about summary refs log tree commit diff
path: root/doc/manual
diff options
context:
space:
mode:
Diffstat (limited to 'doc/manual')
-rw-r--r--doc/manual/introduction.xml9
-rw-r--r--doc/manual/writing-nix-expressions.xml11
2 files changed, 19 insertions, 1 deletions
diff --git a/doc/manual/introduction.xml b/doc/manual/introduction.xml
index 35f18dee2ce9..5eb43f3d77c5 100644
--- a/doc/manual/introduction.xml
+++ b/doc/manual/introduction.xml
@@ -75,7 +75,7 @@ be adapted easily to achieve similar policies.</para></listitem>
 
 <listitem><para>Nix component builds aim to be <quote>pure</quote>;
 that is, unaffected by anything other than the declared dependencies.
-This means that if a component was built succesfully once, it can be
+This means that if a component was built successfully once, it can be
 rebuilt again on another machine and the result will be the same.  We
 cannot <emphasis>guarantee</emphasis> this (e.g., if the build depends
 on the time-of-day), but Nix (and the tools in the Nix Packages
@@ -113,6 +113,13 @@ software deployment also apply here: for instance, the ability
 trivially to have multiple configurations at the same time, or the
 ability to do rollbacks.</para></listitem>
 
+<listitem><para>Nix can efficiently upgrade between different versions
+of a component through <emphasis>binary patching</emphasis>.  If
+patches are available on a server, and you try to install a new
+version of some component, Nix will automatically apply a patch (or
+sequence of patches), if available, to transform the installed
+component into the new version.</para></listitem> 
+
 </itemizedlist>
 
 </para>
diff --git a/doc/manual/writing-nix-expressions.xml b/doc/manual/writing-nix-expressions.xml
index 0c4a85837198..28b70b786154 100644
--- a/doc/manual/writing-nix-expressions.xml
+++ b/doc/manual/writing-nix-expressions.xml
@@ -1253,6 +1253,17 @@ command-line argument.  See <xref linkend='sec-standard-environment'
   performed by looking for the hash parts of file names of the
   inputs.</para></listitem>
 
+  <listitem><para>After the build, Nix sets the last-modified
+  timestamp on all files in the build result to 0 (00:00:00 1/1/1970
+  UTC), sets the group to the default group, and sets the mode of the
+  file to 0444 or 0555 (i.e., read-only, with execute permission
+  enabled if the file was originally executable).  Note that possible
+  <literal>setuid</literal> and <literal>setgid</literal> bits are
+  cleared.  Setuid and setgid programs are not currently supported by
+  Nix.  This is because the Nix archives used in deployment have no
+  concept of ownership information, and because it makes the build
+  result dependent on the user performing the build.</para></listitem>
+
 </itemizedlist>
 
 </para>