2006-12-09 20:25:23 +01:00
|
|
|
#! @shell@
|
|
|
|
|
2007-03-20 14:01:53 +01:00
|
|
|
systemConfig="$1"
|
2007-05-09 19:32:41 +02:00
|
|
|
if test -z "$systemConfig"; then
|
|
|
|
systemConfig="/system" # for the installation CD
|
|
|
|
fi
|
2007-03-20 14:01:53 +01:00
|
|
|
|
2006-12-10 23:29:44 +01:00
|
|
|
export PATH=/empty
|
2006-12-16 22:48:12 +01:00
|
|
|
for i in @path@; do PATH=$PATH:$i/bin:$i/sbin; done
|
2006-12-09 20:25:23 +01:00
|
|
|
|
|
|
|
|
2006-12-21 15:44:22 +01:00
|
|
|
# Needed by some programs.
|
|
|
|
ln -sfn /proc/self/fd /dev/fd
|
2007-10-06 20:53:50 +02:00
|
|
|
ln -sfn /proc/self/fd/0 /dev/stdin
|
|
|
|
ln -sfn /proc/self/fd/1 /dev/stdout
|
|
|
|
ln -sfn /proc/self/fd/2 /dev/stderr
|
2006-12-21 15:44:22 +01:00
|
|
|
|
|
|
|
|
2006-12-09 20:25:23 +01:00
|
|
|
# Set up the statically computed bits of /etc.
|
|
|
|
staticEtc=/etc/static
|
|
|
|
rm -f $staticEtc
|
|
|
|
ln -s @etc@/etc $staticEtc
|
|
|
|
for i in $(cd $staticEtc && find * -type l); do
|
|
|
|
mkdir -p /etc/$(dirname $i)
|
|
|
|
rm -f /etc/$i
|
2007-08-16 17:09:06 +02:00
|
|
|
if test -e "$staticEtc/$i.mode"; then
|
|
|
|
# Create a regular file in /etc.
|
|
|
|
cp $staticEtc/$i /etc/$i
|
2008-02-08 16:59:15 +01:00
|
|
|
chown 0.0 /etc/$i
|
2007-08-16 17:09:06 +02:00
|
|
|
chmod "$(cat "$staticEtc/$i.mode")" /etc/$i
|
|
|
|
else
|
|
|
|
# Create a symlink in /etc.
|
|
|
|
ln -s $staticEtc/$i /etc/$i
|
|
|
|
fi
|
2006-12-09 20:25:23 +01:00
|
|
|
done
|
|
|
|
|
|
|
|
|
|
|
|
# Remove dangling symlinks that point to /etc/static. These are
|
|
|
|
# configuration files that existed in a previous configuration but not
|
2008-03-22 17:04:38 +01:00
|
|
|
# in the current one. For efficiency, don't look under /etc/nixos
|
|
|
|
# (where all the NixOS sources live).
|
|
|
|
for i in $(find /etc/ \( -path /etc/nixos -prune \) -o -type l); do
|
2006-12-09 20:25:23 +01:00
|
|
|
target=$(readlink "$i")
|
|
|
|
if test "${target:0:${#staticEtc}}" = "$staticEtc" -a ! -e "$i"; then
|
|
|
|
rm -f "$i"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
|
2007-02-06 14:15:52 +01:00
|
|
|
# Create the required /bin/sh symlink; otherwise lots of things
|
|
|
|
# (notably the system() function) won't work.
|
|
|
|
mkdir -m 0755 -p $mountPoint/bin
|
2007-03-20 11:40:45 +01:00
|
|
|
ln -sfn @bash@/bin/sh $mountPoint/bin/sh
|
2007-02-06 14:15:52 +01:00
|
|
|
|
|
|
|
|
2007-03-04 02:16:24 +01:00
|
|
|
# Allow the kernel to find our wrapped modprobe (which searches in the
|
|
|
|
# right location in the Nix store for kernel modules). We need this
|
|
|
|
# when the kernel (or some module) auto-loads a module.
|
|
|
|
# !!! maybe this should only happen at boot time, since we shouldn't
|
|
|
|
# use modules that don't match the running kernel.
|
|
|
|
echo @modprobe@/sbin/modprobe > /proc/sys/kernel/modprobe
|
|
|
|
|
|
|
|
|
2007-06-10 22:02:07 +02:00
|
|
|
# Various log/runtime directories.
|
2006-12-10 23:29:44 +01:00
|
|
|
mkdir -m 0755 -p /var/run
|
2007-06-10 22:02:07 +02:00
|
|
|
mkdir -m 0755 -p /var/run/console # for pam_console
|
2006-12-10 23:29:44 +01:00
|
|
|
|
2007-01-16 17:09:43 +01:00
|
|
|
touch /var/run/utmp # must exist
|
2007-01-15 18:16:49 +01:00
|
|
|
chmod 644 /var/run/utmp
|
2006-12-10 23:29:44 +01:00
|
|
|
|
2007-11-15 18:16:16 +01:00
|
|
|
mkdir -m 0755 -p /var/run/nix/current-load # for distributed builds
|
2008-07-25 15:34:00 +02:00
|
|
|
mkdir -m 0700 -p /var/run/nix/remote-stores
|
2007-11-15 18:16:16 +01:00
|
|
|
|
2006-12-10 23:29:44 +01:00
|
|
|
mkdir -m 0755 -p /var/log
|
|
|
|
|
2007-01-15 18:16:49 +01:00
|
|
|
touch /var/log/wtmp # must exist
|
|
|
|
chmod 644 /var/log/wtmp
|
|
|
|
|
|
|
|
touch /var/log/lastlog
|
|
|
|
chmod 644 /var/log/lastlog
|
|
|
|
|
2007-11-12 15:45:26 +01:00
|
|
|
mkdir -m 1777 -p /var/tmp
|
|
|
|
|
2006-12-10 23:29:44 +01:00
|
|
|
|
2007-06-08 17:41:12 +02:00
|
|
|
# Empty, read-only home directory of many system accounts.
|
|
|
|
mkdir -m 0555 -p /var/empty
|
|
|
|
|
|
|
|
|
2006-12-16 22:48:12 +01:00
|
|
|
# If there is no password file yet, create a root account with an
|
|
|
|
# empty password.
|
2006-12-09 20:25:23 +01:00
|
|
|
if ! test -e /etc/passwd; then
|
2006-12-16 22:48:12 +01:00
|
|
|
rootHome=/root
|
2006-12-25 20:32:31 +01:00
|
|
|
touch /etc/passwd; chmod 0644 /etc/passwd
|
|
|
|
touch /etc/group; chmod 0644 /etc/group
|
|
|
|
touch /etc/shadow; chmod 0600 /etc/shadow
|
2007-06-08 17:41:12 +02:00
|
|
|
# Can't use useradd, since it complains that it doesn't know us
|
2006-12-16 22:48:12 +01:00
|
|
|
# (bootstrap problem!).
|
2007-03-20 14:30:14 +01:00
|
|
|
echo "root:x:0:0:System administrator:$rootHome:@defaultShell@" >> /etc/passwd
|
2006-12-16 22:48:12 +01:00
|
|
|
echo "root::::::::" >> /etc/shadow
|
|
|
|
echo | passwd --stdin root
|
2006-12-09 20:25:23 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2007-06-08 17:41:12 +02:00
|
|
|
# Create system users and groups.
|
|
|
|
@shell@ @createUsersGroups@ @usersList@ @groupsList@
|
2006-12-23 01:26:35 +01:00
|
|
|
|
|
|
|
|
2007-06-08 17:41:12 +02:00
|
|
|
# Set up Nix.
|
2008-01-24 17:56:09 +01:00
|
|
|
mkdir -p /nix/etc/nix
|
|
|
|
ln -sfn /etc/nix.conf /nix/etc/nix/nix.conf
|
|
|
|
chown root.nixbld /nix/store
|
|
|
|
chmod 1775 /nix/store
|
2006-12-09 20:25:23 +01:00
|
|
|
|
|
|
|
|
2006-12-10 23:29:44 +01:00
|
|
|
# Nix initialisation.
|
2008-01-24 17:56:09 +01:00
|
|
|
mkdir -m 0755 -p \
|
|
|
|
/nix/var/nix/gcroots \
|
|
|
|
/nix/var/nix/temproots \
|
|
|
|
/nix/var/nix/manifests \
|
|
|
|
/nix/var/nix/userpool \
|
|
|
|
/nix/var/nix/profiles \
|
|
|
|
/nix/var/nix/db \
|
|
|
|
/nix/var/log/nix/drvs \
|
2008-10-29 16:43:37 +01:00
|
|
|
/nix/var/nix/channel-cache \
|
|
|
|
/nix/var/nix/chroots
|
2007-08-22 16:58:51 +02:00
|
|
|
mkdir -m 1777 -p /nix/var/nix/gcroots/per-user
|
2007-01-15 15:43:56 +01:00
|
|
|
mkdir -m 1777 -p /nix/var/nix/profiles/per-user
|
2006-12-10 23:29:44 +01:00
|
|
|
|
|
|
|
ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
|
2007-08-10 01:54:23 +02:00
|
|
|
ln -sf /nix/var/nix/manifests /nix/var/nix/gcroots/
|
2006-12-10 23:29:44 +01:00
|
|
|
|
|
|
|
|
2006-12-09 20:25:23 +01:00
|
|
|
# Make a few setuid programs work.
|
2007-01-15 15:43:56 +01:00
|
|
|
PATH=@systemPath@/bin:@systemPath@/sbin:$PATH
|
2008-03-19 13:34:39 +01:00
|
|
|
save_PATH="$PATH"
|
|
|
|
|
|
|
|
# Add the default profile to the search path for setuid executables.
|
|
|
|
PATH="/nix/var/nix/profiles/default/sbin:$PATH"
|
|
|
|
PATH="/nix/var/nix/profiles/default/bin:$PATH"
|
|
|
|
|
2006-12-09 20:25:23 +01:00
|
|
|
wrapperDir=@wrapperDir@
|
|
|
|
if test -d $wrapperDir; then rm -f $wrapperDir/*; fi
|
|
|
|
mkdir -p $wrapperDir
|
2007-01-11 17:29:23 +01:00
|
|
|
for i in @setuidPrograms@; do
|
2006-12-09 20:25:23 +01:00
|
|
|
program=$(type -tp $i)
|
2008-07-25 15:34:00 +02:00
|
|
|
if test -z "$program"; then
|
2008-03-17 11:11:48 +01:00
|
|
|
# XXX: It would be preferable to detect this problem before
|
|
|
|
# `activate-configuration' is invoked.
|
2008-11-07 14:38:05 +01:00
|
|
|
#echo "WARNING: No executable named \`$i' was found" >&2
|
|
|
|
#echo "WARNING: but \`$i' was specified as a setuid program." >&2
|
|
|
|
true
|
2008-07-25 15:34:00 +02:00
|
|
|
else
|
|
|
|
cp "$(type -tp setuid-wrapper)" $wrapperDir/$i
|
|
|
|
echo -n "$program" > $wrapperDir/$i.real
|
|
|
|
chown root.root $wrapperDir/$i
|
|
|
|
chmod 4755 $wrapperDir/$i
|
2008-03-17 11:11:48 +01:00
|
|
|
fi
|
2006-12-09 20:25:23 +01:00
|
|
|
done
|
|
|
|
|
2008-06-30 17:13:02 +02:00
|
|
|
@adjustSetuidOwner@
|
|
|
|
|
2008-03-19 13:34:39 +01:00
|
|
|
PATH="$save_PATH"
|
2006-12-09 20:25:23 +01:00
|
|
|
|
2007-12-04 16:02:48 +01:00
|
|
|
# Set the host name. Don't clear it if it's not configured in the
|
|
|
|
# NixOS configuration, since it may have been set by dhclient in the
|
|
|
|
# meantime.
|
|
|
|
if test -n "@hostName@"; then
|
|
|
|
hostname @hostName@
|
|
|
|
else
|
|
|
|
# dhclient won't do anything if the hostname isn't empty.
|
|
|
|
if test "$(hostname)" = "(none)"; then
|
|
|
|
hostname ''
|
|
|
|
fi
|
|
|
|
fi
|
2007-03-20 12:45:59 +01:00
|
|
|
|
|
|
|
|
|
|
|
# Make this configuration the current configuration.
|
2008-01-30 02:28:56 +01:00
|
|
|
# The readlink is there to ensure that when $systemConfig = /system
|
|
|
|
# (which is a symlink to the store), /var/run/current-system is still
|
|
|
|
# used as a garbage collection root.
|
|
|
|
ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
|
2007-05-09 19:32:41 +02:00
|
|
|
|
2007-03-20 12:45:59 +01:00
|
|
|
|
|
|
|
# Prevent the current configuration from being garbage-collected.
|
|
|
|
ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
|