Commit graph

4411 commits

Author SHA1 Message Date
Eelco Dolstra
4ac619f6e5 Turn on nix.readOnlyStore again 2013-01-24 13:09:31 +01:00
Eelco Dolstra
8e1f243b30 xserver.nix: Check whether Polkit is enabled
Our X session script requires Polkit because it calls systemd-inhibit.
2013-01-24 13:06:32 +01:00
Eelco Dolstra
bd328680ce Revert "Enable nix.readOnlyStore by default"
This reverts commit 683100666d.

Seems somebody (systemd? the kernel?) gets confused at power
events and remounts the filesystem containing /nix/store as
read-only.
2013-01-24 10:28:34 +01:00
Eelco Dolstra
683100666d Enable nix.readOnlyStore by default 2013-01-23 23:41:01 +01:00
Eelco Dolstra
75662a45d6 wpa_supplicant: Remove accidentally committed debug flag 2013-01-23 22:07:40 +01:00
Eelco Dolstra
6580588230 Set $HOME in stage-2
http://hydra.nixos.org/build/3900294
2013-01-23 20:16:33 +01:00
Eelco Dolstra
7a382679e4 Revert 434260c772
There is a bug in unionfs, but it only manifested itself because of
our accidental use of stage-1 libraries in stage-2.
2013-01-23 14:46:54 +01:00
Eelco Dolstra
ef5108f560 Fix registering valid paths in VM tests
Commit 37b56574e2 revealed that the code
to get regInfo from /proc/cmdline was broken.  It only happened to
work because the kernel passes the command line to stage 1 through the
environment, so $regInfo was set anyway.
2013-01-23 14:35:52 +01:00
Eelco Dolstra
37b56574e2 stage-1: Clear environment before calling stage-2
In particular, stage-1's LD_LIBRARY_PATH should not infect stage-2.
Reported by viric.
2013-01-23 11:51:58 +01:00
Eelco Dolstra
314adf9648 nixos-rebuild: Don't rely on $SHELL
Fixes #74.
2013-01-23 11:31:48 +01:00
Rickard Nilsson
4eb2b099e6 Generate share/glib-2.0/schemas/gschemas.compiled in system-path.
This is required to create a gschemas.compiled file with content
from all gschemas. Otherwise, gschemas.compiled will be taken
from a random package, and gsettings programs will not find what
they are looking for. I had to add this to get NetworkManager-applet
to work. You'll also have to add share/glib-2.0 to the pathsToLink
list.

Generating this in the activation script (along with gtk icons
etc), is not the nicest solution. But I have no real idea on
how to modularise it.
2013-01-23 09:10:14 +01:00
Eelco Dolstra
2b8cb59399 Fix the fix of the description of the memtest86 option 2013-01-22 19:25:14 +01:00
Eelco Dolstra
434260c772 Work around a bug in unionfs
Unionfs cannot delete directories that contain open deleted files.
This broke a Nix test.

http://hydra.nixos.org/build/3843354
2013-01-22 18:18:05 +01:00
Eelco Dolstra
ca4f93d3ae stage-1: Don't create a log file in $out 2013-01-22 18:18:05 +01:00
Lluís Batlle i Rossell
64ffca1e06 Fixing the description of memtest86. It's not memtest86+.
Noticed by abogani@freenode
2013-01-22 16:32:51 +01:00
Eelco Dolstra
f30842db06 Git shortrevs are 7 characters 2013-01-22 13:32:05 +01:00
Eelco Dolstra
fc14a31f2c unionfs: Increase the open file limit
The default (1024) is way too low, e.g. to start KDE on the
installation CD.
2013-01-22 13:31:08 +01:00
Eelco Dolstra
4068648563 Blacklist the cirrusfb kernel module 2013-01-22 13:30:45 +01:00
Eelco Dolstra
dd760bac9c Fix help message 2013-01-22 12:52:13 +01:00
Eelco Dolstra
d75fa1fdc1 wpa_supplicant: Use the nl80211 and wext drivers by default
This should make wpa_supplicant work out of the box on newer and older
kernels.
2013-01-22 12:33:41 +01:00
Shea Levy
82fb34f409 Upstart -> systemd 2013-01-21 18:14:09 -05:00
Eelco Dolstra
7ecde297c9 Fix building the manual 2013-01-21 23:49:55 +01:00
Eelco Dolstra
f2c2b7ace9 Don't start emergency mode on EC2 instances
EC2 instances don't have a console, so it's pointless to start
emergency mode if a mount fails.  (This happened to me with an
encrypted filesystem where the key wasn't sent on time using "charon
send-keys".)  Better to cross fingers and continue booting.
2013-01-21 21:01:48 +01:00
Eelco Dolstra
1aaa726e75 Merge remote-tracking branch 'origin/systemd' 2013-01-21 12:45:50 +01:00
Eelco Dolstra
c30b65df4b Set the versionSuffix on tarballs/channel properly 2013-01-19 15:57:10 +01:00
Rickard Nilsson
1440e92ae8 Rename NetworkManager-init service to networkmanager-init 2013-01-17 13:37:54 +01:00
Rickard Nilsson
c6bb091b5b Rewrite NetworkManager job to systemd service 2013-01-17 12:51:52 +01:00
Shea Levy
e89afd7d89 Ignore .version-suffix file created by nixos-rebuild 2013-01-16 10:12:42 -05:00
Eelco Dolstra
6e7b0a0c0e Fix ‘nixos-rebuikd dry-run’ 2013-01-16 16:11:51 +01:00
Eelco Dolstra
e65a49f00f Add missing file 2013-01-16 16:06:50 +01:00
Eelco Dolstra
f290808509 Set some missing types 2013-01-16 15:03:54 +01:00
Eelco Dolstra
b35fe01f02 Set the NixOS version to something useful when building from Git 2013-01-16 14:40:41 +01:00
Eelco Dolstra
ea358b4eae nixos-rebuild: Use ‘[ ... ]’ instead of ‘test’ 2013-01-16 13:21:59 +01:00
Eelco Dolstra
4d983d4955 Rename ‘system.build.systemd’ to ‘systemd.package’
This makes it cheaper to test a new systemd and is more consistent
with other modules.
2013-01-16 13:17:57 +01:00
Eelco Dolstra
ae4e94d9ac Rename ‘boot.systemd’ to ‘systemd’
Suggested by Mathijs Kwik.  ‘boot.systemd’ is a misnomer because
systemd affects more than just booting.  And it saves some typing.
2013-01-16 12:33:18 +01:00
Eelco Dolstra
61f1df279f Remove bogus comment 2013-01-15 17:34:24 +01:00
Eelco Dolstra
0b399d8e49 Revert "Remove obsolete environment variables"
This reverts commit ac8080b83c.
2013-01-15 17:34:01 +01:00
Eelco Dolstra
ac8080b83c Remove obsolete environment variables 2013-01-15 16:53:40 +01:00
Eelco Dolstra
e32dda4c40 Bump the NixOS version number to 0.2
A new init system justifies a new version number!
2013-01-15 14:25:13 +01:00
Evgeny Egorochkin
e201da376e torsocks: make 2 wrappers to torify apps with more and less circuit isolation. 2013-01-15 08:59:02 +02:00
Evgeny Egorochkin
123c73caf6 Torify: restore as an alternative to TorSocks due to lack of compatibility with apps like Kopete. 2013-01-15 07:34:53 +02:00
Evgeny Egorochkin
9437db0d88 Power management: add support for AMD CPUs 2013-01-14 09:07:35 +02:00
Evgeny Egorochkin
0aad75fe70 Tor: improve circuit isolation. By default apps are isolated better, with extra port available for web browsers to keep
performance as it used to be before this commit.
2013-01-14 07:37:13 +02:00
Evgeny Egorochkin
7e82b41220 LuksRoot: fix crypto module list. This one should finally work well. 2013-01-14 06:46:46 +02:00
Evgeny Egorochkin
4e2f9c8679 TOR: replace deprecated option 2013-01-14 06:38:11 +02:00
Evgeny Egorochkin
6ecf2c3a28 LuksRoot: use generic aes module which loads platform-optimized modules automagically. 2013-01-14 05:12:20 +02:00
Evgeny Egorochkin
0f11519d45 LuksRoot: add more modules to load by default and let users add more or override the list. Added every module
mentioned by most popular guides, benchmarks and discussions to make things just work.
2013-01-13 12:44:16 +02:00
Evgeny Egorochkin
8c710b4f23 LuksRoot: mitigate DMA key recovery attacks by default. 2013-01-13 11:04:26 +02:00
Eelco Dolstra
5685ee5446 Add/fix systemd unit descriptions 2013-01-10 13:59:41 +01:00
Eelco Dolstra
3bbbd62cbc Start dhcpcd/wpa_supplicant after systemd-udev-settle
This is necessary to prevent a race.  Udev 197 has a new naming scheme
for network devices, so it will rename (say) eth0 to eno0.  This fails
with "error changing net interface name eth0 to eno1: Device or
resource busy" if another process has opened the interface in the
meantime.
2013-01-10 13:46:34 +01:00