diff options
author | worldofpeace <worldofpeace@protonmail.ch> | 2019-10-16 20:28:21 -0400 |
---|---|---|
committer | worldofpeace <worldofpeace@protonmail.ch> | 2019-10-16 20:28:21 -0400 |
commit | 2fbccbc7288a72bea649d035cdb7a772d10baf3a (patch) | |
tree | 84d71c2ae4c2c5141fb12f1f44489eab9f128c44 /nixos | |
parent | 823da4d492b8b4ad46bf812db8421d99ff17a8fc (diff) | |
download | nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar.gz nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar.bz2 nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar.lz nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar.xz nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.tar.zst nixlib-2fbccbc7288a72bea649d035cdb7a772d10baf3a.zip |
Revert "Merge pull request #71095 from flokli/pinentry-cleanup"
This reverts commit 823da4d492b8b4ad46bf812db8421d99ff17a8fc, reversing changes made to b75c8ee3bc1b9734c29740e9d17ac2175fe207fd.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2003.xml | 9 | ||||
-rw-r--r-- | nixos/modules/config/no-x-libs.nix | 1 | ||||
-rw-r--r-- | nixos/modules/installer/tools/tools.nix | 6 | ||||
-rw-r--r-- | nixos/modules/profiles/installation-device.nix | 3 | ||||
-rw-r--r-- | nixos/modules/programs/gnupg.nix | 39 | ||||
-rw-r--r-- | nixos/modules/services/hardware/udisks2.nix | 5 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 4 | ||||
-rw-r--r-- | nixos/tests/os-prober.nix | 3 |
8 files changed, 17 insertions, 53 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index 49ffcd1c2d21..ab0951e831ce 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -85,14 +85,7 @@ <itemizedlist> <listitem> - <para> - GnuPG is now built without support for a graphical passphrase entry - by default. Please enable the <literal>gpg-agent</literal> user service - via the NixOS option <literal>programs.gnupg.agent.enable</literal>. - Note that upstream recommends using <literal>gpg-agent</literal> and - will spawn a <literal>gpg-agent</literal> on the first invocation of - GnuPG anyway. - </para> + <para /> </listitem> </itemizedlist> </section> diff --git a/nixos/modules/config/no-x-libs.nix b/nixos/modules/config/no-x-libs.nix index 873b8073fed9..74cf74d74181 100644 --- a/nixos/modules/config/no-x-libs.nix +++ b/nixos/modules/config/no-x-libs.nix @@ -34,6 +34,7 @@ with lib; networkmanager-openvpn = super.networkmanager-openvpn.override { withGnome = false; }; networkmanager-vpnc = super.networkmanager-vpnc.override { withGnome = false; }; networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; }; + pinentry = super.pinentry.override { gtk2 = null; gcr = null; qt4 = null; qt5 = null; }; gobject-introspection = super.gobject-introspection.override { x11Support = false; }; })); }; diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 9e6eead3c4d7..329260059598 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -120,11 +120,7 @@ in # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # flavour = "gnome3"; - # }; + # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; # List services that you want to enable: diff --git a/nixos/modules/profiles/installation-device.nix b/nixos/modules/profiles/installation-device.nix index 4596e163404c..fd30220ce1c9 100644 --- a/nixos/modules/profiles/installation-device.nix +++ b/nixos/modules/profiles/installation-device.nix @@ -31,6 +31,9 @@ with lib; # Let the user play Rogue on TTY 8 during the installation. #services.rogue.enable = true; + # Disable some other stuff we don't need. + services.udisks2.enable = mkDefault false; + # Use less privileged nixos user users.users.nixos = { isNormalUser = true; diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix index 4fb7c43c8b2e..bcbc994efe9b 100644 --- a/nixos/modules/programs/gnupg.nix +++ b/nixos/modules/programs/gnupg.nix @@ -6,19 +6,6 @@ let cfg = config.programs.gnupg; - xserverCfg = config.services.xserver; - - defaultPinentryFlavor = - if xserverCfg.desktopManager.lxqt.enable - || xserverCfg.desktopManager.plasma5.enable then - "qt" - else if xserverCfg.desktopManager.xfce.enable then - "gtk2" - else if xserverCfg.enable then - "gnome3" - else - null; - in { @@ -67,20 +54,6 @@ in ''; }; - agent.pinentryFlavor = mkOption { - type = types.nullOr (types.enum pkgs.pinentry.flavors); - example = "gnome3"; - description = '' - Which pinentry interface to use. If not null, the path to the - pinentry binary will be passed to gpg-agent via commandline and - thus overrides the pinentry option in gpg-agent.conf in the user's - home directory. - If not set at all, it'll pick an appropriate flavor depending on the - system configuration (qt flavor for lxqt and plasma5, gtk2 for xfce - 4.12, gnome3 on all other systems with X enabled, ncurses otherwise). - ''; - }; - dirmngr.enable = mkOption { type = types.bool; default = false; @@ -91,16 +64,6 @@ in }; config = mkIf cfg.agent.enable { - programs.gnupg.agent.pinentryFlavor = mkDefault defaultPinentryFlavor; - - # This overrides the systemd user unit shipped with the gnupg package - systemd.user.services.gpg-agent = mkIf (cfg.agent.pinentryFlavor != null) { - serviceConfig.ExecStart = [ "" '' - ${pkgs.gnupg}/bin/gpg-agent --supervised \ - --pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry - '' ]; - }; - systemd.user.sockets.gpg-agent = { wantedBy = [ "sockets.target" ]; }; @@ -120,7 +83,7 @@ in systemd.user.sockets.dirmngr = mkIf cfg.dirmngr.enable { wantedBy = [ "sockets.target" ]; }; - + environment.systemPackages = with pkgs; [ cfg.package ]; systemd.packages = [ cfg.package ]; diff --git a/nixos/modules/services/hardware/udisks2.nix b/nixos/modules/services/hardware/udisks2.nix index e898f3260585..ed8703be921c 100644 --- a/nixos/modules/services/hardware/udisks2.nix +++ b/nixos/modules/services/hardware/udisks2.nix @@ -34,7 +34,10 @@ with lib; services.dbus.packages = [ pkgs.udisks2 ]; - systemd.tmpfiles.rules = [ "d /var/lib/udisks2 0755 root root -" ]; + system.activationScripts.udisks2 = + '' + mkdir -m 0755 -p /var/lib/udisks2 + ''; services.udev.packages = [ pkgs.udisks2 ]; diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index eb1f4f192dd1..a136678c6eff 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -54,6 +54,8 @@ let hardware.enableAllFirmware = lib.mkForce false; + services.udisks2.enable = lib.mkDefault false; + ${replaceChars ["\n"] ["\n "] extraConfig} } ''; @@ -293,6 +295,8 @@ let ++ optional (bootLoader == "grub" && grubVersion == 1) pkgs.grub ++ optionals (bootLoader == "grub" && grubVersion == 2) [ pkgs.grub2 pkgs.grub2_efi ]; + services.udisks2.enable = mkDefault false; + nix.binaryCaches = mkForce [ ]; nix.extraOptions = '' diff --git a/nixos/tests/os-prober.nix b/nixos/tests/os-prober.nix index 5407a62339fe..9cd9f4ecd150 100644 --- a/nixos/tests/os-prober.nix +++ b/nixos/tests/os-prober.nix @@ -51,11 +51,12 @@ let hashed-mirrors = connect-timeout = 1 ''; + services.udisks2.enable = lib.mkForce false; }; # /etc/nixos/configuration.nix for the vm configFile = pkgs.writeText "configuration.nix" '' {config, pkgs, ...}: ({ - imports = + imports = [ ./hardware-configuration.nix <nixpkgs/nixos/modules/testing/test-instrumentation.nix> ]; |