commit 4e8c2f0ff91c19065f44fd66c9d869b920631557 · pyrox.dev/nixpkgs

+1 -1

nixos/doc/manual/configuration.xml

···

       935
        
       </programlisting>

     

       936
        
       where <filename>my-hello.nix</filename> contains:

     

       937
        
       <programlisting>

     

       938
       -
       with &lt;nixpkgs> {}; # bring all of Nixpkgs into scope

     

       939
        
       

     

       940
        
       stdenv.mkDerivation rec {

     

       941
        
         name = "hello-2.8";

···

       935
        
       </programlisting>

     

       936
        
       where <filename>my-hello.nix</filename> contains:

     

       937
        
       <programlisting>

     

       938
       +
       with import &lt;nixpkgs> {}; # bring all of Nixpkgs into scope

     

       939
        
       

     

       940
        
       stdenv.mkDerivation rec {

     

       941
        
         name = "hello-2.8";

+1 -1

nixos/lib/eval-config.nix

···

       58
        
                 inherit system extraArgs modules prefix;

     

       59
        
                 # For efficiency, leave out most NixOS modules; they don't

     

       60
        
                 # define nixpkgs.config, so it's pointless to evaluate them.

     

       61
       -
                 baseModules = [ ../modules/misc/nixpkgs.nix ];

     

       62
        
                 pkgs = import ./nixpkgs.nix { system = system_; config = {}; };

     

       63
        
                 check = false;

     

       64
        
               }).config.nixpkgs;

···

       58
        
                 inherit system extraArgs modules prefix;

     

       59
        
                 # For efficiency, leave out most NixOS modules; they don't

     

       60
        
                 # define nixpkgs.config, so it's pointless to evaluate them.

     

       61
       +
                 baseModules = [ ../modules/misc/nixpkgs.nix ../modules/config/no-x-libs.nix ];

     

       62
        
                 pkgs = import ./nixpkgs.nix { system = system_; config = {}; };

     

       63
        
                 check = false;

     

       64
        
               }).config.nixpkgs;

+1 -1

nixos/lib/test-driver/Machine.pm

···

       495
        
           my ($self, $regexp) = @_;

     

       496
        
           $self->nest("waiting for the X11 server", sub {

     

       497
        
               retry sub {

     

       498
       -
                   my ($status, $out) = $self->execute("journalctl -bu systemd-logind | grep Linked");

     

       499
        
                   return 0 if $status != 0;

     

       500
        
                   ($status, $out) = $self->execute("xwininfo -root > /dev/null 2>&1");

     

       501
        
                   return 1 if $status == 0;

···

       495
        
           my ($self, $regexp) = @_;

     

       496
        
           $self->nest("waiting for the X11 server", sub {

     

       497
        
               retry sub {

     

       498
       +
                   my ($status, $out) = $self->execute("journalctl -b SYSLOG_IDENTIFIER=systemd | grep 'session opened'");

     

       499
        
                   return 0 if $status != 0;

     

       500
        
                   ($status, $out) = $self->execute("xwininfo -root > /dev/null 2>&1");

     

       501
        
                   return 1 if $status == 0;

+1 -1

nixos/modules/config/gnu.nix

···

       36
        
           # GNU lsh.

     

       37
        
           services.openssh.enable = false;

     

       38
        
           services.lshd.enable = true;

     

       39
       -
           services.xserver.startOpenSSHAgent = false;

     

       40
        
           services.xserver.startGnuPGAgent = true;

     

       41
        
       

     

       42
        
           # TODO: GNU dico.

···

       36
        
           # GNU lsh.

     

       37
        
           services.openssh.enable = false;

     

       38
        
           services.lshd.enable = true;

     

       39
       +
           programs.ssh.startAgent = false;

     

       40
        
           services.xserver.startGnuPGAgent = true;

     

       41
        
       

     

       42
        
           # TODO: GNU dico.

+6 -1

nixos/modules/config/i18n.nix

···

       76
        
       

     

       77
        
           environment.systemPackages = [ glibcLocales ];

     

       78
        
       

     

       79
       -
           environment.variables.LANG = config.i18n.defaultLocale;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       80
        
       

     

       81
        
           # ‘/etc/locale.conf’ is used by systemd.

     

       82
        
           environment.etc = singleton

···

       76
        
       

     

       77
        
           environment.systemPackages = [ glibcLocales ];

     

       78
        
       

     

       79
       +
           environment.variables =

     

       80
       +
             { LANG = config.i18n.defaultLocale;

     

       81
       +
               LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";

     

       82
       +
             };

     

       83
       +
       

     

       84
       +
           systemd.globalEnvironment.LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive";

     

       85
        
       

     

       86
        
           # ‘/etc/locale.conf’ is used by systemd.

     

       87
        
           environment.etc = singleton

+14 -7

nixos/modules/config/no-x-libs.nix

···

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1
        
       { config, lib, pkgs, ... }:

     

       2
        
       

     

       3
        
       with lib;

     
···

       8
        
             type = types.bool;

     

       9
        
             default = false;

     

       10
        
             description = ''

     

       11
       -
               Switch off the options in the default configuration that require X libraries.

     

       12
       -
               Currently this includes: ssh X11 forwarding, dbus, fonts.enableCoreFonts,

     

       13
       -
               fonts.enableFontConfig

     

       0
        
       
     

       0
        
       
     

       14
        
             '';

     

       15
        
           };

     

       16
        
         };

     

       17
        
       

     

       18
        
         config = mkIf config.environment.noXlibs {

     

       19
        
           programs.ssh.setXAuthLocation = false;

     

       20
       -
           fonts = {

     

       21
       -
             enableCoreFonts = false;

     

       22
       -
             enableFontConfig = false;

     

       23
       -
           };

     

       0
        
       
     

       0
        
       
     

       24
        
         };

     

       25
        
       }

···

       1
       +
       # This module gets rid of all dependencies on X11 client libraries

     

       2
       +
       # (including fontconfig).

     

       3
       +
       

     

       4
        
       { config, lib, pkgs, ... }:

     

       5
        
       

     

       6
        
       with lib;

     
···

       11
        
             type = types.bool;

     

       12
        
             default = false;

     

       13
        
             description = ''

     

       14
       +
               Switch off the options in the default configuration that

     

       15
       +
               require X11 libraries. This includes client-side font

     

       16
       +
               configuration and SSH forwarding of X11 authentication

     

       17
       +
               in. Thus, you probably do not want to enable this option if

     

       18
       +
               you want to run X11 programs on this machine via SSH.

     

       19
        
             '';

     

       20
        
           };

     

       21
        
         };

     

       22
        
       

     

       23
        
         config = mkIf config.environment.noXlibs {

     

       24
        
           programs.ssh.setXAuthLocation = false;

     

       25
       +
           security.pam.services.su.forwardXAuth = lib.mkForce false;

     

       26
       +
       

     

       27
       +
           fonts.enableFontConfig = false;

     

       28
       +
       

     

       29
       +
           nixpkgs.config.packageOverrides = pkgs:

     

       30
       +
             { dbus = pkgs.dbus.override { useX11 = false; }; };

     

       31
        
         };

     

       32
        
       }

+1 -5

nixos/modules/config/power-management.nix

···

       65
        
       

     

       66
        
         config = mkIf cfg.enable {

     

       67
        
       

     

       68
       -
           boot.kernelModules =

     

       69
       -
             [ "acpi_cpufreq" "powernow-k8" "cpufreq_performance" "cpufreq_powersave" "cpufreq_ondemand"

     

       70
       -
               "cpufreq_conservative"

     

       71
       -
             ];

     

       72
       -
       

     

       73
        
           powerManagement.cpuFreqGovernor = mkDefault "ondemand";

     

       74
        
           powerManagement.scsiLinkPolicy = mkDefault "min_power";

     

       75

···

       65
        
       

     

       66
        
         config = mkIf cfg.enable {

     

       67
        
       

     

       68
       +
           # FIXME: Implement powersave governor for sandy bridge or later Intel CPUs

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       69
        
           powerManagement.cpuFreqGovernor = mkDefault "ondemand";

     

       70
        
           powerManagement.scsiLinkPolicy = mkDefault "min_power";

     

       71

+1 -12

nixos/modules/config/sysctl.nix

···

       45
        
             ) config.boot.kernel.sysctl);

     

       46
        
       

     

       47
        
           systemd.services.systemd-sysctl =

     

       48
       -
             { description = "Apply Kernel Variables";

     

       49
       -
               before = [ "sysinit.target" "shutdown.target" ];

     

       50
       -
               wantedBy = [ "sysinit.target" "multi-user.target" ];

     

       51
        
               restartTriggers = [ config.environment.etc."sysctl.d/nixos.conf".source ];

     

       52
       -
               unitConfig = {

     

       53
       -
                 DefaultDependencies = false; # needed to prevent a cycle

     

       54
       -
                 ConditionPathIsReadWrite = "/proc/sys/"; # prevent systemd-sysctl in containers

     

       55
       -
               };

     

       56
       -
               serviceConfig = {

     

       57
       -
                 Type = "oneshot";

     

       58
       -
                 RemainAfterExit = true;

     

       59
       -
                 ExecStart = "${config.systemd.package}/lib/systemd/systemd-sysctl";

     

       60
       -
               };

     

       61
        
             };

     

       62
        
       

     

       63
        
           # Enable hardlink and symlink restrictions.  See

···

       45
        
             ) config.boot.kernel.sysctl);

     

       46
        
       

     

       47
        
           systemd.services.systemd-sysctl =

     

       48
       +
             { wantedBy = [ "multi-user.target" ];

     

       0
        
       
     

       0
        
       
     

       49
        
               restartTriggers = [ config.environment.etc."sysctl.d/nixos.conf".source ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
             };

     

       51
        
       

     

       52
        
           # Enable hardlink and symlink restrictions.  See

nixos/modules/installer/tools/nixos-rebuild.sh

···

       1
        
       #! @shell@

     

       2
        
       

     

       0
        
       
     

       0
        
       
     

       3
        
       set -e

     

       4
        
       

     

       5
        
       showSyntax() {

···

       1
        
       #! @shell@

     

       2
        
       

     

       3
       +
       if [ -x "@shell@" ]; then export SHELL="@shell@"; fi;

     

       4
       +
       

     

       5
        
       set -e

     

       6
        
       

     

       7
        
       showSyntax() {

+2 -5

nixos/modules/profiles/minimal.nix

···

       1
        
       # This module defines a small NixOS configuration.  It does not

     

       2
        
       # contain any graphical stuff.

     

       3
        
       

     

       4
       -
       { config, pkgs, ... }:

     

       5
        
       

     

       6
        
       {

     

       7
       -
         # Don't include X libraries.

     

       8
       -
         programs.ssh.setXAuthLocation = false;

     

       9
       -
         fonts.enableFontConfig = false;

     

       10
       -
         fonts.enableCoreFonts = false;

     

       11
        
       }

···

       1
        
       # This module defines a small NixOS configuration.  It does not

     

       2
        
       # contain any graphical stuff.

     

       3
        
       

     

       4
       +
       { config, lib, pkgs, ... }:

     

       5
        
       

     

       6
        
       {

     

       7
       +
         environment.noXlibs = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       8
        
       }

+1 -2

nixos/modules/programs/environment.nix

···

       17
        
         config = {

     

       18
        
       

     

       19
        
           environment.variables =

     

       20
       -
             { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";

     

       21
       -
               LOCATE_PATH = "/var/cache/locatedb";

     

       22
        
               NIXPKGS_CONFIG = "/etc/nix/nixpkgs-config.nix";

     

       23
        
               NIX_PATH =

     

       24
        
                 [ "/nix/var/nix/profiles/per-user/root/channels/nixos"

···

       17
        
         config = {

     

       18
        
       

     

       19
        
           environment.variables =

     

       20
       +
             { LOCATE_PATH = "/var/cache/locatedb";

     

       0
        
       
     

       21
        
               NIXPKGS_CONFIG = "/etc/nix/nixpkgs-config.nix";

     

       22
        
               NIX_PATH =

     

       23
        
                 [ "/nix/var/nix/profiles/per-user/root/channels/nixos"

+36

nixos/modules/programs/ssh.nix

···

       47
        
                 for help.

     

       48
        
               '';

     

       49
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
           };

     

       0
        
       
     

       51
        
         };

     

       52
        
       

     

       53
        
         config = {

     
···

       71
        
                 target = "ssh/ssh_config";

     

       72
        
               }

     

       73
        
             ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       74
        
         };

     

       75
        
       }

···

       47
        
                 for help.

     

       48
        
               '';

     

       49
        
             };

     

       50
       +
       

     

       51
       +
             startAgent = mkOption {

     

       52
       +
               type = types.bool;

     

       53
       +
               default = true;

     

       54
       +
               description = ''

     

       55
       +
                 Whether to start the OpenSSH agent when you log in.  The OpenSSH agent

     

       56
       +
                 remembers private keys for you so that you don't have to type in

     

       57
       +
                 passphrases every time you make an SSH connection.  Use

     

       58
       +
                 <command>ssh-add</command> to add a key to the agent.

     

       59
       +
               '';

     

       60
       +
             };

     

       61
       +
       

     

       62
        
           };

     

       63
       +
       

     

       64
        
         };

     

       65
        
       

     

       66
        
         config = {

     
···

       84
        
                 target = "ssh/ssh_config";

     

       85
        
               }

     

       86
        
             ];

     

       87
       +
       

     

       88
       +
           # FIXME: this should really be socket-activated for über-awesomeness.

     

       89
       +
           systemd.user.services.ssh-agent =

     

       90
       +
             { enable = cfg.startAgent;

     

       91
       +
               description = "SSH Agent";

     

       92
       +
               wantedBy = [ "default.target" ];

     

       93
       +
               serviceConfig =

     

       94
       +
                 { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";

     

       95
       +
                   ExecStart = "${pkgs.openssh}/bin/ssh-agent -a %t/ssh-agent";

     

       96
       +
                   StandardOutput = "null";

     

       97
       +
                   Type = "forking";

     

       98
       +
                   Restart = "on-failure";

     

       99
       +
                   SuccessExitStatus = "0 2";

     

       100
       +
                 };

     

       101
       +
             };

     

       102
       +
       

     

       103
       +
           environment.extraInit = optionalString cfg.startAgent

     

       104
       +
             ''

     

       105
       +
               if [ -z "$SSH_AUTH_SOCK" -a -n "$XDG_RUNTIME_DIR" ]; then

     

       106
       +
                 export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-agent"

     

       107
       +
               fi

     

       108
       +
             '';

     

       109
       +
       

     

       110
        
         };

     

       111
        
       }

+3 -2

nixos/modules/rename.nix

···

       17
        
           inherit from to;

     

       18
        
           name = "Obsolete name";

     

       19
        
           use = x: builtins.trace "Obsolete option `${showOption from}' is used. It was renamed to `${showOption to}'." x;

     

       20
       -
           define = x: builtins.trace "Obsolete option `${showOption from}' is used. It was renamed to  `${showOption to}'." x;

     

       21
        
         };

     

       22
        
       

     

       23
        
         # abort if deprecated option is used

     
···

       25
        
           inherit from to;

     

       26
        
           name = "Deprecated name";

     

       27
        
           use = x: abort "Deprecated option `${showOption from}' is used. It was renamed to `${showOption to}'.";

     

       28
       -
           define = x: abort "Deprecated option `${showOption from}' is used. It was renamed to  `${showOption to}'.";

     

       29
        
         };

     

       30
        
       

     

       31
        
         showOption = concatStringsSep ".";

     
···

       103
        
       ++ obsolete [ "services" "sshd" "gatewayPorts" ] [ "services" "openssh" "gatewayPorts" ]

     

       104
        
       ++ obsolete [ "services" "sshd" "permitRootLogin" ] [ "services" "openssh" "permitRootLogin" ]

     

       105
        
       ++ obsolete [ "services" "xserver" "startSSHAgent" ] [ "services" "xserver" "startOpenSSHAgent" ]

     

       0
        
       
     

       106
        
       ++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "xbmc" ]

     

       107
        
       

     

       108
        
       # KDE

···

       17
        
           inherit from to;

     

       18
        
           name = "Obsolete name";

     

       19
        
           use = x: builtins.trace "Obsolete option `${showOption from}' is used. It was renamed to `${showOption to}'." x;

     

       20
       +
           define = x: builtins.trace "Obsolete option `${showOption from}' is used. It was renamed to `${showOption to}'." x;

     

       21
        
         };

     

       22
        
       

     

       23
        
         # abort if deprecated option is used

     
···

       25
        
           inherit from to;

     

       26
        
           name = "Deprecated name";

     

       27
        
           use = x: abort "Deprecated option `${showOption from}' is used. It was renamed to `${showOption to}'.";

     

       28
       +
           define = x: abort "Deprecated option `${showOption from}' is used. It was renamed to `${showOption to}'.";

     

       29
        
         };

     

       30
        
       

     

       31
        
         showOption = concatStringsSep ".";

     
···

       103
        
       ++ obsolete [ "services" "sshd" "gatewayPorts" ] [ "services" "openssh" "gatewayPorts" ]

     

       104
        
       ++ obsolete [ "services" "sshd" "permitRootLogin" ] [ "services" "openssh" "permitRootLogin" ]

     

       105
        
       ++ obsolete [ "services" "xserver" "startSSHAgent" ] [ "services" "xserver" "startOpenSSHAgent" ]

     

       106
       +
       ++ obsolete [ "services" "xserver" "startOpenSSHAgent" ] [ "programs" "ssh" "startAgent" ]

     

       107
        
       ++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "xbmc" ]

     

       108
        
       

     

       109
        
       # KDE

+2 -2

nixos/modules/security/pam.nix

···

       187
        
       

     

       188
        
                 # Session management.

     

       189
        
                 session required pam_unix.so

     

       0
        
       
     

       0
        
       
     

       190
        
                 ${optionalString cfg.updateWtmp

     

       191
        
                     "session required ${pkgs.pam}/lib/security/pam_lastlog.so silent"}

     

       192
        
                 ${optionalString config.users.ldap.enable

     
···

       197
        
                     "session optional ${pkgs.otpw}/lib/security/pam_otpw.so"}

     

       198
        
                 ${optionalString cfg.startSession

     

       199
        
                     "session optional ${pkgs.systemd}/lib/security/pam_systemd.so"}

     

       200
       -
                 ${optionalString cfg.setLoginUid

     

       201
       -
                     "session required pam_loginuid.so"}

     

       202
        
                 ${optionalString cfg.forwardXAuth

     

       203
        
                     "session optional pam_xauth.so xauthpath=${pkgs.xorg.xauth}/bin/xauth systemuser=99"}

     

       204
        
                 ${optionalString (cfg.limits != [])

···

       187
        
       

     

       188
        
                 # Session management.

     

       189
        
                 session required pam_unix.so

     

       190
       +
                 ${optionalString cfg.setLoginUid

     

       191
       +
                     "session required pam_loginuid.so"}

     

       192
        
                 ${optionalString cfg.updateWtmp

     

       193
        
                     "session required ${pkgs.pam}/lib/security/pam_lastlog.so silent"}

     

       194
        
                 ${optionalString config.users.ldap.enable

     
···

       199
        
                     "session optional ${pkgs.otpw}/lib/security/pam_otpw.so"}

     

       200
        
                 ${optionalString cfg.startSession

     

       201
        
                     "session optional ${pkgs.systemd}/lib/security/pam_systemd.so"}

     

       0
        
       
     

       0
        
       
     

       202
        
                 ${optionalString cfg.forwardXAuth

     

       203
        
                     "session optional pam_xauth.so xauthpath=${pkgs.xorg.xauth}/bin/xauth systemuser=99"}

     

       204
        
                 ${optionalString (cfg.limits != [])

nixos/modules/security/polkit.nix

···

       63
        
       

     

       64
        
           systemd.packages = [ pkgs.polkit ];

     

       65
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       66
        
           # The polkit daemon reads action/rule files

     

       67
        
           environment.pathsToLink = [ "/share/polkit-1" ];

     

       68

···

       63
        
       

     

       64
        
           systemd.packages = [ pkgs.polkit ];

     

       65
        
       

     

       66
       +
           systemd.services.polkit.restartTriggers = [ config.system.path ];

     

       67
       +
           systemd.services.polkit.unitConfig.X-StopIfChanged = false;

     

       68
       +
       

     

       69
        
           # The polkit daemon reads action/rule files

     

       70
        
           environment.pathsToLink = [ "/share/polkit-1" ];

     

       71

+7 -7

nixos/modules/security/setuid-wrapper.c

···

       30
        
              creating hard link `X' from some other location, along with a

     

       31
        
              false `X.real' file, to allow arbitrary programs from being

     

       32
        
              executed setuid.  */

     

       33
       -
           assert ((strncmp(self, wrapperDir, sizeof(wrapperDir)) == 0) &&

     

       34
       -
       	    (self[strlen(wrapperDir)] == '/'));

     

       35
        
       

     

       36
        
           /* Make *really* *really* sure that we were executed as `self',

     

       37
        
              and not, say, as some other setuid program.  That is, our

     
···

       42
        
           assert (lstat(self, &st) != -1);

     

       43
        
       

     

       44
        
           //printf("%d %d\n", st.st_uid, st.st_gid);

     

       45
       -
           

     

       46
        
           assert ((st.st_mode & S_ISUID) == 0 ||

     

       47
       -
       	    (st.st_uid == geteuid()));

     

       48
        
       

     

       49
        
           assert ((st.st_mode & S_ISGID) == 0 ||

     

       50
       -
       	    st.st_gid == getegid());

     

       51
        
       

     

       52
        
           /* And, of course, we shouldn't be writable. */

     

       53
        
           assert (!(st.st_mode & (S_IWGRP | S_IWOTH)));

     
···

       69
        
           real[len] = 0;

     

       70
        
       

     

       71
        
           close(fdSelf);

     

       72
       -
           

     

       73
        
           //printf("real = %s, len = %d\n", real, len);

     

       74
        
       

     

       75
        
           execve(real, argv, environ);

     

       76
        
       

     

       77
        
           fprintf(stderr, "%s: cannot run `%s': %s\n",

     

       78
        
               argv[0], real, strerror(errno));

     

       79
       -
           

     

       80
        
           exit(1);

     

       81
        
       }

···

       30
        
              creating hard link `X' from some other location, along with a

     

       31
        
              false `X.real' file, to allow arbitrary programs from being

     

       32
        
              executed setuid.  */

     

       33
       +
           assert ((strncmp(self, wrapperDir, strlen(wrapperDir)) == 0) &&

     

       34
       +
                   (self[strlen(wrapperDir)] == '/'));

     

       35
        
       

     

       36
        
           /* Make *really* *really* sure that we were executed as `self',

     

       37
        
              and not, say, as some other setuid program.  That is, our

     
···

       42
        
           assert (lstat(self, &st) != -1);

     

       43
        
       

     

       44
        
           //printf("%d %d\n", st.st_uid, st.st_gid);

     

       45
       +
       

     

       46
        
           assert ((st.st_mode & S_ISUID) == 0 ||

     

       47
       +
                   (st.st_uid == geteuid()));

     

       48
        
       

     

       49
        
           assert ((st.st_mode & S_ISGID) == 0 ||

     

       50
       +
                   st.st_gid == getegid());

     

       51
        
       

     

       52
        
           /* And, of course, we shouldn't be writable. */

     

       53
        
           assert (!(st.st_mode & (S_IWGRP | S_IWOTH)));

     
···

       69
        
           real[len] = 0;

     

       70
        
       

     

       71
        
           close(fdSelf);

     

       72
       +
       

     

       73
        
           //printf("real = %s, len = %d\n", real, len);

     

       74
        
       

     

       75
        
           execve(real, argv, environ);

     

       76
        
       

     

       77
        
           fprintf(stderr, "%s: cannot run `%s': %s\n",

     

       78
        
               argv[0], real, strerror(errno));

     

       79
       +
       

     

       80
        
           exit(1);

     

       81
        
       }

+5 -5

nixos/modules/security/setuid-wrappers.nix

···

       9
        
         setuidWrapper = pkgs.stdenv.mkDerivation {

     

       10
        
           name = "setuid-wrapper";

     

       11
        
           buildCommand = ''

     

       12
       -
             ensureDir $out/bin

     

       0
        
       
     

       13
        
             gcc -Wall -O2 -DWRAPPER_DIR=\"${wrapperDir}\" \

     

       14
       -
                 ${./setuid-wrapper.c} -o $out/bin/setuid-wrapper

     

       15
       -
             strip -s $out/bin/setuid-wrapper

     

       16
        
           '';

     

       17
        
         };

     

       18
        
       

     
···

       116
        
                 # programs to be wrapped.

     

       117
        
                 SETUID_PATH=${config.system.path}/bin:${config.system.path}/sbin

     

       118
        
       

     

       119
       -
                 if test -d ${wrapperDir}; then rm -f ${wrapperDir}/*; fi # */

     

       120
       -
                 mkdir -p ${wrapperDir}

     

       121
        
       

     

       122
        
                 ${concatMapStrings makeSetuidWrapper setuidPrograms}

     

       123
        
               '';

···

       9
        
         setuidWrapper = pkgs.stdenv.mkDerivation {

     

       10
        
           name = "setuid-wrapper";

     

       11
        
           buildCommand = ''

     

       12
       +
             mkdir -p $out/bin

     

       13
       +
             cp ${./setuid-wrapper.c} setuid-wrapper.c

     

       14
        
             gcc -Wall -O2 -DWRAPPER_DIR=\"${wrapperDir}\" \

     

       15
       +
                 setuid-wrapper.c -o $out/bin/setuid-wrapper

     

       16
       +
             strip -S $out/bin/setuid-wrapper

     

       17
        
           '';

     

       18
        
         };

     

       19
        
       

     
···

       117
        
                 # programs to be wrapped.

     

       118
        
                 SETUID_PATH=${config.system.path}/bin:${config.system.path}/sbin

     

       119
        
       

     

       120
       +
                 rm -f ${wrapperDir}/* # */

     

       0
        
       
     

       121
        
       

     

       122
        
                 ${concatMapStrings makeSetuidWrapper setuidPrograms}

     

       123
        
               '';

+1 -1

nixos/modules/services/databases/postgresql.nix

···

       215
        
                   # Shut down Postgres using SIGINT ("Fast Shutdown mode").  See

     

       216
        
                   # http://www.postgresql.org/docs/current/static/server-shutdown.html

     

       217
        
                   KillSignal = "SIGINT";

     

       218
       -
                   KillMode = "process"; # FIXME: this may cause processes to be left behind in the cgroup even after the final SIGKILL

     

       219
        
       

     

       220
        
                   # Give Postgres a decent amount of time to clean up after

     

       221
        
                   # receiving systemd's SIGINT.

···

       215
        
                   # Shut down Postgres using SIGINT ("Fast Shutdown mode").  See

     

       216
        
                   # http://www.postgresql.org/docs/current/static/server-shutdown.html

     

       217
        
                   KillSignal = "SIGINT";

     

       218
       +
                   KillMode = "mixed";

     

       219
        
       

     

       220
        
                   # Give Postgres a decent amount of time to clean up after

     

       221
        
                   # receiving systemd's SIGINT.

+13

nixos/modules/services/hardware/80-net-name-slot.rules

···

       1
       +
       # Copied from systemd 203.

     

       2
       +
       ACTION=="remove", GOTO="net_name_slot_end"

     

       3
       +
       SUBSYSTEM!="net", GOTO="net_name_slot_end"

     

       4
       +
       NAME!="", GOTO="net_name_slot_end"

     

       5
       +
       

     

       6
       +
       IMPORT{cmdline}="net.ifnames"

     

       7
       +
       ENV{net.ifnames}=="0", GOTO="net_name_slot_end"

     

       8
       +
       

     

       9
       +
       NAME=="", ENV{ID_NET_NAME_ONBOARD}!="", NAME="$env{ID_NET_NAME_ONBOARD}"

     

       10
       +
       NAME=="", ENV{ID_NET_NAME_SLOT}!="", NAME="$env{ID_NET_NAME_SLOT}"

     

       11
       +
       NAME=="", ENV{ID_NET_NAME_PATH}!="", NAME="$env{ID_NET_NAME_PATH}"

     

       12
       +
       

     

       13
       +
       LABEL="net_name_slot_end"

+6 -2

nixos/modules/services/hardware/udev.nix

···

       83
        
               grep -l '\(RUN+\|IMPORT{program}\)="\(/usr\)\?/s\?bin' $i/*/udev/rules.d/* || true

     

       84
        
             done

     

       85
        
       

     

       86
       -
             ${optionalString (!config.networking.usePredictableInterfaceNames) ''

     

       87
       -
               ln -s /dev/null $out/80-net-name-slot.rules

     

       88
        
             ''}

     

       89
        
       

     

       90
        
             # If auto-configuration is disabled, then remove

     
···

       242
        
                 ${config.systemd.package}/bin/udevadm hwdb --update && ln -sfn ${config.systemd.package} /var/lib/udev/prev-systemd

     

       243
        
               fi

     

       244
        
             '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       245
        
       

     

       246
        
         };

     

       247
        
       }

···

       83
        
               grep -l '\(RUN+\|IMPORT{program}\)="\(/usr\)\?/s\?bin' $i/*/udev/rules.d/* || true

     

       84
        
             done

     

       85
        
       

     

       86
       +
             ${optionalString config.networking.usePredictableInterfaceNames ''

     

       87
       +
               cp ${./80-net-name-slot.rules} $out/80-net-name-slot.rules

     

       88
        
             ''}

     

       89
        
       

     

       90
        
             # If auto-configuration is disabled, then remove

     
···

       242
        
                 ${config.systemd.package}/bin/udevadm hwdb --update && ln -sfn ${config.systemd.package} /var/lib/udev/prev-systemd

     

       243
        
               fi

     

       244
        
             '';

     

       245
       +
       

     

       246
       +
           systemd.services.systemd-udevd =

     

       247
       +
             { environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules";

     

       248
       +
             };

     

       249
        
       

     

       250
        
         };

     

       251
        
       }

+1 -1

nixos/modules/services/hardware/udisks2.nix

···

       14
        
       

     

       15
        
             enable = mkOption {

     

       16
        
               type = types.bool;

     

       17
       -
               default = false;

     

       18
        
               description = ''

     

       19
        
                 Whether to enable Udisks, a DBus service that allows

     

       20
        
                 applications to query and manipulate storage devices.

···

       14
        
       

     

       15
        
             enable = mkOption {

     

       16
        
               type = types.bool;

     

       17
       +
               default = true;

     

       18
        
               description = ''

     

       19
        
                 Whether to enable Udisks, a DBus service that allows

     

       20
        
                 applications to query and manipulate storage devices.

+6 -17

nixos/modules/services/misc/nix-daemon.nix

···

       275
        
                 ) cfg.buildMachines;

     

       276
        
             };

     

       277
        
       

     

       278
       -
           systemd.sockets."nix-daemon" =

     

       279
       -
             { description = "Nix Daemon Socket";

     

       280
       -
               wantedBy = [ "sockets.target" ];

     

       281
       -
               before = [ "multi-user.target" ];

     

       282
       -
               unitConfig.ConditionPathIsReadWrite = "/nix/var/nix/daemon-socket/";

     

       283
       -
               socketConfig.ListenStream = "/nix/var/nix/daemon-socket/socket";

     

       284
       -
             };

     

       285
        
       

     

       286
       -
           systemd.services."nix-daemon" =

     

       287
       -
             { description = "Nix Daemon";

     

       288
        
       

     

       289
       -
               path = [ nix pkgs.openssl pkgs.utillinux pkgs.openssh ]

     

       0
        
       
     

       290
        
                 ++ optionals cfg.distributedBuilds [ pkgs.gzip ];

     

       291
        
       

     

       292
        
               environment = cfg.envVars // { CURL_CA_BUNDLE = "/etc/ssl/certs/ca-bundle.crt"; };

     

       293
        
       

     

       294
       -
               unitConfig.ConditionPathIsReadWrite = "/nix/var/nix/daemon-socket/";

     

       295
       -
       

     

       296
        
               serviceConfig =

     

       297
       -
                 { ExecStart = "@${nix}/bin/nix-daemon nix-daemon --daemon";

     

       298
       -
                   KillMode = "process";

     

       299
       -
                   Nice = cfg.daemonNiceLevel;

     

       300
        
                   IOSchedulingPriority = cfg.daemonIONiceLevel;

     

       301
        
                   LimitNOFILE = 4096;

     

       302
        
                 };

     
···

       352
        
                 /nix/var/nix/profiles \

     

       353
        
                 /nix/var/nix/db \

     

       354
        
                 /nix/var/log/nix/drvs \

     

       355
       -
                 /nix/var/nix/channel-cache \

     

       356
       -
                 /nix/var/nix/chroots

     

       357
        
               mkdir -m 1777 -p \

     

       358
        
                 /nix/var/nix/gcroots/per-user \

     

       359
        
                 /nix/var/nix/profiles/per-user \

···

       275
        
                 ) cfg.buildMachines;

     

       276
        
             };

     

       277
        
       

     

       278
       +
           systemd.packages = [ nix ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       279
        
       

     

       280
       +
           systemd.sockets.nix-daemon.wantedBy = [ "sockets.target" ];

     

       0
        
       
     

       281
        
       

     

       282
       +
           systemd.services.nix-daemon =

     

       283
       +
             { path = [ nix pkgs.openssl pkgs.utillinux pkgs.openssh ]

     

       284
        
                 ++ optionals cfg.distributedBuilds [ pkgs.gzip ];

     

       285
        
       

     

       286
        
               environment = cfg.envVars // { CURL_CA_BUNDLE = "/etc/ssl/certs/ca-bundle.crt"; };

     

       287
        
       

     

       0
        
       
     

       0
        
       
     

       288
        
               serviceConfig =

     

       289
       +
                 { Nice = cfg.daemonNiceLevel;

     

       0
        
       
     

       0
        
       
     

       290
        
                   IOSchedulingPriority = cfg.daemonIONiceLevel;

     

       291
        
                   LimitNOFILE = 4096;

     

       292
        
                 };

     
···

       342
        
                 /nix/var/nix/profiles \

     

       343
        
                 /nix/var/nix/db \

     

       344
        
                 /nix/var/log/nix/drvs \

     

       345
       +
                 /nix/var/nix/channel-cache

     

       0
        
       
     

       346
        
               mkdir -m 1777 -p \

     

       347
        
                 /nix/var/nix/gcroots/per-user \

     

       348
        
                 /nix/var/nix/profiles/per-user \

+4 -1

nixos/modules/services/networking/dhcpcd.nix

···

       4
        
       

     

       5
        
       let

     

       6
        
       

     

       7
       -
         dhcpcd =  if !config.boot.isContainer then pkgs.dhcpcd else pkgs.dhcpcd_without_udev;

     

       8
        
       

     

       9
        
         # Don't start dhcpcd on explicitly configured interfaces or on

     

       10
        
         # interfaces that are part of a bridge.

     
···

       80
        
         options = {

     

       81
        
       

     

       82
        
           networking.dhcpcd.denyInterfaces = mkOption {

     

       0
        
       
     

       83
        
             default = [];

     

       84
        
             description = ''

     

       85
        
                Disable the DHCP client for any interface whose name matches

     
···

       90
        
           };

     

       91
        
       

     

       92
        
           networking.dhcpcd.extraConfig = mkOption {

     

       0
        
       
     

       93
        
             default = "";

     

       94
        
             description = ''

     

       95
        
                Literal string to append to the config file generated for dhcpcd.

     
···

       107
        
             { description = "DHCP Client";

     

       108
        
       

     

       109
        
               wantedBy = [ "network.target" ];

     

       0
        
       
     

       110
        
       

     

       111
        
               # Stopping dhcpcd during a reconfiguration is undesirable

     

       112
        
               # because it brings down the network interfaces configured by

···

       4
        
       

     

       5
        
       let

     

       6
        
       

     

       7
       +
         dhcpcd = if !config.boot.isContainer then pkgs.dhcpcd else pkgs.dhcpcd.override { udev = null; };

     

       8
        
       

     

       9
        
         # Don't start dhcpcd on explicitly configured interfaces or on

     

       10
        
         # interfaces that are part of a bridge.

     
···

       80
        
         options = {

     

       81
        
       

     

       82
        
           networking.dhcpcd.denyInterfaces = mkOption {

     

       83
       +
             type = types.listOf types.str;

     

       84
        
             default = [];

     

       85
        
             description = ''

     

       86
        
                Disable the DHCP client for any interface whose name matches

     
···

       91
        
           };

     

       92
        
       

     

       93
        
           networking.dhcpcd.extraConfig = mkOption {

     

       94
       +
             type = types.lines;

     

       95
        
             default = "";

     

       96
        
             description = ''

     

       97
        
                Literal string to append to the config file generated for dhcpcd.

     
···

       109
        
             { description = "DHCP Client";

     

       110
        
       

     

       111
        
               wantedBy = [ "network.target" ];

     

       112
       +
               after = [ "systemd-udev-settle.service" ]; # FIXME

     

       113
        
       

     

       114
        
               # Stopping dhcpcd during a reconfiguration is undesirable

     

       115
        
               # because it brings down the network interfaces configured by

+12 -5

nixos/modules/services/networking/firewall.nix

···

       18
        
       

     

       19
        
       */

     

       20
        
       

     

       21
       -
       

     

       22
       -
       

     

       23
        
       { config, lib, pkgs, ... }:

     

       24
        
       

     

       25
        
       with lib;

     
···

       266
        
                            message = "This kernel does not support disabling conntrack helpers"; }

     

       267
        
                        ];

     

       268
        
       

     

       269
       -
           jobs.firewall =

     

       270
        
             { description = "Firewall";

     

       271
        
       

     

       272
       -
               startOn = "started network-interfaces";

     

       0
        
       
     

       273
        
       

     

       274
        
               path = [ pkgs.iptables ];

     

       275
        
       

     

       276
       -
               preStart =

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       277
        
                 ''

     

       278
        
                   ${helpers}

     

       279

···

       18
        
       

     

       19
        
       */

     

       20
        
       

     

       0
        
       
     

       0
        
       
     

       21
        
       { config, lib, pkgs, ... }:

     

       22
        
       

     

       23
        
       with lib;

     
···

       264
        
                            message = "This kernel does not support disabling conntrack helpers"; }

     

       265
        
                        ];

     

       266
        
       

     

       267
       +
           systemd.services.firewall =

     

       268
        
             { description = "Firewall";

     

       269
        
       

     

       270
       +
               wantedBy = [ "network.target" ];

     

       271
       +
               after = [ "network-interfaces.target" "systemd-modules-load.service" ];

     

       272
        
       

     

       273
        
               path = [ pkgs.iptables ];

     

       274
        
       

     

       275
       +
               # FIXME: this module may also try to load kernel modules, but

     

       276
       +
               # containers don't have CAP_SYS_MODULE. So the host system had

     

       277
       +
               # better have all necessary modules already loaded.

     

       278
       +
               unitConfig.ConditionCapability = "CAP_NET_ADMIN";

     

       279
       +
       

     

       280
       +
               serviceConfig.Type = "oneshot";

     

       281
       +
               serviceConfig.RemainAfterExit = true;

     

       282
       +
       

     

       283
       +
               script =

     

       284
        
                 ''

     

       285
        
                   ${helpers}

     

       286

-1

nixos/modules/services/networking/ssh/sshd.nix

···

       258
        
               path = [ pkgs.openssh pkgs.gawk ];

     

       259
        
       

     

       260
        
               environment.LD_LIBRARY_PATH = nssModulesPath;

     

       261
       -
               environment.LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";

     

       262
        
       

     

       263
        
               preStart =

     

       264
        
                 ''

···

       258
        
               path = [ pkgs.openssh pkgs.gawk ];

     

       259
        
       

     

       260
        
               environment.LD_LIBRARY_PATH = nssModulesPath;

     

       0
        
       
     

       261
        
       

     

       262
        
               preStart =

     

       263
        
                 ''

+9 -11

nixos/modules/services/ttys/agetty.nix

···

       49
        
         config = {

     

       50
        
       

     

       51
        
           systemd.services."getty@" =

     

       52
       -
             { baseUnit = pkgs.runCommand "getty.service" {}

     

       53
       -
                 ''

     

       54
       -
                   sed '/ExecStart/ d' < ${config.systemd.package}/example/systemd/system/getty@.service > $out

     

       55
       -
                 '';

     

       56
       -
               serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login %I 38400";

     

       57
        
               restartIfChanged = false;

     

       58
        
             };

     

       59
        
       

     

       60
        
           systemd.services."serial-getty@" =

     

       61
       -
             { baseUnit = pkgs.runCommand "serial-getty.service" {}

     

       62
       -
                 ''

     

       63
       -
                   sed '/ExecStart/ d' < ${config.systemd.package}/example/systemd/system/serial-getty@.service > $out

     

       64
       -
                 '';

     

       65
       -
               serviceConfig.ExecStart =

     

       66
        
                 let speeds = concatStringsSep "," (map toString config.services.mingetty.serialSpeed);

     

       67
       -
                 in "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login %I ${speeds}";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       68
        
               restartIfChanged = false;

     

       69
        
             };

     

       70

···

       49
        
         config = {

     

       50
        
       

     

       51
        
           systemd.services."getty@" =

     

       52
       +
             { serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud %I 115200,38400,9600 $TERM";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       53
        
               restartIfChanged = false;

     

       54
        
             };

     

       55
        
       

     

       56
        
           systemd.services."serial-getty@" =

     

       57
       +
             { serviceConfig.ExecStart =

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       58
        
                 let speeds = concatStringsSep "," (map toString config.services.mingetty.serialSpeed);

     

       59
       +
                 in "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login %I ${speeds} $TERM";

     

       60
       +
               restartIfChanged = false;

     

       61
       +
             };

     

       62
       +
       

     

       63
       +
           systemd.services."container-getty@" =

     

       64
       +
             { unitConfig.ConditionPathExists = "/dev/pts/%I"; # Work around being respawned when "machinectl login" exits.

     

       65
       +
               serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud pts/%I 115200,38400,9600 $TERM";

     

       66
        
               restartIfChanged = false;

     

       67
        
             };

     

       68

+7 -4

nixos/modules/services/ttys/gpm.nix

···

       40
        
       

     

       41
        
         config = mkIf cfg.enable {

     

       42
        
       

     

       43
       -
           jobs.gpm =

     

       44
       -
             { description = "General purpose mouse";

     

       45
        
       

     

       46
       -
               startOn = "started udev";

     

       0
        
       
     

       47
        
       

     

       48
       -
               exec = "${pkgs.gpm}/sbin/gpm -m /dev/input/mice -t ${cfg.protocol} -D &>/dev/null";

     

       0
        
       
     

       0
        
       
     

       49
        
             };

     

       50
        
       

     

       51
        
         };

···

       40
        
       

     

       41
        
         config = mkIf cfg.enable {

     

       42
        
       

     

       43
       +
           systemd.services.gpm =

     

       44
       +
             { description = "Console Mouse Daemon";

     

       45
        
       

     

       46
       +
               wantedBy = [ "multi-user.target" ];

     

       47
       +
               requires = [ "getty.target" ];

     

       48
        
       

     

       49
       +
               serviceConfig.ExecStart = "@${pkgs.gpm}/sbin/gpm gpm -m /dev/input/mice -t ${cfg.protocol}";

     

       50
       +
               serviceConfig.Type = "forking";

     

       51
       +
               serviceConfig.PIDFile = "/run/gpm.pid";

     

       52
        
             };

     

       53
        
       

     

       54
        
         };

+1 -1

nixos/modules/services/web-servers/apache-httpd/default.nix

···

       450
        
             extraModules = mkOption {

     

       451
        
               type = types.listOf types.unspecified;

     

       452
        
               default = [];

     

       453
       -
               example = literalExample ''[ "proxy_connect" { name = "php5"; path = "''${php}/modules/libphp5.so"; } ]'';

     

       454
        
               description = ''

     

       455
        
                 Additional Apache modules to be used.  These can be

     

       456
        
                 specified as a string in the case of modules distributed

···

       450
        
             extraModules = mkOption {

     

       451
        
               type = types.listOf types.unspecified;

     

       452
        
               default = [];

     

       453
       +
               example = literalExample ''[ "proxy_connect" { name = "php5"; path = "''${pkgs.php}/modules/libphp5.so"; } ]'';

     

       454
        
               description = ''

     

       455
        
                 Additional Apache modules to be used.  These can be

     

       456
        
                 specified as a string in the case of modules distributed

+1 -1

nixos/modules/services/x11/desktop-managers/kde4.nix

···

       159
        
       

     

       160
        
           # Enable helpful DBus services.

     

       161
        
           services.udisks.enable = ! wantsUdisks2;

     

       162
       -
           services.udisks2.enable = wantsUdisks2;

     

       163
        
           services.upower.enable = config.powerManagement.enable;

     

       164
        
       

     

       165
        
           security.pam.services.kde = { allowNullPassword = true; };

···

       159
        
       

     

       160
        
           # Enable helpful DBus services.

     

       161
        
           services.udisks.enable = ! wantsUdisks2;

     

       162
       +
           services.udisks2.enable = true;

     

       163
        
           services.upower.enable = config.powerManagement.enable;

     

       164
        
       

     

       165
        
           security.pam.services.kde = { allowNullPassword = true; };

-11

nixos/modules/services/x11/display-managers/default.nix

···

       51
        
       

     

       52
        
             ''}

     

       53
        
       

     

       54
       -
             ${optionalString cfg.startOpenSSHAgent ''

     

       55
       -
               if test -z "$SSH_AUTH_SOCK"; then

     

       56
       -
                   # Restart this script as a child of the SSH agent.  (It is

     

       57
       -
                   # also possible to start the agent as a child that prints

     

       58
       -
                   # the required environment variabled on stdout, but in

     

       59
       -
                   # that mode ssh-agent is not terminated when we log out.)

     

       60
       -
                   export SSH_ASKPASS=${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass

     

       61
       -
                   exec ${pkgs.openssh}/bin/ssh-agent "$0" "$sessionType"

     

       62
       -
               fi

     

       63
       -
             ''}

     

       64
       -
       

     

       65
        
             ${optionalString cfg.startGnuPGAgent ''

     

       66
        
               if test -z "$SSH_AUTH_SOCK"; then

     

       67
        
                   # Restart this script as a child of the GnuPG agent.

···

       51
        
       

     

       52
        
             ''}

     

       53
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       54
        
             ${optionalString cfg.startGnuPGAgent ''

     

       55
        
               if test -z "$SSH_AUTH_SOCK"; then

     

       56
        
                   # Restart this script as a child of the GnuPG agent.

+3 -14

nixos/modules/services/x11/xserver.nix

···

       201
        
               '';

     

       202
        
             };

     

       203
        
       

     

       204
       -
             startOpenSSHAgent = mkOption {

     

       205
       -
               type = types.bool;

     

       206
       -
               default = true;

     

       207
       -
               description = ''

     

       208
       -
                 Whether to start the OpenSSH agent when you log in.  The OpenSSH agent

     

       209
       -
                 remembers private keys for you so that you don't have to type in

     

       210
       -
                 passphrases every time you make an SSH connection.  Use

     

       211
       -
                 <command>ssh-add</command> to add a key to the agent.

     

       212
       -
               '';

     

       213
       -
             };

     

       214
       -
       

     

       215
        
             startGnuPGAgent = mkOption {

     

       216
        
               type = types.bool;

     

       217
        
               default = false;

     
···

       400
        
           hardware.opengl.videoDrivers = mkIf (cfg.videoDriver != null) [ cfg.videoDriver ];

     

       401
        
       

     

       402
        
           assertions =

     

       403
       -
             [ { assertion = !(cfg.startOpenSSHAgent && cfg.startGnuPGAgent);

     

       404
        
                 message =

     

       405
        
                   ''

     

       406
       -
                     The OpenSSH agent and GnuPG agent cannot be started both.

     

       407
       -
                     Choose between `startOpenSSHAgent' and `startGnuPGAgent'.

     

       408
        
                   '';

     

       409
        
               }

     

       410
        
               { assertion = config.security.polkit.enable;

···

       201
        
               '';

     

       202
        
             };

     

       203
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       204
        
             startGnuPGAgent = mkOption {

     

       205
        
               type = types.bool;

     

       206
        
               default = false;

     
···

       389
        
           hardware.opengl.videoDrivers = mkIf (cfg.videoDriver != null) [ cfg.videoDriver ];

     

       390
        
       

     

       391
        
           assertions =

     

       392
       +
             [ { assertion = !(config.programs.ssh.startAgent && cfg.startGnuPGAgent);

     

       393
        
                 message =

     

       394
        
                   ''

     

       395
       +
                     The OpenSSH agent and GnuPG agent cannot be started both. Please

     

       396
       +
                     choose between ‘programs.ssh.startAgent’ and ‘services.xserver.startGnuPGAgent’.

     

       397
        
                   '';

     

       398
        
               }

     

       399
        
               { assertion = config.security.polkit.enable;

+18 -8

nixos/modules/system/activation/switch-to-configuration.pl

···

       65
        
       sub getActiveUnits {

     

       66
        
           # FIXME: use D-Bus or whatever to query this, since parsing the

     

       67
        
           # output of list-units is likely to break.

     

       68
       -
           my $lines = `@systemd@/bin/systemctl list-units --full`;

     

       69
        
           my $res = {};

     

       70
        
           foreach my $line (split '\n', $lines) {

     

       71
        
               chomp $line;

     

       72
        
               last if $line eq "";

     

       73
       -
               $line =~ /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s/ or next;

     

       74
        
               next if $1 eq "UNIT";

     

       75
        
               $res->{$1} = { load => $2, state => $3, substate => $4 };

     

       76
        
           }

     
···

       96
        
       

     

       97
        
       sub parseUnit {

     

       98
        
           my ($filename) = @_;

     

       99
       -
           parseKeyValues(read_file($filename));

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       100
        
       }

     

       101
        
       

     

       102
        
       sub parseKeyValues {

     

       103
       -
           my @lines = @_;

     

       104
       -
           my $info = {};

     

       105
        
           foreach my $line (@_) {

     

       106
        
               # FIXME: not quite correct.

     

       107
        
               $line =~ /^([^=]+)=(.*)$/ or next;

     

       108
        
               $info->{$1} = $2;

     

       109
        
           }

     

       110
       -
           return $info;

     

       111
        
       }

     

       112
        
       

     

       113
        
       sub boolIsTrue {

     

       114
        
           my ($s) = @_;

     

       115
        
           return $s eq "yes" || $s eq "true";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       116
        
       }

     

       117
        
       

     

       118
        
       # Stop all services that no longer exist or have changed in the new

     
···

       166
        
                   }

     

       167
        
               }

     

       168
        
       

     

       169
       -
               elsif (abs_path($prevUnitFile) ne abs_path($newUnitFile)) {

     

       170
        
                   if ($unit eq "sysinit.target" || $unit eq "basic.target" || $unit eq "multi-user.target" || $unit eq "graphical.target") {

     

       171
        
                       # Do nothing.  These cannot be restarted directly.

     

       172
        
                   } elsif ($unit =~ /\.mount$/) {

     
···

       354
        
           elsif ($state->{state} eq "auto-restart") {

     

       355
        
               # A unit in auto-restart state is a failure *if* it previously failed to start

     

       356
        
               my $lines = `@systemd@/bin/systemctl show '$unit'`;

     

       357
       -
               my $info = parseKeyValues(split "\n", $lines);

     

       0
        
       
     

       358
        
       

     

       359
        
               if ($info->{ExecMainStatus} ne '0') {

     

       360
        
                   push @failed, $unit;

···

       65
        
       sub getActiveUnits {

     

       66
        
           # FIXME: use D-Bus or whatever to query this, since parsing the

     

       67
        
           # output of list-units is likely to break.

     

       68
       +
           my $lines = `LANG= @systemd@/bin/systemctl list-units --full`;

     

       69
        
           my $res = {};

     

       70
        
           foreach my $line (split '\n', $lines) {

     

       71
        
               chomp $line;

     

       72
        
               last if $line eq "";

     

       73
       +
               $line =~ /^\*?\s*(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s/ or next;

     

       74
        
               next if $1 eq "UNIT";

     

       75
        
               $res->{$1} = { load => $2, state => $3, substate => $4 };

     

       76
        
           }

     
···

       96
        
       

     

       97
        
       sub parseUnit {

     

       98
        
           my ($filename) = @_;

     

       99
       +
           my $info = {};

     

       100
       +
           parseKeyValues($info, read_file($filename));

     

       101
       +
           parseKeyValues($info, read_file("${filename}.d/overrides.conf")) if -f "${filename}.d/overrides.conf";

     

       102
       +
           return $info;

     

       103
        
       }

     

       104
        
       

     

       105
        
       sub parseKeyValues {

     

       106
       +
           my $info = shift;

     

       0
        
       
     

       107
        
           foreach my $line (@_) {

     

       108
        
               # FIXME: not quite correct.

     

       109
        
               $line =~ /^([^=]+)=(.*)$/ or next;

     

       110
        
               $info->{$1} = $2;

     

       111
        
           }

     

       0
        
       
     

       112
        
       }

     

       113
        
       

     

       114
        
       sub boolIsTrue {

     

       115
        
           my ($s) = @_;

     

       116
        
           return $s eq "yes" || $s eq "true";

     

       117
       +
       }

     

       118
       +
       

     

       119
       +
       # As a fingerprint for determining whether a unit has changed, we use

     

       120
       +
       # its absolute path. If it has an override file, we append *its*

     

       121
       +
       # absolute path as well.

     

       122
       +
       sub fingerprintUnit {

     

       123
       +
           my ($s) = @_;

     

       124
       +
           return abs_path($s) . (-f "${s}.d/overrides.conf" ? " " . abs_path "${s}.d/overrides.conf" : "");

     

       125
        
       }

     

       126
        
       

     

       127
        
       # Stop all services that no longer exist or have changed in the new

     
···

       175
        
                   }

     

       176
        
               }

     

       177
        
       

     

       178
       +
               elsif (fingerprintUnit($prevUnitFile) ne fingerprintUnit($newUnitFile)) {

     

       179
        
                   if ($unit eq "sysinit.target" || $unit eq "basic.target" || $unit eq "multi-user.target" || $unit eq "graphical.target") {

     

       180
        
                       # Do nothing.  These cannot be restarted directly.

     

       181
        
                   } elsif ($unit =~ /\.mount$/) {

     
···

       363
        
           elsif ($state->{state} eq "auto-restart") {

     

       364
        
               # A unit in auto-restart state is a failure *if* it previously failed to start

     

       365
        
               my $lines = `@systemd@/bin/systemctl show '$unit'`;

     

       366
       +
               my $info = {};

     

       367
       +
               parseKeyValues($info, split("\n", $lines));

     

       368
        
       

     

       369
        
               if ($info->{ExecMainStatus} ne '0') {

     

       370
        
                   push @failed, $unit;

nixos/modules/system/activation/top-level.nix

···

       68
        
             echo -n "$configurationName" > $out/configuration-name

     

       69
        
             echo -n "systemd ${toString config.systemd.package.interfaceVersion}" > $out/init-interface-version

     

       70
        
             echo -n "$nixosVersion" > $out/nixos-version

     

       0
        
       
     

       71
        
       

     

       72
        
             mkdir $out/fine-tune

     

       73
        
             childCount=0

···

       68
        
             echo -n "$configurationName" > $out/configuration-name

     

       69
        
             echo -n "systemd ${toString config.systemd.package.interfaceVersion}" > $out/init-interface-version

     

       70
        
             echo -n "$nixosVersion" > $out/nixos-version

     

       71
       +
             echo -n "$system" > $out/system

     

       72
        
       

     

       73
        
             mkdir $out/fine-tune

     

       74
        
             childCount=0

+8 -19

nixos/modules/system/boot/kernel.nix

···

       218
        
       

     

       219
        
           # Create /etc/modules-load.d/nixos.conf, which is read by

     

       220
        
           # systemd-modules-load.service to load required kernel modules.

     

       221
       -
           # FIXME: ensure that systemd-modules-load.service is restarted if

     

       222
       -
           # this file changes.

     

       223
        
           environment.etc = singleton

     

       224
        
             { target = "modules-load.d/nixos.conf";

     

       225
        
               source = kernelModulesConf;

     

       226
        
             };

     

       227
        
       

     

       228
       -
           # Sigh.  This overrides systemd's systemd-modules-load.service

     

       229
       -
           # just so we can set a restart trigger.  Also make

     

       230
       -
           # multi-user.target pull it in so that it gets started if it

     

       231
       -
           # failed earlier.

     

       232
        
           systemd.services."systemd-modules-load" =

     

       233
       -
             { description = "Load Kernel Modules";

     

       234
       -
               wantedBy = [ "sysinit.target" "multi-user.target" ];

     

       235
       -
               before = [ "sysinit.target" "shutdown.target" ];

     

       236
       -
               conflicts = [ "shutdown.target" ];

     

       237
       -
               unitConfig =

     

       238
       -
                 { DefaultDependencies = false;

     

       239
       -
                   ConditionCapability = "CAP_SYS_MODULE";

     

       240
       -
                 };

     

       241
        
               serviceConfig =

     

       242
       -
                 { Type = "oneshot";

     

       243
       -
                   RemainAfterExit = true;

     

       244
       -
                   ExecStart = "${config.systemd.package}/lib/systemd/systemd-modules-load";

     

       245
       -
                   # Ignore failed module loads.  Typically some of the

     

       246
        
                   # modules in ‘boot.kernelModules’ are "nice to have but

     

       247
        
                   # not required" (e.g. acpi-cpufreq), so we don't want to

     

       248
        
                   # barf on those.

     

       249
        
                   SuccessExitStatus = "0 1";

     

       250
        
                 };

     

       251
       -
               restartTriggers = [ kernelModulesConf ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       252
        
             };

     

       253
        
       

     

       254
        
           lib.kernelConfig = {

···

       218
        
       

     

       219
        
           # Create /etc/modules-load.d/nixos.conf, which is read by

     

       220
        
           # systemd-modules-load.service to load required kernel modules.

     

       0
        
       
     

       0
        
       
     

       221
        
           environment.etc = singleton

     

       222
        
             { target = "modules-load.d/nixos.conf";

     

       223
        
               source = kernelModulesConf;

     

       224
        
             };

     

       225
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       226
        
           systemd.services."systemd-modules-load" =

     

       227
       +
             { wantedBy = [ "multi-user.target" ];

     

       228
       +
               restartTriggers = [ kernelModulesConf ];

     

       229
       +
               environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       230
        
               serviceConfig =

     

       231
       +
                 { # Ignore failed module loads.  Typically some of the

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       232
        
                   # modules in ‘boot.kernelModules’ are "nice to have but

     

       233
        
                   # not required" (e.g. acpi-cpufreq), so we don't want to

     

       234
        
                   # barf on those.

     

       235
        
                   SuccessExitStatus = "0 1";

     

       236
        
                 };

     

       237
       +
             };

     

       238
       +
       

     

       239
       +
           systemd.services.kmod-static-nodes =

     

       240
       +
             { environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules";

     

       241
        
             };

     

       242
        
       

     

       243
        
           lib.kernelConfig = {

-2

nixos/modules/system/boot/stage-1-init.sh

···

       139
        
       systemd-udevd --daemon

     

       140
        
       udevadm trigger --action=add

     

       141
        
       udevadm settle || true

     

       142
       -
       modprobe scsi_wait_scan || true

     

       143
       -
       udevadm settle || true

     

       144
        
       

     

       145
        
       

     

       146
        
       # Load boot-time keymap before any LVM/LUKS initialization

···

       139
        
       systemd-udevd --daemon

     

       140
        
       udevadm trigger --action=add

     

       141
        
       udevadm settle || true

     

       0
        
       
     

       0
        
       
     

       142
        
       

     

       143
        
       

     

       144
        
       # Load boot-time keymap before any LVM/LUKS initialization

+1 -1

nixos/modules/system/boot/stage-1.nix

···

       74
        
             cp -v ${pkgs.lvm2}/sbin/dmsetup $out/bin/dmsetup

     

       75
        
             cp -v ${pkgs.lvm2}/sbin/lvm $out/bin/lvm

     

       76
        
             cp -v ${pkgs.lvm2}/lib/libdevmapper.so.*.* $out/lib

     

       77
       -
             cp -v ${pkgs.systemd}/lib/libsystemd-daemon.so.* $out/lib

     

       78
        
       

     

       79
        
             # Add RAID mdadm tool.

     

       80
        
             cp -v ${pkgs.mdadm}/sbin/mdadm $out/bin/mdadm

···

       74
        
             cp -v ${pkgs.lvm2}/sbin/dmsetup $out/bin/dmsetup

     

       75
        
             cp -v ${pkgs.lvm2}/sbin/lvm $out/bin/lvm

     

       76
        
             cp -v ${pkgs.lvm2}/lib/libdevmapper.so.*.* $out/lib

     

       77
       +
             cp -v ${pkgs.systemd}/lib/libsystemd.so.* $out/lib

     

       78
        
       

     

       79
        
             # Add RAID mdadm tool.

     

       80
        
             cp -v ${pkgs.mdadm}/sbin/mdadm $out/bin/mdadm

+15 -15

nixos/modules/system/boot/stage-2-init.sh

···

       82
        
       

     

       83
        
       # More special file systems, initialise required directories.

     

       84
        
       mkdir -m 0755 /dev/shm

     

       85
       -
       mount -t tmpfs -o "rw,nosuid,nodev,size=@devShmSize@" tmpfs /dev/shm

     

       86
        
       mkdir -m 0755 -p /dev/pts

     

       87
        
       [ -e /proc/bus/usb ] && mount -t usbfs none /proc/bus/usb # UML doesn't have USB by default

     

       88
        
       mkdir -m 01777 -p /tmp

     
···

       96
        
       

     

       97
        
       # Miscellaneous boot time cleanup.

     

       98
        
       rm -rf /var/run /var/lock

     

       99
       -
       rm -f /etc/resolv.conf

     

       100
       -
       touch /etc/resolv.conf

     

       101
        
       rm -f /etc/{group,passwd,shadow}.lock

     

       102
        
       

     

       103
        
       if test -n "@cleanTmpDir@"; then

     

       104
        
           echo -n "cleaning \`/tmp'..."

     

       105
        
           find /tmp -maxdepth 1 -mindepth 1 -print0 | xargs -0r rm -rf --one-file-system

     

       106
        
           echo " done"

     

       107
       -
       else

     

       108
       -
           # Get rid of ICE locks...

     

       109
       -
           rm -rf /tmp/.ICE-unix

     

       110
        
       fi

     

       111
       -
       

     

       112
       -
       # ... and ensure that it's owned by root.

     

       113
       -
       mkdir -m 1777 /tmp/.ICE-unix

     

       114
       -
       

     

       115
       -
       # This is a good time to clean up /nix/var/nix/chroots.  Doing an `rm

     

       116
       -
       # -rf' on it isn't safe in general because it can contain bind mounts

     

       117
       -
       # to /nix/store and other places.  But after rebooting these are all

     

       118
       -
       # gone, of course.

     

       119
       -
       rm -rf /nix/var/nix/chroots # recreated in activate-configuration.sh

     

       120
        
       

     

       121
        
       

     

       122
        
       # Also get rid of temporary GC roots.

     
···

       153
        
       if test -n "$resumeDevice"; then

     

       154
        
           mkswap "$resumeDevice" || echo 'Failed to clear saved image.'

     

       155
        
       fi

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       156
        
       

     

       157
        
       

     

       158
        
       # Run the script that performs all configuration activation that does

···

       82
        
       

     

       83
        
       # More special file systems, initialise required directories.

     

       84
        
       mkdir -m 0755 /dev/shm

     

       85
       +
       mount -t tmpfs -o "rw,nosuid,nodev,size=@devShmSize@" none /dev/shm

     

       86
        
       mkdir -m 0755 -p /dev/pts

     

       87
        
       [ -e /proc/bus/usb ] && mount -t usbfs none /proc/bus/usb # UML doesn't have USB by default

     

       88
        
       mkdir -m 01777 -p /tmp

     
···

       96
        
       

     

       97
        
       # Miscellaneous boot time cleanup.

     

       98
        
       rm -rf /var/run /var/lock

     

       0
        
       
     

       0
        
       
     

       99
        
       rm -f /etc/{group,passwd,shadow}.lock

     

       100
        
       

     

       101
        
       if test -n "@cleanTmpDir@"; then

     

       102
        
           echo -n "cleaning \`/tmp'..."

     

       103
        
           find /tmp -maxdepth 1 -mindepth 1 -print0 | xargs -0r rm -rf --one-file-system

     

       104
        
           echo " done"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       105
        
       fi

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       106
        
       

     

       107
        
       

     

       108
        
       # Also get rid of temporary GC roots.

     
···

       139
        
       if test -n "$resumeDevice"; then

     

       140
        
           mkswap "$resumeDevice" || echo 'Failed to clear saved image.'

     

       141
        
       fi

     

       142
       +
       

     

       143
       +
       

     

       144
       +
       # Use /etc/resolv.conf supplied by systemd-nspawn, if applicable.

     

       145
       +
       if [ -n "@useHostResolvConf@" -a -e /etc/resolv.conf ]; then

     

       146
       +
           cat /etc/resolv.conf | resolvconf -m 1000 -a host

     

       147
       +
       else

     

       148
       +
           touch /etc/resolv.conf

     

       149
       +
       fi

     

       150
       +
       

     

       151
       +
       

     

       152
       +
       # Create /var/setuid-wrappers as a tmpfs.

     

       153
       +
       rm -rf /var/setuid-wrappers

     

       154
       +
       mkdir -m 0755 -p /var/setuid-wrappers

     

       155
       +
       mount -t tmpfs -o "mode=0755" none /var/setuid-wrappers

     

       156
        
       

     

       157
        
       

     

       158
        
       # Run the script that performs all configuration activation that does

nixos/modules/system/boot/stage-2.nix

···

       19
        
           isExecutable = true;

     

       20
        
           inherit (config.boot) devShmSize runSize cleanTmpDir;

     

       21
        
           inherit (config.nix) readOnlyStore;

     

       0
        
       
     

       22
        
           ttyGid = config.ids.gids.tty;

     

       23
        
           path =

     

       24
        
             [ pkgs.coreutils

     

       25
        
               pkgs.utillinux

     

       26
        
               pkgs.sysvtools

     

       0
        
       
     

       27
        
             ] ++ (optional config.boot.cleanTmpDir pkgs.findutils)

     

       28
        
             ++ optional config.nix.readOnlyStore readonlyMountpoint;

     

       29
        
           postBootCommands = pkgs.writeText "local-cmds"

     
···

       79
        
               '';

     

       80
        
             };

     

       81
        
       

     

       0
        
       
     

       82
        
             cleanTmpDir = mkOption {

     

       83
        
               type = types.bool;

     

       84
        
               default = false;

···

       19
        
           isExecutable = true;

     

       20
        
           inherit (config.boot) devShmSize runSize cleanTmpDir;

     

       21
        
           inherit (config.nix) readOnlyStore;

     

       22
       +
           inherit (config.networking) useHostResolvConf;

     

       23
        
           ttyGid = config.ids.gids.tty;

     

       24
        
           path =

     

       25
        
             [ pkgs.coreutils

     

       26
        
               pkgs.utillinux

     

       27
        
               pkgs.sysvtools

     

       28
       +
               pkgs.openresolv

     

       29
        
             ] ++ (optional config.boot.cleanTmpDir pkgs.findutils)

     

       30
        
             ++ optional config.nix.readOnlyStore readonlyMountpoint;

     

       31
        
           postBootCommands = pkgs.writeText "local-cmds"

     
···

       81
        
               '';

     

       82
        
             };

     

       83
        
       

     

       84
       +
             # FIXME: should replace this with something that uses systemd-tmpfiles.

     

       85
        
             cleanTmpDir = mkOption {

     

       86
        
               type = types.bool;

     

       87
        
               default = false;

+37 -22

nixos/modules/system/boot/systemd-unit-options.nix

···

       28
        
       

     

       29
        
       in rec {

     

       30
        
       

     

       31
       -
         unitOptions = {

     

       32
        
       

     

       33
        
           enable = mkOption {

     

       34
        
             default = true;

     
···

       41
        
             '';

     

       42
        
           };

     

       43
        
       

     

       44
       -
           baseUnit = mkOption {

     

       45
       -
             type = types.nullOr types.path;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       46
        
             default = null;

     

       47
       -
             description = "Path to an upstream unit file on which the NixOS unit configuration will be based.";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       48
        
           };

     

       49
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
           description = mkOption {

     

       51
        
             default = "";

     

       52
        
             type = types.str;

     
···

       113
        
               If the specified units are started, then this unit is stopped

     

       114
        
               and vice versa.

     

       115
        
             '';

     

       116
       -
           };

     

       117
       -
       

     

       118
       -
           requiredBy = mkOption {

     

       119
       -
             default = [];

     

       120
       -
             type = types.listOf types.str;

     

       121
       -
             description = "Units that require (i.e. depend on and need to go down with) this unit.";

     

       122
       -
           };

     

       123
       -
       

     

       124
       -
           wantedBy = mkOption {

     

       125
       -
             default = [];

     

       126
       -
             type = types.listOf types.str;

     

       127
       -
             description = "Units that want (i.e. depend on) this unit.";

     

       128
        
           };

     

       129
        
       

     

       130
        
           unitConfig = mkOption {

     
···

       152
        
         };

     

       153
        
       

     

       154
        
       

     

       155
       -
         serviceOptions = unitOptions // {

     

       156
        
       

     

       157
        
           environment = mkOption {

     

       158
        
             default = {};

     
···

       286
        
         };

     

       287
        
       

     

       288
        
       

     

       289
       -
         socketOptions = unitOptions // {

     

       290
        
       

     

       291
        
           listenStreams = mkOption {

     

       292
        
             default = [];

     
···

       313
        
         };

     

       314
        
       

     

       315
        
       

     

       316
       -
         timerOptions = unitOptions // {

     

       317
        
       

     

       318
        
           timerConfig = mkOption {

     

       319
        
             default = {};

     
···

       332
        
         };

     

       333
        
       

     

       334
        
       

     

       335
       -
         pathOptions = unitOptions // {

     

       336
        
       

     

       337
        
           pathConfig = mkOption {

     

       338
        
             default = {};

     
···

       349
        
         };

     

       350
        
       

     

       351
        
       

     

       352
       -
         mountOptions = unitOptions // {

     

       353
        
       

     

       354
        
           what = mkOption {

     

       355
        
             example = "/dev/sda1";

     
···

       393
        
           };

     

       394
        
         };

     

       395
        
       

     

       396
       -
         automountOptions = unitOptions // {

     

       397
        
       

     

       398
        
           where = mkOption {

     

       399
        
             example = "/mnt";

     
···

       416
        
             '';

     

       417
        
           };

     

       418
        
         };

     

       0
        
       
     

       0
        
       
     

       419
        
       

     

       420
        
       }

···

       28
        
       

     

       29
        
       in rec {

     

       30
        
       

     

       31
       +
         sharedOptions = {

     

       32
        
       

     

       33
        
           enable = mkOption {

     

       34
        
             default = true;

     
···

       41
        
             '';

     

       42
        
           };

     

       43
        
       

     

       44
       +
           requiredBy = mkOption {

     

       45
       +
             default = [];

     

       46
       +
             type = types.listOf types.string;

     

       47
       +
             description = "Units that require (i.e. depend on and need to go down with) this unit.";

     

       48
       +
           };

     

       49
       +
       

     

       50
       +
           wantedBy = mkOption {

     

       51
       +
             default = [];

     

       52
       +
             type = types.listOf types.string;

     

       53
       +
             description = "Units that want (i.e. depend on) this unit.";

     

       54
       +
           };

     

       55
       +
       

     

       56
       +
         };

     

       57
       +
       

     

       58
       +
         concreteUnitOptions = sharedOptions // {

     

       59
       +
       

     

       60
       +
           text = mkOption {

     

       61
       +
             type = types.nullOr types.str;

     

       62
        
             default = null;

     

       63
       +
             description = "Text of this systemd unit.";

     

       64
       +
           };

     

       65
       +
       

     

       66
       +
           unit = mkOption {

     

       67
       +
             internal = true;

     

       68
       +
             description = "The generated unit.";

     

       69
        
           };

     

       70
        
       

     

       71
       +
         };

     

       72
       +
       

     

       73
       +
         commonUnitOptions = sharedOptions // {

     

       74
       +
       

     

       75
        
           description = mkOption {

     

       76
        
             default = "";

     

       77
        
             type = types.str;

     
···

       138
        
               If the specified units are started, then this unit is stopped

     

       139
        
               and vice versa.

     

       140
        
             '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       141
        
           };

     

       142
        
       

     

       143
        
           unitConfig = mkOption {

     
···

       165
        
         };

     

       166
        
       

     

       167
        
       

     

       168
       +
         serviceOptions = commonUnitOptions // {

     

       169
        
       

     

       170
        
           environment = mkOption {

     

       171
        
             default = {};

     
···

       299
        
         };

     

       300
        
       

     

       301
        
       

     

       302
       +
         socketOptions = commonUnitOptions // {

     

       303
        
       

     

       304
        
           listenStreams = mkOption {

     

       305
        
             default = [];

     
···

       326
        
         };

     

       327
        
       

     

       328
        
       

     

       329
       +
         timerOptions = commonUnitOptions // {

     

       330
        
       

     

       331
        
           timerConfig = mkOption {

     

       332
        
             default = {};

     
···

       345
        
         };

     

       346
        
       

     

       347
        
       

     

       348
       +
         pathOptions = commonUnitOptions // {

     

       349
        
       

     

       350
        
           pathConfig = mkOption {

     

       351
        
             default = {};

     
···

       362
        
         };

     

       363
        
       

     

       364
        
       

     

       365
       +
         mountOptions = commonUnitOptions // {

     

       366
        
       

     

       367
        
           what = mkOption {

     

       368
        
             example = "/dev/sda1";

     
···

       406
        
           };

     

       407
        
         };

     

       408
        
       

     

       409
       +
         automountOptions = commonUnitOptions // {

     

       410
        
       

     

       411
        
           where = mkOption {

     

       412
        
             example = "/mnt";

     
···

       429
        
             '';

     

       430
        
           };

     

       431
        
         };

     

       432
       +
       

     

       433
       +
         targetOptions = commonUnitOptions;

     

       434
        
       

     

       435
        
       }

+171 -107

nixos/modules/system/boot/systemd.nix

···

       24
        
                 ln -s /dev/null $out/${name}

     

       25
        
               '';

     

       26
        
       

     

       27
       -
         upstreamUnits =

     

       28
        
           [ # Targets.

     

       29
        
             "basic.target"

     

       30
        
             "sysinit.target"

     

       31
        
             "sockets.target"

     

       32
        
             "graphical.target"

     

       33
        
             "multi-user.target"

     

       34
       -
             "getty.target"

     

       35
        
             "network.target"

     

       36
        
             "network-online.target"

     

       37
        
             "nss-lookup.target"

     
···

       41
        
             "sigpwr.target"

     

       42
        
             "timers.target"

     

       43
        
             "paths.target"

     

       0
        
       
     

       44
        
       

     

       45
        
             # Rescue mode.

     

       46
        
             "rescue.target"

     
···

       53
        
             "systemd-udev-settle.service"

     

       54
        
             "systemd-udev-trigger.service"

     

       55
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       56
        
             # Hardware (started by udev when a relevant device is plugged in).

     

       57
        
             "sound.target"

     

       58
        
             "bluetooth.target"

     
···

       65
        
             #"systemd-vconsole-setup.service"

     

       66
        
             "systemd-user-sessions.service"

     

       67
        
             "dbus-org.freedesktop.login1.service"

     

       0
        
       
     

       68
        
             "user@.service"

     

       69
        
       

     

       70
        
             # Journal.

     

       71
        
             "systemd-journald.socket"

     

       72
        
             "systemd-journald.service"

     

       73
        
             "systemd-journal-flush.service"

     

       0
        
       
     

       0
        
       
     

       74
        
             "syslog.socket"

     

       75
        
       

     

       76
        
             # SysV init compatibility.

     
···

       78
        
             "systemd-initctl.service"

     

       79
        
       

     

       80
        
             # Kernel module loading.

     

       81
       -
             #"systemd-modules-load.service"

     

       0
        
       
     

       82
        
       

     

       83
        
             # Filesystems.

     

       84
        
             "systemd-fsck@.service"

     
···

       91
        
             "swap.target"

     

       92
        
             "dev-hugepages.mount"

     

       93
        
             "dev-mqueue.mount"

     

       0
        
       
     

       94
        
             "sys-fs-fuse-connections.mount"

     

       95
        
             "sys-kernel-config.mount"

     

       96
        
             "sys-kernel-debug.mount"

     

       97
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       98
        
             # Hibernate / suspend.

     

       99
        
             "hibernate.target"

     

       100
        
             "suspend.target"

     
···

       119
        
             "final.target"

     

       120
        
             "kexec.target"

     

       121
        
             "systemd-kexec.service"

     

       0
        
       
     

       122
        
       

     

       123
        
             # Password entry.

     

       124
        
             "systemd-ask-password-console.path"

     

       125
        
             "systemd-ask-password-console.service"

     

       126
        
             "systemd-ask-password-wall.path"

     

       127
        
             "systemd-ask-password-wall.service"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       128
        
           ]

     

       129
        
       

     

       130
        
           ++ optionals cfg.enableEmergencyMode [

     

       131
        
             "emergency.target"

     

       132
        
             "emergency.service"

     

       133
       -
           ]

     

       134
       -
       

     

       135
       -
           ++ optionals config.services.journald.enableHttpGateway [

     

       136
       -
             "systemd-journal-gatewayd.socket"

     

       137
       -
             "systemd-journal-gatewayd.service"

     

       138
        
           ];

     

       139
        
       

     

       140
       -
         upstreamWants =

     

       141
        
           [ #"basic.target.wants"

     

       142
        
             "sysinit.target.wants"

     

       143
        
             "sockets.target.wants"

     

       144
        
             "local-fs.target.wants"

     

       145
        
             "multi-user.target.wants"

     

       146
       -
             "shutdown.target.wants"

     

       147
        
             "timers.target.wants"

     

       148
        
           ];

     

       149
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       150
        
         makeJobScript = name: text:

     

       151
        
           let x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${name}"; inherit text; };

     

       152
        
           in "${x}/bin/${name}";

     
···

       178
        
       

     

       179
        
         serviceConfig = { name, config, ... }: {

     

       180
        
           config = mkMerge

     

       181
       -
             [ (mkIf (config.baseUnit == null) { # Default path for systemd services.  Should be quite minimal.

     

       182
        
                 path =

     

       183
        
                   [ pkgs.coreutils

     

       184
        
                     pkgs.findutils

     
···

       187
        
                     systemd

     

       188
        
                   ];

     

       189
        
                 environment.PATH = config.path;

     

       190
       -
               })

     

       191
        
               (mkIf (config.preStart != "")

     

       192
        
                 { serviceConfig.ExecStartPre = makeJobScript "${name}-pre-start" ''

     

       193
        
                     #! ${pkgs.stdenv.shell} -e

     
···

       255
        
               (if isList value then value else [value]))

     

       256
        
               as));

     

       257
        
       

     

       258
       -
         commonUnitText = def:

     

       259
       -
           optionalString (def.baseUnit != null) ''

     

       260
       -
             .include ${def.baseUnit}

     

       261
       -
           '' + ''

     

       262
        
             [Unit]

     

       263
        
             ${attrsToSection def.unitConfig}

     

       264
        
           '';

     
···

       335
        
               '';

     

       336
        
           };

     

       337
        
       

     

       338
       -
         units = pkgs.runCommand "units" { preferLocalBuild = true; }

     

       339
       -
           ''

     

       340
        
             mkdir -p $out

     

       0
        
       
     

       0
        
       
     

       341
        
             for i in ${toString upstreamUnits}; do

     

       342
       -
               fn=${systemd}/example/systemd/system/$i

     

       343
        
               if ! [ -e $fn ]; then echo "missing $fn"; false; fi

     

       344
        
               if [ -L $fn ]; then

     

       345
       -
                 cp -pd $fn $out/

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       346
        
               else

     

       347
        
                 ln -s $fn $out/

     

       348
        
               fi

     

       349
        
             done

     

       350
        
       

     

       0
        
       
     

       0
        
       
     

       351
        
             for i in ${toString upstreamWants}; do

     

       352
       -
               fn=${systemd}/example/systemd/system/$i

     

       353
        
               if ! [ -e $fn ]; then echo "missing $fn"; false; fi

     

       354
        
               x=$out/$(basename $fn)

     

       355
        
               mkdir $x

     

       356
        
               for i in $fn/*; do

     

       357
        
                 y=$x/$(basename $i)

     

       358
        
                 cp -pd $i $y

     

       359
       -
                 if ! [ -e $y ]; then rm -v $y; fi

     

       360
        
               done

     

       361
        
             done

     

       362
        
       

     

       363
       -
             for i in ${toString (mapAttrsToList (n: v: v.unit) cfg.units)}; do

     

       364
       -
               ln -fs $i/* $out/

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       365
        
             done

     

       366
        
       

     

       367
       -
             for i in ${toString cfg.packages}; do

     

       368
       -
               ln -s $i/etc/systemd/system/* $out/

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       369
        
             done

     

       370
        
       

     

       0
        
       
     

       0
        
       
     

       371
        
             ${concatStrings (mapAttrsToList (name: unit:

     

       372
        
                 concatMapStrings (name2: ''

     

       373
        
                   mkdir -p $out/'${name2}.wants'

     

       374
        
                   ln -sfn '../${name}' $out/'${name2}.wants'/

     

       375
       -
                 '') unit.wantedBy) cfg.units)}

     

       376
        
       

     

       377
        
             ${concatStrings (mapAttrsToList (name: unit:

     

       378
        
                 concatMapStrings (name2: ''

     

       379
        
                   mkdir -p $out/'${name2}.requires'

     

       380
        
                   ln -sfn '../${name}' $out/'${name2}.requires'/

     

       381
       -
                 '') unit.requiredBy) cfg.units)}

     

       382
       -
       

     

       383
       -
             ln -s ${cfg.defaultUnit} $out/default.target

     

       384
        
       

     

       385
       -
             ln -s rescue.target $out/kbrequest.target

     

       0
        
       
     

       0
        
       
     

       386
        
       

     

       387
       -
             mkdir -p $out/getty.target.wants/

     

       388
       -
             ln -s ../autovt@tty1.service $out/getty.target.wants/

     

       389
        
       

     

       390
       -
             ln -s ../local-fs.target ../remote-fs.target ../network.target ../nss-lookup.target \

     

       391
       -
                   ../nss-user-lookup.target ../swap.target $out/multi-user.target.wants/

     

       392
        
       

     

       393
       -
             ${ optionalString config.services.journald.enableHttpGateway ''

     

       394
       -
             ln -s ../systemd-journal-gatewayd.service $out/multi-user-target.wants/

     

       395
        
             ''}

     

       396
        
           ''; # */

     

       397
        
       

     
···

       414
        
             default = {};

     

       415
        
             type = types.attrsOf types.optionSet;

     

       416
        
             options = { name, config, ... }:

     

       417
       -
               { options = {

     

       418
       -
                   text = mkOption {

     

       419
       -
                     type = types.nullOr types.str;

     

       420
       -
                     default = null;

     

       421
       -
                     description = "Text of this systemd unit.";

     

       422
       -
                   };

     

       423
       -
                   enable = mkOption {

     

       424
       -
                     default = true;

     

       425
       -
                     type = types.bool;

     

       426
       -
                     description = ''

     

       427
       -
                       If set to false, this unit will be a symlink to

     

       428
       -
                       /dev/null. This is primarily useful to prevent specific

     

       429
       -
                       template instances (e.g. <literal>serial-getty@ttyS0</literal>)

     

       430
       -
                       from being started.

     

       431
       -
                     '';

     

       432
       -
                   };

     

       433
       -
                   requiredBy = mkOption {

     

       434
       -
                     default = [];

     

       435
       -
                     type = types.listOf types.string;

     

       436
       -
                     description = "Units that require (i.e. depend on and need to go down with) this unit.";

     

       437
       -
                   };

     

       438
       -
                   wantedBy = mkOption {

     

       439
       -
                     default = [];

     

       440
       -
                     type = types.listOf types.string;

     

       441
       -
                     description = "Units that want (i.e. depend on) this unit.";

     

       442
       -
                   };

     

       443
       -
                   unit = mkOption {

     

       444
       -
                     internal = true;

     

       445
       -
                     description = "The generated unit.";

     

       446
       -
                   };

     

       447
       -
                 };

     

       448
        
                 config = {

     

       449
        
                   unit = mkDefault (makeUnit name config);

     

       450
        
                 };

     
···

       460
        
           systemd.targets = mkOption {

     

       461
        
             default = {};

     

       462
        
             type = types.attrsOf types.optionSet;

     

       463
       -
             options = [ unitOptions unitConfig ];

     

       464
        
             description = "Definition of systemd target units.";

     

       465
        
           };

     

       466
        
       

     
···

       583
        
             default = false;

     

       584
        
             type = types.bool;

     

       585
        
             description = ''

     

       586
       -
               Enable journal http gateway

     

       587
        
             '';

     

       588
        
           };

     

       589
        
       

     
···

       610
        
             '';

     

       611
        
           };

     

       612
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       613
        
         };

     

       614
        
       

     

       615
        
       

     
···

       617
        
       

     

       618
        
         config = {

     

       619
        
       

     

       620
       -
           system.build.units = units;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       621
        
       

     

       622
        
           environment.systemPackages = [ systemd ];

     

       623
        
       

     

       624
       -
           environment.etc."systemd/system".source = units;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       625
        
       

     

       626
        
           environment.etc."systemd/system.conf".text =

     

       627
        
             ''

     
···

       685
        
                          (v: let n = escapeSystemdPath v.where;

     

       686
        
                              in nameValuePair "${n}.automount" (automountToUnit n v)) cfg.automounts);

     

       687
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       688
        
           system.requiredKernelConfig = map config.lib.kernelConfig.isEnabled [

     

       689
        
             "CGROUPS" "AUTOFS4_FS" "DEVTMPFS"

     

       690
        
           ];

     
···

       708
        
               })

     

       709
        
               (filterAttrs (name: service: service.startAt != "") cfg.services);

     

       710
        
       

     

       711
       -
           # FIXME: These are borrowed from upstream systemd.

     

       712
       -
           systemd.services."systemd-update-utmp" =

     

       713
       -
             { description = "Update UTMP about System Reboot/Shutdown";

     

       714
       -
               wantedBy = [ "sysinit.target" ];

     

       715
       -
               after = [ "systemd-remount-fs.service" ];

     

       716
       -
               before = [ "sysinit.target" "shutdown.target" ];

     

       717
       -
               conflicts = [ "shutdown.target" ];

     

       718
       -
               unitConfig = {

     

       719
       -
                 DefaultDependencies = false;

     

       720
       -
                 RequiresMountsFor = "/var/log";

     

       721
       -
               };

     

       722
       -
               serviceConfig = {

     

       723
       -
                 Type = "oneshot";

     

       724
       -
                 RemainAfterExit = true;

     

       725
       -
                 ExecStart = "${systemd}/lib/systemd/systemd-update-utmp reboot";

     

       726
       -
                 ExecStop = "${systemd}/lib/systemd/systemd-update-utmp shutdown";

     

       727
       -
               };

     

       728
       -
               restartIfChanged = false;

     

       729
        
             };

     

       730
        
       

     

       731
       -
           systemd.services."systemd-random-seed" =

     

       732
       -
             { description = "Load/Save Random Seed";

     

       733
       -
               wantedBy = [ "sysinit.target" "multi-user.target" ];

     

       734
       -
               after = [ "systemd-remount-fs.service" ];

     

       735
       -
               before = [ "sysinit.target" "shutdown.target" ];

     

       736
       -
               conflicts = [ "shutdown.target" ];

     

       737
       -
               unitConfig = {

     

       738
       -
                 DefaultDependencies = false;

     

       739
       -
                 RequiresMountsFor = "/var/lib";

     

       740
       -
               };

     

       741
       -
               serviceConfig = {

     

       742
       -
                 Type = "oneshot";

     

       743
       -
                 RemainAfterExit = true;

     

       744
       -
                 ExecStart = "${systemd}/lib/systemd/systemd-random-seed load";

     

       745
       -
                 ExecStop = "${systemd}/lib/systemd/systemd-random-seed save";

     

       746
       -
               };

     

       747
       -
             };

     

       748
        
       

     

       749
        
         };

     

       750
        
       }

···

       24
        
                 ln -s /dev/null $out/${name}

     

       25
        
               '';

     

       26
        
       

     

       27
       +
         upstreamSystemUnits =

     

       28
        
           [ # Targets.

     

       29
        
             "basic.target"

     

       30
        
             "sysinit.target"

     

       31
        
             "sockets.target"

     

       32
        
             "graphical.target"

     

       33
        
             "multi-user.target"

     

       0
        
       
     

       34
        
             "network.target"

     

       35
        
             "network-online.target"

     

       36
        
             "nss-lookup.target"

     
···

       40
        
             "sigpwr.target"

     

       41
        
             "timers.target"

     

       42
        
             "paths.target"

     

       43
       +
             "rpcbind.target"

     

       44
        
       

     

       45
        
             # Rescue mode.

     

       46
        
             "rescue.target"

     
···

       53
        
             "systemd-udev-settle.service"

     

       54
        
             "systemd-udev-trigger.service"

     

       55
        
       

     

       56
       +
             # Consoles.

     

       57
       +
             "getty.target"

     

       58
       +
             "getty@.service"

     

       59
       +
             "serial-getty@.service"

     

       60
       +
             "container-getty@.service"

     

       61
       +
             "systemd-vconsole-setup.service"

     

       62
       +
       

     

       63
        
             # Hardware (started by udev when a relevant device is plugged in).

     

       64
        
             "sound.target"

     

       65
        
             "bluetooth.target"

     
···

       72
        
             #"systemd-vconsole-setup.service"

     

       73
        
             "systemd-user-sessions.service"

     

       74
        
             "dbus-org.freedesktop.login1.service"

     

       75
       +
             "dbus-org.freedesktop.machine1.service"

     

       76
        
             "user@.service"

     

       77
        
       

     

       78
        
             # Journal.

     

       79
        
             "systemd-journald.socket"

     

       80
        
             "systemd-journald.service"

     

       81
        
             "systemd-journal-flush.service"

     

       82
       +
             "systemd-journal-gatewayd.socket"

     

       83
       +
             "systemd-journal-gatewayd.service"

     

       84
        
             "syslog.socket"

     

       85
        
       

     

       86
        
             # SysV init compatibility.

     
···

       88
        
             "systemd-initctl.service"

     

       89
        
       

     

       90
        
             # Kernel module loading.

     

       91
       +
             "systemd-modules-load.service"

     

       92
       +
             "kmod-static-nodes.service"

     

       93
        
       

     

       94
        
             # Filesystems.

     

       95
        
             "systemd-fsck@.service"

     
···

       102
        
             "swap.target"

     

       103
        
             "dev-hugepages.mount"

     

       104
        
             "dev-mqueue.mount"

     

       105
       +
             "proc-sys-fs-binfmt_misc.mount"

     

       106
        
             "sys-fs-fuse-connections.mount"

     

       107
        
             "sys-kernel-config.mount"

     

       108
        
             "sys-kernel-debug.mount"

     

       109
        
       

     

       110
       +
             # Maintaining state across reboots.

     

       111
       +
             "systemd-random-seed.service"

     

       112
       +
             "systemd-backlight@.service"

     

       113
       +
             "systemd-rfkill@.service"

     

       114
       +
       

     

       115
        
             # Hibernate / suspend.

     

       116
        
             "hibernate.target"

     

       117
        
             "suspend.target"

     
···

       136
        
             "final.target"

     

       137
        
             "kexec.target"

     

       138
        
             "systemd-kexec.service"

     

       139
       +
             "systemd-update-utmp.service"

     

       140
        
       

     

       141
        
             # Password entry.

     

       142
        
             "systemd-ask-password-console.path"

     

       143
        
             "systemd-ask-password-console.service"

     

       144
        
             "systemd-ask-password-wall.path"

     

       145
        
             "systemd-ask-password-wall.service"

     

       146
       +
       

     

       147
       +
             # Slices / containers.

     

       148
       +
             "slices.target"

     

       149
       +
             "-.slice"

     

       150
       +
             "system.slice"

     

       151
       +
             "user.slice"

     

       152
       +
             "machine.slice"

     

       153
       +
             "systemd-machined.service"

     

       154
       +
       

     

       155
       +
             # Temporary file creation / cleanup.

     

       156
       +
             "systemd-tmpfiles-clean.service"

     

       157
       +
             "systemd-tmpfiles-clean.timer"

     

       158
       +
             "systemd-tmpfiles-setup.service"

     

       159
       +
             "systemd-tmpfiles-setup-dev.service"

     

       160
       +
       

     

       161
       +
             # Misc.

     

       162
       +
             "systemd-sysctl.service"

     

       163
        
           ]

     

       164
        
       

     

       165
        
           ++ optionals cfg.enableEmergencyMode [

     

       166
        
             "emergency.target"

     

       167
        
             "emergency.service"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       168
        
           ];

     

       169
        
       

     

       170
       +
         upstreamSystemWants =

     

       171
        
           [ #"basic.target.wants"

     

       172
        
             "sysinit.target.wants"

     

       173
        
             "sockets.target.wants"

     

       174
        
             "local-fs.target.wants"

     

       175
        
             "multi-user.target.wants"

     

       0
        
       
     

       176
        
             "timers.target.wants"

     

       177
        
           ];

     

       178
        
       

     

       179
       +
         upstreamUserUnits =

     

       180
       +
           [ "basic.target"

     

       181
       +
             "default.target"

     

       182
       +
             "exit.target"

     

       183
       +
             "paths.target"

     

       184
       +
             "shutdown.target"

     

       185
       +
             "sockets.target"

     

       186
       +
             "systemd-exit.service"

     

       187
       +
             "timers.target"

     

       188
       +
           ];

     

       189
       +
       

     

       190
        
         makeJobScript = name: text:

     

       191
        
           let x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${name}"; inherit text; };

     

       192
        
           in "${x}/bin/${name}";

     
···

       218
        
       

     

       219
        
         serviceConfig = { name, config, ... }: {

     

       220
        
           config = mkMerge

     

       221
       +
             [ { # Default path for systemd services.  Should be quite minimal.

     

       222
        
                 path =

     

       223
        
                   [ pkgs.coreutils

     

       224
        
                     pkgs.findutils

     
···

       227
        
                     systemd

     

       228
        
                   ];

     

       229
        
                 environment.PATH = config.path;

     

       230
       +
               }

     

       231
        
               (mkIf (config.preStart != "")

     

       232
        
                 { serviceConfig.ExecStartPre = makeJobScript "${name}-pre-start" ''

     

       233
        
                     #! ${pkgs.stdenv.shell} -e

     
···

       295
        
               (if isList value then value else [value]))

     

       296
        
               as));

     

       297
        
       

     

       298
       +
         commonUnitText = def: ''

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       299
        
             [Unit]

     

       300
        
             ${attrsToSection def.unitConfig}

     

       301
        
           '';

     
···

       372
        
               '';

     

       373
        
           };

     

       374
        
       

     

       375
       +
         generateUnits = type: units: upstreamUnits: upstreamWants:

     

       376
       +
           pkgs.runCommand "${type}-units" { preferLocalBuild = true; } ''

     

       377
        
             mkdir -p $out

     

       378
       +
       

     

       379
       +
             # Copy the upstream systemd units we're interested in.

     

       380
        
             for i in ${toString upstreamUnits}; do

     

       381
       +
               fn=${systemd}/example/systemd/${type}/$i

     

       382
        
               if ! [ -e $fn ]; then echo "missing $fn"; false; fi

     

       383
        
               if [ -L $fn ]; then

     

       384
       +
                 target="$(readlink "$fn")"

     

       385
       +
                 if [ ''${target:0:3} = ../ ]; then

     

       386
       +
                   ln -s "$(readlink -f "$fn")" $out/

     

       387
       +
                 else

     

       388
       +
                   cp -pd $fn $out/

     

       389
       +
                 fi

     

       390
        
               else

     

       391
        
                 ln -s $fn $out/

     

       392
        
               fi

     

       393
        
             done

     

       394
        
       

     

       395
       +
             # Copy .wants links, but only those that point to units that

     

       396
       +
             # we're interested in.

     

       397
        
             for i in ${toString upstreamWants}; do

     

       398
       +
               fn=${systemd}/example/systemd/${type}/$i

     

       399
        
               if ! [ -e $fn ]; then echo "missing $fn"; false; fi

     

       400
        
               x=$out/$(basename $fn)

     

       401
        
               mkdir $x

     

       402
        
               for i in $fn/*; do

     

       403
        
                 y=$x/$(basename $i)

     

       404
        
                 cp -pd $i $y

     

       405
       +
                 if ! [ -e $y ]; then rm $y; fi

     

       406
        
               done

     

       407
        
             done

     

       408
        
       

     

       409
       +
             # Symlink all units provided listed in systemd.packages.

     

       410
       +
             for i in ${toString cfg.packages}; do

     

       411
       +
               files=$(echo $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*)

     

       412
       +
               if [ -n "$files" ]; then

     

       413
       +
                 ln -s $files $out/

     

       414
       +
               fi

     

       415
        
             done

     

       416
        
       

     

       417
       +
             # Symlink all units defined by systemd.units. If these are also

     

       418
       +
             # provided by systemd or systemd.packages, then add them as

     

       419
       +
             # <unit-name>.d/overrides.conf, which makes them extend the

     

       420
       +
             # upstream unit.

     

       421
       +
             for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do

     

       422
       +
               fn=$(basename $i/*)

     

       423
       +
               if [ -e $out/$fn ]; then

     

       424
       +
                 if [ "$(readlink -f $i/$fn)" = /dev/null ]; then

     

       425
       +
                   ln -sfn /dev/null $out/$fn

     

       426
       +
                 else

     

       427
       +
                   mkdir $out/$fn.d

     

       428
       +
                   ln -s $i/$fn $out/$fn.d/overrides.conf

     

       429
       +
                 fi

     

       430
       +
              else

     

       431
       +
                 ln -fs $i/$fn $out/

     

       432
       +
               fi

     

       433
        
             done

     

       434
        
       

     

       435
       +
             # Created .wants and .requires symlinks from the wantedBy and

     

       436
       +
             # requiredBy options.

     

       437
        
             ${concatStrings (mapAttrsToList (name: unit:

     

       438
        
                 concatMapStrings (name2: ''

     

       439
        
                   mkdir -p $out/'${name2}.wants'

     

       440
        
                   ln -sfn '../${name}' $out/'${name2}.wants'/

     

       441
       +
                 '') unit.wantedBy) units)}

     

       442
        
       

     

       443
        
             ${concatStrings (mapAttrsToList (name: unit:

     

       444
        
                 concatMapStrings (name2: ''

     

       445
        
                   mkdir -p $out/'${name2}.requires'

     

       446
        
                   ln -sfn '../${name}' $out/'${name2}.requires'/

     

       447
       +
                 '') unit.requiredBy) units)}

     

       0
        
       
     

       0
        
       
     

       448
        
       

     

       449
       +
             ${optionalString (type == "system") ''

     

       450
       +
               # Stupid misc. symlinks.

     

       451
       +
               ln -s ${cfg.defaultUnit} $out/default.target

     

       452
        
       

     

       453
       +
               ln -s rescue.target $out/kbrequest.target

     

       0
        
       
     

       454
        
       

     

       455
       +
               mkdir -p $out/getty.target.wants/

     

       456
       +
               ln -s ../autovt@tty1.service $out/getty.target.wants/

     

       457
        
       

     

       458
       +
               ln -s ../local-fs.target ../remote-fs.target ../network.target ../nss-lookup.target \

     

       459
       +
                     ../nss-user-lookup.target ../swap.target $out/multi-user.target.wants/

     

       460
        
             ''}

     

       461
        
           ''; # */

     

       462
        
       

     
···

       479
        
             default = {};

     

       480
        
             type = types.attrsOf types.optionSet;

     

       481
        
             options = { name, config, ... }:

     

       482
       +
               { options = concreteUnitOptions;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       483
        
                 config = {

     

       484
        
                   unit = mkDefault (makeUnit name config);

     

       485
        
                 };

     
···

       495
        
           systemd.targets = mkOption {

     

       496
        
             default = {};

     

       497
        
             type = types.attrsOf types.optionSet;

     

       498
       +
             options = [ targetOptions unitConfig ];

     

       499
        
             description = "Definition of systemd target units.";

     

       500
        
           };

     

       501
        
       

     
···

       618
        
             default = false;

     

       619
        
             type = types.bool;

     

       620
        
             description = ''

     

       621
       +
               Whether to enable the HTTP gateway to the journal.

     

       622
        
             '';

     

       623
        
           };

     

       624
        
       

     
···

       645
        
             '';

     

       646
        
           };

     

       647
        
       

     

       648
       +
           systemd.tmpfiles.rules = mkOption {

     

       649
       +
             type = types.listOf types.str;

     

       650
       +
             default = [];

     

       651
       +
             example = [ "d /tmp 1777 root root 10d" ];

     

       652
       +
             description = ''

     

       653
       +
               Rules for creating and cleaning up temporary files

     

       654
       +
               automatically. See

     

       655
       +
               <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>

     

       656
       +
               for the exact format. You should not use this option to create

     

       657
       +
               files required by systemd services, since there is no

     

       658
       +
               guarantee that <command>systemd-tmpfiles</command> runs when

     

       659
       +
               the system is reconfigured using

     

       660
       +
               <command>nixos-rebuild</command>.

     

       661
       +
             '';

     

       662
       +
           };

     

       663
       +
       

     

       664
       +
           systemd.user.units = mkOption {

     

       665
       +
             description = "Definition of systemd per-user units.";

     

       666
       +
             default = {};

     

       667
       +
             type = types.attrsOf types.optionSet;

     

       668
       +
             options = { name, config, ... }:

     

       669
       +
               { options = concreteUnitOptions;

     

       670
       +
                 config = {

     

       671
       +
                   unit = mkDefault (makeUnit name config);

     

       672
       +
                 };

     

       673
       +
               };

     

       674
       +
           };

     

       675
       +
       

     

       676
       +
           systemd.user.services = mkOption {

     

       677
       +
             default = {};

     

       678
       +
             type = types.attrsOf types.optionSet;

     

       679
       +
             options = [ serviceOptions unitConfig serviceConfig ];

     

       680
       +
             description = "Definition of systemd per-user service units.";

     

       681
       +
           };

     

       682
       +
       

     

       683
        
         };

     

       684
        
       

     

       685
        
       

     
···

       687
        
       

     

       688
        
         config = {

     

       689
        
       

     

       690
       +
           assertions = mapAttrsToList (name: service: {

     

       691
       +
             assertion = service.serviceConfig.Type or "" == "oneshot" -> service.serviceConfig.Restart or "no" == "no";

     

       692
       +
             message = "${name}: Type=oneshot services must have Restart=no";

     

       693
       +
           }) cfg.services;

     

       694
       +
       

     

       695
       +
           system.build.units = cfg.units;

     

       696
        
       

     

       697
        
           environment.systemPackages = [ systemd ];

     

       698
        
       

     

       699
       +
           environment.etc."systemd/system".source =

     

       700
       +
             generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants;

     

       701
       +
       

     

       702
       +
           environment.etc."systemd/user".source =

     

       703
       +
             generateUnits "user" cfg.user.units upstreamUserUnits [];

     

       704
        
       

     

       705
        
           environment.etc."systemd/system.conf".text =

     

       706
        
             ''

     
···

       764
        
                          (v: let n = escapeSystemdPath v.where;

     

       765
        
                              in nameValuePair "${n}.automount" (automountToUnit n v)) cfg.automounts);

     

       766
        
       

     

       767
       +
           systemd.user.units =

     

       768
       +
             mapAttrs' (n: v: nameValuePair "${n}.service" (serviceToUnit n v)) cfg.user.services;

     

       769
       +
       

     

       770
        
           system.requiredKernelConfig = map config.lib.kernelConfig.isEnabled [

     

       771
        
             "CGROUPS" "AUTOFS4_FS" "DEVTMPFS"

     

       772
        
           ];

     
···

       790
        
               })

     

       791
        
               (filterAttrs (name: service: service.startAt != "") cfg.services);

     

       792
        
       

     

       793
       +
           systemd.sockets.systemd-journal-gatewayd.wantedBy =

     

       794
       +
             optional config.services.journald.enableHttpGateway "sockets.target";

     

       795
       +
       

     

       796
       +
           # Provide the systemd-user PAM service, required to run systemd

     

       797
       +
           # user instances.

     

       798
       +
           security.pam.services.systemd-user =

     

       799
       +
             { # Ensure that pam_systemd gets included. This is special-cased

     

       800
       +
               # in systemd to provide XDG_RUNTIME_DIR.

     

       801
       +
               startSession = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       802
        
             };

     

       803
        
       

     

       804
       +
           environment.etc."tmpfiles.d/x11.conf".source = "${systemd}/example/tmpfiles.d/x11.conf";

     

       805
       +
       

     

       806
       +
           environment.etc."tmpfiles.d/nixos.conf".text =

     

       807
       +
             ''

     

       808
       +
               # This file is created automatically and should not be modified.

     

       809
       +
               # Please change the option ‘systemd.tmpfiles.rules’ instead.

     

       810
       +
               ${concatStringsSep "\n" cfg.tmpfiles.rules}

     

       811
       +
             '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       812
        
       

     

       813
        
         };

     

       814
        
       }

+1 -1

nixos/modules/system/upstart/upstart.nix

···

       93
        
                   if job.daemonType == "fork" || job.daemonType == "daemon" then { Type = "forking"; GuessMainPID = true; } else

     

       94
        
                   if job.daemonType == "none" then { } else

     

       95
        
                   throw "invalid daemon type `${job.daemonType}'")

     

       96
       -
               // optionalAttrs (!job.task && job.respawn)

     

       97
        
                 { Restart = "always"; }

     

       98
        
               // optionalAttrs job.task

     

       99
        
                 { Type = "oneshot"; RemainAfterExit = false; };

···

       93
        
                   if job.daemonType == "fork" || job.daemonType == "daemon" then { Type = "forking"; GuessMainPID = true; } else

     

       94
        
                   if job.daemonType == "none" then { } else

     

       95
        
                   throw "invalid daemon type `${job.daemonType}'")

     

       96
       +
               // optionalAttrs (!job.task && !(job.script == "" && job.exec == "") && job.respawn)

     

       97
        
                 { Restart = "always"; }

     

       98
        
               // optionalAttrs job.task

     

       99
        
                 { Type = "oneshot"; RemainAfterExit = false; };

+24 -22

nixos/modules/tasks/cpu-freq.nix

···

       2
        
       

     

       3
        
       with lib;

     

       4
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       5
        
       {

     

       6
        
         ###### interface

     

       7
        
       

     
···

       23
        
       

     

       24
        
         ###### implementation

     

       25
        
       

     

       26
       -
         config = mkIf (config.powerManagement.cpuFreqGovernor != null) {

     

       27
       -
       

     

       28
       -
           environment.systemPackages = [ pkgs.cpufrequtils ];

     

       29
       -
       

     

       30
       -
           jobs.cpufreq =

     

       31
       -
             { description = "CPU Frequency Governor Setup";

     

       32
       -
       

     

       33
       -
               after = [ "systemd-modules-load.service" ];

     

       34
       -
               wantedBy = [ "multi-user.target" ];

     

       35
        
       

     

       36
       -
               unitConfig.ConditionPathIsReadWrite = "/sys/devices/";

     

       0
        
       
     

       0
        
       
     

       37
        
       

     

       38
       -
               path = [ pkgs.cpufrequtils ];

     

       39
        
       

     

       40
       -
               preStart = ''

     

       41
       -
                 for i in $(seq 0 $(($(nproc) - 1))); do

     

       42
       -
                   for gov in $(cpufreq-info -c $i -g); do

     

       43
       -
                     if [ "$gov" = ${config.powerManagement.cpuFreqGovernor} ]; then

     

       44
       -
                       echo "<6>setting governor on CPU $i to ‘$gov’"

     

       45
       -
                       cpufreq-set -c $i -g $gov

     

       46
       -
                     fi

     

       47
       -
                   done

     

       48
       -
                 done

     

       49
       -
               '';

     

       0
        
       
     

       0
        
       
     

       50
        
             };

     

       51
       -
         };

     

       52
        
       

     

       0
        
       
     

       53
        
       }

···

       2
        
       

     

       3
        
       with lib;

     

       4
        
       

     

       5
       +
       let

     

       6
       +
         cpupower = config.boot.kernelPackages.cpupower;

     

       7
       +
         cfg = config.powerManagement;

     

       8
       +
       in

     

       9
       +
       

     

       10
        
       {

     

       11
        
         ###### interface

     

       12
        
       

     
···

       28
        
       

     

       29
        
         ###### implementation

     

       30
        
       

     

       31
       +
         config = mkIf (!config.boot.isContainer && config.powerManagement.cpuFreqGovernor != null) {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       32
        
       

     

       33
       +
           boot.kernelModules = [ "acpi-cpufreq" "speedstep-lib" "pcc-cpufreq"

     

       34
       +
             "cpufreq_${cfg.cpuFreqGovernor}"

     

       35
       +
           ];

     

       36
        
       

     

       37
       +
           environment.systemPackages = [ cpupower ];

     

       38
        
       

     

       39
       +
           systemd.services.cpufreq = {

     

       40
       +
             description = "CPU Frequency Governor Setup";

     

       41
       +
             after = [ "systemd-modules-load.service" ];

     

       42
       +
             wantedBy = [ "multi-user.target" ];

     

       43
       +
             path = [ cpupower ];

     

       44
       +
             script = ''

     

       45
       +
               cpupower frequency-set -g ${cfg.cpuFreqGovernor}

     

       46
       +
             '';

     

       47
       +
             unitConfig.ConditionVirtualization = false;

     

       48
       +
             serviceConfig = {

     

       49
       +
               Type = "oneshot";

     

       50
       +
               RemainAfterExit = "yes";

     

       51
        
             };

     

       52
       +
           };

     

       53
        
       

     

       54
       +
         };

     

       55
        
       }

+1 -13

nixos/modules/tasks/kbd.nix

···

       52
        
           # /dev/tty0 to prevent putting the X server in non-raw mode, and

     

       53
        
           # it has a restart trigger.

     

       54
        
           systemd.services."systemd-vconsole-setup" =

     

       55
       -
             { description = "Setup Virtual Console";

     

       56
       -
               wantedBy = [ "sysinit.target" "multi-user.target" ];

     

       57
       -
               before = [ "sysinit.target" "shutdown.target" ];

     

       58
       -
               conflicts = [ "shutdown.target" ];

     

       59
       -
               unitConfig =

     

       60
       -
                 { DefaultDependencies = "no";

     

       61
       -
                   ConditionPathExists = "/dev/tty1";

     

       62
       -
                 };

     

       63
       -
               serviceConfig =

     

       64
       -
                 { Type = "oneshot";

     

       65
       -
                   RemainAfterExit = true;

     

       66
       -
                   ExecStart = "${config.systemd.package}/lib/systemd/systemd-vconsole-setup /dev/tty1";

     

       67
       -
                 };

     

       68
        
               restartTriggers = [ vconsoleConf ];

     

       69
        
             };

     

       70

···

       52
        
           # /dev/tty0 to prevent putting the X server in non-raw mode, and

     

       53
        
           # it has a restart trigger.

     

       54
        
           systemd.services."systemd-vconsole-setup" =

     

       55
       +
             { wantedBy = [ "multi-user.target" ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       56
        
               restartTriggers = [ vconsoleConf ];

     

       57
        
             };

     

       58

+4 -2

nixos/modules/tasks/lvm.nix

···

       1
       -
       { config, pkgs, ... }:

     

       0
        
       
     

       0
        
       
     

       2
        
       

     

       3
        
       {

     

       4
        
       

     

       5
        
         ###### implementation

     

       6
        
       

     

       7
       -
         config = {

     

       8
        
       

     

       9
        
           environment.systemPackages = [ pkgs.lvm2 ];

     

       10

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       

     

       3
       +
       with lib;

     

       4
        
       

     

       5
        
       {

     

       6
        
       

     

       7
        
         ###### implementation

     

       8
        
       

     

       9
       +
         config = mkIf (!config.boot.isContainer) {

     

       10
        
       

     

       11
        
           environment.systemPackages = [ pkgs.lvm2 ];

     

       12

nixos/modules/tasks/network-interfaces.nix

···

       191
        
             '';

     

       192
        
           };

     

       193
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       194
        
           networking.localCommands = mkOption {

     

       195
        
             default = "";

     

       196
        
             example = "text=anything; echo You can put $text here.";

···

       191
        
             '';

     

       192
        
           };

     

       193
        
       

     

       194
       +
           networking.useHostResolvConf = mkOption {

     

       195
       +
             type = types.bool;

     

       196
       +
             default = false;

     

       197
       +
             description = ''

     

       198
       +
               In containers, whether to use the

     

       199
       +
               <filename>resolv.conf</filename> supplied by the host.

     

       200
       +
             '';

     

       201
       +
           };

     

       202
       +
       

     

       203
        
           networking.localCommands = mkOption {

     

       204
        
             default = "";

     

       205
        
             example = "text=anything; echo You can put $text here.";

nixos/modules/testing/test-instrumentation.nix

···

       86
        
             (isEnabled "VIRTIO_CONSOLE")

     

       87
        
           ];

     

       88
        
       

     

       0
        
       
     

       0
        
       
     

       89
        
         };

     

       90
        
       

     

       91
        
       }

···

       86
        
             (isEnabled "VIRTIO_CONSOLE")

     

       87
        
           ];

     

       88
        
       

     

       89
       +
           networking.usePredictableInterfaceNames = false;

     

       90
       +
       

     

       91
        
         };

     

       92
        
       

     

       93
        
       }

+10 -26

nixos/modules/virtualisation/container-config.nix

···

       6
        
       

     

       7
        
         config = mkIf config.boot.isContainer {

     

       8
        
       

     

       9
       -
           # Provide a login prompt on /var/lib/login.socket.  On the host,

     

       10
       -
           # you can connect to it by running ‘socat

     

       11
       -
           # unix:<path-to-container>/var/lib/login.socket -,echo=0,raw’.

     

       12
       -
           systemd.sockets.login =

     

       13
       -
             { description = "Login Socket";

     

       14
       -
               wantedBy = [ "sockets.target" ];

     

       15
       -
               socketConfig =

     

       16
       -
                 { ListenStream = "/var/lib/login.socket";

     

       17
       -
                   SocketMode = "0666";

     

       18
       -
                   Accept = true;

     

       19
       -
                 };

     

       20
       -
             };

     

       21
        
       

     

       22
       -
           systemd.services."login@" =

     

       23
       -
             { description = "Login %i";

     

       24
       -
               environment.TERM = "linux";

     

       25
       -
               serviceConfig =

     

       26
       -
                 { Type = "simple";

     

       27
       -
                   StandardInput = "socket";

     

       28
       -
                   ExecStart = "${pkgs.socat}/bin/socat -t0 - exec:${pkgs.shadow}/bin/login,pty,setsid,setpgid,stderr,ctty";

     

       29
       -
                   TimeoutStopSec = 1; # FIXME

     

       30
       -
                 };

     

       31
       -
               restartIfChanged = false;

     

       32
       -
             };

     

       33
        
       

     

       34
       -
           # Also provide a root login prompt on /var/lib/root-login.socket

     

       35
       -
           # that doesn't ask for a password. This socket can only be used by

     

       36
       -
           # root on the host.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
           systemd.sockets.root-login =

     

       38
        
             { description = "Root Login Socket";

     

       39
        
               wantedBy = [ "sockets.target" ];

···

       6
        
       

     

       7
        
         config = mkIf config.boot.isContainer {

     

       8
        
       

     

       9
       +
           # Disable some features that are not useful in a container.

     

       10
       +
           sound.enable = mkDefault false;

     

       11
       +
           services.udisks2.enable = mkDefault false;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       12
        
       

     

       13
       +
           networking.useHostResolvConf = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       14
        
       

     

       15
       +
           # Shut up warnings about not having a boot loader.

     

       16
       +
           system.build.installBootLoader = "${pkgs.coreutils}/bin/true";

     

       17
       +
       

     

       18
       +
           # Provide a root login prompt on /var/lib/root-login.socket that

     

       19
       +
           # doesn't ask for a password. This socket can only be used by root

     

       20
       +
           # on the host.

     

       21
        
           systemd.sockets.root-login =

     

       22
        
             { description = "Root Login Socket";

     

       23
        
               wantedBy = [ "sockets.target" ];

+11 -17

nixos/modules/virtualisation/containers.nix

···

       176
        
                     "/nix/var/nix/profiles/per-container/$INSTANCE" \

     

       177
        
                     "/nix/var/nix/gcroots/per-container/$INSTANCE"

     

       178
        
       

     

       179
       -
                   SYSTEM_PATH=/nix/var/nix/profiles/system

     

       180
        
                   if [ -f "/etc/containers/$INSTANCE.conf" ]; then

     

       181
        
                     . "/etc/containers/$INSTANCE.conf"

     

       182
        
                   fi

     
···

       212
        
                     extraFlags="--capability=CAP_NET_ADMIN"

     

       213
        
                   fi

     

       214
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       215
        
                   exec $runInNetNs ${config.systemd.package}/bin/systemd-nspawn \

     

       216
       -
                     -M "$INSTANCE" -D "/var/lib/containers/$INSTANCE" $extraFlags \

     

       217
        
                     --bind-ro=/nix/store \

     

       218
        
                     --bind-ro=/nix/var/nix/db \

     

       219
        
                     --bind-ro=/nix/var/nix/daemon-socket \

     

       220
        
                     --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \

     

       221
        
                     --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \

     

       222
       -
                     "$SYSTEM_PATH/init"

     

       223
        
                 '';

     

       224
        
       

     

       225
        
               postStart =

     
···

       233
        
       

     

       234
        
               preStop =

     

       235
        
                 ''

     

       236
       -
                   pid="$(cat /sys/fs/cgroup/systemd/machine/$INSTANCE.nspawn/system/tasks 2> /dev/null)"

     

       237
       -
                   if [ -n "$pid" ]; then

     

       238
       -
                     # Send the RTMIN+3 signal, which causes the container

     

       239
       -
                     # systemd to start halt.target.

     

       240
       -
                     echo "killing container systemd, PID = $pid"

     

       241
       -
                     kill -RTMIN+3 $pid

     

       242
       -
                     # Wait for the container to exit.  We can't let systemd

     

       243
       -
                     # do this because it will send a signal to the entire

     

       244
       -
                     # cgroup.

     

       245
       -
                     for ((n = 0; n < 180; n++)); do

     

       246
       -
                       if ! kill -0 $pid 2> /dev/null; then break; fi

     

       247
       -
                       sleep 1

     

       248
       -
                     done

     

       249
       -
                   fi

     

       250
        
                 '';

     

       251
        
       

     

       252
        
               restartIfChanged = false;

···

       176
        
                     "/nix/var/nix/profiles/per-container/$INSTANCE" \

     

       177
        
                     "/nix/var/nix/gcroots/per-container/$INSTANCE"

     

       178
        
       

     

       0
        
       
     

       179
        
                   if [ -f "/etc/containers/$INSTANCE.conf" ]; then

     

       180
        
                     . "/etc/containers/$INSTANCE.conf"

     

       181
        
                   fi

     
···

       211
        
                     extraFlags="--capability=CAP_NET_ADMIN"

     

       212
        
                   fi

     

       213
        
       

     

       214
       +
                   # If the host is 64-bit and the container is 32-bit, add a

     

       215
       +
                   # --personality flag.

     

       216
       +
                   ${optionalString (config.nixpkgs.system == "x86_64-linux") ''

     

       217
       +
                     if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then

     

       218
       +
                       extraFlags+=" --personality=x86"

     

       219
       +
                     fi

     

       220
       +
                   ''}

     

       221
       +
       

     

       222
        
                   exec $runInNetNs ${config.systemd.package}/bin/systemd-nspawn \

     

       223
       +
                     -M "$INSTANCE" -D "$root" $extraFlags \

     

       224
        
                     --bind-ro=/nix/store \

     

       225
        
                     --bind-ro=/nix/var/nix/db \

     

       226
        
                     --bind-ro=/nix/var/nix/daemon-socket \

     

       227
        
                     --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \

     

       228
        
                     --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \

     

       229
       +
                     "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"

     

       230
        
                 '';

     

       231
        
       

     

       232
        
               postStart =

     
···

       240
        
       

     

       241
        
               preStop =

     

       242
        
                 ''

     

       243
       +
                   machinectl poweroff "$INSTANCE"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       244
        
                 '';

     

       245
        
       

     

       246
        
               restartIfChanged = false;

+1 -1

nixos/modules/virtualisation/nixos-container.pl

···

       203
        
       }

     

       204
        
       

     

       205
        
       elsif ($action eq "login") {

     

       206
       -
           exec($socat, "unix:$root/var/lib/login.socket", "-,echo=0,raw");

     

       207
        
       }

     

       208
        
       

     

       209
        
       elsif ($action eq "root-login") {

···

       203
        
       }

     

       204
        
       

     

       205
        
       elsif ($action eq "login") {

     

       206
       +
           exec("machinectl", "login", "--", $containerName);

     

       207
        
       }

     

       208
        
       

     

       209
        
       elsif ($action eq "root-login") {

nixos/modules/virtualisation/qemu-vm.nix

···

       399
        
           # Wireless won't work in the VM.

     

       400
        
           networking.wireless.enable = mkVMOverride false;

     

       401
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       402
        
           system.requiredKernelConfig = with config.lib.kernelConfig;

     

       403
        
             [ (isEnabled "VIRTIO_BLK")

     

       404
        
               (isEnabled "VIRTIO_PCI")

···

       399
        
           # Wireless won't work in the VM.

     

       400
        
           networking.wireless.enable = mkVMOverride false;

     

       401
        
       

     

       402
       +
           # Speed up booting by not waiting for ARP.

     

       403
       +
           networking.dhcpcd.extraConfig = "noarp";

     

       404
       +
       

     

       405
       +
           networking.usePredictableInterfaceNames = false;

     

       406
       +
       

     

       407
        
           system.requiredKernelConfig = with config.lib.kernelConfig;

     

       408
        
             [ (isEnabled "VIRTIO_BLK")

     

       409
        
               (isEnabled "VIRTIO_PCI")

nixos/release-combined.nix

···

       61
        
               (all nixos.tests.printing)

     

       62
        
               (all nixos.tests.proxy)

     

       63
        
               (all nixos.tests.udisks)

     

       0
        
       
     

       64
        
               (all nixos.tests.xfce)

     

       65
        
       

     

       66
        
               nixpkgs.tarball

···

       61
        
               (all nixos.tests.printing)

     

       62
        
               (all nixos.tests.proxy)

     

       63
        
               (all nixos.tests.udisks)

     

       64
       +
               (all nixos.tests.udisks2)

     

       65
        
               (all nixos.tests.xfce)

     

       66
        
       

     

       67
        
               nixpkgs.tarball

nixos/release.nix

···

       245
        
         tests.simple = callTest tests/simple.nix {};

     

       246
        
         tests.tomcat = callTest tests/tomcat.nix {};

     

       247
        
         tests.udisks = callTest tests/udisks.nix {};

     

       0
        
       
     

       248
        
         tests.xfce = callTest tests/xfce.nix {};

     

       249
        
       

     

       250
        
       }

···

       245
        
         tests.simple = callTest tests/simple.nix {};

     

       246
        
         tests.tomcat = callTest tests/tomcat.nix {};

     

       247
        
         tests.udisks = callTest tests/udisks.nix {};

     

       248
       +
         tests.udisks2 = callTest tests/udisks2.nix {};

     

       249
        
         tests.xfce = callTest tests/xfce.nix {};

     

       250
        
       

     

       251
        
       }

+2 -2

nixos/tests/containers.nix

···

       25
        
       

     

       26
        
         testScript =

     

       27
        
           ''

     

       28
       -
             $machine->succeed("nixos-container list") =~ /webserver/;

     

       29
        
       

     

       30
        
             # Start the webserver container.

     

       31
        
             $machine->succeed("nixos-container start webserver");

     
···

       65
        
             $machine->succeed("nixos-container start $id1");

     

       66
        
       

     

       67
        
             # Execute commands via the root shell.

     

       68
       -
             $machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/;

     

       69
        
             $machine->succeed("nixos-container set-root-password $id1 foobar");

     

       70
        
       

     

       71
        
             # Destroy the containers.

···

       25
        
       

     

       26
        
         testScript =

     

       27
        
           ''

     

       28
       +
             $machine->succeed("nixos-container list") =~ /webserver/ or die;

     

       29
        
       

     

       30
        
             # Start the webserver container.

     

       31
        
             $machine->succeed("nixos-container start webserver");

     
···

       65
        
             $machine->succeed("nixos-container start $id1");

     

       66
        
       

     

       67
        
             # Execute commands via the root shell.

     

       68
       +
             $machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/ or die;

     

       69
        
             $machine->succeed("nixos-container set-root-password $id1 foobar");

     

       70
        
       

     

       71
        
             # Destroy the containers.

+4 -1

nixos/tests/login.nix

···

       9
        
       

     

       10
        
         testScript =

     

       11
        
           ''

     

       12
       -
             $machine->waitForUnit("default.target");

     

       0
        
       
     

       13
        
             $machine->screenshot("postboot");

     

       14
        
       

     

       15
        
             subtest "create user", sub {

     
···

       19
        
       

     

       20
        
             # Check whether switching VTs works.

     

       21
        
             subtest "virtual console switching", sub {

     

       0
        
       
     

       22
        
                 $machine->sendKeys("alt-f2");

     

       23
        
                 $machine->waitUntilSucceeds("[ \$(fgconsole) = 2 ]");

     

       24
        
                 $machine->waitForUnit('getty@tty2.service');

     

       0
        
       
     

       25
        
             };

     

       26
        
       

     

       27
        
             # Log in as alice on a virtual console.

···

       9
        
       

     

       10
        
         testScript =

     

       11
        
           ''

     

       12
       +
             $machine->waitForUnit('multi-user.target');

     

       13
       +
             $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty1'");

     

       14
        
             $machine->screenshot("postboot");

     

       15
        
       

     

       16
        
             subtest "create user", sub {

     
···

       20
        
       

     

       21
        
             # Check whether switching VTs works.

     

       22
        
             subtest "virtual console switching", sub {

     

       23
       +
                 $machine->fail("pgrep -f 'agetty.*tty2'");

     

       24
        
                 $machine->sendKeys("alt-f2");

     

       25
        
                 $machine->waitUntilSucceeds("[ \$(fgconsole) = 2 ]");

     

       26
        
                 $machine->waitForUnit('getty@tty2.service');

     

       27
       +
                 $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty2'");

     

       28
        
             };

     

       29
        
       

     

       30
        
             # Log in as alice on a virtual console.

+17

nixos/tests/misc.nix

···

       8
        
               [ { device = "/root/swapfile"; size = 128; } ];

     

       9
        
             environment.variables.EDITOR = pkgs.lib.mkOverride 0 "emacs";

     

       10
        
             services.nixosManual.enable = pkgs.lib.mkOverride 0 true;

     

       0
        
       
     

       11
        
           };

     

       12
        
       

     

       13
        
         testScript =

     
···

       62
        
             subtest "hostname", sub {

     

       63
        
                 $machine->succeed('[ "`hostname`" = machine ]');

     

       64
        
                 $machine->succeed('[ "`hostname -s`" = machine ]');

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       65
        
             };

     

       66
        
           '';

     

       67

···

       8
        
               [ { device = "/root/swapfile"; size = 128; } ];

     

       9
        
             environment.variables.EDITOR = pkgs.lib.mkOverride 0 "emacs";

     

       10
        
             services.nixosManual.enable = pkgs.lib.mkOverride 0 true;

     

       11
       +
             systemd.tmpfiles.rules = [ "d /tmp 1777 root root 10d" ];

     

       12
        
           };

     

       13
        
       

     

       14
        
         testScript =

     
···

       63
        
             subtest "hostname", sub {

     

       64
        
                 $machine->succeed('[ "`hostname`" = machine ]');

     

       65
        
                 $machine->succeed('[ "`hostname -s`" = machine ]');

     

       66
       +
             };

     

       67
       +
       

     

       68
       +
             # Test whether systemd-udevd automatically loads modules for our hardware.

     

       69
       +
             subtest "udev-auto-load", sub {

     

       70
       +
                 $machine->waitForUnit('systemd-udev-settle.service');

     

       71
       +
                 $machine->succeed('lsmod | grep psmouse');

     

       72
       +
             };

     

       73
       +
       

     

       74
       +
             # Test whether systemd-tmpfiles-clean works.

     

       75
       +
             subtest "tmpfiles", sub {

     

       76
       +
                 $machine->succeed('touch /tmp/foo');

     

       77
       +
                 $machine->succeed('systemctl start systemd-tmpfiles-clean');

     

       78
       +
                 $machine->succeed('[ -e /tmp/foo ]');

     

       79
       +
                 $machine->succeed('date -s "@$(($(date +%s) + 1000000))"'); # move into the future

     

       80
       +
                 $machine->succeed('systemctl start systemd-tmpfiles-clean');

     

       81
       +
                 $machine->fail('[ -e /tmp/foo ]');

     

       82
        
             };

     

       83
        
           '';

     

       84

nixos/tests/printing.nix

···

       31
        
       

     

       32
        
             # Make sure that cups is up on both sides.

     

       33
        
             $server->waitForUnit("cupsd.service");

     

       0
        
       
     

       34
        
             $client->waitForUnit("cupsd.service");

     

       0
        
       
     

       35
        
             $client->succeed("lpstat -r") =~ /scheduler is running/ or die;

     

       36
        
             $client->succeed("lpstat -H") =~ "/var/run/cups/cups.sock" or die;

     

       37
        
             $client->succeed("curl --fail http://localhost:631/");

···

       31
        
       

     

       32
        
             # Make sure that cups is up on both sides.

     

       33
        
             $server->waitForUnit("cupsd.service");

     

       34
       +
             $server->waitForUnit("network.target");

     

       35
        
             $client->waitForUnit("cupsd.service");

     

       36
       +
             $client->waitForUnit("network.target");

     

       37
        
             $client->succeed("lpstat -r") =~ /scheduler is running/ or die;

     

       38
        
             $client->succeed("lpstat -H") =~ "/var/run/cups/cups.sock" or die;

     

       39
        
             $client->succeed("curl --fail http://localhost:631/");

+1 -1

nixos/tests/udisks.nix

···

       40
        
             # Mount the stick as a non-root user and do some stuff with it.

     

       41
        
             $machine->succeed("su - alice -c 'udisks --enumerate | grep /org/freedesktop/UDisks/devices/sda1'");

     

       42
        
             $machine->succeed("su - alice -c 'udisks --mount /dev/sda1'");

     

       43
       -
             $machine->succeed("su - alice -c 'cat /media/USBSTICK/test.txt'") =~ /Hello World/;

     

       44
        
             $machine->succeed("su - alice -c 'echo foo > /media/USBSTICK/bar.txt'");

     

       45
        
       

     

       46
        
             # Unmounting the stick should make the mountpoint disappear.

···

       40
        
             # Mount the stick as a non-root user and do some stuff with it.

     

       41
        
             $machine->succeed("su - alice -c 'udisks --enumerate | grep /org/freedesktop/UDisks/devices/sda1'");

     

       42
        
             $machine->succeed("su - alice -c 'udisks --mount /dev/sda1'");

     

       43
       +
             $machine->succeed("su - alice -c 'cat /media/USBSTICK/test.txt'") =~ /Hello World/ or die;

     

       44
        
             $machine->succeed("su - alice -c 'echo foo > /media/USBSTICK/bar.txt'");

     

       45
        
       

     

       46
        
             # Unmounting the stick should make the mountpoint disappear.

+56

nixos/tests/udisks2.nix

···

       1
       +
       import ./make-test.nix ({ pkgs, ... }:

     

       2
       +
       

     

       3
       +
       let

     

       4
       +
       

     

       5
       +
         stick = pkgs.fetchurl {

     

       6
       +
           url = http://nixos.org/~eelco/nix/udisks-test.img.xz;

     

       7
       +
           sha256 = "0was1xgjkjad91nipzclaz5biv3m4b2nk029ga6nk7iklwi19l8b";

     

       8
       +
         };

     

       9
       +
       

     

       10
       +
       in

     

       11
       +
       

     

       12
       +
       {

     

       13
       +
       

     

       14
       +
         machine =

     

       15
       +
           { config, pkgs, ... }:

     

       16
       +
           { services.udisks2.enable = true;

     

       17
       +
             imports = [ ./common/user-account.nix ];

     

       18
       +
       

     

       19
       +
             security.polkit.extraConfig =

     

       20
       +
               ''

     

       21
       +
                 polkit.addRule(function(action, subject) {

     

       22
       +
                   if (subject.user == "alice") return "yes";

     

       23
       +
                 });

     

       24
       +
               '';

     

       25
       +
           };

     

       26
       +
       

     

       27
       +
         testScript =

     

       28
       +
           ''

     

       29
       +
             my $stick = $machine->stateDir . "/usbstick.img";

     

       30
       +
             system("xz -d < ${stick} > $stick") == 0 or die;

     

       31
       +
       

     

       32
       +
             $machine->succeed("udisksctl info -b /dev/vda >&2");

     

       33
       +
             $machine->fail("udisksctl info -b /dev/sda1");

     

       34
       +
       

     

       35
       +
             # Attach a USB stick and wait for it to show up.

     

       36
       +
             $machine->sendMonitorCommand("usb_add disk:$stick");

     

       37
       +
             $machine->waitUntilSucceeds("udisksctl info -b /dev/sda1");

     

       38
       +
             $machine->succeed("udisksctl info -b /dev/sda1 | grep 'IdLabel:.*USBSTICK'");

     

       39
       +
       

     

       40
       +
             # Mount the stick as a non-root user and do some stuff with it.

     

       41
       +
             $machine->succeed("su - alice -c 'udisksctl info -b /dev/sda1'");

     

       42
       +
             $machine->succeed("su - alice -c 'udisksctl mount -b /dev/sda1'");

     

       43
       +
             $machine->succeed("su - alice -c 'cat /run/media/alice/USBSTICK/test.txt'") =~ /Hello World/ or die;

     

       44
       +
             $machine->succeed("su - alice -c 'echo foo > /run/media/alice/USBSTICK/bar.txt'");

     

       45
       +
       

     

       46
       +
             # Unmounting the stick should make the mountpoint disappear.

     

       47
       +
             $machine->succeed("su - alice -c 'udisksctl unmount -b /dev/sda1'");

     

       48
       +
             $machine->fail("[ -d /run/media/alice/USBSTICK ]");

     

       49
       +
       

     

       50
       +
             # Remove the USB stick.

     

       51
       +
             $machine->sendMonitorCommand("usb_del 0.3"); # FIXME

     

       52
       +
             $machine->waitUntilFails("udisksctl info -b /dev/sda1");

     

       53
       +
             $machine->fail("[ -e /dev/sda ]");

     

       54
       +
           '';

     

       55
       +
       

     

       56
       +
       })

+5 -18

pkgs/development/libraries/dbus/default.nix

···

       67
        
       

     

       68
        
         } merge ]);

     

       69
        
       

     

       70
       -
         libs = dbus_drv "libs" "dbus" ({

     

       71
        
           # Enable X11 autolaunch support in libdbus. This doesn't actually depend on X11

     

       72
        
           # (it just execs dbus-launch in dbus.tools), contrary to what the configure script demands.

     

       73
        
           NIX_CFLAGS_COMPILE = "-DDBUS_ENABLE_X11_AUTOLAUNCH=1";

     

       74
       -
         } // stdenv.lib.optionalAttrs (systemdOrEmpty != []) {

     

       75
       -
           buildInputs = [ systemd.headers ];

     

       76
       -
           patches = [ ./systemd.patch ]; # bypass systemd detection

     

       77
       -
         });

     

       78
        
       

     

       79
        
       

     

       80
        
         attrs = rec {

     
···

       83
        
         # This package has been split because most applications only need dbus.lib

     

       84
        
         # which serves as an interface to a *system-wide* daemon,

     

       85
        
         # see e.g. http://en.wikipedia.org/wiki/D-Bus#Architecture .

     

       86
       -
         # Also some circular dependencies get split by this (like with systemd).

     

       87
        
       

     

       88
        
         inherit libs;

     

       89
        
       

     

       90
        
         tools = dbus_drv "tools" "tools" {

     

       91
        
           configureFlags = [ "--with-dbus-daemondir=${daemon}/bin" ];

     

       92
       -
           buildInputs = buildInputsX ++ systemdOrEmpty ++ [ libs daemon dbus_glib ];

     

       93
       -
           NIX_CFLAGS_LINK = 

     

       94
        
             stdenv.lib.optionalString (!stdenv.isDarwin) "-Wl,--as-needed "

     

       95
        
             + "-ldbus-1";

     

       96
        
       

     
···

       100
        
         daemon = dbus_drv "daemon" "bus" {

     

       101
        
           preBuild = makeInternalLib;

     

       102
        
           buildInputs = systemdOrEmpty;

     

       103
       -
         };

     

       104
       -
       

     

       105
       -
         # Some of the tests don't work yet; in fact, @vcunat tried several packages

     

       106
       -
         # containing dbus testing, and all of them have some test failure.

     

       107
       -
         tests = dbus_drv "tests" "test" {

     

       108
       -
           preBuild = makeInternalLib;

     

       109
       -
           buildInputs = buildInputsX ++ systemdOrEmpty ++ [ libs tools daemon dbus_glib python ];

     

       110
       -
           NIX_CFLAGS_LINK = 

     

       111
       -
             stdenv.lib.optionalString (!stdenv.isDarwin) "-Wl,--as-needed "

     

       112
       -
             + "-ldbus-1";

     

       113
        
         };

     

       114
        
       

     

       115
        
         docs = dbus_drv "docs" "doc" {

···

       67
        
       

     

       68
        
         } merge ]);

     

       69
        
       

     

       70
       +
         libs = dbus_drv "libs" "dbus" {

     

       71
        
           # Enable X11 autolaunch support in libdbus. This doesn't actually depend on X11

     

       72
        
           # (it just execs dbus-launch in dbus.tools), contrary to what the configure script demands.

     

       73
        
           NIX_CFLAGS_COMPILE = "-DDBUS_ENABLE_X11_AUTOLAUNCH=1";

     

       74
       +
           buildInputs = [ systemdOrEmpty ];

     

       75
       +
         };

     

       0
        
       
     

       0
        
       
     

       76
        
       

     

       77
        
       

     

       78
        
         attrs = rec {

     
···

       81
        
         # This package has been split because most applications only need dbus.lib

     

       82
        
         # which serves as an interface to a *system-wide* daemon,

     

       83
        
         # see e.g. http://en.wikipedia.org/wiki/D-Bus#Architecture .

     

       0
        
       
     

       84
        
       

     

       85
        
         inherit libs;

     

       86
        
       

     

       87
        
         tools = dbus_drv "tools" "tools" {

     

       88
        
           configureFlags = [ "--with-dbus-daemondir=${daemon}/bin" ];

     

       89
       +
           buildInputs = buildInputsX ++ systemdOrEmpty ++ [ libs daemon ];

     

       90
       +
           NIX_CFLAGS_LINK =

     

       91
        
             stdenv.lib.optionalString (!stdenv.isDarwin) "-Wl,--as-needed "

     

       92
        
             + "-ldbus-1";

     

       93
        
       

     
···

       97
        
         daemon = dbus_drv "daemon" "bus" {

     

       98
        
           preBuild = makeInternalLib;

     

       99
        
           buildInputs = systemdOrEmpty;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       100
        
         };

     

       101
        
       

     

       102
        
         docs = dbus_drv "docs" "doc" {

+42

pkgs/os-specific/linux/cpupower/default.nix

···

       1
       +
       { stdenv, fetchurl, kernel, coreutils, pciutils, gettext }:

     

       2
       +
       

     

       3
       +
       stdenv.mkDerivation {

     

       4
       +
         name = "cpupower-${kernel.version}";

     

       5
       +
       

     

       6
       +
         src = kernel.src;

     

       7
       +
       

     

       8
       +
         buildInputs = [ coreutils pciutils gettext ];

     

       9
       +
       

     

       10
       +
         configurePhase = ''

     

       11
       +
           cd tools/power/cpupower

     

       12
       +
           sed -i 's,/bin/true,${coreutils}/bin/true,' Makefile

     

       13
       +
           sed -i 's,/bin/pwd,${coreutils}/bin/pwd,' Makefile

     

       14
       +
           sed -i 's,/usr/bin/install,${coreutils}/bin/install,' Makefile

     

       15
       +
         '';

     

       16
       +
       

     

       17
       +
         buildPhase = ''

     

       18
       +
           make

     

       19
       +
         '';

     

       20
       +
       

     

       21
       +
         installPhase = ''

     

       22
       +
           make \

     

       23
       +
             bindir="$out/bin" \

     

       24
       +
             sbindir="$out/sbin" \

     

       25
       +
             mandir="$out/share/man" \

     

       26
       +
             includedir="$out/include" \

     

       27
       +
             libdir="$out/lib" \

     

       28
       +
             localedir="$out/share/locale" \

     

       29
       +
             docdir="$out/share/doc/cpupower" \

     

       30
       +
             confdir="$out/etc" \

     

       31
       +
             install install-man

     

       32
       +
         '';

     

       33
       +
       

     

       34
       +
         enableParallelBuilding = true;

     

       35
       +
       

     

       36
       +
         meta = with stdenv.lib; {

     

       37
       +
           description = "Tool to examine and tune power saving features.";

     

       38
       +
           homepage = https://www.kernel.org.org/;

     

       39
       +
           license = licenses.gpl2;

     

       40
       +
           platforms = platforms.linux;

     

       41
       +
         };

     

       42
       +
       }

+19 -18

pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix

···

       6
        
       { stdenv, fetchurl, dpkg }:

     

       7
        
       

     

       8
        
       let

     

       9
       -
         version = "0.40";

     

       10
        
       

     

       11
        
         packages = [

     

       12
       -
           { name = "adi"; sha256 = "0wwks9ff4n772435s57z1fjrffi4xl9nxnfn3v7xfcwdjb395d88"; }

     

       13
       -
           { name = "atheros"; sha256 = "1gj7hfnyclzgyq06scynaclnfajhs6lw5i51j1w1hikv4yh20djz"; }

     

       14
       -
           { name = "bnx2"; sha256 = "15qjj0sfjin5cbkpby29r5czn11xyiyyc4fmhwlqvgfgrnbp0aqk"; }

     

       15
       -
           { name = "bnx2x"; sha256 = "08nvbln94ff47b2q0avxj1aa2wx4qih8sq8knbq54lp46kjf3k0h"; }

     

       16
       -
           { name = "brcm80211"; sha256 = "1ndsw3s6xkr1n39nf9ig1xhnaglx5qvvvm8rh6ah41v644lzha79"; }

     

       17
       -
           { name = "intelwimax"; sha256 = "1qwxmykh90v92asn4ivq0fak761hs7hd2zmz1dpkjidwsycrfyqn"; }

     

       18
       -
           { name = "ipw2x00"; sha256 = "0a2nb17b5n3k1b6y4dbi5i8k1fm19ba2abq2jh2hjjmyyl3y388m"; }

     

       19
       -
           { name = "ivtv"; sha256 = "1239gsjq16f4kd1yn77iq3ar8ndx3pzd16kpqafr1h2y0zwh452r"; }

     

       20
       -
           { name = "iwlwifi"; sha256 = "03kmh5szd02pkbm1nlyz99fr2njhg88wiv73f1fz485m9rvgga43"; }

     

       21
       -
           { name = "libertas"; sha256 = "0qjziwmwqbp83hxrjw7x3ralxg4ib9y23bcbn1g8yb5b6m84ca6b"; }

     

       22
       -
           { name = "linux"; sha256 = "0ypidsrrfx4kvbfisdpgx2fzbil7g2jixgqhnv960iy5l348amrl"; }

     

       23
       -
           { name = "linux-nonfree"; sha256 = "0p9ql3cdxljflh48r6z40kpyisbzp3s3g1qjb9f64n6cppllwjfr"; }

     

       24
       -
           { name = "myricom"; sha256 = "12spfaq7z2bb93cy15zldlic1wx2v6h9sn7ny09nkzy4m26zds4q"; }

     

       25
       -
           { name = "netxen"; sha256 = "03gmda16bdqw8a4x8x11ph41ksjh48hxydv0f0z3gi3czgbh7sn3"; }

     

       26
       -
           { name = "qlogic"; sha256 = "1ah8rrwzi44p1l4q8qkql18djmn5kihsiinpy204xklm1csf3vs1"; }

     

       27
       -
           { name = "ralink"; sha256 = "005549jk0wnyfnb247awv2wncsx5is05m1hdwcd33iq0dlbmm39b"; }

     

       28
       -
           { name = "realtek"; sha256 = "1ai1klzrql8qxmb7945xiqlkfkyz8admrpb10b3r4ixvclkrvfi2"; }

     

       0
        
       
     

       29
        
         ];

     

       30
        
       

     

       31
        
         fetchPackage =

···

       6
        
       { stdenv, fetchurl, dpkg }:

     

       7
        
       

     

       8
        
       let

     

       9
       +
         version = "0.41";

     

       10
        
       

     

       11
        
         packages = [

     

       12
       +
           { name = "adi"; sha256 = "19dm96djp34g6l84g9shwbmqbmfd15c24frcy1zh5nz8x12phgm4"; }

     

       13
       +
           { name = "atheros"; sha256 = "0vrdyxiq7nx89h6ykdrs8s3l9frn3hmcfb9vsz68i12975y8ib5n"; }

     

       14
       +
           { name = "bnx2"; sha256 = "12l3l54q69n1ky8lp7bmzscfqysabjrgmswwj57ryc6l82s7081y"; }

     

       15
       +
           { name = "bnx2x"; sha256 = "10m9p479dq2ylpj5mw6d5vyfh9hybmh5xgs5sxma065v7r3c3v31"; }

     

       16
       +
           { name = "brcm80211"; sha256 = "0l2lg5pshb1kb829hfq9w791scwa8biikrfzsx9wvlvkyxfdh187"; }

     

       17
       +
           { name = "intelwimax"; sha256 = "13jqm8ik0mm8vnsskbbp63idpjqazzp2x4gaq7786jg5yj3zh1cf"; }

     

       18
       +
           { name = "ipw2x00"; sha256 = "1hvxrzqbc75phxdbmqfh7ky36m0qna2pncwxpfdircy9i6fx7ipy"; }

     

       19
       +
           { name = "ivtv"; sha256 = "0ckw1ynzfqnkwlmwpzfbdfx4s6bsl4nwp097g8khaavqxk94n88v"; }

     

       20
       +
           { name = "iwlwifi"; sha256 = "1djazi2qsi5z6q0izirprxgfpg8vh55skab2nijyfl66drlcha72"; }

     

       21
       +
           { name = "libertas"; sha256 = "1yj9dd9pwd98gknx5mvblfcbr6k347xzi8l6bk0pr4570j8ss8y3"; }

     

       22
       +
           { name = "linux"; sha256 = "0vc4cbrq73y5hibx5k3gbfqaqxvaa3g8rv9kzwks2zl3hdxm6xaq"; }

     

       23
       +
           { name = "linux-nonfree"; sha256 = "05vv8yq7kix5cw9s4agz4vgya6i3ff88jp3rxln1ssznhvzrjzx9"; }

     

       24
       +
           { name = "myricom"; sha256 = "1idfvdfw7z4jbbjyq40hd2bpllvw7jz0ah7k3iwljxp8l2lf2nmf"; }

     

       25
       +
           { name = "netxen"; sha256 = "0fdgllv8i7j9qbk5hi14zvw6fcn4nd1isr1486d8fv7nf2bf1mxx"; }

     

       26
       +
           { name = "qlogic"; sha256 = "12w1qnqhs24am2psdfmv0ligczzxh9crllmp7r4y3vqghyvwax7i"; }

     

       27
       +
           { name = "ralink"; sha256 = "1ryplg9shi7nam79zd86z7a0qzp0f9m7q89nq989z57qiysbrra4"; }

     

       28
       +
           { name = "realtek"; sha256 = "1l867724qrw7nwksdv4k0hkz7nrjjs9vq2s3937wyaa0r2r66mg6"; }

     

       29
       +
           { name = "ti-connectivity"; sha256 = "00cl9gyxa7795a57zwcvl26kxfl4qzppi4z8ksg5friv3db8sm1p"; }

     

       30
        
         ];

     

       31
        
       

     

       32
        
         fetchPackage =

-61

pkgs/os-specific/linux/kernel-headers/2.6.28.nix

···

       1
       -
       {stdenv, fetchurl, perl, cross ? null}:

     

       2
       -
       

     

       3
       -
       assert cross == null -> stdenv.isLinux;

     

       4
       -
       

     

       5
       -
       let version = "2.6.28.5"; in

     

       6
       -
       

     

       7
       -
       stdenv.mkDerivation {

     

       8
       -
         name = "linux-headers-${version}";

     

       9
       -
       

     

       10
       -
         src = fetchurl {

     

       11
       -
           url = "mirror://kernel/linux/kernel/v2.6/linux-${version}.tar.bz2";

     

       12
       -
           sha256 = "0hifjh75sinifr5138v22zwbpqln6lhn65k8b57a1dyzlqca7cl9";

     

       13
       -
         };

     

       14
       -
       

     

       15
       -
         targetConfig = if cross != null then cross.config else null;

     

       16
       -
       

     

       17
       -
         platform =

     

       18
       -
           if cross != null then cross.arch else

     

       19
       -
           if stdenv.system == "i686-linux" then "i386" else

     

       20
       -
           if stdenv.system == "x86_64-linux" then "x86_64" else

     

       21
       -
           if stdenv.system == "powerpc-linux" then "powerpc" else

     

       22
       -
           if stdenv.isArm then "arm" else

     

       23
       -
           if stdenv.system == "mips64el-linux" then "mips" else

     

       24
       -
           abort "don't know what the kernel include directory is called for this platform";

     

       25
       -
       

     

       26
       -
         buildInputs = [perl];

     

       27
       -
       

     

       28
       -
         extraIncludeDirs =

     

       29
       -
           if cross != null then

     

       30
       -
       	(if cross.arch == "powerpc" then ["ppc"] else [])

     

       31
       -
           else if stdenv.system == "powerpc-linux" then ["ppc"] else [];

     

       32
       -
       

     

       33
       -
         patchPhase = ''

     

       34
       -
           patch --verbose -p1 < "${./unifdef-getline.patch}"

     

       35
       -
           sed -i '/scsi/d' include/Kbuild

     

       36
       -
           sed -i 's|/ %/: prepare scripts FORCE|%/: prepare scripts FORCE|' Makefile

     

       37
       -
         '';

     

       38
       -
       

     

       39
       -
         buildPhase = ''

     

       40
       -
           if test -n "$targetConfig"; then

     

       41
       -
              export ARCH=$platform

     

       42
       -
           fi

     

       43
       -
           make mrproper headers_check

     

       44
       -
         '';

     

       45
       -
       

     

       46
       -
         installPhase = ''

     

       47
       -
           make INSTALL_HDR_PATH=$out headers_install

     

       48
       -
       

     

       49
       -
           # Some builds (e.g. KVM) want a kernel.release.

     

       50
       -
           mkdir -p $out/include/config

     

       51
       -
           echo "${version}-default" > $out/include/config/kernel.release

     

       52
       -
         '';

     

       53
       -
       

     

       54
       -
         # !!! hacky

     

       55
       -
         fixupPhase = ''

     

       56
       -
           ln -s asm $out/include/asm-$platform

     

       57
       -
           if test "$platform" = "i386" -o "$platform" = "x86_64"; then

     

       58
       -
             ln -s asm $out/include/asm-x86

     

       59
       -
           fi

     

       60
       -
         '';

     

       61
       -
       }

+71

pkgs/os-specific/linux/kernel-headers/3.14.nix

···

       1
       +
       { stdenv, fetchurl, perl, cross ? null }:

     

       2
       +
       

     

       3
       +
       assert cross == null -> stdenv.isLinux;

     

       4
       +
       

     

       5
       +
       let

     

       6
       +
       

     

       7
       +
         version = "3.14.1";

     

       8
       +
       

     

       9
       +
         kernelHeadersBaseConfig =

     

       10
       +
           if cross == null

     

       11
       +
           then stdenv.platform.kernelHeadersBaseConfig

     

       12
       +
           else cross.platform.kernelHeadersBaseConfig;

     

       13
       +
       

     

       14
       +
       in

     

       15
       +
       

     

       16
       +
       stdenv.mkDerivation {

     

       17
       +
         name = "linux-headers-${version}";

     

       18
       +
       

     

       19
       +
         src = fetchurl {

     

       20
       +
           url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";

     

       21
       +
           sha256 = "1njm8gvlj7cq0m1051yxszl4f63383a7sv1na13hkqkv36kipgqx";

     

       22
       +
         };

     

       23
       +
       

     

       24
       +
         targetConfig = if cross != null then cross.config else null;

     

       25
       +
       

     

       26
       +
         platform =

     

       27
       +
           if cross != null then cross.platform.kernelArch else

     

       28
       +
           if stdenv.system == "i686-linux" then "i386" else

     

       29
       +
           if stdenv.system == "x86_64-linux" then "x86_64" else

     

       30
       +
           if stdenv.system == "powerpc-linux" then "powerpc" else

     

       31
       +
           if stdenv.isArm then "arm" else

     

       32
       +
           if stdenv.platform ? kernelArch then stdenv.platform.kernelArch else

     

       33
       +
           abort "don't know what the kernel include directory is called for this platform";

     

       34
       +
       

     

       35
       +
         buildInputs = [perl];

     

       36
       +
       

     

       37
       +
         extraIncludeDirs =

     

       38
       +
           if cross != null then

     

       39
       +
               (if cross.arch == "powerpc" then ["ppc"] else [])

     

       40
       +
           else if stdenv.system == "powerpc-linux" then ["ppc"] else [];

     

       41
       +
       

     

       42
       +
         buildPhase = ''

     

       43
       +
           if test -n "$targetConfig"; then

     

       44
       +
              export ARCH=$platform

     

       45
       +
           fi

     

       46
       +
           make ${kernelHeadersBaseConfig} SHELL=bash

     

       47
       +
           make mrproper headers_check SHELL=bash

     

       48
       +
         '';

     

       49
       +
       

     

       50
       +
         installPhase = ''

     

       51
       +
           make INSTALL_HDR_PATH=$out headers_install

     

       52
       +
       

     

       53
       +
           # Some builds (e.g. KVM) want a kernel.release.

     

       54
       +
           mkdir -p $out/include/config

     

       55
       +
           echo "${version}-default" > $out/include/config/kernel.release

     

       56
       +
         '';

     

       57
       +
       

     

       58
       +
         # !!! hacky

     

       59
       +
         fixupPhase = ''

     

       60
       +
           ln -s asm $out/include/asm-$platform

     

       61
       +
           if test "$platform" = "i386" -o "$platform" = "x86_64"; then

     

       62
       +
             ln -s asm $out/include/asm-x86

     

       63
       +
           fi

     

       64
       +
         '';

     

       65
       +
       

     

       66
       +
         meta = with stdenv.lib; {

     

       67
       +
           description = "Header files and scripts for Linux kernel";

     

       68
       +
           license = licenses.gpl2;

     

       69
       +
           platforms = platforms.linux;

     

       70
       +
         };

     

       71
       +
       }

pkgs/os-specific/linux/kernel/common-config.nix

···

       114
        
         VGA_SWITCHEROO y

     

       115
        
       

     

       116
        
         # Sound.

     

       0
        
       
     

       117
        
         SND_AC97_POWER_SAVE y # AC97 Power-Saving Mode

     

       118
        
         SND_HDA_INPUT_BEEP y # Support digital beep via input layer

     

       119
        
         SND_USB_CAIAQ_INPUT y

···

       114
        
         VGA_SWITCHEROO y

     

       115
        
       

     

       116
        
         # Sound.

     

       117
       +
         SND_DYNAMIC_MINORS y

     

       118
        
         SND_AC97_POWER_SAVE y # AC97 Power-Saving Mode

     

       119
        
         SND_HDA_INPUT_BEEP y # Support digital beep via input layer

     

       120
        
         SND_USB_CAIAQ_INPUT y

+2 -2

pkgs/os-specific/linux/kmod/default.nix

···

       1
        
       { stdenv, fetchurl, xz, zlib, pkgconfig, libxslt }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       -
         name = "kmod-16";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
        
           url = "mirror://kernel/linux/utils/kernel/kmod/${name}.tar.xz";

     

       8
       -
           sha256 = "63412efab37c70459ccef167556965c93fd4f56af5986cd3750542a684c613c5";

     

       9
        
         };

     

       10
        
       

     

       11
        
         # Disable xz/zlib support to prevent needing them in the initrd.

···

       1
        
       { stdenv, fetchurl, xz, zlib, pkgconfig, libxslt }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       +
         name = "kmod-17";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
        
           url = "mirror://kernel/linux/utils/kernel/kmod/${name}.tar.xz";

     

       8
       +
           sha256 = "1yid3a9b64a60ybj66fk2ysrq5klnl0ijl4g624cl16y8404g9rv";

     

       9
        
         };

     

       10
        
       

     

       11
        
         # Disable xz/zlib support to prevent needing them in the initrd.

+41 -5

pkgs/os-specific/linux/kmod/module-dir.patch

···

       1
       -
       diff -Naur kmod-7-orig/libkmod/libkmod.c kmod-7/libkmod/libkmod.c

     

       2
       -
       --- kmod-7-orig/libkmod/libkmod.c	2012-03-15 08:19:16.750010226 -0400

     

       3
       -
       +++ kmod-7/libkmod/libkmod.c	2012-04-04 15:21:29.532074313 -0400

     

       4
       -
       @@ -200,7 +200,7 @@

     

       5
        
        static char *get_kernel_release(const char *dirname)

     

       6
        
        {

     

       7
        
        	struct utsname u;

     
···

       10
        
        

     

       11
        
        	if (dirname != NULL)

     

       12
        
        		return path_make_absolute_cwd(dirname);

     

       13
       -
       @@ -208,7 +208,10 @@

     

       14
        
        	if (uname(&u) < 0)

     

       15
        
        		return NULL;

     

       16
        
        

     
···

       22
        
        		return NULL;

     

       23
        
        

     

       24
        
        	return p;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       1
       +
       diff -ru -x '*~' kmod-17-orig/libkmod/libkmod.c kmod-17/libkmod/libkmod.c

     

       2
       +
       --- kmod-17-orig/libkmod/libkmod.c	2014-04-01 12:40:37.161940089 +0200

     

       3
       +
       +++ kmod-17/libkmod/libkmod.c	2014-04-17 13:47:15.871441987 +0200

     

       4
       +
       @@ -201,7 +201,7 @@

     

       5
        
        static char *get_kernel_release(const char *dirname)

     

       6
        
        {

     

       7
        
        	struct utsname u;

     
···

       10
        
        

     

       11
        
        	if (dirname != NULL)

     

       12
        
        		return path_make_absolute_cwd(dirname);

     

       13
       +
       @@ -209,7 +209,10 @@

     

       14
        
        	if (uname(&u) < 0)

     

       15
        
        		return NULL;

     

       16
        
        

     
···

       22
        
        		return NULL;

     

       23
        
        

     

       24
        
        	return p;

     

       25
       +
       diff -ru -x '*~' kmod-17-orig/tools/static-nodes.c kmod-17/tools/static-nodes.c

     

       26
       +
       --- kmod-17-orig/tools/static-nodes.c	2013-12-17 22:05:42.159047316 +0100

     

       27
       +
       +++ kmod-17/tools/static-nodes.c	2014-04-17 13:51:17.945974320 +0200

     

       28
       +
       @@ -159,6 +159,7 @@

     

       29
       +
        	FILE *in = NULL, *out = NULL;

     

       30
       +
        	const struct static_nodes_format *format = &static_nodes_format_human;

     

       31
       +
        	int r, ret = EXIT_SUCCESS;

     

       32
       +
       +	char *dirname_prefix;

     

       33
       +
        

     

       34
       +
        	for (;;) {

     

       35
       +
        		int c, idx = 0, valid;

     

       36
       +
       @@ -211,16 +212,19 @@

     

       37
       +
        		goto finish;

     

       38
       +
        	}

     

       39
       +
        

     

       40
       +
       -	snprintf(modules, sizeof(modules), "/lib/modules/%s/modules.devname", kernel.release);

     

       41
       +
       +	if ((dirname_prefix = getenv("MODULE_DIR")) == NULL)

     

       42
       +
       +		dirname_prefix = "/lib/modules";

     

       43
       +
       +

     

       44
       +
       +	snprintf(modules, sizeof(modules), "%s/%s/modules.devname", dirname_prefix, kernel.release);

     

       45
       +
        	in = fopen(modules, "re");

     

       46
       +
        	if (in == NULL) {

     

       47
       +
        		if (errno == ENOENT) {

     

       48
       +
       -			fprintf(stderr, "Warning: /lib/modules/%s/modules.devname not found - ignoring\n",

     

       49
       +
       -				kernel.release);

     

       50
       +
       +			fprintf(stderr, "Warning: %s/%s/modules.devname not found - ignoring\n",

     

       51
       +
       +				dirname_prefix, kernel.release);

     

       52
       +
        			ret = EXIT_SUCCESS;

     

       53
       +
        		} else {

     

       54
       +
       -			fprintf(stderr, "Error: could not open /lib/modules/%s/modules.devname - %m\n",

     

       55
       +
       -				kernel.release);

     

       56
       +
       +			fprintf(stderr, "Error: could not open %s/%s/modules.devname - %m\n",

     

       57
       +
       +				dirname_prefix, kernel.release);

     

       58
       +
        			ret = EXIT_FAILURE;

     

       59
       +
        		}

     

       60
       +
        		goto finish;

+4 -2

pkgs/os-specific/linux/lvm2/default.nix

···

       1
        
       { stdenv, fetchurl, pkgconfig, udev, utillinux, coreutils }:

     

       2
        
       

     

       3
        
       let

     

       4
       -
         v = "2.02.104";

     

       5
        
       in

     

       6
        
       

     

       7
        
       stdenv.mkDerivation {

     
···

       9
        
       

     

       10
        
         src = fetchurl {

     

       11
        
           url = "ftp://sources.redhat.com/pub/lvm2/releases/LVM2.${v}.tgz";

     

       12
       -
           sha256 = "1xa7hvp8bsx96nncgksxrqxaqcgipfmmpr8aysayb8aisyjvas0d";

     

       13
        
         };

     

       14
        
       

     

       15
        
         configureFlags =

     
···

       28
        
             sed -i /DEFAULT_SYS_DIR/d Makefile.in

     

       29
        
             sed -i /DEFAULT_PROFILE_DIR/d conf/Makefile.in

     

       30
        
           '';

     

       0
        
       
     

       0
        
       
     

       31
        
       

     

       32
        
         #patches = [ ./purity.patch ];

     

       33

···

       1
        
       { stdenv, fetchurl, pkgconfig, udev, utillinux, coreutils }:

     

       2
        
       

     

       3
        
       let

     

       4
       +
         v = "2.02.106";

     

       5
        
       in

     

       6
        
       

     

       7
        
       stdenv.mkDerivation {

     
···

       9
        
       

     

       10
        
         src = fetchurl {

     

       11
        
           url = "ftp://sources.redhat.com/pub/lvm2/releases/LVM2.${v}.tgz";

     

       12
       +
           sha256 = "0nr833bl0q4zq52drjxmmpf7bs6kqxwa5kahwwxm9411khkxz0vc";

     

       13
        
         };

     

       14
        
       

     

       15
        
         configureFlags =

     
···

       28
        
             sed -i /DEFAULT_SYS_DIR/d Makefile.in

     

       29
        
             sed -i /DEFAULT_PROFILE_DIR/d conf/Makefile.in

     

       30
        
           '';

     

       31
       +
       

     

       32
       +
         enableParallelBuilding = true;

     

       33
        
       

     

       34
        
         #patches = [ ./purity.patch ];

     

       35

+3 -3

pkgs/os-specific/linux/nvidia-x11/default.nix

···

       12
        
       

     

       13
        
       let

     

       14
        
       

     

       15
       -
         versionNumber = "331.49";

     

       16
        
       

     

       17
        
       in

     

       18
        
       

     
···

       27
        
           if stdenv.system == "i686-linux" then

     

       28
        
             fetchurl {

     

       29
        
               url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run";

     

       30
       -
               sha256 = "00d7bq8cfxk52qd4y226fz8m9m3mjq45fbgr3q7k08jyy9qmswmn";

     

       31
        
             }

     

       32
        
           else if stdenv.system == "x86_64-linux" then

     

       33
        
             fetchurl {

     

       34
        
               url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run";

     

       35
       -
               sha256 = "0q3lvl1lypi33i847nqz4k3161ackh2n9kgyjn6v2c480f405hfk";

     

       36
        
             }

     

       37
        
           else throw "nvidia-x11 does not support platform ${stdenv.system}";

     

       38

···

       12
        
       

     

       13
        
       let

     

       14
        
       

     

       15
       +
         versionNumber = "331.67";

     

       16
        
       

     

       17
        
       in

     

       18
        
       

     
···

       27
        
           if stdenv.system == "i686-linux" then

     

       28
        
             fetchurl {

     

       29
        
               url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run";

     

       30
       +
               sha256 = "1imc66yxnm01i58xwqrwqc612h0rhdz8x170hqr2pjyk99bllsv9";

     

       31
        
             }

     

       32
        
           else if stdenv.system == "x86_64-linux" then

     

       33
        
             fetchurl {

     

       34
        
               url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run";

     

       35
       +
               sha256 = "0qxd4jd25ymcr6w97f71kfn549x6wgg4g3vixd3sqlczknn85f47";

     

       36
        
             }

     

       37
        
           else throw "nvidia-x11 does not support platform ${stdenv.system}";

     

       38

+3 -3

pkgs/os-specific/linux/pam/default.nix

···

       1
        
       { stdenv, fetchurl, flex, cracklib }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       -
         name = "linux-pam-1.1.6";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
       -
           url = https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-1.1.6.tar.bz2;

     

       8
       -
           sha256 = "1hlz2kqvbjisvwyicdincq7nz897b9rrafyzccwzqiqg53b8gf5s";

     

       9
        
         };

     

       10
        
       

     

       11
        
         nativeBuildInputs = [ flex ];

···

       1
        
       { stdenv, fetchurl, flex, cracklib }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       +
         name = "linux-pam-1.1.8";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
       +
           url = http://www.linux-pam.org/library/Linux-PAM-1.1.8.tar.bz2;

     

       8
       +
           sha256 = "0m8ygb40l1c13nsd4hkj1yh4p1ldawhhg8pyjqj9w5kd4cxg5cf4";

     

       9
        
         };

     

       10
        
       

     

       11
        
         nativeBuildInputs = [ flex ];

+23 -28

pkgs/os-specific/linux/systemd/default.nix

···

       1
        
       { stdenv, fetchurl, pkgconfig, intltool, gperf, libcap, dbus, kmod

     

       2
        
       , xz, pam, acl, cryptsetup, libuuid, m4, utillinux

     

       3
        
       , glib, kbd, libxslt, coreutils, libgcrypt, sysvtools, docbook_xsl

     

       4
       -
       , kexectools, libmicrohttpd

     

       5
        
       , python ? null, pythonSupport ? false

     

       6
        
       }:

     

       7
        
       

     
···

       10
        
       assert pythonSupport -> python != null;

     

       11
        
       

     

       12
        
       stdenv.mkDerivation rec {

     

       13
       -
         version = "203";

     

       14
        
         name = "systemd-${version}";

     

       15
        
       

     

       16
        
         src = fetchurl {

     

       17
        
           url = "http://www.freedesktop.org/software/systemd/${name}.tar.xz";

     

       18
       -
           sha256 = "07gvn3rpski8sh1nz16npjf2bvj0spsjdwc5px9685g2pi6kxcb1";

     

       19
        
         };

     

       20
        
       

     

       21
        
         patches =

     

       22
        
           [ # These are all changes between upstream and

     

       23
       -
             # https://github.com/edolstra/systemd/tree/nixos-v203.

     

       24
        
             ./fixes.patch

     

       25
       -
             ./fix_console_in_containers.patch

     

       26
       -
           ]

     

       27
       -
           ++ stdenv.lib.optional stdenv.isArm ./libc-bug-accept4-arm.patch;

     

       28
        
       

     

       29
        
         buildInputs =

     

       30
       -
           [ pkgconfig intltool gperf libcap dbus.libs kmod xz pam acl

     

       31
        
             /* cryptsetup */ libuuid m4 glib libxslt libgcrypt docbook_xsl

     

       32
       -
             libmicrohttpd

     

       33
        
           ] ++ stdenv.lib.optional pythonSupport python;

     

       34
        
       

     

       35
        
         configureFlags =

     
···

       45
        
             "--with-dbussessionservicedir=$(out)/share/dbus-1/services"

     

       46
        
             "--with-firmware-path=/root/test-firmware:/run/current-system/firmware"

     

       47
        
             "--with-tty-gid=3" # tty in NixOS has gid 3

     

       0
        
       
     

       0
        
       
     

       48
        
           ];

     

       49
        
       

     

       50
        
         preConfigure =

     

       51
        
           ''

     

       52
        
             # FIXME: patch this in systemd properly (and send upstream).

     

       53
        
             # FIXME: use sulogin from util-linux once updated.

     

       54
       -
             for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.m4.in src/journal/cat.c src/core/shutdown.c; do

     

       55
        
               test -e $i

     

       56
        
               substituteInPlace $i \

     

       0
        
       
     

       57
        
                 --replace /bin/mount ${utillinux}/bin/mount \

     

       58
        
                 --replace /bin/umount ${utillinux}/bin/umount \

     

       59
        
                 --replace /sbin/swapon ${utillinux}/sbin/swapon \

     
···

       69
        
               --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/

     

       70
        
           '';

     

       71
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       72
        
         PYTHON_BINARY = "${coreutils}/bin/env python"; # don't want a build time dependency on Python

     

       73
        
       

     

       74
        
         NIX_CFLAGS_COMPILE =

     
···

       77
        
             "-UPOLKIT_AGENT_BINARY_PATH" "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\""

     

       78
        
             "-fno-stack-protector"

     

       79
        
       

     

       80
       -
             # Work around our kernel headers being too old.  FIXME: remove

     

       81
       -
             # this after the next stdenv update.

     

       82
       -
             "-DFS_NOCOW_FL=0x00800000"

     

       83
       -
       

     

       84
        
             # Set the release_agent on /sys/fs/cgroup/systemd to the

     

       85
        
             # currently running systemd (/run/current-system/systemd) so

     

       86
        
             # that we don't use an obsolete/garbage-collected release agent.

     
···

       94
        
         # /var is mounted.

     

       95
        
         makeFlags = "hwdb_bin=/var/lib/udev/hwdb.bin";

     

       96
        
       

     

       97
       -
         installFlags = "localstatedir=$(TMPDIR)/var sysconfdir=$(out)/etc sysvinitdir=$(TMPDIR)/etc/init.d";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       98
        
       

     

       99
        
         # Get rid of configuration-specific data.

     

       100
        
         postInstall =

     
···

       102
        
             mkdir -p $out/example/systemd

     

       103
        
             mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example

     

       104
        
             mv $out/lib/systemd/{system,user} $out/example/systemd

     

       0
        
       
     

       0
        
       
     

       105
        
       

     

       106
        
             # Install SysV compatibility commands.

     

       107
        
             mkdir -p $out/sbin

     
···

       127
        
         # systemd builds is the same, then we can switch between them at

     

       128
        
         # runtime; otherwise we can't and we need to reboot.

     

       129
        
         passthru.interfaceVersion = 2;

     

       130
       -
       

     

       131
       -
         passthru.headers = stdenv.mkDerivation {

     

       132
       -
           name = "systemd-headers-${version}";

     

       133
       -
           inherit src;

     

       134
       -
       

     

       135
       -
           phases = [ "unpackPhase" "installPhase" ];

     

       136
       -
       

     

       137
       -
           # some are needed by dbus.libs, which is needed for systemd :-)

     

       138
       -
           installPhase = ''

     

       139
       -
             mkdir -p "$out/include/systemd"

     

       140
       -
             mv src/systemd/*.h "$out/include/systemd"

     

       141
       -
           '';

     

       142
       -
         };

     

       143
        
       

     

       144
        
         meta = {

     

       145
        
           homepage = "http://www.freedesktop.org/wiki/Software/systemd";

···

       1
        
       { stdenv, fetchurl, pkgconfig, intltool, gperf, libcap, dbus, kmod

     

       2
        
       , xz, pam, acl, cryptsetup, libuuid, m4, utillinux

     

       3
        
       , glib, kbd, libxslt, coreutils, libgcrypt, sysvtools, docbook_xsl

     

       4
       +
       , kexectools, libmicrohttpd, linuxHeaders

     

       5
        
       , python ? null, pythonSupport ? false

     

       6
        
       }:

     

       7
        
       

     
···

       10
        
       assert pythonSupport -> python != null;

     

       11
        
       

     

       12
        
       stdenv.mkDerivation rec {

     

       13
       +
         version = "212";

     

       14
        
         name = "systemd-${version}";

     

       15
        
       

     

       16
        
         src = fetchurl {

     

       17
        
           url = "http://www.freedesktop.org/software/systemd/${name}.tar.xz";

     

       18
       +
           sha256 = "1hpjcc42svrs06q3isjm3m5aphgkpfdylmvpnif71zh46ys0cab5";

     

       19
        
         };

     

       20
        
       

     

       21
        
         patches =

     

       22
        
           [ # These are all changes between upstream and

     

       23
       +
             # https://github.com/edolstra/systemd/tree/nixos-v212.

     

       24
        
             ./fixes.patch

     

       25
       +
           ];

     

       0
        
       
     

       0
        
       
     

       26
        
       

     

       27
        
         buildInputs =

     

       28
       +
           [ pkgconfig intltool gperf libcap kmod xz pam acl

     

       29
        
             /* cryptsetup */ libuuid m4 glib libxslt libgcrypt docbook_xsl

     

       30
       +
             libmicrohttpd linuxHeaders

     

       31
        
           ] ++ stdenv.lib.optional pythonSupport python;

     

       32
        
       

     

       33
        
         configureFlags =

     
···

       43
        
             "--with-dbussessionservicedir=$(out)/share/dbus-1/services"

     

       44
        
             "--with-firmware-path=/root/test-firmware:/run/current-system/firmware"

     

       45
        
             "--with-tty-gid=3" # tty in NixOS has gid 3

     

       46
       +
             "--disable-networkd" # enable/use eventually

     

       47
       +
             "--enable-compat-libs" # get rid of this eventually

     

       48
        
           ];

     

       49
        
       

     

       50
        
         preConfigure =

     

       51
        
           ''

     

       52
        
             # FIXME: patch this in systemd properly (and send upstream).

     

       53
        
             # FIXME: use sulogin from util-linux once updated.

     

       54
       +
             for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.m4.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c; do

     

       55
        
               test -e $i

     

       56
        
               substituteInPlace $i \

     

       57
       +
                 --replace /usr/bin/getent ${stdenv.glibc}/bin/getent \

     

       58
        
                 --replace /bin/mount ${utillinux}/bin/mount \

     

       59
        
                 --replace /bin/umount ${utillinux}/bin/umount \

     

       60
        
                 --replace /sbin/swapon ${utillinux}/sbin/swapon \

     
···

       70
        
               --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/

     

       71
        
           '';

     

       72
        
       

     

       73
       +
         # This is needed because systemd uses the gold linker, which doesn't

     

       74
       +
         # yet have the wrapper script to add rpath flags automatically.

     

       75
       +
         NIX_LDFLAGS = "-rpath ${pam}/lib -rpath ${libcap}/lib -rpath ${acl}/lib -rpath ${stdenv.gcc.gcc}/lib";

     

       76
       +
       

     

       77
        
         PYTHON_BINARY = "${coreutils}/bin/env python"; # don't want a build time dependency on Python

     

       78
        
       

     

       79
        
         NIX_CFLAGS_COMPILE =

     
···

       82
        
             "-UPOLKIT_AGENT_BINARY_PATH" "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\""

     

       83
        
             "-fno-stack-protector"

     

       84
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       85
        
             # Set the release_agent on /sys/fs/cgroup/systemd to the

     

       86
        
             # currently running systemd (/run/current-system/systemd) so

     

       87
        
             # that we don't use an obsolete/garbage-collected release agent.

     
···

       95
        
         # /var is mounted.

     

       96
        
         makeFlags = "hwdb_bin=/var/lib/udev/hwdb.bin";

     

       97
        
       

     

       98
       +
         installFlags =

     

       99
       +
           [ "localstatedir=$(TMPDIR)/var"

     

       100
       +
             "sysconfdir=$(out)/etc"

     

       101
       +
             "sysvinitdir=$(TMPDIR)/etc/init.d"

     

       102
       +
             "pamconfdir=$(out)/etc/pam.d"

     

       103
       +
           ];

     

       104
        
       

     

       105
        
         # Get rid of configuration-specific data.

     

       106
        
         postInstall =

     
···

       108
        
             mkdir -p $out/example/systemd

     

       109
        
             mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example

     

       110
        
             mv $out/lib/systemd/{system,user} $out/example/systemd

     

       111
       +
       

     

       112
       +
             rm -rf $out/etc/systemd/system

     

       113
        
       

     

       114
        
             # Install SysV compatibility commands.

     

       115
        
             mkdir -p $out/sbin

     
···

       135
        
         # systemd builds is the same, then we can switch between them at

     

       136
        
         # runtime; otherwise we can't and we need to reboot.

     

       137
        
         passthru.interfaceVersion = 2;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       138
        
       

     

       139
        
         meta = {

     

       140
        
           homepage = "http://www.freedesktop.org/wiki/Software/systemd";

-14

pkgs/os-specific/linux/systemd/fix_console_in_containers.patch

···

       1
       -
       diff -ruN systemd-203/units/getty@.service.m4 systemd-203-patched/units/getty@.service.m4

     

       2
       -
       --- systemd-203/units/getty@.service.m4	2013-01-07 22:50:49.083315575 +0100

     

       3
       -
       +++ systemd-203-patched/units/getty@.service.m4	2014-03-18 09:54:40.002476232 +0100

     

       4
       -
       @@ -23,7 +23,9 @@

     

       5
       -
        # On systems without virtual consoles, don't start any getty. (Note

     

       6
       -
        # that serial gettys are covered by serial-getty@.service, not this

     

       7
       -
        # unit

     

       8
       -
       -ConditionPathExists=/dev/tty0

     

       9
       -
       +ConditionPathExists=|/dev/tty0

     

       10
       -
       +ConditionVirtualization=|lxc

     

       11
       -
       +ConditionVirtualization=|lxc-libvirt

     

       12
       -
        

     

       13
       -
        [Service]

     

       14
       -
        # the VT is cleared by TTYVTDisallocate

+184 -628

pkgs/os-specific/linux/systemd/fixes.patch

···

       1
       -
       diff --git a/man/systemd.special.xml b/man/systemd.special.xml

     

       2
       -
       index 7164b1e..29401eb 100644

     

       3
       -
       --- a/man/systemd.special.xml

     

       4
       -
       +++ b/man/systemd.special.xml

     

       5
       -
       @@ -381,7 +381,7 @@

     

       6
       -
                                                this unit during

     

       7
       -
                                                installation. This is best

     

       8
       -
                                                configured via

     

       9
       -
       -                                        <varname>WantedBy=multi-uer.target</varname>

     

       10
       -
       +                                        <varname>WantedBy=multi-user.target</varname>

     

       11
       -
                                                in the unit's

     

       12
       -
                                                <literal>[Install]</literal>

     

       13
       -
                                                section.</para>

     

       14
       -
       diff --git a/rules/80-net-name-slot.rules b/rules/80-net-name-slot.rules

     

       15
       -
       index 15b5bc4..c5f1b38 100644

     

       16
       -
       --- a/rules/80-net-name-slot.rules

     

       17
       -
       +++ b/rules/80-net-name-slot.rules

     

       18
       -
       @@ -1,6 +1,6 @@

     

       19
       -
        # do not edit this file, it will be overwritten on update

     

       20
       -
        

     

       21
       -
       -ACTION=="remove", GOTO="net_name_slot_end"

     

       22
       -
       +ACTION!="add", GOTO="net_name_slot_end"

     

       23
       -
        SUBSYSTEM!="net", GOTO="net_name_slot_end"

     

       24
       -
        NAME!="", GOTO="net_name_slot_end"

     

       25
       -
        

     

       26
        
       diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in

     

       27
       -
       index d17bdd9..040b10e 100644

     

       28
        
       --- a/rules/99-systemd.rules.in

     

       29
        
       +++ b/rules/99-systemd.rules.in

     

       30
        
       @@ -14,10 +14,6 @@ KERNEL=="vport*", TAG+="systemd"

     

       31
       -
        SUBSYSTEM=="block", KERNEL!="ram*|loop*", TAG+="systemd"

     

       32
       -
        SUBSYSTEM=="block", KERNEL!="ram*|loop*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0"

     

       33
        
        

     

       34
        
       -# Ignore encrypted devices with no identified superblock on it, since

     

       35
        
       -# we are probably still calling mke2fs or mkswap on it.

     

       36
       -
       -SUBSYSTEM=="block", KERNEL!="ram*|loop*", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0"

     

       37
        
       -

     

       38
        
        # Ignore raid devices that are not yet assembled and started

     

       39
        
        SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0"

     

       40
        
        SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0"

     

       41
       -
       diff --git a/src/core/cgroup-semantics.c b/src/core/cgroup-semantics.c

     

       42
       -
       index 82b02bb..7df9d01 100644

     

       43
       -
       --- a/src/core/cgroup-semantics.c

     

       44
       -
       +++ b/src/core/cgroup-semantics.c

     

       45
       -
       @@ -255,7 +255,7 @@ static int map_blkio(const CGroupSemantics *s, const char *value, char **ret) {

     

       46
       -
        }

     

       47
       -
        

     

       48
       -
        static const CGroupSemantics semantics[] = {

     

       49
       -
       -        { "cpu",     "cpu.shares",                 "CPUShare",              false, parse_cpu_shares,          NULL,       NULL },

     

       50
       -
       +        { "cpu",     "cpu.shares",                 "CPUShares",             false, parse_cpu_shares,          NULL,       NULL },

     

       51
       -
                { "memory",  "memory.soft_limit_in_bytes", "MemorySoftLimit",       false, parse_memory_limit,        NULL,       NULL },

     

       52
       -
                { "memory",  "memory.limit_in_bytes",      "MemoryLimit",           false, parse_memory_limit,        NULL,       NULL },

     

       53
       -
                { "devices", "devices.allow",              "DeviceAllow",           true,  parse_device,              map_device, NULL },

     

       54
       -
       diff --git a/src/core/dbus-execute.h b/src/core/dbus-execute.h

     

       55
       -
       index 91d70e5..698102f 100644

     

       56
       -
       --- a/src/core/dbus-execute.h

     

       57
       -
       +++ b/src/core/dbus-execute.h

     

       58
       -
       @@ -63,7 +63,7 @@

     

       59
       -
                "  <property name=\"CPUSchedulingPolicy\" type=\"i\" access=\"read\"/>\n" \

     

       60
       -
                "  <property name=\"CPUSchedulingPriority\" type=\"i\" access=\"read\"/>\n" \

     

       61
       -
                "  <property name=\"CPUAffinity\" type=\"ay\" access=\"read\"/>\n" \

     

       62
       -
       -        "  <property name=\"TimerSlackNS\" type=\"t\" access=\"read\"/>\n" \

     

       63
       -
       +        "  <property name=\"TimerSlackNSec\" type=\"t\" access=\"read\"/>\n" \

     

       64
       -
                "  <property name=\"CPUSchedulingResetOnFork\" type=\"b\" access=\"read\"/>\n" \

     

       65
       -
                "  <property name=\"NonBlocking\" type=\"b\" access=\"read\"/>\n" \

     

       66
       -
                "  <property name=\"StandardInput\" type=\"s\" access=\"read\"/>\n" \

     

       67
       -
       diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c

     

       68
       -
       index 56b02a1..2b6d799 100644

     

       69
       -
       --- a/src/core/dbus-manager.c

     

       70
       -
       +++ b/src/core/dbus-manager.c

     

       71
       -
       @@ -1550,7 +1550,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,

     

       72
       -
                        _cleanup_strv_free_ char **l = NULL;

     

       73
       -
                        char **e = NULL;

     

       74
       -
        

     

       75
       -
       -                SELINUX_ACCESS_CHECK(connection, message, "reboot");

     

       76
       -
       +                SELINUX_ACCESS_CHECK(connection, message, "reload");

     

       77
       -
        

     

       78
       -
                        r = bus_parse_strv(message, &l);

     

       79
       -
                        if (r == -ENOMEM)

     

       80
       -
       @@ -1577,7 +1577,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,

     

       81
       -
                        _cleanup_strv_free_ char **l = NULL;

     

       82
       -
                        char **e = NULL;

     

       83
       -
        

     

       84
       -
       -                SELINUX_ACCESS_CHECK(connection, message, "reboot");

     

       85
       -
       +                SELINUX_ACCESS_CHECK(connection, message, "reload");

     

       86
       -
        

     

       87
       -
                        r = bus_parse_strv(message, &l);

     

       88
       -
                        if (r == -ENOMEM)

     

       89
       -
       @@ -1605,7 +1605,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,

     

       90
       -
                        char **f = NULL;

     

       91
       -
                        DBusMessageIter iter;

     

       92
       -
        

     

       93
       -
       -                SELINUX_ACCESS_CHECK(connection, message, "reboot");

     

       94
       -
       +                SELINUX_ACCESS_CHECK(connection, message, "reload");

     

       95
       -
        

     

       96
       -
                        if (!dbus_message_iter_init(message, &iter))

     

       97
       -
                                goto oom;

     

       98
       -
       diff --git a/src/core/dbus-swap.c b/src/core/dbus-swap.c

     

       99
       -
       index 2e99fba..e72749a 100644

     

       100
       -
       --- a/src/core/dbus-swap.c

     

       101
       -
       +++ b/src/core/dbus-swap.c

     

       102
       -
       @@ -93,6 +93,7 @@ static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_swap_append_swap_result, swap_result,

     

       103
       -
        static const BusProperty bus_swap_properties[] = {

     

       104
       -
                { "What",       bus_property_append_string, "s", offsetof(Swap, what),  true },

     

       105
       -
                { "Priority",   bus_swap_append_priority,   "i", 0 },

     

       106
       -
       +        { "TimeoutUSec",bus_property_append_usec,   "t", offsetof(Swap, timeout_usec)},

     

       107
       -
                BUS_EXEC_COMMAND_PROPERTY("ExecActivate",   offsetof(Swap, exec_command[SWAP_EXEC_ACTIVATE]),   false),

     

       108
       -
                BUS_EXEC_COMMAND_PROPERTY("ExecDeactivate", offsetof(Swap, exec_command[SWAP_EXEC_DEACTIVATE]), false),

     

       109
       -
                { "ControlPID", bus_property_append_pid,    "u", offsetof(Swap, control_pid) },

     

       110
        
       diff --git a/src/core/main.c b/src/core/main.c

     

       111
       -
       index 7fc06be..101ce79 100644

     

       112
        
       --- a/src/core/main.c

     

       113
        
       +++ b/src/core/main.c

     

       114
       -
       @@ -1590,14 +1590,14 @@ int main(int argc, char *argv[]) {

     

       115
       -
                                log_error("Failed to adjust timer slack: %m");

     

       116
       -
        

     

       117
       -
                if (arg_capability_bounding_set_drop) {

     

       118
       -
       -                r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);

     

       119
       -
       +                r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);

     

       120
       -
                        if (r < 0) {

     

       121
       -
       -                        log_error("Failed to drop capability bounding set: %s", strerror(-r));

     

       122
       -
       +                        log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));

     

       123
       -
                                goto finish;

     

       124
       -
                        }

     

       125
       -
       -                r = capability_bounding_set_drop_usermode(arg_capability_bounding_set_drop);

     

       126
       -
       +                r = capability_bounding_set_drop(arg_capability_bounding_set_drop, true);

     

       127
       -
                        if (r < 0) {

     

       128
       -
       -                        log_error("Failed to drop capability bounding set of usermode helpers: %s", strerror(-r));

     

       129
       -
       +                        log_error("Failed to drop capability bounding set: %s", strerror(-r));

     

       130
       -
                                goto finish;

     

       131
       -
                        }

     

       132
       -
                }

     

       133
       -
       @@ -1650,6 +1650,7 @@ int main(int argc, char *argv[]) {

     

       134
       -
                /* This will close all file descriptors that were opened, but

     

       135
       -
                 * not claimed by any unit. */

     

       136
       -
                fdset_free(fds);

     

       137
       -
       +        fds = NULL;

     

       138
       -
        

     

       139
       -
                if (serialization) {

     

       140
       -
                        fclose(serialization);

     

       141
       -
       @@ -1857,7 +1858,7 @@ finish:

     

       142
        
                                char_array_0(sfd);

     

       143
        
        

     

       144
        
                                i = 0;

     
···

       147
        
                                if (switch_root_dir)

     

       148
        
                                        args[i++] = "--switched-root";

     

       149
        
                                args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";

     

       150
       -
       diff --git a/src/core/manager.c b/src/core/manager.c

     

       151
       -
       index c7f8f20..0508628 100644

     

       152
       -
       --- a/src/core/manager.c

     

       153
       -
       +++ b/src/core/manager.c

     

       154
       -
       @@ -1372,7 +1372,7 @@ static int manager_process_signal_fd(Manager *m) {

     

       0
        
       
     

       155
        
        

     

       156
       -
                        case SIGINT:

     

       157
       -
                                if (m->running_as == SYSTEMD_SYSTEM) {

     

       158
       -
       -                                manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE);

     

       159
       -
       +                                manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);

     

       160
       -
                                        break;

     

       161
       -
                                }

     

       162
       -
        

     

       163
       -
       diff --git a/src/core/service.c b/src/core/service.c

     

       164
       -
       index 3617c24..4d0e2ad 100644

     

       165
       -
       --- a/src/core/service.c

     

       166
       -
       +++ b/src/core/service.c

     

       167
       -
       @@ -2642,6 +2642,9 @@ static int service_serialize(Unit *u, FILE *f, FDSet *fds) {

     

       168
       -
                if (s->exec_context.var_tmp_dir)

     

       169
       -
                        unit_serialize_item(u, f, "var-tmp-dir", s->exec_context.var_tmp_dir);

     

       170
       -
        

     

       171
       -
       +        if (s->forbid_restart)

     

       172
       -
       +                unit_serialize_item(u, f, "forbid-restart", yes_no(s->forbid_restart));

     

       173
       -
       +

     

       174
       -
                return 0;

     

       175
       -
        }

     

       176
       -
        

     

       177
       -
       @@ -2776,6 +2779,14 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,

     

       178
       -
                                return log_oom();

     

       179
       -
        

     

       180
       -
                        s->exec_context.var_tmp_dir = t;

     

       181
       -
       +        } else if (streq(key, "forbid-restart")) {

     

       182
       -
       +                int b;

     

       183
       -
       +

     

       184
       -
       +                b = parse_boolean(value);

     

       185
       -
       +                if (b < 0)

     

       186
       -
       +                        log_debug_unit(u->id, "Failed to parse forbid-restart value %s", value);

     

       187
       -
       +                else

     

       188
       -
       +                        s->forbid_restart = b;

     

       189
       -
                } else

     

       190
       -
                        log_debug_unit(u->id, "Unknown serialization key '%s'", key);

     

       191
       -
        

     

       192
       -
       diff --git a/src/core/snapshot.c b/src/core/snapshot.c

     

       193
       -
       index a63eccd..a6807eb 100644

     

       194
       -
       --- a/src/core/snapshot.c

     

       195
       -
       +++ b/src/core/snapshot.c

     

       196
       -
       @@ -217,8 +217,10 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, DBusError *e, Sn

     

       197
       -
                                if (asprintf(&n, "snapshot-%u.snapshot", ++ m->n_snapshots) < 0)

     

       198
       -
                                        return -ENOMEM;

     

       199
       -
        

     

       200
       -
       -                        if (!manager_get_unit(m, n))

     

       201
       -
       +                        if (!manager_get_unit(m, n)) {

     

       202
       -
       +                                name = n;

     

       203
       -
                                        break;

     

       204
       -
       +                        }

     

       205
        
        

     

       206
       -
                                free(n);

     

       207
       -
                        }

     

       208
        
       diff --git a/src/core/umount.c b/src/core/umount.c

     

       209
       -
       index 1e95ad7..9f0e471 100644

     

       210
        
       --- a/src/core/umount.c

     

       211
        
       +++ b/src/core/umount.c

     

       212
       -
       @@ -435,6 +435,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e

     

       213
        
                         * anyway, since we are running from it. They have

     

       214
        
                         * already been remounted ro. */

     

       215
        
                        if (path_equal(m->path, "/")

     
···

       218
        
        #ifndef HAVE_SPLIT_USR

     

       219
        
                            || path_equal(m->path, "/usr")

     

       220
        
        #endif

     

       221
       -
       diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c

     

       222
       -
       index 81b7708..edd0b40 100644

     

       223
       -
       --- a/src/cryptsetup/cryptsetup-generator.c

     

       224
       -
       +++ b/src/cryptsetup/cryptsetup-generator.c

     

       225
       -
       @@ -111,6 +111,7 @@ static int create_disk(

     

       226
       -
                        "Conflicts=umount.target\n"

     

       227
       -
                        "DefaultDependencies=no\n"

     

       228
       -
                        "BindsTo=dev-mapper-%i.device\n"

     

       229
       -
       +                "IgnoreOnIsolate=true\n"

     

       230
       -
                        "After=systemd-readahead-collect.service systemd-readahead-replay.service\n",

     

       231
       -
                        f);

     

       232
       -
        

     

       233
       -
       diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c

     

       234
       -
       index c17299f..6b3e67e 100644

     

       235
       -
       --- a/src/fstab-generator/fstab-generator.c

     

       236
       -
       +++ b/src/fstab-generator/fstab-generator.c

     

       237
       -
       @@ -351,7 +351,7 @@ static int add_mount(

     

       238
       -
        

     

       239
       -
                if (automount && !path_equal(where, "/")) {

     

       240
       -
                        automount_name = unit_name_from_path(where, ".automount");

     

       241
       -
       -                if (!name)

     

       242
       -
       +                if (!automount_name)

     

       243
       -
                                return log_oom();

     

       244
       -
        

     

       245
       -
                        automount_unit = strjoin(arg_dest, "/", automount_name, NULL);

     

       246
       -
       @@ -596,9 +596,9 @@ static int parse_proc_cmdline(void) {

     

       247
       -
                        } else if (startswith(word, "rd.fstab=")) {

     

       248
       -
        

     

       249
       -
                                if (in_initrd()) {

     

       250
       -
       -                                r = parse_boolean(word + 6);

     

       251
       -
       +                                r = parse_boolean(word + 9);

     

       252
       -
                                        if (r < 0)

     

       253
       -
       -                                        log_warning("Failed to parse fstab switch %s. Ignoring.", word + 6);

     

       254
       -
       +                                        log_warning("Failed to parse fstab switch %s. Ignoring.", word + 9);

     

       255
       -
                                        else

     

       256
       -
                                                arg_enabled = r;

     

       257
        
                                }

     

       258
       -
       diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c

     

       259
       -
       index 38499a6..bb80905 100644

     

       260
       -
       --- a/src/journal/journal-file.c

     

       261
       -
       +++ b/src/journal/journal-file.c

     

       262
       -
       @@ -907,6 +907,8 @@ static int journal_file_append_field(

     

       263
       -
        

     

       264
       -
                osize = offsetof(Object, field.payload) + size;

     

       265
       -
                r = journal_file_append_object(f, OBJECT_FIELD, osize, &o, &p);

     

       266
       -
       +        if (r < 0)

     

       267
       -
       +                return r;

     

       268
       -
        

     

       269
       -
                o->field.hash = htole64(hash);

     

       270
       -
                memcpy(o->field.payload, field, size);

     

       271
       -
       diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c

     

       272
       -
       index 88163c0..e09ba4c 100644

     

       273
       -
       --- a/src/journal/journald-server.c

     

       274
       -
       +++ b/src/journal/journald-server.c

     

       275
       -
       @@ -333,8 +333,10 @@ void server_rotate(Server *s) {

     

       276
       -
                        if (r < 0)

     

       277
       -
                                if (f)

     

       278
       -
                                        log_error("Failed to rotate %s: %s", f->path, strerror(-r));

     

       279
       -
       -                        else

     

       280
       -
       +                        else {

     

       281
       -
                                        log_error("Failed to create user journal: %s", strerror(-r));

     

       282
       -
       +                                hashmap_remove(s->user_journals, k);

     

       283
       -
       +                        }

     

       284
       -
                        else {

     

       285
       -
                                hashmap_replace(s->user_journals, k, f);

     

       286
       -
                                server_fix_perms(s, f, PTR_TO_UINT32(k));

     

       287
       -
       @@ -975,7 +977,8 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       288
       -
                        ssize_t n;

     

       289
       -
        

     

       290
       -
                        if (ev->events != EPOLLIN) {

     

       291
       -
       -                        log_error("Got invalid event from epoll.");

     

       292
       -
       +                        log_error("Got invalid event from epoll for %s: %"PRIx32,

     

       293
       -
       +                                  "signal fd", ev->events);

     

       294
       -
                                return -EIO;

     

       295
       -
                        }

     

       296
       -
        

     

       297
       -
       @@ -1024,8 +1027,12 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       298
       -
                } else if (ev->data.fd == s->dev_kmsg_fd) {

     

       299
       -
                        int r;

     

       300
       -
        

     

       301
       -
       -                if (ev->events != EPOLLIN) {

     

       302
       -
       -                        log_error("Got invalid event from epoll.");

     

       303
       -
       +                if (ev->events & EPOLLERR)

     

       304
       -
       +                        log_warning("/dev/kmsg buffer overrun, some messages lost.");

     

       305
       -
       +

     

       306
       -
       +                if (!(ev->events & EPOLLIN)) {

     

       307
       -
       +                        log_error("Got invalid event from epoll for %s: %"PRIx32,

     

       308
       -
       +                                  "/dev/kmsg", ev->events);

     

       309
       -
                                return -EIO;

     

       310
       -
                        }

     

       311
       -
        

     

       312
       -
       @@ -1039,7 +1046,9 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       313
       -
                           ev->data.fd == s->syslog_fd) {

     

       314
       -
        

     

       315
       -
                        if (ev->events != EPOLLIN) {

     

       316
       -
       -                        log_error("Got invalid event from epoll.");

     

       317
       -
       +                        log_error("Got invalid event from epoll for %s: %"PRIx32,

     

       318
       -
       +                                  ev->data.fd == s->native_fd ? "native fd" : "syslog fd",

     

       319
       -
       +                                  ev->events);

     

       320
       -
                                return -EIO;

     

       321
       -
                        }

     

       322
       -
        

     

       323
       -
       @@ -1140,12 +1149,7 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       324
       -
                                        char *e;

     

       325
       -
        

     

       326
       -
                                        if (n > 0 && n_fds == 0) {

     

       327
       -
       -                                        e = memchr(s->buffer, '\n', n);

     

       328
       -
       -                                        if (e)

     

       329
       -
       -                                                *e = 0;

     

       330
       -
       -                                        else

     

       331
       -
       -                                                s->buffer[n] = 0;

     

       332
       -
       -

     

       333
       -
       +                                        s->buffer[n] = 0;

     

       334
       -
                                                server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);

     

       335
       -
                                        } else if (n_fds > 0)

     

       336
       -
                                                log_warning("Got file descriptors via syslog socket. Ignoring.");

     

       337
       -
       @@ -1167,7 +1171,8 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       338
       -
                } else if (ev->data.fd == s->stdout_fd) {

     

       339
       -
        

     

       340
       -
                        if (ev->events != EPOLLIN) {

     

       341
       -
       -                        log_error("Got invalid event from epoll.");

     

       342
       -
       +                        log_error("Got invalid event from epoll for %s: %"PRIx32,

     

       343
       -
       +                                  "stdout fd", ev->events);

     

       344
       -
                                return -EIO;

     

       345
       -
                        }

     

       346
       -
        

     

       347
       -
       @@ -1178,6 +1183,8 @@ int process_event(Server *s, struct epoll_event *ev) {

     

       348
       -
                        StdoutStream *stream;

     

       349
       -
        

     

       350
       -
                        if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {

     

       351
       -
       +                        log_error("Got invalid event from epoll for %s: %"PRIx32,

     

       352
       -
       +                                  "stdout stream", ev->events);

     

       353
       -
                                log_error("Got invalid event from epoll.");

     

       354
       -
                                return -EIO;

     

       355
       -
                        }

     

       356
       -
       diff --git a/src/journal/mmap-cache.c b/src/journal/mmap-cache.c

     

       357
       -
       index 54bf114..bd197d0 100644

     

       358
       -
       --- a/src/journal/mmap-cache.c

     

       359
       -
       +++ b/src/journal/mmap-cache.c

     

       360
       -
       @@ -308,9 +308,13 @@ static void mmap_cache_free(MMapCache *m) {

     

       361
       -
                while ((c = hashmap_first(m->contexts)))

     

       362
       -
                        context_free(c);

     

       363
       -
        

     

       364
       -
       +        hashmap_free(m->contexts);

     

       365
       -
       +

     

       366
       -
                while ((f = hashmap_first(m->fds)))

     

       367
       -
                        fd_free(f);

     

       368
       -
        

     

       369
       -
       +        hashmap_free(m->fds);

     

       370
       -
       +

     

       371
       -
                while (m->unused)

     

       372
       -
                        window_free(m->unused);

     

       373
       -
        

     

       374
       -
       diff --git a/src/libsystemd-bus/bus-internal.c b/src/libsystemd-bus/bus-internal.c

     

       375
       -
       index 0e66f3d..cac948e 100644

     

       376
       -
       --- a/src/libsystemd-bus/bus-internal.c

     

       377
       -
       +++ b/src/libsystemd-bus/bus-internal.c

     

       378
       -
       @@ -63,7 +63,7 @@ bool object_path_is_valid(const char *p) {

     

       379
       -
        

     

       380
       -
        bool interface_name_is_valid(const char *p) {

     

       381
       -
                const char *q;

     

       382
       -
       -        bool dot, found_dot;

     

       383
       -
       +        bool dot, found_dot = false;

     

       384
       -
        

     

       385
       -
                if (isempty(p))

     

       386
       -
                        return false;

     

       387
       -
       @@ -103,7 +103,7 @@ bool interface_name_is_valid(const char *p) {

     

       388
       -
        

     

       389
       -
        bool service_name_is_valid(const char *p) {

     

       390
       -
                const char *q;

     

       391
       -
       -        bool dot, found_dot, unique;

     

       392
       -
       +        bool dot, found_dot = false, unique;

     

       393
       -
        

     

       394
       -
                if (isempty(p))

     

       395
       -
                        return false;

     

       396
       -
       diff --git a/src/libsystemd-bus/sd-bus.c b/src/libsystemd-bus/sd-bus.c

     

       397
       -
       index 7d6d848..b0eb2f1 100644

     

       398
       -
       --- a/src/libsystemd-bus/sd-bus.c

     

       399
       -
       +++ b/src/libsystemd-bus/sd-bus.c

     

       400
       -
       @@ -1088,11 +1088,11 @@ static int dispatch_rqueue(sd_bus *bus, sd_bus_message **m) {

     

       401
       -
                        if (r == 0)

     

       402
       -
                                return ret;

     

       403
       -
        

     

       404
       -
       -                r = 1;

     

       405
       -
       +                ret = 1;

     

       406
       -
                } while (!z);

     

       407
       -
        

     

       408
       -
                *m = z;

     

       409
       -
       -        return 1;

     

       410
       -
       +        return ret;

     

       411
       -
        }

     

       412
       -
        

     

       413
       -
        int sd_bus_send(sd_bus *bus, sd_bus_message *m, uint64_t *serial) {

     

       414
       -
       diff --git a/src/libudev/libudev-enumerate.c b/src/libudev/libudev-enumerate.c

     

       415
       -
       index 5ccaabd..100c1fb 100644

     

       416
       -
       --- a/src/libudev/libudev-enumerate.c

     

       417
       -
       +++ b/src/libudev/libudev-enumerate.c

     

       418
       -
       @@ -299,7 +299,7 @@ _public_ struct udev_list_entry *udev_enumerate_get_list_entry(struct udev_enume

     

       419
       -
                                /* skip to be delayed devices, and move the to

     

       420
       -
                                 * the point where the prefix changes. We can

     

       421
       -
                                 * only move one item at a time. */

     

       422
       -
       -                        if (!move_later) {

     

       423
       -
       +                        if (move_later == -1) {

     

       424
       -
                                        move_later_prefix = devices_delay_later(udev_enumerate->udev, entry->syspath);

     

       425
       -
        

     

       426
       -
                                        if (move_later_prefix > 0) {

     

       427
       -
       @@ -718,6 +718,8 @@ static bool match_subsystem(struct udev_enumerate *udev_enumerate, const char *s

     

       428
       -
        {

     

       429
       -
                struct udev_list_entry *list_entry;

     

       430
       -
        

     

       431
       -
       +        subsystem = subsystem ? : "";

     

       432
       -
       +

     

       433
       -
                udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_enumerate->subsystem_nomatch_list)) {

     

       434
       -
                        if (fnmatch(udev_list_entry_get_name(list_entry), subsystem, 0) == 0)

     

       435
       -
                                return false;

     

       436
       -
       @@ -826,23 +828,27 @@ nomatch:

     

       437
       -
        static int parent_add_child(struct udev_enumerate *enumerate, const char *path)

     

       438
       -
        {

     

       439
       -
                struct udev_device *dev;

     

       440
       -
       +        int r = 0;

     

       441
       -
        

     

       442
       -
                dev = udev_device_new_from_syspath(enumerate->udev, path);

     

       443
       -
                if (dev == NULL)

     

       444
       -
                        return -ENODEV;

     

       445
        
        

     

       446
       -
                if (!match_subsystem(enumerate, udev_device_get_subsystem(dev)))

     

       447
       -
       -                return 0;

     

       448
       -
       +                goto nomatch;

     

       449
       -
                if (!match_sysname(enumerate, udev_device_get_sysname(dev)))

     

       450
       -
       -                return 0;

     

       451
       -
       +                goto nomatch;

     

       452
       -
                if (!match_property(enumerate, dev))

     

       453
       -
       -                return 0;

     

       454
       -
       +                goto nomatch;

     

       455
       -
                if (!match_sysattr(enumerate, dev))

     

       456
       -
       -                return 0;

     

       457
       -
       +                goto nomatch;

     

       458
        
        

     

       459
       -
                syspath_add(enumerate, udev_device_get_syspath(dev));

     

       460
       -
       +        r = 1;

     

       461
       -
       +

     

       462
       -
       +nomatch:

     

       463
       -
                udev_device_unref(dev);

     

       464
       -
       -        return 1;

     

       465
       -
       +        return r;

     

       466
       -
        }

     

       467
       -
        

     

       468
       -
        static int parent_crawl_children(struct udev_enumerate *enumerate, const char *path, int maxdepth)

     

       469
       -
       diff --git a/src/libudev/libudev.sym b/src/libudev/libudev.sym

     

       470
       -
       index 8e09430..1e6f885 100644

     

       471
       -
       --- a/src/libudev/libudev.sym

     

       472
       -
       +++ b/src/libudev/libudev.sym

     

       473
       -
       @@ -109,5 +109,6 @@ global:

     

       474
       -
        } LIBUDEV_189;

     

       475
       -
        

     

       476
       -
        LIBUDEV_199 {

     

       477
       -
       +global:

     

       478
       -
                udev_device_set_sysattr_value;

     

       479
       -
        } LIBUDEV_196;

     

       480
       -
       diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c

     

       481
       -
       index 7b19ee0..49ee420 100644

     

       482
       -
       --- a/src/modules-load/modules-load.c

     

       483
       -
       +++ b/src/modules-load/modules-load.c

     

       484
       -
       @@ -302,8 +302,8 @@ int main(int argc, char *argv[]) {

     

       485
       -
        

     

       486
       -
                        STRV_FOREACH(i, arg_proc_cmdline_modules) {

     

       487
       -
                                k = load_module(ctx, *i);

     

       488
       -
       -                        if (k < 0)

     

       489
       -
       -                                r = EXIT_FAILURE;

     

       490
       -
       +                        if (k < 0 && r == 0)

     

       491
       -
       +                                r = k;

     

       492
        
                        }

     

       493
       -
        

     

       494
       -
                        r = conf_files_list_nulstr(&files, ".conf", NULL, conf_file_dirs);

     

       495
        
       diff --git a/src/nss-myhostname/netlink.c b/src/nss-myhostname/netlink.c

     

       496
       -
       index b1ef912..4f2ab5c 100644

     

       497
        
       --- a/src/nss-myhostname/netlink.c

     

       498
        
       +++ b/src/nss-myhostname/netlink.c

     

       499
       -
       @@ -113,6 +113,10 @@ static int read_reply(int fd, struct address **list, unsigned *n_list) {

     

       500
        
                            ifaddrmsg->ifa_scope == RT_SCOPE_NOWHERE)

     

       501
        
                                continue;

     

       502
        
        

     
···

       507
        
                        if (ifaddrmsg->ifa_flags & IFA_F_DEPRECATED)

     

       508
        
                                continue;

     

       509
        
        

     

       510
       -
       diff --git a/src/shared/efivars.c b/src/shared/efivars.c

     

       511
       -
       index 8d004ba..99340c9 100644

     

       512
       -
       --- a/src/shared/efivars.c

     

       513
       -
       +++ b/src/shared/efivars.c

     

       514
       -
       @@ -383,7 +383,8 @@ int efi_get_boot_options(uint16_t **options) {

     

       515
       -
                        list[count ++] = id;

     

       516
       -
                }

     

       517
       -
        

     

       518
       -
       -        qsort(list, count, sizeof(uint16_t), cmp_uint16);

     

       519
       -
       +        if (list)

     

       520
       -
       +                qsort(list, count, sizeof(uint16_t), cmp_uint16);

     

       521
       -
        

     

       522
       -
                *options = list;

     

       523
       -
                return count;

     

       524
       -
       diff --git a/src/shared/env-util.c b/src/shared/env-util.c

     

       525
       -
       index 6a52fb9..598222c 100644

     

       526
       -
       --- a/src/shared/env-util.c

     

       527
       -
       +++ b/src/shared/env-util.c

     

       528
       -
       @@ -406,7 +406,9 @@ char **strv_env_clean_log(char **e, const char *message) {

     

       529
       -
                        e[k++] = *p;

     

       530
       -
                }

     

       531
       -
        

     

       532
       -
       -        e[k] = NULL;

     

       533
       -
       +        if (e)

     

       534
       -
       +                e[k] = NULL;

     

       535
       -
       +

     

       536
       -
                return e;

     

       537
       -
        }

     

       538
       -
        

     

       539
       -
       diff --git a/src/shared/log.c b/src/shared/log.c

     

       540
       -
       index 27317f7..8f4995a 100644

     

       541
       -
       --- a/src/shared/log.c

     

       542
       -
       +++ b/src/shared/log.c

     

       543
       -
       @@ -115,16 +115,20 @@ void log_close_syslog(void) {

     

       544
       -
        

     

       545
       -
        static int create_log_socket(int type) {

     

       546
       -
                int fd;

     

       547
       -
       +        struct timeval tv;

     

       548
       -
        

     

       549
       -
       -        /* All output to the syslog/journal fds we do asynchronously,

     

       550
       -
       -         * and if the buffers are full we just drop the messages */

     

       551
       -
       -

     

       552
       -
       -        fd = socket(AF_UNIX, type|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);

     

       553
       -
       +        fd = socket(AF_UNIX, type|SOCK_CLOEXEC, 0);

     

       554
       -
                if (fd < 0)

     

       555
       -
                        return -errno;

     

       556
       -
        

     

       557
       -
                fd_inc_sndbuf(fd, SNDBUF_SIZE);

     

       558
       -
        

     

       559
       -
       +        /* We need a blocking fd here since we'd otherwise lose

     

       560
       -
       +        messages way too early. However, let's not hang forever in the

     

       561
       -
       +        unlikely case of a deadlock. */

     

       562
       -
       +        timeval_store(&tv, 1*USEC_PER_MINUTE);

     

       563
       -
       +        setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv));

     

       564
       -
       +

     

       565
       -
                return fd;

     

       566
       -
        }

     

       567
       -
        

     

       568
       -
       diff --git a/src/shared/polkit.c b/src/shared/polkit.c

     

       569
       -
       index cea7074..1c5e9e3 100644

     

       570
       -
       --- a/src/shared/polkit.c

     

       571
       -
       +++ b/src/shared/polkit.c

     

       572
       -
       @@ -38,12 +38,8 @@ int verify_polkit(

     

       573
       -
        

     

       574
       -
        #ifdef ENABLE_POLKIT

     

       575
       -
                DBusMessage *m = NULL, *reply = NULL;

     

       576
       -
       -        const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = "";

     

       577
       -
       +        const char *system_bus_name = "system-bus-name", *name = "name", *cancel_id = "";

     

       578
       -
                uint32_t flags = interactive ? 1 : 0;

     

       579
       -
       -        pid_t pid_raw;

     

       580
       -
       -        uint32_t pid_u32;

     

       581
       -
       -        unsigned long long starttime_raw;

     

       582
       -
       -        uint64_t starttime_u64;

     

       583
       -
                DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;

     

       584
       -
                int r;

     

       585
       -
                dbus_bool_t authorized = FALSE, challenge = FALSE;

     

       586
       -
       @@ -68,14 +64,6 @@ int verify_polkit(

     

       587
       -
        

     

       588
       -
        #ifdef ENABLE_POLKIT

     

       589
       -
        

     

       590
       -
       -        pid_raw = bus_get_unix_process_id(c, sender, error);

     

       591
       -
       -        if (pid_raw == 0)

     

       592
       -
       -                return -EINVAL;

     

       593
       -
       -

     

       594
       -
       -        r = get_starttime_of_pid(pid_raw, &starttime_raw);

     

       595
       -
       -        if (r < 0)

     

       596
       -
       -                return r;

     

       597
       -
       -

     

       598
       -
                m = dbus_message_new_method_call(

     

       599
       -
                                "org.freedesktop.PolicyKit1",

     

       600
       -
                                "/org/freedesktop/PolicyKit1/Authority",

     

       601
       -
       @@ -86,22 +74,13 @@ int verify_polkit(

     

       602
       -
        

     

       603
       -
                dbus_message_iter_init_append(m, &iter_msg);

     

       604
       -
        

     

       605
       -
       -        pid_u32 = (uint32_t) pid_raw;

     

       606
       -
       -        starttime_u64 = (uint64_t) starttime_raw;

     

       607
       -
       -

     

       608
       -
                if (!dbus_message_iter_open_container(&iter_msg, DBUS_TYPE_STRUCT, NULL, &iter_struct) ||

     

       609
       -
       -            !dbus_message_iter_append_basic(&iter_struct, DBUS_TYPE_STRING, &unix_process) ||

     

       610
       -
       +            !dbus_message_iter_append_basic(&iter_struct, DBUS_TYPE_STRING, &system_bus_name) ||

     

       611
       -
                    !dbus_message_iter_open_container(&iter_struct, DBUS_TYPE_ARRAY, "{sv}", &iter_array) ||

     

       612
       -
                    !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) ||

     

       613
       -
       -            !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &pid) ||

     

       614
       -
       -            !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant) ||

     

       615
       -
       -            !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &pid_u32) ||

     

       616
       -
       -            !dbus_message_iter_close_container(&iter_dict, &iter_variant) ||

     

       617
       -
       -            !dbus_message_iter_close_container(&iter_array, &iter_dict) ||

     

       618
       -
       -            !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) ||

     

       619
       -
       -            !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &starttime) ||

     

       620
       -
       -            !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "t", &iter_variant) ||

     

       621
       -
       -            !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT64, &starttime_u64) ||

     

       622
       -
       +            !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &name) ||

     

       623
       -
       +            !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "s", &iter_variant) ||

     

       624
       -
       +            !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_STRING, &sender) ||

     

       625
       -
                    !dbus_message_iter_close_container(&iter_dict, &iter_variant) ||

     

       626
       -
                    !dbus_message_iter_close_container(&iter_array, &iter_dict) ||

     

       627
       -
                    !dbus_message_iter_close_container(&iter_struct, &iter_array) ||

     

       628
        
       diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c

     

       629
       -
       index 3cca861..f6052dd 100644

     

       630
        
       --- a/src/systemctl/systemctl.c

     

       631
        
       +++ b/src/systemctl/systemctl.c

     

       632
       -
       @@ -1482,7 +1482,7 @@ static DBusHandlerResult wait_filter(DBusConnection *connection, DBusMessage *me

     

       633
        
        

     

       634
       -
                } else if (dbus_message_is_signal(message, "org.freedesktop.systemd1.Manager", "JobRemoved")) {

     

       635
       -
                        uint32_t id;

     

       636
       -
       -                const char *path, *result, *unit;

     

       637
       -
       +                const char *path, *result, *unit, *r;

     

       638
       -
        

     

       639
       -
                        if (dbus_message_get_args(message, &error,

     

       640
       -
                                                  DBUS_TYPE_UINT32, &id,

     

       641
       -
       @@ -1491,7 +1491,11 @@ static DBusHandlerResult wait_filter(DBusConnection *connection, DBusMessage *me

     

       642
       -
                                                  DBUS_TYPE_STRING, &result,

     

       643
       -
                                                  DBUS_TYPE_INVALID)) {

     

       644
       -
        

     

       645
       -
       -                        free(set_remove(d->set, (char*) path));

     

       646
       -
       +                        r = set_remove(d->set, (char*) path);

     

       647
       -
       +                        if (!r)

     

       648
       -
       +                                return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

     

       649
       -
       +

     

       650
       -
       +                        free(r);

     

       651
        
        

     

       652
       -
                                if (!isempty(result))

     

       653
       -
                                        d->result = strdup(result);

     

       654
       -
       @@ -1511,7 +1515,11 @@ static DBusHandlerResult wait_filter(DBusConnection *connection, DBusMessage *me

     

       655
       -
                                /* Compatibility with older systemd versions <

     

       656
       -
                                 * 183 during upgrades. This should be dropped

     

       657
       -
                                 * one day. */

     

       658
       -
       -                        free(set_remove(d->set, (char*) path));

     

       659
       -
       +                        r = set_remove(d->set, (char*) path);

     

       660
       -
       +                        if (!r)

     

       661
       -
       +                                return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

     

       662
       -
       +

     

       663
       -
       +                        free(r);

     

       664
        
        

     

       665
       -
                                if (*result)

     

       666
       -
                                        d->result = strdup(result);

     

       667
       -
       @@ -1867,7 +1875,7 @@ static int start_unit_one(

     

       668
       -
                                return log_oom();

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       669
        
        

     

       670
       -
                        r = set_consume(s, p);

     

       671
       -
       -                if (r < 0) {

     

       672
       -
       +                if (r < 0 && r != -EEXIST) {

     

       673
       -
                                log_error("Failed to add path to set.");

     

       674
       -
                                return r;

     

       675
       -
                        }

     

       676
        
       diff --git a/units/emergency.service.in b/units/emergency.service.in

     

       677
       -
       index 442f0e0..6b7eafd 100644

     

       678
        
       --- a/units/emergency.service.in

     

       679
        
       +++ b/units/emergency.service.in

     

       680
        
       @@ -15,7 +15,6 @@ Before=shutdown.target

     
···

       685
        
        ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" to try again\\nto boot into default mode.'

     

       686
        
        ExecStart=-/sbin/sulogin

     

       687
        
        ExecStopPost=@SYSTEMCTL@ --fail --no-block default

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       688
        
       diff --git a/units/local-fs.target b/units/local-fs.target

     

       689
       -
       index 18c3d74..a09054c 100644

     

       690
        
       --- a/units/local-fs.target

     

       691
        
       +++ b/units/local-fs.target

     

       692
       -
       @@ -11,3 +11,5 @@ Documentation=man:systemd.special(7)

     

       693
       -
        After=local-fs-pre.target

     

       694
        
        OnFailure=emergency.target

     

       695
       -
        OnFailureIsolate=no

     

       696
        
       +

     

       697
        
       +X-StopOnReconfiguration=yes

     

       698
        
       diff --git a/units/remote-fs.target b/units/remote-fs.target

     

       699
       -
       index 09213e8..47b4cf5 100644

     

       700
        
       --- a/units/remote-fs.target

     

       701
        
       +++ b/units/remote-fs.target

     

       702
       -
       @@ -10,5 +10,7 @@ Description=Remote File Systems

     

       703
       -
        Documentation=man:systemd.special(7)

     

       704
       -
        After=remote-fs-pre.target

     

       705
        
        

     

       706
        
       +X-StopOnReconfiguration=yes

     

       707
        
       +

     

       708
        
        [Install]

     

       709
        
        WantedBy=multi-user.target

     

       710
        
       diff --git a/units/rescue.service.m4.in b/units/rescue.service.m4.in

     

       711
       -
       index 269797a..2c640f4 100644

     

       712
        
       --- a/units/rescue.service.m4.in

     

       713
        
       +++ b/units/rescue.service.m4.in

     

       714
        
       @@ -16,7 +16,6 @@ Before=shutdown.target

     
···

       719
        
        ExecStartPre=-/bin/echo -e 'Welcome to rescue mode! Type "systemctl default" or ^D to enter default mode.\\nType "journalctl -xb" to view system logs. Type "systemctl reboot" to reboot.'

     

       720
        
        ExecStart=-/sbin/sulogin

     

       721
        
        ExecStopPost=-@SYSTEMCTL@ --fail --no-block default

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       722
        
       diff --git a/units/sysinit.target b/units/sysinit.target

     

       723
        
       index 8f4fb8f..e0f0147 100644

     

       724
        
       --- a/units/sysinit.target

     
···

       731
        
       -After=local-fs.target swap.target emergency.service emergency.target

     

       732
        
       +After=emergency.service emergency.target

     

       733
        
        RefuseManualStart=yes

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       734
        
       diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in

     

       735
       -
       index ab2e50c..9563a7d 100644

     

       736
        
       --- a/units/systemd-journald.service.in

     

       737
        
       +++ b/units/systemd-journald.service.in

     

       738
       -
       @@ -24,3 +24,8 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG C

     

       739
        
        # Increase the default a bit in order to allow many simultaneous

     

       740
        
        # services being run since we keep one fd open per service.

     

       741
        
        LimitNOFILE=16384

     
···

       744
        
       +# journald to stop logging (see

     

       745
        
       +# https://bugs.freedesktop.org/show_bug.cgi?id=56043).

     

       746
        
       +X-RestartIfChanged=no

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       747
        
       diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in

     

       748
        
       index 0869e73..b6ed958 100644

     

       749
        
       --- a/units/systemd-user-sessions.service.in

···

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1
        
       diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in

     

       2
       +
       index db72373..2fc12ca 100644

     

       3
        
       --- a/rules/99-systemd.rules.in

     

       4
        
       +++ b/rules/99-systemd.rules.in

     

       5
        
       @@ -14,10 +14,6 @@ KERNEL=="vport*", TAG+="systemd"

     

       6
       +
        SUBSYSTEM=="block", KERNEL!="ram*", TAG+="systemd"

     

       7
       +
        SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0"

     

       8
        
        

     

       9
        
       -# Ignore encrypted devices with no identified superblock on it, since

     

       10
        
       -# we are probably still calling mke2fs or mkswap on it.

     

       11
       +
       -SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0"

     

       12
        
       -

     

       13
        
        # Ignore raid devices that are not yet assembled and started

     

       14
        
        SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0"

     

       15
        
        SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       16
        
       diff --git a/src/core/main.c b/src/core/main.c

     

       17
       +
       index 41605ee..8517369 100644

     

       18
        
       --- a/src/core/main.c

     

       19
        
       +++ b/src/core/main.c

     

       20
       +
       @@ -1883,7 +1883,7 @@ finish:

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       21
        
                                char_array_0(sfd);

     

       22
        
        

     

       23
        
                                i = 0;

     
···

       26
        
                                if (switch_root_dir)

     

       27
        
                                        args[i++] = "--switched-root";

     

       28
        
                                args[i++] = arg_running_as == SYSTEMD_SYSTEM ? "--system" : "--user";

     

       29
       +
       diff --git a/src/core/socket.c b/src/core/socket.c

     

       30
       +
       index 7c18a2b..eba67d5 100644

     

       31
       +
       --- a/src/core/socket.c

     

       32
       +
       +++ b/src/core/socket.c

     

       33
       +
       @@ -663,16 +663,25 @@ static int instance_from_socket(int fd, unsigned nr, char **instance) {

     

       34
       +
                        int k;

     

       35
        
        

     

       36
       +
                        k = getpeercred(fd, &ucred);

     

       37
       +
       -                if (k < 0)

     

       38
       +
       +                if (k == -ENODATA) {

     

       39
       +
       +                        /* This handles the case where somebody is

     

       40
       +
       +                         * connecting from another pid/uid namespace

     

       41
       +
       +                         * (e.g. from outside of our container). */

     

       42
       +
       +                        if (asprintf(&r,

     

       43
       +
       +                                     "%u-unknown",

     

       44
       +
       +                                     nr) < 0)

     

       45
       +
       +                                return -ENOMEM;

     

       46
       +
       +                }

     

       47
       +
       +                else if (k < 0)

     

       48
       +
                                return k;

     

       49
       +
       -

     

       50
       +
       -                if (asprintf(&r,

     

       51
       +
       -                             "%u-%lu-%lu",

     

       52
       +
       -                             nr,

     

       53
       +
       -                             (unsigned long) ucred.pid,

     

       54
       +
       -                             (unsigned long) ucred.uid) < 0)

     

       55
       +
       -                        return -ENOMEM;

     

       56
       +
       -

     

       57
       +
       +                else {

     

       58
       +
       +                        if (asprintf(&r,

     

       59
       +
       +                                     "%u-%lu-%lu",

     

       60
       +
       +                                     nr,

     

       61
       +
       +                                     (unsigned long) ucred.pid,

     

       62
       +
       +                                     (unsigned long) ucred.uid) < 0)

     

       63
       +
       +                                return -ENOMEM;

     

       64
       +
       +                }

     

       65
       +
                        break;

     

       66
       +
                }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       67
        
        

     

       0
        
       
     

       0
        
       
     

       68
        
       diff --git a/src/core/umount.c b/src/core/umount.c

     

       69
       +
       index d1258f0..0311812 100644

     

       70
        
       --- a/src/core/umount.c

     

       71
        
       +++ b/src/core/umount.c

     

       72
       +
       @@ -404,6 +404,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e

     

       73
        
                         * anyway, since we are running from it. They have

     

       74
        
                         * already been remounted ro. */

     

       75
        
                        if (path_equal(m->path, "/")

     
···

       78
        
        #ifndef HAVE_SPLIT_USR

     

       79
        
                            || path_equal(m->path, "/usr")

     

       80
        
        #endif

     

       81
       +
       diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c

     

       82
       +
       index 9a9ed9d..9e46e18 100644

     

       83
       +
       --- a/src/nspawn/nspawn.c

     

       84
       +
       +++ b/src/nspawn/nspawn.c

     

       85
       +
       @@ -2667,6 +2667,7 @@ int main(int argc, char *argv[]) {

     

       86
       +
                                        goto finish;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       87
        
                                }

     

       88
       +
                        } else {

     

       89
       +
       +#if 0

     

       90
       +
                                const char *p;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       91
        
        

     

       92
       +
                                p = strappenda(arg_directory,

     

       93
       +
       @@ -2676,6 +2677,7 @@ int main(int argc, char *argv[]) {

     

       94
       +
                                        goto finish;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       95
        
        

     

       96
       +
                                }

     

       97
       +
       +#endif

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       98
        
                        }

     

       99
       +
                } else {

     

       100
       +
                        char template[] = "/tmp/nspawn-root-XXXXXX";

     

       101
        
       diff --git a/src/nss-myhostname/netlink.c b/src/nss-myhostname/netlink.c

     

       102
       +
       index d61ecdf..228a3a4 100644

     

       103
        
       --- a/src/nss-myhostname/netlink.c

     

       104
        
       +++ b/src/nss-myhostname/netlink.c

     

       105
       +
       @@ -112,6 +112,10 @@ static int read_reply(int fd, struct address **list, unsigned *n_list) {

     

       106
        
                            ifaddrmsg->ifa_scope == RT_SCOPE_NOWHERE)

     

       107
        
                                continue;

     

       108
        
        

     
···

       113
        
                        if (ifaddrmsg->ifa_flags & IFA_F_DEPRECATED)

     

       114
        
                                continue;

     

       115
        
        

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       116
        
       diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c

     

       117
       +
       index 0887bc3..6b502ce 100644

     

       118
        
       --- a/src/systemctl/systemctl.c

     

       119
        
       +++ b/src/systemctl/systemctl.c

     

       120
       +
       @@ -2561,7 +2561,7 @@ static int start_unit_one(

     

       121
        
        

     

       122
       +
                        log_debug("Adding %s to the set", p);

     

       123
       +
                        r = set_consume(s, p);

     

       124
       +
       -                if (r < 0)

     

       125
       +
       +                if (r < 0 && r != -EEXIST)

     

       126
       +
                                return log_oom();

     

       127
       +
                }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       128
        
        

     

       129
       +
       diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in

     

       130
       +
       index 8ac51a4..cae9fb5 100644

     

       131
       +
       --- a/units/console-getty.service.m4.in

     

       132
       +
       +++ b/units/console-getty.service.m4.in

     

       133
       +
       @@ -15,7 +15,6 @@ After=rc-local.service

     

       134
       +
        Before=getty.target

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       135
        
        

     

       136
       +
        [Service]

     

       137
       +
       -ExecStart=-/sbin/agetty --noclear --keep-baud console 115200,38400,9600 $TERM

     

       138
       +
        Type=idle

     

       139
       +
        Restart=always

     

       140
       +
        RestartSec=0

     

       141
       +
       diff --git a/units/container-getty@.service.m4.in b/units/container-getty@.service.m4.in

     

       142
       +
       index 4f7794b..bad2a9a 100644

     

       143
       +
       --- a/units/container-getty@.service.m4.in

     

       144
       +
       +++ b/units/container-getty@.service.m4.in

     

       145
       +
       @@ -16,7 +16,6 @@ Before=getty.target

     

       146
       +
        IgnoreOnIsolate=yes

     

       147
        
        

     

       148
       +
        [Service]

     

       149
       +
       -ExecStart=-/sbin/agetty --noclear --keep-baud pts/%I 115200,38400,9600 $TERM

     

       150
       +
        Type=idle

     

       151
       +
        Restart=always

     

       152
       +
        RestartSec=0

     

       0
        
       
     

       153
        
       diff --git a/units/emergency.service.in b/units/emergency.service.in

     

       154
       +
       index 94c090f..0d20640 100644

     

       155
        
       --- a/units/emergency.service.in

     

       156
        
       +++ b/units/emergency.service.in

     

       157
        
       @@ -15,7 +15,6 @@ Before=shutdown.target

     
···

       162
        
        ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" to try again\\nto boot into default mode.'

     

       163
        
        ExecStart=-/sbin/sulogin

     

       164
        
        ExecStopPost=@SYSTEMCTL@ --fail --no-block default

     

       165
       +
       diff --git a/units/getty@.service.m4 b/units/getty@.service.m4

     

       166
       +
       index aa853b8..8bcc647 100644

     

       167
       +
       --- a/units/getty@.service.m4

     

       168
       +
       +++ b/units/getty@.service.m4

     

       169
       +
       @@ -23,11 +23,12 @@ IgnoreOnIsolate=yes

     

       170
       +
        # On systems without virtual consoles, don't start any getty. Note

     

       171
       +
        # that serial gettys are covered by serial-getty@.service, not this

     

       172
       +
        # unit.

     

       173
       +
       -ConditionPathExists=/dev/tty0

     

       174
       +
       +ConditionPathExists=|/dev/tty0

     

       175
       +
       +ConditionVirtualization=|lxc

     

       176
       +
       +ConditionVirtualization=|lxc-libvirt

     

       177
       +
        

     

       178
       +
        [Service]

     

       179
       +
        # the VT is cleared by TTYVTDisallocate

     

       180
       +
       -ExecStart=-/sbin/agetty --noclear %I $TERM

     

       181
       +
        Type=idle

     

       182
       +
        Restart=always

     

       183
       +
        RestartSec=0

     

       184
       +
       diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in

     

       185
       +
       index 368f980..d0c1bd2 100644

     

       186
       +
       --- a/units/kmod-static-nodes.service.in

     

       187
       +
       +++ b/units/kmod-static-nodes.service.in

     

       188
       +
       @@ -10,7 +10,6 @@ Description=Create list of required static device nodes for the current kernel

     

       189
       +
        DefaultDependencies=no

     

       190
       +
        Before=sysinit.target systemd-tmpfiles-setup-dev.service

     

       191
       +
        ConditionCapability=CAP_MKNOD

     

       192
       +
       -ConditionPathExists=/lib/modules/%v/modules.devname

     

       193
       +
        

     

       194
       +
        [Service]

     

       195
       +
        Type=oneshot

     

       196
        
       diff --git a/units/local-fs.target b/units/local-fs.target

     

       197
       +
       index ae3cedc..0e36840 100644

     

       198
        
       --- a/units/local-fs.target

     

       199
        
       +++ b/units/local-fs.target

     

       200
       +
       @@ -13,3 +13,5 @@ DefaultDependencies=no

     

       201
       +
        Conflicts=shutdown.target

     

       202
        
        OnFailure=emergency.target

     

       203
       +
        OnFailureJobMode=replace-irreversibly

     

       204
        
       +

     

       205
        
       +X-StopOnReconfiguration=yes

     

       206
        
       diff --git a/units/remote-fs.target b/units/remote-fs.target

     

       207
       +
       index 43ffa5c..156a681 100644

     

       208
        
       --- a/units/remote-fs.target

     

       209
        
       +++ b/units/remote-fs.target

     

       210
       +
       @@ -12,5 +12,7 @@ After=remote-fs-pre.target

     

       211
       +
        DefaultDependencies=no

     

       212
       +
        Conflicts=shutdown.target

     

       213
        
        

     

       214
        
       +X-StopOnReconfiguration=yes

     

       215
        
       +

     

       216
        
        [Install]

     

       217
        
        WantedBy=multi-user.target

     

       218
        
       diff --git a/units/rescue.service.m4.in b/units/rescue.service.m4.in

     

       219
       +
       index 552ef89..af3915f 100644

     

       220
        
       --- a/units/rescue.service.m4.in

     

       221
        
       +++ b/units/rescue.service.m4.in

     

       222
        
       @@ -16,7 +16,6 @@ Before=shutdown.target

     
···

       227
        
        ExecStartPre=-/bin/echo -e 'Welcome to rescue mode! Type "systemctl default" or ^D to enter default mode.\\nType "journalctl -xb" to view system logs. Type "systemctl reboot" to reboot.'

     

       228
        
        ExecStart=-/sbin/sulogin

     

       229
        
        ExecStopPost=-@SYSTEMCTL@ --fail --no-block default

     

       230
       +
       diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4

     

       231
       +
       index 4ac51e7..86a3b59 100644

     

       232
       +
       --- a/units/serial-getty@.service.m4

     

       233
       +
       +++ b/units/serial-getty@.service.m4

     

       234
       +
       @@ -22,7 +22,6 @@ Before=getty.target

     

       235
       +
        IgnoreOnIsolate=yes

     

       236
       +
        

     

       237
       +
        [Service]

     

       238
       +
       -ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 %I $TERM

     

       239
       +
        Type=idle

     

       240
       +
        Restart=always

     

       241
       +
        RestartSec=0

     

       242
        
       diff --git a/units/sysinit.target b/units/sysinit.target

     

       243
        
       index 8f4fb8f..e0f0147 100644

     

       244
        
       --- a/units/sysinit.target

     
···

       251
        
       -After=local-fs.target swap.target emergency.service emergency.target

     

       252
        
       +After=emergency.service emergency.target

     

       253
        
        RefuseManualStart=yes

     

       254
       +
       diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in

     

       255
       +
       index e945d87..77728f2 100644

     

       256
       +
       --- a/units/systemd-backlight@.service.in

     

       257
       +
       +++ b/units/systemd-backlight@.service.in

     

       258
       +
       @@ -19,3 +19,4 @@ Type=oneshot

     

       259
       +
        RemainAfterExit=yes

     

       260
       +
        ExecStart=@rootlibexecdir@/systemd-backlight load %i

     

       261
       +
        ExecStop=@rootlibexecdir@/systemd-backlight save %i

     

       262
       +
       +X-RestartIfChanged=false

     

       263
        
       diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in

     

       264
       +
       index de93879..c9a49f3 100644

     

       265
        
       --- a/units/systemd-journald.service.in

     

       266
        
       +++ b/units/systemd-journald.service.in

     

       267
       +
       @@ -25,3 +25,8 @@ WatchdogSec=1min

     

       268
        
        # Increase the default a bit in order to allow many simultaneous

     

       269
        
        # services being run since we keep one fd open per service.

     

       270
        
        LimitNOFILE=16384

     
···

       273
        
       +# journald to stop logging (see

     

       274
        
       +# https://bugs.freedesktop.org/show_bug.cgi?id=56043).

     

       275
        
       +X-RestartIfChanged=no

     

       276
       +
       diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in

     

       277
       +
       index 1879b2f..9b895b9 100644

     

       278
       +
       --- a/units/systemd-random-seed.service.in

     

       279
       +
       +++ b/units/systemd-random-seed.service.in

     

       280
       +
       @@ -19,3 +19,4 @@ Type=oneshot

     

       281
       +
        RemainAfterExit=yes

     

       282
       +
        ExecStart=@rootlibexecdir@/systemd-random-seed load

     

       283
       +
        ExecStop=@rootlibexecdir@/systemd-random-seed save

     

       284
       +
       +X-RestartIfChanged=false

     

       285
       +
       diff --git a/units/systemd-rfkill@.service.in b/units/systemd-rfkill@.service.in

     

       286
       +
       index 9d264a2..c505535 100644

     

       287
       +
       --- a/units/systemd-rfkill@.service.in

     

       288
       +
       +++ b/units/systemd-rfkill@.service.in

     

       289
       +
       @@ -19,3 +19,4 @@ Type=oneshot

     

       290
       +
        RemainAfterExit=yes

     

       291
       +
        ExecStart=@rootlibexecdir@/systemd-rfkill load %I

     

       292
       +
        ExecStop=@rootlibexecdir@/systemd-rfkill save %I

     

       293
       +
       +X-RestartIfChanged=false

     

       294
       +
       diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in

     

       295
       +
       index da7dda7..4cc550d 100644

     

       296
       +
       --- a/units/systemd-update-utmp.service.in

     

       297
       +
       +++ b/units/systemd-update-utmp.service.in

     

       298
       +
       @@ -19,3 +19,4 @@ Type=oneshot

     

       299
       +
        RemainAfterExit=yes

     

       300
       +
        ExecStart=@rootlibexecdir@/systemd-update-utmp reboot

     

       301
       +
        ExecStop=@rootlibexecdir@/systemd-update-utmp shutdown

     

       302
       +
       +X-RestartIfChanged=false

     

       303
        
       diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in

     

       304
        
       index 0869e73..b6ed958 100644

     

       305
        
       --- a/units/systemd-user-sessions.service.in

-81

pkgs/os-specific/linux/systemd/libc-bug-accept4-arm.patch

···

       1
       -
       Based on a patch for udev in

     

       2
       -
       nixpkgs(upstart)/pkgs/os-specific/linux/udev/pre-accept4-kernel.patch

     

       3
       -
       

     

       4
       -
       It was taken from:

     

       5
       -
       https://github.com/archlinuxarm/PKGBUILDs/blob/master/core/udev-oxnas/pre-accept4-kernel.patch

     

       6
       -
       

     

       7
       -
       Basically, ARM implemented accept4() only in 2.6.36. Nixpkgs now uses

     

       8
       -
       linux headers from 2.6.35. And the particular nixpkgs glibc version had a bug,

     

       9
       -
       not checking about 2.6.36 for accept4 on arm.

     

       10
       -
       

     

       11
       -
       diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c

     

       12
       -
       index 7b88f74..a9f7b62 100644

     

       13
       -
       --- a/src/journal/journald-stream.c

     

       14
       -
       +++ b/src/journal/journald-stream.c

     

       15
       -
       @@ -347,10 +347,12 @@ int stdout_stream_new(Server *s) {

     

       16
       -
                int fd, r;

     

       17
       -
                socklen_t len;

     

       18
       -
                struct epoll_event ev;

     

       19
       -
       +        int flgs;

     

       20
       -
        

     

       21
       -
                assert(s);

     

       22
       -
        

     

       23
       -
       -        fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);

     

       24
       -
       +        //fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);

     

       25
       -
       +        fd = accept(s->stdout_fd, NULL, NULL);

     

       26
       -
                if (fd < 0) {

     

       27
       -
                        if (errno == EAGAIN)

     

       28
       -
                                return 0;

     

       29
       -
       @@ -359,6 +361,11 @@ int stdout_stream_new(Server *s) {

     

       30
       -
                        return -errno;

     

       31
       -
                }

     

       32
       -
        

     

       33
       -
       +        // Since we don't have accept4

     

       34
       -
       +        flgs = fcntl(fd, F_GETFL, NULL);

     

       35
       -
       +        if(flgs >= 0) fcntl(fd, F_SETFL, flgs | O_NONBLOCK);

     

       36
       -
       +        fcntl(fd, F_SETFD, FD_CLOEXEC);

     

       37
       -
       +

     

       38
       -
                if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {

     

       39
       -
                        log_warning("Too many stdout streams, refusing connection.");

     

       40
       -
                        close_nointr_nofail(fd);

     

       41
       -
       diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c

     

       42
       -
       index a235912..c05e4b4 100644

     

       43
       -
       --- a/src/udev/udev-ctrl.c

     

       44
       -
       +++ b/src/udev/udev-ctrl.c

     

       45
       -
       @@ -15,6 +15,7 @@

     

       46
       -
        #include <stddef.h>

     

       47
       -
        #include <string.h>

     

       48
       -
        #include <unistd.h>

     

       49
       -
       +#include <fcntl.h>

     

       50
       -
        #include <sys/types.h>

     

       51
       -
        #include <sys/poll.h>

     

       52
       -
        #include <sys/socket.h>

     

       53
       -
       @@ -181,6 +182,7 @@ struct udev_ctrl_connection *udev_ctrl_get_connection(struct udev_ctrl *uctrl)

     

       54
       -
                struct ucred ucred;

     

       55
       -
                socklen_t slen;

     

       56
       -
                const int on = 1;

     

       57
       -
       +        int flgs;

     

       58
       -
        

     

       59
       -
                conn = calloc(1, sizeof(struct udev_ctrl_connection));

     

       60
       -
                if (conn == NULL)

     

       61
       -
       @@ -188,13 +190,19 @@ struct udev_ctrl_connection *udev_ctrl_get_connection(struct udev_ctrl *uctrl)

     

       62
       -
                conn->refcount = 1;

     

       63
       -
                conn->uctrl = uctrl;

     

       64
       -
        

     

       65
       -
       -        conn->sock = accept4(uctrl->sock, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK);

     

       66
       -
       +        //conn->sock = accept4(uctrl->sock, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK);

     

       67
       -
       +        conn->sock = accept(uctrl->sock, NULL, NULL);

     

       68
       -
                if (conn->sock < 0) {

     

       69
       -
                        if (errno != EINTR)

     

       70
       -
                                log_error("unable to receive ctrl connection: %m\n");

     

       71
       -
                        goto err;

     

       72
       -
                }

     

       73
       -
        

     

       74
       -
       +        // Since we don't have accept4

     

       75
       -
       +        flgs = fcntl(conn->sock, F_GETFL, NULL);

     

       76
       -
       +        if(flgs >= 0) fcntl(conn->sock, F_SETFL, flgs | O_NONBLOCK);

     

       77
       -
       +        fcntl(conn->sock, F_SETFD, FD_CLOEXEC);

     

       78
       -
       +

     

       79
       -
                /* check peer credential of connection */

     

       80
       -
                slen = sizeof(ucred);

     

       81
       -
                if (getsockopt(conn->sock, SOL_SOCKET, SO_PEERCRED, &ucred, &slen) < 0) {

+4 -8

pkgs/os-specific/linux/util-linux/default.nix

···

       1
        
       { stdenv, fetchurl, zlib, ncurses ? null, perl ? null, pam }:

     

       2
       -
       let

     

       3
       -
         ver = "2.24";

     

       4
       -
       in

     

       5
        
       stdenv.mkDerivation rec {

     

       6
       -
         name = "util-linux-${ver}";

     

       7
        
       

     

       8
        
         src = fetchurl {

     

       9
       -
           url = "http://www.kernel.org/pub/linux/utils/util-linux/v${ver}/${name}.tar.bz2";

     

       10
       -
           sha256 = "1nfnymj03rdcxjb677a9qq1zirppr8csh32cb85qm23x5xndi6v3";

     

       11
        
         };

     

       12
        
       

     

       13
        
         crossAttrs = {

     
···

       19
        
         # (/sbin/mount.*) through an environment variable, but that's

     

       20
        
         # somewhat risky because we have to consider that mount can setuid

     

       21
        
         # root...

     

       22
       -
         # --enable-libmount-mount  fixes the behaviour being /etc/mtab a symlink to /proc/monunts

     

       23
       -
         #     http://pl.digipedia.org/usenet/thread/19513/1924/

     

       24
        
         configureFlags = ''

     

       25
        
           --enable-write

     

       26
        
           --enable-last

···

       1
        
       { stdenv, fetchurl, zlib, ncurses ? null, perl ? null, pam }:

     

       2
       +
       

     

       0
        
       
     

       0
        
       
     

       3
        
       stdenv.mkDerivation rec {

     

       4
       +
         name = "util-linux-2.24.1";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
       +
           url = "http://www.kernel.org/pub/linux/utils/util-linux/v2.24/${name}.tar.xz";

     

       8
       +
           sha256 = "0444xhfm9525v3aagyfbp38mp7xsw2fn9zg4ya713c7s5hivcpl3";

     

       9
        
         };

     

       10
        
       

     

       11
        
         crossAttrs = {

     
···

       17
        
         # (/sbin/mount.*) through an environment variable, but that's

     

       18
        
         # somewhat risky because we have to consider that mount can setuid

     

       19
        
         # root...

     

       0
        
       
     

       0
        
       
     

       20
        
         configureFlags = ''

     

       21
        
           --enable-write

     

       22
        
           --enable-last

+3 -3

pkgs/servers/x11/xorg/default.nix

···

       1960
        
         })) // {inherit ;};

     

       1961
        
       

     

       1962
        
         xorgserver = (stdenv.mkDerivation ((if overrides ? xorgserver then overrides.xorgserver else x: x) {

     

       1963
       -
           name = "xorg-server-1.14.5";

     

       1964
        
           builder = ./builder.sh;

     

       1965
        
           src = fetchurl {

     

       1966
       -
             url = mirror://xorg/individual/xserver/xorg-server-1.14.5.tar.bz2;

     

       1967
       -
             sha256 = "1lb1fkscy7nwnabfj0d2shvxga16i047g11if18plj0n2jzhc3wd";

     

       1968
        
           };

     

       1969
        
           buildInputs = [pkgconfig renderproto libdrm openssl libX11 libXau libXaw libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt libXv ];

     

       1970
        
         })) // {inherit renderproto libdrm openssl libX11 libXau libXaw libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt libXv ;};

···

       1960
        
         })) // {inherit ;};

     

       1961
        
       

     

       1962
        
         xorgserver = (stdenv.mkDerivation ((if overrides ? xorgserver then overrides.xorgserver else x: x) {

     

       1963
       +
           name = "xorg-server-1.14.6";

     

       1964
        
           builder = ./builder.sh;

     

       1965
        
           src = fetchurl {

     

       1966
       +
             url = mirror://xorg/individual/xserver/xorg-server-1.14.6.tar.bz2;

     

       1967
       +
             sha256 = "0c57vp1z0p38dj5gfipkmlw6bvbz1mrr0sb3sbghdxxdyq4kzcz8";

     

       1968
        
           };

     

       1969
        
           buildInputs = [pkgconfig renderproto libdrm openssl libX11 libXau libXaw libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt libXv ];

     

       1970
        
         })) // {inherit renderproto libdrm openssl libX11 libXau libXaw libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt libXv ;};

+1 -1

pkgs/servers/x11/xorg/tarballs-7.7.list

···

       170
        
       mirror://xorg/individual/app/xlsclients-1.1.3.tar.bz2

     

       171
        
       mirror://xorg/individual/app/xmodmap-1.0.8.tar.bz2

     

       172
        
       mirror://xorg/X11R7.7/src/everything/xorg-docs-1.7.tar.bz2

     

       173
       -
       mirror://xorg/individual/xserver/xorg-server-1.14.5.tar.bz2

     

       174
        
       mirror://xorg/X11R7.7/src/everything/xorg-sgml-doctools-1.11.tar.bz2

     

       175
        
       mirror://xorg/X11R7.7/src/everything/xpr-1.0.4.tar.bz2

     

       176
        
       mirror://xorg/individual/app/xprop-1.2.2.tar.bz2

···

       170
        
       mirror://xorg/individual/app/xlsclients-1.1.3.tar.bz2

     

       171
        
       mirror://xorg/individual/app/xmodmap-1.0.8.tar.bz2

     

       172
        
       mirror://xorg/X11R7.7/src/everything/xorg-docs-1.7.tar.bz2

     

       173
       +
       mirror://xorg/individual/xserver/xorg-server-1.14.6.tar.bz2

     

       174
        
       mirror://xorg/X11R7.7/src/everything/xorg-sgml-doctools-1.11.tar.bz2

     

       175
        
       mirror://xorg/X11R7.7/src/everything/xpr-1.0.4.tar.bz2

     

       176
        
       mirror://xorg/individual/app/xprop-1.2.2.tar.bz2

+8 -10

pkgs/stdenv/generic/default.nix

···

       58
        
                 pos' = if pos != null then "‘" + pos.file + ":" + toString pos.line + "’" else "«unknown-file»";

     

       59
        
               in

     

       60
        
               if !allowUnfree && (let l = lib.lists.toList attrs.meta.license or []; in lib.lists.elem "unfree" l || lib.lists.elem "unfree-redistributable" l) then

     

       61
       -
                 throw ''package ‘${attrs.name}’ in ${pos'} has an unfree license, refusing to evaluate.

     

       62
       -
                        You can set

     

       63
       -
                           { nixpkgs.config.allowUnfree = true; }

     

       64
       -
                        in configuration.nix to override this.

     

       65
       -
                        If you use Nix standalone, you can add

     

       66
       -
                           { config.allowUnfree = true; }

     

       67
       -
                        to ~/.nixpkgs/config.nix or pass

     

       68
       -
                           --arg config '{ allowUnfree = true; }'

     

       69
       -
                        on the command line.

     

       70
       -
                       ''

     

       71
        
               else if !allowBroken && attrs.meta.broken or false then

     

       72
        
                 throw "you can't use package ‘${attrs.name}’ in ${pos'} because it has been marked as broken"

     

       73
        
               else if !allowBroken && attrs.meta.platforms or null != null && !lib.lists.elem result.system attrs.meta.platforms then

···

       58
        
                 pos' = if pos != null then "‘" + pos.file + ":" + toString pos.line + "’" else "«unknown-file»";

     

       59
        
               in

     

       60
        
               if !allowUnfree && (let l = lib.lists.toList attrs.meta.license or []; in lib.lists.elem "unfree" l || lib.lists.elem "unfree-redistributable" l) then

     

       61
       +
                 throw ''

     

       62
       +
                   Package ‘${attrs.name}’ in ${pos'} has an unfree license, refusing to evaluate. You can set

     

       63
       +
                     { nixpkgs.config.allowUnfree = true; }

     

       64
       +
                   in configuration.nix to override this. If you use Nix standalone, you can add

     

       65
       +
                     { config.allowUnfree = true; }

     

       66
       +
                   to ~/.nixpkgs/config.nix or pass

     

       67
       +
                     --arg config '{ allowUnfree = true; }'

     

       68
       +
                   on the command line.''

     

       0
        
       
     

       0
        
       
     

       69
        
               else if !allowBroken && attrs.meta.broken or false then

     

       70
        
                 throw "you can't use package ‘${attrs.name}’ in ${pos'} because it has been marked as broken"

     

       71
        
               else if !allowBroken && attrs.meta.platforms or null != null && !lib.lists.elem result.system attrs.meta.platforms then

+2 -2

pkgs/tools/networking/dhcpcd/default.nix

···

       1
        
       { stdenv, fetchurl, pkgconfig, udev }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       -
         name = "dhcpcd-6.2.1";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
        
           url = "http://roy.marples.name/downloads/dhcpcd/${name}.tar.bz2";

     

       8
       -
           sha256 = "1gs23zwhzml2aam4j6rdncaqfv3z5n1ifx6lq4b8ccifqa87gbga";

     

       9
        
         };

     

       10
        
       

     

       11
        
         patches = [ ./lxc_ro_promote_secondaries.patch ];

···

       1
        
       { stdenv, fetchurl, pkgconfig, udev }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
       +
         name = "dhcpcd-6.3.2";

     

       5
        
       

     

       6
        
         src = fetchurl {

     

       7
        
           url = "http://roy.marples.name/downloads/dhcpcd/${name}.tar.bz2";

     

       8
       +
           sha256 = "1v2m5wdr6x5cz6i0n1y63am9dhj5j7ylrk717scjgwwjdbq1x75n";

     

       9
        
         };

     

       10
        
       

     

       11
        
         patches = [ ./lxc_ro_promote_secondaries.patch ];

+16 -15

pkgs/top-level/all-packages.nix

···

       829
        
       

     

       830
        
         dhcpcd = callPackage ../tools/networking/dhcpcd { };

     

       831
        
       

     

       832
       -
         dhcpcd_without_udev = callPackage ../tools/networking/dhcpcd { udev = null; };

     

       833
       -
       

     

       834
        
         diffstat = callPackage ../tools/text/diffstat { };

     

       835
        
       

     

       836
        
         diffutils = callPackage ../tools/text/diffutils { };

     
···

       4192
        
         dbus_glib       = callPackage ../development/libraries/dbus-glib { };

     

       4193
        
         dbus_java       = callPackage ../development/libraries/java/dbus-java { };

     

       4194
        
         dbus_python     = callPackage ../development/python-modules/dbus { };

     

       0
        
       
     

       4195
        
         # Should we deprecate these? Currently there are many references.

     

       4196
       -
         dbus_tools = dbus.tools;

     

       4197
       -
         dbus_libs = dbus.libs;

     

       4198
       -
         dbus_daemon = dbus.daemon;

     

       4199
        
       

     

       4200
        
         dhex = callPackage ../applications/editors/dhex { };

     

       4201
        
       

     
···

       6869
        
         libnl = callPackage ../os-specific/linux/libnl { };

     

       6870
        
         libnl_3_2_19 = callPackage ../os-specific/linux/libnl/3.2.19.nix { };

     

       6871
        
       

     

       6872
       -
         linuxHeaders = linuxHeaders37;

     

       6873
       -
       

     

       6874
        
         linuxConsoleTools = callPackage ../os-specific/linux/consoletools { };

     

       6875
        
       

     

       6876
       -
         linuxHeaders26 = callPackage ../os-specific/linux/kernel-headers/2.6.32.nix { };

     

       6877
       -
       

     

       6878
       -
         linuxHeaders37 = callPackage ../os-specific/linux/kernel-headers/3.7.nix { };

     

       6879
        
       

     

       6880
       -
         linuxHeaders26Cross = forceNativeDrv (import ../os-specific/linux/kernel-headers/2.6.32.nix {

     

       6881
        
           inherit stdenv fetchurl perl;

     

       6882
        
           cross = assert crossSystem != null; crossSystem;

     

       6883
        
         });

     

       6884
        
       

     

       6885
       -
         linuxHeaders24Cross = forceNativeDrv (import ../os-specific/linux/kernel-headers/2.4.nix {

     

       6886
        
           inherit stdenv fetchurl perl;

     

       6887
        
           cross = assert crossSystem != null; crossSystem;

     

       6888
        
         });

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       6889
        
       

     

       6890
        
         # We can choose:

     

       6891
        
         linuxHeadersCrossChooser = ver : if ver == "2.4" then linuxHeaders24Cross

     
···

       6894
        
       

     

       6895
        
         linuxHeadersCross = assert crossSystem != null;

     

       6896
        
           linuxHeadersCrossChooser crossSystem.platform.kernelMajor;

     

       6897
       -
       

     

       6898
       -
         linuxHeaders_2_6_28 = callPackage ../os-specific/linux/kernel-headers/2.6.28.nix { };

     

       6899
        
       

     

       6900
        
         kernelPatches = callPackage ../os-specific/linux/kernel/patches.nix { };

     

       6901
        
       

     
···

       7004
        
           blcr = callPackage ../os-specific/linux/blcr { };

     

       7005
        
       

     

       7006
        
           cryptodev = callPackage ../os-specific/linux/cryptodev { };

     

       0
        
       
     

       0
        
       
     

       7007
        
       

     

       7008
        
           e1000e = callPackage ../os-specific/linux/e1000e {};

     

       7009
        
       

     
···

       7262
        
       

     

       7263
        
         sysstat = callPackage ../os-specific/linux/sysstat { };

     

       7264
        
       

     

       7265
       -
         systemd = callPackage ../os-specific/linux/systemd { };

     

       0
        
       
     

       0
        
       
     

       7266
        
       

     

       7267
        
         systemtap = callPackage ../development/tools/profiling/systemtap {

     

       7268
        
           inherit (gnome) libglademm;

···

       829
        
       

     

       830
        
         dhcpcd = callPackage ../tools/networking/dhcpcd { };

     

       831
        
       

     

       0
        
       
     

       0
        
       
     

       832
        
         diffstat = callPackage ../tools/text/diffstat { };

     

       833
        
       

     

       834
        
         diffutils = callPackage ../tools/text/diffutils { };

     
···

       4190
        
         dbus_glib       = callPackage ../development/libraries/dbus-glib { };

     

       4191
        
         dbus_java       = callPackage ../development/libraries/java/dbus-java { };

     

       4192
        
         dbus_python     = callPackage ../development/python-modules/dbus { };

     

       4193
       +
       

     

       4194
        
         # Should we deprecate these? Currently there are many references.

     

       4195
       +
         dbus_tools = pkgs.dbus.tools;

     

       4196
       +
         dbus_libs = pkgs.dbus.libs;

     

       4197
       +
         dbus_daemon = pkgs.dbus.daemon;

     

       4198
        
       

     

       4199
        
         dhex = callPackage ../applications/editors/dhex { };

     

       4200
        
       

     
···

       6868
        
         libnl = callPackage ../os-specific/linux/libnl { };

     

       6869
        
         libnl_3_2_19 = callPackage ../os-specific/linux/libnl/3.2.19.nix { };

     

       6870
        
       

     

       0
        
       
     

       0
        
       
     

       6871
        
         linuxConsoleTools = callPackage ../os-specific/linux/consoletools { };

     

       6872
        
       

     

       6873
       +
         linuxHeaders = linuxHeaders_3_7;

     

       0
        
       
     

       0
        
       
     

       6874
        
       

     

       6875
       +
         linuxHeaders24Cross = forceNativeDrv (import ../os-specific/linux/kernel-headers/2.4.nix {

     

       6876
        
           inherit stdenv fetchurl perl;

     

       6877
        
           cross = assert crossSystem != null; crossSystem;

     

       6878
        
         });

     

       6879
        
       

     

       6880
       +
         linuxHeaders26Cross = forceNativeDrv (import ../os-specific/linux/kernel-headers/2.6.32.nix {

     

       6881
        
           inherit stdenv fetchurl perl;

     

       6882
        
           cross = assert crossSystem != null; crossSystem;

     

       6883
        
         });

     

       6884
       +
       

     

       6885
       +
         linuxHeaders_3_7 = callPackage ../os-specific/linux/kernel-headers/3.7.nix { };

     

       6886
       +
       

     

       6887
       +
         linuxHeaders_3_14 = callPackage ../os-specific/linux/kernel-headers/3.14.nix { };

     

       6888
        
       

     

       6889
        
         # We can choose:

     

       6890
        
         linuxHeadersCrossChooser = ver : if ver == "2.4" then linuxHeaders24Cross

     
···

       6893
        
       

     

       6894
        
         linuxHeadersCross = assert crossSystem != null;

     

       6895
        
           linuxHeadersCrossChooser crossSystem.platform.kernelMajor;

     

       0
        
       
     

       0
        
       
     

       6896
        
       

     

       6897
        
         kernelPatches = callPackage ../os-specific/linux/kernel/patches.nix { };

     

       6898
        
       

     
···

       7001
        
           blcr = callPackage ../os-specific/linux/blcr { };

     

       7002
        
       

     

       7003
        
           cryptodev = callPackage ../os-specific/linux/cryptodev { };

     

       7004
       +
       

     

       7005
       +
           cpupower = callPackage ../os-specific/linux/cpupower { };

     

       7006
        
       

     

       7007
        
           e1000e = callPackage ../os-specific/linux/e1000e {};

     

       7008
        
       

     
···

       7261
        
       

     

       7262
        
         sysstat = callPackage ../os-specific/linux/sysstat { };

     

       7263
        
       

     

       7264
       +
         systemd = callPackage ../os-specific/linux/systemd {

     

       7265
       +
           linuxHeaders = linuxHeaders_3_14;

     

       7266
       +
         };

     

       7267
        
       

     

       7268
        
         systemtap = callPackage ../development/tools/profiling/systemtap {

     

       7269
        
           inherit (gnome) libglademm;