summary refs log tree commit diff
diff options
context:
space:
mode:
authorajs124 <git@ajs124.de>2022-08-11 02:35:29 +0200
committerajs124 <git@ajs124.de>2022-08-11 02:47:34 +0200
commitf7637100655127dffbe14011b45be6a71f0e203d (patch)
tree0023c0449ee55a9642de4ee9002b96c5407a3705
parentc84078f7dde0f0d7aa25daebd6d238e0b9ce11f1 (diff)
downloadnixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar.gz
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar.bz2
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar.lz
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar.xz
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.tar.zst
nixpkgs-f7637100655127dffbe14011b45be6a71f0e203d.zip
nixos/udisks2: don't enable by default
This was enabled by default in 18a7ce76fcf80389bc8db2dd3e961a74637b5162
with the reason that it would be "useful regardless of the desktop
environment.", which I'm not arguing against.

The reason why this should not be enabled by default is that there are a
lot of systems that NixOS runs on that are not desktop systems.
Users on such systems most likely do not want or need this feature and
could even consider this an antifeature.
Furthermore, it is surprising to them to find out that they have this
enabled on their systems.
They might be even more surprised to find that they have polkit enabled
by default, which was a default that was flipped in
a813be071ceed15b9238373bd751ee99e2470357. For some discussion as to why
see https://github.com/NixOS/nixpkgs/pull/156858.

Evidently, this default is not only surprising to users, but also module
developers, as most if not all modules for desktop environments already
explicity set services.udisks2.enable = true; which they don't need to
right now.
Diffstat
-rw-r--r--nixos/doc/manual/from_md/release-notes/rl-2211.section.xml12
-rw-r--r--nixos/doc/manual/release-notes/rl-2211.section.md3
-rw-r--r--nixos/modules/services/hardware/udisks2.nix9
-rw-r--r--nixos/modules/virtualisation/container-config.nix1
4 files changed, 16 insertions, 9 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index 5d09d3a93aa..aaa85138dfa 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -394,6 +394,18 @@
       </listitem>
       <listitem>
         <para>
+          The udisks2 service, available at
+          <literal>services.udisks2.enable</literal>, is now disabled by
+          default. It will automatically be enabled through services and
+          desktop environments as needed. This also means that polkit
+          will now actually be disabled by default. The default for
+          <literal>security.polkit.enable</literal> was already flipped
+          in the previous release, but udisks2 being enabled by default
+          re-enabled it.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
           Add udev rules for the Teensy family of microcontrollers.
         </para>
       </listitem>
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md
index f37d7d827bd..e1253d46190 100644
--- a/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -145,6 +145,9 @@ Use `configure.packages` instead.
 
 - memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
 
+- The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed.
+  This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it.
+
 - Add udev rules for the Teensy family of microcontrollers.
 
 - The `pass-secret-service` package now includes systemd units from upstream, so adding it to the NixOS `services.dbus.packages` option will make it start automatically as a systemd user service when an application tries to talk to the libsecret D-Bus API.
diff --git a/nixos/modules/services/hardware/udisks2.nix b/nixos/modules/services/hardware/udisks2.nix
index f9b5afceac3..988e975d7e6 100644
--- a/nixos/modules/services/hardware/udisks2.nix
+++ b/nixos/modules/services/hardware/udisks2.nix
@@ -19,14 +19,7 @@ in
 
     services.udisks2 = {
 
-      enable = mkOption {
-        type = types.bool;
-        default = true;
-        description = lib.mdDoc ''
-          Whether to enable Udisks, a DBus service that allows
-          applications to query and manipulate storage devices.
-        '';
-      };
+      enable = mkEnableOption "udisks2, a DBus service that allows applications to query and manipulate storage devices.";
 
       settings = mkOption rec {
         type = types.attrsOf settingsFormat.type;
diff --git a/nixos/modules/virtualisation/container-config.nix b/nixos/modules/virtualisation/container-config.nix
index 0966ef84827..94f28ea80d0 100644
--- a/nixos/modules/virtualisation/container-config.nix
+++ b/nixos/modules/virtualisation/container-config.nix
@@ -8,7 +8,6 @@ with lib;
 
     # Disable some features that are not useful in a container.
     nix.optimise.automatic = mkDefault false; # the store is host managed
-    services.udisks2.enable = mkDefault false;
     powerManagement.enable = mkDefault false;
     documentation.nixos.enable = mkDefault false;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-17 22:44:48 +0000