JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #47563 from jameysharp/unscripted

Browse Source 
Replace several activation script snippets with declarative configuration
This commit is contained in:
Jörg Thalheim 2018-10-02 19:21:34 +01:00 committed by GitHub
commit b12c759f76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 32 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nixos/modules/hardware/opengl.nix
View File

@ -129,17 +129,17 @@ in
message = "Option driSupport32Bit only makes sense on a 64-bit system."; message = "Option driSupport32Bit only makes sense on a 64-bit system.";
}; };
system.activationScripts.setup-opengl = systemd.tmpfiles.rules = [
'' "L+ /run/opengl-driver - - - - ${package}"
ln -sfn ${package} /run/opengl-driver (
${if pkgs.stdenv.isi686 then '' if pkgs.stdenv.isi686 then
ln -sfn opengl-driver /run/opengl-driver-32 "L+ /run/opengl-driver-32 - - - - opengl-driver"
'' else if cfg.driSupport32Bit then '' else if cfg.driSupport32Bit then
ln -sfn ${package32} /run/opengl-driver-32 "L+ /run/opengl-driver-32 - - - - ${package32}"
'' else '' else
rm -f /run/opengl-driver-32 "r /run/opengl-driver-32"
''} )
''; ];
environment.sessionVariables.LD_LIBRARY_PATH = environment.sessionVariables.LD_LIBRARY_PATH =
[ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib"; [ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib";

7
nixos/modules/security/pam.nix
View File

@ -548,6 +548,13 @@ in
environment.etc = environment.etc =
mapAttrsToList (n: v: makePAMService v) config.security.pam.services; mapAttrsToList (n: v: makePAMService v) config.security.pam.services;
systemd.tmpfiles.rules = optionals
(any (s: s.updateWtmp) (attrValues config.security.pam.services))
[
"f /var/log/wtmp"
"f /var/log/lastlog"
];
security.pam.services = security.pam.services =
{ other.text = { other.text =
'' ''

10
nixos/modules/security/polkit.nix
View File

@ -88,11 +88,11 @@ in
"polkit-agent-helper-1".source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1"; "polkit-agent-helper-1".source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
}; };
system.activationScripts.polkit = systemd.tmpfiles.rules = [
'' # Probably no more needed, clean up
# Probably no more needed, clean up "R /var/lib/polkit-1"
rm -rf /var/lib/{polkit-1,PolicyKit} "R /var/lib/PolicyKit"
''; ];
users.users.polkituser = { users.users.polkituser = {
description = "PolKit daemon"; description = "PolKit daemon";

8
nixos/modules/system/activation/activation-script.nix
View File

@ -128,14 +128,6 @@ in
'' ''
# Various log/runtime directories. # Various log/runtime directories.
mkdir -m 0755 -p /run/nix/current-load # for distributed builds
mkdir -m 0700 -p /run/nix/remote-stores
mkdir -m 0755 -p /var/log
touch /var/log/wtmp /var/log/lastlog # must exist
chmod 644 /var/log/wtmp /var/log/lastlog
mkdir -m 1777 -p /var/tmp mkdir -m 1777 -p /var/tmp
# Empty, immutable home directory of many system accounts. # Empty, immutable home directory of many system accounts.

8
nixos/modules/system/boot/stage-2-init.sh
View File

@ -152,6 +152,14 @@ ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system
@shell@ @postBootCommands@ @shell@ @postBootCommands@
# Ensure systemd doesn't try to populate /etc, by forcing its first-boot
# heuristic off. It doesn't matter what's in /etc/machine-id for this purpose,
# and systemd will immediately fill in the file when it starts, so just
# creating it is enough. This `: >>` pattern avoids forking and avoids changing
# the mtime if the file already exists.
: >> /etc/machine-id
# Reset the logging file descriptors. # Reset the logging file descriptors.
exec 1>&$logOutFd 2>&$logErrFd exec 1>&$logOutFd 2>&$logErrFd
exec {logOutFd}>&- {logErrFd}>&- exec {logOutFd}>&- {logErrFd}>&-

14
nixos/modules/system/boot/systemd.nix
View File

@ -747,6 +747,7 @@ in
"systemd/journald.conf".text = '' "systemd/journald.conf".text = ''
[Journal] [Journal]
Storage=persistent
RateLimitInterval=${config.services.journald.rateLimitInterval} RateLimitInterval=${config.services.journald.rateLimitInterval}
RateLimitBurst=${toString config.services.journald.rateLimitBurst} RateLimitBurst=${toString config.services.journald.rateLimitBurst}
${optionalString (config.services.journald.console != "") '' ${optionalString (config.services.journald.console != "") ''
@ -783,19 +784,6 @@ in
services.dbus.enable = true; services.dbus.enable = true;
system.activationScripts.systemd = stringAfter [ "groups" ]
''
mkdir -m 0755 -p /var/lib/udev
if ! [ -e /etc/machine-id ]; then
${systemd}/bin/systemd-machine-id-setup
fi
# Keep a persistent journal. Note that systemd-tmpfiles will
# set proper ownership/permissions.
mkdir -m 0700 -p /var/log/journal
'';
users.users.systemd-network.uid = config.ids.uids.systemd-network; users.users.systemd-network.uid = config.ids.uids.systemd-network;
users.groups.systemd-network.gid = config.ids.gids.systemd-network; users.groups.systemd-network.gid = config.ids.gids.systemd-network;
users.users.systemd-resolve.uid = config.ids.uids.systemd-resolve; users.users.systemd-resolve.uid = config.ids.uids.systemd-resolve;