diff --git a/system/activate-configuration.sh b/system/activate-configuration.sh
index f1a936fc64bd..f09a56e8b5dc 100644
--- a/system/activate-configuration.sh
+++ b/system/activate-configuration.sh
@@ -87,55 +87,24 @@ EOF
 fi
 
 
-# Additional path for the interactive shell.
-PATH=@wrapperDir@:@fullPath@/bin:@fullPath@/sbin
-
-cat > /etc/profile <<EOF
-export PATH=$PATH
-export MODULE_DIR=@kernel@/lib/modules
-export NIX_CONF_DIR=/nix/etc/nix
-export PAGER=less
-export ACLOCAL_PATH=$HOME/.nix-profile/share/aclocal
-
-PROMPT_COLOR="1;31m"
-PS1="\n\[\033[\$PROMPT_COLOR\][\u@\h:\w]\$\[\033[0m\] "
-if test "x\$TERM" == "xxterm"; then
-    PS1="\033]2;\h:\u:\w\007\033]1;\$PS1"
-fi
-
-if test "\$USER" != root; then
-    export NIX_REMOTE=daemon
-fi
-
-source $(dirname $(readlink -f $(type -tp nix-env)))/../etc/profile.d/nix.sh
-
-alias ls="ls --color=tty"
-alias ll="ls -l"
-alias which="type -p"
-
-if test -f /etc/profile.local; then
-    source /etc/profile.local
-fi
-
-test -r \$HOME/.bashrc && source \$HOME/.bashrc
-EOF
-
-
 # Nix initialisation.
 mkdir -m 0755 -p /nix/var/nix/db
 mkdir -m 0755 -p /nix/var/nix/gcroots
 mkdir -m 0755 -p /nix/var/nix/temproots
+mkdir -m 0755 -p /nix/var/nix/profiles
+mkdir -m 1777 -p /nix/var/nix/profiles/per-user
 
 ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
 
 
 # Make a few setuid programs work.
+PATH=@systemPath@/bin:@systemPath@/sbin:$PATH
 wrapperDir=@wrapperDir@
 if test -d $wrapperDir; then rm -f $wrapperDir/*; fi
 mkdir -p $wrapperDir
 for i in @setuidPrograms@; do
     program=$(type -tp $i)
-    cp $(type -tp setuid-wrapper) $wrapperDir/$i
+    cp "$(type -tp setuid-wrapper)" $wrapperDir/$i
     echo -n $program > $wrapperDir/$i.real
     chown root.root $wrapperDir/$i
     chmod 4755 $wrapperDir/$i
diff --git a/system/etc.nix b/system/etc.nix
index 12f5b4371c95..17ace6e1f99c 100644
--- a/system/etc.nix
+++ b/system/etc.nix
@@ -1,4 +1,4 @@
-{pkgs, upstartJobs}:
+{pkgs, upstartJobs, systemPath, wrapperDir}:
 
 import ../helpers/make-etc.nix {
   inherit (pkgs) stdenv;
@@ -59,6 +59,15 @@ import ../helpers/make-etc.nix {
       };
       target = "dhclient-exit-hooks";
     }
+
+    { # Script executed when the shell starts.
+      source = pkgs.substituteAll {
+        src = ./etc/profile.sh;
+        inherit systemPath wrapperDir;
+        inherit (pkgs) kernel;
+      };
+      target = "profile";
+    }
   ]
 
   # A bunch of PAM configuration files for various programs.
diff --git a/system/etc/profile.sh b/system/etc/profile.sh
new file mode 100644
index 000000000000..039fe34a7945
--- /dev/null
+++ b/system/etc/profile.sh
@@ -0,0 +1,56 @@
+export PATH=@wrapperDir@:@systemPath@/bin:@systemPath@/sbin
+export MODULE_DIR=@kernel@/lib/modules
+export NIX_CONF_DIR=/nix/etc/nix
+export PAGER=less
+
+PROMPT_COLOR="1;31m"
+PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]$\[\033[0m\] "
+if test "x$TERM" == "xxterm"; then
+    PS1="\033]2;\h:\u:\w\007\033]1;$PS1"
+fi
+
+if test "$USER" != root; then
+    export NIX_REMOTE=daemon
+fi
+
+
+# Set up the per-user profile.
+NIX_USER_PROFILE_DIR=/nix/var/nix/profiles/per-user/$USER
+mkdir -m 0755 -p $NIX_USER_PROFILE_DIR
+if test "$(stat --printf '%U' $NIX_USER_PROFILE_DIR)" != "$USER"; then
+    echo "WARNING: bad ownership on $_NIX_PROFILE_DIR" >&2
+fi
+
+if ! test -L $HOME/.nix-profile; then
+    echo "creating $HOME/.nix-profile" >&2
+    ln -s $NIX_USER_PROFILE_DIR/profile $HOME/.nix-profile
+fi
+
+NIX_PROFILES="/nix/var/nix/profiles/default $NIX_USER_PROFILE_DIR/profile"
+
+for i in $NIX_PROFILES; do # !!! reverse
+    export PATH=$i/bin:$PATH
+done
+
+
+# Set up a default Nix expression from which to install stuff.
+if ! test -L $HOME/.nix-defexpr; then
+    echo "creating $HOME/.nix-defexpr" >&2
+    ln -s /etc/nixos/install-source.nix $HOME/.nix-defexpr
+fi
+
+
+# Some aliases.
+alias ls="ls --color=tty"
+alias ll="ls -l"
+alias which="type -p"
+
+
+# Read system-wide modifications.
+if test -f /etc/profile.local; then
+    source /etc/profile.local
+fi
+
+
+# Read user modifications.
+test -r $HOME/.bashrc && source $HOME/.bashrc
diff --git a/system/system.nix b/system/system.nix
index 1cd6e8e5b695..fdf06eb58063 100644
--- a/system/system.nix
+++ b/system/system.nix
@@ -123,20 +123,22 @@ rec {
 
   # The static parts of /etc.
   etc = import ./etc.nix {
-    inherit pkgs upstartJobs;
+    inherit pkgs upstartJobs systemPath wrapperDir;
   };
 
 
   # The wrapper setuid programs (since we can't have setuid programs
-  # in the Nix store).  
+  # in the Nix store).
+  wrapperDir = "/var/setuid-wrappers";
+  
   setuidWrapper = import ../helpers/setuid {
     inherit (pkgs) stdenv;
-    wrapperDir = "/var/setuid-wrappers";
+    inherit wrapperDir;
   };
 
 
   # The packages you want in the boot environment.
-  fullPath = [
+  systemPathList = [
     pkgs.bash
     pkgs.bzip2
     pkgs.coreutils
@@ -178,6 +180,18 @@ rec {
   ];
 
 
+  # We don't want to put all of `startPath' and `path' in $PATH, since
+  # then we get an embarrassingly long $PATH.  So use the user
+  # environment builder to make a directory with symlinks to those
+  # packages.
+  systemPath = pkgs.buildEnv {
+    name = "system-path";
+    paths = systemPathList;
+    pathsToLink = ["/bin" "/sbin" "/man" "/share"];
+    ignoreCollisions = true;
+  };
+
+    
   # The script that activates the configuration, i.e., it sets up
   # /etc, accounts, etc.  It doesn't do anything that can only be done
   # at boot time (such as start `init').
@@ -185,12 +199,11 @@ rec {
     src = ./activate-configuration.sh;
     isExecutable = true;
 
-    inherit etc;
+    inherit etc wrapperDir systemPath;
     inherit (pkgs) kernel;
     readOnlyRoot = config.get ["boot" "readOnlyRoot"];
     hostName = config.get ["networking" "hostName"];
     setuidPrograms = config.get ["security" "setuidPrograms"];
-    wrapperDir = setuidWrapper.wrapperDir;
 
     path = [
       pkgs.coreutils pkgs.gnugrep pkgs.findutils
@@ -198,16 +211,6 @@ rec {
       pkgs.pwdutils
     ];
 
-    # We don't want to put all of `startPath' and `path' in $PATH, since
-    # then we get an embarrassingly long $PATH.  So use the user
-    # environment builder to make a directory with symlinks to those
-    # packages.
-    fullPath = pkgs.buildEnv {
-      name = "boot-stage-2-path";
-      paths = fullPath;
-      pathsToLink = ["/bin" "/sbin" "/man" "/share"];
-      ignoreCollisions = true;
-    };
   };