Having all services with DefaultDependencies=yes depend on
local-fs.target is annoying, because some of those services might be
necessary to mount local filesystems. For instance, Charon's
send-keys feature requires sshd to be running in order to receive LUKS
encryption keys, which in turn requires dhcpcd, and so on. So we drop
this dependency (and swap.target as well for consistency). If
services require a specific mount, they should use RequiresMountsFor
in any case.
This has rendered my system unbootable, because I forgot to enable AUTOFS4 in my
custom kernel. In addition to AUTOFS4, this includes (hopefully) all other
kernel features needed by systemd, as listed in the README:
REQUIREMENTS:
Linux kernel >= 2.6.39
with devtmpfs
with cgroups (but it's OK to disable all controllers)
optional but strongly recommended: autofs4, ipv6
Autofs4 is not a requirement here, but in our case it turns out that the system
is not able to boot properly with a LUKS-enabled system (or at least not on _my_
system).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Running agetty on ttyS0 interferes with the backdoor, which uses ttyS0
as its standard error. After agetty starts, writes to the stderr file
descriptor will return EIO (though doing "exec 2>/proc/self/fd/2" will
miracuously fix this).
http://hydra.nixos.org/build/3252782
‘systemd-vconsole-setup’ by default operates on /dev/tty0, the
currently active tty. Since it puts /dev/tty0 in Unicode or ASCII
mode, if the X server is currently active when it runs, keys such as
Alt-F4 won't reach the X server anymore. So use /dev/tty1 instead.
The triggers are just arbitrary strings that are included in the unit
under X-Restart-Triggers. The idea is that if they change between
reconfigurations, switch-to-configuration will restart the unit
because its store path changed. This is mostly useful for services
that implicitly depend on generated files in /etc. Thus you can say
restartTriggers = [ confFile ];
where ‘confFile’ is the derivation that generated the /etc file in
question.
For each statically configured interface, we now create a unit
‘<interface>-cfg.service’ which gets started as soon as the network
device comes up. Similarly, each bridge defined in
‘networking.bridges’ and virtual interface in ‘networking.interfaces’
is created by a service ‘<interface>.service’.
So if we have
networking.bridges.br0.interfaces = [ "eth0" "eth1" ];
networking.interfaces =
[ { name = "br0";
ipAddress = "192.168.1.1";
}
];
then there will be a unit ‘br0.service’ that depends on
‘sys-subsystem-net-devices-eth0.device’ and
‘sys-subsystem-net-devices-eth1.device’, and a unit ‘br0-cfg.service’
that depends on ‘sys-subsystem-net-devices-br0.device’.
So instead of:
boot.systemd.services."foo".serviceConfig =
''
StartLimitInterval=10
CPUShare=500
'';
you can say:
boot.systemd.services."foo".serviceConfig.StartLimitInterval = 10;
boot.systemd.services."foo".serviceConfig.CPUShare = 500;
This way all unit options are available and users can set/override
options in configuration.nix.
Systemd sets locale variables like $LANG when running services, so
$LOCALE_ARCHIVE should also be set to prevent warnings like "perl:
warning: Setting locale failed.".
kernel 3.4+ needs cifs-utils to mount CIFS filesystems.
the kernel itself (and busybox's cifs mount code) are no longer able
to do this in some/most cases and will error out saying:
"CIFS VFS: connecting to DFS root not implemented yet"
Nixos' qemu-vm target is hurt by this, as it wants to mount /nix/store
via cifs very early in the boot process.
This commit makes sure the initrd for affected kernels is built with
cifs-utils if needed.
Subtle: dhcpcd.service would call resolvconf during shutdown, which in
turn would start invalidate-nscd.service, causing the shutdown to be
cancelled. Instead, give nscd.service a proper reload action, and do
"systemctl reload --no-block nscd.service". The --no-block is
necessary to prevent that command from waiting until a timeout occurs
(bug in systemd?).
As non-QWERTY keyboards don't feel so warm and cozy if they hug QWERTY LUKS
password prompts, it was on honor for me to serve King Dvorak XV to fight the
glorious keyboard war against... what?! Yes, I'm awake!
We're fighting with loadkeys to spit out busybox binary keymaps against loadkmap
(loadkeys does have a special target -b for that).
And yep, I'm somewhat abusing preLVMCommands, if someone got issues with that,
feel free to introduce a new substitute in stage-i-init.sh.
Sent from my iPhone
We had a "mount -o remount,rw none /" that was setting back 'relatime',
although we had set 'noatime' at initrd mount. Removing the word 'none' fixed
it.
Specifying a device (in this case 'none'), makes mount to forget previous
device options. According to manpage, it says not to read fstab or mtab. But the
effect is that of setting 'relatime', if it was mounted 'noatime.
BusyBox doesn't handle the "auto" filesystem type very well: fsck will
just ignore such filesystems, and mount will only work properly if the
required kernel module is already loaded. Therefore, use blkid to
determine the filesystem type.
Also generate an /etc/fstab in the initrd rootfs on the fly. This is
useful if you're dropped into an emergency shell since it allows you
to say "fsck /dev/sda1" or "mount /dev/sda" and have the right thing
happen.
Using BusyBox instead of Bash plus a bunch of other tools gives us a
much more feature-full, yet smaller initrd. In particular, BusyBox
contains networking commands such as ip and a DHCP client, useful for
NFS boots. It's also much more convenient for rescue situations
because the shell has builtin readline support and there are many more
tools (including vi).
Enabled a bunch of units that ship with systemd. Also added an option
‘boot.systemd.units’ that can be used to define additional units
(e.g. ‘sshd.service’).
Upstart requires /dev/ptmx since its 1.4, and will lock up in case of it missing.
I was hitting this in the fuloong, where I don't use the nixos initrd.
svn path=/nixos/trunk/; revision=34429
* Load scsi_wait_scan after all other kernel modules to ensure that
all SCSI device nodes have been created.
* Increase the timeout for the appearance of the root device to 20
seconds.
* Do a "udevadm settle" just after the root device has appeared to
make sure that udev isn't accessing the device anymore (hopefully).
On EC2 (Xen), I've seen fsck on the root fail randomly with "device
in use" errors.
svn path=/nixos/trunk/; revision=33650
* Add a slash to the end of $MODULE_DIR, as expected by depmod. (Not
that running depmod from the command line is all that useful, since
you can't use it to update the tree in the Nix store. But at least
commands like "depmod -n" work now.) Reported by Kirill Elagin on
IRC.
svn path=/nixos/trunk/; revision=33312
It needs udevd to be running because the modules may require
firmware. Thanks to Mathijs and Arie for pointing this out.
svn path=/nixos/trunk/; revision=33234
modprobe.
* Move the implementation of boot.kernelModules from the udev job to
the activation script. This prevents races with the udev job.
* Drop references to the "capability" kernel module, which no longer
exists.
svn path=/nixos/trunk/; revision=33208
This allows setting a fixed device name per array, thus ensuring that at boot,
the arrays will always be mounted with the same names. I think this allows
solving the problem of grub getting confused about softraid device names
(prefix and root), if the devices always get the same naming at initrd.
svn path=/nixos/trunk/; revision=33033