diff options
| author | aszlig <aszlig@redmoonstudios.org> | 2016-02-03 16:40:41 +0100 |
|---|---|---|
| committer | aszlig <aszlig@redmoonstudios.org> | 2016-02-03 16:40:41 +0100 |
| commit | c10a17a3ebfe460e713ba6b766fbdabd8c8f716c (patch) | |
| tree | c19a8cbbc0bbbb19eb8f1ed1168a74aee085798e /nixos | |
| parent | 9c13fe6604358e5255457422acbe8e03734f1e44 (diff) | |
| download | nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar.gz nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar.bz2 nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar.lz nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar.xz nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.tar.zst nixlib-c10a17a3ebfe460e713ba6b766fbdabd8c8f716c.zip | |
nixos/udev: Always fail if rules contain FHS paths
Partially reverts the following commits: 9f2a61c59cc4e4ce278e6582cb4bdca9c2088755 9c13fe6604358e5255457422acbe8e03734f1e44 As @edolstra pointed out, it would make more sense to do this by default instead of having that allowImpurePaths option. This of course might break systems which add extra packages to udev, but on the upside it's hard to miss one of these paths now because it won't get buried in the ocean of build output lines. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/hardware/udev.nix | 16 | ||||
| -rw-r--r-- | nixos/tests/installer.nix | 4 |
2 files changed, 1 insertions, 19 deletions
diff --git a/nixos/modules/services/hardware/udev.nix b/nixos/modules/services/hardware/udev.nix index 74ec335c7509..74200eec4c04 100644 --- a/nixos/modules/services/hardware/udev.nix +++ b/nixos/modules/services/hardware/udev.nix @@ -116,7 +116,7 @@ let )" echo "$localFile ($remoteFile) contains references to $refs." done - ${optionalString (!cfg.allowImpurePaths) "exit 1"} + exit 1 fi ${optionalString config.networking.usePredictableInterfaceNames '' @@ -232,20 +232,6 @@ in ''; }; - allowImpurePaths = mkOption { - default = true; - example = false; - type = types.bool; - description = '' - If this is disabled, the build will fail whenever one of the - <command>udev</command> rules contains a reference to - <filename>/usr/bin</filename>, <filename>/usr/sbin</filename>, - <filename>/bin</filename> or <filename>/sbin</filename>. - - By default only a warning is printed during build. - ''; - }; - }; hardware.firmware = mkOption { diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index cbfdad8d76bb..84fdb027ed85 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -30,8 +30,6 @@ let hardware.enableAllFirmware = lib.mkForce false; - services.udev.allowImpurePaths = false; - ${replaceChars ["\n"] ["\n "] extraConfig} } ''; @@ -187,8 +185,6 @@ let hardware.enableAllFirmware = mkForce false; - services.udev.allowImpurePaths = false; - # The test cannot access the network, so any packages we # need must be included in the VM. system.extraDependencies = |