Merge pull request #54980 from danbst/etc-relative

nixos: make symlinks in `/etc` relative (except `/etc/static`)
This commit is contained in:
Michael Raskin 2019-02-21 09:45:42 +00:00 committed by GitHub
commit 0b91fa43e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 41 additions and 7 deletions

View File

@ -535,6 +535,20 @@
use <literal>nixos-rebuild boot; reboot</literal>. use <literal>nixos-rebuild boot; reboot</literal>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Symlinks in <filename>/etc</filename> (except <filename>/etc/static</filename>)
are now relative instead of absolute. This makes possible to examine
NixOS container's <filename>/etc</filename> directory from host system
(previously it pointed to host <filename>/etc</filename> when viewed from host,
and to container <filename>/etc</filename> when viewed from container chroot).
</para>
<para>
This also makes <filename>/etc/os-release</filename> adhere to
<link xlink:href="https://www.freedesktop.org/software/systemd/man/os-release.html">the standard</link>
for NixOS containers.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
Flat volumes are now disabled by default in <literal>hardware.pulseaudio</literal>. Flat volumes are now disabled by default in <literal>hardware.pulseaudio</literal>.

View File

@ -10,6 +10,11 @@ users_=($users)
groups_=($groups) groups_=($groups)
set +f set +f
# Create relative symlinks, so that the links can be followed if
# the NixOS installation is not mounted as filesystem root.
# Absolute symlinks violate the os-release format
# at https://www.freedesktop.org/software/systemd/man/os-release.html
# and break e.g. systemd-nspawn and os-prober.
for ((i = 0; i < ${#targets_[@]}; i++)); do for ((i = 0; i < ${#targets_[@]}; i++)); do
source="${sources_[$i]}" source="${sources_[$i]}"
target="${targets_[$i]}" target="${targets_[$i]}"
@ -19,14 +24,14 @@ for ((i = 0; i < ${#targets_[@]}; i++)); do
# If the source name contains '*', perform globbing. # If the source name contains '*', perform globbing.
mkdir -p $out/etc/$target mkdir -p $out/etc/$target
for fn in $source; do for fn in $source; do
ln -s "$fn" $out/etc/$target/ ln -s --relative "$fn" $out/etc/$target/
done done
else else
mkdir -p $out/etc/$(dirname $target) mkdir -p $out/etc/$(dirname $target)
if ! [ -e $out/etc/$target ]; then if ! [ -e $out/etc/$target ]; then
ln -s $source $out/etc/$target ln -s --relative $source $out/etc/$target
else else
echo "duplicate entry $target -> $source" echo "duplicate entry $target -> $source"
if test "$(readlink $out/etc/$target)" != "$source"; then if test "$(readlink $out/etc/$target)" != "$source"; then
@ -34,13 +39,13 @@ for ((i = 0; i < ${#targets_[@]}; i++)); do
exit 1 exit 1
fi fi
fi fi
if test "${modes_[$i]}" != symlink; then if test "${modes_[$i]}" != symlink; then
echo "${modes_[$i]}" > $out/etc/$target.mode echo "${modes_[$i]}" > $out/etc/$target.mode
echo "${users_[$i]}" > $out/etc/$target.uid echo "${users_[$i]}" > $out/etc/$target.uid
echo "${groups_[$i]}" > $out/etc/$target.gid echo "${groups_[$i]}" > $out/etc/$target.gid
fi fi
fi fi
done done

View File

@ -4,6 +4,7 @@ use File::Copy;
use File::Path; use File::Path;
use File::Basename; use File::Basename;
use File::Slurp; use File::Slurp;
use File::Spec;
my $etc = $ARGV[0] or die; my $etc = $ARGV[0] or die;
my $static = "/etc/static"; my $static = "/etc/static";
@ -17,6 +18,20 @@ sub atomicSymlink {
return 1; return 1;
} }
# Create relative symlinks, so that the links can be followed if
# the NixOS installation is not mounted as filesystem root.
# Absolute symlinks violate the os-release format
# at https://www.freedesktop.org/software/systemd/man/os-release.html
# and break e.g. systemd-nspawn and os-prober.
sub atomicRelativeSymlink {
my ($source, $target) = @_;
my $tmp = "$target.tmp";
unlink $tmp;
my $rel = File::Spec->abs2rel($source, dirname $target);
symlink $rel, $tmp or return 0;
rename $tmp, $target or return 0;
return 1;
}
# Atomically update /etc/static to point at the etc files of the # Atomically update /etc/static to point at the etc files of the
# current configuration. # current configuration.
@ -103,7 +118,7 @@ sub link {
if (-e "$_.mode") { if (-e "$_.mode") {
my $mode = read_file("$_.mode"); chomp $mode; my $mode = read_file("$_.mode"); chomp $mode;
if ($mode eq "direct-symlink") { if ($mode eq "direct-symlink") {
atomicSymlink readlink("$static/$fn"), $target or warn; atomicRelativeSymlink readlink("$static/$fn"), $target or warn;
} else { } else {
my $uid = read_file("$_.uid"); chomp $uid; my $uid = read_file("$_.uid"); chomp $uid;
my $gid = read_file("$_.gid"); chomp $gid; my $gid = read_file("$_.gid"); chomp $gid;
@ -117,7 +132,7 @@ sub link {
push @copied, $fn; push @copied, $fn;
print CLEAN "$fn\n"; print CLEAN "$fn\n";
} elsif (-l "$_") { } elsif (-l "$_") {
atomicSymlink "$static/$fn", $target or warn; atomicRelativeSymlink "$static/$fn", $target or warn;
} }
} }