Commit Graph

35 Commits

Author SHA1 Message Date
Florian Klink
fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Michael Raitza
e598fdf229 dbus: Add NSS modules path to dbus system bus service
DBus seems to resolve user IDs directly via glibc, circumventing nscd. In more
 advanced setups this leads to user's coming from LDAP or SSSD not being
 resolved by the dbus system bus daemon. The effect for such users is, that all
 access to the system bus (e.g. busctl or nmcli) is denied.

 Adding the respective NSS modules to the service's environment solves the issue
 the same way it does for nscd.
2018-06-07 16:44:04 +02:00
Nikolay Amiantov
ac0cdc1952 dbus service: use makeDBusConf 2017-02-16 15:41:23 +03:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Nikolay Amiantov
72b3746266 dbus service: remove {system,session}.conf from config dir
They are already included by dbus from /run/current-system/sw/share/dbus-1.
2017-02-01 15:37:24 +03:00
Nikolay Amiantov
39344a36d3 dbus service: use /etc/dbus-1 for configuration
Also use upstream systemd units.
2017-02-01 15:03:22 +03:00
Parnell Springmeyer
6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer
a8cb2afa98
Fixing a bunch of issues 2017-01-29 01:58:12 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Guillaume Maudoux
29667f639c dbus: catch new services without reboot (#20871)
DBus daemon now loads its config from /run/current-system/dbus.
Reloading the daemon makes it re-read that file and catch the updates
after a system upgrade.
2017-01-27 14:46:13 +01:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Peter Hoeg
639e5401ff dbus: add socket activation but do not enable it
The following changes are included:

1) install user unit files from upstream dbus
2) use absolute paths to config for --system and --session instances
3) make socket activation of user units configurable

There has been a number of PRs to address this, so this one does the
bare minimum, which is to make the functionality available and
configurable but defaults to off.

Related PRs:
 - #18382
 - #18222

(cherry picked from commit f7215c9b5b47dfb0a6dbe87ff33d7730729a32e5)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-30 13:14:53 +02:00
Eelco Dolstra
75a1ec8a65 NixOS: Use runCommand instead of mkDerivation in a few places 2016-09-29 13:05:28 +02:00
Eelco Dolstra
ba70ce28ae no-x-libs.nix: Ensure that dbus doesn't use X11
It appears that packageOverrides no longer overrides aliases, so
aliases like

  dbus_tools = self.dbus.out;
  dbus_daemon = self.dbus.daemon;

now use the old, non-overriden version of dbus. That seems like a
pretty serious regression in general, but for this particular problem,
I've fixed it by replacing dbus_daemon by dbus.daemon and dbus_tools
by dbus.
2016-09-05 13:45:59 +02:00
Parnell Springmeyer
98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Philip Potter
36c7c50512 services.dbus module: more complete docstring
The docstring for the `services.dbus.packages` configuration option only
mentioned one directory, but the implementation actually looked for DBus
config files in four separate places within the target packages.  This
commit updates the docstring to reflect the actual implementation
behaviour.
2016-06-28 08:24:32 +01:00
Tuomas Tynkkynen
2132c86c45 nixos/dbus: Reference correct output of 'dbus' 2016-05-18 22:58:00 +03:00
William A. Kennington III
60b3484928 dbus: Fix for new 1.10 version
(cherry picked from commit 68a4a6df3971d66aa988bba680351a30fbadbed3)
2016-05-02 13:04:20 -05:00
Nikolay Amiantov
23a093ebe8 dbus service: fix path to the launch helper 2016-04-26 16:10:30 +03:00
obadz
079e1c76cf Revert "dbus nixos module: add units for systemd user session"
This reverts commit 83cb6ec399.

Was breaking: nix-build '<nixos/release.nix>' -A tests.xfce.x86_64-linux
2016-04-14 12:38:36 +01:00
Tuomas Tynkkynen
b9eb944990 treewide: Mass replace 'dbus_daemon}/bin' to refer to the correct outputs 2016-04-14 08:32:20 +03:00
Vladimír Čunát
30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Peter Hoeg
83cb6ec399 dbus nixos module: add units for systemd user session
This patch makes dbus launch with any user session instead of
leaving it up to the desktop environment launch script to run it.

It has been tested with KDE, which simply uses the running daemon
instead of launching its own.

This is upstream's recommended way to run dbus.
2016-04-02 23:11:57 +08:00
Tuomas Tynkkynen
f12f6c8607 treewide: Mass replace 'dbus_daemon}/lib' to refer the 'lib' output 2016-01-24 10:03:34 +02:00
Eelco Dolstra
87789ac39d Hide services.dbus.enable
Realistically, you can't disable D-Bus on a modern system.
2015-08-25 11:07:31 +02:00
Eelco Dolstra
dc62669335 Set ‘allowSubstitutes = false’ on various derivations
This reduces the number of binary cache requests. See
b64988bb35.
2015-07-09 15:10:37 +02:00
Eelco Dolstra
5a5a43ea25 dbus: Reload if /etc/dbus-1 changes
Specifically, this fixes dnsmasq, which failed with

  Apr 16 19:00:30 mandark dnsmasq[23819]: dnsmasq: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
  Apr 16 19:00:30 mandark dnsmasq[23819]: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file

after being enabled, due to dbus not being reloaded.
2015-04-16 19:13:20 +02:00
Eelco Dolstra
1c39a47ac8 Reload, don't restart, dbus.service
Many bus clients get hopelessly confused when dbus-daemon is
restarted. So let's not do that.

Of course, this is not ideal either, because we end up stuck with a
possibly outdated dbus-daemon. But that issue will become irrelevant
in the glorious kdbus-based future.

Hopefully this also gets rid of systemd getting stuck after
dbus-daemon is restarted:

Apr 01 15:37:50 mandark systemd[1]: Failed to register match for Disconnected message: Connection timed out
Apr 01 15:37:50 mandark systemd[1]: Looping too fast. Throttling execution a little.
Apr 01 15:37:51 mandark systemd[1]: Looping too fast. Throttling execution a little.
...
2015-04-01 16:57:16 +02:00
Eelco Dolstra
40f7b0f9df Another attempt to eradicate ensureDir
See c556a6ea46.
2014-06-30 14:56:10 +02:00
Eelco Dolstra
b4afe5b7bc dbus: Use upstream units 2014-04-22 17:38:53 +02:00
Eelco Dolstra
29027fd1e1 Rewrite ‘with pkgs.lib’ -> ‘with lib’
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
2014-04-14 16:26:48 +02:00
Eelco Dolstra
408b8b5725 Add lots of missing option types 2013-10-30 18:47:43 +01:00
Eelco Dolstra
d5047faede Remove uses of the "merge" option attribute
It's redundant because you can (and should) specify an option type, or
an apply function.
2013-10-28 22:45:56 +01:00
Eelco Dolstra
41c8f9598e Remove dead code 2013-10-28 22:45:54 +01:00
Eelco Dolstra
5c1f8cbc70 Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00