From baaf7bd6e3221089e588e642d93160e9de6393ee Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 19 Oct 2010 23:25:53 +0000 Subject: [PATCH 01/12] * Updated the Compiz module: add the plugins, put ccsm in the PATH, and don't use GConf anymore. svn path=/nixos/trunk/; revision=24374 --- .../services/x11/window-managers/compiz.nix | 79 +++++++++---------- 1 file changed, 39 insertions(+), 40 deletions(-) diff --git a/modules/services/x11/window-managers/compiz.nix b/modules/services/x11/window-managers/compiz.nix index bf159582663..fd439a3cddc 100644 --- a/modules/services/x11/window-managers/compiz.nix +++ b/modules/services/x11/window-managers/compiz.nix @@ -1,64 +1,63 @@ -{pkgs, config, ...}: +{ config, pkgs, ... }: + +with pkgs.lib; let - inherit (pkgs.lib) mkOption mkIf; + cfg = config.services.xserver.windowManager.compiz; xorg = config.services.xserver.package; - gnome = pkgs.gnome; - options = { services = { xserver = { windowManager = { +in + +{ - compiz = { + options = { + + services.xserver.windowManager.compiz = { + enable = mkOption { default = false; - example = true; - description = "Enable the compiz window manager."; + description = "Enable the Compiz window manager."; }; - renderingFlag = mkOption { default = ""; example = "--indirect-rendering"; - description = " - Possibly pass --indierct-rendering to Compiz. - "; + description = "Pass the flag to Compiz."; }; + }; - }; }; }; }; -in + }; + -mkIf cfg.enable { - require = options; + config = mkIf cfg.enable { + + services.xserver.windowManager.session = singleton + { name = "compiz"; + start = + '' + # Start Compiz using the flat-file configuration backend + # (ccp). + export COMPIZ_PLUGINDIR=${config.system.path}/lib/compiz + export COMPIZ_METADATADIR=${config.system.path}/share/compiz + ${pkgs.compiz}/bin/compiz ccp ${cfg.renderingFlag} & - services = { - xserver = { - - windowManager = { - session = [{ - name = "compiz"; - start = '' - # !!! Hack: load the schemas for Compiz. - GCONF_CONFIG_SOURCE=xml::~/.gconf ${gnome.GConf}/bin/gconftool-2 \ - --makefile-install-rule ${pkgs.compiz}/etc/gconf/schemas/*.schemas # */ - - # !!! Hack: turn on most Compiz modules. - ${gnome.GConf}/bin/gconftool-2 -t list --list-type=string \ - --set /apps/compiz/general/allscreens/options/active_plugins \ - [gconf,png,decoration,wobbly,fade,minimize,move,resize,cube,switcher,rotate,place,scale,water] - - # Start Compiz and the GTK-style window decorator. - env LD_LIBRARY_PATH=${xorg.libX11}/lib:${xorg.libXext}/lib:/usr/lib/ - ${pkgs.compiz}/bin/compiz gconf ${cfg.renderingFlag} & - ${pkgs.compiz}/bin/gtk-window-decorator --sync & + # Start GTK-style window decorator. + ${pkgs.compiz}/bin/gtk-window-decorator & ''; - }]; }; - }; + environment.systemPackages = + [ pkgs.compiz + pkgs.compiz_ccsm + pkgs.compiz_plugins_main + pkgs.compiz_plugins_extra + pkgs.libcompizconfig # for the "ccp" plugin + ]; + + environment.pathsToLink = [ "/lib/compiz" "/share/compiz" ]; + }; - environment = { - x11Packages = [ pkgs.compiz ]; - }; } From f6bc3d61cf0a195d28256e85901eb96db315739c Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Wed, 20 Oct 2010 09:29:02 +0000 Subject: [PATCH 02/12] To prevent glibc bug exploitation, make setuid-wrappers unreadable to non-root users svn path=/nixos/trunk/; revision=24378 --- modules/security/setuid-wrappers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/security/setuid-wrappers.nix b/modules/security/setuid-wrappers.nix index a7238b9add5..027032a7c27 100644 --- a/modules/security/setuid-wrappers.nix +++ b/modules/security/setuid-wrappers.nix @@ -92,7 +92,7 @@ in , group ? "nogroup" , setuid ? false , setgid ? false - , permissions ? "u+rx,g+rx,o+rx" + , permissions ? "u+rx,g+x,o+x" }: '' From 9c722e474d5b1b63d910e2c685a88c8db777404f Mon Sep 17 00:00:00 2001 From: Sander van der Burg Date: Thu, 21 Oct 2010 22:50:12 +0000 Subject: [PATCH 03/12] - Added nixos-build-vms command, which builds a virtual network from a network.nix expression (also used by nixos-deploy-network) - Added a backdoor option to the interactive run-vms script. This allows me to intergrate the virtual network approach with Disnix - Small documentation fixes Some explanation: The nixos-build-vms command line tool can be used to build a virtual network of a network.nix specification. For example, a network configuration (network.nix) could look like this: { test1 = {pkgs, config, ...}: { services.openssh.enable = true; ... }; test2 = {pkgs, config, ...}: { services.openssh.enable = true; services.xserver.enable = true; } ; } By typing the following instruction: $ nixos-build-vms -n network.nix a virtual network is built, which can be started by typing: $ ./result/bin/run-vms It is also possible to enable a backdoor. In this case *.socket files are stored in the current directory which can be used by the end-user to invoke remote instruction on a VM in the network through a Unix domain socket. For example by building the network with the following instructions: $ nixos-build-vms -n network.nix --use-backdoor and launching the virtual network: $ ./result/bin/run-vms You can find two socket files in your current directory, namely: test1.socket and test2.socket. These Unix domain sockets can be used to remotely administer the test1 and test2 machine in the virtual network. For example by running: $ socat ./test1.socket stdio ls /root You can retrieve the contents of the /root directory of the virtual machine with identifier test1 svn path=/nixos/trunk/; revision=24410 --- lib/build-vms.nix | 4 +- .../tools/nixos-build-vms/build-vms.nix | 16 +++++ .../tools/nixos-build-vms/nixos-build-vms.sh | 66 +++++++++++++++++++ .../nixos-deploy-network.sh | 1 + modules/installer/tools/tools.nix | 8 ++- modules/virtualisation/qemu-vm.nix | 29 +++++++- 6 files changed, 120 insertions(+), 4 deletions(-) create mode 100644 modules/installer/tools/nixos-build-vms/build-vms.nix create mode 100644 modules/installer/tools/nixos-build-vms/nixos-build-vms.sh diff --git a/lib/build-vms.nix b/lib/build-vms.nix index 7505f6f49f3..efd1ce3b8d3 100644 --- a/lib/build-vms.nix +++ b/lib/build-vms.nix @@ -1,4 +1,4 @@ -{ nixpkgs, services, system }: +{ nixpkgs, services, system, useBackdoor ? false }: let pkgs = import nixpkgs { config = {}; inherit system; }; in @@ -58,7 +58,7 @@ rec { modules = configurations ++ [ ../modules/virtualisation/qemu-vm.nix ../modules/testing/test-instrumentation.nix # !!! should only get added for automated test runs - { key = "no-manual"; services.nixosManual.enable = false; } + { key = "no-manual"; services.nixosManual.enable = false; virtualisation.useBackdoor = useBackdoor; } ]; extraArgs = { inherit nodes; }; }; diff --git a/modules/installer/tools/nixos-build-vms/build-vms.nix b/modules/installer/tools/nixos-build-vms/build-vms.nix new file mode 100644 index 00000000000..bedabecad2d --- /dev/null +++ b/modules/installer/tools/nixos-build-vms/build-vms.nix @@ -0,0 +1,16 @@ +{ nixos +, nixpkgs +, services ? "/etc/nixos/services" +, system ? builtins.currentSystem +, networkExpr +, useBackdoor ? false +}: + +let nodes = import networkExpr; +in +(import "${nixos}/lib/build-vms.nix" { + inherit nixpkgs services system useBackdoor; +}) +.buildVirtualNetwork { + inherit nodes; +} diff --git a/modules/installer/tools/nixos-build-vms/nixos-build-vms.sh b/modules/installer/tools/nixos-build-vms/nixos-build-vms.sh new file mode 100644 index 00000000000..709b9051fc4 --- /dev/null +++ b/modules/installer/tools/nixos-build-vms/nixos-build-vms.sh @@ -0,0 +1,66 @@ +#! @shell@ -e + +# Shows the usage of this command to the user + +showUsage() +{ + echo "Usage: $0 -n network_expr -i infrastructure_expr" + echo "Options:" + echo + echo "-n,--network Network Nix expression which captures properties of machines in the network" + echo "--use-backdoor Indicates that the backdoor must be enabled so that the VMs can be accessed through a UNIX domain socket" + echo "--show-trace Shows the output trace" + echo "-h,--help Shows the usage of this command" +} + +# Parse valid argument options + +PARAMS=`getopt -n $0 -o n:h -l network:,use-backdoor,show-trace,help -- "$@"` + +if [ $? != 0 ] +then + showUsage + exit 1 +fi + +eval set -- "$PARAMS" + +# Evaluate valid options + +while [ "$1" != "--" ] +do + case "$1" in + -n|--network) + networkExpr=`readlink -f $2` + ;; + --use-backdoor) + useBackdoorArg="--arg useBackdoor true" + ;; + --show-trace) + showTraceArg="--show-trace" + ;; + -h|--help) + showUsage + exit 0 + ;; + esac + + shift +done + +# Validate the given options + +if [ "$networkExpr" = "" ] +then + echo "ERROR: A network expression must be specified!" >&2 + exit 1 +fi + +if [ -z "$NIXOS" ] +then + NIXOS=/etc/nixos/nixos +fi + +# Build a network of VMs + +nix-build $NIXOS/modules/installer/tools/nixos-build-vms/build-vms.nix --argstr networkExpr $networkExpr --argstr nixos $NIXOS --argstr nixpkgs $NIXPKGS_ALL $useBackdoorArg $showTraceArg diff --git a/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh b/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh index 9b6d716f343..08370a15dc8 100644 --- a/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh +++ b/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh @@ -9,6 +9,7 @@ showUsage() echo echo "-n,--network Network Nix expression which captures properties of machines in the network" echo "-i,--infrastructure Infrastructure Nix expression which captures properties of machines in the network" + echo "--show-trace Shows an output trace" echo "-h,--help Shows the usage of this command" } diff --git a/modules/installer/tools/tools.nix b/modules/installer/tools/tools.nix index 8dd07c67f91..b735863a34c 100644 --- a/modules/installer/tools/tools.nix +++ b/modules/installer/tools/tools.nix @@ -11,6 +11,11 @@ let isExecutable = true; }); + nixosBuildVMS = makeProg { + name = "nixos-build-vms"; + src = ./nixos-build-vms/nixos-build-vms.sh; + }; + nixosDeployNetwork = makeProg { name = "nixos-deploy-network"; src = ./nixos-deploy-network/nixos-deploy-network.sh; @@ -131,7 +136,8 @@ in config = { environment.systemPackages = - [ nixosDeployNetwork + [ nixosBuildVMS + nixosDeployNetwork nixosInstall nixosRebuild nixosHardwareScan diff --git a/modules/virtualisation/qemu-vm.nix b/modules/virtualisation/qemu-vm.nix index 005e4ebfb54..50b07435bda 100644 --- a/modules/virtualisation/qemu-vm.nix +++ b/modules/virtualisation/qemu-vm.nix @@ -111,6 +111,17 @@ let description = "Options passed to QEMU."; }; + virtualisation.useBackdoor = + mkOption { + default = false; + description = + '' + If enabled, the virtual machine makes a connection through TCP port 23 + to a daemon running on the host system acting as a proxy. + This option makes it possible to connect to a VM through a socket file. + ''; + }; + virtualisation.useBootLoader = mkOption { default = false; @@ -145,6 +156,11 @@ let ${toString config.virtualisation.diskSize}M || exit 1 fi + ${pkgs.lib.optionalString cfg.useBackdoor '' + # Remember the current working directory + WORKDIR=$(pwd) + ''} + # Start Samba (which wants to put its socket and config files in TMPDIR). if [ -z "$TMPDIR" -o -z "$USE_TMPDIR" ]; then TMPDIR=$(mktemp -d nix-vm-smbd.XXXXXXXXXX --tmpdir) @@ -153,13 +169,24 @@ let ${pkgs.vmTools.startSamba} + ${pkgs.lib.optionalString cfg.useBackdoor '' + # Create a shell socket file to which the VM can connect and create in the + # current working directory a socket file which can be used to remotely access + # the VM through the shell interface + + ${pkgs.socat}/bin/socat UNIX-LISTEN:./shell UNIX-LISTEN:$WORKDIR/${vmName}.socket,fork & + + while [ ! -e ./shell ]; do sleep 0.1; done # Wait until the socket file is there + ''} + # Start QEMU. exec ${pkgs.qemu_kvm}/bin/qemu-system-x86_64 \ -name ${vmName} \ -m ${toString config.virtualisation.memorySize} \ -net nic,vlan=0,model=virtio \ -chardev socket,id=samba,path=./samba \ - -net user,vlan=0,guestfwd=tcp:10.0.2.4:139-chardev:samba''${QEMU_NET_OPTS:+,$QEMU_NET_OPTS} \ + -net user,vlan=0,guestfwd=tcp:10.0.2.4:139-chardev:samba${if cfg.useBackdoor then ",guestfwd=tcp:10.0.2.6:23-chardev:shell" else ""}''${QEMU_NET_OPTS:+,$QEMU_NET_OPTS} \ + ${if cfg.useBackdoor then "-chardev socket,id=shell,path=./shell" else ""} \ ${if cfg.useBootLoader then '' -drive index=0,file=$NIX_DISK_IMAGE,if=virtio,cache=writeback,werror=report \ -drive index=1,file=${bootDisk}/disk.img,if=virtio,boot=on \ From 2118288557109c2994b18326377c159286456f8b Mon Sep 17 00:00:00 2001 From: Evgeny Egorochkin Date: Fri, 22 Oct 2010 13:18:22 +0000 Subject: [PATCH 04/12] KDE4: mp3 playback out of the box svn path=/nixos/trunk/; revision=24416 --- modules/services/x11/desktop-managers/kde4.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/services/x11/desktop-managers/kde4.nix b/modules/services/x11/desktop-managers/kde4.nix index 2841c9426ff..7f64609e406 100644 --- a/modules/services/x11/desktop-managers/kde4.nix +++ b/modules/services/x11/desktop-managers/kde4.nix @@ -67,6 +67,7 @@ in pkgs.gst_all.gstreamer pkgs.gst_all.gstPluginsBase pkgs.gst_all.gstPluginsGood + pkgs.gst_all.gstFfmpeg # for mp3 playback xorg.xmessage # so that startkde can show error messages xorg.xset # used by startkde, non-essential ] ++ config.environment.kdePackages; From 88fb000fc184f32c716bd3358fb2c2ef08ae6c7b Mon Sep 17 00:00:00 2001 From: Evgeny Egorochkin Date: Fri, 22 Oct 2010 13:18:26 +0000 Subject: [PATCH 05/12] Fix UID and GID clash between diferent packages svn path=/nixos/trunk/; revision=24417 --- modules/misc/ids.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix index f69ae2f3b9f..2db841194e3 100644 --- a/modules/misc/ids.nix +++ b/modules/misc/ids.nix @@ -53,10 +53,10 @@ in davfs2 = 31; privoxy = 32; osgi = 34; - sabnzbd = 33; tor = 35; cups = 36; foldingAtHome = 37; + sabnzbd = 38; # When adding a uid, make sure it doesn't match an existing gid. nixbld = 30000; # start of range of uids From 791c758b413ce7c2ceb188432166e4cf02a05d6f Mon Sep 17 00:00:00 2001 From: Evgeny Egorochkin Date: Mon, 25 Oct 2010 00:57:30 +0000 Subject: [PATCH 06/12] Encrypted root support via LUKS svn path=/nixos/trunk/; revision=24459 --- modules/module-list.nix | 1 + modules/system/boot/luksroot.nix | 45 ++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 modules/system/boot/luksroot.nix diff --git a/modules/module-list.nix b/modules/module-list.nix index 5e6ed0095f2..1364b28182d 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -146,6 +146,7 @@ ./system/activation/activation-script.nix ./system/activation/top-level.nix ./system/boot/kernel.nix + ./system/boot/luksroot.nix ./system/boot/modprobe.nix ./system/boot/stage-1.nix ./system/boot/stage-2.nix diff --git a/modules/system/boot/luksroot.nix b/modules/system/boot/luksroot.nix new file mode 100644 index 00000000000..f345db459f0 --- /dev/null +++ b/modules/system/boot/luksroot.nix @@ -0,0 +1,45 @@ +{pkgs, config, ...}: + +with pkgs.lib; + +let + luksRoot = config.boot.initrd.luksRoot; +in +{ + + options = { + + boot.initrd.luksRoot = mkOption { + default = null; + example = "/dev/sda3"; + description = ''; + The device that should be decrypted using LUKS before trying to mount the + root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups. + + Make sure that initrd has the crypto modules needed for decryption. + + The decrypted device name is /dev/mapper/luksroot. + ''; + }; + + }; + + + + config = mkIf (luksRoot != null) { + + boot.initrd.extraUtilsCommands = '' + cp -r ${pkgs.cryptsetup}/lib/* $out/lib/ + cp -r ${pkgs.popt}/lib/* $out/lib + cp ${pkgs.cryptsetup}/sbin/* $out/bin + ''; + + boot.initrd.postDeviceCommands = '' + cryptsetup luksOpen ${luksRoot} luksroot + lvm vgscan + lvm vgchange -ay + ''; + + }; + +} \ No newline at end of file From 006f7291e40eb28d881a248a2c0ef984197295d3 Mon Sep 17 00:00:00 2001 From: Evgeny Egorochkin Date: Mon, 25 Oct 2010 01:46:30 +0000 Subject: [PATCH 07/12] Make Strigi indexing work in Nepomuk svn path=/nixos/trunk/; revision=24460 --- modules/programs/bash/bashrc.sh | 5 +++-- modules/services/x11/desktop-managers/kde4.nix | 4 ++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/modules/programs/bash/bashrc.sh b/modules/programs/bash/bashrc.sh index 8d1e4833a2d..37b87887e4f 100644 --- a/modules/programs/bash/bashrc.sh +++ b/modules/programs/bash/bashrc.sh @@ -17,8 +17,8 @@ NIX_USER_PROFILE_DIR=/nix/var/nix/profiles/per-user/$USER NIX_PROFILES="/var/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile" -unset PATH INFOPATH PKG_CONFIG_PATH PERL5LIB GST_PLUGIN_PATH KDEDIRS -unset XDG_CONFIG_DIRS XDG_DATA_DIRS +unset PATH INFOPATH PKG_CONFIG_PATH PERL5LIB ALSA_PLUGIN_DIRS GST_PLUGIN_PATH KDEDIRS +unset QT_PLUGIN_PATH STRIGI_PLUGIN_PATH XDG_CONFIG_DIRS XDG_DATA_DIRS for i in $NIX_PROFILES; do # !!! reverse # We have to care not leaving an empty PATH element, because that means '.' to Linux @@ -38,6 +38,7 @@ for i in $NIX_PROFILES; do # !!! reverse # KDE/Gnome stuff. export KDEDIRS=$i${KDEDIRS:+:}$KDEDIRS + export STRIGI_PLUGIN_PATH=$i/lib/strigi/${STRIGI_PLUGIN_PATH:+:}$STRIGI_PLUGIN_PATH export QT_PLUGIN_PATH=$i/lib/qt4/plugins:$i/lib/kde4/plugins${QT_PLUGIN_PATH:+:}$QT_PLUGIN_PATH export XDG_CONFIG_DIRS=$i/etc/xdg${XDG_CONFIG_DIRS:+:}$XDG_CONFIG_DIRS export XDG_DATA_DIRS=$i/share${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS diff --git a/modules/services/x11/desktop-managers/kde4.nix b/modules/services/x11/desktop-managers/kde4.nix index 7f64609e406..0d088d8e970 100644 --- a/modules/services/x11/desktop-managers/kde4.nix +++ b/modules/services/x11/desktop-managers/kde4.nix @@ -57,6 +57,10 @@ in environment = { systemPackages = [ + # temporary workarounds + pkgs.shared_desktop_ontologies + pkgs.kde4.strigi + pkgs.kde4.kdelibs pkgs.kde4.kdebase pkgs.kde4.kdebase_runtime From f6f40521c3b83302c1f1d1746b93652cfe18ee0b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 25 Oct 2010 16:19:32 +0000 Subject: [PATCH 08/12] * Disable the luksroot module for now because it gives an evaluation error ("cannot coerce null to string"). svn path=/nixos/trunk/; revision=24472 --- modules/module-list.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/module-list.nix b/modules/module-list.nix index 1364b28182d..1753bdc8418 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -146,7 +146,7 @@ ./system/activation/activation-script.nix ./system/activation/top-level.nix ./system/boot/kernel.nix - ./system/boot/luksroot.nix + #./system/boot/luksroot.nix ./system/boot/modprobe.nix ./system/boot/stage-1.nix ./system/boot/stage-2.nix From 421a80ae8f2aa82f6173f077b0cf50aa82a06220 Mon Sep 17 00:00:00 2001 From: Evgeny Egorochkin Date: Mon, 25 Oct 2010 16:44:21 +0000 Subject: [PATCH 09/12] Make flash work in QtWebkit svn path=/nixos/trunk/; revision=24474 --- modules/programs/bash/bashrc.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/programs/bash/bashrc.sh b/modules/programs/bash/bashrc.sh index 37b87887e4f..f8d124879aa 100644 --- a/modules/programs/bash/bashrc.sh +++ b/modules/programs/bash/bashrc.sh @@ -18,7 +18,7 @@ NIX_USER_PROFILE_DIR=/nix/var/nix/profiles/per-user/$USER NIX_PROFILES="/var/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile" unset PATH INFOPATH PKG_CONFIG_PATH PERL5LIB ALSA_PLUGIN_DIRS GST_PLUGIN_PATH KDEDIRS -unset QT_PLUGIN_PATH STRIGI_PLUGIN_PATH XDG_CONFIG_DIRS XDG_DATA_DIRS +unset QT_PLUGIN_PATH QTWEBKIT_PLUGIN_PATH STRIGI_PLUGIN_PATH XDG_CONFIG_DIRS XDG_DATA_DIRS for i in $NIX_PROFILES; do # !!! reverse # We have to care not leaving an empty PATH element, because that means '.' to Linux @@ -40,6 +40,7 @@ for i in $NIX_PROFILES; do # !!! reverse export KDEDIRS=$i${KDEDIRS:+:}$KDEDIRS export STRIGI_PLUGIN_PATH=$i/lib/strigi/${STRIGI_PLUGIN_PATH:+:}$STRIGI_PLUGIN_PATH export QT_PLUGIN_PATH=$i/lib/qt4/plugins:$i/lib/kde4/plugins${QT_PLUGIN_PATH:+:}$QT_PLUGIN_PATH + export QTWEBKIT_PLUGIN_PATH=$i/lib/mozilla/plugins/${QTWEBKIT_PLUGIN_PATH:+:}$QTWEBKIT_PLUGIN_PATH export XDG_CONFIG_DIRS=$i/etc/xdg${XDG_CONFIG_DIRS:+:}$XDG_CONFIG_DIRS export XDG_DATA_DIRS=$i/share${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS done From dff372db3c423dd0efba2723187d85572b089d62 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 25 Oct 2010 22:21:51 +0000 Subject: [PATCH 10/12] * Fix evaluation of the luksroot module when luksRoot == null. The problem is that configuration values below a mkIf are evaluated strictly even if the condition is false. Thus "${luksRoot}" causes an evaluation error. As a workaround, use the empty string instead of `null' as the default value. However, we should really fix the laziness of mkIf. It's likely that NixOS evaluation would be much faster if it didn't have to evaluate disabled configuration values. svn path=/nixos/trunk/; revision=24477 --- modules/module-list.nix | 2 +- modules/system/boot/luksroot.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/module-list.nix b/modules/module-list.nix index 1753bdc8418..1364b28182d 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -146,7 +146,7 @@ ./system/activation/activation-script.nix ./system/activation/top-level.nix ./system/boot/kernel.nix - #./system/boot/luksroot.nix + ./system/boot/luksroot.nix ./system/boot/modprobe.nix ./system/boot/stage-1.nix ./system/boot/stage-2.nix diff --git a/modules/system/boot/luksroot.nix b/modules/system/boot/luksroot.nix index f345db459f0..a01395647a3 100644 --- a/modules/system/boot/luksroot.nix +++ b/modules/system/boot/luksroot.nix @@ -10,7 +10,7 @@ in options = { boot.initrd.luksRoot = mkOption { - default = null; + default = ""; example = "/dev/sda3"; description = ''; The device that should be decrypted using LUKS before trying to mount the @@ -26,7 +26,7 @@ in - config = mkIf (luksRoot != null) { + config = mkIf (luksRoot != "") { boot.initrd.extraUtilsCommands = '' cp -r ${pkgs.cryptsetup}/lib/* $out/lib/ From c4dd77ae9c5209112ead8e731756496d23d75d56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Llu=C3=ADs=20Batlle=20i=20Rossell?= Date: Sat, 30 Oct 2010 20:05:38 +0000 Subject: [PATCH 11/12] Make apache start when filesystems are ready. svn path=/nixos/trunk/; revision=24544 --- modules/services/web-servers/apache-httpd/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index c0505a427aa..ddb8e4f90de 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -555,7 +555,7 @@ in description = "Apache HTTPD"; - startOn = "started ${startingDependency}"; + startOn = "started ${startingDependency} and filesystem"; environment = { # !!! This should be added in test-instrumentation.nix. It From edb5870deb7e53070eed1057378125b5bce394c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Llu=C3=ADs=20Batlle=20i=20Rossell?= Date: Sat, 30 Oct 2010 20:40:33 +0000 Subject: [PATCH 12/12] Fixing the xterm PS1 for changing the window title, so it is properly bracketed for bash not to count the control sequences as printable characters. svn path=/nixos/trunk/; revision=24545 --- modules/programs/bash/bashrc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/programs/bash/bashrc.sh b/modules/programs/bash/bashrc.sh index f8d124879aa..50768635d36 100644 --- a/modules/programs/bash/bashrc.sh +++ b/modules/programs/bash/bashrc.sh @@ -60,7 +60,7 @@ PROMPT_COLOR="1;31m" let $UID && PROMPT_COLOR="1;32m" PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " if test "$TERM" = "xterm"; then - PS1="\033]2;\h:\u:\w\007$PS1" + PS1="\[\033]2;\h:\u:\w\007\]$PS1" fi