Merge pull request #85073 from hyperfekt/systemd-pstore
nixos/systemd|filesystems: mount and evacuate /sys/fs/pstore using systemd-pstore
This commit is contained in:
commit
6c0058f47f
|
@ -1077,6 +1077,12 @@ environment.systemPackages = [
|
|||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The newly enabled <literal>systemd-pstore.service</literal> now automatically evacuates crashdumps and panic logs from the persistent storage to <literal>/var/lib/systemd/pstore</literal>.
|
||||
This prevents NVRAM from filling up, which ensures the latest diagnostic data is always stored and alleviates problems with writing new boot configurations.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -99,5 +99,13 @@ with lib;
|
|||
# because we have the firewall enabled. This makes installs from the
|
||||
# console less cumbersome if the machine has a public IP.
|
||||
networking.firewall.logRefusedConnections = mkDefault false;
|
||||
|
||||
# Prevent installation media from evacuating persistent storage, as their
|
||||
# var directory is not persistent and it would thus result in deletion of
|
||||
# those entries.
|
||||
environment.etc."systemd/pstore.conf".text = ''
|
||||
[PStore]
|
||||
Unlink=no
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -90,6 +90,7 @@ let
|
|||
"systemd-fsck@.service"
|
||||
"systemd-fsck-root.service"
|
||||
"systemd-remount-fs.service"
|
||||
"systemd-pstore.service"
|
||||
"local-fs.target"
|
||||
"local-fs-pre.target"
|
||||
"remote-fs.target"
|
||||
|
@ -1183,6 +1184,7 @@ in
|
|||
systemd.targets.remote-fs.unitConfig.X-StopOnReconfiguration = true;
|
||||
systemd.targets.network-online.wantedBy = [ "multi-user.target" ];
|
||||
systemd.services.systemd-importd.environment = proxy_env;
|
||||
systemd.services.systemd-pstore.wantedBy = [ "sysinit.target" ]; # see #81138
|
||||
|
||||
# Don't bother with certain units in containers.
|
||||
systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container";
|
||||
|
|
|
@ -272,10 +272,10 @@ in
|
|||
wants = [ "local-fs.target" "remote-fs.target" ];
|
||||
};
|
||||
|
||||
# Emit systemd services to format requested filesystems.
|
||||
systemd.services =
|
||||
let
|
||||
|
||||
# Emit systemd services to format requested filesystems.
|
||||
let
|
||||
formatDevice = fs:
|
||||
let
|
||||
mountPoint' = "${escapeSystemdPath fs.mountPoint}.mount";
|
||||
|
@ -302,8 +302,34 @@ in
|
|||
unitConfig.DefaultDependencies = false; # needed to prevent a cycle
|
||||
serviceConfig.Type = "oneshot";
|
||||
};
|
||||
|
||||
in listToAttrs (map formatDevice (filter (fs: fs.autoFormat) fileSystems));
|
||||
in listToAttrs (map formatDevice (filter (fs: fs.autoFormat) fileSystems)) // {
|
||||
# Mount /sys/fs/pstore for evacuating panic logs and crashdumps from persistent storage onto the disk using systemd-pstore.
|
||||
# This cannot be done with the other special filesystems because the pstore module (which creates the mount point) is not loaded then.
|
||||
# Since the pstore filesystem is usually empty right after mounting because the backend isn't registered yet, and a path unit cannot detect files inside of it, the same service waits for that to happen. systemd's restart mechanism can't be used here because the first failure also fails all dependent units.
|
||||
"mount-pstore" = {
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.utillinux}/bin/mount -t pstore -o nosuid,noexec,nodev pstore /sys/fs/pstore";
|
||||
ExecStartPost = pkgs.writeShellScript "wait-for-pstore.sh" ''
|
||||
set -eu
|
||||
TRIES=0
|
||||
while [ $TRIES -lt 20 ] && [ "$(cat /sys/module/pstore/parameters/backend)" = "(null)" ]; do
|
||||
sleep 0.1
|
||||
TRIES=$((TRIES+1))
|
||||
done
|
||||
'';
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
unitConfig = {
|
||||
ConditionVirtualization = "!container";
|
||||
DefaultDependencies = false; # needed to prevent a cycle
|
||||
};
|
||||
after = [ "modprobe@pstore.service" ];
|
||||
requires = [ "modprobe@pstore.service" ];
|
||||
before = [ "systemd-pstore.service" ];
|
||||
wantedBy = [ "systemd-pstore.service" ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /run/keys 0750 root ${toString config.ids.gids.keys}"
|
||||
|
|
Loading…
Reference in New Issue