Alexander Kjeldaas
64311899db
Don't let rngd read /dev/tpm0.
...
Only one process can interact with the TPM module and
that process should be tcsd. The tpm_rng kernel module
should instead be loaded and /dev/hwrnd be used to
read the TPM random generator.
Also, log which random generator devices are used by
rngd on startup.
2014-04-22 14:05:09 +02:00
Shea Levy
2a4282c811
Revert "Merge branch 'dbus-switch-to-configuration'"
...
This seems to have combined badly with the systemd upgrade, we'll revert
for now and revisit after the 14.04 branch.
This reverts commit ad80532881
, reversing
changes made to 1c5d3c7883
.
2014-04-21 18:30:05 -04:00
Rickard Nilsson
cfa5b5778c
pulseaudio module: Use pid-file for system-wide daemon, add loglevel option
2014-04-21 23:22:11 +02:00
Rickard Nilsson
5db9287b7c
rtkit: Update from 0.10 to 0.11
2014-04-21 23:22:10 +02:00
Ricardo M. Correia
3ad27289fc
nixos/tests/avahi: Fix race condition on mDNS test
2014-04-21 19:54:16 +02:00
Ricardo M. Correia
5d5ca7b260
grsecurity: Update all patches
...
stable: 3.0-3.2.57-201404131252 -> 3.0-3.2.57-201404182109
test: 3.0-3.13.10-201404141717 -> 3.0-3.14.1-201404201132
vserver: 3.0-3.2.57-vs2.3.2.16-201404131253 -> 3.0-3.2.57-vs2.3.2.16-201404182110
2014-04-21 18:46:41 +02:00
Eelco Dolstra
19e9d25e8f
Remove KDE 4.11
2014-04-21 18:13:17 +02:00
Oliver Charles
ad80532881
Merge branch 'dbus-switch-to-configuration'
2014-04-21 13:09:14 +01:00
Shea Levy
1c5d3c7883
Merge branch 'modulesfix' of git://github.com/kirelagin/nixpkgs
...
ohci_pci is required in initrd since kernel 3.11
2014-04-21 07:51:31 -04:00
Kirill Elagin
ca7978a09d
ohci_pci is required in initrd since kernel 3.11
2014-04-21 15:42:05 +04:00
Oliver Charles
42ae633445
Merge branch 'master' into dbus-switch-to-configuration
...
Conflicts:
nixos/modules/system/activation/switch-to-configuration.pl
2014-04-20 19:17:05 +01:00
Eelco Dolstra
cf53152902
Fix GRUB 2 example
...
Fixes #1891 .
2014-04-20 19:41:15 +02:00
Eelco Dolstra
4e8c2f0ff9
Merge branch 'systemd-update'
2014-04-20 19:31:01 +02:00
Eelco Dolstra
2fbb9aba43
Fix the installer test
...
http://hydra.nixos.org/build/10419676
2014-04-20 01:56:11 +02:00
Eelco Dolstra
37d5e9c455
Temporary fix for installer tests
...
http://hydra.nixos.org/build/10455979
2014-04-20 01:53:11 +02:00
Eelco Dolstra
0a256cc0ee
Firewall: Only start if we have CAP_NET_ADMIN
2014-04-19 23:02:59 +02:00
Eelco Dolstra
4fb50f071f
Manual: Typo fixes
2014-04-19 22:59:25 +02:00
William A. Kennington III
3ccf990372
pcscd: Refactor service and use socket activation
2014-04-19 14:37:31 +01:00
Eelco Dolstra
18a7ce76fc
Enable udisks2 by default
...
The ability for unprivileged users to mount external media is useful
regardless of the desktop environment. Also, since udisks2 is
activated on-demand, it doesn't add any overhead if you're not using it.
2014-04-19 14:41:21 +02:00
Eelco Dolstra
894e2dfb25
Add a test for udisks2
2014-04-19 14:37:05 +02:00
Eelco Dolstra
fa9ed04997
Restart polkit if its configuration may have changed
2014-04-19 14:29:02 +02:00
Eelco Dolstra
82535e0f8f
switch-to-configuration: Check overrides.conf for X-* options
2014-04-19 14:28:33 +02:00
Eelco Dolstra
b03a2f9e90
Set personality when running a 32-bit container on a 64-bit host
2014-04-19 13:14:51 +02:00
Eelco Dolstra
9f1c9404da
Put /var/setuid-wrappers on a tmpfs
...
This allows all other filesystems to be mounted without the suid
option.
2014-04-19 12:40:09 +02:00
Eelco Dolstra
2a64b0a91b
Shut up warning about resolv.conf missing
2014-04-19 12:34:59 +02:00
Eelco Dolstra
fa1a46a01c
setuid-wrapper: Fix broken string comparison
2014-04-19 10:58:30 +02:00
Eelco Dolstra
b80e6b27c7
setuid-wrapper: Drop runtime dependency on setuid-wrapper.c
2014-04-19 10:53:17 +02:00
Eelco Dolstra
a8aa9f3fd4
setuid-wrapper.c: Remove tabs
2014-04-19 10:53:05 +02:00
Eelco Dolstra
e7ab051cda
Disable predictable interface names in tests
...
Apparently systemd is now smart enough to figure out predictable names
for QEMU network interfaces. But since our tests expect them to be
named eth0/eth1..., this is not desirable at the moment.
http://hydra.nixos.org/build/10418789
2014-04-19 10:13:46 +02:00
Mathijs Kwik
bf841cd892
Revert "systemd: oneshot units should be allowed to restart on failure/abort"
...
This reverts commit c1e638abb6
.
As pointed out by wkennington, upstream disallows all cases as of v207
2014-04-18 21:42:22 +02:00
Eelco Dolstra
5ee5aa1b90
Make "nixos-container login" an alias of "machinectl login"
2014-04-18 20:47:31 +02:00
Eelco Dolstra
0121688424
gpm: Better start condition
2014-04-18 20:23:27 +02:00
Eelco Dolstra
febb15f722
systemd: Enable keeping backlight / rfkill state across reboots
2014-04-18 19:37:15 +02:00
Eelco Dolstra
232a9caa96
Fix predictable network interface naming
...
In current systemd, this has been moved to systemd-network, which
we're not using yet. So revive the old udev rules from systemd 203.
2014-04-18 19:34:45 +02:00
Michael Raskin
7231b6b94e
Merge pull request #2248 from ehmry/rsync
...
rsync updated 3.0.9 to 3.1.0, rsyncd service module
2014-04-18 10:17:08 -07:00
Eelco Dolstra
465d6ff572
Set $LOCALE_ARCHIVE in all systemd units
...
This variable used to be inherited implicitly from the stage-2 script,
but systemd now clears the environment. So we need to set it
explicitly.
2014-04-18 19:04:45 +02:00
Eelco Dolstra
313c38d5f1
switch-to-configuration: Handle systemctl output change
2014-04-18 19:04:45 +02:00
Eelco Dolstra
02b936189c
Improve gpm service
2014-04-18 18:45:20 +02:00
Eelco Dolstra
48d90cf3b6
Revert "Put /nix/var/nix/{temproots,userpool} on a tmpfs"
...
This reverts commit dd49094a25
. Nix
barfs if /nix/var/nix/temproots is a symlink :-(
2014-04-18 18:37:07 +02:00
Eelco Dolstra
1e540af43b
Fix broken upstream user unit symlinks
2014-04-18 17:38:06 +02:00
Eelco Dolstra
85fdaed9de
ssh-agent: Tweaks
2014-04-18 17:37:47 +02:00
Eelco Dolstra
fec3bc85a6
postgresql: Use systemd's new "mixed" kill mode
...
"Mixed" mode sends the initial SIGINT only to the main process, but
sends the SIGKILL after the time-out expires to the entire cgroup.
2014-04-18 17:32:24 +02:00
Eelco Dolstra
16bba2db2e
Use "machinectl poweroff" to shut down containers
2014-04-18 17:11:59 +02:00
Eelco Dolstra
f9423208c2
Containers: Don't warn about not having a boot loader
2014-04-18 17:00:11 +02:00
Eelco Dolstra
dd49094a25
Put /nix/var/nix/{temproots,userpool} on a tmpfs
2014-04-18 16:56:20 +02:00
Eelco Dolstra
c13cede19d
Remove long-obsolete /nix/var/nix/chroots directory
2014-04-18 16:50:37 +02:00
Eelco Dolstra
21573af9fb
Containers: Use /etc/resolv.conf supplied by the host
...
This used to work with systemd-nspawn 203, because it bind-mounted
/etc/resolv.conf (so openresolv couldn't overwrite it). Now it's just
copied, so we need some special handling.
2014-04-18 16:48:11 +02:00
Eelco Dolstra
5c62d3d26b
nixos-rebuild: Handle $SHELL not being bash
2014-04-18 16:05:20 +02:00
Eelco Dolstra
da774bced5
Remove dhcpcd_without_udev attribute
2014-04-18 15:36:06 +02:00
Eelco Dolstra
4c764479a6
Remove redundant space
2014-04-18 14:59:59 +02:00