Commit graph

1738 commits

Author SHA1 Message Date
Eelco Dolstra
7ab616f659 * Added support for ConsoleKit.
* Let ConsoleKit track the current logins instead of pam_console.
  Udev now takes care of setting the device permissions to the active
  user.  This works much better, since pam_console wouldn't apply
  permissions to new (hot-plugged) devices.  Also, the udev+ConsoleKit
  approach supports user switching.  (We don't have that for X yet,
  but it already works for logins on virtual consoles: if you switch
  between different users on differents VCs with Alt+Fn, the device
  ownership will be changed automatically.)

svn path=/nixos/trunk/; revision=16743
2009-08-17 01:16:38 +00:00
Eelco Dolstra
ac24c7834d * A module for policy-kit (not enabled yet).
svn path=/nixos/trunk/; revision=16738
2009-08-16 21:48:46 +00:00
Eelco Dolstra
7dbf523ddc * dbus: enable support for system services (these are programs that
the bus daemon can start on demand).  ConsoleKit and PolicyKit need
  this.  This requires a setuid wrapper for dbus-daemon-launch-helper,
  as well as a "messagebus" group.

svn path=/nixos/trunk/; revision=16736
2009-08-16 21:46:26 +00:00
Eelco Dolstra
26439de75b * security.setuidPrograms: don't set the default in the "default"
mkOption argument, because then we lose them if somebody sets
  security.setuidPrograms somewhere else.  (Shouldn't "default" be
  merged as well?)

svn path=/nixos/trunk/; revision=16734
2009-08-16 21:11:04 +00:00
Eelco Dolstra
dba1964122 * setuid-wrappers: support setting the mode. For instance, some
programs require that the mode is 4550 so that execution of the
  setuid program can be restricted to members of a group.
* setuid-wrappers: remove a race condition in the creation of the
  wrappers if the ownership or mode was different than root:root and
  4555.
* setuid-wrappers: allow the full path of the wrapped program to be
  specified, rather than looking it up in $PATH.

svn path=/nixos/trunk/; revision=16733
2009-08-16 17:24:59 +00:00
Eelco Dolstra
f31e2718b7 * Print an error if the exec fails.
svn path=/nixos/trunk/; revision=16732
2009-08-16 16:46:00 +00:00
Eelco Dolstra
3b931f7861 * We still need /etc/pam.d/other to keep usermod happy.
svn path=/nixos/trunk/; revision=16731
2009-08-16 15:46:24 +00:00
Eelco Dolstra
2884c9a836 * Style change.
svn path=/nixos/trunk/; revision=16730
2009-08-16 14:54:31 +00:00
Eelco Dolstra
39bffdb34c * Make the generation of /etc/pam.d more declarative. There now is an
option security.pam.services containing the list of PAM services.
  For instance, the SLiM module simply declares:

    security.pam.services = [ { name = "slim"; localLogin = true; } ];

svn path=/nixos/trunk/; revision=16729
2009-08-16 14:49:14 +00:00
Eelco Dolstra
88c505c9e0 * make-etc.sh: fixed the duplicate entry check.
* Inlined make-etc.nix since it's a trivial function.

svn path=/nixos/trunk/; revision=16728
2009-08-16 13:14:33 +00:00
Eelco Dolstra
9493ecc2a4 * Use the hal-info package.
svn path=/nixos/trunk/; revision=16693
2009-08-11 21:16:59 +00:00
Eelco Dolstra
dc093b57dd * Updates to the udev service: support persistant CD-ROM / network
interface names, use udev's own firmware loader, and dropped the
  sndMode option (udev puts all audio devices in the "audio" group, so
  users can be added to that group if necessary).

svn path=/nixos/trunk/; revision=16692
2009-08-11 21:16:15 +00:00
Eelco Dolstra
25dbf1594e * Updates for the new udev and util-linux-ng: fsck is now in
util-linux-ng instead of e2fsprogs, blkid is in util-linux-ng, and
  we need to manually create /dev/.udev prior to starting udevd for
  some reason.

svn path=/nixos/trunk/; revision=16691
2009-08-11 21:12:37 +00:00
Eelco Dolstra
39d1b11ff7 * The mount hack is gone, just use the regular mount from
util-linux-ng and make sure that the needed mount helpers
  (e.g. ntfs3g) are in /var/lib/current-system/sw/sbin.

svn path=/nixos/trunk/; revision=16690
2009-08-11 21:10:33 +00:00
Eelco Dolstra
fd56f110da * Clean up some boot messages.
svn path=/nixos/trunk/; revision=16689
2009-08-11 21:09:25 +00:00
Eelco Dolstra
bed6fd6a61 * `umount -f' causes lots of problems, so don't do it.
svn path=/nixos/trunk/; revision=16688
2009-08-11 21:08:05 +00:00
Eelco Dolstra
bd2fbcf9e5 * Fix the bluetoothd stop condition.
svn path=/nixos/trunk/; revision=16687
2009-08-11 21:06:17 +00:00
Eelco Dolstra
fe329f96ef * Mount the host's /nix/var/nix/db in the guest.
svn path=/nixos/trunk/; revision=16674
2009-08-11 14:28:25 +00:00
Sander van der Burg
e8103aa39d Implemented support for per application configuration files
svn path=/nixos/trunk/; revision=16668
2009-08-11 09:40:31 +00:00
Eelco Dolstra
c21b02d34b * Add some groups required by the latest udev.
svn path=/nixos/trunk/; revision=16667
2009-08-11 09:17:30 +00:00
Eelco Dolstra
f666aa7479 * With "nixos-rebuild build-vm", override the video driver of
the host (since e.g. "nvidia" won't work in the VM).

svn path=/nixos/trunk/; revision=16663
2009-08-11 02:02:01 +00:00
Eelco Dolstra
89ef5c979b * New nixos-rebuild action: "nixos-rebuild build-vm" builds a virtual
machine containing a replica (minus the state) of the system
  configuration.  This is mostly useful for testing configuration
  changes prior to doing an actual "nixos-rebuild switch" (or even
  "nixos-rebuild test").  The VM can be started as follows:

  $ nixos-rebuild build-vm
  $ ./result/bin/run-*-vm

  which starts a KVM/QEMU instance.  Additional QEMU options can be
  passed through the QEMU_OPTS environment variable
  (e.g. QEMU_OPTS="-redir tcp:8080::80" to forward a host port to the
  guest).  The fileSystem attribute of the regular system
  configuration is ignored (using mkOverride), because obviously we
  can't allow the VM to access the host's block devices.  Instead, at
  startup the VM creates an empty disk image in ./<hostname>.qcow2 to
  store the VM's root filesystem.

  Building a VM in this way is efficient because the VM shares its Nix
  store with the host (through a CIFS mount).  However, because the
  Nix store of the host is mounted read-only in the guest, you cannot
  run Nix build actions inside the VM.  Therefore the VM can only be
  reconfigured by re-running "nixos-rebuild build-vm" on the host and
  restarting the VM.

svn path=/nixos/trunk/; revision=16662
2009-08-11 01:35:56 +00:00
Sander van der Burg
ebd2fbd24f Removed mod_jk option, which is obsolete
svn path=/nixos/trunk/; revision=16660
2009-08-10 20:16:33 +00:00
Eelco Dolstra
f003f6d7cd * Fixed the path to the services tree. This should be a NixOS module argument.
svn path=/nixos/trunk/; revision=16658
2009-08-10 20:07:58 +00:00
Eelco Dolstra
167ccdd537 * Move the firmware loader into a separate module.
* services.udev.addFirmware -> hardware.firmware.

svn path=/nixos/trunk/; revision=16657
2009-08-10 19:27:15 +00:00
Eelco Dolstra
b3c0061a91 * services.udev.addUdevPkgs -> services.udev.packages.
* Simplified the udev rules generation: merged nixRules into
  services.udev.extraRules, and handle services.udev.extraRules using
  services.udev.packages.

svn path=/nixos/trunk/; revision=16655
2009-08-10 19:05:20 +00:00
Sander van der Burg
0d35699507 Implemented virtual host support. Now it's possible to assign web applications to virtual host, for example:
{
  ...

  services = {
    tomcat = {
      enable = true;
      virtualHosts = [
        { name = "test1.localhost";
          webapps = [ mypkgs.HelloApp ];
        }
        { name = "test2.localhost";
          webapps = [ mypkgs.ByeApp ];
        }
      ];
    };
  };
}


svn path=/nixos/trunk/; revision=16654
2009-08-10 18:45:18 +00:00
Eelco Dolstra
b4f8f919ab * Clean up the udev module.
svn path=/nixos/trunk/; revision=16653
2009-08-10 18:41:57 +00:00
Eelco Dolstra
2331a5140d * Added a module for the bluetooth daemon.
* Refactored some other modules (dbus, hal).

svn path=/nixos/trunk/; revision=16652
2009-08-10 18:25:09 +00:00
Eelco Dolstra
0ab6be1c81 * Restarting dbus no longer seems to kill the X server.
svn path=/nixos/trunk/; revision=16650
2009-08-10 16:18:51 +00:00
Sander van der Burg
89810914e4 Added virtual host support, which requires some more testing
svn path=/nixos/trunk/; revision=16649
2009-08-10 15:27:25 +00:00
Ludovic Courtès
fe51b0c6c3 bashrc: Source `${bash}/etc/bash_completion' when available.
svn path=/nixos/trunk/; revision=16641
2009-08-10 10:18:33 +00:00
Ludovic Courtès
4c848efc1a bashrc: Remove obsolete aclocal' and rpcgen' hacks.
svn path=/nixos/trunk/; revision=16640
2009-08-10 10:07:30 +00:00
Ludovic Courtès
ac29ad197b stage-1-init: Remove timeout from `fail()'.
Timeouts upon failure can be harmful, e.g., after a file system failure
that needs manual intervention.

svn path=/nixos/trunk/; revision=16637
2009-08-10 09:20:05 +00:00
Sander van der Burg
8c034b988d Added a lot of modifications in order to expression a Tomcat configuration better and to perform more efficient management of various Tomcat components.
With these modifications, a user can configure a tomcat instance with web applications and web services by writing a service, such as:

...

services = {
  tomcat = {
    enable = true;
    webapps = [ mypkgs.HelloWorldWebApplication ];
    axis2 = {
      enable = true;
      services = [ mypkgs.HelloService mypkgs.HelloWorldService ];
    };
  };
};


svn path=/nixos/trunk/; revision=16619
2009-08-09 20:19:07 +00:00
Eelco Dolstra
a9071b3283 svn path=/nixos/branches/modular-nixos/; revision=16592 2009-08-05 14:43:13 +00:00
Eelco Dolstra
02c119a104 * Workaround for hangs on x86_64.
svn path=/nixos/branches/modular-nixos/; revision=16590
2009-08-05 11:43:51 +00:00
Eelco Dolstra
7d3e2b15ef svn path=/nixos/branches/modular-nixos/; revision=16585 2009-08-04 16:09:07 +00:00
Eelco Dolstra
32bb5b2d0f * Bring back the options to enable/disable the Intel firmwares.
svn path=/nixos/branches/modular-nixos/; revision=16574
2009-08-04 08:50:02 +00:00
Michael Raskin
c8705704e1 Add Wacom X11 driver support
svn path=/nixos/branches/modular-nixos/; revision=16569
2009-08-03 19:55:33 +00:00
Eelco Dolstra
383370f782 * Don't create a temporary file in $HOME.
svn path=/nixos/branches/modular-nixos/; revision=16561
2009-08-03 12:44:45 +00:00
Eelco Dolstra
6802a75076 * nixos-rebuild: replaced some environment variables with options
(e.g. --install-grub instead of $NIXOS_INSTALL_GRUB).  Also support
  some nix-build options (e.g. --show-trace and -j).

svn path=/nixos/branches/modular-nixos/; revision=16560
2009-08-03 12:36:15 +00:00
Eelco Dolstra
bc54061cba svn path=/nixos/branches/modular-nixos/; revision=16557 2009-08-03 12:17:23 +00:00
Michael Raskin
137ce0907c Some fixes in on-boot activation
svn path=/nixos/branches/modular-nixos/; revision=16525
2009-07-31 08:32:53 +00:00
Michael Raskin
f05682c84d Give some progress indications during Stage2 boot
svn path=/nixos/branches/modular-nixos/; revision=16523
2009-07-31 04:56:52 +00:00
Michael Raskin
bef1dc8bd5 Update RC kernel for rescue CD: includes some BtrFS fixes
svn path=/nixos/branches/modular-nixos/; revision=16515
2009-07-30 04:20:56 +00:00
Michael Raskin
6aba79bed5 Update child configuration generation
svn path=/nixos/branches/modular-nixos/; revision=16514
2009-07-30 04:20:23 +00:00
Rob Vermaas
9c05dd98dc intel5000 firmware
svn path=/nixos/branches/modular-nixos/; revision=16473
2009-07-27 14:08:14 +00:00
Eelco Dolstra
f0f5434eaa * Add an option to enable the firewall. It should eventually be
enabled by default.

svn path=/nixos/branches/modular-nixos/; revision=16464
2009-07-26 21:27:35 +00:00
Eelco Dolstra
264b49fce7 * A very basic firewall that rejects all incoming connections except
for the ports defined in networking.firewall.allowedTCPPorts.

svn path=/nixos/branches/modular-nixos/; revision=16460
2009-07-24 23:12:52 +00:00