diff options
Diffstat (limited to 'nixos')
20 files changed, 240 insertions, 54 deletions
diff --git a/nixos/doc/manual/installation/installing.xml b/nixos/doc/manual/installation/installing.xml index 742376378dea..e5fb95f7dcf0 100644 --- a/nixos/doc/manual/installation/installing.xml +++ b/nixos/doc/manual/installation/installing.xml @@ -29,13 +29,14 @@ </para> <para> - You are logged-in automatically as <literal>root</literal>. (The - <literal>root</literal> user account has an empty password.) + You are logged-in automatically as <literal>nixos</literal>. + The <literal>nixos</literal> user account has an empty password so you + can use <command>sudo</command> without a password. </para> <para> If you downloaded the graphical ISO image, you can run <command>systemctl - start display-manager</command> to start KDE. If you want to continue on the + start display-manager</command> to start the desktop environment. If you want to continue on the terminal, you can use <command>loadkeys</command> to switch to your preferred keyboard layout. (We even provide neo2 via <command>loadkeys de neo</command>!) @@ -65,9 +66,9 @@ <para> If you would like to continue the installation from a different machine you - need to activate the SSH daemon via <literal>systemctl start - sshd</literal>. In order to be able to login you also need to set a - password for <literal>root</literal> using <literal>passwd</literal>. + need to activate the SSH daemon via <command>systemctl start + sshd</command>. You then must set a password for either <literal>root</literal> or + <literal>nixos</literal> with <command>passwd></command> to be able to login. </para> </section> </section> diff --git a/nixos/doc/manual/man-nixos-enter.xml b/nixos/doc/manual/man-nixos-enter.xml index 42edaa1ae5b6..1481db467122 100644 --- a/nixos/doc/manual/man-nixos-enter.xml +++ b/nixos/doc/manual/man-nixos-enter.xml @@ -34,6 +34,12 @@ </arg> <replaceable>shell-command</replaceable> </arg> + + <arg> + <arg choice='plain'> + <option>--silent</option> + </arg> + </arg> <arg> <arg choice='plain'> @@ -102,6 +108,16 @@ </varlistentry> <varlistentry> <term> + <option>--silent</option> + </term> + <listitem> + <para> + Suppresses all output from the activation script of the target system. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> <option>--</option> </term> <listitem> diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index b12858cfc963..e0f71aadaba5 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -42,6 +42,12 @@ set up binfmt interpreters for each of those listed systems. </para> </listitem> + <listitem> + <para> + The installer now uses a less privileged <literal>nixos</literal> user whereas before we logged in as root. + To gain root privileges use <literal>sudo -i</literal> without a password. + </para> + </listitem> </itemizedlist> </section> @@ -248,6 +254,15 @@ If IBus support in Qt 4.x applications is required, add the <literal>ibus-qt</literal> package to your <xref linkend="opt-environment.systemPackages" /> manually. </para> </listitem> + <listitem> + <para> + The CUPS Printing service now uses socket-based activation by + default, only starting when needed. The previous behavior can + be restored by setting + <option>services.cups.startWhenNeeded</option> to + <literal>false</literal>. + </para> + </listitem> </itemizedlist> </section> diff --git a/nixos/modules/hardware/device-tree.nix b/nixos/modules/hardware/device-tree.nix new file mode 100644 index 000000000000..f57502d4c83e --- /dev/null +++ b/nixos/modules/hardware/device-tree.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.hardware.deviceTree; +in { + options = { + hardware.deviceTree = { + enable = mkOption { + default = pkgs.stdenv.hostPlatform.platform.kernelDTB or false; + type = types.bool; + description = '' + Build device tree files. These are used to describe the + non-discoverable hardware of a system. + ''; + }; + + base = mkOption { + default = "${config.boot.kernelPackages.kernel}/dtbs"; + defaultText = "\${config.boot.kernelPackages.kernel}/dtbs"; + example = literalExample "pkgs.deviceTree_rpi"; + type = types.path; + description = '' + The package containing the base device-tree (.dtb) to boot. Contains + device trees bundled with the Linux kernel by default. + ''; + }; + + overlays = mkOption { + default = []; + example = literalExample + "[\"\${pkgs.deviceTree_rpi.overlays}/w1-gpio.dtbo\"]"; + type = types.listOf types.path; + description = '' + A path containing device tree overlays (.dtbo) to be applied to all + base device-trees. + ''; + }; + + package = mkOption { + default = null; + type = types.nullOr types.path; + internal = true; + description = '' + A path containing the result of applying `overlays` to `base`. + ''; + }; + }; + }; + + config = mkIf (cfg.enable) { + hardware.deviceTree.package = if (cfg.overlays != []) + then pkgs.deviceTree.applyOverlays cfg.base cfg.overlays else cfg.base; + }; +} diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix index f65239a5bc0a..1578e1547bc1 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix @@ -8,16 +8,30 @@ with lib; { imports = [ ./installation-cd-base.nix ]; + # Whitelist wheel users to do anything + # This is useful for things like pkexec + # + # WARNING: this is dangerous for systems + # outside the installation-cd and shouldn't + # be used anywhere else. + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if (subject.isInGroup("wheel")) { + return polkit.Result.YES; + } + }); + ''; + services.xserver = { enable = true; # Don't start the X server by default. autorun = mkForce false; - # Automatically login as root. + # Automatically login as nixos. displayManager.slim = { enable = true; - defaultUser = "root"; + defaultUser = "nixos"; autoLogin = true; }; @@ -33,7 +47,6 @@ with lib; # Enable sound in graphical iso's. hardware.pulseaudio.enable = true; - hardware.pulseaudio.systemWide = true; # Needed since we run plasma as root. environment.systemPackages = [ # Include gparted for partitioning disks. diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix index 1c3c9cb30b41..2536ba73a1de 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix @@ -1,5 +1,5 @@ # This module defines a NixOS installation CD that contains X11 and -# Plasma5. +# Plasma 5. { config, lib, pkgs, ... }: @@ -30,15 +30,20 @@ with lib; Version=1.0 Type=Application Name=NixOS Manual - Exec=firefox ${config.system.build.manual.manualHTMLIndex} + Exec=firefox ${config.system.build.manual.manual}/share/doc/nixos/index.html Icon=text-html ''; + homeDir = "/home/nixos/"; + desktopDir = homeDir + "Desktop/"; + in '' - mkdir -p /root/Desktop - ln -sfT ${manualDesktopFile} /root/Desktop/nixos-manual.desktop - ln -sfT ${pkgs.konsole}/share/applications/org.kde.konsole.desktop /root/Desktop/org.kde.konsole.desktop - ln -sfT ${pkgs.gparted}/share/applications/gparted.desktop /root/Desktop/gparted.desktop + mkdir -p ${desktopDir} + chown nixos ${homeDir} ${desktopDir} + + ln -sfT ${manualDesktopFile} ${desktopDir + "nixos-manual.desktop"} + ln -sfT ${pkgs.gparted}/share/applications/gparted.desktop ${desktopDir + "gparted.desktop"} + ln -sfT ${pkgs.konsole}/share/applications/org.kde.konsole.desktop ${desktopDir + "org.kde.konsole.desktop"} ''; } diff --git a/nixos/modules/installer/tools/nixos-enter.sh b/nixos/modules/installer/tools/nixos-enter.sh index 518dbbbf21e3..4680cd8ae95a 100644 --- a/nixos/modules/installer/tools/nixos-enter.sh +++ b/nixos/modules/installer/tools/nixos-enter.sh @@ -16,7 +16,8 @@ fi mountPoint=/mnt system=/nix/var/nix/profiles/system -command=($system/sw/bin/bash "--login") +command=("$system/sw/bin/bash" "--login") +silent=0 while [ "$#" -gt 0 ]; do i="$1"; shift 1 @@ -32,9 +33,12 @@ while [ "$#" -gt 0 ]; do exit 1 ;; --command|-c) - command=($system/sw/bin/bash "-c" "$1") + command=("$system/sw/bin/bash" "-c" "$1") shift 1 ;; + --silent) + silent=1 + ;; --) command=("$@") break @@ -51,11 +55,20 @@ if [[ ! -e $mountPoint/etc/NIXOS ]]; then exit 126 fi -mkdir -m 0755 -p "$mountPoint/dev" "$mountPoint/sys" +mkdir -p "$mountPoint/dev" "$mountPoint/sys" +chmod 0755 "$mountPoint/dev" "$mountPoint/sys" mount --rbind /dev "$mountPoint/dev" mount --rbind /sys "$mountPoint/sys" +# If silent, write both stdout and stderr of activation script to /dev/null +# otherwise, write both streams to stderr of this process +if [ "$silent" -eq 0 ]; then + PIPE_TARGET="/dev/stderr" +else + PIPE_TARGET="/dev/null" +fi + # Run the activation script. Set $LOCALE_ARCHIVE to supress some Perl locale warnings. -LOCALE_ARCHIVE=$system/sw/lib/locale/locale-archive chroot "$mountPoint" "$system/activate" >&2 || true +LOCALE_ARCHIVE="$system/sw/lib/locale/locale-archive" chroot "$mountPoint" "$system/activate" >>$PIPE_TARGET 2>&1 || true exec chroot "$mountPoint" "${command[@]}" diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3d4c41bbbdb8..a167336c156b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -46,6 +46,7 @@ ./hardware/cpu/amd-microcode.nix ./hardware/cpu/intel-microcode.nix ./hardware/digitalbitbox.nix + ./hardware/device-tree.nix ./hardware/sensor/iio.nix ./hardware/ksm.nix ./hardware/ledger.nix @@ -111,6 +112,7 @@ ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix + ./programs/fuse.nix ./programs/gnome-disks.nix ./programs/gnome-documents.nix ./programs/gpaste.nix diff --git a/nixos/modules/profiles/hardened.nix b/nixos/modules/profiles/hardened.nix index 9e9ddd4f3788..3ff9a2b4fde0 100644 --- a/nixos/modules/profiles/hardened.nix +++ b/nixos/modules/profiles/hardened.nix @@ -44,6 +44,9 @@ with lib; # Disable legacy virtual syscalls "vsyscall=none" + + # Enable page allocator randomization + "page_alloc.shuffle=1" ]; boot.blacklistedKernelModules = [ @@ -121,4 +124,7 @@ with lib; # Ignore outgoing ICMP redirects (this is ipv4 only) boot.kernel.sysctl."net.ipv4.conf.all.send_redirects" = mkDefault false; boot.kernel.sysctl."net.ipv4.conf.default.send_redirects" = mkDefault false; + + # Restrict userfaultfd syscalls to processes with the SYS_PTRACE capability + boot.kernel.sysctl."vm.unprivileged_userfaultfd" = mkDefault false; } diff --git a/nixos/modules/profiles/installation-device.nix b/nixos/modules/profiles/installation-device.nix index 580ea4a58e5b..1a6e06995603 100644 --- a/nixos/modules/profiles/installation-device.nix +++ b/nixos/modules/profiles/installation-device.nix @@ -32,19 +32,35 @@ with lib; #services.rogue.enable = true; # Disable some other stuff we don't need. - security.sudo.enable = mkDefault false; services.udisks2.enable = mkDefault false; + # Use less privileged nixos user + users.users.nixos = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "video" ]; + # Allow the graphical user to login without password + initialHashedPassword = ""; + }; + + # Allow the user to log in as root without a password. + users.users.root.initialHashedPassword = ""; + + # Allow passwordless sudo from nixos user + security.sudo = { + enable = mkDefault true; + wheelNeedsPassword = mkForce false; + }; + # Automatically log in at the virtual consoles. - services.mingetty.autologinUser = "root"; + services.mingetty.autologinUser = "nixos"; # Some more help text. services.mingetty.helpLine = '' - The "root" account has an empty password. ${ + The "nixos" and "root" account have empty passwords. ${ optionalString config.services.xserver.enable - "Type `systemctl start display-manager' to\nstart the graphical user interface."} + "Type `sudo systemctl start display-manager' to\nstart the graphical user interface."} ''; # Allow sshd to be started manually through "systemctl start sshd". @@ -86,8 +102,5 @@ with lib; # because we have the firewall enabled. This makes installs from the # console less cumbersome if the machine has a public IP. networking.firewall.logRefusedConnections = mkDefault false; - - # Allow the user to log in as root without a password. - users.users.root.initialHashedPassword = ""; }; } diff --git a/nixos/modules/programs/fuse.nix b/nixos/modules/programs/fuse.nix new file mode 100644 index 000000000000..c15896efbb51 --- /dev/null +++ b/nixos/modules/programs/fuse.nix @@ -0,0 +1,37 @@ +{ config, lib, ... }: + +with lib; + +let + cfg = config.programs.fuse; +in { + meta.maintainers = with maintainers; [ primeos ]; + + options.programs.fuse = { + mountMax = mkOption { + # In the C code it's an "int" (i.e. signed and at least 16 bit), but + # negative numbers obviously make no sense: + type = types.ints.between 0 32767; # 2^15 - 1 + default = 1000; + description = '' + Set the maximum number of FUSE mounts allowed to non-root users. + ''; + }; + + userAllowOther = mkOption { + type = types.bool; + default = false; + description = '' + Allow non-root users to specify the allow_other or allow_root mount + options, see mount.fuse3(8). + ''; + }; + }; + + config = { + environment.etc."fuse.conf".text = '' + ${optionalString (!cfg.userAllowOther) "#"}user_allow_other + mount_max = ${toString cfg.mountMax} + ''; + }; +} diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix index f19bf9d81396..bbbfcf6a4738 100644 --- a/nixos/modules/services/network-filesystems/ipfs.nix +++ b/nixos/modules/services/network-filesystems/ipfs.nix @@ -208,9 +208,9 @@ in { config = mkIf cfg.enable { environment.systemPackages = [ wrapped ]; - environment.etc."fuse.conf" = mkIf cfg.autoMount { text = '' - user_allow_other - ''; }; + programs.fuse = mkIf cfg.autoMount { + userAllowOther = true; + }; users.users = mkIf (cfg.user == "ipfs") { ipfs = { diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 86b0c8d69beb..42c1b9482cb2 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -127,7 +127,7 @@ in startWhenNeeded = mkOption { type = types.bool; - default = false; + default = true; description = '' If set, CUPS is socket-activated; that is, instead of having it permanently running as a daemon, @@ -296,11 +296,16 @@ in # gets loaded, and then cups cannot access the printers. boot.blacklistedKernelModules = [ "usblp" ]; + # Some programs like print-manager rely on this value to get + # printer test pages. + environment.sessionVariables.CUPS_DATADIR = "${bindir}/share/cups"; + systemd.packages = [ cups.out ]; systemd.sockets.cups = mkIf cfg.startWhenNeeded { wantedBy = [ "sockets.target" ]; - listenStreams = map (x: replaceStrings ["localhost"] ["127.0.0.1"] (removePrefix "*:" x)) cfg.listenAddresses; + listenStreams = [ "/run/cups/cups.sock" ] + ++ map (x: replaceStrings ["localhost"] ["127.0.0.1"] (removePrefix "*:" x)) cfg.listenAddresses; }; systemd.services.cups = @@ -362,10 +367,10 @@ in { description = "CUPS Remote Printer Discovery"; wantedBy = [ "multi-user.target" ]; - wants = [ "cups.service" "avahi-daemon.service" ]; - bindsTo = [ "cups.service" "avahi-daemon.service" ]; - partOf = [ "cups.service" "avahi-daemon.service" ]; - after = [ "cups.service" "avahi-daemon.service" ]; + wants = [ "avahi-daemon.service" ] ++ optional (!cfg.startWhenNeeded) "cups.service"; + bindsTo = [ "avahi-daemon.service" ] ++ optional (!cfg.startWhenNeeded) "cups.service"; + partOf = [ "avahi-daemon.service" ] ++ optional (!cfg.startWhenNeeded) "cups.service"; + after = [ "avahi-daemon.service" ] ++ optional (!cfg.startWhenNeeded) "cups.service"; path = [ cups ]; @@ -421,4 +426,7 @@ in security.pam.services.cups = {}; }; + + meta.maintainers = with lib.maintainers; [ matthewbauer ]; + } diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 5e1e652a5089..cbfd2d3c2ea2 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -15,12 +15,16 @@ let ''; }; - nixos-gsettings-desktop-schemas = pkgs.runCommand "nixos-gsettings-desktop-schemas" { preferLocalBuild = true; } + nixos-gsettings-desktop-schemas = let + defaultPackages = with pkgs; [ gsettings-desktop-schemas gnome3.gnome-shell ]; + in + pkgs.runCommand "nixos-gsettings-desktop-schemas" { preferLocalBuild = true; } '' mkdir -p $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas - cp -rf ${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas - ${concatMapStrings (pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n") cfg.extraGSettingsOverridePackages} + ${concatMapStrings + (pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n") + (defaultPackages ++ cfg.extraGSettingsOverridePackages)} chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF @@ -30,6 +34,9 @@ let [org.gnome.desktop.screensaver] picture-uri='${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png' + [org.gnome.shell] + favorite-apps=[ 'org.gnome.Epiphany.desktop', 'evolution.desktop', 'org.gnome.Music.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop' ] + ${cfg.extraGSettingsOverrides} EOF diff --git a/nixos/modules/services/x11/xserver.nix b/nixos/modules/services/x11/xserver.nix index b1a316706976..7ffe1c125610 100644 --- a/nixos/modules/services/x11/xserver.nix +++ b/nixos/modules/services/x11/xserver.nix @@ -714,7 +714,7 @@ in nativeBuildInputs = [ pkgs.xkbvalidate ]; preferLocalBuild = true; } '' - validate "$xkbModel" "$layout" "$xkbVariant" "$xkbOptions" + xkbvalidate "$xkbModel" "$layout" "$xkbVariant" "$xkbOptions" touch "$out" ''); diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index 5c88d27b6c65..f67d29005616 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -46,8 +46,8 @@ let ln -s ${kernelPath} $out/kernel ln -s ${config.system.modulesTree} $out/kernel-modules - ${optionalString (pkgs.stdenv.hostPlatform.platform.kernelDTB or false) '' - ln -s ${config.boot.kernelPackages.kernel}/dtbs $out/dtbs + ${optionalString (config.hardware.deviceTree.package != null) '' + ln -s ${config.hardware.deviceTree.package} $out/dtbs ''} echo -n "$kernelParams" > $out/kernel-params diff --git a/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.sh b/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.sh index c780a89b102c..0092ee92b62f 100644 --- a/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.sh +++ b/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.sh @@ -75,9 +75,8 @@ addEntry() { copyToKernelsDir "$path/kernel"; kernel=$result copyToKernelsDir "$path/initrd"; initrd=$result - # XXX UGLY: maybe the system config should have a top-level "dtbs" entry? - dtbDir=$(readlink -m "$path/kernel/../dtbs") - if [ -d "$dtbDir" ]; then + dtbDir=$(readlink -m "$path/dtbs") + if [ -e "$dtbDir" ]; then copyToKernelsDir "$dtbDir"; dtbs=$result fi diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index f1aa9064bef4..d6b446e9ac22 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -10,7 +10,7 @@ let checkLink = checkUnitConfig "Link" [ (assertOnlyFields [ - "Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "Name" + "Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "OriginalName" "MTUBytes" "BitsPerSecond" "Duplex" "AutoNegotiation" "WakeOnLan" "Port" "TCPSegmentationOffload" "TCP6SegmentationOffload" "GenericSegmentationOffload" "GenericReceiveOffload" "LargeReceiveOffload" "RxChannels" "TxChannels" diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index d67790702f1f..0c4ad90b4eb6 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -35,10 +35,9 @@ in autoResize = true; }; - boot.extraModulePackages = - [ config.boot.kernelPackages.ixgbevf - config.boot.kernelPackages.ena - ]; + boot.extraModulePackages = [ + config.boot.kernelPackages.ena + ]; boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ]; boot.initrd.availableKernelModules = [ "ixgbevf" "ena" "nvme" ]; boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" ]; diff --git a/nixos/tests/printing.nix b/nixos/tests/printing.nix index e8702c1ffbf1..74583ae55623 100644 --- a/nixos/tests/printing.nix +++ b/nixos/tests/printing.nix @@ -3,7 +3,7 @@ import ./make-test.nix ({pkgs, ... }: { name = "printing"; meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ domenkozar eelco ]; + maintainers = [ domenkozar eelco matthewbauer ]; }; nodes = { @@ -34,10 +34,6 @@ import ./make-test.nix ({pkgs, ... }: { '' startAll; - # Make sure that cups is up on both sides. - $server->waitForUnit("cups.service"); - $client->waitForUnit("cups.service"); - $client->sleep(10); # wait until cups is fully initialized $client->succeed("lpstat -r") =~ /scheduler is running/ or die; # check local encrypted connections work without error $client->succeed("lpstat -E -r") =~ /scheduler is running/ or die; |