Some cleanups in the activation script:

* Moved some scriptlets to the appropriate modules.
* Put the scriptlet that sets the default path at the start, since it
  never makes sense not to have it there.  It no longer needs to be
  declared as a dependency.
* If a scriptlet has no dependencies, it can be denoted as a plain
  string (i.e., `noDepEntry' is not needed anymore).

svn path=/nixos/trunk/; revision=23762
This commit is contained in:
Eelco Dolstra 2010-09-13 15:41:38 +00:00
parent f99e42cfbc
commit f729f12e4e
15 changed files with 346 additions and 359 deletions

View File

@ -156,7 +156,23 @@ in
config = { config = {
system.activationScripts.users = fullDepEntry system.activationScripts.rootPasswd = stringAfter [ "etc" ]
''
# If there is no password file yet, create a root account with an
# empty password.
if ! test -e /etc/passwd; then
rootHome=/root
touch /etc/passwd; chmod 0644 /etc/passwd
touch /etc/group; chmod 0644 /etc/group
touch /etc/shadow; chmod 0600 /etc/shadow
# Can't use useradd, since it complains that it doesn't know us
# (bootstrap problem!).
echo "root:x:0:0:System administrator:$rootHome:${config.users.defaultUserShell}" >> /etc/passwd
echo "root::::::::" >> /etc/shadow
fi
'';
system.activationScripts.users = stringAfter [ "groups" ]
'' ''
echo "updating users..." echo "updating users..."
@ -206,9 +222,9 @@ in
fi fi
done done
'' [ "groups" ]; '';
system.activationScripts.groups = fullDepEntry system.activationScripts.groups = stringAfter [ "rootPasswd" "binsh" "etc" "var" ]
'' ''
echo "updating groups..." echo "updating groups..."
@ -231,7 +247,7 @@ in
done <<EndOfGroupList done <<EndOfGroupList
${concatStringsSep "\n" (map serializedGroup groups)} ${concatStringsSep "\n" (map serializedGroup groups)}
EndOfGroupList EndOfGroupList
'' [ "rootPasswd" "binsh" "etc" "var" ]; '';
}; };

View File

@ -1,19 +1,21 @@
# This module defines global configuration for the Bash shell, in # This module defines global configuration for the Bash shell, in
# particular /etc/bashrc and /etc/profile. # particular /etc/bashrc and /etc/profile.
{config, pkgs, ...}: { config, pkgs, ... }:
with pkgs.lib;
let let
options = { options = {
environment.shellInit = pkgs.lib.mkOption { environment.shellInit = mkOption {
default = ""; default = "";
example = ''export PATH=/godi/bin/:$PATH''; example = ''export PATH=/godi/bin/:$PATH'';
description = " description = "
Script used to initialized user shell environments. Script used to initialized user shell environments.
"; ";
merge = pkgs.lib.mergeStringOption; merge = mergeStringOption;
}; };
}; };
@ -57,4 +59,13 @@ in
]; ];
system.build.binsh = pkgs.bashInteractive; system.build.binsh = pkgs.bashInteractive;
system.activationScripts.binsh = stringAfter [ "stdio" ]
''
# Create the required /bin/sh symlink; otherwise lots of things
# (notably the system() function) won't work.
mkdir -m 0755 -p /bin
ln -sfn ${config.system.build.binsh}/bin/sh /bin/sh
'';
} }

View File

@ -51,7 +51,7 @@ in
} }
]; ];
system.activationScripts.policyKit = fullDepEntry system.activationScripts.policyKit = stringAfter [ "users" ]
'' ''
mkdir -m 0770 -p /var/run/PolicyKit mkdir -m 0770 -p /var/run/PolicyKit
chown root.polkituser /var/run/PolicyKit chown root.polkituser /var/run/PolicyKit
@ -63,7 +63,7 @@ in
touch /var/lib/misc/PolicyKit.reload touch /var/lib/misc/PolicyKit.reload
chmod 0664 /var/lib/misc/PolicyKit.reload chmod 0664 /var/lib/misc/PolicyKit.reload
chown polkituser.polkituser /var/lib/misc/PolicyKit.reload chown polkituser.polkituser /var/lib/misc/PolicyKit.reload
'' [ "users" ]; '';
}; };

View File

@ -27,12 +27,10 @@ in
environment = { environment = {
systemPackages = [ pkWrapper ]; systemPackages = [ pkWrapper ];
pathsToLink = [ "/share/polkit-1" "/etc/polkit-1" ]; pathsToLink = [ "/share/polkit-1" "/etc/polkit-1" ];
etc = [ etc = singleton
{ { source = "${config.system.path}/etc/polkit-1";
source = "${config.system.path}/etc/polkit-1";
target = "polkit-1"; target = "polkit-1";
} };
];
}; };
services.dbus.packages = [ pkWrapper ]; services.dbus.packages = [ pkWrapper ];
@ -41,18 +39,16 @@ in
pam.services = [ { name = "polkit-1"; } ]; pam.services = [ { name = "polkit-1"; } ];
setuidPrograms = [ "pkexec" ]; setuidPrograms = [ "pkexec" ];
setuidOwners = [ setuidOwners = singleton
{ { program = "polkit-agent-helper-1";
program = "polkit-agent-helper-1";
owner = "root"; owner = "root";
group = "root"; group = "root";
setuid = true; setuid = true;
source = pkgs.polkit + "/" + pkWrapper.helper; source = pkgs.polkit + "/" + pkWrapper.helper;
} };
];
}; };
system.activationScripts.polikit = pkgs.stringsWithDeps.noDepEntry system.activationScripts.polkit =
'' ''
mkdir -p /var/lib/polkit-1/localauthority mkdir -p /var/lib/polkit-1/localauthority
chmod 700 /var/lib/polkit-1{/localauthority,} chmod 700 /var/lib/polkit-1{/localauthority,}

View File

@ -110,7 +110,7 @@ in
chmod "u${if setuid then "+" else "-"}s,g${if setgid then "+" else "-"}s,${permissions}" ${wrapperDir}/${program} chmod "u${if setuid then "+" else "-"}s,g${if setgid then "+" else "-"}s,${permissions}" ${wrapperDir}/${program}
''; '';
in pkgs.stringsWithDeps.fullDepEntry in stringAfter [ "users" ]
'' ''
# Look in the system path and in the default profile for # Look in the system path and in the default profile for
# programs to be wrapped. # programs to be wrapped.
@ -120,7 +120,7 @@ in
mkdir -p ${wrapperDir} mkdir -p ${wrapperDir}
${concatMapStrings makeSetuidWrapper setuidPrograms} ${concatMapStrings makeSetuidWrapper setuidPrograms}
'' [ "defaultPath" "users" ]; '';
}; };

View File

@ -1,7 +1,9 @@
{pkgs, config, ...}: { config, pkgs, ... }:
with pkgs.lib;
let let
inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
inherit (pkgs) mysql gzip; inherit (pkgs) mysql gzip;
location = config.services.mysqlBackup.location ; location = config.services.mysqlBackup.location ;
@ -58,14 +60,15 @@ in
}; };
config = mkIf config.services.mysqlBackup.enable { config = mkIf config.services.mysqlBackup.enable {
services.cron = {
systemCronJobs = map mysqlBackupCron config.services.mysqlBackup.databases;
};
system.activationScripts.mysqlBackup = pkgs.stringsWithDeps.fullDepEntry '' services.cron.systemCronJobs = map mysqlBackupCron config.services.mysqlBackup.databases;
mkdir -m 0700 -p ${config.services.mysqlBackup.location}
chown ${config.services.mysqlBackup.user} ${config.services.mysqlBackup.location} system.activationScripts.mysqlBackup = stringAfter [ "stdio" "defaultPath" "systemConfig" "users" ]
'' [ "stdio" "defaultPath" "systemConfig" "users" ]; ''
mkdir -m 0700 -p ${config.services.mysqlBackup.location}
chown ${config.services.mysqlBackup.user} ${config.services.mysqlBackup.location}
'';
}; };
} }

View File

@ -1,14 +1,16 @@
{pkgs, config, ...}: { config, pkgs, ... }:
with pkgs.lib;
let let
inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
inherit (pkgs) postgresql gzip; inherit (pkgs) postgresql gzip;
location = config.services.postgresqlBackup.location ; location = config.services.postgresqlBackup.location ;
postgresqlBackupCron = db : '' postgresqlBackupCron = db:
${config.services.postgresqlBackup.period} root ${postgresql}/bin/pg_dump ${db} | ${gzip}/bin/gzip -c > ${location}/${db}.gz ''
''; ${config.services.postgresqlBackup.period} root ${postgresql}/bin/pg_dump ${db} | ${gzip}/bin/gzip -c > ${location}/${db}.gz
'';
in in
@ -52,14 +54,13 @@ in
}; };
config = mkIf config.services.postgresqlBackup.enable { config = mkIf config.services.postgresqlBackup.enable {
services.cron = { services.cron.systemCronJobs = map postgresqlBackupCron config.services.postgresqlBackup.databases;
systemCronJobs = map postgresqlBackupCron config.services.postgresqlBackup.databases;
};
system.activationScripts.postgresqlBackup = pkgs.stringsWithDeps.fullDepEntry '' system.activationScripts.postgresqlBackup = stringAfter [ "stdio" "defaultPath" "systemConfig" "users" ]
mkdir -m 0700 -p ${config.services.postgresqlBackup.location} ''
chown root ${config.services.postgresqlBackup.location} mkdir -m 0700 -p ${config.services.postgresqlBackup.location}
'' [ "stdio" "defaultPath" "systemConfig" "users" ]; chown root ${config.services.postgresqlBackup.location}
'';
}; };
} }

View File

@ -1,7 +1,8 @@
{pkgs, config, ...}: { config, pkgs, ... }:
with pkgs.lib;
let let
inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
inherit (pkgs) sitecopy; inherit (pkgs) sitecopy;
stateDir = "/var/spool/sitecopy"; stateDir = "/var/spool/sitecopy";
@ -63,45 +64,41 @@ in
config = mkIf config.services.sitecopy.enable { config = mkIf config.services.sitecopy.enable {
environment.systemPackages = [ sitecopy ]; environment.systemPackages = [ sitecopy ];
services.cron = { services.cron.systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
};
system.activationScripts.sitecopyBackup = stringAfter [ "stdio" "systemConfig" "users" ]
''
mkdir -m 0700 -p ${stateDir}
chown root ${stateDir}
touch ${stateDir}/sitecopy.secrets
chown root ${stateDir}/sitecopy.secrets
system.activationScripts.sitecopyBackup = ${pkgs.lib.concatStrings (map ( b: ''
pkgs.stringsWithDeps.fullDepEntry '' unset secrets
mkdir -m 0700 -p ${stateDir} unset secret
chown root ${stateDir} secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head -1`
touch ${stateDir}/sitecopy.secrets secret=($secrets)
chown root ${stateDir}/sitecopy.secrets cat > ${stateDir}/${b.name}.conf << EOF
site ${b.name}
${pkgs.lib.concatStrings (map ( b: '' server ${b.server}
unset secrets protocol ${b.protocol}
unset secret username ''${secret[1]}
secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head -1` password ''${secret[2]}
secret=($secrets) local ${b.local}
cat > ${stateDir}/${b.name}.conf << EOF remote ${b.remote}
site ${b.name} symlinks ${b.symlinks}
server ${b.server} ${if b.https then "http secure" else ""}
protocol ${b.protocol} EOF
username ''${secret[1]} chmod 0600 ${stateDir}/${b.name}.conf
password ''${secret[2]} if ! test -e ${stateDir}/${b.name} ; then
local ${b.local} echo " * Initializing sitecopy '${b.name}'"
remote ${b.remote} ${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
symlinks ${b.symlinks} else
${if b.https then "http secure" else ""} echo " * Sitecopy '${b.name}' already initialized"
EOF fi
chmod 0600 ${stateDir}/${b.name}.conf '' ) config.services.sitecopy.backups
if ! test -e ${stateDir}/${b.name} ; then )}
echo " * Initializing sitecopy '${b.name}'" '';
${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
else
echo " * Sitecopy '${b.name}' already initialized"
fi
'' ) config.services.sitecopy.backups
)}
'' [ "stdio" "defaultPath" "systemConfig" "users" ] ;
}; };
} }

View File

@ -277,7 +277,7 @@ in
# do this, mount the remote file system on a subdirectory of # do this, mount the remote file system on a subdirectory of
# /var/run/nix/remote-stores. # /var/run/nix/remote-stores.
export NIX_OTHER_STORES=/var/run/nix/remote-stores/*/nix export NIX_OTHER_STORES=/var/run/nix/remote-stores/*/nix
'' '' # */
+ optionalString config.nix.distributedBuilds '' + optionalString config.nix.distributedBuilds ''
export NIX_BUILD_HOOK=${config.environment.nix}/libexec/nix/build-remote.pl export NIX_BUILD_HOOK=${config.environment.nix}/libexec/nix/build-remote.pl
export NIX_REMOTE_SYSTEMS=/etc/nix.machines export NIX_REMOTE_SYSTEMS=/etc/nix.machines
@ -292,6 +292,33 @@ in
users.extraUsers = map makeNixBuildUser (pkgs.lib.range 1 config.nix.nrBuildUsers); users.extraUsers = map makeNixBuildUser (pkgs.lib.range 1 config.nix.nrBuildUsers);
system.activationScripts.nix = stringAfter [ "etc" "users" ]
''
# Set up Nix.
mkdir -p /nix/etc/nix
ln -sfn /etc/nix.conf /nix/etc/nix/nix.conf
chown root.nixbld /nix/store
chmod 1775 /nix/store
# Nix initialisation.
mkdir -m 0755 -p \
/nix/var/nix/gcroots \
/nix/var/nix/temproots \
/nix/var/nix/manifests \
/nix/var/nix/userpool \
/nix/var/nix/profiles \
/nix/var/nix/db \
/nix/var/log/nix/drvs \
/nix/var/nix/channel-cache \
/nix/var/nix/chroots
mkdir -m 1777 -p /nix/var/nix/gcroots/per-user
mkdir -m 1777 -p /nix/var/nix/profiles/per-user
mkdir -m 1777 -p /nix/var/nix/gcroots/tmp
ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
ln -sf /nix/var/nix/manifests /nix/var/nix/gcroots/
'';
}; };
} }

View File

@ -75,43 +75,44 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.cron.systemCronJobs = [ cronJob ]; services.cron.systemCronJobs = [ cronJob ];
system.activationScripts.systemhealth = fullDepEntry '' system.activationScripts.systemhealth = stringAfter [ "var" ]
mkdir -p ${rrdDir} ${htmlDir} ''
chown wwwrun.wwwrun ${rrdDir} ${htmlDir} mkdir -p ${rrdDir} ${htmlDir}
chown wwwrun.wwwrun ${rrdDir} ${htmlDir}
cat >${configFile} << EOF cat >${configFile} << EOF
[paths] [paths]
rrdtool = ${pkgs.rrdtool}/bin/rrdtool rrdtool = ${pkgs.rrdtool}/bin/rrdtool
loadavg_rrd = loadavg loadavg_rrd = loadavg
ps = /var/run/current-system/sw/bin/ps ps = /var/run/current-system/sw/bin/ps
df = /var/run/current-system/sw/bin/df df = /var/run/current-system/sw/bin/df
meminfo_rrd = meminfo meminfo_rrd = meminfo
uptime_rrd = uptime uptime_rrd = uptime
rrd_path = ${rrdDir} rrd_path = ${rrdDir}
png_path = ${htmlDir} png_path = ${htmlDir}
[processes] [processes]
[interfaces] [interfaces]
${interfacesSection} ${interfacesSection}
[drives] [drives]
${drivesSection} ${drivesSection}
[graphs] [graphs]
width = 400 width = 400
time = ['-3hours', '-32hours', '-8days', '-5weeks', '-13months'] time = ['-3hours', '-32hours', '-8days', '-5weeks', '-13months']
height = 100 height = 100
[external] [external]
EOF EOF
chown wwwrun.wwwrun ${configFile} chown wwwrun.wwwrun ${configFile}
${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --check" wwwrun ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --check" wwwrun
${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --html" wwwrun ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --html" wwwrun
'' [ "var" ]; '';
services.httpd.extraSubservices = [ services.httpd.extraSubservices = [
{ function = f: { { function = f: {

View File

@ -1,220 +1,140 @@
# generate the script used to activate the configuration. # generate the script used to activate the configuration.
{pkgs, config, ...}: { config, pkgs, ... }:
with pkgs.lib;
let let
inherit (pkgs.lib) mkOption mergeTypedOption mergeAttrs
mapAttrs addErrorContext fold id filter textClosureMap noDepEntry
fullDepEntry;
inherit (builtins) attrNames;
addAttributeName = mapAttrs (a: v: v // { addAttributeName = mapAttrs (a: v: v // {
text = '' text = ''
#### actionScripts snippet ${a} : #### Activation script snippet ${a}:
# ======================================== ${v.text}
${v.text}
'';
});
defaultScripts = {
systemConfig = noDepEntry ''
systemConfig="$1"
if test -z "$systemConfig"; then
systemConfig="/system" # for the installation CD
fi
''; '';
});
defaultPath = path =
let path = [ [ pkgs.coreutils pkgs.gnugrep pkgs.findutils
pkgs.coreutils pkgs.gnugrep pkgs.findutils pkgs.glibc # needed for getent
pkgs.glibc # needed for getent pkgs.shadow
pkgs.shadow pkgs.nettools # needed for hostname
pkgs.nettools # needed for hostname
]; in noDepEntry ''
export PATH=/empty
for i in ${toString path}; do
PATH=$PATH:$i/bin:$i/sbin;
done
'';
stdio = fullDepEntry ''
# Needed by some programs.
ln -sfn /proc/self/fd /dev/fd
ln -sfn /proc/self/fd/0 /dev/stdin
ln -sfn /proc/self/fd/1 /dev/stdout
ln -sfn /proc/self/fd/2 /dev/stderr
'' [
"defaultPath" # path to ln
]; ];
binsh = fullDepEntry ''
# Create the required /bin/sh symlink; otherwise lots of things
# (notably the system() function) won't work.
mkdir -m 0755 -p $mountPoint/bin
ln -sfn ${config.system.build.binsh}/bin/sh $mountPoint/bin/sh
'' [
"defaultPath" # path to ln & mkdir
"stdio" # ?
];
modprobe = fullDepEntry ''
# Allow the kernel to find our wrapped modprobe (which searches
# in the right location in the Nix store for kernel modules).
# We need this when the kernel (or some module) auto-loads a
# module.
echo ${config.system.sbin.modprobe}/sbin/modprobe > /proc/sys/kernel/modprobe
'' [
# ?
];
var = fullDepEntry ''
# Various log/runtime directories.
touch /var/run/utmp # must exist
chgrp ${toString config.ids.gids.utmp} /var/run/utmp
chmod 664 /var/run/utmp
mkdir -m 0755 -p /var/run/nix/current-load # for distributed builds
mkdir -m 0700 -p /var/run/nix/remote-stores
mkdir -m 0755 -p /var/log
mkdir -m 0755 -p /var/log/upstart
touch /var/log/wtmp # must exist
chmod 644 /var/log/wtmp
touch /var/log/lastlog
chmod 644 /var/log/lastlog
mkdir -m 1777 -p /var/tmp
# Empty, read-only home directory of many system accounts.
mkdir -m 0555 -p /var/empty
'' [
"defaultPath" # path to mkdir & touch & chmod
];
rootPasswd = fullDepEntry ''
# If there is no password file yet, create a root account with an
# empty password.
if ! test -e /etc/passwd; then
rootHome=/root
touch /etc/passwd; chmod 0644 /etc/passwd
touch /etc/group; chmod 0644 /etc/group
touch /etc/shadow; chmod 0600 /etc/shadow
# Can't use useradd, since it complains that it doesn't know us
# (bootstrap problem!).
echo "root:x:0:0:System administrator:$rootHome:${config.users.defaultUserShell}" >> /etc/passwd
echo "root::::::::" >> /etc/shadow
fi
'' [
"defaultPath" # path to touch & passwd
"etc" # for /etc
# ?
];
nix = fullDepEntry ''
# Set up Nix.
mkdir -p /nix/etc/nix
ln -sfn /etc/nix.conf /nix/etc/nix/nix.conf
chown root.nixbld /nix/store
chmod 1775 /nix/store
# Nix initialisation.
mkdir -m 0755 -p \
/nix/var/nix/gcroots \
/nix/var/nix/temproots \
/nix/var/nix/manifests \
/nix/var/nix/userpool \
/nix/var/nix/profiles \
/nix/var/nix/db \
/nix/var/log/nix/drvs \
/nix/var/nix/channel-cache \
/nix/var/nix/chroots
mkdir -m 1777 -p /nix/var/nix/gcroots/per-user
mkdir -m 1777 -p /nix/var/nix/profiles/per-user
mkdir -m 1777 -p /nix/var/nix/gcroots/tmp
ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
ln -sf /nix/var/nix/manifests /nix/var/nix/gcroots/
'' [
"defaultPath"
"etc" # /etc/nix.conf
"users" # nixbld group
];
hostname = fullDepEntry ''
# Set the host name. Don't clear it if it's not configured in the
# NixOS configuration, since it may have been set by dhclient in the
# meantime.
${if config.networking.hostName != "" then
''hostname "${config.networking.hostName}"''
else ''
# dhclient won't do anything if the hostname isn't empty.
if test "$(hostname)" = "(none)"; then
hostname ""
fi
''}
'' [ "defaultPath" ];
# The activation has to be done at the end. This is forced at the apply
# function of activationScripts option
activate = noDepEntry ''
# Make this configuration the current configuration.
# The readlink is there to ensure that when $systemConfig = /system
# (which is a symlink to the store), /var/run/current-system is still
# used as a garbage collection root.
ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
# Prevent the current configuration from being garbage-collected.
ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
'';
media = noDepEntry ''
mkdir -p /media
'';
};
in in
{ {
require = {
system = { ###### interface
activationScripts = mkOption {
default = []; options = {
example = {
stdio = { system.activationScripts = mkOption {
text = " default = {};
# Needed by some programs.
ln -sfn /proc/self/fd /dev/fd example = {
ln -sfn /proc/self/fd/0 /dev/stdin stdio = {
ln -sfn /proc/self/fd/1 /dev/stdout text = ''
ln -sfn /proc/self/fd/2 /dev/stderr # Needed by some programs.
"; ln -sfn /proc/self/fd /dev/fd
deps = []; ln -sfn /proc/self/fd/0 /dev/stdin
}; ln -sfn /proc/self/fd/1 /dev/stdout
}; ln -sfn /proc/self/fd/2 /dev/stderr
description = '' '';
Activate the new configuration (i.e., update /etc, make accounts, deps = [];
and so on).
'';
merge = mergeTypedOption "script" builtins.isAttrs (fold mergeAttrs {});
apply = set:
let withHeadlines = addAttributeName set;
activateLib = removeAttrs withHeadlines ["activate"];
activateLibNames = attrNames activateLib;
in {
script = pkgs.writeScript "nixos-activation-script"
("#! ${pkgs.stdenv.shell}\n"
+ textClosureMap id activateLib activateLibNames + "\n"
# make sure that the activate snippet is added last.
+ withHeadlines.activate.text);
}; };
}; };
description = ''
Activate the new configuration (i.e., update /etc, make accounts,
and so on).
'';
merge = mergeTypedOption "script" builtins.isAttrs (fold mergeAttrs {});
apply = set: {
script = pkgs.writeScript "nixos-activation-script"
''
#! ${pkgs.stdenv.shell}
export PATH=/empty
for i in ${toString path}; do
PATH=$PATH:$i/bin:$i/sbin;
done
${
let
set' = mapAttrs (n: v: if builtins.isString v then noDepEntry v else v) set;
withHeadlines = addAttributeName set';
in textClosureMap id (withHeadlines) (attrNames withHeadlines)
}
# Make this configuration the current configuration.
# The readlink is there to ensure that when $systemConfig = /system
# (which is a symlink to the store), /var/run/current-system is still
# used as a garbage collection root.
ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
# Prevent the current configuration from being garbage-collected.
ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
'';
};
}; };
};
###### implementation
config = {
system.activationScripts.systemConfig =
''
systemConfig="$1"
if test -z "$systemConfig"; then
systemConfig="/system" # for the installation CD
fi
'';
system.activationScripts.stdio =
''
# Needed by some programs.
ln -sfn /proc/self/fd /dev/fd
ln -sfn /proc/self/fd/0 /dev/stdin
ln -sfn /proc/self/fd/1 /dev/stdout
ln -sfn /proc/self/fd/2 /dev/stderr
'';
system.activationScripts.var =
''
# Various log/runtime directories.
touch /var/run/utmp # must exist
chgrp ${toString config.ids.gids.utmp} /var/run/utmp
chmod 664 /var/run/utmp
mkdir -m 0755 -p /var/run/nix/current-load # for distributed builds
mkdir -m 0700 -p /var/run/nix/remote-stores
mkdir -m 0755 -p /var/log
mkdir -m 0755 -p /var/log/upstart
touch /var/log/wtmp # must exist
chmod 644 /var/log/wtmp
touch /var/log/lastlog
chmod 644 /var/log/lastlog
mkdir -m 1777 -p /var/tmp
# Empty, read-only home directory of many system accounts.
mkdir -m 0555 -p /var/empty
'';
system.activationScripts.media =
''
mkdir -p /media
'';
}; };
system.activationScripts = defaultScripts;
} }

View File

@ -88,6 +88,15 @@ with pkgs.lib;
# too? # too?
]; ];
system.activationScripts.modprobe =
''
# Allow the kernel to find our wrapped modprobe (which searches
# in the right location in the Nix store for kernel modules).
# We need this when the kernel (or some module) auto-loads a
# module.
echo ${config.system.sbin.modprobe}/sbin/modprobe > /proc/sys/kernel/modprobe
'';
}; };
} }

View File

@ -1,9 +1,10 @@
# produce a script to generate /etc # Produce a script to generate /etc.
{config, pkgs, ...}: { config, pkgs, ... }:
with pkgs.lib;
###### interface ###### interface
let let
inherit (pkgs.lib) mkOption;
option = { option = {
environment.etc = mkOption { environment.etc = mkOption {
@ -52,47 +53,39 @@ in
{ {
require = [option]; require = [option];
system = { system.build.etc = makeEtc;
build = {
etc = makeEtc;
};
activationScripts = { system.activationScripts.etc = stringAfter [ "systemConfig" "stdio" ]
etc = pkgs.lib.fullDepEntry '' ''
# Set up the statically computed bits of /etc. # Set up the statically computed bits of /etc.
echo "setting up /etc..." echo "setting up /etc..."
staticEtc=/etc/static staticEtc=/etc/static
rm -f $staticEtc rm -f $staticEtc
ln -s ${makeEtc}/etc $staticEtc ln -s ${makeEtc}/etc $staticEtc
for i in $(cd $staticEtc && find * -type l); do for i in $(cd $staticEtc && find * -type l); do
mkdir -p /etc/$(dirname $i) mkdir -p /etc/$(dirname $i)
rm -f /etc/$i rm -f /etc/$i
if test -e "$staticEtc/$i.mode"; then if test -e "$staticEtc/$i.mode"; then
# Create a regular file in /etc. # Create a regular file in /etc.
cp $staticEtc/$i /etc/$i cp $staticEtc/$i /etc/$i
chown 0.0 /etc/$i chown 0.0 /etc/$i
chmod "$(cat "$staticEtc/$i.mode")" /etc/$i chmod "$(cat "$staticEtc/$i.mode")" /etc/$i
else else
# Create a symlink in /etc. # Create a symlink in /etc.
ln -s $staticEtc/$i /etc/$i ln -s $staticEtc/$i /etc/$i
fi fi
done done
# Remove dangling symlinks that point to /etc/static. These are
# configuration files that existed in a previous configuration but not
# in the current one. For efficiency, don't look under /etc/nixos
# (where all the NixOS sources live).
for i in $(find /etc/ \( -path /etc/nixos -prune \) -o -type l); do
target=$(readlink "$i")
if test "''${target:0:''${#staticEtc}}" = "$staticEtc" -a ! -e "$i"; then
rm -f "$i"
fi
done
'';
# Remove dangling symlinks that point to /etc/static. These are
# configuration files that existed in a previous configuration but not
# in the current one. For efficiency, don't look under /etc/nixos
# (where all the NixOS sources live).
for i in $(find /etc/ \( -path /etc/nixos -prune \) -o -type l); do
target=$(readlink "$i")
if test "''${target:0:''${#staticEtc}}" = "$staticEtc" -a ! -e "$i"; then
rm -f "$i"
fi
done
'' [
"systemConfig"
"defaultPath" # path to cp, chmod, chown
"stdio"
];
};
};
} }

View File

@ -205,7 +205,20 @@ in
# ${nettools}/sbin/ifconfig $i down || true # ${nettools}/sbin/ifconfig $i down || true
#done #done
''; '';
}; };
# Set the host name in the activation script. Don't clear it if
# it's not configured in the NixOS configuration, since it may
# have been set by dhclient in the meantime.
system.activationScripts.hostname =
(if config.networking.hostName != "" then ''
hostname "${config.networking.hostName}"
'' else ''
# dhclient won't do anything if the hostname isn't empty.
if test "$(hostname)" = "(none)"; then
hostname ""
fi
'');
}; };

View File

@ -72,7 +72,7 @@ let cfg = config.virtualisation.xen; in
''; '';
# Mount the /proc/xen pseudo-filesystem. # Mount the /proc/xen pseudo-filesystem.
system.activationScripts.xen = noDepEntry system.activationScripts.xen =
'' ''
if [ -d /proc/xen ]; then if [ -d /proc/xen ]; then
${pkgs.sysvtools}/bin/mountpoint -q /proc/xen || \ ${pkgs.sysvtools}/bin/mountpoint -q /proc/xen || \