diff --git a/modules/system/boot/stage-1-init.sh b/modules/system/boot/stage-1-init.sh index b61e130a1bb..cd7bec22471 100644 --- a/modules/system/boot/stage-1-init.sh +++ b/modules/system/boot/stage-1-init.sh @@ -55,7 +55,7 @@ mkdir -p /sys mount -t sysfs none /sys mount -t tmpfs -o "mode=0755,size=@devSize@" none /dev mkdir -p /run -mount -t tmpfs none /run +mount -t tmpfs -o "mode=1777,size=@runSize@" none /run # Process the kernel command line. diff --git a/modules/system/boot/stage-1.nix b/modules/system/boot/stage-1.nix index c4e93461015..8936a1108d0 100644 --- a/modules/system/boot/stage-1.nix +++ b/modules/system/boot/stage-1.nix @@ -282,7 +282,7 @@ let inherit udevConf extraUtils; - inherit (config.boot) resumeDevice devSize; + inherit (config.boot) resumeDevice devSize runSize; inherit (config.boot.initrd) checkJournalingFS postDeviceCommands postMountCommands kernelModules; diff --git a/modules/system/boot/stage-2-init.sh b/modules/system/boot/stage-2-init.sh index 5f3c4170be2..85578d59fce 100644 --- a/modules/system/boot/stage-2-init.sh +++ b/modules/system/boot/stage-2-init.sh @@ -126,7 +126,7 @@ rm -rf /nix/var/nix/gcroots/tmp /nix/var/nix/temproots if ! mountpoint -q /run; then rm -rf /run mkdir -m 0755 -p /run - mount -t tmpfs -o "mode=755" none /run + mount -t tmpfs -o "mode=1777,size=@runSize@" none /run fi mkdir -m 0700 -p /run/lock diff --git a/modules/system/boot/stage-2.nix b/modules/system/boot/stage-2.nix index 42de07432c8..e06d41da14c 100644 --- a/modules/system/boot/stage-2.nix +++ b/modules/system/boot/stage-2.nix @@ -32,6 +32,14 @@ let ''; }; + runSize = pkgs.lib.mkOption { + default = "50%"; + example = "256m"; + description = '' + Size limit for the /run tmpfs. Look at mount(8), tmpfs size option, + for the accepted syntax. + ''; + }; }; }; @@ -43,7 +51,7 @@ let src = ./stage-2-init.sh; isExecutable = true; inherit kernel; - inherit (config.boot) devShmSize; + inherit (config.boot) devShmSize runSize; ttyGid = config.ids.gids.tty; upstart = config.system.build.upstart; path =