blob: a741331aae6ae538680fd9d0c473377bd2c14649 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
nix (functional package manager)
Nix is a purely functional package manager. This means that it treats
packages like values in purely functional programming languages such as
Haskell -- they are built by functions that don't have side-effects,
and they never change after they have been built. Nix stores packages
in the Nix store, usually the directory /nix/store, where each package
has its own unique subdirectory such as
/nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/
where b6gvzjyb2pg0... is a unique identifier for the package that captures all
its dependencies (it's a cryptographic hash of the package's build dependency
graph).
Nix may be run in single or multi-user mode (which requires the
nix-daemon). To have the nix daemon start and stop with your host,
add to /etc/rc.d/rc.local:
if [ -x /etc/rc.d/rc.nix ]; then
/etc/rc.d/rc.nix start
fi
and to /etc/rc.d/rc.local_shutdown (creating it if needed):
if [ -x /etc/rc.d/rc.nix ]; then
/etc/rc.d/rc.nix stop
fi
The daemon requires users for building the nix packages, which should
be added under the 'nixbld' group.
groupadd -g 314 nixbld
for n in $(seq 1 10); do useradd -c "Nix build user $n" \
-d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
nixbld$n; done
Restricting access to the daemon is acheived by setting file permissions
for the daemon's socket's folder.
chgrp nix-users /nix/var/nix/daemon-socket
chmod ug=rwx,o= /nix/var/nix/daemon-socket
Correct permissions must also be set for the following profile directories
to give users access.
/nix/var/nix/profiles
/var/nix/profiles
|
