Don't install a second nix after the initial installation, and the rsync change fixes a bug hidden by the nix replacement where the store files were being owned by the installing user due to rsync's -a implying -og.

relevant directions

Prompt for sudo before validating assumptions, and check ourselves for root-owned files instead of making a scary warning.

Fixes #1464.

Not really necessary anymore for #849, but still nice to have.

Fixes #849.

Fix potential crash/wrong result two hashes of unequal length are compared

Clearer error message when regex exceeds space limit

Not sure about the raw ellipsis.

Don’t hardlink disallowed paths in OS X.

Fix nix-instantiate manpage indentation

Fixes #1443

The second command variant is now its own cmdsynopsis, which ensures
it's not indented as was the case using sbrk.

Fixes #1432.

Fixes #1438.

As shlevy pointed out, static variables in C++11 have thread-safe
initialisation.

This allows builds to call setuid binaries. This was previously
possible until we started using seccomp. Turns out that seccomp by
default disallows processes from acquiring new privileges. Generally,
any use of setuid binaries (except those created by the builder
itself) is by definition impure, but some people were relying on this
ability for certain tests.

Example:

  $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --no-allow-new-privileges
  builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 2 log lines:
    cannot raise the capability into the Ambient set
    : Operation not permitted

  $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --allow-new-privileges
  builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 6 log lines:
    PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
    64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=15.2 ms

Fixes #1429.

Also simplify the Hash API.

Fixes #1437.