diff --git a/doc/manual/man-nixos-rebuild.xml b/doc/manual/man-nixos-rebuild.xml
index 0b55540126c..383334d82e1 100644
--- a/doc/manual/man-nixos-rebuild.xml
+++ b/doc/manual/man-nixos-rebuild.xml
@@ -28,6 +28,7 @@
+
@@ -173,12 +174,11 @@ $ ./result/bin/run-*-vm
- This operation merely fetches the latest manifest in the
- Nixpkgs channel to speed up subsequent
- nix-env operations. This is useful if you
- are not using nix-channel but still want to
- use pre-built binary packages. It doesn’t reconfigure the
- system at all.
+ This operation fetches the latest manifest in the Nixpkgs
+ channel to speed up subsequent nix-env
+ operations. This is useful if you are not using
+ nix-channel but still want to use pre-built
+ binary packages. It doesn’t reconfigure the system
@@ -196,6 +196,14 @@ $ ./result/bin/run-*-vm
+
+
+
+ Fetch the latest version of NixOS from the NixOS
+ channel.
+
+
+
@@ -206,21 +214,6 @@ $ ./result/bin/run-*-vm
-
-
-
- Normally, nixos-rebuild calls
- nix-pull to obtain the set of available
- pre-built binaries in the Nixpkgs channel. This option causes
- the call to nix-pull to be skipped. Note
- that the result of previous invocations of
- nix-pull may still be available in
- /nix/var/nix/manifests, so to disable the
- use of pre-built binaries, you should clear that directory in
- addition to using .
-
-
-
@@ -236,10 +229,9 @@ $ ./result/bin/run-*-vm
- Equivalent to
- .
- This option is useful if you call
- nixos-rebuild frequently (e.g. if you’re
+ Equivalent to
+ . This option is useful if you
+ call nixos-rebuild frequently (e.g. if you’re
hacking on a NixOS module).
diff --git a/modules/installer/cd-dvd/iso-image.nix b/modules/installer/cd-dvd/iso-image.nix
index 7b050f8dd6a..cf76151c2ae 100644
--- a/modules/installer/cd-dvd/iso-image.nix
+++ b/modules/installer/cd-dvd/iso-image.nix
@@ -205,7 +205,9 @@ in
else
[ config.boot.kernelPackages.aufs ];
- boot.initrd.kernelModules = [ "aufs" "squashfs" "iso9660" "loop" ];
+ boot.initrd.availableKernelModules = [ "aufs" "squashfs" "iso9660" ];
+
+ boot.initrd.kernelModules = [ "loop" ];
boot.kernelModules = pkgs.stdenv.lib.optional config.isoImage.makeEfiBootable "efivars";
diff --git a/modules/installer/cd-dvd/system-tarball-pc.nix b/modules/installer/cd-dvd/system-tarball-pc.nix
index ddad520c446..2bc6ce78d94 100644
--- a/modules/installer/cd-dvd/system-tarball-pc.nix
+++ b/modules/installer/cd-dvd/system-tarball-pc.nix
@@ -158,9 +158,6 @@ in
services.openssh.enable = true;
jobs.openssh.startOn = pkgs.lib.mkOverrideTemplate 50 {} "";
- # To have a nicer initrd, even though the initrd can't mount an nfsroot now
- boot.initrd.withExtraTools = true;
-
# To be able to use the systemTarball to catch troubles.
boot.crashDump = {
enable = true;
diff --git a/modules/installer/tools/nixos-rebuild.sh b/modules/installer/tools/nixos-rebuild.sh
index b62da16c7b7..22aa847e192 100644
--- a/modules/installer/tools/nixos-rebuild.sh
+++ b/modules/installer/tools/nixos-rebuild.sh
@@ -22,6 +22,7 @@ The operation is one of the following:
Options:
+ --upgrade fetch the latest version of NixOS before rebuilding
--install-grub (re-)install the Grub bootloader
--pull do a nix-pull to get the latest NixOS channel
manifest
@@ -51,43 +52,47 @@ action=
pullManifest=
buildNix=1
rollback=
+upgrade=
while test "$#" -gt 0; do
i="$1"; shift 1
case "$i" in
--help)
showSyntax
- ;;
+ ;;
switch|boot|test|build|dry-run|build-vm|build-vm-with-bootloader|pull)
action="$i"
- ;;
+ ;;
--install-grub)
export NIXOS_INSTALL_GRUB=1
- ;;
+ ;;
--pull)
pullManifest=1
- ;;
+ ;;
--no-build-nix)
buildNix=
- ;;
+ ;;
--rollback)
rollback=1
- ;;
+ ;;
+ --upgrade)
+ upgrade=1
+ ;;
--show-trace|--no-build-hook|--keep-failed|-K|--keep-going|-k|--verbose|-v|--fallback)
extraBuildFlags="$extraBuildFlags $i"
- ;;
+ ;;
--max-jobs|-j|--cores|-I)
j="$1"; shift 1
extraBuildFlags="$extraBuildFlags $i $j"
- ;;
+ ;;
--fast)
buildNix=
extraBuildFlags="$extraBuildFlags --show-trace"
- ;;
+ ;;
*)
echo "$0: unknown option \`$i'"
exit 1
- ;;
+ ;;
esac
done
@@ -120,22 +125,32 @@ fi
# Pull the manifests defined in the configuration (the "manifests"
# attribute). Wonderfully hacky.
if [ -n "$pullManifest" -o "$action" = pull ]; then
+ set -o pipefail
manifests=$(nix-instantiate --eval-only --xml --strict '' -A manifests \
| grep '&2
if ! nix-build '' -A config.environment.nix -o $tmpDir/nix $extraBuildFlags > /dev/null; then
if ! nix-build '' -A nixFallback -o $tmpDir/nix $extraBuildFlags > /dev/null; then
diff --git a/modules/services/hardware/udev.nix b/modules/services/hardware/udev.nix
index fe1b7323358..8d66982fb5c 100644
--- a/modules/services/hardware/udev.nix
+++ b/modules/services/hardware/udev.nix
@@ -51,7 +51,7 @@ let
--replace \"/bin/mount \"${pkgs.utillinux}/bin/mount
done
- echo -n "Checking that all programs called by relative paths in udev rules exist in ${udev}/lib/udev ... "
+ echo -n "Checking that all programs called by relative paths in udev rules exist in ${udev}/lib/udev... "
import_progs=$(grep 'IMPORT{program}="[^/$]' $out/* |
sed -e 's/.*IMPORT{program}="\([^ "]*\)[ "].*/\1/' | uniq)
run_progs=$(grep -v '^[[:space:]]*#' $out/* | grep 'RUN+="[^/$]' |
@@ -65,8 +65,8 @@ let
done
echo "OK"
- echo -n "Checking that all programs called by absolute paths in udev rules exist ... "
- import_progs=$(grep 'IMPORT{program}="/' $out/* |
+ echo -n "Checking that all programs called by absolute paths in udev rules exist... "
+ import_progs=$(grep 'IMPORT{program}="\/' $out/* |
sed -e 's/.*IMPORT{program}="\([^ "]*\)[ "].*/\1/' | uniq)
run_progs=$(grep -v '^[[:space:]]*#' $out/* | grep 'RUN+="/' |
sed -e 's/.*RUN+="\([^ "]*\)[ "].*/\1/' | uniq)
diff --git a/modules/system/boot/luksroot.nix b/modules/system/boot/luksroot.nix
index ff11d284ef8..0e28a882da5 100644
--- a/modules/system/boot/luksroot.nix
+++ b/modules/system/boot/luksroot.nix
@@ -11,7 +11,7 @@ let
# available as a function.
if ! test -e ${device}; then
echo -n "waiting 10 seconds for device ${device} to appear..."
- for ((try = 0; try < 10; try++)); do
+ for try in $(seq 10); do
sleep 1
if test -e ${device}; then break; fi
echo -n .
diff --git a/modules/system/boot/stage-1-init.sh b/modules/system/boot/stage-1-init.sh
index 4e07714eabc..a232151967f 100644
--- a/modules/system/boot/stage-1-init.sh
+++ b/modules/system/boot/stage-1-init.sh
@@ -173,21 +173,28 @@ onACPower() {
# Check the specified file system, if appropriate.
checkFS() {
+ local device="$1"
+ local fsType="$2"
+
# Only check block devices.
- if ! test -b "$device"; then return 0; fi
-
- FSTYPE=$(blkid -o value -s TYPE "$device" || true)
+ if [ ! -b "$device" ]; then return 0; fi
# Don't check ROM filesystems.
- if test "$FSTYPE" = iso9660 -o "$FSTYPE" = udf; then return 0; fi
+ if [ "$fsType" = iso9660 -o "$fsType" = udf ]; then return 0; fi
+
+ # If we couldn't figure out the FS type, then skip fsck.
+ if [ "$fsType" = auto ]; then
+ echo 'cannot check filesystem with type "auto"!'
+ return 0
+ fi
# Optionally, skip fsck on journaling filesystems. This option is
# a hack - it's mostly because e2fsck on ext3 takes much longer to
# recover the journal than the ext3 implementation in the kernel
# does (minutes versus seconds).
if test -z "@checkJournalingFS@" -a \
- \( "$FSTYPE" = ext3 -o "$FSTYPE" = ext4 -o "$FSTYPE" = reiserfs \
- -o "$FSTYPE" = xfs -o "$FSTYPE" = jfs \)
+ \( "$fsType" = ext3 -o "$fsType" = ext4 -o "$fsType" = reiserfs \
+ -o "$fsType" = xfs -o "$fsType" = jfs \)
then
return 0
fi
@@ -199,7 +206,9 @@ checkFS() {
return 0
fi
- FSTAB_FILE="/etc/mtab" fsck -V -C -a "$device"
+ echo "checking $device..."
+
+ fsck -V -a "$device"
fsckResult=$?
if test $(($fsckResult | 2)) = $fsckResult; then
@@ -229,7 +238,16 @@ mountFS() {
local options="$3"
local fsType="$4"
- checkFS "$device"
+ if [ "$fsType" = auto ]; then
+ fsType=$(blkid -o value -s TYPE "$device")
+ if [ -z "$fsType" ]; then fsType=auto; fi
+ fi
+
+ echo "$device /mnt-root$mountPoint $fsType $options" >> /etc/fstab
+
+ checkFS "$device" "$fsType"
+
+ echo "mounting $device on $mountPoint..."
mkdir -p "/mnt-root$mountPoint" || true
@@ -239,7 +257,7 @@ mountFS() {
if [ "$fsType" = "nfs" ]; then
nfsmount "$device" "/mnt-root$mountPoint" && break
else
- mount -t "$fsType" -o "$options" "$device" "/mnt-root$mountPoint" && break
+ mount "/mnt-root$mountPoint" && break
fi
if [ "$fsType" != cifs -o "$n" -ge 10 ]; then fail; break; fi
echo "retrying..."
@@ -300,8 +318,6 @@ while read -u 3 mountPoint; do
# doing something with $device right now.
udevadm settle || true
- echo "mounting $device on $mountPoint..."
-
mountFS "$device" "$mountPoint" "$options" "$fsType"
done
diff --git a/modules/system/boot/stage-2-init.sh b/modules/system/boot/stage-2-init.sh
index bb9b5c28163..5c915db08e0 100644
--- a/modules/system/boot/stage-2-init.sh
+++ b/modules/system/boot/stage-2-init.sh
@@ -72,7 +72,7 @@ done
# More special file systems, initialise required directories.
-mkdir -m 0777 /dev/shm
+mkdir -m 0755 /dev/shm
mount -t tmpfs -o "rw,nosuid,nodev,size=@devShmSize@" tmpfs /dev/shm
mkdir -m 0755 -p /dev/pts
[ -e /proc/bus/usb ] && mount -t usbfs none /proc/bus/usb # UML doesn't have USB by default
diff --git a/modules/virtualisation/amazon-image.nix b/modules/virtualisation/amazon-image.nix
index 1891f816671..203c9a724ce 100644
--- a/modules/virtualisation/amazon-image.nix
+++ b/modules/virtualisation/amazon-image.nix
@@ -83,7 +83,7 @@ with pkgs.lib;
# Force udev to exit to prevent random "Device or resource busy
# while trying to open /dev/xvda" errors from fsck.
udevadm control --exit || true
- kill -9 -- -1
+ kill -9 -1
'';
# Mount all formatted ephemeral disks and activate all swap devices.