Fix typo.

.gitignore

@@ -1,140 +0,0 @@
-Makefile
-Makefile.in
-
-# /
-/aclocal.m4
-/autom4te.cache
-/config.*
-/configure
-/nix.spec
-/stamp-h1
-/svn-revision
-/NEWS
-/libtool
-
-# /config/
-/config/config.guess
-/config/config.sub
-/config/depcomp
-/config/install-sh
-/config/missing
-/config/mkinstalldirs
-/config/ltmain.sh
-
-/corepkgs/config.nix
-
-# /corepkgs/buildenv/
-/corepkgs/buildenv/builder.pl
-
-# /corepkgs/channels/
-/corepkgs/channels/unpack.sh
-
-# /corepkgs/nar/
-/corepkgs/nar/nar.sh
-/corepkgs/nar/unnar.sh
-
-# /doc/manual/
-/doc/manual/manual.html
-/doc/manual/manual.xmli
-/doc/manual/manual.pdf
-/doc/manual/manual.is-valid
-/doc/manual/*.1
-/doc/manual/*.5
-/doc/manual/*.8
-/doc/manual/images
-/doc/manual/version.txt
-/doc/manual/NEWS.html
-/doc/manual/NEWS.txt
-
-# /scripts/
-/scripts/nix-profile.sh
-/scripts/nix-pull
-/scripts/nix-push
-/scripts/nix-switch
-/scripts/nix-collect-garbage
-/scripts/nix-prefetch-url
-/scripts/nix-install-package
-/scripts/nix-channel
-/scripts/nix-build
-/scripts/nix-copy-closure
-/scripts/nix-generate-patches
-/scripts/NixConfig.pm
-/scripts/NixManifest.pm
-/scripts/GeneratePatches.pm
-/scripts/download-using-manifests.pl
-/scripts/copy-from-other-stores.pl
-/scripts/download-from-binary-cache.pl
-/scripts/find-runtime-roots.pl
-/scripts/build-remote.pl
-/scripts/nix-reduce-build
-/scripts/nix-http-export.cgi
-
-# /src/bsdiff-4.3/
-/src/bsdiff-4.3/bsdiff
-/src/bsdiff-4.3/bspatch
-
-# /src/libexpr/
-/src/libexpr/lexer-tab.cc
-/src/libexpr/lexer-tab.hh
-/src/libexpr/parser-tab.cc
-/src/libexpr/parser-tab.hh
-/src/libexpr/parser-tab.output
-/src/libexpr/nix.tbl
-
-# /src/libstore/
-/src/libstore/schema.sql.hh
-
-# /src/nix-env/
-/src/nix-env/nix-env
-
-# /src/nix-hash/
-/src/nix-hash/nix-hash
-
-# /src/nix-instantiate/
-/src/nix-instantiate/nix-instantiate
-
-# /src/nix-log2xml/
-/src/nix-log2xml/nix-log2xml
-/src/nix-log2xml/test*.*
-/src/nix-log2xml/*.log
-/src/nix-log2xml/*.xml
-/src/nix-log2xml/*.html
-
-# /src/nix-setuid-helper/
-/src/nix-setuid-helper/nix-setuid-helper
-
-# /src/nix-store/
-/src/nix-store/nix-store
-
-# /src/nix-daemon/
-/src/nix-daemon/nix-daemon
-
-# /tests/
-/tests/test-tmp
-/tests/config.nix
-/tests/common.sh
-/tests/dummy
-/tests/result*
-
-# /tests/lang/
-/tests/lang/*.out
-/tests/lang/*.out.xml
-/tests/lang/*.ast
-
-/perl/lib/Nix/Config.pm
-/perl/lib/Nix/Store.cc
-
-.deps
-.libs
-*.a
-*.lo
-*.la
-*.o
-*.so
-*~
-
-# GNU Global
-GPATH
-GRTAGS
-GSYMS
-GTAGS

Makefile.am

@@ -1,8 +1,6 @@
-SUBDIRS = src perl scripts corepkgs doc misc tests
+SUBDIRS = externals src scripts corepkgs doc misc tests
 EXTRA_DIST = substitute.mk nix.spec nix.spec.in bootstrap.sh \
-  NEWS version misc/systemd/nix-daemon.service
-
-pkginclude_HEADERS = config.h
+  nix.conf.example NEWS version
 
 include ./substitute.mk
 
@@ -10,6 +8,10 @@ nix.spec: nix.spec.in
 
 install-data-local: init-state
 	$(INSTALL) -d $(DESTDIR)$(sysconfdir)/nix
+	$(INSTALL_DATA) $(srcdir)/nix.conf.example $(DESTDIR)$(sysconfdir)/nix
+	if ! test -e $(DESTDIR)$(sysconfdir)/nix/nix.conf; then \
+		$(INSTALL_DATA) $(srcdir)/nix.conf.example $(DESTDIR)$(sysconfdir)/nix/nix.conf; \
+	fi
 	$(INSTALL) -d $(DESTDIR)$(docdir)
 	$(INSTALL_DATA) README $(DESTDIR)$(docdir)/
 
@@ -27,9 +29,11 @@ init-state:
 	$(INSTALL) $(INIT_FLAGS) -d $(DESTDIR)$(localstatedir)/nix/profiles
 	$(INSTALL) $(INIT_FLAGS) -d $(DESTDIR)$(localstatedir)/nix/gcroots
 	$(INSTALL) $(INIT_FLAGS) -d $(DESTDIR)$(localstatedir)/nix/temproots
+	$(INSTALL) $(INIT_FLAGS) $(GROUP_WRITABLE) -d $(DESTDIR)$(localstatedir)/nix/gcroots/tmp
+	$(INSTALL) $(INIT_FLAGS) $(GROUP_WRITABLE) -d $(DESTDIR)$(localstatedir)/nix/gcroots/channels
 	ln -sfn $(localstatedir)/nix/profiles $(DESTDIR)$(localstatedir)/nix/gcroots/profiles
 	$(INSTALL) $(INIT_FLAGS) -d $(DESTDIR)$(localstatedir)/nix/userpool
-	-$(INSTALL) $(INIT_FLAGS) -d $(DESTDIR)$(storedir)
+	$(INSTALL) $(INIT_FLAGS) -m 1777 -d $(DESTDIR)$(storedir)
 	$(INSTALL) $(INIT_FLAGS) $(GROUP_WRITABLE) -d $(DESTDIR)$(localstatedir)/nix/manifests
 	ln -sfn $(localstatedir)/nix/manifests $(DESTDIR)$(localstatedir)/nix/gcroots/manifests
 

aterm-gc.supp

@@ -0,0 +1,117 @@
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Cond
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Cond
+   fun:*
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value4
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value8
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value4
+   fun:*
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value8
+   fun:*
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Addr4
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Addr8
+   fun:*
+   fun:AT_collect_minor
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Cond
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value4
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value8
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Addr4
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Addr8
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value4
+   fun:*
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Value8
+   fun:*
+   fun:*
+   fun:AT_collect
+}
+
+{
+   ATerm library conservatively scans for GC roots
+   Memcheck:Cond
+   fun:*
+   fun:*
+   fun:AT_collect
+}

blacklisting/check-env.pl

@@ -0,0 +1,252 @@
+#! /usr/bin/perl -w -I /home/eelco/.nix-profile/lib/site_perl
+
+use strict;
+use XML::LibXML;
+#use XML::Simple;
+
+my $blacklistFN = shift @ARGV;
+die unless defined $blacklistFN;
+my $userEnv = shift @ARGV;
+die unless defined $userEnv;
+
+
+# Read the blacklist.
+my $parser = XML::LibXML->new();
+my $blacklist = $parser->parse_file($blacklistFN)->getDocumentElement;
+
+#print $blacklist->toString() , "\n";
+
+
+# Get all the elements of the user environment.
+my $userEnvElems = `nix-store --query --references '$userEnv'`;
+die "cannot query user environment elements" if $? != 0;
+my @userEnvElems = split ' ', $userEnvElems;
+
+
+my %storePathHashes;
+
+
+sub getElemNodes {
+    my $node = shift;
+    my @elems = ();
+    foreach my $node ($node->getChildNodes) {
+        push @elems, $node if $node->nodeType == XML_ELEMENT_NODE;
+    }
+    return @elems;
+}
+
+
+my %referencesCache;
+sub getReferences {
+    my $path = shift;
+    return $referencesCache{$path} if defined $referencesCache{$path};
+    
+    my $references = `nix-store --query --references '$path'`;
+    die "cannot query references" if $? != 0;
+    $referencesCache{$path} = [split ' ', $references];
+    
+    return $referencesCache{$path};
+}
+
+
+my %attrsCache;
+sub getAttr {
+    my $path = shift;
+    my $name = shift;
+    my $key = "$path/$name";
+    return $referencesCache{$key} if defined $referencesCache{$key};
+
+    my $value = `nix-store --query --binding '$name' '$path' 2> /dev/null`;
+    $value = "" if $? != 0; # !!!
+    chomp $value;
+    $referencesCache{$key} = $value;
+
+    return $value;
+}
+
+
+sub evalCondition;
+
+
+sub traverse {
+    my $done = shift;
+    my $set = shift;
+    my $path = shift;
+    my $stopCondition = shift;
+
+    return if defined $done->{$path};
+    $done->{$path} = 1;
+    $set->{$path} = 1;
+
+#    print "  in $path\n";
+
+    if (!evalCondition({$path => 1}, $stopCondition)) {
+#        print "  STOPPING in $path\n";
+        return;
+    }
+
+    # Get the requisites of the deriver.
+
+    foreach my $reference (@{getReferences $path}) {
+        traverse($done, $set, $reference, $stopCondition);
+    }
+}
+
+
+sub evalSet {
+    my $inSet = shift;
+    my $expr = shift;
+    my $name = $expr->getName;
+    
+    if ($name eq "traverse") {
+        my $stopCondition = (getElemNodes $expr)[0];
+        my $done = { };
+        my $set = { };
+        foreach my $path (keys %{$inSet}) {
+            traverse($done, $set, $path, $stopCondition);
+        }
+        return $set;
+    }
+
+    else {
+        die "unknown element `$name'";
+    }
+}
+
+
+# Function for evaluating conditions.
+sub evalCondition {
+    my $storePaths = shift;
+    my $condition = shift;
+    my $elemName = $condition->getName;
+    
+    if ($elemName eq "containsSource") {
+        my $hash = $condition->attributes->getNamedItem("hash")->getValue;
+        foreach my $path (keys %{$storePathHashes{$hash}}) {
+            return 1 if defined $storePaths->{$path};
+        }
+        return 0;
+    }
+
+    elsif ($elemName eq "hasName") { 
+        my $nameRE = $condition->attributes->getNamedItem("name")->getValue;
+        foreach my $path (keys %{$storePaths}) {
+            return 1 if $path =~ /$nameRE/;
+        }
+        return 0;
+    }
+    
+    elsif ($elemName eq "hasAttr") { 
+        my $name = $condition->attributes->getNamedItem("name")->getValue;
+        my $valueRE = $condition->attributes->getNamedItem("value")->getValue;
+        foreach my $path (keys %{$storePaths}) {
+            if ($path =~ /\.drv$/) {
+                my $value = getAttr($path, $name);
+#                print "    $path $name $value\n";
+                return 1 if $value =~ /$valueRE/;
+            }
+        }
+        return 0;
+    }
+    
+    elsif ($elemName eq "and") {
+        my $result = 1;
+        foreach my $node (getElemNodes $condition) {
+            $result &= evalCondition($storePaths, $node);
+        }
+        return $result;
+    }
+
+    elsif ($elemName eq "not") {
+        return !evalCondition($storePaths, (getElemNodes $condition)[0]);
+    }
+    
+    elsif ($elemName eq "within") {
+        my @elems = getElemNodes $condition;
+        my $set = evalSet($storePaths, $elems[0]);
+        return evalCondition($set, $elems[1]);
+    }
+
+    elsif ($elemName eq "true") {
+        return 1;
+    }
+
+    elsif ($elemName eq "false") {
+        return 0;
+    }
+
+    else {
+        die "unknown element `$elemName'";
+    }
+}
+
+
+sub evalOr {
+    my $storePaths = shift;
+    my $nodes = shift;
+
+    my $result = 0;
+    foreach my $node (@{$nodes}) {
+        $result |= evalCondition($storePaths, $node);
+    }
+    
+    return $result;
+}
+
+
+# Iterate over all elements, check them.
+foreach my $userEnvElem (@userEnvElems) {
+
+    # Get the deriver of this path.
+    my $deriver = `nix-store --query --deriver '$userEnvElem'`;
+    die "cannot query deriver" if $? != 0;
+    chomp $deriver;
+
+    if ($deriver eq "unknown-deriver") {
+#        print "  deriver unknown, cannot check sources\n";
+        next;
+    }
+
+    print "CHECKING $userEnvElem\n";
+
+
+    # Get the requisites of the deriver.
+#    my $requisites = `nix-store --query --requisites --include-outputs '$deriver'`;
+#    die "cannot query requisites" if $? != 0;
+#    my @requisites = split ' ', $requisites;
+
+
+    # Get the hashes of the requisites.
+#    my $hashes = `nix-store --query --hash @requisites`;
+#    die "cannot query hashes" if $? != 0;
+#    my @hashes = split ' ', $hashes;
+#    for (my $i = 0; $i < scalar @requisites; $i++) {
+#        die unless $i < scalar @hashes;
+#        my $hash = $hashes[$i];
+#        $storePathHashes{$hash} = {} unless defined $storePathHashes{$hash};
+#        my $r = $storePathHashes{$hash}; # !!! fix
+#        $$r{$requisites[$i]} = 1;
+#    }
+
+
+    # Evaluate each blacklist item.
+    foreach my $item ($blacklist->getChildrenByTagName("item")) {
+        my $itemId = $item->getAttributeNode("id")->getValue;
+#        print "  CHECKING FOR $itemId\n";
+
+        my $condition = ($item->getChildrenByTagName("condition"))[0];
+        die unless $condition;
+
+        # Evaluate the condition.
+        my @elems = getElemNodes $condition;
+        if (evalOr({$deriver => 1}, \@elems)) {
+            # Oops, condition triggered.
+            my $reason = ($item->getChildrenByTagName("reason"))[0]->getChildNodes->to_literal;
+            $reason =~ s/\s+/ /g;
+            $reason =~ s/^\s+//g;
+
+            print "    VULNERABLE TO `$itemId': $reason\n";
+        }
+    }
+}
+

bootstrap.sh

@@ -1,4 +1,7 @@
 #! /bin/sh -e
-rm -f aclocal.m4
 mkdir -p config
-exec autoreconf -vfi
+libtoolize --copy
+aclocal
+autoheader
+automake --add-missing --copy
+autoconf

build.nix

@@ -1,169 +0,0 @@
-with import <nix-make/lib>;
-with pkgs;
-
-rec {
-
-  bin2c = link {
-    objects = [ (compileC { main = ./src/bin2c/bin2c.c; }) ];
-    programName = "bin2c";
-  };
-
-  bsdiff = link {
-    objects = [ (compileC { main = ./src/bsdiff-4.3/bsdiff.c; buildInputs = [ pkgs.bzip2 ]; }) ];
-    programName = "bsdiff";
-    buildInputs = [ pkgs.bzip2 ];
-    flags = "-lbz2";
-  };
-
-  bspatch = link {
-    objects = [ (compileC { main = ./src/bsdiff-4.3/bspatch.c; buildInputs = [ pkgs.bzip2 ]; }) ];
-    programName = "bspatch";
-    buildInputs = [ pkgs.bzip2 ];
-    flags = "-lbz2";
-  };
-
-  libformat = makeLibrary {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src ];
-      })
-      [ ./src/boost/format/format_implementation.cc
-        ./src/boost/format/free_funcs.cc
-        ./src/boost/format/parsing.cc
-      ];
-    libraryName = "format";
-  };
-
-  libutil = makeLibrary {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/libutil ./src ./. ];
-        buildInputs = [ pkgs.openssl ];
-      })
-      [ ./src/libutil/util.cc
-        ./src/libutil/hash.cc
-        ./src/libutil/serialise.cc
-        ./src/libutil/archive.cc
-        ./src/libutil/xml-writer.cc
-        ./src/libutil/immutable.cc
-      ];
-    libraryName = "util";
-  };
-
-  libstore = makeLibrary {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/libstore ./src/libutil ./src ./. ];
-        buildInputs = [ pkgs.sqlite ];
-        cFlags = "-DNIX_STORE_DIR=\"/nix/store\" -DNIX_DATA_DIR=\"/home/eelco/Dev/nix/inst/share\" -DNIX_STATE_DIR=\"/nix/var/nix\" -DNIX_LOG_DIR=\"/foo\" -DNIX_CONF_DIR=\"/foo\" -DNIX_LIBEXEC_DIR=\"/foo\" -DNIX_BIN_DIR=\"/home/eelco/Dev/nix/inst/bin\"";
-      })
-      [ ./src/libstore/store-api.cc
-        ./src/libstore/local-store.cc
-        ./src/libstore/remote-store.cc
-        ./src/libstore/derivations.cc
-        ./src/libstore/build.cc
-        ./src/libstore/misc.cc
-        ./src/libstore/globals.cc
-        ./src/libstore/references.cc
-        ./src/libstore/pathlocks.cc
-        ./src/libstore/gc.cc
-        ./src/libstore/optimise-store.cc
-      ];
-    libraryName = "store";
-  };
-
-  libmain = makeLibrary {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/libmain ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/libmain/shared.cc ];
-    libraryName = "main";
-  };
-
-  nix_hash = link {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/nix-hash ./src/libmain ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/nix-hash/nix-hash.cc
-      ];
-    libraries = [ libformat libutil libstore libmain ];
-    buildInputs = [ pkgs.openssl pkgs.sqlite ];
-    flags = "-lssl -lsqlite3 -lstdc++";
-    programName = "nix-hash";
-  };
-
-  nix_store = link {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/nix-store ./src/libmain ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/nix-store/nix-store.cc
-        ./src/nix-store/dotgraph.cc
-        ./src/nix-store/xmlgraph.cc
-      ];
-    libraries = [ libformat libutil libstore libmain ];
-    buildInputs = [ pkgs.openssl pkgs.sqlite ];
-    flags = "-lssl -lsqlite3 -lstdc++";
-    programName = "nix-store";
-  };
-
-  libexpr = makeLibrary {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/libexpr ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/libexpr/nixexpr.cc
-        ./src/libexpr/eval.cc
-        ./src/libexpr/primops.cc
-        ./src/libexpr/lexer-tab.cc
-        ./src/libexpr/parser-tab.cc
-        ./src/libexpr/get-drvs.cc
-        ./src/libexpr/attr-path.cc
-        ./src/libexpr/value-to-xml.cc
-        ./src/libexpr/common-opts.cc
-        ./src/libexpr/names.cc
-      ];
-    libraryName = "expr";
-  };
-
-  nix_instantiate = link {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/nix-instantiate ./src/libexpr ./src/libmain ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/nix-instantiate/nix-instantiate.cc ];
-    libraries = [ libformat libutil libstore libmain libexpr ];
-    buildInputs = [ pkgs.openssl pkgs.sqlite ];
-    flags = "-lssl -lsqlite3 -lstdc++";
-    programName = "nix-instantiate";
-  };
-
-  nix_env = link {
-    objects =
-      map (fn: compileC {
-        main = fn;
-        localIncludePath = [ ./src/nix-env ./src/libexpr ./src/libmain ./src/libstore ./src/libutil ./src ./. ];
-      })
-      [ ./src/nix-env/nix-env.cc
-        ./src/nix-env/profiles.cc
-        ./src/nix-env/user-env.cc
-      ];
-    libraries = [ libformat libutil libstore libmain libexpr ];
-    buildInputs = [ pkgs.openssl pkgs.sqlite ];
-    flags = "-lssl -lsqlite3 -lstdc++";
-    programName = "nix-env";
-  };
-
-  all = [ bsdiff bspatch nix_hash nix_store nix_instantiate nix_env ];
-
-}

configure.ac

@@ -5,33 +5,30 @@ AM_INIT_AUTOMAKE([dist-bzip2 foreign])
 
 AC_DEFINE_UNQUOTED(NIX_VERSION, ["$VERSION"], [Nix version.])
 
-AC_PROG_SED
+AC_CANONICAL_HOST
+
 
 # Construct a Nix system name (like "i686-linux").
-AC_CANONICAL_HOST
 AC_MSG_CHECKING([for the canonical Nix system name])
+cpu_name=$(uname -p | tr 'A-Z ' 'a-z_')
+machine_name=$(uname -m | tr 'A-Z ' 'a-z_')
 
-AC_ARG_WITH(system, AC_HELP_STRING([--with-system=SYSTEM],
-  [Platform identifier (e.g., `i686-linux').]),
-  [system=$withval],
-  [case "$host_cpu" in
-     i*86)
-        machine_name="i686";;
-     amd64)
-        machine_name="x86_64";;
-     *)
-        machine_name="$host_cpu";;
-   esac
-
-   case "$host_os" in
-     linux-gnu*)
-        # For backward compatibility, strip the `-gnu' part.
-        system="$machine_name-linux";;
-     *)
-        # Strip the version number from names such as `gnu0.3',
-        # `darwin10.2.0', etc.
-        system="$machine_name-`echo $host_os | "$SED" -e's/@<:@0-9.@:>@*$//g'`";;
-   esac])
+case $machine_name in
+    i*86)
+        machine_name=i686
+        ;;
+    x86_64)
+        machine_name=x86_64
+        ;;
+    ppc)
+        machine_name=powerpc
+        ;;
+    *)
+        if test "$cpu_name" != "unknown"; then
+            machine_name=$cpu_name
+        fi
+        ;;
+esac
 
 sys_name=$(uname -s | tr 'A-Z ' 'a-z_')
 
@@ -41,6 +38,9 @@ case $sys_name in
         ;;
 esac
 
+AC_ARG_WITH(system, AC_HELP_STRING([--with-system=SYSTEM],
+  [Platform identifier (e.g., `i686-linux').]),
+  system=$withval, system="${machine_name}-${sys_name}")
 AC_MSG_RESULT($system)
 AC_SUBST(system)
 AC_DEFINE_UNQUOTED(SYSTEM, ["$system"], [platform identifier (`cpu-os')])
@@ -50,36 +50,36 @@ AC_DEFINE_UNQUOTED(SYSTEM, ["$system"], [platform identifier (`cpu-os')])
 test "$localstatedir" = '${prefix}/var' && localstatedir=/nix/var
 
 
-# Windows-specific stuff.  On Cygwin, dynamically linking against the
-# ATerm DLL works, except that it requires the ATerm "lib" directory
-# to be in $PATH, as Windows doesn't have anything like an RPATH
-# embedded in executable.  Since this is kind of annoying, we use
-# static libraries for now.
-if test "$sys_name" = "cygwin"; then
+# Whether to produce a statically linked binary.  On Cygwin, this is
+# the default: dynamically linking against the ATerm DLL does work,
+# except that it requires the ATerm "lib" directory to be in $PATH, as
+# Windows doesn't have anything like an RPATH embedded in executable.
+# Since this is kind of annoying, we use static libraries for now.
+    
+AC_ARG_ENABLE(static-nix, AC_HELP_STRING([--enable-static-nix],
+  [produce statically linked binaries]),
+  static_nix=$enableval, static_nix=no)
+
+if test "$sys_name" = cygwin; then
+   static_nix=yes
+fi
+  
+if test "$static_nix" = yes; then
     AC_DISABLE_SHARED
     AC_ENABLE_STATIC
 fi
 
-
-# Solaris-specific stuff.
-if test "$sys_name" = sunos; then
-    # Solaris requires -lsocket -lnsl for network functions
-    LIBS="-lsocket -lnsl $LIBS"
+  
+# Windows-specific stuff.
+if test "$sys_name" = "cygwin"; then
+    # We cannot delete open files.
+    AC_DEFINE(CANNOT_DELETE_OPEN_FILES, 1, [Whether it is impossible to delete open files.])
 fi
 
 
 AC_PROG_CC
 AC_PROG_CXX
 
-# To build programs to be run in the build machine.
-if test "$CC_FOR_BUILD" = ""; then
-    if test "$cross_compiling" = "yes"; then
-        AC_CHECK_PROGS(CC_FOR_BUILD, gcc cc)
-    else
-        CC_FOR_BUILD="$CC"
-    fi
-fi
-AC_SUBST([CC_FOR_BUILD])
 
 # We are going to use libtool.
 AC_DISABLE_STATIC
@@ -88,7 +88,8 @@ AC_PROG_LIBTOOL
 
 
 # Use 64-bit file system calls so that we can support files > 2 GiB.
-AC_SYS_LARGEFILE
+CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS"
+CXXFLAGS="-D_FILE_OFFSET_BITS=64 $CXXFLAGS"
 
 
 # Check for pubsetbuf.
@@ -106,8 +107,8 @@ AC_LANG_POP(C++)
 # Check for chroot support (requires chroot() and bind mounts).
 AC_CHECK_FUNCS([chroot])
 AC_CHECK_FUNCS([unshare])
-AC_CHECK_HEADERS([sched.h])
-AC_CHECK_HEADERS([sys/param.h])
+AC_CHECK_HEADERS([sched.h], [], [], [])
+AC_CHECK_HEADERS([sys/param.h], [], [], [])
 AC_CHECK_HEADERS([sys/mount.h], [], [],
 [#ifdef HAVE_SYS_PARAM_H
 # include <sys/param.h>
@@ -115,53 +116,17 @@ AC_CHECK_HEADERS([sys/mount.h], [], [],
 ])
 
 
-# Check for vfork.
-#AC_FUNC_FORK()
-
-
-# Check for lutimes, optionally used for changing the mtime of
-# symlinks.
-AC_CHECK_FUNCS([lutimes])
-
-
-# Check whether the store optimiser can optimise symlinks.
-AC_MSG_CHECKING([whether it is possible to create a link to a symlink])
-ln -s bla tmp_link
-if ln tmp_link tmp_link2 2> /dev/null; then
-    AC_MSG_RESULT(yes)
-    AC_DEFINE(CAN_LINK_SYMLINK, 1, [Whether link() works on symlinks.])
-else
-    AC_MSG_RESULT(no)
-fi
-rm -f tmp_link tmp_link2
-
-
 # Check for <locale>.
 AC_LANG_PUSH(C++)
-AC_CHECK_HEADERS([locale])
+AC_CHECK_HEADERS([locale], [], [], [])
 AC_LANG_POP(C++)
 
 
-# Check for <err.h>.
-AC_CHECK_HEADER([err.h], [], [bsddiff_compat_include="-Icompat-include"])
-AC_SUBST([bsddiff_compat_include])
-
-
 # Check whether we have the personality() syscall, which allows us to
 # do i686-linux builds on x86_64-linux machines.
 AC_CHECK_HEADERS([sys/personality.h])
 
 
-# Check for <linux/fs.h> (for immutable file support).
-AC_CHECK_HEADERS([linux/fs.h])
-
-
-# Check for tr1/unordered_set.
-AC_LANG_PUSH(C++)
-AC_CHECK_HEADERS([tr1/unordered_set])
-AC_LANG_POP(C++)
-
-
 AC_DEFUN([NEED_PROG],
 [
 AC_PATH_PROG($1, $2)
@@ -175,19 +140,19 @@ NEED_PROG(bash, bash)
 NEED_PROG(patch, patch)
 AC_PATH_PROG(xmllint, xmllint, false)
 AC_PATH_PROG(xsltproc, xsltproc, false)
+AC_PATH_PROG(jing, jing, false) # needed because xmllint --relaxng seems broken
 AC_PATH_PROG(w3m, w3m, false)
 AC_PATH_PROG(flex, flex, false)
 AC_PATH_PROG(bison, bison, false)
 NEED_PROG(perl, perl)
-NEED_PROG(sed, sed)
 NEED_PROG(tar, tar)
-NEED_PROG(bzip2, bzip2)
-NEED_PROG(xz, xz)
 AC_PATH_PROG(dot, dot)
 AC_PATH_PROG(dblatex, dblatex)
 AC_PATH_PROG(gzip, gzip)
-AC_PATH_PROG(pv, pv, pv)
 
+AC_PATH_PROG(openssl_prog, openssl, openssl) # if not found, call openssl in $PATH
+AC_SUBST(openssl_prog)
+AC_DEFINE_UNQUOTED(OPENSSL_PATH, ["$openssl_prog"], [Path of the OpenSSL binary])
 
 # Test that Perl has the open/fork feature (Perl 5.8.0 and beyond).
 AC_MSG_CHECKING([whether Perl is recent enough])
@@ -197,15 +162,6 @@ if ! $perl -e 'open(FOO, "-|", "true"); while (<FOO>) { print; }; close FOO or d
 fi
 AC_MSG_RESULT(yes)
 
-
-# Figure out where to install Perl modules.
-AC_MSG_CHECKING([for the Perl installation prefix])
-perlversion=$($perl -e 'use Config; print $Config{version};')
-perlarchname=$($perl -e 'use Config; print $Config{archname};')
-AC_SUBST(perllibdir, [$\(libdir\)/perl5/site_perl/$perlversion/$perlarchname])
-AC_MSG_RESULT($perllibdir)
-
-
 NEED_PROG(cat, cat)
 NEED_PROG(tr, tr)
 AC_ARG_WITH(coreutils-bin, AC_HELP_STRING([--with-coreutils-bin=PATH],
@@ -213,7 +169,6 @@ AC_ARG_WITH(coreutils-bin, AC_HELP_STRING([--with-coreutils-bin=PATH],
   coreutils=$withval, coreutils=$(dirname $cat))
 AC_SUBST(coreutils)
 
-
 AC_ARG_WITH(docbook-rng, AC_HELP_STRING([--with-docbook-rng=PATH],
   [path of the DocBook RelaxNG schema]),
   docbookrng=$withval, docbookrng=/docbook-rng-missing)
@@ -224,97 +179,95 @@ AC_ARG_WITH(docbook-xsl, AC_HELP_STRING([--with-docbook-xsl=PATH],
   docbookxsl=$withval, docbookxsl=/docbook-xsl-missing)
 AC_SUBST(docbookxsl)
 
-
 AC_ARG_WITH(xml-flags, AC_HELP_STRING([--with-xml-flags=FLAGS],
   [extra flags to be passed to xmllint and xsltproc]),
   xmlflags=$withval, xmlflags=)
 AC_SUBST(xmlflags)
 
-
 AC_ARG_WITH(store-dir, AC_HELP_STRING([--with-store-dir=PATH],
-  [path of the Nix store (defaults to /nix/store)]),
+  [path of the Nix store]),
   storedir=$withval, storedir='/nix/store')
 AC_SUBST(storedir)
 
+AC_ARG_ENABLE(old-db-compat, AC_HELP_STRING([--disable-old-db-compat],
+  [disable support for converting from old Berkeley DB-based Nix stores]),
+  old_db_compat=$enableval, old_db_compat=yes)
+AM_CONDITIONAL(OLD_DB_COMPAT, test "$old_db_compat" = "yes")
 
-# Look for OpenSSL, an optional dependency.
-AC_PATH_PROG(openssl_prog, openssl, openssl) # if not found, call openssl in $PATH
-AC_SUBST(openssl_prog)
-AC_DEFINE_UNQUOTED(OPENSSL_PATH, ["$openssl_prog"], [Path of the OpenSSL binary])
+AC_ARG_WITH(bdb, AC_HELP_STRING([--with-bdb=PATH],
+  [prefix of Berkeley DB (for Nix <= 0.11 compatibility)]),
+  bdb=$withval, bdb=)
+AM_CONDITIONAL(HAVE_BDB, test -n "$bdb")
+if test -z "$bdb"; then
+  bdb_lib='-L${top_builddir}/externals/inst-bdb/lib -ldb_cxx'
+  bdb_include='-I${top_builddir}/externals/inst-bdb/include'
+else
+  bdb_lib="-L$bdb/lib -ldb_cxx"
+  bdb_include="-I$bdb/include"
+fi
+if test "$old_db_compat" = "no"; then
+  bdb_lib=
+  bdb_include=
+else
+  AC_DEFINE(OLD_DB_COMPAT, 1, [Whether to support converting from old Berkeley DB-based Nix stores.])
+fi
+AC_SUBST(bdb_lib)
+AC_SUBST(bdb_include)
 
-PKG_CHECK_MODULES([OPENSSL], [libcrypto],
-  [AC_DEFINE([HAVE_OPENSSL], [1], [Whether to use OpenSSL.])
-   CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"
-   have_openssl=1], [true])
-AM_CONDITIONAL(HAVE_OPENSSL, test "$have_openssl" = 1)
+AC_ARG_WITH(aterm, AC_HELP_STRING([--with-aterm=PATH],
+  [prefix of CWI ATerm library]),
+  aterm=$withval, aterm=)
+AM_CONDITIONAL(HAVE_ATERM, test -n "$aterm")
+if test -z "$aterm"; then
+  aterm_lib='-L${top_builddir}/externals/inst-aterm/lib -lATerm'
+  aterm_include='-I${top_builddir}/externals/inst-aterm/include'
+  aterm_bin='${top_builddir}/externals/inst-aterm/bin'
+else
+  aterm_lib="-L$aterm/lib -lATerm"
+  aterm_include="-I$aterm/include"
+  aterm_bin="$aterm/bin"
+fi
+AC_SUBST(aterm_lib)
+AC_SUBST(aterm_include)
+AC_SUBST(aterm_bin)
 
-
-# Look for libbz2, a required dependency.
-AC_CHECK_LIB([bz2], [BZ2_bzWriteOpen], [true],
-  [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See http://www.bzip.org/.])])
-AC_CHECK_HEADERS([bzlib.h], [true],
-  [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See http://www.bzip.org/.])])
-
-
-# Look for SQLite, a required dependency.
-PKG_CHECK_MODULES([SQLITE3], [sqlite3 >= 3.6.19], [CXXFLAGS="$SQLITE3_CFLAGS $CXXFLAGS"])
-
-
-# Whether to use the Boehm garbage collector.
-AC_ARG_ENABLE(gc, AC_HELP_STRING([--enable-gc],
-  [enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=no]]),
-  gc=$enableval, gc=no)
-if test "$gc" = yes; then
-  PKG_CHECK_MODULES([BDW_GC], [bdw-gc])
-  CXXFLAGS="$BDW_GC_CFLAGS $CXXFLAGS"
-  AC_DEFINE(HAVE_BOEHMGC, 1, [Whether to use the Boehm garbage collector.])
+AC_ARG_WITH(openssl, AC_HELP_STRING([--with-openssl=PATH],
+  [prefix of the OpenSSL library]),
+  openssl=$withval, openssl=)
+AM_CONDITIONAL(HAVE_OPENSSL, test -n "$openssl")
+if test -n "$openssl"; then
+  LDFLAGS="-L$openssl/lib -lcrypto $LDFLAGS"
+  CFLAGS="-I$openssl/include $CFLAGS"
+  CXXFLAGS="-I$openssl/include $CXXFLAGS"
+  AC_DEFINE(HAVE_OPENSSL, 1, [Whether to use OpenSSL.])
 fi
 
-
-# Check for the required Perl dependencies (DBI, DBD::SQLite and WWW::Curl).
-perlFlags="-I$perllibdir"
-
-AC_ARG_WITH(dbi, AC_HELP_STRING([--with-dbi=PATH],
-  [prefix of the Perl DBI library]),
-  perlFlags="$perlFlags -I$withval")
-
-AC_ARG_WITH(dbd-sqlite, AC_HELP_STRING([--with-dbd-sqlite=PATH],
-  [prefix of the Perl DBD::SQLite library]),
-  perlFlags="$perlFlags -I$withval")
-
-AC_ARG_WITH(www-curl, AC_HELP_STRING([--with-www-curl=PATH],
-  [prefix of the Perl WWW::Curl library]),
-  perlFlags="$perlFlags -I$withval")
-
-AC_MSG_CHECKING([whether DBD::SQLite works])
-if ! $perl $perlFlags -e 'use DBI; use DBD::SQLite;' 2>&5; then
-    AC_MSG_RESULT(no)
-    AC_MSG_FAILURE([The Perl modules DBI and/or DBD::SQLite are missing.])
-fi
-AC_MSG_RESULT(yes)
-
-AC_MSG_CHECKING([whether WWW::Curl works])
-if ! $perl $perlFlags -e 'use WWW::Curl;' 2>&5; then
-    AC_MSG_RESULT(no)
-    AC_MSG_FAILURE([The Perl module WWW::Curl is missing.])
-fi
-AC_MSG_RESULT(yes)
-
-AC_SUBST(perlFlags)
+AC_ARG_WITH(bzip2, AC_HELP_STRING([--with-bzip2=PATH],
+  [prefix of bzip2]),
+  bzip2=$withval, bzip2=)
+AM_CONDITIONAL(HAVE_BZIP2, test -n "$bzip2")
+if test -z "$bzip2"; then
+  # Headers and libraries will be used from the temporary installation
+  # in externals/inst-bzip2.
+  bzip2_lib='-L${top_builddir}/externals/inst-bzip2/lib -lbz2'
+  bzip2_include='-I${top_builddir}/externals/inst-bzip2/include'
+  # The binary will be copied to $libexecdir.
+  bzip2_bin='${libexecdir}/nix'
+  # But for testing, we have to use the temporary copy :-(
+  bzip2_bin_test='${top_builddir}/externals/inst-bzip2/bin'
+else
+  bzip2_lib="-L$bzip2/lib -lbz2"
+  bzip2_include="-I$bzip2/include"
+  bzip2_bin="$bzip2/bin"
+  bzip2_bin_test="$bzip2/bin"
+fi   
+AC_SUBST(bzip2_lib)
+AC_SUBST(bzip2_include)
+AC_SUBST(bzip2_bin)
+AC_SUBST(bzip2_bin_test)
 
 
-# Whether to build the Perl bindings
-AC_MSG_CHECKING([whether to build the Perl bindings])
-AC_ARG_ENABLE(perl-bindings, AC_HELP_STRING([--enable-perl-bindings],
-  [whether to build the Perl bindings (recommended) [default=yes]]),
-  perlbindings=$enableval, perlbindings=yes)
-if test "$enable_shared" = no; then
-   # Perl bindings require shared libraries.
-   perlbindings=no
-fi
-AM_CONDITIONAL(PERL_BINDINGS, test "$perlbindings" = "yes")
-AC_SUBST(perlbindings)
-AC_MSG_RESULT($perlbindings)
+AC_CHECK_LIB(pthread, pthread_mutex_init)
 
 
 AC_ARG_ENABLE(init-state, AC_HELP_STRING([--disable-init-state],
@@ -328,36 +281,30 @@ AC_CHECK_FUNCS([setresuid setreuid lchown])
 
 
 # Nice to have, but not essential.
-AC_CHECK_FUNCS([strsignal posix_fallocate nanosleep sysconf])
+AC_CHECK_FUNCS([strsignal])
+AC_CHECK_FUNCS([posix_fallocate])
 
 
-# This is needed if bzip2 is a static library, and the Nix libraries
-# are dynamic.
+# This is needed if ATerm, Berkeley DB or bzip2 are static libraries,
+# and the Nix libraries are dynamic.
 if test "$(uname)" = "Darwin"; then
     LDFLAGS="-all_load $LDFLAGS"
 fi
 
 
-# Figure out the extension of dynamic libraries.
-eval dynlib_suffix=$shrext_cmds
-AC_SUBST(dynlib_suffix)
-
-
-# Do we have GNU tar?
-AC_MSG_CHECKING([if you have a recent GNU tar])
-if $tar --version 2> /dev/null | grep -q GNU && tar cvf /dev/null --warning=no-timestamp ./config.log > /dev/null; then
-    AC_MSG_RESULT(yes)
-    tarFlags="--warning=no-timestamp"
-else
-    AC_MSG_RESULT(no)
+if test "$static_nix" = yes; then
+    # `-all-static' has to be added at the end of configure, because
+    # the C compiler doesn't know about -all-static (it's filtered out
+    # by libtool, but configure doesn't use libtool).
+    LDFLAGS="-all-static $LDFLAGS"
 fi
-AC_SUBST(tarFlags)
-
 
 
 AM_CONFIG_HEADER([config.h])
 AC_CONFIG_FILES([Makefile
+   externals/Makefile
    src/Makefile
+   src/bin2c/Makefile
    src/boost/Makefile
    src/boost/format/Makefile
    src/libutil/Makefile
@@ -368,13 +315,15 @@ AC_CONFIG_FILES([Makefile
    src/libexpr/Makefile
    src/nix-instantiate/Makefile
    src/nix-env/Makefile
-   src/nix-daemon/Makefile
+   src/nix-worker/Makefile
    src/nix-setuid-helper/Makefile
    src/nix-log2xml/Makefile
    src/bsdiff-4.3/Makefile
-   perl/Makefile
    scripts/Makefile
    corepkgs/Makefile
+   corepkgs/nar/Makefile
+   corepkgs/buildenv/Makefile
+   corepkgs/channels/Makefile
    doc/Makefile
    doc/manual/Makefile
    misc/Makefile

corepkgs/Makefile.am

@@ -1,12 +1 @@
-all-local: config.nix
-
-files = nar.nix buildenv.nix buildenv.pl unpack-channel.nix derivation.nix fetchurl.nix \
-	imported-drv-to-derivation.nix
-
-install-exec-local:
-	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs
-	$(INSTALL_DATA) config.nix $(files) $(DESTDIR)$(datadir)/nix/corepkgs
-
-include ../substitute.mk
-
-EXTRA_DIST = config.nix.in $(files)
+SUBDIRS = nar buildenv channels

corepkgs/buildenv.nix

@@ -1,28 +0,0 @@
-with import <nix/config.nix>;
-
-{ derivations, manifest }:
-
-derivation {
-  name = "user-environment";
-  system = builtins.currentSystem;
-  builder = perl;
-  args = [ "-w" ./buildenv.pl ];
-
-  manifest = manifest;
-
-  # !!! grmbl, need structured data for passing this in a clean way.
-  derivations =
-    map (d:
-      [ (d.meta.active or "true")
-        (d.meta.priority or 5)
-        (builtins.length d.outputs)
-      ] ++ map (output: builtins.getAttr output d) d.outputs)
-      derivations;
-
-  # Building user environments remotely just causes huge amounts of
-  # network traffic, so don't do that.
-  preferLocalBuild = true;
-
-  # Don't build in a chroot because Nix's dependencies may not be there.
-  __noChroot = true;
-}

corepkgs/buildenv/Makefile.am

@@ -0,0 +1,11 @@
+all-local: builder.pl
+
+install-exec-local:
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs/buildenv
+	$(INSTALL_DATA) $(srcdir)/default.nix $(DESTDIR)$(datadir)/nix/corepkgs/buildenv
+	$(INSTALL_PROGRAM) builder.pl $(DESTDIR)$(datadir)/nix/corepkgs/buildenv
+
+include ../../substitute.mk
+
+EXTRA_DIST = default.nix builder.pl.in

corepkgs/buildenv/builder.pl.in

@@ -1,3 +1,5 @@
+#! @perl@ -w
+
 use strict;
 use Cwd;
 use IO::Handle;
@@ -27,28 +29,20 @@ sub createLinks {
         $baseName =~ s/^.*\///g; # strip directory
         my $dstFile = "$dstDir/$baseName";
 
-        # The files below are special-cased so that they don't show up
-        # in user profiles, either because they are useless, or
-        # because they would cause pointless collisions (e.g., each
-        # Python package brings its own
-        # `$out/lib/pythonX.Y/site-packages/easy-install.pth'.)
         # Urgh, hacky...
-        if ($srcFile =~ /\/propagated-build-inputs$/ ||
+	if ($srcFile =~ /\/propagated-build-inputs$/ ||
             $srcFile =~ /\/nix-support$/ ||
             $srcFile =~ /\/perllocal.pod$/ ||
-            $srcFile =~ /\/easy-install.pth$/ ||
-            $srcFile =~ /\/site.py$/ ||
-            $srcFile =~ /\/site.pyc$/ ||
             $srcFile =~ /\/info\/dir$/ ||
             $srcFile =~ /\/log$/)
         {
             # Do nothing.
-        }
+	}
 
         elsif (-d $srcFile) {
 
             lstat $dstFile;
-
+            
             if (-d _) {
                 createLinks($srcFile, $dstFile, $priority);
             }
@@ -59,7 +53,7 @@ sub createLinks {
                     die "collission between directory `$srcFile' and non-directory `$target'";
                 }
                 unlink $dstFile or die "error unlinking `$dstFile': $!";
-                mkdir $dstFile, 0755 ||
+                mkdir $dstFile, 0755 || 
                     die "error creating directory `$dstFile': $!";
                 createLinks($target, $dstFile, $priorities{$dstFile});
                 createLinks($srcFile, $dstFile, $priority);
@@ -78,15 +72,15 @@ sub createLinks {
             if (-l $dstFile) {
                 my $target = readlink $dstFile;
                 my $prevPriority = $priorities{$dstFile};
-                die ( "collission between `$srcFile' and `$target'; "
-                    . "use `nix-env --set-flag "
+                die ( "Collission between `$srcFile' and `$target'. "
+                    . "Suggested solution: use `nix-env --set-flag "
                     . "priority NUMBER PKGNAME' to change the priority of "
-                    . "one of the conflicting packages\n" )
+                    . "one of the conflicting packages.\n" )
                     if $prevPriority == $priority;
                 next if $prevPriority < $priority;
                 unlink $dstFile or die;
             }
-
+            
             symlink($srcFile, $dstFile) ||
                 die "error creating link `$dstFile': $!";
             $priorities{$dstFile} = $priority;
@@ -125,29 +119,27 @@ sub addPkg {
 
 # Convert the stuff we get from the environment back into a coherent
 # data type.
-my @pkgs;
-my @derivations = split ' ', $ENV{"derivations"};
-while (scalar @derivations) {
-    my $active = shift @derivations;
-    my $priority = shift @derivations;
-    my $outputs = shift @derivations;
-    for (my $n = 0; $n < $outputs; $n++) {
-        my $path = shift @derivations;
-        push @pkgs,
-            { path => $path
-            , active => $active ne "false"
-            , priority => int($priority) };
-    }
+my @paths = split ' ', $ENV{"paths"};
+my @active = split ' ', $ENV{"active"};
+my @priority = split ' ', $ENV{"priority"};
+
+die if scalar @paths != scalar @active;
+die if scalar @paths != scalar @priority;
+
+my %pkgs;
+
+for (my $n = 0; $n < scalar @paths; $n++) {
+    $pkgs{$paths[$n]} =
+        { active => $active[$n]
+        , priority => $priority[$n] };
 }
 
 
 # Symlink to the packages that have been installed explicitly by the
-# user.  Process in priority order to reduce unnecessary
-# symlink/unlink steps.
-@pkgs = sort { $a->{priority} <=> $b->{priority} || $a->{path} cmp $b->{path} } @pkgs;
-foreach my $pkg (@pkgs) {
+# user.
+foreach my $pkg (sort (keys %pkgs)) {
     #print $pkg, " ", $pkgs{$pkg}->{priority}, "\n";
-    addPkg($pkg->{path}, $pkg->{priority}) if $pkg->{active};
+    addPkg($pkg, $pkgs{$pkg}->{priority}) if $pkgs{$pkg}->{active} ne "false";
 }
 
 
@@ -168,4 +160,4 @@ while (scalar(keys %postponed) > 0) {
 print STDERR "created $symlinks symlinks in user environment\n";
 
 
-symlink($ENV{"manifest"}, "$out/manifest.nix") or die "cannot create manifest";
+symlink($ENV{"manifest"}, "$out/manifest") or die "cannot create manifest";

corepkgs/buildenv/default.nix

@@ -0,0 +1,14 @@
+{system, derivations, manifest}:
+
+derivation { 
+  name = "user-environment";
+  system = system;
+  builder = ./builder.pl;
+  
+  manifest = manifest;
+
+  # !!! grmbl, need structured data for passing this in a clean way.
+  paths = derivations;
+  active = map (x: if x ? meta && x.meta ? active then x.meta.active else "true") derivations;
+  priority = map (x: if x ? meta && x.meta ? priority then x.meta.priority else "5") derivations;
+}

corepkgs/channels/Makefile.am

@@ -0,0 +1,11 @@
+all-local: unpack.sh
+
+install-exec-local:
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs/channels
+	$(INSTALL_DATA) $(srcdir)/unpack.nix $(DESTDIR)$(datadir)/nix/corepkgs/channels
+	$(INSTALL_PROGRAM) unpack.sh $(DESTDIR)$(datadir)/nix/corepkgs/channels
+
+include ../../substitute.mk
+
+EXTRA_DIST = unpack.nix unpack.sh.in

corepkgs/channels/unpack.nix

@@ -0,0 +1,7 @@
+{system, inputs}:
+
+derivation {
+  name = "channels";
+  builder = ./unpack.sh;
+  inherit system inputs;
+}

corepkgs/channels/unpack.sh.in

@@ -0,0 +1,32 @@
+#! @shell@ -e
+
+@coreutils@/mkdir $out
+@coreutils@/mkdir $out/tmp
+cd $out/tmp
+
+inputs=($inputs)
+for ((n = 0; n < ${#inputs[*]}; n += 2)); do
+    channelName=${inputs[n]}
+    channelTarball=${inputs[n+1]}
+    
+    echo "unpacking channel $channelName"
+    
+    @bunzip2@ < $channelTarball | @tar@ xf -
+
+    if test -e */channel-name; then
+        channelName="$(@coreutils@/cat */channel-name)"
+    fi
+
+    nr=1
+    attrName=$(echo $channelName | @tr@ -- '- ' '__')
+    dirName=$attrName
+    while test -e ../$dirName; do
+        nr=$((nr+1))
+        dirName=$attrName-$nr
+    done
+
+    @coreutils@/mv * ../$dirName # !!! hacky
+done
+
+cd ..
+@coreutils@/rmdir tmp

corepkgs/config.nix.in

@@ -1,16 +0,0 @@
-let
-  fromEnv = var: def:
-    let val = builtins.getEnv var; in
-    if val != "" then val else def;
-in {
-  perl = "@perl@";
-  shell = "@shell@";
-  coreutils = "@coreutils@";
-  bzip2 = "@bzip2@";
-  xz = "@xz@";
-  tar = "@tar@";
-  tarFlags = "@tarFlags@";
-  tr = "@tr@";
-  curl = "@curl@";
-  nixBinDir = fromEnv "NIX_BIN_DIR" "@bindir@";
-}

corepkgs/derivation.nix

@@ -1,27 +0,0 @@
-/* This is the implementation of the ‘derivation’ builtin function.
-   It's actually a wrapper around the ‘derivationStrict’ primop. */
-
-drvAttrs @ { outputs ? [ "out" ], ... }:
-
-let
-
-  strict = derivationStrict drvAttrs;
-
-  commonAttrs = drvAttrs // (builtins.listToAttrs outputsList) //
-    { all = map (x: x.value) outputsList;
-      inherit drvAttrs;
-    };
-
-  outputToAttrListElement = outputName:
-    { name = outputName;
-      value = commonAttrs // {
-        outPath = builtins.getAttr outputName strict;
-        drvPath = strict.drvPath;
-        type = "derivation";
-        inherit outputName;
-      };
-    };
-
-  outputsList = map outputToAttrListElement outputs;
-
-in (builtins.head outputsList).value

corepkgs/fetchurl.nix

@@ -1,36 +0,0 @@
-with import <nix/config.nix>;
-
-{system ? builtins.currentSystem, url, outputHash ? "", outputHashAlgo ? "", md5 ? "", sha1 ? "", sha256 ? ""}:
-
-assert (outputHash != "" && outputHashAlgo != "")
-    || md5 != "" || sha1 != "" || sha256 != "";
-
-let
-
-  builder = builtins.toFile "fetchurl.sh"
-    ''
-      echo "downloading $url into $out"
-      ${curl} --fail --location --max-redirs 20 --insecure "$url" > "$out"
-    '';
-
-in
-    
-derivation {
-  name = baseNameOf (toString url);
-  builder = shell;
-  args = [ "-e" builder ];
-
-  # New-style output content requirements.
-  outputHashAlgo = if outputHashAlgo != "" then outputHashAlgo else
-      if sha256 != "" then "sha256" else if sha1 != "" then "sha1" else "md5";
-  outputHash = if outputHash != "" then outputHash else
-      if sha256 != "" then sha256 else if sha1 != "" then sha1 else md5;
-  
-  inherit system url;
-
-  # No need to double the amount of network traffic
-  preferLocalBuild = true;
-
-  # Don't build in a chroot because Nix's dependencies may not be there.
-  __noChroot = true;
-}

corepkgs/imported-drv-to-derivation.nix

@@ -1,21 +0,0 @@
-attrs @ { drvPath, outputs, ... }:
-
-let
-
-  commonAttrs = (builtins.listToAttrs outputsList) //
-    { all = map (x: x.value) outputsList;
-      inherit drvPath;
-      type = "derivation";
-    };
-
-  outputToAttrListElement = outputName:
-    { name = outputName;
-      value = commonAttrs // {
-        outPath = builtins.getAttr outputName attrs;
-        inherit outputName;
-      };
-    };
-    
-  outputsList = map outputToAttrListElement outputs;
-    
-in (builtins.head outputsList).value

corepkgs/nar.nix

@@ -1,43 +0,0 @@
-with import <nix/config.nix>;
-
-let
-
-  builder = builtins.toFile "nar.sh"
-    ''
-      export PATH=${nixBinDir}:${coreutils}
-
-      if [ $compressionType = "xz" ]; then
-        ext=xz
-        compressor="${xz} -9"
-      else
-        ext=bz2
-        compressor="${bzip2}"
-      fi
-
-      echo "packing ‘$storePath’..."
-      mkdir $out
-      dst=$out/tmp.nar.$ext
-
-      set -o pipefail
-      nix-store --dump "$storePath" | $compressor > $dst
-
-      hash=$(nix-hash --flat --type $hashAlgo --base32 $dst)
-      echo -n $hash > $out/nar-compressed-hash
-
-      mv $dst $out/$hash.nar.$ext
-    '';
-
-in
-
-{ storePath, hashAlgo, compressionType }:
-
-derivation {
-  name = "nar";
-  system = builtins.currentSystem;
-  builder = shell;
-  args = [ "-e" builder ];
-  inherit storePath hashAlgo compressionType;
-
-  # Don't build in a chroot because Nix's dependencies may not be there.
-  __noChroot = true;
-}

corepkgs/nar/Makefile.am

@@ -0,0 +1,11 @@
+all-local: nar.sh
+
+install-exec-local:
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs
+	$(INSTALL) -d $(DESTDIR)$(datadir)/nix/corepkgs/nar
+	$(INSTALL_DATA) $(srcdir)/nar.nix $(DESTDIR)$(datadir)/nix/corepkgs/nar
+	$(INSTALL_PROGRAM) nar.sh $(DESTDIR)$(datadir)/nix/corepkgs/nar
+
+include ../../substitute.mk
+
+EXTRA_DIST = nar.nix nar.sh.in

corepkgs/nar/nar.nix

@@ -0,0 +1,7 @@
+{system, storePath, hashAlgo}: 
+
+derivation {
+  name = "nar";
+  builder = ./nar.sh;
+  inherit system storePath hashAlgo;
+}

corepkgs/nar/nar.sh.in

@@ -0,0 +1,14 @@
+#! @shell@ -e
+
+echo "packing $storePath into $out..."
+@coreutils@/mkdir $out
+dst=$out/tmp.nar.bz2
+@bindir@/nix-store --dump "$storePath" > tmp
+
+@bzip2@ < tmp > $dst
+
+@bindir@/nix-hash -vvvvv --flat --type $hashAlgo --base32 tmp > $out/nar-hash
+
+@bindir@/nix-hash --flat --type $hashAlgo --base32 $dst > $out/narbz2-hash
+
+@coreutils@/mv $out/tmp.nar.bz2 $out/$(@coreutils@/cat $out/narbz2-hash).nar.bz2

corepkgs/unpack-channel.nix

@@ -1,39 +0,0 @@
-with import <nix/config.nix>;
-
-let
-
-  builder = builtins.toFile "unpack-channel.sh"
-    ''
-      mkdir $out
-      cd $out
-      pat="\.xz\$"
-      if [[ "$src" =~ $pat ]]; then
-        ${xz} -d < $src | ${tar} xf - ${tarFlags}
-      else
-        ${bzip2} -d < $src | ${tar} xf - ${tarFlags}
-      fi
-      mv * $out/$channelName
-      if [ -n "$binaryCacheURL" ]; then
-        mkdir $out/binary-caches
-        echo -n "$binaryCacheURL" > $out/binary-caches/$channelName
-      fi
-    '';
-
-in
-
-{ name, channelName, src, binaryCacheURL ? "" }:
-
-derivation {
-  system = builtins.currentSystem;
-  builder = shell;
-  args = [ "-e" builder ];
-  inherit name channelName src binaryCacheURL;
-
-  PATH = "${nixBinDir}:${coreutils}";
-
-  # No point in doing this remotely.
-  preferLocalBuild = true;
-
-  # Don't build in a chroot because Nix's dependencies may not be there.
-  __noChroot = true;
-}

doc/manual/Makefile.am

@@ -1,17 +1,12 @@
-XMLLINT = $(xmllint) --nonet $(xmlflags)
-XSLTPROC = $(xsltproc) --nonet $(xmlflags) \
+XMLLINT = $(xmllint) $(xmlflags)
+XSLTPROC = $(xsltproc) $(xmlflags) \
  --param section.autolabel 1 \
  --param section.label.includes.component.label 1 \
  --param html.stylesheet \'style.css\' \
  --param xref.with.number.and.title 1 \
  --param toc.section.depth 3 \
  --param admon.style \'\' \
- --param callout.graphics.extension \'.gif\' \
- --param contrib.inline.enabled 0
-
-dblatex_opts = \
- -P doc.collab.show=0 \
- -P latex.output.revhistory=0
+ --param callout.graphics.extension \'.gif\'
 
 # Note: we use GIF for now, since the PNGs shipped with Docbook aren't
 # transparent.
@@ -21,9 +16,7 @@ man1_MANS = nix-env.1 nix-build.1 nix-store.1 nix-instantiate.1 \
  nix-prefetch-url.1 nix-channel.1 \
  nix-install-package.1 nix-hash.1 nix-copy-closure.1
 
-man5_MANS = nix.conf.5
-
-man8_MANS = nix-daemon.8
+man8_MANS = nix-worker.8
 
 FIGURES = figures/user-environments.png
 
@@ -31,41 +24,33 @@ MANUAL_SRCS = manual.xml introduction.xml installation.xml \
  package-management.xml writing-nix-expressions.xml builtins.xml \
  build-farm.xml \
  $(man1_MANS:.1=.xml) $(man8_MANS:.8=.xml) \
- troubleshooting.xml bugs.xml opt-common.xml opt-common-syn.xml opt-inst-syn.xml \
+ troubleshooting.xml bugs.xml opt-common.xml opt-common-syn.xml \
  env-common.xml quick-start.xml nix-lang-ref.xml glossary.xml \
  conf-file.xml release-notes.xml \
  style.css images
 
-# Do XInclude processing.
-manual.xmli: $(MANUAL_SRCS) version.txt
-	$(XMLLINT) --xinclude $< -o $@.tmp
-	mv $@.tmp $@
-
-# Note: RelaxNG validation requires xmllint >= 2.7.4.
-manual.is-valid: manual.xmli
-	$(XSLTPROC) --novalid --stringparam profile.condition manual \
-	  $(docbookxsl)/profiling/profile.xsl $< 2> /dev/null | \
-	  $(XMLLINT) --noout --relaxng $(docbookrng)/docbook.rng -
+manual.is-valid: $(MANUAL_SRCS) version.txt
+#	$(XMLLINT) --xinclude $< | $(XMLLINT) --noout --nonet --relaxng $(docbookrng)/docbook.rng -
+	if test "$(jing)" != "false"; then \
+		$(XMLLINT) --xinclude $< | $(jing) $(docbookrng)/docbook.rng /dev/fd/0; \
+	else \
+		echo "Not validating."; \
+	fi
 	touch $@
 
 version.txt:
 	echo -n $(VERSION) > version.txt
 
-man $(MANS): manual.is-valid
-	$(XSLTPROC) --stringparam profile.condition manpage \
-	  $(docbookxsl)/profiling/profile.xsl manual.xmli 2> /dev/null | \
-	  $(XSLTPROC) $(docbookxsl)/manpages/docbook.xsl -
+man $(MANS): $(MANUAL_SRCS) manual.is-valid
+	$(XSLTPROC) --nonet --xinclude $(docbookxsl)/manpages/docbook.xsl manual.xml
 
 manual.html: $(MANUAL_SRCS) manual.is-valid images
-	$(XSLTPROC) --xinclude --stringparam profile.condition manual \
-	  $(docbookxsl)/profiling/profile.xsl manual.xml | \
-	  $(XSLTPROC) --output manual.html $(docbookxsl)/html/docbook.xsl -
+	$(XSLTPROC) --nonet --xinclude --output manual.html \
+	  $(docbookxsl)/html/docbook.xsl manual.xml
 
 manual.pdf: $(MANUAL_SRCS) manual.is-valid images
 	if test "$(dblatex)" != ""; then \
-		$(XSLTPROC) --xinclude --stringparam profile.condition manual \
-		  $(docbookxsl)/profiling/profile.xsl manual.xml | \
-		  $(dblatex) -o manual.pdf $(dblatex_opts) -; \
+		$(dblatex) manual.xml; \
 	else \
 		echo "Please install dblatex and rerun configure."; \
 		exit 1; \
@@ -78,12 +63,12 @@ NEWS_OPTS = \
  --stringparam header.rule 0
 
 NEWS.html: release-notes.xml
-	$(XSLTPROC) --xinclude --output $@ $(NEWS_OPTS) \
+	$(XSLTPROC) --nonet --xinclude --output $@ $(NEWS_OPTS) \
 	  $(docbookxsl)/html/docbook.xsl release-notes.xml
 
 NEWS.txt: release-notes.xml
-	$(XSLTPROC) --xinclude quote-literals.xsl release-notes.xml | \
-	  $(XSLTPROC) --output $@.tmp.html $(NEWS_OPTS) \
+	$(XSLTPROC) --nonet --xinclude quote-literals.xsl release-notes.xml | \
+	  $(XSLTPROC) --nonet --output $@.tmp.html $(NEWS_OPTS) \
 	  $(docbookxsl)/html/docbook.xsl -
 	LANG=en_US $(w3m) -dump $@.tmp.html > $@
 	rm $@.tmp.html
@@ -110,7 +95,7 @@ images:
 	cp $(docbookxsl)/images/callouts/*.gif images/callouts
 	chmod -R +w images
 
-KEEP = manual.html manual.xmli manual.is-valid version.txt $(MANS) NEWS.html NEWS.txt
+KEEP = manual.html manual.is-valid version.txt $(MANS) NEWS.html NEWS.txt
 
 EXTRA_DIST = $(MANUAL_SRCS) $(FIGURES) $(KEEP)
 

doc/manual/build-farm.xml

@@ -1,17 +1,67 @@
 <chapter xmlns="http://docbook.org/ns/docbook"
          xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id='chap-distributed-builds'>
+         xml:id='chap-build-farm'>
 
-<title>Setting Up Distributed Builds</title>
+<title>Setting up a Build Farm</title>
 
-<para>Nix supports distributed builds: a local Nix installation can
-forward Nix builds to other machines over the network.  This allows
-multiple builds to be performed in parallel (thus improving
-performance) and allows Nix to perform multi-platform builds in a
-semi-transparent way.  For instance, if you perform a build for a
-<literal>powerpc-darwin</literal> on an <literal>i686-linux</literal>
-machine, Nix can automatically forward the build to a
-<literal>powerpc-darwin</literal> machine, if available.</para>
+
+<para>This chapter provides some sketchy information on how to set up
+a Nix-based build farm.  Nix is particularly suited as a basis for a
+build farm, since:
+
+<itemizedlist>
+
+  <listitem><para>Nix supports distributed builds: a local Nix
+  installation can forward Nix builds to other machines over the
+  network.  This allows multiple builds to be performed in parallel
+  (thus improving performance), but more in importantly, it allows Nix
+  to perform multi-platform builds in a semi-transparent way.  For
+  instance, if you perform a build for a
+  <literal>powerpc-darwin</literal> on an
+  <literal>i686-linux</literal> machine, Nix can automatically forward
+  the build to a <literal>powerpc-darwin</literal> machine, if
+  available.</para></listitem>
+
+  <listitem><para>The Nix expression language is ideal for describing
+  build jobs, plus all their dependencies.  For instance, if your
+  package has some dependency, you don't have to manually install it
+  on all the machines in the build farm; they will be built
+  automatically.</para></listitem>
+
+  <listitem><para>Proper release management requires that builds (if
+  deployed) are traceable: it should be possible to figure out from
+  exactly what sources they were built, in what configuration, etc.;
+  and it should be possible to reproduce the build, if necessary.  Nix
+  makes this possible since Nix's hashing scheme uniquely identifies
+  builds, and Nix expressions are self-contained.</para></listitem>
+
+  <listitem><para>Nix will only rebuild things that have actually
+  changed.  For instance, if the sources of a package haven't changed
+  between runs of the build farm, the package won't be rebuilt (unless
+  it was garbage-collected).  Also, dependencies typically don't
+  change very often, so they only need to be built
+  once.</para></listitem>
+
+  <listitem><para>The results of a Nix build farm can be made
+  available through a channel, so successful builds can be deployed to
+  users immediately.</para></listitem>
+
+</itemizedlist>
+
+</para>
+
+
+<section><title>Overview</title>
+
+<para>TODO</para>
+
+<para>The sources of the Nix build farm are at <link
+xlink:href='https://svn.nixos.org/repos/nix/release/trunk'/>.</para>
+
+</section>
+
+
+<section xml:id='sec-distributed-builds'><title>Setting up distributed builds</title>
 
 <para>You can enable distributed builds by setting the environment
 variable <envar>NIX_BUILD_HOOK</envar> to point to a program that Nix
@@ -29,23 +79,22 @@ variable</link>.</para>
 <filename>remote-systems.conf</filename></title>
 <programlisting>
 nix@mcflurry.labs.cs.uu.nl  powerpc-darwin  /home/nix/.ssh/id_quarterpounder_auto  2
-nix@scratchy.labs.cs.uu.nl  i686-linux      /home/nix/.ssh/id_scratchy_auto        8 1 kvm
-nix@itchy.labs.cs.uu.nl     i686-linux      /home/nix/.ssh/id_scratchy_auto        8 2
-nix@poochie.labs.cs.uu.nl   i686-linux      /home/nix/.ssh/id_scratchy_auto        8 2 kvm perf
+nix@scratchy.labs.cs.uu.nl  i686-linux      /home/nix/.ssh/id_scratchy_auto        1
 </programlisting>
 </example>
 
-<para>Nix ships with a build hook that should be suitable for most
-purposes.  It uses <command>ssh</command> and
-<command>nix-copy-closure</command> to copy the build inputs and
-outputs and perform the remote build.  To use it, you should set
-<envar>NIX_BUILD_HOOK</envar> to
-<filename><replaceable>prefix</replaceable>/libexec/nix/build-remote.pl</filename>.
-You should also define a list of available build machines and point
-the environment variable <envar>NIX_REMOTE_SYSTEMS</envar> to it.  An
-example configuration is shown in <xref linkend='ex-remote-systems'
-/>.  Each line in the file specifies a machine, with the following
-bits of information:
+<para>An example build hook can be found in the Nix build farm
+sources: <link
+xlink:href='https://svn.nixos.org/repos/nix/release/trunk/common/distributed/build-remote.pl'
+/>.  It should be suitable for most purposes, with maybe some minor
+adjustments.  It uses <command>ssh</command> and
+<command>rsync</command> to copy the build inputs and outputs and
+perform the remote build.  You should define a list of available build
+machines and set the environment variable
+<envar>REMOTE_SYSTEMS</envar> to point to it.  An example
+configuration is shown in <xref linkend='ex-remote-systems' />.  Each
+line in the file specifies a machine, with the following bits of
+information:
 
 <orderedlist>
   
@@ -55,59 +104,34 @@ bits of information:
   be an alias defined in your
   <filename>~/.ssh/config</filename>.</para></listitem>
 
-  <listitem><para>A comma-separated list of Nix platform type
-  identifiers, such as <literal>powerpc-darwin</literal>.  It is
-  possible for a machine to support multiple platform types, e.g.,
-  <literal>i686-linux,x86_64-linux</literal>.</para></listitem>
+  <listitem><para>The Nix platform type identifier, such as
+  <literal>powerpc-darwin</literal>.</para></listitem>
 
   <listitem><para>The SSH private key to be used to log in to the
   remote machine.  Since builds should be non-interactive, this key
   should not have a passphrase!</para></listitem>
 
-  <listitem><para>The maximum number of builds that
+  <listitem><para>The maximum <quote>load</quote> of the remote
+  machine.  This is just the maximum number of jobs that
   <filename>build-remote.pl</filename> will execute in parallel on the
-  machine.  Typically this should be equal to the number of CPU cores.
-  For instance, the machine <literal>itchy</literal> in the example
-  will execute up to 8 builds in parallel.</para></listitem>
-
-  <listitem><para>The “speed factor”, indicating the relative speed of
-  the machine.  If there are multiple machines of the right type, Nix
-  will prefer the fastest, taking load into account.</para></listitem>
-
-  <listitem><para>A comma-separated list of <emphasis>supported
-  features</emphasis>.  If a derivation has the
-  <varname>requiredSystemFeatures</varname> attribute, then
-  <filename>build-remote.pl</filename> will only perform the
-  derivation on a machine that has the specified features.  For
-  instance, the attribute
-  
-<programlisting>
-requiredSystemFeatures = [ "kvm" ];  
-</programlisting>
-
-  will cause the build to be performed on a machine that has the
-  <literal>kvm</literal> feature (i.e., <literal>scratchy</literal> in
-  the example above).</para></listitem>
-
-  <listitem><para>A comma-separated list of <emphasis>mandatory
-  features</emphasis>.  A machine will only be used to build a
-  derivation if all of the machine’s mandatory features appear in the
-  derivation’s <varname>requiredSystemFeatures</varname> attribute.
-  Thus, in the example, the machine <literal>poochie</literal> will
-  only do derivations that have
-  <varname>requiredSystemFeatures</varname> set to <literal>["kvm"
-  "perf"]</literal> or <literal>["perf"]</literal>.</para></listitem>
+  machine.  Typically this should be equal to the number of
+  CPUs.</para></listitem>
 
 </orderedlist>
 
 You should also set up the environment variable
-<envar>NIX_CURRENT_LOAD</envar> to point at a directory (e.g.,
-<filename>/var/run/nix/current-load</filename>) that
-<filename>build-remote.pl</filename> uses to remember how many builds
-it is currently executing remotely.  It doesn't look at the actual
-load on the remote machine, so if you have multiple instances of Nix
-running, they should use the same <envar>NIX_CURRENT_LOAD</envar>
-file.  Maybe in the future <filename>build-remote.pl</filename> will
-look at the actual remote load.</para>
+<envar>CURRENT_LOAD</envar> to point at a file that
+<filename>build-remote.pl</filename> uses to remember how many jobs it
+is currently executing remotely.  It doesn't look at the actual load
+on the remote machine, so if you have multiple instances of Nix
+running, they should use the same <envar>CURRENT_LOAD</envar>
+file<footnote><para>Although there are probably some race conditions
+in the script right now.</para></footnote>.  Maybe in the future
+<filename>build-remote.pl</filename> will look at the actual remote
+load.  The load file should exist, so you should just create it as an
+empty file initially.</para>
   
+</section>
+
+
 </chapter>

doc/manual/builtins.xml

@@ -19,7 +19,7 @@ is also available as <function>builtins.derivation</function>.</para>
 
 <variablelist>
 
-
+  
   <varlistentry><term><function>abort</function> <replaceable>s</replaceable></term>
 
     <listitem><para>Abort Nix expression evaluation, print error
@@ -27,7 +27,7 @@ is also available as <function>builtins.derivation</function>.</para>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.add</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -37,16 +37,16 @@ is also available as <function>builtins.derivation</function>.</para>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.attrNames</function>
   <replaceable>attrs</replaceable></term>
 
     <listitem><para>Return the names of the attributes in the
     attribute set <replaceable>attrs</replaceable> in a sorted list.
-    For instance, <literal>builtins.attrNames { y = 1; x = "foo";
-    }</literal> evaluates to <literal>[ "x" "y" ]</literal>.  There is
-    no built-in function <function>attrValues</function>, but you can
-    easily define it yourself:
+    For instance, <literal>builtins.attrNames {y = 1; x =
+    "foo";}</literal> evaluates to <literal>["x" "y"]</literal>.
+    There is no built-in function <function>attrValues</function>, but
+    you can easily define it yourself:
 
 <programlisting>
 attrValues = attrs: map (name: builtins.getAttr name attrs) (builtins.attrNames attrs);</programlisting>
@@ -55,7 +55,7 @@ attrValues = attrs: map (name: builtins.getAttr name attrs) (builtins.attrNames
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>baseNameOf</function> <replaceable>s</replaceable></term>
 
     <listitem><para>Return the <emphasis>base name</emphasis> of the
@@ -65,7 +65,7 @@ attrValues = attrs: map (name: builtins.getAttr name attrs) (builtins.attrNames
 
   </varlistentry>
 
-
+  
   <varlistentry><term><varname>builtins</varname></term>
 
     <listitem><para>The attribute set <varname>builtins</varname>
@@ -82,7 +82,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.compareVersions</function>
   <replaceable>s1</replaceable> <replaceable>s2</replaceable></term>
 
@@ -99,16 +99,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
 
   </varlistentry>
 
-
-  <varlistentry><term><function>builtins.concatLists</function>
-  <replaceable>lists</replaceable></term>
-
-    <listitem><para>Concatenate a list of lists into a single
-    list.</para></listitem>
-
-  </varlistentry>
-
-
+  
   <varlistentry
   xml:id='builtin-currentSystem'><term><varname>builtins.currentSystem</varname></term>
 
@@ -133,7 +124,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
   </varlistentry>
   -->
 
-
+  
   <!--
   <varlistentry><term><function>dependencyClosure</function></term>
 
@@ -142,7 +133,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
   </varlistentry>
   -->
 
-
+  
   <varlistentry><term><function>derivation</function>
   <replaceable>attrs</replaceable></term>
 
@@ -161,7 +152,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.div</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -171,40 +162,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
 
   </varlistentry>
 
-
-  <varlistentry><term><function>builtins.elem</function>
-  <replaceable>x</replaceable> <replaceable>xs</replaceable></term>
-
-    <listitem><para>Return <literal>true</literal> if a value equal to
-    <replaceable>x</replaceable> occurs in the list
-    <replaceable>xs</replaceable>, and <literal>false</literal>
-    otherwise.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><function>builtins.elemAt</function>
-  <replaceable>xs</replaceable> <replaceable>n</replaceable></term>
-
-    <listitem><para>Return element <replaceable>n</replaceable> from
-    the list <replaceable>xs</replaceable>.  Elements are counted
-    starting from 0.  A fatal error occurs in the index is out of
-    bounds.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><function>builtins.filter</function>
-  <replaceable>f</replaceable> <replaceable>xs</replaceable></term>
-
-    <listitem><para>Return a list consisting of the elements of
-    <replaceable>xs</replaceable> for which the function
-    <replaceable>f</replaceable> returns
-    <literal>true</literal>.</para></listitem>
-
-  </varlistentry>
-
-
+  
   <varlistentry><term><function>builtins.filterSource</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -256,7 +214,7 @@ stdenv.mkDerivation {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.getAttr</function>
   <replaceable>s</replaceable> <replaceable>attrs</replaceable></term>
 
@@ -269,7 +227,7 @@ stdenv.mkDerivation {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.getEnv</function>
   <replaceable>s</replaceable></term>
 
@@ -287,7 +245,7 @@ stdenv.mkDerivation {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.hasAttr</function>
   <replaceable>s</replaceable> <replaceable>attrs</replaceable></term>
 
@@ -301,7 +259,7 @@ stdenv.mkDerivation {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.head</function>
   <replaceable>list</replaceable></term>
 
@@ -312,15 +270,13 @@ stdenv.mkDerivation {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>import</function>
   <replaceable>path</replaceable></term>
 
     <listitem><para>Load, parse and return the Nix expression in the
-    file <replaceable>path</replaceable>.  If <replaceable>path
-    </replaceable> is a directory, the file <filename>default.nix
-    </filename> in that directory is loaded.  Evaluation aborts if
-    the file doesn’t exist or contains an incorrect Nix
+    file <replaceable>path</replaceable>.  Evaluation aborts if the
+    file doesn’t exist or contains an incorrect Nix
     expression.  <function>import</function> implements Nix’s module
     system: you can put any Nix expression (such as an attribute set
     or a function) in a separate file, and use it from Nix expressions
@@ -332,7 +288,7 @@ stdenv.mkDerivation {
     built-in).  Therefore, it cannot refer to variables that are in
     scope at the call site.  For instance, if you have a calling
     expression
-
+    
 <programlisting>
 rec {
   x = 123;
@@ -367,17 +323,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
-  <varlistentry><term><function>builtins.intersectAttrs</function>
-  <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
-
-    <listitem><para>Return an attribute set consisting of the
-    attributes in the set <replaceable>e2</replaceable> that also
-    exist in the set <replaceable>e1</replaceable>.</para></listitem>
-
-  </varlistentry>
-
-
+  
   <varlistentry><term><function>builtins.isAttrs</function>
   <replaceable>e</replaceable></term>
 
@@ -387,7 +333,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.isList</function>
   <replaceable>e</replaceable></term>
 
@@ -397,7 +343,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.isFunction</function>
   <replaceable>e</replaceable></term>
 
@@ -407,7 +353,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.isString</function>
   <replaceable>e</replaceable></term>
 
@@ -417,7 +363,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.isInt</function>
   <replaceable>e</replaceable></term>
 
@@ -427,7 +373,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.isBool</function>
   <replaceable>e</replaceable></term>
 
@@ -437,7 +383,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>isNull</function>
   <replaceable>e</replaceable></term>
 
@@ -447,12 +393,12 @@ x: x + 456</programlisting>
 
     <warning><para>This function is <emphasis>deprecated</emphasis>;
     just write <literal>e == null</literal> instead.</para></warning>
-
+    
     </listitem>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.length</function>
   <replaceable>e</replaceable></term>
 
@@ -461,7 +407,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.lessThan</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -474,7 +420,7 @@ x: x + 456</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.listToAttrs</function>
   <replaceable>e</replaceable></term>
 
@@ -486,10 +432,10 @@ x: x + 456</programlisting>
     Example:
 
 <programlisting>
-builtins.listToAttrs
-  [ { name = "foo"; value = 123; }
-    { name = "bar"; value = 456; }
-  ]
+builtins.listToAttrs [
+  {name = "foo"; value = 123;}
+  {name = "bar"; value = 456;}
+]
 </programlisting>
 
     evaluates to
@@ -501,7 +447,7 @@ builtins.listToAttrs
     </para></listitem>
 
   </varlistentry>
-
+  
   <varlistentry><term><function>map</function>
   <replaceable>f</replaceable> <replaceable>list</replaceable></term>
 
@@ -510,14 +456,14 @@ builtins.listToAttrs
     example,
 
 <programlisting>
-map (x: "foo" + x) [ "bar" "bla" "abc" ]</programlisting>
-
-    evaluates to <literal>[ "foobar" "foobla" "fooabc"
-    ]</literal>.</para></listitem>
+map (x: "foo" + x) ["bar" "bla" "abc"]</programlisting>
 
+    evaluates to <literal>["foobar" "foobla"
+    "fooabc"]</literal>.</para></listitem>
+    
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.mul</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -527,7 +473,7 @@ map (x: "foo" + x) [ "bar" "bla" "abc" ]</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.parseDrvName</function>
   <replaceable>s</replaceable></term>
 
@@ -535,14 +481,14 @@ map (x: "foo" + x) [ "bar" "bla" "abc" ]</programlisting>
     a package name and version.  The package name is everything up to
     but not including the first dash followed by a digit, and the
     version is everything following that dash.  The result is returned
-    in an attribute set <literal>{ name, version }</literal>.  Thus,
+    in an attribute set <literal>{name, version}</literal>.  Thus,
     <literal>builtins.parseDrvName "nix-0.12pre12876"</literal>
-    returns <literal>{ name = "nix"; version = "0.12pre12876";
-    }</literal>.</para></listitem>
+    returns <literal>{name = "nix"; version =
+    "0.12pre12876";}</literal>.</para></listitem>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.pathExists</function>
   <replaceable>path</replaceable></term>
 
@@ -575,7 +521,7 @@ in config.someSetting</programlisting>
   </varlistentry>
   -->
 
-
+  
   <varlistentry><term><function>builtins.readFile</function>
   <replaceable>path</replaceable></term>
 
@@ -583,8 +529,8 @@ in config.someSetting</programlisting>
     <replaceable>path</replaceable> as a string.</para></listitem>
 
   </varlistentry>
-
-
+  
+  
   <varlistentry><term><function>removeAttrs</function>
   <replaceable>attrs</replaceable> <replaceable>list</replaceable></term>
 
@@ -594,13 +540,13 @@ in config.someSetting</programlisting>
     exist in <replaceable>attrs</replaceable>. For instance,
 
 <screen>
-removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
+removeAttrs { x = 1; y = 2; z = 3; } ["a" "x" "z"]</screen>
 
-    evaluates to <literal>{ y = 2; }</literal>.</para></listitem>
+    evaluates to <literal>{y = 2;}</literal>.</para></listitem>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.stringLength</function>
   <replaceable>e</replaceable></term>
 
@@ -610,7 +556,7 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.sub</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -620,7 +566,7 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.substring</function>
   <replaceable>start</replaceable> <replaceable>len</replaceable>
   <replaceable>s</replaceable></term>
@@ -638,7 +584,7 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.tail</function>
   <replaceable>list</replaceable></term>
 
@@ -648,7 +594,7 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>throw</function>
   <replaceable>s</replaceable></term>
 
@@ -662,7 +608,7 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
 
   </varlistentry>
 
-
+  
   <varlistentry
   xml:id='builtin-toFile'><term><function>builtins.toFile</function>
   <replaceable>name</replaceable> <replaceable>s</replaceable></term>
@@ -676,11 +622,11 @@ removeAttrs { x = 1; y = 2; z = 3; } [ "a" "x" "z" ]</screen>
     linkend='ex-hello-builder' /> into one file:
 
 <programlisting>
-{ stdenv, fetchurl, perl }:
+{stdenv, fetchurl, perl}:
 
 stdenv.mkDerivation {
   name = "hello-2.1.1";
-
+  
   builder = builtins.toFile "builder.sh" "
     source $stdenv/setup
 
@@ -699,7 +645,7 @@ stdenv.mkDerivation {
   };
   inherit perl;
 }</programlisting>
-
+  
     </para>
 
     <para>It is even possible for one file to refer to another, e.g.,
@@ -737,7 +683,7 @@ in foo</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.toPath</function> <replaceable>s</replaceable></term>
 
     <listitem><para>Convert the string value
@@ -750,7 +696,7 @@ in foo</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>toString</function> <replaceable>e</replaceable></term>
 
     <listitem><para>Convert the expression
@@ -762,7 +708,7 @@ in foo</programlisting>
 
   </varlistentry>
 
-
+  
   <varlistentry xml:id='builtin-toXML'><term><function>builtins.toXML</function> <replaceable>e</replaceable></term>
 
     <listitem><para>Return a string containing an XML representation
@@ -807,15 +753,15 @@ in foo</programlisting>
 
     <example xml:id='ex-toxml'><title>Passing information to a builder
     using <function>toXML</function></title>
-
+    
 <programlisting><![CDATA[
-{ stdenv, fetchurl, libxslt, jira, uberwiki }:
+{stdenv, fetchurl, libxslt, jira, uberwiki}:
 
 stdenv.mkDerivation (rec {
   name = "web-server";
 
-  buildInputs = [ libxslt ];
-
+  buildInputs = [libxslt];
+  
   builder = builtins.toFile "builder.sh" "
     source $stdenv/setup
     mkdir $out
@@ -848,7 +794,7 @@ stdenv.mkDerivation (rec {
 
     <example xml:id='ex-toxml-result'><title>XML representation produced by
     <function>toXML</function></title>
-
+    
 <programlisting><![CDATA[<?xml version='1.0' encoding='utf-8'?>
 <expr>
   <list>
@@ -877,7 +823,7 @@ stdenv.mkDerivation (rec {
 
   </varlistentry>
 
-
+  
   <varlistentry><term><function>builtins.trace</function>
   <replaceable>e1</replaceable> <replaceable>e2</replaceable></term>
 
@@ -888,7 +834,7 @@ stdenv.mkDerivation (rec {
 
   </varlistentry>
 
-
+  
 </variablelist>
 
 

doc/manual/conf-file.xml

@@ -1,39 +1,27 @@
-<refentry xmlns="http://docbook.org/ns/docbook"
-          xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-conf-file">
+<section xmlns="http://docbook.org/ns/docbook"
+         xmlns:xlink="http://www.w3.org/1999/xlink"
+         xml:id="sec-conf-file">
 
-<refmeta>
-  <refentrytitle>nix.conf</refentrytitle>
-  <manvolnum>5</manvolnum>
-  <refmiscinfo class="source">Nix</refmiscinfo>
-  <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo>
-</refmeta>
+<title>Nix configuration file</title>
 
-<refnamediv>
-  <refname>nix.conf</refname>
-  <refpurpose>Nix configuration file</refpurpose>
-</refnamediv>
-
-<refsection><title>Description</title>
 
 <para>A number of persistent settings of Nix are stored in the file
-<filename><replaceable>sysconfdir</replaceable>/nix/nix.conf</filename>.
+<filename><replaceable>prefix</replaceable>/etc/nix/nix.conf</filename>.
 This file is a list of <literal><replaceable>name</replaceable> =
 <replaceable>value</replaceable></literal> pairs, one per line.
-Comments start with a <literal>#</literal> character.  Here is an example
-configuration file:</para>
+Comments start with a <literal>#</literal> character.  An example
+configuration file is shown in <xref linkend="ex-nix-conf" />.</para>
+
+<example xml:id='ex-nix-conf'><title>Nix configuration file</title>
 
 <programlisting>
 gc-keep-outputs = true       # Nice for developers
 gc-keep-derivations = true   # Idem
 env-keep-derivations = false
 </programlisting>
+</example>
 
-<para>You can override settings using the <option>--option</option>
-flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
-
-<para>The following settings are currently available: 
+<para>The following variables are currently available: 
 
 <variablelist>
 
@@ -109,25 +97,6 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
   </varlistentry>
 
 
-  <varlistentry xml:id="conf-build-cores"><term><literal>build-cores</literal></term>
-
-    <listitem><para>Sets the value of the
-    <envar>NIX_BUILD_CORES</envar> environment variable in the
-    invocation of builders.  Builders can use this variable at their
-    discretion to control the maximum amount of parallelism.  For
-    instance, in Nixpkgs, if the derivation attribute
-    <varname>enableParallelBuilding</varname> is set to
-    <literal>true</literal>, the builder passes the
-    <option>-j<replaceable>N</replaceable></option> flag to GNU Make.
-    It can be overriden using the <option
-    linkend='opt-cores'>--cores</option> command line switch and
-    defaults to <literal>1</literal>.  The value <literal>0</literal>
-    means that the builder should use all available CPU cores in the
-    system.</para></listitem>
-
-  </varlistentry>
-
-
   <varlistentry xml:id="conf-build-max-silent-time"><term><literal>build-max-silent-time</literal></term>
 
     <listitem>
@@ -148,25 +117,6 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
 
   </varlistentry>
 
-  <varlistentry xml:id="conf-build-timeout"><term><literal>build-timeout</literal></term>
-
-    <listitem>
-
-      <para>This option defines the maximum number of seconds that a
-      builder can run.  This is useful (for instance in a automated
-      build system) to catch builds that are stuck in an infinite loop
-      but keep writing to their standard output or standard error.  It
-      can be overriden using the <option
-      linkend="opt-timeout">--timeout</option> command line
-      switch.</para>
-
-      <para>The value <literal>0</literal> means that there is no
-      timeout.  This is also the default.</para>
-
-    </listitem>
-
-  </varlistentry>
-
 
   <varlistentry xml:id="conf-build-users-group"><term><literal>build-users-group</literal></term>
 
@@ -201,8 +151,10 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
     under the uid of the Nix process (that is, the uid of the caller
     if <envar>NIX_REMOTE</envar> is empty, the uid under which the Nix
     daemon runs if <envar>NIX_REMOTE</envar> is
-    <literal>daemon</literal>).  Obviously, this should not be used in
-    multi-user settings with untrusted users.</para>
+    <literal>daemon</literal>, or the uid that owns the setuid
+    <command>nix-worker</command> program if <envar>NIX_REMOTE</envar>
+    is <literal>slave</literal>).  Obviously, this should not be used
+    in multi-user settings with untrusted users.</para>
 
     </listitem>
 
@@ -235,25 +187,6 @@ flag, e.g. <literal>--option gc-keep-outputs false</literal>.</para>
   </varlistentry>
 
   
-  <varlistentry><term><literal>build-use-substitutes</literal></term>
-
-    <listitem><para>If set to <literal>true</literal> (default), Nix
-    will use binary substitutes if available.  This option can be
-    disabled to force building from source.</para></listitem>
-
-  </varlistentry>
-
-    
-  <varlistentry><term><literal>build-fallback</literal></term>
-
-    <listitem><para>If set to <literal>true</literal>, Nix will fall
-    back to building from source if a binary substitute fails.  This
-    is equivalent to the <option>--fallback</option> flag.  The
-    default is <literal>false</literal>.</para></listitem>
-
-  </varlistentry>
-
-    
   <varlistentry xml:id="conf-build-chroot-dirs"><term><literal>build-chroot-dirs</literal></term>
 
     <listitem><para>When builds are performed in a chroot environment,
@@ -281,109 +214,6 @@ build-use-chroot = /dev /proc /bin</programlisting>
   </varlistentry>
 
   
-  <varlistentry><term><literal>build-cache-failures</literal></term>
-
-    <listitem><para>If set to <literal>true</literal>, Nix will
-    “cache” build failures, meaning that it will remember (in its
-    database) that a derivation previously failed.  If you then try to
-    build the derivation again, Nix will immediately fail rather than
-    perform the build again.  Failures in fixed-output derivations
-    (such as <function>fetchurl</function> calls) are never cached.
-    The “failed” status of a derivation can be cleared using
-    <command>nix-store --clear-failed-paths</command>.  By default,
-    failure caching is disabled.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>build-keep-log</literal></term>
-
-    <listitem><para>If set to <literal>true</literal> (the default),
-    Nix will write the build log of a derivation (i.e. the standard
-    output and error of its builder) to the directory
-    <filename>/nix/var/log/nix/drvs</filename>.  The build log can be
-    retrieved using the command <command>nix-store -l
-    <replaceable>path</replaceable></command>.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>build-compress-log</literal></term>
-
-    <listitem><para>If set to <literal>true</literal> (the default),
-    build logs written to <filename>/nix/var/log/nix/drvs</filename>
-    will be compressed on the fly using bzip2.  Otherwise, they will
-    not be compressed.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>use-binary-caches</literal></term>
-
-    <listitem><para>If set to <literal>true</literal> (the default),
-    Nix will check the binary caches specified by
-    <option>binary-caches</option> and related options to obtain
-    binary substitutes.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>binary-caches</literal></term>
-
-    <listitem><para>A list of URLs of binary caches, separated by
-    whitespace.  The default is empty.<!-- The default is
-    <literal>http://nixos.org/binary-cache</literal>. --></para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>binary-caches-files</literal></term>
-
-    <listitem><para>A list of names of files that will be read to
-    obtain additional binary cache URLs.  The default is
-    <literal>/nix/var/nix/profiles/per-user/root/channels/binary-caches/*</literal>,
-    which ensures that Nix will use the binary caches corresponding to
-    the channels installed by root.  Do not set this option to read
-    files created by untrusted users!</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>trusted-binary-caches</literal></term>
-
-    <listitem><para>A list of URLs of binary caches, separated by
-    whitespace.  These are not used by default, but can be enabled by
-    users of the Nix daemon by specifying <literal>--option
-    binary-caches <replaceable>urls</replaceable></literal> on the
-    command line.  Daemon users are only allowed to pass a subset of
-    the URLs listed in <literal>binary-caches</literal> and
-    <literal>trusted-binary-caches</literal>.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>binary-caches-parallel-connections</literal></term>
-
-    <listitem><para>The maximum number of parallel HTTP connections
-    used by the binary cache substituter to get NAR info files.  This
-    number should be high to minimise latency.  It defaults to
-    150.</para></listitem>
-
-  </varlistentry>
-
-
-  <varlistentry><term><literal>force-manifest</literal></term>
-
-    <listitem><para>If this option is set to <literal>false</literal>
-    (default) and a Nix channel provides both a manifest and a binary
-    cache, only the binary cache will be used.  If set to
-    <literal>true</literal>, the manifest will be fetched as well.
-    This is useful if you want to use binary patches (which are
-    currently not supported by binary caches).</para></listitem>
-
-  </varlistentry>
-
-
   <varlistentry><term><literal>system</literal></term>
 
     <listitem><para>This option specifies the canonical Nix system
@@ -403,35 +233,11 @@ build-use-chroot = /dev /proc /bin</programlisting>
     <filename>configure</filename> at build time.</para></listitem>
 
   </varlistentry>
-
-
-  <varlistentry><term><literal>fsync-metadata</literal></term>
-
-    <listitem><para>If set to <literal>true</literal>, changes to the
-    Nix store metadata (in <filename>/nix/var/nix/db</filename>) are
-    synchronously flushed to disk.  This improves robustness in case
-    of system crashes, but reduces performance.  The default is
-    <literal>true</literal>.</para></listitem>
-
-  </varlistentry>
-
   
-  <varlistentry><term><literal>auto-optimise-store</literal></term>
-
-    <listitem><para>If set to <literal>true</literal> (the default),
-    Nix automatically detects files in the store that have identical
-    contents, and replaces them with hard links to a single copy.
-    This saves disk space.  If set to <literal>false</literal>, you
-    can still run <command>nix-store --optimise</command> to get rid
-    of duplicate files.</para></listitem>
-
-  </varlistentry>
-
-
+    
 </variablelist>
 
 </para>
 
-</refsection>
 
-</refentry>
+</section>

doc/manual/env-common.xml

@@ -7,43 +7,9 @@
 
 <para>Most Nix commands interpret the following environment variables:</para>
 
-<variablelist xml:id="env-common">
+<variablelist>
 
   
-<varlistentry><term><envar>NIX_PATH</envar></term>
-
-  <listitem>
-
-    <para>A colon-separated list of directories used to look up Nix
-    expressions enclosed in angle brackets (i.e.,
-    <literal>&lt;<replaceable>path</replaceable>></literal>).  For
-    instance, the value
-
-    <screen>
-/home/eelco/Dev:/etc/nixos</screen>
-
-    will cause Nix to look for paths relative to
-    <filename>/home/eelco/Dev</filename> and
-    <filename>/etc/nixos</filename>, in that order.  It is also
-    possible to match paths against a prefix.  For example, the value
-    
-    <screen>
-nixpkgs=/home/eelco/Dev/nixpkgs-branch:/etc/nixos</screen>
-
-    will cause Nix to search for
-    <literal>&lt;nixpkgs/<replaceable>path</replaceable>></literal> in
-    <filename>/home/eelco/Dev/nixpkgs-branch/<replaceable>path</replaceable></filename>
-    and
-    <filename>/etc/nixos/nixpkgs/<replaceable>path</replaceable></filename>.
-    </para>
-
-    <para>The search path can be extended using the
-    <option>-I</option> option, which takes precedence over
-    <envar>NIX_PATH</envar>.</para></listitem>
-
-</varlistentry>
-    
-
 <varlistentry><term><envar>NIX_IGNORE_SYMLINK_STORE</envar></term>
 
   <listitem>
@@ -153,13 +119,9 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
   <para>Specifies the location of the <emphasis>build hook</emphasis>,
   which is a program (typically some script) that Nix will call
   whenever it wants to build a derivation.  This is used to implement
-  distributed builds<phrase condition="manual"> (see <xref
-  linkend="chap-distributed-builds" />)</phrase>.</para>
-
-  <!--
-  The protocol by
-  which the calling Nix process and the build hook communicate is as
-  follows.
+  distributed builds (see <xref linkend="sec-distributed-builds"
+  />).  The protocol by which the calling Nix process and the build
+  hook communicate is as follows.</para>
 
   <para>The build hook is called with the following command-line
   arguments:
@@ -169,7 +131,7 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
     <listitem><para>A boolean value <literal>0</literal> or
     <literal>1</literal> specifying whether Nix can locally execute
     more builds, as per the <link
-    linkend="opt-max-jobs"><option>- -max-jobs</option> option</link>.
+    linkend="opt-max-jobs"><option>--max-jobs</option> option</link>.
     The purpose of this argument is to allow the hook to not have to
     maintain bookkeeping for the local machine.</para></listitem>
 
@@ -254,7 +216,7 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
 
       <listitem><para>The reference graph of the inputs, in the format
       accepted by the command <command>nix-store
-      - -register-validity</command>.  It is necessary to run this
+      --register-validity</command>.  It is necessary to run this
       command on the remote machine after copying the inputs to inform
       Nix on the remote machine that the inputs are valid
       paths.</para></listitem>
@@ -271,7 +233,6 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
   <literal>0</literal> indicates that the hook has failed.  An exit
   code equal to 100 means that the remote build failed (as opposed to,
   e.g., a network error).</para>
-  -->
 
   </listitem>
 
@@ -294,34 +255,22 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
 
   <listitem><para>This variable contains the paths of remote Nix
   installations from whichs paths can be copied, separated by colons.
-  <phrase condition="manual">See <xref linkend="sec-sharing-packages"
-  /> for details.</phrase>  Each path should be the
-  <filename>/nix</filename> directory of a remote Nix installation
-  (i.e., not the <filename>/nix/store</filename> directory).  The
-  paths are subject to globbing, so you can set it so something like
-  <literal>/var/run/nix/remote-stores/*/nix</literal> and mount
-  multiple remote filesystems in
+  See <xref linkend="sec-sharing-packages" /> for details.  Each path
+  should be the <filename>/nix</filename> directory of a remote Nix
+  installation (i.e., not the <filename>/nix/store</filename>
+  directory).  The paths are subject to globbing, so you can set it so
+  something like <literal>/var/run/nix/remote-stores/*/nix</literal>
+  and mount multiple remote filesystems in
   <literal>/var/run/nix/remote-stores</literal>.</para>
 
   <para>Note that if you’re building through the <link
-  linkend="sec-nix-daemon">Nix daemon</link>, the only setting for
+  linkend="sec-nix-worker">Nix daemon</link>, the only setting for
   this variable that matters is the one that the
-  <command>nix-daemon</command> process uses.  So if you want to
+  <command>nix-worker</command> process uses.  So if you want to
   change it, you have to restart the daemon.</para></listitem>
 
 </varlistentry>
 
-
-<varlistentry><term><envar>GC_INITIAL_HEAP_SIZE</envar></term>
-
-  <listitem><para>If Nix has been configured to use the Boehm garbage
-  collector, this variable sets the initial size of the heap in bytes.
-  It defaults to 384 MiB.  Setting it to a low value reduces memory
-  consumption, but will increase runtime due to the overhead of
-  garbage collection.</para></listitem>
-
-</varlistentry>
-
     
 </variablelist>
 

doc/manual/glossary.xml

@@ -160,18 +160,6 @@
 </glossentry>
 
 
-<glossentry xml:id="gloss-nar"><glossterm>NAR</glossterm>
-
-  <glossdef><para>A <emphasis>N</emphasis>ix
-  <emphasis>AR</emphasis>chive.  This is a serialisation of a path in
-  the Nix store.  It can contain regular files, directories and
-  symbolic links.  NARs are generated and unpacked using
-  <command>nix-store --dump</command> and <command>nix-store
-  --restore</command>.</para></glossdef>
-
-</glossentry>
-
-
 
 </glosslist>
 

doc/manual/installation.xml

@@ -15,11 +15,11 @@
   <listitem><para>Linux (particularly on x86, x86_64, and
   PowerPC).</para></listitem>
 
-  <listitem><para>Mac OS X.</para></listitem>
+  <listitem><para>Mac OS X, both on Intel and
+  PowerPC.</para></listitem>
 
   <listitem><para>FreeBSD (only tested on Intel).</para></listitem>
 
-  <!--
   <listitem><para>Windows through <link
   xlink:href="http://www.cygwin.com/">Cygwin</link>.</para>
 
@@ -28,7 +28,6 @@
   partition.</para></warning>
 
   </listitem>
-  -->
 
 </itemizedlist>
 
@@ -40,172 +39,81 @@ platforms as well.</para>
 </section>
 
 
-<section><title>Installing a binary distribution</title>
+<section><title>Obtaining Nix</title>
 
-<para>The easiest way to install Nix is to use a binary package.
-Binary packages of the latest stable release are available for Fedora,
-Debian, Ubuntu, Mac OS X and various other systems from the <link
-xlink:href="http://nixos.org/nix/download.html">Nix homepage</link>.
-You can also get builds of the latest development release from our
-<link
-xlink:href="http://hydra.nixos.org/view/nix/trunk/latest">continuous
-build system</link>.</para>
-
-<para>For Fedora, RPM packages are available.  These can be installed
-or upgraded using <command>rpm -U</command>.  For example,
-
-<screen>
-$ rpm -U nix-1.0-1.i386.rpm</screen>
-
-</para>
-
-<para>For Debian and Ubuntu, you can download a Deb package and
-install it like this:
-
-<screen>
-$ dpkg -i nix_1.0-1_amd64.deb</screen>
-
-</para>
-
-<para>For other platforms, including Mac OS X (Darwin), FreeBSD and
-other Linux distributions, you can download a binary tarball.  It
-contains Nix and all its dependencies.  You should unpack it in the
-root directory, then run <command>nix-finish-install</command>:
-
-<screen>
-$ cd /
-$ tar xfj nix-1.1-x86_64-darwin.tar.bz2
-$ nix-finish-install
-</screen>
-
-After this you can delete
-<filename>/usr/bin/nix-finish-install</filename>.</para>
-
-<para>If you plan to use Nix from a single non-root user account, it’s
-probably convenient to change the ownership of the entire Nix store
-and database to that user account.  In that case, install as follows:
-
-<screen>
-alice$ cd /
-alice$ sudo tar xfj nix-1.1-x86_64-darwin.tar.bz2
-alice$ sudo chown -R alice /nix
-alice$ nix-finish-install
-</screen>
-
-</para>
-
-<para>Nix can be uninstalled using <command>rpm -e nix</command> or
-<command>dpkg -r nix</command> on RPM- and Dpkg-based systems,
-respectively.  After this you should manually remove the Nix store and
-other auxiliary data, if desired:
-
-<screen>
-$ rm -rf /nix</screen>
-
-</para>
-
-</section>
-
-
-<section><title>Installing Nix from source</title>
-
-<para>If no binary package is available, you can download and compile
-a source distribution.</para>
-
-<section><title>Prerequisites</title>
-
-<itemizedlist>
-
-  <listitem><para>GNU Make.</para></listitem>
-
-  <listitem><para>A fairly recent version of GCC/G++.  Version 2.95
-  and higher should work.  Clang will also work.</para></listitem>
-
-  <listitem><para>Perl 5.8 or higher.</para></listitem>
-
-  <listitem><para><command>pkg-config</command> to locate
-  dependencies.  If your distribution does not provide it, you can get
-  it from <link
-  xlink:href="http://www.freedesktop.org/wiki/Software/pkg-config"
-  />.</para></listitem>
-
-  <listitem><para>The bzip2 compressor program and the
-  <literal>libbz2</literal> library.  Thus you must have bzip2
-  installed, including development headers and libraries.  If your
-  distribution does not provide these, you can obtain bzip2 from <link
-  xlink:href="http://www.bzip.org/"/>.</para></listitem>
-
-  <listitem><para>The SQLite embedded database library, version 3.6.19
-  or higher.  If your distribution does not provide it, please install
-  it from <link xlink:href="http://www.sqlite.org/" />.</para></listitem>
-
-  <listitem><para>The Perl DBI and DBD::SQLite libraries, which are
-  available from <link
-  xlink:href="http://search.cpan.org/">CPAN</link> if your
-  distribution does not provide them.</para></listitem>
-
-  <listitem><para>The <link
-  xlink:href="http://www.hpl.hp.com/personal/Hans_Boehm/gc/">Boehm
-  garbage collector</link> to reduce the evaluator’s memory
-  consumption (optional).  To enable it, install
-  <literal>pkgconfig</literal> and the Boehm garbage collector, and
-  pass the flag <option>--enable-gc</option> to
-  <command>configure</command>.</para></listitem>
-
-  <listitem><para>The <command>xmllint</command> and
-  <command>xsltproc</command> programs to build this manual and the
-  man-pages.  These are part of the <literal>libxml2</literal> and
-  <literal>libxslt</literal> packages, respectively.  You also need
-  the <link
-  xlink:href="http://docbook.sourceforge.net/projects/xsl/">DocBook
-  XSL stylesheets</link> and optionally the <link
-  xlink:href="http://www.docbook.org/schemas/5x"> DocBook 5.0 RELAX NG
-  schemas</link>.  Note that these are only required if you modify the
-  manual sources or when you are building from the Git
-  repository.</para></listitem>
-
-  <listitem><para>Recent versions of Bison and Flex to build the
-  parser.  (This is because Nix needs GLR support in Bison and
-  reentrancy support in Flex.)  For Bison, you need version 2.3 or
-  higher (1.875 does <emphasis>not</emphasis> work), which can be
-  obtained from the <link
-  xlink:href="ftp://alpha.gnu.org/pub/gnu/bison">GNU FTP
-  server</link>.  For Flex, you need version 2.5.33, which is
-  available on <link
-  xlink:href="http://lex.sourceforge.net/">SourceForge</link>.
-  Slightly older versions may also work, but ancient versions like the
-  ubiquitous 2.5.4a won't.  Note that these are only required if you
-  modify the parser or when you are building from the Git
-  repository.</para></listitem>
-
-</itemizedlist>
-
-</section>
-
-
-<section><title>Obtaining a source distribution</title>
-
-<para>The source tarball of the most recent stable release can be
-downloaded from the <link
-xlink:href="http://nixos.org/nix/download.html">Nix homepage</link>.
-You can also grab the <link
-xlink:href="http://hydra.nixos.org/view/nix/trunk/latest/tarball/download-by-type/file/source-dist">most
-recent development release</link>.</para>
+<para>The easiest way to obtain Nix is to download a <link
+xlink:href="http://nixos.org/">source distribution</link>.  RPMs
+for Red Hat, SuSE, and Fedora Core are also available.</para>
 
 <para>Alternatively, the most recent sources of Nix can be obtained
 from its <link
-xlink:href="https://github.com/NixOS/nix">Git
+xlink:href="https://svn.nixos.org/repos/nix/nix/trunk">Subversion
 repository</link>.  For example, the following command will check out
 the latest revision into a directory called
 <filename>nix</filename>:</para>
 
 <screen>
-$ git clone https://github.com/NixOS/nix</screen>
+$ svn checkout https://svn.nixos.org/repos/nix/nix/trunk nix</screen>
 
 <para>Likewise, specific releases can be obtained from the <link
-xlink:href="https://github.com/NixOS/nix/tags">tags</link> of the
+xlink:href="https://svn.nixos.org/repos/nix/nix/tags">tags
+directory</link> of the repository.</para>
+
+</section>
+
+
+<section><title>Prerequisites</title>
+
+<para><emphasis>The following prerequisites only apply when you build
+from source</emphasis>.  Binary releases (e.g., RPMs) have no
+prerequisites.</para>
+
+<para>A fairly recent version of GCC/G++ is required.  Version 2.95
+and higher should work.</para>
+
+<para>To build this manual and the man-pages you need the
+<command>xmllint</command> and <command>xsltproc</command> programs,
+which are part of the <literal>libxml2</literal> and
+<literal>libxslt</literal> packages, respectively.  You also need the
+<link
+xlink:href="http://docbook.sourceforge.net/projects/xsl/">DocBook XSL
+stylesheets</link> and optionally the <link
+xlink:href="http://www.docbook.org/schemas/5x"> DocBook 5.0 RELAX NG
+schemas</link>.  Note that these are only required if you modify the
+manual sources or when you are building from the Subversion
 repository.</para>
 
+<para>To build the parser, very <emphasis>recent</emphasis> versions
+of Bison and Flex are required.  (This is because Nix needs GLR
+support in Bison and reentrancy support in Flex.)  For Bison, you need
+version 2.3 or higher (1.875 does <emphasis>not</emphasis> work),
+which can be obtained from
+the <link xlink:href="ftp://alpha.gnu.org/pub/gnu/bison">GNU FTP
+server</link>.  For Flex, you need version 2.5.33, which is available
+on <link xlink:href="http://lex.sourceforge.net/">SourceForge</link>.
+Slightly older versions may also work, but ancient versions like the
+ubiquitous 2.5.4a won't.  Note that these are only required if you
+modify the parser or when you are building from the Subversion
+repository.</para>
+
+<para>Nix uses CWI's ATerm library and the bzip2 compressor (including
+the bzip2 library).  These are included in the Nix source
+distribution.  If you build from the Subversion repository, you must
+download them yourself and place them in the
+<filename>externals/</filename> directory.  See
+<filename>externals/Makefile.am</filename> for the precise URLs of
+these packages.  Alternatively, if you already have them installed,
+you can use <command>configure</command>'s
+<option>--with-aterm</option> and <option>--with-bzip2</option>
+options to point to their respective locations.</para>
+
+<para>If you want to be able to upgrade Nix stores from before version
+0.12pre12020, you need Sleepycat's Berkeley DB version version 4.5.
+(Other versions may not have compatible database formats.).  Berkeley
+DB 4.5 is included in the Nix source distribution.  If you do not need
+this ability, you can build Nix with the
+<option>--disable-old-db-compat</option> configure option.</para>
+
 </section>
 
 
@@ -219,39 +127,29 @@ $ ./configure <replaceable>options...</replaceable>
 $ make
 $ make install</screen>
 
-Nix requires GNU Make so you may need to invoke
-<command>gmake</command> instead.</para>
+</para>
 
-<para>When building from the Git repository, these should be preceded
-by the command:
+<para>When building from the Subversion repository, these should be
+preceded by the command:
 
 <screen>
-$ ./bootstrap.sh</screen>
+$ ./bootstrap</screen>
 
 </para>
 
 <para>The installation path can be specified by passing the
 <option>--prefix=<replaceable>prefix</replaceable></option> to
 <command>configure</command>.  The default installation directory is
-<filename>/usr/local</filename>.  You can change this to any location
-you like.  You must have write permission to the
+<filename>/nix</filename>.  You can change this to any location you
+like.  You must have write permission to the
 <replaceable>prefix</replaceable> path.</para>
 
-<para>Nix keeps its <emphasis>store</emphasis> (the place where
-packages are stored) in <filename>/nix/store</filename> by default.
-This can be changed using
-<option>--with-store-dir=<replaceable>path</replaceable></option>.</para>
+<warning><para>It is best <emphasis>not</emphasis> to change the
+installation prefix from its default, since doing so makes it
+impossible to use pre-built binaries from the standard Nixpkgs
+channels.</para></warning>
 
-<warning><para>It is best <emphasis>not</emphasis> to change the Nix
-store from its default, since doing so makes it impossible to use
-pre-built binaries from the standard Nixpkgs channels — that is, all
-packages will need to be built from source.</para></warning>
-
-<para>Nix keeps state (such as its database and log files) in
-<filename>/nix/var</filename> by default.  This can be changed using
-<option>--localstatedir=<replaceable>path</replaceable></option>.</para>
-
-<para>If you want to rebuild the documentation, pass the full path to
+<para>If you want to rebuilt the documentation, pass the full path to
 the DocBook RELAX NG schemas and to the DocBook XSL stylesheets using
 the
 <option>--with-docbook-rng=<replaceable>path</replaceable></option>
@@ -262,10 +160,37 @@ options.</para>
 </section>
 
 
+<section><title>Installing from RPMs</title>
+
+<para>RPM packages of Nix can be downloaded from <link
+xlink:href="http://nixos.org/" />.  These RPMs should work for most
+fairly recent releases of SuSE and Red Hat Linux.  They have been
+known to work work on SuSE Linux 8.1 and 9.0, and Red Hat 9.0.  In
+fact, it should work on any RPM-based Linux distribution based on
+<literal>glibc</literal> 2.3 or later.</para>
+
+<para>Once downloaded, the RPMs can be installed or upgraded using
+<command>rpm -U</command>.  For example,
+
+<screen>
+$ rpm -U nix-0.5pre664-1.i386.rpm</screen>
+
+</para>
+
+<para>The RPMs install into the directory <filename>/nix</filename>.
+Nix can be uninstalled using <command>rpm -e nix</command>.  After
+this it will be necessary to manually remove the Nix store and other
+auxiliary data:
+
+<screen>
+$ rm -rf /nix/store
+$ rm -rf /nix/var</screen>
+
+</para>
+
 </section>
 
 
-<!-- TODO: should be updated
 <section><title>Upgrading Nix through Nix</title>
 
 <para>You can install the latest stable version of Nix through Nix
@@ -278,7 +203,6 @@ installation</link> by clicking on the package links at <link
 xlink:href="http://nixos.org/releases/full-index-nix.html" />.</para>
 
 </section>
--->
 
 
 <section><title>Security</title>
@@ -382,7 +306,7 @@ bit turned on (like <filename>/tmp</filename>):
 
 <screen>
 $ chgrp nixbld /nix/store
-$ chmod 1775 /nix/store
+$ chmod 1777 /nix/store
 </screen>
 
 </para>
@@ -391,7 +315,7 @@ $ chmod 1775 /nix/store
 specifying the build users group in the <link
 linkend="conf-build-users-group"><literal>build-users-group</literal>
 option</link> in the <link linkend="sec-conf-file">Nix configuration
-file</link> (usually <literal>/etc/nix/nix.conf</literal>):
+file</link> (<literal>/nix/etc/nix/nix.conf</literal>):
 
 <programlisting>
 build-users-group = nixbld
@@ -412,11 +336,11 @@ $ chown -R root /nix/store /nix/var/nix</screen>
 
 </para>
 
-<para>The <link linkend="sec-nix-daemon">Nix daemon</link> should be
+<para>The <link linkend="sec-nix-worker">Nix daemon</link> should be
 started as follows (as <literal>root</literal>):
 
 <screen>
-$ nix-daemon</screen>
+$ nix-worker --daemon</screen>
 
 You’ll want to put that line somewhere in your system’s boot
 scripts.</para>
@@ -448,13 +372,13 @@ is a special account called <literal>nix</literal>, but it can be
 named anything.  It should own the Nix store and database:
 
 <screen>
-$ chown -R nix /nix/store /nix/var/nix</screen>
+$ chown -R root /nix/store /nix/var/nix</screen>
 
-and of course <command>nix-daemon</command> should be started under
-that user, e.g.,
+and of course <command>nix-worker --daemon</command> should be started
+under that user, e.g.,
 
 <screen>
-$ su - nix -c "exec /nix/bin/nix-daemon"</screen>
+$ su - nix -c "exec /nix/bin/nix-worker --daemon"</screen>
 
 </para>
 

doc/manual/introduction.xml

@@ -17,10 +17,10 @@ store</emphasis>, usually the directory
 subdirectory such as
 
 <programlisting>
-/nix/store/nlc4z5y1hm8w9s8vm6m1f5hy962xjmp5-firefox-12.0
+/nix/store/r8vvq9kq18pz08v249h8my6r9vs7s0n3-firefox-2.0.0.1/
 </programlisting>
 
-where <literal>nlc4z5…</literal> is a unique identifier for the
+where <literal>r8vvq9kq…</literal> is a unique identifier for the
 package that captures all its dependencies (it’s a cryptographic hash
 of the package’s build dependency graph).  This enables many powerful
 features.</para>
@@ -72,14 +72,15 @@ sounds risky, but it works extremely well.</para>
 
 <simplesect><title>Multi-user support</title>
 
-<para>Nix has multi-user support.  This means that non-privileged
-users can securely install software.  Each user can have a different
-<emphasis>profile</emphasis>, a set of packages in the Nix store that
-appear in the user’s <envar>PATH</envar>.  If a user installs a
-package that another user has already installed previously, the
-package won’t be built or downloaded a second time.  At the same time,
-it is not possible for one user to inject a Trojan horse into a
-package that might be used by another user.</para>
+<para>Starting at version 0.11, Nix has multi-user support.  This
+means that non-privileged users can securely install software.  Each
+user can have a different <emphasis>profile</emphasis>, a set of
+packages in the Nix store that appear in the user’s
+<envar>PATH</envar>.  If a user installs a package that another user
+has already installed previously, the package won’t be built or
+downloaded a second time.  At the same time, it is not possible for
+one user to inject a Trojan horse into a package that might be used by
+another user.</para>
 
 <!--
 <para>More details can be found in Section 3 of our <a
@@ -112,7 +113,7 @@ $ nix-env --rollback
 
 <simplesect><title>Garbage collection</title>
 
-<para>When you uninstall a package like this…
+<para>When you install a package like this…
 
 <screen>
 $ nix-env --uninstall firefox
@@ -225,7 +226,7 @@ href="docs/papers.html#servicecm">SCM-12 paper</a>.</para>
 <simplesect><title>Portability</title>
 
 <para>Nix should run on most Unix systems, including Linux, FreeBSD and
-Mac OS X.<!-- It is also supported on Windows using Cygwin.--></para>
+Mac OS X.  It is also supported on Windows using Cygwin.</para>
 
 </simplesect>
 
@@ -263,10 +264,8 @@ xlink:href="http://www.cs.uu.nl/wiki/Trace/WebHome">TraCE
 project</link> (2003-2008).  The project was funded by the Software
 Engineering Research Program <link
 xlink:href="http://www.jacquard.nl/">Jacquard</link> to improve the
-support for variability in software systems.  Further funding was
-provided by the NIRICT LaQuSo Build Farm project.  Development is
-currently supported by <link
-xlink:href="http://www.logicblox.com/">LogicBlox</link>.</para>
+support for variability in software systems.  Further funding is now
+provided by the NIRICT LaQuSo Build Farm project.</para>
 
 </section>
 
@@ -276,7 +275,7 @@ xlink:href="http://www.logicblox.com/">LogicBlox</link>.</para>
 <para>This manual tells you how to install and use Nix and how to
 write Nix expressions for software not already in the Nix Packages
 collection.  It also discusses some advanced topics, such as setting
-up distributed multi-platform building.</para>
+up a Nix-based build farm.</para>
 
 </section>
 
@@ -316,12 +315,13 @@ Upgrading in a Purely Functional Component Deployment Model
 paper <citetitle
 xlink:href='http://www.st.ewi.tudelft.nl/~dolstra/pubs/servicecm-scm12-final.pdf'>
 Service Configuration Management</citetitle> shows how services (e.g.,
-web servers) can be deployed and managed through Nix.  An overview of
-NixOS is given in the JFP article <citetitle
-xlink:href="http://www.st.ewi.tudelft.nl/~dolstra/pubs/nixos-jfp-final.pdf">NixOS:
-A Purely Functional Linux Distribution</citetitle>.  The Nix homepage
-has <link xlink:href="http://nixos.org/docs/papers.html">an up-to-date
-list of Nix-related papers</link>.</para>
+web servers) can be deployed and managed through Nix.  A short
+overview of NixOS is given in the HotOS XI paper <citetitle
+xlink:href="http://www.st.ewi.tudelft.nl/~dolstra/pubs/hotos-final.pdf">Purely
+Functional System Configuration Management</citetitle>.  The Nix
+homepage has <link
+xlink:href="http://nix.cs.uu.nl/docs/papers.html">an up-to-date list
+of Nix-related papers</link>.</para>
 
 <para>Nix is the subject of Eelco Dolstra’s PhD thesis <citetitle
 xlink:href="http://igitur-archive.library.uu.nl/dissertations/2006-0118-200031/index.htm">The

doc/manual/manual.xml

@@ -5,7 +5,8 @@
 
     <title>Nix User's Guide</title>
 
-    <edition>Version <xi:include href="version.txt" parse="text" /></edition>
+    <subtitle>Draft (Version <xi:include href="version.txt"
+    parse="text" />)</subtitle>
 
     <author>
       <personname>
@@ -13,17 +14,21 @@
         <surname>Dolstra</surname>
       </personname>
       <affiliation>
-        <orgname>LogicBlox</orgname>
+        <orgname>Delft University of Technology</orgname>
+        <orgdiv>Department of Software Technology</orgdiv>
       </affiliation>
-      <contrib>Author</contrib>
     </author>
 
     <copyright>
-      <year>2004-2012</year>
+      <year>2004</year>
+      <year>2005</year>
+      <year>2006</year>
+      <year>2007</year>
+      <year>2008</year>
       <holder>Eelco Dolstra</holder>
     </copyright>
 
-    <date>May 2012</date>
+    <date>November 2008</date>
     
   </info>
 
@@ -40,31 +45,66 @@
     <title>Command Reference</title>
     <xi:include href="opt-common.xml" />
     <xi:include href="env-common.xml" />
+    <xi:include href="conf-file.xml" />
     
     <section>
       <title>Main commands</title>
-      <xi:include href="nix-env.xml" />
-      <xi:include href="nix-instantiate.xml" />
-      <xi:include href="nix-store.xml" />
+      <section xml:id="sec-nix-env">
+        <title>nix-env</title>
+        <xi:include href="nix-env.xml" />
+      </section>
+      <section xml:id="sec-nix-instantiate">
+        <title>nix-instantiate</title>
+        <xi:include href="nix-instantiate.xml" />
+      </section>
+      <section xml:id="sec-nix-store">
+        <title>nix-store</title>
+        <xi:include href="nix-store.xml" />
+      </section>
     </section>
     
     <section>
       <title>Utilities</title>
-      <xi:include href="nix-build.xml" />
-      <xi:include href="nix-channel.xml" />
-      <xi:include href="nix-collect-garbage.xml" />
-      <xi:include href="nix-copy-closure.xml" />
-      <xi:include href="nix-hash.xml" />
-      <xi:include href="nix-install-package.xml" />
-      <xi:include href="nix-prefetch-url.xml" />
-      <xi:include href="nix-pull.xml" />
-      <xi:include href="nix-push.xml" />
-      <xi:include href="nix-daemon.xml" />
-    </section>
-
-    <section>
-      <title>Files</title>
-      <xi:include href="conf-file.xml" />
+      <section xml:id="sec-nix-build">
+        <title>nix-build</title>
+        <xi:include href="nix-build.xml" />
+      </section>
+      <section xml:id="sec-nix-channel">
+        <title>nix-channel</title>
+        <xi:include href="nix-channel.xml" />
+      </section>
+      <section xml:id="sec-nix-collect-garbage">
+        <title>nix-collect-garbage</title>
+        <xi:include href="nix-collect-garbage.xml" />
+      </section>
+      <section xml:id="sec-nix-copy-closure">
+        <title>nix-copy-closure</title>
+        <xi:include href="nix-copy-closure.xml" />
+      </section>
+      <section xml:id="sec-nix-hash">
+        <title>nix-hash</title>
+        <xi:include href="nix-hash.xml" />
+      </section>
+      <section xml:id="sec-nix-install-package">
+        <title>nix-install-package</title>
+        <xi:include href="nix-install-package.xml" />
+      </section>
+      <section xml:id="sec-nix-prefetch-url">
+        <title>nix-prefetch-url</title>
+        <xi:include href="nix-prefetch-url.xml" />
+      </section>
+      <section xml:id="sec-nix-pull">
+        <title>nix-pull</title>
+        <xi:include href="nix-pull.xml" />
+      </section>
+      <section xml:id="sec-nix-push">
+        <title>nix-push</title>
+        <xi:include href="nix-push.xml" />
+      </section>
+      <section xml:id="sec-nix-worker">
+        <title>nix-worker</title>
+        <xi:include href="nix-worker.xml" />
+      </section>
     </section>
     
   </appendix>

doc/manual/nix-build.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-build">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
   <refentrytitle>nix-build</refentrytitle>
@@ -28,8 +27,8 @@
       </group>
       <replaceable>attrPath</replaceable>
     </arg>
-    <arg><option>--drv-link</option> <replaceable>drvlink</replaceable></arg>
     <arg><option>--add-drv-link</option></arg>
+    <arg><option>--drv-link </option><replaceable>drvlink</replaceable></arg>
     <arg><option>--no-out-link</option></arg>
     <arg>
       <group choice='req'>
@@ -38,11 +37,6 @@
       </group>
       <replaceable>outlink</replaceable>
     </arg>
-    <arg>
-      <option>--run-env</option>
-      <arg><option>--command</option> <replaceable>cmd</replaceable></arg>
-      <arg><option>--exclude</option> <replaceable>regexp</replaceable></arg>
-    </arg>
     <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
   </cmdsynopsis>
 </refsynopsisdiv>
@@ -75,47 +69,41 @@ a root of the Nix garbage collector.  This root disappears
 automatically when the <filename>result</filename> symlink is deleted
 or renamed.  So don’t rename the symlink.</para></warning>
 
-<para>The subcommand <command>nix-build --run-env</command> will build
-the dependencies of the derivation, but not the derivation itself.  It
-will then start an interactive shell in which all environment
-variables defined by the derivation have been set to their
-corresponding values.  This is useful for reproducing the environment
-of a derivation for development.</para>
-
 </refsection>
 
 
 <refsection><title>Options</title>
 
-<para>All options not listed here are passed to <command>nix-store
---realise</command>, except for <option>--arg</option> and
-<option>--attr</option> / <option>-A</option> which are passed to
-<command>nix-instantiate</command>.  <phrase condition="manual">See
-also <xref linkend="sec-common-options" />.</phrase></para>
+<para>See also <xref linkend="sec-common-options" />.  All options not
+listed here are passed to <command>nix-store --realise</command>,
+except for <option>--arg</option> and <option>--attr</option> /
+<option>-A</option> which are passed to
+<command>nix-instantiate</command>.</para>
 
 <variablelist>
 
-  <varlistentry><term><option>--drv-link</option> <replaceable>drvlink</replaceable></term>
-
-    <listitem><para>Add a symlink named
-    <replaceable>drvlink</replaceable> to the store derivation
-    produced by <command>nix-instantiate</command>.  The derivation is
+  <varlistentry><term><option>--add-drv-link</option></term>
+  
+    <listitem><para>Add a symlink in the current directory to the
+    store derivation produced by <command>nix-instantiate</command>.
+    The symlink is called <filename>derivation</filename> (which is
+    numbered in the case of multiple derivations).  The derivation is
     a root of the garbage collector until the symlink is deleted or
-    renamed.  If there are multiple derivations, numbers are suffixed
-    to <replaceable>drvlink</replaceable> to distinguish between
-    them.</para></listitem>
-
+    renamed.</para></listitem>
+    
   </varlistentry>
 
-  <varlistentry><term><option>--add-drv-link</option></term>
-
-    <listitem><para>Shorthand for <option>--drv-link</option>
-    <filename>./derivation</filename>.</para></listitem>
+  <varlistentry><term><option>--drv-link</option> <replaceable>drvlink</replaceable></term>
+  
+    <listitem><para>Change the name of the symlink to the derivation
+    created when <option>--add-drv-link</option> is used from
+    <filename>derivation</filename> to
+    <replaceable>drvlink</replaceable>.</para></listitem>
 
   </varlistentry>
 
   <varlistentry><term><option>--no-out-link</option></term>
-
+  
     <listitem><para>Do not create a symlink to the output path.  Note
     that as a result the output does not become a root of the garbage
     collector, and so might be deleted by <command>nix-store
@@ -125,48 +113,23 @@ also <xref linkend="sec-common-options" />.</phrase></para>
 
   <varlistentry xml:id='opt-out-link'><term><option>--out-link</option> /
   <option>-o</option> <replaceable>outlink</replaceable></term>
-
+  
     <listitem><para>Change the name of the symlink to the output path
-    created from <filename>result</filename> to
+    created unless <option>--no-out-link</option> is used from
+    <filename>result</filename> to
     <replaceable>outlink</replaceable>.</para></listitem>
 
   </varlistentry>
 
 </variablelist>
 
-<variablelist condition="manpage">
-  <xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
-</variablelist>
-
-<para>The following options apply to <command>nix-build --run-env</command>.</para>
-
-<variablelist>
-
-  <varlistentry><term><option>--command</option> <replaceable>cmd</replaceable></term>
-
-    <listitem><para>In the environment of the derivation, executeq the
-    command <replaceable>cmd</replaceable> instead of the default
-    interactive shell.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--exclude</option> <replaceable>regexp</replaceable></term>
-
-    <listitem><para>Do not build any dependencies whose store path
-    matches the regular expression <replaceable>regexp</replaceable>.
-    This option may be specified multiple times.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
-
 </refsection>
 
 
 <refsection><title>Examples</title>
 
 <screen>
-$ nix-build '&lt;nixpkgs>' -A firefox
+$ nix-build pkgs/top-level/all-packages.nix -A firefox
 store derivation is /nix/store/qybprl8sz2lc...-firefox-1.5.0.7.drv
 /nix/store/d18hyl92g30l...-firefox-1.5.0.7
 
@@ -176,49 +139,6 @@ lrwxrwxrwx  <replaceable>...</replaceable>  result -> /nix/store/d18hyl92g30l...
 $ ls ./result/bin/
 firefox  firefox-config</screen>
 
-<para>To build the dependencies of the package Pan, and start an
-interactive shell in which to build it:
-
-<screen>
-$ nix-build '&lt;nixpkgs>' --run-env -A pan
-$ tar xf $src
-$ cd pan-*
-$ ./configure
-$ make
-$ ./pan/gui/pan
-</screen>
-
-</para>
-
-<para>If a derivation has multiple outputs,
-<command>nix-build</command> will build the default (first) output.
-You can also build all outputs:
-<screen>
-$ nix-build '&lt;nixpkgs>' -A openssl.all
-</screen>
-This will create a symlink for each output named
-<filename>result-<replaceable>outputname</replaceable></filename>.
-The suffix is omitted if the output name is <literal>out</literal>.
-So if <literal>openssl</literal> has outputs <literal>out</literal>,
-<literal>bin</literal> and <literal>man</literal>,
-<command>nix-build</command> will create symlinks
-<literal>result</literal>, <literal>result-bin</literal> and
-<literal>result-man</literal>.  It’s also possible to build a specific
-output:
-<screen>
-$ nix-build '&lt;nixpkgs>' -A openssl.man
-</screen>
-This will create a symlink <literal>result-man</literal>.</para>
-
-</refsection>
-
-
-<refsection condition="manpage"><title>Environment variables</title>
-
-<variablelist>
-  <xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
-</variablelist>
-
 </refsection>
 
 

doc/manual/nix-channel.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-channel">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-channel</refentrytitle>
@@ -19,10 +18,10 @@
   <cmdsynopsis>
     <command>nix-channel</command>
     <group choice='req'>
-      <arg choice='plain'><option>--add</option> <replaceable>url</replaceable> <arg choice='opt'><replaceable>name</replaceable></arg></arg>
+      <arg choice='plain'><option>--add</option> <replaceable>url</replaceable></arg>
       <arg choice='plain'><option>--remove</option> <replaceable>url</replaceable></arg>
       <arg choice='plain'><option>--list</option></arg>
-      <arg choice='plain'><option>--update</option> <arg rep='repeat'><replaceable>names</replaceable></arg></arg>
+      <arg choice='plain'><option>--update</option></arg>
     </group>
   </cmdsynopsis>
 </refsynopsisdiv>
@@ -31,51 +30,43 @@
 
 <para>A Nix channel is mechanism that allows you to automatically stay
 up-to-date with a set of pre-built Nix expressions.  A Nix channel is
-just a URL that points to a place containing a set of Nix expressions
-and a <command>nix-push</command> manifest.  <phrase
-condition="manual">See also <xref linkend="sec-channels"
-/>.</phrase></para>
+just a URL that points to a place that contains a set of Nix
+expressions, as well as a <command>nix-push</command> manifest.  See
+also <xref linkend="sec-channels" />.</para>
 
 <para>This command has the following operations:
 
 <variablelist>
 
-  <varlistentry><term><option>--add</option> <replaceable>url</replaceable> [<replaceable>name</replaceable>]</term>
+  <varlistentry><term><option>--add</option> <replaceable>url</replaceable></term>
 
-    <listitem><para>Adds a channel named
-    <replaceable>name</replaceable> with URL
-    <replaceable>url</replaceable> to the list of subscribed channels.
-    If <replaceable>name</replaceable> is omitted, it defaults to the
-    last component of <replaceable>url</replaceable>, with the
-    suffixes <literal>-stable</literal> or
-    <literal>-unstable</literal> removed.</para></listitem>
+    <listitem><para>Adds <replaceable>url</replaceable> to the list of
+    subscribed channels.</para></listitem>
 
   </varlistentry>
 
-  <varlistentry><term><option>--remove</option> <replaceable>name</replaceable></term>
+  <varlistentry><term><option>--remove</option> <replaceable>url</replaceable></term>
 
-    <listitem><para>Removes the channel named
-    <replaceable>name</replaceable> from the list of subscribed
-    channels.</para></listitem>
+    <listitem><para>Removes <replaceable>url</replaceable> from the
+    list of subscribed channels.</para></listitem>
 
   </varlistentry>
 
   <varlistentry><term><option>--list</option></term>
 
-    <listitem><para>Prints the names and URLs of all subscribed
-    channels on standard output.</para></listitem>
+    <listitem><para>Prints the URLs of all subscribed channels on
+    standard output.</para></listitem>
 
   </varlistentry>
 
-  <varlistentry><term><option>--update</option> [<replaceable>names</replaceable>…]</term>
+  <varlistentry><term><option>--update</option></term>
 
     <listitem><para>Downloads the Nix expressions of all subscribed
-    channels (or only those included in
-    <replaceable>names</replaceable> if specified), makes them the
-    default for <command>nix-env</command> operations (by symlinking
-    them from the directory <filename>~/.nix-defexpr</filename>), and
-    performs a <command>nix-pull</command> on the manifests of all
-    channels to make pre-built binaries available.</para></listitem>
+    channels, makes them the default for <command>nix-env</command>
+    operations (by symlinking them in the directory
+    <filename>~/.nix-defexpr</filename>), and performs a
+    <command>nix-pull</command> on the manifests of all channels to
+    make pre-built binaries available.</para></listitem>
 
   </varlistentry>
 
@@ -83,8 +74,8 @@ condition="manual">See also <xref linkend="sec-channels"
 
 </para>
 
-<para>Note that <option>--add</option> does not automatically perform
-an update.</para>
+<para>Note that <option>--add</option> and <option>--remove</option>
+do not automatically perform an update.</para>
 
 <para>The list of subscribed channels is stored in
 <filename>~/.nix-channels</filename>.</para>
@@ -98,15 +89,4 @@ respectively.</para>
 
 </refsection>
 
-<refsection><title>Examples</title>
-
-<para>To subscribe to the Nixpkgs channel and install the GNU Hello package:</para>
-
-<screen>
-$ nix-channel --add http://nixos.org/channels/nixpkgs-unstable
-$ nix-channel --update
-$ nix-env -iA nixpkgs.hello</screen>
-
-</refsection>
-
 </refentry>

doc/manual/nix-collect-garbage.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-collect-garbage">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-collect-garbage</refentrytitle>
@@ -26,7 +25,6 @@
       <arg choice='plain'><option>--print-dead</option></arg>
       <arg choice='plain'><option>--delete</option></arg>
     </group>
-    <arg><option>--dry-run</option></arg>
   </cmdsynopsis>
 </refsynopsisdiv>
 

doc/manual/nix-copy-closure.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-copy-closure">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
   <refentrytitle>nix-copy-closure</refentrytitle>
@@ -24,14 +23,8 @@
     </group>
     <arg><option>--sign</option></arg>
     <arg><option>--gzip</option></arg>
-    <arg><option>--bzip2</option></arg>
-    <arg><option>--xz</option></arg>
-    <arg><option>--show-progress</option></arg>
-    <arg><option>--include-outputs</option></arg>
-    <arg><option>--use-substitutes</option></arg>
-    <arg><option>-s</option></arg>
     <arg choice='plain'>
-      <replaceable>user@</replaceable><replaceable>machine</replaceable>
+      <arg><replaceable>user@</replaceable></arg><replaceable>machine</replaceable>
     </arg>
     <arg choice='plain'><replaceable>paths</replaceable></arg>
   </cmdsynopsis>
@@ -67,7 +60,7 @@ those paths.  If this bothers you, use
 <refsection><title>Options</title>
 
 <variablelist>
-
+  
   <varlistentry><term><option>--to</option></term>
 
     <listitem><para>Copy the closure of
@@ -90,52 +83,22 @@ those paths.  If this bothers you, use
 
     <listitem><para>Let the sending machine cryptographically sign the
     dump of each path with the key in
-    <filename><replaceable>sysconfdir</replaceable>/nix/signing-key.sec</filename>.
-    If the user on the target machine does not have direct access to
-    the Nix store (i.e., if the target machine has a multi-user Nix
-    installation), then the target machine will check the dump against
-    <filename><replaceable>sysconfdir</replaceable>/nix/signing-key.pub</filename>
-    before unpacking it in its Nix store.  This allows secure sharing
-    of store paths between untrusted users on two machines, provided
-    that there is a trust relation between the Nix installations on
-    both machines (namely, they have matching public/secret
-    keys).</para></listitem>
+    <filename>/nix/etc/nix/signing-key.sec</filename>.  If the user on
+    the target machine does not have direct access to the Nix store
+    (i.e., if the target machine has a multi-user Nix installation),
+    then the target machine will check the dump against
+    <filename>/nix/etc/nix/signing-key.pub</filename> before unpacking
+    it in its Nix store.  This allows secure sharing of store paths
+    between untrusted users on two machines, provided that there is a
+    trust relation between the Nix installations on both machines
+    (namely, they have matching public/secret keys).</para></listitem>
 
   </varlistentry>
 
-  <varlistentry><term><option>--gzip</option> / <option>--bzip2</option> / <option>--xz</option></term>
+  <varlistentry><term><option>--gzip</option></term>
 
-    <listitem><para>Compress the dump of each path with respectively
-    <command>gzip</command>, <command>bzip2</command> or
-    <command>xz</command> before sending it.  The corresponding
-    decompression program must be installed on the target
-    machine.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--show-progress</option></term>
-
-    <listitem><para>Show the progress of each path's transfer as it's made.
-    This requires the <command>pv</command> utility to be in <envar>PATH</envar>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--include-outputs</option></term>
-
-    <listitem><para>Also copy the outputs of store derivations
-    included in the closure.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--use-substitutes</option> / <option>-s</option></term>
-
-    <listitem><para>Attempt to download missing paths on the target
-    machine using Nix’s substitute mechanism.  Any paths that cannot
-    be substituted on the target are still copied normally from the
-    source.  This is useful, for instance, if the connection between
-    the source and target machine is slow, but the connection between
-    the target machine and <literal>nixos.org</literal> (the default
-    binary cache server) is fast.</para></listitem>
+    <listitem><para>Compress the dump of each path with
+    <command>gzip</command> before sending it.</para></listitem>
 
   </varlistentry>
 
@@ -154,7 +117,7 @@ those paths.  If this bothers you, use
     <command>ssh</command> on the command line.</para></listitem>
 
   </varlistentry>
-
+  
 </variablelist>
 
 </refsection>

doc/manual/nix-env.xml

@@ -1,8 +1,7 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-env">
-
+          xmlns:xi="http://www.w3.org/2001/XInclude">
+  
 <refmeta>
   <refentrytitle>nix-env</refentrytitle>
   <manvolnum>1</manvolnum>
@@ -18,7 +17,7 @@
 <refsynopsisdiv>
   <cmdsynopsis>
     <command>nix-env</command>
-    <xi:include href="opt-common-syn.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(/db:nop/*)" />
+    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="opt-common-syn.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(/db:nop/*)" />
     <arg><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
     <arg><option>--argstr</option> <replaceable>name</replaceable> <replaceable>value</replaceable></arg>
     <arg>
@@ -60,7 +59,7 @@ environments.</para>
 <para><command>nix-env</command> takes exactly one
 <emphasis>operation</emphasis> flag which indicates the subcommand to
 be performed.  These are documented below.</para>
-
+    
 </refsection>
 
 
@@ -71,26 +70,26 @@ be performed.  These are documented below.</para>
 
 <para>This section lists the options that are common to all
 operations.  These options are allowed for every subcommand, though
-they may not always have an effect.  <phrase condition="manual">See
-also <xref linkend="sec-common-options" />.</phrase></para>
+they may not always have an effect.  See also <xref
+linkend="sec-common-options" />.</para>
 
 <variablelist>
 
   <varlistentry><term><option>--file</option></term>
     <term><option>-f</option></term>
-
+  
     <listitem><para>Specifies the Nix expression (designated below as
     the <emphasis>active Nix expression</emphasis>) used by the
     <option>--install</option>, <option>--upgrade</option>, and
     <option>--query --available</option> operations to obtain
     derivations.  The default is
     <filename>~/.nix-defexpr</filename>.</para></listitem>
-
+    
   </varlistentry>
-
+      
   <varlistentry><term><option>--profile</option></term>
     <term><option>-p</option></term>
-
+  
     <listitem><para>Specifies the profile to be used by those
     operations that operate on a profile (designated below as the
     <emphasis>active profile</emphasis>).  A profile is sequence of
@@ -98,15 +97,14 @@ also <xref linkend="sec-common-options" />.</phrase></para>
     which is the <emphasis>current generation</emphasis>.  The default
     profile is the target of the symbolic link
     <filename>~/.nix-profile</filename> (see below).</para></listitem>
-
+    
   </varlistentry>
-
+      
   <varlistentry><term><option>--dry-run</option></term>
-
+  
     <listitem><para>For the <option>--install</option>,
     <option>--upgrade</option>, <option>--uninstall</option>,
-    <option>--switch-generation</option>,
-    <option>--delete-generations</option> and
+    <option>--switch-generation</option> and
     <option>--rollback</option> operations, this flag will cause
     <command>nix-env</command> to print what
     <emphasis>would</emphasis> be done if this flag had not been
@@ -118,25 +116,23 @@ also <xref linkend="sec-common-options" />.</phrase></para>
     substitute is available).</para></listitem>
 
   </varlistentry>
-
+      
   <varlistentry><term><option>--system-filter</option> <replaceable>system</replaceable></term>
-
+  
     <listitem><para>By default, operations such as <option>--query
-    --available</option> show derivations matching any platform.  This
-    option allows you to use derivations for the specified platform
-    <replaceable>system</replaceable>.</para></listitem>
-
+    --available</option> only include derivations matching the current
+    platform.  This option allows you to use derivations for the
+    specified platform <replaceable>system</replaceable>.  The special
+    value <literal>*</literal> causes derivations for any platform to
+    be included.</para></listitem>
+    
   </varlistentry>
 
 </variablelist>
 
-<variablelist condition="manpage">
-  <xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
-</variablelist>
-
 </refsection>
 
-
+  
 
 <!--######################################################################-->
 
@@ -173,25 +169,25 @@ also <xref linkend="sec-common-options" />.</phrase></para>
     this directory.</para>
 
     </listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><filename>~/.nix-profile</filename></term>
-
+  
     <listitem><para>A symbolic link to the user's current profile.  By
     default, this symlink points to
     <filename><replaceable>prefix</replaceable>/var/nix/profiles/default</filename>.
     The <envar>PATH</envar> environment variable should include
     <filename>~/.nix-profile/bin</filename> for the user environment
     to be visible to the user.</para></listitem>
-
+    
   </varlistentry>
 
 </variablelist>
-
+        
 </refsection>
 
-
+  
 
 <!--######################################################################-->
 
@@ -217,7 +213,7 @@ also <xref linkend="sec-common-options" />.</phrase></para>
 
 
 <refsection><title>Description</title>
-
+            
 <para>The install operation creates a new user environment, based on
 the current generation of the active profile, to which a set of store
 paths described by <replaceable>args</replaceable> is added.  The
@@ -259,7 +255,7 @@ number of possible ways:
   <emphasis>attribute paths</emphasis> that select attributes from the
   top-level Nix expression.  This is faster than using derivation
   names and unambiguous.  To find out the attribute paths of available
-  packages, use <literal>nix-env -qaP '*'</literal>.</para></listitem>
+  packages, use <literal>nix-env -qaA '*'</literal>.</para></listitem>
 
   <listitem><para>If <option>--from-profile</option>
   <replaceable>path</replaceable> is given,
@@ -309,20 +305,20 @@ number of possible ways:
 
   <varlistentry><term><option>--preserve-installed</option></term>
     <term><option>-P</option></term>
-
+  
     <listitem><para>Do not remove derivations with a name matching one
     of the derivations being installed.  Usually, trying to have two
     versions of the same package installed in the same generation of a
     profile will lead to an error in building the generation, due to
     file name clashes between the two versions.  However, this is not
     the case for all packages.</para></listitem>
-
+    
   </varlistentry>
 
 </variablelist>
 
 </refsection>
-
+            
 
 <refsection xml:id='refsec-nix-env-install-examples'><title>Examples</title>
 
@@ -330,7 +326,7 @@ number of possible ways:
 active Nix expression:
 
 <screen>
-$ nix-env --install gcc-3.3.2
+$ nix-env --install gcc-3.3.2 
 installing `gcc-3.3.2'
 uninstalling `gcc-3.1'</screen>
 
@@ -411,15 +407,15 @@ the following paths will be substituted:
   /nix/store/8zbipvm4gp9jfqh9nnk1n3bary1a37gs-perl-XML-Parser-2.34
   /nix/store/b8a2bg7gnyvvvjjibp4axg9x1hzkw36c-mono-1.1.4
   <replaceable>...</replaceable></screen>
-
+  
 </para>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection xml:id="rsec-nix-env-upgrade"><title>Operation <option>--upgrade</option></title>
@@ -445,7 +441,7 @@ the following paths will be substituted:
 </refsection>
 
 <refsection><title>Description</title>
-
+            
 <para>The upgrade operation creates a new user environment, based on
 the current generation of the active profile, in which all store paths
 are replaced for which there are newer versions in the set of paths
@@ -462,47 +458,47 @@ the same symbolic name, only the one with the highest version is
 installed.</para>
 
 </refsection>
-
+            
 <refsection><title>Flags</title>
 
 <variablelist>
 
   <varlistentry><term><option>--lt</option></term>
-
+  
     <listitem><para>Only upgrade a derivation to newer versions.  This
     is the default.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--leq</option></term>
-
+  
     <listitem><para>In addition to upgrading to newer versions, also
     “upgrade” to derivations that have the same version.  Version are
     not a unique identification of a derivation, so there may be many
     derivations that have the same version.  This flag may be useful
     to force “synchronisation” between the installed and available
     derivations.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--eq</option></term>
-
+  
     <listitem><para><emphasis>Only</emphasis> “upgrade” to derivations
     that have the same version.  This may not seem very useful, but it
     actually is, e.g., when there is a new release of Nixpkgs and you
     want to replace installed applications with the same versions
     built against newer dependencies (to reduce the number of
     dependencies floating around on your system).</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--always</option></term>
-
+  
     <listitem><para>In addition to upgrading to newer versions, also
     “upgrade” to derivations that have the same or a lower version.
     I.e., derivations may actually be downgraded depending on what is
     available in the active Nix expression.</para></listitem>
-
+    
   </varlistentry>
 
 </variablelist>
@@ -526,10 +522,10 @@ $ nix-env --upgrade pan
 
 $ nix-env -u '*' <lineannotation>(try to upgrade everything)</lineannotation>
 upgrading `hello-2.1.2' to `hello-2.1.3'
-upgrading `mozilla-1.2' to `mozilla-1.4'</screen>
+upgrading `mozilla-1.2' to `mozilla-1.4'</screen>        
 
 </refsection>
-
+    
 <refsection xml:id="ssec-version-comparisons"><title>Versions</title>
 
 <para>The upgrade operation determines whether a derivation
@@ -573,14 +569,14 @@ lexicographically (i.e., using case-sensitive string comparison).</para>
 2.3a &lt; 2.3c
 2.3pre1 &lt; 2.3c
 2.3pre1 &lt; 2.3q</screen>
-
+        
 </para>
 
 </refsection>
-
+            
 </refsection>
 
-
+  
 
 <!--######################################################################-->
 
@@ -599,14 +595,14 @@ lexicographically (i.e., using case-sensitive string comparison).</para>
 </refsection>
 
 <refsection><title>Description</title>
-
+            
 <para>The uninstall operation creates a new user environment, based on
 the current generation of the active profile, from which the store
 paths designated by the symbolic names
 <replaceable>names</replaceable> are removed.</para>
 
 </refsection>
-
+            
 <refsection><title>Examples</title>
 
 <screen>
@@ -614,11 +610,11 @@ $ nix-env --uninstall gcc
 $ nix-env -e '*' <lineannotation>(remove everything)</lineannotation></screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection xml:id="rsec-nix-env-set-flag"><title>Operation <option>--set-flag</option></title>
@@ -635,7 +631,7 @@ $ nix-env -e '*' <lineannotation>(remove everything)</lineannotation></screen>
 </refsection>
 
 <refsection><title>Description</title>
-
+            
 <para>The <option>--set-flag</option> operation allows meta attributes
 of installed packages to be modified.  There are several attributes
 that can be usefully modified, because they affect the behaviour of
@@ -673,7 +669,7 @@ script:
 </para>
 
 </refsection>
-
+            
 <refsection><title>Examples</title>
 
 <para>To prevent the currently installed Firefox from being upgraded:
@@ -719,13 +715,13 @@ $ nix-env --set-flag priority 10 gcc</screen>
 </para>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
-
+  
 <refsection><title>Operation <option>--query</option></title>
 
 <refsection><title>Synopsis</title>
@@ -741,9 +737,9 @@ $ nix-env --set-flag priority 10 gcc</screen>
     <arg choice='plain'><option>--available</option></arg>
     <arg choice='plain'><option>-a</option></arg>
   </group>
-
+  
   <sbr />
-
+  
   <arg>
     <group choice='req'>
       <arg choice='plain'><option>--status</option></arg>
@@ -788,7 +784,7 @@ $ nix-env --set-flag priority 10 gcc</screen>
   </arg>
 
   <sbr />
-
+  
   <arg choice='plain' rep='repeat'><replaceable>names</replaceable></arg>
 </cmdsynopsis>
 
@@ -796,7 +792,7 @@ $ nix-env --set-flag priority 10 gcc</screen>
 
 
 <refsection><title>Description</title>
-
+            
 <para>The query operation displays information about either the store
 paths that are installed in the current generation of the active
 profile (<option>--installed</option>), or the derivations that are
@@ -820,23 +816,23 @@ operates.</para>
 <variablelist>
 
   <varlistentry><term><option>--installed</option></term>
-
+  
     <listitem><para>The query operates on the store paths that are
     installed in the current generation of the active profile.  This
     is the default.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--available</option></term>
     <term><option>-a</option></term>
-
+  
     <listitem><para>The query operates on the derivations that are
     available in the active Nix expression.</para></listitem>
-
+    
   </varlistentry>
 
 </variablelist>
-
+            
 </refsection>
 
 
@@ -877,7 +873,7 @@ user environment elements, etc. -->
 
   <varlistentry><term><option>--status</option></term>
     <term><option>-s</option></term>
-
+  
     <listitem><para>Print the <emphasis>status</emphasis> of the
     derivation.  The status consists of three characters.  The first
     is <literal>I</literal> or <literal>-</literal>, indicating
@@ -891,7 +887,7 @@ user environment elements, etc. -->
     third is <literal>S</literal> or <literal>-</literal>, indicating
     whether a substitute is available for the
     derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--attr-path</option></term>
@@ -904,17 +900,17 @@ user environment elements, etc. -->
     <literal>nix-env --install</literal>.</para></listitem>
 
   </varlistentry>
-
+  
   <varlistentry><term><option>--no-name</option></term>
-
+  
     <listitem><para>Suppress printing of the <literal>name</literal>
     attribute of each derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--compare-versions</option> /
   <option>-c</option></term>
-
+  
     <listitem><para>Compare installed versions to available versions,
     or vice versa (if <option>--available</option> is given).  This is
     useful for quickly seeing whether upgrades for installed
@@ -929,21 +925,21 @@ user environment elements, etc. -->
         or installed.</para></listitem>
 
       </varlistentry>
-
+      
       <varlistentry><term><literal>=</literal> <replaceable>version</replaceable></term>
 
         <listitem><para>At most the same version of the package is
         available or installed.</para></listitem>
 
       </varlistentry>
-
+      
       <varlistentry><term><literal>></literal> <replaceable>version</replaceable></term>
 
         <listitem><para>Only older versions of the package are
         available or installed.</para></listitem>
 
       </varlistentry>
-
+      
       <varlistentry><term><literal>- ?</literal></term>
 
         <listitem><para>No version of the package is available or
@@ -954,45 +950,45 @@ user environment elements, etc. -->
     </variablelist>
 
     </para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--system</option></term>
-
+  
     <listitem><para>Print the <literal>system</literal> attribute of
     the derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--drv-path</option></term>
-
+  
     <listitem><para>Print the path of the store
     derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--out-path</option></term>
-
+  
     <listitem><para>Print the output path of the
     derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--description</option></term>
-
+  
     <listitem><para>Print a short (one-line) description of the
     derivation, if available.  The description is taken from the
     <literal>meta.description</literal> attribute of the
     derivation.</para></listitem>
-
+    
   </varlistentry>
 
   <varlistentry><term><option>--meta</option></term>
-
+  
     <listitem><para>Print all of the meta-attributes of the
     derivation.  This option is only available with
     <option>--xml</option>.</para></listitem>
-
+    
   </varlistentry>
 
 </variablelist>
@@ -1026,7 +1022,7 @@ IP- ORBit2-2.8.3    <lineannotation>(installed and by definition present)</linea
 ...
 
 <lineannotation>(show available derivations in the Nix expression <!-- !!! <filename>-->foo.nix<!-- </filename> -->)</lineannotation>
-$ nix-env -f ./foo.nix -qa '*'
+$ nix-env -f ./foo.nix -qa '*' 
 foo-1.2.3
 
 $ nix-env -qc '*' <lineannotation>(compare installed versions to what’s available)</lineannotation>
@@ -1037,7 +1033,7 @@ firefox-1.0.4      &lt; 1.0.7  <lineannotation>(a more recent version is availab
 <replaceable>...</replaceable>
 
 <lineannotation>(show info about a specific package, in XML)</lineannotation>
-$ nix-env -qa --xml --description firefox
+$ nix-env -qa --xml --description firefox 
 <![CDATA[<?xml version='1.0' encoding='utf-8'?>
 <items>
   <item attrPath="0.0.firefoxWrapper"
@@ -1048,8 +1044,8 @@ $ nix-env -qa --xml --description firefox
 </refsection>
 
 </refsection>
-
-
+  
+    
 
 <!--######################################################################-->
 
@@ -1070,25 +1066,25 @@ $ nix-env -qa --xml --description firefox
 
 
 <refsection><title>Description</title>
-
+            
 <para>This operation makes <replaceable>path</replaceable> the current
 profile for the user.  That is, the symlink
 <filename>~/.nix-profile</filename> is made to point to
 <replaceable>path</replaceable>.</para>
 
 </refsection>
-
+            
 <refsection><title>Examples</title>
 
 <screen>
 $ nix-env -S ~/my-profile</screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection><title>Operation <option>--list-generations</option></title>
@@ -1104,7 +1100,7 @@ $ nix-env -S ~/my-profile</screen>
 
 
 <refsection><title>Description</title>
-
+            
 <para>This operation print a list of all the currently existing
 generations for the active profile.  These may be switched to using
 the <option>--switch-generation</option> operation.  It also prints
@@ -1124,11 +1120,11 @@ $ nix-env --list-generations
   98   2004-02-06 16:24:33   (current)</screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection><title>Operation <option>--delete-generations</option></title>
@@ -1145,7 +1141,7 @@ $ nix-env --list-generations
 
 
 <refsection><title>Description</title>
-
+            
 <para>This operation deletes the specified generations of the current
 profile.  The generations can be a list of generation numbers, or the
 special value <literal>old</literal> to delete all non-current
@@ -1153,7 +1149,7 @@ generations.  Periodically deleting old generations is important to
 make garbage collection effective.</para>
 
 </refsection>
-
+            
 <refsection><title>Examples</title>
 
 <screen>
@@ -1162,11 +1158,11 @@ $ nix-env --delete-generations 3 4 8
 $ nix-env -p other_profile --delete-generations old</screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection><title>Operation <option>--switch-generation</option></title>
@@ -1186,7 +1182,7 @@ $ nix-env -p other_profile --delete-generations old</screen>
 
 
 <refsection><title>Description</title>
-
+            
 <para>This operation makes generation number
 <replaceable>generation</replaceable> the current generation of the
 active profile.  That is, if the
@@ -1210,11 +1206,11 @@ $ nix-env -G 42
 switching from generation 50 to 42</screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-
+  
 <!--######################################################################-->
 
 <refsection><title>Operation <option>--rollback</option></title>
@@ -1229,7 +1225,7 @@ switching from generation 50 to 42</screen>
 </refsection>
 
 <refsection><title>Description</title>
-
+            
 <para>This operation switches to the “previous” generation of the
 active profile, that is, the highest numbered generation lower than
 the current generation, if it exists.  It is just a convenience
@@ -1249,17 +1245,9 @@ $ nix-env --rolback
 error: no generation older than the current (91) exists</screen>
 
 </refsection>
-
+    
 </refsection>
 
 
-<refsection condition="manpage"><title>Environment variables</title>
-
-<variablelist>
-  <xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
-</variablelist>
-
-</refsection>
   
-
 </refentry>

doc/manual/nix-hash.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-hash">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-hash</refentrytitle>
@@ -91,9 +90,8 @@ cryptographic hash as <literal>nix-store --dump
 
   <varlistentry><term><option>--type</option> <replaceable>hashAlgo</replaceable></term>
 
-    <listitem><para>Use the specified cryptographic hash algorithm,
-    which can be one of <literal>md5</literal>,
-    <literal>sha1</literal>, and
+    <listitem><para>Specify a cryptographic hash, which can be one of
+    <literal>md5</literal>, <literal>sha1</literal>, and
     <literal>sha256</literal>.</para></listitem>
 
   </varlistentry>

doc/manual/nix-install-package.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-install-package">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-install-package</refentrytitle>

doc/manual/nix-instantiate.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-instantiate">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-instantiate</refentrytitle>
@@ -36,7 +35,6 @@
           <option>--eval-only</option>
           <arg><option>--strict</option></arg>
         </arg>
-        <arg choice='plain'><option>--find-file</option></arg>
       </group>
       <arg><option>--xml</option></arg>
     </arg>
@@ -50,9 +48,8 @@
 <para>The command <command>nix-instantiate</command> generates <link
 linkend="gloss-derivation">store derivations</link> from (high-level)
 Nix expressions.  It loads and evaluates the Nix expressions in each
-of <replaceable>files</replaceable> (which defaults to
-<replaceable>./default.nix</replaceable>).  Each top-level expression
-should evaluate to a derivation, a list of derivations, or a set of
+of <replaceable>files</replaceable>.  Each top-level expression should
+evaluate to a derivation, a list of derivations, or a set of
 derivations.  The paths of the resulting store derivations are printed
 on standard output.</para>
 
@@ -66,8 +63,8 @@ store derivation instantiation from Nix expressions automatically).
 It is most commonly used for implementing new deployment
 policies.</para>
 
-<para condition="manual">See also <xref linkend="sec-common-options"
-/> for a list of common options.</para>
+<para>See also <xref linkend="sec-common-options" /> for a list of
+common options.</para>
 
 </refsection>
 
@@ -102,19 +99,6 @@ policies.</para>
     
   </varlistentry>
 
-  <varlistentry><term><option>--find-file</option></term>
-  
-    <listitem><para>Look up the given files in Nix’s search path (as
-    specified by the <envar>NIX_PATH</envar> environment variable).
-    If found, print the corresponding absolute paths on standard
-    output.  For instance, if <envar>NIX_PATH</envar> is
-    <literal>nixpkgs=/home/alice/nixpkgs</literal>, then
-    <literal>nix-instantiate --find-file nixpkgs/default.nix</literal>
-    will print
-    <literal>/home/alice/nixpkgs/default.nix</literal>.</para></listitem>
-    
-  </varlistentry>
-      
   <varlistentry><term><option>--xml</option></term>
 
     <listitem><para>When used with <option>--parse-only</option> and
@@ -142,10 +126,6 @@ policies.</para>
 
 </variablelist>
 
-<variablelist condition="manpage">
-  <xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
-</variablelist>
-
 </refsection>
 
 
@@ -217,13 +197,4 @@ $ echo 'rec { x = "foo"; y = x; }' | nix-instantiate --eval-only --xml --strict
 </refsection>
 
 
-<refsection condition="manpage"><title>Environment variables</title>
-
-<variablelist>
-  <xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
-</variablelist>
-
-</refsection>
-  
-
 </refentry>

doc/manual/nix-lang-ref.xml

@@ -178,5 +178,100 @@
     </productionset>
     
   </sect1>
+  
+
+
+  <sect1>
+    <title>Semantics</title>
+
+
+    
+    <sect2>
+      <title>Built-in functions</title>
+
+      <para>
+        The Nix language provides the following built-in function
+        (<quote>primops</quote>):
+      </para>
+
+      <variablelist>
+
+        <varlistentry>
+          <term><function>import</function>
+          <replaceable>e</replaceable></term>
+          <listitem>
+            <para>
+              Evaluates the expression <replaceable>e</replaceable>,
+              which must yield a path value.  The Nix expression
+              stored at this path in the file system is then read,
+              parsed, and evaluated.  Returns the result of the
+              evaluation of the Nix expression just read.
+            </para>
+
+            <para>
+              Example: <literal>import ./foo.nix</literal> evaluates
+              the expression stored in <filename>foo.nix</filename>
+              (in the directory containing the expression in which the
+              <function>import</function> occurs).
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term><function>derivation</function>
+          <replaceable>e</replaceable></term>
+          <listitem>
+            <para>
+              Evaluates the expression <replaceable>e</replaceable>,
+              which must yield an attribute set.  [...]
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term><function>baseNameOf</function>
+          <replaceable>e</replaceable></term>
+          <listitem>
+            <para>
+              Evaluates the expression <replaceable>e</replaceable>,
+              which must yield a string value, and returns a string
+              representing its <emphasis>base name</emphasis>.  This
+              is the substring following the last path separator
+              (<literal>/</literal>).
+            </para>
+
+            <para>
+              Example: <literal>baseNameOf "/foo/bar"</literal>
+              returns <literal>"bar"</literal>, and
+              <literal>baseNameOf "/foo/bar/"</literal> returns
+              <literal>""</literal>.
+            </para>
+          </listitem>
+        </varlistentry>
+
+        <varlistentry>
+          <term><function>toString</function>
+          <replaceable>e</replaceable></term>
+          <listitem>
+            <para>
+              Evaluates the expression <replaceable>e</replaceable>
+              and coerces it into a string, if possible.  Only
+              strings, paths, and URIs can be so coerced.
+            </para>
+
+            <para>
+              Example: <literal>toString
+              http://www.cs.uu.nl/</literal> returns
+              <literal>"http://www.cs.uu.nl/"</literal>.
+            </para>
+          </listitem>
+        </varlistentry>
+            
+      </variablelist>
+
+    </sect2>
+
+  </sect1>
+  
 
 </appendix>

doc/manual/nix-prefetch-url.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-prefetch-url">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
   
 <refmeta>
   <refentrytitle>nix-prefetch-url</refentrytitle>
@@ -12,13 +11,12 @@
 
 <refnamediv>
   <refname>nix-prefetch-url</refname>
-  <refpurpose>copy a file from a URL into the store and print its hash</refpurpose>
+  <refpurpose>copy a file from a URL into the store and print its MD5 hash</refpurpose>
 </refnamediv>
 
 <refsynopsisdiv>
   <cmdsynopsis>
     <command>nix-prefetch-url</command>
-    <arg><option>--type</option> <replaceable>hashAlgo</replaceable></arg>
     <arg choice='plain'><replaceable>url</replaceable></arg>
     <arg><replaceable>hash</replaceable></arg>
   </cmdsynopsis>
@@ -46,6 +44,11 @@ download it again when you build your Nix expression.  Since
 as <command>nix-prefetch-url</command>, the redundant download can be
 avoided.</para>
 
+<para>The environment variable <envar>NIX_HASH_ALGO</envar> specifies
+which hash algorithm to use.  It can be either <literal>md5</literal>,
+<literal>sha1</literal>, or <literal>sha256</literal>.  The default is
+<literal>sha256</literal>.</para>
+
 <para>If <replaceable>hash</replaceable> is specified, then a download
 is not performed if the Nix store already contains a file with the
 same hash and base name.  Otherwise, the file is downloaded, and an
@@ -59,24 +62,6 @@ of the downloaded file in the Nix store is also printed.</para>
 </refsection>
 
 
-<refsection><title>Options</title>
-
-<variablelist>
-  
-  <varlistentry><term><option>--type</option> <replaceable>hashAlgo</replaceable></term>
-
-    <listitem><para>Use the specified cryptographic hash algorithm,
-    which can be one of <literal>md5</literal>,
-    <literal>sha1</literal>, and
-    <literal>sha256</literal>.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
-
-</refsection>
-
-
 <refsection><title>Examples</title>
 
 <screen>

doc/manual/nix-pull.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-pull">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
   <refentrytitle>nix-pull</refentrytitle>

doc/manual/nix-push.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-push">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
   <refentrytitle>nix-push</refentrytitle>
@@ -12,19 +11,24 @@
 
 <refnamediv>
   <refname>nix-push</refname>
-  <refpurpose>generate a binary cache</refpurpose>
+  <refpurpose>push store paths onto a network cache</refpurpose>
 </refnamediv>
 
 <refsynopsisdiv>
   <cmdsynopsis>
     <command>nix-push</command>
-    <arg choice='plain'><option>--dest</option> <replaceable>dest-dir</replaceable></arg>
-    <arg><option>--bzip2</option></arg>
-    <arg><option>--force</option></arg>
-    <arg><option>--link</option></arg>
-    <arg><option>--manifest</option></arg>
-    <arg><option>--manifest-path</option> <replaceable>filename</replaceable></arg>
-    <arg><option>--url-prefix</option> <replaceable>url</replaceable></arg>
+    <group choice='req'>
+      <arg choice='req'>
+        <arg choice='plain'><replaceable>archivesPutURL</replaceable></arg>
+        <arg choice='plain'><replaceable>archivesGetURL</replaceable></arg>
+        <arg choice='plain'><replaceable>manifestPutURL</replaceable></arg>
+      </arg>
+      <arg choice='req'>
+        <arg choice='plain'><option>--copy</option></arg>
+        <arg choice='plain'><replaceable>archivesDir</replaceable></arg>
+        <arg choice='plain'><replaceable>manifestFile</replaceable></arg>
+      </arg>
+    </group>
     <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
   </cmdsynopsis>
 </refsynopsisdiv>
@@ -32,360 +36,93 @@
 
 <refsection><title>Description</title>
 
-<para>The command <command>nix-push</command> produces a
-<emphasis>binary cache</emphasis>, a directory containing compressed
-Nix archives (NARs) plus some metadata of the closure of the specified
-store paths.  This directory can then be made available through a web
-server to other Nix installations, allowing them to skip building from
-source and instead download binaries from the cache
-automatically.</para>
+<para>The command <command>nix-push</command> builds a set of store
+paths (if necessary), and then packages and uploads all store paths in
+the resulting closures to a server.  A network cache thus populated
+can subsequently be used to speed up software deployment on other
+machines using the <command>nix-pull</command> command.</para>
 
 <para><command>nix-push</command> performs the following actions.
       
 <orderedlist>
 
   <listitem><para>Each path in <replaceable>paths</replaceable> is
-  built (using <link
-  linkend='rsec-nix-store-realise'><command>nix-store
-  --realise</command></link>).</para></listitem>
+  realised (using <link
+  linkend='rsec-nix-store-realise'><literal>nix-store
+  --realise</literal></link>).</para></listitem>
 
-  <listitem><para>All paths in the closure of
-  <replaceable>paths</replaceable> are determined (using
-  <command>nix-store --query --requisites
-  --include-outputs</command>).  Note that since the
-  <option>--include-outputs</option> flag is used, if
-  <replaceable>paths</replaceable> includes a store derivation, you
-  get a combined source/binary distribution (e.g., source tarballs
-  will be included).</para></listitem>
+  <listitem><para>All paths in the closure of the store expressions
+  stored in <replaceable>paths</replaceable> are determined (using
+  <literal>nix-store --query --requisites
+  --include-outputs</literal>).  It should be noted that since the
+  <option>--include-outputs</option> flag is used, you get a combined
+  source/binary distribution.</para></listitem>
 
   <listitem><para>All store paths determined in the previous step are
-  packaged into a NAR (using <command>nix-store --dump</command>) and
-  compressed using <command>xz</command> or <command>bzip2</command>.
-  The resulting files have the extension <filename>.nar.xz</filename>
-  or <filename>.nar.bz2</filename>.  Also for each store path, Nix
-  generates a file with extension <filename>.narinfo</filename>
-  containing metadata such as the references, cryptographic hash and
-  size of each path.</para></listitem>
+  packaged and compressed into a <command>bzip</command>ped NAR
+  archive (extension <filename>.nar.bz2</filename>).</para></listitem>
 
-  <listitem><para>Optionally, a single <emphasis>manifest</emphasis>
-  file is created that contains the same metadata as the
-  <filename>.narinfo</filename> files.  This is for compatibility with
-  Nix versions prior to 1.2 (see <command>nix-pull</command> for
-  details).</para></listitem>
+  <listitem><para>A <emphasis>manifest</emphasis> is created that
+  contains information on the store paths, their eventual URLs in the
+  cache, and cryptographic hashes of the contents of the NAR
+  archives.</para></listitem>
 
-  <listitem><para>A file named <option>nix-cache-info</option> is
-  placed in the destination directory.  The existence of this file
-  marks the directory as a binary cache.</para></listitem>
+  <listitem><para>Each store path is uploaded to the remote directory
+  specified by <replaceable>archivesPutURL</replaceable>.  HTTP PUT
+  requests are used to do this.  However, before a file
+  <varname>x</varname> is uploaded to
+  <literal><replaceable>archivesPutURL</replaceable>/</literal><varname>x</varname>,
+  <command>nix-push</command> first determines whether this upload is
+  unnecessary by issuing a HTTP HEAD request on
+  <literal><replaceable>archivesGetURL</replaceable>/</literal><varname>x</varname>.
+  This allows a cache to be shared between many partially overlapping
+  <command>nix-push</command> invocations.  (We use two URLs because
+  the upload URL typically refers to a CGI script, while the download
+  URL just refers to a file system directory on the
+  server.)</para></listitem>
 
+  <listitem><para>The manifest is uploaded using an HTTP PUT request
+  to <replaceable>manifestPutURL</replaceable>.  The corresponding
+  URL to download the manifest can then be used by
+  <command>nix-pull</command>.</para></listitem>
+        
 </orderedlist>
 
 </para>
 
-</refsection>
-
-
-<refsection><title>Options</title>
-
-<variablelist>
-
-  <varlistentry><term><option>--dest</option> <replaceable>dest-dir</replaceable></term>
-
-    <listitem><para>Set the destination directory to
-    <replaceable>dir</replaceable>, which is created if it does not
-    exist.  This flag is required.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--bzip2</option></term>
-
-    <listitem><para>Compress NARs using <command>bzip2</command>
-    instead of <command>xz -9</command>.  The latter compresses about
-    30% better on typical archives, decompresses about twice as fast,
-    but compresses a lot slower and is not supported by Nix prior to
-    version 1.2.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--force</option></term>
-
-    <listitem><para>Overwrite <filename>.narinfo</filename> files if
-    they already exist.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--link</option></term>
-
-    <listitem><para>By default, NARs are generated in the Nix store
-    and then copied to <replaceable>dest-dir</replaceable>.  If this
-    option is given, hard links are used instead.  This only works if
-    <replaceable>dest-dir</replaceable> is on the same filesystem as
-    the Nix store.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--manifest</option></term>
-
-    <listitem><para>Force the generation of a manifest suitable for
-    use by <command>nix-pull</command>.  The manifest is stored as
-    <filename><replaceable>dest-dir</replaceable>/MANIFEST</filename>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--manifest-path</option> <replaceable>filename</replaceable></term>
-
-    <listitem><para>Like <option>--manifest</option>, but store the
-    manifest in <replaceable>filename</replaceable>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--url-prefix</option> <replaceable>url</replaceable></term>
-
-    <listitem><para>Manifests are expected to contain the absolute
-    URLs of NARs.  For generating these URLs, the prefix
-    <replaceable>url</replaceable> is used.  It defaults to
-    <uri>file://<replaceable>dest-dir</replaceable></uri>.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
-
+<!--
+<para>TODO:  <option>- -copy</option></para>
+-->
+            
 </refsection>
 
 
 <refsection><title>Examples</title>
 
-<para>To add the closure of Thunderbird to a binary cache:
-
+<para>To upload files there typically is some CGI script on the server
+side.  This script should be be protected with a password.  The
+following example uploads the store paths resulting from building the
+Nix expressions in <filename>foo.nix</filename>, passing appropriate
+authentication information:
+    
 <screen>
-$ nix-push --dest /tmp/cache $(nix-build -A thunderbird)
-</screen>
+$ nix-push \
+    http://foo@bar:server.domain/cgi-bin/upload.pl/cache \
+    http://server.domain/cache \
+    http://foo@bar:server.domain/cgi-bin/upload.pl/MANIFEST \
+    $(nix-instantiate foo.nix)</screen>
 
-Assuming that <filename>/tmp/cache</filename> is exported by a web
-server as <uri>http://example.org/cache</uri>, you can then use this
-cache on another machine to speed up the installation of Thunderbird:
+This will push both sources and binaries (and any build-time
+dependencies used in the build, such as compilers).</para>
 
+<para>If we just want to push binaries, not sources and build-time
+dependencies, we can do:
+      
 <screen>
-$ nix-build -A thunderbird --option binary-caches http://example.org/cache
-</screen>
-
-Alternatively, you could add <literal>binary-caches =
-http://example.org/cache</literal> to
-<filename>nix.conf</filename>.</para>
-
-<para>To also include build-time dependencies (such as source
-tarballs):
-
-<screen>
-$ nix-push --dest /tmp/cache $(nix-instantiate -A thunderbird)
-</screen>
-
+$ nix-push <replaceable>urls</replaceable> $(nix-instantiate $(nix-store -r foo.nix))</screen>
+    
 </para>
 
-<para>To generate a manifest suitable for <command>nix-pull</command>:
-
-<screen>
-$ nix-push --dest /tmp/cache $(nix-build -A thunderbird) --manifest
-</screen>
-
-On another machine you can then do:
-
-<screen>
-$ nix-pull http://example.org/cache
-</screen>
-
-to cause the binaries to be used by subsequent Nix operations.</para>
-
 </refsection>
-
-
-<refsection><title>Binary cache format and operation</title>
-
-<para>A binary cache with URL <replaceable>url</replaceable> only
-denotes a valid binary cache if the file
-<uri><replaceable>url</replaceable>/nix-cache-info</uri> exists.  If
-this file does not exist (or cannot be downloaded), the cache is
-ignored.  If it does exist, it must be a text file containing cache
-properties.  Here’s an example:
-
-<screen>
-StoreDir: /nix/store
-WantMassQuery: 1
-Priority: 10
-</screen>
-
-The properties that are currently supported are:
-
-<variablelist>
-  
-  <varlistentry><term><literal>StoreDir</literal></term>
-
-    <listitem><para>The path of the Nix store to which this binary
-    cache applies.  Binaries are not relocatable — a binary built for
-    <filename>/nix/store</filename> won’t generally work in
-    <filename>/home/alice/store</filename> — so to prevent binaries
-    from being used in a wrong store, a binary cache is only used if
-    its <literal>StoreDir</literal> matches the local Nix
-    configuration.  The default is
-    <filename>/nix/store</filename>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>WantMassQuery</literal></term>
-
-    <listitem><para>Query operations such as <command>nix-env
-    -qas</command> can cause thousands of cache queries, and thus
-    thousands of HTTP requests, to determine which packages are
-    available in binary form.  While these requests are small, not
-    every server may appreciate a potential onslaught of queries.  If
-    <literal>WantMassQuery</literal> is set to <literal>0</literal>
-    (default), “mass queries” such as <command>nix-env -qas</command>
-    will skip this cache.  Thus a package may appear not to have a
-    binary substitute.  However, the binary will still be used when
-    you actually install the package.  If
-    <literal>WantMassQuery</literal> is set to <literal>1</literal>,
-    mass queries will use this cache.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>Priority</literal></term>
-
-    <listitem><para>Each binary cache has a priority (defaulting to
-    50).  Binary caches are checked for binaries in order of ascending
-    priority; thus a higher number denotes a lower priority.  The
-    binary cache <uri>http://nixos.org/binary-cache</uri> has priority
-    40.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
-
-</para>
-
-<para>Every time Nix needs to build some store path
-<replaceable>p</replaceable>, it will check each configured binary
-cache to see if it has a NAR file for <replaceable>p</replaceable>,
-until it finds one.  If no cache has a NAR, Nix will fall back to
-building the path from source (if applicable).  To see if a cache with
-URL <replaceable>url</replaceable> has a binary for
-<replaceable>p</replaceable>, Nix fetches
-<replaceable>url/h</replaceable>, where <replaceable>h</replaceable>
-is the hash part of <replaceable>p</replaceable>.  Thus, if we have a
-cache <uri>http://nixos.org/binary-cache</uri> and we want to obtain
-the store path
-<screen>
-/nix/store/a8922c0h87iilxzzvwn2hmv8x210aqb9-glibc-2.7
-</screen>
-then Nix will attempt to fetch
-<screen>
-http://nixos.org/binary-cache/a8922c0h87iilxzzvwn2hmv8x210aqb9.narinfo
-</screen>
-(Commands such as <command>nix-env -qas</command> will issue an HTTP
-HEAD request, since it only needs to know if the
-<filename>.narinfo</filename> file exists.)  The
-<filename>.narinfo</filename> file is a simple text file that looks
-like this:
-
-<screen>
-StorePath: /nix/store/a8922c0h87iilxzzvwn2hmv8x210aqb9-glibc-2.7
-URL: nar/0zzjpdz46mdn74v09m053yczlz4am038g8r74iy8w43gx8801h70.nar.bz2
-Compression: bzip2
-FileHash: sha256:0zzjpdz46mdn74v09m053yczlz4am038g8r74iy8w43gx8801h70
-FileSize: 24473768
-NarHash: sha256:0s491y1h9hxj5ghiizlxk7ax6jwbha00zwn7lpyd5xg5bhf60vzg
-NarSize: 109521136
-References: 2ma2k0ys8knh4an48n28vigcmc2z8773-linux-headers-2.6.23.16 ...
-Deriver: 7akyyc87ka32xwmqza9dvyg5pwx3j212-glibc-2.7.drv
-</screen>
-
-The fields are as follows:
-
-<variablelist>
-  
-  <varlistentry><term><literal>StorePath</literal></term>
-
-    <listitem><para>The full store path, including the name part
-    (e.g., <literal>glibc-2.7</literal>).  It must match the
-    requested store path.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>URL</literal></term>
-
-    <listitem><para>The URL of the NAR, relative to the binary cache
-    URL.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>Compression</literal></term>
-
-    <listitem><para>The compression method; either
-    <literal>xz</literal> or
-    <literal>bzip2</literal>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>FileHash</literal></term>
-
-    <listitem><para>The SHA-256 hash of the compressed
-    NAR.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>FileSize</literal></term>
-
-    <listitem><para>The size of the compressed NAR.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>NarHash</literal></term>
-
-    <listitem><para>The SHA-256 hash of the uncompressed NAR.  This is
-    equal to the hash of the store path as returned by
-    <command>nix-store -q --hash
-    <replaceable>p</replaceable></command>.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>NarSize</literal></term>
-
-    <listitem><para>The size of the uncompressed NAR.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>References</literal></term>
-
-    <listitem><para>The references of the store path, without the Nix
-    store prefix.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>Deriver</literal></term>
-
-    <listitem><para>The deriver of the store path, without the Nix
-    store prefix.  This field is optional.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><literal>System</literal></term>
-
-    <listitem><para>The Nix platform type of this binary, if known.
-    This field is optional.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
-
-</para>
-
-<para>Thus, in our example, after recursively ensuring that the
-references exist (e.g.,
-<filename>/nix/store/2ma2k0ys8knh4an48n28vigcmc2z8773-linux-headers-2.6.23.16</filename>),
-Nix will fetch <screen>
-http://nixos.org/binary-cache/nar/0zzjpdz46mdn74v09m053yczlz4am038g8r74iy8w43gx8801h70.nar.bz2
-</screen> and decompress and unpack it to
-<filename>/nix/store/a8922c0h87iilxzzvwn2hmv8x210aqb9-glibc-2.7</filename>.</para>
-
-</refsection>
-
-
+    
 </refentry>

doc/manual/nix-store.xml

@@ -1,7 +1,6 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-store">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
   <refentrytitle>nix-store</refentrytitle>
@@ -48,9 +47,8 @@ be performed.  These are documented below.</para>
 
 <para>This section lists the options that are common to all
 operations.  These options are allowed for every subcommand, though
-they may not always have an effect.  <phrase condition="manual">See
-also <xref linkend="sec-common-options" /> for a list of common
-options.</phrase></para>
+they may not always have an effect.  See also <xref
+linkend="sec-common-options" /> for a list of common options.</para>
 
 <variablelist>
 
@@ -58,9 +56,8 @@ options.</phrase></para>
 
     <listitem><para>Causes the result of a realisation
     (<option>--realise</option> and <option>--force-realise</option>)
-    to be registered as a root of the garbage collector<phrase
-    condition="manual"> (see <xref linkend="ssec-gc-roots"
-    />)</phrase>.  The root is stored in
+    to be registered as a root of the garbage collector (see <xref
+    linkend="ssec-gc-roots" />).  The root is stored in
     <replaceable>path</replaceable>, which must be inside a directory
     that is scanned for roots by the garbage collector (i.e.,
     typically in a subdirectory of
@@ -114,10 +111,6 @@ lrwxrwxrwx    1 ... 2005-03-13 21:10 /home/eelco/bla/result -> /nix/store/1r1134
     
 </variablelist>
 
-<variablelist condition="manpage">
-  <xi:include href="opt-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='opt-common']/*)" />
-</variablelist>
-
 </refsection>
 
   
@@ -174,26 +167,10 @@ the specified store paths.  Realisation is a somewhat overloaded term:
 output.  (For non-derivations argument, the argument itself is
 printed.)</para>
 
-<para>The following flags are available:</para>
-
-<variablelist>
-
-  <varlistentry><term><option>--dry-run</option></term>
-
-    <listitem><para>Print on standard error a description of what
-    packages would be built or downloaded, without actually performing
-    the operation.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--ignore-unknown</option></term>
-
-    <listitem><para>If a non-derivation path does not have a
-    substitute, then silently ignore it.</para></listitem>
-
-  </varlistentry>
-
-</variablelist>
+<para>If the <option>--dry-run</option> option is used, then
+<command>nix-store</command> will print on standard error a
+description of what packages would be built or downloaded, and then
+quit.</para>
 
 </refsection>
             
@@ -234,6 +211,9 @@ linkend="sec-nix-build"><command>nix-build</command></link> does.</para>
     <arg choice='plain'><option>--delete</option></arg>
   </group>
   <arg><option>--max-freed</option> <replaceable>bytes</replaceable></arg>
+  <arg><option>--max-links</option> <replaceable>nrlinks</replaceable></arg>
+  <arg><option>--max-atime</option> <replaceable>atime</replaceable></arg>
+  <arg><option>--use-atime</option></arg>
 </cmdsynopsis>
 
 </refsection>
@@ -301,6 +281,52 @@ options control what gets deleted and in what order:
     
   </varlistentry>
 
+  <varlistentry><term><option>--max-links</option> <replaceable>nrlinks</replaceable></term>
+  
+    <listitem><para>Keep deleting paths until the hard link count on
+    <filename>/nix/store</filename> is less than
+    <replaceable>nrlinks</replaceable>, then stop.  This is useful for
+    very large Nix stores on filesystems with a 32000 subdirectories
+    limit (like <literal>ext3</literal>).</para></listitem>
+    
+  </varlistentry>
+
+  <varlistentry><term><option>--max-atime</option> <replaceable>atime</replaceable></term>
+  
+    <listitem><para>Only delete a store path if its last-accessed time
+    is less than <replaceable>atime</replaceable>.  This allows you to
+    garbage-collect only packages that haven’t been used recently.
+    The time is expressed as the number of seconds in the Unix epoch,
+    i.e., since 1970-01-01 00:00:00 UTC.  An easy way to convert to
+    this format is <literal>date +%s -d "<replaceable>date
+    specification</replaceable>"</literal>.</para>
+
+    <para>For directories, the last-accessed time is the highest
+    last-accessed time of any regular file in the directory (or in any
+    of its subdirectories).  That is, the <literal>atime</literal>
+    field maintained by the filesystem is ignored for directories.
+    This is because operations such as rebuilding the
+    <command>locate</command> database tend to update the
+    <literal>atime</literal> values of all directories, so they’re not
+    a useful indicator of whether a package was recently used.</para>
+
+    <para>Note that <command>nix-store --optimise</command> reads all
+    regular files in the Nix store, and so causes all last-accessed
+    times to be set to the present time.  This makes
+    <option>--max-atime</option> ineffective (for a while at
+    least).</para></listitem>
+    
+  </varlistentry>
+
+  <varlistentry><term><option>--use-atime</option></term>
+
+    <listitem><para>Delete store paths in order of ascending
+    last-accessed time.  This is useful in conjunction with the other
+    options to delete only the least recently used
+    packages.</para></listitem>
+
+  </varlistentry>
+  
 </variablelist>
 
 </para>
@@ -331,6 +357,13 @@ deleting `/nix/store/kq82idx6g0nyzsp2s14gfsc38npai7lf-cairo-1.0.4.tar.gz.drv'
 
 </para>
 
+<para>To delete unreachable paths not accessed in the last two months:
+
+<screen>
+$ nix-store --gc -v --max-atime $(date +%s -d "2 months ago")</screen>
+
+</para>
+
 <para>To delete at least 100 MiBs of unreachable paths:
 
 <screen>
@@ -353,7 +386,7 @@ $ nix-store --gc --max-freed $((100 * 1024 * 1024))</screen>
 
 <cmdsynopsis>
   <command>nix-store</command>
-  <arg choice='plain'><option>--delete</option></arg>
+  <arg choice='plain'><option>--gc</option></arg>
   <arg><option>--ignore-liveness</option></arg>
   <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
 </cmdsynopsis>
@@ -415,8 +448,6 @@ error: cannot delete path `/nix/store/zq0h41l75vlb4z45kzgjjmsjxvcv1qk7-mesa-6.4'
     <arg choice='plain'><option>--tree</option></arg>
     <arg choice='plain'><option>--binding</option> <replaceable>name</replaceable></arg>
     <arg choice='plain'><option>--hash</option></arg>
-    <arg choice='plain'><option>--size</option></arg>
-    <arg choice='plain'><option>--roots</option></arg>
   </group>
   <arg><option>--use-output</option></arg>
   <arg><option>-u</option></arg>
@@ -599,29 +630,9 @@ query is applied to the target of the symlink.</para>
   <varlistentry><term><option>--hash</option></term>
   
     <listitem><para>Prints the SHA-256 hash of the contents of the
-    store paths <replaceable>paths</replaceable> (that is, the hash of
-    the output of <command>nix-store --dump</command> on the given
-    paths).  Since the hash is stored in the Nix database, this is a
-    fast operation.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--size</option></term>
-  
-    <listitem><para>Prints the size in bytes of the contents of the
-    store paths <replaceable>paths</replaceable> — to be precise, the
-    size of the output of <command>nix-store --dump</command> on the
-    given paths.  Note that the actual disk space required by the
-    store paths may be higher, especially on filesystems with large
-    cluster sizes.</para></listitem>
-
-  </varlistentry>
-
-  <varlistentry><term><option>--roots</option></term>
-  
-    <listitem><para>Prints the garbage collector roots that point,
-    directly or indirectly, at the store paths
-    <replaceable>paths</replaceable>.</para></listitem>
+    store path <replaceable>paths</replaceable>.  Since the hash is
+    stored in the Nix database, this is a fast
+    operation.</para></listitem>
 
   </varlistentry>
 
@@ -702,18 +713,6 @@ $ gv graph.ps</screen>
 
 </para>
 
-<para>Show every garbage collector root that points to a store path
-that depends on <command>svn</command>:
-
-<screen>
-$ nix-store -q --roots $(which svn)
-/nix/var/nix/profiles/default-81-link
-/nix/var/nix/profiles/default-82-link
-/nix/var/nix/profiles/per-user/eelco/profile-97-link
-</screen>
-
-</para>
-
 </refsection>
 
 
@@ -745,40 +744,6 @@ $ nix-store -q --roots $(which svn)
 
 
 
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--add</option></title>
-
-<refsection><title>Synopsis</title>
-
-<cmdsynopsis>
-  <command>nix-store</command>
-  <arg choice='plain'><option>--add</option></arg>
-  <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
-</cmdsynopsis>
-
-</refsection>
-
-<refsection><title>Description</title>
-
-<para>The operation <option>--add</option> adds the specified paths to
-the Nix store.  It prints the resulting paths in the Nix store on
-standard output.</para>
-
-</refsection>
-
-<refsection><title>Example</title>
-
-<screen>
-$ nix-store --add ./foo.c
-/nix/store/m7lrha58ph6rcnv109yzx1nk1cj7k7zf-foo.c</screen>
-
-</refsection>
-
-</refsection>
-
-
-
 <!--######################################################################-->
 
 <refsection xml:id='refsec-nix-store-verify'><title>Operation <option>--verify</option></title>
@@ -789,7 +754,6 @@ $ nix-store --add ./foo.c
     <command>nix-store</command>
     <arg choice='plain'><option>--verify</option></arg>
     <arg><option>--check-contents</option></arg>
-    <arg><option>--repair</option></arg>
   </cmdsynopsis>
 </refsection>
 
@@ -802,7 +766,7 @@ automatically repaired.  Inconsistencies are generally the result of
 the Nix store or database being modified by non-Nix tools, or of bugs
 in Nix itself.</para>
 
-<para>This operation has the following options:
+<para>There is one option:
 
 <variablelist>
 
@@ -817,16 +781,6 @@ in Nix itself.</para>
     
   </varlistentry>
   
-  <varlistentry><term><option>--repair</option></term>
-  
-    <listitem><para>If any valid path is missing from the store, or
-    (if <option>--check-contents</option> is given) the contents of a
-    valid path has been modified, then try to repair the path by
-    redownloading it.  See <command>nix-store --repair-path</command>
-    for details.</para></listitem>
-    
-  </varlistentry>
-  
 </variablelist>
 
 </para>
@@ -837,90 +791,6 @@ in Nix itself.</para>
 </refsection>
 
 
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--verify-path</option></title>
-
-<refsection>
-  <title>Synopsis</title>
-  <cmdsynopsis>
-    <command>nix-store</command>
-    <arg choice='plain'><option>--verify-path</option></arg>
-    <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
-  </cmdsynopsis>
-</refsection>
-
-<refsection><title>Description</title>
-            
-<para>The operation <option>--verify-paths</option> compares the
-contents of the given store paths to their cryptographic hashes stored
-in Nix’s database.  For every changed path, it prints a warning
-message.  The exit status is 0 if no path has changed, and 1
-otherwise.</para>
-
-</refsection>
-            
-<refsection><title>Example</title>
-
-<para>To verify the integrity of the <command>svn</command> command and all its dependencies:
-
-<screen>
-$ nix-store --verify-path $(nix-store -qR $(which svn))
-</screen>
-
-</para>
-
-</refsection>
-            
-</refsection>
-
-
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--repair-path</option></title>
-
-<refsection>
-  <title>Synopsis</title>
-  <cmdsynopsis>
-    <command>nix-store</command>
-    <arg choice='plain'><option>--repair-path</option></arg>
-    <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
-  </cmdsynopsis>
-</refsection>
-
-<refsection><title>Description</title>
-            
-<para>The operation <option>--repair-path</option> attempts to
-“repair” the specified paths by redownloading them using the available
-substituters.  If no substitutes are available, then repair is not
-possible.</para>
-
-<warning><para>During repair, there is a very small time window during
-which the old path (if it exists) is moved out of the way and replaced
-with the new path.  If repair is interrupted in between, then the
-system may be left in a broken state (e.g., if the path contains a
-critical system component like the GNU C Library).</para></warning>
-
-</refsection>
-            
-<refsection><title>Example</title>
-
-<screen>
-$ nix-store --verify-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
-path `/nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13' was modified!
-  expected hash `2db57715ae90b7e31ff1f2ecb8c12ec1cc43da920efcbe3b22763f36a1861588',
-  got `481c5aa5483ebc97c20457bb8bca24deea56550d3985cda0027f67fe54b808e4'
-
-$ nix-store --repair-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
-fetching path `/nix/store/d7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13'...
-…
-</screen>
-
-</refsection>
-            
-</refsection>
-
-
 <!--######################################################################-->
 
 <refsection xml:id='refsec-nix-store-dump'><title>Operation <option>--dump</option></title>
@@ -1193,7 +1063,7 @@ backups and when migrating to different database schemas.</para>
 
 <!--######################################################################-->
 
-<refsection><title>Operation <option>--load-db</option></title>
+<refsection><title>Operation <option>--dump-db</option></title>
 
 <refsection>
   <title>Synopsis</title>
@@ -1214,129 +1084,4 @@ loads it into the Nix database.</para>
 </refsection>
 
 
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--print-env</option></title>
-
-<refsection>
-  <title>Synopsis</title>
-  <cmdsynopsis>
-    <command>nix-store</command>
-    <arg choice='plain'><option>--print-env</option></arg>
-    <arg choice='plain'><replaceable>drvpath</replaceable></arg>
-  </cmdsynopsis>
-</refsection>
-
-<refsection><title>Description</title>
-            
-<para>The operation <option>--print-env</option> prints out the
-environment of a derivation in a format that can be evaluated by a
-shell.  The command line arguments of the builder are placed in the
-variable <envar>_args</envar>.</para>
-
-</refsection>
-            
-<refsection><title>Example</title>
-
-<screen>
-$ nix-store --print-env $(nix-instantiate '&lt;nixpkgs>' -A firefox)
-<replaceable>…</replaceable>
-export src; src='/nix/store/plpj7qrwcz94z2psh6fchsi7s8yihc7k-firefox-12.0.source.tar.bz2'
-export stdenv; stdenv='/nix/store/7c8asx3yfrg5dg1gzhzyq2236zfgibnm-stdenv'
-export system; system='x86_64-linux'
-export _args; _args='-e /nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25b-default-builder.sh'
-</screen>
-
-</refsection>
-            
-</refsection>
-
-
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--query-failed-paths</option></title>
-
-<refsection>
-  <title>Synopsis</title>
-  <cmdsynopsis>
-    <command>nix-store</command>
-    <arg choice='plain'><option>--query-failed-paths</option></arg>
-  </cmdsynopsis>
-</refsection>
-
-<refsection><title>Description</title>
-            
-<para>If build failure caching is enabled through the
-<literal>build-cache-failures</literal> configuration option, the
-operation <option>--query-failed-paths</option> will print out all
-store paths that have failed to build.</para>
-
-</refsection>
-            
-<refsection><title>Example</title>
-
-<screen>
-$ nix-store --query-failed-paths
-/nix/store/000zi5dcla86l92jn1g997jb06sidm7x-perl-PerlMagick-6.59
-/nix/store/0011iy7sfwbc1qj5a1f6ifjnbcdail8a-haskell-gitit-ghc7.0.4-0.8.1
-/nix/store/001c0yn1hkh86gprvrb46cxnz3pki7q3-gamin-0.1.10
-<replaceable>…</replaceable>
-</screen>
-
-</refsection>
-            
-</refsection>
-
-
-<!--######################################################################-->
-
-<refsection><title>Operation <option>--clear-failed-paths</option></title>
-
-<refsection>
-  <title>Synopsis</title>
-  <cmdsynopsis>
-    <command>nix-store</command>
-    <arg choice='plain'><option>--clear-failed-paths</option></arg>
-    <arg choice='plain' rep='repeat'><replaceable>paths</replaceable></arg>
-  </cmdsynopsis>
-</refsection>
-
-<refsection><title>Description</title>
-            
-<para>If build failure caching is enabled through the
-<literal>build-cache-failures</literal> configuration option, the
-operation <option>--clear-failed-paths</option> clears the “failed”
-state of the given store paths, allowing them to be built again.  This
-is useful if the failure was actually transient (e.g. because the disk
-was full).</para>
-
-<para>If a path denotes a derivation, its output paths are cleared.
-You can provide the argument <literal>*</literal> to clear all store
-paths.</para>
-
-</refsection>
-            
-<refsection><title>Example</title>
-
-<screen>
-$ nix-store --clear-failed-paths /nix/store/000zi5dcla86l92jn1g997jb06sidm7x-perl-PerlMagick-6.59
-$ nix-store --clear-failed-paths *
-</screen>
-
-</refsection>
-            
-</refsection>
-
-
-<!--######################################################################-->
-
-<refsection condition="manpage"><title>Environment variables</title>
-
-<variablelist>
-  <xi:include href="env-common.xml#xmlns(db=http://docbook.org/ns/docbook)xpointer(//db:variablelist[@xml:id='env-common']/*)" />
-</variablelist>
-
-</refsection>
-  
-
 </refentry>

doc/manual/nix-worker.xml

@@ -1,23 +1,23 @@
 <refentry xmlns="http://docbook.org/ns/docbook"
           xmlns:xlink="http://www.w3.org/1999/xlink"
-          xmlns:xi="http://www.w3.org/2001/XInclude"
-          xml:id="sec-nix-daemon">
+          xmlns:xi="http://www.w3.org/2001/XInclude">
 
 <refmeta>
-  <refentrytitle>nix-daemon</refentrytitle>
+  <refentrytitle>nix-worker</refentrytitle>
   <manvolnum>8</manvolnum>
   <refmiscinfo class="source">Nix</refmiscinfo>
   <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo>
 </refmeta>
 
 <refnamediv>
-  <refname>nix-daemon</refname>
+  <refname>nix-worker</refname>
   <refpurpose>Nix multi-user support daemon</refpurpose>
 </refnamediv>
 
 <refsynopsisdiv>
   <cmdsynopsis>
-    <command>nix-daemon</command>
+    <command>nix-worker</command>
+    <arg choice="plain"><option>--daemon</option></arg>
   </cmdsynopsis>
 </refsynopsisdiv>
 

doc/manual/opt-common-syn.xml

@@ -14,15 +14,7 @@
   <replaceable>number</replaceable>
 </arg>
 <arg>
-  <option>--cores</option>
-  <replaceable>number</replaceable>
-</arg>
-<arg>
-  <option>--max-silent-time</option>
-  <replaceable>number</replaceable>
-</arg>
-<arg>
-  <option>--timeout</option>
+  <arg><option>--max-silent-time</option></arg>
   <replaceable>number</replaceable>
 </arg>
 <arg><option>--keep-going</option></arg>
@@ -33,15 +25,6 @@
 <arg><option>--readonly-mode</option></arg>
 <arg><option>--log-type</option> <replaceable>type</replaceable></arg>
 <arg><option>--show-trace</option></arg>
-<arg>
-  <option>-I</option>
-  <replaceable>path</replaceable>
-</arg>
-<arg>
-  <option>--option</option>
-  <replaceable>name</replaceable>
-  <replaceable>value</replaceable>
-</arg>
 <sbr />
 
 </nop>

doc/manual/opt-common.xml

@@ -5,7 +5,7 @@
 
 <para>Most Nix commands accept the following command-line options:</para>
 
-<variablelist xml:id="opt-common">
+<variablelist>
 
 <varlistentry><term><option>--help</option></term>
   
@@ -98,25 +98,7 @@
   linkend='conf-build-max-jobs'><literal>build-max-jobs</literal></link>
   configuration setting, which itself defaults to
   <literal>1</literal>.  A higher value is useful on SMP systems or to
-  exploit I/O latency.</para></listitem>
-  
-</varlistentry>
-
-
-<varlistentry xml:id="opt-cores"><term><option>--cores</option></term>
-
-  <listitem><para>Sets the value of the <envar>NIX_BUILD_CORES</envar>
-  environment variable in the invocation of builders.  Builders can
-  use this variable at their discretion to control the maximum amount
-  of parallelism.  For instance, in Nixpkgs, if the derivation
-  attribute <varname>enableParallelBuilding</varname> is set to
-  <literal>true</literal>, the builder passes the
-  <option>-j<replaceable>N</replaceable></option> flag to GNU Make.
-  It defaults to the value of the <link
-  linkend='conf-build-cores'><literal>build-cores</literal></link>
-  configuration setting, if set, or <literal>1</literal> otherwise.
-  The value <literal>0</literal> means that the builder should use all
-  available CPU cores in the system.</para></listitem>
+  exploit I/O latency.  </para></listitem>
   
 </varlistentry>
 
@@ -132,16 +114,6 @@
 
 </varlistentry>
 
-<varlistentry xml:id="opt-timeout"><term><option>--timeout</option></term>
-
-  <listitem><para>Sets the maximum number of seconds that a builder
-  can run.  The default is specified by the <link
-  linkend='conf-build-timeout'><literal>build-timeout</literal></link>
-  configuration setting.  <literal>0</literal> means no
-  timeout.</para></listitem>
-
-</varlistentry>
-
 <varlistentry><term><option>--keep-going</option></term>
   <term><option>-k</option></term>
 
@@ -264,8 +236,8 @@
   expression evaluator will automatically try to call functions that
   it encounters.  It can automatically call functions for which every
   argument has a <link linkend='ss-functions'>default value</link>
-  (e.g., <literal>{ <replaceable>argName</replaceable> ?
-  <replaceable>defaultValue</replaceable> }:
+  (e.g., <literal>{<replaceable>argName</replaceable> ?
+  <replaceable>defaultValue</replaceable>}:
   <replaceable>...</replaceable></literal>).  With
   <option>--arg</option>, you can also call functions that have
   arguments without a default value (or override a default value).
@@ -337,38 +309,7 @@
   
   <listitem><para>Causes Nix to print out a stack trace in case of Nix
   expression evaluation errors.</para></listitem>
-
-</varlistentry>
-
-
-<varlistentry><term><option>-I</option> <replaceable>path</replaceable></term>
   
-  <listitem><para>Add a path to the Nix expression search path.  See
-  the <envar>NIX_PATH</envar> environment variable for details.  Paths
-  added through <option>-I</option> take precedence over
-  <envar>NIX_PATH</envar>.</para></listitem>
-  
-</varlistentry>
-
-
-<varlistentry><term><option>--option</option> <replaceable>name</replaceable> <replaceable>value</replaceable></term>
-  
-  <listitem><para>Set the Nix configuration option
-  <replaceable>name</replaceable> to <replaceable>value</replaceable>.
-  This overrides settings in the Nix configuration file (see
-  <citerefentry><refentrytitle>nix.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>).</para></listitem>
-  
-</varlistentry>
-
-
-<varlistentry><term><option>--repair</option></term>
-
-  <listitem><para>Fix corrupted or missing store paths by
-  redownloading or rebuilding them.  Note that this is slow because it
-  requires computing a cryptographic hash of the contents of every
-  path in the closure of the build.  Also note the warning under
-  <command>nix-store --repair-path</command>.</para></listitem>
-
 </varlistentry>
 
 

doc/manual/package-management.xml

@@ -38,7 +38,7 @@ to end-user applications like Mozilla Firefox.  (Nix is however not
 tied to the Nix Package collection; you could write your own Nix
 expressions based on it, or completely new ones.)  You can download
 the latest version from <link
-xlink:href='http://nixos.org/nixpkgs/download.html' />.</para>
+xlink:href='http://nixos.org/releases/full-index-nixpkgs.html' />.</para>
 
 <para>Assuming that you have downloaded and unpacked a release of Nix
 Packages, you can view the set of available packages in the release:
@@ -175,6 +175,21 @@ upgrading `coreutils-5.0' to `coreutils-5.2.1'</screen>
 
 </para>
 
+<para>If you grow bored of specifying the Nix expressions using
+<parameter>-f</parameter> all the time, you can set a default
+location:
+
+<screen>
+$ nix-env -I nixpkgs-<replaceable>version</replaceable></screen>
+
+After this you can just say, for instance, <literal>nix-env -u
+'*'</literal>.<footnote><para>Setting a default using
+<parameter>-I</parameter> currently clashes with using Nix channels,
+since <literal>nix-channel --update</literal> calls <literal>nix-env
+-I</literal> to set the default to the Nix expressions it downloaded
+from the channel, replacing whatever default you had
+set.</para></footnote></para>
+
 </section>
 
 
@@ -316,7 +331,7 @@ default profile, respectively.  If the profile doesn’t exist, it will
 be created automatically.  You should be careful about storing a
 profile in another location than the <filename>profiles</filename>
 directory, since otherwise it might not be used as a root of the
-garbage collector (see <xref linkend='sec-garbage-collection'
+garbage collector (see section <xref linkend='sec-garbage-collection'
 />).</para>
 
 <para>All <command>nix-env</command> operations work on the profile
@@ -443,7 +458,7 @@ URL.</para>
 <command>nix-channel --add</command>, e.g.,
 
 <screen>
-$ nix-channel --add http://nixos.org/channels/nixpkgs-unstable</screen>
+$ nix-channel --add http://nixos.org/releases/nixpkgs/channels/nixpkgs-unstable</screen>
 
 subscribes you to a channel that always contains that latest version
 of the Nix Packages collection.  (Instead of
@@ -481,7 +496,7 @@ available in the subscribed channels.</para>
 
 <para>Often, when you want to install a specific package (e.g., from
 the <link
-xlink:href="http://nixos.org/nixpkgs/">Nix
+xlink:href="http://nixos.org/releases/nixpkgs/nixpkgs-unstable/">Nix
 Packages collection</link>), subscribing to a channel is a bit
 cumbersome.  And channels don’t help you at all if you want to install
 an older version of a package than the one provided by the current
@@ -492,16 +507,19 @@ click on it, and it will be installed with all the necessary
 dependencies.</para>
 
 <para>For instance, you can go to <link
-xlink:href="http://hydra.nixos.org/jobset/nixpkgs/trunk/channel/latest"
-/> and click on any link for the individual packages for your
-platform.  The first time you do this, your browser will ask what to
-do with <literal>application/nix-package</literal> files.  You should
-open them with <filename>/nix/bin/nix-install-package</filename>.
-This will open a window that asks you to confirm that you want to
-install the package.  When you answer <literal>Y</literal>, the
-package and all its dependencies will be installed.  This is a binary
-deployment mechanism — you get packages pre-compiled for the selected
-platform type.</para>
+xlink:href="http://nixos.org/releases/nixpkgs/nixpkgs-unstable/" /> —
+or to any older release of Nix Packages — and click on any link for
+the individual packages for your platform (say, <link
+xlink:href='http://nix.cs.uu.nl/dist/nix/nixpkgs-0.10pre6622/pkgs/subversion-1.4.0-i686-linux.nixpkg'><literal>subversion-1.4.0</literal>
+for <literal>i686-linux</literal></link>).  The first time you do
+this, your browser will ask what to do with
+<literal>application/nix-package</literal> files.  You should open
+them with <filename>/nix/bin/nix-install-package</filename>.  This
+will open a window that asks you to confirm that you want to install
+the package.  When you answer <literal>Y</literal>, the package and
+all its dependencies will be installed.  This is a binary deployment
+mechanism — you get packages pre-compiled for the selected platform
+type.</para>
 
 <para>You can also install <literal>application/nix-package</literal>
 files from the command line directly.  See <xref

doc/manual/quick-start.xml

@@ -1,6 +1,5 @@
 <chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="chap-quick-start">
+         xmlns:xlink="http://www.w3.org/1999/xlink">
 
 <title>Quick Start</title>
 
@@ -11,8 +10,8 @@ to the following chapters.</para>
 
 <orderedlist>
 
-<listitem><para>Download a source tarball or RPM or Debian/Ubuntu
-package from <link xlink:href='http://nixos.org/'/>.  Build source
+<listitem><para>Download a source tarball or RPM from <link
+xlink:href='http://nixos.org/'/>.  Build source
 distributions using the regular sequence:
         
 <screen>
@@ -21,27 +20,20 @@ $ ./configure
 $ make
 $ make install <lineannotation>(as root)</lineannotation></screen>
 
-This will install the Nix binaries in <filename>/usr/local</filename>
-and keep the Nix store and other state in <filename>/nix</filename>.
-You can change the former by specifying
-<option>--prefix=<replaceable>path</replaceable></option>.  The
-location of the store can be changed using
-<option>--with-store-dir=<replaceable>path</replaceable></option>.
-However, you shouldn't change the store location, if at all possible,
-since that will make it impossible to use pre-built binaries from the
-Nixpkgs channel and other channels.  The location of the state can be
-changed using
-<option>--localstatedir=<replaceable>path</replaceable>.</option></para></listitem>
-
-<listitem><para>You should add
-<filename><replaceable>prefix</replaceable>/etc/profile.d/nix.sh</filename>
-to your <filename>~/.bashrc</filename> (or some other login
+This will install Nix in <filename>/nix</filename>.  You shouldn't
+change the prefix if at all possible since that will make it
+impossible to use pre-built binaries from the Nixpkgs channel and
+other channels.  Alternatively, you could grab an RPM if you're on an
+RPM-based system.  You should also add
+<filename>/nix/etc/profile.d/nix.sh</filename> to your
+<filename>~/.bashrc</filename> (or some other login
 file).</para></listitem>
 
 <listitem><para>Subscribe to the Nix Packages channel.
 
 <screen>
-$ nix-channel --add http://nixos.org/channels/nixpkgs-unstable</screen>
+$ nix-channel --add \
+    http://nixos.org/releases/nixpkgs/channels/nixpkgs-unstable</screen>
 
 </para></listitem>
 
@@ -59,7 +51,7 @@ available remotely.</para></listitem>
 in the channel:
 
 <screen>
-$ nix-env -qa \*
+$ nix-env -qa ’*’ <lineannotation>(mind the quotes!)</lineannotation>
 docbook-xml-4.2
 firefox-1.0pre-PR-0.10.1
 hello-2.1.1
@@ -107,10 +99,10 @@ numbers).</para></listitem>
 
 <listitem><para>You can also install specific packages directly from
 your web browser.  For instance, you can go to <link
-xlink:href="http://hydra.nixos.org/jobset/nixpkgs/trunk/channel/latest"
-/> and click on any link for the individual packages for your
-platform.  Associate <literal>application/nix-package</literal> with
-the program <command>nix-install-package</command>.  A window should
+xlink:href="http://nix.cs.uu.nl/dist/nix/nixpkgs-unstable-latest/" />
+and click on any link for the individual packages for your platform.
+Associate <literal>application/nix-package</literal> with the program
+<filename>/nix/bin/nix-install-package</filename>.  A window should
 appear asking you whether it’s okay to install the package.  Say
 <literal>Y</literal>.  The package and all its dependencies will be
 installed.</para></listitem>

doc/manual/release-notes.xml

@@ -8,486 +8,7 @@
 
 <!--==================================================================-->
 
-<section xml:id="ssec-relnotes-1.2"><title>Release 1.2 (December 6, 2012)</title>
-
-<para>This release has the following improvements and changes:</para>
-
-<itemizedlist>
-
-  <listitem>
-    <para>Nix has a new binary substituter mechanism: the
-    <emphasis>binary cache</emphasis>.  A binary cache contains
-    pre-built binaries of Nix packages.  Whenever Nix wants to build a
-    missing Nix store path, it will check a set of binary caches to
-    see if any of them has a pre-built binary of that path.  The
-    configuration setting <option>binary-caches</option> contains a
-    list of URLs of binary caches.  For instance, doing
-<screen>
-$ nix-env -i thunderbird --option binary-caches http://nixos.org/binary-cache
-</screen>
-    will install Thunderbird and its dependencies, using the available
-    pre-built binaries in <uri>http://nixos.org/binary-cache</uri>.
-    The main advantage over the old “manifest”-based method of getting
-    pre-built binaries is that you don’t have to worry about your
-    manifest being in sync with the Nix expressions you’re installing
-    from; i.e., you don’t need to run <command>nix-pull</command> to
-    update your manifest.  It’s also more scalable because you don’t
-    need to redownload a giant manifest file every time.
-    </para>
-
-    <para>A Nix channel can provide a binary cache URL that will be
-    used automatically if you subscribe to that channel.  If you use
-    the Nixpkgs or NixOS channels
-    (<uri>http://nixos.org/channels</uri>) you automatically get the
-    cache <uri>http://nixos.org/binary-cache</uri>.</para>
-
-    <para>Binary caches are created using <command>nix-push</command>.
-    For details on the operation and format of binary caches, see the
-    <command>nix-push</command> manpage.  More details are provided in
-    <link xlink:href="http://lists.science.uu.nl/pipermail/nix-dev/2012-September/009826.html">this
-    nix-dev posting</link>.</para>
-  </listitem>
-
-  <listitem>
-    <para>Multiple output support should now be usable.  A derivation
-    can declare that it wants to produce multiple store paths by
-    saying something like
-<programlisting>
-outputs = [ "lib" "headers" "doc" ];
-</programlisting>
-    This will cause Nix to pass the intended store path of each output
-    to the builder through the environment variables
-    <literal>lib</literal>, <literal>headers</literal> and
-    <literal>doc</literal>.  Other packages can refer to a specific
-    output by referring to
-    <literal><replaceable>pkg</replaceable>.<replaceable>output</replaceable></literal>,
-    e.g.
-<programlisting>
-buildInputs = [ pkg.lib pkg.headers ];
-</programlisting>
-    If you install a package with multiple outputs using
-    <command>nix-env</command>, each output path will be symlinked
-    into the user environment.</para>
-  </listitem>
-
-  <listitem>
-    <para>Dashes are now valid as part of identifiers and attribute
-    names.</para>
-  </listitem>
-
-  <listitem>
-    <para>The new operation <command>nix-store --repair-path</command>
-    allows corrupted or missing store paths to be repaired by
-    redownloading them.  <command>nix-store --verify --check-contents
-    --repair</command> will scan and repair all paths in the Nix
-    store.  Similarly, <command>nix-env</command>,
-    <command>nix-build</command>, <command>nix-instantiate</command>
-    and <command>nix-store --realise</command> have a
-    <option>--repair</option> flag to detect and fix bad paths by
-    rebuilding or redownloading them.</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix no longer sets the immutable bit on files in the Nix
-    store.  Instead, the recommended way to guard the Nix store
-    against accidental modification on Linux is to make it a read-only
-    bind mount, like this:
-
-<screen>
-$ mount --bind /nix/store /nix/store
-$ mount -o remount,ro,bind /nix/store
-</screen>
-
-    Nix will automatically make <filename>/nix/store</filename>
-    writable as needed (using a private mount namespace) to allow
-    modifications.</para>
-  </listitem>
-
-  <listitem>
-    <para>Store optimisation (replacing identical files in the store
-    with hard links) can now be done automatically every time a path
-    is added to the store.  This is enabled by setting the
-    configuration option <literal>auto-optimise-store</literal> to
-    <literal>true</literal> (disabled by default).</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix now supports <command>xz</command> compression for NARs
-    in addition to <command>bzip2</command>.  It compresses about 30%
-    better on typical archives and decompresses about twice as
-    fast.</para>
-  </listitem>
-
-  <listitem>
-    <para>Basic Nix expression evaluation profiling: setting the
-    environment variable <envar>NIX_COUNT_CALLS</envar> to
-    <literal>1</literal> will cause Nix to print how many times each
-    primop or function was executed.</para>
-  </listitem>
-
-  <listitem>
-    <para>New primops: <varname>concatLists</varname>,
-    <varname>elem</varname>, <varname>elemAt</varname> and
-    <varname>filter</varname>.</para>
-  </listitem>
-
-  <listitem>
-    <para>The command <command>nix-copy-closure</command> has a new
-    flag <option>--use-substitutes</option> (<option>-s</option>) to
-    download missing paths on the target machine using the substitute
-    mechanism.</para>
-  </listitem>
-
-  <listitem>
-    <para>The command <command>nix-worker</command> has been renamed
-    to <command>nix-daemon</command>.  Support for running the Nix
-    worker in “slave” mode has been removed.</para>
-  </listitem>
-
-  <listitem>
-    <para>The <option>--help</option> flag of every Nix command now
-    invokes <command>man</command>.</para>
-  </listitem>
-
-  <listitem>
-    <para>Chroot builds are now supported on systemd machines.</para>
-  </listitem>
-
-</itemizedlist>
-
-<para>This release has contributions from Eelco Dolstra, Florian
-Friesdorf, Mats Erik Andersson and Shea Levy.</para>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-1.1"><title>Release 1.1 (July 18, 2012)</title>
-
-<para>This release has the following improvements:</para>
-
-<itemizedlist>
-
-  <listitem>
-    <para>On Linux, when doing a chroot build, Nix now uses various
-    namespace features provided by the Linux kernel to improve
-    build isolation.  Namely:
-    <itemizedlist>
-      <listitem><para>The private network namespace ensures that
-      builders cannot talk to the outside world (or vice versa): each
-      build only sees a private loopback interface.  This also means
-      that two concurrent builds can listen on the same port (e.g. as
-      part of a test) without conflicting with each
-      other.</para></listitem>
-      <listitem><para>The PID namespace causes each build to start as
-      PID 1.  Processes outside of the chroot are not visible to those
-      on the inside.  On the other hand, processes inside the chroot
-      <emphasis>are</emphasis> visible from the outside (though with
-      different PIDs).</para></listitem>
-      <listitem><para>The IPC namespace prevents the builder from
-      communicating with outside processes using SysV IPC mechanisms
-      (shared memory, message queues, semaphores).  It also ensures
-      that all IPC objects are destroyed when the builder
-      exits.</para></listitem>
-      <listitem><para>The UTS namespace ensures that builders see a
-      hostname of <literal>localhost</literal> rather than the actual
-      hostname.</para></listitem>
-      <listitem><para>The private mount namespace was already used by
-      Nix to ensure that the bind-mounts used to set up the chroot are
-      cleaned up automatically.</para></listitem>
-    </itemizedlist>
-    </para>
-  </listitem>
-
-  <listitem>
-    <para>Build logs are now compressed using
-    <command>bzip2</command>.  The command <command>nix-store
-    -l</command> decompresses them on the fly.  This can be disabled
-    by setting the option <literal>build-compress-log</literal> to
-    <literal>false</literal>.</para>
-  </listitem>
-
-  <listitem>
-    <para>The creation of build logs in
-    <filename>/nix/var/log/nix/drvs</filename> can be disabled by
-    setting the new option <literal>build-keep-log</literal> to
-    <literal>false</literal>.  This is useful, for instance, for Hydra
-    build machines.</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix now reserves some space in
-    <filename>/nix/var/nix/db/reserved</filename> to ensure that the
-    garbage collector can run successfully if the disk is full.  This
-    is necessary because SQLite transactions fail if the disk is
-    full.</para>
-  </listitem>
-
-  <listitem>
-    <para>Added a basic <function>fetchurl</function> function.  This
-    is not intended to replace the <function>fetchurl</function> in
-    Nixpkgs, but is useful for bootstrapping; e.g., it will allow us
-    to get rid of the bootstrap binaries in the Nixpkgs source tree
-    and download them instead.  You can use it by doing
-    <literal>import &lt;nix/fetchurl.nix> { url =
-    <replaceable>url</replaceable>; sha256 =
-    "<replaceable>hash</replaceable>"; }</literal>. (Shea Levy)</para>
-  </listitem>
-
-  <listitem>
-    <para>Improved RPM spec file. (Michel Alexandre Salim)</para>
-  </listitem>
-
-  <listitem>
-    <para>Support for on-demand socket-based activation in the Nix
-    daemon with <command>systemd</command>.</para>
-  </listitem>
-
-  <listitem>
-    <para>Added a manpage for
-    <citerefentry><refentrytitle>nix.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
-  </listitem>
-
-  <listitem>
-    <para>When using the Nix daemon, the <option>-s</option> flag in
-    <command>nix-env -qa</command> is now much faster.</para>
-  </listitem>
-    
-</itemizedlist>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-1.0"><title>Release 1.0 (May 11, 2012)</title>
-
-<para>There have been numerous improvements and bug fixes since the
-previous release.  Here are the most significant:</para>
-
-<itemizedlist>
-
-  <listitem>
-    <para>Nix can now optionally use the Boehm garbage collector.
-    This significantly reduces the Nix evaluator’s memory footprint,
-    especially when evaluating large NixOS system configurations.  It
-    can be enabled using the <option>--enable-gc</option> configure
-    option.</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix now uses SQLite for its database.  This is faster and
-    more flexible than the old <emphasis>ad hoc</emphasis> format.
-    SQLite is also used to cache the manifests in
-    <filename>/nix/var/nix/manifests</filename>, resulting in a
-    significant speedup.</para>
-  </listitem>
-    
-  <listitem>
-    <para>Nix now has an search path for expressions.  The search path
-    is set using the environment variable <envar>NIX_PATH</envar> and
-    the <option>-I</option> command line option.  In Nix expressions,
-    paths between angle brackets are used to specify files that must
-    be looked up in the search path.  For instance, the expression
-    <literal>&lt;nixpkgs/default.nix></literal> looks for a file
-    <filename>nixpkgs/default.nix</filename> relative to every element
-    in the search path.</para>
-  </listitem>
-
-  <listitem>
-    <para>The new command <command>nix-build --run-env</command>
-    builds all dependencies of a derivation, then starts a shell in an
-    environment containing all variables from the derivation.  This is
-    useful for reproducing the environment of a derivation for
-    development.</para>
-  </listitem>
-
-  <listitem>
-    <para>The new command <command>nix-store --verify-path</command>
-    verifies that the contents of a store path have not
-    changed.</para>
-  </listitem>
-
-  <listitem>
-    <para>The new command <command>nix-store --print-env</command>
-    prints out the environment of a derivation in a format that can be
-    evaluated by a shell.</para>
-  </listitem>
-
-  <listitem>
-    <para>Attribute names can now be arbitrary strings.  For instance,
-    you can write <literal>{ "foo-1.2" = …; "bla bla" = …; }."bla
-    bla"</literal>.</para>
-  </listitem>
-    
-  <listitem>
-    <para>Attribute selection can now provide a default value using
-    the <literal>or</literal> operator.  For instance, the expression
-    <literal>x.y.z or e</literal> evaluates to the attribute
-    <literal>x.y.z</literal> if it exists, and <literal>e</literal>
-    otherwise.</para>
-  </listitem>
-
-  <listitem>
-    <para>The right-hand side of the <literal>?</literal> operator can
-    now be an attribute path, e.g., <literal>attrs ?
-    a.b.c</literal>.</para>
-  </listitem>
-
-  <listitem>
-    <para>On Linux, Nix will now make files in the Nix store immutable
-    on filesystems that support it.  This prevents accidental
-    modification of files in the store by the root user.</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix has preliminary support for derivations with multiple
-    outputs.  This is useful because it allows parts of a package to
-    be deployed and garbage-collected separately.  For instance,
-    development parts of a package such as header files or static
-    libraries would typically not be part of the closure of an
-    application, resulting in reduced disk usage and installation
-    time.</para>
-  </listitem>
-
-  <listitem>
-    <para>The Nix store garbage collector is faster and holds the
-    global lock for a shorter amount of time.</para>
-  </listitem>
-
-  <listitem>
-    <para>The option <option>--timeout</option> (corresponding to the
-    configuration setting <literal>build-timeout</literal>) allows you
-    to set an absolute timeout on builds — if a build runs for more than
-    the given number of seconds, it is terminated.  This is useful for
-    recovering automatically from builds that are stuck in an infinite
-    loop but keep producing output, and for which
-    <literal>--max-silent-time</literal> is ineffective.</para>
-  </listitem>
-
-  <listitem>
-    <para>Nix development has moved to GitHub (<link
-    xlink:href="https://github.com/NixOS/nix" />).</para>
-  </listitem>
-
-</itemizedlist>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-0.16"><title>Release 0.16 (August 17, 2010)</title>
-
-<para>This release has the following improvements:</para>
-
-<itemizedlist>
-
-  <listitem>
-    <para>The Nix expression evaluator is now much faster in most
-    cases: typically, <link
-    xlink:href="http://www.mail-archive.com/nix-dev@cs.uu.nl/msg04113.html">3
-    to 8 times compared to the old implementation</link>.  It also
-    uses less memory.  It no longer depends on the ATerm
-    library.</para>
-  </listitem>
-
-  <listitem>
-    <para>
-      Support for configurable parallelism inside builders.  Build
-      scripts have always had the ability to perform multiple build
-      actions in parallel (for instance, by running <command>make -j
-      2</command>), but this was not desirable because the number of
-      actions to be performed in parallel was not configurable.  Nix
-      now has an option <option>--cores
-      <replaceable>N</replaceable></option> as well as a configuration
-      setting <varname>build-cores =
-      <replaceable>N</replaceable></varname> that causes the
-      environment variable <envar>NIX_BUILD_CORES</envar> to be set to
-      <replaceable>N</replaceable> when the builder is invoked.  The
-      builder can use this at its discretion to perform a parallel
-      build, e.g., by calling <command>make -j
-      <replaceable>N</replaceable></command>.  In Nixpkgs, this can be
-      enabled on a per-package basis by setting the derivation
-      attribute <varname>enableParallelBuilding</varname> to
-      <literal>true</literal>.
-    </para>
-  </listitem>
-
-  <listitem>
-    <para><command>nix-store -q</command> now supports XML output
-    through the <option>--xml</option> flag.</para>
-  </listitem>
-
-  <listitem>
-    <para>Several bug fixes.</para>
-  </listitem>
-
-</itemizedlist>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-0.15"><title>Release 0.15 (March 17, 2010)</title>
-
-<para>This is a bug-fix release.  Among other things, it fixes
-building on Mac OS X (Snow Leopard), and improves the contents of
-<filename>/etc/passwd</filename> and <filename>/etc/group</filename>
-in <literal>chroot</literal> builds.</para>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-0.14"><title>Release 0.14 (February 4, 2010)</title>
-
-<para>This release has the following improvements:</para>
-
-<itemizedlist>
-
-  <listitem>
-    <para>The garbage collector now starts deleting garbage much
-    faster than before.  It no longer determines liveness of all paths
-    in the store, but does so on demand.</para>
-  </listitem>
-
-  <listitem>
-    <para>Added a new operation, <command>nix-store --query
-    --roots</command>, that shows the garbage collector roots that
-    directly or indirectly point to the given store paths.</para>
-  </listitem>
-
-  <listitem>
-    <para>Removed support for converting Berkeley DB-based Nix
-    databases to the new schema.</para>
-  </listitem>
-
-  <listitem>
-    <para>Removed the <option>--use-atime</option> and
-    <option>--max-atime</option> garbage collector options.  They were
-    not very useful in practice.</para>
-  </listitem>
-
-  <listitem>
-    <para>On Windows, Nix now requires Cygwin 1.7.x.</para>
-  </listitem>
-
-  <listitem>
-    <para>A few bug fixes.</para>
-  </listitem>
-
-</itemizedlist>
-
-</section>
-
-
-<!--==================================================================-->
-
-<section xml:id="ssec-relnotes-0.13"><title>Release 0.13 (November 5,
+<section xml:id="ssec-relnotes-0.13"><title>Release 0.13 (April NN,
 2009)</title>
 
 <para>This is primarily a bug fix release.  It has some new
@@ -564,25 +85,7 @@ features:</para>
     add a string to stack traces — useful for debugging),
     <varname>builtins.isBool</varname>,
     <varname>builtins.isString</varname>,
-    <varname>builtins.isInt</varname>,
-    <varname>builtins.intersectAttrs</varname>.</para>
-  </listitem>
-
-  <listitem>
-    <para>OpenSolaris support (Sander van der Burg).</para>
-  </listitem>
-
-  <listitem>
-    <para>Stack traces are no longer displayed unless the
-    <option>--show-trace</option> option is used.</para>
-  </listitem>
-
-  <listitem>
-    <para>The scoping rules for <literal>inherit
-    (<replaceable>e</replaceable>) ...</literal> in recursive
-    attribute sets have changed.  The expression
-    <replaceable>e</replaceable> can now refer to the attributes
-    defined in the containing set.</para>
+    <varname>builtins.isInt</varname>.</para>
   </listitem>
 
 </itemizedlist>

doc/manual/style.css

@@ -8,14 +8,15 @@
 
 body
 {
-    font-family: "Nimbus Sans L", sans-serif;
+    font-family: sans-serif;
     background: white;
     margin: 2em 1em 2em 1em;
 }
 
-h1, h2, h3, h4
+h1,h2,h3
 {
     color: #005aa0;
+    text-align: left;
 }
 
 h1 /* title */
@@ -74,13 +75,11 @@ div.refsection h3
 
 div.example
 {
-    border: 1px solid #b0b0b0;
+    border: 1px solid #6185a0;
     padding: 6px 6px;
     margin-left: 1.5em;
     margin-right: 1.5em;
     background: #f4f4f8;
-    border-radius: 0.4em;
-    box-shadow: 0.4em 0.4em 0.5em #e0e0e0;
 }
 
 div.example p.title
@@ -88,11 +87,6 @@ div.example p.title
     margin-top: 0em;
 }
 
-div.example pre
-{
-    box-shadow: none;
-}
-
 
 /***************************************************************************
                             Screen dumps:
@@ -100,15 +94,14 @@ div.example pre
 
 pre.screen, pre.programlisting
 {
-    border: 1px solid #b0b0b0;
+    border: 1px solid #6185a0;
     padding: 3px 3px;
     margin-left: 1.5em;
     margin-right: 1.5em;
     color: #600000;
     background: #f4f4f8;
     font-family: monospace;
-    border-radius: 0.4em;
-    box-shadow: 0.4em 0.4em 0.5em #e0e0e0;
+    /* font-size: 90%; */
 }
 
 div.example pre.programlisting
@@ -125,15 +118,13 @@ div.example pre.programlisting
 
 .note, .warning
 {
-    border: 1px solid #b0b0b0;
+    border: 1px solid #6185a0;
     padding: 3px 3px;
     margin-left: 1.5em;
     margin-right: 1.5em;
     margin-bottom: 1em;
     padding: 0.3em 0.3em 0.3em 0.3em;
     background: #fffff5;
-    border-radius: 0.4em;
-    box-shadow: 0.4em 0.4em 0.5em #e0e0e0;
 }
 
 div.note, div.warning
@@ -145,6 +136,7 @@ div.note h3, div.warning h3
 {
     color: red;
     font-size: 100%;
+//    margin: 0 0 0 0;
     padding-right: 0.5em;
     display: inline;
 }
@@ -175,26 +167,20 @@ div.navfooter *
                         Links colors and highlighting: 
  ***************************************************************************/
 
-a { text-decoration: none; }
-a:hover { text-decoration: underline; }
 a:link { color: #0048b3; }
 a:visited { color: #002a6a; }
+a:hover { background: #ffffcd; }
 
 
 /***************************************************************************
                               Table of contents:
  ***************************************************************************/
 
-div.toc
+.toc
 {
     font-size: 90%;
 }
 
-div.toc dl
-{
-    margin-top: 0em;
-    margin-bottom: 0em;
-}
 
 
 /***************************************************************************
@@ -227,29 +213,76 @@ div.glosslist dt
     font-style: italic;
 }
 
+.default
+{
+    font-style: italic;
+}
+
+.availability
+{
+    font-style: italic;
+}
+
 .varname
 {
     color: #400000;
 }
 
-span.command strong
+
+div.informaltable table
 {
-    font-weight: normal;
+  border: 1px solid #6185a0;
+  width: 100%;
+}
+
+div.informaltable td
+{
+  border: 0;
+  padding: 5px;
+}
+
+div.informaltable td.default
+{
+  text-align: right;
+}
+
+div.informaltable th
+{
+  text-align: left;
+  color: #005aa0;
+  border: 0;
+  padding: 5px;
+  background: #fffff5;
+  font-weight: normal;
+  font-style: italic;
+}
+
+td.varname, td.tagname, td.paramname
+{
+  font-weight: bold;
+  vertical-align: top;
+}
+
+div.epigraph
+{
+    font-style: italic;
+    text-align: right;
+}
+
+table.productionset table.productionset
+{
+    font-family: monospace;
+}
+
+strong.command
+{
+//    font-family: monospace;
+//    font-style: italic;
+//    font-weight: normal;
     color: #400000;
 }
 
-div.calloutlist table
+div.calloutlist td
 {
-    box-shadow: none;
+    padding-bottom: 1em;
 }
-
-table
-{
-    border-collapse: collapse;
-    box-shadow: 0.4em 0.4em 0.5em #e0e0e0;
-}
-
-div.affiliation
-{
-    font-style: italic;
-}

doc/manual/writing-nix-expressions.xml

@@ -11,13 +11,6 @@ the things that tell Nix how to build packages.  It starts with a
 simple example (a Nix expression for GNU Hello), and then moves
 on to a more in-depth look at the Nix expression language.</para>
 
-<note><para>This chapter is mostly about the Nix expression language.
-For more extensive information on adding packages to the Nix Packages
-collection (such as functions in the standard environment and coding
-conventions), please consult <link
-xlink:href="http://hydra.nixos.org/job/nixpkgs/trunk/tarball/latest/download-by-type/doc/manual">its
-manual</link>.</para></note>
-
 
 <section><title>A simple Nix expression</title>
 
@@ -59,7 +52,7 @@ need to do three things:
 <example xml:id='ex-hello-nix'><title>Nix expression for GNU Hello
 (<filename>default.nix</filename>)</title>
 <programlisting>
-{ stdenv, fetchurl, perl }: <co xml:id='ex-hello-nix-co-1' />
+{stdenv, fetchurl, perl}: <co xml:id='ex-hello-nix-co-1' />
 
 stdenv.mkDerivation { <co xml:id='ex-hello-nix-co-2' />
   name = "hello-2.1.1"; <co xml:id='ex-hello-nix-co-3' />
@@ -99,14 +92,14 @@ the single Nix expression in that directory
     function that downloads files.  <varname>perl</varname> is the
     Perl interpreter.</para>
 
-    <para>Nix functions generally have the form <literal>{ x, y, ...,
-    z }: e</literal> where <varname>x</varname>, <varname>y</varname>,
+    <para>Nix functions generally have the form <literal>{x, y, ...,
+    z}: e</literal> where <varname>x</varname>, <varname>y</varname>,
     etc. are the names of the expected arguments, and where
     <replaceable>e</replaceable> is the body of the function.  So
     here, the entire remainder of the file is the body of the
     function; when given the required arguments, the body should
     describe how to build an instance of the Hello package.</para>
-
+    
   </callout>
 
   <callout arearefs='ex-hello-nix-co-2'>
@@ -121,10 +114,10 @@ the single Nix expression in that directory
     <emphasis>attributes</emphasis>.  An attribute set is just a list
     of key/value pairs where each value is an arbitrary Nix
     expression.  They take the general form
-    <literal>{ <replaceable>name1</replaceable> =
+    <literal>{<replaceable>name1</replaceable> =
     <replaceable>expr1</replaceable>; <replaceable>...</replaceable>
     <replaceable>nameN</replaceable> =
-    <replaceable>exprN</replaceable>; }</literal>.</para>
+    <replaceable>exprN</replaceable>;}</literal>.</para>
 
   </callout>
 
@@ -190,7 +183,7 @@ perl = perl;</programlisting>
     with the same name happen to be in scope.</para>
 
   </callout>
-
+  
 </calloutlist>
 
 </para>
@@ -301,7 +294,7 @@ steps:</para>
     (<literal>make install</literal>).</para>
 
   </callout>
-
+  
 </calloutlist>
 
 <para>If you are wondering about the absence of error checking on the
@@ -321,19 +314,19 @@ error check.</para>
 ...
 
 rec { <co xml:id='ex-hello-composition-co-1' />
-
-  hello = import ../applications/misc/hello/ex-1 <co xml:id='ex-hello-composition-co-2' /> { <co xml:id='ex-hello-composition-co-3' />
+  
+  hello = (import ../applications/misc/hello/ex-1 <co xml:id='ex-hello-composition-co-2' />) { <co xml:id='ex-hello-composition-co-3' />
     inherit fetchurl stdenv perl;
   };
 
-  perl = import ../development/interpreters/perl { <co xml:id='ex-hello-composition-co-4' />
+  perl = (import ../development/interpreters/perl) { <co xml:id='ex-hello-composition-co-4' />
     inherit fetchurl stdenv;
   };
 
-  fetchurl = import ../build-support/fetchurl {
+  fetchurl = (import ../build-support/fetchurl) { 
     inherit stdenv; ...
   };
-
+  
   stdenv = ...;
 
 }
@@ -397,23 +390,6 @@ some fragments of
     <varname>stdenv.mkDerivation</varname> in <xref
     linkend='ex-hello-nix' />).</para>
 
-    <note><para>Nixpkgs has a convenience function
-    <function>callPackage</function> that imports and calls a
-    function, filling in any missing arguments by passing the
-    corresponding attribute from the Nixpkgs set, like this:
-
-<programlisting>
-hello = callPackage ../applications/misc/hello/ex-1 { };
-</programlisting>
-
-    If necessary, you can set or override arguments:
-
-<programlisting>
-hello = callPackage ../applications/misc/hello/ex-1 { stdenv = myStdenv; };
-</programlisting>
-
-    </para></note>
-
   </callout>
 
   <callout arearefs='ex-hello-composition-co-4'>
@@ -476,8 +452,8 @@ that the path denoted by <envar>out</envar> is now
 will see that the path is already valid and finish immediately.  If a
 build fails, either because it returns a non-zero exit code, because
 Nix or the builder are killed, or because the machine crashes, then
-the output paths will not be registered as valid.  If you try to build
-the derivation again, Nix will remove the output paths if they exist
+the output path will not be registered as valid.  If you try to build
+the derivation again, Nix will remove the output path if it exists
 (e.g., because the builder died half-way through <literal>make
 install</literal>) and try again.  Note that there is no
 <quote>negative caching</quote>: Nix doesn't remember that a build
@@ -543,7 +519,7 @@ genericBuild <co xml:id='ex-hello-builder2-co-3' /></programlisting>
 <calloutlist>
 
   <callout arearefs='ex-hello-builder2-co-1'>
-
+    
     <para>The <envar>buildInputs</envar> variable tells
     <filename>setup</filename> to use the indicated packages as
     <quote>inputs</quote>.  This means that if a package provides a
@@ -568,7 +544,7 @@ genericBuild <co xml:id='ex-hello-builder2-co-3' /></programlisting>
     the file <literal>$stdenv/setup</literal>.</para>
 
   </callout>
-
+  
   <callout arearefs='ex-hello-builder2-co-3'>
 
     <para>The final step calls the shell function
@@ -580,7 +556,7 @@ genericBuild <co xml:id='ex-hello-builder2-co-3' /></programlisting>
     see <xref linkend='sec-standard-environment' />.</para>
 
   </callout>
-
+  
 </calloutlist>
 
 <para>Discerning readers will note that the
@@ -588,7 +564,7 @@ genericBuild <co xml:id='ex-hello-builder2-co-3' /></programlisting>
 expression, like this:
 
 <programlisting>
-  buildInputs = [ perl ];</programlisting>
+  buildInputs = [perl];</programlisting>
 
 The <varname>perl</varname> attribute can then be removed, and the
 builder becomes even shorter:
@@ -704,7 +680,7 @@ configureFlags = "
     the third line is indented three spaces.  Thus, two spaces are
     stripped from each line, so the resulting string is
 
-<programlisting>
+<programlisting>    
 "This is the first line.\nThis is the second line.\n  This is the third line.\n"</programlisting>
 
     </para>
@@ -726,7 +702,7 @@ configureFlags = "
     linefeed, carriage-return and tab characters can be writted as
     <literal>''\n</literal>, <literal>''\r</literal>,
     <literal>''\t</literal>.</para>
-
+    
     <para>Indented strings are primarily useful in that they allow
     multi-line string literals to follow the indentation of the
     enclosing Nix expression, and that less escaping is typically
@@ -745,7 +721,7 @@ stdenv.mkDerivation {
       ${if enableBar then "cp bar $out/bin" else ""}
     '';
   <replaceable>...</replaceable>
-}
+}    
 </programlisting>
 
     </para>
@@ -781,7 +757,7 @@ stdenv.mkDerivation {
   <listitem><para><emphasis>Booleans</emphasis> with values
   <literal>true</literal> and
   <literal>false</literal>.</para></listitem>
-
+  
 </itemizedlist>
 
 </para>
@@ -795,14 +771,14 @@ stdenv.mkDerivation {
 values between square brackets.  For example,
 
 <programlisting>
-[ 123 ./foo.nix "abc" (f { x = y; }) ]</programlisting>
+[ 123 ./foo.nix "abc" (f {x=y;}) ]</programlisting>
 
 defines a list of four elements, the last being the result of a call
 to the function <varname>f</varname>.  Note that function calls have
 to be enclosed in parentheses.  If they had been omitted, e.g.,
 
 <programlisting>
-[ 123 ./foo.nix "abc" f { x = y; } ]</programlisting>
+[ 123 ./foo.nix "abc" f {x=y;} ]</programlisting>
 
 the result would be a list of five elements, the fourth one being a
 function and the fifth being an attribute set.</para>
@@ -837,23 +813,7 @@ occur once.</para>
 <programlisting>
 { a = "Foo"; b = "Bar"; }.a</programlisting>
 
-evaluates to <literal>"Foo"</literal>.  It is possible to provide a
-default value in an attribute selection using the
-<literal>or</literal> keyword.  For example,
-
-<programlisting>
-{ a = "Foo"; b = "Bar"; }.c or "Xyzzy"</programlisting>
-
-will evaluate to <literal>"Xyzzy"</literal> because there is no
-<varname>c</varname> attribute in the set.</para>
-
-<para>You can use arbitrary string constants as attribute names by
-enclosing them in quotes:
-
-<programlisting>
-{ "foo bar" = 123; "nix-1.0" = 456; }."foo bar" </programlisting>
-
-This will evaluate to <literal>123</literal>.</para>
+evaluates to <literal>"Foo"</literal>.</para>
 
 </simplesect>
 
@@ -931,12 +891,15 @@ propagate attributes).  This can be shortened using the
 <literal>inherit</literal> keyword.  For instance,
 
 <programlisting>
-let x = 123; in
-{ inherit x;
-  y = 456;
-}</programlisting>
+let
+  x = 123;
+in 
+  {
+    inherit x;
+    y = 456;
+  }</programlisting>
 
-evaluates to <literal>{ x = 123; y = 456; }</literal>.  (Note that this
+evaluates to <literal>{x = 123; y = 456;}</literal>.  (Note that this
 works because <varname>x</varname> is added to the lexical scope by
 the <literal>let</literal> construct.)  It is also possible to inherit
 attributes from another attribute set.  For instance, in this fragment
@@ -982,7 +945,7 @@ argument.  There are three kinds of patterns:</para>
 
 <itemizedlist>
 
-
+  
   <listitem><para>If a pattern is a single identifier, then the
   function matches any argument.  Example:
 
@@ -997,29 +960,29 @@ in if negate true then concat "foo" "bar" else ""</programlisting>
   arguments of a function); e.g.,
 
   <programlisting>
-map (concat "foo") [ "bar" "bla" "abc" ]</programlisting>
-
-  evaluates to <literal>[ "foobar" "foobla"
-  "fooabc" ]</literal>.</para></listitem>
+map (concat "foo") ["bar" "bla" "abc"]</programlisting>
 
+  evaluates to <literal>["foobar" "foobla"
+  "fooabc"]</literal>.</para></listitem>
 
+  
   <listitem><para>An <emphasis>attribute set pattern</emphasis> of the
-  form <literal>{ name1, name2, …, nameN }</literal>
+  form <literal>{name1, name2, …, nameN}</literal>
   matches an attribute set containing the listed attributes, and binds
   the values of those attributes to variables in the function body.
   For example, the function
 
 <programlisting>
-{ x, y, z }: z + y + x</programlisting>
+{x, y, z}: z + y + x</programlisting>
 
   can only be called with a set containing exactly the attributes
   <varname>x</varname>, <varname>y</varname> and
   <varname>z</varname>.  No other attributes are allowed.  If you want
   to allow additional arguments, you can use an ellipsis
-  (<literal>...</literal>):
+  (<literal>...</literal>): 
 
 <programlisting>
-{ x, y, z, ... }: z + y + x</programlisting>
+{x, y, z, ....}: z + y + x</programlisting>
 
   This works on any set that contains at least the three named
   attributes.</para>
@@ -1032,7 +995,7 @@ map (concat "foo") [ "bar" "bla" "abc" ]</programlisting>
   <replaceable>e</replaceable> is an arbitrary expression.  For example,
 
 <programlisting>
-{ x, y ? "foo", z ? "bar" }: z + y + x</programlisting>
+{x, y ? "foo", z ? "bar"}: z + y + x</programlisting>
 
   specifies a function that only requires an attribute named
   <varname>x</varname>, but optionally accepts <varname>y</varname>
@@ -1044,11 +1007,11 @@ map (concat "foo") [ "bar" "bla" "abc" ]</programlisting>
   of the <literal>@</literal>-sign.  For example:
 
 <programlisting>
-args@{ x, y, z, ... }: z + y + x + args.a</programlisting>
+args@{x, y, z, ...}: z + y + x + args.a</programlisting>
 
   Here <varname>args</varname> is bound to the entire argument, which
-  is further matches against the pattern <literal>{ x, y, z,
-  ... }</literal>.</para></listitem>
+  is further matches against the pattern <literal>{x, y, z,
+  ...}</literal>.</para></listitem>
 
 
 </itemizedlist>
@@ -1057,8 +1020,8 @@ args@{ x, y, z, ... }: z + y + x + args.a</programlisting>
 a name, you can bind them to an attribute, e.g.,
 
 <programlisting>
-let concat = { x, y }: x + y;
-in concat { x = "foo"; y = "bar"; }</programlisting>
+let concat = {x, y}: x + y;
+in concat {x = "foo"; y = "bar";}</programlisting>
 
 </para>
 
@@ -1143,7 +1106,7 @@ used in the Nix expression for Subversion.</para>
     incompatibility might occur.</para>
   </callout>
 
-  <callout arearefs='ex-subversion-nix-co-3'>
+  <callout arearefs='ex-subversion-nix-co-2'>
     <para>This assertion says that in order for Subversion to have SSL
     support (so that it can access <literal>https</literal> URLs), an
     OpenSSL library must be passed.  Additionally, it says that
@@ -1164,7 +1127,7 @@ used in the Nix expression for Subversion.</para>
 </calloutlist>
 
 </simplesect>
-
+  
 
 
 <simplesect><title>With-expressions</title>
@@ -1179,7 +1142,7 @@ lexical scope of the expression <replaceable>e2</replaceable>.  For
 instance,
 
 <programlisting>
-let as = { x = "foo"; y = "bar"; };
+let as = {x = "foo"; y = "bar";};
 in with as; x + y</programlisting>
 
 evaluates to <literal>"foobar"</literal> since the
@@ -1229,17 +1192,12 @@ weakest binding).</para>
     </thead>
     <tbody>
       <row>
-        <entry><replaceable>e</replaceable> <literal>.</literal>
-        <replaceable>attrpath</replaceable>
-        [ <literal>or</literal> <replaceable>def</replaceable> ]
-        </entry>
+        <entry><replaceable>e</replaceable> .
+        <replaceable>id</replaceable></entry>
         <entry>none</entry>
-        <entry>Select attribute denoted by the attribute path
-        <replaceable>attrpath</replaceable> from attribute set
-        <replaceable>e</replaceable>.  (An attribute path is a
-        dot-separated list of attribute names.)  If the attribute
-        doesn’t exist, return <replaceable>def</replaceable> if
-        provided, otherwise abort evaluation.</entry>
+        <entry>Select attribute named <replaceable>id</replaceable>
+        from attribute set <replaceable>e</replaceable>.  Abort
+        evaluation if the attribute doesn’t exist.</entry>
       </row>
       <row>
         <entry><replaceable>e1</replaceable> <replaceable>e2</replaceable></entry>
@@ -1248,31 +1206,31 @@ weakest binding).</para>
         argument <replaceable>e2</replaceable>.</entry>
       </row>
       <row>
-        <entry><replaceable>e</replaceable> <literal>?</literal>
-        <replaceable>attrpath</replaceable></entry>
+        <entry><replaceable>e</replaceable> ?
+        <replaceable>id</replaceable></entry>
         <entry>none</entry>
         <entry>Test whether attribute set <replaceable>e</replaceable>
-        contains the attribute denoted by <replaceable>attrpath</replaceable>;
+        contains an attribute named <replaceable>id</replaceable>;
         return <literal>true</literal> or
         <literal>false</literal>.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>++</literal> <replaceable>e2</replaceable></entry>
+        <entry><replaceable>e1</replaceable> ++ <replaceable>e2</replaceable></entry>
         <entry>right</entry>
         <entry>List concatenation.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>+</literal> <replaceable>e2</replaceable></entry>
+        <entry><replaceable>e1</replaceable> + <replaceable>e2</replaceable></entry>
         <entry>left</entry>
         <entry>String or path concatenation.</entry>
       </row>
       <row>
-        <entry><literal>!</literal> <replaceable>e</replaceable></entry>
+        <entry>! <replaceable>e</replaceable></entry>
         <entry>left</entry>
         <entry>Boolean negation.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>//</literal>
+        <entry><replaceable>e1</replaceable> //
         <replaceable>e2</replaceable></entry>
         <entry>right</entry>
         <entry>Return an attribute set consisting of the attributes in
@@ -1281,31 +1239,31 @@ weakest binding).</para>
         precedence over the former in case of equally named attributes).</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>==</literal>
+        <entry><replaceable>e1</replaceable> ==
         <replaceable>e2</replaceable></entry>
         <entry>none</entry>
         <entry>Equality.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>!=</literal>
+        <entry><replaceable>e1</replaceable> !=
         <replaceable>e2</replaceable></entry>
         <entry>none</entry>
         <entry>Inequality.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>&amp;&amp;</literal>
+        <entry><replaceable>e1</replaceable> &amp;&amp;
         <replaceable>e2</replaceable></entry>
         <entry>left</entry>
         <entry>Logical AND.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>||</literal>
+        <entry><replaceable>e1</replaceable> ||
         <replaceable>e2</replaceable></entry>
         <entry>left</entry>
         <entry>Logical OR.</entry>
       </row>
       <row>
-        <entry><replaceable>e1</replaceable> <literal>-></literal>
+        <entry><replaceable>e1</replaceable> ->
         <replaceable>e2</replaceable></entry>
         <entry>none</entry>
         <entry>Logical implication (equivalent to
@@ -1338,12 +1296,12 @@ set, the attributes of which specify the inputs of the build.</para>
   can only be performed on a machine and operating system matching the
   platform identifier.  (Nix can automatically forward builds for
   other platforms by forwarding them to other machines; see <xref
-  linkend='chap-distributed-builds' />.)</para></listitem>
+  linkend='sec-distributed-builds' />.)</para></listitem>
 
   <listitem><para>There must be an attribute named
   <varname>name</varname> whose value must be a string.  This is used
   as a symbolic name for the package by <command>nix-env</command>,
-  and it is appended to the output paths of the
+  and it is appended to the hash in the output path of the
   derivation.</para></listitem>
 
   <listitem><para>There must be an attribute named
@@ -1358,7 +1316,7 @@ set, the attributes of which specify the inputs of the build.</para>
 
     <itemizedlist>
 
-      <listitem><para>Strings and integers are just passed
+      <listitem><para>Strings, URIs, and integers are just passed
       verbatim.</para></listitem>
 
       <listitem><para>A <emphasis>path</emphasis> (e.g.,
@@ -1369,8 +1327,8 @@ set, the attributes of which specify the inputs of the build.</para>
       should reside in the Nix store.</para></listitem>
 
       <listitem><para>A <emphasis>derivation</emphasis> causes that
-      derivation to be built prior to the present derivation; its
-      default output path is put in the environment
+      derivation to be built prior to the present derivation; the
+      output path is put in the environment
       variable.</para></listitem>
 
       <listitem><para>Lists of the previous types are also allowed.
@@ -1389,48 +1347,14 @@ set, the attributes of which specify the inputs of the build.</para>
   specifies command-line arguments to be passed to the builder.  It
   should be a list.</para></listitem>
 
-  <listitem><para>The optional attribute <varname>outputs</varname>
-  specifies a list of symbolic outputs of the derivation.  By default,
-  a derivation produces a single output path, denoted as
-  <literal>out</literal>.  However, derivations can produce multiple
-  output paths.  This is useful because it allows outputs to be
-  downloaded or garbage-collected separately.  For instance, imagine a
-  library package that provides a dynamic library, header files, and
-  documentation.  A program that links against the library doesn’t
-  need the header files and documentation at runtime, and it doesn’t
-  need the documentation at build time.  Thus, the library package
-  could specify:
-<programlisting>
-outputs = [ "lib" "headers" "doc" ];
-</programlisting>
-  This will cause Nix to pass environment variables
-  <literal>lib</literal>, <literal>headers</literal> and
-  <literal>doc</literal> to the builder containing the intended store
-  paths of each output.  The builder would typically do something like
-<programlisting>
-./configure --libdir=$lib/lib --includedir=$headers/include --docdir=$doc/share/doc
-</programlisting>
-  for an Autoconf-style package.  You can refer to each output of a
-  derivation by selecting it as an attribute, e.g.
-<programlisting>
-buildInputs = [ pkg.lib pkg.headers ];
-</programlisting>
-  The first element of <varname>output</varname> determines the
-  <emphasis>default output</emphasis>.  Thus, you could also write
-<programlisting>
-buildInputs = [ pkg pkg.headers ];
-</programlisting>
-  since <literal>pkg</literal> is equivalent to
-  <literal>pkg.lib</literal>.</para></listitem>
-
 </itemizedlist>
 
-<para>The function <function>mkDerivation</function> in the standard
+<para>(Note that <function>mkDerivation</function> in the standard
 environment is a wrapper around <function>derivation</function> that
 adds a default value for <varname>system</varname> and always uses
 Bash as the builder, to which the supplied builder is passed as a
 command-line argument.  See <xref linkend='sec-standard-environment'
-/>.</para>
+/>.)</para>
 
 <para>The builder is executed as follows:
 
@@ -1474,19 +1398,17 @@ command-line argument.  See <xref linkend='sec-standard-environment'
     top-level Nix store directory (typically,
     <filename>/nix/store</filename>).</para></listitem>
 
-    <listitem><para>For each output declared in
-    <varname>outputs</varname>, the corresponding environment variable
-    is set to point to the intended path in the Nix store for that
-    output.  Each output path is a concatenation of the cryptographic
-    hash of all build inputs, the <varname>name</varname> attribute
-    and the output name.  (The output name is omitted if it’s
-    <literal>out</literal>.)</para></listitem>
-
+    <listitem><para><envar>out</envar> is set to point to the output
+    path of the derivation, which is a subdirectory of the Nix store.
+    The output path is a concatenation of the cryptographic hash of
+    all build inputs, and the <varname>name</varname>
+    attribute.</para></listitem>
+    
   </itemizedlist>
 
   </para></listitem>
 
-  <listitem><para>If an output path already exists, it is removed.
+  <listitem><para>If the output path already exists, it is removed.
   Also, locks are acquired to prevent multiple Nix instances from
   performing the same build at the same time.</para></listitem>
 
@@ -1500,11 +1422,14 @@ command-line argument.  See <xref linkend='sec-standard-environment'
   <listitem><para>The temporary directory is removed (unless the
   <option>-K</option> option was specified).</para></listitem>
 
-  <listitem><para>If the build was successful, Nix scans each output
-  path for references to input paths by looking for the hash parts of
-  the input paths.  Since these are potential runtime dependencies,
-  Nix registers them as dependencies of the output
-  paths.</para></listitem>
+  <listitem><para>If the build was successful, Nix scans the output
+  for references to the paths of the inputs.  These so-called
+  <emphasis>retained dependencies</emphasis> could be used when the
+  output of the derivation is used (e.g., when it's executed or used
+  as input to another derivation), so if we deploy the derivation, we
+  should copy the retained dependencies as well.  The scan is
+  performed by looking for the hash parts of file names of the
+  inputs.</para></listitem>
 
   <listitem><para>After the build, Nix sets the last-modified
   timestamp on all files in the build result to 1 (00:00:01 1/1/1970
@@ -1530,7 +1455,7 @@ attributes.</para>
 <variablelist>
 
   <varlistentry><term><varname>allowedReferences</varname></term>
-
+  
     <listitem><para>The optional attribute
     <varname>allowedReferences</varname> specifies a list of legal
     references (dependencies) of the output of the builder.  For
@@ -1548,27 +1473,28 @@ allowedReferences = [];
 
   </varlistentry>
 
-
+  
   <varlistentry><term><varname>exportReferencesGraph</varname></term>
 
     <listitem><para>This attribute allows builders access to the
     references graph of their inputs.  The attribute is a list of
     inputs in the Nix store whose references graph the builder needs
     to know.  The value of this attribute should be a list of pairs
-    <literal>[ <replaceable>name1</replaceable>
+    <literal>[<replaceable>name1</replaceable>
     <replaceable>path1</replaceable> <replaceable>name2</replaceable>
-    <replaceable>path2</replaceable> <replaceable>...</replaceable>
-    ]</literal>.  The references graph of each
-    <replaceable>pathN</replaceable> will be stored in a text file
-    <replaceable>nameN</replaceable> in the temporary build directory.
-    The text files have the format used by <command>nix-store
-    --register-validity</command> (with the deriver fields left
-    empty).  For example, when the following derivation is built:
+    <replaceable>path2</replaceable>
+    <replaceable>...</replaceable>]</literal>.  The references graph
+    of each <replaceable>pathN</replaceable> will be stored in a text
+    file <replaceable>nameN</replaceable> in the temporary build
+    directory.  The text files have the format used by
+    <command>nix-store --register-validity</command> (with the deriver
+    fields left empty).  For example, when the following derivation is
+    built:
 
 <programlisting>
 derivation {
   ...
-  exportReferencesGraph = [ "libfoo-graph" libfoo ];
+  exportReferencesGraph = ["libfoo-graph" libfoo];
 };
 </programlisting>
 
@@ -1645,21 +1571,21 @@ fetchurl {
     <varname>fetchurl</varname>:
 
 <programlisting>
-{ stdenv, curl }: # The <command>curl</command> program is used for downloading.
+{stdenv, curl}: # The <command>curl</command> program is used for downloading.
 
-{ url, md5 }:
+{url, md5}:
 
 stdenv.mkDerivation {
   name = baseNameOf (toString url);
   builder = ./builder.sh;
-  buildInputs = [ curl ];
+  buildInputs = [curl];
 
   # This is a fixed-output derivation; the output must be a regular
   # file with MD5 hash <varname>md5</varname>.
   outputHashMode = "flat";
   outputHashAlgo = "md5";
   outputHash = md5;
-
+  
   inherit url;
 }
 </programlisting>
@@ -1688,7 +1614,7 @@ stdenv.mkDerivation {
         <para>This is the default.</para></listitem>
 
       </varlistentry>
-
+    
       <varlistentry><term><literal>"recursive"</literal></term>
 
         <listitem><para>The hash is computed over the NAR archive dump
@@ -1709,10 +1635,10 @@ stdenv.mkDerivation {
     linkend="sec-nix-hash"><command>nix-hash</command> command</link>
     for information about converting to and from base-32
     notation.)</para></listitem>
-
+    
   </varlistentry>
 
-
+  
   <varlistentry><term><varname>impureEnvVars</varname></term>
 
     <listitem><para>This attribute allows you to specify a list of
@@ -1724,7 +1650,7 @@ stdenv.mkDerivation {
     Nixpkgs has the line
 
 <programlisting>
-impureEnvVars = [ "http_proxy" "https_proxy" <replaceable>...</replaceable> ];
+impureEnvVars = ["http_proxy" "https_proxy" <replaceable>...</replaceable>];
 </programlisting>
 
     to make it use the proxy server configuration specified by the
@@ -1739,18 +1665,8 @@ impureEnvVars = [ "http_proxy" "https_proxy" <replaceable>...</replaceable> ];
 
   </varlistentry>
 
-
-  <varlistentry><term><varname>preferLocalBuild</varname></term>
-
-    <listitem><para>If this attribute is set to
-    <literal>true</literal> and <link
-    linkend="chap-distributed-builds">distributed building is
-    enabled</link>, then, if possible, perform this build locally
-    instead of forwarding it to a remote machine.  This is appropriate
-    for trivial builders where the cost of doing a remote build would
-    exceed the cost of building locally.</para></listitem>
-
-  </varlistentry>
+  
+  
 
 </variablelist>
 

externals/Makefile.am

@@ -0,0 +1,117 @@
+# Berkeley DB
+
+DB = db-4.5.20
+
+if OLD_DB_COMPAT
+
+$(DB).tar.gz:
+	@echo "Nix requires Berkeley DB to build."
+	@echo "Please download version 4.5.20 from"
+	@echo "  http://download-east.oracle.com/berkeley-db/db-4.5.20.tar.gz"
+	@echo "and place it in the externals/ directory."
+	false
+
+$(DB): $(DB).tar.gz
+	gunzip < $(srcdir)/$(DB).tar.gz | tar xvf -
+	(cd $(DB) && $(patch) -p1) < $(srcdir)/bdb-cygwin.patch
+
+have-db:
+	$(MAKE) $(DB)
+	touch have-db
+
+if HAVE_BDB
+build-db:
+else
+build-db: have-db
+	(pfx=`pwd` && \
+	cd $(DB)/build_unix && \
+	CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" \
+	 ../dist/configure --prefix=$$pfx/inst-bdb \
+	 --enable-cxx --disable-shared --disable-cryptography \
+         --disable-replication --disable-verify && \
+	$(MAKE) && \
+	$(MAKE) install_include install_lib)
+	touch build-db
+endif
+
+else
+
+build-db:
+
+endif
+
+
+# CWI ATerm
+
+ATERM = aterm-2.4.2-fixes-r2
+
+$(ATERM).tar.bz2:
+	@echo "Nix requires the CWI ATerm library to build."
+	@echo "Please download version 2.4.2-fixes-r2 from"
+	@echo "  http://nixos.org/tarballs/aterm-2.4.2-fixes-r2.tar.bz2"
+	@echo "and place it in the externals/ directory."
+	false
+
+$(ATERM): $(ATERM).tar.bz2
+	bunzip2 < $(srcdir)/$(ATERM).tar.bz2 | tar xvf -
+
+have-aterm:
+	$(MAKE) $(ATERM)
+	touch have-aterm
+
+if HAVE_ATERM
+build-aterm:
+else
+build-aterm: have-aterm
+	(pfx=`pwd` && \
+	cd $(ATERM) && \
+	CC="$(CC)" ./configure --prefix=$$pfx/inst-aterm \
+	  --disable-shared --enable-static && \
+	$(MAKE) && \
+	$(MAKE) install)
+	touch build-aterm
+endif
+
+
+# bzip2
+
+BZIP2 = bzip2-1.0.5
+
+$(BZIP2).tar.gz:
+	@echo "Nix requires bzip2 to build."
+	@echo "Please download version 1.0.5 from"
+	@echo "  http://www.bzip.org/1.0.5/bzip2-1.0.5.tar.gz"
+	@echo "and place it in the externals/ directory."
+	false
+
+$(BZIP2): $(BZIP2).tar.gz
+	gunzip < $(srcdir)/$(BZIP2).tar.gz | tar xvf -
+
+have-bzip2:
+	$(MAKE) $(BZIP2)
+	touch have-bzip2
+
+if HAVE_BZIP2
+build-bzip2:
+else
+build-bzip2: have-bzip2
+	(pfx=`pwd` && \
+	cd $(BZIP2) && \
+	$(MAKE) && \
+	$(MAKE) install PREFIX=$$pfx/inst-bzip2)
+	touch build-bzip2
+
+install:
+	mkdir -p $(DESTDIR)${bzip2_bin}
+	$(INSTALL_PROGRAM) $(bzip2_bin_test)/bzip2 $(bzip2_bin_test)/bunzip2 $(DESTDIR)${bzip2_bin}
+endif
+
+
+all: build-db build-aterm build-bzip2
+
+EXTRA_DIST = $(DB).tar.gz $(ATERM).tar.bz2 $(BZIP2).tar.gz \
+  bdb-cygwin.patch
+
+ext-clean:
+	$(RM) -f have-db build-db have-aterm build-aterm have-bzip2 build-bzip2
+	$(RM) -rf $(DB) $(ATERM) $(BZIP2)

externals/bdb-cygwin.patch

@@ -0,0 +1,22 @@
+diff -rc db-4.5.20-orig/os/os_flock.c db-4.5.20/os/os_flock.c
+*** db-4.5.20-orig/os/os_flock.c	2006-10-13 12:36:12.000000000 +0200
+--- db-4.5.20/os/os_flock.c	2006-10-13 12:40:11.000000000 +0200
+***************
+*** 30,35 ****
+--- 30,44 ----
+  
+  	DB_ASSERT(dbenv, F_ISSET(fhp, DB_FH_OPENED) && fhp->fd != -1);
+  
++ #ifdef __CYGWIN__
++ 	/*
++ 	 * Windows file locking interferes with read/write operations, so we
++ 	 * map the ranges to an area past the end of the file.
++ 	 */
++ 	DB_ASSERT(dbenv, offset < (off_t) 1 << 62);
++ 	offset += (off_t) 1 << 62;
++ #endif
++ 
+  	fl.l_start = offset;
+  	fl.l_len = 1;
+  	fl.l_type = acquire ? F_WRLCK : F_UNLCK;
+Only in db-4.5.20/os: os_flock.c~

make/examples/aterm/aterm/default.nix

@@ -0,0 +1,30 @@
+{sharedLib ? true}:
+
+rec {
+
+  inherit (import ../../../lib) compileC makeLibrary;
+
+  sources = [
+    ./afun.c
+    ./aterm.c
+    ./bafio.c
+    ./byteio.c
+    ./gc.c
+    ./hash.c
+    ./list.c
+    ./make.c
+    ./md5c.c
+    ./memory.c
+    ./tafio.c
+    ./version.c
+  ];
+
+  compile = main: compileC {inherit main sharedLib;};
+
+  libATerm = makeLibrary {
+    libraryName = "ATerm";
+    objects = map compile sources;
+    inherit sharedLib;
+  };
+
+}

make/examples/aterm/default.nix

@@ -0,0 +1 @@
+import test/default.nix

make/examples/aterm/test/default.nix

@@ -0,0 +1,15 @@
+with (import ../../../lib);
+
+let {
+  inherit (import ../aterm {}) libATerm;
+
+  compileTest = main: link {
+    objects = [(compileC {inherit main; localIncludePath = [ ../aterm ];})];
+    libraries = libATerm;
+  };
+
+  body = [
+    (compileTest ./fib.c)
+    (compileTest ./primes.c)
+  ];
+}

make/examples/default.nix

@@ -0,0 +1,6 @@
+[ (import ./trivial)
+  (import ./simple-header)
+  (import ./not-so-simple-header)
+  (import ./not-so-simple-header-auto)
+  (import ./aterm)
+]

make/examples/not-so-simple-header-auto/bar/hello.h

@@ -0,0 +1 @@
+#define WHAT "World"

make/examples/not-so-simple-header-auto/default.nix

@@ -0,0 +1,13 @@
+with import ../../lib;
+
+let {
+
+  hello = link {programName = "hello"; objects = compileC {
+    main = ./foo/hello.c;
+    localIncludes = "auto";
+  };};
+
+#  body = findIncludes {main = ./foo/hello.c;};
+
+  body = [hello];
+}

make/examples/not-so-simple-header-auto/foo/fnord/indirect.h

@@ -0,0 +1,3 @@
+#define HELLO "Hello"
+
+#include "../../bar/hello.h"

make/examples/not-so-simple-header-auto/foo/hello.c

@@ -0,0 +1,9 @@
+#include <stdio.h>
+
+#include "fnord/indirect.h"
+
+int main(int argc, char * * argv)
+{
+    printf(HELLO " " WHAT "\n");
+    return 0;
+}

make/examples/not-so-simple-header/bar/hello.h

@@ -0,0 +1 @@
+#define WHAT "World"

make/examples/not-so-simple-header/default.nix

@@ -0,0 +1,14 @@
+let {
+
+  inherit (import ../../lib) compileC link;
+
+  hello = link {programName = "hello"; objects = compileC {
+    main = ./foo/hello.c;
+    localIncludes = [
+      [./foo/fnord/indirect.h "fnord/indirect.h"]
+      [./bar/hello.h "fnord/../../bar/hello.h"]
+    ];
+  };};
+
+  body = [hello];
+}

make/examples/not-so-simple-header/foo/fnord/indirect.h

@@ -0,0 +1,3 @@
+#define HELLO "Hello"
+
+#include "../../bar/hello.h"

make/examples/not-so-simple-header/foo/hello.c

@@ -0,0 +1,9 @@
+#include <stdio.h>
+
+#include "fnord/indirect.h"
+
+int main(int argc, char * * argv)
+{
+    printf(HELLO " " WHAT "\n");
+    return 0;
+}

make/examples/simple-header/default.nix

@@ -0,0 +1,11 @@
+let {
+
+  inherit (import ../../lib) compileC link;
+
+  hello = link {objects = compileC {
+    main = ./hello.c;
+    localIncludes = [ [./hello.h "hello.h"] ];
+  };};
+
+  body = [hello];
+}

make/examples/simple-header/hello.c

@@ -0,0 +1,9 @@
+#include <stdio.h>
+
+#include "hello.h"
+
+int main(int argc, char * * argv)
+{
+    printf("Hello " WHAT "\n");
+    return 0;
+}

make/examples/simple-header/hello.h

@@ -0,0 +1 @@
+#define WHAT "World"

make/examples/trivial/default.nix

@@ -0,0 +1,8 @@
+let {
+
+  inherit (import ../../lib) compileC link;
+
+  hello = link {objects = compileC {main = ./hello.c;};};
+
+  body = [hello];
+}

make/examples/trivial/hello.c

@@ -0,0 +1,7 @@
+#include <stdio.h>
+
+int main(int argc, char * * argv)
+{
+    printf("Hello World\n");
+    return 0;
+}

make/lib/compile-c.sh

@@ -0,0 +1,73 @@
+. $stdenv/setup
+
+mainName=$(basename $main | cut -c34-)
+
+echo "compiling \`$mainName'..."
+
+# Turn $localIncludes into an array.
+localIncludes=($localIncludes)
+
+# Determine how many `..' levels appear in the header file references.
+# E.g., if there is some reference `../../foo.h', then we have to
+# insert two extra levels in the directory structure, so that `a.c' is
+# stored at `dotdot/dotdot/a.c', and a reference from it to
+# `../../foo.h' resolves to `dotdot/dotdot/../../foo.h' == `foo.h'.
+n=0
+maxDepth=0
+for ((n = 0; n < ${#localIncludes[*]}; n += 2)); do
+    target=${localIncludes[$((n + 1))]}
+
+    # Split the target name into path components using some IFS magic.
+    savedIFS="$IFS"
+    IFS=/
+    components=($target)
+    depth=0
+    for ((m = 0; m < ${#components[*]}; m++)); do
+        c=${components[m]}
+        if test "$c" = ".."; then
+            depth=$((depth + 1))
+        fi
+    done
+    IFS="$savedIFS"
+
+    if test $depth -gt $maxDepth; then
+        maxDepth=$depth;
+    fi
+done
+
+# Create the extra levels in the directory hierarchy.
+prefix=
+for ((n = 0; n < maxDepth; n++)); do
+    prefix="dotdot/$prefix"
+done
+
+# Create symlinks to the header files.
+for ((n = 0; n < ${#localIncludes[*]}; n += 2)); do
+    source=${localIncludes[n]}
+    target=${localIncludes[$((n + 1))]}
+
+    # Create missing directories.  We use IFS magic to split the path
+    # into path components.
+    savedIFS="$IFS"
+    IFS=/
+    components=($prefix$target)
+    fullPath=(.)
+    for ((m = 0; m < ${#components[*]} - 1; m++)); do
+        fullPath=("${fullPath[@]}" ${components[m]})
+        if ! test -d "${fullPath[*]}"; then
+            mkdir "${fullPath[*]}"
+        fi
+    done
+    IFS="$savedIFS"
+    
+    ln -sf $source $prefix$target
+done
+
+# Create a symlink to the main file.
+if ! test "$(readlink $prefix$mainName)" = $main; then
+    ln -s $main $prefix$mainName
+fi
+
+mkdir $out
+test "$prefix" && cd $prefix
+gcc -Wall $cFlags -c $mainName -o $out/$mainName.o

make/lib/default.nix

@@ -0,0 +1,69 @@
+rec {
+
+  # Should point at your Nixpkgs installation.
+  pkgPath = ./pkgs;
+
+  pkgs = import (pkgPath + /system/all-packages.nix) {};
+
+  stdenv = pkgs.stdenv;
+  
+
+  compileC =
+  { main
+  , localIncludes ? "auto"
+  , localIncludePath ? []
+  , cFlags ? ""
+  , sharedLib ? false
+  }:
+  stdenv.mkDerivation {
+    name = "compile-c";
+    builder = ./compile-c.sh;
+    
+    localIncludes =
+      if localIncludes == "auto" then
+        dependencyClosure {
+          scanner = main:
+            import (findIncludes {
+              inherit main;
+            });
+          searchPath = localIncludePath;
+          startSet = [main];
+        }
+      else
+        localIncludes;
+        
+    inherit main;
+    
+    cFlags = [
+      cFlags
+      (if sharedLib then ["-fpic"] else [])
+      (map (p: "-I" + (relativise (dirOf main) p)) localIncludePath)
+    ];
+  };
+
+  
+  findIncludes = {main}: stdenv.mkDerivation {
+    name = "find-includes";
+    realBuilder = pkgs.perl ~ "bin/perl";
+    args = [ ./find-includes.pl ];
+    inherit main;
+  };
+
+    
+  link = {objects, programName ? "program", libraries ? []}: stdenv.mkDerivation {
+    name = "link";
+    builder = ./link.sh;
+    inherit objects programName libraries;
+  };
+
+  
+  makeLibrary = {objects, libraryName ? [], sharedLib ? false}:
+  # assert sharedLib -> fold (obj: x: assert obj.sharedLib && x) false objects
+  stdenv.mkDerivation {
+    name = "library";
+    builder = ./make-library.sh;
+    inherit objects libraryName sharedLib;
+  };
+
+  
+}

make/lib/find-includes.pl

@@ -0,0 +1,21 @@
+use strict;
+
+my $root = $ENV{"main"};
+my $out = $ENV{"out"};
+
+open OUT, ">$out" or die "$!";
+print OUT "[\n";
+
+open IN, "<$root" or die "$!";
+while (<IN>) {
+    if (/^\#include\s+\"(.*)\"/) {
+        print OUT "\"$1\"\n";
+    }
+    if (/^\#include\s+\<(.*)\>/) {
+        print OUT "\"$1\"\n";
+    }
+}
+close IN;
+
+print OUT "]\n";
+close OUT;

make/lib/link.sh

@@ -0,0 +1,21 @@
+. $stdenv/setup
+
+shopt -s nullglob
+
+objs=
+for i in $objects; do
+    obj=$(echo $i/*.o)
+    objs="$objs $obj"
+done
+
+libs=
+for i in $libraries; do
+    lib=$(echo $i/*.a; echo $i/*.so)
+    name=$(echo $(basename $lib) | sed -e 's/^lib//' -e 's/.a$//' -e 's/.so$//')
+    libs="$libs -L$(dirname $lib) -l$name" 
+done
+
+echo "linking object files into \`$programName'..."
+
+mkdir $out
+gcc -o $out/$programName $objs $libs

make/lib/make-library.sh

@@ -0,0 +1,28 @@
+. $stdenv/setup
+
+objs=
+for i in $objects; do
+    obj=$(echo $i/*.o)
+    objs="$objs $obj"
+done
+
+echo "archiving object files into library \`$libraryName'..."
+
+ensureDir $out
+
+if test -z "$sharedLib"; then
+
+    outPath=$out/lib${libraryName}.a
+
+    ar crs $outPath $objs
+    ranlib $outPath
+
+else
+
+    outPath=$out/lib${libraryName}.so
+
+    gcc -shared -o $outPath $objs
+
+fi    
+
+    

misc/emacs/nix-mode.el

@@ -67,7 +67,7 @@ The hook `nix-mode-hook' is run when Nix mode is started.
 
 (defvar nix-keywords
   '("\\<if\\>" "\\<then\\>" "\\<else\\>" "\\<assert\\>" "\\<with\\>"
-    "\\<let\\>" "\\<in\\>" "\\<rec\\>" "\\<inherit\\>" "\\<or\\>"
+    "\\<let\\>" "\\<in\\>" "\\<rec\\>" "\\<inherit\\>"
     ("\\<true\\>" . font-lock-builtin-face)
     ("\\<false\\>" . font-lock-builtin-face)
     ("\\<null\\>" . font-lock-builtin-face)
@@ -78,10 +78,8 @@ The hook `nix-mode-hook' is run when Nix mode is started.
     ("\\<isNull\\>" . font-lock-builtin-face)
     ("[a-zA-Z][a-zA-Z0-9\\+-\\.]*:[a-zA-Z0-9%/\\?:@&=\\+\\$,_\\.!~\\*'-]+"
      . font-lock-constant-face)
-    ("\\<\\([a-zA-Z_][a-zA-Z0-9_'\-\.]*\\)[ \t]*="
+    ("\\<\\([a-zA-Z_][a-zA-Z0-9_'\.]*\\)[ \t]*="
      (1 font-lock-variable-name-face nil nil))
-    ("<[a-zA-Z0-9._\\+-]+\\(/[a-zA-Z0-9._\\+-]+\\)*>"
-     . font-lock-constant-face)
     ("[a-zA-Z0-9._\\+-]*\\(/[a-zA-Z0-9._\\+-]+\\)+"
      . font-lock-constant-face)
     ))
@@ -109,5 +107,3 @@ The hook `nix-mode-hook' is run when Nix mode is started.
 
 (setq auto-mode-alist (cons '("\\.nix\\'" . nix-mode) auto-mode-alist))
 (setq auto-mode-alist (cons '("\\.nix.in\\'" . nix-mode) auto-mode-alist))
-
-(provide 'nix-mode)

misc/systemd/nix-daemon.service

@@ -1,10 +0,0 @@
-[Unit]
-Description=Helper daemon for managing secure, multi-user Nix stores
-After=syslog.target
-
-[Service]
-Type=simple
-ExecStart=/usr/bin/nix-daemon
-
-[Install]
-WantedBy=multi-user.target

nix.conf.example

@@ -0,0 +1,170 @@
+### Option `gc-keep-outputs'
+#
+# If `true', the garbage collector will keep the outputs of
+# non-garbage derivations.  If `false' (default), outputs will be
+# deleted unless they are GC roots themselves (or reachable from other
+# roots).
+# 
+# In general, outputs must be registered as roots separately.
+# However, even if the output of a derivation is registered as a root,
+# the collector will still delete store paths that are used only at
+# build time (e.g., the C compiler, or source tarballs downloaded from
+# the network).  To prevent it from doing so, set this option to
+# `true'.
+#gc-keep-outputs = false
+
+
+### Option `gc-keep-derivations'
+#
+# If `true' (default), the garbage collector will keep the derivations
+# from which non-garbage store paths were built.  If `false', they
+# will be deleted unless explicitly registered as a root (or reachable
+# from other roots).
+#
+# Keeping derivation around is useful for querying and traceability
+# (e.g., it allows you to ask with what dependencies or options a
+# store path was built), so by default this option is on.  Turn it off
+# to safe a bit of disk space (or a lot if `gc-keep-outputs' is also
+# turned on).
+#gc-keep-derivations = true
+
+
+### Option `env-keep-derivations'
+#
+# If `false' (default), derivations are not stored in Nix user
+# environments.  That is, the derivation any build-time-only
+# dependencies may be garbage-collected.
+#
+# If `true', when you add a Nix derivation to a user environment, the
+# path of the derivation is stored in the user environment.  Thus, the
+# derivation will not be garbage-collected until the user environment
+# generation is deleted (`nix-env --delete-generations').  To prevent
+# build-time-only dependencies from being collected, you should also
+# turn on `gc-keep-outputs'.
+#
+# The difference between this option and `gc-keep-derivations' is that
+# this one is `sticky': it applies to any user environment created
+# while this option was enabled, while `gc-keep-derivations' only
+# applies at the moment the garbage collector is run.
+#env-keep-derivations = false
+
+
+### Option `build-max-jobs'
+#
+# This option defines the maximum number of jobs that Nix will try to
+# build in parallel.  The default is 1.  You should generally set it
+# to the number of CPUs in your system (e.g., 2 on a Athlon 64 X2).
+# It can be overriden using the `--max-jobs' / `-j' command line
+# switch.
+#build-max-jobs = 1
+
+
+### Option `build-max-silent-time'
+#
+# This option defines the maximum number of seconds that a builder can
+# go without producing any data on standard output or standard error.
+# This is useful (for instance in a automated build system) to catch
+# builds that are stuck in an infinite loop, or to catch remote builds
+# that are hanging due to network problems.  It can be overriden using
+# the `--max-silent-time' command line switch.
+#
+# The value 0 means that there is no timeout.  This is also the
+# default.
+#
+# Example:
+#   build-max-silent-time = 600 # = 10 minutes
+#build-max-silent-time = 0
+
+
+### Option `build-users-group'
+#
+# This options specifies the Unix group containing the Nix build user
+# accounts.  In multi-user Nix installations, builds should not
+# be performed by the Nix account since that would allow users to
+# arbitrarily modify the Nix store and database by supplying specially
+# crafted builders; and they cannot be performed by the calling user
+# since that would allow him/her to influence the build result.
+#
+# Therefore, if this option is non-empty and specifies a valid group,
+# builds will be performed under the user accounts that are a member
+# of the group specified here (as listed in /etc/group).  Those user
+# accounts should not be used for any other purpose!
+#
+# Nix will never run two builds under the same user account at the
+# same time.  This is to prevent an obvious security hole: a malicious
+# user writing a Nix expression that modifies the build result of a
+# legitimate Nix expression being built by another user.  Therefore it
+# is good to have as many Nix build user accounts as you can spare.
+# (Remember: uids are cheap.)
+#
+# The build users should have permission to create files in the Nix
+# store, but not delete them.  Therefore, /nix/store should be owned
+# by the Nix account, its group should be the group specified here,
+# and its mode should be 1775.
+#
+# If the build users group is empty, builds will be performed under
+# the uid of the Nix process (that is, the uid of the caller if
+# $NIX_REMOTE is empty, the uid under which the Nix daemon runs if
+# $NIX_REMOTE is `daemon', or the uid that owns the setuid nix-worker
+# program if $NIX_REMOTE is `slave').  Obviously, this should not be
+# used in multi-user settings with untrusted users.
+#
+# The default is empty.
+#
+# Example:
+#   build-users-group = nix-builders
+#build-users-group =
+
+
+### Option `build-use-chroot'
+#
+# If set to `true', builds will be performed in a chroot environment,
+# i.e., the build will be isolated from the normal file system
+# hierarchy and will only see the Nix store, the temporary build
+# directory, and the directories configured with the
+# `build-chroot-dirs' option (such as /proc and /dev).  This is useful
+# to prevent undeclared dependencies on files in directories such as
+# /usr/bin.
+#
+# The use of a chroot requires that Nix is run as root (but you can
+# still use the "build users" feature to perform builds under
+# different users than root).  Currently, chroot builds only work on
+# Linux because Nix uses "bind mounts" to make the Nix store and other
+# directories available inside the chroot.
+#
+# The default is `false'.
+#
+# Example:
+#   build-use-chroot = true
+#build-use-chroot = false
+
+
+### Option `build-chroot-dirs'
+#
+# When builds are performed in a chroot environment, Nix will mount
+# (using `mount --bind' on Linux) some directories from the normal
+# file system hierarchy inside the chroot.  These are the Nix store,
+# the temporary build directory (usually /tmp/nix-<pid>-<number>) and
+# the directories listed here.  The default is "/dev /dev/pts /proc".
+# Files in /dev (such as /dev/null) are needed by many builds, and
+# some files in /proc may also be needed occasionally.
+#
+# Example:
+#   build-use-chroot = /dev /proc /bin
+#build-chroot-dirs = /dev /dev/pts /proc
+
+
+### Option `build-cache-failure'
+#
+# If this option is enabled, Nix will do negative caching; that is, it
+# will remember failed builds, and won't attempt to try to build them
+# again if you ask for it.  Negative caching is disabled by default
+# because Nix cannot distinguish between permanent build errors (e.g.,
+# a syntax error in a source file) and transient build errors (e.g., a
+# full disk), as they both cause the builder to return a non-zero exit
+# code.  You can clear the cache by doing `rm -f
+# /nix/var/nix/db/failed/*'.
+#
+# Example:
+#   build-cache-failure = true
+#build-cache-failure = false

nix.spec.in

@@ -1,35 +1,30 @@
-%global nixbld_user "nix-builder-"
-%global nixbld_group "nix-builders"
+%define enable_setuid ""
+%define nix_user "nix"
+%define nix_group "nix"
+
+# If set, the Nix user and group will be created by the RPM
+# pre-install script.
+%define nix_user_uid ""
+%define nix_group_gid ""
 
 Summary: The Nix software deployment system
 Name: nix
 Version: @version@
-Release: 2%{?dist}
-License: LGPLv2+
-%if 0%{?rhel}
-Group: Applications/System
-%endif
+Release: 1
+License: GPL
+Group: Software Deployment
 URL: http://nixos.org/
-Source0: %{name}-%{version}.tar.gz
-%if 0%{?el5}
-BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
-%endif
-BuildRequires: perl(DBD::SQLite)
-BuildRequires: perl(DBI)
-BuildRequires: perl(WWW::Curl)
-BuildRequires: perl(ExtUtils::ParseXS)
+Source0: %{name}-@version@.tar.bz2
+BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
+Prefix: /usr
 Requires: /usr/bin/perl
 Requires: curl
-Requires: perl-DBD-SQLite
-Requires: bzip2
-Requires: xz
-BuildRequires: bzip2-devel
-BuildRequires: sqlite-devel
 
 # Hack to make that shitty RPM scanning hack shut up.
-Provides: perl(Nix::SSH)
+Provides: perl(readmanifest)
                                                                
 %description
+
 Nix is a purely functional package manager. It allows multiple
 versions of a package to be installed side-by-side, ensures that
 dependency specifications are complete, supports atomic upgrades and
@@ -37,179 +32,52 @@ rollbacks, allows non-root users to install software, and has many
 other features. It is the basis of the NixOS Linux distribution, but
 it can be used equally well under other Unix systems.
 
-%package        devel
-Summary:        Development files for %{name}
-%if 0%{?rhel}
-Group:          Development/Libraries
-%endif
-Requires:       %{name}%{?_isa} = %{version}-%{release}
-
-%description   devel
-The %{name}-devel package contains libraries and header files for
-developing applications that use %{name}.
-
-
-%package doc
-Summary:        Documentation files for %{name}
-%if 0%{?rhel}
-Group:          Documentation
-%endif
-BuildArch:      noarch
-Requires:       %{name} = %{version}-%{release}
-
-%description   doc
-The %{name}-doc package contains documentation files for %{name}.
-
-
-%package -n emacs-%{name}
-Summary:        Nix mode for Emacs
-%if 0%{?rhel}
-Group:          Applications/Editors
-%endif
-BuildArch:      noarch
-BuildRequires:  emacs
-Requires:       emacs(bin) >= %{_emacs_version}
-
-%description -n emacs-%{name}
-This package provides a major mode for editing Nix expressions.
-
-%package -n emacs-%{name}-el
-Summary:        Elisp source files for emacs-%{name}
-%if 0%{?rhel}
-Group:          Applications/Editors
-%endif
-BuildArch:      noarch
-Requires:       emacs-%{name} = %{version}-%{release}
-
-%description -n emacs-%{name}-el
-This package contains the elisp source file for the Nix major mode for
-GNU Emacs. You do not need to install this package to run Nix. Install
-the emacs-%{name} package to edit Nix expressions with GNU Emacs.
-
-
 %prep
 %setup -q
-# Install Perl modules to vendor_perl
-# configure.ac need to be changed to make this global; however, this will
-# also affect NixOS. Use discretion.
-%{__sed} -i 's|perl5/site_perl/$perlversion/$perlarchname|perl5/vendor_perl|' \
-  configure
-
 
 %build
 extraFlags=
-# - override docdir so large documentation files are owned by the
-#   -doc subpackage
-# - set localstatedir by hand to the preferred nix value
-%configure --localstatedir=/nix/var \
-           --docdir=%{_defaultdocdir}/%{name}-doc-%{version} \
-           $extraFlags
-make %{?_smp_flags}
-%{_emacs_bytecompile} misc/emacs/nix-mode.el
-
-
-%install
-%if 0%{?el5}
-rm -rf $RPM_BUILD_ROOT
-%endif
-make DESTDIR=$RPM_BUILD_ROOT install
-
-find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
-
-# Fix symlink: we want to link to the versioned soname, not to the
-# unversioned one that'd be put in -devel
-pushd $RPM_BUILD_ROOT%{perl_vendorarch}/auto/Nix/Store
-ln -sf %{_libdir}/nix/libNixStore.so.0 Store.so
-popd
-
-# Specify build users group
-echo "build-users-group = %{nixbld_group}" > $RPM_BUILD_ROOT%{_sysconfdir}/nix/nix.conf
-
-# make per-user directories
-for d in profiles gcroots;
-do
-  mkdir $RPM_BUILD_ROOT/nix/var/nix/$d/per-user
-  chmod 1777 $RPM_BUILD_ROOT/nix/var/nix/$d/per-user
-done
-
-# fix permission of nix profile
-# (until this is fixed in the relevant Makefile)
-chmod -x $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/nix.sh
-
-# systemd not available on RHEL yet
-%if ! 0%{?rhel} 
-# install systemd service descriptor
-mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/systemd/system
-cp -p misc/systemd/nix-daemon.service \
-  $RPM_BUILD_ROOT%{_prefix}/lib/systemd/system/
-%endif
-
-# Copy the byte-compiled mode file by hand
-cp -p misc/emacs/nix-mode.elc $RPM_BUILD_ROOT%{_emacs_sitelispdir}/
-
-# we ship this file in the base package
-rm $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}-doc-%{version}/README
-
-
-%check
+if test -n "%{enable_setuid}"; then
+    extraFlags="$extraFlags --enable-setuid"
+    if test -n "%{nix_user}"; then
+        extraFlags="$extraFlags --with-nix-user=%{nix_user}"
+    fi
+    if test -n "%{nix_group}"; then
+        extraFlags="$extraFlags --with-nix-group=%{nix_group}"
+    fi
+fi
+./configure --prefix=%{_prefix} --sysconfdir=/etc $extraFlags
+make
 make check
 
+%install
+rm -rf $RPM_BUILD_ROOT
+make DESTDIR=$RPM_BUILD_ROOT install
+rm $RPM_BUILD_ROOT/etc/nix/nix.conf
+strip $RPM_BUILD_ROOT/%{_prefix}/bin/* || true
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
-
 %pre
-getent group %{nixbld_group} >/dev/null || groupadd -r %{nixbld_group}
-for i in $(seq 10);
-do
-  getent passwd %{nixbld_user}$i >/dev/null || \
-    useradd -r -g %{nixbld_group} -G %{nixbld_group} -d /var/empty \
-      -s %{_sbindir}/nologin \
-      -c "Nix build user $i" %{nixbld_user}$i
-done
-
-%post
-chgrp %{nixbld_group} /nix/store
-chmod 1775 /nix/store
-%if ! 0%{?rhel}
-# Enable and start Nix worker
-systemctl enable nix-daemon.service
-systemctl start  nix-daemon.service
-%endif
+if test -n "%{nix_group_gid}"; then
+    /usr/sbin/groupadd -g %{nix_group_gid} %{nix_group} || true
+fi
+if test -n "%{nix_user_uid}"; then
+    /usr/sbin/useradd -c "Nix" -u %{nix_user_uid} \
+        -s /sbin/nologin -r -d /var/empty %{nix_user} \
+        -g %{nix_group} || true
+fi
 
 %files
-%doc COPYING AUTHORS README
-%{_bindir}/nix-*
-%dir %{_libdir}/nix
-%{_libdir}/nix/*.so.*
-%{perl_vendorarch}/*
-%exclude %dir %{perl_vendorarch}/auto/
-%{_prefix}/libexec/*
-%if ! 0%{?rhel}
-%{_prefix}/lib/systemd/system/nix-daemon.service
-%endif
-%{_datadir}/emacs/site-lisp/nix-mode.el
-%{_datadir}/nix
-%{_mandir}/man1/*.1*
-%{_mandir}/man5/*.5*
-%{_mandir}/man8/*.8*
-%config(noreplace) %{_sysconfdir}/profile.d/nix.sh
-/nix
-%dir %{_sysconfdir}/nix
-%config(noreplace) %{_sysconfdir}/nix/nix.conf
-
-%files devel
-%{_includedir}/nix
-%{_libdir}/nix/*.so
-
-%files doc
-%docdir %{_defaultdocdir}/%{name}-doc-%{version}
-%{_defaultdocdir}/%{name}-doc-%{version}
-
-%files -n emacs-%{name}
-%{_emacs_sitelispdir}/*.elc
-#{_emacs_sitestartdir}/*.el
-
-%files -n emacs-%{name}-el
-%{_emacs_sitelispdir}/*.el
+#%defattr(-,root,root)
+%{_prefix}/bin
+%{_prefix}/lib
+%{_prefix}/libexec
+%{_prefix}/include
+%{_prefix}/share
+/etc/profile.d/nix.sh
+/nix/var
+/nix/store
+%config
+/etc/nix

perl/MANIFEST

@@ -1,7 +0,0 @@
-Changes
-Makefile.PL
-MANIFEST
-Nix.xs
-README
-t/Nix.t
-lib/Nix.pm

perl/Makefile.am

@@ -1,38 +0,0 @@
-PERL_MODULES = lib/Nix/Store.pm lib/Nix/Manifest.pm lib/Nix/GeneratePatches.pm lib/Nix/SSH.pm lib/Nix/CopyClosure.pm lib/Nix/Config.pm.in lib/Nix/Utils.pm
-
-all: $(PERL_MODULES:.in=)
-
-install-exec-local: $(PERL_MODULES:.in=) install-perl-xs
-	$(INSTALL) -d $(DESTDIR)$(perllibdir)/Nix
-	$(INSTALL_DATA) $(PERL_MODULES:.in=) $(DESTDIR)$(perllibdir)/Nix
-
-if PERL_BINDINGS
-install-perl-xs:
-	$(INSTALL) -d $(DESTDIR)$(perllibdir)/auto/Nix/Store
-	ln -sfn $(pkglibdir)/libNixStore$(dynlib_suffix) $(DESTDIR)$(perllibdir)/auto/Nix/Store/Store$(dynlib_suffix)
-
-# Awful hackery to get libtool to build Perl XS bindings.
-pkglib_LTLIBRARIES = libNixStore.la
-
-nodist_libNixStore_la_SOURCES = lib/Nix/Store.cc
-
-CLEANFILES = lib/Nix/Store.cc
-
-libNixStore_la_LIBADD = $(top_builddir)/src/libstore/libstore.la
-
-AM_CXXFLAGS = \
-  -I$(top_srcdir)/src -I$(top_srcdir)/src/libutil -I$(top_srcdir)/src/libstore \
-  -I$(shell $(perl) -e 'use Config; print $$Config{archlibexp};')/CORE \
-  -D_FILE_OFFSET_BITS=64
-
-lib/Nix/Store.cc: lib/Nix/Store.xs
-	$(INSTALL) -d lib/Nix
-	xsubpp $^ -output $@
-
-else
-install-perl-xs:
-endif
-
-EXTRA_DIST = $(PERL_MODULES) lib/Nix/Store.xs
-
-include ../substitute.mk

perl/lib/Nix/Config.pm.in

@@ -1,41 +0,0 @@
-package Nix::Config;
-
-$version = "@version@";
-
-$binDir = $ENV{"NIX_BIN_DIR"} || "@bindir@";
-$libexecDir = $ENV{"NIX_LIBEXEC_DIR"} || "@libexecdir@";
-$stateDir = $ENV{"NIX_STATE_DIR"} || "@localstatedir@/nix";
-$manifestDir = $ENV{"NIX_MANIFESTS_DIR"} || "@localstatedir@/nix/manifests";
-$logDir = $ENV{"NIX_LOG_DIR"} || "@localstatedir@/log/nix";
-$confDir = $ENV{"NIX_CONF_DIR"} || "@sysconfdir@/nix";
-$storeDir = $ENV{"NIX_STORE_DIR"} || "@storedir@";
-
-$bzip2 = "@bzip2@";
-$xz = "@xz@";
-$curl = "@curl@";
-
-$useBindings = "@perlbindings@" eq "yes";
-
-%config = ();
-
-sub readConfig {
-    if (defined $ENV{'_NIX_OPTIONS'}) {
-        foreach my $s (split '\n', $ENV{'_NIX_OPTIONS'}) {
-            my ($n, $v) = split '=', $s, 2;
-            $config{$n} = $v;
-        }
-        return;
-    }
-
-    my $config = "$confDir/nix.conf";
-    return unless -f $config;
-
-    open CONFIG, "<$config" or die "cannot open `$config'";
-    while (<CONFIG>) {
-        /^\s*([\w|-]+)\s*=\s*(.*)$/ or next;
-        $config{$1} = $2;
-    }
-    close CONFIG;
-}
-
-return 1;

perl/lib/Nix/CopyClosure.pm

@@ -1,53 +0,0 @@
-package Nix::CopyClosure;
-
-use strict;
-use Nix::Config;
-use Nix::Store;
-
-
-sub copyTo {
-    my ($sshHost, $sshOpts, $storePaths, $compressor, $decompressor,
-        $includeOutputs, $dryRun, $sign, $progressViewer, $useSubstitutes) = @_;
-
-    $compressor = "$compressor |" if $compressor ne "";
-    $decompressor = "$decompressor |" if $decompressor ne "";
-    $progressViewer = "$progressViewer |" if $progressViewer ne "";
-
-    # Get the closure of this path.
-    my @closure = reverse(topoSortPaths(computeFSClosure(0, $includeOutputs,
-        map { followLinksToStorePath $_ } @{$storePaths})));
-
-    # Optionally use substitutes on the remote host.
-    if (!$dryRun && $useSubstitutes) {
-        system "ssh $sshHost @{$sshOpts} nix-store -r --ignore-unknown @closure";
-        # Ignore exit status because this is just an optimisation.
-    }
-
-    # Ask the remote host which paths are invalid.  Because of limits
-    # to the command line length, do this in chunks.  Eventually,
-    # we'll want to use ‘--from-stdin’, but we can't rely on the
-    # target having this option yet.
-    my @missing = ();
-    while (scalar(@closure) > 0) {
-        my @ps = splice(@closure, 0, 1500);
-        open(READ, "set -f; ssh $sshHost @{$sshOpts} nix-store --check-validity --print-invalid @ps|");
-        while (<READ>) {
-            chomp;
-            push @missing, $_;
-        }
-        close READ or die;
-    }
-
-    # Export the store paths and import them on the remote machine.
-    if (scalar @missing > 0) {
-        print STDERR "copying ", scalar @missing, " missing paths to ‘$sshHost’...\n";
-        unless ($dryRun) {
-            open SSH, "| $compressor $progressViewer ssh $sshHost @{$sshOpts} '$decompressor nix-store --import' > /dev/null" or die;
-            exportPaths(fileno(SSH), $sign, @missing);
-            close SSH or die "copying store paths to remote machine `$sshHost' failed: $?";
-        }
-    }
-}
-
-
-1;

perl/lib/Nix/GeneratePatches.pm

@@ -1,340 +0,0 @@
-package Nix::GeneratePatches;
-
-use strict;
-use File::Temp qw(tempdir);
-use File::stat;
-use Nix::Config;
-use Nix::Manifest;
-
-our @ISA = qw(Exporter);
-our @EXPORT = qw(generatePatches propagatePatches copyPatches);
-
-
-# Some patch generations options.
-
-# Max size of NAR archives to generate patches for.
-my $maxNarSize = $ENV{"NIX_MAX_NAR_SIZE"};
-$maxNarSize = 160 * 1024 * 1024 if !defined $maxNarSize;
-
-# If patch is bigger than this fraction of full archive, reject.
-my $maxPatchFraction = $ENV{"NIX_PATCH_FRACTION"};
-$maxPatchFraction = 0.60 if !defined $maxPatchFraction;
-
-my $timeLimit = $ENV{"NIX_BSDIFF_TIME_LIMIT"};
-$timeLimit = 180 if !defined $timeLimit;
-
-my $hashAlgo = "sha256";
-
-
-sub findOutputPaths {
-    my $narFiles = shift;
-
-    my %outPaths;
-    
-    foreach my $p (keys %{$narFiles}) {
-
-        # Ignore derivations.
-        next if ($p =~ /\.drv$/);
-        
-        # Ignore builders (too much ambiguity -- they're all called
-        # `builder.sh').
-        next if ($p =~ /\.sh$/);
-        next if ($p =~ /\.patch$/);
-        
-        # Don't bother including tar files etc.
-        next if ($p =~ /\.tar$/ || $p =~ /\.tar\.(gz|bz2|Z|lzma|xz)$/ || $p =~ /\.zip$/ || $p =~ /\.bin$/ || $p =~ /\.tgz$/ || $p =~ /\.rpm$/ || $p =~ /cvs-export$/ || $p =~ /fetchhg$/);
-
-        $outPaths{$p} = 1;
-    }
-
-    return %outPaths;
-}
-
-
-sub getNameVersion {
-    my $p = shift;
-    $p =~ /\/[0-9a-z]+((?:-[a-zA-Z][^\/-]*)+)([^\/]*)$/;
-    my $name = $1;
-    my $version = $2;
-    return undef unless defined $name && defined $version;
-    $name =~ s/^-//;
-    $version =~ s/^-//;
-    return ($name, $version);
-}
-
-
-# A quick hack to get a measure of the `distance' between two
-# versions: it's just the position of the first character that differs
-# (or 999 if they are the same).
-sub versionDiff {
-    my $s = shift;
-    my $t = shift;
-    my $i;
-    return 999 if $s eq $t;
-    for ($i = 0; $i < length $s; $i++) {
-        return $i if $i >= length $t or
-            substr($s, $i, 1) ne substr($t, $i, 1);
-    }
-    return $i;
-}
-
-
-sub getNarBz2 {
-    my $narPath = shift;
-    my $narFiles = shift;
-    my $storePath = shift;
-    
-    my $narFileList = $$narFiles{$storePath};
-    die "missing path $storePath" unless defined $narFileList;
-
-    my $narFile = @{$narFileList}[0];
-    die unless defined $narFile;
-
-    $narFile->{url} =~ /\/([^\/]+)$/;
-    die unless defined $1;
-    return "$narPath/$1";
-}
-
-
-sub containsPatch {
-    my $patches = shift;
-    my $storePath = shift;
-    my $basePath = shift;
-    my $patchList = $$patches{$storePath};
-    return 0 if !defined $patchList;
-    my $found = 0;
-    foreach my $patch (@{$patchList}) {
-        # !!! baseHash might differ
-        return 1 if $patch->{basePath} eq $basePath;
-    }
-    return 0;
-}
-
-
-sub generatePatches {
-    my ($srcNarFiles, $dstNarFiles, $srcPatches, $dstPatches, $narPath, $patchesPath, $patchesURL, $tmpDir) = @_;
-
-    my %srcOutPaths = findOutputPaths $srcNarFiles;
-    my %dstOutPaths = findOutputPaths $dstNarFiles;
-
-    # For each output path in the destination, see if we need to / can
-    # create a patch.
-
-    print STDERR "creating patches...\n";
-
-    foreach my $p (keys %dstOutPaths) {
-
-        # If exactly the same path already exists in the source, skip it.
-        next if defined $srcOutPaths{$p};
-    
-        print "  $p\n";
-
-        # If not, then we should find the paths in the source that are
-        # `most' likely to be present on a system that wants to
-        # install this path.
-
-        (my $name, my $version) = getNameVersion $p;
-        next unless defined $name && defined $version;
-
-        my @closest = ();
-        my $closestVersion;
-        my $minDist = -1; # actually, larger means closer
-
-        # Find all source paths with the same name.
-
-        foreach my $q (keys %srcOutPaths) {
-            (my $name2, my $version2) = getNameVersion $q;
-            next unless defined $name2 && defined $version2;
-
-            if ($name eq $name2) {
-
-                my $srcSystem = @{$$dstNarFiles{$p}}[0]->{system};
-                my $dstSystem = @{$$srcNarFiles{$q}}[0]->{system};
-                if (defined $srcSystem && defined $dstSystem && $srcSystem ne $dstSystem) {
-                    print "    SKIPPING $q due to different systems ($srcSystem vs. $dstSystem)\n";
-                    next;
-                }
-
-                # If the sizes differ too much, then skip.  This
-                # disambiguates between, e.g., a real component and a
-                # wrapper component (cf. Firefox in Nixpkgs).
-                my $srcSize = @{$$srcNarFiles{$q}}[0]->{size};
-                my $dstSize = @{$$dstNarFiles{$p}}[0]->{size};
-                my $ratio = $srcSize / $dstSize;
-                $ratio = 1 / $ratio if $ratio < 1;
-                # print "  SIZE $srcSize $dstSize $ratio $q\n";
-
-                if ($ratio >= 3) {
-                    print "    SKIPPING $q due to size ratio $ratio ($srcSize vs. $dstSize)\n";
-                    next;
-                }
-
-                # If there are multiple matching names, include the
-                # ones with the closest version numbers.
-                my $dist = versionDiff $version, $version2;
-                if ($dist > $minDist) {
-                    $minDist = $dist;
-                    @closest = ($q);
-                    $closestVersion = $version2;
-                } elsif ($dist == $minDist) {
-                    push @closest, $q;
-                }
-            }
-        }
-
-        if (scalar(@closest) == 0) {
-            print "    NO BASE: $p\n";
-            next;
-        }
-
-        foreach my $closest (@closest) {
-
-            # Generate a patch between $closest and $p.
-            print STDERR "  $p <- $closest\n";
-
-            # If the patch already exists, skip it.
-            if (containsPatch($srcPatches, $p, $closest) ||
-                containsPatch($dstPatches, $p, $closest))
-            {
-                print "    skipping, already exists\n";
-                next;
-            }
-
-            my $srcNarBz2 = getNarBz2 $narPath, $srcNarFiles, $closest;
-            my $dstNarBz2 = getNarBz2 $narPath, $dstNarFiles, $p;
-
-            if (! -f $srcNarBz2) {
-                warn "patch source archive $srcNarBz2 is missing\n";
-                next;
-            }
-
-            system("$Nix::Config::bzip2 -d < $srcNarBz2 > $tmpDir/A") == 0
-                or die "cannot unpack $srcNarBz2";
-
-            if (stat("$tmpDir/A")->size >= $maxNarSize) {
-                print "    skipping, source is too large\n";
-                next;
-            }
-        
-            system("$Nix::Config::bzip2 -d < $dstNarBz2 > $tmpDir/B") == 0
-                or die "cannot unpack $dstNarBz2";
-
-            if (stat("$tmpDir/B")->size >= $maxNarSize) {
-                print "    skipping, destination is too large\n";
-                next;
-            }
-        
-            my $time1 = time();
-            my $res = system("ulimit -t $timeLimit; $Nix::Config::libexecDir/bsdiff $tmpDir/A $tmpDir/B $tmpDir/DIFF");
-            my $time2 = time();
-            if ($res) {
-                warn "binary diff computation aborted after ", $time2 - $time1, " seconds\n";
-                next;
-            }
-
-            my $baseHash = `$Nix::Config::binDir/nix-hash --flat --type $hashAlgo --base32 $tmpDir/A` or die;
-            chomp $baseHash;
-
-            my $narHash = `$Nix::Config::binDir/nix-hash --flat --type $hashAlgo --base32 $tmpDir/B` or die;
-            chomp $narHash;
-
-            my $narDiffHash = `$Nix::Config::binDir/nix-hash --flat --type $hashAlgo --base32 $tmpDir/DIFF` or die;
-            chomp $narDiffHash;
-
-            my $narDiffSize = stat("$tmpDir/DIFF")->size;
-            my $dstNarBz2Size = stat($dstNarBz2)->size;
-
-            print "    size $narDiffSize; full size $dstNarBz2Size; ", $time2 - $time1, " seconds\n";
-        
-            if ($narDiffSize >= $dstNarBz2Size) {
-                print "    rejecting; patch bigger than full archive\n";
-                next;
-            }
-    
-            if ($narDiffSize / $dstNarBz2Size >= $maxPatchFraction) {
-                print "    rejecting; patch too large relative to full archive\n";
-                next;
-            }
-    
-            my $finalName = "$narDiffHash.nar-bsdiff";
-
-            if (-e "$patchesPath/$finalName") {
-                print "    not copying, already exists\n";
-            }
-
-            else {
-                system("cp '$tmpDir/DIFF' '$patchesPath/$finalName.tmp'") == 0
-                    or die "cannot copy diff";
-                rename("$patchesPath/$finalName.tmp", "$patchesPath/$finalName")
-                    or die "cannot rename $patchesPath/$finalName.tmp";
-            }
-        
-            # Add the patch to the manifest.
-            addPatch $dstPatches, $p,
-                { url => "$patchesURL/$finalName", hash => "$hashAlgo:$narDiffHash"
-                , size => $narDiffSize, basePath => $closest, baseHash => "$hashAlgo:$baseHash"
-                , narHash => "$hashAlgo:$narHash", patchType => "nar-bsdiff"
-                };
-        }
-    }
-}
-
-
-# Propagate useful patches from $srcPatches to $dstPatches.  A patch
-# is useful if it produces either paths in the $dstNarFiles or paths
-# that can be used as the base for other useful patches.
-sub propagatePatches {
-    my ($srcPatches, $dstNarFiles, $dstPatches) = @_;
-
-    print STDERR "propagating patches...\n";
-
-    my $changed;
-    do {
-        # !!! we repeat this to reach the transitive closure; inefficient
-        $changed = 0;
-
-        print STDERR "loop\n";
-
-        my %dstBasePaths;
-        foreach my $q (keys %{$dstPatches}) {
-            foreach my $patch (@{$$dstPatches{$q}}) {
-                $dstBasePaths{$patch->{basePath}} = 1;
-            }
-        }
-
-        foreach my $p (keys %{$srcPatches}) {
-            my $patchList = $$srcPatches{$p};
-
-            my $include = 0;
-
-            # Is path $p included in the destination?  If so, include
-            # patches that produce it.
-            $include = 1 if defined $$dstNarFiles{$p};
-
-            # Is path $p a path that serves as a base for paths in the
-            # destination?  If so, include patches that produce it.
-            # !!! check baseHash
-            $include = 1 if defined $dstBasePaths{$p};
-
-            if ($include) {
-                foreach my $patch (@{$patchList}) {
-                    $changed = 1 if addPatch $dstPatches, $p, $patch;
-                }
-            }
-        
-        }
-    
-    } while $changed;
-}
-
-
-# Add all new patches in $srcPatches to $dstPatches.
-sub copyPatches {
-    my ($srcPatches, $dstPatches) = @_;
-    foreach my $p (keys %{$srcPatches}) {
-        addPatch $dstPatches, $p, $_ foreach @{$$srcPatches{$p}};
-    }
-}
-
-
-return 1;

perl/lib/Nix/Manifest.pm

@@ -1,429 +0,0 @@
-package Nix::Manifest;
-
-use strict;
-use DBI;
-use Cwd;
-use File::stat;
-use File::Path;
-use Fcntl ':flock';
-use Nix::Config;
-
-our @ISA = qw(Exporter);
-our @EXPORT = qw(readManifest writeManifest updateManifestDB addPatch deleteOldManifests parseNARInfo);
-
-
-sub addNAR {
-    my ($narFiles, $storePath, $info) = @_;
-
-    $$narFiles{$storePath} = []
-        unless defined $$narFiles{$storePath};
-
-    my $narFileList = $$narFiles{$storePath};
-
-    my $found = 0;
-    foreach my $narFile (@{$narFileList}) {
-        $found = 1 if $narFile->{url} eq $info->{url};
-    }
-
-    push @{$narFileList}, $info if !$found;
-}
-
-
-sub addPatch {
-    my ($patches, $storePath, $patch) = @_;
-
-    $$patches{$storePath} = []
-        unless defined $$patches{$storePath};
-
-    my $patchList = $$patches{$storePath};
-
-    my $found = 0;
-    foreach my $patch2 (@{$patchList}) {
-        $found = 1 if
-            $patch2->{url} eq $patch->{url} &&
-            $patch2->{basePath} eq $patch->{basePath};
-    }
-
-    push @{$patchList}, $patch if !$found;
-
-    return !$found;
-}
-
-
-sub readManifest_ {
-    my ($manifest, $addNAR, $addPatch) = @_;
-
-    # Decompress the manifest if necessary.
-    if ($manifest =~ /\.bz2$/) {
-        open MANIFEST, "$Nix::Config::bzip2 -d < $manifest |"
-            or die "cannot decompress `$manifest': $!";
-    } else {
-        open MANIFEST, "<$manifest"
-            or die "cannot open `$manifest': $!";
-    }
-
-    my $inside = 0;
-    my $type;
-
-    my $manifestVersion = 2;
-
-    my ($storePath, $url, $hash, $size, $basePath, $baseHash, $patchType);
-    my ($narHash, $narSize, $references, $deriver, $copyFrom, $system, $compressionType);
-
-    while (<MANIFEST>) {
-        chomp;
-        s/\#.*$//g;
-        next if (/^$/);
-
-        if (!$inside) {
-
-            if (/^\s*(\w*)\s*\{$/) {
-                $type = $1;
-                $type = "narfile" if $type eq "";
-                $inside = 1;
-                undef $storePath;
-                undef $url;
-                undef $hash;
-                undef $size;
-                undef $narHash;
-                undef $narSize;
-                undef $basePath;
-                undef $baseHash;
-                undef $patchType;
-                undef $system;
-                $references = "";
-                $deriver = "";
-                $compressionType = "bzip2";
-            }
-
-        } else {
-
-            if (/^\}$/) {
-                $inside = 0;
-
-                if ($type eq "narfile") {
-                    &$addNAR($storePath,
-                        { url => $url, hash => $hash, size => $size
-                        , narHash => $narHash, narSize => $narSize
-                        , references => $references
-                        , deriver => $deriver
-                        , system => $system
-                        , compressionType => $compressionType
-                        });
-                }
-
-                elsif ($type eq "patch") {
-                    &$addPatch($storePath,
-                        { url => $url, hash => $hash, size => $size
-                        , basePath => $basePath, baseHash => $baseHash
-                        , narHash => $narHash, narSize => $narSize
-                        , patchType => $patchType
-                        });
-                }
-
-            }
-
-            elsif (/^\s*StorePath:\s*(\/\S+)\s*$/) { $storePath = $1; }
-            elsif (/^\s*CopyFrom:\s*(\/\S+)\s*$/) { $copyFrom = $1; }
-            elsif (/^\s*Hash:\s*(\S+)\s*$/) { $hash = $1; }
-            elsif (/^\s*URL:\s*(\S+)\s*$/) { $url = $1; }
-            elsif (/^\s*Compression:\s*(\S+)\s*$/) { $compressionType = $1; }
-            elsif (/^\s*Size:\s*(\d+)\s*$/) { $size = $1; }
-            elsif (/^\s*BasePath:\s*(\/\S+)\s*$/) { $basePath = $1; }
-            elsif (/^\s*BaseHash:\s*(\S+)\s*$/) { $baseHash = $1; }
-            elsif (/^\s*Type:\s*(\S+)\s*$/) { $patchType = $1; }
-            elsif (/^\s*NarHash:\s*(\S+)\s*$/) { $narHash = $1; }
-            elsif (/^\s*NarSize:\s*(\d+)\s*$/) { $narSize = $1; }
-            elsif (/^\s*References:\s*(.*)\s*$/) { $references = $1; }
-            elsif (/^\s*Deriver:\s*(\S+)\s*$/) { $deriver = $1; }
-            elsif (/^\s*ManifestVersion:\s*(\d+)\s*$/) { $manifestVersion = $1; }
-            elsif (/^\s*System:\s*(\S+)\s*$/) { $system = $1; }
-
-            # Compatibility;
-            elsif (/^\s*NarURL:\s*(\S+)\s*$/) { $url = $1; }
-            elsif (/^\s*MD5:\s*(\S+)\s*$/) { $hash = "md5:$1"; }
-
-        }
-    }
-
-    close MANIFEST;
-
-    return $manifestVersion;
-}
-
-
-sub readManifest {
-    my ($manifest, $narFiles, $patches) = @_;
-    readManifest_($manifest,
-        sub { addNAR($narFiles, @_); },
-        sub { addPatch($patches, @_); } );
-}
-
-
-sub writeManifest {
-    my ($manifest, $narFiles, $patches, $noCompress) = @_;
-
-    open MANIFEST, ">$manifest.tmp"; # !!! check exclusive
-
-    print MANIFEST "version {\n";
-    print MANIFEST "  ManifestVersion: 3\n";
-    print MANIFEST "}\n";
-
-    foreach my $storePath (sort (keys %{$narFiles})) {
-        my $narFileList = $$narFiles{$storePath};
-        foreach my $narFile (@{$narFileList}) {
-            print MANIFEST "{\n";
-            print MANIFEST "  StorePath: $storePath\n";
-            print MANIFEST "  NarURL: $narFile->{url}\n";
-            print MANIFEST "  Compression: $narFile->{compressionType}\n";
-            print MANIFEST "  Hash: $narFile->{hash}\n" if defined $narFile->{hash};
-            print MANIFEST "  Size: $narFile->{size}\n" if defined $narFile->{size};
-            print MANIFEST "  NarHash: $narFile->{narHash}\n";
-            print MANIFEST "  NarSize: $narFile->{narSize}\n" if $narFile->{narSize};
-            print MANIFEST "  References: $narFile->{references}\n"
-                if defined $narFile->{references} && $narFile->{references} ne "";
-            print MANIFEST "  Deriver: $narFile->{deriver}\n"
-                if defined $narFile->{deriver} && $narFile->{deriver} ne "";
-            print MANIFEST "  System: $narFile->{system}\n" if defined $narFile->{system};
-            print MANIFEST "}\n";
-        }
-    }
-
-    foreach my $storePath (sort (keys %{$patches})) {
-        my $patchList = $$patches{$storePath};
-        foreach my $patch (@{$patchList}) {
-            print MANIFEST "patch {\n";
-            print MANIFEST "  StorePath: $storePath\n";
-            print MANIFEST "  NarURL: $patch->{url}\n";
-            print MANIFEST "  Hash: $patch->{hash}\n";
-            print MANIFEST "  Size: $patch->{size}\n";
-            print MANIFEST "  NarHash: $patch->{narHash}\n";
-            print MANIFEST "  NarSize: $patch->{narSize}\n" if $patch->{narSize};
-            print MANIFEST "  BasePath: $patch->{basePath}\n";
-            print MANIFEST "  BaseHash: $patch->{baseHash}\n";
-            print MANIFEST "  Type: $patch->{patchType}\n";
-            print MANIFEST "}\n";
-        }
-    }
-
-
-    close MANIFEST;
-
-    rename("$manifest.tmp", $manifest)
-        or die "cannot rename $manifest.tmp: $!";
-
-
-    # Create a bzipped manifest.
-    unless (defined $noCompress) {
-        system("$Nix::Config::bzip2 < $manifest > $manifest.bz2.tmp") == 0
-            or die "cannot compress manifest";
-
-        rename("$manifest.bz2.tmp", "$manifest.bz2")
-            or die "cannot rename $manifest.bz2.tmp: $!";
-    }
-}
-
-
-sub updateManifestDB {
-    my $manifestDir = $Nix::Config::manifestDir;
-
-    mkpath($manifestDir);
-
-    unlink "$manifestDir/cache.sqlite"; # remove obsolete cache
-    my $dbPath = "$manifestDir/cache-v2.sqlite";
-
-    # Open/create the database.
-    our $dbh = DBI->connect("dbi:SQLite:dbname=$dbPath", "", "")
-        or die "cannot open database `$dbPath'";
-    $dbh->{RaiseError} = 1;
-    $dbh->{PrintError} = 0;
-
-    $dbh->do("pragma foreign_keys = on");
-    $dbh->do("pragma synchronous = off"); # we can always reproduce the cache
-    $dbh->do("pragma journal_mode = truncate");
-
-    # Initialise the database schema, if necessary.
-    $dbh->do(<<EOF);
-        create table if not exists Manifests (
-            id        integer primary key autoincrement not null,
-            path      text unique not null,
-            timestamp integer not null
-        );
-EOF
-
-    $dbh->do(<<EOF);
-        create table if not exists NARs (
-            id               integer primary key autoincrement not null,
-            manifest         integer not null,
-            storePath        text not null,
-            url              text not null,
-            compressionType  text not null,
-            hash             text,
-            size             integer,
-            narHash          text,
-            narSize          integer,
-            refs             text,
-            deriver          text,
-            system           text,
-            foreign key (manifest) references Manifests(id) on delete cascade
-        );
-EOF
-
-    $dbh->do("create index if not exists NARs_storePath on NARs(storePath)");
-
-    $dbh->do(<<EOF);
-        create table if not exists Patches (
-            id               integer primary key autoincrement not null,
-            manifest         integer not null,
-            storePath        text not null,
-            basePath         text not null,
-            baseHash         text not null,
-            url              text not null,
-            hash             text,
-            size             integer,
-            narHash          text,
-            narSize          integer,
-            patchType        text not null,
-            foreign key (manifest) references Manifests(id) on delete cascade
-        );
-EOF
-
-    $dbh->do("create index if not exists Patches_storePath on Patches(storePath)");
-
-    # Acquire an exclusive lock to ensure that only one process
-    # updates the DB at the same time.  This isn't really necessary,
-    # but it prevents work duplication and lock contention in SQLite.
-    my $lockFile = "$manifestDir/cache.lock";
-    open MAINLOCK, ">>$lockFile" or die "unable to acquire lock ‘$lockFile’: $!\n";
-    flock(MAINLOCK, LOCK_EX) or die;
-
-    our $insertNAR = $dbh->prepare(
-        "insert into NARs(manifest, storePath, url, compressionType, hash, size, narHash, " .
-        "narSize, refs, deriver, system) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)") or die;
-
-    our $insertPatch = $dbh->prepare(
-        "insert into Patches(manifest, storePath, basePath, baseHash, url, hash, " .
-        "size, narHash, narSize, patchType) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
-
-    $dbh->begin_work;
-
-    # Read each manifest in $manifestDir and add it to the database,
-    # unless we've already done so on a previous run.
-    my %seen;
-
-    for my $manifestLink (glob "$manifestDir/*.nixmanifest") {
-        my $manifest = Cwd::abs_path($manifestLink);
-        next unless -f $manifest;
-        my $timestamp = lstat($manifest)->mtime;
-        $seen{$manifest} = 1;
-
-        next if scalar @{$dbh->selectcol_arrayref(
-            "select 1 from Manifests where path = ? and timestamp = ?",
-            {}, $manifest, $timestamp)} == 1;
-
-        print STDERR "caching $manifest...\n";
-
-        $dbh->do("delete from Manifests where path = ?", {}, $manifest);
-
-        $dbh->do("insert into Manifests(path, timestamp) values (?, ?)",
-                 {}, $manifest, $timestamp);
-
-        our $id = $dbh->last_insert_id("", "", "", "");
-
-        sub addNARToDB {
-            my ($storePath, $narFile) = @_;
-            $insertNAR->execute(
-                $id, $storePath, $narFile->{url}, $narFile->{compressionType}, $narFile->{hash},
-                $narFile->{size}, $narFile->{narHash}, $narFile->{narSize}, $narFile->{references},
-                $narFile->{deriver}, $narFile->{system});
-        };
-
-        sub addPatchToDB {
-            my ($storePath, $patch) = @_;
-            $insertPatch->execute(
-                $id, $storePath, $patch->{basePath}, $patch->{baseHash}, $patch->{url},
-                $patch->{hash}, $patch->{size}, $patch->{narHash}, $patch->{narSize},
-                $patch->{patchType});
-        };
-
-        my $version = readManifest_($manifest, \&addNARToDB, \&addPatchToDB);
-
-        if ($version < 3) {
-            die "you have an old-style or corrupt manifest `$manifestLink'; please delete it\n";
-        }
-        if ($version >= 10) {
-            die "manifest `$manifestLink' is too new; please delete it or upgrade Nix\n";
-        }
-    }
-
-    # Removed cached information for removed manifests from the DB.
-    foreach my $manifest (@{$dbh->selectcol_arrayref("select path from Manifests")}) {
-        next if defined $seen{$manifest};
-        $dbh->do("delete from Manifests where path = ?", {}, $manifest);
-    }
-
-    $dbh->commit;
-
-    close MAINLOCK;
-
-    return $dbh;
-}
-
-
-
-# Delete all old manifests downloaded from a given URL.
-sub deleteOldManifests {
-    my ($url, $curUrlFile) = @_;
-    for my $urlFile (glob "$Nix::Config::manifestDir/*.url") {
-        next if defined $curUrlFile && $urlFile eq $curUrlFile;
-        open URL, "<$urlFile" or die;
-        my $url2 = <URL>;
-        chomp $url2;
-        close URL;
-        next unless $url eq $url2;
-        my $base = $urlFile; $base =~ s/.url$//;
-        unlink "${base}.url";
-        unlink "${base}.nixmanifest";
-    }
-}
-
-
-# Parse a NAR info file.
-sub parseNARInfo {
-    my ($storePath, $content) = @_;
-
-    my ($storePath2, $url, $fileHash, $fileSize, $narHash, $narSize, $deriver, $system);
-    my $compression = "bzip2";
-    my @refs;
-
-    foreach my $line (split "\n", $content) {
-        return undef unless $line =~ /^(.*): (.*)$/;
-        if ($1 eq "StorePath") { $storePath2 = $2; }
-        elsif ($1 eq "URL") { $url = $2; }
-        elsif ($1 eq "Compression") { $compression = $2; }
-        elsif ($1 eq "FileHash") { $fileHash = $2; }
-        elsif ($1 eq "FileSize") { $fileSize = int($2); }
-        elsif ($1 eq "NarHash") { $narHash = $2; }
-        elsif ($1 eq "NarSize") { $narSize = int($2); }
-        elsif ($1 eq "References") { @refs = split / /, $2; }
-        elsif ($1 eq "Deriver") { $deriver = $2; }
-        elsif ($1 eq "System") { $system = $2; }
-    }
-
-    return undef if $storePath ne $storePath2 || !defined $url || !defined $narHash;
-
-    return
-        { url => $url
-        , compression => $compression
-        , fileHash => $fileHash
-        , fileSize => $fileSize
-        , narHash => $narHash
-        , narSize => $narSize
-        , refs => [ @refs ]
-        , deriver => $deriver
-        , system => $system
-        };
-}
-
-
-return 1;

perl/lib/Nix/SSH.pm

@@ -1,52 +0,0 @@
-use strict;
-use File::Temp qw(tempdir);
-
-our @sshOpts = split ' ', ($ENV{"NIX_SSHOPTS"} or "");
-
-push @sshOpts, "-x";
-
-my $sshStarted = 0;
-my $sshHost;
-
-# Open a master SSH connection to `host', unless there already is a
-# running master connection (as determined by `-O check').
-sub openSSHConnection {
-    my ($host) = @_;
-    die if $sshStarted;
-    $sshHost = $host;
-    return 1 if system("ssh $sshHost @sshOpts -O check 2> /dev/null") == 0;
-
-    my $tmpDir = tempdir("nix-ssh.XXXXXX", CLEANUP => 1, TMPDIR => 1)
-        or die "cannot create a temporary directory";
-    
-    push @sshOpts, "-S", "$tmpDir/control";
-
-    # Start the master.  We can't use the `-f' flag (fork into
-    # background after establishing the connection) because then the
-    # child continues to run if we are killed.  So instead make SSH
-    # print "started" when it has established the connection, and wait
-    # until we see that.
-    open SSHPIPE, "ssh $sshHost @sshOpts -M -N -o LocalCommand='echo started' -o PermitLocalCommand=yes |" or die;
-
-    while (<SSHPIPE>) {
-        chomp;
-        if ($_ eq "started") {
-            $sshStarted = 1;
-            return 1;
-        }
-    }
-
-    return 0;
-}
-
-# Tell the master SSH client to exit.
-sub closeSSHConnection {
-    if ($sshStarted) {
-        system("ssh $sshHost @sshOpts -O exit 2> /dev/null") == 0
-            or warn "unable to stop SSH master: $?";
-    }
-}
-
-END { my $saved = $?; closeSSHConnection; $? = $saved; }
-
-return 1;

perl/lib/Nix/Store.pm

@@ -1,92 +0,0 @@
-package Nix::Store;
-
-use strict;
-use warnings;
-use Nix::Config;
-
-require Exporter;
-
-our @ISA = qw(Exporter);
-
-our %EXPORT_TAGS = ( 'all' => [ qw( ) ] );
-
-our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
-
-our @EXPORT = qw(
-    isValidPath queryReferences queryPathInfo queryDeriver queryPathHash
-    queryPathFromHashPart
-    topoSortPaths computeFSClosure followLinksToStorePath exportPaths
-    hashPath hashFile hashString
-    addToStore makeFixedOutputPath
-    derivationFromPath
-);
-
-our $VERSION = '0.15';
-
-sub backtick {
-    open(RES, "-|", @_) or die;
-    local $/;
-    my $res = <RES> || "";
-    close RES or die;
-    return $res;
-}
-
-if ($Nix::Config::useBindings) {
-    require XSLoader;
-    XSLoader::load('Nix::Store', $VERSION);
-} else {
-
-    # Provide slow fallbacks of some functions on platforms that don't
-    # support the Perl bindings.
-
-    use File::Temp;
-    use Fcntl qw/F_SETFD/;
-
-    sub hashFile {
-        my ($algo, $base32, $path) = @_;
-        my $res = backtick("$Nix::Config::binDir/nix-hash", "--flat", $path, "--type", $algo, $base32 ? "--base32" : ());
-        chomp $res;
-        return $res;
-    }
-    
-    sub hashPath {
-        my ($algo, $base32, $path) = @_;
-        my $res = backtick("$Nix::Config::binDir/nix-hash", $path, "--type", $algo, $base32 ? "--base32" : ());
-        chomp $res;
-        return $res;
-    }
-    
-    sub hashString {
-        my ($algo, $base32, $s) = @_;
-        my $fh = File::Temp->new();
-        print $fh $s;
-        my $res = backtick("$Nix::Config::binDir/nix-hash", $fh->filename, "--type", $algo, $base32 ? "--base32" : ());
-        chomp $res;
-        return $res;
-    }
-    
-    sub addToStore {
-        my ($srcPath, $recursive, $algo) = @_;
-        die "not implemented" if $recursive || $algo ne "sha256";
-        my $res = backtick("$Nix::Config::binDir/nix-store", "--add", $srcPath);
-        chomp $res;
-        return $res;
-    }
-    
-    sub isValidPath {
-        my ($path) = @_;
-        my $res = backtick("$Nix::Config::binDir/nix-store", "--check-validity", "--print-invalid", $path);
-        chomp $res;
-        return $res ne $path;
-    }
-    
-    sub queryPathHash {
-        my ($path) = @_;
-        my $res = backtick("$Nix::Config::binDir/nix-store", "--query", "--hash", $path);
-        chomp $res;
-        return $res;
-    }
-}
-
-1;
-__END__

perl/lib/Nix/Store.xs

@@ -1,271 +0,0 @@
-#include "EXTERN.h"
-#include "perl.h"
-#include "XSUB.h"
-
-/* Prevent a clash between some Perl and libstdc++ macros. */
-#undef do_open
-#undef do_close
-
-#include <store-api.hh>
-#include <globals.hh>
-#include <misc.hh>
-#include <util.hh>
-
-
-using namespace nix;
-
-
-void doInit() 
-{
-    if (!store) {
-        try {
-            settings.processEnvironment();
-            store = openStore();
-        } catch (Error & e) {
-            croak(e.what());
-        }
-    }
-}
-
-
-MODULE = Nix::Store PACKAGE = Nix::Store
-PROTOTYPES: ENABLE
-
-
-void init()
-    CODE:
-        doInit();
-
-
-int isValidPath(char * path)
-    CODE:
-        try {
-            doInit();
-            RETVAL = store->isValidPath(path);
-        } catch (Error & e) {
-            croak(e.what());
-        }
-    OUTPUT:
-        RETVAL
-
-
-SV * queryReferences(char * path)
-    PPCODE:
-        try {
-            doInit();
-            PathSet paths;
-            store->queryReferences(path, paths);
-            for (PathSet::iterator i = paths.begin(); i != paths.end(); ++i)
-                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * queryPathHash(char * path)
-    PPCODE:
-        try {
-            doInit();
-            Hash hash = store->queryPathHash(path);
-            string s = "sha256:" + printHash32(hash);
-            XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * queryDeriver(char * path)
-    PPCODE:
-        try {
-            doInit();
-            Path deriver = store->queryDeriver(path);
-            if (deriver == "") XSRETURN_UNDEF;
-            XPUSHs(sv_2mortal(newSVpv(deriver.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * queryPathInfo(char * path, int base32)
-    PPCODE:
-        try {
-            doInit();
-            ValidPathInfo info = store->queryPathInfo(path);
-            if (info.deriver == "")
-                XPUSHs(&PL_sv_undef);
-            else
-                XPUSHs(sv_2mortal(newSVpv(info.deriver.c_str(), 0)));
-            string s = "sha256:" + (base32 ? printHash32(info.hash) : printHash(info.hash));
-            XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
-            mXPUSHi(info.registrationTime);
-            mXPUSHi(info.narSize);
-            AV * arr = newAV();
-            for (PathSet::iterator i = info.references.begin(); i != info.references.end(); ++i)
-                av_push(arr, newSVpv(i->c_str(), 0));
-            XPUSHs(sv_2mortal(newRV((SV *) arr)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * queryPathFromHashPart(char * hashPart)
-    PPCODE:
-        try {
-            doInit();
-            Path path = store->queryPathFromHashPart(hashPart);
-            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * computeFSClosure(int flipDirection, int includeOutputs, ...)
-    PPCODE:
-        try {
-            doInit();
-            PathSet paths;
-            for (int n = 2; n < items; ++n)
-                computeFSClosure(*store, SvPV_nolen(ST(n)), paths, flipDirection, includeOutputs);
-            for (PathSet::iterator i = paths.begin(); i != paths.end(); ++i)
-                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * topoSortPaths(...)
-    PPCODE:
-        try {
-            doInit();
-            PathSet paths;
-            for (int n = 0; n < items; ++n) paths.insert(SvPV_nolen(ST(n)));
-            Paths sorted = topoSortPaths(*store, paths);
-            for (Paths::iterator i = sorted.begin(); i != sorted.end(); ++i)
-                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * followLinksToStorePath(char * path)
-    CODE:
-        try {
-            doInit();
-            RETVAL = newSVpv(followLinksToStorePath(path).c_str(), 0);
-        } catch (Error & e) {
-            croak(e.what());
-        }
-    OUTPUT:
-        RETVAL
-
-
-void exportPaths(int fd, int sign, ...)
-    PPCODE:
-        try {
-            doInit();
-            Paths paths;
-            for (int n = 2; n < items; ++n) paths.push_back(SvPV_nolen(ST(n)));
-            FdSink sink(fd);
-            exportPaths(*store, paths, sign, sink);
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * hashPath(char * algo, int base32, char * path)
-    PPCODE:
-        try {
-            Hash h = hashPath(parseHashType(algo), path).first;
-            string s = base32 ? printHash32(h) : printHash(h);
-            XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * hashFile(char * algo, int base32, char * path)
-    PPCODE:
-        try {
-            Hash h = hashFile(parseHashType(algo), path);
-            string s = base32 ? printHash32(h) : printHash(h);
-            XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * hashString(char * algo, int base32, char * s)
-    PPCODE:
-        try {
-            Hash h = hashString(parseHashType(algo), s);
-            string s = base32 ? printHash32(h) : printHash(h);
-            XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * addToStore(char * srcPath, int recursive, char * algo)
-    PPCODE:
-        try {
-            doInit();
-            Path path = store->addToStore(srcPath, recursive, parseHashType(algo));
-            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * makeFixedOutputPath(int recursive, char * algo, char * hash, char * name)
-    PPCODE:
-        try {
-            doInit();
-            HashType ht = parseHashType(algo);
-            Path path = makeFixedOutputPath(recursive, ht,
-                parseHash16or32(ht, hash), name);
-            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
-        } catch (Error & e) {
-            croak(e.what());
-        }
-
-
-SV * derivationFromPath(char * drvPath)
-    PREINIT:
-        HV *hash;
-    CODE:
-        try {
-            doInit();
-            Derivation drv = derivationFromPath(*store, drvPath);
-            hash = newHV();
-            
-            /* TODO: handle drv.outputs */
-            
-            AV * inputDrvs = newAV();
-            for (DerivationInputs::iterator i = drv.inputDrvs.begin(); i != drv.inputDrvs.end(); ++i)
-                av_push(inputDrvs, newSVpv(i->first.c_str(), 0)); // !!! ignores i->second
-            hv_stores(hash, "inputDrvs", newRV((SV *) inputDrvs));
-            
-            AV * inputSrcs = newAV();
-            for (PathSet::iterator i = drv.inputSrcs.begin(); i != drv.inputSrcs.end(); ++i)
-                av_push(inputSrcs, newSVpv(i->c_str(), 0));
-            hv_stores(hash, "inputSrcs", newRV((SV *) inputSrcs));
-            
-            hv_stores(hash, "platform", newSVpv(drv.platform.c_str(), 0));
-            hv_stores(hash, "builder", newSVpv(drv.builder.c_str(), 0));
-            
-            AV * args = newAV();
-            for (Strings::iterator i = drv.args.begin(); i != drv.args.end(); ++i)
-                av_push(args, newSVpv(i->c_str(), 0));
-            hv_stores(hash, "args", newRV((SV *) args));
-            
-            HV * env = newHV();
-            for (StringPairs::iterator i = drv.env.begin(); i != drv.env.end(); ++i)
-                hv_store(env, i->first.c_str(), i->first.size(), newSVpv(i->second.c_str(), 0), 0);
-            hv_stores(hash, "env", newRV((SV *) env));
-            
-            RETVAL = newRV_noinc((SV *)hash);
-        } catch (Error & e) {
-            croak(e.what());
-        }
-    OUTPUT:
-        RETVAL

perl/lib/Nix/Utils.pm

@@ -1,38 +0,0 @@
-package Nix::Utils;
-
-our @ISA = qw(Exporter);
-our @EXPORT = qw(checkURL uniq writeFile readFile);
-
-$urlRE = "(?: [a-zA-Z][a-zA-Z0-9\+\-\.]*\:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*]+ )";
-
-sub checkURL {
-    my ($url) = @_;
-    die "invalid URL ‘$url’\n" unless $url =~ /^ $urlRE $ /x;
-}
-
-sub uniq {
-    my %seen;
-    my @res;
-    foreach my $name (@_) {
-        next if $seen{$name};
-        $seen{$name} = 1;
-        push @res, $name;
-    }
-    return @res;
-}
-
-sub writeFile {
-    my ($fn, $s) = @_;
-    open TMP, ">$fn" or die;
-    print TMP "$s" or die;
-    close TMP or die;
-}
-
-sub readFile {
-    local $/ = undef;
-    my ($fn) = @_;
-    open TMP, "<$fn" or die;
-    my $s = <TMP>;
-    close TMP or die;
-    return $s;
-}

release.nix

@@ -1,7 +1,4 @@
-{ nixpkgs ? <nixpkgs>
-, nix ? { outPath = ./.; revCount = 1234; shortRev = "abcdef"; }
-, officialRelease ? false
-}:
+{ nixpkgs ? ../nixpkgs }:
 
 let
 
@@ -9,62 +6,55 @@ let
 
 
     tarball =
+      { nix ? {outPath = ./.; rev = 1234;}
+      , officialRelease ? false
+      }:
+
       with import nixpkgs {};
 
       releaseTools.sourceTarball {
         name = "nix-tarball";
         version = builtins.readFile ./version;
-        versionSuffix = if officialRelease then "" else "pre${toString nix.revCount}_${nix.shortRev}";
         src = nix;
         inherit officialRelease;
 
-        buildInputs =
-          [ curl bison25 flex2535 perl libxml2 libxslt w3m bzip2
-            tetex dblatex nukeReferences pkgconfig sqlite git
-          ];
+        buildInputs = [curl bison flex2533 perl libxml2 libxslt w3m bzip2 jing_tools tetex dblatex];
 
         configureFlags = ''
           --with-docbook-rng=${docbook5}/xml/rng/docbook
           --with-docbook-xsl=${docbook5_xsl}/xml/xsl/docbook
           --with-xml-flags=--nonet
-          --with-dbi=${perlPackages.DBI}/${perl.libPrefix}
-          --with-dbd-sqlite=${perlPackages.DBDSQLite}/${perl.libPrefix}
-          --with-www-curl=${perlPackages.WWWCurl}/${perl.libPrefix}
-        '';
-
-        postUnpack = ''
-          # Clean up when building from a working tree.
-          (cd $sourceRoot && (git ls-files -o | xargs -r rm -v))
         '';
 
+        # Include the BDB, ATerm and Bzip2 tarballs in the distribution.
         preConfigure = ''
-          # TeX needs a writable font cache.
-          export VARTEXFONTS=$TMPDIR/texfonts
-        '';
+          stripHash ${db45.src}
+          # Remove unnecessary stuff from the Berkeley DB tarball.
+          ( mkdir bdb-temp
+            cd bdb-temp
+            tar xfz ${db45.src}
+            cd *
+            rm -rf docs test tcl perl libdb_java java rpc_server build_vxworks \
+              examples_java examples_c examples_cxx dist/tags
+            mkdir test
+            touch test/include.tcl
+            cd ..
+            tar cvfz ../externals/$strippedName *
+          )
 
-        distPhase =
-          ''
-            runHook preDist
-            make dist-gzip
-            make dist-xz
-            mkdir -p $out/tarballs
-            cp *.tar.* $out/tarballs
-          '';
+          stripHash ${aterm242fixes.src}
+          cp -pv ${aterm242fixes.src} externals/$strippedName
+
+          stripHash ${bzip2.src}
+          cp -pv ${bzip2.src} externals/$strippedName
+        '';
 
         preDist = ''
           make -C doc/manual install prefix=$out
-
+          
           make -C doc/manual manual.pdf prefix=$out
           cp doc/manual/manual.pdf $out/manual.pdf
-
-          # The PDF containes filenames of included graphics (see
-          # http://www.tug.org/pipermail/pdftex/2007-August/007290.html).
-          # This causes a retained dependency on dblatex, which Hydra
-          # doesn't like (the output of the tarball job is distributed
-          # to Windows and Macs, so there should be no Linux binaries
-          # in the closure).
-          nuke-refs $out/manual.pdf
-
+          
           echo "doc manual $out/share/doc/nix/manual" >> $out/nix-support/hydra-build-products
           echo "doc-pdf manual $out/manual.pdf" >> $out/nix-support/hydra-build-products
           echo "doc release-notes $out/share/doc/nix/release-notes" >> $out/nix-support/hydra-build-products
@@ -73,86 +63,68 @@ let
 
 
     build =
-      { system ? "x86_64-linux" }:
+      { tarball ? jobs.tarball {}
+      , system ? "i686-linux"
+      }:
 
-      with import nixpkgs { inherit system; };
+      with import nixpkgs {inherit system;};
 
       releaseTools.nixBuild {
         name = "nix";
         src = tarball;
 
-        buildInputs = [ curl perl bzip2 openssl pkgconfig sqlite boehmgc ];
+        buildInputs = [curl perl bzip2 openssl];
 
         configureFlags = ''
           --disable-init-state
-          --with-dbi=${perlPackages.DBI}/${perl.libPrefix}
-          --with-dbd-sqlite=${perlPackages.DBDSQLite}/${perl.libPrefix}
-          --with-www-curl=${perlPackages.WWWCurl}/${perl.libPrefix}
-          --enable-gc
+          --with-bdb=${db45} --with-aterm=${aterm242fixes} --with-bzip2=${bzip2}
         '';
-
-        enableParallelBuilding = true;
-
-        doInstallCheck = true;
       };
 
-    binaryTarball =
-      { system ? "x86_64-linux" }:
+      
+    static =
+      { tarball ? jobs.tarball {}
+      , system ? "i686-linux"
+      }:
 
-      with import nixpkgs { inherit system; };
+      with import nixpkgs {inherit system;};
 
-      let
-        toplevel = build { inherit system; };
-        version = toplevel.src.version;
-      in
+      releaseTools.binaryTarball {
+        name = "nix-static-tarball";
+        src = tarball;
 
-      runCommand "nix-binary-tarball-${version}"
-        { exportReferencesGraph = [ "closure" toplevel ];
-          buildInputs = [ perl ];
-          meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
-        }
-        ''
-          storePaths=$(perl ${pathsFromGraph} ./closure)
-          printRegistration=1 perl ${pathsFromGraph} ./closure > $TMPDIR/reginfo
-          substitute ${./scripts/install-nix-from-closure.sh} $TMPDIR/install \
-            --subst-var-by nix ${toplevel} --subst-var-by regInfo /nix/store/reginfo
-          chmod +x $TMPDIR/install
-          fn=$out/nix-${version}-${system}.tar.bz2
-          mkdir -p $out/nix-support
-          echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
-          tar cvfj $fn \
-            --owner=0 --group=0 --absolute-names \
-            --transform "s,$TMPDIR/install,/usr/bin/nix-finish-install," \
-            --transform "s,$TMPDIR/reginfo,/nix/store/reginfo," \
-            $TMPDIR/install $TMPDIR/reginfo $storePaths
+        buildInputs = [curl perl bzip2];
+
+        configureFlags = ''
+          --disable-init-state
+          --disable-old-db-compat --with-aterm=${aterm242fixes} --with-bzip2=${bzip2}
+          --enable-static-nix
         '';
+      };
 
-
+      
     coverage =
-      with import nixpkgs { system = "x86_64-linux"; };
+      { tarball ? jobs.tarball {}
+      }:
+
+      with import nixpkgs {};
 
       releaseTools.coverageAnalysis {
         name = "nix-build";
         src = tarball;
 
-        buildInputs =
-          [ curl perl bzip2 openssl pkgconfig sqlite
-            # These are for "make check" only:
-            graphviz libxml2 libxslt
-          ];
+        buildInputs = [
+          curl perl bzip2 openssl
+          # These are for "make check" only:
+          graphviz libxml2 libxslt
+        ];
 
         configureFlags = ''
-          --disable-init-state
-          --with-dbi=${perlPackages.DBI}/${perl.libPrefix}
-          --with-dbd-sqlite=${perlPackages.DBDSQLite}/${perl.libPrefix}
-          --with-www-curl=${perlPackages.WWWCurl}/${perl.libPrefix}
+          --disable-init-state --disable-shared
+          --with-bdb=${db45} --with-aterm=${aterm242fixes} --with-bzip2=${bzip2}
         '';
 
-        dontInstall = false;
-
-        doInstallCheck = true;
-
-        lcovFilter = [ "*/boost/*" "*-tab.*" ];
+        lcovFilter = ["*/boost/*" "*-tab.*"];
 
         # We call `dot', and even though we just use it to
         # syntax-check generated dot files, it still requires some
@@ -160,77 +132,64 @@ let
         FONTCONFIG_FILE = texFunctions.fontsConf;
       };
 
+      
+    rpm_fedora5i386 = makeRPM_i686 (diskImages: diskImages.fedora5i386) 20;
+    rpm_fedora9i386 = makeRPM_i686 (diskImages: diskImages.fedora9i386) 50;
+    rpm_fedora9x86_64 = makeRPM_x86_64 (diskImages: diskImages.fedora9x86_64) 50;
+    rpm_fedora10i386 = makeRPM_i686 (diskImages: diskImages.fedora10i386) 40;
+    rpm_fedora10x86_64 = makeRPM_x86_64 (diskImages: diskImages.fedora10x86_64) 40;
+    rpm_opensuse103i386 = makeRPM_i686 (diskImages: diskImages.opensuse103i386) 40;
 
-    rpm_fedora13i386 = makeRPM_i686 (diskImageFuns: diskImageFuns.fedora13i386) 50;
-    rpm_fedora13x86_64 = makeRPM_x86_64 (diskImageFunsFun: diskImageFunsFun.fedora13x86_64) 50;
-    rpm_fedora16i386 = makeRPM_i686 (diskImageFuns: diskImageFuns.fedora16i386) 50;
-    rpm_fedora16x86_64 = makeRPM_x86_64 (diskImageFunsFun: diskImageFunsFun.fedora16x86_64) 50;
+    
+    deb_debian40i386 = makeDeb_i686 (diskImages: diskImages.debian40i386) 40;
+    deb_debian40x86_64 = makeDeb_x86_64 (diskImages: diskImages.debian40x86_64) 40;
+    deb_debian50i386 = makeDeb_i686 (diskImages: diskImages.debian50i386) 30;
+    deb_debian50x86_64 = makeDeb_x86_64 (diskImages: diskImages.debian50x86_64) 30;
+    deb_ubuntu804i386 = makeDeb_i686 (diskImages: diskImages.ubuntu804i386) 50;
+    deb_ubuntu804x86_64 = makeDeb_x86_64 (diskImages: diskImages.ubuntu804x86_64) 50;
+    deb_ubuntu810i386 = makeDeb_i686 (diskImages: diskImages.ubuntu810i386) 40;
+    deb_ubuntu810x86_64 = makeDeb_x86_64 (diskImages: diskImages.ubuntu810x86_64) 40;
 
 
-    deb_debian60i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.debian60i386) 50;
-    deb_debian60x86_64 = makeDeb_x86_64 (diskImageFunsFun: diskImageFunsFun.debian60x86_64) 50;
-
-    deb_ubuntu1004i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1004i386) 50;
-    deb_ubuntu1004x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1004x86_64) 50;
-    deb_ubuntu1010i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1010i386) 50;
-    deb_ubuntu1010x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1010x86_64) 50;
-    deb_ubuntu1110i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1110i386) 60;
-    deb_ubuntu1110x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1110x86_64) 60;
-    deb_ubuntu1204i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1204i386) 60;
-    deb_ubuntu1204x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1204x86_64) 60;
-    deb_ubuntu1210i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1210i386) 70;
-    deb_ubuntu1210x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1210x86_64) 70;
-
-
-    # System tests.
-    tests.remote_builds = (import ./tests/remote-builds.nix rec {
-      nix = build { inherit system; }; system = "x86_64-linux";
-    }).test;
-
-    tests.nix_copy_closure = (import ./tests/nix-copy-closure.nix rec {
-      nix = build { inherit system; }; system = "x86_64-linux";
-    }).test;
-
   };
 
 
   makeRPM_i686 = makeRPM "i686-linux";
   makeRPM_x86_64 = makeRPM "x86_64-linux";
 
-  makeRPM =
+  makeRPM = 
     system: diskImageFun: prio:
+    { tarball ? jobs.tarball {}
+    }:
 
-    with import nixpkgs { inherit system; };
+    with import nixpkgs {inherit system;};
 
     releaseTools.rpmBuild rec {
-      name = "nix-rpm";
-      src = jobs.tarball;
-      diskImage = (diskImageFun vmTools.diskImageFuns)
-        { extraPackages = [ "perl-DBD-SQLite" "perl-devel" "sqlite" "sqlite-devel" "bzip2-devel" "emacs" "perl-WWW-Curl" ]; };
+      name = "nix-rpm-${diskImage.name}";
+      src = tarball;
+      diskImage = diskImageFun vmTools.diskImages;
       memSize = 1024;
-      meta.schedulingPriority = prio;
-      postRPMInstall = "cd /tmp/rpmout/BUILD/nix-* && make installcheck";
+      meta = { schedulingPriority = toString prio; };
     };
 
 
   makeDeb_i686 = makeDeb "i686-linux";
   makeDeb_x86_64 = makeDeb "x86_64-linux";
-
+  
   makeDeb =
     system: diskImageFun: prio:
+    { tarball ? jobs.tarball {}
+    }:
 
-    with import nixpkgs { inherit system; };
+    with import nixpkgs {inherit system;};
 
     releaseTools.debBuild {
       name = "nix-deb";
-      src = jobs.tarball;
-      diskImage = (diskImageFun vmTools.diskImageFuns)
-        { extraPackages = [ "libdbd-sqlite3-perl" "libsqlite3-dev" "libbz2-dev" "libwww-curl-perl" ]; };
+      src = tarball;
+      diskImage = diskImageFun vmTools.diskImages;
       memSize = 1024;
-      meta.schedulingPriority = prio;
+      meta = { schedulingPriority = toString prio; };
       configureFlags = "--sysconfdir=/etc";
-      debRequires = [ "curl" "libdbd-sqlite3-perl" "libsqlite3-0" "libbz2-1.0" "bzip2" "xz-utils" ];
-      doInstallCheck = true;
     };
 
 

scripts/Makefile.am

@@ -1,20 +1,26 @@
 bin_SCRIPTS = nix-collect-garbage \
   nix-pull nix-push nix-prefetch-url \
   nix-install-package nix-channel nix-build \
-  nix-copy-closure nix-generate-patches
+  nix-copy-closure 
 
-noinst_SCRIPTS = nix-profile.sh \
+noinst_SCRIPTS = nix-profile.sh generate-patches.pl \
   find-runtime-roots.pl build-remote.pl nix-reduce-build \
   copy-from-other-stores.pl nix-http-export.cgi
 
-install-exec-local: download-using-manifests.pl copy-from-other-stores.pl download-from-binary-cache.pl find-runtime-roots.pl
+nix-pull nix-push: readmanifest.pm readconfig.pm download-using-manifests.pl
+
+install-exec-local: readmanifest.pm download-using-manifests.pl copy-from-other-stores.pl find-runtime-roots.pl
 	$(INSTALL) -d $(DESTDIR)$(sysconfdir)/profile.d
-	$(INSTALL_DATA) nix-profile.sh $(DESTDIR)$(sysconfdir)/profile.d/nix.sh
+	$(INSTALL_PROGRAM) nix-profile.sh $(DESTDIR)$(sysconfdir)/profile.d/nix.sh
 	$(INSTALL) -d $(DESTDIR)$(libexecdir)/nix
+	$(INSTALL_DATA) readmanifest.pm $(DESTDIR)$(libexecdir)/nix 
+	$(INSTALL_DATA) readconfig.pm $(DESTDIR)$(libexecdir)/nix 
 	$(INSTALL_PROGRAM) find-runtime-roots.pl $(DESTDIR)$(libexecdir)/nix 
+	$(INSTALL_PROGRAM) generate-patches.pl $(DESTDIR)$(libexecdir)/nix 
 	$(INSTALL_PROGRAM) build-remote.pl $(DESTDIR)$(libexecdir)/nix 
 	$(INSTALL) -d $(DESTDIR)$(libexecdir)/nix/substituters
-	$(INSTALL_PROGRAM) download-using-manifests.pl copy-from-other-stores.pl download-from-binary-cache.pl $(DESTDIR)$(libexecdir)/nix/substituters
+	$(INSTALL_PROGRAM) download-using-manifests.pl $(DESTDIR)$(libexecdir)/nix/substituters
+	$(INSTALL_PROGRAM) copy-from-other-stores.pl $(DESTDIR)$(libexecdir)/nix/substituters
 	$(INSTALL) -d $(DESTDIR)$(sysconfdir)/nix
 
 include ../substitute.mk
@@ -23,16 +29,14 @@ EXTRA_DIST = nix-collect-garbage.in \
   nix-pull.in nix-push.in nix-profile.sh.in \
   nix-prefetch-url.in nix-install-package.in \
   nix-channel.in \
+  readmanifest.pm.in \
+  readconfig.pm.in \
   nix-build.in \
   download-using-manifests.pl.in \
   copy-from-other-stores.pl.in \
-  download-from-binary-cache.pl.in \
+  generate-patches.pl.in \
   nix-copy-closure.in \
   find-runtime-roots.pl.in \
   build-remote.pl.in \
   nix-reduce-build.in \
-  nix-http-export.cgi.in \
-  nix-generate-patches.in
-
-clean:
-	rm -f $(bin_SCRIPTS) $(noinst_SCRIPTS)
+  nix-http-export.cgi.in 

scripts/build-remote.pl.in

@@ -1,14 +1,9 @@
-#! @perl@ -w @perlFlags@
+#! @perl@ -w
 
-use Fcntl qw(:DEFAULT :flock);
+use strict;
+use Fcntl ':flock';
 use English '-no_match_vars';
 use IO::Handle;
-use Nix::Config;
-use Nix::SSH qw/sshOpts openSSHConnection/;
-use Nix::CopyClosure;
-use Nix::Store;
-no warnings('once');
-
 
 # General operation:
 #
@@ -19,7 +14,7 @@ no warnings('once');
 #   less than the maximum load for that machine, we try to get an
 #   exclusive lock on $currentLoad/$machine-$slot (without blocking).
 #   If we get such a lock, we send "accept" to the caller.  Otherwise,
-#   we send "postpone" and exit.
+#   we send "postpone" and exit. 
 # - We release the exclusive lock on $currentLoad/main-lock.
 # - We perform the build on $neededSystem.
 # - We release the exclusive lock on $currentLoad/$machine-$slot.
@@ -27,273 +22,191 @@ no warnings('once');
 # The nice thing about this scheme is that if we die prematurely, the
 # locks are released automatically.
 
+my $loadIncreased = 0;
 
-# Make sure that we don't get any SSH passphrase or host key popups -
-# if there is any problem it should fail, not do something
-# interactive.
-$ENV{"DISPLAY"} = "";
-$ENV{"SSH_ASKPASS"} = "";
-
+my ($amWilling, $localSystem, $neededSystem, $drvPath, $maxSilentTime) = @ARGV;
+$maxSilentTime = 0 unless defined $maxSilentTime;
 
 sub sendReply {
     my $reply = shift;
     print STDERR "# $reply\n";
 }
 
-sub all { $_ || return 0 for @_; 1 }
-
-
-# Initialisation.
-my $loadIncreased = 0;
-
-my ($localSystem, $maxSilentTime, $printBuildTrace, $buildTimeout) = @ARGV;
+sub decline {
+    sendReply "decline";
+    exit 0;
+}
 
 my $currentLoad = $ENV{"NIX_CURRENT_LOAD"};
+decline unless defined $currentLoad;
+mkdir $currentLoad, 0777 or die unless -d $currentLoad;
+
 my $conf = $ENV{"NIX_REMOTE_SYSTEMS"};
+decline if !defined $conf || ! -e $conf;
+
+my $canBuildLocally = $amWilling && ($localSystem eq $neededSystem);
 
 
-sub openSlotLock {
-    my ($machine, $slot) = @_;
-    my $slotLockFn = "$currentLoad/" . (join '+', @{$machine->{systemTypes}}) . "-" . $machine->{hostName} . "-$slot";
-    my $slotLock = new IO::Handle;
-    sysopen $slotLock, "$slotLockFn", O_RDWR|O_CREAT, 0600 or die;
-    return $slotLock;
-}
+# Otherwise find a willing remote machine.
+my @machines;
+my %curJobs;
 
 
 # Read the list of machines.
-my @machines;
-if (defined $conf && -e $conf) {
-    open CONF, "<$conf" or die;
-    while (<CONF>) {
-        chomp;
-        s/\#.*$//g;
-        next if /^\s*$/;
-        my @tokens = split /\s/, $_;
-        my @supportedFeatures = split(/,/, $tokens[5] || "");
-        my @mandatoryFeatures = split(/,/, $tokens[6] || "");
-        push @machines,
-            { hostName => $tokens[0]
-            , systemTypes => [ split(/,/, $tokens[1]) ]
-            , sshKeys => $tokens[2]
-            , maxJobs => int($tokens[3])
-            , speedFactor => 1.0 * (defined $tokens[4] ? int($tokens[4]) : 1)
-            , supportedFeatures => [ @supportedFeatures, @mandatoryFeatures ]
-            , mandatoryFeatures => [ @mandatoryFeatures ]
-            , enabled => 1
-            };
-    }
-    close CONF;
+open CONF, "< $conf" or die;
+
+while (<CONF>) {
+    chomp;
+    s/\#.*$//g;
+    next if /^\s*$/;
+    /^\s*(\S+)\s+(\S+)\s+(\S+)\s+(\d+)\s*$/ or die;
+    push @machines,
+        { hostName => $1
+        , systemType => $2
+        , sshKeys => $3
+        , maxJobs => $4
+        };
 }
 
+close CONF;
 
 
-# Wait for the calling process to ask us whether we can build some derivation.
-my ($drvPath, $hostName, $slotLock);
-
-REQ: while (1) {
-    $_ = <STDIN> || exit 0;
-    (my $amWilling, my $neededSystem, $drvPath, my $requiredFeatures) = split;
-    my @requiredFeatures = split /,/, $requiredFeatures;
-
-    my $canBuildLocally = $amWilling && ($localSystem eq $neededSystem);
-
-    if (!defined $currentLoad) {
-        sendReply "decline";
-        next;
-    }
-
-    # Acquire the exclusive lock on $currentLoad/main-lock.
-    mkdir $currentLoad, 0777 or die unless -d $currentLoad;
-    my $mainLock = "$currentLoad/main-lock";
-    sysopen MAINLOCK, "$mainLock", O_RDWR|O_CREAT, 0600 or die;
-    flock(MAINLOCK, LOCK_EX) or die;
+# Acquire the exclusive lock on $currentLoad/main-lock.
+my $mainLock = "$currentLoad/main-lock";
+open MAINLOCK, ">>$mainLock" or die;
+flock(MAINLOCK, LOCK_EX) or die;
 
 
-    while (1) {
-        # Find all machine that can execute this build, i.e., that
-        # support builds for the given platform and features, and are
-        # not at their job limit.
-        my $rightType = 0;
-        my @available = ();
-        LOOP: foreach my $cur (@machines) {
-            if ($cur->{enabled}
-                && (grep { $neededSystem eq $_ } @{$cur->{systemTypes}})
-                && all(map { my $f = $_; 0 != grep { $f eq $_ } @{$cur->{supportedFeatures}} } (@requiredFeatures, @mandatoryFeatures))
-                && all(map { my $f = $_; 0 != grep { $f eq $_ } @requiredFeatures } @{$cur->{mandatoryFeatures}})
-                )
-            {
-                $rightType = 1;
+# Find a suitable system.
+my $rightType = 0;
+my $machine;
+my $slotLock;
+LOOP: foreach my $cur (@machines) {
+    if ($neededSystem eq $cur->{systemType}
+        || ($neededSystem eq "i686-linux" && $cur->{systemType} eq "x86_64-linux"))
+    {
+        $rightType = 1;
 
-                # We have a machine of the right type.  Determine the load on
-                # the machine.
-                my $slot = 0;
-                my $load = 0;
-                my $free;
-                while ($slot < $cur->{maxJobs}) {
-                    my $slotLock = openSlotLock($cur, $slot);
-                    if (flock($slotLock, LOCK_EX | LOCK_NB)) {
-                        $free = $slot unless defined $free;
-                        flock($slotLock, LOCK_UN) or die;
-                    } else {
-                        $load++;
-                    }
-                    close $slotLock;
-                    $slot++;
-                }
-
-                push @available, { machine => $cur, load => $load, free => $free }
-                if $load < $cur->{maxJobs};
+        # We have a machine of the right type.  Try to get a lock on
+        # one of the machine's lock files.
+        my $slot = 0;
+        while ($slot < $cur->{maxJobs}) {
+            my $slotLockFn = "$currentLoad/" . $cur->{systemType} . "-" . $cur->{hostName} . "-$slot";
+            $slotLock = new IO::Handle;
+            open $slotLock, ">>$slotLockFn" or die;
+            if (flock($slotLock, LOCK_EX | LOCK_NB)) {
+                utime undef, undef, $slotLock;
+                $machine = $cur;
+                last LOOP;
             }
+            close $slotLock;
+            $slot++;
         }
-
-        if (defined $ENV{NIX_DEBUG_HOOK}) {
-            print STDERR "load on " . $_->{machine}->{hostName} . " = " . $_->{load} . "\n"
-                foreach @available;
-        }
-
-
-        # Didn't find any available machine?  Then decline or postpone.
-        if (scalar @available == 0) {
-            # Postpone if we have a machine of the right type, except
-            # if the local system can and wants to do the build.
-            if ($rightType && !$canBuildLocally) {
-                sendReply "postpone";
-            } else {
-                sendReply "decline";
-            }
-            close MAINLOCK;
-            next REQ;
-        }
-
-
-        # Prioritise the available machines as follows:
-        # - First by load divided by speed factor, rounded to the nearest
-        #   integer.  This causes fast machines to be preferred over slow
-        #   machines with similar loads.
-        # - Then by speed factor.
-        # - Finally by load.
-        sub lf { my $x = shift; return int($x->{load} / $x->{machine}->{speedFactor} + 0.4999); }
-        @available = sort
-            { lf($a) <=> lf($b)
-                  || $b->{machine}->{speedFactor} <=> $a->{machine}->{speedFactor}
-                  || $a->{load} <=> $b->{load}
-            } @available;
-
-
-        # Select the best available machine and lock a free slot.
-        my $selected = $available[0];
-        my $machine = $selected->{machine};
-
-        $slotLock = openSlotLock($machine, $selected->{free});
-        flock($slotLock, LOCK_EX | LOCK_NB) or die;
-        utime undef, undef, $slotLock;
-
-        close MAINLOCK;
-
-
-        # Connect to the selected machine.
-        @sshOpts = ("-i", $machine->{sshKeys}, "-x");
-        $hostName = $machine->{hostName};
-        last REQ if openSSHConnection $hostName;
-
-        warn "unable to open SSH connection to $hostName, trying other available machines...\n";
-        $machine->{enabled} = 0;
     }
 }
 
+close MAINLOCK;
 
-# Tell Nix we've accepted the build.
+
+# Didn't find one?  Then decline or postpone.
+if (!defined $machine) {
+    # Postpone if we have a machine of the right type, except if the
+    # local system can and wants to do the build.
+    if ($rightType && !$canBuildLocally) {
+        sendReply "postpone";
+        exit 0;
+    } else {
+        decline;
+    }
+}
+
+# Yes we did, accept.
 sendReply "accept";
-my @inputs = split /\s/, readline(STDIN);
-my @outputs = split /\s/, readline(STDIN);
+my $x = <STDIN>;
+chomp $x;
+
+if ($x ne "okay") {
+    exit 0;
+}
 
 
+# Do the actual job.
+my $hostName = $machine->{hostName};
 print STDERR "building `$drvPath' on `$hostName'\n";
-print STDERR "@ build-remote $drvPath $hostName\n" if $printBuildTrace;
 
+# Make sure that we don't get any SSH passphrase or host key popups -
+# if there is any problem it should fail, not do something
+# interactive.
+$ENV{"DISPLAY"} = "";
+$ENV{"SSH_PASSWORD_FILE="} = "";
+$ENV{"SSH_ASKPASS="} = "";
+
+my $sshOpts = "-i " . $machine->{sshKeys} . " -x";
+
+# Hack to support Cygwin: if we login without a password, we don't
+# have exactly the same rights as when we do.  This causes the
+# Microsoft C compiler to fail with certain flags:
+#
+#   http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=99676
+#
+# So as a workaround, we pass a verbatim password.  ssh tries to makes
+# this very hard; the trick is to make it call SSH_ASKPASS to get the
+# password.  (It only calls this command when there is no controlling
+# terminal, but Nix ensures that is is the case.  When doing this
+# manually, use setsid(1).)
+if ($machine->{sshKeys} =~ /^password:/) {
+    my $passwordFile = $machine->{sshKeys};
+    $passwordFile =~ s/^password://;
+    $sshOpts = "ssh -x";
+    $ENV{"SSH_PASSWORD_FILE"} = $passwordFile;
+    $ENV{"SSH_ASKPASS"} = "/tmp/writepass";
+
+    open WRITEPASS, ">/tmp/writepass" or die;
+    print WRITEPASS "#! /bin/sh\ncat \"\$SSH_PASSWORD_FILE\"";
+    close WRITEPASS;
+    chmod 0755, "/tmp/writepass" or die;
+}
+
+my $inputs = `cat inputs`; die if ($? != 0);
+$inputs =~ s/\n/ /g;
+
+my $outputs = `cat outputs`; die if ($? != 0);
+$outputs =~ s/\n/ /g;
+
+print "copying inputs...\n";
 
 my $maybeSign = "";
-$maybeSign = "--sign" if -e "$Nix::Config::confDir/signing-key.sec";
+$maybeSign = "--sign" if -e "/nix/etc/nix/signing-key.sec";
 
+system("NIX_SSHOPTS=\"$sshOpts\" @bindir@/nix-copy-closure --gzip $hostName $maybeSign $drvPath $inputs") == 0
+    or die "cannot copy inputs to $hostName: $?";
 
-# Register the derivation as a temporary GC root.  Note that $PPID is
-# the PID of the remote SSH process, which, due to the use of a
-# persistant SSH connection, should be the same across all remote
-# command invocations for this session.
-my $rootsDir = "@localstatedir@/nix/gcroots/tmp";
-system("ssh $hostName @sshOpts 'mkdir -m 1777 -p $rootsDir; ln -sfn $drvPath $rootsDir/\$PPID.drv'");
+print "building...\n";
 
-sub removeRoots {
-    system("ssh $hostName @sshOpts 'rm -f $rootsDir/\$PPID.drv $rootsDir/\$PPID.out'");
-}
+my $buildFlags = "--max-silent-time $maxSilentTime";
 
-
-# Copy the derivation and its dependencies to the build machine.  This
-# is guarded by an exclusive lock per machine to prevent multiple
-# build-remote instances from copying to a machine simultaneously.
-# That's undesirable because we may end up with N instances uploading
-# the same missing path simultaneously, causing the effective network
-# bandwidth and target disk speed to be divided by N.
-my $uploadLock = "$currentLoad/$hostName.upload-lock";
-sysopen UPLOADLOCK, "$uploadLock", O_RDWR|O_CREAT, 0600 or die;
-eval {
-    local $SIG{ALRM} = sub { die "alarm\n" };
-    # Don't wait forever, so that a process that gets stuck while
-    # holding the lock doesn't block everybody else indefinitely.
-    # It's safe to continue after a timeout, just (potentially)
-    # inefficient.
-    alarm 15 * 60;
-    flock(UPLOADLOCK, LOCK_EX);
-    alarm 0;
-};
-if ($@) {
-    die unless $@ eq "alarm\n";
-    print STDERR "somebody is hogging $uploadLock, continuing...\n";
-    unlink $uploadLock;
-}
-Nix::CopyClosure::copyTo($hostName, [ @sshOpts ], [ $drvPath, @inputs ], "", "", 0, 0, $maybeSign ne "", "");
-close UPLOADLOCK;
-
-
-# Perform the build.
-my $buildFlags =
-    "--max-silent-time $maxSilentTime --option build-timeout $buildTimeout "
-    . "--fallback --add-root $rootsDir/\$PPID.out --option verbosity 0";
-
-# We let the remote side kill its process group when the connection is
-# closed unexpectedly.  This is necessary to ensure that no processes
-# are left running on the remote system if the local Nix process is
-# killed.  (SSH itself doesn't kill child processes if the connection
-# is interrupted unless the `-tt' flag is used to force a pseudo-tty,
-# in which case every child receives SIGHUP; however, `-tt' doesn't
-# work on some platforms when connection sharing is used.)
-pipe STDIN, DUMMY; # make sure we have a readable STDIN
-if (system("exec ssh $hostName @sshOpts '(read; kill -INT -\$\$) <&0 & nix-store -r $drvPath $buildFlags > /dev/null' 2>&4") != 0) {
-    # Note that if we get exit code 100 from `nix-store -r', it
-    # denotes a permanent build failure (as opposed to an SSH problem
-    # or a temporary Nix problem).  We propagate this to the caller to
-    # allow it to distinguish between transient and permanent
-    # failures.
-    my $res = $? >> 8;
-    print STDERR "build of `$drvPath' on `$hostName' failed with exit code $res\n";
-    removeRoots;
+# `-tt' forces allocation of a pseudo-terminal.  This is required to
+# make the remote nix-store process receive a signal when the
+# connection dies.  Without it, the remote process might continue to
+# run indefinitely (that is, until it next tries to write to
+# stdout/stderr).
+if (system("ssh -tt $sshOpts $hostName 'nix-store --realise -K $buildFlags $drvPath > /dev/null'") != 0) {
+    # If we couldn't run ssh or there was an ssh problem (indicated by
+    # exit code 255), then we return exit code 1; otherwise we assume
+    # that the builder failed, which we indicated to Nix using exit
+    # code 100.  It's important to distinguish between the two because
+    # the first is a transient failure and the latter is permanent.
+    my $res = $? == -1 || ($? >> 8) == 255 ? 1 : 100;
+    print STDERR "build of `$drvPath' on `$hostName' failed with exit code $?\n";
     exit $res;
 }
 
-#print "build of `$drvPath' on `$hostName' succeeded\n";
+print "build of `$drvPath' on `$hostName' succeeded\n";
 
-
-# Copy the output from the build machine.
-foreach my $output (@outputs) {
+foreach my $output (split '\n', $outputs) {
     my $maybeSignRemote = "";
     $maybeSignRemote = "--sign" if $UID != 0;
-    next if isValidPath($output);
-    system("exec ssh $hostName @sshOpts 'nix-store --export $maybeSignRemote $output'" .
-           "| NIX_HELD_LOCKS=$output @bindir@/nix-store --import > /dev/null") == 0
-        or die "cannot copy $output from $hostName: $?";
+    
+    system("ssh $sshOpts $hostName 'nix-store --export $maybeSignRemote $output | gzip' | gunzip | @bindir@/nix-store --import > /dev/null") == 0
+	or die "cannot copy $output from $hostName: $?";
 }
-
-
-# Get rid of the temporary GC roots.
-removeRoots;

scripts/copy-from-other-stores.pl.in

@@ -1,4 +1,4 @@
-#! @perl@ -w @perlFlags@
+#! @perl@ -w
 
 use strict;
 use File::Basename;
@@ -17,64 +17,66 @@ foreach my $dir (@remoteStoresAll) {
 }
 
 
-$ENV{"NIX_REMOTE"} = "";
-
-
 sub findStorePath {
     my $storePath = shift;
+    
+    my $storePathName = basename $storePath;
+    
     foreach my $store (@remoteStores) {
-        my $sourcePath = "$store/store/" . basename $storePath;
-        next unless -e $sourcePath || -l $sourcePath;
-        $ENV{"NIX_DB_DIR"} = "$store/var/nix/db";
-        return ($store, $sourcePath) if
-            system("@bindir@/nix-store --check-validity $storePath") == 0;
+        # Determine whether $storePath exists by looking for the
+        # existence of the info file, and if so, get store path info
+        # from that file.  This rather breaks abstraction: we should
+        # be using `nix-store' for that.  But right now there is no
+        # good way to tell nix-store to access a store mounted under a
+        # different location (there's $NIX_STORE, but that only works
+        # if the remote store is mounted under its "real" location).
+        my $infoFile = "$store/var/nix/db/info/$storePathName";
+        my $storePath2 = "$store/store/$storePathName";
+        if (-f $infoFile && -e $storePath2) {
+            return ($infoFile, $storePath2);
+        }
     }
-    return undef;
 }
 
 
 if ($ARGV[0] eq "--query") {
 
     while (<STDIN>) {
-        chomp;
-        my ($cmd, @args) = split " ", $_;
+        my $cmd = $_; chomp $cmd;
 
         if ($cmd eq "have") {
-            foreach my $storePath (@args) {
-                print "$storePath\n" if defined findStorePath($storePath);
-            }
-            print "\n";
+            my $storePath = <STDIN>; chomp $storePath;
+            (my $infoFile) = findStorePath $storePath;
+            print STDOUT ($infoFile ? "1\n" : "0\n");
         }
 
         elsif ($cmd eq "info") {
-            foreach my $storePath (@args) {
-                my ($store, $sourcePath) = findStorePath($storePath);
-                next unless defined $store;
-
-                $ENV{"NIX_DB_DIR"} = "$store/var/nix/db";
-
-                my $deriver = `@bindir@/nix-store --query --deriver $storePath`;
-                die "cannot query deriver of `$storePath'" if $? != 0;
-                chomp $deriver;
-                $deriver = "" if $deriver eq "unknown-deriver";
-
-                my @references = split "\n",
-                    `@bindir@/nix-store --query --references $storePath`;
-                die "cannot query references of `$storePath'" if $? != 0;
-
-                my $narSize = `@bindir@/nix-store --query --size $storePath`;
-                die "cannot query size of `$storePath'" if $? != 0;
-                chomp $narSize;
-
-                print "$storePath\n";
-                print "$deriver\n";
-                print scalar @references, "\n";
-                print "$_\n" foreach @references;
-                print "$narSize\n";
-                print "$narSize\n";
+            my $storePath = <STDIN>; chomp $storePath;
+            (my $infoFile) = findStorePath $storePath;
+            if (!$infoFile) {
+                print "0\n";
+                next; # not an error
             }
+            print "1\n";
 
-            print "\n";
+            my $deriver = "";
+            my @references = ();
+
+            open INFO, "<$infoFile" or die "cannot read info file $infoFile\n";
+            while (<INFO>) {
+                chomp;
+                /^([\w-]+): (.*)$/ or die "bad info file";
+                my $key = $1;
+                my $value = $2;
+                if ($key eq "Deriver") { $deriver = $value; }
+                elsif ($key eq "References") { @references = split ' ', $value; }
+            }
+            close INFO;
+
+            print "$deriver\n";
+            print scalar @references, "\n";
+            print "$_\n" foreach @references;
+            print "0\n"; # !!! showing size not supported (yet)
         }
 
         else { die "unknown command `$cmd'"; }
@@ -83,15 +85,13 @@ if ($ARGV[0] eq "--query") {
 
 
 elsif ($ARGV[0] eq "--substitute") {
-    die unless scalar @ARGV == 3;
+    die unless scalar @ARGV == 2;
     my $storePath = $ARGV[1];
-    my $destPath = $ARGV[2];
-    my ($store, $sourcePath) = findStorePath $storePath;
-    die unless $store;
-    print STDERR "\n*** Copying `$storePath' from `$sourcePath'\n\n";
-    system("$binDir/nix-store --dump $sourcePath | $binDir/nix-store --restore $destPath") == 0
+    (my $infoFile, my $sourcePath) = findStorePath $storePath;
+    die unless $infoFile;
+    print "\n*** Copying `$storePath' from `$sourcePath'\n\n";
+    system("$binDir/nix-store --dump $sourcePath | $binDir/nix-store --restore $storePath") == 0
         or die "cannot copy `$sourcePath' to `$storePath'";
-    print "\n"; # no hash to verify
 }
 
 

scripts/download-from-binary-cache.pl.in

@@ -1,550 +0,0 @@
-#! @perl@ -w @perlFlags@
-
-use DBI;
-use File::Basename;
-use IO::Select;
-use Nix::Config;
-use Nix::Store;
-use Nix::Utils;
-use Nix::Manifest;
-use WWW::Curl::Easy;
-use WWW::Curl::Multi;
-use strict;
-
-
-Nix::Config::readConfig;
-
-my @caches;
-my $gotCaches = 0;
-
-my $maxParallelRequests = int($Nix::Config::config{"binary-caches-parallel-connections"} // 150);
-$maxParallelRequests = 1 if $maxParallelRequests < 1;
-
-my $ttlNegative = 24 * 3600; # when to purge negative lookups from the database
-my $ttlNegativeUse = 3600; # how long negative lookups are valid for non-"have" lookups
-my $didExpiration = 0;
-
-my $debug = ($ENV{"NIX_DEBUG_SUBST"} // "") eq 1;
-open(STDERR, ">>/dev/tty") if $debug;
-
-my ($dbh, $queryCache, $insertNAR, $queryNAR, $insertNARExistence, $queryNARExistence, $expireNARExistence);
-
-my $curlm = WWW::Curl::Multi->new;
-my $activeRequests = 0;
-my $curlIdCount = 1;
-my %requests;
-my %scheduled;
-my $caBundle = $ENV{"CURL_CA_BUNDLE"} // $ENV{"OPENSSL_X509_CERT_FILE"};
-
-
-sub addRequest {
-    my ($storePath, $url, $head) = @_;
-
-    my $curl = WWW::Curl::Easy->new;
-    my $curlId = $curlIdCount++;
-    $requests{$curlId} = { storePath => $storePath, url => $url, handle => $curl, content => "", type => $head ? "HEAD" : "GET" };
-
-    $curl->setopt(CURLOPT_PRIVATE, $curlId);
-    $curl->setopt(CURLOPT_URL, $url);
-    open (my $fh, ">", \$requests{$curlId}->{content});
-    $curl->setopt(CURLOPT_WRITEDATA, $fh);
-    $curl->setopt(CURLOPT_FOLLOWLOCATION, 1);
-    $curl->setopt(CURLOPT_CAINFO, $caBundle) if defined $caBundle;
-    $curl->setopt(CURLOPT_USERAGENT, "Nix/$Nix::Config::version");
-    $curl->setopt(CURLOPT_NOBODY, 1) if $head;
-    $curl->setopt(CURLOPT_FAILONERROR, 1);
-
-    if ($activeRequests >= $maxParallelRequests) {
-        $scheduled{$curlId} = 1;
-    } else {
-        $curlm->add_handle($curl);
-        $activeRequests++;
-    }
-
-    return $requests{$curlId};
-}
-
-
-sub processRequests {
-    while ($activeRequests) {
-        my ($rfds, $wfds, $efds) = $curlm->fdset();
-        #print STDERR "R = @{$rfds}, W = @{$wfds}, E = @{$efds}\n";
-
-        # Sleep until we can read or write some data.
-        if (scalar @{$rfds} + scalar @{$wfds} + scalar @{$efds} > 0) {
-            IO::Select->select(IO::Select->new(@{$rfds}), IO::Select->new(@{$wfds}), IO::Select->new(@{$efds}), 0.1);
-        }
-
-        if ($curlm->perform() != $activeRequests) {
-            while (my ($id, $result) = $curlm->info_read) {
-                if ($id) {
-                    my $request = $requests{$id} or die;
-                    my $handle = $request->{handle};
-                    $request->{result} = $result;
-                    $request->{httpStatus} = $handle->getinfo(CURLINFO_RESPONSE_CODE);
-
-                    print STDERR "$request->{type} on $request->{url} [$request->{result}, $request->{httpStatus}]\n" if $debug;
-
-                    $activeRequests--;
-                    delete $request->{handle};
-
-                    if (scalar(keys %scheduled) > 0) {
-                        my $id2 = (keys %scheduled)[0];
-                        $curlm->add_handle($requests{$id2}->{handle});
-                        $activeRequests++;
-                        delete $scheduled{$id2};
-                    }
-                }
-            }
-        }
-    }
-}
-
-
-sub initCache {
-    my $dbPath = "$Nix::Config::stateDir/binary-cache-v2.sqlite";
-
-    unlink "$Nix::Config::stateDir/binary-cache-v1.sqlite";
-
-    # Open/create the database.
-    $dbh = DBI->connect("dbi:SQLite:dbname=$dbPath", "", "")
-        or die "cannot open database `$dbPath'";
-    $dbh->{RaiseError} = 1;
-    $dbh->{PrintError} = 0;
-
-    $dbh->sqlite_busy_timeout(60 * 60 * 1000);
-
-    $dbh->do("pragma synchronous = off"); # we can always reproduce the cache
-    $dbh->do("pragma journal_mode = truncate");
-
-    # Initialise the database schema, if necessary.
-    $dbh->do(<<EOF);
-        create table if not exists BinaryCaches (
-            id        integer primary key autoincrement not null,
-            url       text unique not null,
-            timestamp integer not null,
-            storeDir  text not null,
-            wantMassQuery integer not null,
-            priority  integer not null
-        );
-EOF
-
-    $dbh->do(<<EOF);
-        create table if not exists NARs (
-            cache            integer not null,
-            storePath        text not null,
-            url              text not null,
-            compression      text not null,
-            fileHash         text,
-            fileSize         integer,
-            narHash          text,
-            narSize          integer,
-            refs             text,
-            deriver          text,
-            system           text,
-            timestamp        integer not null,
-            primary key (cache, storePath),
-            foreign key (cache) references BinaryCaches(id) on delete cascade
-        );
-EOF
-
-    $dbh->do(<<EOF);
-        create table if not exists NARExistence (
-            cache            integer not null,
-            storePath        text not null,
-            exist            integer not null,
-            timestamp        integer not null,
-            primary key (cache, storePath),
-            foreign key (cache) references BinaryCaches(id) on delete cascade
-        );
-EOF
-
-    $dbh->do("create index if not exists NARExistenceByExistTimestamp on NARExistence (exist, timestamp)");
-
-    $queryCache = $dbh->prepare("select id, storeDir, wantMassQuery, priority from BinaryCaches where url = ?") or die;
-
-    $insertNAR = $dbh->prepare(
-        "insert or replace into NARs(cache, storePath, url, compression, fileHash, fileSize, narHash, " .
-        "narSize, refs, deriver, system, timestamp) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)") or die;
-
-    $queryNAR = $dbh->prepare("select * from NARs where cache = ? and storePath = ?") or die;
-
-    $insertNARExistence = $dbh->prepare(
-        "insert or replace into NARExistence(cache, storePath, exist, timestamp) values (?, ?, ?, ?)") or die;
-
-    $queryNARExistence = $dbh->prepare("select exist, timestamp from NARExistence where cache = ? and storePath = ?") or die;
-
-    $expireNARExistence = $dbh->prepare("delete from NARExistence where exist = ? and timestamp < ?") or die;
-}
-
-
-sub getAvailableCaches {
-    return if $gotCaches;
-    $gotCaches = 1;
-
-    return if
-        ($Nix::Config::config{"use-binary-caches"} // "true") eq "false" ||
-        ($Nix::Config::config{"untrusted-use-binary-caches"} // "true") eq "false";
-
-    sub strToList {
-        my ($s) = @_;
-        return map { s/\/+$//; $_ } split(/ /, $s);
-    }
-
-    my @urls = strToList ($Nix::Config::config{"binary-caches"} // "");
-    # // ($Nix::Config::storeDir eq "/nix/store" ? "http://nixos.org/binary-cache" : ""));
-
-    my $urlsFiles = $Nix::Config::config{"binary-cache-files"}
-        // "/nix/var/nix/profiles/per-user/root/channels/binary-caches/*";
-    foreach my $urlFile (glob $urlsFiles) {
-        next unless -f $urlFile;
-        open FILE, "<$urlFile" or die "cannot open ‘$urlFile’\n";
-        my $url = <FILE>; chomp $url;
-        close FILE;
-        push @urls, strToList($url);
-    }
-
-    # Allow Nix daemon users to override the binary caches to a subset
-    # of those listed in the config file.  Note that ‘untrusted-*’
-    # denotes options passed by the client.
-    if (defined $Nix::Config::config{"untrusted-binary-caches"}) {
-        my @untrustedUrls = strToList $Nix::Config::config{"untrusted-binary-caches"};
-        my @trustedUrls = uniq(@urls, strToList($Nix::Config::config{"trusted-binary-caches"} // ""));
-        @urls = ();
-        foreach my $url (@untrustedUrls) {
-            die "binary cache ‘$url’ is not trusted (please add it to ‘trusted-binary-caches’ [@trustedUrls] in $Nix::Config::confDir/nix.conf)\n"
-                unless scalar(grep { $url eq $_ } @trustedUrls) > 0;
-            push @urls, $url;
-        }
-    }
-
-    foreach my $url (uniq @urls) {
-
-        # FIXME: not atomic.
-        $queryCache->execute($url);
-        my $res = $queryCache->fetchrow_hashref();
-        if (defined $res) {
-            next if $res->{storeDir} ne $Nix::Config::storeDir;
-            push @caches, { id => $res->{id}, url => $url, wantMassQuery => $res->{wantMassQuery}, priority => $res->{priority} };
-            next;
-        }
-
-        # Get the cache info file.
-        my $request = addRequest(undef, $url . "/nix-cache-info");
-        processRequests;
-
-        if ($request->{result} != 0) {
-            print STDERR "could not download ‘$request->{url}’ (" .
-                ($request->{result} != 0 ? "Curl error $request->{result}" : "HTTP status $request->{httpStatus}") . ")\n";
-            next;
-        }
-
-        my $storeDir = "/nix/store";
-        my $wantMassQuery = 0;
-        my $priority = 50;
-        foreach my $line (split "\n", $request->{content}) {
-            unless ($line =~ /^(.*): (.*)$/) {
-                print STDERR "bad cache info file ‘$request->{url}’\n";
-                return undef;
-            }
-            if ($1 eq "StoreDir") { $storeDir = $2; }
-            elsif ($1 eq "WantMassQuery") { $wantMassQuery = int($2); }
-            elsif ($1 eq "Priority") { $priority = int($2); }
-        }
-
-        $dbh->do("insert into BinaryCaches(url, timestamp, storeDir, wantMassQuery, priority) values (?, ?, ?, ?, ?)",
-                 {}, $url, time(), $storeDir, $wantMassQuery, $priority);
-        my $id = $dbh->last_insert_id("", "", "", "");
-        next if $storeDir ne $Nix::Config::storeDir;
-        push @caches, { id => $id, url => $url, wantMassQuery => $wantMassQuery, priority => $priority };
-    }
-
-    @caches = sort { $a->{priority} <=> $b->{priority} } @caches;
-
-    expireNegative();
-}
-
-
-sub processNARInfo {
-    my ($storePath, $cache, $request) = @_;
-
-    if ($request->{result} != 0) {
-        if ($request->{result} != 37 && $request->{httpStatus} != 404) {
-            print STDERR "could not download ‘$request->{url}’ (" .
-                ($request->{result} != 0 ? "Curl error $request->{result}" : "HTTP status $request->{httpStatus}") . ")\n";
-        } else {
-            $insertNARExistence->execute($cache->{id}, basename($storePath), 0, time())
-                unless $request->{url} =~ /^file:/;
-        }
-        return undef;
-    }
-
-    my $narInfo = parseNARInfo($storePath, $request->{content});
-    return undef unless defined $narInfo;
-
-    # Cache the result.
-    $insertNAR->execute(
-        $cache->{id}, basename($storePath), $narInfo->{url}, $narInfo->{compression},
-        $narInfo->{fileHash}, $narInfo->{fileSize}, $narInfo->{narHash}, $narInfo->{narSize},
-        join(" ", @{$narInfo->{refs}}), $narInfo->{deriver}, $narInfo->{system}, time())
-        unless $request->{url} =~ /^file:/;
-
-    return $narInfo;
-}
-
-
-sub getCachedInfoFrom {
-    my ($storePath, $cache) = @_;
-
-    $queryNAR->execute($cache->{id}, basename($storePath));
-    my $res = $queryNAR->fetchrow_hashref();
-    return undef unless defined $res;
-
-    return
-        { url => $res->{url}
-        , compression => $res->{compression}
-        , fileHash => $res->{fileHash}
-        , fileSize => $res->{fileSize}
-        , narHash => $res->{narHash}
-        , narSize => $res->{narSize}
-        , refs => [ split " ", $res->{refs} ]
-        , deriver => $res->{deriver}
-        } if defined $res;
-}
-
-
-sub negativeHit {
-    my ($storePath, $cache) = @_;
-    $queryNARExistence->execute($cache->{id}, basename($storePath));
-    my $res = $queryNARExistence->fetchrow_hashref();
-    return defined $res && $res->{exist} == 0 && time() - $res->{timestamp} < $ttlNegativeUse;
-}
-
-
-sub positiveHit {
-    my ($storePath, $cache) = @_;
-    return 1 if defined getCachedInfoFrom($storePath, $cache);
-    $queryNARExistence->execute($cache->{id}, basename($storePath));
-    my $res = $queryNARExistence->fetchrow_hashref();
-    return defined $res && $res->{exist} == 1;
-}
-
-
-sub expireNegative {
-    return if $didExpiration;
-    $didExpiration = 1;
-    my $time = time();
-    # Round up to the next multiple of the TTL to ensure that we do
-    # expiration only once per time interval.  E.g. if $ttlNegative ==
-    # 3600, we expire entries at most once per hour.  This is
-    # presumably faster than expiring a few entries per request (and
-    # thus doing a transaction).
-    my $limit = (int($time / $ttlNegative) - 1) * $ttlNegative;
-    $expireNARExistence->execute($limit, 0);
-    print STDERR "expired ", $expireNARExistence->rows, " negative entries\n" if $debug;
-}
-
-
-sub printInfo {
-    my ($storePath, $info) = @_;
-    print "$storePath\n";
-    print $info->{deriver} ? "$Nix::Config::storeDir/$info->{deriver}" : "", "\n";
-    print scalar @{$info->{refs}}, "\n";
-    print "$Nix::Config::storeDir/$_\n" foreach @{$info->{refs}};
-    print $info->{fileSize} || 0, "\n";
-    print $info->{narSize} || 0, "\n";
-}
-
-
-sub infoUrl {
-    my ($binaryCacheUrl, $storePath) = @_;
-    my $pathHash = substr(basename($storePath), 0, 32);
-    my $infoUrl = "$binaryCacheUrl/$pathHash.narinfo";
-}
-
-
-sub printInfoParallel {
-    my @paths = @_;
-
-    # First print all paths for which we have cached info.
-    my @left;
-    foreach my $storePath (@paths) {
-        my $found = 0;
-        foreach my $cache (@caches) {
-            my $info = getCachedInfoFrom($storePath, $cache);
-            if (defined $info) {
-                printInfo($storePath, $info);
-                $found = 1;
-                last;
-            }
-        }
-        push @left, $storePath if !$found;
-    }
-
-    return if scalar @left == 0;
-
-    foreach my $cache (@caches) {
-
-        my @left2;
-        %requests = ();
-        foreach my $storePath (@left) {
-            if (negativeHit($storePath, $cache)) {
-                push @left2, $storePath;
-                next;
-            }
-            addRequest($storePath, infoUrl($cache->{url}, $storePath));
-        }
-
-        processRequests;
-
-        foreach my $request (values %requests) {
-            my $info = processNARInfo($request->{storePath}, $cache, $request);
-            if (defined $info) {
-                printInfo($request->{storePath}, $info);
-            } else {
-                push @left2, $request->{storePath};
-            }
-        }
-
-        @left = @left2;
-    }
-}
-
-
-sub printSubstitutablePaths {
-    my @paths = @_;
-
-    # First look for paths that have cached info.
-    my @left;
-    foreach my $storePath (@paths) {
-        my $found = 0;
-        foreach my $cache (@caches) {
-            next unless $cache->{wantMassQuery};
-            if (positiveHit($storePath, $cache)) {
-                print "$storePath\n";
-                $found = 1;
-                last;
-            }
-        }
-        push @left, $storePath if !$found;
-    }
-
-    return if scalar @left == 0;
-
-    # For remaining paths, do HEAD requests.
-    foreach my $cache (@caches) {
-        next unless $cache->{wantMassQuery};
-        my @left2;
-        %requests = ();
-        foreach my $storePath (@left) {
-            if (negativeHit($storePath, $cache)) {
-                push @left2, $storePath;
-                next;
-            }
-            addRequest($storePath, infoUrl($cache->{url}, $storePath), 1);
-        }
-
-        processRequests;
-
-        foreach my $request (values %requests) {
-            if ($request->{result} != 0) {
-                if ($request->{result} != 37 && $request->{httpStatus} != 404) {
-                    print STDERR "could not check ‘$request->{url}’ (" .
-                        ($request->{result} != 0 ? "Curl error $request->{result}" : "HTTP status $request->{httpStatus}") . ")\n";
-                } else {
-                    $insertNARExistence->execute($cache->{id}, basename($request->{storePath}), 0, time())
-                        unless $request->{url} =~ /^file:/;
-                }
-                push @left2, $request->{storePath};
-            } else {
-                $insertNARExistence->execute($cache->{id}, basename($request->{storePath}), 1, time())
-                    unless $request->{url} =~ /^file:/;
-                print "$request->{storePath}\n";
-            }
-        }
-
-        @left = @left2;
-    }
-}
-
-
-sub downloadBinary {
-    my ($storePath, $destPath) = @_;
-
-    foreach my $cache (@caches) {
-        my $info = getCachedInfoFrom($storePath, $cache);
-
-        unless (defined $info) {
-            next if negativeHit($storePath, $cache);
-            my $request = addRequest($storePath, infoUrl($cache->{url}, $storePath));
-            processRequests;
-            $info = processNARInfo($storePath, $cache, $request);
-        }
-
-        next unless defined $info;
-
-        my $decompressor;
-        if ($info->{compression} eq "bzip2") { $decompressor = "$Nix::Config::bzip2 -d"; }
-        elsif ($info->{compression} eq "xz") { $decompressor = "$Nix::Config::xz -d"; }
-        else {
-            print STDERR "unknown compression method ‘$info->{compression}’\n";
-            next;
-        }
-        my $url = "$cache->{url}/$info->{url}"; # FIXME: handle non-relative URLs
-        print STDERR "\n*** Downloading ‘$url’ to ‘$storePath’...\n";
-        checkURL $url;
-        if (system("$Nix::Config::curl --fail --location --insecure '$url' | $decompressor | $Nix::Config::binDir/nix-store --restore $destPath") != 0) {
-            warn "download of `$url' failed" . ($! ? ": $!" : "") . "\n";
-            next;
-        }
-
-        # Tell Nix about the expected hash so it can verify it.
-        print "$info->{narHash}\n";
-
-        print STDERR "\n";
-        return;
-    }
-
-    print STDERR "could not download ‘$storePath’ from any binary cache\n";
-}
-
-
-initCache();
-
-
-if ($ARGV[0] eq "--query") {
-
-    while (<STDIN>) {
-        getAvailableCaches;
-        chomp;
-        my ($cmd, @args) = split " ", $_;
-
-        if ($cmd eq "have") {
-            print STDERR "checking binary caches for existence of @args\n" if $debug;
-            printSubstitutablePaths(@args);
-            print "\n";
-        }
-
-        elsif ($cmd eq "info") {
-            print STDERR "checking binary caches for info on @args\n" if $debug;
-            printInfoParallel(@args);
-            print "\n";
-        }
-
-        else { die "unknown command `$cmd'"; }
-
-        flush STDOUT;
-    }
-
-}
-
-elsif ($ARGV[0] eq "--substitute") {
-    my $storePath = $ARGV[1] or die;
-    my $destPath = $ARGV[2] or die;
-    getAvailableCaches;
-    downloadBinary($storePath, $destPath);
-}
-
-else {
-    die;
-}

scripts/download-using-manifests.pl.in

@@ -1,174 +1,33 @@
-#! @perl@ -w @perlFlags@
+#! @perl@ -w -I@libexecdir@/nix
 
 use strict;
-use Nix::Config;
-use Nix::Manifest;
-use Nix::Store;
-use Nix::Utils;
+use readmanifest;
 use POSIX qw(strftime);
 use File::Temp qw(tempdir);
 
+my $binDir = $ENV{"NIX_BIN_DIR"} || "@bindir@";
+
 STDOUT->autoflush(1);
 
-my $logFile = "$Nix::Config::logDir/downloads";
-
-# For queries, skip expensive calls to nix-hash etc.  We're just
-# estimating the expected download size.
-my $fast = 1;
-
-# ‘--insecure’ is fine because Nix verifies the hash of the result.
-my $curl = "$Nix::Config::curl --fail --location --insecure";
+my $manifestDir = ($ENV{"NIX_MANIFESTS_DIR"} or "@localstatedir@/nix/manifests");
+my $logFile = "@localstatedir@/log/nix/downloads";
 
 
-# Open the manifest cache and update it if necessary.
-my $dbh = updateManifestDB();
+# Load all manifests.
+my %narFiles;
+my %localPaths;
+my %patches;
 
-
-# $hashCache->{$algo}->{$path} yields the $algo-hash of $path.
-my $hashCache;
-
-
-sub parseHash {
-    my $hash = shift;
-    if ($hash =~ /^(.+):(.+)$/) {
-        return ($1, $2);
-    } else {
-        return ("md5", $hash);
+for my $manifest (glob "$manifestDir/*.nixmanifest") {
+    my $version = readManifest($manifest, \%narFiles, \%localPaths, \%patches);
+    if ($version < 3) {
+        print STDERR "you have an old-style manifest `$manifest'; please delete it\n";
+        exit 1;
     }
-}
-
-
-# Compute the most efficient sequence of downloads to produce the
-# given path.
-sub computeSmallestDownload {
-    my $targetPath = shift;
-
-    # Build a graph of all store paths that might contribute to the
-    # construction of $targetPath, and the special node "start".  The
-    # edges are either patch operations, or downloads of full NAR
-    # files.  The latter edges only occur between "start" and a store
-    # path.
-    my %graph;
-
-    $graph{"start"} = {d => 0, pred => undef, edges => []};
-
-    my @queue = ();
-    my $queueFront = 0;
-    my %done;
-
-    sub addNode {
-        my $graph = shift;
-        my $u = shift;
-        $$graph{$u} = {d => 999999999999, pred => undef, edges => []}
-            unless defined $$graph{$u};
+    if ($version >= 10) {
+        print STDERR "manifest `$manifest' is too new; please delete it or upgrade Nix\n";
+        exit 1;
     }
-
-    sub addEdge {
-        my $graph = shift;
-        my $u = shift;
-        my $v = shift;
-        my $w = shift;
-        my $type = shift;
-        my $info = shift;
-        addNode $graph, $u;
-        push @{$$graph{$u}->{edges}},
-            {weight => $w, start => $u, end => $v, type => $type, info => $info};
-        my $n = scalar @{$$graph{$u}->{edges}};
-    }
-
-    push @queue, $targetPath;
-
-    while ($queueFront < scalar @queue) {
-        my $u = $queue[$queueFront++];
-        next if defined $done{$u};
-        $done{$u} = 1;
-
-        addNode \%graph, $u;
-
-        # If the path already exists, it has distance 0 from the
-        # "start" node.
-        if (isValidPath($u)) {
-            addEdge \%graph, "start", $u, 0, "present", undef;
-        }
-
-        else {
-
-            # Add patch edges.
-            my $patchList = $dbh->selectall_arrayref(
-                "select * from Patches where storePath = ?",
-                { Slice => {} }, $u);
-
-            foreach my $patch (@{$patchList}) {
-                if (isValidPath($patch->{basePath})) {
-                    my ($baseHashAlgo, $baseHash) = parseHash $patch->{baseHash};
-
-                    my $hash = $hashCache->{$baseHashAlgo}->{$patch->{basePath}};
-                    if (!defined $hash) {
-                        $hash = $fast && $baseHashAlgo eq "sha256"
-                            ? queryPathHash($patch->{basePath})
-                            : hashPath($baseHashAlgo, $baseHashAlgo ne "md5", $patch->{basePath});
-                        $hash =~ s/.*://;
-                        $hashCache->{$baseHashAlgo}->{$patch->{basePath}} = $hash;
-                    }
-
-                    next if $hash ne $baseHash;
-                }
-                push @queue, $patch->{basePath};
-                addEdge \%graph, $patch->{basePath}, $u, $patch->{size}, "patch", $patch;
-            }
-
-            # Add NAR file edges to the start node.
-            my $narFileList = $dbh->selectall_arrayref(
-                "select * from NARs where storePath = ?",
-                { Slice => {} }, $u);
-
-            foreach my $narFile (@{$narFileList}) {
-                # !!! how to handle files whose size is not known in advance?
-                # For now, assume some arbitrary size (1 GB).
-                # This has the side-effect of preferring non-Hydra downloads.
-                addEdge \%graph, "start", $u, ($narFile->{size} || 1000000000), "narfile", $narFile;
-            }
-        }
-    }
-
-
-    # Run Dijkstra's shortest path algorithm to determine the shortest
-    # sequence of download and/or patch actions that will produce
-    # $targetPath.
-
-    my @todo = keys %graph;
-
-    while (scalar @todo > 0) {
-
-        # Remove the closest element from the todo list.
-        # !!! inefficient, use a priority queue
-        @todo = sort { -($graph{$a}->{d} <=> $graph{$b}->{d}) } @todo;
-        my $u = pop @todo;
-
-        my $u_ = $graph{$u};
-
-        foreach my $edge (@{$u_->{edges}}) {
-            my $v_ = $graph{$edge->{end}};
-            if ($v_->{d} > $u_->{d} + $edge->{weight}) {
-                $v_->{d} = $u_->{d} + $edge->{weight};
-                # Store the edge; to edge->start is actually the
-                # predecessor.
-                $v_->{pred} = $edge;
-            }
-        }
-    }
-
-
-    # Retrieve the shortest path from "start" to $targetPath.
-    my @path = ();
-    my $cur = $targetPath;
-    return () unless defined $graph{$targetPath}->{pred};
-    while ($cur ne "start") {
-        push @path, $graph{$cur}->{pred};
-        $cur = $graph{$cur}->{pred}->{start};
-    }
-
-    return @path;
 }
 
 
@@ -177,56 +36,36 @@ sub computeSmallestDownload {
 if ($ARGV[0] eq "--query") {
 
     while (<STDIN>) {
-        chomp;
-        my ($cmd, @args) = split " ", $_;
+        my $cmd = $_; chomp $cmd;
 
         if ($cmd eq "have") {
-            foreach my $storePath (@args) {
-                print "$storePath\n" if scalar @{$dbh->selectcol_arrayref("select 1 from NARs where storePath = ?", {}, $storePath)} > 0;
-            }
-            print "\n";
+            my $storePath = <STDIN>; chomp $storePath;
+            print STDOUT ((defined $narFiles{$storePath} or defined $localPaths{$storePath})
+                ? "1\n" : "0\n");
         }
 
         elsif ($cmd eq "info") {
-            foreach my $storePath (@args) {
-
-                my $infos = $dbh->selectall_arrayref(
-                    "select * from NARs where storePath = ?",
-                    { Slice => {} }, $storePath);
-
-                next unless scalar @{$infos} > 0;
-                my $info = @{$infos}[0];
-
-                print "$storePath\n";
-                print "$info->{deriver}\n";
-                my @references = split " ", $info->{refs};
-                print scalar @references, "\n";
-                print "$_\n" foreach @references;
-
-                my @path = computeSmallestDownload $storePath;
-
-                my $downloadSize = 0;
-                while (scalar @path > 0) {
-                    my $edge = pop @path;
-                    my $u = $edge->{start};
-                    my $v = $edge->{end};
-                    if ($edge->{type} eq "patch") {
-                        $downloadSize += $edge->{info}->{size} || 0;
-                    }
-                    elsif ($edge->{type} eq "narfile") {
-                        $downloadSize += $edge->{info}->{size} || 0;
-                    }
-                }
-
-                print "$downloadSize\n";
-
-                my $narSize = $info->{narSize} || 0;
-                print "$narSize\n";
+            my $storePath = <STDIN>; chomp $storePath;
+            my $info;
+            if (defined $narFiles{$storePath}) {
+                $info = @{$narFiles{$storePath}}[0];
             }
-
-            print "\n";
+            elsif (defined $localPaths{$storePath}) {
+                $info = @{$localPaths{$storePath}}[0];
+            }
+            else {
+                print "0\n";
+                next; # not an error
+            }
+            print "1\n";
+            print "$info->{deriver}\n";
+            my @references = split " ", $info->{references};
+            print scalar @references, "\n";
+            print "$_\n" foreach @references;
+            my $size = $info->{size} || 0;
+            print "$size\n";
         }
-
+        
         else { die "unknown command `$cmd'"; }
     }
 
@@ -234,20 +73,20 @@ if ($ARGV[0] eq "--query") {
 }
 
 elsif ($ARGV[0] ne "--substitute") {
-    die;
+    die "syntax: $0 [--query-paths | --query-info PATHS... | --substitute PATH]\n";
 }
 
 
-die unless scalar @ARGV == 3;
+die unless scalar @ARGV == 2;
 my $targetPath = $ARGV[1];
-my $destPath = $ARGV[2];
-$fast = 0;
 
 
 # Create a temporary directory.
 my $tmpDir = tempdir("nix-download.XXXXXX", CLEANUP => 1, TMPDIR => 1)
     or die "cannot create a temporary directory";
 
+chdir $tmpDir or die "cannot change to `$tmpDir': $!";
+
 my $tmpNar = "$tmpDir/nar";
 my $tmpNar2 = "$tmpDir/nar2";
 
@@ -257,18 +96,164 @@ open LOGFILE, ">>$logFile" or die "cannot open log file $logFile";
 my $date = strftime ("%F %H:%M:%S UTC", gmtime (time));
 print LOGFILE "$$ get $targetPath $date\n";
 
-print STDERR "\n*** Trying to download/patch `$targetPath'\n";
+print "\n*** Trying to download/patch `$targetPath'\n";
 
 
-# Compute the shortest path.
-my @path = computeSmallestDownload $targetPath;
-die "don't know how to produce $targetPath\n" if scalar @path == 0;
+# If we can copy from a local path, do that.
+my $localPathList = $localPaths{$targetPath};
+foreach my $localPath (@{$localPathList}) {
+    my $sourcePath = $localPath->{copyFrom};
+    if (-e $sourcePath) {
+        print "\n*** Step 1/1: copying from $sourcePath\n";
+        system("$binDir/nix-store --dump $sourcePath | $binDir/nix-store --restore $targetPath") == 0
+            or die "cannot copy `$sourcePath' to `$targetPath'";
+        exit 0;
+    }
+}
 
 
-# We don't need the manifest anymore, so close it as an optimisation:
-# if we still have SQLite locks blocking other processes (we
-# shouldn't), this gets rid of them.
-$dbh->disconnect;
+# Build a graph of all store paths that might contribute to the
+# construction of $targetPath, and the special node "start".  The
+# edges are either patch operations, or downloads of full NAR files.
+# The latter edges only occur between "start" and a store path.
+
+my %graph;
+
+$graph{"start"} = {d => 0, pred => undef, edges => []};
+
+my @queue = ();
+my $queueFront = 0;
+my %done;
+
+sub addToQueue {
+    my $v = shift;
+    return if defined $done{$v};
+    $done{$v} = 1;
+    push @queue, $v;
+}
+
+sub addNode {
+    my $u = shift;
+    $graph{$u} = {d => 999999999999, pred => undef, edges => []}
+        unless defined $graph{$u};
+}
+
+sub addEdge {
+    my $u = shift;
+    my $v = shift;
+    my $w = shift;
+    my $type = shift;
+    my $info = shift;
+    addNode $u;
+    push @{$graph{$u}->{edges}},
+        {weight => $w, start => $u, end => $v, type => $type, info => $info};
+    my $n = scalar @{$graph{$u}->{edges}};
+}
+
+addToQueue $targetPath;
+
+sub isValidPath {
+    my $p = shift;
+    return system("$binDir/nix-store --check-validity '$p' 2> /dev/null") == 0;
+}
+
+sub parseHash {
+    my $hash = shift;
+    if ($hash =~ /^(.+):(.+)$/) {
+        return ($1, $2);
+    } else {
+        return ("md5", $hash);
+    }
+}
+
+while ($queueFront < scalar @queue) {
+    my $u = $queue[$queueFront++];
+#    print "$u\n";
+
+    addNode $u;
+
+    # If the path already exists, it has distance 0 from the "start"
+    # node.
+    if (isValidPath($u)) {
+        addEdge "start", $u, 0, "present", undef;
+    }
+
+    else {
+
+        # Add patch edges.
+        my $patchList = $patches{$u};
+        foreach my $patch (@{$patchList}) {
+            if (isValidPath($patch->{basePath})) {
+                # !!! this should be cached
+                my ($baseHashAlgo, $baseHash) = parseHash $patch->{baseHash};
+                my $format = "--base32";
+                $format = "" if $baseHashAlgo eq "md5";
+                my $hash = `$binDir/nix-hash --type '$baseHashAlgo' $format "$patch->{basePath}"`;
+                chomp $hash;
+                if ($hash ne $baseHash) {
+                    print LOGFILE "$$ rejecting $patch->{basePath}\n";
+                    next;
+                }
+            }
+            addToQueue $patch->{basePath};
+            addEdge $patch->{basePath}, $u, $patch->{size}, "patch", $patch;
+        }
+
+        # Add NAR file edges to the start node.
+        my $narFileList = $narFiles{$u};
+        foreach my $narFile (@{$narFileList}) {
+            # !!! how to handle files whose size is not known in advance?
+            # For now, assume some arbitrary size (1 MB).
+            addEdge "start", $u, ($narFile->{size} || 1000000), "narfile", $narFile;
+            if ($u eq $targetPath) {
+                my $size = $narFile->{size} || -1;
+                print LOGFILE "$$ full-download-would-be $size\n";
+            }
+        }
+
+    }
+}
+
+
+# Run Dijkstra's shortest path algorithm to determine the shortest
+# sequence of download and/or patch actions that will produce
+# $targetPath.
+
+sub byDistance { # sort by distance, reversed
+    return -($graph{$a}->{d} <=> $graph{$b}->{d});
+}
+
+my @todo = keys %graph;
+
+while (scalar @todo > 0) {
+
+    # Remove the closest element from the todo list.
+    @todo = sort byDistance @todo;
+    my $u = pop @todo;
+
+    my $u_ = $graph{$u};
+
+    foreach my $edge (@{$u_->{edges}}) {
+        my $v_ = $graph{$edge->{end}};
+        if ($v_->{d} > $u_->{d} + $edge->{weight}) {
+            $v_->{d} = $u_->{d} + $edge->{weight};
+            # Store the edge; to edge->start is actually the
+            # predecessor.
+            $v_->{pred} = $edge; 
+        }
+    }
+}
+
+
+# Retrieve the shortest path from "start" to $targetPath.
+my @path = ();
+my $cur = $targetPath;
+die "don't know how to produce $targetPath\n"
+    unless defined $graph{$targetPath}->{pred};
+while ($cur ne "start") {
+    push @path, $graph{$cur}->{pred};
+    $cur = $graph{$cur}->{pred}->{start};
+}
 
 
 # Traverse the shortest path, perform the actions described by the
@@ -276,6 +261,16 @@ $dbh->disconnect;
 my $curStep = 1;
 my $maxStep = scalar @path;
 
+sub downloadFile { 
+    my $url = shift; 
+    $ENV{"PRINT_PATH"} = 1;
+    $ENV{"QUIET"} = 1;
+    my ($hash, $path) = `$binDir/nix-prefetch-url '$url'`;
+    die "download of `$url' failed" unless $? == 0;
+    chomp $path;
+    return $path;
+}
+
 my $finalNarHash;
 
 while (scalar @path > 0) {
@@ -283,40 +278,37 @@ while (scalar @path > 0) {
     my $u = $edge->{start};
     my $v = $edge->{end};
 
-    print STDERR "\n*** Step $curStep/$maxStep: ";
+    print "\n*** Step $curStep/$maxStep: ";
 
     if ($edge->{type} eq "present") {
-        print STDERR "using already present path `$v'\n";
+        print "using already present path `$v'\n";
         print LOGFILE "$$ present $v\n";
 
         if ($curStep < $maxStep) {
             # Since this is not the last step, the path will be used
             # as a base to one or more patches.  So turn the base path
             # into a NAR archive, to which we can apply the patch.
-            print STDERR "  packing base path...\n";
-            system("$Nix::Config::binDir/nix-store --dump $v > $tmpNar") == 0
+            print "  packing base path...\n";
+            system("$binDir/nix-store --dump $v > $tmpNar") == 0
                 or die "cannot dump `$v'";
         }
     }
 
     elsif ($edge->{type} eq "patch") {
         my $patch = $edge->{info};
-        print STDERR "applying patch `$patch->{url}' to `$u' to create `$v'\n";
+        print "applying patch `$patch->{url}' to `$u' to create `$v'\n";
 
         print LOGFILE "$$ patch $patch->{url} $patch->{size} $patch->{baseHash} $u $v\n";
 
         # Download the patch.
-        print STDERR "  downloading patch...\n";
-        my $patchPath = "$tmpDir/patch";
-        checkURL $patch->{url};
-        system("$curl '$patch->{url}' -o $patchPath") == 0
-            or die "cannot download patch `$patch->{url}'\n";
+        print "  downloading patch...\n";
+        my $patchPath = downloadFile "$patch->{url}";
 
         # Apply the patch to the NAR archive produced in step 1 (for
         # the already present path) or a later step (for patch sequences).
-        print STDERR "  applying patch...\n";
-        system("$Nix::Config::libexecDir/bspatch $tmpNar $tmpNar2 $patchPath") == 0
-            or die "cannot apply patch `$patchPath' to $tmpNar\n";
+        print "  applying patch...\n";
+        system("@libexecdir@/bspatch $tmpNar $tmpNar2 $patchPath") == 0
+            or die "cannot apply patch `$patchPath' to $tmpNar";
 
         if ($curStep < $maxStep) {
             # The archive will be used as the base of the next patch.
@@ -324,9 +316,9 @@ while (scalar @path > 0) {
         } else {
             # This was the last patch.  Unpack the final NAR archive
             # into the target path.
-            print STDERR "  unpacking patched archive...\n";
-            system("$Nix::Config::binDir/nix-store --restore $destPath < $tmpNar2") == 0
-                or die "cannot unpack $tmpNar2 to `$v'\n";
+            print "  unpacking patched archive...\n";
+            system("$binDir/nix-store --restore $v < $tmpNar2") == 0
+                or die "cannot unpack $tmpNar2 into `$v'";
         }
 
         $finalNarHash = $patch->{narHash};
@@ -334,26 +326,24 @@ while (scalar @path > 0) {
 
     elsif ($edge->{type} eq "narfile") {
         my $narFile = $edge->{info};
-        print STDERR "downloading `$narFile->{url}' to `$v'\n";
+        print "downloading `$narFile->{url}' into `$v'\n";
 
         my $size = $narFile->{size} || -1;
         print LOGFILE "$$ narfile $narFile->{url} $size $v\n";
-
-        checkURL $narFile->{url};
-
-        my $decompressor =
-            $narFile->{compressionType} eq "bzip2" ? "$Nix::Config::bzip2 -d" :
-            $narFile->{compressionType} eq "xz" ? "$Nix::Config::xz -d" :
-            die "unknown compression type `$narFile->{compressionType}'";
+        
+        # Download the archive.
+        print "  downloading archive...\n";
+        my $narFilePath = downloadFile "$narFile->{url}";
 
         if ($curStep < $maxStep) {
             # The archive will be used a base to a patch.
-            system("$curl '$narFile->{url}' | $decompressor > $tmpNar") == 0
-                or die "cannot download and unpack `$narFile->{url}' to `$v'\n";
+            system("@bunzip2@ < '$narFilePath' > $tmpNar") == 0
+                or die "cannot unpack `$narFilePath' into `$v'";
         } else {
-            # Unpack the archive to the target path.
-            system("$curl '$narFile->{url}' | $decompressor | $Nix::Config::binDir/nix-store --restore '$destPath'") == 0
-                or die "cannot download and unpack `$narFile->{url}' to `$v'\n";
+            # Unpack the archive into the target path.
+            print "  unpacking archive...\n";
+            system("@bunzip2@ < '$narFilePath' | $binDir/nix-store --restore '$v'") == 0
+                or die "cannot unpack `$narFilePath' into `$v'";
         }
 
         $finalNarHash = $narFile->{narHash};
@@ -363,12 +353,28 @@ while (scalar @path > 0) {
 }
 
 
-# Tell Nix about the expected hash so it can verify it.
-die "cannot check integrity of the downloaded path since its hash is not known\n"
-    unless defined $finalNarHash;
-print "$finalNarHash\n";
+# Make sure that the hash declared in the manifest matches what we
+# downloaded and unpacked.
+
+if (defined $finalNarHash) {
+    my ($hashAlgo, $hash) = parseHash $finalNarHash;
+
+    # The hash in the manifest can be either in base-16 or base-32.
+    # Handle both.
+    my $extraFlag =
+        ($hashAlgo eq "sha256" && length($hash) != 64)
+        ? "--base32" : "";
+    
+    my $hash2 = `@bindir@/nix-hash --type $hashAlgo $extraFlag $targetPath`
+        or die "cannot compute hash of path `$targetPath'";
+    chomp $hash2;
+    
+    die "hash mismatch in downloaded path $targetPath; expected $hash, got $hash2"
+        if $hash ne $hash2;
+} else {
+    die "cannot check integrity of the downloaded path since its hash is not known";
+}
 
 
-print STDERR "\n";
 print LOGFILE "$$ success\n";
 close LOGFILE;