The VirtualBox build in Nixpkgs is insecure because it uses the
"--disable-hardened" flag, which disables some checks in the
VirtualBox kernel module. Since getting rid of that flag looks like
too much work, it's better to ensure that only explicitly permitted
users have access to VirtualBox.
* Drop the 666 permission on "sonypi" because it's not clear why that
device should be world-writable.
svn path=/nixos/trunk/; revision=33301
It needs udevd to be running because the modules may require
firmware. Thanks to Mathijs and Arie for pointing this out.
svn path=/nixos/trunk/; revision=33234
modprobe.
* Move the implementation of boot.kernelModules from the udev job to
the activation script. This prevents races with the udev job.
* Drop references to the "capability" kernel module, which no longer
exists.
svn path=/nixos/trunk/; revision=33208
pierron recommended the use of types.string over mergeOptionString, as
it is superior but might break things.
For my system the change evaluated to the exactly same.
svn path=/nixos/trunk/; revision=31138
from udev rules. This is slightly tricky because udev has a
512-character limit on environment variables, so we create a symlink
tree to work around this.
svn path=/nixos/trunk/; revision=23822
it allows the `mountall' task to start mounting filesystems as soon
as udev is running and devices become available (i.e. it doesn't
have to wait for all devices). This means that some jobs should
depend on "stopped udevtrigger" instead of "started udev".
svn path=/nixos/branches/boot-order/; revision=22167
to use the standard (coreutils) tools.
* Use util-linux's `switch_root' to switch over to the target root
FS. It automatically moves over the /dev, /proc and /sys from stage
1, so stage 2 doesn't need to set them up again.
svn path=/nixos/trunk/; revision=22085
supplied by the lvm package). This makes the "lvm" Upstart task
unnecessary. Also, we now get /dev/disk/by-{label,uuid} symlinks
for LVM logical disks.
svn path=/nixos/trunk/; revision=19300
statically configured interface (i.e. we're not running dhclient).
Otherwise the ntpd job won't be triggered.
* Use the "-n" flag of "initctl emit" to send the event
asynchronously.
svn path=/nixos/branches/upstart-0.6/; revision=18227
is "ready". This prevents ugly race conditions, e.g. HAL failing to
start because dbus hasn't finished starting yet.
* Support post-start scripts. These are executed after the job's main
process has started but before the job's "started" event is
emitted. For instance, the udev job uses this to perform "udevadm
trigger / settle" to create all devices. Previously this had to be
done in the pre-start script, so the daemon had to started in the
pre-start script as well.
svn path=/nixos/branches/upstart-0.6/; revision=18211
needed now that we don't use pam_devperm anymore. When udev is
restarted, it now asks ConsoleKit to get the active users and sets
device ACLs accordingly.
svn path=/nixos/trunk/; revision=17474
interface names, use udev's own firmware loader, and dropped the
sndMode option (udev puts all audio devices in the "audio" group, so
users can be added to that group if necessary).
svn path=/nixos/trunk/; revision=16692
* Simplified the udev rules generation: merged nixRules into
services.udev.extraRules, and handle services.udev.extraRules using
services.udev.packages.
svn path=/nixos/trunk/; revision=16655