dramatically speeds up my boot time because it was the last
service (for me) that depended on udev-settle.service
udev-settle isn't needed for modern system initialization but some
oldschool services (mdadm/lvm/cryptsetup) depend on it so they can
just enumerate devices instead of having to react to changes
dynamically. In NixOS these things are usually already taken care of
during stage 1 (early ramdisk) if you use them.
Activation scripts are run before systemd is started, so unless users
are loading firmware in the initrd (which AFAICT we currently have no
support for) the previous /sys-based setting of firmware_class was
ineffective on boot.
Signed-off-by: Shea Levy <shea@shealevy.com>
As @edolstra pointed out, this behavior is not equivalent to what we had
before as the kernel command line parameter won't take effect until the
next boot. Probably it's not likely that someone will make this change
and then add a network card before rebooting, but might as well support
that since we can.
This reverts commit f7563698df.
Signed-off-by: Shea Levy <shea@shealevy.com>
Newer kernels (since torvalds/linux@abb139e75c) try to
read firmware directly from the filesystem before falling back to a
userspace helper (udev) if firmware cannot be found (in even newer
kernels, the fallback path can be disabled altogether). By default, only
certain paths in /lib/firmware* are searched, so this was initially not
helpful for NixOS.
Since torvalds/linux@2760284206 (which,
based on the commit message, was implemented just for NixOS, go us!),
though, an extra path can be dynamically prepended to the search path.
So do that, in three ways:
1. Pass a kernel command line option in case the module is built-in
2. Add a line to modprobe.conf in case the module isn't yet loaded by
activation-time
3. Add an activation script to set the option in /sys in case the module
is already loaded by activation-time.
The upower daemon needs the gdbus command (which is weird given that
upower links against dbus_glib, but ah well...). This fixes suspend
in KDE with systemd.
The VirtualBox build in Nixpkgs is insecure because it uses the
"--disable-hardened" flag, which disables some checks in the
VirtualBox kernel module. Since getting rid of that flag looks like
too much work, it's better to ensure that only explicitly permitted
users have access to VirtualBox.
* Drop the 666 permission on "sonypi" because it's not clear why that
device should be world-writable.
svn path=/nixos/trunk/; revision=33301
It needs udevd to be running because the modules may require
firmware. Thanks to Mathijs and Arie for pointing this out.
svn path=/nixos/trunk/; revision=33234
modprobe.
* Move the implementation of boot.kernelModules from the udev job to
the activation script. This prevents races with the udev job.
* Drop references to the "capability" kernel module, which no longer
exists.
svn path=/nixos/trunk/; revision=33208
currently, only support for fully disabling nvidia is provided, which
is helpful for saving power/heat.
In the future, this should be extended so we can choose:
- nvidia only (choose between nouveau/nvidia driver)
- IGP only
- Hybrid (choose between nouveau/nvidia driver, use the "bumblebee" package/daemon)
svn path=/nixos/trunk/; revision=32085
pierron recommended the use of types.string over mergeOptionString, as
it is superior but might break things.
For my system the change evaluated to the exactly same.
svn path=/nixos/trunk/; revision=31138