Commit graph

224 commits

Author SHA1 Message Date
Eelco Dolstra 7f8272dd70 * Make the host filesystem writable for non-root. This is a temporary
hack to enable non-root processes to write coverage data.

svn path=/nixos/trunk/; revision=16891
2009-08-29 14:14:42 +00:00
Marc Weber 39e12e13c4 cupsd: add bindirCmds so that you can test other backends easier.
svn path=/nixos/trunk/; revision=16879
2009-08-27 23:16:09 +00:00
Eelco Dolstra 2892aed712 * lib/eval-config.nix: combined "configuration" and "extraModules"
into one argument "modules".
* release.nix: fixed the manual job.
* ISO generation: break an infinite recursion.  Don't know why this
  suddenly happens.  Probably because of the nixpkgs.config change,
  but I don't see why.  Maybe the option evaluation is too strict.

svn path=/nixos/trunk/; revision=16878
2009-08-27 11:57:43 +00:00
Eelco Dolstra 6f1b1aefde * Added an option `nixpkgs.config' that allows the Nixpkgs options to
be set from the NixOS configuration.  For instance, you can say

    nixpkgs.config.firefox.enableGeckoMediaPlayer = true;

    environment.systemPackages = [ pkgs.firefox ];

  but the more interesting application is to apply global overrides to
  Nixpkgs throughout NixOS, e.g.

    nixpkgs.config.packageOverrides = pkgs:
      { glibc = pkgs.glibc27;
        gcc = pkgs.gcc42;
      };

  would build the whole system with Glibc 2.7 and GCC 4.2.  (There are
  some issues with "useFromStdenv" in all-packages.nix that need to be
  fixed for packages in the stdenv bootstrap though.)

  The implementation of this option is kind of evil though due to the
  need to prevent a circularity between the evaluation of
  nixpkgs.config and the "pkgs" module argument.

svn path=/nixos/trunk/; revision=16866
2009-08-26 16:52:38 +00:00
Eelco Dolstra ff146aee08 svn path=/nixos/trunk/; revision=16843 2009-08-24 22:09:19 +00:00
Eelco Dolstra 8e6ad840f2 * Modularised the xinetd service. tftp has been factored out into a
separate module, which just declares a configuration value that
  causes the xinetd module to add it to xinetd.conf.  Also Nixified
  the service declarations to abstract over the inetd implementation.
  
* Renamed the services.xinetd.tftpd options to services.tftpd.  The
  fact that the tftpd module uses xinetd is an implementation detail.

* xinetd: use -dontfork to let Upstart monitor it, and use -syslog to
  get error messages at startup.

svn path=/nixos/trunk/; revision=16803
2009-08-21 13:05:45 +00:00
Eelco Dolstra fb730174a1 * Style change. Tried to have the kde4 module set a default for
services.xserver.desktopManager.default (so that the user doesn't
  have to) but it doesn't work yet.

svn path=/nixos/trunk/; revision=16800
2009-08-21 10:13:27 +00:00
Eelco Dolstra f1035de47c * For the generation of manual / manpages, don't evaluate the option
declarations again (because we already have them).  This cuts
  evaluation time from 7.2s to 4.9s.

svn path=/nixos/trunk/; revision=16798
2009-08-21 09:08:55 +00:00
Eelco Dolstra b48a1c394b * Since atd forks into the background, it wasn't properly monitored by
Upstart.

svn path=/nixos/trunk/; revision=16795
2009-08-21 00:02:45 +00:00
Eelco Dolstra 44fb2e4ecd * Allow adding additional kernel parameters.
svn path=/nixos/trunk/; revision=16792
2009-08-20 23:20:19 +00:00
Lluís Batlle i Rossell 8db9b2ca54 Fixing a typo in nfs-kernel.nix (export -> exports)
svn path=/nixos/trunk/; revision=16785
2009-08-19 20:20:57 +00:00
Lluís Batlle i Rossell f250f69ee8 Adding xinetd with a possible tftpd server.
svn path=/nixos/trunk/; revision=16784
2009-08-19 20:20:51 +00:00
Michael Raskin 769dc2f7e6 Write an explanation for a rule edit needed by LiveCD
svn path=/nixos/trunk/; revision=16774
2009-08-19 17:24:33 +00:00
Eelco Dolstra 11c603c3fb * Fix booting from CD. 60-persistent-storage.rules requires some
variables set by 60-cdrom_id.rules.

svn path=/nixos/trunk/; revision=16773
2009-08-19 16:48:28 +00:00
Nicolas Pierron 923f58794a Add --rollback option to nixos-rebuild.
svn path=/nixos/trunk/; revision=16771
2009-08-19 15:04:19 +00:00
Nicolas Pierron 5980d130c9 Check sshd.permitRootLogin values.
svn path=/nixos/trunk/; revision=16769
2009-08-19 15:04:05 +00:00
Sander van der Burg 8b229a45c3 Removed the rm -rf command and replaced symlink operations by ln -sfn so that the state of tomcat can be retained \(unless somebody messes it up manually of course\)
svn path=/nixos/trunk/; revision=16757
2009-08-18 11:50:32 +00:00
Eelco Dolstra 447c1ac34a * SLiM / ConsoleKit compatibility hack.
svn path=/nixos/trunk/; revision=16744
2009-08-17 01:35:48 +00:00
Eelco Dolstra 7ab616f659 * Added support for ConsoleKit.
* Let ConsoleKit track the current logins instead of pam_console.
  Udev now takes care of setting the device permissions to the active
  user.  This works much better, since pam_console wouldn't apply
  permissions to new (hot-plugged) devices.  Also, the udev+ConsoleKit
  approach supports user switching.  (We don't have that for X yet,
  but it already works for logins on virtual consoles: if you switch
  between different users on differents VCs with Alt+Fn, the device
  ownership will be changed automatically.)

svn path=/nixos/trunk/; revision=16743
2009-08-17 01:16:38 +00:00
Eelco Dolstra ac24c7834d * A module for policy-kit (not enabled yet).
svn path=/nixos/trunk/; revision=16738
2009-08-16 21:48:46 +00:00
Eelco Dolstra 7dbf523ddc * dbus: enable support for system services (these are programs that
the bus daemon can start on demand).  ConsoleKit and PolicyKit need
  this.  This requires a setuid wrapper for dbus-daemon-launch-helper,
  as well as a "messagebus" group.

svn path=/nixos/trunk/; revision=16736
2009-08-16 21:46:26 +00:00
Eelco Dolstra 26439de75b * security.setuidPrograms: don't set the default in the "default"
mkOption argument, because then we lose them if somebody sets
  security.setuidPrograms somewhere else.  (Shouldn't "default" be
  merged as well?)

svn path=/nixos/trunk/; revision=16734
2009-08-16 21:11:04 +00:00
Eelco Dolstra dba1964122 * setuid-wrappers: support setting the mode. For instance, some
programs require that the mode is 4550 so that execution of the
  setuid program can be restricted to members of a group.
* setuid-wrappers: remove a race condition in the creation of the
  wrappers if the ownership or mode was different than root:root and
  4555.
* setuid-wrappers: allow the full path of the wrapped program to be
  specified, rather than looking it up in $PATH.

svn path=/nixos/trunk/; revision=16733
2009-08-16 17:24:59 +00:00
Eelco Dolstra f31e2718b7 * Print an error if the exec fails.
svn path=/nixos/trunk/; revision=16732
2009-08-16 16:46:00 +00:00
Eelco Dolstra 3b931f7861 * We still need /etc/pam.d/other to keep usermod happy.
svn path=/nixos/trunk/; revision=16731
2009-08-16 15:46:24 +00:00
Eelco Dolstra 2884c9a836 * Style change.
svn path=/nixos/trunk/; revision=16730
2009-08-16 14:54:31 +00:00
Eelco Dolstra 39bffdb34c * Make the generation of /etc/pam.d more declarative. There now is an
option security.pam.services containing the list of PAM services.
  For instance, the SLiM module simply declares:

    security.pam.services = [ { name = "slim"; localLogin = true; } ];

svn path=/nixos/trunk/; revision=16729
2009-08-16 14:49:14 +00:00
Eelco Dolstra 88c505c9e0 * make-etc.sh: fixed the duplicate entry check.
* Inlined make-etc.nix since it's a trivial function.

svn path=/nixos/trunk/; revision=16728
2009-08-16 13:14:33 +00:00
Eelco Dolstra 9493ecc2a4 * Use the hal-info package.
svn path=/nixos/trunk/; revision=16693
2009-08-11 21:16:59 +00:00
Eelco Dolstra dc093b57dd * Updates to the udev service: support persistant CD-ROM / network
interface names, use udev's own firmware loader, and dropped the
  sndMode option (udev puts all audio devices in the "audio" group, so
  users can be added to that group if necessary).

svn path=/nixos/trunk/; revision=16692
2009-08-11 21:16:15 +00:00
Eelco Dolstra 25dbf1594e * Updates for the new udev and util-linux-ng: fsck is now in
util-linux-ng instead of e2fsprogs, blkid is in util-linux-ng, and
  we need to manually create /dev/.udev prior to starting udevd for
  some reason.

svn path=/nixos/trunk/; revision=16691
2009-08-11 21:12:37 +00:00
Eelco Dolstra 39d1b11ff7 * The mount hack is gone, just use the regular mount from
util-linux-ng and make sure that the needed mount helpers
  (e.g. ntfs3g) are in /var/lib/current-system/sw/sbin.

svn path=/nixos/trunk/; revision=16690
2009-08-11 21:10:33 +00:00
Eelco Dolstra fd56f110da * Clean up some boot messages.
svn path=/nixos/trunk/; revision=16689
2009-08-11 21:09:25 +00:00
Eelco Dolstra bed6fd6a61 * `umount -f' causes lots of problems, so don't do it.
svn path=/nixos/trunk/; revision=16688
2009-08-11 21:08:05 +00:00
Eelco Dolstra bd2fbcf9e5 * Fix the bluetoothd stop condition.
svn path=/nixos/trunk/; revision=16687
2009-08-11 21:06:17 +00:00
Eelco Dolstra fe329f96ef * Mount the host's /nix/var/nix/db in the guest.
svn path=/nixos/trunk/; revision=16674
2009-08-11 14:28:25 +00:00
Sander van der Burg e8103aa39d Implemented support for per application configuration files
svn path=/nixos/trunk/; revision=16668
2009-08-11 09:40:31 +00:00
Eelco Dolstra c21b02d34b * Add some groups required by the latest udev.
svn path=/nixos/trunk/; revision=16667
2009-08-11 09:17:30 +00:00
Eelco Dolstra f666aa7479 * With "nixos-rebuild build-vm", override the video driver of
the host (since e.g. "nvidia" won't work in the VM).

svn path=/nixos/trunk/; revision=16663
2009-08-11 02:02:01 +00:00
Eelco Dolstra 89ef5c979b * New nixos-rebuild action: "nixos-rebuild build-vm" builds a virtual
machine containing a replica (minus the state) of the system
  configuration.  This is mostly useful for testing configuration
  changes prior to doing an actual "nixos-rebuild switch" (or even
  "nixos-rebuild test").  The VM can be started as follows:

  $ nixos-rebuild build-vm
  $ ./result/bin/run-*-vm

  which starts a KVM/QEMU instance.  Additional QEMU options can be
  passed through the QEMU_OPTS environment variable
  (e.g. QEMU_OPTS="-redir tcp:8080::80" to forward a host port to the
  guest).  The fileSystem attribute of the regular system
  configuration is ignored (using mkOverride), because obviously we
  can't allow the VM to access the host's block devices.  Instead, at
  startup the VM creates an empty disk image in ./<hostname>.qcow2 to
  store the VM's root filesystem.

  Building a VM in this way is efficient because the VM shares its Nix
  store with the host (through a CIFS mount).  However, because the
  Nix store of the host is mounted read-only in the guest, you cannot
  run Nix build actions inside the VM.  Therefore the VM can only be
  reconfigured by re-running "nixos-rebuild build-vm" on the host and
  restarting the VM.

svn path=/nixos/trunk/; revision=16662
2009-08-11 01:35:56 +00:00
Sander van der Burg ebd2fbd24f Removed mod_jk option, which is obsolete
svn path=/nixos/trunk/; revision=16660
2009-08-10 20:16:33 +00:00
Eelco Dolstra f003f6d7cd * Fixed the path to the services tree. This should be a NixOS module argument.
svn path=/nixos/trunk/; revision=16658
2009-08-10 20:07:58 +00:00
Eelco Dolstra 167ccdd537 * Move the firmware loader into a separate module.
* services.udev.addFirmware -> hardware.firmware.

svn path=/nixos/trunk/; revision=16657
2009-08-10 19:27:15 +00:00
Eelco Dolstra b3c0061a91 * services.udev.addUdevPkgs -> services.udev.packages.
* Simplified the udev rules generation: merged nixRules into
  services.udev.extraRules, and handle services.udev.extraRules using
  services.udev.packages.

svn path=/nixos/trunk/; revision=16655
2009-08-10 19:05:20 +00:00
Sander van der Burg 0d35699507 Implemented virtual host support. Now it's possible to assign web applications to virtual host, for example:
{
  ...

  services = {
    tomcat = {
      enable = true;
      virtualHosts = [
        { name = "test1.localhost";
          webapps = [ mypkgs.HelloApp ];
        }
        { name = "test2.localhost";
          webapps = [ mypkgs.ByeApp ];
        }
      ];
    };
  };
}


svn path=/nixos/trunk/; revision=16654
2009-08-10 18:45:18 +00:00
Eelco Dolstra b4f8f919ab * Clean up the udev module.
svn path=/nixos/trunk/; revision=16653
2009-08-10 18:41:57 +00:00
Eelco Dolstra 2331a5140d * Added a module for the bluetooth daemon.
* Refactored some other modules (dbus, hal).

svn path=/nixos/trunk/; revision=16652
2009-08-10 18:25:09 +00:00
Eelco Dolstra 0ab6be1c81 * Restarting dbus no longer seems to kill the X server.
svn path=/nixos/trunk/; revision=16650
2009-08-10 16:18:51 +00:00
Sander van der Burg 89810914e4 Added virtual host support, which requires some more testing
svn path=/nixos/trunk/; revision=16649
2009-08-10 15:27:25 +00:00
Ludovic Courtès fe51b0c6c3 bashrc: Source `${bash}/etc/bash_completion' when available.
svn path=/nixos/trunk/; revision=16641
2009-08-10 10:18:33 +00:00