JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #24645 from Mic92/stage-2

Browse Source 
Stage-2 cleanup
This commit is contained in:
Jörg Thalheim 2017-04-08 21:52:22 +02:00 committed by GitHub
commit b4820d4948
3 changed files with 29 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
nixos/modules/system/boot/readonly-mountpoint.c
View File

@ -1,20 +0,0 @@
#include <sys/statvfs.h>
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char ** argv) {
struct statvfs stat;
if (argc != 2) {
fprintf(stderr, "Usage: %s PATH", argv[0]);
exit(2);
}
if (statvfs(argv[1], &stat) != 0) {
perror("statvfs");
exit(3);
}
if (stat.f_flag & ST_RDONLY)
exit(0);
else
exit(1);
}

68
nixos/modules/system/boot/stage-2-init.sh
View File

@ -2,7 +2,22 @@
systemConfig=@systemConfig@ systemConfig=@systemConfig@
export HOME=/root export HOME=/root PATH="@path@"
# Process the kernel command line.
for o in $(</proc/cmdline); do
case $o in
boot.debugtrace)
# Show each command.
set -x
;;
resume=*)
set -- $(IFS==; echo $o)
resumeDevice=$2
;;
esac
done
# Print a greeting. # Print a greeting.
@ -11,21 +26,6 @@ echo -e "\e[1;32m<<< NixOS Stage 2 >>>\e[0m"
echo echo
# Set the PATH.
setPath() {
local dirs="$1"
export PATH=/empty
for i in $dirs; do
PATH=$PATH:$i/bin
if test -e $i/sbin; then
PATH=$PATH:$i/sbin
fi
done
}
setPath "@path@"
# Normally, stage 1 mounts the root filesystem read/writable. # Normally, stage 1 mounts the root filesystem read/writable.
# However, in some environments, stage 2 is executed directly, and the # However, in some environments, stage 2 is executed directly, and the
# root is read-only. So make it writable here. # root is read-only. So make it writable here.
@ -61,7 +61,9 @@ echo "booting system configuration $systemConfig" > /dev/kmsg
chown -f 0:30000 /nix/store chown -f 0:30000 /nix/store
chmod -f 1775 /nix/store chmod -f 1775 /nix/store
if [ -n "@readOnlyStore@" ]; then if [ -n "@readOnlyStore@" ]; then
if ! readonly-mountpoint /nix/store; then if ! [[ "$(findmnt --noheadings --output OPTIONS /nix/store)" =~ ro(,|$) ]]; then
# FIXME when linux < 4.5 is EOL, switch to atomic bind mounts
#mount /nix/store /nix/store -o bind,remount,ro
mount --bind /nix/store /nix/store mount --bind /nix/store /nix/store
mount -o remount,ro,bind /nix/store mount -o remount,ro,bind /nix/store
fi fi
@ -75,31 +77,12 @@ rm -f /etc/mtab* # not that we care about stale locks
ln -s /proc/mounts /etc/mtab ln -s /proc/mounts /etc/mtab
# Process the kernel command line.
for o in $(cat /proc/cmdline); do
case $o in
boot.debugtrace)
# Show each command.
set -x
;;
resume=*)
set -- $(IFS==; echo $o)
resumeDevice=$2
;;
esac
done
# More special file systems, initialise required directories. # More special file systems, initialise required directories.
[ -e /proc/bus/usb ] && mount -t usbfs usbfs /proc/bus/usb # UML doesn't have USB by default [ -e /proc/bus/usb ] && mount -t usbfs usbfs /proc/bus/usb # UML doesn't have USB by default
mkdir -m 01777 -p /tmp mkdir -m 01777 -p /tmp
mkdir -m 0755 -p /var /var/log /var/lib /var/db mkdir -m 0755 -p /var/{log,lib,db} /nix/var /etc/nixos/ \
mkdir -m 0755 -p /nix/var /run/lock /home /bin # for the /bin/sh symlink
mkdir -m 0700 -p /root install -m 0700 -d /root
chmod 0700 /root
mkdir -m 0755 -p /bin # for the /bin/sh symlink
mkdir -m 0755 -p /home
mkdir -m 0755 -p /etc/nixos
# Miscellaneous boot time cleanup. # Miscellaneous boot time cleanup.
@ -111,9 +94,6 @@ rm -f /etc/{group,passwd,shadow}.lock
rm -rf /nix/var/nix/gcroots/tmp /nix/var/nix/temproots rm -rf /nix/var/nix/gcroots/tmp /nix/var/nix/temproots
mkdir -m 0755 -p /run/lock
# For backwards compatibility, symlink /var/run to /run, and /var/lock # For backwards compatibility, symlink /var/run to /run, and /var/lock
# to /run/lock. # to /run/lock.
ln -s /run /var/run ln -s /run /var/run
@ -127,8 +107,8 @@ fi
# Use /etc/resolv.conf supplied by systemd-nspawn, if applicable. # Use /etc/resolv.conf supplied by systemd-nspawn, if applicable.
if [ -n "@useHostResolvConf@" -a -e /etc/resolv.conf ]; then if [ -n "@useHostResolvConf@" ] && [ -e /etc/resolv.conf ]; then
cat /etc/resolv.conf | resolvconf -m 1000 -a host resolvconf -m 1000 -a host </etc/resolv.conf
fi fi
# Log the script output to /dev/kmsg or /run/log/stage-2-init.log. # Log the script output to /dev/kmsg or /run/log/stage-2-init.log.

19
nixos/modules/system/boot/stage-2.nix
View File

@ -7,15 +7,6 @@ let
kernel = config.boot.kernelPackages.kernel; kernel = config.boot.kernelPackages.kernel;
activateConfiguration = config.system.activationScripts.script; activateConfiguration = config.system.activationScripts.script;
readonlyMountpoint = pkgs.stdenv.mkDerivation {
name = "readonly-mountpoint";
unpackPhase = "true";
installPhase = ''
mkdir -p $out/bin
cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
'';
};
bootStage2 = pkgs.substituteAll { bootStage2 = pkgs.substituteAll {
src = ./stage-2-init.sh; src = ./stage-2-init.sh;
shellDebug = "${pkgs.bashInteractive}/bin/bash"; shellDebug = "${pkgs.bashInteractive}/bin/bash";
@ -23,11 +14,11 @@ let
inherit (config.nix) readOnlyStore; inherit (config.nix) readOnlyStore;
inherit (config.networking) useHostResolvConf; inherit (config.networking) useHostResolvConf;
inherit (config.system.build) earlyMountScript; inherit (config.system.build) earlyMountScript;
path = path = lib.makeBinPath [
[ pkgs.coreutils pkgs.coreutils
pkgs.utillinux pkgs.utillinux
pkgs.openresolv pkgs.openresolv
] ++ optional config.nix.readOnlyStore readonlyMountpoint; ];
postBootCommands = pkgs.writeText "local-cmds" postBootCommands = pkgs.writeText "local-cmds"
'' ''
${config.boot.postBootCommands} ${config.boot.postBootCommands}