xml +++ b/doc/manual/writing-nix-expressions.xml @@ -1253,6 +1253,17 @@ command-line argument. See <xref linkend='sec-standard-environment' performed by looking for the hash parts of file names of the inputs.</para></listitem> + <listitem><para>After the build, Nix sets the last-modified + timestamp on all files in the build result to 0 (00:00:00 1/1/1970 + UTC), sets the group to the default group, and sets the mode of the + file to 0444 or 0555 (i.e., read-only, with execute permission + enabled if the file was originally executable). Note that possible + <literal>setuid</literal> and <literal>setgid</literal> bits are + cleared. Setuid and setgid programs are not currently supported by + Nix. This is because the Nix archives used in deployment have no + concept of ownership information, and because it makes the build + result dependent on the user performing the build.</para></listitem> + </itemizedlist> </para> |