| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | |
|
| | |
| |
| |
| | |
This hasn't worked in a long time.
|
| |/
|
|
| |
It's obsoleted by rpcbind.
|
| |
|
|
|
|
|
|
|
|
|
| |
All profileVariables listed each profile twice (e.g. $PATH contained
$HOME/.nix-profile/bin twice). This is because mergeAttrsWithFunc is
broken (and deprecated):
nix-repl> :p mergeAttrsWithFunc concat { x = [1]; } { y = [2]; }
{ x = [ 1 ]; y = [ 2 2 ]; }
So use zipAttrsWith instead.
|
| |
|
|
|
|
|
|
|
|
|
| |
Interactive non-login shells should not source /etc/profile, otherwise
environment variables set by the user will get clobbered. For
example:
$ export PERL5LIB=/foo
$ bash
$ echo $PERL5LIB
/home/eelco/.nix-profile/lib/perl5/site_perl:/nix/var/nix/profiles/default/lib/perl5/site_perl:/run/current-system/sw/lib/perl5/site_perl:/home/eelco/.nix-profile/lib/perl5/site_perl:/nix/var/nix/profiles/default/lib/perl5/site_perl:/run/current-system/sw/lib/perl5/site_perl
|
| |
|
|
| |
This makes OpenCL work with Nvidia cards (tested with darktable).
|
| |
|
|
| |
Signed-off-by: Shea Levy <shea@shealevy.com>
|
| |
|
|
| |
Signed-off-by: Shea Levy <shea@shealevy.com>
|
| | |
|
| |
|
|
|
| |
/etc/environment, if it exists, should be a list of NAME=VALUE pairs,
not a shell script. See the pam_env manpage.
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
I tested the previous "version" and found my environment to be exactly the same.
Let's start discussing possible extensions/improvements somewhere else. For now it's a nice improvement.
|
| | |
| |
| |
| | |
shell.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
possible not to use Bash as the default interactive shell.
This change does two things:
* "NixOSizes" environment variables generation. This allows some more
error-checking and opens possibilities for a modular environment
configuration. From now on the most of environment variables are
generated directly by the nix code. Generating sh code that
generates environment variables is left in a few places where
nontrivial access to a local environment state is needed.
* By doing the first change this patch untangles bash from the
environment configuration and makes it trivial to add a support for
other non bash-compatible shells.
Now to the sad part. This change is quite large (and I'm not sure it's
possible to split it) and yet is not quite complete, it needs some
changes to nixpkgs to be perfect.
See !!! comments in modules/config/shells-environment.nix.
Main principle behind this change is "change environment generation
and nothing else". In particular, shell configuration principles stay
exactly the same as before.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
This didn't work reliably because it raced with the remounting of /.
So if you were unlucky, then / was read-only by the time we ran
"alsactl store". Now the sound card state is saved before anything is
unmounted/remounted.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The services systemd-random-seed-save.service and
systemd-update-utmp-shutdown.service from systemd 203 don't work,
because they have a RequiresMountFor dependency on /var/lib and
/var/log. Such a dependency produces a cycle, causing systemd to drop
those services:
Fixing conflicting jobs by deleting job poweroff.target/stop
Deleting job systemd-poweroff.service/stop as dependency of job poweroff.target/stop
Deleting job umount.target/stop as dependency of job systemd-poweroff.service/stop
Deleting job -.mount/start as dependency of job umount.target/stop
Deleting job systemd-random-seed-save.service/start as dependency of job -.mount/start
Deleting job systemd-update-utmp-shutdown.service/start as dependency of job -.mount/start
Dropping the RequiresMountFor doesn't work either, because then
/var/... may have meen unmounted or remounted read-only.
Upstream systemd fixes this by doing the actual work from an ExecStop
action in an already-running service than conflicts with
shutdown.target. So I backported that here. The main consequence is
that wtmp shutdown records now get written properly.
The main lesson: shutdown.target is useless for pulling in services
during shutdown if they need to write anywhere.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
So that a search for "bitcoin" in the configuration.nix(5) man page
yields a hit.
|
| |\ \
| | |
| | | |
bind: allow forwarders to differ from nameservers
|
| | | | |
|
| | |/
|/| |
|
| | | |
|
| |/
|
|
| |
hard-coded in the daemon
|
| |
|
|
| |
binary cache on https. Did not add to nix.envVars to avoid being added to shellInit.
|
| |
|
|
|
|
|
|
|
| |
You can now do a fast reboot (bypassing the BIOS, which may take
several minutes on servers) by running ‘systemctl kexec’.
Unfortunately the QEMU test for this is unreliable due to a QEMU bug
(it randomly crashes with a message like ‘Guest moved used index from
8 to 0’), so it's commented out.
|
| |
|
|
|
|
|
| |
Nix 1.6 doesn't run the copy-from-other-stores substituter by default
anymore, so turn it on explicitly.
http://hydra.nixos.org/build/6144173
|
| |
|
|
|
|
|
| |
Testing this is useful in any case, but it's necessary now because Nix
1.6 doesn't check the binary cache for fetchurl output anymore.
http://hydra.nixos.org/build/6144188
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Aspell can only handle one dict-dir directive and currently we hardocde
that to
ASPELL_CONF="dict-dir $HOME/.nix-profile/lib/aspell"
This means that aspell doesn't work if it is installed to the system or
default nix profile -- it only works in the user profile.
With this change, aspell can be installed to any of the nix profiles. If
it is installed in more than one profile, the most "local" profile wins
(i.e. sysadmin can set up a default, users can override it).
|
| |
|
|
|
|
|
| |
This reduces code duplication, but more importantly means that the
DRI modules can be found by X enabling hardware acceleration.
Close #249; the PR also refers to more about DRI modules.
|
| |
|
|
|
| |
The default uid 666 exceeds SYS_UID_MAX (499), so it might not be available
anyway.
|
| |
|
|
|
|
| |
systemd style
Thanks, Eelco, for pointing this out.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set "networking.tcpcrypt.enable = true;" to enable opportunistic TCP encryption
based on the user-space tools available from <http://tcpcrypt.org>.
Network attackers come in two varieties: passive and active (man-in-the-middle).
Passive attacks are much simpler to execute because they just require listening
on the network. Active attacks are much harder as they require listening and
modifying network traffic, often requiring very precise timing that can make
some attacks impractical.
Opportunistic encryption cannot protect against active attackers, but it *does*
protect against passive attackers. Furthermore, Tcpcrypt is powerful enough to
stop active attacks, too, if the application using it performs authentication.
A complete description of the protocol extension can be found at
<http://tools.ietf.org/html/draft-bittau-tcp-crypt-00>.
|
| | |
|
| |
|
|
| |
This makes upgrading from Linux 3.2 to 3.4 a bit nicer.
|
| |\
| |
| | |
Add services.samba.nsswins option
|
| |/
|
|
|
| |
This option allows for seamless WINS/NetBIOS name lookup, using
nsswitch.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
I.e., modules that use "require = [options]". Nowadays that should be
written as
{
options = { ... };
config = { ... };
};
Also, use "imports" instead of "require" in places where we actually
import another module.
|
| | |
|
| |
|
|
|
|
|
|
| |
Previously, the zfs binaries were put in $out/sbin where the stage-1
patchelf wouldn't fix them up. This would fail the allowedReferences
test.
Move the zfs binaries to $out/bin.
|
| |\
| |
| | |
Fix typo and incorrect package name
|
| | | |
|