[Nix-dev] Providing Debian, Arch etc. packages counterproductive?
Hajo Möller
dasjoe at gmail.com
Tue Sep 22 19:41:55 CEST 2015
Hi,
On 09/22/2015 11:35 AM, Thomas Hunger wrote:
> I can think of two solutions 1) make the packages set up nix correctly
> so nix-env is usable out of the box and 2) Remove all custom packages
> and tell people to use the installer script.
I'm strongly against 2), as I don't think curl-ing into sh is a good
idea at all. There was a HN discussion about (not) doing it two years
ago: https://news.ycombinator.com/item?id=6650987
A more recent example comes from chef's blog:
https://www.chef.io/blog/2015/07/16/5-ways-to-deal-with-the-install-sh-curl-pipe-bash-problem/
Please at least print the script before executing it, pipe it through
moreutil's vipe? vipe may not be available and requires perl, so that's
not good, either...
While I haven't looked at the .deb packages so far, there may be a way
to have launchpad build the .debs and provide a PPA.
I saw Eelco Dolstra maintains the .debs, thanks for that! When I needed
nix to look at how the manual gets built, I just grabbed a .deb.
--
Regards,
Hajo Möller
More information about the nix-dev
mailing list