diff options
26 files changed, 1351 insertions, 4 deletions
diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch new file mode 100644 index 00000000000..173f41a44c9 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -0,0 +1,32 @@ +From a6c9317a905ef478b8e0d3dad263990feb5d11cb Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Tue, 8 Jan 2013 15:46:30 +0100 +Subject: [PATCH 01/27] Start device units for uninitialised encrypted devices + +This is necessary because the NixOS service that initialises the +filesystem depends on the appearance of the device unit. Also, this +makes more sense to me: the device is ready; it's the filesystem +that's not, but taking care of that is the responsibility of the mount +unit. (However, this ignores the fsck unit, so it's not perfect...) +--- + rules/99-systemd.rules.in | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in +index c34b606216..3ab8c1c3fe 100644 +--- a/rules/99-systemd.rules.in ++++ b/rules/99-systemd.rules.in +@@ -17,10 +17,6 @@ SUBSYSTEM=="ubi", TAG+="systemd" + SUBSYSTEM=="block", TAG+="systemd" + SUBSYSTEM=="block", ACTION=="add", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0" + +-# Ignore encrypted devices with no identified superblock on it, since +-# we are probably still calling mke2fs or mkswap on it. +-SUBSYSTEM=="block", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0" +- + # add symlink to GPT root disk + SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" + SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0002-sysinit.target-Drop-the-dependency-on-local-fs.targe.patch b/pkgs/os-specific/linux/systemd/0002-sysinit.target-Drop-the-dependency-on-local-fs.targe.patch new file mode 100644 index 00000000000..6dfd150d325 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0002-sysinit.target-Drop-the-dependency-on-local-fs.targe.patch @@ -0,0 +1,32 @@ +From 4e0c6f33ebf49a78abec28d2f4044afb5b8719af Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Tue, 8 Jan 2013 15:56:03 +0100 +Subject: [PATCH 02/27] sysinit.target: Drop the dependency on local-fs.target + and swap.target + +Having all services with DefaultDependencies=yes depend on +local-fs.target is annoying, because some of those services might be +necessary to mount local filesystems. For instance, Charon's +send-keys feature requires sshd to be running in order to receive LUKS +encryption keys, which in turn requires dhcpcd, and so on. So we drop +this dependency (and swap.target as well for consistency). If +services require a specific mount, they should use RequiresMountsFor +in any case. +--- + units/sysinit.target | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/units/sysinit.target b/units/sysinit.target +index b6c16a1412..5fe9ad0ec9 100644 +--- a/units/sysinit.target ++++ b/units/sysinit.target +@@ -11,5 +11,4 @@ + Description=System Initialization + Documentation=man:systemd.special(7) + Conflicts=emergency.service emergency.target +-Wants=local-fs.target swap.target +-After=local-fs.target swap.target emergency.service emergency.target ++After=emergency.service emergency.target +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0003-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0003-Don-t-try-to-unmount-nix-or-nix-store.patch new file mode 100644 index 00000000000..a1380a33f45 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0003-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -0,0 +1,28 @@ +From 620047803b70b941606398e77f253645058007dd Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Fri, 12 Apr 2013 13:16:57 +0200 +Subject: [PATCH 03/27] Don't try to unmount /nix or /nix/store + +They'll still be remounted read-only. + +https://github.com/NixOS/nixos/issues/126 +--- + src/shutdown/umount.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c +index 00e268855d..08f3590f2a 100644 +--- a/src/shutdown/umount.c ++++ b/src/shutdown/umount.c +@@ -373,6 +373,8 @@ static int delete_dm(dev_t devnum) { + + static bool nonunmountable_path(const char *path) { + return path_equal(path, "/") ++ || path_equal(path, "/nix") ++ || path_equal(path, "/nix/store") + #if ! HAVE_SPLIT_USR + || path_equal(path, "/usr") + #endif +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0004-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0004-Fix-NixOS-containers.patch new file mode 100644 index 00000000000..ffb139b71e1 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0004-Fix-NixOS-containers.patch @@ -0,0 +1,34 @@ +From 58c4a7b4e9d9c34b92deded6aea814738821059d Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Wed, 16 Apr 2014 10:59:28 +0200 +Subject: [PATCH 04/27] Fix NixOS containers + +In NixOS containers, the init script is bind-mounted into the +container, so checking early whether it exists will fail. +--- + src/nspawn/nspawn.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c +index 5d9290b1cf..26615901c3 100644 +--- a/src/nspawn/nspawn.c ++++ b/src/nspawn/nspawn.c +@@ -4924,6 +4924,7 @@ static int run(int argc, char *argv[]) { + goto finish; + } + } else { ++#if 0 + const char *p, *q; + + if (arg_pivot_root_new) +@@ -4938,6 +4939,7 @@ static int run(int argc, char *argv[]) { + r = -EINVAL; + goto finish; + } ++#endif + } + + } else { +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0005-kmod-static-nodes.service-Don-t-require-lib-modules.patch b/pkgs/os-specific/linux/systemd/0005-kmod-static-nodes.service-Don-t-require-lib-modules.patch new file mode 100644 index 00000000000..6d4f39ea4a3 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0005-kmod-static-nodes.service-Don-t-require-lib-modules.patch @@ -0,0 +1,24 @@ +From 18863cea3bdfad5f8b0581478ce4a39ede53b9d4 Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Thu, 17 Apr 2014 13:54:29 +0200 +Subject: [PATCH 05/27] kmod-static-nodes.service: Don't require /lib/modules + +--- + units/kmod-static-nodes.service.in | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in +index 0971edf9ec..7d150bf3d7 100644 +--- a/units/kmod-static-nodes.service.in ++++ b/units/kmod-static-nodes.service.in +@@ -12,7 +12,6 @@ Description=Create list of static device nodes for the current kernel + DefaultDependencies=no + Before=sysinit.target systemd-tmpfiles-setup-dev.service + ConditionCapability=CAP_SYS_MODULE +-ConditionFileNotEmpty=/lib/modules/%v/modules.devname + + [Service] + Type=oneshot +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0006-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0006-Look-for-fsck-in-the-right-place.patch new file mode 100644 index 00000000000..5972b646867 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0006-Look-for-fsck-in-the-right-place.patch @@ -0,0 +1,25 @@ +From c841ffab8fb6174b51382b9d4334f78c74018730 Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Thu, 1 May 2014 14:10:10 +0200 +Subject: [PATCH 06/27] Look for fsck in the right place + +--- + src/fsck/fsck.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c +index 55e6544d31..3626aadda7 100644 +--- a/src/fsck/fsck.c ++++ b/src/fsck/fsck.c +@@ -371,7 +371,7 @@ static int run(int argc, char *argv[]) { + } else + dash_c[0] = 0; + +- cmdline[i++] = "/sbin/fsck"; ++ cmdline[i++] = "/run/current-system/sw/bin/fsck"; + cmdline[i++] = arg_repair; + cmdline[i++] = "-T"; + +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0007-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0007-Add-some-NixOS-specific-unit-directories.patch new file mode 100644 index 00000000000..7d537197fae --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0007-Add-some-NixOS-specific-unit-directories.patch @@ -0,0 +1,107 @@ +From 8c0be07ccbad35d0c1106015057996aa55b9a1f9 Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Fri, 19 Dec 2014 14:46:17 +0100 +Subject: [PATCH 07/27] Add some NixOS-specific unit directories + +Look in /nix/var/nix/profiles/default/lib/systemd for units provided +by packages in the default (system-wide) profile, and in +/etc/systemd-mutable/system for persistent, mutable units (not +recommended). + +Also, remove /usr and /lib as these don't exist on NixOS. +--- + src/core/systemd.pc.in | 4 ++-- + src/shared/path-lookup.c | 18 +++++------------- + 2 files changed, 7 insertions(+), 15 deletions(-) + +diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in +index 5d1ddd7620..21b977d6fc 100644 +--- a/src/core/systemd.pc.in ++++ b/src/core/systemd.pc.in +@@ -17,8 +17,8 @@ systemduserunitdir=${prefix}/lib/systemd/user + systemduserpresetdir=${prefix}/lib/systemd/user-preset + systemdsystemconfdir=${sysconfdir}/systemd/system + systemduserconfdir=${sysconfdir}/systemd/user +-systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system +-systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user ++systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} ++systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} + systemdsystemgeneratordir=${rootprefix}/lib/systemd/system-generators + systemdusergeneratordir=${prefix}/lib/systemd/user-generators + systemdsleepdir=${rootprefix}/lib/systemd/system-sleep +diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c +index 6bf0ff0316..2b6324ad8c 100644 +--- a/src/shared/path-lookup.c ++++ b/src/shared/path-lookup.c +@@ -99,17 +99,14 @@ int xdg_user_data_dir(char **ret, const char *suffix) { + } + + static const char* const user_data_unit_paths[] = { +- "/usr/local/lib/systemd/user", +- "/usr/local/share/systemd/user", + USER_DATA_UNIT_PATH, +- "/usr/lib/systemd/user", +- "/usr/share/systemd/user", + NULL + }; + + static const char* const user_config_unit_paths[] = { + USER_CONFIG_UNIT_PATH, + "/etc/systemd/user", ++ "/etc/systemd-mutable/user", + NULL + }; + +@@ -604,15 +601,14 @@ int lookup_paths_init( + persistent_config, + SYSTEM_CONFIG_UNIT_PATH, + "/etc/systemd/system", ++ "/etc/systemd-mutable/system", ++ "/nix/var/nix/profiles/default/lib/systemd/system", + STRV_IFNOTNULL(persistent_attached), + runtime_config, + "/run/systemd/system", + STRV_IFNOTNULL(runtime_attached), + STRV_IFNOTNULL(generator), +- "/usr/local/lib/systemd/system", + SYSTEM_DATA_UNIT_PATH, +- "/usr/lib/systemd/system", +- STRV_IFNOTNULL(flags & LOOKUP_PATHS_SPLIT_USR ? "/lib/systemd/system" : NULL), + STRV_IFNOTNULL(generator_late)); + break; + +@@ -628,14 +624,12 @@ int lookup_paths_init( + persistent_config, + USER_CONFIG_UNIT_PATH, + "/etc/systemd/user", ++ "/etc/systemd-mutable/user", ++ "/nix/var/nix/profiles/default/lib/systemd/user", + runtime_config, + "/run/systemd/user", + STRV_IFNOTNULL(generator), +- "/usr/local/share/systemd/user", +- "/usr/share/systemd/user", +- "/usr/local/lib/systemd/user", + USER_DATA_UNIT_PATH, +- "/usr/lib/systemd/user", + STRV_IFNOTNULL(generator_late)); + break; + +@@ -824,14 +818,12 @@ char **generator_binary_paths(UnitFileScope scope) { + case UNIT_FILE_SYSTEM: + return strv_new("/run/systemd/system-generators", + "/etc/systemd/system-generators", +- "/usr/local/lib/systemd/system-generators", + SYSTEM_GENERATOR_PATH); + + case UNIT_FILE_GLOBAL: + case UNIT_FILE_USER: + return strv_new("/run/systemd/user-generators", + "/etc/systemd/user-generators", +- "/usr/local/lib/systemd/user-generators", + USER_GENERATOR_PATH); + + default: +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0008-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0008-Don-t-try-to-unmount-nix-or-nix-store.patch new file mode 100644 index 00000000000..b858f3f7a45 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0008-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -0,0 +1,53 @@ +From 5b2eafc51fa2d98f03fd341176d9a7accc0259ae Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Mon, 11 May 2015 15:30:46 +0200 +Subject: [PATCH 08/27] Don't try to unmount /nix or /nix/store + +33f458625f2a9d201263bd1b81b1c56f4a077e80 wasn't enough. +--- + src/core/mount.c | 22 +++++++++++++++++----- + 1 file changed, 17 insertions(+), 5 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 959b8fbed2..5e4c4a9767 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -409,7 +409,9 @@ static bool mount_is_extrinsic(Mount *m) { + + if (PATH_IN_SET(m->where, /* Don't bother with the OS data itself */ + "/", +- "/usr")) ++ "/usr", ++ "/nix/", ++ "/nix/store")) + return true; + + if (PATH_STARTSWITH_SET(m->where, +@@ -439,10 +441,20 @@ static int mount_add_default_dependencies(Mount *m) { + if (!UNIT(m)->default_dependencies) + return 0; + +- /* We do not add any default dependencies to /, /usr or /run/initramfs/, since they are guaranteed to stay +- * mounted the whole time, since our system is on it. Also, don't bother with anything mounted below virtual +- * file systems, it's also going to be virtual, and hence not worth the effort. */ +- if (mount_is_extrinsic(m)) ++ if (!MANAGER_IS_SYSTEM(UNIT(m)->manager)) ++ return 0; ++ ++ /* We do not add any default dependencies to /, /usr or ++ * /run/initramfs/, since they are guaranteed to stay ++ * mounted the whole time, since our system is on it. ++ * Also, don't bother with anything mounted below virtual ++ * file systems, it's also going to be virtual, and hence ++ * not worth the effort. */ ++ if (PATH_IN_SET(m->where, "/", "/usr", "/nix", "/nix/store") || ++ path_startswith(m->where, "/run/initramfs") || ++ path_startswith(m->where, "/proc") || ++ path_startswith(m->where, "/sys") || ++ path_startswith(m->where, "/dev")) + return 0; + + p = get_mount_parameters(m); +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0009-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0009-Get-rid-of-a-useless-message-in-user-sessions.patch new file mode 100644 index 00000000000..c15b8a2a9e1 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0009-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -0,0 +1,31 @@ +From 99c86daa5244d45a19f75f6ce92bd4255edef420 Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Mon, 11 May 2015 15:39:38 +0200 +Subject: [PATCH 09/27] Get rid of a useless message in user sessions + +Namely lots of variants of + + Unit nix-var-nix-db.mount is bound to inactive unit dev-disk-by\x2dlabel-nixos.device. Stopping, too. + +in containers. +--- + src/core/unit.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index a1dc76aa6a..07670af8e2 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -2045,7 +2045,8 @@ static void unit_check_binds_to(Unit *u) { + } + + assert(other); +- log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id); ++ if (u->type != UNIT_MOUNT || detect_container() <= 0) ++ log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id); + + /* A unit we need to run is gone. Sniff. Let's stop this. */ + r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL); +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0010-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0010-hostnamed-localed-timedated-disable-methods-that-cha.patch new file mode 100644 index 00000000000..635da4634a8 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0010-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -0,0 +1,118 @@ +From cec1430f72edfedb951fe34e87765ef422ea9843 Mon Sep 17 00:00:00 2001 +From: Gabriel Ebner <gebner@gebner.org> +Date: Sun, 6 Dec 2015 14:26:36 +0100 +Subject: [PATCH 10/27] hostnamed, localed, timedated: disable methods that + change system settings. + +--- + src/hostname/hostnamed.c | 9 +++++++++ + src/locale/localed.c | 9 +++++++++ + src/timedate/timedated.c | 10 ++++++++++ + 3 files changed, 28 insertions(+) + +diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c +index 9e4f4fb59e..141b8acc08 100644 +--- a/src/hostname/hostnamed.c ++++ b/src/hostname/hostnamed.c +@@ -423,6 +423,9 @@ static int method_set_hostname(sd_bus_message *m, void *userdata, sd_bus_error * + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + if (isempty(name)) + name = c->data[PROP_STATIC_HOSTNAME]; + +@@ -479,6 +482,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + name = empty_to_null(name); + + if (streq_ptr(name, c->data[PROP_STATIC_HOSTNAME])) +@@ -536,6 +542,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + name = empty_to_null(name); + + if (streq_ptr(name, c->data[prop])) +diff --git a/src/locale/localed.c b/src/locale/localed.c +index 8d0eec96a5..0b1c1d664e 100644 +--- a/src/locale/localed.c ++++ b/src/locale/localed.c +@@ -276,6 +276,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + /* If single locale without variable name is provided, then we assume it is LANG=. */ + if (strv_length(l) == 1 && !strchr(*l, '=')) { + if (!locale_is_valid(*l)) +@@ -411,6 +414,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + keymap = empty_to_null(keymap); + keymap_toggle = empty_to_null(keymap_toggle); + +@@ -587,6 +593,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + layout = empty_to_null(layout); + model = empty_to_null(model); + variant = empty_to_null(variant); +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index 6c94b23de4..fa20d22cde 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -653,6 +653,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error * + if (r < 0) + return r; + ++ if (getenv("NIXOS_STATIC_TIMEZONE")) ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing timezone via systemd is not supported when it is set in NixOS configuration."); ++ + if (!timezone_is_valid(z, LOG_DEBUG)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid or not installed time zone '%s'", z); + +@@ -732,6 +736,9 @@ static int method_set_local_rtc(sd_bus_message *m, void *userdata, sd_bus_error + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + if (lrtc == c->local_rtc) + return sd_bus_reply_method_return(m, NULL); + +@@ -924,6 +931,9 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error + if (r < 0) + return r; + ++ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, ++ "Changing system settings via systemd is not supported on NixOS."); ++ + r = context_update_ntp_status(c, bus, m); + if (r < 0) + return r; +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0011-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0011-Fix-hwdb-paths.patch new file mode 100644 index 00000000000..624811f5ea3 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0011-Fix-hwdb-paths.patch @@ -0,0 +1,32 @@ +From 0f434c6baee63eff913f36aee839df3718a75d4a Mon Sep 17 00:00:00 2001 +From: Nikolay Amiantov <ab@fmap.me> +Date: Thu, 7 Jul 2016 02:47:13 +0300 +Subject: [PATCH 11/27] Fix hwdb paths + +Patch by vcunat. +--- + src/libsystemd/sd-hwdb/sd-hwdb.c | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/src/libsystemd/sd-hwdb/sd-hwdb.c b/src/libsystemd/sd-hwdb/sd-hwdb.c +index 58124abd21..d80e408b8c 100644 +--- a/src/libsystemd/sd-hwdb/sd-hwdb.c ++++ b/src/libsystemd/sd-hwdb/sd-hwdb.c +@@ -298,13 +298,8 @@ static int trie_search_f(sd_hwdb *hwdb, const char *search) { + } + + static const char hwdb_bin_paths[] = +- "/etc/systemd/hwdb/hwdb.bin\0" + "/etc/udev/hwdb.bin\0" +- "/usr/lib/systemd/hwdb/hwdb.bin\0" +-#if HAVE_SPLIT_USR +- "/lib/systemd/hwdb/hwdb.bin\0" +-#endif +- UDEVLIBEXECDIR "/hwdb.bin\0"; ++ ; + + _public_ int sd_hwdb_new(sd_hwdb **ret) { + _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL; +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0012-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0012-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch new file mode 100644 index 00000000000..0b14eb7a58b --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0012-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -0,0 +1,116 @@ +From 76f3fba3031d74647855ce0da2d4e317016cb7d6 Mon Sep 17 00:00:00 2001 +From: Nikolay Amiantov <ab@fmap.me> +Date: Tue, 11 Oct 2016 13:12:08 +0300 +Subject: [PATCH 12/27] Change /usr/share/zoneinfo to /etc/zoneinfo + +NixOS uses this path. +--- + man/localtime.xml | 4 ++-- + src/basic/time-util.c | 6 +++--- + src/firstboot/firstboot.c | 2 +- + src/timedate/timedated.c | 8 ++++---- + 4 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/man/localtime.xml b/man/localtime.xml +index 0f1652ee2e..71c4f95c2e 100644 +--- a/man/localtime.xml ++++ b/man/localtime.xml +@@ -20,7 +20,7 @@ + </refnamediv> + + <refsynopsisdiv> +- <para><filename>/etc/localtime</filename> -> <filename>../usr/share/zoneinfo/…</filename></para> ++ <para><filename>/etc/localtime</filename> -> <filename>zoneinfo/…</filename></para> + </refsynopsisdiv> + + <refsect1> +@@ -30,7 +30,7 @@ + system-wide timezone of the local system that is used by + applications for presentation to the user. It should be an + absolute or relative symbolic link pointing to +- <filename>/usr/share/zoneinfo/</filename>, followed by a timezone ++ <filename>/etc/zoneinfo/</filename>, followed by a timezone + identifier such as <literal>Europe/Berlin</literal> or + <literal>Etc/UTC</literal>. The resulting link should lead to the + corresponding binary +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index e14ae8f2f7..a8a3488be1 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -1215,7 +1215,7 @@ int get_timezones(char ***ret) { + n_allocated = 2; + n_zones = 1; + +- f = fopen("/usr/share/zoneinfo/zone1970.tab", "re"); ++ f = fopen("/etc/zoneinfo/zone1970.tab", "re"); + if (f) { + for (;;) { + _cleanup_free_ char *line = NULL; +@@ -1310,7 +1310,7 @@ bool timezone_is_valid(const char *name, int log_level) { + if (p - name >= PATH_MAX) + return false; + +- t = strjoina("/usr/share/zoneinfo/", name); ++ t = strjoina("/etc/zoneinfo/", name); + + fd = open(t, O_RDONLY|O_CLOEXEC); + if (fd < 0) { +@@ -1408,7 +1408,7 @@ int get_timezone(char **ret) { + if (r < 0) + return r; /* returns EINVAL if not a symlink */ + +- e = PATH_STARTSWITH_SET(t, "/usr/share/zoneinfo/", "../usr/share/zoneinfo/"); ++ e = PATH_STARTSWITH_SET(t, "/etc/zoneinfo/", "../etc/zoneinfo/"); + if (!e) + return -EINVAL; + +diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c +index 528e6452cf..c712ca9072 100644 +--- a/src/firstboot/firstboot.c ++++ b/src/firstboot/firstboot.c +@@ -443,7 +443,7 @@ static int process_timezone(void) { + if (isempty(arg_timezone)) + return 0; + +- e = strjoina("../usr/share/zoneinfo/", arg_timezone); ++ e = strjoina("zoneinfo/", arg_timezone); + + (void) mkdir_parents(etc_localtime, 0755); + if (symlink(e, etc_localtime) < 0) +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index fa20d22cde..8e6dbe1efb 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -265,7 +265,7 @@ static int context_read_data(Context *c) { + + r = get_timezone(&t); + if (r == -EINVAL) +- log_warning_errno(r, "/etc/localtime should be a symbolic link to a time zone data file in /usr/share/zoneinfo/."); ++ log_warning_errno(r, "/etc/localtime should be a symbolic link to a time zone data file in /etc/zoneinfo/."); + else if (r < 0) + log_warning_errno(r, "Failed to get target of /etc/localtime: %m"); + +@@ -289,7 +289,7 @@ static int context_write_data_timezone(Context *c) { + + if (isempty(c->zone) || streq(c->zone, "UTC")) { + +- if (access("/usr/share/zoneinfo/UTC", F_OK) < 0) { ++ if (access("/etc/zoneinfo/UTC", F_OK) < 0) { + + if (unlink("/etc/localtime") < 0 && errno != ENOENT) + return -errno; +@@ -297,9 +297,9 @@ static int context_write_data_timezone(Context *c) { + return 0; + } + +- source = "../usr/share/zoneinfo/UTC"; ++ source = "zoneinfo/UTC"; + } else { +- p = path_join("../usr/share/zoneinfo", c->zone); ++ p = path_join("zoneinfo", c->zone); + if (!p) + return -ENOMEM; + +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0013-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0013-localectl-use-etc-X11-xkb-for-list-x11.patch new file mode 100644 index 00000000000..309ae70881a --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0013-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -0,0 +1,27 @@ +From 5365ffbfba2de03628e8bbb6cc0bc022272436a1 Mon Sep 17 00:00:00 2001 +From: Imuli <i@imu.li> +Date: Wed, 19 Oct 2016 08:46:47 -0400 +Subject: [PATCH 13/27] localectl: use /etc/X11/xkb for list-x11-* + +NixOS has an option to link the xkb data files to /etc/X11, but not to +/usr/share/X11. +--- + src/locale/localectl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/locale/localectl.c b/src/locale/localectl.c +index 9fb5152110..9554c2cf76 100644 +--- a/src/locale/localectl.c ++++ b/src/locale/localectl.c +@@ -287,7 +287,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { + } state = NONE, look_for; + int r; + +- f = fopen("/usr/share/X11/xkb/rules/base.lst", "re"); ++ f = fopen("/etc/X11/xkb/rules/base.lst", "re"); + if (!f) + return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); + +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0014-catalog-don-t-update-on-install.patch b/pkgs/os-specific/linux/systemd/0014-catalog-don-t-update-on-install.patch new file mode 100644 index 00000000000..4f9f08413e2 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0014-catalog-don-t-update-on-install.patch @@ -0,0 +1,24 @@ +From 8e7aec49a387d8229b85cfc3ea2f2c1c9a45f6d0 Mon Sep 17 00:00:00 2001 +From: Franz Pletz <fpletz@fnordicwalking.de> +Date: Wed, 17 Jan 2018 05:10:36 +0100 +Subject: [PATCH 14/27] catalog: don't update on install + +--- + catalog/meson.build | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/catalog/meson.build b/catalog/meson.build +index 3db8e390f2..7004618750 100644 +--- a/catalog/meson.build ++++ b/catalog/meson.build +@@ -28,7 +28,3 @@ foreach file : in_files + install : true, + install_dir : catalogdir) + endforeach +- +-meson.add_install_script('sh', '-c', +- 'test -n "$DESTDIR" || @0@/journalctl --update-catalog' +- .format(rootbindir)) +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0015-hwdb-don-t-run-update-on-install.patch b/pkgs/os-specific/linux/systemd/0015-hwdb-don-t-run-update-on-install.patch new file mode 100644 index 00000000000..bf416d90d86 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0015-hwdb-don-t-run-update-on-install.patch @@ -0,0 +1,27 @@ +From 8a383521425d7a59e9b1850d1547d47fa5e8a952 Mon Sep 17 00:00:00 2001 +From: Franz Pletz <fpletz@fnordicwalking.de> +Date: Sun, 11 Feb 2018 04:01:35 +0100 +Subject: [PATCH 15/27] hwdb: don't run update on install + +--- + hwdb/meson.build | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/hwdb/meson.build b/hwdb/meson.build +index 31ee3e7409..badf39f555 100644 +--- a/hwdb/meson.build ++++ b/hwdb/meson.build +@@ -27,10 +27,6 @@ if conf.get('ENABLE_HWDB') == 1 + + meson.add_install_script('sh', '-c', + mkdir_p.format(join_paths(sysconfdir, 'udev/hwdb.d'))) +- +- meson.add_install_script('sh', '-c', +- 'test -n "$DESTDIR" || @0@/systemd-hwdb update' +- .format(rootbindir)) + endif + + ############################################################ +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0016-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0016-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch new file mode 100644 index 00000000000..ed1187473be --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0016-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -0,0 +1,26 @@ +From 1408762890aba25e58598d1e4dfa17ed2b75de26 Mon Sep 17 00:00:00 2001 +From: Franz Pletz <fpletz@fnordicwalking.de> +Date: Sun, 11 Feb 2018 04:37:44 +0100 +Subject: [PATCH 16/27] build: don't create statedir and don't touch prefixdir + +--- + meson.build | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/meson.build b/meson.build +index 8ccc947e37..263cc7189a 100644 +--- a/meson.build ++++ b/meson.build +@@ -2944,9 +2944,6 @@ install_data('LICENSE.GPL2', + 'src/libsystemd/sd-bus/GVARIANT-SERIALIZATION', + install_dir : docdir) + +-meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) +-meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) +- + ############################################################ + + meson_check_help = find_program('tools/meson-check-help.sh') +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0017-Fix-mount-option-x-initrd.mount-handling-35268-16.patch b/pkgs/os-specific/linux/systemd/0017-Fix-mount-option-x-initrd.mount-handling-35268-16.patch new file mode 100644 index 00000000000..f4508baae31 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0017-Fix-mount-option-x-initrd.mount-handling-35268-16.patch @@ -0,0 +1,42 @@ +From 39ba82b29fff844f82e745ed7785cbfb397c2908 Mon Sep 17 00:00:00 2001 +From: Timofei Kushnir <timophey@rdp.ru> +Date: Fri, 2 Mar 2018 13:02:53 +0300 +Subject: [PATCH 17/27] Fix mount option `x-initrd.mount` handling (#35268) + (#16) + +--- + src/core/mount.c | 18 ++++-------------- + 1 file changed, 4 insertions(+), 14 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 5e4c4a9767..6bc3569550 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -441,20 +441,10 @@ static int mount_add_default_dependencies(Mount *m) { + if (!UNIT(m)->default_dependencies) + return 0; + +- if (!MANAGER_IS_SYSTEM(UNIT(m)->manager)) +- return 0; +- +- /* We do not add any default dependencies to /, /usr or +- * /run/initramfs/, since they are guaranteed to stay +- * mounted the whole time, since our system is on it. +- * Also, don't bother with anything mounted below virtual +- * file systems, it's also going to be virtual, and hence +- * not worth the effort. */ +- if (PATH_IN_SET(m->where, "/", "/usr", "/nix", "/nix/store") || +- path_startswith(m->where, "/run/initramfs") || +- path_startswith(m->where, "/proc") || +- path_startswith(m->where, "/sys") || +- path_startswith(m->where, "/dev")) ++ /* We do not add any default dependencies to /, /usr or /run/initramfs/, since they are guaranteed to stay ++ * mounted the whole time, since our system is on it. Also, don't bother with anything mounted below virtual ++ * file systems, it's also going to be virtual, and hence not worth the effort. */ ++ if (mount_is_extrinsic(m)) + return 0; + + p = get_mount_parameters(m); +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0018-Install-default-configuration-into-out-share-factory.patch b/pkgs/os-specific/linux/systemd/0018-Install-default-configuration-into-out-share-factory.patch new file mode 100644 index 00000000000..980d9f35461 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0018-Install-default-configuration-into-out-share-factory.patch @@ -0,0 +1,313 @@ +From a087cb535b2d3c7a5d989b5aabc0a257369e9f9d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Mon, 26 Feb 2018 14:25:57 +0000 +Subject: [PATCH 18/27] Install default configuration into $out/share/factory + +By default systemd should read all its configuration from /etc. Therefor +we rely on -Dsysconfdir=/etc in meson as default value. Unfortunately +this would also lead to installation of systemd's own configuration +files to `/etc` whereas we are limited to /nix/store. To counter that +this commit introduces two new configuration variables `factoryconfdir` +and `factorypkgconfdir` to install systemd's own configuration into nix +store again, while having executables looking up files in /etc. +--- + hwdb/meson.build | 2 +- + meson.build | 11 +++++++---- + network/meson.build | 2 +- + src/core/meson.build | 10 +++++----- + src/coredump/meson.build | 2 +- + src/journal-remote/meson.build | 4 ++-- + src/journal/meson.build | 2 +- + src/kernel-install/meson.build | 2 +- + src/login/meson.build | 2 +- + src/network/meson.build | 2 +- + src/pstore/meson.build | 2 +- + src/resolve/meson.build | 2 +- + src/timesync/meson.build | 2 +- + src/udev/meson.build | 4 ++-- + sysctl.d/meson.build | 2 +- + tmpfiles.d/meson.build | 2 +- + units/meson.build | 3 ++- + 17 files changed, 30 insertions(+), 26 deletions(-) + +diff --git a/hwdb/meson.build b/hwdb/meson.build +index badf39f555..8fd9c7639f 100644 +--- a/hwdb/meson.build ++++ b/hwdb/meson.build +@@ -26,7 +26,7 @@ if conf.get('ENABLE_HWDB') == 1 + install_dir : udevhwdbdir) + + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'udev/hwdb.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'udev/hwdb.d'))) + endif + + ############################################################ +diff --git a/meson.build b/meson.build +index 263cc7189a..7a67078208 100644 +--- a/meson.build ++++ b/meson.build +@@ -151,6 +151,9 @@ udevhwdbdir = join_paths(udevlibexecdir, 'hwdb.d') + catalogdir = join_paths(prefixdir, 'lib/systemd/catalog') + kernelinstalldir = join_paths(prefixdir, 'lib/kernel/install.d') + factorydir = join_paths(datadir, 'factory') ++factoryconfdir = join_paths(datadir, 'factory/etc') ++factorypkgconfdir = join_paths(datadir, 'factory/etc/systemd') ++factoryxinitrcdir = join_paths(datadir, 'factory/etc/X11/xinit/xinitrc.d') + bootlibdir = join_paths(prefixdir, 'lib/systemd/boot/efi') + testsdir = join_paths(prefixdir, 'lib/systemd/tests') + systemdstatedir = join_paths(localstatedir, 'lib/systemd') +@@ -2287,7 +2290,7 @@ if conf.get('ENABLE_BINFMT') == 1 + meson.add_install_script('sh', '-c', + mkdir_p.format(binfmtdir)) + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'binfmt.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'binfmt.d'))) + endif + + if conf.get('ENABLE_VCONSOLE') == 1 +@@ -2373,7 +2376,7 @@ executable('systemd-sleep', + install_dir : rootlibexecdir) + + install_data('src/sleep/sleep.conf', +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + exe = executable('systemd-sysctl', + 'src/sysctl/sysctl.c', +@@ -2685,7 +2688,7 @@ if conf.get('HAVE_KMOD') == 1 + meson.add_install_script('sh', '-c', + mkdir_p.format(modulesloaddir)) + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'modules-load.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'modules-load.d'))) + endif + + exe = executable('systemd-nspawn', +@@ -2927,7 +2930,7 @@ install_subdir('factory/etc', + install_dir : factorydir) + + install_data('xorg/50-systemd-user.sh', +- install_dir : xinitrcdir) ++ install_dir : factoryxinitrcdir) + install_data('modprobe.d/systemd.conf', + install_dir : modprobedir) + install_data('LICENSE.GPL2', +diff --git a/network/meson.build b/network/meson.build +index 59d4be1a17..72da2c16a2 100644 +--- a/network/meson.build ++++ b/network/meson.build +@@ -7,7 +7,7 @@ if conf.get('ENABLE_NETWORKD') == 1 + install_dir : networkdir) + + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'systemd/network'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'systemd/network'))) + endif + + install_data('99-default.link', +diff --git a/src/core/meson.build b/src/core/meson.build +index df3aa5c6c1..305f67a80a 100644 +--- a/src/core/meson.build ++++ b/src/core/meson.build +@@ -179,8 +179,8 @@ libcore = static_library( + systemd_sources = files('main.c') + + in_files = [['macros.systemd', rpmmacrosdir], +- ['system.conf', pkgsysconfdir], +- ['user.conf', pkgsysconfdir], ++ ['system.conf', factorypkgconfdir], ++ ['user.conf', factorypkgconfdir], + ['systemd.pc', pkgconfigdatadir], + ['triggers.systemd', '']] + +@@ -210,6 +210,6 @@ meson.add_install_script('sh', '-c', mkdir_p.format(systemsleepdir)) + meson.add_install_script('sh', '-c', mkdir_p.format(systemgeneratordir)) + meson.add_install_script('sh', '-c', mkdir_p.format(usergeneratordir)) + +-meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(pkgsysconfdir, 'system'))) +-meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(pkgsysconfdir, 'user'))) +-meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(sysconfdir, 'xdg/systemd'))) ++meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'system'))) ++meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'user'))) ++meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'xdg/systemd'))) +diff --git a/src/coredump/meson.build b/src/coredump/meson.build +index 7fa5942697..34c865dfa0 100644 +--- a/src/coredump/meson.build ++++ b/src/coredump/meson.build +@@ -15,7 +15,7 @@ coredumpctl_sources = files('coredumpctl.c') + + if conf.get('ENABLE_COREDUMP') == 1 + install_data('coredump.conf', +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + endif + + tests += [ +diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build +index 87b8ba6495..daff8ec967 100644 +--- a/src/journal-remote/meson.build ++++ b/src/journal-remote/meson.build +@@ -49,7 +49,7 @@ if conf.get('ENABLE_REMOTE') ==1 and conf.get('HAVE_LIBCURL') == 1 + output : 'journal-upload.conf', + configuration : substs) + install_data(journal_upload_conf, +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + endif + + if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 +@@ -58,7 +58,7 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 + output : 'journal-remote.conf', + configuration : substs) + install_data(journal_remote_conf, +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + install_data('browse.html', + install_dir : join_paths(pkgdatadir, 'gatewayd')) +diff --git a/src/journal/meson.build b/src/journal/meson.build +index 5796f77cac..75d975c260 100644 +--- a/src/journal/meson.build ++++ b/src/journal/meson.build +@@ -109,7 +109,7 @@ if conf.get('HAVE_QRENCODE') == 1 + endif + + install_data('journald.conf', +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + if get_option('create-log-dirs') + meson.add_install_script( +diff --git a/src/kernel-install/meson.build b/src/kernel-install/meson.build +index 261c3aaae4..dbc5e23513 100644 +--- a/src/kernel-install/meson.build ++++ b/src/kernel-install/meson.build +@@ -11,4 +11,4 @@ install_data('00-entry-directory.install', + install_dir : kernelinstalldir) + + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'kernel/install.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'kernel/install.d'))) +diff --git a/src/login/meson.build b/src/login/meson.build +index 0a7d3d5440..ff90149c1c 100644 +--- a/src/login/meson.build ++++ b/src/login/meson.build +@@ -75,7 +75,7 @@ if conf.get('ENABLE_LOGIND') == 1 + output : 'logind.conf', + configuration : substs) + install_data(logind_conf, +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + install_data('org.freedesktop.login1.conf', + install_dir : dbuspolicydir) +diff --git a/src/network/meson.build b/src/network/meson.build +index 6bed37a170..35f15bcaf1 100644 +--- a/src/network/meson.build ++++ b/src/network/meson.build +@@ -168,7 +168,7 @@ if conf.get('ENABLE_NETWORKD') == 1 + endif + + install_data('networkd.conf', +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + fuzzers += [ + [['src/network/fuzz-netdev-parser.c', +diff --git a/src/pstore/meson.build b/src/pstore/meson.build +index adbac24b54..e9dc88dfa2 100644 +--- a/src/pstore/meson.build ++++ b/src/pstore/meson.build +@@ -6,5 +6,5 @@ systemd_pstore_sources = files(''' + + if conf.get('ENABLE_PSTORE') == 1 + install_data('pstore.conf', +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + endif +diff --git a/src/resolve/meson.build b/src/resolve/meson.build +index 92b67b6333..ac5b9a0b0a 100644 +--- a/src/resolve/meson.build ++++ b/src/resolve/meson.build +@@ -168,7 +168,7 @@ if conf.get('ENABLE_RESOLVE') == 1 + output : 'resolved.conf', + configuration : substs) + install_data(resolved_conf, +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + + install_data('resolv.conf', + install_dir : rootlibexecdir) +diff --git a/src/timesync/meson.build b/src/timesync/meson.build +index e5c118c8db..19235df9ca 100644 +--- a/src/timesync/meson.build ++++ b/src/timesync/meson.build +@@ -27,7 +27,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1 + output : 'timesyncd.conf', + configuration : substs) + install_data(timesyncd_conf, +- install_dir : pkgsysconfdir) ++ install_dir : factorypkgconfdir) + install_data('org.freedesktop.timesync1.conf', + install_dir : dbuspolicydir) + install_data('org.freedesktop.timesync1.service', +diff --git a/src/udev/meson.build b/src/udev/meson.build +index 511fe428b9..32333efea6 100644 +--- a/src/udev/meson.build ++++ b/src/udev/meson.build +@@ -186,7 +186,7 @@ foreach prog : [['ata_id/ata_id.c'], + endforeach + + install_data('udev.conf', +- install_dir : join_paths(sysconfdir, 'udev')) ++ install_dir : join_paths(factoryconfdir, 'udev')) + + configure_file( + input : 'udev.pc.in', +@@ -195,7 +195,7 @@ configure_file( + install_dir : pkgconfigdatadir == 'no' ? '' : pkgconfigdatadir) + + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'udev/rules.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'udev/rules.d'))) + + fuzzers += [ + [['src/udev/net/fuzz-link-parser.c', +diff --git a/sysctl.d/meson.build b/sysctl.d/meson.build +index 3f072e3db7..bd9f843eba 100644 +--- a/sysctl.d/meson.build ++++ b/sysctl.d/meson.build +@@ -27,4 +27,4 @@ foreach file : in_files + endforeach + + meson.add_install_script('sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'sysctl.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'sysctl.d'))) +diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build +index e77f46d06b..04d2ef621d 100644 +--- a/tmpfiles.d/meson.build ++++ b/tmpfiles.d/meson.build +@@ -57,5 +57,5 @@ endforeach + if enable_tmpfiles + meson.add_install_script( + 'sh', '-c', +- mkdir_p.format(join_paths(sysconfdir, 'tmpfiles.d'))) ++ mkdir_p.format(join_paths(factoryconfdir, 'tmpfiles.d'))) + endif +diff --git a/units/meson.build b/units/meson.build +index 476991edba..3d9dc6e1c8 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -308,7 +308,7 @@ install_data('user-.slice.d/10-defaults.conf', + + meson.add_install_script(meson_make_symlink, + join_paths(pkgsysconfdir, 'user'), +- join_paths(sysconfdir, 'xdg/systemd/user')) ++ join_paths(factorypkgconfdir, 'xdg/systemd/user')) + meson.add_install_script(meson_make_symlink, + join_paths(dbussystemservicedir, 'org.freedesktop.systemd1.service'), + join_paths(dbussessionservicedir, 'org.freedesktop.systemd1.service')) +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0019-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0019-inherit-systemd-environment-when-calling-generators.patch new file mode 100644 index 00000000000..f4f1e6d37b5 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0019-inherit-systemd-environment-when-calling-generators.patch @@ -0,0 +1,42 @@ +From 3eb1716dd80c245a2883da04156af79fb9097519 Mon Sep 17 00:00:00 2001 +From: Andreas Rammhold <andreas@rammhold.de> +Date: Fri, 2 Nov 2018 21:15:42 +0100 +Subject: [PATCH 19/27] inherit systemd environment when calling generators. + +Systemd generators need access to the environment configured in +stage-2-init.sh since it schedules fsck and mkfs executions based on +being able to find an appropriate binary for the target filesystem. + +With this commit I am altering the systemd behaviour since upstream +tries to gather environments with that they call +"environment-generators" and then seems to pass that on to all the other +executables that are being called from managers. +--- + src/core/manager.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index d9114bb0c5..22c3b6ff76 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -3868,9 +3868,14 @@ static int manager_run_generators(Manager *m) { + argv[4] = NULL; + + RUN_WITH_UMASK(0022) +- (void) execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, NULL, NULL, +- (char**) argv, m->transient_environment, EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS); +- ++ (void) execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, ++ // On NixOS we must propagate PATH to generators so they are ++ // able to find binaries such as `fsck.${fstype}` and ++ // `mkfs.${fstype}`. That is why the last argument of the ++ // function (envp) is set to NULL. This propagates systemd's ++ // environment (e.g. PATH) that was setup ++ // before calling systemd from stage-2-init.sh. ++ NULL, NULL, (char**) argv, /* NixOS: use inherited env */ NULL, EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS); + r = 0; + + finish: +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0020-reintroduce-the-no-such-path-PATH-that-was-dropped-s.patch b/pkgs/os-specific/linux/systemd/0020-reintroduce-the-no-such-path-PATH-that-was-dropped-s.patch new file mode 100644 index 00000000000..63d694c2daa --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0020-reintroduce-the-no-such-path-PATH-that-was-dropped-s.patch @@ -0,0 +1,41 @@ +From 95c4e1ffd2249a52ca02e4fbe46aa4e51c5abd17 Mon Sep 17 00:00:00 2001 +From: Andreas Rammhold <andreas@rammhold.de> +Date: Fri, 2 Nov 2018 20:56:49 +0100 +Subject: [PATCH 20/27] reintroduce the /no-such-path PATH that was dropped + some versions ago + +Originally eelco set the DEFAULT_PATH_NORMAL to "/no-such-path" since we +do not need that in NixOS and usually refer to all our executables with +an absolute path. This commit reintroduces this change. +--- + src/basic/path-util.h | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/src/basic/path-util.h b/src/basic/path-util.h +index 71fb7041a3..b856e782a8 100644 +--- a/src/basic/path-util.h ++++ b/src/basic/path-util.h +@@ -28,13 +28,13 @@ + # define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x) + #endif + +-#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/") +-#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/") +-#define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/") +-#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/") +-#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/") +-#define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/") +-#define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/") ++#define DEFAULT_PATH_NORMAL "/no-such-path" ++#define DEFAULT_USER_PATH_NORMAL "/no-such-path" ++#define DEFAULT_PATH_NORMAL_NULSTR "/no-such-path\0" ++#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ++#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL DEFAULT_PATH_NORMAL ++#define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR ++#define DEFAULT_PATH_COMPAT DEFAULT_PATH_NORMAL + + #if HAVE_SPLIT_USR + # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0021-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0021-add-rootprefix-to-lookup-dir-paths.patch new file mode 100644 index 00000000000..39bbe7e9dac --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0021-add-rootprefix-to-lookup-dir-paths.patch @@ -0,0 +1,38 @@ +From 8d1618a97ad08078815f409f03b45aff3ae6bd0a Mon Sep 17 00:00:00 2001 +From: Andreas Rammhold <andreas@rammhold.de> +Date: Thu, 9 May 2019 11:15:22 +0200 +Subject: [PATCH 21/27] add rootprefix to lookup dir paths + +systemd does not longer use the UDEVLIBEXEC directory as root for +discovery default udev rules. By adding `$out/lib` to the lookup paths +we should again be able to discover the udev rules amongst other default +files that I might have missed. +--- + src/basic/def.h | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/basic/def.h b/src/basic/def.h +index 2af0b763f0..17959b07e8 100644 +--- a/src/basic/def.h ++++ b/src/basic/def.h +@@ -39,13 +39,15 @@ + "/run/" n "\0" \ + "/usr/local/lib/" n "\0" \ + "/usr/lib/" n "\0" \ +- _CONF_PATHS_SPLIT_USR_NULSTR(n) ++ _CONF_PATHS_SPLIT_USR_NULSTR(n) \ ++ ROOTPREFIX "/lib/" n "\0" + + #define CONF_PATHS_USR(n) \ + "/etc/" n, \ + "/run/" n, \ + "/usr/local/lib/" n, \ +- "/usr/lib/" n ++ "/usr/lib/" n, \ ++ ROOTPREFIX "/lib/" n + + #define CONF_PATHS(n) \ + CONF_PATHS_USR(n) \ +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0022-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0022-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch new file mode 100644 index 00000000000..9f0ea254890 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0022-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -0,0 +1,27 @@ +From 859c16c52cdd61ec99d256bf5b35637d59e5dac9 Mon Sep 17 00:00:00 2001 +From: Nikolay Amiantov <ab@fmap.me> +Date: Thu, 25 Jul 2019 20:45:55 +0300 +Subject: [PATCH 22/27] systemd-shutdown: execute scripts in + /etc/systemd/system-shutdown + +This is needed for NixOS to use such scripts as systemd directory is immutable. +--- + src/shutdown/shutdown.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c +index 0eb17989d0..93e619c58a 100644 +--- a/src/shutdown/shutdown.c ++++ b/src/shutdown/shutdown.c +@@ -299,7 +299,7 @@ int main(int argc, char *argv[]) { + _cleanup_free_ char *cgroup = NULL; + char *arguments[3], *watchdog_device; + int cmd, r, umount_log_level = LOG_INFO; +- static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; ++ static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; + + /* The log target defaults to console, but the original systemd process will pass its log target in through a + * command line argument, which will override this default. Also, ensure we'll never log to the journal or +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0023-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0023-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch new file mode 100644 index 00000000000..e8aa5cf2271 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0023-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -0,0 +1,26 @@ +From 9be689d5243d0c78bec7b285774c58749da08c9c Mon Sep 17 00:00:00 2001 +From: Nikolay Amiantov <ab@fmap.me> +Date: Thu, 25 Jul 2019 20:46:58 +0300 +Subject: [PATCH 23/27] systemd-sleep: execute scripts in + /etc/systemd/system-sleep + +This is needed for NixOS to use such scripts as systemd directory is immutable. +--- + src/sleep/sleep.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c +index b9fe96635d..f1c3ca06a3 100644 +--- a/src/sleep/sleep.c ++++ b/src/sleep/sleep.c +@@ -191,6 +191,7 @@ static int execute(char **modes, char **states) { + }; + static const char* const dirs[] = { + SYSTEM_SLEEP_PATH, ++ "/etc/systemd/system-sleep", + NULL + }; + +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0024-Revert-sysinit.target-Drop-the-dependency-on-local-f.patch b/pkgs/os-specific/linux/systemd/0024-Revert-sysinit.target-Drop-the-dependency-on-local-f.patch new file mode 100644 index 00000000000..e24c362ffbd --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0024-Revert-sysinit.target-Drop-the-dependency-on-local-f.patch @@ -0,0 +1,27 @@ +From d8566028d5e71612d011ff06bb9f4d03d1391e8e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Sun, 22 Sep 2019 21:06:54 +0100 +Subject: [PATCH 24/27] Revert "sysinit.target: Drop the dependency on + local-fs.target and swap.target" + +This reverts commit 5b0b3d004beb45687347ad01fa3b99635d1bdd92. + +We removed that patch in our 242 branch, but somehow it landed in 243 back again. +--- + units/sysinit.target | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/units/sysinit.target b/units/sysinit.target +index 5fe9ad0ec9..b6c16a1412 100644 +--- a/units/sysinit.target ++++ b/units/sysinit.target +@@ -11,4 +11,5 @@ + Description=System Initialization + Documentation=man:systemd.special(7) + Conflicts=emergency.service emergency.target +-After=emergency.service emergency.target ++Wants=local-fs.target swap.target ++After=local-fs.target swap.target emergency.service emergency.target +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/0027-Start-getty-on-lxc.patch b/pkgs/os-specific/linux/systemd/0027-Start-getty-on-lxc.patch new file mode 100644 index 00000000000..4c2777d3f03 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0027-Start-getty-on-lxc.patch @@ -0,0 +1,27 @@ +From f3a6f3056e69808ebbc7e72b1d03b85c750a3cae Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <eelco.dolstra@logicblox.com> +Date: Wed, 16 Apr 2014 00:35:14 +0200 +Subject: [PATCH 27/27] Start getty on lxc + +--- + units/getty@.service.m4 | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/units/getty@.service.m4 b/units/getty@.service.m4 +index 80e793bb73..0daba10f2a 100644 +--- a/units/getty@.service.m4 ++++ b/units/getty@.service.m4 +@@ -31,7 +31,9 @@ Before=rescue.service + # On systems without virtual consoles, don't start any getty. Note + # that serial gettys are covered by serial-getty@.service, not this + # unit. +-ConditionPathExists=/dev/tty0 ++ConditionPathExists=|/dev/tty0 ++ConditionVirtualization=|lxc ++ConditionVirtualization=|lxc-libvirt + + [Service] + # the VT is cleared by TTYVTDisallocate +-- +2.24.1 + diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 1dd2f30b9bf..13752f3bbe2 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -36,12 +36,40 @@ in stdenv.mkDerivation { # When updating, use https://github.com/systemd/systemd-stable tree, not the development one! # Also fresh patches should be cherry-picked from that tree to our current one. src = fetchFromGitHub { - owner = "nixos"; - repo = "systemd"; - rev = "e7d881488292fc8bdf96acd12767eca1bd65adae"; - sha256 = "0haj3iff3y13pm4w5dbqj1drp5wryqfad58jbbmnb6zdgis56h8f"; + owner = "systemd"; + repo = "systemd-stable"; + rev = "f8dd0f2f15a566ede668c59e3c810c61f9d62c51"; + sha256 = "1alvvciddg36by1bgzi8aarnms4crzqqyizj3nhlddh35pgpwvdk"; }; + patches = [ + ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch + ./0002-sysinit.target-Drop-the-dependency-on-local-fs.targe.patch + ./0003-Don-t-try-to-unmount-nix-or-nix-store.patch + ./0004-Fix-NixOS-containers.patch + ./0005-kmod-static-nodes.service-Don-t-require-lib-modules.patch + ./0006-Look-for-fsck-in-the-right-place.patch + ./0007-Add-some-NixOS-specific-unit-directories.patch + ./0008-Don-t-try-to-unmount-nix-or-nix-store.patch + ./0009-Get-rid-of-a-useless-message-in-user-sessions.patch + ./0010-hostnamed-localed-timedated-disable-methods-that-cha.patch + ./0011-Fix-hwdb-paths.patch + ./0012-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch + ./0013-localectl-use-etc-X11-xkb-for-list-x11.patch + ./0014-catalog-don-t-update-on-install.patch + ./0015-hwdb-don-t-run-update-on-install.patch + ./0016-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch + ./0017-Fix-mount-option-x-initrd.mount-handling-35268-16.patch + ./0018-Install-default-configuration-into-out-share-factory.patch + ./0019-inherit-systemd-environment-when-calling-generators.patch + ./0020-reintroduce-the-no-such-path-PATH-that-was-dropped-s.patch + ./0021-add-rootprefix-to-lookup-dir-paths.patch + ./0022-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch + ./0023-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch + ./0024-Revert-sysinit.target-Drop-the-dependency-on-local-f.patch + ./0027-Start-getty-on-lxc.patch + ]; + outputs = [ "out" "lib" "man" "dev" ]; nativeBuildInputs = |