Tweak release notes

.dir-locals.el

@@ -13,5 +13,4 @@
   (eval . (c-set-offset 'arglist-cont-nonempty '+))
   (eval . (c-set-offset 'substatement-open 0))
   (eval . (c-set-offset 'access-label '-))
-  (eval . (c-set-offset 'inlambda 0))
   )))

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,27 @@
+<!--
+
+# Filing a Nix issue
+
+*WAIT* Are you sure you're filing your issue in the right repository?
+
+We appreciate you taking the time to tell us about issues you encounter, but routing the issue to the right place will get you help sooner and save everyone time.
+
+This is the Nix repository, and issues here should be about Nix the build and package management *_tool_*.
+
+If you have a problem with a specific package on NixOS or when using Nix, you probably want to file an issue with _nixpkgs_, whose issue tracker is over at https://github.com/NixOS/nixpkgs/issues.
+
+Examples of _Nix_ issues:
+
+- Nix segfaults when I run `nix-build -A blahblah`
+- The Nix language needs a new builtin: `builtins.foobar`
+- Regression in the behavior of `nix-env` in Nix 2.0
+
+Examples of _nixpkgs_ issues:
+
+- glibc is b0rked on aarch64
+- chromium in NixOS doesn't support U2F but google-chrome does!
+- The OpenJDK package on macOS is missing a key component
+
+Chances are if you're a newcomer to the Nix world, you'll probably want the [nixpkgs tracker](https://github.com/NixOS/nixpkgs/issues). It also gets a lot more eyeball traffic so you'll probably get a response a lot more quickly.
+
+-->

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,32 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
-title: ''
-labels: bug
-assignees: ''
-
----
-
-**Describe the bug**
-
-A clear and concise description of what the bug is.
-
-If you have a problem with a specific package or NixOS,
-you probably want to file an issue at https://github.com/NixOS/nixpkgs/issues. 
-
-**Steps To Reproduce**
-
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
-
-**Expected behavior**
-
-A clear and concise description of what you expected to happen.
-
-**`nix-env --version` output**
-
-**Additional context**
-
-Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,20 +0,0 @@
----
-name: Feature request
-about: Suggest an idea for this project
-title: ''
-labels: improvement
-assignees: ''
-
----
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.

.github/workflows/test.yml

@@ -1,17 +0,0 @@
-name: "Test"
-on:
-  pull_request:
-  push:
-jobs:
-  tests:
-    strategy:
-      matrix:
-        os: [ubuntu-18.04, macos]
-    runs-on: ${{ matrix.os }}
-    steps:
-    - uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-    - uses: cachix/install-nix-action@v8
-    #- run: nix flake check
-    - run: nix-build -A checks.$(if [[ `uname` = Linux ]]; then echo x86_64-linux; else echo x86_64-darwin; fi)

.gitignore

@@ -4,10 +4,9 @@ perl/Makefile.config
 # /
 /aclocal.m4
 /autom4te.cache
-/precompiled-headers.h.gch
-/precompiled-headers.h.pch
 /config.*
 /configure
+/nix.spec
 /stamp-h1
 /svn-revision
 /libtool
@@ -47,7 +46,7 @@ perl/Makefile.config
 /src/libexpr/nix.tbl
 
 # /src/libstore/
-*.gen.*
+/src/libstore/*.gen.hh
 
 /src/nix/nix
 
@@ -75,8 +74,6 @@ perl/Makefile.config
 
 /src/nix-copy-closure/nix-copy-closure
 
-/src/error-demo/error-demo
-
 /src/build-remote/build-remote
 
 # /tests/
@@ -87,7 +84,6 @@ perl/Makefile.config
 /tests/restricted-innocent
 /tests/shell
 /tests/shell.drv
-/tests/config.nix
 
 # /tests/lang/
 /tests/lang/*.out
@@ -121,5 +117,3 @@ GPATH
 GRTAGS
 GSYMS
 GTAGS
-
-nix-rust/target

.travis.yml

@@ -0,0 +1,2 @@
+os: osx
+script: ./tests/install-darwin.sh

.version

@@ -1 +1 @@
-2.4
+2.3

Makefile

@@ -1,17 +1,13 @@
 makefiles = \
-  mk/precompiled-headers.mk \
   local.mk \
-  nix-rust/local.mk \
   src/libutil/local.mk \
   src/libstore/local.mk \
-  src/libfetchers/local.mk \
   src/libmain/local.mk \
   src/libexpr/local.mk \
   src/nix/local.mk \
   src/resolve-system-dependencies/local.mk \
   scripts/local.mk \
   corepkgs/local.mk \
-  misc/bash/local.mk \
   misc/systemd/local.mk \
   misc/launchd/local.mk \
   misc/upstart/local.mk \
@@ -19,16 +15,8 @@ makefiles = \
   tests/local.mk \
   tests/plugins/local.mk
 
+GLOBAL_CXXFLAGS += -g -Wall -include config.h
+
 -include Makefile.config
 
-OPTIMIZE = 1
-
-ifeq ($(OPTIMIZE), 1)
-  GLOBAL_CXXFLAGS += -O3
-else
-  GLOBAL_CXXFLAGS += -O0
-endif
-
 include mk/lib.mk
-
-GLOBAL_CXXFLAGS += -g -Wall -include config.h -std=c++17

Makefile.config.in

@@ -18,7 +18,6 @@ SODIUM_LIBS = @SODIUM_LIBS@
 LIBLZMA_LIBS = @LIBLZMA_LIBS@
 SQLITE3_LIBS = @SQLITE3_LIBS@
 LIBBROTLI_LIBS = @LIBBROTLI_LIBS@
-LIBARCHIVE_LIBS = @LIBARCHIVE_LIBS@
 EDITLINE_LIBS = @EDITLINE_LIBS@
 bash = @bash@
 bindir = @bindir@
@@ -37,7 +36,6 @@ prefix = @prefix@
 sandbox_shell = @sandbox_shell@
 storedir = @storedir@
 sysconfdir = @sysconfdir@
-system = @system@
 doc_generate = @doc_generate@
 xmllint = @xmllint@
 xsltproc = @xsltproc@

README.md

@@ -1,54 +1,24 @@
-# Nix
-
 [![Open Collective supporters](https://opencollective.com/nixos/tiers/supporter/badge.svg?label=Supporters&color=brightgreen)](https://opencollective.com/nixos)
-[![Test](https://github.com/NixOS/nix/workflows/Test/badge.svg)](https://github.com/NixOS/nix/actions)
 
-Nix is a powerful package manager for Linux and other Unix systems that makes package
-management reliable and reproducible. Please refer to the [Nix manual](https://nixos.org/nix/manual)
-for more details.
+Nix, the purely functional package manager
+------------------------------------------
 
-## Installation
+Nix is a new take on package management that is fairly unique. Because of its
+purity aspects, a lot of issues found in traditional package managers don't
+appear with Nix.
 
-On Linux and macOS the easiest way to Install Nix is to run the following shell command
-(as a user other than root):
+To find out more about the tool, usage and installation instructions, please
+read the manual, which is available on the Nix website at
+<http://nixos.org/nix/manual>.
 
-```
-$ curl -L https://nixos.org/nix/install | sh
-```
+## Contributing
 
-Information on additional installation methods is available on the [Nix download page](https://nixos.org/download.html).
-
-## Building And Developing
-
-### Building Nix
-
-You can build Nix using one of the targets provided by [release.nix](./release.nix):
-
-```
-$ nix-build ./release.nix -A build.aarch64-linux
-$ nix-build ./release.nix -A build.x86_64-darwin
-$ nix-build ./release.nix -A build.i686-linux
-$ nix-build ./release.nix -A build.x86_64-linux
-```
-
-### Development Environment
-
-You can use the provided `shell.nix` to get a working development environment:
-
-```
-$ nix-shell
-$ ./bootstrap.sh
-$ ./configure
-$ make
-```
-
-## Additional Resources
-
-- [Nix manual](https://nixos.org/nix/manual)
-- [Nix jobsets on hydra.nixos.org](https://hydra.nixos.org/project/nix)
-- [NixOS Discourse](https://discourse.nixos.org/)
-- [IRC - #nixos on freenode.net](irc://irc.freenode.net/#nixos)
+Take a look at the [Hacking Section](http://nixos.org/nix/manual/#chap-hacking)
+of the manual. It helps you to get started with building Nix from source.
 
 ## License
 
-Nix is released under the [LGPL v2.1](./COPYING).
+Nix is released under the LGPL v2.1
+
+This product includes software developed by the OpenSSL Project for
+use in the [OpenSSL Toolkit](http://www.OpenSSL.org/).

configure.ac

@@ -50,11 +50,14 @@ AC_DEFINE_UNQUOTED(SYSTEM, ["$system"], [platform identifier ('cpu-os')])
 test "$localstatedir" = '${prefix}/var' && localstatedir=/nix/var
 
 
-CFLAGS=
-CXXFLAGS=
+# Set default flags for nix (as per AC_PROG_CC/CXX docs),
+# while still allowing the user to override them from the command line.
+: ${CFLAGS="-O3"}
+: ${CXXFLAGS="-O3"}
 AC_PROG_CC
 AC_PROG_CXX
 AC_PROG_CPP
+AX_CXX_COMPILE_STDCXX_17([noext], [mandatory])
 
 AC_CHECK_TOOL([AR], [ar])
 
@@ -117,16 +120,26 @@ fi
 ])
 
 NEED_PROG(bash, bash)
+NEED_PROG(patch, patch)
 AC_PATH_PROG(xmllint, xmllint, false)
 AC_PATH_PROG(xsltproc, xsltproc, false)
 AC_PATH_PROG(flex, flex, false)
 AC_PATH_PROG(bison, bison, false)
+NEED_PROG(sed, sed)
+NEED_PROG(tar, tar)
+NEED_PROG(bzip2, bzip2)
+NEED_PROG(gzip, gzip)
+NEED_PROG(xz, xz)
 AC_PATH_PROG(dot, dot)
 AC_PATH_PROG(lsof, lsof, lsof)
-NEED_PROG(jq, jq)
 
 
-AC_SUBST(coreutils, [$(dirname $(type -p cat))])
+NEED_PROG(cat, cat)
+NEED_PROG(tr, tr)
+AC_ARG_WITH(coreutils-bin, AC_HELP_STRING([--with-coreutils-bin=PATH],
+  [path of cat, mkdir, etc.]),
+  coreutils=$withval, coreutils=$(dirname $cat))
+AC_SUBST(coreutils)
 
 
 AC_ARG_WITH(store-dir, AC_HELP_STRING([--with-store-dir=PATH],
@@ -144,33 +157,8 @@ AX_BOOST_BASE([1.66], [CXXFLAGS="$BOOST_CPPFLAGS $CXXFLAGS"], [AC_MSG_ERROR([Nix
 # ends up with LDFLAGS being empty, so we set it afterwards.
 LDFLAGS="$BOOST_LDFLAGS $LDFLAGS"
 
-# On some platforms, new-style atomics need a helper library
-AC_MSG_CHECKING(whether -latomic is needed)
-AC_LINK_IFELSE([AC_LANG_SOURCE([[
-#include <stdint.h>
-uint64_t v;
-int main() {
-    return (int)__atomic_load_n(&v, __ATOMIC_ACQUIRE);
-}]])], GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC=no, GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC=yes)
-AC_MSG_RESULT($GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC)
-if test "x$GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC" = xyes; then
-    LIBS="-latomic $LIBS"
-fi
 
-PKG_PROG_PKG_CONFIG
-
-AC_ARG_ENABLE(shared, AC_HELP_STRING([--enable-shared],
-  [Build shared libraries for Nix [default=yes]]),
-  shared=$enableval, shared=yes)
-if test "$shared" = yes; then
-  AC_SUBST(BUILD_SHARED_LIBS, 1, [Whether to build shared libraries.])
-else
-  AC_SUBST(BUILD_SHARED_LIBS, 0, [Whether to build shared libraries.])
-  PKG_CONFIG="$PKG_CONFIG --static"
-fi
-
-# Look for OpenSSL, a required dependency. FIXME: this is only (maybe)
-# used by S3BinaryCacheStore.
+# Look for OpenSSL, a required dependency.
 PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"])
 
 
@@ -179,12 +167,12 @@ AC_CHECK_LIB([bz2], [BZ2_bzWriteOpen], [true],
   [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See https://web.archive.org/web/20180624184756/http://www.bzip.org/.])])
 AC_CHECK_HEADERS([bzlib.h], [true],
   [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See https://web.archive.org/web/20180624184756/http://www.bzip.org/.])])
-# Checks for libarchive
-PKG_CHECK_MODULES([LIBARCHIVE], [libarchive >= 3.1.2], [CXXFLAGS="$LIBARCHIVE_CFLAGS $CXXFLAGS"])
+
 
 # Look for SQLite, a required dependency.
 PKG_CHECK_MODULES([SQLITE3], [sqlite3 >= 3.6.19], [CXXFLAGS="$SQLITE3_CFLAGS $CXXFLAGS"])
 
+
 # Look for libcurl, a required dependency.
 PKG_CHECK_MODULES([LIBCURL], [libcurl], [CXXFLAGS="$LIBCURL_CFLAGS $CXXFLAGS"])
 
@@ -207,15 +195,12 @@ PKG_CHECK_MODULES([SODIUM], [libsodium],
    have_sodium=1], [have_sodium=])
 AC_SUBST(HAVE_SODIUM, [$have_sodium])
 
+
 # Look for liblzma, a required dependency.
 PKG_CHECK_MODULES([LIBLZMA], [liblzma], [CXXFLAGS="$LIBLZMA_CFLAGS $CXXFLAGS"])
 AC_CHECK_LIB([lzma], [lzma_stream_encoder_mt],
   [AC_DEFINE([HAVE_LZMA_MT], [1], [xz multithreaded compression support])])
 
-# Look for zlib, a required dependency.
-PKG_CHECK_MODULES([ZLIB], [zlib], [CXXFLAGS="$ZLIB_CFLAGS $CXXFLAGS"])
-AC_CHECK_HEADER([zlib.h],[:],[AC_MSG_ERROR([could not find the zlib.h header])])
-LDFLAGS="-lz $LDFLAGS"
 
 # Look for libbrotli{enc,dec}.
 PKG_CHECK_MODULES([LIBBROTLI], [libbrotlienc libbrotlidec], [CXXFLAGS="$LIBBROTLI_CFLAGS $CXXFLAGS"])
@@ -258,8 +243,8 @@ fi
 
 # Whether to use the Boehm garbage collector.
 AC_ARG_ENABLE(gc, AC_HELP_STRING([--enable-gc],
-  [enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=yes]]),
-  gc=$enableval, gc=yes)
+  [enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=no]]),
+  gc=$enableval, gc=no)
 if test "$gc" = yes; then
   PKG_CHECK_MODULES([BDW_GC], [bdw-gc])
   CXXFLAGS="$BDW_GC_CFLAGS $CXXFLAGS"
@@ -305,6 +290,16 @@ AC_ARG_WITH(sandbox-shell, AC_HELP_STRING([--with-sandbox-shell=PATH],
   sandbox_shell=$withval)
 AC_SUBST(sandbox_shell)
 
+AC_ARG_ENABLE(shared, AC_HELP_STRING([--enable-shared],
+  [Build shared libraries for Nix [default=yes]]),
+  shared=$enableval, shared=yes)
+if test "$shared" = yes; then
+  AC_SUBST(BUILD_SHARED_LIBS, 1, [Whether to build shared libraries.])
+else
+  AC_SUBST(BUILD_SHARED_LIBS, 0, [Whether to build shared libraries.])
+fi
+
+
 # Expand all variables in config.status.
 test "$prefix" = NONE && prefix=$ac_default_prefix
 test "$exec_prefix" = NONE && exec_prefix='${prefix}'

contrib/stack-collapse.py

@@ -1,11 +1,12 @@
 #!/usr/bin/env nix-shell
 #!nix-shell -i python3 -p python3 --pure
 
-# To be used with `--trace-function-calls` and `flamegraph.pl`.
+# To be used with `--trace-function-calls` and `-vvvv` and
+# `flamegraph.pl`.
 #
 # For example:
 #
-# nix-instantiate --trace-function-calls '<nixpkgs>' -A hello 2> nix-function-calls.trace
+# nix-instantiate --trace-function-calls -vvvv '<nixpkgs>' -A hello 2> nix-function-calls.trace
 # ./contrib/stack-collapse.py nix-function-calls.trace > nix-function-calls.folded
 # nix-shell -p flamegraph --run "flamegraph.pl nix-function-calls.folded > nix-function-calls.svg"
 

corepkgs/config.nix.in

@@ -1,13 +1,29 @@
-# FIXME: remove this file?
 let
   fromEnv = var: def:
     let val = builtins.getEnv var; in
     if val != "" then val else def;
 in rec {
+  shell = "@bash@";
+  coreutils = "@coreutils@";
+  bzip2 = "@bzip2@";
+  gzip = "@gzip@";
+  xz = "@xz@";
+  tar = "@tar@";
+  tarFlags = "@tarFlags@";
+  tr = "@tr@";
   nixBinDir = fromEnv "NIX_BIN_DIR" "@bindir@";
   nixPrefix = "@prefix@";
   nixLibexecDir = fromEnv "NIX_LIBEXEC_DIR" "@libexecdir@";
   nixLocalstateDir = "@localstatedir@";
   nixSysconfDir = "@sysconfdir@";
   nixStoreDir = fromEnv "NIX_STORE_DIR" "@storedir@";
+
+  # If Nix is installed in the Nix store, then automatically add it as
+  # a dependency to the core packages. This ensures that they work
+  # properly in a chroot.
+  chrootDeps =
+    if dirOf nixPrefix == builtins.storeDir then
+      [ (builtins.storePath nixPrefix) ]
+    else
+      [ ];
 }

corepkgs/local.mk

@@ -1,7 +1,4 @@
-corepkgs_FILES = \
-  unpack-channel.nix \
-  derivation.nix \
-  fetchurl.nix
+corepkgs_FILES = buildenv.nix unpack-channel.nix derivation.nix fetchurl.nix imported-drv-to-derivation.nix
 
 $(foreach file,config.nix $(corepkgs_FILES),$(eval $(call install-data-in,$(d)/$(file),$(datadir)/nix/corepkgs)))
 

corepkgs/unpack-channel.nix

@@ -1,12 +1,39 @@
+with import <nix/config.nix>;
+
+let
+
+  builder = builtins.toFile "unpack-channel.sh"
+    ''
+      mkdir $out
+      cd $out
+      xzpat="\.xz\$"
+      gzpat="\.gz\$"
+      if [[ "$src" =~ $xzpat ]]; then
+        ${xz} -d < $src | ${tar} xf - ${tarFlags}
+      elif [[ "$src" =~ $gzpat ]]; then
+        ${gzip} -d < $src | ${tar} xf - ${tarFlags}
+      else
+        ${bzip2} -d < $src | ${tar} xf - ${tarFlags}
+      fi
+      if [ * != $channelName ]; then
+        mv * $out/$channelName
+      fi
+    '';
+
+in
+
 { name, channelName, src }:
 
 derivation {
-  builder = "builtin:unpack-channel";
-
-  system = "builtin";
-
+  system = builtins.currentSystem;
+  builder = shell;
+  args = [ "-e" builder ];
   inherit name channelName src;
 
+  PATH = "${nixBinDir}:${coreutils}";
+
   # No point in doing this remotely.
   preferLocalBuild = true;
+
+  inherit chrootDeps;
 }

default.nix

@@ -1,3 +0,0 @@
-(import (fetchTarball https://github.com/edolstra/flake-compat/archive/master.tar.gz) {
-  src = builtins.fetchGit ./.;
-}).defaultNix

doc/manual/advanced-topics/cores-vs-jobs.xml

@@ -36,8 +36,8 @@ to <xref linkend="conf-cores" />, unless <xref linkend="conf-cores" />
 equals <literal>0</literal>, in which case <envar>NIX_BUILD_CORES</envar>
 will be the total number of cores in the system.</para>
 
-<para>The maximum number of consumed cores is a simple multiplication,
-<xref linkend="conf-max-jobs" /> * <envar>NIX_BUILD_CORES</envar>.</para>
+<para>The total number of consumed cores is a simple multiplication,
+<xref linkend="conf-cores" /> * <envar>NIX_BUILD_CORES</envar>.</para>
 
 <para>The balance on how to set these two independent variables depends
 upon each builder's workload and hardware. Here are a few example

doc/manual/advanced-topics/post-build-hook.xml

@@ -5,7 +5,7 @@
       version="5.0"
       >
 
-<title>Using the <option linkend="conf-post-build-hook">post-build-hook</option></title>
+<title>Using the <xref linkend="conf-post-build-hook" /></title>
 <subtitle>Uploading to an S3-compatible binary cache after each build</subtitle>
 
 

doc/manual/command-ref/conf-file.xml

@@ -19,30 +19,26 @@
 
 <refsection><title>Description</title>
 
-<para>By default Nix reads settings from the following places:</para>
+<para>Nix reads settings from two configuration files:</para>
 
-<para>The system-wide configuration file
-<filename><replaceable>sysconfdir</replaceable>/nix/nix.conf</filename>
-(i.e. <filename>/etc/nix/nix.conf</filename> on most systems), or
-<filename>$NIX_CONF_DIR/nix.conf</filename> if
-<envar>NIX_CONF_DIR</envar> is set. Values loaded in this file are not forwarded to the Nix daemon. The
-client assumes that the daemon has already loaded them.
-</para>
+<itemizedlist>
 
-<para>User-specific configuration files:</para>
+  <listitem>
+    <para>The system-wide configuration file
+    <filename><replaceable>sysconfdir</replaceable>/nix/nix.conf</filename>
+    (i.e. <filename>/etc/nix/nix.conf</filename> on most systems), or
+    <filename>$NIX_CONF_DIR/nix.conf</filename> if
+    <envar>NIX_CONF_DIR</envar> is set.</para>
+  </listitem>
 
-<para>
-  If <envar>NIX_USER_CONF_FILES</envar> is set, then each path separated by
-  <literal>:</literal> will be loaded in reverse order.
-</para>
+  <listitem>
+    <para>The user configuration file
+    <filename>$XDG_CONFIG_HOME/nix/nix.conf</filename>, or
+    <filename>~/.config/nix/nix.conf</filename> if
+    <envar>XDG_CONFIG_HOME</envar> is not set.</para>
+  </listitem>
 
-<para>
-  Otherwise it will look for <filename>nix/nix.conf</filename> files in
-  <envar>XDG_CONFIG_DIRS</envar> and <envar>XDG_CONFIG_HOME</envar>.
-
-  The default location is <filename>$HOME/.config/nix.conf</filename> if
-  those environment variables are unset.
-</para>
+</itemizedlist>
 
 <para>The configuration files consist of
 <literal><replaceable>name</replaceable> =
@@ -437,7 +433,7 @@ builtins.fetchurl {
   <varlistentry xml:id="conf-keep-env-derivations"><term><literal>keep-env-derivations</literal></term>
 
     <listitem><para>If <literal>false</literal> (default), derivations
-    are not stored in Nix user environments.  That is, the derivations of
+    are not stored in Nix user environments.  That is, the derivation
     any build-time-only dependencies may be garbage-collected.</para>
 
     <para>If <literal>true</literal>, when you add a Nix derivation to

doc/manual/command-ref/env-common.xml

@@ -33,7 +33,7 @@
 
     will cause Nix to look for paths relative to
     <filename>/home/eelco/Dev</filename> and
-    <filename>/etc/nixos</filename>, in this order.  It is also
+    <filename>/etc/nixos</filename>, in that order.  It is also
     possible to match paths against a prefix.  For example, the value
 
     <screen>
@@ -59,7 +59,7 @@ nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-15.09.tar.gz</sc
     15.09 channel.</para>
 
     <para>A following shorthand can be used to refer to the official channels:
-
+    
     <screen>nixpkgs=channel:nixos-15.09</screen>
     </para>
 
@@ -122,7 +122,7 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
 <varlistentry><term><envar>NIX_LOG_DIR</envar></term>
 
   <listitem><para>Overrides the location of the Nix log directory
-  (default <filename><replaceable>prefix</replaceable>/var/log/nix</filename>).</para></listitem>
+  (default <filename><replaceable>prefix</replaceable>/log/nix</filename>).</para></listitem>
 
 </varlistentry>
 
@@ -137,19 +137,12 @@ $ mount -o bind /mnt/otherdisk/nix /nix</screen>
 
 <varlistentry><term><envar>NIX_CONF_DIR</envar></term>
 
-  <listitem><para>Overrides the location of the system Nix configuration
+  <listitem><para>Overrides the location of the Nix configuration
   directory (default
   <filename><replaceable>prefix</replaceable>/etc/nix</filename>).</para></listitem>
 
 </varlistentry>
 
-<varlistentry><term><envar>NIX_USER_CONF_FILES</envar></term>
-
-  <listitem><para>Overrides the location of the user Nix configuration files
-  to load from (defaults to the XDG spec locations). The variable is treated
-  as a list separated by the <literal>:</literal> token.</para></listitem>
-
-</varlistentry>
 
 <varlistentry><term><envar>TMPDIR</envar></term>
 

doc/manual/command-ref/nix-build.xml

@@ -30,7 +30,6 @@
       <replaceable>attrPath</replaceable>
     </arg>
     <arg><option>--no-out-link</option></arg>
-    <arg><option>--dry-run</option></arg>
     <arg>
       <group choice='req'>
         <arg choice='plain'><option>--out-link</option></arg>
@@ -99,10 +98,6 @@ also <xref linkend="sec-common-options" />.</phrase></para>
 
   </varlistentry>
 
-  <varlistentry><term><option>--dry-run</option></term>
-   <listitem><para>Show what store paths would be built or downloaded.</para></listitem>
-  </varlistentry>
-
   <varlistentry xml:id='opt-out-link'><term><option>--out-link</option> /
   <option>-o</option> <replaceable>outlink</replaceable></term>
 

doc/manual/command-ref/nix-channel.xml

@@ -36,9 +36,6 @@ stay up-to-date with a set of pre-built Nix expressions.  A Nix
 channel is just a URL that points to a place containing a set of Nix
 expressions.  <phrase condition="manual">See also <xref
 linkend="sec-channels" />.</phrase></para>
-      
-<para>To see the list of official NixOS channels, visit <link
-xlink:href="https://nixos.org/channels" />.</para>
 
 <para>This command has the following operations:
 
@@ -114,13 +111,13 @@ $ nix-env -iA nixpkgs.hello</screen>
 <para>You can revert channel updates using <option>--rollback</option>:</para>
 
 <screen>
-$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.version'
+$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.nixpkgsVersion'
 "14.04.527.0e935f1"
 
 $ nix-channel --rollback
 switching from generation 483 to 482
 
-$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.version'
+$ nix-instantiate --eval -E '(import &lt;nixpkgs> {}).lib.nixpkgsVersion'
 "14.04.526.dbadfad"
 </screen>
 

doc/manual/command-ref/nix-env.xml

@@ -659,7 +659,7 @@ upgrading `mozilla-1.2' to `mozilla-1.4'</screen>
 <literal>gcc-3.3.1</literal> are split into two parts: the package
 name (<literal>gcc</literal>), and the version
 (<literal>3.3.1</literal>).  The version part starts after the first
-dash not followed by a letter.  <varname>x</varname> is considered an
+dash not following by a letter.  <varname>x</varname> is considered an
 upgrade of <varname>y</varname> if their package names match, and the
 version of <varname>y</varname> is higher that that of
 <varname>x</varname>.</para>
@@ -1066,8 +1066,7 @@ user environment elements, etc. -->
     the derivation, which can be used to unambiguously select it using
     the <link linkend="opt-attr"><option>--attr</option> option</link>
     available in commands that install derivations like
-    <literal>nix-env --install</literal>. This option only works
-    together with <option>--available</option></para></listitem>
+    <literal>nix-env --install</literal>.</para></listitem>
 
   </varlistentry>
 

doc/manual/command-ref/nix-prefetch-url.xml

@@ -53,7 +53,7 @@ avoided.</para>
 <para>If <replaceable>hash</replaceable> is specified, then a download
 is not performed if the Nix store already contains a file with the
 same hash and base name.  Otherwise, the file is downloaded, and an
-error is signaled if the actual hash of the file does not match the
+error if signaled if the actual hash of the file does not match the
 specified hash.</para>
 
 <para>This command prints the hash on standard output.  Additionally,

doc/manual/command-ref/nix-shell.xml

@@ -39,12 +39,7 @@
           <arg choice='plain'><option>--packages</option></arg>
           <arg choice='plain'><option>-p</option></arg>
         </group>
-        <arg choice='plain' rep='repeat'>
-          <group choice='req'>
-            <arg choice="plain"><replaceable>packages</replaceable></arg>
-            <arg choice="plain"><replaceable>expressions</replaceable></arg>
-          </group>
-        </arg>
+        <arg choice='plain' rep='repeat'><replaceable>packages</replaceable></arg>
       </arg>
       <arg><replaceable>path</replaceable></arg>
     </group>
@@ -194,8 +189,8 @@ also <xref linkend="sec-common-options" />.</phrase></para>
 <variablelist>
 
   <varlistentry><term><envar>NIX_BUILD_SHELL</envar></term>
-
-    <listitem><para>Shell used to start the interactive environment.
+    
+    <listitem><para>Shell used to start the interactive environment. 
     Defaults to the <command>bash</command> found in <envar>PATH</envar>.</para></listitem>
 
   </varlistentry>
@@ -227,9 +222,8 @@ $ nix-shell '&lt;nixpkgs>' -A pan --pure \
     --command 'export NIX_DEBUG=1; export NIX_CORES=8; return'
 </screen>
 
-Nix expressions can also be given on the command line using the
-<command>-E</command> and <command>-p</command> flags.
-For instance, the following starts a shell containing the packages
+Nix expressions can also be given on the command line.  For instance,
+the following starts a shell containing the packages
 <literal>sqlite</literal> and <literal>libX11</literal>:
 
 <screen>
@@ -244,14 +238,6 @@ $ nix-shell -p sqlite xorg.libX11
 … -L/nix/store/j1zg5v…-sqlite-3.8.0.2/lib -L/nix/store/0gmcz9…-libX11-1.6.1/lib …
 </screen>
 
-Note that <command>-p</command> accepts multiple full nix expressions that
-are valid in the <literal>buildInputs = [ ... ]</literal> shown above,
-not only package names. So the following is also legal:
-
-<screen>
-$ nix-shell -p sqlite 'git.override { withManual = false; }'
-</screen>
-
 The <command>-p</command> flag looks up Nixpkgs in the Nix search
 path. You can override it by passing <option>-I</option> or setting
 <envar>NIX_PATH</envar>. For example, the following gives you a shell

doc/manual/command-ref/nix-store.xml

@@ -360,6 +360,7 @@ EOF
     <arg choice='plain'><option>--print-roots</option></arg>
     <arg choice='plain'><option>--print-live</option></arg>
     <arg choice='plain'><option>--print-dead</option></arg>
+    <arg choice='plain'><option>--delete</option></arg>
   </group>
   <arg><option>--max-freed</option> <replaceable>bytes</replaceable></arg>
 </cmdsynopsis>
@@ -406,6 +407,14 @@ the Nix store not reachable via file system references from a set of
 
   </varlistentry>
 
+  <varlistentry><term><option>--delete</option></term>
+
+    <listitem><para>This operation performs an actual garbage
+    collection.  All dead paths are removed from the
+    store.  This is the default.</para></listitem>
+
+  </varlistentry>
+
 </variablelist>
 
 <para>By default, all unreachable paths are deleted.  The following
@@ -435,10 +444,10 @@ and <link
 linkend="conf-keep-derivations"><literal>keep-derivations</literal></link>
 variables in the Nix configuration file.</para>
 
-<para>By default, the collector prints the total number of freed bytes
-when it finishes (or when it is interrupted). With
-<option>--print-dead</option>, it prints the number of bytes that would
-be freed.</para>
+<para>With <option>--delete</option>, the collector prints the total
+number of freed bytes when it finishes (or when it is interrupted).
+With <option>--print-dead</option>, it prints the number of bytes that
+would be freed.</para>
 
 </refsection>
 
@@ -1139,7 +1148,7 @@ the information that Nix considers important.  For instance,
 timestamps are elided because all files in the Nix store have their
 timestamp set to 0 anyway.  Likewise, all permissions are left out
 except for the execute bit, because all files in the Nix store have
-444 or 555 permission.</para>
+644 or 755 permission.</para>
 
 <para>Also, a NAR archive is <emphasis>canonical</emphasis>, meaning
 that “equal” paths always produce the same NAR archive.  For instance,

doc/manual/command-ref/opt-common.xml

@@ -243,10 +243,9 @@
 <varlistentry><term><option>--arg</option> <replaceable>name</replaceable> <replaceable>value</replaceable></term>
 
   <listitem><para>This option is accepted by
-  <command>nix-env</command>, <command>nix-instantiate</command>,
-  <command>nix-shell</command> and <command>nix-build</command>.
-  When evaluating Nix expressions, the expression evaluator will
-  automatically try to call functions that
+  <command>nix-env</command>, <command>nix-instantiate</command> and
+  <command>nix-build</command>.  When evaluating Nix expressions, the
+  expression evaluator will automatically try to call functions that
   it encounters.  It can automatically call functions for which every
   argument has a <link linkend='ss-functions'>default value</link>
   (e.g., <literal>{ <replaceable>argName</replaceable> ?
@@ -323,14 +322,7 @@
   Nix expressions to be parsed and evaluated, rather than as a list
   of file names of Nix expressions.
   (<command>nix-instantiate</command>, <command>nix-build</command>
-  and <command>nix-shell</command> only.)</para>
-
-  <para>For <command>nix-shell</command>, this option is commonly used
-  to give you a shell in which you can build the packages returned
-  by the expression. If you want to get a shell which contain the
-  <emphasis>built</emphasis> packages ready for use, give your
-  expression to the <command>nix-shell -p</command> convenience flag
-  instead.</para></listitem>
+  and <command>nix-shell</command> only.)</para></listitem>
 
 </varlistentry>
 

doc/manual/expressions/advanced-attributes.xml

@@ -11,7 +11,7 @@ attributes.</para>
 
 <variablelist>
 
-  <varlistentry xml:id="adv-attr-allowedReferences"><term><varname>allowedReferences</varname></term>
+  <varlistentry><term><varname>allowedReferences</varname></term>
 
     <listitem><para>The optional attribute
     <varname>allowedReferences</varname> specifies a list of legal
@@ -32,7 +32,7 @@ allowedReferences = [];
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-allowedRequisites"><term><varname>allowedRequisites</varname></term>
+  <varlistentry><term><varname>allowedRequisites</varname></term>
 
     <listitem><para>This attribute is similar to
     <varname>allowedReferences</varname>, but it specifies the legal
@@ -50,7 +50,7 @@ allowedRequisites = [ foobar ];
 
   </varlistentry>
 
-  <varlistentry xml:id="adv-attr-disallowedReferences"><term><varname>disallowedReferences</varname></term>
+  <varlistentry><term><varname>disallowedReferences</varname></term>
 
     <listitem><para>The optional attribute
     <varname>disallowedReferences</varname> specifies a list of illegal
@@ -67,7 +67,7 @@ disallowedReferences = [ foo ];
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-disallowedRequisites"><term><varname>disallowedRequisites</varname></term>
+  <varlistentry><term><varname>disallowedRequisites</varname></term>
 
     <listitem><para>This attribute is similar to
     <varname>disallowedReferences</varname>, but it specifies illegal
@@ -85,7 +85,7 @@ disallowedRequisites = [ foobar ];
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-exportReferencesGraph"><term><varname>exportReferencesGraph</varname></term>
+  <varlistentry><term><varname>exportReferencesGraph</varname></term>
 
     <listitem><para>This attribute allows builders access to the
     references graph of their inputs.  The attribute is a list of
@@ -124,7 +124,7 @@ derivation {
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-impureEnvVars"><term><varname>impureEnvVars</varname></term>
+  <varlistentry><term><varname>impureEnvVars</varname></term>
 
     <listitem><para>This attribute allows you to specify a list of
     environment variables that should be passed from the environment
@@ -158,9 +158,9 @@ impureEnvVars = [ "http_proxy" "https_proxy" <replaceable>...</replaceable> ];
 
 
   <varlistentry xml:id="fixed-output-drvs">
-    <term xml:id="adv-attr-outputHash"><varname>outputHash</varname></term>
-    <term xml:id="adv-attr-outputHashAlgo"><varname>outputHashAlgo</varname></term>
-    <term xml:id="adv-attr-outputHashMode"><varname>outputHashMode</varname></term>
+    <term><varname>outputHash</varname></term>
+    <term><varname>outputHashAlgo</varname></term>
+    <term><varname>outputHashMode</varname></term>
 
     <listitem><para>These attributes declare that the derivation is a
     so-called <emphasis>fixed-output derivation</emphasis>, which
@@ -282,7 +282,7 @@ stdenv.mkDerivation {
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-passAsFile"><term><varname>passAsFile</varname></term>
+  <varlistentry><term><varname>passAsFile</varname></term>
 
     <listitem><para>A list of names of attributes that should be
     passed via files rather than environment variables.  For example,
@@ -309,7 +309,7 @@ big = "a very long string";
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-preferLocalBuild"><term><varname>preferLocalBuild</varname></term>
+  <varlistentry><term><varname>preferLocalBuild</varname></term>
 
     <listitem><para>If this attribute is set to
     <literal>true</literal> and <link
@@ -323,25 +323,14 @@ big = "a very long string";
   </varlistentry>
 
 
-  <varlistentry xml:id="adv-attr-allowSubstitutes"><term><varname>allowSubstitutes</varname></term>
+  <varlistentry><term><varname>allowSubstitutes</varname></term>
 
-    <listitem>
-    <para>If this attribute is set to
+    <listitem><para>If this attribute is set to
     <literal>false</literal>, then Nix will always build this
     derivation; it will not try to substitute its outputs. This is
     useful for very trivial derivations (such as
     <function>writeText</function> in Nixpkgs) that are cheaper to
-    build than to substitute from a binary cache.</para>
-
-    <note><para>You need to have a builder configured which satisfies
-    the derivation’s <literal>system</literal> attribute, since the
-    derivation cannot be substituted. Thus it is usually a good idea
-    to align <literal>system</literal> with
-    <literal>builtins.currentSystem</literal> when setting
-    <literal>allowSubstitutes</literal> to <literal>false</literal>.
-    For most trivial derivations this should be the case.
-    </para></note>
-    </listitem>
+    build than to substitute from a binary cache.</para></listitem>
 
   </varlistentry>
 

doc/manual/expressions/builtins.xml

@@ -170,6 +170,18 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
   </varlistentry>
 
 
+  <varlistentry xml:id='builtin-splitVersion'>
+    <term><function>builtins.splitVersion</function>
+    <replaceable>s</replaceable></term>
+
+    <listitem><para>Split a string representing a version into its
+    components, by the same version splitting logic underlying the
+    version comparison in <link linkend="ssec-version-comparisons">
+    <command>nix-env -u</command></link>.</para></listitem>
+
+  </varlistentry>
+
+
   <varlistentry xml:id='builtin-concatLists'>
     <term><function>builtins.concatLists</function>
     <replaceable>lists</replaceable></term>
@@ -289,7 +301,7 @@ if builtins ? getEnv then builtins.getEnv "PATH" else ""</programlisting>
 
     <listitem><para>Return element <replaceable>n</replaceable> from
     the list <replaceable>xs</replaceable>.  Elements are counted
-    starting from 0.  A fatal error occurs if the index is out of
+    starting from 0.  A fatal error occurs in the index is out of
     bounds.</para></listitem>
 
   </varlistentry>
@@ -422,16 +434,6 @@ stdenv.mkDerivation { … }
             </para>
           </listitem>
         </varlistentry>
-        <varlistentry>
-          <term>submodules</term>
-          <listitem>
-            <para>
-              A Boolean parameter that specifies whether submodules
-              should be checked out. Defaults to
-              <literal>false</literal>.
-            </para>
-          </listitem>
-        </varlistentry>
       </variablelist>
 
       <example>
@@ -446,7 +448,7 @@ stdenv.mkDerivation { … }
       <example>
         <title>Fetching an arbitrary ref</title>
         <programlisting>builtins.fetchGit {
-  url = "https://github.com/NixOS/nix.git";
+  url = "https://gitub.com/NixOS/nix.git";
   ref = "refs/heads/0.5-release";
 }</programlisting>
       </example>
@@ -497,8 +499,11 @@ stdenv.mkDerivation { … }
         <title>Fetching a tag</title>
         <programlisting>builtins.fetchGit {
   url = "https://github.com/nixos/nix.git";
-  ref = "refs/tags/1.9";
+  ref = "tags/1.9";
 }</programlisting>
+        <note><para>Due to a bug (<link
+        xlink:href="https://github.com/NixOS/nix/issues/2385">#2385</link>),
+        only non-annotated tags can be fetched.</para></note>
       </example>
 
       <example>
@@ -756,11 +761,6 @@ builtins.genList (x: x * x) 5
     separate file, and use it from Nix expressions in other
     files.</para>
 
-    <note><para>Unlike some languages, <function>import</function> is a regular
-    function in Nix. Paths using the angle bracket syntax (e.g., <function>
-    import</function> <replaceable>&lt;foo&gt;</replaceable>) are normal path
-    values (see <xref linkend='ssec-values' />).</para></note>
-
     <para>A Nix expression loaded by <function>import</function> must
     not contain any <emphasis>free variables</emphasis> (identifiers
     that are not defined in the Nix expression itself and are not
@@ -1130,16 +1130,6 @@ Evaluates to <literal>[ "foo" ]</literal>.
 
   </varlistentry>
 
-  <varlistentry xml:id='builtin-placeholder'>
-    <term><function>builtins.placeholder</function>
-    <replaceable>output</replaceable></term>
-
-    <listitem><para>Return a placeholder string for the specified
-    <replaceable>output</replaceable> that will be substituted by the
-    corresponding output path at build time. Typical outputs would be
-    <literal>"out"</literal>, <literal>"bin"</literal> or
-    <literal>"dev"</literal>.</para></listitem>
-  </varlistentry>
 
   <varlistentry xml:id='builtin-readDir'>
     <term><function>builtins.readDir</function>
@@ -1285,19 +1275,6 @@ Evaluates to <literal>[ "  " [ "FOO" ] "   " ]</literal>.
     </para></listitem>
   </varlistentry>
 
-
-  <varlistentry xml:id='builtin-splitVersion'>
-    <term><function>builtins.splitVersion</function>
-    <replaceable>s</replaceable></term>
-
-    <listitem><para>Split a string representing a version into its
-    components, by the same version splitting logic underlying the
-    version comparison in <link linkend="ssec-version-comparisons">
-    <command>nix-env -u</command></link>.</para></listitem>
-
-  </varlistentry>
-
-
   <varlistentry xml:id='builtin-stringLength'>
     <term><function>builtins.stringLength</function>
     <replaceable>e</replaceable></term>
@@ -1491,7 +1468,7 @@ in foo</programlisting>
       <listitem><para>A set containing <literal>{ __toString = self: ...; }</literal>.</para></listitem>
       <listitem><para>An integer.</para></listitem>
       <listitem><para>A list, in which case the string representations of its elements are joined with spaces.</para></listitem>
-      <listitem><para>A Boolean (<literal>false</literal> yields <literal>""</literal>, <literal>true</literal> yields <literal>"1"</literal>).</para></listitem>
+      <listitem><para>A Boolean (<literal>false</literal> yields <literal>""</literal>, <literal>true</literal> yields <literal>"1"</literal>.</para></listitem>
       <listitem><para><literal>null</literal>, which yields the empty string.</para></listitem>
     </itemizedlist>
     </listitem>
@@ -1630,18 +1607,12 @@ stdenv.mkDerivation (rec {
     <term><function>builtins.tryEval</function>
     <replaceable>e</replaceable></term>
 
-    <listitem><para>Try to shallowly evaluate <replaceable>e</replaceable>.
+    <listitem><para>Try to evaluate <replaceable>e</replaceable>.
     Return a set containing the attributes <literal>success</literal>
     (<literal>true</literal> if <replaceable>e</replaceable> evaluated
     successfully, <literal>false</literal> if an error was thrown) and
     <literal>value</literal>, equalling <replaceable>e</replaceable>
-    if successful and <literal>false</literal> otherwise. Note that this
-    doesn't evaluate <replaceable>e</replaceable> deeply, so
-    <literal>let e = { x = throw ""; }; in (builtins.tryEval e).success
-    </literal> will be <literal>true</literal>. Using <literal>builtins.deepSeq
-    </literal> one can get the expected result: <literal>let e = { x = throw "";
-    }; in (builtins.tryEval (builtins.deepSeq e e)).success</literal> will be
-    <literal>false</literal>.
+    if successful and <literal>false</literal> otherwise.
     </para></listitem>
 
   </varlistentry>

doc/manual/expressions/simple-building-testing.xml

@@ -43,7 +43,7 @@ use <command>nix-build</command>’s <option
 linkend='opt-out-link'>-o</option> switch to give the symlink another
 name.</para>
 
-<para>Nix has transactional semantics.  Once a build finishes
+<para>Nix has a transactional semantics.  Once a build finishes
 successfully, Nix makes a note of this in its database: it registers
 that the path denoted by <envar>out</envar> is now
 <quote>valid</quote>.  If you try to build the derivation again, Nix

doc/manual/installation/installing-binary.xml

@@ -142,7 +142,7 @@ sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
   <para>
     NixOS.org hosts version-specific installation URLs for all Nix
     versions since 1.11.16, at
-    <literal>https://releases.nixos.org/nix/nix-<replaceable>version</replaceable>/install</literal>.
+    <literal>https://nixos.org/releases/nix/nix-VERSION/install</literal>.
   </para>
 
   <para>

doc/manual/installation/prerequisites-source.xml

@@ -8,14 +8,6 @@
 
 <itemizedlist>
 
-  <listitem><para>GNU Autoconf
-  (<link xlink:href="https://www.gnu.org/software/autoconf/"/>)
-  and the autoconf-archive macro collection
-  (<link xlink:href="https://www.gnu.org/software/autoconf-archive/"/>).
-  These are only needed to run the bootstrap script, and are not necessary
-  if your source distribution came with a pre-built
-  <literal>./configure</literal> script.</para></listitem>
-
   <listitem><para>GNU Make.</para></listitem>
   
   <listitem><para>Bash Shell. The <literal>./configure</literal> script

doc/manual/local.mk

@@ -4,10 +4,11 @@ ifeq ($(doc_generate),yes)
 XSLTPROC = $(xsltproc) --nonet $(xmlflags) \
   --param section.autolabel 1 \
   --param section.label.includes.component.label 1 \
+  --param html.stylesheet \'style.css\' \
   --param xref.with.number.and.title 1 \
   --param toc.section.depth 3 \
   --param admon.style \'\' \
-  --param callout.graphics 0 \
+  --param callout.graphics.extension \'.gif\' \
   --param contrib.inline.enabled 0 \
   --stringparam generate.toc "book toc" \
   --param keep.relative.image.uris 0
@@ -65,10 +66,12 @@ $(d)/manual.html: $(d)/manual.xml $(MANUAL_SRCS) $(d)/manual.is-valid
 	  $(docbookxsl)/profiling/profile.xsl $< | \
 	  $(XSLTPROC) --output $@ $(docbookxsl)/xhtml/docbook.xsl -
 
-$(foreach file, $(d)/manual.html, $(eval $(call install-data-in, $(file), $(docdir)/manual)))
+$(foreach file, $(d)/manual.html $(d)/style.css, $(eval $(call install-data-in, $(file), $(docdir)/manual)))
 
 $(foreach file, $(wildcard $(d)/figures/*.png), $(eval $(call install-data-in, $(file), $(docdir)/manual/figures)))
 
+$(foreach file, $(wildcard $(d)/images/callouts/*.gif), $(eval $(call install-data-in, $(file), $(docdir)/manual/images/callouts)))
+
 $(eval $(call install-symlink, manual.html, $(docdir)/manual/index.html))
 
 

doc/manual/packages/channels.xml

@@ -17,9 +17,6 @@ a set of Nix expressions and a manifest.  Using the command <link
 linkend="sec-nix-channel"><command>nix-channel</command></link> you
 can automatically stay up to date with whatever is available at that
 URL.</para>
-      
-<para>To see the list of official NixOS channels, visit <link
-xlink:href="https://nixos.org/channels" />.</para>
 
 <para>You can “subscribe” to a channel using
 <command>nix-channel --add</command>, e.g.,

doc/manual/packages/garbage-collection.xml

@@ -52,13 +52,12 @@ garbage collector as follows:
 <screen>
 $ nix-store --gc</screen>
 
-The behaviour of the gargage collector is affected by the 
-<literal>keep-derivations</literal> (default: true) and <literal>keep-outputs</literal>
+The behaviour of the gargage collector is affected by the <literal>keep-
+derivations</literal> (default: true) and <literal>keep-outputs</literal>
 (default: false) options in the Nix configuration file. The defaults will ensure
-that all derivations that are build-time dependencies of garbage collector roots
-will be kept and that all output paths that are runtime dependencies
-will be kept as well. All other derivations or paths will be collected. 
-(This is usually what you want, but while you are developing
+that all derivations that are not build-time dependencies of garbage collector roots
+will be collected but that all output paths that are not runtime dependencies
+will be collected. (This is usually what you want, but while you are developing
 it may make sense to keep outputs to ensure that rebuild times are quick.)
 
 If you are feeling uncertain, you can also first view what files would

doc/manual/packages/s3-substituter.xml

@@ -159,6 +159,7 @@ the S3 URL:</para>
         "s3:ListBucket",
         "s3:ListBucketMultipartUploads",
         "s3:ListMultipartUploadParts",
+        "s3:ListObjects",
         "s3:PutObject"
       ],
       "Resource": [

doc/manual/release-notes/rl-2.0.xml

@@ -503,14 +503,14 @@
   </listitem>
 
   <listitem>
-    <para><emphasis>Pure evaluation mode</emphasis>. With the
-    <literal>--pure-eval</literal> flag, Nix enables a variant of the existing
-    restricted evaluation mode that forbids access to anything that could cause
-    different evaluations of the same command line arguments to produce a
+    <para><emphasis>Pure evaluation mode</emphasis>. This is a variant
+    of the existing restricted evaluation mode. In pure mode, the Nix
+    evaluator forbids access to anything that could cause different
+    evaluations of the same command line arguments to produce a
     different result. This includes builtin functions such as
     <function>builtins.getEnv</function>, but more importantly,
-    <emphasis>all</emphasis> filesystem or network access unless a content hash
-    or commit hash is specified. For example, calls to
+    <emphasis>all</emphasis> filesystem or network access unless a
+    content hash or commit hash is specified. For example, calls to
     <function>builtins.fetchGit</function> are only allowed if a
     <varname>rev</varname> attribute is specified.</para>
 

doc/manual/release-notes/rl-2.3.xml

@@ -33,13 +33,9 @@ incompatible changes:</para>
   </listitem>
 
   <listitem>
-    <para>The installer now enables sandboxing by default on Linux when the
-    system has the necessary kernel support.
-    </para>
-  </listitem>
-
-  <listitem>
-    <para>The <literal>max-jobs</literal> setting now defaults to 1.</para>
+    <para>The installer now enables sandboxing by default on
+    Linux. The <literal>max-jobs</literal> setting now defaults to
+    1.</para>
   </listitem>
 
   <listitem>
@@ -86,6 +82,11 @@ incompatible changes:</para>
     the duration of Nix function calls to stderr.</para>
   </listitem>
 
+  <listitem>
+    <para>On Linux, sandboxing is now disabled by default on systems
+    that don’t have the necessary kernel support.</para>
+  </listitem>
+
 </itemizedlist>
 
 </section>

doc/manual/style.css

@@ -0,0 +1,263 @@
+/* Copied from http://bakefile.sourceforge.net/, which appears
+   licensed under the GNU GPL. */
+
+
+/***************************************************************************
+                             Basic headers and text:
+ ***************************************************************************/
+
+body
+{
+    font-family: "Nimbus Sans L", sans-serif;
+    background: white;
+    margin: 2em 1em 2em 1em;
+}
+
+h1, h2, h3, h4
+{
+    color: #005aa0;
+}
+
+h1 /* title */
+{
+    font-size: 200%;
+}
+
+div.part h1
+{
+    font-size: 240%;
+}
+
+h2 /* chapters, appendices, subtitle */
+{
+    font-size: 180%;
+}
+
+div.part
+{
+    margin-top: 4em;
+}
+
+/* Extra space between chapters, appendices. */
+div.chapter > div.titlepage h2, div.appendix > div.titlepage h2 
+{ 
+    margin-top: 1.5em;
+}
+
+div.section > div.titlepage h2 /* sections */
+{
+    font-size: 150%;
+    margin-top: 1.5em;
+}
+
+h3 /* subsections */
+{
+    font-size: 125%;
+}
+
+div.simplesect h2
+{
+    font-size: 110%;
+}
+
+div.appendix h3
+{
+    font-size: 150%;
+    margin-top: 1.5em;
+}
+
+div.refentry\.separator
+{
+    margin-top: 2.5em;
+    margin-bottom: 2em;
+}
+
+div.refnamediv h2, div.refsynopsisdiv h2, div.refsection h2 /* refentry parts */
+{
+    margin-top: 1.4em;
+    font-size: 125%;
+}
+
+div.refsection h3
+{
+    font-size: 110%;
+}
+
+
+/***************************************************************************
+                               Examples:
+ ***************************************************************************/
+
+div.example
+{
+    border: 1px solid #b0b0b0;
+    padding: 6px 6px;
+    margin-left: 1.5em;
+    margin-right: 1.5em;
+    background: #f4f4f8;
+    border-radius: 0.4em;
+}
+
+div.example p.title
+{
+    margin-top: 0em;
+}
+
+div.example pre
+{
+}
+
+
+/***************************************************************************
+                            Screen dumps:
+ ***************************************************************************/
+
+pre.screen, pre.programlisting
+{
+    padding: 6px 6px;
+    margin-left: 1.5em;
+    margin-right: 1.5em;
+    color: #600000;
+    background: #f4f4f8;
+    font-family: monospace;
+}
+
+div.example pre.programlisting
+{
+    border: 0px;
+    padding: 0 0;
+    margin: 0 0 0 0;
+}
+
+
+/***************************************************************************
+                               Notes, warnings etc:
+ ***************************************************************************/
+
+.note, .warning
+{
+    border: 1px solid #b0b0b0;
+    padding: 3px 3px;
+    margin-left: 1.5em;
+    margin-right: 1.5em;
+    margin-bottom: 1em;
+    padding: 0.3em 0.3em 0.3em 0.3em;
+    background: #fffff5;
+    border-radius: 0.4em;
+}
+
+div.note, div.warning
+{
+    font-style: italic;
+}
+
+div.note h3, div.warning h3
+{
+    color: red;
+    font-size: 100%;
+    padding-right: 0.5em;
+    display: inline;
+}
+
+div.note p, div.warning p
+{
+    margin-bottom: 0em;
+}
+
+div.note h3 + p, div.warning h3 + p
+{
+    display: inline;
+}
+
+div.note h3
+{
+    color: blue;
+    font-size: 100%;
+}
+
+div.navfooter *
+{
+    font-size: 90%;
+}
+
+
+/***************************************************************************
+                        Links colors and highlighting: 
+ ***************************************************************************/
+
+a { text-decoration: none; }
+a:hover { text-decoration: underline; }
+a:link { color: #0048b3; }
+a:visited { color: #002a6a; }
+
+
+/***************************************************************************
+                              Table of contents:
+ ***************************************************************************/
+
+div.toc
+{
+    font-size: 90%;
+}
+
+div.toc dl
+{
+    margin-top: 0em;
+    margin-bottom: 0em;
+}
+
+
+/***************************************************************************
+                               Special elements:
+ ***************************************************************************/
+
+tt, code
+{
+    color: #400000;
+}
+
+.term
+{
+    font-weight: bold;
+    
+}
+
+div.variablelist dd p, div.glosslist dd p
+{
+    margin-top: 0em;
+}
+
+div.variablelist dd, div.glosslist dd
+{
+    margin-left: 1.5em;
+}
+
+div.glosslist dt
+{
+    font-style: italic;
+}
+
+.varname
+{
+    color: #400000;
+}
+
+span.command strong
+{
+    font-weight: normal;
+    color: #400000;
+}
+
+div.calloutlist table
+{
+}
+
+table
+{
+    border-collapse: collapse;
+}
+
+div.affiliation
+{
+    font-style: italic;
+}

flake.lock

@@ -1,28 +0,0 @@
-{
-  "nodes": {
-    "nixpkgs": {
-      "info": {
-        "lastModified": 1585405475,
-        "narHash": "sha256-bESW0n4KgPmZ0luxvwJ+UyATrC6iIltVCsGdLiphVeE="
-      },
-      "locked": {
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "b88ff468e9850410070d4e0ccd68c7011f15b2be",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-20.03-small",
-        "type": "indirect"
-      }
-    },
-    "root": {
-      "inputs": {
-        "nixpkgs": "nixpkgs"
-      }
-    }
-  },
-  "root": "root",
-  "version": 5
-}

flake.nix

@@ -1,510 +0,0 @@
-{
-  description = "The purely functional package manager";
-
-  edition = 201909; # FIXME: remove
-
-  inputs.nixpkgs.url = "nixpkgs/nixos-20.03-small";
-
-  outputs = { self, nixpkgs }:
-
-    let
-
-      version = builtins.readFile ./.version + versionSuffix;
-      versionSuffix =
-        if officialRelease
-        then ""
-        else "pre${builtins.substring 0 8 (self.lastModifiedDate or self.lastModified)}_${self.shortRev or "dirty"}";
-
-      officialRelease = false;
-
-      systems = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ];
-
-      forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
-
-      # Memoize nixpkgs for different platforms for efficiency.
-      nixpkgsFor = forAllSystems (system:
-        import nixpkgs {
-          inherit system;
-          overlays = [ self.overlay ];
-        }
-      );
-
-      commonDeps = pkgs: with pkgs; rec {
-        # Use "busybox-sandbox-shell" if present,
-        # if not (legacy) fallback and hope it's sufficient.
-        sh = pkgs.busybox-sandbox-shell or (busybox.override {
-          useMusl = true;
-          enableStatic = true;
-          enableMinimal = true;
-          extraConfig = ''
-            CONFIG_FEATURE_FANCY_ECHO y
-            CONFIG_FEATURE_SH_MATH y
-            CONFIG_FEATURE_SH_MATH_64 y
-
-            CONFIG_ASH y
-            CONFIG_ASH_OPTIMIZE_FOR_SIZE y
-
-            CONFIG_ASH_ALIAS y
-            CONFIG_ASH_BASH_COMPAT y
-            CONFIG_ASH_CMDCMD y
-            CONFIG_ASH_ECHO y
-            CONFIG_ASH_GETOPTS y
-            CONFIG_ASH_INTERNAL_GLOB y
-            CONFIG_ASH_JOB_CONTROL y
-            CONFIG_ASH_PRINTF y
-            CONFIG_ASH_TEST y
-          '';
-        });
-
-        configureFlags =
-          lib.optionals stdenv.isLinux [
-            "--with-sandbox-shell=${sh}/bin/busybox"
-          ];
-
-        buildDeps =
-          [ bison
-            flex
-            libxml2
-            libxslt
-            docbook5
-            docbook_xsl_ns
-            autoconf-archive
-            autoreconfHook
-
-            curl
-            bzip2 xz brotli zlib editline
-            openssl pkgconfig sqlite
-            libarchive
-            boost
-            (if lib.versionAtLeast lib.version "20.03pre"
-             then nlohmann_json
-             else nlohmann_json.override { multipleHeaders = true; })
-            nlohmann_json
-            rustc cargo
-
-            # Tests
-            git
-            mercurial
-            jq
-          ]
-          ++ lib.optionals stdenv.isLinux [libseccomp utillinuxMinimal]
-          ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
-          ++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
-            (aws-sdk-cpp.override {
-              apis = ["s3" "transfer"];
-              customMemoryManagement = false;
-            });
-
-        propagatedDeps =
-          [ (boehmgc.override { enableLargeConfig = true; })
-          ];
-
-        perlDeps =
-          [ perl
-            perlPackages.DBDSQLite
-          ];
-      };
-
-    in {
-
-      # A Nixpkgs overlay that overrides the 'nix' and
-      # 'nix.perl-bindings' packages.
-      overlay = final: prev: {
-
-        nix = with final; with commonDeps pkgs; (stdenv.mkDerivation {
-          name = "nix-${version}";
-
-          src = self;
-
-          VERSION_SUFFIX = versionSuffix;
-
-          outputs = [ "out" "dev" "doc" ];
-
-          buildInputs = buildDeps;
-
-          propagatedBuildInputs = propagatedDeps;
-
-          preConfigure =
-            ''
-              # Copy libboost_context so we don't get all of Boost in our closure.
-              # https://github.com/NixOS/nixpkgs/issues/45462
-              mkdir -p $out/lib
-              cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
-              rm -f $out/lib/*.a
-              ${lib.optionalString stdenv.isLinux ''
-                chmod u+w $out/lib/*.so.*
-                patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
-              ''}
-
-              ln -sfn ${final.nixVendoredCrates}/vendor/ nix-rust/vendor
-            '';
-
-          configureFlags = configureFlags ++
-            [ "--sysconfdir=/etc" ];
-
-          enableParallelBuilding = true;
-
-          makeFlags = "profiledir=$(out)/etc/profile.d";
-
-          doCheck = true;
-
-          installFlags = "sysconfdir=$(out)/etc";
-
-          doInstallCheck = true;
-          installCheckFlags = "sysconfdir=$(out)/etc";
-
-          separateDebugInfo = true;
-
-          preDist = ''
-            mkdir -p $doc/nix-support
-            echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
-          '';
-        }) // {
-
-          perl-bindings = with final; stdenv.mkDerivation {
-            name = "nix-perl-${version}";
-
-            src = self;
-
-            buildInputs =
-              [ autoconf-archive
-                autoreconfHook
-                nix
-                curl
-                bzip2
-                xz
-                pkgconfig
-                pkgs.perl
-                boost
-              ]
-              ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium;
-
-            configureFlags = ''
-              --with-dbi=${perlPackages.DBI}/${pkgs.perl.libPrefix}
-              --with-dbd-sqlite=${perlPackages.DBDSQLite}/${pkgs.perl.libPrefix}
-            '';
-
-            enableParallelBuilding = true;
-
-            postUnpack = "sourceRoot=$sourceRoot/perl";
-          };
-
-        };
-
-        # Create a "vendor" directory that contains the crates listed in
-        # Cargo.lock, and include it in the Nix tarball. This allows Nix
-        # to be built without network access.
-        nixVendoredCrates =
-          let
-            lockFile = builtins.fromTOML (builtins.readFile nix-rust/Cargo.lock);
-
-            files = map (pkg: import <nix/fetchurl.nix> {
-              url = "https://crates.io/api/v1/crates/${pkg.name}/${pkg.version}/download";
-              sha256 = lockFile.metadata."checksum ${pkg.name} ${pkg.version} (registry+https://github.com/rust-lang/crates.io-index)";
-            }) (builtins.filter (pkg: pkg.source or "" == "registry+https://github.com/rust-lang/crates.io-index") lockFile.package);
-
-          in final.runCommand "cargo-vendor-dir" {}
-            ''
-              mkdir -p $out/vendor
-
-              cat > $out/vendor/config <<EOF
-              [source.crates-io]
-              replace-with = "vendored-sources"
-
-              [source.vendored-sources]
-              directory = "vendor"
-              EOF
-
-              ${toString (builtins.map (file: ''
-                mkdir $out/vendor/tmp
-                tar xvf ${file} -C $out/vendor/tmp
-                dir=$(echo $out/vendor/tmp/*)
-
-                # Add just enough metadata to keep Cargo happy.
-                printf '{"files":{},"package":"${file.outputHash}"}' > "$dir/.cargo-checksum.json"
-
-                # Clean up some cruft from the winapi crates. FIXME: find
-                # a way to remove winapi* from our dependencies.
-                if [[ $dir =~ /winapi ]]; then
-                  find $dir -name "*.a" -print0 | xargs -0 rm -f --
-                fi
-
-                mv "$dir" $out/vendor/
-
-                rm -rf $out/vendor/tmp
-              '') files)}
-            '';
-
-      };
-
-      hydraJobs = {
-
-        vendoredCrates =
-          with nixpkgsFor.x86_64-linux;
-
-          runCommand "vendored-crates" {}
-            ''
-              mkdir -p $out/nix-support
-              name=nix-vendored-crates-${version}
-              fn=$out/$name.tar.xz
-              tar cvfJ $fn -C ${nixVendoredCrates} vendor \
-                --owner=0 --group=0 --mode=u+rw,uga+r \
-                --transform "s,vendor,$name,"
-              echo "file crates-tarball $fn" >> $out/nix-support/hydra-build-products
-            '';
-
-        # Binary package for various platforms.
-        build = nixpkgs.lib.genAttrs systems (system: nixpkgsFor.${system}.nix);
-
-        # Perl bindings for various platforms.
-        perlBindings = nixpkgs.lib.genAttrs systems (system: nixpkgsFor.${system}.nix.perl-bindings);
-
-        # Binary tarball for various platforms, containing a Nix store
-        # with the closure of 'nix' package, and the second half of
-        # the installation script.
-        binaryTarball = nixpkgs.lib.genAttrs systems (system:
-
-          with nixpkgsFor.${system};
-
-          let
-            installerClosureInfo = closureInfo { rootPaths = [ nix cacert ]; };
-          in
-
-          runCommand "nix-binary-tarball-${version}"
-            { #nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
-              meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
-            }
-            ''
-              cp ${installerClosureInfo}/registration $TMPDIR/reginfo
-              substitute ${./scripts/install-nix-from-closure.sh} $TMPDIR/install \
-                --subst-var-by nix ${nix} \
-                --subst-var-by cacert ${cacert}
-
-              substitute ${./scripts/install-darwin-multi-user.sh} $TMPDIR/install-darwin-multi-user.sh \
-                --subst-var-by nix ${nix} \
-                --subst-var-by cacert ${cacert}
-              substitute ${./scripts/install-systemd-multi-user.sh} $TMPDIR/install-systemd-multi-user.sh \
-                --subst-var-by nix ${nix} \
-                --subst-var-by cacert ${cacert}
-              substitute ${./scripts/install-multi-user.sh} $TMPDIR/install-multi-user \
-                --subst-var-by nix ${nix} \
-                --subst-var-by cacert ${cacert}
-
-              if type -p shellcheck; then
-                # SC1090: Don't worry about not being able to find
-                #         $nix/etc/profile.d/nix.sh
-                shellcheck --exclude SC1090 $TMPDIR/install
-                shellcheck $TMPDIR/install-darwin-multi-user.sh
-                shellcheck $TMPDIR/install-systemd-multi-user.sh
-
-                # SC1091: Don't panic about not being able to source
-                #         /etc/profile
-                # SC2002: Ignore "useless cat" "error", when loading
-                #         .reginfo, as the cat is a much cleaner
-                #         implementation, even though it is "useless"
-                # SC2116: Allow ROOT_HOME=$(echo ~root) for resolving
-                #         root's home directory
-                shellcheck --external-sources \
-                  --exclude SC1091,SC2002,SC2116 $TMPDIR/install-multi-user
-              fi
-
-              chmod +x $TMPDIR/install
-              chmod +x $TMPDIR/install-darwin-multi-user.sh
-              chmod +x $TMPDIR/install-systemd-multi-user.sh
-              chmod +x $TMPDIR/install-multi-user
-              dir=nix-${version}-${system}
-              fn=$out/$dir.tar.xz
-              mkdir -p $out/nix-support
-              echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
-              tar cvfJ $fn \
-                --owner=0 --group=0 --mode=u+rw,uga+r \
-                --absolute-names \
-                --hard-dereference \
-                --transform "s,$TMPDIR/install,$dir/install," \
-                --transform "s,$TMPDIR/reginfo,$dir/.reginfo," \
-                --transform "s,$NIX_STORE,$dir/store,S" \
-                $TMPDIR/install $TMPDIR/install-darwin-multi-user.sh \
-                $TMPDIR/install-systemd-multi-user.sh \
-                $TMPDIR/install-multi-user $TMPDIR/reginfo \
-                $(cat ${installerClosureInfo}/store-paths)
-            '');
-
-        # The first half of the installation script. This is uploaded
-        # to https://nixos.org/nix/install. It downloads the binary
-        # tarball for the user's system and calls the second half of the
-        # installation script.
-        installerScript =
-          with nixpkgsFor.x86_64-linux;
-          runCommand "installer-script"
-            { buildInputs = [ nix ];
-            }
-            ''
-              mkdir -p $out/nix-support
-
-              substitute ${./scripts/install.in} $out/install \
-                ${pkgs.lib.concatMapStrings
-                  (system: "--replace '@binaryTarball_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${self.hydraJobs.binaryTarball.${system}}/*.tar.xz) ")
-                  [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
-                } \
-                --replace '@nixVersion@' ${version}
-
-              echo "file installer $out/install" >> $out/nix-support/hydra-build-products
-            '';
-
-        # Line coverage analysis.
-        coverage =
-          with nixpkgsFor.x86_64-linux;
-          with commonDeps pkgs;
-
-          releaseTools.coverageAnalysis {
-            name = "nix-coverage-${version}";
-
-            src = self;
-
-            preConfigure =
-              ''
-                ln -sfn ${nixVendoredCrates}/vendor/ nix-rust/vendor
-              '';
-
-            enableParallelBuilding = true;
-
-            buildInputs = buildDeps ++ propagatedDeps;
-
-            dontInstall = false;
-
-            doInstallCheck = true;
-
-            lcovFilter = [ "*/boost/*" "*-tab.*" ];
-
-            # We call `dot', and even though we just use it to
-            # syntax-check generated dot files, it still requires some
-            # fonts.  So provide those.
-            FONTCONFIG_FILE = texFunctions.fontsConf;
-
-            # To test building without precompiled headers.
-            makeFlagsArray = [ "PRECOMPILE_HEADERS=0" ];
-          };
-
-        # System tests.
-        tests.remoteBuilds = import ./tests/remote-builds.nix {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        };
-
-        tests.nix-copy-closure = import ./tests/nix-copy-closure.nix {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        };
-
-        tests.githubFlakes = (import ./tests/github-flakes.nix rec {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        });
-
-        tests.setuid = nixpkgs.lib.genAttrs
-          ["i686-linux" "x86_64-linux"]
-          (system:
-            import ./tests/setuid.nix rec {
-              inherit nixpkgs system;
-              inherit (self) overlay;
-            });
-
-        # Test whether the binary tarball works in an Ubuntu system.
-        tests.binaryTarball =
-          with nixpkgsFor.x86_64-linux;
-          vmTools.runInLinuxImage (runCommand "nix-binary-tarball-test"
-            { diskImage = vmTools.diskImages.ubuntu1204x86_64;
-            }
-            ''
-              set -x
-              useradd -m alice
-              su - alice -c 'tar xf ${self.hydraJobs.binaryTarball.x86_64-linux}/*.tar.*'
-              mkdir /dest-nix
-              mount -o bind /dest-nix /nix # Provide a writable /nix.
-              chown alice /nix
-              su - alice -c '_NIX_INSTALLER_TEST=1 ./nix-*/install'
-              su - alice -c 'nix-store --verify'
-              su - alice -c 'PAGER= nix-store -qR ${self.hydraJobs.build.x86_64-linux}'
-
-              # Check whether 'nix upgrade-nix' works.
-              cat > /tmp/paths.nix <<EOF
-              {
-                x86_64-linux = "${self.hydraJobs.build.x86_64-linux}";
-              }
-              EOF
-              su - alice -c 'nix --experimental-features nix-command upgrade-nix -vvv --nix-store-paths-url file:///tmp/paths.nix'
-              (! [ -L /home/alice/.profile-1-link ])
-              su - alice -c 'PAGER= nix-store -qR ${self.hydraJobs.build.x86_64-linux}'
-
-              mkdir -p $out/nix-support
-              touch $out/nix-support/hydra-build-products
-              umount /nix
-            '');
-
-        /*
-        # Check whether we can still evaluate all of Nixpkgs.
-        tests.evalNixpkgs =
-          import (nixpkgs + "/pkgs/top-level/make-tarball.nix") {
-            # FIXME: fix pkgs/top-level/make-tarball.nix in NixOS to not require a revCount.
-            inherit nixpkgs;
-            pkgs = nixpkgsFor.x86_64-linux;
-            officialRelease = false;
-          };
-
-        # Check whether we can still evaluate NixOS.
-        tests.evalNixOS =
-          with nixpkgsFor.x86_64-linux;
-          runCommand "eval-nixos" { buildInputs = [ nix ]; }
-            ''
-              export NIX_STATE_DIR=$TMPDIR
-
-              nix-instantiate ${nixpkgs}/nixos/release-combined.nix -A tested --dry-run \
-                --arg nixpkgs '{ outPath = ${nixpkgs}; revCount = 123; shortRev = "abcdefgh"; }'
-
-              touch $out
-            '';
-        */
-
-      };
-
-      checks = forAllSystems (system: {
-        binaryTarball = self.hydraJobs.binaryTarball.${system};
-        perlBindings = self.hydraJobs.perlBindings.${system};
-      });
-
-      packages = forAllSystems (system: {
-        inherit (nixpkgsFor.${system}) nix;
-      });
-
-      defaultPackage = forAllSystems (system: self.packages.${system}.nix);
-
-      devShell = forAllSystems (system:
-        with nixpkgsFor.${system};
-        with commonDeps pkgs;
-
-        stdenv.mkDerivation {
-          name = "nix";
-
-          buildInputs = buildDeps ++ propagatedDeps ++ perlDeps ++ [ pkgs.rustfmt ];
-
-          inherit configureFlags;
-
-          enableParallelBuilding = true;
-
-          installFlags = "sysconfdir=$(out)/etc";
-
-          shellHook =
-            ''
-              export prefix=$(pwd)/inst
-              configureFlags+=" --prefix=$prefix"
-              PKG_CONFIG_PATH=$prefix/lib/pkgconfig:$PKG_CONFIG_PATH
-              PATH=$prefix/bin:$PATH
-              unset PYTHONPATH
-            '';
-        });
-
-  };
-}

local.mk

@@ -2,15 +2,11 @@ ifeq ($(MAKECMDGOALS), dist)
   dist-files += $(shell cat .dist-files)
 endif
 
-dist-files += configure config.h.in perl/configure
+dist-files += configure config.h.in nix.spec perl/configure
 
 clean-files += Makefile.config
 
-GLOBAL_CXXFLAGS += -Wno-deprecated-declarations
+GLOBAL_CXXFLAGS += -I . -I src -I src/libutil -I src/libstore -I src/libmain -I src/libexpr -I src/nix
 
-$(foreach i, config.h $(wildcard src/lib*/*.hh), \
+$(foreach i, config.h $(call rwildcard, src/lib*, *.hh), \
   $(eval $(call install-file-in, $(i), $(includedir)/nix, 0644)))
-
-$(GCH) $(PCH): src/libutil/util.hh config.h
-
-GCH_CXXFLAGS = -I src/libutil

maintainers/upload-release.pl

@@ -1,5 +1,5 @@
 #! /usr/bin/env nix-shell
-#! nix-shell -i perl -p perl perlPackages.LWPUserAgent perlPackages.LWPProtocolHttps perlPackages.FileSlurp perlPackages.NetAmazonS3 gnupg1
+#! nix-shell -i perl -p perl perlPackages.LWPUserAgent perlPackages.LWPProtocolHttps perlPackages.FileSlurp gnupg1
 
 use strict;
 use Data::Dumper;
@@ -9,16 +9,12 @@ use File::Slurp;
 use File::Copy;
 use JSON::PP;
 use LWP::UserAgent;
-use Net::Amazon::S3;
 
 my $evalId = $ARGV[0] or die "Usage: $0 EVAL-ID\n";
 
-my $releasesBucketName = "nix-releases";
-my $channelsBucketName = "nix-channels";
+my $releasesDir = "/home/eelco/mnt/releases";
 my $nixpkgsDir = "/home/eelco/Dev/nixpkgs-pristine";
 
-my $TMPDIR = $ENV{'TMPDIR'} // "/tmp";
-
 # FIXME: cut&paste from nixos-channel-scripts.
 sub fetch {
     my ($url, $type) = @_;
@@ -46,31 +42,13 @@ my $version = $1;
 
 print STDERR "Nix revision is $nixRev, version is $version\n";
 
-my $releaseDir = "nix/$releaseName";
+File::Path::make_path($releasesDir);
+if (system("mountpoint -q $releasesDir") != 0) {
+    system("sshfs hydra-mirror:/releases $releasesDir") == 0 or die;
+}
 
-my $tmpDir = "$TMPDIR/nix-release/$releaseName";
-File::Path::make_path($tmpDir);
-
-# S3 setup.
-my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die "No AWS_ACCESS_KEY_ID given.";
-my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die "No AWS_SECRET_ACCESS_KEY given.";
-
-my $s3 = Net::Amazon::S3->new(
-    { aws_access_key_id     => $aws_access_key_id,
-      aws_secret_access_key => $aws_secret_access_key,
-      retry                 => 1,
-      host                  => "s3-eu-west-1.amazonaws.com",
-    });
-
-my $releasesBucket = $s3->bucket($releasesBucketName) or die;
-
-my $s3_us = Net::Amazon::S3->new(
-    { aws_access_key_id     => $aws_access_key_id,
-      aws_secret_access_key => $aws_secret_access_key,
-      retry                 => 1,
-    });
-
-my $channelsBucket = $s3_us->bucket($channelsBucketName) or die;
+my $releaseDir = "$releasesDir/nix/$releaseName";
+File::Path::make_path($releaseDir);
 
 sub downloadFile {
     my ($jobName, $productNr, $dstName) = @_;
@@ -79,49 +57,40 @@ sub downloadFile {
 
     my $srcFile = $buildInfo->{buildproducts}->{$productNr}->{path} or die "job '$jobName' lacks product $productNr\n";
     $dstName //= basename($srcFile);
-    my $tmpFile = "$tmpDir/$dstName";
+    my $dstFile = "$releaseDir/" . $dstName;
 
-    if (!-e $tmpFile) {
-        print STDERR "downloading $srcFile to $tmpFile...\n";
-        system("NIX_REMOTE=https://cache.nixos.org/ nix cat-store '$srcFile' > '$tmpFile'") == 0
+    if (! -e $dstFile) {
+        print STDERR "downloading $srcFile to $dstFile...\n";
+        system("NIX_REMOTE=https://cache.nixos.org/ nix cat-store '$srcFile' > '$dstFile.tmp'") == 0
             or die "unable to fetch $srcFile\n";
+        rename("$dstFile.tmp", $dstFile) or die;
     }
 
     my $sha256_expected = $buildInfo->{buildproducts}->{$productNr}->{sha256hash} or die;
-    my $sha256_actual = `nix hash-file --base16 --type sha256 '$tmpFile'`;
+    my $sha256_actual = `nix hash-file --base16 --type sha256 '$dstFile'`;
     chomp $sha256_actual;
     if ($sha256_expected ne $sha256_actual) {
-        print STDERR "file $tmpFile is corrupt, got $sha256_actual, expected $sha256_expected\n";
+        print STDERR "file $dstFile is corrupt, got $sha256_actual, expected $sha256_expected\n";
         exit 1;
     }
 
-    write_file("$tmpFile.sha256", $sha256_expected);
+    write_file("$dstFile.sha256", $sha256_expected);
 
-    if (! -e "$tmpFile.asc") {
-        system("gpg2 --detach-sign --armor $tmpFile") == 0 or die "unable to sign $tmpFile\n";
+    if (! -e "$dstFile.asc") {
+        system("gpg2 --detach-sign --armor $dstFile") == 0 or die "unable to sign $dstFile\n";
     }
 
-    return $sha256_expected;
+    return ($dstFile, $sha256_expected);
 }
 
 downloadFile("tarball", "2"); # .tar.bz2
-my $tarballHash = downloadFile("tarball", "3"); # .tar.xz
+my ($tarball, $tarballHash) = downloadFile("tarball", "3"); # .tar.xz
 downloadFile("binaryTarball.i686-linux", "1");
 downloadFile("binaryTarball.x86_64-linux", "1");
 downloadFile("binaryTarball.aarch64-linux", "1");
 downloadFile("binaryTarball.x86_64-darwin", "1");
 downloadFile("installerScript", "1");
 
-for my $fn (glob "$tmpDir/*") {
-    my $name = basename($fn);
-    my $dstKey = "$releaseDir/" . $name;
-    unless (defined $releasesBucket->head_key($dstKey)) {
-        print STDERR "uploading $fn to s3://$releasesBucketName/$dstKey...\n";
-        $releasesBucket->add_key_filename($dstKey, $fn)
-            or die $releasesBucket->err . ": " . $releasesBucket->errstr;
-    }
-}
-
 exit if $version =~ /pre/;
 
 # Update Nixpkgs in a very hacky way.
@@ -156,11 +125,18 @@ write_file("$nixpkgsDir/nixos/modules/installer/tools/nix-fallback-paths.nix",
 
 system("cd $nixpkgsDir && git commit -a -m 'nix: $oldName -> $version'") == 0 or die;
 
+# Extract the HTML manual.
+File::Path::make_path("$releaseDir/manual");
+
+system("tar xvf $tarball --strip-components=3 -C $releaseDir/manual --wildcards '*/doc/manual/*.html' '*/doc/manual/*.css' '*/doc/manual/*.gif' '*/doc/manual/*.png'") == 0 or die;
+
+if (! -e "$releaseDir/manual/index.html") {
+    symlink("manual.html", "$releaseDir/manual/index.html") or die;
+}
+
 # Update the "latest" symlink.
-$channelsBucket->add_key(
-    "nix-latest/install", "",
-    { "x-amz-website-redirect-location" => "https://releases.nixos.org/$releaseDir/install" })
-    or die $channelsBucket->err . ": " . $channelsBucket->errstr;
+symlink("$releaseName", "$releasesDir/nix/latest-tmp") or die;
+rename("$releasesDir/nix/latest-tmp", "$releasesDir/nix/latest") or die;
 
 # Tag the release in Git.
 chdir("/home/eelco/Dev/nix-pristine") or die;

misc/bash/completion.sh

@@ -1,19 +0,0 @@
-function _complete_nix {
-    local -a words
-    local cword cur
-    _get_comp_words_by_ref -n ':=&' words cword cur
-    local have_type
-    while IFS= read -r line; do
-        if [[ -z $have_type ]]; then
-            have_type=1
-            if [[ $line = filenames ]]; then
-                compopt -o filenames
-            fi
-        else
-            COMPREPLY+=("$line")
-        fi
-    done < <(NIX_GET_COMPLETIONS=$cword "${words[@]}")
-    __ltrim_colon_completions "$cur"
-}
-
-complete -F _complete_nix nix

misc/bash/local.mk

@@ -1 +0,0 @@
-$(eval $(call install-file-as, $(d)/completion.sh, $(datarootdir)/bash-completion/completions/_nix3, 0644))

misc/launchd/org.nixos.nix-daemon.plist.in

@@ -17,7 +17,7 @@
     <array>
       <string>/bin/sh</string>
       <string>-c</string>
-      <string>/bin/wait4path /nix/var/nix/profiles/default/bin/nix-daemon &amp;&amp; /nix/var/nix/profiles/default/bin/nix-daemon</string>
+      <string>/bin/wait4path @bindir@/nix-daemon &amp;&amp; @bindir@/nix-daemon</string>
     </array>
     <key>StandardErrorPath</key>
     <string>/var/log/nix-daemon.log</string>

mk/README.md

@@ -0,0 +1,6 @@
+This is a set of helper Makefiles for doing non-recursive builds with
+GNU Make.  The canonical source can be found at
+https://github.com/edolstra/make-rules.  You should copy the files
+into the `mk` subdirectory of your project.
+
+TODO: write more documentation.

mk/patterns.mk

@@ -1,10 +1,10 @@
 $(buildprefix)%.o: %.cc
 	@mkdir -p "$(dir $@)"
-	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
+	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
 
 $(buildprefix)%.o: %.cpp
 	@mkdir -p "$(dir $@)"
-	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
+	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
 
 $(buildprefix)%.o: %.c
 	@mkdir -p "$(dir $@)"

mk/precompiled-headers.mk

@@ -1,42 +0,0 @@
-PRECOMPILE_HEADERS ?= 1
-
-print-var-help += \
-  echo "  PRECOMPILE_HEADERS ($(PRECOMPILE_HEADERS)): Whether to use precompiled headers to speed up the build";
-
-GCH = $(buildprefix)precompiled-headers.h.gch
-
-$(GCH): precompiled-headers.h
-	@rm -f $@
-	@mkdir -p "$(dir $@)"
-	$(trace-gen) $(CXX) -x c++-header -o $@ $< $(GLOBAL_CXXFLAGS) $(GCH_CXXFLAGS)
-
-PCH = $(buildprefix)precompiled-headers.h.pch
-
-$(PCH): precompiled-headers.h
-	@rm -f $@
-	@mkdir -p "$(dir $@)"
-	$(trace-gen) $(CXX) -x c++-header -o $@ $< $(GLOBAL_CXXFLAGS) $(GCH_CXXFLAGS)
-
-clean-files += $(GCH) $(PCH)
-
-ifeq ($(PRECOMPILE_HEADERS), 1)
-
-  ifeq ($(CXX), g++)
-
-    GLOBAL_CXXFLAGS_PCH += -include $(buildprefix)precompiled-headers.h -Winvalid-pch
-
-    GLOBAL_ORDER_AFTER += $(GCH)
-
-  else ifeq ($(CXX), clang++)
-
-    GLOBAL_CXXFLAGS_PCH += -include-pch $(PCH) -Winvalid-pch
-
-    GLOBAL_ORDER_AFTER += $(PCH)
-
-  else
-
-    $(error Don't know how to precompile headers on $(CXX))
-
-  endif
-
-endif

nix-rust/Cargo.lock

@@ -1,399 +0,0 @@
-# This file is automatically @generated by Cargo.
-# It is not intended for manual editing.
-[[package]]
-name = "assert_matches"
-version = "1.3.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "autocfg"
-version = "0.1.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "bit-set"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "bit-vec"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "bitflags"
-version = "1.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "byteorder"
-version = "1.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "c2-chacha"
-version = "0.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "cfg-if"
-version = "0.1.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "cloudabi"
-version = "0.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "fnv"
-version = "1.0.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "fuchsia-cprng"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "getrandom"
-version = "0.1.13"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "hex"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "lazy_static"
-version = "1.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "libc"
-version = "0.2.66"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "nix-rust"
-version = "0.1.0"
-dependencies = [
- "assert_matches 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "proptest 0.9.4 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "num-traits"
-version = "0.2.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "ppv-lite86"
-version = "0.2.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "proptest"
-version = "0.9.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "bit-set 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "num-traits 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)",
- "quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)",
- "rusty-fork 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "quick-error"
-version = "1.2.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "rand"
-version = "0.6.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_hc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_isaac 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_jitter 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_os 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_pcg 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand"
-version = "0.7.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_chacha"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_chacha"
-version = "0.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_core"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_core"
-version = "0.4.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "rand_core"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_hc"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_hc"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_isaac"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_jitter"
-version = "0.1.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_os"
-version = "0.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)",
- "fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_pcg"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rand_xorshift"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rdrand"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "redox_syscall"
-version = "0.1.56"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "regex-syntax"
-version = "0.6.12"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "remove_dir_all"
-version = "0.5.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "rusty-fork"
-version = "0.2.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
- "quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "tempfile"
-version = "3.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
- "remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "wait-timeout"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "wasi"
-version = "0.7.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "winapi"
-version = "0.3.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
-]
-
-[[package]]
-name = "winapi-i686-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[[package]]
-name = "winapi-x86_64-pc-windows-gnu"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-
-[metadata]
-"checksum assert_matches 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7deb0a829ca7bcfaf5da70b073a8d128619259a7be8216a355e23f00763059e5"
-"checksum autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2"
-"checksum bit-set 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e84c238982c4b1e1ee668d136c510c67a13465279c0cb367ea6baf6310620a80"
-"checksum bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f59bbe95d4e52a6398ec21238d31577f2b28a9d86807f06ca59d191d8440d0bb"
-"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
-"checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
-"checksum c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "214238caa1bf3a496ec3392968969cab8549f96ff30652c9e56885329315f6bb"
-"checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"
-"checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f"
-"checksum fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3"
-"checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba"
-"checksum getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)" = "e7db7ca94ed4cd01190ceee0d8a8052f08a247aa1b469a7f68c6a3b71afcf407"
-"checksum hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77"
-"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
-"checksum libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)" = "d515b1f41455adea1313a4a2ac8a8a477634fbae63cc6100e3aebb207ce61558"
-"checksum num-traits 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)" = "d4c81ffc11c212fa327657cb19dd85eb7419e163b5b076bede2bdb5c974c07e4"
-"checksum ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "74490b50b9fbe561ac330df47c08f3f33073d2d00c150f719147d7c54522fa1b"
-"checksum proptest 0.9.4 (registry+https://github.com/rust-lang/crates.io-index)" = "cf147e022eacf0c8a054ab864914a7602618adba841d800a9a9868a5237a529f"
-"checksum quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9274b940887ce9addde99c4eee6b5c44cc494b182b97e73dc8ffdcb3397fd3f0"
-"checksum rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)" = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca"
-"checksum rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3ae1b169243eaf61759b8475a998f0a385e42042370f3a7dbaf35246eacc8412"
-"checksum rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef"
-"checksum rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "03a2a90da8c7523f554344f921aa97283eadf6ac484a6d2a7d0212fa7f8d6853"
-"checksum rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b"
-"checksum rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc"
-"checksum rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19"
-"checksum rand_hc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b40677c7be09ae76218dc623efbf7b18e34bced3f38883af07bb75630a21bc4"
-"checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
-"checksum rand_isaac 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ded997c9d5f13925be2a6fd7e66bf1872597f759fd9dd93513dd7e92e5a5ee08"
-"checksum rand_jitter 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "1166d5c91dc97b88d1decc3285bb0a99ed84b05cfd0bc2341bdf2d43fc41e39b"
-"checksum rand_os 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "7b75f676a1e053fc562eafbb47838d67c84801e38fc1ba459e8f180deabd5071"
-"checksum rand_pcg 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "abf9b09b01790cfe0364f52bf32995ea3c39f4d2dd011eac241d2914146d0b44"
-"checksum rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cbf7e9e623549b0e21f6e97cf8ecf247c1a8fd2e8a992ae265314300b2455d5c"
-"checksum rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2"
-"checksum redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)" = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84"
-"checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716"
-"checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e"
-"checksum rusty-fork 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3dd93264e10c577503e926bd1430193eeb5d21b059148910082245309b424fae"
-"checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9"
-"checksum wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6"
-"checksum wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b89c3ce4ce14bdc6fb6beaf9ec7928ca331de5df7e5ea278375642a2f478570d"
-"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
-"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
-"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"

nix-rust/Cargo.toml

@@ -1,23 +0,0 @@
-[package]
-name = "nix-rust"
-version = "0.1.0"
-authors = ["Eelco Dolstra <edolstra@gmail.com>"]
-edition = "2018"
-
-[lib]
-name = "nixrust"
-crate-type = ["cdylib"]
-
-[dependencies]
-libc = "0.2"
-#futures-preview = { version = "=0.3.0-alpha.19" }
-#hyper = "0.13.0-alpha.4"
-#http = "0.1"
-#tokio = { version = "0.2.0-alpha.6", default-features = false, features = ["rt-full"] }
-lazy_static = "1.4"
-#byteorder = "1.3"
-
-[dev-dependencies]
-hex = "0.3"
-assert_matches = "1.3"
-proptest = "0.9"

nix-rust/local.mk

@@ -1,45 +0,0 @@
-ifeq ($(OPTIMIZE), 1)
-  RUST_MODE = --release
-  RUST_DIR = release
-else
-  RUST_MODE =
-  RUST_DIR = debug
-endif
-
-libnixrust_PATH := $(d)/target/$(RUST_DIR)/libnixrust.$(SO_EXT)
-libnixrust_INSTALL_PATH := $(libdir)/libnixrust.$(SO_EXT)
-libnixrust_LDFLAGS_USE := -L$(d)/target/$(RUST_DIR) -lnixrust -ldl
-libnixrust_LDFLAGS_USE_INSTALLED := -L$(libdir) -lnixrust -ldl
-
-ifeq ($(OS), Darwin)
-libnixrust_BUILD_FLAGS = NIX_LDFLAGS="-undefined dynamic_lookup"
-else
-libnixrust_LDFLAGS_USE += -Wl,-rpath,$(abspath $(d)/target/$(RUST_DIR))
-libnixrust_LDFLAGS_USE_INSTALLED += -Wl,-rpath,$(libdir)
-endif
-
-$(libnixrust_PATH): $(call rwildcard, $(d)/src, *.rs) $(d)/Cargo.toml
-	$(trace-gen) cd nix-rust && CARGO_HOME=$$(if [[ -d vendor ]]; then echo vendor; fi) \
-	$(libnixrust_BUILD_FLAGS) \
-	  cargo build $(RUST_MODE) $$(if [[ -d vendor ]]; then echo --offline; fi) \
-	&& touch target/$(RUST_DIR)/libnixrust.$(SO_EXT)
-
-$(libnixrust_INSTALL_PATH): $(libnixrust_PATH)
-	$(target-gen) cp $^ $@
-ifeq ($(OS), Darwin)
-	install_name_tool -id $@ $@
-endif
-
-dist-files += $(d)/vendor
-
-clean: clean-rust
-
-clean-rust:
-	$(suppress) rm -rfv nix-rust/target
-
-ifneq ($(OS), Darwin)
-check: rust-tests
-
-rust-tests:
-	cd nix-rust && CARGO_HOME=$$(if [[ -d vendor ]]; then echo vendor; fi) cargo test --release $$(if [[ -d vendor ]]; then echo --offline; fi)
-endif

nix-rust/src/c.rs

@@ -1,77 +0,0 @@
-use super::{error, store::path, store::StorePath, util};
-
-#[no_mangle]
-pub unsafe extern "C" fn ffi_String_new(s: &str, out: *mut String) {
-    // FIXME: check whether 's' is valid UTF-8?
-    out.write(s.to_string())
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn ffi_String_drop(self_: *mut String) {
-    std::ptr::drop_in_place(self_);
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_new(
-    path: &str,
-    store_dir: &str,
-) -> Result<StorePath, error::CppException> {
-    StorePath::new(std::path::Path::new(path), std::path::Path::new(store_dir))
-        .map_err(|err| err.into())
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_new2(
-    hash: &[u8; crate::store::path::STORE_PATH_HASH_BYTES],
-    name: &str,
-) -> Result<StorePath, error::CppException> {
-    StorePath::from_parts(*hash, name).map_err(|err| err.into())
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_fromBaseName(
-    base_name: &str,
-) -> Result<StorePath, error::CppException> {
-    StorePath::new_from_base_name(base_name).map_err(|err| err.into())
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn ffi_StorePath_drop(self_: *mut StorePath) {
-    std::ptr::drop_in_place(self_);
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_to_string(self_: &StorePath) -> Vec<u8> {
-    let mut buf = vec![0; path::STORE_PATH_HASH_CHARS + 1 + self_.name.name().len()];
-    util::base32::encode_into(self_.hash.hash(), &mut buf[0..path::STORE_PATH_HASH_CHARS]);
-    buf[path::STORE_PATH_HASH_CHARS] = b'-';
-    buf[path::STORE_PATH_HASH_CHARS + 1..].clone_from_slice(self_.name.name().as_bytes());
-    buf
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_less_than(a: &StorePath, b: &StorePath) -> bool {
-    a < b
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_eq(a: &StorePath, b: &StorePath) -> bool {
-    a == b
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_clone(self_: &StorePath) -> StorePath {
-    self_.clone()
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_name(self_: &StorePath) -> &str {
-    self_.name.name()
-}
-
-#[no_mangle]
-pub extern "C" fn ffi_StorePath_hash_data(
-    self_: &StorePath,
-) -> &[u8; crate::store::path::STORE_PATH_HASH_BYTES] {
-    self_.hash.hash()
-}

nix-rust/src/error.rs

@@ -1,118 +0,0 @@
-use std::fmt;
-
-#[derive(Debug)]
-pub enum Error {
-    InvalidPath(crate::store::StorePath),
-    BadStorePath(std::path::PathBuf),
-    NotInStore(std::path::PathBuf),
-    BadNarInfo,
-    BadBase32,
-    StorePathNameEmpty,
-    StorePathNameTooLong,
-    BadStorePathName,
-    NarSizeFieldTooBig,
-    BadNarString,
-    BadNarPadding,
-    BadNarVersionMagic,
-    MissingNarOpenTag,
-    MissingNarCloseTag,
-    MissingNarField,
-    BadNarField(String),
-    BadExecutableField,
-    IOError(std::io::Error),
-    #[cfg(unused)]
-    HttpError(hyper::error::Error),
-    Misc(String),
-    #[cfg(not(test))]
-    Foreign(CppException),
-    BadTarFileMemberName(String),
-}
-
-impl From<std::io::Error> for Error {
-    fn from(err: std::io::Error) -> Self {
-        Error::IOError(err)
-    }
-}
-
-#[cfg(unused)]
-impl From<hyper::error::Error> for Error {
-    fn from(err: hyper::error::Error) -> Self {
-        Error::HttpError(err)
-    }
-}
-
-impl fmt::Display for Error {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            Error::InvalidPath(_) => write!(f, "invalid path"),
-            Error::BadNarInfo => write!(f, ".narinfo file is corrupt"),
-            Error::BadStorePath(path) => write!(f, "path '{}' is not a store path", path.display()),
-            Error::NotInStore(path) => {
-                write!(f, "path '{}' is not in the Nix store", path.display())
-            }
-            Error::BadBase32 => write!(f, "invalid base32 string"),
-            Error::StorePathNameEmpty => write!(f, "store path name is empty"),
-            Error::StorePathNameTooLong => {
-                write!(f, "store path name is longer than 211 characters")
-            }
-            Error::BadStorePathName => write!(f, "store path name contains forbidden character"),
-            Error::NarSizeFieldTooBig => write!(f, "size field in NAR is too big"),
-            Error::BadNarString => write!(f, "NAR string is not valid UTF-8"),
-            Error::BadNarPadding => write!(f, "NAR padding is not zero"),
-            Error::BadNarVersionMagic => write!(f, "unsupported NAR version"),
-            Error::MissingNarOpenTag => write!(f, "NAR open tag is missing"),
-            Error::MissingNarCloseTag => write!(f, "NAR close tag is missing"),
-            Error::MissingNarField => write!(f, "expected NAR field is missing"),
-            Error::BadNarField(s) => write!(f, "unrecognized NAR field '{}'", s),
-            Error::BadExecutableField => write!(f, "bad 'executable' field in NAR"),
-            Error::IOError(err) => write!(f, "I/O error: {}", err),
-            #[cfg(unused)]
-            Error::HttpError(err) => write!(f, "HTTP error: {}", err),
-            #[cfg(not(test))]
-            Error::Foreign(_) => write!(f, "<C++ exception>"), // FIXME
-            Error::Misc(s) => write!(f, "{}", s),
-            Error::BadTarFileMemberName(s) => {
-                write!(f, "tar archive contains illegal file name '{}'", s)
-            }
-        }
-    }
-}
-
-#[cfg(not(test))]
-impl From<Error> for CppException {
-    fn from(err: Error) -> Self {
-        match err {
-            Error::Foreign(ex) => ex,
-            _ => CppException::new(&err.to_string()),
-        }
-    }
-}
-
-#[cfg(not(test))]
-#[repr(C)]
-#[derive(Debug)]
-pub struct CppException(*const libc::c_void); // == std::exception_ptr*
-
-#[cfg(not(test))]
-impl CppException {
-    fn new(s: &str) -> Self {
-        Self(unsafe { make_error(s) })
-    }
-}
-
-#[cfg(not(test))]
-impl Drop for CppException {
-    fn drop(&mut self) {
-        unsafe {
-            destroy_error(self.0);
-        }
-    }
-}
-
-#[cfg(not(test))]
-extern "C" {
-    #[allow(improper_ctypes)] // YOLO
-    fn make_error(s: &str) -> *const libc::c_void;
-
-    fn destroy_error(exc: *const libc::c_void);
-}

nix-rust/src/lib.rs

@@ -1,9 +0,0 @@
-#[cfg(not(test))]
-mod c;
-mod error;
-#[cfg(unused)]
-mod nar;
-mod store;
-mod util;
-
-pub use error::Error;

nix-rust/src/nar.rs

@@ -1,126 +0,0 @@
-use crate::Error;
-use byteorder::{LittleEndian, ReadBytesExt};
-use std::convert::TryFrom;
-use std::io::Read;
-
-pub fn parse<R: Read>(input: &mut R) -> Result<(), Error> {
-    if String::read(input)? != NAR_VERSION_MAGIC {
-        return Err(Error::BadNarVersionMagic);
-    }
-
-    parse_file(input)
-}
-
-const NAR_VERSION_MAGIC: &str = "nix-archive-1";
-
-fn parse_file<R: Read>(input: &mut R) -> Result<(), Error> {
-    if String::read(input)? != "(" {
-        return Err(Error::MissingNarOpenTag);
-    }
-
-    if String::read(input)? != "type" {
-        return Err(Error::MissingNarField);
-    }
-
-    match String::read(input)?.as_ref() {
-        "regular" => {
-            let mut _executable = false;
-            let mut tag = String::read(input)?;
-            if tag == "executable" {
-                _executable = true;
-                if String::read(input)? != "" {
-                    return Err(Error::BadExecutableField);
-                }
-                tag = String::read(input)?;
-            }
-            if tag != "contents" {
-                return Err(Error::MissingNarField);
-            }
-            let _contents = Vec::<u8>::read(input)?;
-            if String::read(input)? != ")" {
-                return Err(Error::MissingNarCloseTag);
-            }
-        }
-        "directory" => loop {
-            match String::read(input)?.as_ref() {
-                "entry" => {
-                    if String::read(input)? != "(" {
-                        return Err(Error::MissingNarOpenTag);
-                    }
-                    if String::read(input)? != "name" {
-                        return Err(Error::MissingNarField);
-                    }
-                    let _name = String::read(input)?;
-                    if String::read(input)? != "node" {
-                        return Err(Error::MissingNarField);
-                    }
-                    parse_file(input)?;
-                    let tag = String::read(input)?;
-                    if tag != ")" {
-                        return Err(Error::MissingNarCloseTag);
-                    }
-                }
-                ")" => break,
-                s => return Err(Error::BadNarField(s.into())),
-            }
-        },
-        "symlink" => {
-            if String::read(input)? != "target" {
-                return Err(Error::MissingNarField);
-            }
-            let _target = String::read(input)?;
-            if String::read(input)? != ")" {
-                return Err(Error::MissingNarCloseTag);
-            }
-        }
-        s => return Err(Error::BadNarField(s.into())),
-    }
-
-    Ok(())
-}
-
-trait Deserialize: Sized {
-    fn read<R: Read>(input: &mut R) -> Result<Self, Error>;
-}
-
-impl Deserialize for String {
-    fn read<R: Read>(input: &mut R) -> Result<Self, Error> {
-        let buf = Deserialize::read(input)?;
-        Ok(String::from_utf8(buf).map_err(|_| Error::BadNarString)?)
-    }
-}
-
-impl Deserialize for Vec<u8> {
-    fn read<R: Read>(input: &mut R) -> Result<Self, Error> {
-        let n: usize = Deserialize::read(input)?;
-        let mut buf = vec![0; n];
-        input.read_exact(&mut buf)?;
-        skip_padding(input, n)?;
-        Ok(buf)
-    }
-}
-
-fn skip_padding<R: Read>(input: &mut R, len: usize) -> Result<(), Error> {
-    if len % 8 != 0 {
-        let mut buf = [0; 8];
-        let buf = &mut buf[0..8 - (len % 8)];
-        input.read_exact(buf)?;
-        if !buf.iter().all(|b| *b == 0) {
-            return Err(Error::BadNarPadding);
-        }
-    }
-    Ok(())
-}
-
-impl Deserialize for u64 {
-    fn read<R: Read>(input: &mut R) -> Result<Self, Error> {
-        Ok(input.read_u64::<LittleEndian>()?)
-    }
-}
-
-impl Deserialize for usize {
-    fn read<R: Read>(input: &mut R) -> Result<Self, Error> {
-        let n: u64 = Deserialize::read(input)?;
-        Ok(usize::try_from(n).map_err(|_| Error::NarSizeFieldTooBig)?)
-    }
-}

nix-rust/src/store/binary_cache_store.rs

@@ -1,48 +0,0 @@
-use super::{PathInfo, Store, StorePath};
-use crate::Error;
-use hyper::client::Client;
-
-pub struct BinaryCacheStore {
-    base_uri: String,
-    client: Client<hyper::client::HttpConnector, hyper::Body>,
-}
-
-impl BinaryCacheStore {
-    pub fn new(base_uri: String) -> Self {
-        Self {
-            base_uri,
-            client: Client::new(),
-        }
-    }
-}
-
-impl Store for BinaryCacheStore {
-    fn query_path_info(
-        &self,
-        path: &StorePath,
-    ) -> std::pin::Pin<Box<dyn std::future::Future<Output = Result<PathInfo, Error>> + Send>> {
-        let uri = format!("{}/{}.narinfo", self.base_uri.clone(), path.hash);
-        let path = path.clone();
-        let client = self.client.clone();
-        let store_dir = self.store_dir().to_string();
-
-        Box::pin(async move {
-            let response = client.get(uri.parse::<hyper::Uri>().unwrap()).await?;
-
-            if response.status() == hyper::StatusCode::NOT_FOUND
-                || response.status() == hyper::StatusCode::FORBIDDEN
-            {
-                return Err(Error::InvalidPath(path));
-            }
-
-            let mut body = response.into_body();
-
-            let mut bytes = Vec::new();
-            while let Some(next) = body.next().await {
-                bytes.extend(next?);
-            }
-
-            PathInfo::parse_nar_info(std::str::from_utf8(&bytes).unwrap(), &store_dir)
-        })
-    }
-}

nix-rust/src/store/mod.rs

@@ -1,17 +0,0 @@
-pub mod path;
-
-#[cfg(unused)]
-mod binary_cache_store;
-#[cfg(unused)]
-mod path_info;
-#[cfg(unused)]
-mod store;
-
-pub use path::{StorePath, StorePathHash, StorePathName};
-
-#[cfg(unused)]
-pub use binary_cache_store::BinaryCacheStore;
-#[cfg(unused)]
-pub use path_info::PathInfo;
-#[cfg(unused)]
-pub use store::Store;

nix-rust/src/store/path.rs

@@ -1,225 +0,0 @@
-use crate::error::Error;
-use crate::util::base32;
-use std::fmt;
-use std::path::Path;
-
-#[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Debug)]
-pub struct StorePath {
-    pub hash: StorePathHash,
-    pub name: StorePathName,
-}
-
-pub const STORE_PATH_HASH_BYTES: usize = 20;
-pub const STORE_PATH_HASH_CHARS: usize = 32;
-
-impl StorePath {
-    pub fn new(path: &Path, store_dir: &Path) -> Result<Self, Error> {
-        if path.parent() != Some(store_dir) {
-            return Err(Error::NotInStore(path.into()));
-        }
-        Self::new_from_base_name(
-            path.file_name()
-                .ok_or(Error::BadStorePath(path.into()))?
-                .to_str()
-                .ok_or(Error::BadStorePath(path.into()))?,
-        )
-    }
-
-    pub fn from_parts(hash: [u8; STORE_PATH_HASH_BYTES], name: &str) -> Result<Self, Error> {
-        Ok(StorePath {
-            hash: StorePathHash(hash),
-            name: StorePathName::new(name)?,
-        })
-    }
-
-    pub fn new_from_base_name(base_name: &str) -> Result<Self, Error> {
-        if base_name.len() < STORE_PATH_HASH_CHARS + 1
-            || base_name.as_bytes()[STORE_PATH_HASH_CHARS] != '-' as u8
-        {
-            return Err(Error::BadStorePath(base_name.into()));
-        }
-
-        Ok(StorePath {
-            hash: StorePathHash::new(&base_name[0..STORE_PATH_HASH_CHARS])?,
-            name: StorePathName::new(&base_name[STORE_PATH_HASH_CHARS + 1..])?,
-        })
-    }
-}
-
-impl fmt::Display for StorePath {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "{}-{}", self.hash, self.name)
-    }
-}
-
-#[derive(Clone, PartialEq, Eq, Debug)]
-pub struct StorePathHash([u8; STORE_PATH_HASH_BYTES]);
-
-impl StorePathHash {
-    pub fn new(s: &str) -> Result<Self, Error> {
-        assert_eq!(s.len(), STORE_PATH_HASH_CHARS);
-        let v = base32::decode(s)?;
-        assert_eq!(v.len(), STORE_PATH_HASH_BYTES);
-        let mut bytes: [u8; 20] = Default::default();
-        bytes.copy_from_slice(&v[0..STORE_PATH_HASH_BYTES]);
-        Ok(Self(bytes))
-    }
-
-    pub fn hash<'a>(&'a self) -> &'a [u8; STORE_PATH_HASH_BYTES] {
-        &self.0
-    }
-}
-
-impl fmt::Display for StorePathHash {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        let mut buf = vec![0; STORE_PATH_HASH_CHARS];
-        base32::encode_into(&self.0, &mut buf);
-        f.write_str(std::str::from_utf8(&buf).unwrap())
-    }
-}
-
-impl Ord for StorePathHash {
-    fn cmp(&self, other: &Self) -> std::cmp::Ordering {
-        // Historically we've sorted store paths by their base32
-        // serialization, but our base32 encodes bytes in reverse
-        // order. So compare them in reverse order as well.
-        self.0.iter().rev().cmp(other.0.iter().rev())
-    }
-}
-
-impl PartialOrd for StorePathHash {
-    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {
-        Some(self.cmp(other))
-    }
-}
-
-#[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Debug)]
-pub struct StorePathName(String);
-
-impl StorePathName {
-    pub fn new(s: &str) -> Result<Self, Error> {
-        if s.len() == 0 {
-            return Err(Error::StorePathNameEmpty);
-        }
-
-        if s.len() > 211 {
-            return Err(Error::StorePathNameTooLong);
-        }
-
-        if s.starts_with('.')
-            || !s.chars().all(|c| {
-                c.is_ascii_alphabetic()
-                    || c.is_ascii_digit()
-                    || c == '+'
-                    || c == '-'
-                    || c == '.'
-                    || c == '_'
-                    || c == '?'
-                    || c == '='
-            })
-        {
-            return Err(Error::BadStorePathName);
-        }
-
-        Ok(Self(s.to_string()))
-    }
-
-    pub fn name<'a>(&'a self) -> &'a str {
-        &self.0
-    }
-}
-
-impl fmt::Display for StorePathName {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        f.write_str(&self.0)
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use assert_matches::assert_matches;
-
-    #[test]
-    fn test_parse() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-konsole-18.12.3";
-        let p = StorePath::new_from_base_name(&s).unwrap();
-        assert_eq!(p.name.0, "konsole-18.12.3");
-        assert_eq!(
-            p.hash.0,
-            [
-                0x9f, 0x76, 0x49, 0x20, 0xf6, 0x5d, 0xe9, 0x71, 0xc4, 0xca, 0x46, 0x21, 0xab, 0xff,
-                0x9b, 0x44, 0xef, 0x87, 0x0f, 0x3c
-            ]
-        );
-    }
-
-    #[test]
-    fn test_no_name() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::StorePathNameEmpty)
-        );
-    }
-
-    #[test]
-    fn test_no_dash() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::BadStorePath(_))
-        );
-    }
-
-    #[test]
-    fn test_short_hash() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxl-konsole-18.12.3";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::BadStorePath(_))
-        );
-    }
-
-    #[test]
-    fn test_invalid_hash() {
-        let s = "7h7qgvs4kgzsn8e6rb273saxyqh4jxlz-konsole-18.12.3";
-        assert_matches!(StorePath::new_from_base_name(&s), Err(Error::BadBase32));
-    }
-
-    #[test]
-    fn test_long_name() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
-        assert_matches!(StorePath::new_from_base_name(&s), Ok(_));
-    }
-
-    #[test]
-    fn test_too_long_name() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::StorePathNameTooLong)
-        );
-    }
-
-    #[test]
-    fn test_bad_name() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-foo bar";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::BadStorePathName)
-        );
-
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-kónsole";
-        assert_matches!(
-            StorePath::new_from_base_name(&s),
-            Err(Error::BadStorePathName)
-        );
-    }
-
-    #[test]
-    fn test_roundtrip() {
-        let s = "7h7qgvs4kgzsn8a6rb273saxyqh4jxlz-konsole-18.12.3";
-        assert_eq!(StorePath::new_from_base_name(&s).unwrap().to_string(), s);
-    }
-}

nix-rust/src/store/path_info.rs

@@ -1,70 +0,0 @@
-use crate::store::StorePath;
-use crate::Error;
-use std::collections::BTreeSet;
-
-#[derive(Clone, Debug)]
-pub struct PathInfo {
-    pub path: StorePath,
-    pub references: BTreeSet<StorePath>,
-    pub nar_size: u64,
-    pub deriver: Option<StorePath>,
-
-    // Additional binary cache info.
-    pub url: Option<String>,
-    pub compression: Option<String>,
-    pub file_size: Option<u64>,
-}
-
-impl PathInfo {
-    pub fn parse_nar_info(nar_info: &str, store_dir: &str) -> Result<Self, Error> {
-        let mut path = None;
-        let mut references = BTreeSet::new();
-        let mut nar_size = None;
-        let mut deriver = None;
-        let mut url = None;
-        let mut compression = None;
-        let mut file_size = None;
-
-        for line in nar_info.lines() {
-            let colon = line.find(':').ok_or(Error::BadNarInfo)?;
-
-            let (name, value) = line.split_at(colon);
-
-            if !value.starts_with(": ") {
-                return Err(Error::BadNarInfo);
-            }
-
-            let value = &value[2..];
-
-            if name == "StorePath" {
-                path = Some(StorePath::new(std::path::Path::new(value), store_dir)?);
-            } else if name == "NarSize" {
-                nar_size = Some(u64::from_str_radix(value, 10).map_err(|_| Error::BadNarInfo)?);
-            } else if name == "References" {
-                if !value.is_empty() {
-                    for r in value.split(' ') {
-                        references.insert(StorePath::new_from_base_name(r)?);
-                    }
-                }
-            } else if name == "Deriver" {
-                deriver = Some(StorePath::new_from_base_name(value)?);
-            } else if name == "URL" {
-                url = Some(value.into());
-            } else if name == "Compression" {
-                compression = Some(value.into());
-            } else if name == "FileSize" {
-                file_size = Some(u64::from_str_radix(value, 10).map_err(|_| Error::BadNarInfo)?);
-            }
-        }
-
-        Ok(PathInfo {
-            path: path.ok_or(Error::BadNarInfo)?,
-            references,
-            nar_size: nar_size.ok_or(Error::BadNarInfo)?,
-            deriver,
-            url: Some(url.ok_or(Error::BadNarInfo)?),
-            compression,
-            file_size,
-        })
-    }
-}

nix-rust/src/store/store.rs

@@ -1,53 +0,0 @@
-use super::{PathInfo, StorePath};
-use crate::Error;
-use std::collections::{BTreeMap, BTreeSet};
-use std::path::Path;
-
-pub trait Store: Send + Sync {
-    fn store_dir(&self) -> &str {
-        "/nix/store"
-    }
-
-    fn query_path_info(
-        &self,
-        store_path: &StorePath,
-    ) -> std::pin::Pin<Box<dyn std::future::Future<Output = Result<PathInfo, Error>> + Send>>;
-}
-
-impl dyn Store {
-    pub fn parse_store_path(&self, path: &Path) -> Result<StorePath, Error> {
-        StorePath::new(path, self.store_dir())
-    }
-
-    pub async fn compute_path_closure(
-        &self,
-        roots: BTreeSet<StorePath>,
-    ) -> Result<BTreeMap<StorePath, PathInfo>, Error> {
-        let mut done = BTreeSet::new();
-        let mut result = BTreeMap::new();
-        let mut pending = vec![];
-
-        for root in roots {
-            pending.push(self.query_path_info(&root));
-            done.insert(root);
-        }
-
-        while !pending.is_empty() {
-            let (info, _, remaining) = futures::future::select_all(pending).await;
-            pending = remaining;
-
-            let info = info?;
-
-            for path in &info.references {
-                if !done.contains(path) {
-                    pending.push(self.query_path_info(&path));
-                    done.insert(path.clone());
-                }
-            }
-
-            result.insert(info.path.clone(), info);
-        }
-
-        Ok(result)
-    }
-}

nix-rust/src/util/base32.rs

@@ -1,160 +0,0 @@
-use crate::error::Error;
-use lazy_static::lazy_static;
-
-pub fn encoded_len(input_len: usize) -> usize {
-    if input_len == 0 {
-        0
-    } else {
-        (input_len * 8 - 1) / 5 + 1
-    }
-}
-
-pub fn decoded_len(input_len: usize) -> usize {
-    input_len * 5 / 8
-}
-
-static BASE32_CHARS: &'static [u8; 32] = &b"0123456789abcdfghijklmnpqrsvwxyz";
-
-lazy_static! {
-    static ref BASE32_CHARS_REVERSE: Box<[u8; 256]> = {
-        let mut xs = [0xffu8; 256];
-        for (n, c) in BASE32_CHARS.iter().enumerate() {
-            xs[*c as usize] = n as u8;
-        }
-        Box::new(xs)
-    };
-}
-
-pub fn encode(input: &[u8]) -> String {
-    let mut buf = vec![0; encoded_len(input.len())];
-    encode_into(input, &mut buf);
-    std::str::from_utf8(&buf).unwrap().to_string()
-}
-
-pub fn encode_into(input: &[u8], output: &mut [u8]) {
-    let len = encoded_len(input.len());
-    assert_eq!(len, output.len());
-
-    let mut nr_bits_left: usize = 0;
-    let mut bits_left: u16 = 0;
-    let mut pos = len;
-
-    for b in input {
-        bits_left |= (*b as u16) << nr_bits_left;
-        nr_bits_left += 8;
-        while nr_bits_left > 5 {
-            output[pos - 1] = BASE32_CHARS[(bits_left & 0x1f) as usize];
-            pos -= 1;
-            bits_left >>= 5;
-            nr_bits_left -= 5;
-        }
-    }
-
-    if nr_bits_left > 0 {
-        output[pos - 1] = BASE32_CHARS[(bits_left & 0x1f) as usize];
-        pos -= 1;
-    }
-
-    assert_eq!(pos, 0);
-}
-
-pub fn decode(input: &str) -> Result<Vec<u8>, crate::Error> {
-    let mut res = Vec::with_capacity(decoded_len(input.len()));
-
-    let mut nr_bits_left: usize = 0;
-    let mut bits_left: u16 = 0;
-
-    for c in input.chars().rev() {
-        let b = BASE32_CHARS_REVERSE[c as usize];
-        if b == 0xff {
-            return Err(Error::BadBase32);
-        }
-        bits_left |= (b as u16) << nr_bits_left;
-        nr_bits_left += 5;
-        if nr_bits_left >= 8 {
-            res.push((bits_left & 0xff) as u8);
-            bits_left >>= 8;
-            nr_bits_left -= 8;
-        }
-    }
-
-    if nr_bits_left > 0 && bits_left != 0 {
-        return Err(Error::BadBase32);
-    }
-
-    Ok(res)
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use assert_matches::assert_matches;
-    use hex;
-    use proptest::proptest;
-
-    #[test]
-    fn test_encode() {
-        assert_eq!(encode(&[]), "");
-
-        assert_eq!(
-            encode(&hex::decode("0839703786356bca59b0f4a32987eb2e6de43ae8").unwrap()),
-            "x0xf8v9fxf3jk8zln1cwlsrmhqvp0f88"
-        );
-
-        assert_eq!(
-            encode(
-                &hex::decode("ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad")
-                    .unwrap()
-            ),
-            "1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s"
-        );
-
-        assert_eq!(
-            encode(
-                &hex::decode("ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f")
-                    .unwrap()
-            ),
-            "2gs8k559z4rlahfx0y688s49m2vvszylcikrfinm30ly9rak69236nkam5ydvly1ai7xac99vxfc4ii84hawjbk876blyk1jfhkbbyx"
-        );
-    }
-
-    #[test]
-    fn test_decode() {
-        assert_eq!(hex::encode(decode("").unwrap()), "");
-
-        assert_eq!(
-            hex::encode(decode("x0xf8v9fxf3jk8zln1cwlsrmhqvp0f88").unwrap()),
-            "0839703786356bca59b0f4a32987eb2e6de43ae8"
-        );
-
-        assert_eq!(
-            hex::encode(decode("1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s").unwrap()),
-            "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-        );
-
-        assert_eq!(
-            hex::encode(decode("2gs8k559z4rlahfx0y688s49m2vvszylcikrfinm30ly9rak69236nkam5ydvly1ai7xac99vxfc4ii84hawjbk876blyk1jfhkbbyx").unwrap()),
-            "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"
-        );
-
-        assert_matches!(
-            decode("xoxf8v9fxf3jk8zln1cwlsrmhqvp0f88"),
-            Err(Error::BadBase32)
-        );
-        assert_matches!(
-            decode("2b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s"),
-            Err(Error::BadBase32)
-        );
-        assert_matches!(decode("2"), Err(Error::BadBase32));
-        assert_matches!(decode("2gs"), Err(Error::BadBase32));
-        assert_matches!(decode("2gs8"), Err(Error::BadBase32));
-    }
-
-    proptest! {
-
-        #[test]
-        fn roundtrip(s: Vec<u8>) {
-            assert_eq!(s, decode(&encode(&s)).unwrap());
-        }
-    }
-}

nix-rust/src/util/mod.rs

@@ -1 +0,0 @@
-pub mod base32;

nix.spec.in

@@ -0,0 +1,173 @@
+%undefine _hardened_build
+
+%global nixbld_user "nix-builder-"
+%global nixbld_group "nixbld"
+
+# NOTE: BUILD on EL7 requires
+# - Centos / RHEL7 software collection repository 
+#   yum install centos-release-scl
+#
+# - Recent boost backport
+#   curl https://copr.fedorainfracloud.org/coprs/whosthere/boost/repo/epel-7/whosthere-boost-epel-7.repo -o /etc/yum.repos.d/whosthere-boost-epel-7.repo
+#
+
+# Disable documentation generation
+# necessary on some platforms
+%bcond_without docgen
+
+Summary: The Nix software deployment system
+Name: nix
+Version: @PACKAGE_VERSION@
+Release: 2%{?dist}
+License: LGPLv2+
+Group: Applications/System
+URL: http://nixos.org/
+Source0: %{name}-%{version}.tar.bz2
+
+Requires: curl
+Requires: bzip2
+Requires: gzip
+Requires: xz
+BuildRequires: bison
+BuildRequires: boost-devel >= 1.60
+BuildRequires: bzip2-devel
+
+# for RHEL <= 7, we need software collections for a C++14 compatible compatible compiler
+%if 0%{?rhel}
+BuildRequires: devtoolset-7-gcc
+BuildRequires: devtoolset-7-gcc-c++
+%endif
+
+BuildRequires: flex
+BuildRequires: libcurl-devel
+BuildRequires: libseccomp-devel
+BuildRequires: openssl-devel
+BuildRequires: sqlite-devel
+BuildRequires: xz-devel
+
+%description
+Nix is a purely functional package manager. It allows multiple
+versions of a package to be installed side-by-side, ensures that
+dependency specifications are complete, supports atomic upgrades and
+rollbacks, allows non-root users to install software, and has many
+other features. It is the basis of the NixOS Linux distribution, but
+it can be used equally well under other Unix systems.
+
+%package        devel
+Summary:        Development files for %{name}
+Requires:       %{name}%{?_isa} = %{version}-%{release}
+
+%description   devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+
+%package doc
+Summary:        Documentation files for %{name}
+BuildArch:      noarch
+Requires:       %{name} = %{version}-%{release}
+
+%description   doc
+The %{name}-doc package contains documentation files for %{name}.
+
+%prep
+%setup -q
+
+
+%build
+%if 0%{?rhel}
+source /opt/rh/devtoolset-7/enable 
+%endif
+extraFlags=
+# - override docdir so large documentation files are owned by the
+#   -doc subpackage
+# - set localstatedir by hand to the preferred nix value
+%configure --localstatedir=/nix/var \
+	   %{!?without_docgen:--disable-doc-gen} \
+           --docdir=%{_defaultdocdir}/%{name}-doc-%{version} \
+           $extraFlags
+make V=1 %{?_smp_mflags}
+
+
+%install
+%if 0%{?rhel}
+source /opt/rh/devtoolset-7/enable 
+%endif
+
+make DESTDIR=$RPM_BUILD_ROOT install
+
+find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
+
+# make the store
+mkdir -p $RPM_BUILD_ROOT/nix/store
+chmod 1775 $RPM_BUILD_ROOT/nix/store
+
+# make per-user directories
+for d in profiles gcroots;
+do
+  mkdir -p $RPM_BUILD_ROOT/nix/var/nix/$d/per-user
+  chmod 1777 $RPM_BUILD_ROOT/nix/var/nix/$d/per-user
+done
+
+# fix permission of nix profile
+# (until this is fixed in the relevant Makefile)
+chmod -x $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/nix.sh
+
+# we ship this file in the base package
+rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}-doc-%{version}/README
+
+# Get rid of Upstart job.
+rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/init
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%pre
+getent group %{nixbld_group} >/dev/null || groupadd -r %{nixbld_group}
+for i in $(seq 10);
+do
+  getent passwd %{nixbld_user}$i >/dev/null || \
+    useradd -r -g %{nixbld_group} -G %{nixbld_group} -d /var/empty \
+      -s %{_sbindir}/nologin \
+      -c "Nix build user $i" %{nixbld_user}$i
+done
+
+%post
+chgrp %{nixbld_group} /nix/store
+%if ! 0%{?rhel} || 0%{?rhel} >= 7
+# Enable and start Nix worker
+systemctl enable nix-daemon.socket nix-daemon.service
+systemctl start  nix-daemon.socket
+%endif
+
+%files
+%license COPYING
+%{_bindir}/nix*
+%{_libdir}/*.so
+%{_prefix}/libexec/*
+%if ! 0%{?rhel} || 0%{?rhel} >= 7
+%{_prefix}/lib/systemd/system/nix-daemon.socket
+%{_prefix}/lib/systemd/system/nix-daemon.service
+%endif
+%{_datadir}/nix
+#%if ! %{without docgen}
+#%{_mandir}/man1/*.1*
+#%{_mandir}/man5/*.5*
+#%{_mandir}/man8/*.8*
+#%endif
+%config(noreplace) %{_sysconfdir}/profile.d/nix.sh
+%config(noreplace) %{_sysconfdir}/profile.d/nix-daemon.sh
+/nix
+
+%files devel
+%{_includedir}/nix
+%{_prefix}/lib/pkgconfig/*.pc
+
+
+#%if ! %{without docgen}
+#%files doc
+#%docdir %{_defaultdocdir}/%{name}-doc-%{version}
+#%{_defaultdocdir}/%{name}-doc-%{version}
+#%endif

perl/Makefile

@@ -4,12 +4,4 @@ GLOBAL_CXXFLAGS += -g -Wall
 
 -include Makefile.config
 
-OPTIMIZE = 1
-
-ifeq ($(OPTIMIZE), 1)
-  GLOBAL_CXXFLAGS += -O3
-else
-  GLOBAL_CXXFLAGS += -O0
-endif
-
 include mk/lib.mk

perl/configure.ac

@@ -2,10 +2,13 @@ AC_INIT(nix-perl, m4_esyscmd([bash -c "echo -n $(cat ../.version)$VERSION_SUFFIX
 AC_CONFIG_SRCDIR(MANIFEST)
 AC_CONFIG_AUX_DIR(../config)
 
-CFLAGS=
-CXXFLAGS=
+# Set default flags for nix (as per AC_PROG_CC/CXX docs),
+# while still allowing the user to override them from the command line.
+: ${CFLAGS="-O3"}
+: ${CXXFLAGS="-O3"}
 AC_PROG_CC
 AC_PROG_CXX
+AX_CXX_COMPILE_STDCXX_11
 
 # Use 64-bit file system calls so that we can support files > 2 GiB.
 AC_SYS_LARGEFILE
@@ -68,15 +71,14 @@ AC_SUBST(perlFlags)
 
 PKG_CHECK_MODULES([NIX], [nix-store])
 
-NEED_PROG([NIX], [nix])
+NEED_PROG([NIX_INSTANTIATE_PROGRAM], [nix-instantiate])
 
 # Get nix configure values
-export NIX_REMOTE=daemon
-nixbindir=$("$NIX" --experimental-features nix-command eval --raw -f '<nix/config.nix>' nixBinDir)
-nixlibexecdir=$("$NIX" --experimental-features nix-command eval --raw -f '<nix/config.nix>' nixLibexecDir)
-nixlocalstatedir=$("$NIX" --experimental-features nix-command eval --raw -f '<nix/config.nix>' nixLocalstateDir)
-nixsysconfdir=$("$NIX" --experimental-features nix-command eval --raw -f '<nix/config.nix>' nixSysconfDir)
-nixstoredir=$("$NIX" --experimental-features nix-command eval --raw -f '<nix/config.nix>' nixStoreDir)
+nixbindir=$("$NIX_INSTANTIATE_PROGRAM" --eval '<nix/config.nix>' -A nixBinDir | tr -d \")
+nixlibexecdir=$("$NIX_INSTANTIATE_PROGRAM" --eval '<nix/config.nix>' -A nixLibexecDir | tr -d \")
+nixlocalstatedir=$("$NIX_INSTANTIATE_PROGRAM" --eval '<nix/config.nix>' -A nixLocalstateDir | tr -d \")
+nixsysconfdir=$("$NIX_INSTANTIATE_PROGRAM" --eval '<nix/config.nix>' -A nixSysconfDir | tr -d \")
+nixstoredir=$("$NIX_INSTANTIATE_PROGRAM" --eval '<nix/config.nix>' -A nixStoreDir | tr -d \")
 AC_SUBST(nixbindir)
 AC_SUBST(nixlibexecdir)
 AC_SUBST(nixlocalstatedir)

perl/lib/Nix/Config.pm.in

@@ -11,6 +11,10 @@ $logDir = $ENV{"NIX_LOG_DIR"} || "@nixlocalstatedir@/log/nix";
 $confDir = $ENV{"NIX_CONF_DIR"} || "@nixsysconfdir@/nix";
 $storeDir = $ENV{"NIX_STORE_DIR"} || "@nixstoredir@";
 
+$bzip2 = "@bzip2@";
+$xz = "@xz@";
+$curl = "@curl@";
+
 $useBindings = 1;
 
 %config = ();

perl/lib/Nix/Store.xs

@@ -59,7 +59,7 @@ void setVerbosity(int level)
 int isValidPath(char * path)
     CODE:
         try {
-            RETVAL = store()->isValidPath(store()->parseStorePath(path));
+            RETVAL = store()->isValidPath(path);
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -70,8 +70,9 @@ int isValidPath(char * path)
 SV * queryReferences(char * path)
     PPCODE:
         try {
-            for (auto & i : store()->queryPathInfo(store()->parseStorePath(path))->references)
-                XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(i).c_str(), 0)));
+            PathSet paths = store()->queryPathInfo(path)->references;
+            for (PathSet::iterator i = paths.begin(); i != paths.end(); ++i)
+                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -80,7 +81,7 @@ SV * queryReferences(char * path)
 SV * queryPathHash(char * path)
     PPCODE:
         try {
-            auto s = store()->queryPathInfo(store()->parseStorePath(path))->narHash.to_string();
+            auto s = store()->queryPathInfo(path)->narHash.to_string();
             XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
@@ -90,9 +91,9 @@ SV * queryPathHash(char * path)
 SV * queryDeriver(char * path)
     PPCODE:
         try {
-            auto info = store()->queryPathInfo(store()->parseStorePath(path));
-            if (!info->deriver) XSRETURN_UNDEF;
-            XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(*info->deriver).c_str(), 0)));
+            auto deriver = store()->queryPathInfo(path)->deriver;
+            if (deriver == "") XSRETURN_UNDEF;
+            XPUSHs(sv_2mortal(newSVpv(deriver.c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -101,18 +102,18 @@ SV * queryDeriver(char * path)
 SV * queryPathInfo(char * path, int base32)
     PPCODE:
         try {
-            auto info = store()->queryPathInfo(store()->parseStorePath(path));
-            if (!info->deriver)
+            auto info = store()->queryPathInfo(path);
+            if (info->deriver == "")
                 XPUSHs(&PL_sv_undef);
             else
-                XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(*info->deriver).c_str(), 0)));
+                XPUSHs(sv_2mortal(newSVpv(info->deriver.c_str(), 0)));
             auto s = info->narHash.to_string(base32 ? Base32 : Base16);
             XPUSHs(sv_2mortal(newSVpv(s.c_str(), 0)));
             mXPUSHi(info->registrationTime);
             mXPUSHi(info->narSize);
             AV * arr = newAV();
-            for (auto & i : info->references)
-                av_push(arr, newSVpv(store()->printStorePath(i).c_str(), 0));
+            for (PathSet::iterator i = info->references.begin(); i != info->references.end(); ++i)
+                av_push(arr, newSVpv(i->c_str(), 0));
             XPUSHs(sv_2mortal(newRV((SV *) arr)));
         } catch (Error & e) {
             croak("%s", e.what());
@@ -122,8 +123,8 @@ SV * queryPathInfo(char * path, int base32)
 SV * queryPathFromHashPart(char * hashPart)
     PPCODE:
         try {
-            auto path = store()->queryPathFromHashPart(hashPart);
-            XPUSHs(sv_2mortal(newSVpv(path ? store()->printStorePath(*path).c_str() : "", 0)));
+            Path path = store()->queryPathFromHashPart(hashPart);
+            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -132,11 +133,11 @@ SV * queryPathFromHashPart(char * hashPart)
 SV * computeFSClosure(int flipDirection, int includeOutputs, ...)
     PPCODE:
         try {
-            StorePathSet paths;
+            PathSet paths;
             for (int n = 2; n < items; ++n)
-                store()->computeFSClosure(store()->parseStorePath(SvPV_nolen(ST(n))), paths, flipDirection, includeOutputs);
-            for (auto & i : paths)
-                XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(i).c_str(), 0)));
+                store()->computeFSClosure(SvPV_nolen(ST(n)), paths, flipDirection, includeOutputs);
+            for (PathSet::iterator i = paths.begin(); i != paths.end(); ++i)
+                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -145,11 +146,11 @@ SV * computeFSClosure(int flipDirection, int includeOutputs, ...)
 SV * topoSortPaths(...)
     PPCODE:
         try {
-            StorePathSet paths;
-            for (int n = 0; n < items; ++n) paths.insert(store()->parseStorePath(SvPV_nolen(ST(n))));
-            auto sorted = store()->topoSortPaths(paths);
-            for (auto & i : sorted)
-                XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(i).c_str(), 0)));
+            PathSet paths;
+            for (int n = 0; n < items; ++n) paths.insert(SvPV_nolen(ST(n)));
+            Paths sorted = store()->topoSortPaths(paths);
+            for (Paths::iterator i = sorted.begin(); i != sorted.end(); ++i)
+                XPUSHs(sv_2mortal(newSVpv(i->c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -158,7 +159,7 @@ SV * topoSortPaths(...)
 SV * followLinksToStorePath(char * path)
     CODE:
         try {
-            RETVAL = newSVpv(store()->printStorePath(store()->followLinksToStorePath(path)).c_str(), 0);
+            RETVAL = newSVpv(store()->followLinksToStorePath(path).c_str(), 0);
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -169,8 +170,8 @@ SV * followLinksToStorePath(char * path)
 void exportPaths(int fd, ...)
     PPCODE:
         try {
-            StorePathSet paths;
-            for (int n = 1; n < items; ++n) paths.insert(store()->parseStorePath(SvPV_nolen(ST(n))));
+            Paths paths;
+            for (int n = 1; n < items; ++n) paths.push_back(SvPV_nolen(ST(n)));
             FdSink sink(fd);
             store()->exportPaths(paths, sink);
         } catch (Error & e) {
@@ -274,8 +275,8 @@ int checkSignature(SV * publicKey_, SV * sig_, char * msg)
 SV * addToStore(char * srcPath, int recursive, char * algo)
     PPCODE:
         try {
-            auto path = store()->addToStore(std::string(baseNameOf(srcPath)), srcPath, recursive, parseHashType(algo));
-            XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(path).c_str(), 0)));
+            Path path = store()->addToStore(baseNameOf(srcPath), srcPath, recursive, parseHashType(algo));
+            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -285,8 +286,8 @@ SV * makeFixedOutputPath(int recursive, char * algo, char * hash, char * name)
     PPCODE:
         try {
             Hash h(hash, parseHashType(algo));
-            auto path = store()->makeFixedOutputPath(recursive, h, name);
-            XPUSHs(sv_2mortal(newSVpv(store()->printStorePath(path).c_str(), 0)));
+            Path path = store()->makeFixedOutputPath(recursive, h, name);
+            XPUSHs(sv_2mortal(newSVpv(path.c_str(), 0)));
         } catch (Error & e) {
             croak("%s", e.what());
         }
@@ -297,35 +298,35 @@ SV * derivationFromPath(char * drvPath)
         HV *hash;
     CODE:
         try {
-            Derivation drv = store()->derivationFromPath(store()->parseStorePath(drvPath));
+            Derivation drv = store()->derivationFromPath(drvPath);
             hash = newHV();
 
             HV * outputs = newHV();
-            for (auto & i : drv.outputs)
-                hv_store(outputs, i.first.c_str(), i.first.size(), newSVpv(store()->printStorePath(i.second.path).c_str(), 0), 0);
+            for (DerivationOutputs::iterator i = drv.outputs.begin(); i != drv.outputs.end(); ++i)
+                hv_store(outputs, i->first.c_str(), i->first.size(), newSVpv(i->second.path.c_str(), 0), 0);
             hv_stores(hash, "outputs", newRV((SV *) outputs));
 
             AV * inputDrvs = newAV();
-            for (auto & i : drv.inputDrvs)
-                av_push(inputDrvs, newSVpv(store()->printStorePath(i.first).c_str(), 0)); // !!! ignores i->second
+            for (DerivationInputs::iterator i = drv.inputDrvs.begin(); i != drv.inputDrvs.end(); ++i)
+                av_push(inputDrvs, newSVpv(i->first.c_str(), 0)); // !!! ignores i->second
             hv_stores(hash, "inputDrvs", newRV((SV *) inputDrvs));
 
             AV * inputSrcs = newAV();
-            for (auto & i : drv.inputSrcs)
-                av_push(inputSrcs, newSVpv(store()->printStorePath(i).c_str(), 0));
+            for (PathSet::iterator i = drv.inputSrcs.begin(); i != drv.inputSrcs.end(); ++i)
+                av_push(inputSrcs, newSVpv(i->c_str(), 0));
             hv_stores(hash, "inputSrcs", newRV((SV *) inputSrcs));
 
             hv_stores(hash, "platform", newSVpv(drv.platform.c_str(), 0));
             hv_stores(hash, "builder", newSVpv(drv.builder.c_str(), 0));
 
             AV * args = newAV();
-            for (auto & i : drv.args)
-                av_push(args, newSVpv(i.c_str(), 0));
+            for (Strings::iterator i = drv.args.begin(); i != drv.args.end(); ++i)
+                av_push(args, newSVpv(i->c_str(), 0));
             hv_stores(hash, "args", newRV((SV *) args));
 
             HV * env = newHV();
-            for (auto & i : drv.env)
-                hv_store(env, i.first.c_str(), i.first.size(), newSVpv(i.second.c_str(), 0), 0);
+            for (StringPairs::iterator i = drv.env.begin(); i != drv.env.end(); ++i)
+                hv_store(env, i->first.c_str(), i->first.size(), newSVpv(i->second.c_str(), 0), 0);
             hv_stores(hash, "env", newRV((SV *) env));
 
             RETVAL = newRV_noinc((SV *)hash);
@@ -339,7 +340,7 @@ SV * derivationFromPath(char * drvPath)
 void addTempRoot(char * storePath)
     PPCODE:
         try {
-            store()->addTempRoot(store()->parseStorePath(storePath));
+            store()->addTempRoot(storePath);
         } catch (Error & e) {
             croak("%s", e.what());
         }

precompiled-headers.h

@@ -1,58 +0,0 @@
-#include <algorithm>
-#include <array>
-#include <atomic>
-#include <cassert>
-#include <cctype>
-#include <chrono>
-#include <climits>
-#include <cmath>
-#include <condition_variable>
-#include <cstddef>
-#include <cstdint>
-#include <cstdio>
-#include <cstdlib>
-#include <cstring>
-#include <exception>
-#include <functional>
-#include <future>
-#include <iostream>
-#include <limits>
-#include <list>
-#include <locale>
-#include <map>
-#include <memory>
-#include <mutex>
-#include <numeric>
-#include <optional>
-#include <queue>
-#include <random>
-#include <regex>
-#include <set>
-#include <sstream>
-#include <stack>
-#include <stdexcept>
-#include <string>
-#include <thread>
-#include <unordered_map>
-#include <unordered_set>
-#include <vector>
-
-#include <boost/format.hpp>
-
-#include <dirent.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <grp.h>
-#include <netdb.h>
-#include <pwd.h>
-#include <signal.h>
-#include <sys/resource.h>
-#include <sys/select.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/utsname.h>
-#include <sys/wait.h>
-#include <termios.h>
-#include <unistd.h>

release-common.nix

@@ -0,0 +1,79 @@
+{ pkgs }:
+
+with pkgs;
+
+rec {
+  # Use "busybox-sandbox-shell" if present,
+  # if not (legacy) fallback and hope it's sufficient.
+  sh = pkgs.busybox-sandbox-shell or (busybox.override {
+    useMusl = true;
+    enableStatic = true;
+    enableMinimal = true;
+    extraConfig = ''
+      CONFIG_FEATURE_FANCY_ECHO y
+      CONFIG_FEATURE_SH_MATH y
+      CONFIG_FEATURE_SH_MATH_64 y
+
+      CONFIG_ASH y
+      CONFIG_ASH_OPTIMIZE_FOR_SIZE y
+
+      CONFIG_ASH_ALIAS y
+      CONFIG_ASH_BASH_COMPAT y
+      CONFIG_ASH_CMDCMD y
+      CONFIG_ASH_ECHO y
+      CONFIG_ASH_GETOPTS y
+      CONFIG_ASH_INTERNAL_GLOB y
+      CONFIG_ASH_JOB_CONTROL y
+      CONFIG_ASH_PRINTF y
+      CONFIG_ASH_TEST y
+    '';
+  });
+
+  configureFlags =
+    [
+      "--enable-gc"
+    ] ++ lib.optionals stdenv.isLinux [
+      "--with-sandbox-shell=${sh}/bin/busybox"
+    ];
+
+  tarballDeps =
+    [ bison
+      flex
+      libxml2
+      libxslt
+      docbook5
+      docbook_xsl_ns
+      autoconf-archive
+      autoreconfHook
+    ];
+
+  buildDeps =
+    [ curl
+      bzip2 xz brotli editline
+      openssl pkgconfig sqlite boehmgc
+      boost
+
+      # Tests
+      git
+      mercurial
+    ]
+    ++ lib.optionals stdenv.isLinux [libseccomp utillinuxMinimal]
+    ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
+    ++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
+      ((aws-sdk-cpp.override {
+        apis = ["s3" "transfer"];
+        customMemoryManagement = false;
+      }).overrideDerivation (args: {
+        /*
+        patches = args.patches or [] ++ [ (fetchpatch {
+          url = https://github.com/edolstra/aws-sdk-cpp/commit/3e07e1f1aae41b4c8b340735ff9e8c735f0c063f.patch;
+          sha256 = "1pij0v449p166f9l29x7ppzk8j7g9k9mp15ilh5qxp29c7fnvxy2";
+        }) ];
+        */
+      }));
+
+  perlDeps =
+    [ perl
+      perlPackages.DBDSQLite
+    ];
+}

release.nix

@@ -0,0 +1,389 @@
+{ nix ? builtins.fetchGit ./.
+, nixpkgs ? builtins.fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz
+, officialRelease ? false
+, systems ? [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
+}:
+
+let
+
+  pkgs = import nixpkgs { system = builtins.currentSystem or "x86_64-linux"; };
+
+  jobs = rec {
+
+
+    tarball =
+      with pkgs;
+
+      with import ./release-common.nix { inherit pkgs; };
+
+      releaseTools.sourceTarball {
+        name = "nix-tarball";
+        version = builtins.readFile ./.version;
+        versionSuffix = if officialRelease then "" else "pre${toString nix.revCount}_${nix.shortRev}";
+        src = nix;
+        inherit officialRelease;
+
+        buildInputs = tarballDeps ++ buildDeps;
+
+        configureFlags = "--enable-gc";
+
+        postUnpack = ''
+          (cd $sourceRoot && find . -type f) | cut -c3- > $sourceRoot/.dist-files
+          cat $sourceRoot/.dist-files
+        '';
+
+        preConfigure = ''
+          (cd perl ; autoreconf --install --force --verbose)
+          # TeX needs a writable font cache.
+          export VARTEXFONTS=$TMPDIR/texfonts
+        '';
+
+        distPhase =
+          ''
+            runHook preDist
+            make dist
+            mkdir -p $out/tarballs
+            cp *.tar.* $out/tarballs
+          '';
+
+        preDist = ''
+          make install docdir=$out/share/doc/nix makefiles=doc/manual/local.mk
+          echo "doc manual $out/share/doc/nix/manual" >> $out/nix-support/hydra-build-products
+        '';
+      };
+
+
+    build = pkgs.lib.genAttrs systems (system:
+
+      let pkgs = import nixpkgs { inherit system; }; in
+
+      with pkgs;
+
+      with import ./release-common.nix { inherit pkgs; };
+
+      releaseTools.nixBuild {
+        name = "nix";
+        src = tarball;
+
+        buildInputs = buildDeps;
+
+        preConfigure =
+          # Copy libboost_context so we don't get all of Boost in our closure.
+          # https://github.com/NixOS/nixpkgs/issues/45462
+          ''
+            mkdir -p $out/lib
+            cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
+            rm -f $out/lib/*.a
+            ${lib.optionalString stdenv.isLinux ''
+              chmod u+w $out/lib/*.so.*
+              patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
+            ''}
+          '';
+
+        configureFlags = configureFlags ++
+          [ "--sysconfdir=/etc" ];
+
+        enableParallelBuilding = true;
+
+        makeFlags = "profiledir=$(out)/etc/profile.d";
+
+        installFlags = "sysconfdir=$(out)/etc";
+
+        doInstallCheck = true;
+        installCheckFlags = "sysconfdir=$(out)/etc";
+      });
+
+
+    perlBindings = pkgs.lib.genAttrs systems (system:
+
+      let pkgs = import nixpkgs { inherit system; }; in with pkgs;
+
+      releaseTools.nixBuild {
+        name = "nix-perl";
+        src = tarball;
+
+        buildInputs =
+          [ jobs.build.${system} curl bzip2 xz pkgconfig pkgs.perl boost ]
+          ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium;
+
+        configureFlags = ''
+          --with-dbi=${perlPackages.DBI}/${pkgs.perl.libPrefix}
+          --with-dbd-sqlite=${perlPackages.DBDSQLite}/${pkgs.perl.libPrefix}
+        '';
+
+        enableParallelBuilding = true;
+
+        postUnpack = "sourceRoot=$sourceRoot/perl";
+      });
+
+
+    binaryTarball = pkgs.lib.genAttrs systems (system:
+
+      with import nixpkgs { inherit system; };
+
+      let
+        toplevel = builtins.getAttr system jobs.build;
+        version = toplevel.src.version;
+        installerClosureInfo = closureInfo { rootPaths = [ toplevel cacert ]; };
+      in
+
+      runCommand "nix-binary-tarball-${version}"
+        { nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
+          meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
+        }
+        ''
+          cp ${installerClosureInfo}/registration $TMPDIR/reginfo
+          substitute ${./scripts/install-nix-from-closure.sh} $TMPDIR/install \
+            --subst-var-by nix ${toplevel} \
+            --subst-var-by cacert ${cacert}
+
+          substitute ${./scripts/install-darwin-multi-user.sh} $TMPDIR/install-darwin-multi-user.sh \
+            --subst-var-by nix ${toplevel} \
+            --subst-var-by cacert ${cacert}
+          substitute ${./scripts/install-systemd-multi-user.sh} $TMPDIR/install-systemd-multi-user.sh \
+            --subst-var-by nix ${toplevel} \
+            --subst-var-by cacert ${cacert}
+          substitute ${./scripts/install-multi-user.sh} $TMPDIR/install-multi-user \
+            --subst-var-by nix ${toplevel} \
+            --subst-var-by cacert ${cacert}
+
+          if type -p shellcheck; then
+            # SC1090: Don't worry about not being able to find
+            #         $nix/etc/profile.d/nix.sh
+            shellcheck --exclude SC1090 $TMPDIR/install
+            shellcheck $TMPDIR/install-darwin-multi-user.sh
+            shellcheck $TMPDIR/install-systemd-multi-user.sh
+
+            # SC1091: Don't panic about not being able to source
+            #         /etc/profile
+            # SC2002: Ignore "useless cat" "error", when loading
+            #         .reginfo, as the cat is a much cleaner
+            #         implementation, even though it is "useless"
+            # SC2116: Allow ROOT_HOME=$(echo ~root) for resolving
+            #         root's home directory
+            shellcheck --external-sources \
+              --exclude SC1091,SC2002,SC2116 $TMPDIR/install-multi-user
+          fi
+
+          chmod +x $TMPDIR/install
+          chmod +x $TMPDIR/install-darwin-multi-user.sh
+          chmod +x $TMPDIR/install-systemd-multi-user.sh
+          chmod +x $TMPDIR/install-multi-user
+          dir=nix-${version}-${system}
+          fn=$out/$dir.tar.xz
+          mkdir -p $out/nix-support
+          echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
+          tar cvfJ $fn \
+            --owner=0 --group=0 --mode=u+rw,uga+r \
+            --absolute-names \
+            --hard-dereference \
+            --transform "s,$TMPDIR/install,$dir/install," \
+            --transform "s,$TMPDIR/reginfo,$dir/.reginfo," \
+            --transform "s,$NIX_STORE,$dir/store,S" \
+            $TMPDIR/install $TMPDIR/install-darwin-multi-user.sh \
+            $TMPDIR/install-systemd-multi-user.sh \
+            $TMPDIR/install-multi-user $TMPDIR/reginfo \
+            $(cat ${installerClosureInfo}/store-paths)
+        '');
+
+
+    coverage =
+      with pkgs;
+
+      with import ./release-common.nix { inherit pkgs; };
+
+      releaseTools.coverageAnalysis {
+        name = "nix-build";
+        src = tarball;
+
+        buildInputs = buildDeps;
+
+        dontInstall = false;
+
+        doInstallCheck = true;
+
+        lcovFilter = [ "*/boost/*" "*-tab.*" "*/nlohmann/*" "*/linenoise/*" ];
+
+        # We call `dot', and even though we just use it to
+        # syntax-check generated dot files, it still requires some
+        # fonts.  So provide those.
+        FONTCONFIG_FILE = texFunctions.fontsConf;
+      };
+
+
+    #rpm_fedora27x86_64 = makeRPM_x86_64 (diskImageFunsFun: diskImageFunsFun.fedora27x86_64) [ ];
+
+
+    #deb_debian8i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.debian8i386) [ "libsodium-dev" ] [ "libsodium13" ];
+    #deb_debian8x86_64 = makeDeb_x86_64 (diskImageFunsFun: diskImageFunsFun.debian8x86_64) [ "libsodium-dev" ] [ "libsodium13" ];
+
+    #deb_ubuntu1710i386 = makeDeb_i686 (diskImageFuns: diskImageFuns.ubuntu1710i386) [ ] [ "libsodium18" ];
+    #deb_ubuntu1710x86_64 = makeDeb_x86_64 (diskImageFuns: diskImageFuns.ubuntu1710x86_64) [ ] [ "libsodium18" "libboost-context1.62.0" ];
+
+
+    # System tests.
+    tests.remoteBuilds = (import ./tests/remote-builds.nix rec {
+      inherit nixpkgs;
+      nix = build.x86_64-linux; system = "x86_64-linux";
+    });
+
+    tests.nix-copy-closure = (import ./tests/nix-copy-closure.nix rec {
+      inherit nixpkgs;
+      nix = build.x86_64-linux; system = "x86_64-linux";
+    });
+
+    tests.setuid = pkgs.lib.genAttrs
+      ["i686-linux" "x86_64-linux"]
+      (system:
+        import ./tests/setuid.nix rec {
+          inherit nixpkgs;
+          nix = build.${system}; inherit system;
+        });
+
+    tests.binaryTarball =
+      with import nixpkgs { system = "x86_64-linux"; };
+      vmTools.runInLinuxImage (runCommand "nix-binary-tarball-test"
+        { diskImage = vmTools.diskImages.ubuntu1204x86_64;
+        }
+        ''
+          set -x
+          useradd -m alice
+          su - alice -c 'tar xf ${binaryTarball.x86_64-linux}/*.tar.*'
+          mkdir /dest-nix
+          mount -o bind /dest-nix /nix # Provide a writable /nix.
+          chown alice /nix
+          su - alice -c '_NIX_INSTALLER_TEST=1 ./nix-*/install'
+          su - alice -c 'nix-store --verify'
+          su - alice -c 'PAGER= nix-store -qR ${build.x86_64-linux}'
+
+          # Check whether 'nix upgrade-nix' works.
+          cat > /tmp/paths.nix <<EOF
+          {
+            x86_64-linux = "${build.x86_64-linux}";
+          }
+          EOF
+          su - alice -c 'nix upgrade-nix -vvv --nix-store-paths-url file:///tmp/paths.nix'
+          (! [ -L /home/alice/.profile-1-link ])
+          su - alice -c 'PAGER= nix-store -qR ${build.x86_64-linux}'
+
+          mkdir -p $out/nix-support
+          touch $out/nix-support/hydra-build-products
+          umount /nix
+        ''); # */
+
+    tests.evalNixpkgs =
+      import (nixpkgs + "/pkgs/top-level/make-tarball.nix") {
+        inherit nixpkgs;
+        inherit pkgs;
+        nix = build.x86_64-linux;
+        officialRelease = false;
+      };
+
+    tests.evalNixOS =
+      pkgs.runCommand "eval-nixos" { buildInputs = [ build.x86_64-linux ]; }
+        ''
+          export NIX_STATE_DIR=$TMPDIR
+
+          nix-instantiate ${nixpkgs}/nixos/release-combined.nix -A tested --dry-run \
+            --arg nixpkgs '{ outPath = ${nixpkgs}; revCount = 123; shortRev = "abcdefgh"; }'
+
+          touch $out
+        '';
+
+
+    installerScript =
+      pkgs.runCommand "installer-script"
+        { buildInputs = [ build.x86_64-linux ];
+        }
+        ''
+          mkdir -p $out/nix-support
+
+          substitute ${./scripts/install.in} $out/install \
+            ${pkgs.lib.concatMapStrings
+              (system: "--replace '@binaryTarball_${system}@' $(nix hash-file --base16 --type sha256 ${binaryTarball.${system}}/*.tar.xz) ")
+              [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
+            } \
+            --replace '@nixVersion@' ${build.x86_64-linux.src.version}
+
+          echo "file installer $out/install" >> $out/nix-support/hydra-build-products
+        '';
+
+
+    # Aggregate job containing the release-critical jobs.
+    release = pkgs.releaseTools.aggregate {
+      name = "nix-${tarball.version}";
+      meta.description = "Release-critical builds";
+      constituents =
+        [ tarball
+          build.i686-linux
+          build.x86_64-darwin
+          build.x86_64-linux
+          build.aarch64-linux
+          binaryTarball.i686-linux
+          binaryTarball.x86_64-darwin
+          binaryTarball.x86_64-linux
+          binaryTarball.aarch64-linux
+          tests.remoteBuilds
+          tests.nix-copy-closure
+          tests.binaryTarball
+          tests.evalNixpkgs
+          tests.evalNixOS
+          installerScript
+        ];
+    };
+
+  };
+
+
+  makeRPM_i686 = makeRPM "i686-linux";
+  makeRPM_x86_64 = makeRPM "x86_64-linux";
+
+  makeRPM =
+    system: diskImageFun: extraPackages:
+
+    with import nixpkgs { inherit system; };
+
+    releaseTools.rpmBuild rec {
+      name = "nix-rpm";
+      src = jobs.tarball;
+      diskImage = (diskImageFun vmTools.diskImageFuns)
+        { extraPackages =
+            [ "sqlite" "sqlite-devel" "bzip2-devel" "libcurl-devel" "openssl-devel" "xz-devel" "libseccomp-devel" "libsodium-devel" "boost-devel" "bison" "flex" ]
+            ++ extraPackages; };
+      # At most 2047MB can be simulated in qemu-system-i386
+      memSize = 2047;
+      meta.schedulingPriority = 50;
+      postRPMInstall = "cd /tmp/rpmout/BUILD/nix-* && make installcheck";
+      #enableParallelBuilding = true;
+    };
+
+
+  makeDeb_i686 = makeDeb "i686-linux";
+  makeDeb_x86_64 = makeDeb "x86_64-linux";
+
+  makeDeb =
+    system: diskImageFun: extraPackages: extraDebPackages:
+
+    with import nixpkgs { inherit system; };
+
+    releaseTools.debBuild {
+      name = "nix-deb";
+      src = jobs.tarball;
+      diskImage = (diskImageFun vmTools.diskImageFuns)
+        { extraPackages =
+            [ "libsqlite3-dev" "libbz2-dev" "libcurl-dev" "libcurl3-nss" "libssl-dev" "liblzma-dev" "libseccomp-dev" "libsodium-dev" "libboost-all-dev" ]
+            ++ extraPackages; };
+      memSize = 2047;
+      meta.schedulingPriority = 50;
+      postInstall = "make installcheck";
+      configureFlags = "--sysconfdir=/etc";
+      debRequires =
+        [ "curl" "libsqlite3-0" "libbz2-1.0" "bzip2" "xz-utils" "libssl1.0.0" "liblzma5" "libseccomp2" ]
+        ++ extraDebPackages;
+      debMaintainer = "Eelco Dolstra <eelco.dolstra@logicblox.com>";
+      doInstallCheck = true;
+      #enableParallelBuilding = true;
+    };
+
+
+in jobs

scripts/install-darwin-multi-user.sh

@@ -39,7 +39,7 @@ EOF
 
 poly_configure_nix_daemon_service() {
     _sudo "to set up the nix-daemon as a LaunchDaemon" \
-          cp -f "/nix/var/nix/profiles/default$PLIST_DEST" "$PLIST_DEST"
+          ln -sfn "/nix/var/nix/profiles/default$PLIST_DEST" "$PLIST_DEST"
 
     _sudo "to load the LaunchDaemon plist for nix-daemon" \
           launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist

scripts/install-multi-user.sh

@@ -13,12 +13,15 @@ set -o pipefail
 # however tracking which bits came from which would be impossible.
 
 readonly ESC='\033[0m'
-readonly BOLD='\033[1m'
-readonly BLUE='\033[34m'
-readonly BLUE_UL='\033[4;34m'
-readonly GREEN='\033[32m'
-readonly GREEN_UL='\033[4;32m'
-readonly RED='\033[31m'
+readonly BOLD='\033[38;1m'
+readonly BLUE='\033[38;34m'
+readonly BLUE_UL='\033[38;4;34m'
+readonly GREEN='\033[38;32m'
+readonly GREEN_UL='\033[38;4;32m'
+readonly RED='\033[38;31m'
+readonly RED_UL='\033[38;4;31m'
+readonly YELLOW='\033[38;33m'
+readonly YELLOW_UL='\033[38;4;33m'
 
 readonly NIX_USER_COUNT="32"
 readonly NIX_BUILD_GROUP_ID="30000"
@@ -275,9 +278,73 @@ EOF
     fi
 
     if type nix-env 2> /dev/null >&2; then
-        warning <<EOF
-Nix already appears to be installed. This installer may run into issues.
-If an error occurs, try manually uninstalling, then rerunning this script.
+        failure <<EOF
+Nix already appears to be installed, and this tool assumes it is
+_not_ yet installed.
+
+$(uninstall_directions)
+EOF
+    fi
+
+    if [ "${NIX_REMOTE:-}" != "" ]; then
+        failure <<EOF
+For some reason, \$NIX_REMOTE is set. It really should not be set
+before this installer runs, and it hints that Nix is currently
+installed. Please delete the old Nix installation and start again.
+
+Note: You might need to close your shell window and open a new shell
+to clear the variable.
+EOF
+    fi
+
+    if echo "${SSL_CERT_FILE:-}" | grep -qE "(nix/var/nix|nix-profile)"; then
+        failure <<EOF
+It looks like \$SSL_CERT_FILE is set to a path that used to be part of
+the old Nix installation. Please unset that variable and try again:
+
+  $ unset SSL_CERT_FILE
+
+EOF
+    fi
+
+    for file in ~/.bash_profile ~/.bash_login ~/.profile ~/.zshenv ~/.zprofile ~/.zshrc ~/.zlogin; do
+        if [ -f "$file" ]; then
+            if grep -l "^[^#].*.nix-profile" "$file"; then
+                failure <<EOF
+I found a reference to a ".nix-profile" in $file.
+This has a high chance of breaking a new nix installation. It was most
+likely put there by a previous Nix installer.
+
+Please remove this reference and try running this again. You should
+also look for similar references in:
+
+ - ~/.bash_profile
+ - ~/.bash_login
+ - ~/.profile
+
+or other shell init files that you may have.
+
+$(uninstall_directions)
+EOF
+            fi
+        fi
+    done
+
+    if [ -d /nix/store ] || [ -d /nix/var ]; then
+        failure <<EOF
+There are some relics of a previous installation of Nix at /nix, and
+this scripts assumes Nix is _not_ yet installed. Please delete the old
+Nix installation and start again.
+
+$(uninstall_directions)
+EOF
+    fi
+
+    if [ -d /etc/nix ]; then
+        failure <<EOF
+There are some relics of a previous installation of Nix at /etc/nix, and
+this scripts assumes Nix is _not_ yet installed. Please delete the old
+Nix installation and start again.
 
 $(uninstall_directions)
 EOF
@@ -285,7 +352,7 @@ EOF
 
     for profile_target in "${PROFILE_TARGETS[@]}"; do
         if [ -e "$profile_target$PROFILE_BACKUP_SUFFIX" ]; then
-            failure <<EOF
+        failure <<EOF
 When this script runs, it backs up the current $profile_target to
 $profile_target$PROFILE_BACKUP_SUFFIX. This backup file already exists, though.
 
@@ -297,10 +364,38 @@ in case.
 2. Take care to make sure that $profile_target$PROFILE_BACKUP_SUFFIX doesn't look like
 it has anything nix-related in it. If it does, something is probably
 quite wrong. Please open an issue or get in touch immediately.
+
+3. Take care to make sure that $profile_target doesn't look like it has
+anything nix-related in it. If it does, and $profile_target _did not_,
+run:
+
+  $ /usr/bin/sudo /bin/mv $profile_target$PROFILE_BACKUP_SUFFIX $profile_target
+
+and try again.
+EOF
+        fi
+
+        if [ -e "$profile_target" ] && grep -qi "nix" "$profile_target"; then
+            failure <<EOF
+It looks like $profile_target already has some Nix configuration in
+there. There should be no reason to run this again. If you're having
+trouble, please open an issue.
 EOF
         fi
     done
 
+    danger_paths=("$ROOT_HOME/.nix-defexpr" "$ROOT_HOME/.nix-channels" "$ROOT_HOME/.nix-profile")
+    for danger_path in "${danger_paths[@]}"; do
+        if _sudo "making sure that $danger_path doesn't exist" \
+           test -e "$danger_path"; then
+            failure <<EOF
+I found a file at $danger_path, which is a relic of a previous
+installation. You must first delete this file before continuing.
+
+$(uninstall_directions)
+EOF
+        fi
+    done
 }
 
 setup_report() {
@@ -434,17 +529,24 @@ create_build_users() {
 }
 
 create_directories() {
-    # FIXME: remove all of this because it duplicates LocalStore::LocalStore().
-
     _sudo "to make the basic directory structure of Nix (part 1)" \
-          mkdir -pv -m 0755 /nix /nix/var /nix/var/log /nix/var/log/nix /nix/var/log/nix/drvs /nix/var/nix{,/db,/gcroots,/profiles,/temproots,/userpool} /nix/var/nix/{gcroots,profiles}/per-user
+          mkdir -pv -m 0755 /nix /nix/var /nix/var/log /nix/var/log/nix /nix/var/log/nix/drvs /nix/var/nix{,/db,/gcroots,/profiles,/temproots,/userpool}
 
     _sudo "to make the basic directory structure of Nix (part 2)" \
-          mkdir -pv -m 1775 /nix/store
+          mkdir -pv -m 1777 /nix/var/nix/{gcroots,profiles}/per-user
 
     _sudo "to make the basic directory structure of Nix (part 3)" \
+          mkdir -pv -m 1775 /nix/store
+
+    _sudo "to make the basic directory structure of Nix (part 4)" \
           chgrp "$NIX_BUILD_GROUP_NAME" /nix/store
 
+    _sudo "to set up the root user's profile (part 1)" \
+          mkdir -pv -m 0755 /nix/var/nix/profiles/per-user/root
+
+    _sudo "to set up the root user's profile (part 2)" \
+          mkdir -pv -m 0700 "$ROOT_HOME/.nix-defexpr"
+
     _sudo "to place the default nix daemon configuration (part 1)" \
           mkdir -pv -m 0555 /etc/nix
 }
@@ -487,7 +589,7 @@ EOF
 We will:
 
  - make sure your computer doesn't already have Nix files
-   (if it does, I will tell you how to clean them up.)
+   (if it does, I  will tell you how to clean them up.)
  - create local users (see the list above for the users we'll make)
  - create a local group ($NIX_BUILD_GROUP_NAME)
  - install Nix in to $NIX_ROOT
@@ -567,7 +669,7 @@ install_from_extracted_nix() {
         cd "$EXTRACTED_NIX_PATH"
 
         _sudo "to copy the basic Nix files to the new store at $NIX_ROOT/store" \
-              rsync -rlpt --chmod=-w ./store/* "$NIX_ROOT/store/"
+              rsync -rlpt ./store/* "$NIX_ROOT/store/"
 
         if [ -d "$NIX_INSTALLED_NIX" ]; then
             echo "      Alright! We have our first nix at $NIX_INSTALLED_NIX"
@@ -670,7 +772,9 @@ main() {
     welcome_to_nix
     chat_about_sudo
 
-    validate_starting_assumptions
+    if [ "${ALLOW_PREEXISTING_INSTALLATION:-}" = "" ]; then
+        validate_starting_assumptions
+    fi
 
     setup_report
 

scripts/install-nix-from-closure.sh

@@ -87,7 +87,7 @@ if ! [ -e $dest ]; then
 fi
 
 if ! [ -w $dest ]; then
-    echo "$0: directory $dest exists, but is not writable by you. This could indicate that another user has already performed a single-user installation of Nix on this system. If you wish to enable multi-user support see https://nixos.org/nix/manual/#ssec-multi-user. If you wish to continue with a single-user install for $USER please run 'chown -R $USER $dest' as root." >&2
+    echo "$0: directory $dest exists, but is not writable by you. This could indicate that another user has already performed a single-user installation of Nix on this system. If you wish to enable multi-user support see http://nixos.org/nix/manual/#ssec-multi-user. If you wish to continue with a single-user install for $USER please run 'chown -R $USER $dest' as root." >&2
     exit 1
 fi
 
@@ -102,7 +102,7 @@ for i in $(cd "$self/store" >/dev/null && echo ./*); do
         rm -rf "$i_tmp"
     fi
     if ! [ -e "$dest/store/$i" ]; then
-        cp -RPp "$self/store/$i" "$i_tmp"
+        cp -Rp "$self/store/$i" "$i_tmp"
         chmod -R a-w "$i_tmp"
         chmod +w "$i_tmp"
         mv "$i_tmp" "$dest/store/$i"
@@ -141,9 +141,11 @@ if [ -z "$_NIX_INSTALLER_TEST" ]; then
 fi
 
 added=
-p=$HOME/.nix-profile/etc/profile.d/nix.sh
 if [ -z "$NIX_INSTALLER_NO_MODIFY_PROFILE" ]; then
+
     # Make the shell source nix.sh during login.
+    p=$HOME/.nix-profile/etc/profile.d/nix.sh
+
     for i in .bash_profile .bash_login .profile; do
         fn="$HOME/$i"
         if [ -w "$fn" ]; then
@@ -155,6 +157,7 @@ if [ -z "$NIX_INSTALLER_NO_MODIFY_PROFILE" ]; then
             break
         fi
     done
+
 fi
 
 if [ -z "$added" ]; then

scripts/install-systemd-multi-user.sh

@@ -88,7 +88,7 @@ poly_configure_nix_daemon_service() {
           systemctl start nix-daemon.socket
 
     _sudo "to start the nix-daemon.service" \
-          systemctl restart nix-daemon.service
+          systemctl start nix-daemon.service
 
 }
 

scripts/install.in

@@ -30,13 +30,12 @@ case "$(uname -s).$(uname -m)" in
     *) oops "sorry, there is no binary distribution of Nix for your platform";;
 esac
 
-url="https://releases.nixos.org/nix/nix-@nixVersion@/nix-@nixVersion@-$system.tar.xz"
+url="https://nixos.org/releases/nix/nix-@nixVersion@/nix-@nixVersion@-$system.tar.xz"
 
 tarball="$tmpDir/$(basename "$tmpDir/nix-@nixVersion@-$system.tar.xz")"
 
 require_util curl "download the binary tarball"
 require_util tar "unpack the binary tarball"
-require_util xz "unpack the binary tarball"
 
 echo "downloading Nix @nixVersion@ binary tarball for $system from '$url' to '$tmpDir'..."
 curl -L "$url" -o "$tarball" || oops "failed to download '$url'"
@@ -57,7 +56,7 @@ fi
 
 unpack=$tmpDir/unpack
 mkdir -p "$unpack"
-tar -xJf "$tarball" -C "$unpack" || oops "failed to unpack '$url'"
+tar -xf "$tarball" -C "$unpack" || oops "failed to unpack '$url'"
 
 script=$(echo "$unpack"/*/install)
 

scripts/nix-profile-daemon.sh.in

@@ -2,8 +2,48 @@
 if [ -n "${__ETC_PROFILE_NIX_SOURCED:-}" ]; then return; fi
 __ETC_PROFILE_NIX_SOURCED=1
 
+export NIX_USER_PROFILE_DIR="@localstatedir@/nix/profiles/per-user/$USER"
 export NIX_PROFILES="@localstatedir@/nix/profiles/default $HOME/.nix-profile"
 
+# Set up the per-user profile.
+mkdir -m 0755 -p $NIX_USER_PROFILE_DIR
+if ! test -O "$NIX_USER_PROFILE_DIR"; then
+    echo "WARNING: bad ownership on $NIX_USER_PROFILE_DIR" >&2
+fi
+
+if test -w $HOME; then
+  if ! test -L $HOME/.nix-profile; then
+      if test "$USER" != root; then
+          ln -s $NIX_USER_PROFILE_DIR/profile $HOME/.nix-profile
+      else
+          # Root installs in the system-wide profile by default.
+          ln -s @localstatedir@/nix/profiles/default $HOME/.nix-profile
+      fi
+  fi
+
+  # Subscribe the root user to the NixOS channel by default.
+  if [ "$USER" = root -a ! -e $HOME/.nix-channels ]; then
+      echo "https://nixos.org/channels/nixpkgs-unstable nixpkgs" > $HOME/.nix-channels
+  fi
+
+  # Create the per-user garbage collector roots directory.
+  NIX_USER_GCROOTS_DIR=@localstatedir@/nix/gcroots/per-user/$USER
+  mkdir -m 0755 -p $NIX_USER_GCROOTS_DIR
+  if ! test -O "$NIX_USER_GCROOTS_DIR"; then
+      echo "WARNING: bad ownership on $NIX_USER_GCROOTS_DIR" >&2
+  fi
+
+  # Set up a default Nix expression from which to install stuff.
+  if [ ! -e $HOME/.nix-defexpr -o -L $HOME/.nix-defexpr ]; then
+      rm -f $HOME/.nix-defexpr
+      mkdir -p $HOME/.nix-defexpr
+      if [ "$USER" != root ]; then
+          ln -s @localstatedir@/nix/profiles/per-user/root/channels $HOME/.nix-defexpr/channels_root
+      fi
+  fi
+fi
+
+
 # Set $NIX_SSL_CERT_FILE so that Nixpkgs applications like curl work.
 if [ ! -z "${NIX_SSL_CERT_FILE:-}" ]; then
     : # Allow users to override the NIX_SSL_CERT_FILE
@@ -24,4 +64,5 @@ else
   done
 fi
 
+export NIX_PATH="nixpkgs=@localstatedir@/nix/profiles/per-user/root/channels/nixpkgs:@localstatedir@/nix/profiles/per-user/root/channels"
 export PATH="$HOME/.nix-profile/bin:@localstatedir@/nix/profiles/default/bin:$PATH"

scripts/nix-profile.sh.in

@@ -1,10 +1,60 @@
 if [ -n "$HOME" ] && [ -n "$USER" ]; then
+    __savedpath="$PATH"
+    export PATH=@coreutils@
 
     # Set up the per-user profile.
     # This part should be kept in sync with nixpkgs:nixos/modules/programs/shell.nix
 
     NIX_LINK=$HOME/.nix-profile
 
+    NIX_USER_PROFILE_DIR=@localstatedir@/nix/profiles/per-user/$USER
+
+    mkdir -m 0755 -p "$NIX_USER_PROFILE_DIR"
+
+    if [ "$(stat --printf '%u' "$NIX_USER_PROFILE_DIR")" != "$(id -u)" ]; then
+        echo "Nix: WARNING: bad ownership on "$NIX_USER_PROFILE_DIR", should be $(id -u)" >&2
+    fi
+
+    if [ -w "$HOME" ]; then
+        if ! [ -L "$NIX_LINK" ]; then
+            echo "Nix: creating $NIX_LINK" >&2
+            if [ "$USER" != root ]; then
+                if ! ln -s "$NIX_USER_PROFILE_DIR"/profile "$NIX_LINK"; then
+                    echo "Nix: WARNING: could not create $NIX_LINK -> $NIX_USER_PROFILE_DIR/profile" >&2
+                fi
+            else
+                # Root installs in the system-wide profile by default.
+                ln -s @localstatedir@/nix/profiles/default "$NIX_LINK"
+            fi
+        fi
+
+        # Subscribe the user to the unstable Nixpkgs channel by default.
+        if [ ! -e "$HOME/.nix-channels" ]; then
+            echo "https://nixos.org/channels/nixpkgs-unstable nixpkgs" > "$HOME/.nix-channels"
+        fi
+
+        # Create the per-user garbage collector roots directory.
+        __user_gcroots=@localstatedir@/nix/gcroots/per-user/"$USER"
+        mkdir -m 0755 -p "$__user_gcroots"
+        if [ "$(stat --printf '%u' "$__user_gcroots")" != "$(id -u)" ]; then
+            echo "Nix: WARNING: bad ownership on $__user_gcroots, should be $(id -u)" >&2
+        fi
+        unset __user_gcroots
+
+        # Set up a default Nix expression from which to install stuff.
+        __nix_defexpr="$HOME"/.nix-defexpr
+        [ -L "$__nix_defexpr" ] && rm -f "$__nix_defexpr"
+        mkdir -m 0755 -p "$__nix_defexpr"
+        if [ "$USER" != root ] && [ ! -L "$__nix_defexpr"/channels_root ]; then
+            ln -s @localstatedir@/nix/profiles/per-user/root/channels "$__nix_defexpr"/channels_root
+        fi
+        unset __nix_defexpr
+    fi
+
+    # Append ~/.nix-defexpr/channels to $NIX_PATH so that <nixpkgs>
+    # paths work when the user has fetched the Nixpkgs channel.
+    export NIX_PATH=${NIX_PATH:+$NIX_PATH:}$HOME/.nix-defexpr/channels
+
     # Set up environment.
     # This part should be kept in sync with nixpkgs:nixos/modules/programs/environment.nix
     export NIX_PROFILES="@localstatedir@/nix/profiles/default $HOME/.nix-profile"
@@ -28,6 +78,6 @@ if [ -n "$HOME" ] && [ -n "$USER" ]; then
         export MANPATH="$NIX_LINK/share/man:$MANPATH"
     fi
 
-    export PATH="$NIX_LINK/bin:$PATH"
-    unset NIX_LINK
+    export PATH="$NIX_LINK/bin:$__savedpath"
+    unset __savedpath NIX_LINK NIX_USER_PROFILE_DIR
 fi

shell.nix

@@ -1,3 +1,25 @@
-(import (fetchTarball https://github.com/edolstra/flake-compat/archive/master.tar.gz) {
-  src = builtins.fetchGit ./.;
-}).shellNix
+{ useClang ? false }:
+
+with import (builtins.fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz) {};
+
+with import ./release-common.nix { inherit pkgs; };
+
+(if useClang then clangStdenv else stdenv).mkDerivation {
+  name = "nix";
+
+  buildInputs = buildDeps ++ tarballDeps ++ perlDeps;
+
+  inherit configureFlags;
+
+  enableParallelBuilding = true;
+
+  installFlags = "sysconfdir=$(out)/etc";
+
+  shellHook =
+    ''
+      export prefix=$(pwd)/inst
+      configureFlags+=" --prefix=$prefix"
+      PKG_CONFIG_PATH=$prefix/lib/pkgconfig:$PKG_CONFIG_PATH
+      PATH=$prefix/bin:$PATH
+    '';
+}

src/build-remote/build-remote.cc

@@ -17,7 +17,7 @@
 #include "store-api.hh"
 #include "derivations.hh"
 #include "local-store.hh"
-#include "../nix/legacy.hh"
+#include "legacy.hh"
 
 using namespace nix;
 using std::cin;
@@ -88,7 +88,7 @@ static int _main(int argc, char * * argv)
             return 0;
         }
 
-        std::optional<StorePath> drvPath;
+        string drvPath;
         string storeUri;
 
         while (true) {
@@ -100,7 +100,7 @@ static int _main(int argc, char * * argv)
 
             auto amWilling = readInt(source);
             auto neededSystem = readString(source);
-            drvPath = store->parseStorePath(readString(source));
+            source >> drvPath;
             auto requiredFeatures = readStrings<std::set<std::string>>(source);
 
              auto canBuildLocally = amWilling
@@ -188,7 +188,7 @@ static int _main(int argc, char * * argv)
 
                     Store::Params storeParams;
                     if (hasPrefix(bestMachine->storeUri, "ssh://")) {
-                        storeParams["max-connections"] = "1";
+                        storeParams["max-connections"] ="1";
                         storeParams["log-fd"] = "4";
                         if (bestMachine->sshKey != "")
                             storeParams["ssh-key"] = bestMachine->sshKey;
@@ -236,27 +236,26 @@ connected:
 
         {
             Activity act(*logger, lvlTalkative, actUnknown, fmt("copying dependencies to '%s'", storeUri));
-            copyPaths(store, ref<Store>(sshStore), store->parseStorePathSet(inputs), NoRepair, NoCheckSigs, substitute);
+            copyPaths(store, ref<Store>(sshStore), inputs, NoRepair, NoCheckSigs, substitute);
         }
 
         uploadLock = -1;
 
-        BasicDerivation drv(readDerivation(*store, store->realStoreDir + "/" + std::string(drvPath->to_string())));
-        drv.inputSrcs = store->parseStorePathSet(inputs);
+        BasicDerivation drv(readDerivation(store->realStoreDir + "/" + baseNameOf(drvPath)));
+        drv.inputSrcs = inputs;
 
-        auto result = sshStore->buildDerivation(*drvPath, drv);
+        auto result = sshStore->buildDerivation(drvPath, drv);
 
         if (!result.success())
-            throw Error("build of '%s' on '%s' failed: %s", store->printStorePath(*drvPath), storeUri, result.errorMsg);
+            throw Error("build of '%s' on '%s' failed: %s", drvPath, storeUri, result.errorMsg);
 
-        StorePathSet missing;
+        PathSet missing;
         for (auto & path : outputs)
-            if (!store->isValidPath(store->parseStorePath(path))) missing.insert(store->parseStorePath(path));
+            if (!store->isValidPath(path)) missing.insert(path);
 
         if (!missing.empty()) {
             Activity act(*logger, lvlTalkative, actUnknown, fmt("copying outputs from '%s'", storeUri));
-            for (auto & i : missing)
-                store->locksHeld.insert(store->printStorePath(i)); /* FIXME: ugly */
+            store->locksHeld.insert(missing.begin(), missing.end()); /* FIXME: ugly */
             copyPaths(ref<Store>(sshStore), store, missing, NoRepair, NoCheckSigs, NoSubstitute);
         }
 

src/error-demo/error-demo.cc

@@ -1,66 +0,0 @@
-#include "error.hh"
-#include "nixexpr.hh"
-
-#include <iostream>
-#include <optional>
-
-int main()
-{
-    using namespace nix;
-
-    // In each program where errors occur, this has to be set.
-    ErrorInfo::programName = std::optional("error-demo");
-
-    // Error in a program; no hint and no nix code.
-    printErrorInfo(
-        ErrorInfo { .level = elError,
-                    .name = "name",
-                    .description = "error description",
-                  });
-
-    // Warning with name, description, and hint.
-    // The hintfmt function makes all the substituted text yellow.
-    printErrorInfo(
-        ErrorInfo { .level = elWarning,
-                    .name = "name",
-                    .description = "error description",
-                    .hint =  std::optional(
-                                 hintfmt("there was a %1%", "warning")),
-                  });
-
-
-    // Warning with nix file, line number, column, and the lines of
-    // code where a warning occurred.
-    SymbolTable testTable;
-    auto problem_file = testTable.create("myfile.nix");
-
-    printErrorInfo(
-        ErrorInfo{
-            .level = elWarning,
-            .name = "warning name",
-            .description = "warning description",
-            .hint = hintfmt("this hint has %1% templated %2%!!", "yellow", "values"),
-            .nixCode = NixCode {
-                .errPos = Pos(problem_file, 40, 13),
-                .prevLineOfCode = std::nullopt,
-                .errLineOfCode = "this is the problem line of code",
-                .nextLineOfCode = std::nullopt
-            }});
-
-    // Error with previous and next lines of code.
-    printErrorInfo(
-        ErrorInfo{
-            .level = elError,
-            .name = "error name",
-            .description = "error description",
-            .hint = hintfmt("this hint has %1% templated %2%!!", "yellow", "values"),
-            .nixCode = NixCode {
-                .errPos = Pos(problem_file, 40, 13),
-                .prevLineOfCode = std::optional("previous line of code"),
-                .errLineOfCode = "this is the problem line of code",
-                .nextLineOfCode = std::optional("next line of code"),
-            }});
-
-
-    return 0;
-}

src/error-demo/local.mk

@@ -1,12 +0,0 @@
-programs += error-demo
-
-error-demo_DIR := $(d)
-
-error-demo_SOURCES := \
-  $(wildcard $(d)/*.cc) \
-
-error-demo_CXXFLAGS += -I src/libutil -I src/libexpr
-
-error-demo_LIBS = libutil libexpr
-
-error-demo_LDFLAGS = -pthread $(SODIUM_LIBS) $(EDITLINE_LIBS) $(BOOST_LDFLAGS) -lboost_context -lboost_thread -lboost_system