diff options
Diffstat (limited to 'system/nix/README')
-rw-r--r-- | system/nix/README | 80 |
1 files changed, 47 insertions, 33 deletions
diff --git a/system/nix/README b/system/nix/README index 49ae7c253a9ff..dcfdc6383e722 100644 --- a/system/nix/README +++ b/system/nix/README @@ -1,51 +1,65 @@ -Nix is a purely functional package manager. This means that it treats -packages like values in purely functional programming languages such as -Haskell -- they are built by functions that don't have side-effects, -and they never change after they have been built. Nix stores packages -in the Nix store, usually the directory /nix/store, where each package -has its own unique subdirectory such as +nix (functional package manager) - /nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/ +Nix is a purely functional package manager. This means that it treats packages +like values in purely functional programming languages such as Haskell -- they +are built by functions that don't have side-effects, and they never change +after they have been built. Nix stores packages in the Nix store, usually the +directory /nix/store, where each package has its own unique subdirectory such +as -where b6gvzjyb2pg0... is a unique identifier for the package that -captures all its dependencies (it's a cryptographic hash of the -package's build dependency graph). + /nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/ -Nix may be run in single or multi-user mode (which requires the -nix-daemon). To have the nix daemon start and stop with your host, -add to /etc/rc.d/rc.local: +where b6gvzjyb2pg0... is a unique identifier for the package that captures all +its dependencies (it's a cryptographic hash of the package's build dependency +graph). - if [ -x /etc/rc.d/rc.nix ]; then +Nix may be run in single or multi-user mode (which requires the nix-daemon). +The following sets up multi-user mode. + +To have the nix daemon start and stop with your host, add to /etc/rc.d/rc.local: + + if [ -x /etc/rc.d/rc.nix ]; then /etc/rc.d/rc.nix start - fi + fi and to /etc/rc.d/rc.local_shutdown (creating it if needed): - if [ -x /etc/rc.d/rc.nix ]; then + if [ -x /etc/rc.d/rc.nix ]; then /etc/rc.d/rc.nix stop - fi + fi + +The daemon requires users for building the nix packages, which should be added +under the 'nixbld' group. + + # groupadd -g 314 nixbld + # for n in $(seq 1 10); do useradd -c "Nix build user $n" \ + # -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \ + # nixbld$n; done + +Restricting access to the daemon is acheived by setting file permissions for +the daemon's socket's folder. -The daemon requires users for building the nix packages, which should -be added under the 'nixbld' group. + # groupadd nix-users + # chgrp nix-users /nix/var/nix/daemon-socket + # chmod ug=rwx,o= /nix/var/nix/daemon-socket - groupadd -g 314 nixbld - for n in $(seq 1 10); do useradd -c "Nix build user $n" \ - -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \ - nixbld$n; done +Correct permissions must also be set for the following profile directories to +give users access. -Restricting access to the daemon is acheived by setting file -permissions for the daemon's socket's folder. + # mkdir -p /nix/var/nix/profiles/per-user + # chgrp nix-users /nix/var/nix/profiles/per-user + # chmod go+wt /nix/var/nix/profiles/per-user - groupadd nix-users - chgrp nix-users /nix/var/nix/daemon-socket - chmod ug=rwx,o= /nix/var/nix/daemon-socket + # mkdir -p /nix/var/nix/gcroots/per-user + # chgrp nix-users /nix/var/nix/gcroots/per-user + # chmod go+wt /nix/var/nix/gcroots/per-user -Correct permissions must also be set for the following profile -directories to give users access. +For setup a user to use nix, add him to the nix-users group and load these +lines on login (via $HOME/.profile): - /nix/var/nix/profiles - /var/nix/profiles + export NIX_REMOTE=daemon + source /etc/profile.d/nix.sh If you have patches email me, or send a pull request via github: - https://github.com/PragmaticCypher/slackbuilds + https://github.com/PragmaticCypher/nix.SlackBuild |