diff options
Diffstat (limited to 'pkgs/os-specific/linux/systemd')
21 files changed, 569 insertions, 603 deletions
diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index ab04ea91644..ac2d0018160 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,7 +1,7 @@ -From 22f46f55c81d84e83a4614856d84e63c8400165c Mon Sep 17 00:00:00 2001 +From 2f4a5e9c9ef1cd57662e8bd4c24e1029a00d55b5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue, 8 Jan 2013 15:46:30 +0100 -Subject: [PATCH 01/18] Start device units for uninitialised encrypted devices +Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices This is necessary because the NixOS service that initialises the filesystem depends on the appearance of the device unit. Also, this @@ -13,7 +13,7 @@ unit. (However, this ignores the fsck unit, so it's not perfect...) 1 file changed, 4 deletions(-) diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in -index c34b606216..3ab8c1c3fe 100644 +index 7c22eefdb7..e3a55e00b5 100644 --- a/rules.d/99-systemd.rules.in +++ b/rules.d/99-systemd.rules.in @@ -17,10 +17,6 @@ SUBSYSTEM=="ubi", TAG+="systemd" @@ -28,5 +28,5 @@ index c34b606216..3ab8c1c3fe 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index c52a13c9a41..f54430f764e 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,7 +1,7 @@ -From e5b2b1e90d055068936336f6f01639bcde251b96 Mon Sep 17 00:00:00 2001 +From 4e96b2e074c4a4f4ce900409872ce2f86704ee5b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 12 Apr 2013 13:16:57 +0200 -Subject: [PATCH 02/18] Don't try to unmount /nix or /nix/store +Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. @@ -12,7 +12,7 @@ https://github.com/NixOS/nixos/issues/126 2 files changed, 4 insertions(+) diff --git a/src/shared/fstab-util.c b/src/shared/fstab-util.c -index b19127be09..f9adca1100 100644 +index 292b97cd69..791b8e6b7e 100644 --- a/src/shared/fstab-util.c +++ b/src/shared/fstab-util.c @@ -40,6 +40,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) { @@ -25,10 +25,10 @@ index b19127be09..f9adca1100 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 8a5e80eeaa..fab35ed6f3 100644 +index 3a72a13e1a..541320dc9d 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -414,6 +414,8 @@ static int delete_dm(dev_t devnum) { +@@ -500,6 +500,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index 8a5e80eeaa..fab35ed6f3 100644 || path_equal(path, "/usr") #endif -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index e96593a5938..37caffb97d7 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,7 +1,7 @@ -From ca7f6286c518d7ef3877458bbdf8e01f5518ab0e Mon Sep 17 00:00:00 2001 +From 3d1b2e56a6ed6cc86a64f6f89765a2900e576402 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed, 16 Apr 2014 10:59:28 +0200 -Subject: [PATCH 03/18] Fix NixOS containers +Subject: [PATCH 03/19] Fix NixOS containers In NixOS containers, the init script is bind-mounted into the container, so checking early whether it exists will fail. @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 51d0c2a75b..4d3451ff3b 100644 +index 7515380fcd..14f8a82eb8 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5017,6 +5017,7 @@ static int run(int argc, char *argv[]) { +@@ -5323,6 +5323,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 51d0c2a75b..4d3451ff3b 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5031,6 +5032,7 @@ static int run(int argc, char *argv[]) { +@@ -5337,6 +5338,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 51d0c2a75b..4d3451ff3b 100644 } else { -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index 4b2c059afd5..2f14a9d6a7e 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,17 +1,17 @@ -From c87cc5b1cf9c37f195e6b362352279e14289554e Mon Sep 17 00:00:00 2001 +From 3a721cf70e952e933ef5374006bbb11a3a0ad36a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu, 1 May 2014 14:10:10 +0200 -Subject: [PATCH 04/18] Look for fsck in the right place +Subject: [PATCH 04/19] Look for fsck in the right place --- src/fsck/fsck.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index 80f7107b9d..74e48a385f 100644 +index 510689f3b7..25cab5acae 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c -@@ -370,7 +370,7 @@ static int run(int argc, char *argv[]) { +@@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { } else dash_c[0] = 0; @@ -21,5 +21,5 @@ index 80f7107b9d..74e48a385f 100644 cmdline[i++] = "-T"; -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index a8f3f0e21fd..0acccacd613 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,62 +1,38 @@ -From 450c133c1815b473136b2a5540f9213fef5506ee Mon Sep 17 00:00:00 2001 +From 8b7f881cf22e98e907506f4c403b9e304e332bf9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 19 Dec 2014 14:46:17 +0100 -Subject: [PATCH 05/18] Add some NixOS-specific unit directories +Subject: [PATCH 05/19] Add some NixOS-specific unit directories -Look in `/nix/var/nix/profiles/default/lib/systemd` for units provided -by packages installed into the default profile via -`nix-env -iA nixos.$package`, and into `/etc/systemd-mutable/system` for -persistent, mutable units (used for Dysnomia). +Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for +units provided by packages installed into the default profile via +`nix-env -iA nixos.$package`. Also, remove /usr and /lib as these don't exist on NixOS. --- - src/core/systemd.pc.in | 4 ++-- - src/shared/path-lookup.c | 18 +++++------------- - 2 files changed, 7 insertions(+), 15 deletions(-) + src/basic/path-lookup.c | 17 ++--------------- + src/core/systemd.pc.in | 5 +++-- + 2 files changed, 5 insertions(+), 17 deletions(-) -diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index 8331832c7a..bedb97115d 100644 ---- a/src/core/systemd.pc.in -+++ b/src/core/systemd.pc.in -@@ -17,8 +17,8 @@ systemduserunitdir=${prefix}/lib/systemd/user - systemduserpresetdir=${prefix}/lib/systemd/user-preset - systemdsystemconfdir=${sysconfdir}/systemd/system - systemduserconfdir=${sysconfdir}/systemd/user --systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system --systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user -+systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/system:${systemdsystemunitdir} -+systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/user:${systemduserunitdir} - systemdsystemgeneratordir=${rootprefix}/lib/systemd/system-generators - systemdusergeneratordir=${prefix}/lib/systemd/user-generators - systemdsystemgeneratorpath=/run/systemd/system-generators:/etc/systemd/system-generators:/usr/local/lib/systemd/system-generators:${systemdsystemgeneratordir} -diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c -index 48e0eec09a..a9d38f16d0 100644 ---- a/src/shared/path-lookup.c -+++ b/src/shared/path-lookup.c -@@ -98,17 +98,14 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c +index 96b82170d0..bf66bd6b77 100644 +--- a/src/basic/path-lookup.c ++++ b/src/basic/path-lookup.c +@@ -94,11 +94,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { - "/usr/local/lib/systemd/user", - "/usr/local/share/systemd/user", - USER_DATA_UNIT_PATH, + USER_DATA_UNIT_DIR, - "/usr/lib/systemd/user", - "/usr/share/systemd/user", NULL }; - static const char* const user_config_unit_paths[] = { - USER_CONFIG_UNIT_PATH, - "/etc/systemd/user", -+ "/etc/systemd-mutable/user", - NULL - }; - -@@ -604,15 +601,14 @@ int lookup_paths_init( +@@ -616,15 +612,13 @@ int lookup_paths_init( persistent_config, - SYSTEM_CONFIG_UNIT_PATH, + SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", -+ "/etc/systemd-mutable/system", + "/nix/var/nix/profiles/default/lib/systemd/system", STRV_IFNOTNULL(persistent_attached), runtime_config, @@ -70,11 +46,10 @@ index 48e0eec09a..a9d38f16d0 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -628,14 +624,12 @@ int lookup_paths_init( +@@ -640,14 +634,11 @@ int lookup_paths_init( persistent_config, - USER_CONFIG_UNIT_PATH, + USER_CONFIG_UNIT_DIR, "/etc/systemd/user", -+ "/etc/systemd-mutable/user", + "/nix/var/nix/profiles/default/lib/systemd/user", runtime_config, "/run/systemd/user", @@ -82,26 +57,58 @@ index 48e0eec09a..a9d38f16d0 100644 - "/usr/local/share/systemd/user", - "/usr/share/systemd/user", - "/usr/local/lib/systemd/user", - USER_DATA_UNIT_PATH, + USER_DATA_UNIT_DIR, - "/usr/lib/systemd/user", STRV_IFNOTNULL(generator_late)); break; -@@ -824,14 +818,12 @@ char **generator_binary_paths(UnitFileScope scope) { - case UNIT_FILE_SYSTEM: - return strv_new("/run/systemd/system-generators", - "/etc/systemd/system-generators", -- "/usr/local/lib/systemd/system-generators", - SYSTEM_GENERATOR_PATH); +@@ -797,7 +788,6 @@ char **generator_binary_paths(UnitFileScope scope) { + case UNIT_FILE_SYSTEM: + add = strv_new("/run/systemd/system-generators", + "/etc/systemd/system-generators", +- "/usr/local/lib/systemd/system-generators", + SYSTEM_GENERATOR_DIR); + break; + +@@ -805,7 +795,6 @@ char **generator_binary_paths(UnitFileScope scope) { + case UNIT_FILE_USER: + add = strv_new("/run/systemd/user-generators", + "/etc/systemd/user-generators", +- "/usr/local/lib/systemd/user-generators", + USER_GENERATOR_DIR); + break; + +@@ -844,12 +833,10 @@ char **env_generator_binary_paths(bool is_system) { + if (is_system) + add = strv_new("/run/systemd/system-environment-generators", + "/etc/systemd/system-environment-generators", +- "/usr/local/lib/systemd/system-environment-generators", + SYSTEM_ENV_GENERATOR_DIR); + else + add = strv_new("/run/systemd/user-environment-generators", + "/etc/systemd/user-environment-generators", +- "/usr/local/lib/systemd/user-environment-generators", + USER_ENV_GENERATOR_DIR); + + if (!add) +diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in +index b5cc8f94a5..a701cd05f8 100644 +--- a/src/core/systemd.pc.in ++++ b/src/core/systemd.pc.in +@@ -38,10 +38,11 @@ systemdsystemconfdir=${systemd_system_conf_dir} + systemd_user_conf_dir=${sysconfdir}/systemd/user + systemduserconfdir=${systemd_user_conf_dir} + +-systemd_system_unit_path=${systemd_system_conf_dir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemd_system_unit_dir}:/usr/lib/systemd/system:/lib/systemd/system ++systemd_system_unit_path=${systemd_system_conf_dir}:/etc/systemd/system:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/system:${systemdsystemunitdir} + systemdsystemunitpath=${systemd_system_unit_path} - case UNIT_FILE_GLOBAL: - case UNIT_FILE_USER: - return strv_new("/run/systemd/user-generators", - "/etc/systemd/user-generators", -- "/usr/local/lib/systemd/user-generators", - USER_GENERATOR_PATH); +-systemd_user_unit_path=${systemd_user_conf_dir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemd_user_unit_dir}:/usr/lib/systemd/user:/usr/share/systemd/user ++systemd_user_unit_path=${systemd_user_conf_dir}:/etc/systemd/user:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/user:${systemduserunitdir} ++ + systemduserunitpath=${systemd_user_unit_path} - default: + systemd_system_generator_dir=${root_prefix}/lib/systemd/system-generators -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index ac3d3b0bd6f..bda27ac1762 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,7 +1,7 @@ -From f88a9bb1e6080b539ed0116caa9781e7f6755f54 Mon Sep 17 00:00:00 2001 +From 7a6529ee27028860b93bc539e8bbf3f2374d712f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon, 11 May 2015 15:39:38 +0200 -Subject: [PATCH 06/18] Get rid of a useless message in user sessions +Subject: [PATCH 06/19] Get rid of a useless message in user sessions Namely lots of variants of @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/unit.c b/src/core/unit.c -index c306183555..3db39fa435 100644 +index 45a417a090..8af3cb08d6 100644 --- a/src/core/unit.c +++ b/src/core/unit.c -@@ -2043,7 +2043,8 @@ static void unit_check_binds_to(Unit *u) { +@@ -2163,7 +2163,8 @@ static void unit_check_binds_to(Unit *u) { } assert(other); @@ -27,5 +27,5 @@ index c306183555..3db39fa435 100644 /* A unit we need to run is gone. Sniff. Let's stop this. */ r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL); -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index cef3280aba8..d51e1c0f566 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,20 +1,20 @@ -From e2b25ce3606d05ff8a387185c41ab32fb2a36161 Mon Sep 17 00:00:00 2001 +From 5580303956ca7d8eb431d23c2af0030c9cc0e6e9 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner <gebner@gebner.org> Date: Sun, 6 Dec 2015 14:26:36 +0100 -Subject: [PATCH 07/18] hostnamed, localed, timedated: disable methods that +Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that change system settings. --- - src/hostname/hostnamed.c | 9 +++++++++ + src/hostname/hostnamed.c | 6 ++++++ src/locale/localed.c | 9 +++++++++ src/timedate/timedated.c | 10 ++++++++++ - 3 files changed, 28 insertions(+) + 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 21f6471495..8c5af7619f 100644 +index a1794bdab1..77134731e1 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -478,6 +481,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -643,6 +643,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -23,8 +23,8 @@ index 21f6471495..8c5af7619f 100644 + name = empty_to_null(name); - if (streq_ptr(name, c->data[PROP_STATIC_HOSTNAME])) -@@ -535,6 +541,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess + context_read_etc_hostname(c); +@@ -702,6 +705,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -33,12 +33,12 @@ index 21f6471495..8c5af7619f 100644 + name = empty_to_null(name); - if (streq_ptr(name, c->data[prop])) + context_read_machine_info(c); diff --git a/src/locale/localed.c b/src/locale/localed.c -index 09f16d25f4..c1cb87cef1 100644 +index 736dacdee9..53e0ee935e 100644 --- a/src/locale/localed.c +++ b/src/locale/localed.c -@@ -275,6 +275,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er +@@ -317,6 +317,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er if (r < 0) return r; @@ -46,9 +46,9 @@ index 09f16d25f4..c1cb87cef1 100644 + "Changing system settings via systemd is not supported on NixOS."); + /* If single locale without variable name is provided, then we assume it is LANG=. */ - if (strv_length(l) == 1 && !strchr(*l, '=')) { - if (!locale_is_valid(*l)) -@@ -410,6 +413,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro + if (strv_length(l) == 1 && !strchr(l[0], '=')) { + if (!locale_is_valid(l[0])) +@@ -432,6 +435,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro if (r < 0) return r; @@ -58,7 +58,7 @@ index 09f16d25f4..c1cb87cef1 100644 keymap = empty_to_null(keymap); keymap_toggle = empty_to_null(keymap_toggle); -@@ -586,6 +592,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err +@@ -606,6 +612,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err if (r < 0) return r; @@ -69,10 +69,10 @@ index 09f16d25f4..c1cb87cef1 100644 model = empty_to_null(model); variant = empty_to_null(variant); diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index 5e2fb50d83..63865f557c 100644 +index 76fe04900d..e87c4c8919 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c -@@ -652,6 +652,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error * +@@ -646,6 +646,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error * if (r < 0) return r; @@ -83,17 +83,17 @@ index 5e2fb50d83..63865f557c 100644 if (!timezone_is_valid(z, LOG_DEBUG)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid or not installed time zone '%s'", z); -@@ -731,6 +735,9 @@ static int method_set_local_rtc(sd_bus_message *m, void *userdata, sd_bus_error +@@ -725,6 +729,9 @@ static int method_set_local_rtc(sd_bus_message *m, void *userdata, sd_bus_error if (r < 0) return r; + return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, + "Changing system settings via systemd is not supported on NixOS."); + - if (lrtc == c->local_rtc) + if (lrtc == c->local_rtc && !fix_system) return sd_bus_reply_method_return(m, NULL); -@@ -923,6 +930,9 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error +@@ -907,6 +914,9 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error if (r < 0) return r; @@ -104,5 +104,5 @@ index 5e2fb50d83..63865f557c 100644 if (r < 0) return r; -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index 36d82e22f8c..2b1c02b233c 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,7 +1,7 @@ -From 5a6aad633a7ceffd62b009ce0c4ab6673129f7ff Mon Sep 17 00:00:00 2001 +From 874698425f6d68fc0d662cb17c7c29e0af3e8c25 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 7 Jul 2016 02:47:13 +0300 -Subject: [PATCH 08/18] Fix hwdb paths +Subject: [PATCH 08/19] Fix hwdb paths Patch by vcunat. --- @@ -9,7 +9,7 @@ Patch by vcunat. 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/libsystemd/sd-hwdb/sd-hwdb.c b/src/libsystemd/sd-hwdb/sd-hwdb.c -index b3febdbb31..eba00a5bc7 100644 +index cb3c77ce96..7b8c80071f 100644 --- a/src/libsystemd/sd-hwdb/sd-hwdb.c +++ b/src/libsystemd/sd-hwdb/sd-hwdb.c @@ -297,13 +297,8 @@ static int trie_search_f(sd_hwdb *hwdb, const char *search) { @@ -28,5 +28,5 @@ index b3febdbb31..eba00a5bc7 100644 _public_ int sd_hwdb_new(sd_hwdb **ret) { _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL; -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 8b5c807e4a8..a1e8ec963c7 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,7 +1,7 @@ -From b509dbd302a7933ae0002f44b99aac6a1fd5775b Mon Sep 17 00:00:00 2001 +From 367d0dad3d1853048569e315931cb8a27e16a098 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Tue, 11 Oct 2016 13:12:08 +0300 -Subject: [PATCH 09/18] Change /usr/share/zoneinfo to /etc/zoneinfo +Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo NixOS uses this path. --- @@ -13,7 +13,7 @@ NixOS uses this path. 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/man/localtime.xml b/man/localtime.xml -index 0f1652ee2e..71c4f95c2e 100644 +index e486474c44..5f373d0723 100644 --- a/man/localtime.xml +++ b/man/localtime.xml @@ -20,7 +20,7 @@ @@ -35,10 +35,10 @@ index 0f1652ee2e..71c4f95c2e 100644 <literal>Etc/UTC</literal>. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 105584e2e7..5238f69931 100644 +index 5318d6378d..04069dc27b 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1217,7 +1217,7 @@ int get_timezones(char ***ret) { +@@ -1277,7 +1277,7 @@ int get_timezones(char ***ret) { n_allocated = 2; n_zones = 1; @@ -47,7 +47,7 @@ index 105584e2e7..5238f69931 100644 if (f) { for (;;) { _cleanup_free_ char *line = NULL; -@@ -1312,7 +1312,7 @@ bool timezone_is_valid(const char *name, int log_level) { +@@ -1372,7 +1372,7 @@ bool timezone_is_valid(const char *name, int log_level) { if (p - name >= PATH_MAX) return false; @@ -56,7 +56,7 @@ index 105584e2e7..5238f69931 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) { -@@ -1410,7 +1410,7 @@ int get_timezone(char **ret) { +@@ -1470,7 +1470,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -66,10 +66,10 @@ index 105584e2e7..5238f69931 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 901fbf0815..b57bdd8fbe 100644 +index 742b43f9fc..f2cb121816 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -431,7 +431,7 @@ static int process_timezone(void) { +@@ -459,7 +459,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -79,10 +79,10 @@ index 901fbf0815..b57bdd8fbe 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 4d3451ff3b..1adb91335c 100644 +index 14f8a82eb8..8632dadec6 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1657,8 +1657,8 @@ static int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t u +@@ -1810,8 +1810,8 @@ static int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t u static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -94,10 +94,10 @@ index 4d3451ff3b..1adb91335c 100644 static bool etc_writable(void) { diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index 63865f557c..8021a8b753 100644 +index e87c4c8919..964a40ba81 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c -@@ -264,7 +264,7 @@ static int context_read_data(Context *c) { +@@ -269,7 +269,7 @@ static int context_read_data(Context *c) { r = get_timezone(&t); if (r == -EINVAL) @@ -106,7 +106,7 @@ index 63865f557c..8021a8b753 100644 else if (r < 0) log_warning_errno(r, "Failed to get target of /etc/localtime: %m"); -@@ -288,7 +288,7 @@ static int context_write_data_timezone(Context *c) { +@@ -293,7 +293,7 @@ static int context_write_data_timezone(Context *c) { if (isempty(c->zone) || streq(c->zone, "UTC")) { @@ -115,7 +115,7 @@ index 63865f557c..8021a8b753 100644 if (unlink("/etc/localtime") < 0 && errno != ENOENT) return -errno; -@@ -296,9 +296,9 @@ static int context_write_data_timezone(Context *c) { +@@ -301,9 +301,9 @@ static int context_write_data_timezone(Context *c) { return 0; } @@ -128,5 +128,5 @@ index 63865f557c..8021a8b753 100644 return -ENOMEM; -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index b18ffb40166..334156495fc 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,7 +1,7 @@ -From b5665ef8b9266c662c3a137df1ef1721cdff346e Mon Sep 17 00:00:00 2001 +From bf285fe7e12bd22f95c14bcefbb5008888c32bfa Mon Sep 17 00:00:00 2001 From: Imuli <i@imu.li> Date: Wed, 19 Oct 2016 08:46:47 -0400 -Subject: [PATCH 10/18] localectl: use /etc/X11/xkb for list-x11-* +Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* NixOS has an option to link the xkb data files to /etc/X11, but not to /usr/share/X11. @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 6f2d37d222..7aa2310d48 100644 +index 7d2e887660..91c5139eed 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -286,7 +286,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -277,7 +277,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 6f2d37d222..7aa2310d48 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index bc9efaed23e..902018ee4b9 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,17 +1,17 @@ -From be6b5c37779302384079b22b7fd767daad878fa9 Mon Sep 17 00:00:00 2001 +From 293b19c5fdbda1b4ee579a7e8ba12f024a6f34c9 Mon Sep 17 00:00:00 2001 From: Franz Pletz <fpletz@fnordicwalking.de> Date: Sun, 11 Feb 2018 04:37:44 +0100 -Subject: [PATCH 11/18] build: don't create statedir and don't touch prefixdir +Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir --- meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index c09115e06a..62eba4186c 100644 +index 580964c3fa..f99d4f3ab5 100644 --- a/meson.build +++ b/meson.build -@@ -3184,9 +3184,6 @@ install_data('LICENSE.GPL2', +@@ -3518,9 +3518,6 @@ install_data('LICENSE.GPL2', 'src/libsystemd/sd-bus/GVARIANT-SERIALIZATION', install_dir : docdir) @@ -20,7 +20,7 @@ index c09115e06a..62eba4186c 100644 - ############################################################ - meson_check_help = find_program('tools/meson-check-help.sh') + check_help = find_program('tools/check-help.sh') -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0012-Install-default-configuration-into-out-share-factory.patch b/pkgs/os-specific/linux/systemd/0012-Install-default-configuration-into-out-share-factory.patch deleted file mode 100644 index 5d67ce0ca31..00000000000 --- a/pkgs/os-specific/linux/systemd/0012-Install-default-configuration-into-out-share-factory.patch +++ /dev/null @@ -1,313 +0,0 @@ -From 9262f52b0e30cf8c39d9f7684a8c0e8fd4887cd5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> -Date: Mon, 26 Feb 2018 14:25:57 +0000 -Subject: [PATCH 12/18] Install default configuration into $out/share/factory - -By default systemd should read all its configuration from /etc. Therefor -we rely on -Dsysconfdir=/etc in meson as default value. Unfortunately -this would also lead to installation of systemd's own configuration -files to `/etc` whereas we are limited to /nix/store. To counter that -this commit introduces two new configuration variables `factoryconfdir` -and `factorypkgconfdir` to install systemd's own configuration into nix -store again, while having executables looking up files in /etc. ---- - hwdb.d/meson.build | 2 +- - meson.build | 11 +++++++---- - network/meson.build | 2 +- - src/core/meson.build | 10 +++++----- - src/coredump/meson.build | 2 +- - src/journal-remote/meson.build | 4 ++-- - src/journal/meson.build | 2 +- - src/kernel-install/meson.build | 2 +- - src/login/meson.build | 2 +- - src/network/meson.build | 2 +- - src/pstore/meson.build | 2 +- - src/resolve/meson.build | 2 +- - src/timesync/meson.build | 2 +- - src/udev/meson.build | 4 ++-- - sysctl.d/meson.build | 2 +- - tmpfiles.d/meson.build | 2 +- - units/meson.build | 2 +- - 17 files changed, 29 insertions(+), 26 deletions(-) - -diff --git a/hwdb.d/meson.build b/hwdb.d/meson.build -index 4df6dabf89..02d8d69095 100644 ---- a/hwdb.d/meson.build -+++ b/hwdb.d/meson.build -@@ -27,7 +27,7 @@ if conf.get('ENABLE_HWDB') == 1 - install_dir : udevhwdbdir) - - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'udev/hwdb.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'udev/hwdb.d'))) - - meson.add_install_script('sh', '-c', - 'test -n "$DESTDIR" || @0@/systemd-hwdb update' -diff --git a/meson.build b/meson.build -index 62eba4186c..b0b2edbb5a 100644 ---- a/meson.build -+++ b/meson.build -@@ -154,6 +154,9 @@ udevhwdbdir = join_paths(udevlibexecdir, 'hwdb.d') - catalogdir = join_paths(prefixdir, 'lib/systemd/catalog') - kernelinstalldir = join_paths(prefixdir, 'lib/kernel/install.d') - factorydir = join_paths(datadir, 'factory') -+factoryconfdir = join_paths(datadir, 'factory/etc') -+factorypkgconfdir = join_paths(datadir, 'factory/etc/systemd') -+factoryxinitrcdir = join_paths(datadir, 'factory/etc/X11/xinit/xinitrc.d') - bootlibdir = join_paths(prefixdir, 'lib/systemd/boot/efi') - testsdir = join_paths(prefixdir, 'lib/systemd/tests') - systemdstatedir = join_paths(localstatedir, 'lib/systemd') -@@ -2511,7 +2514,7 @@ if conf.get('ENABLE_BINFMT') == 1 - meson.add_install_script('sh', '-c', - mkdir_p.format(binfmtdir)) - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'binfmt.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'binfmt.d'))) - endif - - if conf.get('ENABLE_REPART') == 1 -@@ -2612,7 +2615,7 @@ executable('systemd-sleep', - install_dir : rootlibexecdir) - - install_data('src/sleep/sleep.conf', -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - exe = executable('systemd-sysctl', - 'src/sysctl/sysctl.c', -@@ -2924,7 +2927,7 @@ if conf.get('HAVE_KMOD') == 1 - meson.add_install_script('sh', '-c', - mkdir_p.format(modulesloaddir)) - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'modules-load.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'modules-load.d'))) - endif - - exe = executable('systemd-nspawn', -@@ -3167,7 +3170,7 @@ install_subdir('factory/etc', - install_dir : factorydir) - - install_data('xorg/50-systemd-user.sh', -- install_dir : xinitrcdir) -+ install_dir : factoryxinitrcdir) - install_data('modprobe.d/systemd.conf', - install_dir : modprobedir) - install_data('LICENSE.GPL2', -diff --git a/network/meson.build b/network/meson.build -index 544dcf4387..1828c50863 100644 ---- a/network/meson.build -+++ b/network/meson.build -@@ -10,7 +10,7 @@ if conf.get('ENABLE_NETWORKD') == 1 - install_dir : networkdir) - - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'systemd/network'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'systemd/network'))) - endif - - install_data('99-default.link', -diff --git a/src/core/meson.build b/src/core/meson.build -index 3586838f59..02ddf1a123 100644 ---- a/src/core/meson.build -+++ b/src/core/meson.build -@@ -179,8 +179,8 @@ libcore = static_library( - systemd_sources = files('main.c') - - in_files = [['macros.systemd', rpmmacrosdir], -- ['system.conf', pkgsysconfdir], -- ['user.conf', pkgsysconfdir], -+ ['system.conf', factorypkgconfdir], -+ ['user.conf', factorypkgconfdir], - ['systemd.pc', pkgconfigdatadir], - ['triggers.systemd', '']] - -@@ -212,6 +212,6 @@ meson.add_install_script('sh', '-c', mkdir_p.format(systemsleepdir)) - meson.add_install_script('sh', '-c', mkdir_p.format(systemgeneratordir)) - meson.add_install_script('sh', '-c', mkdir_p.format(usergeneratordir)) - --meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(pkgsysconfdir, 'system'))) --meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(pkgsysconfdir, 'user'))) --meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(sysconfdir, 'xdg/systemd'))) -+meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'system'))) -+meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'user'))) -+meson.add_install_script('sh', '-c', mkdir_p.format(join_paths(factorypkgconfdir, 'xdg/systemd'))) -diff --git a/src/coredump/meson.build b/src/coredump/meson.build -index 7fa5942697..34c865dfa0 100644 ---- a/src/coredump/meson.build -+++ b/src/coredump/meson.build -@@ -15,7 +15,7 @@ coredumpctl_sources = files('coredumpctl.c') - - if conf.get('ENABLE_COREDUMP') == 1 - install_data('coredump.conf', -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - endif - - tests += [ -diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build -index 87b8ba6495..daff8ec967 100644 ---- a/src/journal-remote/meson.build -+++ b/src/journal-remote/meson.build -@@ -49,7 +49,7 @@ if conf.get('ENABLE_REMOTE') ==1 and conf.get('HAVE_LIBCURL') == 1 - output : 'journal-upload.conf', - configuration : substs) - install_data(journal_upload_conf, -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - endif - - if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 -@@ -58,7 +58,7 @@ if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 - output : 'journal-remote.conf', - configuration : substs) - install_data(journal_remote_conf, -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - install_data('browse.html', - install_dir : join_paths(pkgdatadir, 'gatewayd')) -diff --git a/src/journal/meson.build b/src/journal/meson.build -index 5796f77cac..75d975c260 100644 ---- a/src/journal/meson.build -+++ b/src/journal/meson.build -@@ -109,7 +109,7 @@ if conf.get('HAVE_QRENCODE') == 1 - endif - - install_data('journald.conf', -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - if get_option('create-log-dirs') - meson.add_install_script( -diff --git a/src/kernel-install/meson.build b/src/kernel-install/meson.build -index 261c3aaae4..dbc5e23513 100644 ---- a/src/kernel-install/meson.build -+++ b/src/kernel-install/meson.build -@@ -11,4 +11,4 @@ install_data('00-entry-directory.install', - install_dir : kernelinstalldir) - - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'kernel/install.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'kernel/install.d'))) -diff --git a/src/login/meson.build b/src/login/meson.build -index 0a7d3d5440..ff90149c1c 100644 ---- a/src/login/meson.build -+++ b/src/login/meson.build -@@ -75,7 +75,7 @@ if conf.get('ENABLE_LOGIND') == 1 - output : 'logind.conf', - configuration : substs) - install_data(logind_conf, -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - install_data('org.freedesktop.login1.conf', - install_dir : dbuspolicydir) -diff --git a/src/network/meson.build b/src/network/meson.build -index c1c02cfda1..1bfa79a03b 100644 ---- a/src/network/meson.build -+++ b/src/network/meson.build -@@ -201,7 +201,7 @@ if conf.get('ENABLE_NETWORKD') == 1 - endif - - install_data('networkd.conf', -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - fuzzers += [ - [['src/network/fuzz-netdev-parser.c', -diff --git a/src/pstore/meson.build b/src/pstore/meson.build -index adbac24b54..e9dc88dfa2 100644 ---- a/src/pstore/meson.build -+++ b/src/pstore/meson.build -@@ -6,5 +6,5 @@ systemd_pstore_sources = files(''' - - if conf.get('ENABLE_PSTORE') == 1 - install_data('pstore.conf', -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - endif -diff --git a/src/resolve/meson.build b/src/resolve/meson.build -index c4d8d4e5d9..f550c289a5 100644 ---- a/src/resolve/meson.build -+++ b/src/resolve/meson.build -@@ -170,7 +170,7 @@ if conf.get('ENABLE_RESOLVE') == 1 - output : 'resolved.conf', - configuration : substs) - install_data(resolved_conf, -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - - install_data('resolv.conf', - install_dir : rootlibexecdir) -diff --git a/src/timesync/meson.build b/src/timesync/meson.build -index e5c118c8db..19235df9ca 100644 ---- a/src/timesync/meson.build -+++ b/src/timesync/meson.build -@@ -27,7 +27,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1 - output : 'timesyncd.conf', - configuration : substs) - install_data(timesyncd_conf, -- install_dir : pkgsysconfdir) -+ install_dir : factorypkgconfdir) - install_data('org.freedesktop.timesync1.conf', - install_dir : dbuspolicydir) - install_data('org.freedesktop.timesync1.service', -diff --git a/src/udev/meson.build b/src/udev/meson.build -index 173b10be50..82638cf5a9 100644 ---- a/src/udev/meson.build -+++ b/src/udev/meson.build -@@ -187,7 +187,7 @@ foreach prog : [['ata_id/ata_id.c'], - endforeach - - install_data('udev.conf', -- install_dir : join_paths(sysconfdir, 'udev')) -+ install_dir : join_paths(factoryconfdir, 'udev')) - - configure_file( - input : 'udev.pc.in', -@@ -196,7 +196,7 @@ configure_file( - install_dir : pkgconfigdatadir == 'no' ? '' : pkgconfigdatadir) - - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'udev/rules.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'udev/rules.d'))) - - fuzzers += [ - [['src/udev/net/fuzz-link-parser.c', -diff --git a/sysctl.d/meson.build b/sysctl.d/meson.build -index 3f072e3db7..bd9f843eba 100644 ---- a/sysctl.d/meson.build -+++ b/sysctl.d/meson.build -@@ -27,4 +27,4 @@ foreach file : in_files - endforeach - - meson.add_install_script('sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'sysctl.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'sysctl.d'))) -diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build -index e77f46d06b..04d2ef621d 100644 ---- a/tmpfiles.d/meson.build -+++ b/tmpfiles.d/meson.build -@@ -57,5 +57,5 @@ endforeach - if enable_tmpfiles - meson.add_install_script( - 'sh', '-c', -- mkdir_p.format(join_paths(sysconfdir, 'tmpfiles.d'))) -+ mkdir_p.format(join_paths(factoryconfdir, 'tmpfiles.d'))) - endif -diff --git a/units/meson.build b/units/meson.build -index ea91f0cc9e..8622054ca5 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -323,7 +323,7 @@ install_data('user-.slice.d/10-defaults.conf', - - meson.add_install_script(meson_make_symlink, - join_paths(pkgsysconfdir, 'user'), -- join_paths(sysconfdir, 'xdg/systemd/user')) -+ join_paths(factorypkgconfdir, 'xdg/systemd/user')) - meson.add_install_script(meson_make_symlink, - join_paths(dbussystemservicedir, 'org.freedesktop.systemd1.service'), - join_paths(dbussessionservicedir, 'org.freedesktop.systemd1.service')) --- -2.26.2 - diff --git a/pkgs/os-specific/linux/systemd/0013-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index 11d2dc26e38..05fce10e856 100644 --- a/pkgs/os-specific/linux/systemd/0013-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,7 +1,7 @@ -From 05c2761f6a981c8576fc47a3dd8beb5a2af3ef09 Mon Sep 17 00:00:00 2001 +From 63777e7f690b67952bf4571f8e09e5d8e769d3c0 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Fri, 2 Nov 2018 21:15:42 +0100 -Subject: [PATCH 13/18] inherit systemd environment when calling generators. +Subject: [PATCH 12/19] inherit systemd environment when calling generators. Systemd generators need access to the environment configured in stage-2-init.sh since it schedules fsck and mkfs executions based on @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 4412e7a849..b799eeca95 100644 +index 6858950107..07a599ede7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -3901,9 +3901,14 @@ static int manager_run_generators(Manager *m) { +@@ -4142,9 +4142,14 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -38,5 +38,5 @@ index 4412e7a849..b799eeca95 100644 finish: -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0014-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index 06b00b82cb9..b9bab2d387e 100644 --- a/pkgs/os-specific/linux/systemd/0014-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,7 +1,7 @@ -From c70029539d0aec5df0c1e4203359335a3841a1e5 Mon Sep 17 00:00:00 2001 +From 561dc3b864d96753b5dc448e6e1a80460d5f0bc4 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Thu, 9 May 2019 11:15:22 +0200 -Subject: [PATCH 14/18] add rootprefix to lookup dir paths +Subject: [PATCH 13/19] add rootprefix to lookup dir paths systemd does not longer use the UDEVLIBEXEC directory as root for discovery default udev rules. By adding `$out/lib` to the lookup paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 970654a1ad..bb261040f8 100644 +index 2e60abb4f1..732ec51d36 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 970654a1ad..bb261040f8 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 6431b56ea3e..c737b61e749 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,7 +1,7 @@ -From 98580b4aa34f3d2e7401f54d6561c5af27ea3437 Mon Sep 17 00:00:00 2001 +From 8f619304804b02f4e9d7a340ca90359f96adc6e8 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:45:55 +0300 -Subject: [PATCH 15/18] systemd-shutdown: execute scripts in +Subject: [PATCH 14/19] systemd-shutdown: execute scripts in /etc/systemd/system-shutdown This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,10 +10,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index 523040b57c..561d91c94c 100644 +index 0d07865542..26d974ef73 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -299,7 +299,7 @@ int main(int argc, char *argv[]) { +@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; char *arguments[3], *watchdog_device; int cmd, r, umount_log_level = LOG_INFO; @@ -23,5 +23,5 @@ index 523040b57c..561d91c94c 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0016-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index c27d1a10d58..3059216f7c5 100644 --- a/pkgs/os-specific/linux/systemd/0016-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,7 +1,7 @@ -From 3821e20966ee20f74986041f33c4934ad20385b2 Mon Sep 17 00:00:00 2001 +From 577b11afe38fc185d785ca8f125f518a4eb21a00 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:46:58 +0300 -Subject: [PATCH 16/18] systemd-sleep: execute scripts in +Subject: [PATCH 15/19] systemd-sleep: execute scripts in /etc/systemd/system-sleep This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index fbfddc0262..d2530b9421 100644 +index 39ab554290..880ac7ccb0 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -178,6 +178,7 @@ static int execute(char **modes, char **states) { @@ -22,5 +22,5 @@ index fbfddc0262..d2530b9421 100644 }; -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0017-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 9fae2d5767c..ad19d910e1e 100644 --- a/pkgs/os-specific/linux/systemd/0017-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,7 +1,7 @@ -From b07defe819e0f66d08563690b3a5abea5da08620 Mon Sep 17 00:00:00 2001 +From ba19f629c1806ca2d2ab58154e45bce4ae4a3f0c Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sat, 7 Mar 2020 22:40:27 +0100 -Subject: [PATCH 17/18] kmod-static-nodes.service: Update ConditionFileNotEmpty +Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty On NixOS, kernel modules of the currently booted systems are located at /run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. @@ -10,7 +10,7 @@ On NixOS, kernel modules of the currently booted systems are located at 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 0971edf9ec..87105a87b9 100644 +index f4170d6a99..9a6a591bea 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in @@ -12,7 +12,7 @@ Description=Create list of static device nodes for the current kernel @@ -23,5 +23,5 @@ index 0971edf9ec..87105a87b9 100644 [Service] Type=oneshot -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0018-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 321817dad6f..585a0aa112e 100644 --- a/pkgs/os-specific/linux/systemd/0018-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,7 +1,7 @@ -From 9c1ac48a7d95c09bef5a924bb5db6908596403b4 Mon Sep 17 00:00:00 2001 +From c639f311bd27c2bff62a22c34bc92613aaf77587 Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sun, 8 Mar 2020 01:05:54 +0100 -Subject: [PATCH 18/18] path-util.h: add placeholder for DEFAULT_PATH_NORMAL +Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL This will be the $PATH used to lookup ExecStart= etc. options, which systemd itself uses extensively. @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 30031fca8e..d97145539a 100644 +index d613709f0b..5cced4c115 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 30031fca8e..d97145539a 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.26.2 +2.30.1 diff --git a/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch b/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch new file mode 100644 index 00000000000..f634e74e663 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch @@ -0,0 +1,26 @@ +From ebb37f81c28aaa80acd9187a7d77dcb3cb3828db Mon Sep 17 00:00:00 2001 +From: Thomas Tuegel <ttuegel@mailbox.org> +Date: Mon, 26 Oct 2020 21:21:38 +0100 +Subject: [PATCH 18/19] logind-seat-debus: show CanMultiSession again + +Fixes the "switch user" function in Plasma < 5.20. +--- + src/login/logind-seat-dbus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c +index a60ed2d3c2..69b6271075 100644 +--- a/src/login/logind-seat-dbus.c ++++ b/src/login/logind-seat-dbus.c +@@ -450,7 +450,7 @@ static const sd_bus_vtable seat_vtable[] = { + + SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Seat, id), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("ActiveSession", "(so)", property_get_active_session, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), +- SD_BUS_PROPERTY("CanMultiSession", "b", property_get_const_true, 0, SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), ++ SD_BUS_PROPERTY("CanMultiSession", "b", property_get_const_true, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("CanTTY", "b", property_get_can_tty, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("CanGraphical", "b", property_get_can_graphical, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), + SD_BUS_PROPERTY("Sessions", "a(so)", property_get_sessions, 0, 0), +-- +2.30.1 + diff --git a/pkgs/os-specific/linux/systemd/0019-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0019-pkg-config-derive-prefix-from-prefix.patch new file mode 100644 index 00000000000..2d93cdef9a3 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0019-pkg-config-derive-prefix-from-prefix.patch @@ -0,0 +1,33 @@ +From 5439a516995f9fd57fc91c2cdd016bb18f31aadf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Sun, 6 Dec 2020 08:34:19 +0100 +Subject: [PATCH 19/19] pkg-config: derive prefix from --prefix + +Point prefix to the one configured, instead of `/usr` `systemd` has limited +support for making the pkgconfig prefix overridable, and interpolates those +values later down. + +So we only need to patch this one value to get the correct paths. +See systemd/systemd@bc4e6e27922a2873985ab9367d79fb099f70b505 for details. + +Co-Authored-By: Florian Klink <flokli@flokli.de> +--- + src/core/systemd.pc.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in +index a701cd05f8..85d6911bdf 100644 +--- a/src/core/systemd.pc.in ++++ b/src/core/systemd.pc.in +@@ -11,7 +11,7 @@ + # considered deprecated (though there is no plan to remove them). New names + # shall have underscores. + +-prefix=/usr ++prefix=@prefix@ + root_prefix=@rootprefix_noslash@ + rootprefix=${root_prefix} + sysconf_dir=@sysconfdir@ +-- +2.30.1 + diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index c0163dcafe6..a33bb3c1a1d 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -1,50 +1,136 @@ -{ stdenv, lib, fetchFromGitHub, pkgconfig, intltool, gperf, libcap -, curl, kmod, gnupg, gnutar, xz, pam, acl, libuuid, m4, e2fsprogs, utillinux, libffi -, glib, kbd, libxslt, coreutils, libgcrypt, libgpgerror, libidn2, libapparmor -, audit, lz4, bzip2, pcre2 -, linuxHeaders ? stdenv.cc.libc.linuxHeaders -, iptables, gnu-efi, bashInteractive -, gettext, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 -, ninja, meson, python3Packages, glibcLocales +# NOTE: Make sure to (re-)format this file on changes with `nixpkgs-fmt`! + +{ stdenv +, lib +, fetchFromGitHub +, fetchpatch +, buildPackages +, ninja +, meson +, m4 +, pkg-config +, coreutils +, gperf +, getent , patchelf +, glibcLocales +, glib , substituteAll -, getent -, cryptsetup, lvm2 -, buildPackages -, perl -, withSelinux ? false, libselinux -, withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp -, withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools +, gettext +, python3Packages + + # Mandatory dependencies +, libcap +, util-linux +, kbd +, kmod + + # Optional dependencies +, pam +, cryptsetup +, lvm2 +, audit +, acl +, lz4 +, libgcrypt +, libgpgerror +, libidn2 +, curl +, gnutar +, gnupg +, zlib +, xz +, libuuid +, libapparmor +, intltool +, bzip2 +, pcre2 +, e2fsprogs +, linuxHeaders ? stdenv.cc.libc.linuxHeaders +, gnu-efi +, iptables +, withSelinux ? false +, libselinux +, withLibseccomp ? lib.meta.availableOn stdenv.hostPlatform libseccomp +, libseccomp +, withKexectools ? lib.meta.availableOn stdenv.hostPlatform kexectools +, kexectools +, bashInteractive +, libmicrohttpd + +, withAnalyze ? true +, withApparmor ? true +, withCompression ? true # adds bzip2, lz4 and xz +, withCoredump ? true +, withCryptsetup ? true +, withDocumentation ? true +, withEfi ? stdenv.hostPlatform.isEfi +, withHomed ? false +, withHostnamed ? true +, withHwdb ? true +, withImportd ? true +, withLocaled ? true +, withLogind ? true +, withMachined ? true +, withNetworkd ? true +, withNss ? true +, withOomd ? false +, withPCRE2 ? true +, withPolkit ? true +, withPortabled ? false +, withRemote ? true +, withResolved ? true +, withShellCompletions ? true +, withTimedated ? true +, withTimesyncd ? true +, withUserDb ? true +, libfido2 +, p11-kit + + # name argument +, pname ? "systemd" + + +, libxslt +, docbook_xsl +, docbook_xml_dtd_42 +, docbook_xml_dtd_45 }: -let gnupg-minimal = gnupg.override { - enableMinimal = true; - guiSupport = false; - pcsclite = null; - sqlite = null; - pinentry = null; - adns = null; - gnutls = null; - libusb1 = null; - openldap = null; - readline = null; - zlib = null; - bzip2 = null; -}; - -in stdenv.mkDerivation { - version = "245.7"; - pname = "systemd"; - - # When updating, use https://github.com/systemd/systemd-stable tree, not the development one! - # Also fresh patches should be cherry-picked from that tree to our current one. +assert withResolved -> (libgcrypt != null && libgpgerror != null); +assert withImportd -> +(curl.dev != null && zlib != null && xz != null && libgcrypt != null + && gnutar != null && gnupg != null && withCompression); + +assert withEfi -> (gnu-efi != null); +assert withRemote -> lib.getDev curl != null; +assert withCoredump -> withCompression; + +assert withHomed -> withCryptsetup; + +assert withCryptsetup -> +(cryptsetup != null); +let + wantCurl = withRemote || withImportd; + + version = "247.6"; +in +stdenv.mkDerivation { + inherit version pname; + + # We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly + # This has proven to be less error-prone than the previous systemd fork. src = fetchFromGitHub { owner = "systemd"; repo = "systemd-stable"; - rev = "1e6233ed07f7af08550fffa7a885cac1ac67a2c3"; - sha256 = "1hd5kc3mm7mg4i7hhi82wg4cpg4fpi2k6hzjq9sv07pkn2lw390w"; + rev = "v${version}"; + sha256 = "sha256-7XYEq3Qw25suwjbtPzx9lVPHUu9ZY/1bADXl2wQbkJc="; }; + # If these need to be regenerated, `git am path/to/00*.patch` them into a + # systemd worktree, rebase to the more recent systemd version, and export the + # patches again via `git -c format.signoff=false format-patch v${version}`. + # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch ./0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -57,13 +143,27 @@ in stdenv.mkDerivation { ./0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch ./0010-localectl-use-etc-X11-xkb-for-list-x11.patch ./0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch - ./0012-Install-default-configuration-into-out-share-factory.patch - ./0013-inherit-systemd-environment-when-calling-generators.patch - ./0014-add-rootprefix-to-lookup-dir-paths.patch - ./0015-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch - ./0016-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch - ./0017-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch - ./0018-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch + ./0012-inherit-systemd-environment-when-calling-generators.patch + ./0013-add-rootprefix-to-lookup-dir-paths.patch + ./0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch + ./0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch + ./0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch + ./0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch + ./0018-logind-seat-debus-show-CanMultiSession-again.patch + ./0019-pkg-config-derive-prefix-from-prefix.patch + + # Fix -Werror=format. + (fetchpatch { + url = "https://github.com/systemd/systemd/commit/ab1aa6368a883bce88e3162fee2bea14aacedf23.patch"; + sha256 = "1b280l5jrjsg8qhsang199mpqjhkpix4c8bm3blknjnq9iv43add"; + }) + + # Fix CVE-2021-33910, disclosed 2021-07-20 + (fetchpatch { + name = "CVE-2021-33910.patch"; + url = "https://github.com/systemd/systemd/commit/441e0115646d54f080e5c3bb0ba477c892861ab9.patch"; + sha256 = "1g1lk95igaadg67kah9bpi4zsc01rg398sd1247ghjsvl5hxn4v4"; + }) ]; postPatch = '' @@ -75,29 +175,148 @@ in stdenv.mkDerivation { --replace \ "find_program('objcopy'" \ "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" + '' + ( + let + # The folllowing dlopen patches ensure that all the features that are + # implemented via dlopen(3) are available (or explicitly deactivated) by + # pointing dlopen to the absolute store path instead of relying on the + # linkers runtime lookup code. + # + # All of the dlopen calls have to be handled. When new ones are introduced + # by upstream (or one of our patches) they must be explicitly declared, + # otherwise the build will fail. + # + # As of systemd version 247 we've seen a few errors like `libpcre2.… not + # found` when using e.g. --grep with journalctl. Those errors should + # become less unexpected now. + # + # There are generally two classes of dlopen(3) calls. Those that we want to + # support and those that should be deactivated / unsupported. This change + # enforces that we handle all dlopen calls explicitly. Meaning: There is + # not a single dlopen call in the source code tree that we did not + # explicitly handle. + # + # In order to do this we introduced a list of attributes that maps from + # shared object name to the package that contains them. The package can be + # null meaning the reference should be nuked and the shared object will + # never be loadable during runtime (because it points at an invalid store + # path location). + # + # To get a list of dynamically loaded libraries issue something like + # `grep -ri 'dlopen("lib' $src` and update the below list. + dlopenLibs = [ + # We did never provide support for libxkbcommon & qrencode + { name = "libxkbcommon.so.0"; pkg = null; } + { name = "libqrencode.so.4"; pkg = null; } + + # We did not provide libpwquality before so it is safe to disable it for + # now. + { name = "libpwquality.so.1"; pkg = null; } + + # Only include cryptsetup if it is enabled. We might not be able to + # provide it during "bootstrap" in e.g. the minimal systemd build as + # cryptsetup has udev (aka systemd) in it's dependencies. + { name = "libcryptsetup.so.12"; pkg = if withCryptsetup then cryptsetup else null; } + + # We are using libidn2 so we only provide that and ignore the others. + # Systemd does this decision during configure time and uses ifdef's to + # enable specific branches. We can safely ignore (nuke) the libidn "v1" + # libraries. + { name = "libidn2.so.0"; pkg = libidn2; } + { name = "libidn.so.12"; pkg = null; } + { name = "libidn.so.11"; pkg = null; } + + # journalctl --grep requires libpcre so lets provide it + { name = "libpcre2-8.so.0"; pkg = pcre2; } + ]; + + patchDlOpen = dl: + let + library = "${lib.makeLibraryPath [ dl.pkg ]}/${dl.name}"; + in + if dl.pkg == null then '' + # remove the dependency on the library by replacing it with an invalid path + for file in $(grep -lr 'dlopen("${dl.name}"' src); do + echo "patching dlopen(\"${dl.name}\", …) in $file to an invalid store path ("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}")…" + substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}"' + done + '' else '' + # ensure that the library we provide actually exists + if ! [ -e ${library} ]; then + echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' + exit 1 + fi + # make the path to the dependency explicit + for file in $(grep -lr 'dlopen("${dl.name}"' src); do + echo "patching dlopen(\"${dl.name}\", …) in $file to ${library}…" + substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("${library}"' + done + ''; + in + # patch all the dlopen calls to contain absolute paths to the libraries + lib.concatMapStringsSep "\n" patchDlOpen dlopenLibs + ) + # finally ensure that there are no left-over dlopen calls that we didn't handle + + '' + if grep -qr 'dlopen("[^/]' src; then + echo "Found unhandled dlopen calls: " + grep -r 'dlopen("[^/]' src + exit 1 + fi ''; - outputs = [ "out" "lib" "man" "dev" ]; + outputs = [ "out" "man" "dev" ]; nativeBuildInputs = - [ pkgconfig intltool gperf libxslt gettext docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 - ninja meson + [ + pkg-config + gperf + ninja + meson coreutils # meson calls date, stat etc. glibcLocales - patchelf getent m4 - perl # to patch the libsystemd.so and remove dependencies on aarch64 - - (buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ])) + patchelf + getent + m4 + + intltool + gettext + + libxslt + docbook_xsl + docbook_xml_dtd_42 + docbook_xml_dtd_45 + (buildPackages.python3Packages.python.withPackages (ps: with ps; [ python3Packages.lxml ])) ]; + buildInputs = - [ linuxHeaders libcap curl.dev kmod xz pam acl - cryptsetup libuuid glib libgcrypt libgpgerror libidn2 - pcre2 ] ++ - stdenv.lib.optional withKexectools kexectools ++ - stdenv.lib.optional withLibseccomp libseccomp ++ - [ libffi audit lz4 bzip2 libapparmor - iptables gnu-efi - ] ++ stdenv.lib.optional withSelinux libselinux; + [ + acl + audit + glib + kmod + libcap + libgcrypt + libidn2 + libuuid + linuxHeaders + pam + ] + + ++ lib.optional withApparmor libapparmor + ++ lib.optional wantCurl (lib.getDev curl) + ++ lib.optionals withCompression [ bzip2 lz4 xz ] + ++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev) + ++ lib.optional withEfi gnu-efi + ++ lib.optional withKexectools kexectools + ++ lib.optional withLibseccomp libseccomp + ++ lib.optional withNetworkd iptables + ++ lib.optional withPCRE2 pcre2 + ++ lib.optional withResolved libgpgerror + ++ lib.optional withSelinux libselinux + ++ lib.optional withRemote libmicrohttpd + ++ lib.optionals withHomed [ p11-kit libfido2 ] + ; #dontAddPrefix = true; @@ -107,36 +326,47 @@ in stdenv.mkDerivation { "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" "-Dpamconfdir=${placeholder "out"}/etc/pam.d" "-Drootprefix=${placeholder "out"}" - "-Drootlibdir=${placeholder "lib"}/lib" "-Dpkgconfiglibdir=${placeholder "dev"}/lib/pkgconfig" "-Dpkgconfigdatadir=${placeholder "dev"}/share/pkgconfig" "-Dloadkeys-path=${kbd}/bin/loadkeys" "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" + "-Dglib=${lib.boolToString (glib != null)}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" - "-Dimportd=true" - "-Dlz4=true" - "-Dhomed=false" - "-Dhostnamed=true" - "-Dnetworkd=true" - "-Dportabled=false" - "-Dremote=false" + "-Danalyze=${lib.boolToString withAnalyze}" + "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dimportd=${lib.boolToString withImportd}" + "-Dlz4=${lib.boolToString withCompression}" + "-Dhomed=${lib.boolToString withHomed}" + "-Dlogind=${lib.boolToString withLogind}" + "-Dlocaled=${lib.boolToString withLocaled}" + "-Dhostnamed=${lib.boolToString withHostnamed}" + "-Dmachined=${lib.boolToString withMachined}" + "-Dnetworkd=${lib.boolToString withNetworkd}" + "-Doomd=${lib.boolToString withOomd}" + "-Dpolkit=${lib.boolToString withPolkit}" + "-Dcryptsetup=${lib.boolToString withCryptsetup}" + "-Dportabled=${lib.boolToString withPortabled}" + "-Dhwdb=${lib.boolToString withHwdb}" + "-Dremote=${lib.boolToString withRemote}" "-Dsysusers=false" - "-Dtimedated=true" - "-Dtimesyncd=true" + "-Dtimedated=${lib.boolToString withTimedated}" + "-Dtimesyncd=${lib.boolToString withTimesyncd}" + "-Duserdb=${lib.boolToString withUserDb}" + "-Dcoredump=${lib.boolToString withCoredump}" "-Dfirstboot=false" - "-Dlocaled=true" - "-Dresolve=true" + "-Dresolve=${lib.boolToString withResolved}" "-Dsplit-usr=false" - "-Dlibcurl=true" + "-Dlibcurl=${lib.boolToString wantCurl}" "-Dlibidn=false" "-Dlibidn2=true" "-Dquotacheck=false" "-Dldconfig=false" "-Dsmack=true" "-Db_pie=true" + "-Dinstall-sysconfdir=false" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -151,26 +381,36 @@ in stdenv.mkDerivation { "-Dsystem-gid-max=999" # "-Dtime-epoch=1" - (if !stdenv.hostPlatform.isEfi then "-Dgnu-efi=false" else "-Dgnu-efi=true") - "-Defi-libdir=${toString gnu-efi}/lib" - "-Defi-includedir=${toString gnu-efi}/include/efi" - "-Defi-ldsdir=${toString gnu-efi}/lib" - "-Dsysvinit-path=" "-Dsysvrcnd-path=" "-Dkill-path=${coreutils}/bin/kill" "-Dkmod-path=${kmod}/bin/kmod" - "-Dsulogin-path=${utillinux}/bin/sulogin" - "-Dmount-path=${utillinux}/bin/mount" - "-Dumount-path=${utillinux}/bin/umount" + "-Dsulogin-path=${util-linux}/bin/sulogin" + "-Dmount-path=${util-linux}/bin/mount" + "-Dumount-path=${util-linux}/bin/umount" "-Dcreate-log-dirs=false" - # Upstream uses cgroupsv2 by default. To support docker and other - # container managers we still need v1. - "-Ddefault-hierarchy=hybrid" + + # Use cgroupsv2. This is already the upstream default, but better be explicit. + "-Ddefault-hierarchy=unified" # Upstream defaulted to disable manpages since they optimize for the much # more frequent development builds "-Dman=true" + + "-Defi=${lib.boolToString withEfi}" + "-Dgnu-efi=${lib.boolToString withEfi}" + ] ++ lib.optionals withEfi [ + "-Defi-libdir=${toString gnu-efi}/lib" + "-Defi-includedir=${toString gnu-efi}/include/efi" + "-Defi-ldsdir=${toString gnu-efi}/lib" + ] ++ lib.optionals (withShellCompletions == false) [ + "-Dbashcompletiondir=no" + "-Dzshcompletiondir=no" + ] ++ lib.optionals (!withNss) [ + "-Dnss-myhostname=false" + "-Dnss-mymachines=false" + "-Dnss-resolve=false" + "-Dnss-systemd=false" ]; preConfigure = '' @@ -182,13 +422,13 @@ in stdenv.mkDerivation { src/core/mount.c \ src/core/swap.c \ src/cryptsetup/cryptsetup-generator.c \ - src/fsck/fsck.c \ src/journal/cat.c \ src/nspawn/nspawn.c \ src/remount-fs/remount-fs.c \ src/shared/generator.c \ src/shutdown/shutdown.c \ units/emergency.service.in \ + units/modprobe@.service \ units/rescue.service.in \ units/systemd-logind.service.in \ units/systemd-nspawn@.service.in; \ @@ -196,26 +436,24 @@ in stdenv.mkDerivation { test -e $i substituteInPlace $i \ --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin utillinux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin utillinux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin utillinux}/sbin/swapoff \ - --replace /sbin/mke2fs ${lib.getBin e2fsprogs}/sbin/mke2fs \ - --replace /sbin/fsck ${lib.getBin utillinux}/sbin/fsck \ + --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ + --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ + --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ --replace /bin/echo ${coreutils}/bin/echo \ --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin utillinux}/sbin/sulogin \ + --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency done - for dir in tools src/resolve test src/test; do + for dir in tools src/resolve test src/test src/shared; do patchShebangs $dir done # absolute paths to gpg & tar substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg-minimal}/bin/gpg"' + --replace '"gpg"' '"${gnupg}/bin/gpg"' for file in src/import/{{export,import,pull}-tar,import-common}.c; do substituteInPlace $file \ --replace '"tar"' '"${gnutar}/bin/tar"' @@ -237,14 +475,17 @@ in stdenv.mkDerivation { NIX_CFLAGS_COMPILE = toString [ # Can't say ${polkit.bin}/bin/pkttyagent here because that would # lead to a cyclic dependency. - "-UPOLKIT_AGENT_BINARY_PATH" "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\"" + "-UPOLKIT_AGENT_BINARY_PATH" + "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\"" # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENT_PATH" + "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" - "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" + "-USYSTEMD_BINARY_PATH" + "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" ]; doCheck = false; # fails a bunch of tests @@ -276,36 +517,8 @@ in stdenv.mkDerivation { # "kernel-install" shouldn't be used on NixOS. find $out -name "*kernel-install*" -exec rm {} \; - - # Keep only libudev and libsystemd in the lib output. - mkdir -p $out/lib - mv $lib/lib/security $lib/lib/libnss* $out/lib/ - ''; # */ - - enableParallelBuilding = true; - - # On aarch64 we "leak" a reference to $out/lib/systemd/catalog in the lib - # output. The result of that is a dependency cycle between $out and $lib. - # Thus nix (rightfully) marks the build as failed. That reference originates - # from an array of strings (catalog_file_dirs) in systemd - # (src/src/journal/catalog.{c,h}). The only consumer (as of v242) of the - # symbol is the main function of journalctl. Still libsystemd.so contains - # the VALUE but not the symbol. Systemd seems to be properly using function - # & data sections together with the linker flags to garbage collect unused - # sections (-Wl,--gc-sections). For unknown reasons those flags do not - # eliminate the unused string constants, in this case on aarch64-linux. The - # hacky way is to just remove the reference after we finished compiling. - # Since it can not be used (there is no symbol to actually refer to it) there - # should not be any harm. It is a bit odd and I really do not like starting - # these kind of hacks but there doesn't seem to be a straight forward way at - # this point in time. - # The reference will be replaced by the same reference the usual nukeRefs - # tooling uses. The standard tooling can not / should not be uesd since it - # is a bit too excessive and could potentially do us some (more) harm. - postFixup = '' - nukedRef=$(echo $out | sed -e "s,$NIX_STORE/[^-]*-\(.*\),$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-\1,") - cat $lib/lib/libsystemd.so | perl -pe "s|$out/lib/systemd/catalog|$nukedRef/lib/systemd/catalog|" > $lib/lib/libsystemd.so.tmp - mv $lib/lib/libsystemd.so.tmp $(readlink -f $lib/lib/libsystemd.so) + '' + lib.optionalString (!withDocumentation) '' + rm -rf $out/share/doc ''; # The interface version prevents NixOS from switching to an @@ -316,12 +529,12 @@ in stdenv.mkDerivation { # runtime; otherwise we can't and we need to reboot. passthru.interfaceVersion = 2; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://www.freedesktop.org/wiki/Software/systemd/"; description = "A system and service manager for Linux"; license = licenses.lgpl21Plus; platforms = platforms.linux; priority = 10; - maintainers = with maintainers; [ andir eelco flokli ]; + maintainers = with maintainers; [ andir eelco flokli kloenk ]; }; } |