[Nix-dev] Nix 1.0 released

Michel Alexandre Salim michel at sylvestre.me
Sun May 27 08:18:11 CEST 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

On 05/12/2012 08:23 PM, Eelco Dolstra wrote:
> Hi,
> 
> On 12/05/12 07:14, Michel Alexandre Salim wrote:
> 
>> First of all, congratulations! I'd like to help clean up the RPM
>> spec file -- can I assume (based on the available binary
>> packages) that the spec only targets Fedora?
> 
> Yes.
> 
>> We can probably get the package into Fedora proper as well --
>> and maybe help some people discover Nix/NixOS that way.
> 
> That would be great :-)
> 
> One thing currently missing in the RPM is that it doesn't do
> multi-user Nix. Ideally it would ship with a post-install script to
> set up nixbld user accounts and enable a nix-daemon init script.
> 
Status update -- I'm almost done with the spec update; everything
works except for having to manually wrangle with permissions.

Quick questions:
- - is Nix now built with setuid support by default? (--enable-setuid is
no longer recognized by the configure script)
- - since --with-nix-user and --with-nix-group are also not recognized,
presumably one has to adjust the ownership of nix-setuid-helper by hand?
- - is there a loss of functionality if setuid support is disabled -- in
fact, is there a way to *not* ship nix-setuid-helper by default?
Fedora is trying to disable it in all apps for security reasons:
http://fedoraproject.org/wiki/Features/RemoveSETUID
  (I take it we can just ship it with nix-setuid-helper not
configured, but that seems.. ugly)

I'll try and look at how nixos sets up nix on a clean install and try
and replicate the configuration.


Cheers,

- -- 
Michel Alexandre Salim
µblog:      http://identi.ca/hircus
            http://twitter.com/hircus
GPG key ID: A36A937A

()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPwccjAAoJEEr1VKujapN60lsH/imDhxfFk7aJ6AwrMfgkRFWD
WkJdaeoLnhMVNYgbQYqYWWtH+LejSwmcND8/W/dui2e4/WSXzRRwLwwQUejVvSJB
W1o26UcD7nAM3Bd/9dlxJFAXRd/riY7d2ouUzxkdbW9jkRO6oPfMssmTiOCWEuJL
UQ+nDNh/yE5+db1NihvginM6c+tf/7Rwk6RuxbISqgwbh5v3Wmcai3oQPVE/rGFf
A76yITEXVn/xa7ZSXj31uJ396KQA2GuuIEcEJloV/j6QC5MwBfxrtOPugoordFli
XwQVer2S0B3vpMEblFAZ+jtGLNMQjtncAGiCYJAIWMPOoS4/d+JV5TDByL11sls=
=HU7i
-----END PGP SIGNATURE-----

More information about the nix-dev mailing list