Author: eelco
Date: Mon Sep 13 15:41:38 2010
New Revision: 23762
URL: https://svn.nixos.org/websvn/nix/?rev=23762&sc=1
Log:
Some cleanups in the activation script:
* Moved some scriptlets to the appropriate modules.
* Put the scriptlet that sets the default path at the start, since it
never makes sense not to have it there. It no longer needs to be
declared as a dependency.
* If a scriptlet has no dependencies, it can be denoted as a plain
string (i.e., `noDepEntry' is not needed anymore).
Modified:
nixos/trunk/modules/config/users-groups.nix
nixos/trunk/modules/programs/bash/bash.nix
nixos/trunk/modules/security/policykit.nix
nixos/trunk/modules/security/polkit.nix
nixos/trunk/modules/security/setuid-wrappers.nix
nixos/trunk/modules/services/backup/mysql-backup.nix
nixos/trunk/modules/services/backup/postgresql-backup.nix
nixos/trunk/modules/services/backup/sitecopy-backup.nix
nixos/trunk/modules/services/misc/nix-daemon.nix
nixos/trunk/modules/services/monitoring/systemhealth.nix
nixos/trunk/modules/system/activation/activation-script.nix
nixos/trunk/modules/system/boot/modprobe.nix
nixos/trunk/modules/system/etc/etc.nix
nixos/trunk/modules/tasks/network-interfaces.nix
nixos/trunk/modules/virtualisation/xen.nix
Modified: nixos/trunk/modules/config/users-groups.nix
==============================================================================
--- nixos/trunk/modules/config/users-groups.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/config/users-groups.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -156,7 +156,23 @@
config = {
- system.activationScripts.users = fullDepEntry
+ system.activationScripts.rootPasswd = stringAfter [ "etc" ]
+ ''
+ # If there is no password file yet, create a root account with an
+ # empty password.
+ if ! test -e /etc/passwd; then
+ rootHome=/root
+ touch /etc/passwd; chmod 0644 /etc/passwd
+ touch /etc/group; chmod 0644 /etc/group
+ touch /etc/shadow; chmod 0600 /etc/shadow
+ # Can't use useradd, since it complains that it doesn't know us
+ # (bootstrap problem!).
+ echo "root:x:0:0:System
administrator:$rootHome:${config.users.defaultUserShell}" >> /etc/passwd
+ echo "root::::::::" >> /etc/shadow
+ fi
+ '';
+
+ system.activationScripts.users = stringAfter [ "groups" ]
''
echo "updating users..."
@@ -206,9 +222,9 @@
fi
done
- '' [ "groups" ];
+ '';
- system.activationScripts.groups = fullDepEntry
+ system.activationScripts.groups = stringAfter [ "rootPasswd" "binsh" "etc"
"var" ]
''
echo "updating groups..."
@@ -231,7 +247,7 @@
done <<EndOfGroupList
${concatStringsSep "\n" (map serializedGroup groups)}
EndOfGroupList
- '' [ "rootPasswd" "binsh" "etc" "var" ];
+ '';
};
Modified: nixos/trunk/modules/programs/bash/bash.nix
==============================================================================
--- nixos/trunk/modules/programs/bash/bash.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/programs/bash/bash.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -1,19 +1,21 @@
# This module defines global configuration for the Bash shell, in
# particular /etc/bashrc and /etc/profile.
-{config, pkgs, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
let
options = {
- environment.shellInit = pkgs.lib.mkOption {
+ environment.shellInit = mkOption {
default = "";
example = ''export PATH=/godi/bin/:$PATH'';
description = "
Script used to initialized user shell environments.
";
- merge = pkgs.lib.mergeStringOption;
+ merge = mergeStringOption;
};
};
@@ -57,4 +59,13 @@
];
system.build.binsh = pkgs.bashInteractive;
+
+ system.activationScripts.binsh = stringAfter [ "stdio" ]
+ ''
+ # Create the required /bin/sh symlink; otherwise lots of things
+ # (notably the system() function) won't work.
+ mkdir -m 0755 -p /bin
+ ln -sfn ${config.system.build.binsh}/bin/sh /bin/sh
+ '';
+
}
Modified: nixos/trunk/modules/security/policykit.nix
==============================================================================
--- nixos/trunk/modules/security/policykit.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/security/policykit.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -51,7 +51,7 @@
}
];
- system.activationScripts.policyKit = fullDepEntry
+ system.activationScripts.policyKit = stringAfter [ "users" ]
''
mkdir -m 0770 -p /var/run/PolicyKit
chown root.polkituser /var/run/PolicyKit
@@ -63,7 +63,7 @@
touch /var/lib/misc/PolicyKit.reload
chmod 0664 /var/lib/misc/PolicyKit.reload
chown polkituser.polkituser /var/lib/misc/PolicyKit.reload
- '' [ "users" ];
+ '';
};
Modified: nixos/trunk/modules/security/polkit.nix
==============================================================================
--- nixos/trunk/modules/security/polkit.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/security/polkit.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -27,12 +27,10 @@
environment = {
systemPackages = [ pkWrapper ];
pathsToLink = [ "/share/polkit-1" "/etc/polkit-1" ];
- etc = [
- {
- source = "${config.system.path}/etc/polkit-1";
+ etc = singleton
+ { source = "${config.system.path}/etc/polkit-1";
target = "polkit-1";
- }
- ];
+ };
};
services.dbus.packages = [ pkWrapper ];
@@ -41,18 +39,16 @@
pam.services = [ { name = "polkit-1"; } ];
setuidPrograms = [ "pkexec" ];
- setuidOwners = [
- {
- program = "polkit-agent-helper-1";
+ setuidOwners = singleton
+ { program = "polkit-agent-helper-1";
owner = "root";
group = "root";
setuid = true;
source = pkgs.polkit + "/" + pkWrapper.helper;
- }
- ];
+ };
};
- system.activationScripts.polikit = pkgs.stringsWithDeps.noDepEntry
+ system.activationScripts.polkit =
''
mkdir -p /var/lib/polkit-1/localauthority
chmod 700 /var/lib/polkit-1{/localauthority,}
Modified: nixos/trunk/modules/security/setuid-wrappers.nix
==============================================================================
--- nixos/trunk/modules/security/setuid-wrappers.nix Mon Sep 13 15:31:06
2010 (r23761)
+++ nixos/trunk/modules/security/setuid-wrappers.nix Mon Sep 13 15:41:38
2010 (r23762)
@@ -110,7 +110,7 @@
chmod "u${if setuid then "+" else "-"}s,g${if setgid then "+" else
"-"}s,${permissions}" ${wrapperDir}/${program}
'';
- in pkgs.stringsWithDeps.fullDepEntry
+ in stringAfter [ "users" ]
''
# Look in the system path and in the default profile for
# programs to be wrapped.
@@ -120,7 +120,7 @@
mkdir -p ${wrapperDir}
${concatMapStrings makeSetuidWrapper setuidPrograms}
- '' [ "defaultPath" "users" ];
+ '';
};
Modified: nixos/trunk/modules/services/backup/mysql-backup.nix
==============================================================================
--- nixos/trunk/modules/services/backup/mysql-backup.nix Mon Sep 13
15:31:06 2010 (r23761)
+++ nixos/trunk/modules/services/backup/mysql-backup.nix Mon Sep 13
15:41:38 2010 (r23762)
@@ -1,7 +1,9 @@
-{pkgs, config, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
let
- inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
+
inherit (pkgs) mysql gzip;
location = config.services.mysqlBackup.location ;
@@ -58,14 +60,15 @@
};
config = mkIf config.services.mysqlBackup.enable {
- services.cron = {
- systemCronJobs = map mysqlBackupCron
config.services.mysqlBackup.databases;
- };
+
+ services.cron.systemCronJobs = map mysqlBackupCron
config.services.mysqlBackup.databases;
- system.activationScripts.mysqlBackup = pkgs.stringsWithDeps.fullDepEntry ''
- mkdir -m 0700 -p ${config.services.mysqlBackup.location}
- chown ${config.services.mysqlBackup.user}
${config.services.mysqlBackup.location}
- '' [ "stdio" "defaultPath" "systemConfig" "users" ];
+ system.activationScripts.mysqlBackup = stringAfter [ "stdio" "defaultPath"
"systemConfig" "users" ]
+ ''
+ mkdir -m 0700 -p ${config.services.mysqlBackup.location}
+ chown ${config.services.mysqlBackup.user}
${config.services.mysqlBackup.location}
+ '';
+
};
}
Modified: nixos/trunk/modules/services/backup/postgresql-backup.nix
==============================================================================
--- nixos/trunk/modules/services/backup/postgresql-backup.nix Mon Sep 13
15:31:06 2010 (r23761)
+++ nixos/trunk/modules/services/backup/postgresql-backup.nix Mon Sep 13
15:41:38 2010 (r23762)
@@ -1,14 +1,16 @@
-{pkgs, config, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
let
- inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
inherit (pkgs) postgresql gzip;
location = config.services.postgresqlBackup.location ;
- postgresqlBackupCron = db : ''
- ${config.services.postgresqlBackup.period} root ${postgresql}/bin/pg_dump
${db} | ${gzip}/bin/gzip -c > ${location}/${db}.gz
- '';
+ postgresqlBackupCron = db:
+ ''
+ ${config.services.postgresqlBackup.period} root
${postgresql}/bin/pg_dump ${db} | ${gzip}/bin/gzip -c > ${location}/${db}.gz
+ '';
in
@@ -52,14 +54,13 @@
};
config = mkIf config.services.postgresqlBackup.enable {
- services.cron = {
- systemCronJobs = map postgresqlBackupCron
config.services.postgresqlBackup.databases;
- };
+ services.cron.systemCronJobs = map postgresqlBackupCron
config.services.postgresqlBackup.databases;
- system.activationScripts.postgresqlBackup =
pkgs.stringsWithDeps.fullDepEntry ''
- mkdir -m 0700 -p ${config.services.postgresqlBackup.location}
- chown root ${config.services.postgresqlBackup.location}
- '' [ "stdio" "defaultPath" "systemConfig" "users" ];
+ system.activationScripts.postgresqlBackup = stringAfter [ "stdio"
"defaultPath" "systemConfig" "users" ]
+ ''
+ mkdir -m 0700 -p ${config.services.postgresqlBackup.location}
+ chown root ${config.services.postgresqlBackup.location}
+ '';
};
}
Modified: nixos/trunk/modules/services/backup/sitecopy-backup.nix
==============================================================================
--- nixos/trunk/modules/services/backup/sitecopy-backup.nix Mon Sep 13
15:31:06 2010 (r23761)
+++ nixos/trunk/modules/services/backup/sitecopy-backup.nix Mon Sep 13
15:41:38 2010 (r23762)
@@ -1,7 +1,8 @@
-{pkgs, config, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
let
- inherit (pkgs.lib) mkOption mkIf singleton concatStrings;
inherit (pkgs) sitecopy;
stateDir = "/var/spool/sitecopy";
@@ -63,45 +64,41 @@
config = mkIf config.services.sitecopy.enable {
environment.systemPackages = [ sitecopy ];
- services.cron = {
- systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
- };
-
-
- system.activationScripts.sitecopyBackup =
- pkgs.stringsWithDeps.fullDepEntry ''
- mkdir -m 0700 -p ${stateDir}
- chown root ${stateDir}
- touch ${stateDir}/sitecopy.secrets
- chown root ${stateDir}/sitecopy.secrets
-
- ${pkgs.lib.concatStrings (map ( b: ''
- unset secrets
- unset secret
- secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head
-1`
- secret=($secrets)
- cat > ${stateDir}/${b.name}.conf << EOF
- site ${b.name}
- server ${b.server}
- protocol ${b.protocol}
- username ''${secret[1]}
- password ''${secret[2]}
- local ${b.local}
- remote ${b.remote}
- symlinks ${b.symlinks}
- ${if b.https then "http secure" else ""}
- EOF
- chmod 0600 ${stateDir}/${b.name}.conf
- if ! test -e ${stateDir}/${b.name} ; then
- echo " * Initializing sitecopy '${b.name}'"
- ${sitecopy}/bin/sitecopy --storepath=${stateDir}
--rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
- else
- echo " * Sitecopy '${b.name}' already initialized"
- fi
- '' ) config.services.sitecopy.backups
- )}
+ services.cron.systemCronJobs = map sitecopyCron
config.services.sitecopy.backups;
- '' [ "stdio" "defaultPath" "systemConfig" "users" ] ;
+ system.activationScripts.sitecopyBackup = stringAfter [ "stdio"
"systemConfig" "users" ]
+ ''
+ mkdir -m 0700 -p ${stateDir}
+ chown root ${stateDir}
+ touch ${stateDir}/sitecopy.secrets
+ chown root ${stateDir}/sitecopy.secrets
+
+ ${pkgs.lib.concatStrings (map ( b: ''
+ unset secrets
+ unset secret
+ secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head
-1`
+ secret=($secrets)
+ cat > ${stateDir}/${b.name}.conf << EOF
+ site ${b.name}
+ server ${b.server}
+ protocol ${b.protocol}
+ username ''${secret[1]}
+ password ''${secret[2]}
+ local ${b.local}
+ remote ${b.remote}
+ symlinks ${b.symlinks}
+ ${if b.https then "http secure" else ""}
+ EOF
+ chmod 0600 ${stateDir}/${b.name}.conf
+ if ! test -e ${stateDir}/${b.name} ; then
+ echo " * Initializing sitecopy '${b.name}'"
+ ${sitecopy}/bin/sitecopy --storepath=${stateDir}
--rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
+ else
+ echo " * Sitecopy '${b.name}' already initialized"
+ fi
+ '' ) config.services.sitecopy.backups
+ )}
+ '';
};
}
Modified: nixos/trunk/modules/services/misc/nix-daemon.nix
==============================================================================
--- nixos/trunk/modules/services/misc/nix-daemon.nix Mon Sep 13 15:31:06
2010 (r23761)
+++ nixos/trunk/modules/services/misc/nix-daemon.nix Mon Sep 13 15:41:38
2010 (r23762)
@@ -277,7 +277,7 @@
# do this, mount the remote file system on a subdirectory of
# /var/run/nix/remote-stores.
export NIX_OTHER_STORES=/var/run/nix/remote-stores/*/nix
- ''
+ '' # */
+ optionalString config.nix.distributedBuilds ''
export
NIX_BUILD_HOOK=${config.environment.nix}/libexec/nix/build-remote.pl
export NIX_REMOTE_SYSTEMS=/etc/nix.machines
@@ -292,6 +292,33 @@
users.extraUsers = map makeNixBuildUser (pkgs.lib.range 1
config.nix.nrBuildUsers);
+ system.activationScripts.nix = stringAfter [ "etc" "users" ]
+ ''
+ # Set up Nix.
+ mkdir -p /nix/etc/nix
+ ln -sfn /etc/nix.conf /nix/etc/nix/nix.conf
+ chown root.nixbld /nix/store
+ chmod 1775 /nix/store
+
+ # Nix initialisation.
+ mkdir -m 0755 -p \
+ /nix/var/nix/gcroots \
+ /nix/var/nix/temproots \
+ /nix/var/nix/manifests \
+ /nix/var/nix/userpool \
+ /nix/var/nix/profiles \
+ /nix/var/nix/db \
+ /nix/var/log/nix/drvs \
+ /nix/var/nix/channel-cache \
+ /nix/var/nix/chroots
+ mkdir -m 1777 -p /nix/var/nix/gcroots/per-user
+ mkdir -m 1777 -p /nix/var/nix/profiles/per-user
+ mkdir -m 1777 -p /nix/var/nix/gcroots/tmp
+
+ ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
+ ln -sf /nix/var/nix/manifests /nix/var/nix/gcroots/
+ '';
+
};
}
Modified: nixos/trunk/modules/services/monitoring/systemhealth.nix
==============================================================================
--- nixos/trunk/modules/services/monitoring/systemhealth.nix Mon Sep 13
15:31:06 2010 (r23761)
+++ nixos/trunk/modules/services/monitoring/systemhealth.nix Mon Sep 13
15:41:38 2010 (r23762)
@@ -75,43 +75,44 @@
config = mkIf cfg.enable {
services.cron.systemCronJobs = [ cronJob ];
- system.activationScripts.systemhealth = fullDepEntry ''
- mkdir -p ${rrdDir} ${htmlDir}
- chown wwwrun.wwwrun ${rrdDir} ${htmlDir}
-
- cat >${configFile} << EOF
- [paths]
- rrdtool = ${pkgs.rrdtool}/bin/rrdtool
- loadavg_rrd = loadavg
- ps = /var/run/current-system/sw/bin/ps
- df = /var/run/current-system/sw/bin/df
- meminfo_rrd = meminfo
- uptime_rrd = uptime
- rrd_path = ${rrdDir}
- png_path = ${htmlDir}
-
- [processes]
-
- [interfaces]
- ${interfacesSection}
-
- [drives]
- ${drivesSection}
-
- [graphs]
- width = 400
- time = ['-3hours', '-32hours', '-8days', '-5weeks', '-13months']
- height = 100
-
- [external]
-
- EOF
-
- chown wwwrun.wwwrun ${configFile}
-
- ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --check" wwwrun
- ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --html" wwwrun
- '' [ "var" ];
+ system.activationScripts.systemhealth = stringAfter [ "var" ]
+ ''
+ mkdir -p ${rrdDir} ${htmlDir}
+ chown wwwrun.wwwrun ${rrdDir} ${htmlDir}
+
+ cat >${configFile} << EOF
+ [paths]
+ rrdtool = ${pkgs.rrdtool}/bin/rrdtool
+ loadavg_rrd = loadavg
+ ps = /var/run/current-system/sw/bin/ps
+ df = /var/run/current-system/sw/bin/df
+ meminfo_rrd = meminfo
+ uptime_rrd = uptime
+ rrd_path = ${rrdDir}
+ png_path = ${htmlDir}
+
+ [processes]
+
+ [interfaces]
+ ${interfacesSection}
+
+ [drives]
+ ${drivesSection}
+
+ [graphs]
+ width = 400
+ time = ['-3hours', '-32hours', '-8days', '-5weeks', '-13months']
+ height = 100
+
+ [external]
+
+ EOF
+
+ chown wwwrun.wwwrun ${configFile}
+
+ ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --check" wwwrun
+ ${pkgs.su}/bin/su -s "/bin/sh" -c "${command} --html" wwwrun
+ '';
services.httpd.extraSubservices = [
{ function = f: {
Modified: nixos/trunk/modules/system/activation/activation-script.nix
==============================================================================
--- nixos/trunk/modules/system/activation/activation-script.nix Mon Sep 13
15:31:06 2010 (r23761)
+++ nixos/trunk/modules/system/activation/activation-script.nix Mon Sep 13
15:41:38 2010 (r23762)
@@ -1,220 +1,140 @@
# generate the script used to activate the configuration.
-{pkgs, config, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
let
- inherit (pkgs.lib) mkOption mergeTypedOption mergeAttrs
- mapAttrs addErrorContext fold id filter textClosureMap noDepEntry
- fullDepEntry;
- inherit (builtins) attrNames;
addAttributeName = mapAttrs (a: v: v // {
- text = ''
- #### actionScripts snippet ${a} :
- # ========================================
- ${v.text}
- '';
- });
-
- defaultScripts = {
-
- systemConfig = noDepEntry ''
- systemConfig="$1"
- if test -z "$systemConfig"; then
- systemConfig="/system" # for the installation CD
- fi
+ text = ''
+ #### Activation script snippet ${a}:
+ ${v.text}
'';
+ });
- defaultPath =
- let path = [
- pkgs.coreutils pkgs.gnugrep pkgs.findutils
- pkgs.glibc # needed for getent
- pkgs.shadow
- pkgs.nettools # needed for hostname
- ]; in noDepEntry ''
- export PATH=/empty
- for i in ${toString path}; do
- PATH=$PATH:$i/bin:$i/sbin;
- done
- '';
-
- stdio = fullDepEntry ''
- # Needed by some programs.
- ln -sfn /proc/self/fd /dev/fd
- ln -sfn /proc/self/fd/0 /dev/stdin
- ln -sfn /proc/self/fd/1 /dev/stdout
- ln -sfn /proc/self/fd/2 /dev/stderr
- '' [
- "defaultPath" # path to ln
+ path =
+ [ pkgs.coreutils pkgs.gnugrep pkgs.findutils
+ pkgs.glibc # needed for getent
+ pkgs.shadow
+ pkgs.nettools # needed for hostname
];
+
+in
- binsh = fullDepEntry ''
- # Create the required /bin/sh symlink; otherwise lots of things
- # (notably the system() function) won't work.
- mkdir -m 0755 -p $mountPoint/bin
- ln -sfn ${config.system.build.binsh}/bin/sh $mountPoint/bin/sh
- '' [
- "defaultPath" # path to ln & mkdir
- "stdio" # ?
- ];
+{
- modprobe = fullDepEntry ''
- # Allow the kernel to find our wrapped modprobe (which searches
- # in the right location in the Nix store for kernel modules).
- # We need this when the kernel (or some module) auto-loads a
- # module.
- echo ${config.system.sbin.modprobe}/sbin/modprobe >
/proc/sys/kernel/modprobe
- '' [
- # ?
- ];
+ ###### interface
+
+ options = {
+
+ system.activationScripts = mkOption {
+ default = {};
+
+ example = {
+ stdio = {
+ text = ''
+ # Needed by some programs.
+ ln -sfn /proc/self/fd /dev/fd
+ ln -sfn /proc/self/fd/0 /dev/stdin
+ ln -sfn /proc/self/fd/1 /dev/stdout
+ ln -sfn /proc/self/fd/2 /dev/stderr
+ '';
+ deps = [];
+ };
+ };
+
+ description = ''
+ Activate the new configuration (i.e., update /etc, make accounts,
+ and so on).
+ '';
+
+ merge = mergeTypedOption "script" builtins.isAttrs (fold mergeAttrs {});
+
+ apply = set: {
+ script = pkgs.writeScript "nixos-activation-script"
+ ''
+ #! ${pkgs.stdenv.shell}
+
+ export PATH=/empty
+ for i in ${toString path}; do
+ PATH=$PATH:$i/bin:$i/sbin;
+ done
+
+ ${
+ let
+ set' = mapAttrs (n: v: if builtins.isString v then noDepEntry
v else v) set;
+ withHeadlines = addAttributeName set';
+ in textClosureMap id (withHeadlines) (attrNames withHeadlines)
+ }
+
+ # Make this configuration the current configuration.
+ # The readlink is there to ensure that when $systemConfig = /system
+ # (which is a symlink to the store), /var/run/current-system is
still
+ # used as a garbage collection root.
+ ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
+
+ # Prevent the current configuration from being garbage-collected.
+ ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
+ '';
+ };
+
+ };
+
+ };
- var = fullDepEntry ''
- # Various log/runtime directories.
+
+ ###### implementation
- touch /var/run/utmp # must exist
- chgrp ${toString config.ids.gids.utmp} /var/run/utmp
- chmod 664 /var/run/utmp
+ config = {
- mkdir -m 0755 -p /var/run/nix/current-load # for distributed builds
- mkdir -m 0700 -p /var/run/nix/remote-stores
+ system.activationScripts.systemConfig =
+ ''
+ systemConfig="$1"
+ if test -z "$systemConfig"; then
+ systemConfig="/system" # for the installation CD
+ fi
+ '';
- mkdir -m 0755 -p /var/log
- mkdir -m 0755 -p /var/log/upstart
+ system.activationScripts.stdio =
+ ''
+ # Needed by some programs.
+ ln -sfn /proc/self/fd /dev/fd
+ ln -sfn /proc/self/fd/0 /dev/stdin
+ ln -sfn /proc/self/fd/1 /dev/stdout
+ ln -sfn /proc/self/fd/2 /dev/stderr
+ '';
- touch /var/log/wtmp # must exist
- chmod 644 /var/log/wtmp
+ system.activationScripts.var =
+ ''
+ # Various log/runtime directories.
- touch /var/log/lastlog
- chmod 644 /var/log/lastlog
+ touch /var/run/utmp # must exist
+ chgrp ${toString config.ids.gids.utmp} /var/run/utmp
+ chmod 664 /var/run/utmp
- mkdir -m 1777 -p /var/tmp
+ mkdir -m 0755 -p /var/run/nix/current-load # for distributed builds
+ mkdir -m 0700 -p /var/run/nix/remote-stores
- # Empty, read-only home directory of many system accounts.
- mkdir -m 0555 -p /var/empty
- '' [
- "defaultPath" # path to mkdir & touch & chmod
- ];
+ mkdir -m 0755 -p /var/log
+ mkdir -m 0755 -p /var/log/upstart
- rootPasswd = fullDepEntry ''
- # If there is no password file yet, create a root account with an
- # empty password.
- if ! test -e /etc/passwd; then
- rootHome=/root
- touch /etc/passwd; chmod 0644 /etc/passwd
- touch /etc/group; chmod 0644 /etc/group
- touch /etc/shadow; chmod 0600 /etc/shadow
- # Can't use useradd, since it complains that it doesn't know us
- # (bootstrap problem!).
- echo "root:x:0:0:System
administrator:$rootHome:${config.users.defaultUserShell}" >> /etc/passwd
- echo "root::::::::" >> /etc/shadow
- fi
- '' [
- "defaultPath" # path to touch & passwd
- "etc" # for /etc
- # ?
- ];
+ touch /var/log/wtmp # must exist
+ chmod 644 /var/log/wtmp
- nix = fullDepEntry ''
- # Set up Nix.
- mkdir -p /nix/etc/nix
- ln -sfn /etc/nix.conf /nix/etc/nix/nix.conf
- chown root.nixbld /nix/store
- chmod 1775 /nix/store
-
- # Nix initialisation.
- mkdir -m 0755 -p \
- /nix/var/nix/gcroots \
- /nix/var/nix/temproots \
- /nix/var/nix/manifests \
- /nix/var/nix/userpool \
- /nix/var/nix/profiles \
- /nix/var/nix/db \
- /nix/var/log/nix/drvs \
- /nix/var/nix/channel-cache \
- /nix/var/nix/chroots
- mkdir -m 1777 -p /nix/var/nix/gcroots/per-user
- mkdir -m 1777 -p /nix/var/nix/profiles/per-user
- mkdir -m 1777 -p /nix/var/nix/gcroots/tmp
-
- ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
- ln -sf /nix/var/nix/manifests /nix/var/nix/gcroots/
- '' [
- "defaultPath"
- "etc" # /etc/nix.conf
- "users" # nixbld group
- ];
+ touch /var/log/lastlog
+ chmod 644 /var/log/lastlog
- hostname = fullDepEntry ''
- # Set the host name. Don't clear it if it's not configured in the
- # NixOS configuration, since it may have been set by dhclient in the
- # meantime.
- ${if config.networking.hostName != "" then
- ''hostname "${config.networking.hostName}"''
- else ''
- # dhclient won't do anything if the hostname isn't empty.
- if test "$(hostname)" = "(none)"; then
- hostname ""
- fi
- ''}
- '' [ "defaultPath" ];
-
- # The activation has to be done at the end. This is forced at the apply
- # function of activationScripts option
- activate = noDepEntry ''
- # Make this configuration the current configuration.
- # The readlink is there to ensure that when $systemConfig = /system
- # (which is a symlink to the store), /var/run/current-system is still
- # used as a garbage collection root.
- ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
+ mkdir -m 1777 -p /var/tmp
- # Prevent the current configuration from being garbage-collected.
- ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
- '';
+ # Empty, read-only home directory of many system accounts.
+ mkdir -m 0555 -p /var/empty
+ '';
- media = noDepEntry ''
- mkdir -p /media
- '';
+ system.activationScripts.media =
+ ''
+ mkdir -p /media
+ '';
};
-
-in
-
-{
- require = {
- system = {
- activationScripts = mkOption {
- default = [];
- example = {
- stdio = {
- text = "
- # Needed by some programs.
- ln -sfn /proc/self/fd /dev/fd
- ln -sfn /proc/self/fd/0 /dev/stdin
- ln -sfn /proc/self/fd/1 /dev/stdout
- ln -sfn /proc/self/fd/2 /dev/stderr
- ";
- deps = [];
- };
- };
- description = ''
- Activate the new configuration (i.e., update /etc, make accounts,
- and so on).
- '';
- merge = mergeTypedOption "script" builtins.isAttrs (fold mergeAttrs
{});
- apply = set:
- let withHeadlines = addAttributeName set;
- activateLib = removeAttrs withHeadlines ["activate"];
- activateLibNames = attrNames activateLib;
- in {
- script = pkgs.writeScript "nixos-activation-script"
- ("#! ${pkgs.stdenv.shell}\n"
- + textClosureMap id activateLib activateLibNames + "\n"
- # make sure that the activate snippet is added last.
- + withHeadlines.activate.text);
- };
- };
- };
- };
-
- system.activationScripts = defaultScripts;
}
Modified: nixos/trunk/modules/system/boot/modprobe.nix
==============================================================================
--- nixos/trunk/modules/system/boot/modprobe.nix Mon Sep 13 15:31:06
2010 (r23761)
+++ nixos/trunk/modules/system/boot/modprobe.nix Mon Sep 13 15:41:38
2010 (r23762)
@@ -88,6 +88,15 @@
# too?
];
+ system.activationScripts.modprobe =
+ ''
+ # Allow the kernel to find our wrapped modprobe (which searches
+ # in the right location in the Nix store for kernel modules).
+ # We need this when the kernel (or some module) auto-loads a
+ # module.
+ echo ${config.system.sbin.modprobe}/sbin/modprobe >
/proc/sys/kernel/modprobe
+ '';
+
};
}
Modified: nixos/trunk/modules/system/etc/etc.nix
==============================================================================
--- nixos/trunk/modules/system/etc/etc.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/system/etc/etc.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -1,9 +1,10 @@
-# produce a script to generate /etc
-{config, pkgs, ...}:
+# Produce a script to generate /etc.
+{ config, pkgs, ... }:
+
+with pkgs.lib;
###### interface
let
- inherit (pkgs.lib) mkOption;
option = {
environment.etc = mkOption {
@@ -52,47 +53,39 @@
{
require = [option];
- system = {
- build = {
- etc = makeEtc;
- };
+ system.build.etc = makeEtc;
+
+ system.activationScripts.etc = stringAfter [ "systemConfig" "stdio" ]
+ ''
+ # Set up the statically computed bits of /etc.
+ echo "setting up /etc..."
+ staticEtc=/etc/static
+ rm -f $staticEtc
+ ln -s ${makeEtc}/etc $staticEtc
+ for i in $(cd $staticEtc && find * -type l); do
+ mkdir -p /etc/$(dirname $i)
+ rm -f /etc/$i
+ if test -e "$staticEtc/$i.mode"; then
+ # Create a regular file in /etc.
+ cp $staticEtc/$i /etc/$i
+ chown 0.0 /etc/$i
+ chmod "$(cat "$staticEtc/$i.mode")" /etc/$i
+ else
+ # Create a symlink in /etc.
+ ln -s $staticEtc/$i /etc/$i
+ fi
+ done
+
+ # Remove dangling symlinks that point to /etc/static. These are
+ # configuration files that existed in a previous configuration but not
+ # in the current one. For efficiency, don't look under /etc/nixos
+ # (where all the NixOS sources live).
+ for i in $(find /etc/ \( -path /etc/nixos -prune \) -o -type l); do
+ target=$(readlink "$i")
+ if test "''${target:0:''${#staticEtc}}" = "$staticEtc" -a ! -e "$i";
then
+ rm -f "$i"
+ fi
+ done
+ '';
- activationScripts = {
- etc = pkgs.lib.fullDepEntry ''
- # Set up the statically computed bits of /etc.
- echo "setting up /etc..."
- staticEtc=/etc/static
- rm -f $staticEtc
- ln -s ${makeEtc}/etc $staticEtc
- for i in $(cd $staticEtc && find * -type l); do
- mkdir -p /etc/$(dirname $i)
- rm -f /etc/$i
- if test -e "$staticEtc/$i.mode"; then
- # Create a regular file in /etc.
- cp $staticEtc/$i /etc/$i
- chown 0.0 /etc/$i
- chmod "$(cat "$staticEtc/$i.mode")" /etc/$i
- else
- # Create a symlink in /etc.
- ln -s $staticEtc/$i /etc/$i
- fi
- done
-
- # Remove dangling symlinks that point to /etc/static. These are
- # configuration files that existed in a previous configuration but not
- # in the current one. For efficiency, don't look under /etc/nixos
- # (where all the NixOS sources live).
- for i in $(find /etc/ \( -path /etc/nixos -prune \) -o -type l); do
- target=$(readlink "$i")
- if test "''${target:0:''${#staticEtc}}" = "$staticEtc" -a ! -e
"$i"; then
- rm -f "$i"
- fi
- done
- '' [
- "systemConfig"
- "defaultPath" # path to cp, chmod, chown
- "stdio"
- ];
- };
- };
}
Modified: nixos/trunk/modules/tasks/network-interfaces.nix
==============================================================================
--- nixos/trunk/modules/tasks/network-interfaces.nix Mon Sep 13 15:31:06
2010 (r23761)
+++ nixos/trunk/modules/tasks/network-interfaces.nix Mon Sep 13 15:41:38
2010 (r23762)
@@ -205,7 +205,20 @@
# ${nettools}/sbin/ifconfig $i down || true
#done
'';
- };
+ };
+
+ # Set the host name in the activation script. Don't clear it if
+ # it's not configured in the NixOS configuration, since it may
+ # have been set by dhclient in the meantime.
+ system.activationScripts.hostname =
+ (if config.networking.hostName != "" then ''
+ hostname "${config.networking.hostName}"
+ '' else ''
+ # dhclient won't do anything if the hostname isn't empty.
+ if test "$(hostname)" = "(none)"; then
+ hostname ""
+ fi
+ '');
};
Modified: nixos/trunk/modules/virtualisation/xen.nix
==============================================================================
--- nixos/trunk/modules/virtualisation/xen.nix Mon Sep 13 15:31:06 2010
(r23761)
+++ nixos/trunk/modules/virtualisation/xen.nix Mon Sep 13 15:41:38 2010
(r23762)
@@ -72,7 +72,7 @@
'';
# Mount the /proc/xen pseudo-filesystem.
- system.activationScripts.xen = noDepEntry
+ system.activationScripts.xen =
''
if [ -d /proc/xen ]; then
${pkgs.sysvtools}/bin/mountpoint -q /proc/xen || \
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
