Enabled a bunch of units that ship with systemd. Also added an option
‘boot.systemd.units’ that can be used to define additional units
(e.g. ‘sshd.service’).
I remember the 'named' log was giving annoying messages on systems not ipv6
capable (I can't recall if lacking the kernel ipv6 code or unconfigured ipv6
addresses).
svn path=/nixos/trunk/; revision=34419
are included in the manual, so this causes a different manual to be
built for each machine.
* Clean up indentation of cntlm module.
svn path=/nixos/trunk/; revision=34387
probably lots of others). The $PATH used to invoke the filter
didn't contain Ghostscript and Perl, so it silently fails. (A nice
property of CUPS is that it will just silently discard the job when
that happens, so you need to set LogLevel to "debug" to see this.)
Fortunately, CUPS now has a "SetEnv" option to set $PATH explicitly.
Also, remove config.system.path from the PATH of CUPS' Upstart job.
It seems to serve no purpose.
svn path=/nixos/trunk/; revision=34244
interfaces black-listed for dhcpcd via configuration.nix. I use this option to
disable DHCP for "veth*" interfaces, which are created by LXC for use inside of
virtual machines.
svn path=/nixos/trunk/; revision=34018
smart shutdown mode, Postgres waits until all
active connections have closed, which can take an
unbounded amount of time.
svn path=/nixos/trunk/; revision=33959
lines below a certain marker. This is undesirable because commands
like "ssh-copy-id" add keys to the end of the file. Instead mark
all automatically added lines individually.
svn path=/nixos/trunk/; revision=33918
were obtained from the NixOS channel. "nixos-install" copies this
to the installed system as well.
* In the installation CD, set GC_INITIAL_HEAP_SIZE to a low value for
the benefit of memory-constrained environments.
svn path=/nixos/trunk/; revision=33887
challenge-response is an authentication method that does not need the
plain text password to be emitted over the (encrypted) connection.
This is nice if you don't fully trust the server.
It is enabled (upstream) by default.
To the end user, it still looks like normal password authentication,
but instead of sending it, it is used to hash some challenge.
This means that if you don't want passwords to be used ever at all,
and just stick to public key authentication, you probably want to
disable this option too.
svn path=/nixos/trunk/; revision=33513
wpa_gui or wpa_cli.
Comes with a default wpa_supplicant.conf, which gets updated through
aforementioned utilities.
svn path=/nixos/trunk/; revision=33510
You can now set the forwardX11 config option for the ssh client and server separately.
For server, the option means "allow clients to request X11 forwarding".
For client, the option means "request X11 forwarding by default on all connections".
I don't think it made sense to couple them. I might not even run the server on some machines.
Also, I ssh to a lot of machines, and rarely want X11 forwarding. The times I want it,
I use the -X/-Y option, or set it in my ~/.ssh/config.
I also decoupled the 'XAuthLocation' logic from forwardX11.
For my case where ssh client doesn't want forwarding by default, it still wants to set the path for the cases I do need it.
As this flag is the one that pulls in X11 dependencies, I changed the minimal profile and the no-x-libs config to check that instead now.
svn path=/nixos/trunk/; revision=33407
delete routes and addresses when it quits. This causes those routes
and addresses to stick around forever, since dhcpcd won't delete
them when it runs next (even if it acquires a new lease on the same
interface). This is bad; in particular the stale (default) routes
can break networking.
The downside to removing "persistent" is that you should never ever
do "stop dhcpcd" on a remote machine configured by dhcpcd.
svn path=/nixos/trunk/; revision=33388