public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
120,688 Commits 1 Branch 0 Tags
Commit Graph

120688 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eelco Dolstra
74783a4510 * More refactoring; move some of the boot time options into the 
options framework.

svn path=/nixos/trunk/; revision=7317
 2006-12-11 16:10:23 +00:00
Eelco Dolstra
7573a88ca6 * More refactoring. 
svn path=/nixos/trunk/; revision=7316
 2006-12-11 15:47:30 +00:00
Eelco Dolstra
e002f96a56 * TMI. 
svn path=/nixpkgs/trunk/; revision=7315
 2006-12-11 15:46:54 +00:00
Eelco Dolstra
ce29e4efc7 * More refactoring. 
svn path=/nixos/trunk/; revision=7314
 2006-12-11 15:42:02 +00:00
Eelco Dolstra
16a9702c4a * Move some stuff out of boot-environment.nix. 
svn path=/nixos/trunk/; revision=7313
 2006-12-11 15:32:10 +00:00
Eelco Dolstra
970924e487 * Forgotten to add. 
svn path=/nixos/trunk/; revision=7312
 2006-12-11 14:16:03 +00:00
Eelco Dolstra
1561e2421d * Enable PAM in the SSH daemon. 
svn path=/nixos/trunk/; revision=7311
 2006-12-11 03:25:13 +00:00
Eelco Dolstra
e09f8061b7 * OpenSSH: optionally use PAM. 
* Some purity fixes in OpenSSH: it needs Perl, and we now specify a
  location for the empty privsep directory.

svn path=/nixpkgs/trunk/; revision=7310
 2006-12-11 03:24:35 +00:00
Eelco Dolstra
efa9b1ba88 * Grmbl. 
svn path=/nixos/trunk/; revision=7309
 2006-12-11 03:03:42 +00:00
Eelco Dolstra
b80769d5ae * Hm, "set" doesn't seem to do the right thing. 
svn path=/nixos/trunk/; revision=7308
 2006-12-11 02:55:28 +00:00
Eelco Dolstra
85fc6aedf2 * Cleanup. 
svn path=/nixos/trunk/; revision=7307
 2006-12-11 02:52:23 +00:00
Eelco Dolstra
f327b072cb * Very basic PAM configuration. We now use Blowfish hashing for 
/etc/shadow.

svn path=/nixos/trunk/; revision=7306
 2006-12-11 02:44:26 +00:00
Eelco Dolstra
5b262e235e * Add libxcrypt for Blowfish support in pam_unix2. 
svn path=/nixpkgs/trunk/; revision=7305
 2006-12-11 02:35:05 +00:00
Eelco Dolstra
745acdd93a * pam_unix2, a better passwd authentication module. 
svn path=/nixpkgs/trunk/; revision=7304
 2006-12-11 01:39:02 +00:00
Eelco Dolstra
06256e22d8 * A script to test configurations, i.e., make them current without 
making them the boot default.  So if we screw up, we can just reset
  to get back to normal.

svn path=/nixos/trunk/; revision=7303
 2006-12-11 01:03:26 +00:00
Eelco Dolstra
578b56d3c6 * Make halt/reboot work again (umount and reboot were no longer in 
$PATH).

* Use the login from pam_login instead of shadowutils.

svn path=/nixos/trunk/; revision=7302
 2006-12-11 00:52:36 +00:00
Eelco Dolstra
52241b5b0f * No longer needed - folded into the mingetty Upstart job. 
svn path=/nixpkgs/trunk/; revision=7301
 2006-12-11 00:51:39 +00:00
Eelco Dolstra
c063ea2bfa * Use runCommand. 
svn path=/nixos/trunk/; revision=7300
 2006-12-10 22:43:04 +00:00
Eelco Dolstra
acf656125c * Lots of refactoring. 
* Clear the PATH in most scripts.  This helps to ensure purity.

svn path=/nixos/trunk/; revision=7299
 2006-12-10 22:29:44 +00:00
Eelco Dolstra
7dfbf0eba7 * Move the substitution functions into stdenv (not merged yet). 
* If the environment variable buildCommand is set, then eval that
  instead of doing the build phases.  This is used by the runCommand
  function in all-packages.nix to allow one-lines like

    foo = runCommand "foo" {} "mkdir $out; echo foo > $out/foo";
    

svn path=/nixpkgs/trunk/; revision=7298
 2006-12-10 22:24:42 +00:00
Eelco Dolstra
4ac288e724 * Allow switching to a new configuration without rebooting. However, 
we don't stop/start/restart Upstart jobs yet.

svn path=/nixos/trunk/; revision=7297
 2006-12-10 00:04:58 +00:00
Eelco Dolstra
9986bda673 * Move the stuff in boot-stage-2-init.sh that doesn't have to happen 
at boot time into a separate script.  This will allow us to change
  the configuration without rebooting (provided that the configuration
  doesn't have a different kernel, init, etc.).

svn path=/nixos/trunk/; revision=7294
 2006-12-09 19:25:23 +00:00
Eelco Dolstra
af8dc724d1 * Remove symlinks in /etc that are not in the current configuration. 
svn path=/nixos/trunk/; revision=7293
 2006-12-09 18:18:27 +00:00
Eelco Dolstra
cca1ba0372 * Latest Flash beta. 
svn path=/nixpkgs/trunk/; revision=7292
 2006-12-09 17:27:59 +00:00
Eelco Dolstra
2fe4badb9a * Start the Nix daemon to enable multi-user package management in 
NixOS.

svn path=/nixos/trunk/; revision=7291
 2006-12-09 03:11:14 +00:00
Eelco Dolstra
f049c35a86 * More semi-purification of /etc. 
svn path=/nixos/trunk/; revision=7290
 2006-12-09 02:51:42 +00:00
Eelco Dolstra
951da2409f * Slightly cleaner way. 
svn path=/nixpkgs/trunk/; revision=7289
 2006-12-09 00:57:16 +00:00
Eelco Dolstra
8695d51417 * Added the IANA protocols and services files for /etc. 
svn path=/nixpkgs/trunk/; revision=7288
 2006-12-09 00:54:11 +00:00
Eelco Dolstra
42558043b3 * Emacs: use ncurses so that we don't need /etc/termcap in terminal 
mode.

svn path=/nixpkgs/trunk/; revision=7287
 2006-12-09 00:48:15 +00:00
Eelco Dolstra
f20d572814 * Multi-user Nix setup has changed. 
svn path=/nixos/trunk/; revision=7285
 2006-12-09 00:06:18 +00:00
Eelco Dolstra
7ce9e38ad9 * Latest pam. 
* Added pwdutils and pam_login to replace shadow.

svn path=/nixpkgs/trunk/; revision=7284
 2006-12-08 23:53:07 +00:00
Eelco Dolstra
3691639db1 * By popular demand: xfig. 
svn path=/nixpkgs/trunk/; revision=7278
 2006-12-08 01:17:21 +00:00
Eelco Dolstra
3a4312f263 * Latest unstable version. 
svn path=/nixpkgs/trunk/; revision=7274
 2006-12-07 22:50:15 +00:00
Eelco Dolstra
71285201cd * Doh! Copy *all* the plugins. No wonder most videos didn't work 
anymore...

svn path=/nixpkgs/trunk/; revision=7272
 2006-12-07 22:00:10 +00:00
Armijn Hemel
3613f5568c 1.1 -> 1.2 
svn path=/nixpkgs/trunk/; revision=7268
 2006-12-07 19:31:23 +00:00
Eelco Dolstra
cf8fad5c83 * MPlayer 1.0rc1. 
* Added freefont-ttf (use to provide a default OSD font for MPlayer).

svn path=/nixpkgs/trunk/; revision=7241
 2006-12-05 22:28:45 +00:00
Eelco Dolstra
26b32785d2 * Xvidcap for making screen recordings. 
svn path=/nixpkgs/trunk/; revision=7186
 2006-12-01 16:44:26 +00:00
Eelco Dolstra
bc3f4f8352 * Set up Nix so that builds are never performed as root, but rather 
under nix-build-N.

svn path=/nixos/trunk/; revision=7172
 2006-11-29 23:41:21 +00:00
Eelco Dolstra
ec764b7c08 * Helper script to check for and create accounts. 
svn path=/nixos/trunk/; revision=7171
 2006-11-29 23:10:22 +00:00
Eelco Dolstra
79464e0d9c * Don't start X by default. 
svn path=/nixos/trunk/; revision=7170
 2006-11-29 22:34:59 +00:00
Eelco Dolstra
157b6cd18d * Missing dependencies. Will merge into the generator later. 
svn path=/nixpkgs/trunk/; revision=7166
 2006-11-28 22:28:27 +00:00
Eelco Dolstra
8532f2be8e * Add the X server as an Upstart service. The X server is pure, 
except for the fonts, which are still hardcoded.  The current
  configuration uses the VESA driver, which should work on most
  machines.  Of course, the configuration should now be generated from
  a higher-level specification.

svn path=/nixos/trunk/; revision=7165
 2006-11-28 22:27:56 +00:00
Eelco Dolstra
a66bae7b2f * Strip. 
svn path=/nixos/trunk/; revision=7164
 2006-11-28 17:40:56 +00:00
Eelco Dolstra
39ac293b58 * Create setuid wrappers for a few programs (su and passwd). This is 
still a bit ad hoc, but it works.

svn path=/nixos/trunk/; revision=7163
 2006-11-28 17:34:27 +00:00
Eelco Dolstra
4b3525fa80 * Handle the case where nix-env is a symlink. 
svn path=/nixos/trunk/; revision=7162
 2006-11-28 16:59:47 +00:00
Eelco Dolstra
362f0f752b * Don't put every package in the boot environment in $PATH but rather 
create a symlink tree and put that in $PATH.

svn path=/nixos/trunk/; revision=7161
 2006-11-28 16:47:14 +00:00
Eelco Dolstra
153d4e65a1 * Fork of build-env in the Nix distribution. This one supports 
ignoring collisions and selectively including directories.

svn path=/nixpkgs/trunk/; revision=7160
 2006-11-28 16:46:12 +00:00
Eelco Dolstra
89ba1cba24 * We don't need groups from shadow. 
svn path=/nixpkgs/trunk/; revision=7159
 2006-11-28 15:45:41 +00:00
Eelco Dolstra
cb6c02f092 * Set NIX_CONF_DIR. 
svn path=/nixos/trunk/; revision=7158
 2006-11-28 15:06:08 +00:00
Eelco Dolstra
cba92bbdf1 * First step towards setuid/setgid support: a setuid/setgid wrapper 
program.

  The Nix store cannot directly support setuid binaries for a number
  of reasons:

  - Builds are generally not performed as root (and they shouldn't
    be), so the builder cannot chown/chmod executables to the right
    setuid ownership.

  - Unpacking a NAR archive containing a setuid binary would only work
    when Nix is run as root.

  - Worst of all, setuid binaries don't fit in the purely functional
    model: if a security bug is discovered in a setuid binary, that
    binary should be removed from the system to prevent users from
    calling it.  But we cannot garbage collect it unless all
    references to it are gone, which might never happen.  Of course,
    we could just remove setuid permission, but that would also be
    impure.

  So the solution is to keep setuid-ness out of the Nix store.
  Rather, for programs that we want to execute as setuid, we generate
  wrapper programs (as root) that are setuid and do an execve() to
  call the real, non-setuid program in the Nix store.

  That's what setuid-wrapper does.  It determines its own name (e.g.,
  /var/setuid-wrappers/passwd), reads the name of the wrapped program
  from <self>.real (e.g., /var/setuid-wrappers/passwd.real, which
  might contain /nix/var/nix/profiles/system/bin/passwd), and executes
  it.  Thus, the non-setuid passwd in the Nix store would be executed
  with the effective user set to root.

  Setuid-wrapper also performs a few security checks to prevent it
  from reading a fake <self>.real file through hard-linking tricks.

svn path=/nixos/trunk/; revision=7157
 2006-11-28 13:36:27 +00:00