Commit graph

103 commits

Author SHA1 Message Date
Peter Simons
9c74f9a51b modules/programs/ssh.nix: configure AddressFamily properly
Explicitly restrict ssh clients to use of IPv4 addresses if IPv6 support is not enabled.
2012-10-29 17:10:17 +01:00
Eelco Dolstra
224c825a36 Add option ‘users.motd’ for setting a message of the day shown on login
Note that this uses pam_motd.
2012-10-23 09:10:48 -04:00
Peter Simons
6a9b855412 modules/programs/bash: '/run/current-system/sw' is already a part of $NIX_PROFILES 2012-10-16 19:07:19 +02:00
Peter Simons
c7fb0defe6 modules/programs/bash: clean-up variables used in initialization of bash-completion 2012-10-16 18:41:20 +02:00
Peter Simons
4ca0617f4a modules/programs/bash: improve bash completion support
The new configuration.nix option 'environment.enableBashCompletion'
determines whether bash completion is automatically enabled system-wide
for all interactive shells or not. The default setting is 'off'.
2012-10-16 18:23:28 +02:00
Eelco Dolstra
285f587025 Move non-interface specific initialisation to ‘network-setup.service’
The unit ‘network-interface.service’ has been replaced by
‘network-interfaces.target’.
2012-10-11 16:18:48 -04:00
Eelco Dolstra
2cf9bb929b Add a ‘restart’ alias 2012-10-11 16:18:34 -04:00
Eelco Dolstra
1c53b2e299 Don't flush addresses unless necessary
Flushing is bad if the Nix store is on a remote filesystem accessed
over that interface.

http://hydra.nixos.org/build/3184162

Also added a interface option ‘prefixLength’ as a better alternative
to ‘subnetMask’.
2012-10-11 15:36:52 -04:00
Eelco Dolstra
bd1071d02b Remove "wants" dependencies on <interface>.service
Instead it's enough to depend on
sys-subsystem-net-devices-<interface>.device, which in turn has a
"wants" dependency on the service (if any) that creates the interface.
2012-10-10 22:47:50 -04:00
Eelco Dolstra
e02b57df9b Fix the dependencies of the vboxnet0 service 2012-08-20 16:19:57 -04:00
Eelco Dolstra
08f14b33c1 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-08-20 11:27:38 -04:00
Peter Simons
16713db4e2 modules/programs/bash/bashrc.sh: adapt bash completion for version 2.0 of the package 2012-08-20 16:37:14 +02:00
Eelco Dolstra
490ce3a230 PAM: Rename ownDevices to startSession
Logind sessions are more generally useful than for device ownership.
For instances, ssh logins can be put in their own session (and thus
their own cgroup).
2012-08-17 13:48:22 -04:00
Eelco Dolstra
9dce4bd9c5 Provide start/stop/status aliases as a convenience for Upstart users 2012-08-14 17:22:04 -04:00
Florian Friesdorf
7c1c4c757c add setuid wrapper for newgrp 2012-07-26 16:52:38 +02:00
Eelco Dolstra
73532c3855 Global replace /var/run/current-system -> /run/current-system 2012-07-16 11:34:21 -04:00
Eelco Dolstra
7fca8ceaf8 /etc/login.defs: set the mode of new home directories to 700 2012-07-13 10:41:48 -04:00
Eelco Dolstra
593eb83343 * Typo.
svn path=/nixos/trunk/; revision=34369
2012-06-06 15:23:20 +00:00
Eelco Dolstra
f1a99bd914 * Subscribe the root user to the NixOS channel by default.
svn path=/nixos/trunk/; revision=33883
2012-04-22 22:43:57 +00:00
Eelco Dolstra
6abf3c8a97 * Change $NIXPKGS_CONFIG to a better location (/etc/nix instead of
/nix/etc).  Not sure the default profile should be setting this at
  all though.

svn path=/nixos/trunk/; revision=33824
2012-04-18 10:59:57 +00:00
Eelco Dolstra
7ba5881146 * Don't install the "nixpkgs_sys" symlink in ~/.nix-defexpr anymore.
Note that for attribute-based nix-env installations, the NixOS
  channel contains Nixpkgs as its "pkgs" attribute, so

    $ nix-env -iA nixos.pkgs.foo

  will work instead of the old

    $ nix-env -iA nixpkgs_sys.foo
    
* Fix the path to root's channels installed in ~/.nix-defexpr.

svn path=/nixos/trunk/; revision=33823
2012-04-18 10:58:33 +00:00
Eelco Dolstra
a193fe4f1d * Add root's NixOS channel to $NIX_PATH. Will remove
/etc/nixos/{nixos,nixpkgs,services} eventually.

svn path=/nixos/trunk/; revision=33822
2012-04-18 10:34:39 +00:00
Mathijs Kwik
de5b437004 assertions '.msg' doesn't exist => .message
svn path=/nixos/trunk/; revision=33508
2012-04-01 10:54:06 +00:00
Mathijs Kwik
f31fefdfd9 splitted ssh/sshd X11 forwarding logic. Backward compatible change.
You can now set the forwardX11 config option for the ssh client and server separately.

For server, the option means "allow clients to request X11 forwarding".
For client, the option means "request X11 forwarding by default on all connections".

I don't think it made sense to couple them. I might not even run the server on some machines.
Also, I ssh to a lot of machines, and rarely want X11 forwarding. The times I want it,
I use the -X/-Y option, or set it in my ~/.ssh/config.

I also decoupled the 'XAuthLocation' logic from forwardX11.
For my case where ssh client doesn't want forwarding by default, it still wants to set the path for the cases I do need it.

As this flag is the one that pulls in X11 dependencies, I changed the minimal profile and the no-x-libs config to check that instead now.

svn path=/nixos/trunk/; revision=33407
2012-03-25 15:42:05 +00:00
Eelco Dolstra
d12339b282 * Doh.
svn path=/nixos/trunk/; revision=33332
2012-03-21 12:38:11 +00:00
Eelco Dolstra
8884d445b7 * VirtualBox: create a vboxnet0 interface by default.
svn path=/nixos/trunk/; revision=33331
2012-03-21 12:28:14 +00:00
Eelco Dolstra
6f03065dce * Move the setting of $MODULE_DIR to modprobe.nix.
* Add a slash to the end of $MODULE_DIR, as expected by depmod.  (Not
  that running depmod from the command line is all that useful, since
  you can't use it to update the tree in the Nix store.  But at least
  commands like "depmod -n" work now.)  Reported by Kirill Elagin on
  IRC.

svn path=/nixos/trunk/; revision=33312
2012-03-20 22:02:27 +00:00
Eelco Dolstra
010578d8a4 * Restrict VirtualBox to users in the vboxusers group.
The VirtualBox build in Nixpkgs is insecure because it uses the
  "--disable-hardened" flag, which disables some checks in the
  VirtualBox kernel module.  Since getting rid of that flag looks like
  too much work, it's better to ensure that only explicitly permitted
  users have access to VirtualBox.

* Drop the 666 permission on "sonypi" because it's not clear why that
  device should be world-writable.

svn path=/nixos/trunk/; revision=33301
2012-03-20 16:30:43 +00:00
Eelco Dolstra
dde8453a09 * Initialise $LOCALE_ARCHIVE earlier in /etc/profile to prevent the
warning

    -bash: warning: setlocale: LC_TIME: cannot change locale (en_GB.UTF8): No such file or directory

  when $LC_TIME is set in environment.shellInit.

svn path=/nixos/trunk/; revision=33248
2012-03-19 02:53:58 +00:00
Eelco Dolstra
bcbe2dce4c * Don't source /etc/profile in interactive non-login shells, unless it
wasn't sourced in a parent shell (as determined by the environment
  variable __ETC_PROFILE_DONE).  This prevents overriden values of
  environment variables such as $PATH from being clobbered in
  subshells.
* Move all aliases to /etc/bashrc (since those are for interactive
  use).

svn path=/nixos/trunk/; revision=33246
2012-03-19 02:35:17 +00:00
Eelco Dolstra
de6968c163 * Virtualbox: use the right set of kernel packages.
svn path=/nixos/trunk/; revision=32971
2012-03-10 14:34:40 +00:00
Eelco Dolstra
e97817b577 * Atomically replace the /bin/sh symlink; otherwise there is a time
window in which /bin/sh is missing.  This can cause concurrently
  running programs to fail (e.g. Hydra jobs =>
  http://hydra.nixos.org/build/2267831).  You'd think the odds of this
  are very low, but they're not.

svn path=/nixos/trunk/; revision=32901
2012-03-08 16:08:03 +00:00
Eelco Dolstra
e11e9b4ef0 * Provide info's manpage.
svn path=/nixos/trunk/; revision=32774
2012-03-04 16:10:19 +00:00
Eelco Dolstra
29d84af677 * Remove the use of the NIXPKGS and NIXOS environment variables.
Instead use $NIX_PATH.  NIXOS_CONFIG is still supported.

svn path=/nixos/trunk/; revision=32739
2012-03-02 12:38:22 +00:00
Eelco Dolstra
58c6231a20 * Added a module for enabling VirtualBox.
svn path=/nixos/trunk/; revision=32722
2012-03-01 20:10:08 +00:00
Florian Friesdorf
66f82c043e Revert "Revert "add ~/bin to PATH if it exists""
sorry m(

svn path=/nixos/trunk/; revision=31246
2012-01-03 17:29:20 +00:00
Florian Friesdorf
68e9f2e09b Revert "add ~/bin to PATH if it exists"
This reverts commit 73bda7c4575b5664d54340db95fec2fa759b6f28.

svn path=/nixos/trunk/; revision=31243
2012-01-03 17:11:21 +00:00
Florian Friesdorf
7b7976ac01 export NIX_PROFILES and NIX_USER_PROFILE_DIR
svn path=/nixos/trunk/; revision=31242
2012-01-03 17:11:19 +00:00
Florian Friesdorf
b4765401af add ~/bin to PATH if it exists
svn path=/nixos/trunk/; revision=31235
2012-01-03 14:36:05 +00:00
Peter Simons
8eca4db54a /etc/profile: do not add ~/bin to $PATH in system-wide init file
Users who want a user-specific bin directory to override system paths should
configure that in their user-specific ~/.bashrc, not in the system-wide init
file. The global file shouldn't add directories from user homes to $PATH
without knowing whether those actually exist or whether the users even want
them in $PATH. On my system, for example, there is no ~/bin, so I don't want my
$PATH to look for one. Removing an erroneous entry from $PATH is cumbersome,
but adding one is easy, so it feels better to err on the side of caution.

svn path=/nixos/trunk/; revision=31188
2011-12-31 12:56:45 +00:00
Florian Friesdorf
ea121d0ff9 Revert "EMACSLOADPATH in /etc/profile"
svn path=/nixos/trunk/; revision=31187
2011-12-31 06:24:12 +00:00
Florian Friesdorf
a38ca160ec EMACSLOADPATH in /etc/profile
svn path=/nixos/trunk/; revision=31175
2011-12-31 04:14:36 +00:00
Florian Friesdorf
b0fefb876f unset MOZ_PLUGIN_PATH and TERMINFO_DIRS before setting them
svn path=/nixos/trunk/; revision=31174
2011-12-31 04:14:31 +00:00
Florian Friesdorf
221c637356 fix MOZ_PLUGIN_PATH
svn path=/nixos/trunk/; revision=31168
2011-12-31 02:57:45 +00:00
Florian Friesdorf
97ce0b1386 MOZ_PLUGIN_PATH based on NIX_PROFILES
svn path=/nixos/trunk/; revision=31167
2011-12-31 02:05:51 +00:00
Florian Friesdorf
b2eb54ae5a set TERMINFO_DIRS according to NIX_PROFILES
this finally makes rxvt-unicode work without manually linking it's terminfo

svn path=/nixos/trunk/; revision=31145
2011-12-29 19:38:03 +00:00
Florian Friesdorf
eb755d4692 switched all mergeOptionString to pkgs.lib.types.string
pierron recommended the use of types.string over mergeOptionString, as
it is superior but might break things.

For my system the change evaluated to the exactly same.

svn path=/nixos/trunk/; revision=31138
2011-12-29 00:51:35 +00:00
Peter Simons
e4ba69aecf wvdial: don't make wvdial a system package; only root can run it
svn path=/nixos/trunk/; revision=30570
2011-11-25 17:41:47 +00:00
Peter Simons
9de905ee61 modules/programs/wvdial.nix: added support for configuring wvdial
For example, I use the following settings to configure T-Mobile Internet
access on my laptop, which is connected to the cell phone by USB:

 | environment.wvdial.dialerDefaults = ''
 |   Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"
 |   Modem Type = USB Modem
 |   Phone = *99#
 |   ISDN = 0
 |   Username = tm
 |   Password = tm
 |   Modem = /dev/ttyACM0
 |   Baud = 460800
 | '';

svn path=/nixos/trunk/; revision=30489
2011-11-20 10:38:26 +00:00
Peter Simons
432d71f3ed modules/programs/bash: major clean-up and re-factoring of /etc/profile and /etc/bashrc
* Moved bash-specific code from /etc/profile to /etc/bashrc.

 * Moved general Bourne shell code from /etc/bashrc to /etc/profile.

 * Added "include guards" to both files to ensure that they aren't sourced
   multiple times (which would result in lots of redundancy in $PATH, etc.).

 * Both files include each other to make sure that the correct system
   environment is always defined.

 * When the current user has installed the 'bash-completion' package in her
   $HOME/.nix-profile, programmable completion is automatically enabled in
   interactive shells.

 * The /etc/skel/.bashrc we installed has been dropped because it is redundant.

svn path=/nixos/trunk/; revision=29451
2011-09-23 14:21:36 +00:00