diff options
Diffstat (limited to 'nixos/modules/system')
-rw-r--r-- | nixos/modules/system/activation/activation-script.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/activation/switch-to-configuration.pl | 19 | ||||
-rw-r--r-- | nixos/modules/system/boot/kernel.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/raspberrypi/raspberrypi-builder.sh | 10 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix | 6 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/raspberrypi/uboot-builder.nix | 6 | ||||
-rw-r--r-- | nixos/modules/system/boot/networkd.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/plymouth.nix | 23 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-1-init.sh | 27 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-2-init.sh | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd-nspawn.nix | 24 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd.nix | 19 |
12 files changed, 106 insertions, 36 deletions
diff --git a/nixos/modules/system/activation/activation-script.nix b/nixos/modules/system/activation/activation-script.nix index 74c150a848d1..ddfd1af4a319 100644 --- a/nixos/modules/system/activation/activation-script.nix +++ b/nixos/modules/system/activation/activation-script.nix @@ -218,7 +218,7 @@ in systemd.user = { services.nixos-activation = { - description = "Run user specific NixOS activation"; + description = "Run user-specific NixOS activation"; script = config.system.userActivationScripts.script; unitConfig.ConditionUser = "!@system"; serviceConfig.Type = "oneshot"; diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl index 8ff00fa11dc7..641cf9faadc9 100644 --- a/nixos/modules/system/activation/switch-to-configuration.pl +++ b/nixos/modules/system/activation/switch-to-configuration.pl @@ -10,6 +10,9 @@ use Cwd 'abs_path'; my $out = "@out@"; +# FIXME: maybe we should use /proc/1/exe to get the current systemd. +my $curSystemd = abs_path("/run/current-system/sw/bin"); + # To be robust against interruption, record what units need to be started etc. my $startListFile = "/run/systemd/start-list"; my $restartListFile = "/run/systemd/restart-list"; @@ -267,7 +270,7 @@ while (my ($unit, $state) = each %{$activePrev}) { sub pathToUnitName { my ($path) = @_; # Use current version of systemctl binary before daemon is reexeced. - open my $cmd, "-|", "/run/current-system/sw/bin/systemd-escape", "--suffix=mount", "-p", $path + open my $cmd, "-|", "$curSystemd/systemd-escape", "--suffix=mount", "-p", $path or die "Unable to escape $path!\n"; my $escaped = join "", <$cmd>; chomp $escaped; @@ -370,7 +373,7 @@ if (scalar (keys %unitsToStop) > 0) { print STDERR "stopping the following units: ", join(", ", @unitsToStopFiltered), "\n" if scalar @unitsToStopFiltered; # Use current version of systemctl binary before daemon is reexeced. - system("/run/current-system/sw/bin/systemctl", "stop", "--", sort(keys %unitsToStop)); # FIXME: ignore errors? + system("$curSystemd/systemctl", "stop", "--", sort(keys %unitsToStop)); # FIXME: ignore errors? } print STDERR "NOT restarting the following changed units: ", join(", ", sort(keys %unitsToSkip)), "\n" @@ -382,10 +385,12 @@ my $res = 0; print STDERR "activating the configuration...\n"; system("$out/activate", "$out") == 0 or $res = 2; -# Restart systemd if necessary. +# Restart systemd if necessary. Note that this is done using the +# current version of systemd, just in case the new one has trouble +# communicating with the running pid 1. if ($restartSystemd) { print STDERR "restarting systemd...\n"; - system("@systemd@/bin/systemctl", "daemon-reexec") == 0 or $res = 2; + system("$curSystemd/systemctl", "daemon-reexec") == 0 or $res = 2; } # Forget about previously failed services. @@ -401,8 +406,10 @@ while (my $f = <$listActiveUsers>) { my ($uid, $name) = ($+{uid}, $+{user}); print STDERR "reloading user units for $name...\n"; - system("@su@", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user daemon-reload"); - system("@su@", "-s", "@shell@", "-l", $name, "-c", "XDG_RUNTIME_DIR=/run/user/$uid @systemd@/bin/systemctl --user start nixos-activation.service"); + system("@su@", "-s", "@shell@", "-l", $name, "-c", + "export XDG_RUNTIME_DIR=/run/user/$uid; " . + "$curSystemd/systemctl --user daemon-reexec; " . + "@systemd@/bin/systemctl --user start nixos-activation.service"); } close $listActiveUsers; diff --git a/nixos/modules/system/boot/kernel.nix b/nixos/modules/system/boot/kernel.nix index 50dbf2f83651..8a309f3bc5fe 100644 --- a/nixos/modules/system/boot/kernel.nix +++ b/nixos/modules/system/boot/kernel.nix @@ -108,7 +108,7 @@ in boot.extraModulePackages = mkOption { type = types.listOf types.package; default = []; - example = literalExample "[ pkgs.linuxPackages.nvidia_x11 ]"; + example = literalExample "[ config.boot.kernelPackages.nvidia_x11 ]"; description = "A list of additional packages supplying kernel modules."; }; diff --git a/nixos/modules/system/boot/loader/raspberrypi/raspberrypi-builder.sh b/nixos/modules/system/boot/loader/raspberrypi/raspberrypi-builder.sh index 0fb07de10c04..c8b5bf2e61af 100644 --- a/nixos/modules/system/boot/loader/raspberrypi/raspberrypi-builder.sh +++ b/nixos/modules/system/boot/loader/raspberrypi/raspberrypi-builder.sh @@ -71,7 +71,7 @@ addEntry() { local kernel=$(readlink -f $path/kernel) local initrd=$(readlink -f $path/initrd) - local dtb_path=$(readlink -f $path/kernel-modules/dtbs) + local dtb_path=$(readlink -f $path/dtbs) if test -n "@copyKernels@"; then copyToKernelsDir $kernel; kernel=$result @@ -113,10 +113,18 @@ done fwdir=@firmware@/share/raspberrypi/boot/ copyForced $fwdir/bootcode.bin $target/bootcode.bin copyForced $fwdir/fixup.dat $target/fixup.dat +copyForced $fwdir/fixup4.dat $target/fixup4.dat +copyForced $fwdir/fixup4cd.dat $target/fixup4cd.dat +copyForced $fwdir/fixup4db.dat $target/fixup4db.dat +copyForced $fwdir/fixup4x.dat $target/fixup4x.dat copyForced $fwdir/fixup_cd.dat $target/fixup_cd.dat copyForced $fwdir/fixup_db.dat $target/fixup_db.dat copyForced $fwdir/fixup_x.dat $target/fixup_x.dat copyForced $fwdir/start.elf $target/start.elf +copyForced $fwdir/start4.elf $target/start4.elf +copyForced $fwdir/start4cd.elf $target/start4cd.elf +copyForced $fwdir/start4db.elf $target/start4db.elf +copyForced $fwdir/start4x.elf $target/start4x.elf copyForced $fwdir/start_cd.elf $target/start_cd.elf copyForced $fwdir/start_db.elf $target/start_db.elf copyForced $fwdir/start_x.elf $target/start_x.elf diff --git a/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix b/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix index 1c8354e52696..337afe9ef628 100644 --- a/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix +++ b/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix @@ -59,7 +59,7 @@ in version = mkOption { default = 2; - type = types.enum [ 0 1 2 3 ]; + type = types.enum [ 0 1 2 3 4 ]; description = '' ''; }; @@ -97,8 +97,8 @@ in config = mkIf cfg.enable { assertions = singleton { - assertion = !pkgs.stdenv.hostPlatform.isAarch64 || cfg.version == 3; - message = "Only Raspberry Pi 3 supports aarch64."; + assertion = !pkgs.stdenv.hostPlatform.isAarch64 || cfg.version >= 3; + message = "Only Raspberry Pi >= 3 supports aarch64."; }; system.build.installBootLoader = builder; diff --git a/nixos/modules/system/boot/loader/raspberrypi/uboot-builder.nix b/nixos/modules/system/boot/loader/raspberrypi/uboot-builder.nix index 9d4f8a93d282..1dc397e521b4 100644 --- a/nixos/modules/system/boot/loader/raspberrypi/uboot-builder.nix +++ b/nixos/modules/system/boot/loader/raspberrypi/uboot-builder.nix @@ -10,11 +10,13 @@ let pkgs.ubootRaspberryPi else if version == 2 then pkgs.ubootRaspberryPi2 - else + else if version == 3 then if isAarch64 then pkgs.ubootRaspberryPi3_64bit else - pkgs.ubootRaspberryPi3_32bit; + pkgs.ubootRaspberryPi3_32bit + else + throw "U-Boot is not yet supported on the raspberry pi 4."; extlinuxConfBuilder = import ../generic-extlinux-compatible/extlinux-conf-builder.nix { diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index f2060e21509c..85a106527fe0 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -187,7 +187,7 @@ let # Note: For DHCP the values both, none, v4, v6 are deprecated (assertValueOneOf "DHCP" ["yes" "no" "ipv4" "ipv6" "both" "none" "v4" "v6"]) (assertValueOneOf "DHCPServer" boolValues) - (assertValueOneOf "LinkLocalAddressing" ["yes" "no" "ipv4" "ipv6"]) + (assertValueOneOf "LinkLocalAddressing" ["yes" "no" "ipv4" "ipv6" "ipv4-fallback" "fallback"]) (assertValueOneOf "IPv4LLRoute" boolValues) (assertValueOneOf "LLMNR" ["yes" "resolve" "no"]) (assertValueOneOf "MulticastDNS" ["yes" "resolve" "no"]) diff --git a/nixos/modules/system/boot/plymouth.nix b/nixos/modules/system/boot/plymouth.nix index e4223bae7d32..adca3c3f66e7 100644 --- a/nixos/modules/system/boot/plymouth.nix +++ b/nixos/modules/system/boot/plymouth.nix @@ -5,17 +5,20 @@ with lib; let inherit (pkgs) plymouth; + inherit (pkgs) nixos-icons; cfg = config.boot.plymouth; - breezePlymouth = pkgs.breeze-plymouth.override { - nixosBranding = true; - nixosVersion = config.system.nixos.release; + nixosBreezePlymouth = pkgs.breeze-plymouth.override { + logoFile = cfg.logo; + logoName = "nixos"; + osName = "NixOS"; + osVersion = config.system.nixos.release; }; themesEnv = pkgs.buildEnv { name = "plymouth-themes"; - paths = [ plymouth breezePlymouth ] ++ cfg.themePackages; + paths = [ plymouth ] ++ cfg.themePackages; }; configFile = pkgs.writeText "plymouthd.conf" '' @@ -35,7 +38,7 @@ in enable = mkEnableOption "Plymouth boot splash screen"; themePackages = mkOption { - default = []; + default = [ nixosBreezePlymouth ]; type = types.listOf types.package; description = '' Extra theme packages for plymouth. @@ -52,10 +55,7 @@ in logo = mkOption { type = types.path; - default = pkgs.fetchurl { - url = "https://nixos.org/logo/nixos-hires.png"; - sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si"; - }; + default = "${nixos-icons}/share/icons/hicolor/128x128/apps/nix-snowflake.png"; defaultText = ''pkgs.fetchurl { url = "https://nixos.org/logo/nixos-hires.png"; sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si"; @@ -88,10 +88,7 @@ in systemd.services.plymouth-kexec.wantedBy = [ "kexec.target" ]; systemd.services.plymouth-halt.wantedBy = [ "halt.target" ]; systemd.services.plymouth-quit-wait.wantedBy = [ "multi-user.target" ]; - systemd.services.plymouth-quit = { - wantedBy = [ "multi-user.target" ]; - after = [ "display-manager.service" ]; - }; + systemd.services.plymouth-quit.wantedBy = [ "multi-user.target" ]; systemd.services.plymouth-poweroff.wantedBy = [ "poweroff.target" ]; systemd.services.plymouth-reboot.wantedBy = [ "reboot.target" ]; systemd.services.plymouth-read-write.wantedBy = [ "sysinit.target" ]; diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index b817a45deba3..f520bf54ad1b 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -183,6 +183,12 @@ for o in $(cat /proc/cmdline); do copytoram) copytoram=1 ;; + findiso=*) + # if an iso name is supplied, try to find the device where + # the iso resides on + set -- $(IFS==; echo $o) + isoPath=$2 + ;; esac done @@ -442,6 +448,27 @@ if test -e /sys/power/resume -a -e /sys/power/disk; then fi fi +# If we have a path to an iso file, find the iso and link it to /dev/root +if [ -n "$isoPath" ]; then + mkdir -p /findiso + + for delay in 5 10; do + blkid | while read -r line; do + device=$(echo "$line" | sed 's/:.*//') + type=$(echo "$line" | sed 's/.*TYPE="\([^"]*\)".*/\1/') + + mount -t "$type" "$device" /findiso + if [ -e "/findiso$isoPath" ]; then + ln -sf "/findiso$isoPath" /dev/root + break 2 + else + umount /findiso + fi + done + + sleep "$delay" + done +fi # Try to find and mount the root device. mkdir -p $targetRoot diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh index 03daafa1ce4f..d1de7920df98 100644 --- a/nixos/modules/system/boot/stage-2-init.sh +++ b/nixos/modules/system/boot/stage-2-init.sh @@ -142,7 +142,7 @@ fi # Record the boot configuration. ln -sfn "$systemConfig" /run/booted-system -# Prevent the booted system form being garbage-collected If it weren't +# Prevent the booted system from being garbage-collected. If it weren't # a gcroot, if we were running a different kernel, switched system, # and garbage collected all, we could not load kernel modules anymore. ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system diff --git a/nixos/modules/system/boot/systemd-nspawn.nix b/nixos/modules/system/boot/systemd-nspawn.nix index db6e06b41072..3ddd45b13482 100644 --- a/nixos/modules/system/boot/systemd-nspawn.nix +++ b/nixos/modules/system/boot/systemd-nspawn.nix @@ -113,11 +113,21 @@ in { config = let units = mapAttrs' (n: v: let nspawnFile = "${n}.nspawn"; in nameValuePair nspawnFile (instanceToUnit nspawnFile v)) cfg; - in mkIf (cfg != {}) { - - environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] []; - - systemd.targets.multi-user.wants = [ "machines.target" ]; - }; - + in + mkMerge [ + (mkIf (cfg != {}) { + environment.etc."systemd/nspawn".source = mkIf (cfg != {}) (generateUnits "nspawn" units [] []); + }) + { + systemd.targets.multi-user.wants = [ "machines.target" ]; + + # Workaround for https://github.com/NixOS/nixpkgs/pull/67232#issuecomment-531315437 and https://github.com/systemd/systemd/issues/13622 + # Once systemd fixes this upstream, we can re-enable -U + systemd.services."systemd-nspawn@".serviceConfig.ExecStart = [ + "" # deliberately empty. signals systemd to override the ExecStart + # Only difference between upstream is that we do not pass the -U flag + "${pkgs.systemd}/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth --settings=override --machine=%i" + ]; + } + ]; } diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 2287a82418fe..33b350902a1a 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -546,6 +546,16 @@ in ''; }; + systemd.coredump.enable = mkOption { + default = true; + type = types.bool; + description = '' + Whether core dumps should be processed by + <command>systemd-coredump</command>. If disabled, core dumps + appear in the current directory of the crashing process. + ''; + }; + systemd.coredump.extraConfig = mkOption { default = ""; type = types.lines; @@ -858,7 +868,12 @@ in "sysctl.d/50-coredump.conf".source = "${systemd}/example/sysctl.d/50-coredump.conf"; "sysctl.d/50-default.conf".source = "${systemd}/example/sysctl.d/50-default.conf"; + "tmpfiles.d/journal-nocow.conf".source = "${systemd}/example/tmpfiles.d/journal-nocow.conf"; + "tmpfiles.d/static-nodes-permissions.conf".source = "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf"; "tmpfiles.d/systemd.conf".source = "${systemd}/example/tmpfiles.d/systemd.conf"; + "tmpfiles.d/systemd-nspawn.conf".source = "${systemd}/example/tmpfiles.d/systemd-nspawn.conf"; + "tmpfiles.d/systemd-tmp.conf".source = "${systemd}/example/tmpfiles.d/systemd-tmp.conf"; + "tmpfiles.d/var.conf".source = "${systemd}/example/tmpfiles.d/var.conf"; "tmpfiles.d/x11.conf".source = "${systemd}/example/tmpfiles.d/x11.conf"; "tmpfiles.d/nixos.conf".text = '' @@ -978,6 +993,10 @@ in # Don't bother with certain units in containers. systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container"; systemd.services.systemd-random-seed.unitConfig.ConditionVirtualization = "!container"; + + boot.kernel.sysctl = mkIf (!cfg.coredump.enable) { + "kernel.core_pattern" = "core"; + }; }; # FIXME: Remove these eventually. |