diff options
Diffstat (limited to 'nixpkgs/nixos/modules/system/etc')
-rw-r--r-- | nixpkgs/nixos/modules/system/etc/etc.nix | 162 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/system/etc/make-etc.sh | 46 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/system/etc/setup-etc.pl | 140 |
3 files changed, 348 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/system/etc/etc.nix b/nixpkgs/nixos/modules/system/etc/etc.nix new file mode 100644 index 000000000000..7d43ba07ca57 --- /dev/null +++ b/nixpkgs/nixos/modules/system/etc/etc.nix @@ -0,0 +1,162 @@ +# Management of static files in /etc. + +{ config, lib, pkgs, ... }: + +with lib; + +let + + etc' = filter (f: f.enable) (attrValues config.environment.etc); + + etc = pkgs.stdenvNoCC.mkDerivation { + name = "etc"; + + builder = ./make-etc.sh; + + preferLocalBuild = true; + allowSubstitutes = false; + + /* !!! Use toXML. */ + sources = map (x: x.source) etc'; + targets = map (x: x.target) etc'; + modes = map (x: x.mode) etc'; + users = map (x: x.user) etc'; + groups = map (x: x.group) etc'; + }; + +in + +{ + + ###### interface + + options = { + + environment.etc = mkOption { + default = {}; + example = literalExample '' + { example-configuration-file = + { source = "/nix/store/.../etc/dir/file.conf.example"; + mode = "0440"; + }; + "default/useradd".text = "GROUP=100 ..."; + } + ''; + description = '' + Set of files that have to be linked in <filename>/etc</filename>. + ''; + + type = with types; loaOf (submodule ( + { name, config, ... }: + { options = { + + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether this /etc file should be generated. This + option allows specific /etc files to be disabled. + ''; + }; + + target = mkOption { + type = types.str; + description = '' + Name of symlink (relative to + <filename>/etc</filename>). Defaults to the attribute + name. + ''; + }; + + text = mkOption { + default = null; + type = types.nullOr types.lines; + description = "Text of the file."; + }; + + source = mkOption { + type = types.path; + description = "Path of the source file."; + }; + + mode = mkOption { + type = types.str; + default = "symlink"; + example = "0600"; + description = '' + If set to something else than <literal>symlink</literal>, + the file is copied instead of symlinked, with the given + file mode. + ''; + }; + + uid = mkOption { + default = 0; + type = types.int; + description = '' + UID of created file. Only takes affect when the file is + copied (that is, the mode is not 'symlink'). + ''; + }; + + gid = mkOption { + default = 0; + type = types.int; + description = '' + GID of created file. Only takes affect when the file is + copied (that is, the mode is not 'symlink'). + ''; + }; + + user = mkOption { + default = "+${toString config.uid}"; + type = types.str; + description = '' + User name of created file. + Only takes affect when the file is copied (that is, the mode is not 'symlink'). + Changing this option takes precedence over <literal>uid</literal>. + ''; + }; + + group = mkOption { + default = "+${toString config.gid}"; + type = types.str; + description = '' + Group name of created file. + Only takes affect when the file is copied (that is, the mode is not 'symlink'). + Changing this option takes precedence over <literal>gid</literal>. + ''; + }; + + }; + + config = { + target = mkDefault name; + source = mkIf (config.text != null) ( + let name' = "etc-" + baseNameOf name; + in mkDefault (pkgs.writeText name' config.text)); + }; + + })); + + }; + + }; + + + ###### implementation + + config = { + + system.build.etc = etc; + + system.activationScripts.etc = stringAfter [ "users" "groups" ] + '' + # Set up the statically computed bits of /etc. + echo "setting up /etc..." + ${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/lib/perl5/site_perl ${./setup-etc.pl} ${etc}/etc + ''; + + }; + +} diff --git a/nixpkgs/nixos/modules/system/etc/make-etc.sh b/nixpkgs/nixos/modules/system/etc/make-etc.sh new file mode 100644 index 000000000000..1ca4c3046f0e --- /dev/null +++ b/nixpkgs/nixos/modules/system/etc/make-etc.sh @@ -0,0 +1,46 @@ +source $stdenv/setup + +mkdir -p $out/etc + +set -f +sources_=($sources) +targets_=($targets) +modes_=($modes) +users_=($users) +groups_=($groups) +set +f + +for ((i = 0; i < ${#targets_[@]}; i++)); do + source="${sources_[$i]}" + target="${targets_[$i]}" + + if [[ "$source" =~ '*' ]]; then + + # If the source name contains '*', perform globbing. + mkdir -p $out/etc/$target + for fn in $source; do + ln -s "$fn" $out/etc/$target/ + done + + else + + mkdir -p $out/etc/$(dirname $target) + if ! [ -e $out/etc/$target ]; then + ln -s $source $out/etc/$target + else + echo "duplicate entry $target -> $source" + if test "$(readlink $out/etc/$target)" != "$source"; then + echo "mismatched duplicate entry $(readlink $out/etc/$target) <-> $source" + exit 1 + fi + fi + + if test "${modes_[$i]}" != symlink; then + echo "${modes_[$i]}" > $out/etc/$target.mode + echo "${users_[$i]}" > $out/etc/$target.uid + echo "${groups_[$i]}" > $out/etc/$target.gid + fi + + fi +done + diff --git a/nixpkgs/nixos/modules/system/etc/setup-etc.pl b/nixpkgs/nixos/modules/system/etc/setup-etc.pl new file mode 100644 index 000000000000..eed20065087f --- /dev/null +++ b/nixpkgs/nixos/modules/system/etc/setup-etc.pl @@ -0,0 +1,140 @@ +use strict; +use File::Find; +use File::Copy; +use File::Path; +use File::Basename; +use File::Slurp; + +my $etc = $ARGV[0] or die; +my $static = "/etc/static"; + +sub atomicSymlink { + my ($source, $target) = @_; + my $tmp = "$target.tmp"; + unlink $tmp; + symlink $source, $tmp or return 0; + rename $tmp, $target or return 0; + return 1; +} + + +# Atomically update /etc/static to point at the etc files of the +# current configuration. +atomicSymlink $etc, $static or die; + +# Returns 1 if the argument points to the files in /etc/static. That +# means either argument is a symlink to a file in /etc/static or a +# directory with all children being static. +sub isStatic { + my $path = shift; + + if (-l $path) { + my $target = readlink $path; + return substr($target, 0, length "/etc/static/") eq "/etc/static/"; + } + + if (-d $path) { + opendir DIR, "$path" or return 0; + my @names = readdir DIR or die; + closedir DIR; + + foreach my $name (@names) { + next if $name eq "." || $name eq ".."; + unless (isStatic("$path/$name")) { + return 0; + } + } + return 1; + } + + return 0; +} + +# Remove dangling symlinks that point to /etc/static. These are +# configuration files that existed in a previous configuration but not +# in the current one. For efficiency, don't look under /etc/nixos +# (where all the NixOS sources live). +sub cleanup { + if ($File::Find::name eq "/etc/nixos") { + $File::Find::prune = 1; + return; + } + if (-l $_) { + my $target = readlink $_; + if (substr($target, 0, length $static) eq $static) { + my $x = "/etc/static/" . substr($File::Find::name, length "/etc/"); + unless (-l $x) { + print STDERR "removing obsolete symlink ‘$File::Find::name’...\n"; + unlink "$_"; + } + } + } +} + +find(\&cleanup, "/etc"); + + +# Use /etc/.clean to keep track of copied files. +my @oldCopied = read_file("/etc/.clean", chomp => 1, err_mode => 'quiet'); +open CLEAN, ">>/etc/.clean"; + + +# For every file in the etc tree, create a corresponding symlink in +# /etc to /etc/static. The indirection through /etc/static is to make +# switching to a new configuration somewhat more atomic. +my %created; +my @copied; + +sub link { + my $fn = substr $File::Find::name, length($etc) + 1 or next; + my $target = "/etc/$fn"; + File::Path::make_path(dirname $target); + $created{$fn} = 1; + + # Rename doesn't work if target is directory. + if (-l $_ && -d $target) { + if (isStatic $target) { + rmtree $target or warn; + } else { + warn "$target directory contains user files. Symlinking may fail."; + } + } + + if (-e "$_.mode") { + my $mode = read_file("$_.mode"); chomp $mode; + if ($mode eq "direct-symlink") { + atomicSymlink readlink("$static/$fn"), $target or warn; + } else { + my $uid = read_file("$_.uid"); chomp $uid; + my $gid = read_file("$_.gid"); chomp $gid; + copy "$static/$fn", "$target.tmp" or warn; + $uid = getpwnam $uid unless $uid =~ /^\+/; + $gid = getgrnam $gid unless $gid =~ /^\+/; + chown int($uid), int($gid), "$target.tmp" or warn; + chmod oct($mode), "$target.tmp" or warn; + rename "$target.tmp", $target or warn; + } + push @copied, $fn; + print CLEAN "$fn\n"; + } elsif (-l "$_") { + atomicSymlink "$static/$fn", $target or warn; + } +} + +find(\&link, $etc); + + +# Delete files that were copied in a previous version but not in the +# current. +foreach my $fn (@oldCopied) { + if (!defined $created{$fn}) { + $fn = "/etc/$fn"; + print STDERR "removing obsolete file ‘$fn’...\n"; + unlink "$fn"; + } +} + + +# Rewrite /etc/.clean. +close CLEAN; +write_file("/etc/.clean", map { "$_\n" } @copied); |