nixpkgs/nixos/modules/system/boot
aszlig e662e035f9
nixos/systemd-boot-builder: Don't write .pyc files
This has surfaced since d990aa7163.

The "simpleUefiGummiboot" installer test fails since this commit,
because that commit introduced a small check to verify whether the store
was altered.

While installing NixOS for the first time, the store is usually in
/mnt/nix/store and without the read-only bind mount that's preventing
programs from altering the store.

So after nixos-install is done creating the system closure and setting
it as the active system profile, the bootloader is written from the
closure inside the chroot. The systemd-boot-builder is invoked during
this step, which adds .pyc files for various Python modules of the
Python 3 store path, which in turn invalidates the hash of the Python 3
store path itself.

At the time the system is booted up again, the nix-store is verified and
fails with something like this:

path /nix/store/zvm545rqc4d97caqq9h7344bnd06jhzb-python3-3.5.3 was
modified! expected hash
b2c975f4b8d197443fbb09690fb3f6545e165dd44c9309d7d6df2fce0579ebeb, got
bccca19f39c9d26d857ccf1fb72818b2b817967e6d497a25a1283e36ed0acf01

Running the interpreter with the -B argument prevents Python from
writing those byte code files:

https://docs.python.org/3/using/cmdline.html#cmdoption-B

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-04-20 00:37:02 +02:00
..
loader nixos/systemd-boot-builder: Don't write .pyc files 2017-04-20 00:37:02 +02:00
coredump.nix systemd-coredump: Add systemd service and fix sysctl pattern. 2016-07-10 18:07:37 +10:00
emergency-mode.nix nixos: tmp on tmpfs option 2014-07-30 16:19:26 +02:00
initrd-network.nix initrd-network: call postCommands only if network is up 2016-02-03 16:35:21 +03:00
initrd-ssh.nix initrd-ssh: Use initrd secrets for host keys 2017-04-02 16:33:37 -04:00
kernel.nix fix comments about nixos-hardware-scan 2017-02-18 13:29:47 +01:00
kexec.nix Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
luksroot.nix luksroot: Wait for the header (device) to appear 2017-04-05 20:39:03 +02:00
modprobe.nix nixos treewide: don't set MODULE_DIR 2016-08-19 17:56:54 +03:00
networkd.nix networking.networkd: adjust autmatic mapping of bonds 2017-02-16 21:24:40 +01:00
pbkdf2-sha512.c Update to the Yubikey PBA 2014-02-08 14:59:52 +01:00
plymouth.nix nixos/modules: use defaultText where applicable 2016-11-21 16:35:15 +01:00
resolved.nix systemd: 231 -> 232 2017-01-26 17:52:52 +01:00
shutdown.nix Don't run hwclock if /dev/rtc doesn't exist 2014-05-05 16:47:51 +02:00
stage-1-init.sh Add facility to append secrets to the initrd 2017-04-02 16:33:37 -04:00
stage-1.nix Add facility to append secrets to the initrd 2017-04-02 16:33:37 -04:00
stage-2-init.sh stage-2: shellsheck recommendations 2017-04-05 21:40:57 +02:00
stage-2.nix stage-2: replace readonly-mountpoint by findmnt 2017-04-05 09:05:18 +02:00
systemd-lib.nix nixos: escape brackets in systemd units 2017-04-12 15:56:26 +02:00
systemd-nspawn.nix nspawn module: optionSet -> submodule 2016-10-21 01:31:54 +09:00
systemd-unit-options.nix nixos/treewide: systemd.time is in manvolume 7 2017-03-21 08:28:53 +01:00
systemd.nix Allow systemd-fsck@.service to find fsck.* 2017-04-04 18:17:05 +02:00
timesyncd.nix ntp: make timesyncd the new default 2016-12-17 00:00:45 +01:00
tmp.nix nixos: tmp on tmpfs option 2014-07-30 16:19:26 +02:00