diff options
Diffstat (limited to 'doc/manual/writing-nix-expressions.xml')
| -rw-r--r-- | doc/manual/writing-nix-expressions.xml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/manual/writing-nix-expressions.xml b/doc/manual/writing-nix-expressions.xml index 0c4a85837198..28b70b786154 100644 --- a/doc/manual/writing-nix-expressions.xml +++ b/doc/manual/writing-nix-expressions.xml @@ -1253,6 +1253,17 @@ command-line argument. See <xref linkend='sec-standard-environment' performed by looking for the hash parts of file names of the inputs.</para></listitem> + <listitem><para>After the build, Nix sets the last-modified + timestamp on all files in the build result to 0 (00:00:00 1/1/1970 + UTC), sets the group to the default group, and sets the mode of the + file to 0444 or 0555 (i.e., read-only, with execute permission + enabled if the file was originally executable). Note that possible + <literal>setuid</literal> and <literal>setgid</literal> bits are + cleared. Setuid and setgid programs are not currently supported by + Nix. This is because the Nix archives used in deployment have no + concept of ownership information, and because it makes the build + result dependent on the user performing the build.</para></listitem> + </itemizedlist> </para> |