* Lots of refactoring.

* Clear the PATH in most scripts.  This helps to ensure purity.

svn path=/nixos/trunk/; revision=7299

boot/boot-stage-1-init.sh

@@ -1,9 +1,9 @@
-#! @shell@
+#! @staticShell@
 
 fail() {
     # If starting stage 2 failed, start an interactive shell.
     echo "Stage 2 failed, starting emergency shell..."
-    exec @shell@
+    exec @staticShell@
 }
 
 

boot/boot-stage-1.nix

@@ -4,7 +4,7 @@
 # the second boot stage.  The closure of the result of this expression
 # is supposed to be put into an initial RAM disk (initrd).
 
-{ genericSubstituter, shell, staticTools
+{ substituteAll, staticShell, staticTools
 , module_init_tools, extraUtils, modules
 
 , # Whether to find root device automatically using its label.
@@ -24,10 +24,10 @@
 assert !autoDetectRootDevice -> rootDevice != "";
 assert autoDetectRootDevice -> rootLabel != "";
 
-genericSubstituter {
+substituteAll {
   src = ./boot-stage-1-init.sh;
   isExecutable = true;
-  inherit shell modules;
+  inherit staticShell modules;
   inherit autoDetectRootDevice rootDevice rootLabel;
   path = [
     staticTools

boot/boot-stage-2-init.sh

@@ -63,32 +63,24 @@ needWritableDir /tmp 01777
 needWritableDir /var 0755
 needWritableDir /nix/var 0755
 
-mkdir -m 0755 -p /nix/var/nix/db
-mkdir -m 0755 -p /nix/var/nix/gcroots
-mkdir -m 0755 -p /nix/var/nix/temproots
 
-mkdir -m 0755 -p /var/log
+# Miscellaneous boot time cleanup.
+rm -rf /var/run
 
-ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
+
+# Create the minimal device nodes needed before we run udev.
+mknod -m 0666 /dev/null c 1 3
 
 
 # Run the script that performs all configuration activation that does
 # not have to be done at boot time.
-source @activateConfiguration@
+@activateConfiguration@
 
 
 # Ensure that the module tools can find the kernel modules.
 export MODULE_DIR=@kernel@/lib/modules/
 
 
-# Miscellaneous cleanup.
-rm -rf /var/run
-mkdir -m 0755 -p /var/run
-
-echo -n > /var/run/utmp # must exist
-chmod 664 /var/run/utmp
-
-
 # Start udev.
 udevd --daemon
 
@@ -106,4 +98,6 @@ udevsettle # wait for udev to finish
 
 # Start Upstart's init.
 export UPSTART_CFG_DIR=/etc/event.d
+export PATH=/empty
+for i in @upstartPath@; do PATH=$PATH:$i/bin; done
 exec @upstart@/sbin/init -v

boot/boot-stage-2.nix

@@ -1,18 +1,19 @@
-{ genericSubstituter, shell, coreutils, findutils
+{ substituteAll, coreutils
-, gnugrep, utillinux, kernel, udev, upstart
+, utillinux, kernel, udev, upstart
 , activateConfiguration
 
 , # Whether the root device is root only.  If so, we'll mount a
   # ramdisk on /etc, /var and so on.
   readOnlyRoot
+
+, # Path for Upstart jobs.  Should be quite minimal.
+  upstartPath
 }:
 
 let
 
   startPath = [
     coreutils
-    findutils
-    gnugrep
     utillinux
     udev
     upstart
@@ -20,9 +21,9 @@ let
 
 in
 
-genericSubstituter {
+substituteAll {
   src = ./boot-stage-2-init.sh;
   isExecutable = true;
-  inherit shell kernel upstart readOnlyRoot activateConfiguration;
+  inherit kernel upstart readOnlyRoot activateConfiguration upstartPath;
   inherit startPath;
 }

boot/make-initrd.sh

@@ -35,7 +35,7 @@ for ((n = 0; n < ${#objects[*]}; n++)); do
     mkdir -p $(dirname root/$symlink)
     ln -s $object$suffix root/$symlink
 done
-    
+
 
 # Put the closure in a gzipped cpio archive.
 ensureDir $out

configuration/activate-configuration.sh

@@ -1,8 +1,7 @@
 #! @shell@
 
-
+export PATH=/empty
-# !!! Hack - should be done with udev rules.
+for i in @path@; do PATH=$PATH:$i/bin; done
-chmod 666 /dev/null
 
 
 # Set up the statically computed bits of /etc.
@@ -27,6 +26,15 @@ for i in $(find /etc/ -type l); do
 done
 
 
+# Various log directories.
+mkdir -m 0755 -p /var/run
+
+echo -n > /var/run/utmp # must exist
+chmod 664 /var/run/utmp
+
+mkdir -m 0755 -p /var/log
+
+
 # Enable a password-less root login.
 source @accounts@
 
@@ -93,6 +101,17 @@ fi
 EOF
 
 
+# Nix initialisation.
+mkdir -m 0755 -p /nix/var/nix/db
+mkdir -m 0755 -p /nix/var/nix/gcroots
+mkdir -m 0755 -p /nix/var/nix/temproots
+
+ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
+
+chown root.nixbld /nix/store
+chmod 1775 /nix/store
+
+
 # Make a few setuid programs work.
 wrapperDir=@wrapperDir@
 if test -d $wrapperDir; then rm -f $wrapperDir/*; fi

configuration/boot-environment.nix

@@ -64,13 +64,13 @@ rec {
   # The init script of boot stage 1 (loading kernel modules for
   # mounting the root FS).
   bootStage1 = import ../boot/boot-stage-1.nix {
-    inherit (pkgs) genericSubstituter;
+    inherit (pkgs) substituteAll;
     inherit (pkgsDiet) module_init_tools;
     inherit extraUtils;
     inherit autoDetectRootDevice rootDevice rootLabel;
     inherit stage2Init;
     modules = modulesClosure;
-    shell = stdenvLinuxStuff.bootstrapTools.bash;
+    staticShell = stdenvLinuxStuff.bootstrapTools.bash;
     staticTools = stdenvLinuxStuff.staticTools;
   };
   
@@ -99,9 +99,8 @@ rec {
 
   # The installer.
   nixosInstaller = import ../installer/nixos-installer.nix {
-    inherit (pkgs) stdenv genericSubstituter;
+    inherit (pkgs) stdenv substituteAll;
     inherit nix;
-    shell = pkgs.bash + "/bin/sh";
   };
 
 
@@ -127,6 +126,7 @@ rec {
       
       # DHCP client.
       (import ../upstart-jobs/dhclient.nix {
+        inherit (pkgs) nettools;
         dhcp = pkgs.dhcpWrapper;
       })
 
@@ -142,7 +142,7 @@ rec {
 
       # X server.
       (import ../upstart-jobs/xserver.nix {
-        inherit (pkgs) genericSubstituter;
+        inherit (pkgs) substituteAll;
         inherit (pkgs.xorg) xorgserver xf86inputkeyboard xf86inputmouse xf86videovesa;
       })
 
@@ -290,12 +290,10 @@ rec {
   # The script that activates the configuration, i.e., it sets up
   # /etc, accounts, etc.  It doesn't do anything that can only be done
   # at boot time (such as start `init').
-  activateConfiguration = pkgs.genericSubstituter {
+  activateConfiguration = pkgs.substituteAll {
     src = ./activate-configuration.sh;
     isExecutable = true;
 
-    shell = pkgs.bash + "/bin/sh";
-
     inherit etc;
     inherit readOnlyRoot;
     inherit (pkgs) kernel;
@@ -303,6 +301,8 @@ rec {
     wrapperDir = setuidWrapper.wrapperDir;
     accounts = ../helpers/accounts.sh;
 
+    path = [pkgs.coreutils pkgs.gnugrep pkgs.findutils];
+
     # We don't want to put all of `startPath' and `path' in $PATH, since
     # then we get an embarrassingly long $PATH.  So use the user
     # environment builder to make a directory with symlinks to those
@@ -319,11 +319,16 @@ rec {
   # The init script of boot stage 2, which is supposed to do
   # everything else to bring up the system.
   bootStage2 = import ../boot/boot-stage-2.nix {
-    inherit (pkgs) genericSubstituter coreutils findutils
+    inherit (pkgs) substituteAll coreutils 
-      gnugrep utillinux kernel udev upstart;
+      utillinux kernel udev upstart;
-    shell = pkgs.bash + "/bin/sh";
     inherit readOnlyRoot;
     inherit activateConfiguration;
+    upstartPath = [
+      pkgs.coreutils
+      pkgs.findutils
+      pkgs.gnugrep
+      pkgs.gnused
+    ];
   };
 
 

configuration/switch-to-configuration.sh

@@ -0,0 +1,37 @@
+#! @shell@
+
+set -e
+export PATH=/empty
+for i in @path@; do PATH=$PATH:$i/bin; done
+action="$1"
+
+if test -z "$action"; then
+    cat <<EOF
+Usage: $0 [switch|boot|test]
+
+switch: make the configuration the boot default and activate now
+boot:   make the configuration the boot default
+test:   activate the configuration, but don't make it the boot default
+EOF
+    exit 1
+fi
+
+if test "$action" = "switch" -o "$action" = "boot"; then
+    if test -n "@grubDevice@"; then
+        mkdir -m 0700 -p /boot/grub
+        @grubMenuBuilder@ @out@
+        if test "$NIXOS_INSTALL_GRUB" = 1; then
+            @grub@/sbin/grub-install "@grubDevice@" --no-floppy --recheck
+        fi
+    else
+        echo "Warning: don't know how to make this configuration bootable" 1>&2
+    fi
+fi
+
+if test "$action" = "switch" -o "$action" = "test"; then
+    echo "Activating the configuration..."
+    @out@/activate
+    kill -TERM 1 # make Upstart reload its events    
+fi
+
+sync

configuration/system-configuration.nix

@@ -34,24 +34,29 @@ rec {
   inherit upstartJobs;
 
 
-  systemConfiguration = pkgs.stdenv.mkDerivation {
+  systemConfiguration = pkgs.stdenvNew.mkDerivation {
     name = "system-configuration";
     builder = ./system-configuration.sh;
+    switchToConfiguration = ./switch-to-configuration.sh;
     inherit (pkgs) grub coreutils gnused gnugrep diffutils findutils;
     inherit grubDevice;
     inherit bootStage2;
     inherit activateConfiguration;
     inherit grubMenuBuilder;
+    inherit etc;
     kernel = pkgs.kernel + "/vmlinuz";
     initrd = initialRamdisk + "/initrd";
     inherit extraKernelParams;
+    # Most of these are needed by grub-install.
+    path = [pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils];
   };
 
 
-  grubMenuBuilder = pkgs.genericSubstituter {
+  grubMenuBuilder = pkgs.substituteAll {
     src = ../installer/grub-menu-builder.sh;
     isExecutable = true;
     inherit (pkgs) bash;
+    path = [pkgs.coreutils pkgs.gnused pkgs.gnugrep];
   };
 
 

configuration/system-configuration.sh

@@ -7,6 +7,8 @@ ln -s $grub $out/grub
 ln -s $bootStage2 $out/init
 ln -s $initrd $out/initrd
 ln -s $activateConfiguration $out/activate
+ln -s $etc/etc $out/etc
+
 echo "$extraKernelParams" > $out/kernel-params
 
 cat > $out/menu.lst << GRUBEND
@@ -15,27 +17,5 @@ initrd $initrd
 GRUBEND
 
 ensureDir $out/bin
-
+substituteAll $switchToConfiguration $out/bin/switch-to-configuration
-cat > $out/bin/switch-to-configuration <<EOF
-#! $SHELL
-set -e
-export PATH=$coreutils/bin:$gnused/bin:$gnugrep/bin:$diffutils/bin:$findutils/bin
-
-if test -n "$grubDevice"; then
-    mkdir -m 0700 -p /boot/grub
-    $grubMenuBuilder $out
-    if test "\$NIXOS_INSTALL_GRUB" = 1; then
-        $grub/sbin/grub-install "$grubDevice" --no-floppy --recheck
-    fi
-fi
-
-if test "\$activateNow" = "1"; then
-    echo "Activating the configuration..."
-    $out/activate
-    kill -TERM 1 # make Upstart reload its events    
-fi
-
-sync
-EOF
-
 chmod +x $out/bin/switch-to-configuration

installer/grub-menu-builder.sh

@@ -1,5 +1,8 @@
 #! @bash@/bin/sh -e
 
+export PATH=/empty
+for i in @path@; do PATH=$PATH:$i/bin; done
+
 default=$1
 if test -z "$1"; then
     echo "Syntax: grub-menu-builder.sh <DEFAULT-CONFIG>"

installer/nixos-installer.nix

@@ -1,11 +1,10 @@
-{ stdenv, genericSubstituter, shell, nix
+{stdenv, substituteAll, nix}:
-}:
 
-genericSubstituter {
+substituteAll {
   src = ./nixos-installer.sh;
   dir = "bin";
   isExecutable = true;
-  inherit shell nix;
+  inherit nix;
 
   pathsFromGraph = ../helpers/paths-from-graph.sh;
 

upgrade.sh

@@ -1,4 +1,4 @@
 #! /bin/sh
 set -e
 nix-env -p /nix/var/nix/profiles/system -f configuration/system-configuration.nix -i -A systemConfiguration
-/nix/var/nix/profiles/system/bin/switch-to-configuration
+/nix/var/nix/profiles/system/bin/switch-to-configuration switch

upstart-jobs/dhclient.nix

@@ -1,4 +1,4 @@
-{dhcp}:
+{dhcp, nettools}:
 
 {
   name = "dhclient";
@@ -23,7 +23,7 @@ script
     #    fi
     #done
 
-    for i in $(ifconfig | grep '^[^ ]' | sed 's/ .*//'); do
+    for i in $(${nettools}/sbin/ifconfig | grep '^[^ ]' | sed 's/ .*//'); do
         if test \"$i\" != \"lo\"; then
             interfaces=\"$interfaces $i\"
         fi

upstart-jobs/xserver.nix

@@ -1,4 +1,4 @@
-{ genericSubstituter
+{ substituteAll
 
 , xorgserver
 
@@ -18,7 +18,7 @@
 
 let
 
-  config = genericSubstituter {
+  config = substituteAll {
     name = "xserver.conf";
     src = ./xserver.conf;
   };