From f66fa7cd20731ab08be72e016cc5b912940cd1db Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sat, 1 Sep 2018 08:56:53 -0400 Subject: [PATCH 1/5] We support aarch64 now --- doc/manual/installation/supported-platforms.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/installation/supported-platforms.xml b/doc/manual/installation/supported-platforms.xml index 6858573ff..3e74be49d 100644 --- a/doc/manual/installation/supported-platforms.xml +++ b/doc/manual/installation/supported-platforms.xml @@ -10,7 +10,7 @@ - Linux (i686, x86_64). + Linux (i686, x86_64, aarch64). macOS (x86_64). From c3e508d9245f9439343d88d827c2d7c369ebfc88 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 31 Aug 2018 11:47:00 -0400 Subject: [PATCH 2/5] Document the multi-user installer some Use sh <(...) syntax for installation to preserve stdin and prompting also update installation docs to account for changes in multi-user selection --- doc/manual/installation/env-variables.xml | 2 +- doc/manual/installation/installing-binary.xml | 192 +++++++++++++----- 2 files changed, 147 insertions(+), 47 deletions(-) diff --git a/doc/manual/installation/env-variables.xml b/doc/manual/installation/env-variables.xml index 91ecd114f..d1ee0bb2e 100644 --- a/doc/manual/installation/env-variables.xml +++ b/doc/manual/installation/env-variables.xml @@ -39,7 +39,7 @@ bundle. Set the environment variable and install Nix $ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt -$ curl https://nixos.org/nix/install | sh +$ sh <(curl https://nixos.org/nix/install) In the shell profile and rc files (for example, diff --git a/doc/manual/installation/installing-binary.xml b/doc/manual/installation/installing-binary.xml index 7e8dfb0db..394d8053b 100644 --- a/doc/manual/installation/installing-binary.xml +++ b/doc/manual/installation/installing-binary.xml @@ -6,13 +6,30 @@ Installing a Binary Distribution -If you are using Linux or macOS, the easiest way to install -Nix is to run the following command: +If you are using Linux or macOS, the easiest way to install Nix +is to run the following command: -$ bash <(curl https://nixos.org/nix/install) + $ sh <(curl https://nixos.org/nix/install) +As of Nix 2.1.0, the Nix installer will always default to creating a +single-user installation, however opting in to the multi-user +installation is highly recommended. + + +
+ Single User Installation + + + To explicitly select a single-user installation on your system: + + + sh <(curl https://nixos.org/nix/install) --no-daemon + + + + This will perform a single-user installation of Nix, meaning that /nix is owned by the invoking user. You should run this under your usual user account, not as @@ -33,51 +50,8 @@ and .profile to source the NIX_INSTALLER_NO_MODIFY_PROFILE environment variable before executing the install script to disable this behaviour. - - - -You can also download a binary tarball that contains Nix and all -its dependencies. (This is what the install script at -https://nixos.org/nix/install does automatically.) You -should unpack it somewhere (e.g. in /tmp), and -then run the script named install inside the binary -tarball: - - -alice$ cd /tmp -alice$ tar xfj nix-1.8-x86_64-darwin.tar.bz2 -alice$ cd nix-1.8-x86_64-darwin -alice$ ./install - - - You can uninstall Nix simply by running: @@ -86,5 +60,131 @@ $ rm -rf /nix +
+
+ Multi User Installation + + The multi-user Nix installation creates system users, and a system + service for the Nix daemon. + + + + Supported Systems + + + Linux running systemd, with SELinux disabled + + macOS + + + + You can instruct the installer to perform a multi-user + installation on your system: + + + sh <(curl https://nixos.org/nix/install) --daemon + + + + + The multi-user installation of Nix will create build users between + the user IDs 30001 and 30032, and a group with the group ID 30000. + + You should run this under your usual user account, + not as root. The script will invoke + sudo as needed. + + + + If you need Nix to use a different group ID or user ID set, you + will have to download the tarball manually and edit the install + script. + + + + The installer will modify /etc/bashrc, and + /etc/zshrc if they exist. The installer will + first back up these files with a + .backup-before-nix extension. The installer + will also create /etc/profile.d/nix.sh. + + + You can uninstall Nix with the following commands: + + +sudo rm -rf /etc/profile/nix.sh /etc/nix /nix ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels + +# If you are on Linux with systemd, you will need to run: +sudo systemctl stop nix-daemon.socket +sudo systemctl stop nix-daemon.service +sudo systemctl disable nix-daemon.socket +sudo systemctl disable nix-daemon.service +sudo systemctl daemon-reload + +# If you are on macOS, you will need to run: +sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist +sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist + + + There may also be references to Nix in + /etc/profile, + /etc/bashrc, and + /etc/zshrc which you may remove. + + +
+ +
+ Installing a pinned Nix version from a URL + + + NixOS.org hosts version-specific installation URLs for all Nix + versions since 1.11.16, at + https://nixos.org/releases/nix/nix-VERSION/install. + + + + These install scripts can be used the same as the main + NixOS.org installation script: + + + sh <(curl https://nixos.org/nix/install) + + + + + In the same directory of the install script are sha256 sums, and + gpg signature files. + +
+ +
+ Installing from a binary tarball + + + You can also download a binary tarball that contains Nix and all + its dependencies. (This is what the install script at + https://nixos.org/nix/install does automatically.) You + should unpack it somewhere (e.g. in /tmp), + and then run the script named install inside + the binary tarball: + + + +alice$ cd /tmp +alice$ tar xfj nix-1.8-x86_64-darwin.tar.bz2 +alice$ cd nix-1.8-x86_64-darwin +alice$ ./install + + + + + If you need to edit the multi-user installation script to use + different group ID or a different user ID range, modify the + variables set in the file named + install-multi-user. + +
From 51f9682a8b16c4f97856510c1cc99576326c9192 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sat, 1 Sep 2018 08:51:32 -0400 Subject: [PATCH 3/5] Default to single-user install --- scripts/install-nix-from-closure.sh | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/scripts/install-nix-from-closure.sh b/scripts/install-nix-from-closure.sh index cd71d7947..ab20774bb 100644 --- a/scripts/install-nix-from-closure.sh +++ b/scripts/install-nix-from-closure.sh @@ -30,15 +30,14 @@ if [ "$(uname -s)" = "Darwin" ]; then fi fi -# Determine if we should punt to the single-user installer or not +# Determine if we could use the multi-user installer or not if [ "$(uname -s)" = "Darwin" ]; then - INSTALL_MODE=daemon + echo "Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation" >&2 elif [ "$(uname -s)" = "Linux" ] && [ -e /run/systemd/system ]; then - INSTALL_MODE=daemon -else - INSTALL_MODE=no-daemon + echo "Note: a multi-user installation is possible. See https://nixos.org/nix/manual/#sect-multi-user-installation" >&2 fi +INSTALL_MODE=no-daemon # Trivially handle the --daemon / --no-daemon options if [ "x${1:-}" = "x--no-daemon" ]; then INSTALL_MODE=no-daemon @@ -47,14 +46,18 @@ elif [ "x${1:-}" = "x--daemon" ]; then elif [ "x${1:-}" != "x" ]; then ( echo "Nix Installer [--daemon|--no-daemon]" + + echo "Choose installation method." echo "" - echo " --daemon: Force the installer to use the Daemon" - echo " based installer, even though it may not" - echo " work." + echo " --daemon: Installs and configures a background daemon that manages the store," + echo " providing multi-user support and better isolation for local builds." + echo " Both for security and reproducibility, this method is recommended if" + echo " supported on your platform." + echo " See https://nixos.org/nix/manual/#sect-multi-user-installation" echo "" - echo " --no-daemon: Force a no-daemon, single-user" - echo " installation even when the preferred" - echo " method is with the daemon." + echo " --no-daemon: Simple, single-user installation that does not require root and is" + echo " trivial to uninstall." + echo " (default)" echo "" ) >&2 exit From 4be7652dd3c577ce0890ee849c041e4cb59a3db7 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 31 Aug 2018 11:47:42 -0400 Subject: [PATCH 4/5] release notes: note that the multi-user installer is available but not selected for Linux with systemd, and the bug about selinux --- doc/manual/release-notes/rl-2.1.xml | 30 +++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/doc/manual/release-notes/rl-2.1.xml b/doc/manual/release-notes/rl-2.1.xml index 9a5f37f66..20a8e4ea6 100644 --- a/doc/manual/release-notes/rl-2.1.xml +++ b/doc/manual/release-notes/rl-2.1.xml @@ -49,8 +49,38 @@ new features:
nix-support/propagated-user-env-packages.
+ + The Nix installer will no longer default to the Multi-User + installation for macOS. You can still instruct the installer to + run in multi-user mode. + + + + + The Nix installer now supports performing a Multi-User + installation for Linux computers which are running systemd. You + can select a Multi-User installation by passing the + flag to the installer: sh <(curl + https://nixos.org/nix/install) --daemon. + + + The multi-user installer cannot handle systems with SELinux. + If your system has SELinux enabled, you can force the installer to run + in single-user mode. + +
+ + Multi-user Nix users on macOS can upgrade Nix by running + sudo -i sh -c 'nix-channel --update && nix-env -iA + nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo + launchctl start org.nixos.nix-daemon. + + This release has contributions from Adrien Devresse, From c42eaaf684a6b1f7358d33cfaea1614885467d72 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sat, 1 Sep 2018 15:35:46 -0400 Subject: [PATCH 5/5] Create upgrade notes --- doc/manual/installation/upgrading.xml | 21 +++++++++++++++++++++ doc/manual/manual.xml | 1 + doc/manual/release-notes/rl-2.1.xml | 7 ------- 3 files changed, 22 insertions(+), 7 deletions(-) create mode 100644 doc/manual/installation/upgrading.xml diff --git a/doc/manual/installation/upgrading.xml b/doc/manual/installation/upgrading.xml new file mode 100644 index 000000000..a3f86ade9 --- /dev/null +++ b/doc/manual/installation/upgrading.xml @@ -0,0 +1,21 @@ + + + Upgrading Nix + + + Multi-user Nix users on macOS can upgrade Nix by running + sudo -i sh -c 'nix-channel --update && nix-env + -iA nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo + launchctl start org.nixos.nix-daemon. + + + + Single-user installations of Nix should run nix-channel + --update; nix-env -iA nixpkgs.nix. + + + diff --git a/doc/manual/manual.xml b/doc/manual/manual.xml index b408b6817..87d9de28a 100644 --- a/doc/manual/manual.xml +++ b/doc/manual/manual.xml @@ -32,6 +32,7 @@ + diff --git a/doc/manual/release-notes/rl-2.1.xml b/doc/manual/release-notes/rl-2.1.xml index 20a8e4ea6..3cace13f1 100644 --- a/doc/manual/release-notes/rl-2.1.xml +++ b/doc/manual/release-notes/rl-2.1.xml @@ -74,13 +74,6 @@ new features: - - Multi-user Nix users on macOS can upgrade Nix by running - sudo -i sh -c 'nix-channel --update && nix-env -iA - nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo - launchctl start org.nixos.nix-daemon. - - This release has contributions from Adrien Devresse,