nixos/locate Add support for plocate (#156185)

This commit is contained in:
Eirik Nygaard 2022-01-24 00:36:51 +01:00 committed by GitHub
parent 0354c3a913
commit d53ef8b822
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 129 additions and 63 deletions

View File

@ -5,11 +5,14 @@ with lib;
let
cfg = config.services.locate;
isMLocate = hasPrefix "mlocate" cfg.locate.name;
isPLocate = hasPrefix "plocate" cfg.locate.name;
isMorPLocate = (isMLocate || isPLocate);
isFindutils = hasPrefix "findutils" cfg.locate.name;
in {
in
{
imports = [
(mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ])
(mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths" )
(mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths")
];
options.services.locate = with types; {
@ -163,7 +166,16 @@ in {
prunePaths = mkOption {
type = listOf path;
default = [ "/tmp" "/var/tmp" "/var/cache" "/var/lock" "/var/run" "/var/spool" "/nix/store" "/nix/var/log/nix" ];
default = [
"/tmp"
"/var/tmp"
"/var/cache"
"/var/lock"
"/var/run"
"/var/spool"
"/nix/store"
"/nix/var/log/nix"
];
description = ''
Which paths to exclude from indexing
'';
@ -188,26 +200,38 @@ in {
};
config = mkIf cfg.enable {
users.groups = mkIf isMLocate { mlocate = {}; };
users.groups = mkMerge [
(mkIf isMLocate { mlocate = { }; })
(mkIf isPLocate { plocate = { }; })
];
security.wrappers = mkIf isMLocate {
locate = {
group = "mlocate";
owner = "root";
permissions = "u+rx,g+x,o+x";
setgid = true;
setuid = false;
source = "${cfg.locate}/bin/locate";
security.wrappers =
let
common = {
owner = "root";
permissions = "u+rx,g+x,o+x";
setgid = true;
setuid = false;
};
mlocate = (mkIf isMLocate {
group = "mlocate";
source = "${cfg.locate}/bin/locate";
});
plocate = (mkIf isPLocate {
group = "plocate";
source = "${cfg.locate}/bin/plocate";
});
in
mkIf isMorPLocate {
locate = mkMerge [ common mlocate plocate ];
plocate = (mkIf isPLocate (mkMerge [ common plocate ]));
};
};
nixpkgs.config = { locate.dbfile = cfg.output; };
environment.systemPackages = [ cfg.locate ];
environment.variables = mkIf (!isMLocate)
{ LOCATE_PATH = cfg.output;
};
environment.variables = mkIf (!isMorPLocate) { LOCATE_PATH = cfg.output; };
environment.etc = {
# write /etc/updatedb.conf for manual calls to `updatedb`
@ -221,57 +245,65 @@ in {
};
};
warnings = optional (isMLocate && cfg.localuser != null) "mlocate does not support the services.locate.localuser option; updatedb will run as root. (Silence with services.locate.localuser = null.)"
++ optional (isFindutils && cfg.pruneNames != []) "findutils locate does not support pruning by directory component"
++ optional (isFindutils && cfg.pruneBindMounts) "findutils locate does not support skipping bind mounts";
warnings = optional (isMorPLocate && cfg.localuser != null)
"mlocate does not support the services.locate.localuser option; updatedb will run as root. (Silence with services.locate.localuser = null.)"
++ optional (isFindutils && cfg.pruneNames != [ ])
"findutils locate does not support pruning by directory component"
++ optional (isFindutils && cfg.pruneBindMounts)
"findutils locate does not support skipping bind mounts";
systemd.services.update-locatedb =
{ description = "Update Locate Database";
path = mkIf (!isMLocate) [ pkgs.su ];
systemd.services.update-locatedb = {
description = "Update Locate Database";
path = mkIf (!isMorPLocate) [ pkgs.su ];
# mlocate's updatedb takes flags via a configuration file or
# on the command line, but not by environment variable.
script =
if isMLocate
then let toFlags = x: optional (cfg.${x} != [])
"--${lib.toLower x} '${concatStringsSep " " cfg.${x}}'";
args = concatLists (map toFlags ["pruneFS" "pruneNames" "prunePaths"]);
in ''
# mlocate's updatedb takes flags via a configuration file or
# on the command line, but not by environment variable.
script =
if isMorPLocate then
let
toFlags = x:
optional (cfg.${x} != [ ])
"--${lib.toLower x} '${concatStringsSep " " cfg.${x}}'";
args = concatLists (map toFlags [ "pruneFS" "pruneNames" "prunePaths" ]);
in
''
exec ${cfg.locate}/bin/updatedb \
--output ${toString cfg.output} ${concatStringsSep " " args} \
--prune-bind-mounts ${if cfg.pruneBindMounts then "yes" else "no"} \
${concatStringsSep " " cfg.extraFlags}
''
else ''
exec ${cfg.locate}/bin/updatedb \
${optionalString (cfg.localuser != null && ! isMLocate) "--localuser=${cfg.localuser}"} \
--output=${toString cfg.output} ${concatStringsSep " " cfg.extraFlags}
'';
environment = optionalAttrs (!isMLocate) {
PRUNEFS = concatStringsSep " " cfg.pruneFS;
PRUNEPATHS = concatStringsSep " " cfg.prunePaths;
PRUNENAMES = concatStringsSep " " cfg.pruneNames;
PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no";
};
serviceConfig.Nice = 19;
serviceConfig.IOSchedulingClass = "idle";
serviceConfig.PrivateTmp = "yes";
serviceConfig.PrivateNetwork = "yes";
serviceConfig.NoNewPrivileges = "yes";
serviceConfig.ReadOnlyPaths = "/";
# Use dirOf cfg.output because mlocate creates temporary files next to
# the actual database. We could specify and create them as well,
# but that would make this quite brittle when they change something.
# NOTE: If /var/cache does not exist, this leads to the misleading error message:
# update-locatedb.service: Failed at step NAMESPACE spawning …/update-locatedb-start: No such file or directory
serviceConfig.ReadWritePaths = dirOf cfg.output;
else ''
exec ${cfg.locate}/bin/updatedb \
${optionalString (cfg.localuser != null && !isMorPLocate) "--localuser=${cfg.localuser}"} \
--output=${toString cfg.output} ${concatStringsSep " " cfg.extraFlags}
'';
environment = optionalAttrs (!isMorPLocate) {
PRUNEFS = concatStringsSep " " cfg.pruneFS;
PRUNEPATHS = concatStringsSep " " cfg.prunePaths;
PRUNENAMES = concatStringsSep " " cfg.pruneNames;
PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no";
};
serviceConfig.Nice = 19;
serviceConfig.IOSchedulingClass = "idle";
serviceConfig.PrivateTmp = "yes";
serviceConfig.PrivateNetwork = "yes";
serviceConfig.NoNewPrivileges = "yes";
serviceConfig.ReadOnlyPaths = "/";
# Use dirOf cfg.output because mlocate creates temporary files next to
# the actual database. We could specify and create them as well,
# but that would make this quite brittle when they change something.
# NOTE: If /var/cache does not exist, this leads to the misleading error message:
# update-locatedb.service: Failed at step NAMESPACE spawning …/update-locatedb-start: No such file or directory
serviceConfig.ReadWritePaths = dirOf cfg.output;
};
systemd.timers.update-locatedb = mkIf (cfg.interval != "never")
{ description = "Update timer for locate database";
partOf = [ "update-locatedb.service" ];
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = cfg.interval;
};
systemd.timers.update-locatedb = mkIf (cfg.interval != "never") {
description = "Update timer for locate database";
partOf = [ "update-locatedb.service" ];
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = cfg.interval;
};
};
meta.maintainers = with lib.maintainers; [ SuperSandro2000 ];
}

View File

@ -0,0 +1,29 @@
commit 26e7bf8bcb2823819c87115e07932c0d2ba88170 (HEAD -> configurable-dbfile-path)
Author: Eirik Nygaard <eirik@ngrd.no>
Date: Sun Jan 23 12:05:01 2022 +0100
Make entire path for plocate database configurable
diff --git a/meson.build b/meson.build
index 435cd0a..8dc2393 100644
--- a/meson.build
+++ b/meson.build
@@ -2,8 +2,7 @@ project('plocate', 'cpp', default_options: ['buildtype=debugoptimized','cpp_std=
add_project_arguments('-DGROUPNAME="' + get_option('locategroup') + '"', language: 'cpp')
add_project_arguments('-DUPDATEDB_CONF="/etc/updatedb.conf"', language: 'cpp')
-dbdir = join_paths(get_option('sharedstatedir'), 'plocate')
-dbfile = join_paths(dbdir, 'plocate.db')
+dbfile = join_paths(get_option('sharedstatedir'), get_option('dbpath'))
add_project_arguments('-DDBFILE="' + dbfile + '"', language: 'cpp')
add_project_arguments('-DPACKAGE_NAME="plocate"', language: 'cpp')
add_project_arguments('-DPACKAGE_VERSION="' + meson.project_version() + '"', language: 'cpp')
diff --git a/meson_options.txt b/meson_options.txt
index 8ac13c5..a9f3358 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -3,3 +3,4 @@ option('install_systemd', type: 'boolean', value: true, description: 'Install sy
option('systemunitdir', type: 'string', description: 'Where to install systemd units to (default: autodetect)')
option('locategroup', type: 'string', value: 'plocate', description: 'Group that the install script will use for the .db file')
option('updatedb_progname', type: 'string', value: 'updatedb', description: 'Binary name of updatedb')
+option('dbpath', type: 'string', value: 'plocate/plocate.db', description: 'Path to plocate database relative to "sharedstatedir"')

View File

@ -1,4 +1,5 @@
{ stdenv
{ config
, stdenv
, lib
, fetchgit
, pkg-config
@ -8,8 +9,9 @@
, liburing
, zstd
}:
stdenv.mkDerivation rec {
let
dbfile = lib.attrByPath [ "locate" "dbfile" ] "/var/cache/locatedb" config;
in stdenv.mkDerivation rec {
pname = "plocate";
version = "1.1.14";
@ -19,6 +21,8 @@ stdenv.mkDerivation rec {
sha256 = "sha256-SgvCy03H5aKolbkI1dg/0G5VwT3TdSGenn2h9H4gfTY=";
};
patches = [ ./dbfile.patch ];
postPatch = ''
sed -i meson.build \
-e '/mkdir\.sh/d'
@ -30,7 +34,8 @@ stdenv.mkDerivation rec {
mesonFlags = [
"-Dsystemunitdir=${placeholder "out"}/etc/systemd/system"
"-Dsharedstatedir=/var/lib"
"-Dsharedstatedir=${builtins.dirOf dbfile}"
"-Ddbpath=${builtins.baseNameOf dbfile}"
];
meta = with lib; {