aboutsummaryrefslogtreecommitdiff
path: root/doc/manual/release-notes/rl-0.11.xml
blob: 40f83bbc7b4913307e429bd2d598528412e12c75 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
<chapter xmlns="http://docbook.org/ns/docbook"
      xmlns:xlink="http://www.w3.org/1999/xlink"
      xmlns:xi="http://www.w3.org/2001/XInclude"
      version="5.0"
      xml:id="ssec-relnotes-0.11">

<title>Release 0.11 (December 31, 2007)</title>

<para>Nix 0.11 has many improvements over the previous stable release.
The most important improvement is secure multi-user support.  It also
features many usability enhancements and language extensions, many of
them prompted by NixOS, the purely functional Linux distribution based
on Nix.  Here is an (incomplete) list:</para>


<itemizedlist>


  <listitem><para>Secure multi-user support.  A single Nix store can
  now be shared between multiple (possible untrusted) users.  This is
  an important feature for NixOS, where it allows non-root users to
  install software.  The old setuid method for sharing a store between
  multiple users has been removed.  Details for setting up a
  multi-user store can be found in the manual.</para></listitem>


  <listitem><para>The new command <command>nix-copy-closure</command>
  gives you an easy and efficient way to exchange software between
  machines.  It copies the missing parts of the closure of a set of
  store path to or from a remote machine via
  <command>ssh</command>.</para></listitem>


  <listitem><para>A new kind of string literal: strings between double
  single-quotes (<literal>''</literal>) have indentation
  “intelligently” removed.  This allows large strings (such as shell
  scripts or configuration file fragments in NixOS) to cleanly follow
  the indentation of the surrounding expression.  It also requires
  much less escaping, since <literal>''</literal> is less common in
  most languages than <literal>"</literal>.</para></listitem>


  <listitem><para><command>nix-env</command> <option>--set</option>
  modifies the current generation of a profile so that it contains
  exactly the specified derivation, and nothing else.  For example,
  <literal>nix-env -p /nix/var/nix/profiles/browser --set
  firefox</literal> lets the profile named
  <filename>browser</filename> contain just Firefox.</para></listitem>


  <listitem><para><command>nix-env</command> now maintains
  meta-information about installed packages in profiles.  The
  meta-information is the contents of the <varname>meta</varname>
  attribute of derivations, such as <varname>description</varname> or
  <varname>homepage</varname>.  The command <literal>nix-env -q --xml
  --meta</literal> shows all meta-information.</para></listitem>


  <listitem><para><command>nix-env</command> now uses the
  <varname>meta.priority</varname> attribute of derivations to resolve
  filename collisions between packages.  Lower priority values denote
  a higher priority.  For instance, the GCC wrapper package and the
  Binutils package in Nixpkgs both have a file
  <filename>bin/ld</filename>, so previously if you tried to install
  both you would get a collision.  Now, on the other hand, the GCC
  wrapper declares a higher priority than Binutils, so the former’s
  <filename>bin/ld</filename> is symlinked in the user
  environment.</para></listitem>


  <listitem><para><command>nix-env -i / -u</command>: instead of
  breaking package ties by version, break them by priority and version
  number.  That is, if there are multiple packages with the same name,
  then pick the package with the highest priority, and only use the
  version if there are multiple packages with the same
  priority.</para>

  <para>This makes it possible to mark specific versions/variant in
  Nixpkgs more or less desirable than others.  A typical example would
  be a beta version of some package (e.g.,
  <literal>gcc-4.2.0rc1</literal>) which should not be installed even
  though it is the highest version, except when it is explicitly
  selected (e.g., <literal>nix-env -i
  gcc-4.2.0rc1</literal>).</para></listitem>


  <listitem><para><command>nix-env --set-flag</command> allows meta
  attributes of installed packages to be modified.  There are several
  attributes that can be usefully modified, because they affect the
  behaviour of <command>nix-env</command> or the user environment
  build script:

    <itemizedlist>

      <listitem><para><varname>meta.priority</varname> can be changed
      to resolve filename clashes (see above).</para></listitem>

      <listitem><para><varname>meta.keep</varname> can be set to
      <literal>true</literal> to prevent the package from being
      upgraded or replaced.  Useful if you want to hang on to an older
      version of a package.</para></listitem>

      <listitem><para><varname>meta.active</varname> can be set to
      <literal>false</literal> to “disable” the package.  That is, no
      symlinks will be generated to the files of the package, but it
      remains part of the profile (so it won’t be garbage-collected).
      Set it back to <literal>true</literal> to re-enable the
      package.</para></listitem>

    </itemizedlist>

  </para></listitem>


  <listitem><para><command>nix-env -q</command> now has a flag
  <option>--prebuilt-only</option> (<option>-b</option>) that causes
  <command>nix-env</command> to show only those derivations whose
  output is already in the Nix store or that can be substituted (i.e.,
  downloaded from somewhere).  In other words, it shows the packages
  that can be installed “quickly”, i.e., don’t need to be built from
  source.  The <option>-b</option> flag is also available in
  <command>nix-env -i</command> and <command>nix-env -u</command> to
  filter out derivations for which no pre-built binary is
  available.</para></listitem>


  <listitem><para>The new option <option>--argstr</option> (in
  <command>nix-env</command>, <command>nix-instantiate</command> and
  <command>nix-build</command>) is like <option>--arg</option>, except
  that the value is a string.  For example, <literal>--argstr system
  i686-linux</literal> is equivalent to <literal>--arg system
  \"i686-linux\"</literal> (note that <option>--argstr</option>
  prevents annoying quoting around shell arguments).</para></listitem>


  <listitem><para><command>nix-store</command> has a new operation
  <option>--read-log</option> (<option>-l</option>)
  <parameter>paths</parameter> that shows the build log of the given
  paths.</para></listitem>


  <!--
  <listitem><para>TODO: semantic cleanups of string concatenation
  etc. (mostly in r6740).</para></listitem>
  -->


  <listitem><para>Nix now uses Berkeley DB 4.5.  The database is
  upgraded automatically, but you should be careful not to use old
  versions of Nix that still use Berkeley DB 4.4.</para></listitem>


  <!-- foo
  <listitem><para>TODO: option <option>- -reregister</option> in
  <command>nix-store - -register-validity</command>.</para></listitem>
  -->


  <listitem><para>The option <option>--max-silent-time</option>
  (corresponding to the configuration setting
  <literal>build-max-silent-time</literal>) allows you to set a
  timeout on builds  if a build produces no output on
  <literal>stdout</literal> or <literal>stderr</literal> for the given
  number of seconds, it is terminated.  This is useful for recovering
  automatically from builds that are stuck in an infinite
  loop.</para></listitem>


  <listitem><para><command>nix-channel</command>: each subscribed
  channel is its own attribute in the top-level expression generated
  for the channel.  This allows disambiguation (e.g. <literal>nix-env
  -i -A nixpkgs_unstable.firefox</literal>).</para></listitem>


  <listitem><para>The substitutes table has been removed from the
  database.  This makes operations such as <command>nix-pull</command>
  and <command>nix-channel --update</command> much, much
  faster.</para></listitem>


  <listitem><para><command>nix-pull</command> now supports
  bzip2-compressed manifests.  This speeds up
  channels.</para></listitem>


  <listitem><para><command>nix-prefetch-url</command> now has a
  limited form of caching.  This is used by
  <command>nix-channel</command> to prevent unnecessary downloads when
  the channel hasn’t changed.</para></listitem>


  <listitem><para><command>nix-prefetch-url</command> now by default
  computes the SHA-256 hash of the file instead of the MD5 hash.  In
  calls to <function>fetchurl</function> you should pass the
  <literal>sha256</literal> attribute instead of
  <literal>md5</literal>.  You can pass either a hexadecimal or a
  base-32 encoding of the hash.</para></listitem>


  <listitem><para>Nix can now perform builds in an automatically
  generated “chroot”.  This prevents a builder from accessing stuff
  outside of the Nix store, and thus helps ensure purity.  This is an
  experimental feature.</para></listitem>


  <listitem><para>The new command <command>nix-store
  --optimise</command> reduces Nix store disk space usage by finding
  identical files in the store and hard-linking them to each other.
  It typically reduces the size of the store by something like
  25-35%.</para></listitem>


  <listitem><para><filename>~/.nix-defexpr</filename> can now be a
  directory, in which case the Nix expressions in that directory are
  combined into an attribute set, with the file names used as the
  names of the attributes.  The command <command>nix-env
  --import</command> (which set the
  <filename>~/.nix-defexpr</filename> symlink) is
  removed.</para></listitem>


  <listitem><para>Derivations can specify the new special attribute
  <varname>allowedReferences</varname> to enforce that the references
  in the output of a derivation are a subset of a declared set of
  paths.  For example, if <varname>allowedReferences</varname> is an
  empty list, then the output must not have any references.  This is
  used in NixOS to check that generated files such as initial ramdisks
  for booting Linux don’t have any dependencies.</para></listitem>


  <listitem><para>The new attribute
  <varname>exportReferencesGraph</varname> allows builders access to
  the references graph of their inputs.  This is used in NixOS for
  tasks such as generating ISO-9660 images that contain a Nix store
  populated with the closure of certain paths.</para></listitem>


  <listitem><para>Fixed-output derivations (like
  <function>fetchurl</function>) can define the attribute
  <varname>impureEnvVars</varname> to allow external environment
  variables to be passed to builders.  This is used in Nixpkgs to
  support proxy configuration, among other things.</para></listitem>


  <listitem><para>Several new built-in functions:
  <function>builtins.attrNames</function>,
  <function>builtins.filterSource</function>,
  <function>builtins.isAttrs</function>,
  <function>builtins.isFunction</function>,
  <function>builtins.listToAttrs</function>,
  <function>builtins.stringLength</function>,
  <function>builtins.sub</function>,
  <function>builtins.substring</function>,
  <function>throw</function>,
  <function>builtins.trace</function>,
  <function>builtins.readFile</function>.</para></listitem>


</itemizedlist>

</chapter>