7994fd1d54
git-subtree-dir: third_party/nix
git-subtree-mainline: cf8cd640c1
git-subtree-split: be66c7a6b24e3c3c6157fd37b86c7203d14acf10
261 lines
11 KiB
XML
261 lines
11 KiB
XML
<section xmlns="http://docbook.org/ns/docbook"
|
||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||
version="5.0"
|
||
xml:id="ssec-relnotes-0.11">
|
||
|
||
<title>Release 0.11 (2007-12-31)</title>
|
||
|
||
<para>Nix 0.11 has many improvements over the previous stable release.
|
||
The most important improvement is secure multi-user support. It also
|
||
features many usability enhancements and language extensions, many of
|
||
them prompted by NixOS, the purely functional Linux distribution based
|
||
on Nix. Here is an (incomplete) list:</para>
|
||
|
||
|
||
<itemizedlist>
|
||
|
||
|
||
<listitem><para>Secure multi-user support. A single Nix store can
|
||
now be shared between multiple (possible untrusted) users. This is
|
||
an important feature for NixOS, where it allows non-root users to
|
||
install software. The old setuid method for sharing a store between
|
||
multiple users has been removed. Details for setting up a
|
||
multi-user store can be found in the manual.</para></listitem>
|
||
|
||
|
||
<listitem><para>The new command <command>nix-copy-closure</command>
|
||
gives you an easy and efficient way to exchange software between
|
||
machines. It copies the missing parts of the closure of a set of
|
||
store path to or from a remote machine via
|
||
<command>ssh</command>.</para></listitem>
|
||
|
||
|
||
<listitem><para>A new kind of string literal: strings between double
|
||
single-quotes (<literal>''</literal>) have indentation
|
||
“intelligently” removed. This allows large strings (such as shell
|
||
scripts or configuration file fragments in NixOS) to cleanly follow
|
||
the indentation of the surrounding expression. It also requires
|
||
much less escaping, since <literal>''</literal> is less common in
|
||
most languages than <literal>"</literal>.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env</command> <option>--set</option>
|
||
modifies the current generation of a profile so that it contains
|
||
exactly the specified derivation, and nothing else. For example,
|
||
<literal>nix-env -p /nix/var/nix/profiles/browser --set
|
||
firefox</literal> lets the profile named
|
||
<filename>browser</filename> contain just Firefox.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env</command> now maintains
|
||
meta-information about installed packages in profiles. The
|
||
meta-information is the contents of the <varname>meta</varname>
|
||
attribute of derivations, such as <varname>description</varname> or
|
||
<varname>homepage</varname>. The command <literal>nix-env -q --xml
|
||
--meta</literal> shows all meta-information.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env</command> now uses the
|
||
<varname>meta.priority</varname> attribute of derivations to resolve
|
||
filename collisions between packages. Lower priority values denote
|
||
a higher priority. For instance, the GCC wrapper package and the
|
||
Binutils package in Nixpkgs both have a file
|
||
<filename>bin/ld</filename>, so previously if you tried to install
|
||
both you would get a collision. Now, on the other hand, the GCC
|
||
wrapper declares a higher priority than Binutils, so the former’s
|
||
<filename>bin/ld</filename> is symlinked in the user
|
||
environment.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env -i / -u</command>: instead of
|
||
breaking package ties by version, break them by priority and version
|
||
number. That is, if there are multiple packages with the same name,
|
||
then pick the package with the highest priority, and only use the
|
||
version if there are multiple packages with the same
|
||
priority.</para>
|
||
|
||
<para>This makes it possible to mark specific versions/variant in
|
||
Nixpkgs more or less desirable than others. A typical example would
|
||
be a beta version of some package (e.g.,
|
||
<literal>gcc-4.2.0rc1</literal>) which should not be installed even
|
||
though it is the highest version, except when it is explicitly
|
||
selected (e.g., <literal>nix-env -i
|
||
gcc-4.2.0rc1</literal>).</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env --set-flag</command> allows meta
|
||
attributes of installed packages to be modified. There are several
|
||
attributes that can be usefully modified, because they affect the
|
||
behaviour of <command>nix-env</command> or the user environment
|
||
build script:
|
||
|
||
<itemizedlist>
|
||
|
||
<listitem><para><varname>meta.priority</varname> can be changed
|
||
to resolve filename clashes (see above).</para></listitem>
|
||
|
||
<listitem><para><varname>meta.keep</varname> can be set to
|
||
<literal>true</literal> to prevent the package from being
|
||
upgraded or replaced. Useful if you want to hang on to an older
|
||
version of a package.</para></listitem>
|
||
|
||
<listitem><para><varname>meta.active</varname> can be set to
|
||
<literal>false</literal> to “disable” the package. That is, no
|
||
symlinks will be generated to the files of the package, but it
|
||
remains part of the profile (so it won’t be garbage-collected).
|
||
Set it back to <literal>true</literal> to re-enable the
|
||
package.</para></listitem>
|
||
|
||
</itemizedlist>
|
||
|
||
</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-env -q</command> now has a flag
|
||
<option>--prebuilt-only</option> (<option>-b</option>) that causes
|
||
<command>nix-env</command> to show only those derivations whose
|
||
output is already in the Nix store or that can be substituted (i.e.,
|
||
downloaded from somewhere). In other words, it shows the packages
|
||
that can be installed “quickly”, i.e., don’t need to be built from
|
||
source. The <option>-b</option> flag is also available in
|
||
<command>nix-env -i</command> and <command>nix-env -u</command> to
|
||
filter out derivations for which no pre-built binary is
|
||
available.</para></listitem>
|
||
|
||
|
||
<listitem><para>The new option <option>--argstr</option> (in
|
||
<command>nix-env</command>, <command>nix-instantiate</command> and
|
||
<command>nix-build</command>) is like <option>--arg</option>, except
|
||
that the value is a string. For example, <literal>--argstr system
|
||
i686-linux</literal> is equivalent to <literal>--arg system
|
||
\"i686-linux\"</literal> (note that <option>--argstr</option>
|
||
prevents annoying quoting around shell arguments).</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-store</command> has a new operation
|
||
<option>--read-log</option> (<option>-l</option>)
|
||
<parameter>paths</parameter> that shows the build log of the given
|
||
paths.</para></listitem>
|
||
|
||
|
||
<!--
|
||
<listitem><para>TODO: semantic cleanups of string concatenation
|
||
etc. (mostly in r6740).</para></listitem>
|
||
-->
|
||
|
||
|
||
<listitem><para>Nix now uses Berkeley DB 4.5. The database is
|
||
upgraded automatically, but you should be careful not to use old
|
||
versions of Nix that still use Berkeley DB 4.4.</para></listitem>
|
||
|
||
|
||
<!-- foo
|
||
<listitem><para>TODO: option <option>- -reregister</option> in
|
||
<command>nix-store - -register-validity</command>.</para></listitem>
|
||
-->
|
||
|
||
|
||
<listitem><para>The option <option>--max-silent-time</option>
|
||
(corresponding to the configuration setting
|
||
<literal>build-max-silent-time</literal>) allows you to set a
|
||
timeout on builds — if a build produces no output on
|
||
<literal>stdout</literal> or <literal>stderr</literal> for the given
|
||
number of seconds, it is terminated. This is useful for recovering
|
||
automatically from builds that are stuck in an infinite
|
||
loop.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-channel</command>: each subscribed
|
||
channel is its own attribute in the top-level expression generated
|
||
for the channel. This allows disambiguation (e.g. <literal>nix-env
|
||
-i -A nixpkgs_unstable.firefox</literal>).</para></listitem>
|
||
|
||
|
||
<listitem><para>The substitutes table has been removed from the
|
||
database. This makes operations such as <command>nix-pull</command>
|
||
and <command>nix-channel --update</command> much, much
|
||
faster.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-pull</command> now supports
|
||
bzip2-compressed manifests. This speeds up
|
||
channels.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-prefetch-url</command> now has a
|
||
limited form of caching. This is used by
|
||
<command>nix-channel</command> to prevent unnecessary downloads when
|
||
the channel hasn’t changed.</para></listitem>
|
||
|
||
|
||
<listitem><para><command>nix-prefetch-url</command> now by default
|
||
computes the SHA-256 hash of the file instead of the MD5 hash. In
|
||
calls to <function>fetchurl</function> you should pass the
|
||
<literal>sha256</literal> attribute instead of
|
||
<literal>md5</literal>. You can pass either a hexadecimal or a
|
||
base-32 encoding of the hash.</para></listitem>
|
||
|
||
|
||
<listitem><para>Nix can now perform builds in an automatically
|
||
generated “chroot”. This prevents a builder from accessing stuff
|
||
outside of the Nix store, and thus helps ensure purity. This is an
|
||
experimental feature.</para></listitem>
|
||
|
||
|
||
<listitem><para>The new command <command>nix-store
|
||
--optimise</command> reduces Nix store disk space usage by finding
|
||
identical files in the store and hard-linking them to each other.
|
||
It typically reduces the size of the store by something like
|
||
25-35%.</para></listitem>
|
||
|
||
|
||
<listitem><para><filename>~/.nix-defexpr</filename> can now be a
|
||
directory, in which case the Nix expressions in that directory are
|
||
combined into an attribute set, with the file names used as the
|
||
names of the attributes. The command <command>nix-env
|
||
--import</command> (which set the
|
||
<filename>~/.nix-defexpr</filename> symlink) is
|
||
removed.</para></listitem>
|
||
|
||
|
||
<listitem><para>Derivations can specify the new special attribute
|
||
<varname>allowedReferences</varname> to enforce that the references
|
||
in the output of a derivation are a subset of a declared set of
|
||
paths. For example, if <varname>allowedReferences</varname> is an
|
||
empty list, then the output must not have any references. This is
|
||
used in NixOS to check that generated files such as initial ramdisks
|
||
for booting Linux don’t have any dependencies.</para></listitem>
|
||
|
||
|
||
<listitem><para>The new attribute
|
||
<varname>exportReferencesGraph</varname> allows builders access to
|
||
the references graph of their inputs. This is used in NixOS for
|
||
tasks such as generating ISO-9660 images that contain a Nix store
|
||
populated with the closure of certain paths.</para></listitem>
|
||
|
||
|
||
<listitem><para>Fixed-output derivations (like
|
||
<function>fetchurl</function>) can define the attribute
|
||
<varname>impureEnvVars</varname> to allow external environment
|
||
variables to be passed to builders. This is used in Nixpkgs to
|
||
support proxy configuration, among other things.</para></listitem>
|
||
|
||
|
||
<listitem><para>Several new built-in functions:
|
||
<function>builtins.attrNames</function>,
|
||
<function>builtins.filterSource</function>,
|
||
<function>builtins.isAttrs</function>,
|
||
<function>builtins.isFunction</function>,
|
||
<function>builtins.listToAttrs</function>,
|
||
<function>builtins.stringLength</function>,
|
||
<function>builtins.sub</function>,
|
||
<function>builtins.substring</function>,
|
||
<function>throw</function>,
|
||
<function>builtins.trace</function>,
|
||
<function>builtins.readFile</function>.</para></listitem>
|
||
|
||
|
||
</itemizedlist>
|
||
|
||
</section>
|