mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-10 08:16:15 +02:00
261 lines
11 KiB
XML
261 lines
11 KiB
XML
|
<chapter xmlns="http://docbook.org/ns/docbook"
|
|||
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|||
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|||
|
version="5.0"
|
|||
|
xml:id="ssec-relnotes-0.11">
|
|||
|
|
|||
|
<title>Release 0.11 (December 31, 2007)</title>
|
|||
|
|
|||
|
<para>Nix 0.11 has many improvements over the previous stable release.
|
|||
|
The most important improvement is secure multi-user support. It also
|
|||
|
features many usability enhancements and language extensions, many of
|
|||
|
them prompted by NixOS, the purely functional Linux distribution based
|
|||
|
on Nix. Here is an (incomplete) list:</para>
|
|||
|
|
|||
|
|
|||
|
<itemizedlist>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Secure multi-user support. A single Nix store can
|
|||
|
now be shared between multiple (possible untrusted) users. This is
|
|||
|
an important feature for NixOS, where it allows non-root users to
|
|||
|
install software. The old setuid method for sharing a store between
|
|||
|
multiple users has been removed. Details for setting up a
|
|||
|
multi-user store can be found in the manual.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The new command <command>nix-copy-closure</command>
|
|||
|
gives you an easy and efficient way to exchange software between
|
|||
|
machines. It copies the missing parts of the closure of a set of
|
|||
|
store path to or from a remote machine via
|
|||
|
<command>ssh</command>.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>A new kind of string literal: strings between double
|
|||
|
single-quotes (<literal>''</literal>) have indentation
|
|||
|
“intelligently” removed. This allows large strings (such as shell
|
|||
|
scripts or configuration file fragments in NixOS) to cleanly follow
|
|||
|
the indentation of the surrounding expression. It also requires
|
|||
|
much less escaping, since <literal>''</literal> is less common in
|
|||
|
most languages than <literal>"</literal>.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env</command> <option>--set</option>
|
|||
|
modifies the current generation of a profile so that it contains
|
|||
|
exactly the specified derivation, and nothing else. For example,
|
|||
|
<literal>nix-env -p /nix/var/nix/profiles/browser --set
|
|||
|
firefox</literal> lets the profile named
|
|||
|
<filename>browser</filename> contain just Firefox.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env</command> now maintains
|
|||
|
meta-information about installed packages in profiles. The
|
|||
|
meta-information is the contents of the <varname>meta</varname>
|
|||
|
attribute of derivations, such as <varname>description</varname> or
|
|||
|
<varname>homepage</varname>. The command <literal>nix-env -q --xml
|
|||
|
--meta</literal> shows all meta-information.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env</command> now uses the
|
|||
|
<varname>meta.priority</varname> attribute of derivations to resolve
|
|||
|
filename collisions between packages. Lower priority values denote
|
|||
|
a higher priority. For instance, the GCC wrapper package and the
|
|||
|
Binutils package in Nixpkgs both have a file
|
|||
|
<filename>bin/ld</filename>, so previously if you tried to install
|
|||
|
both you would get a collision. Now, on the other hand, the GCC
|
|||
|
wrapper declares a higher priority than Binutils, so the former’s
|
|||
|
<filename>bin/ld</filename> is symlinked in the user
|
|||
|
environment.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env -i / -u</command>: instead of
|
|||
|
breaking package ties by version, break them by priority and version
|
|||
|
number. That is, if there are multiple packages with the same name,
|
|||
|
then pick the package with the highest priority, and only use the
|
|||
|
version if there are multiple packages with the same
|
|||
|
priority.</para>
|
|||
|
|
|||
|
<para>This makes it possible to mark specific versions/variant in
|
|||
|
Nixpkgs more or less desirable than others. A typical example would
|
|||
|
be a beta version of some package (e.g.,
|
|||
|
<literal>gcc-4.2.0rc1</literal>) which should not be installed even
|
|||
|
though it is the highest version, except when it is explicitly
|
|||
|
selected (e.g., <literal>nix-env -i
|
|||
|
gcc-4.2.0rc1</literal>).</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env --set-flag</command> allows meta
|
|||
|
attributes of installed packages to be modified. There are several
|
|||
|
attributes that can be usefully modified, because they affect the
|
|||
|
behaviour of <command>nix-env</command> or the user environment
|
|||
|
build script:
|
|||
|
|
|||
|
<itemizedlist>
|
|||
|
|
|||
|
<listitem><para><varname>meta.priority</varname> can be changed
|
|||
|
to resolve filename clashes (see above).</para></listitem>
|
|||
|
|
|||
|
<listitem><para><varname>meta.keep</varname> can be set to
|
|||
|
<literal>true</literal> to prevent the package from being
|
|||
|
upgraded or replaced. Useful if you want to hang on to an older
|
|||
|
version of a package.</para></listitem>
|
|||
|
|
|||
|
<listitem><para><varname>meta.active</varname> can be set to
|
|||
|
<literal>false</literal> to “disable” the package. That is, no
|
|||
|
symlinks will be generated to the files of the package, but it
|
|||
|
remains part of the profile (so it won’t be garbage-collected).
|
|||
|
Set it back to <literal>true</literal> to re-enable the
|
|||
|
package.</para></listitem>
|
|||
|
|
|||
|
</itemizedlist>
|
|||
|
|
|||
|
</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-env -q</command> now has a flag
|
|||
|
<option>--prebuilt-only</option> (<option>-b</option>) that causes
|
|||
|
<command>nix-env</command> to show only those derivations whose
|
|||
|
output is already in the Nix store or that can be substituted (i.e.,
|
|||
|
downloaded from somewhere). In other words, it shows the packages
|
|||
|
that can be installed “quickly”, i.e., don’t need to be built from
|
|||
|
source. The <option>-b</option> flag is also available in
|
|||
|
<command>nix-env -i</command> and <command>nix-env -u</command> to
|
|||
|
filter out derivations for which no pre-built binary is
|
|||
|
available.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The new option <option>--argstr</option> (in
|
|||
|
<command>nix-env</command>, <command>nix-instantiate</command> and
|
|||
|
<command>nix-build</command>) is like <option>--arg</option>, except
|
|||
|
that the value is a string. For example, <literal>--argstr system
|
|||
|
i686-linux</literal> is equivalent to <literal>--arg system
|
|||
|
\"i686-linux\"</literal> (note that <option>--argstr</option>
|
|||
|
prevents annoying quoting around shell arguments).</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-store</command> has a new operation
|
|||
|
<option>--read-log</option> (<option>-l</option>)
|
|||
|
<parameter>paths</parameter> that shows the build log of the given
|
|||
|
paths.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<!--
|
|||
|
<listitem><para>TODO: semantic cleanups of string concatenation
|
|||
|
etc. (mostly in r6740).</para></listitem>
|
|||
|
-->
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Nix now uses Berkeley DB 4.5. The database is
|
|||
|
upgraded automatically, but you should be careful not to use old
|
|||
|
versions of Nix that still use Berkeley DB 4.4.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<!-- foo
|
|||
|
<listitem><para>TODO: option <option>- -reregister</option> in
|
|||
|
<command>nix-store - -register-validity</command>.</para></listitem>
|
|||
|
-->
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The option <option>--max-silent-time</option>
|
|||
|
(corresponding to the configuration setting
|
|||
|
<literal>build-max-silent-time</literal>) allows you to set a
|
|||
|
timeout on builds — if a build produces no output on
|
|||
|
<literal>stdout</literal> or <literal>stderr</literal> for the given
|
|||
|
number of seconds, it is terminated. This is useful for recovering
|
|||
|
automatically from builds that are stuck in an infinite
|
|||
|
loop.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-channel</command>: each subscribed
|
|||
|
channel is its own attribute in the top-level expression generated
|
|||
|
for the channel. This allows disambiguation (e.g. <literal>nix-env
|
|||
|
-i -A nixpkgs_unstable.firefox</literal>).</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The substitutes table has been removed from the
|
|||
|
database. This makes operations such as <command>nix-pull</command>
|
|||
|
and <command>nix-channel --update</command> much, much
|
|||
|
faster.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-pull</command> now supports
|
|||
|
bzip2-compressed manifests. This speeds up
|
|||
|
channels.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-prefetch-url</command> now has a
|
|||
|
limited form of caching. This is used by
|
|||
|
<command>nix-channel</command> to prevent unnecessary downloads when
|
|||
|
the channel hasn’t changed.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><command>nix-prefetch-url</command> now by default
|
|||
|
computes the SHA-256 hash of the file instead of the MD5 hash. In
|
|||
|
calls to <function>fetchurl</function> you should pass the
|
|||
|
<literal>sha256</literal> attribute instead of
|
|||
|
<literal>md5</literal>. You can pass either a hexadecimal or a
|
|||
|
base-32 encoding of the hash.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Nix can now perform builds in an automatically
|
|||
|
generated “chroot”. This prevents a builder from accessing stuff
|
|||
|
outside of the Nix store, and thus helps ensure purity. This is an
|
|||
|
experimental feature.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The new command <command>nix-store
|
|||
|
--optimise</command> reduces Nix store disk space usage by finding
|
|||
|
identical files in the store and hard-linking them to each other.
|
|||
|
It typically reduces the size of the store by something like
|
|||
|
25-35%.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para><filename>~/.nix-defexpr</filename> can now be a
|
|||
|
directory, in which case the Nix expressions in that directory are
|
|||
|
combined into an attribute set, with the file names used as the
|
|||
|
names of the attributes. The command <command>nix-env
|
|||
|
--import</command> (which set the
|
|||
|
<filename>~/.nix-defexpr</filename> symlink) is
|
|||
|
removed.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Derivations can specify the new special attribute
|
|||
|
<varname>allowedReferences</varname> to enforce that the references
|
|||
|
in the output of a derivation are a subset of a declared set of
|
|||
|
paths. For example, if <varname>allowedReferences</varname> is an
|
|||
|
empty list, then the output must not have any references. This is
|
|||
|
used in NixOS to check that generated files such as initial ramdisks
|
|||
|
for booting Linux don’t have any dependencies.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>The new attribute
|
|||
|
<varname>exportReferencesGraph</varname> allows builders access to
|
|||
|
the references graph of their inputs. This is used in NixOS for
|
|||
|
tasks such as generating ISO-9660 images that contain a Nix store
|
|||
|
populated with the closure of certain paths.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Fixed-output derivations (like
|
|||
|
<function>fetchurl</function>) can define the attribute
|
|||
|
<varname>impureEnvVars</varname> to allow external environment
|
|||
|
variables to be passed to builders. This is used in Nixpkgs to
|
|||
|
support proxy configuration, among other things.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
<listitem><para>Several new built-in functions:
|
|||
|
<function>builtins.attrNames</function>,
|
|||
|
<function>builtins.filterSource</function>,
|
|||
|
<function>builtins.isAttrs</function>,
|
|||
|
<function>builtins.isFunction</function>,
|
|||
|
<function>builtins.listToAttrs</function>,
|
|||
|
<function>builtins.stringLength</function>,
|
|||
|
<function>builtins.sub</function>,
|
|||
|
<function>builtins.substring</function>,
|
|||
|
<function>throw</function>,
|
|||
|
<function>builtins.trace</function>,
|
|||
|
<function>builtins.readFile</function>.</para></listitem>
|
|||
|
|
|||
|
|
|||
|
</itemizedlist>
|
|||
|
|
|||
|
</chapter>
|