From 4a69bf2a1e8ed79a237c0476556fb72f6de90f98 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 6 May 2020 00:24:38 +0200 Subject: [PATCH] nixos/systemd: enable systemd-provided nss modules unconditionally A disabled nscd breaks nss module loading on NixOS, and systemd without its nss modules doesn't really work either - instead of silently disabling its nss modules if nscd is disabled, let the assertion in nsswitch handle this. --- nixos/modules/system/boot/systemd.nix | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index e05c0c8b2ac..96b9815aa2b 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -829,16 +829,8 @@ in system.build.units = cfg.units; - # Systemd provides various NSS modules to look up dynamic users, locally - # configured IP adresses and local container hostnames. - # On NixOS, these can only be passed to the NSS system via nscd (and its - # LD_LIBRARY_PATH), which is why it's usually a very good idea to have nscd - # enabled (also see the config.nscd.enable description). - # While there is already an assertion in place complaining loudly about - # having nssModules configured and nscd disabled, for some reason we still - # check for nscd being enabled before adding to nssModules. - system.nssModules = optional config.services.nscd.enable systemd.out; - system.nssDatabases = mkIf config.services.nscd.enable { + system.nssModules = [ systemd.out ]; + system.nssDatabases = { hosts = (mkMerge [ [ "mymachines" ] (mkOrder 1600 [ "myhostname" ] # 1600 to ensure it's always the last