Merge remote-tracking branch 'origin/systemd-216' into staging

2014-09-08 13:53:33 +02:00 · 2014-09-08 13:53:33 +02:00 · 152ae27aac
parent af69fcde47 3d821c068a
commit 152ae27aac
7 changed files with 93 additions and 2644 deletions
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@ -35,29 +35,27 @@ in

  config = {

-    environment.etc =
-      [ # Name Service Switch configuration file.  Required by the C library.
-        # !!! Factor out the mdns stuff.  The avahi module should define
-        # an option used by this module.
-        { source = pkgs.writeText "nsswitch.conf"
-            ''
-              passwd:    files ldap
-              group:     files ldap
-              shadow:    files ldap
-              hosts:     files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname
-              networks:  files dns
-              ethers:    files
-              services:  files
-              protocols: files
-            '';
-          target = "nsswitch.conf";
-        }
-      ];
+    # Name Service Switch configuration file.  Required by the C
+    # library.  !!! Factor out the mdns stuff.  The avahi module
+    # should define an option used by this module.
+    environment.etc."nsswitch.conf".text =
+      ''
+        passwd:    files ldap
+        group:     files ldap
+        shadow:    files ldap
+        hosts:     files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines
+        networks:  files dns
+        ethers:    files
+        services:  files
+        protocols: files
+      '';

-    # Use nss-myhostname to ensure that our hostname always resolves to
-    # a valid IP address.  It returns all locally configured IP
-    # addresses, or ::1 and 127.0.0.2 as fallbacks.
-    system.nssModules = [ pkgs.systemd ];
+    # Systemd provides nss-myhostname to ensure that our hostname
+    # always resolves to a valid IP address.  It returns all locally
+    # configured IP addresses, or ::1 and 127.0.0.2 as
+    # fallbacks. Systemd also provides nss-mymachines to return IP
+    # addresses of local containers.
+    system.nssModules = [ config.systemd.package ];

  };
 }
--- a/nixos/modules/services/system/nscd.nix
+++ b/nixos/modules/services/system/nscd.nix
@ -62,7 +62,7 @@ in
            mkdir -m 0755 -p /var/db/nscd
          '';

-        restartTriggers = [ config.environment.etc.hosts.source ];
+        restartTriggers = [ config.environment.etc.hosts.source config.environment.etc."nsswitch.conf".source ];

        serviceConfig =
          { ExecStart = "@${pkgs.glibc}/sbin/nscd nscd -f ${cfgFile}";
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@ -81,6 +81,7 @@ let
      "systemd-journal-flush.service"
      "systemd-journal-gatewayd.socket"
      "systemd-journal-gatewayd.service"
+      "systemd-journald-dev-log.socket"
      "syslog.socket"

      # SysV init compatibility.
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -277,9 +277,12 @@ in

          NotifyAccess = "all";

-          # Note that on reboot, systemd-nspawn returns 10, so this
+          # Note that on reboot, systemd-nspawn returns 133, so this
          # unit will be restarted. On poweroff, it returns 0, so the
          # unit won't be restarted.
+          RestartForceExitStatus = "133";
+          SuccessExitStatus = "133";
+
          Restart = "on-failure";

          # Hack: we don't want to kill systemd-nspawn, since we call
--- a/pkgs/development/libraries/polkit/default.nix
+++ b/pkgs/development/libraries/polkit/default.nix
@ -1,5 +1,5 @@
 { stdenv, fetchurl, pkgconfig, glib, expat, pam, intltool, spidermonkey
-, gobjectIntrospection, libxslt, docbook_xsl
+, gobjectIntrospection, libxslt, docbook_xsl, docbook_xml_dtd_412
 , useSystemd ? stdenv.isLinux, systemd }:

 let
@ -24,7 +24,7 @@ stdenv.mkDerivation rec {

  buildInputs =
    [ pkgconfig glib expat pam intltool spidermonkey gobjectIntrospection ]
-    ++ [ libxslt docbook_xsl ] # man pages
+    ++ [ libxslt docbook_xsl docbook_xml_dtd_412 ] # man pages
    ++ stdenv.lib.optional useSystemd systemd;

  # Ugly hack to overwrite hardcoded directories
--- a/pkgs/os-specific/linux/systemd/default.nix
+++ b/pkgs/os-specific/linux/systemd/default.nix
@ -1,9 +1,8 @@
 { stdenv, fetchurl, pkgconfig, intltool, gperf, libcap, dbus, kmod
 , xz, pam, acl, cryptsetup, libuuid, m4, utillinux
-, glib, kbd, libxslt, coreutils, libgcrypt, sysvtools, docbook_xsl
+, glib, kbd, libxslt, coreutils, libgcrypt, sysvtools
 , kexectools, libmicrohttpd, linuxHeaders
 , pythonPackages ? null, pythonSupport ? false
-, autoreconfHook
 }:

 assert stdenv.isLinux;
@ -11,25 +10,24 @@ assert stdenv.isLinux;
 assert pythonSupport -> pythonPackages != null;

 stdenv.mkDerivation rec {
-  version = "212";
+  version = "216";
  name = "systemd-${version}";

  src = fetchurl {
    url = "http://www.freedesktop.org/software/systemd/${name}.tar.xz";
-    sha256 = "1hpjcc42svrs06q3isjm3m5aphgkpfdylmvpnif71zh46ys0cab5";
+    sha256 = "1wr8jxhp2rmbzabm743rmrhp2c8kir1990x6iblzzmj0v2vkspcl";
  };

  patches =
    [ # These are all changes between upstream and
-      # https://github.com/edolstra/systemd/tree/nixos-v212.
+      # https://github.com/edolstra/systemd/tree/nixos-v216.
      ./fixes.patch
    ];

  buildInputs =
    [ pkgconfig intltool gperf libcap kmod xz pam acl
-      /* cryptsetup */ libuuid m4 glib libxslt libgcrypt docbook_xsl
+      /* cryptsetup */ libuuid m4 glib libxslt libgcrypt
      libmicrohttpd linuxHeaders
-      autoreconfHook
    ] ++ stdenv.lib.optionals pythonSupport [pythonPackages.python pythonPackages.lxml];

  configureFlags =
@ -45,9 +43,23 @@ stdenv.mkDerivation rec {
      "--with-dbussessionservicedir=$(out)/share/dbus-1/services"
      "--with-firmware-path=/root/test-firmware:/run/current-system/firmware"
      "--with-tty-gid=3" # tty in NixOS has gid 3
-      "--disable-networkd" # enable/use eventually
      "--enable-compat-libs" # get rid of this eventually
      "--disable-tests"
+
+      "--disable-hostnamed"
+      "--disable-networkd" # enable/use eventually
+      "--disable-sysusers"
+      "--disable-timedated"
+      "--disable-timesyncd"
+      "--disable-readahead"
+      "--disable-firstboot"
+      "--disable-localed"
+      "--disable-resolved"
+      "--disable-split-usr"
+
+      "--with-sysvinit-path="
+      "--with-sysvrcnd-path="
+      "--with-rc-local-script-path-stop=/etc/halt.local"
    ];

  preConfigure =
@ -88,6 +100,8 @@ stdenv.mkDerivation rec {
      # currently running systemd (/run/current-system/systemd) so
      # that we don't use an obsolete/garbage-collected release agent.
      "-USYSTEMD_CGROUP_AGENT_PATH" "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\""
+
+      "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\""
    ];

  # Use /var/lib/udev rather than /etc/udev for the generated hardware
@ -104,9 +118,14 @@ stdenv.mkDerivation rec {
      "pamconfdir=$(out)/etc/pam.d"
    ];

-  # Get rid of configuration-specific data.
  postInstall =
    ''
+      # sysinit.target: Don't depend on
+      # systemd-tmpfiles-setup.service. This interferes with NixOps's
+      # send-keys feature (since sshd.service depends indirectly on
+      # sysinit.target).
+      mv $out/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service $out/lib/systemd/system/multi-user.target.wants/
+
      mkdir -p $out/example/systemd
      mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example
      mv $out/lib/systemd/{system,user} $out/example/systemd
--- a/pkgs/os-specific/linux/systemd/fixes.patch
+++ b/pkgs/os-specific/linux/systemd/fixes.patch