nix (functional package manager)
Nix is a purely functional package manager. This means that it treats packages
like values in purely functional programming languages such as Haskell -- they
are built by functions that don't have side-effects, and they never change
after they have been built. Nix stores packages in the Nix store, usually the
directory /nix/store, where each package has its own unique subdirectory such
as
/nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/
where b6gvzjyb2pg0... is a unique identifier for the package that captures all
its dependencies (it's a cryptographic hash of the package's build dependency
graph).
Nix may be run in single or multi-user mode (which requires the nix-daemon). To
have the nix daemon start and stop with your host, add to /etc/rc.d/rc.local:
if [ -x /etc/rc.d/rc.nix ]; then
/etc/rc.d/rc.nix start
fi
and to /etc/rc.d/rc.local_shutdown (creating it if needed):
if [ -x /etc/rc.d/rc.nix ]; then
/etc/rc.d/rc.nix stop
fi
The daemon requires users for building the nix packages, which should be added
under the 'nixbld' group.
groupadd -g 314 nixbld
for n in $(seq 1 10); do useradd -c "Nix build user $n" \
-d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
nixbld$n; done
Restricting access to the daemon is acheived by setting file permissions for
the daemon's socket's folder.
chgrp nix-users /nix/var/nix/daemon-socket
chmod ug=rwx,o= /nix/var/nix/daemon-socket
Correct permissions must also be set for the following profile directories to give users access.
/nix/var/nix/profiles
/var/nix/profiles