From ff8da340ae93f053350872e5d7ac301fd7c814ee Mon Sep 17 00:00:00 2001
From: Luc Perkins <lucperkins@gmail.com>
Date: Tue, 25 Feb 2025 14:33:57 -0300
Subject: [PATCH] Remove references to single-user mode

---
 doc/manual/redirects.js                       |  3 ---
 doc/manual/source/SUMMARY.md.in               |  4 +--
 doc/manual/source/installation/index.md       | 13 ----------
 .../source/installation/installing-binary.md  | 25 +------------------
 .../source/installation/installing-docker.md  | 18 -------------
 .../source/installation/nix-security.md       | 15 -----------
 doc/manual/source/installation/single-user.md |  9 -------
 doc/manual/source/installation/uninstall.md   |  9 -------
 doc/manual/source/installation/upgrading.md   |  6 -----
 9 files changed, 2 insertions(+), 100 deletions(-)
 delete mode 100644 doc/manual/source/installation/nix-security.md
 delete mode 100644 doc/manual/source/installation/single-user.md

diff --git a/doc/manual/redirects.js b/doc/manual/redirects.js
index dea141391..36f53cbc8 100644
--- a/doc/manual/redirects.js
+++ b/doc/manual/redirects.js
@@ -271,13 +271,10 @@ const redirects = {
     "sect-multi-user-installation": "installation/installing-binary.html#multi-user-installation",
     "sect-nix-install-binary-tarball": "installation/installing-binary.html#installing-from-a-binary-tarball",
     "sect-nix-install-pinned-version-url": "installation/installing-binary.html#installing-a-pinned-nix-version-from-a-url",
-    "sect-single-user-installation": "installation/installing-binary.html#single-user-installation",
     "ch-installing-source": "installation/installing-source.html",
     "ssec-multi-user": "installation/multi-user.html",
-    "ch-nix-security": "installation/nix-security.html",
     "sec-obtaining-source": "installation/obtaining-source.html",
     "sec-prerequisites-source": "installation/prerequisites-source.html",
-    "sec-single-user": "installation/single-user.html",
     "ch-supported-platforms": "installation/supported-platforms.html",
     "ch-upgrading-nix": "installation/upgrading.html",
     "ch-about-nix": "introduction.html",
diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in
index 228bbc882..9d465e4bb 100644
--- a/doc/manual/source/SUMMARY.md.in
+++ b/doc/manual/source/SUMMARY.md.in
@@ -10,9 +10,7 @@
     - [Obtaining a Source Distribution](installation/obtaining-source.md)
     - [Building Nix from Source](installation/building-source.md)
   - [Using Nix within Docker](installation/installing-docker.md)
-  - [Security](installation/nix-security.md)
-    - [Single-User Mode](installation/single-user.md)
-    - [Multi-User Mode](installation/multi-user.md)
+  - [Multi-User Mode](installation/multi-user.md)
   - [Environment Variables](installation/env-variables.md)
   - [Upgrading Nix](installation/upgrading.md)
   - [Uninstalling Nix](installation/uninstall.md)
diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md
index 48725c1ba..d71634946 100644
--- a/doc/manual/source/installation/index.md
+++ b/doc/manual/source/installation/index.md
@@ -26,19 +26,6 @@ This option requires either:
 $ curl -L https://nixos.org/nix/install | sh -s -- --daemon
 ```
 
-## Single-user
-
-> Single-user is not supported on Mac.
-
-This installation has less requirements than the multi-user install, however it
-cannot offer equivalent sharing, isolation, or security.
-
-This option is suitable for systems without systemd.
-
-```console
-$ curl -L https://nixos.org/nix/install | sh -s -- --no-daemon
-```
-
 ## Distributions
 
 The Nix community maintains installers for several distributions.
diff --git a/doc/manual/source/installation/installing-binary.md b/doc/manual/source/installation/installing-binary.md
index 6a1a5ddca..0a2d650a9 100644
--- a/doc/manual/source/installation/installing-binary.md
+++ b/doc/manual/source/installation/installing-binary.md
@@ -19,11 +19,6 @@ This performs the default type of installation for your platform:
 - [Multi-user](#multi-user-installation):
   - Linux with systemd and without SELinux
   - macOS
-- [Single-user](#single-user-installation):
-  - Linux without systemd
-  - Linux with SELinux
-
-We recommend the multi-user installation if it supports your platform and you can authenticate with `sudo`.
 
 The installer can configured with various command line arguments and environment variables.
 To show available command line flags:
@@ -42,7 +37,7 @@ The directory for each version contains the corresponding SHA-256 hash.
 All installation scripts are invoked the same way:
 
 ```console
-$ export VERSION=2.19.2 
+$ export VERSION=2.19.2
 $ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh
 ```
 
@@ -64,24 +59,6 @@ $ bash <(curl -L https://nixos.org/nix/install) --daemon
 You can run this under your usual user account or `root`.
 The script will invoke `sudo` as needed.
 
-# Single User Installation
-
-To explicitly select a single-user installation on your system:
-
-```console
-$ bash <(curl -L https://nixos.org/nix/install) --no-daemon
-```
-
-In a single-user installation, `/nix` is owned by the invoking user.
-The script will invoke `sudo` to create `/nix` if it doesn’t already exist.
-If you don’t have `sudo`, manually create `/nix` as `root`:
-
-```console
-$ su root
-# mkdir /nix
-# chown alice /nix
-```
-
 # Installing from a binary tarball
 
 You can also download a binary tarball that contains Nix and all its dependencies:
diff --git a/doc/manual/source/installation/installing-docker.md b/doc/manual/source/installation/installing-docker.md
index 9354c1a72..6f77d6a57 100644
--- a/doc/manual/source/installation/installing-docker.md
+++ b/doc/manual/source/installation/installing-docker.md
@@ -57,21 +57,3 @@ $ nix build ./\#hydraJobs.dockerImage.x86_64-linux
 $ docker load -i ./result/image.tar.gz
 $ docker run -ti nix:2.5pre20211105
 ```
-
-# Docker image with non-root Nix
-
-If you would like to run Nix in a container under a user other than `root`,
-you can build an image with a non-root single-user installation of Nix
-by specifying the `uid`, `gid`, `uname`, and `gname` arguments to `docker.nix`:
-
-```console
-$ nix build --file docker.nix \
-    --arg uid 1000 \
-    --arg gid 1000 \
-    --argstr uname user \
-    --argstr gname user \
-    --argstr name nix-user \
-    --out-link nix-user.tar.gz
-$ docker load -i nix-user.tar.gz
-$ docker run -ti nix-user
-```
diff --git a/doc/manual/source/installation/nix-security.md b/doc/manual/source/installation/nix-security.md
deleted file mode 100644
index 1e9036b68..000000000
--- a/doc/manual/source/installation/nix-security.md
+++ /dev/null
@@ -1,15 +0,0 @@
-# Security
-
-Nix has two basic security models. First, it can be used in “single-user
-mode”, which is similar to what most other package management tools do:
-there is a single user (typically root) who performs all package
-management operations. All other users can then use the installed
-packages, but they cannot perform package management operations
-themselves.
-
-Alternatively, you can configure Nix in “multi-user mode”. In this
-model, all users can perform package management operations — for
-instance, every user can install software without requiring root
-privileges. Nix ensures that this is secure. For instance, it’s not
-possible for one user to overwrite a package used by another user with a
-Trojan horse.
diff --git a/doc/manual/source/installation/single-user.md b/doc/manual/source/installation/single-user.md
deleted file mode 100644
index f9a3b26ed..000000000
--- a/doc/manual/source/installation/single-user.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Single-User Mode
-
-In single-user mode, all Nix operations that access the database in
-`prefix/var/nix/db` or modify the Nix store in `prefix/store` must be
-performed under the user ID that owns those directories. This is
-typically root. (If you install from RPM packages, that’s in fact the
-default ownership.) However, on single-user machines, it is often
-convenient to `chown` those directories to your normal user account so
-that you don’t have to `su` to root all the time.
diff --git a/doc/manual/source/installation/uninstall.md b/doc/manual/source/installation/uninstall.md
index 8d45da6bb..2762edbf4 100644
--- a/doc/manual/source/installation/uninstall.md
+++ b/doc/manual/source/installation/uninstall.md
@@ -154,12 +154,3 @@ which you may remove.
 > You do not have to reboot to finish uninstalling Nix.
 > The uninstall is complete.
 > macOS (Catalina+) directly controls root directories, and its read-only root will prevent you from manually deleting the empty `/nix` mountpoint.
-
-## Single User
-
-To remove a [single-user installation](./installing-binary.md#single-user-installation) of Nix, run:
-
-```console
-rm -rf /nix ~/.nix-channels ~/.nix-defexpr ~/.nix-profile
-```
-You might also want to manually remove references to Nix from your `~/.profile`.
diff --git a/doc/manual/source/installation/upgrading.md b/doc/manual/source/installation/upgrading.md
index a433f1d30..f0992671d 100644
--- a/doc/manual/source/installation/upgrading.md
+++ b/doc/manual/source/installation/upgrading.md
@@ -32,9 +32,3 @@ $ sudo nix-env --install --file '<nixpkgs>' --attr nix cacert -I nixpkgs=channel
 $ sudo launchctl remove org.nixos.nix-daemon
 $ sudo launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist
 ```
-
-## Single-user all platforms
-
-```console
-$ nix-env --install --file '<nixpkgs>' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable
-```