about summary refs log tree commit diff
path: root/doc/manual/installation.xml
blob: 2642bca1d7474e100c10bf570823c0ca44238a78 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
<?xml version="1.0" encoding="utf-8"?>
<chapter xmlns="http://docbook.org/ns/docbook"
         xmlns:xlink="http://www.w3.org/1999/xlink"
         xml:id="chap-installation">

<title>Installation</title>


<section><title>Obtaining Nix</title>

<para>The easiest way to obtain Nix is to download a <link
xlink:href="http://www.cs.uu.nl/groups/ST/Trace/Nix">source
distribution</link>.  RPMs for Red Hat, SuSE, and Fedora Core are also
available.</para>

<para>Alternatively, the most recent sources of Nix can be obtained
from its <link
xlink:href="https://svn.cs.uu.nl:12443/repos/trace/nix/trunk">Subversion
repository</link>.  For example, the following command will check out
the latest revision into a directory called
<filename>nix</filename>:</para>

<screen>
$ svn checkout https://svn.cs.uu.nl:12443/repos/trace/nix/trunk nix</screen>

<para>Likewise, specific releases can be obtained from the <link
xlink:href="https://svn.cs.uu.nl:12443/repos/trace/nix/tags">tags
directory</link> of the repository.  If you don't have Subversion, you
can also download an automatically generated <link
xlink:href="https://svn.cs.uu.nl:12443/dist/trace/">compressed
tar-file</link> of the head revision of the trunk.</para>

</section>


<section><title>Prerequisites</title>

<para><emphasis>The following prerequisites only apply when you build
from source</emphasis>.  Binary releases (e.g., RPMs) have no
prerequisites.</para>

<para>A fairly recent version of GCC/G++ is required.  Version 2.95
and higher should work.</para>

<para>To build this manual and the man-pages you need the
<command>xmllint</command> and <command>xsltproc</command> programs,
which are part of the <literal>libxml2</literal> and
<literal>libxslt</literal> packages, respectively.  You also need the
<link
xlink:href="http://docbook.sourceforge.net/projects/xsl/">DocBook XSL
stylesheets</link> and optionally the <link
xlink:href="http://www.docbook.org/schemas/5x"> DocBook 5.0 RELAX NG
schemas</link>.  Note that these are only required if you modify the
manual sources or when you are building from the Subversion
repository.</para>

<para>To build the parser, very <emphasis>recent</emphasis> versions
of Bison and Flex are required.  (This is because Nix needs GLR
support in Bison and reentrancy support in Flex.)  For Bison, you need
version 2.3 or higher (1.875 does <emphasis>not</emphasis> work),
which can be obtained from
the <link xlink:href="ftp://alpha.gnu.org/pub/gnu/bison">GNU FTP
server</link>.  For Flex, you need version 2.5.33, which is available
on <link xlink:href="http://lex.sourceforge.net/">SourceForge</link>.
Slightly older versions may also work, but ancient versions like the
ubiquitous 2.5.4a won't.  Note that these are only required if you
modify the parser or when you are building from the Subversion
repository.</para>

<para>Nix uses Sleepycat's Berkeley DB and CWI's ATerm library.  These
are included in the Nix source distribution.  If you build from the
Subversion repository, you must download them yourself and place them
in the <filename>externals/</filename> directory.  See
<filename>externals/Makefile.am</filename> for the precise URLs of
these packages.  Alternatively, if you already have them installed,
you can use <command>configure</command>'s <option>--with-bdb</option>
and <option>--with-aterm</option> options to point to their respective
locations.  Note that Berkeley DB <emphasis>must</emphasis> be version
4.5; other versions may not have compatible database formats.</para>

</section>


<section><title>Building Nix from source</title>

<para>After unpacking or checking out the Nix sources, issue the
following commands:
    </para>

<screen>
$ ./configure <replaceable>options...</replaceable>
$ make
$ make install</screen>

<para>When building from the Subversion repository, these should be
preceded by the command:
    </para>

<screen>
$ autoreconf -i</screen>

<para>The installation path can be specified by passing the
<option>--prefix=<replaceable>prefix</replaceable></option> to
<command>configure</command>.  The default installation directory is
<filename>/nix</filename>.  You can change this to any location you
like.  You must have write permission to the
<replaceable>prefix</replaceable> path.</para>

<warning><para>It is best <emphasis>not</emphasis> to change the
installation prefix from its default, since doing so makes it
impossible to use pre-built binaries from the standard Nixpkgs
channels.</para></warning>

<para>If you want to rebuilt the documentation, pass the full path to
the DocBook RELAX NG schemas and to the DocBook XSL stylesheets using
the
<option>--with-docbook-rng=<replaceable>path</replaceable></option>
and
<option>--with-docbook-xsl=<replaceable>path</replaceable></option>
options.</para>

</section>


<section><title>Installing from RPMs</title>

<para>RPM packages of Nix can be downloaded from <uri
xlink:href="http://www.cs.uu.nl/groups/ST/Trace/Nix">http://www.cs.uu.nl/groups/ST/Trace/Nix</uri>.
These RPMs should work for most fairly recent releases of SuSE and Red
Hat Linux.  They have been known to work work on SuSE Linux 8.1 and
9.0, and Red Hat 9.0.  In fact, it should work on any RPM-based Linux
distribution based on <literal>glibc</literal> 2.3 or later.</para>

<para>Once downloaded, the RPMs can be installed or upgraded using
<command>rpm -U</command>.  For example,</para>

<screen>
$ rpm -U nix-0.5pre664-1.i386.rpm</screen>

<para>The RPMs install into the directory <filename>/nix</filename>.
Nix can be uninstalled using <command>rpm -e nix</command>.  After
this it will be necessary to manually remove the Nix store and other
auxiliary data:</para>

<screen>
$ rm -rf /nix/store
$ rm -rf /nix/var</screen>

</section>


<section><title>Upgrading Nix through Nix</title>

<para>You can install the latest stable version of Nix through Nix
itself by subscribing to the channel <link
xlink:href="http://nix.cs.uu.nl/dist/nix/channels-v3/nix-stable" />,
or the latest unstable version by subscribing to the channel<link
xlink:href="http://nix.cs.uu.nl/dist/nix/channels-v3/nix-unstable" />.
You can also do a <link linkend="sec-one-click">one-click
installation</link> by clicking on the package links at <link
xlink:href="http://nix.cs.uu.nl/dist/nix/" />.</para>

</section>


<section><title>Permissions</title>

<para>All Nix operations must be performed under the user ID that owns
the Nix store and database
(<filename><replaceable>prefix</replaceable>/store</filename> and
<filename><replaceable>prefix</replaceable>/var/nix/db</filename>,
respectively).  When installed from the RPM packages, these
directories are owned by <systemitem class="username">root</systemitem>.</para>

<section><title>Setuid installation</title>

<para>As a somewhat <emphasis>ad hoc</emphasis> hack, you can also
install the Nix binaries <quote>setuid</quote> so that a Nix store can
be shared among several users.  To do this, configure Nix with the
<emphasis>--enable-setuid</emphasis> option.  Nix will be installed as
owned by a user and group specified by the
<option>--with-nix-user=</option><parameter>user</parameter> and
<option>--with-nix-group=</option><parameter>group</parameter>
options.  E.g.,

<screen>
$ ./configure --enable-setuid --with-nix-user=my_nix_user --with-nix-group=my_nix_group</screen>

The user and group default to <literal>nix</literal>.  You should make
sure that both the user and the group exist.  Any <quote>real</quote>
users that you want to allow access should be added to the Nix
group.</para>

<warning><para>A setuid installation should only by used if the users
in the Nix group are mutually trusted, since any user in that group
has the ability to change anything in the Nix store or database.  For
instance, they could install a trojan horse in executables used by
other users.</para></warning>

<warning><para>On some platforms, the Nix binaries will be installed
as setuid <literal>root</literal>.  They drop root privileges
immediately after startup and switch to the Nix user.  The reason for
this is that both the real and effective user must be set to the Nix
user, and POSIX has no system call to do this.  This is not the case
on systems that have the <function>setresuid()</function> system call
(such as Linux and FreeBSD), so on those systems the binaries are
simply owned by the Nix user.</para></warning>



<!--

warning: the nix-builders group should contain *only* the Nix
builders, and nothing else.  If the Nix account is compromised, you
can execute programs under the accounts in the nix-builders group, so
it obviously shouldn’t contain any “real” user accounts.  So don’t use
an existing group like <literal>users</literal> — just create a new
one.

-->



</section>

</section>


<section><title>Using Nix</title>

<para>To use Nix, some environment variables should be set.  In
particular, <envar>PATH</envar> should contain the directories
<filename><replaceable>prefix</replaceable>/bin</filename> and
<filename>~/.nix-profile/bin</filename>.  The first directory contains
the Nix tools themselves, while <filename>~/.nix-profile</filename> is
a symbolic link to the current <emphasis>user environment</emphasis>
(an automatically generated package consisting of symlinks to
installed packages).  The simplest way to set the required environment
variables is to include the file
<filename><replaceable>prefix</replaceable>/etc/profile.d/nix.sh</filename>
in your <filename>~/.bashrc</filename> (or similar), like this:</para>

<screen>
source <replaceable>prefix</replaceable>/etc/profile.d/nix.sh</screen>

</section>


</chapter>