Age | Commit message (Collapse) | Author |
|
system
On a systemd-based Linux distribution: If the user has previously had multi-user Nix installed on the system, removed it and then reinstalled multi-user Nix again the old nix-daemon.service will still be running when `scripts/install-systemd-multi-user.sh` tries to start it which results in nothing being done and the old daemon continuing its run.
When a normal user then tries to use Nix through the daemon the nix binary will fail to connect to the nix-daemon as it does not belong to the currently installed Nix system. See below for steps to reproduce the issue that motivated this change.
$ sh <(curl https://nixos.org/nix/install) --daemon
$ sudo rm -rf /etc/nix /nix /root/.nix-profile /root/.nix-defexpr /root/.nix-channels /home/nix-installer/.nix-profile /home/nix-installer/.nix-defexpr /home/nix-installer/.nix-channels ~/.nix-channels ~/.nix-defexpr/ ~/.nix-profile /etc/profile.d/nix.sh.backup-before-nix /etc/profile.d/nix.sh; sed -i '/added by Nix installer$/d' ~/.bash_profile
$ unset NIX_REMOTE
$ sh <(curl https://nixos.org/nix/install) --daemon
└$ export NIX_REMOTE=daemon
└$ nix-env -iA nixpkgs.hello
installing 'hello-2.10'
error: cannot connect to daemon at '/nix/var/nix/daemon-socket/socket': No such file or directory
(use '--show-trace' to show detailed location information)
└$ sudo systemctl restart nix-daemon.service
└$ nix-env -iA nixpkgs.hello
installing 'hello-2.10'
these paths will be fetched (6.09 MiB download, 27.04 MiB unpacked):
/nix/store/2g75chlbpxlrqn15zlby2dfh8hr9qwbk-hello-2.10
/nix/store/aag9d1y4wcddzzrpfmfp9lcmc7skd7jk-glibc-2.27
copying path '/nix/store/aag9d1y4wcddzzrpfmfp9lcmc7skd7jk-glibc-2.27' from 'https://cache.nixos.org'...
copying path '/nix/store/2g75chlbpxlrqn15zlby2dfh8hr9qwbk-hello-2.10' from 'https://cache.nixos.org'...
building '/nix/store/w9adagg6vlikr799nkkqc9la5hbbpgmi-user-environment.drv'...
created 2 symlinks in user environment
|
|
Some tar implementations can't auto-detect compression formats, so
they must be specified explicitly.
|
|
This is commonly the default behavior with -R, but POSIX leaves the
default unspecified.
|
|
|
|
This is not used anywhere.
|
|
https://hydra.nixos.org/build/104119659
|
|
|
|
|
|
|
|
|
|
|
|
This is already done by the installer, so no need to do it again.
|
|
|
|
'nix-daemon' now creates subdirectories for users when they first
connect.
Fixes #509 (CVE-2019-17365).
Should also fix #3127.
|
|
In the multi-user install script, we originally made sure no previous
references to Nix existed. This prevented any previous installs from
contaminating the new install. However, some users need the ability to
repair their existing Nix installation without uninstalling all
references to Nix. This change allows users with existing Nix
installations to use the installer, while still outputing a warning
message on the dangers of this. As a result, the multi-user install
script work much more like the single-user install script has worked
in the past.
This is a requirement for macOS Catalina users now that
/Library/LaunchDaemons/org.nixos.nix-daemon.plisg is not managed by
the Nix store. If there is ever a change to the .plist, all users will
need to rerun this install script to get the new changes. Otherwise,
changes to the launch daemon will require manual interventions.
|
|
On Catalina, the /nix filesystem might not be mounted at start time.
To avoid this service not starting, we need to keep the launch agent
outside of the Nix store. A wait4pid will hold for our /nix dir to be
mounted.
Fixes #3125.
|
|
install-multi-user: Detect and fail lack of systemd separately
|
|
Allow empty /nix directory in multi-user installer
|
|
Fixes https://github.com/NixOS/nix/issues/240.
Apparently 'tar -xf' can decompress xz files on macOS nowadays.
|
|
If a network proxy configuration is detected, setup an override
systemd unit file for nix-daemon service with the non-empty
proxy variables.
Proxy detection is performed by looking for http/https/ftp proxy and no
proxy variables in user environment
|
|
With macOS catalina, we can no longer modify the root system
volume (#2925). macOS provides a system configuration file in
synthetic.conf(5) to create empty root directories. This can be used
to mount /nix to a separate volume. As a result, this directory will
need to already exist prior to installation. Instead, check for
/nix/store and /nix/var for a live Nix installation.
|
|
uses $(id -u -n) when USER is unset, this is needed on some weird
setups in Docker. Fixes #971
|
|
install-multi-user: reduce max-jobs from 32 to 1
|
|
In POSIX sh, `type` is undefined.
cf. https://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html#tag_20_22_04
|
|
This is now autodetected. There is no need to put it in the profile.
|
|
When we are in single user mode, we still want to have access to
profiles. This way things in Nixpkgs that rely on them getting set
accurately are done in both cases. The point where I hit this is with
using aspell which looks in NIX_PROFILES:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/aspell/default.nix
Before this patch, NIX_PROFILES was never set in single user mode!
This corrects that.
|
|
Fixes #2709.
|
|
https://hydra.nixos.org/build/93359951
|
|
installer: update macOS version check to 10.12.2
|
|
install script: don't abort when "nix-channel --update" fails
|
|
Hardcoding the "max-jobs" and "cores" settings in nix.conf at install
time, to the same value as Nix' built-in default, makes little sense to
me.
|
|
Having max-jobs = 32 ($NIX_USER_COUNT is hardcoded to that value) may
severely overload the machine. The nix.conf(5) manual page says max-jobs
defaults to 1, so let's use that value.
NOTE: Both max-jobs and cores are now being set to their default value,
so they can be removed alltogether.
|
|
Otherwise, the user is shown:
```
Sorry, I don't know what to do on Linux
```
Which is... not exactly right.
|
|
scripts: remove default 'sandbox = false' from multi-user installer
|
|
Sandboxing is now enabled by default on Linux, but is still disabled on
macOS. However, the installer always turned it off to ensure consistent
behavior.
Remove this default configuration, so we fall back to the default
platform-specific value.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
|
|
the nix-store --init command is a noop apparently
|
|
Instead, print a message about what happened and tell the user what can
be done (run "[sudo -i] nix-channel --update nixpkgs" again at a later
time). This change allows installing Nix when you're offline.
Since the multi-user installer is so verbose, the message isn't printed
until the end.
Fixes issue #2650 ("installation without internet connection").
|
|
|
|
Nixpkgs will drop support for <10.12 soon and thus a nix release built
using the 19.03 channel will also require a newer version of macOS.
|
|
SSL certificate search failed to find user profile certificates.
|
|
`which` isn't necessarily portable, but `command -v` is an equivalent form.
Additionally, the `\'` is not necessary, as it is already quoted by `"`.
|
|
This removes part of the PATH that were being added automatically in multi-user installs:
- $HOME/.nix-profile/lib/kde4/libexec - shouldn't be needed anymore, we are now using kde5
- @localstatedir@/nix/profiles/default/lib/kde4/libexec - same as above
- @localstatedir@/nix/profiles/default - shouldn't ever contain binaries
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If the profile is sourced inside a script with `set -u`, the check for
__ETC_PROFILE_NIX_SOURCED and NIX_SSL_CERT_FILE would raise an error.
A simple guard around this check allows the script to operate under
standard environments (where it is fairly reasonable to assume USER
and HOME are set.)
|
|
|