diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/nixos/modules/system/boot')
16 files changed, 72 insertions, 31 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/grow-partition.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/grow-partition.nix index be70c4ad9c8d..87c981b24cec 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/grow-partition.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/grow-partition.nix @@ -20,8 +20,8 @@ with lib; boot.initrd.extraUtilsCommands = '' copy_bin_and_libs ${pkgs.gawk}/bin/gawk copy_bin_and_libs ${pkgs.gnused}/bin/sed - copy_bin_and_libs ${pkgs.utillinux}/sbin/sfdisk - copy_bin_and_libs ${pkgs.utillinux}/sbin/lsblk + copy_bin_and_libs ${pkgs.util-linux}/sbin/sfdisk + copy_bin_and_libs ${pkgs.util-linux}/sbin/lsblk substitute "${pkgs.cloud-utils.guest}/bin/.growpart-wrapped" "$out/bin/growpart" \ --replace "${pkgs.bash}/bin/sh" "/bin/sh" \ diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-network.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-network.nix index ec794d6eb014..2a7417ed3715 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-network.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-network.nix @@ -32,8 +32,8 @@ let fi if [ -n "$dns" ]; then rm -f /etc/resolv.conf - for i in $dns; do - echo "nameserver $dns" >> /etc/resolv.conf + for server in $dns; do + echo "nameserver $server" >> /etc/resolv.conf done fi fi diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix index f7ef26103709..00ac83a18972 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix @@ -159,9 +159,14 @@ in boot.initrd.extraUtilsCommandsTest = '' # sshd requires a host key to check config, so we pass in the test's + tmpkey="$(mktemp initrd-ssh-testkey.XXXXXXXXXX)" + cp "${../../../tests/initrd-network-ssh/ssh_host_ed25519_key}" "$tmpkey" + # keys from Nix store are world-readable, which sshd doesn't like + chmod 600 "$tmpkey" echo -n ${escapeShellArg sshdConfig} | $out/bin/sshd -t -f /dev/stdin \ - -h ${../../../tests/initrd-network-ssh/ssh_host_ed25519_key} + -h "$tmpkey" + rm "$tmpkey" ''; boot.initrd.network.postCommands = '' diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/kernel.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/kernel.nix index 43871f439f7f..ed7226331d70 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/kernel.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/kernel.nix @@ -227,7 +227,7 @@ in "xhci_pci" "usbhid" "hid_generic" "hid_lenovo" "hid_apple" "hid_roccat" - "hid_logitech_hidpp" "hid_logitech_dj" + "hid_logitech_hidpp" "hid_logitech_dj" "hid_microsoft" ] ++ optionals (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [ # Misc. x86 keyboard stuff. diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix index 20e39628eabb..df5dfaa554bc 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix @@ -66,7 +66,7 @@ let extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels default fsIdentifier efiSupport efiInstallAsRemovable gfxmodeEfi gfxmodeBios gfxpayloadEfi gfxpayloadBios; path = with pkgs; makeBinPath ( - [ coreutils gnused gnugrep findutils diffutils btrfs-progs utillinux mdadm ] + [ coreutils gnused gnugrep findutils diffutils btrfs-progs util-linux mdadm ] ++ optional (cfg.efiSupport && (cfg.version == 2)) efibootmgr ++ optionals cfg.useOSProber [ busybox os-prober ]); font = if cfg.font == null then "" @@ -705,7 +705,7 @@ in let install-grub-pl = pkgs.substituteAll { src = ./install-grub.pl; - inherit (pkgs) utillinux; + utillinux = pkgs.util-linux; btrfsprogs = pkgs.btrfs-progs; }; in pkgs.writeScript "install-grub.sh" ('' @@ -741,7 +741,7 @@ in + "'boot.loader.grub.mirroredBoots' to make the system bootable."; } { - assertion = cfg.efiSupport || all (c: c < 2) (mapAttrsToList (_: c: c) bootDeviceCounters); + assertion = cfg.efiSupport || all (c: c < 2) (mapAttrsToList (n: c: if n == "nodev" then 0 else c) bootDeviceCounters); message = "You cannot have duplicated devices in mirroredBoots"; } { diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/luksroot.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/luksroot.nix index 88190e8200b1..8dd2ea20519a 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/luksroot.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/luksroot.nix @@ -404,7 +404,7 @@ let echo "Please move your mouse to create needed randomness." ''} echo "Waiting for your FIDO2 device..." - fido2luks -i open ${device} ${name} ${fido2.credential} --await-dev ${toString fido2.gracePeriod} --salt string:$passphrase + fido2luks open ${device} ${name} ${fido2.credential} --await-dev ${toString fido2.gracePeriod} --salt string:$passphrase if [ $? -ne 0 ]; then echo "No FIDO2 key found, falling back to normal open procedure" open_normally diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/networkd.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/networkd.nix index 47689b2a4700..3b01bc00bafa 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/networkd.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/networkd.nix @@ -648,11 +648,13 @@ let "RapidCommit" "ForceDHCPv6PDOtherInformation" "PrefixDelegationHint" + "RouteMetric" ]) (assertValueOneOf "UseDNS" boolValues) (assertValueOneOf "UseNTP" boolValues) (assertValueOneOf "RapidCommit" boolValues) (assertValueOneOf "ForceDHCPv6PDOtherInformation" boolValues) + (assertInt "RouteMetric") ]; sectionDHCPServer = checkUnitConfig "DHCPServer" [ diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/pbkdf2-sha512.c b/infra/libkookie/nixpkgs/nixos/modules/system/boot/pbkdf2-sha512.c index b40c383ac023..67e989957ba6 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/pbkdf2-sha512.c +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/pbkdf2-sha512.c @@ -35,4 +35,4 @@ int main(int argc, char** argv) fwrite(key, 1, key_length, stdout); return 0; -}
\ No newline at end of file +} diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/plymouth.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/plymouth.nix index 55e5b07ed615..ddf5ef8a0a6a 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/plymouth.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/plymouth.nix @@ -9,7 +9,7 @@ let cfg = config.boot.plymouth; - nixosBreezePlymouth = pkgs.breeze-plymouth.override { + nixosBreezePlymouth = pkgs.plasma5.breeze-plymouth.override { logoFile = cfg.logo; logoName = "nixos"; osName = "NixOS"; diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/resolved.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/resolved.nix index b024f9cf5ee9..84bc9b78076c 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/resolved.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/resolved.nix @@ -136,7 +136,7 @@ in } ]; - users.users.resolved.group = "systemd-resolve"; + users.users.systemd-resolve.group = "systemd-resolve"; # add resolve to nss hosts database if enabled and nscd enabled # system.nssModules is configured in nixos/modules/system/boot/systemd.nix diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/shutdown.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/shutdown.nix index 11041066e07c..8cda7b3aabe8 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/shutdown.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/shutdown.nix @@ -18,7 +18,7 @@ with lib; serviceConfig = { Type = "oneshot"; - ExecStart = "${pkgs.utillinux}/sbin/hwclock --systohc ${if config.time.hardwareClockInLocalTime then "--localtime" else "--utc"}"; + ExecStart = "${pkgs.util-linux}/sbin/hwclock --systohc ${if config.time.hardwareClockInLocalTime then "--localtime" else "--utc"}"; }; }; diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1-init.sh b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1-init.sh index f7c2940049e5..abc1a0af48a6 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1-init.sh +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1-init.sh @@ -120,7 +120,7 @@ eval "exec $logOutFd>&1 $logErrFd>&2" if test -w /dev/kmsg; then tee -i < /tmp/stage-1-init.log.fifo /proc/self/fd/"$logOutFd" | while read -r line; do if test -n "$line"; then - echo "<7>stage-1-init: $line" > /dev/kmsg + echo "<7>stage-1-init: [$(date)] $line" > /dev/kmsg fi done & else @@ -219,6 +219,9 @@ done @preDeviceCommands@ echo "running udev..." ln -sfn /proc/self/fd /dev/fd +ln -sfn /proc/self/fd/0 /dev/stdin +ln -sfn /proc/self/fd/1 /dev/stdout +ln -sfn /proc/self/fd/2 /dev/stderr mkdir -p /etc/systemd ln -sfn @linkUnits@ /etc/systemd/network mkdir -p /etc/udev @@ -356,6 +359,7 @@ mountFS() { case $options in *x-nixos.autoresize*) if [ "$fsType" = ext2 -o "$fsType" = ext3 -o "$fsType" = ext4 ]; then + modprobe "$fsType" echo "resizing $device..." e2fsck -fp "$device" resize2fs "$device" diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1.nix index 6823e12847c2..0f5787a19210 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-1.nix @@ -107,8 +107,8 @@ let copy_bin_and_libs $BIN done - # Copy some utillinux stuff. - copy_bin_and_libs ${pkgs.utillinux}/sbin/blkid + # Copy some util-linux stuff. + copy_bin_and_libs ${pkgs.util-linux}/sbin/blkid # Copy dmsetup and lvm. copy_bin_and_libs ${getBin pkgs.lvm2}/bin/dmsetup @@ -235,7 +235,7 @@ let --replace scsi_id ${extraUtils}/bin/scsi_id \ --replace cdrom_id ${extraUtils}/bin/cdrom_id \ --replace ${pkgs.coreutils}/bin/basename ${extraUtils}/bin/basename \ - --replace ${pkgs.utillinux}/bin/blkid ${extraUtils}/bin/blkid \ + --replace ${pkgs.util-linux}/bin/blkid ${extraUtils}/bin/blkid \ --replace ${getBin pkgs.lvm2}/bin ${extraUtils}/bin \ --replace ${pkgs.mdadm}/sbin ${extraUtils}/sbin \ --replace ${pkgs.bash}/bin/sh ${extraUtils}/bin/sh \ diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-2.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-2.nix index dd6d83ee0094..94bc34fea0db 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-2.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/stage-2.nix @@ -17,7 +17,7 @@ let inherit (config.system.build) earlyMountScript; path = lib.makeBinPath ([ pkgs.coreutils - pkgs.utillinux + pkgs.util-linux ] ++ lib.optional useHostResolvConf pkgs.openresolv); fsPackagesPath = lib.makeBinPath config.system.fsPackages; postBootCommands = pkgs.writeText "local-cmds" diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd-unit-options.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd-unit-options.nix index 5addc6f9ca44..4154389b2ce5 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd-unit-options.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd-unit-options.nix @@ -210,12 +210,21 @@ in rec { ''; }; + startLimitBurst = mkOption { + type = types.int; + description = '' + Configure unit start rate limiting. Units which are started + more than startLimitBurst times within an interval time + interval are not permitted to start any more. + ''; + }; + startLimitIntervalSec = mkOption { type = types.int; description = '' Configure unit start rate limiting. Units which are started - more than burst times within an interval time interval are - not permitted to start any more. + more than startLimitBurst times within an interval time + interval are not permitted to start any more. ''; }; @@ -245,8 +254,7 @@ in rec { serviceConfig = mkOption { default = {}; example = - { StartLimitInterval = 10; - RestartSec = 5; + { RestartSec = 5; }; type = types.addCheck (types.attrsOf unitOption) checkService; description = '' diff --git a/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd.nix b/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd.nix index 74d6957678f5..cbf9e7b49d36 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/system/boot/systemd.nix @@ -243,6 +243,8 @@ let OnFailure = toString config.onFailure; } // optionalAttrs (options.startLimitIntervalSec.isDefined) { StartLimitIntervalSec = toString config.startLimitIntervalSec; + } // optionalAttrs (options.startLimitBurst.isDefined) { + StartLimitBurst = toString config.startLimitBurst; }; }; }; @@ -548,6 +550,14 @@ in ''; }; + systemd.enableUnifiedCgroupHierarchy = mkOption { + default = true; + type = types.bool; + description = '' + Whether to enable the unified cgroup hierarchy (cgroupsv2). + ''; + }; + systemd.coredump.enable = mkOption { default = true; type = types.bool; @@ -884,14 +894,25 @@ in config = { - warnings = concatLists (mapAttrsToList (name: service: - let - type = service.serviceConfig.Type or ""; - restart = service.serviceConfig.Restart or "no"; - in optional - (type == "oneshot" && (restart == "always" || restart == "on-success")) - "Service '${name}.service' with 'Type=oneshot' cannot have 'Restart=always' or 'Restart=on-success'") - cfg.services); + warnings = concatLists ( + mapAttrsToList + (name: service: + let + type = service.serviceConfig.Type or ""; + restart = service.serviceConfig.Restart or "no"; + hasDeprecated = builtins.hasAttr "StartLimitInterval" service.serviceConfig; + in + concatLists [ + (optional (type == "oneshot" && (restart == "always" || restart == "on-success")) + "Service '${name}.service' with 'Type=oneshot' cannot have 'Restart=always' or 'Restart=on-success'" + ) + (optional hasDeprecated + "Service '${name}.service' uses the attribute 'StartLimitInterval' in the Service section, which is deprecated. See https://github.com/NixOS/nixpkgs/issues/45786." + ) + ] + ) + cfg.services + ); system.build.units = cfg.units; @@ -1165,6 +1186,7 @@ in boot.kernel.sysctl = mkIf (!cfg.coredump.enable) { "kernel.core_pattern" = "core"; }; + boot.kernelParams = optional (!cfg.enableUnifiedCgroupHierarchy) "systemd.unified_cgroup_hierarchy=0"; }; # FIXME: Remove these eventually. |