I tested the previous "version" and found my environment to be exactly the same.
Let's start discussing possible extensions/improvements somewhere else. For now it's a nice improvement.
This change does two things:
* "NixOSizes" environment variables generation. This allows some more
error-checking and opens possibilities for a modular environment
configuration. From now on the most of environment variables are
generated directly by the nix code. Generating sh code that
generates environment variables is left in a few places where
nontrivial access to a local environment state is needed.
* By doing the first change this patch untangles bash from the
environment configuration and makes it trivial to add a support for
other non bash-compatible shells.
Now to the sad part. This change is quite large (and I'm not sure it's
possible to split it) and yet is not quite complete, it needs some
changes to nixpkgs to be perfect.
See !!! comments in modules/config/shells-environment.nix.
Main principle behind this change is "change environment generation
and nothing else". In particular, shell configuration principles stay
exactly the same as before.
The services systemd-random-seed-save.service and
systemd-update-utmp-shutdown.service from systemd 203 don't work,
because they have a RequiresMountFor dependency on /var/lib and
/var/log. Such a dependency produces a cycle, causing systemd to drop
those services:
Fixing conflicting jobs by deleting job poweroff.target/stop
Deleting job systemd-poweroff.service/stop as dependency of job poweroff.target/stop
Deleting job umount.target/stop as dependency of job systemd-poweroff.service/stop
Deleting job -.mount/start as dependency of job umount.target/stop
Deleting job systemd-random-seed-save.service/start as dependency of job -.mount/start
Deleting job systemd-update-utmp-shutdown.service/start as dependency of job -.mount/start
Dropping the RequiresMountFor doesn't work either, because then
/var/... may have meen unmounted or remounted read-only.
Upstream systemd fixes this by doing the actual work from an ExecStop
action in an already-running service than conflicts with
shutdown.target. So I backported that here. The main consequence is
that wtmp shutdown records now get written properly.
The main lesson: shutdown.target is useless for pulling in services
during shutdown if they need to write anywhere.
You can now do a fast reboot (bypassing the BIOS, which may take
several minutes on servers) by running ‘systemctl kexec’.
Unfortunately the QEMU test for this is unreliable due to a QEMU bug
(it randomly crashes with a message like ‘Guest moved used index from
8 to 0’), so it's commented out.
I.e., modules that use "require = [options]". Nowadays that should be
written as
{
options = { ... };
config = { ... };
};
Also, use "imports" instead of "require" in places where we actually
import another module.
It used to be set to 7 (debug) so you get lots of crap on the console.
The new value of 4 is also what Ubuntu uses. Red Hat uses 3.
A nice side effect is that it's more likely that the LUKS passphrase
prompt doesn't get clobbered by kernel log messages.
Ensure permission bits are (re)set on each system activation with
explicit chmod call.
mkdir -m MODE PATH will only set the permission bits if PATH is
*created*, which means users that have old NixOS versions will continue
to have the old 700 permissions on /var/log/journal until they chmod
manually. With this commit the permissions will be set to 755 on system
activation.
This makes the system journal readable by users in the
systemd-journal, wheel and adm groups. It also allows users to read
their own journals.
Note that this doesn't change the permissions of existing journals.
Turns out that remote-fs-pre.target is not actually "wanted" anywhere,
so statd is not started before remote filesystems are mounted. But
remote filesystems do "want" network-online.target, so we can use that
to pull in statd and idmapd.
Not sure if this is really the right thing to do, but it works for
now. Background:
https://bugzilla.redhat.com/show_bug.cgi?id=787314http://hydra.nixos.org/build/5542230
Grub uses mdadm to find out the device it is on, especially when mdadm itself
resides in a separate boot partition. When bootstrapping from a NixOS
installation CD, it's not a big issue because usually the paths from the Nix
store of the installation CD are matching with the ones in the chrooted
environment.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
If we only need to generate a GRUB boot menu, we don't need GRUB
itself. This cuts 38 MiB from EC2 system closures (in particular
because it gets rid of the need for the 32-bit Glibc).
"require" is a stronger version of "want",
and just like wantedBy allows you to specify this relation in reverse,
requiredBy does the same.
It may seem pointless to be able to specify these stronger relations in
reverse, because if something is really required, you would expect the
other unit to specify this himself.
However, this is still useful for virtual/automatic units (like
devices) that are created by systemd on demand and hence have no unit
file you can alter.
Now that nixUnstable supports remounting in the "/nix/store is a
mountpoint" case, this is no longer necessary.
This reverts commit f1d48aec43.
Signed-off-by: Shea Levy <shea@shealevy.com>
This makes it so multiple definitions are merged by adding a newline
between each entry, to avoid the need to add a newline to the end of
every definition of extraModprobeConfig. See #119 for an example of an
issue this has caused.
Signed-off-by: Shea Levy <shea@shealevy.com>
In principle this could work, but the current remount logic in nix fails
to remount mountpoints that are root in their own filesystem (as would
be the case with bind-mounting a mountpoint over itself). nixos/nix#98
is aimed at fixing this.
Signed-off-by: Shea Levy <shea@shealevy.com>
