aboutsummaryrefslogtreecommitdiff
path: root/doc/manual
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2012-07-18 10:47:59 -0400
committerEelco Dolstra <eelco.dolstra@logicblox.com>2012-07-18 10:47:59 -0400
commitfe241ece2932492866693d268d02a7912e766ac7 (patch)
tree2cb24a4d45f563e32946bf34d878969bd05263ec /doc/manual
parenta6f348599c94d8a5f7b41c7d8e43658dc6407be7 (diff)
parentccc52adfb2121ade510d35dc9b91193af9fa731e (diff)
Merge branch 'master' into no-manifests
Diffstat (limited to 'doc/manual')
-rw-r--r--doc/manual/conf-file.xml14
-rw-r--r--doc/manual/introduction.xml2
-rw-r--r--doc/manual/release-notes.xml75
3 files changed, 80 insertions, 11 deletions
diff --git a/doc/manual/conf-file.xml b/doc/manual/conf-file.xml
index 00016b97b..021b42ec6 100644
--- a/doc/manual/conf-file.xml
+++ b/doc/manual/conf-file.xml
@@ -297,6 +297,16 @@ build-use-chroot = /dev /proc /bin</programlisting>
</varlistentry>
+ <varlistentry><term><literal>build-compress-log</literal></term>
+
+ <listitem><para>If set to <literal>true</literal> (the default),
+ build logs written to <filename>/nix/var/log/nix/drvs</filename>
+ will be compressed on the fly using bzip2. Otherwise, they will
+ not be compressed.</para></listitem>
+
+ </varlistentry>
+
+
<varlistentry><term><literal>binary-caches</literal></term>
<listitem><para>A list of URLs of binary caches, separated by
@@ -305,7 +315,7 @@ build-use-chroot = /dev /proc /bin</programlisting>
<literal>http://nixos.org/binary-cache</literal>.</para></listitem>
</varlistentry>
-
+
<varlistentry><term><literal>binary-caches-parallel-connections</literal></term>
@@ -315,7 +325,7 @@ build-use-chroot = /dev /proc /bin</programlisting>
150.</para></listitem>
</varlistentry>
-
+
<varlistentry><term><literal>system</literal></term>
diff --git a/doc/manual/introduction.xml b/doc/manual/introduction.xml
index 5641d110b..21b1df156 100644
--- a/doc/manual/introduction.xml
+++ b/doc/manual/introduction.xml
@@ -225,7 +225,7 @@ href="docs/papers.html#servicecm">SCM-12 paper</a>.</para>
<simplesect><title>Portability</title>
<para>Nix should run on most Unix systems, including Linux, FreeBSD and
-Mac OS X. It is also supported on Windows using Cygwin.</para>
+Mac OS X.<!-- It is also supported on Windows using Cygwin.--></para>
</simplesect>
diff --git a/doc/manual/release-notes.xml b/doc/manual/release-notes.xml
index 9a5449def..4dfcb6b47 100644
--- a/doc/manual/release-notes.xml
+++ b/doc/manual/release-notes.xml
@@ -15,25 +15,84 @@
<itemizedlist>
<listitem>
- <para>Builds in chroots are now executed in a private network
- namespace, meaning that they do not see any network interfaces
- except a private loopback interface. This ensures that builds
- cannot communicate with processes outside of the chroot, or clash
- with other builds by listening on an identical port number.</para>
+ <para>On Linux, when doing a chroot build, Nix now uses various
+ namespace features provided by the Linux kernel to improve
+ build isolation. Namely:
+ <itemizedlist>
+ <listitem><para>The private network namespace ensures that
+ builders cannot talk to the outside world (or vice versa): each
+ build only sees a private loopback interface. This also means
+ that two concurrent builds can listen on the same port (e.g. as
+ part of a test) without conflicting with each
+ other.</para></listitem>
+ <listitem><para>The PID namespace causes each build to start as
+ PID 1. Processes outside of the chroot are not visible to those
+ on the inside. On the other hand, processes inside the chroot
+ <emphasis>are</emphasis> visible from the outside (though with
+ different PIDs).</para></listitem>
+ <listitem><para>The IPC namespace prevents the builder from
+ communicating with outside processes using SysV IPC mechanisms
+ (shared memory, message queues, semaphores). It also ensures
+ that all IPC objects are destroyed when the builder
+ exits.</para></listitem>
+ <listitem><para>The UTS namespace ensures that builders see a
+ hostname of <literal>localhost</literal> rather than the actual
+ hostname.</para></listitem>
+ <listitem><para>The private mount namespace was already used by
+ Nix to ensure that the bind-mounts used to set up the chroot are
+ cleaned up automatically.</para></listitem>
+ </itemizedlist>
+ </para>
</listitem>
<listitem>
<para>Build logs are now compressed using
<command>bzip2</command>. The command <command>nix-store
- -l</command> decompresses them on the fly.</para>
+ -l</command> decompresses them on the fly. This can be disabled
+ by setting the option <literal>build-compress-log</literal> to
+ <literal>false</literal>.</para>
</listitem>
<listitem>
<para>The creation of build logs in
<filename>/nix/var/log/nix/drvs</filename> can be disabled by
setting the new option <literal>build-keep-log</literal> to
- <literal>false</literal>.</para>
- </listitem>
+ <literal>false</literal>. This is useful, for instance, for Hydra
+ build machines.</para>
+ </listitem>
+
+ <listitem>
+ <para>Nix now reserves some space in
+ <filename>/nix/var/nix/db/reserved</filename> to ensure that the
+ garbage collector can run successfully if the disk is full. This
+ is necessary because SQLite transactions fail if the disk is
+ full.</para>
+ </listitem>
+
+ <listitem>
+ <para>Added a basic <function>fetchurl</function> function. This
+ is not intended to replace the <function>fetchurl</function> in
+ Nixpkgs, but is useful for bootstrapping; e.g., it will allow us
+ to get rid of the bootstrap binaries in the Nixpkgs source tree
+ and download them instead. You can use it by doing
+ <literal>import &lt;nix/fetchurl.nix> { url =
+ <replaceable>url</replaceable>; sha256 =
+ "<replaceable>hash</replaceable>"; }</literal>. (Shea Levy)</para>
+ </listitem>
+
+ <listitem>
+ <para>Improved RPM spec file. (Michel Alexandre Salim)</para>
+ </listitem>
+
+ <listitem>
+ <para>Support for on-demand socket-based activation in the Nix
+ daemon with <command>systemd</command>.</para>
+ </listitem>
+
+ <listitem>
+ <para>Added a manpage for
+ <citerefentry><refentrytitle>nix.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+ </listitem>
<listitem>
<para>When using the Nix daemon, the <option>-s</option> flag in