Commit graph

358 commits

Author SHA1 Message Date
Florian Klink
a16ebf8561 systemd: drop 001{4,5}-{catalog,hwdb}-don-t-update-on-install.patch
These patches removed logic in the meson install phase invoking
`journalctl --update-catalog` and `systemd-hwdb update`, which would
mutate the running system, and obviously fails in the sandbox.

Upstream also knows this is a bad thing if you're not on the machine you
want to deploy to, so there's logic in there to not execute it when
DESTDIR isn't empty. In our case, it is - as we set --prefix instead for
other reasons, but by just setting DESTIDIR to "/", we can still trigger
these things to be skipped.

The patches removed some context from
0018-Install-default-configuration-into-out-share-factory.patch, which
we need to introduce there to make that patch still apply.
2020-04-17 00:27:29 +02:00
Florian Klink
1ad4accdaf systemd: drop 0027-Start-getty-on-lxc.patch
Since quite some time, systemd starts getty on these consoles
automatically.
2020-04-17 00:27:29 +02:00
Florian Klink
22bb3a6771 systemd: remove local-fs patch and revert of it 2020-04-17 00:27:29 +02:00
Florian Klink
ba770e599c systemd: switch from our own fork to upstream repo + local patches
After patching, this produces exactly the same source code as in our
custom fork, but having the actual patches inlined inside nixpkgs makes
it easier to get rid of them.

In case more complicated rebasing is necessary, maintainers can

 - Clone the upstream systemd/systemd[-stable] repo
 - Checkout the current rev mentioned in src
 - Apply the patches from this folder via `git am 00*.patch`
 - Rebase the repo on top of a new version
 - Export the patch series via `git format-patch $newVersion`
 - Update the patches = [ … ] attribute (if necessary)
2020-04-17 00:27:19 +02:00
Florian Klink
53488b27be systemd: 243.4 -> 243.7
This bumps to the latest state of the systemd 242 stable, published at
https://github.com/systemd/systemd-stable/tree/v243-stable.

Should cover CVE-2020-1712.

Git Log:

f8dd0f2f15 (tag: v243.7, systemd-stable/v243-stable) Revert "Support Plugable UD-PRO8 dock"
1a5428c2ab hibernate-resume-generator: wait "infinitely" for the resume device
eb3148c468 (tag: v243.6) hwdb: update to v245-rc1
f14fa558ae Fix typo in function name
fb21e13e8e polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it
2e504c92d1 sd-bus: introduce API for re-enqueuing incoming messages
4d80c8f158 polkit: use structured initialization
54791aff01 polkit: on async pk requests, re-validate action/details
81532beddc polkit: reuse some common bus message appending code
4441844d58 bus-polkit: rename return error parameter to ret_error
31a1d569db shared: split out polkit stuff from bus-util.c → bus-polkit.c
560eb5babf test: adapt to the new capsh format
275b266bde meson: update efi path detection to gnu-efi-3.0.11
9239154545 presets: "disable" all passive targets by default
a827c41851 shared/sysctl-util: normalize repeated slashes or dots to a single value
fb1bfd6804 dhcp6: do not use T1 and T2 longer than one provided by the lease
ca43a515c6 network: fix implicit type conversion warning by GCC-10
421eca7edf bootspec: parse random-seed-mode line in loader.conf
34e21fc6de sd-boot: fix typo
df7b3a05c9 test: Synchronize journal before reading from it
9326efee71 sd-bus: fix introspection bug in signal parameter names
7bbdc56aaf efi: fix build.
486f8ca365 generator: order growfs for the root fs after systemd-remount-fs
56d442e29d loginctl: use /org/freedesktop/login1/session/auto when "lock-session" is called without argument
6ed1152282 Documentation update for x-systemd.{before,after}
dba3efa34a man: fix typo in systemd.netdev Xfrm example
6f9a8621d8 timesyncd: log louder when we refuse a server due to root distance
0637255d3b resolved: drop DNSSEC root key that is not valid anymore
9a135baa40 journal: don't use startswith() on something that is not a NUL-terminated string
1ff3972a0f test: add test for https://github.com/systemd/systemd/issues/14560
cac79b606b core: make sure StandardInput=file: doesn't get dup'ed to stdout/stderr by default
906ba9a67d pkgconf: add full generator paths
01b93e2c68 tree-wide: we forgot to destroy some bus errors
5c9455657e mount: make checks on perpetual mount units more lax
28c58beca1 core: never allow perpetual units to be masked
d3b044b3e7 typo: "May modify to" -> "May modify"
fd378d3d3c sysctl: downgrade message when we have no permission
db4fbf5c61 Clarify journald.conf MaxLevelStore documentation
c8365f71c0 logind: refuse overriding idle hint on tty sessions
cd91f567b6 cgroup: update only siblings that got realized once
c672dcd212 mount: mark an existing "mounting" unit from /proc/self/mountinfo as "just_mounted"
a592a40564 journalctl: Correctly handle combination of --reverse and --lines (fixes #1596)
0aa144ab1d journalctl: Correctly handle --show-cursor in combination with --until or --since and --reverse
3b803a5e66 core: fix re-realization of cgroup siblings
7549dd40fc core: propagate service state to socket in more load states
af6df343b2 man: describe "symlink" and "systemctl link" explicitly in UNIT FILE LOAD PATH
a3c1ce25a7 core: be more restrictive on the dependency types we allow to be created transiently
2b9ec8384c udev: don't import parent ID_FS_ data on partitions
ecd95c507c man: fix option name
0d4f06156b Support Plugable UD-PRO8 dock
7fba869abd gpt-auto: don't assume XBOOTLDR is vfat
494c281b67 man: fix documentation of IBM VIO device naming
7271fb056a man: slightly extend documentation on difference between ID_NET_NAME_ONBOARD and ID_NET_LABEL_ONBOARD
852ae28e68 boot: fix osrel parser
2613200370 udev: do not use exact match of file permission
46477397c1 network: lower the log-level of harmless message
7163b1fe86 hwdb: ignore keys added in kernel 5.5
92f90837dc systemctl: skip non-existent units in the 'cat' verb
a67227cc99 systemd.exec: document the file system for EnvironmentFile paths
cfb4c0aca5 systemd-analyze: fixed typo in documentation
017fddd998 test-condition: fix group check condition
9d5e3cb774 umount: show correct error message
252f1a5277 Revert "Drop dbus activation stub service"
20bbfac95e man: add section about user manager units
c93ef60212 man: add remote-*.targets to the bootup sequence
55e0f99689 time-util: also use 32bit hack on EOVERFLOW
7afe2ecb02 [man] note which UID ranges will get user journals
a43b67a4c9 [man] fix URL
dedb26a8d6 analyze: badness if neither of RootImage and RootDirectory exists
714c93862a initrd: make udev cleanup service confict trigger and settle too
8932407ae1 man: we support growing xfs too these days
19af11dc07 time-util: deal with systems where userspace has 64bit time_t but kernel does not
c90229d81d [import] fix stdin/stdout pipe behavior in import/export tar/raw
39910328da cryptsetup-generator: unconfuse writing of the device timeout
fc5e6c87a4 shared/install: log syntax error for invalid DefaultInstance=
409c94a407 shared/install: provide a nicer error message for invalid WantedBy=/Required= values
70e8c1978a seccomp: real syscall numbers are >= 0
a0a1977d9a seccomp: more comprehensive protection against libseccomp's __NR_xyz namespace invasion
7f936c60d5 network: set ipv6 mtu after link-up or device mtu change
b59d88cc62 man: fix typo in net-naming-scheme man page
c5e5ac0958 man: fix typos (#14304)
9a2f26564d ipv4ll: do not reset conflict counter on restart
bc9e1ebfdd Fix typo (duplicate "or")
c6cb71b7e7 network: if /sys is rw, then udev should be around
67dcdfd956 nspawn: do not fail if udev is not running
a7938a1bc6 Create parent directories when creating systemd-private subdirs
53aa44f873 network: do not return error but return UINT64_MAX if speed meter is disabled
65abf12674 core: swap priority can be negative
b1cf452ff5 systemctl: enhance message about kexec missing kernel
07a0e5b425 man: use mkswap@ instead of makeswap@
57dc017c6b journald: don't ask for the machine ID if we don't need it
ac392a57c0 journalctl: pager_close() calls fflush(stdout) anyway as first thing
ee7dfadc82 journald: remove unused field
471073f1b5 journalctl: return EOPNOTSUPP if pcre is not enabled
002ededb61 man: drop reference to machined, add one for journald instead
fd3bd4be3b pid1: make TimeoutAbortSec settable for transient units
eb2ef4d664 pid1: fix setting of DefaultTimeoutAbortSec
1d75e29b23 shared/ask-password-api: modify keyctl break value
a16b1ee7e5 cryptsetup: reduce the chance that we will be OOM killed
4836fb010a core: write out correct field name when creating transient service units
3e2c547f6d udevd: don't use monitor after manager_exit()
d42f7d45a8 Revert "udevd: fix crash when workers time out after exit is signal caught"
c9a287eee8 man/systemd.link: Add missing verb *be*
a67a3ae04b man: document all pager variables for systemctl and systemd
3a8fce3f38 core.timer: fix "systemd-analyze dump" and docs syntax inconsistencies wrt OnTimezoneChange=
fdffd284b6 core/service: downgrade "scheduling restart" message to debug
733e7f19d3 travis: add missing closing quote sign
0d7b7817fc systemd-tmpfiles: don't install timer when service isn't installed either
0e7f83cd2b pam_systemd: prolong method call timeout when allocating session
2020-02-24 07:55:09 -08:00
Will Dietz
2fa60a6565
systemd: fix version after update to 243.4 (#76134) 2020-01-06 15:31:38 -06:00
Florian Klink
b33e1a61f1
Merge pull request #76134 from mayflower/systemd-v243.4
Systemd v243.4
2020-01-02 01:41:52 +01:00
Robin Gloster
e5ded57aab
treewide: NIX_CFLAGS_COMPILE -> string 2019-12-31 00:05:53 +01:00
Florian Klink
fef59ca3a8 systemd: v243.3 -> v243.4 2019-12-22 17:35:49 +01:00
Florian Klink
b3d99bf063 systemd: add flokli to maintainers 2019-12-22 17:35:49 +01:00
Andreas Rammhold
d5914d7d68
systemd: v243 -> v243.3 2019-11-24 11:53:28 +01:00
wucke13
29ac226225 systemd: adding support for systemd-importd
Adding `systemd-importd` to the build, so that `machinectl`s `import-.*`
may actually do anything. Currently they fail with

```
Failed to transfer image: The name org.freedesktop.import1 was not provided by any .service files
```
as `systemd-importd` is not built. Also registers the regarding dbus
api and service in the systemd module.
2019-11-02 21:33:18 +01:00
Silvan Mosberger
de357d5781
Merge pull request #65698 from Infinisil/system-users
Increase the system user id range
2019-10-27 10:41:39 +01:00
worldofpeace
64922cfde9 systemd: additional logind fixes
See: https://github.com/NixOS/systemd/pull/33
2019-10-22 09:24:26 +02:00
Silvan Mosberger
23d920c8f0
nixos/users: Increase maximum system uid/gid from 499 to 999
This enlarges the system uid/gid range 6-fold, from 100 to 600 ids. This
is a preventative measure against running out of dynamically allocated
ids for NixOS services with isSystemUser, which should become the
preferred way of allocating uids for non-real users.
2019-10-14 01:59:19 +02:00
Jan Tojnar
e2e3861d6b
Merge branch 'staging-next' into staging 2019-10-12 00:51:55 +02:00
Will Dietz
87b46091bf
systemd: fix /sbin/modprobe usage in logind, nspawn@ service files 2019-10-07 18:39:15 -05:00
Peter Hoeg
0913e30c85 systemd: use pure debug shell
Instead of referencing the impure /bin/sh, use a proper bash from the store.
2019-10-06 00:06:25 +03:00
Vladimír Čunát
192fb9d11b
Merge branch 'staging-next' into staging 2019-09-24 08:15:01 +02:00
Jörg Thalheim
a1d557a1da
Merge pull request #68745 from dtzWill/fix/systemd-unused-lxml
systemd: cleanup unused variable and containing 'let' (NFCI)
2019-09-24 03:43:40 +01:00
Jörg Thalheim
1e8772375e
systemd: add myself as maintainer 2019-09-23 09:43:37 +01:00
Jörg Thalheim
53fb1c512a
systemd: make sysinit.target depend on local-fs.target again
This change was re-introduced when updating to systemd 243.
Also see: https://github.com/NixOS/nixpkgs/pull/67858
2019-09-23 09:43:32 +01:00
Frederik Rietdijk
f81d43b94c Merge staging-next into staging 2019-09-19 17:00:07 +02:00
worldofpeace
41b7323417 systemd: Move D-Bus conf file to share/dbus-1/system.d
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.
2019-09-16 13:59:09 -04:00
Eelco Dolstra
b20a0e49c8
Revert systemd interface version to 2
The new systemd in 19.09 gives an "Access Denied" error when doing
"systemctl daemon-reexec" on an 19.03 system. The fix is to use the
previous systemctl to signal the daemon to re-exec itself. This
ensures that users don't have to reboot when upgrading from NixOS
19.03 to 19.09.
2019-09-16 16:51:19 +02:00
Will Dietz
5f269cd4f9
systemd: cleanup unused variable and containing 'let' (NFCI)
This seems to be inlined directly later, FWIW.
2019-09-13 22:01:48 -05:00
Andreas Rammhold
9c06aae94a
systemd: add myself as maintainer 2019-09-08 17:14:15 +02:00
Andreas Rammhold
d9b1256f93
systemd: 242 -> 243 2019-09-08 17:14:10 +02:00
Frederik Rietdijk
e68505e735 Merge remote-tracking branch 'upstream/gcc8' into staging-next 2019-09-06 23:25:18 +02:00
Vladimír Čunát
b479a21403
Merge #68032: systemd: fix CVE-2019-15718 (staging-next) 2019-09-04 11:03:10 +02:00
Andreas Rammhold
cde7715039 systemd: fix CVE-2019-15718
More details at: https://www.openwall.com/lists/oss-security/2019/09/03/1
2019-09-04 01:05:28 +02:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Nikolay Amiantov
cc9fb5f015 systemd: update revision 2019-08-01 00:55:35 +03:00
Florian Klink
df489f82e1 systemd: apply systemd-stable 242 backports
from https://github.com/NixOS/systemd/pull/29
2019-06-29 16:10:37 +02:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Andreas Rammhold
0f93834c5e
systemd: remove references to $out/lib/systemd/catalog
On aarch64 we "leak" a reference to $out/lib/systemd/catalog in the lib
output. The result of that is a dependency cycle between $out and $lib.
Thus nix (rightfully) marks the build as failed. That reference
originates from an array of strings (catalog_file_dirs) in systemd
(src/src/journal/catalog.{c,h}).  The only consumer (as of v242) of the
symbol is the main function of journalctl.  Still libsystemd.so contains
the VALUE but not the symbol.  Systemd seems to be properly using
function & data sections together with the linker flags to garbage
collect unused sections (-Wl,--gc-sections).  For unknown reasons those
flags do not eliminate the unused string constants, in this case on
aarch64-linux. The hacky way is to just remove the reference after we
finished compiling.  Since it can not be used (there is no symbol to
actually refer to it) there should not be any harm.  It is a bit odd and
I really do not like starting these kind of hacks but there doesn't seem
to be a straight forward way at this point in time.

The reference will be replaced by the same reference the usual nukeRefs
tooling uses.  The standard tooling can not / should not be uesd since
it is a bit too excessive and could potentially do us some (more) harm.
2019-06-03 15:05:22 +02:00
Andreas Rammhold
81f390d2e3
systemd: disable building tests
We are currently not running any tests but building them takes
signitifcant amounts of time since they account to about 40% of all the
compilation targets.
2019-06-03 15:05:21 +02:00
Andreas Rammhold
8c7e588362
systemd: 241.20190221 -> 242 2019-06-03 15:05:11 +02:00
Jörg Thalheim
5b0db07ee1
systemd: 239.20190219 -> 241.20190221 2019-06-03 15:05:09 +02:00
Samuel Dionne-Riel
cc058156bd systemd: Enables systemd-boot for ARM platforms 2019-05-28 19:26:57 -04:00
rnhmjoj
d16a24379a
systemd: lower priority to solve collisions with openresolv 2019-05-08 13:21:04 +02:00
Matthew Bauer
4224b034cc systemd: use lib.getBin for utillinux
it’s almost always a better idea to use getBin instead of .bin.
Otherwise, we could get an evaluation error if utillinux is missing
the bin otuput.
2019-04-20 16:39:12 -04:00
Andreas Rammhold
bb821c65ff
systemd: update debian patches url to snapshots.debian.org
The current approach will fail when enough time has passed. We ideally
want to be reproducible even in a few years of time. So we should pick
the sources of patches wisely as otherwise we can not do that.
2019-03-23 09:52:35 +01:00
Franz Pletz
e94914560b
systemd: 239.20190110 -> 239.20190219
Fix CVE-2019-6454.
2019-02-19 23:22:34 +01:00
Franz Pletz
74a64a8a61
systemd: 239 -> 239.20190110
Fixes CVE-2018-16864 & CVE-2018-16865 (journald stack clash). Fixes #53755.

Also updates the debian patches to fix CVE-2018-15686. Fixes #52250.
2019-01-10 20:54:12 +01:00
Vladimír Čunát
179b8146e6
systemd: apply patches from Debian
There are some security fixes among those.
2018-11-04 11:08:04 +01:00
Vladimír Čunát
587c3774ab
Revert "systemd: 239 -> 239.20181031"
This reverts commit d1de23b8302d02d4699e884533906a3992f370b6.
The changes turned out to be too intrusive, so we'll patch instead.
Discussion: https://github.com/NixOS/systemd/pull/24
2018-11-04 11:08:03 +01:00
Franz Pletz
a7912ecc85
systemd: 239 -> 239.20181031
Fixes CVE-2018-15688 and updates latest upstream stable v239 branch.

See https://github.com/NixOS/systemd/pull/24 for details.

Co-authored-by: Andreas Rammhold <andreas@rammhold.de>
2018-10-31 16:12:00 +01:00
Daiderd Jordan
1383c08f2c
Merge branch 'master' into staging-next 2018-10-01 19:42:07 +02:00
Tuomas Tynkkynen
fe7919f7a1 systemd: Replace meta.available checks
This sort of code breaks config.{allowBroken, allowUnsupportedSystem} =
true by making them do unpredictable things.
2018-09-28 15:01:00 +03:00
Florian Klink
c3cc34f20a systemd: update to fix nspawn containers (#47264)
This fixes nspawn containers with older systemd inside currently failing
to start.

See:
https://github.com/NixOS/systemd/pull/23
https://github.com/systemd/systemd/pull/10104
https://github.com/NixOS/nixpkgs/issues/47253
2018-09-24 10:00:50 +01:00
Vladimír Čunát
2d6179d1e8
Merge branch 'master' into staging
A few trivial conflicts due to *Platforms mass replace.
2018-09-01 17:38:18 +02:00
John Ericson
0828e2d8c3 treewide: Remove usage of remaining redundant platform compatability stuff
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
2018-08-30 17:20:32 -04:00
Uli Baum
03c1f567d5 systemd: don't use options from fstab on remount
Include fix by @aszlig to fix remount with comment/application-specific
fstab options.
2018-08-30 12:53:18 +02:00
Markus Kowalewski
2ba5ac8dda
systemd: add license 2018-08-18 00:32:36 +02:00
Jörg Thalheim
05daf390b3 systemd: 238 -> 239 2018-08-06 11:03:09 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Jan Tojnar
cd1fb3babf
systemd: fix build
meson 0.46 no longer likes receiving both -Dmandir and --mandir. I removed the flags from the expression in favour of those in the meson setup hook. This also fixes manpages which were previously
installed to $man/lib for some reason.
2018-05-22 21:04:40 +02:00
Patrick Hilhorst
61411e57ec
Merge remote-tracking branch 'upstream/master' into gcc8 2018-05-15 21:37:03 +02:00
John Ericson
ee4b56edd3 Merge remote-tracking branch 'upstream/master' into staging 2018-05-11 14:36:08 -04:00
Matthew Bauer
c37b93bd52 treewide: remove lib.meta.enableIfAvailable 2018-05-09 16:21:22 -05:00
Patrick Hilhorst
3a395ccb57
systemd: suppress certain warnings to compile under gcc8 2018-05-09 23:02:37 +02:00
John Ericson
cf06e42d1c Merge remote-tracking branch 'upstream/master' into staging 2018-05-03 16:35:36 -04:00
Matthew Bauer
143978a477 treewide: remove platform assertions
linux: readd assertion
2018-05-03 13:09:20 -05:00
Matthew Justin Bauer
eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions 2018-05-02 15:40:38 -05:00
Will Dietz
919dda7aba
Merge pull request #37814 from dtzWill/update/util-linux-2.32
util-linux: 2.31.1 -> 2.32
2018-04-30 13:21:59 -05:00
Will Dietz
dadf222934 systemd: add pcre2 as build dep for searching in journalctl 2018-04-29 20:24:04 -05:00
Will Dietz
b341529a35 systemd: use upstream patch to fix building with util-linux 2.32
See linked PR.
2018-04-29 16:54:24 -05:00
John Ericson
ba52ae5048 treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile
2018-04-25 15:28:55 -04:00
Jan Malakhovski
7438083a4d tree-wide: disable doCheck and doInstallCheck where it fails (the trivial part) 2018-04-25 04:18:46 +00:00
xeji
0de00d5799 systemd 238: bump revision for upstream bugfixes
fixes #37744, #38341
2018-04-05 17:45:41 +02:00
Shea Levy
05e375d710
Merge remote-tracking branch 'origin/master' into staging 2018-03-28 09:36:47 -04:00
Nikolay Amiantov
0402877344 systemd: disable EFI support on AArch64
It seemingly isn't used by NixOS and currently breaks AArch64 build.
2018-03-28 15:40:50 +03:00
Shea Levy
26e8d58cb5
libseccomp: Disable only on RISC-V if Linux.
The isSeccomputable flag treated Linux without seccomp as just a
normal variant, when it really should be treated as a special case
incurring complexity debt to support.
2018-03-27 08:16:24 -04:00
Shea Levy
cdf9a78a3e
kexectools: Disable only on RISC-V if Linux.
The isKexecable flag treated Linux without kexec as just a normal
variant, when it really should be treated as a special case incurring
complexity debt to support.
2018-03-27 08:15:07 -04:00
xeji
eb828c6831 systemd: add withSelinux option
false by default, so no rebuild
2018-03-27 01:24:46 +02:00
Nikolay Amiantov
6b9771e4a7
systemd: use stable tree
This fixes a bug with changed qemu network interface names and also generally
should be preferred to using a release tag.
2018-03-23 14:43:31 +01:00
Nikolay Amiantov
0ccab4946d systemd: 237 -> 238 2018-03-22 22:37:26 +03:00
Jan Tojnar
1c6f15083b
systemd: remove unneeded rpath fixup 2018-03-22 07:30:59 +01:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
aszlig
88530e02b6
systemd: Update to latest NixOS branch
Updated to the latest version of the nixos-v237 branch, which fixes two
things:

  * Make sure that systemd looks in /etc for configuration files.
    https://github.com/NixOS/systemd/pull/15
  * Fix handling of the x-initrd.mount option.
    https://github.com/NixOS/systemd/pull/16

I've added NixOS VM tests for both to ensure we won't run into
regressions. The newly added systemd test only tests for that and is by
no means exhaustive, but it's a start.

Personally I only wanted to fix the former issue, because that's the one
I've been debugging. After sending in a pull request for our systemd
fork (https://github.com/NixOS/systemd/pull/17) I got a notice from
@Mic92, that he already fixed this and his fix was even better as it's
even suitable for upstream (so we hopefully can drop that patch
someday).

The reason why the second one came in was simply because it has been
merged before the former, but I thought it would be a good idea to have
tests for that as well.

In addition I've removed the sysconfdir=$out/etc entry to make sure the
default (/etc) is used. Installing is still done to $out, because those
directories that were previously into sysconfdir now get into
factoryconfdir.

Quote from commit NixOS/systemd@98067cc806:

  By default systemd should read all its configuration from /etc.
  Therefore we rely on -Dsysconfdir=/etc in meson as default value.
  Unfortunately this would also lead to installation of systemd's own
  configuration files to `/etc` whereas we are limited to /nix/store. To
  counter that this commit introduces two new configuration variables
  `factoryconfdir` and `factorypkgconfdir` to install systemd's own
  configuration into nix store again, while having executables looking
  up files in /etc.

Tested this change against all of the NixOS VM tests we have in
nixos/release.nix. Between this change and its parent no new tests were
failing (although a lot of them were flaky).

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Mic92, @tk-ecotelecom, @edolstra, @fpletz
Fixes: #35415
Fixes: #35268
2018-03-03 10:39:38 +01:00
aszlig
ae7efee4fa
systemd: Reident the expression file
The indenting is a bit weird to follow, especially at the end of the
file (right brace without indent, but the opening brace is indented by
two spaces).

No functional change and I've verified this by building it with this
change and without and both lead to the same store paths.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @fpletz, @edolstra
2018-03-03 01:53:16 +01:00
Shea Levy
a486cb1af6
systemd: Fix references to /usr/bin in cross-compilation 2018-03-01 14:54:41 -05:00
Shea Levy
9d2af8d61c
systemd: Fix cross-compiling 2018-02-26 06:38:42 -05:00
Shea Levy
42c8776571
systemd: Take python3 from buildPackages. 2018-02-25 09:07:14 -05:00
Shea Levy
87270fb306
gnu-efi: Only build on efi-enabled systems 2018-02-24 21:49:31 -05:00
Will Dietz
d3b59f864a define top-level attrs for getent, getconf
Note that currently getent is explicitly taken from "glibc.bin",
regardless of build configuration which this preserves for now.
(on non-musl anyway)
2018-02-13 11:47:16 -06:00
Will Dietz
82dfab87fa systemd: add getent-bin to nativeBuildInputs, meson searches for getent 2018-02-13 09:45:05 -06:00
Will Dietz
8323123e95 systemd: use musl-getent on musl instead of glibc.bin's getent 2018-02-13 09:45:05 -06:00
Franz Pletz
eb862c48dd
systemd: 234 -> 237
Co-Authored-By: Florian Klink <flokli@flokli.de>
Co-Authored-By: Andreas Rammhold <andreas@rammhold.de>
2018-02-13 01:24:24 +01:00
Vladimír Čunát
94cba39aa2
systemd resolved: patch CVE-2017-15908
fix loop on packets with pseudo dns types
https://github.com/NixOS/systemd/pull/14
2017-11-28 20:11:40 +01:00
John Ericson
bac21681a1 systemd: Use some nativeBuildInputs
I erred on the side of caution when changing these.
2017-09-21 15:49:54 -04:00
Robin Gloster
61733ed6cc systemd: use fetchpatch for patch with the correct hash
the fetchurl failed on hydra sometimes
2017-09-03 10:33:27 -04:00
Frederik Rietdijk
91ede67a5a systemd: use fetchurl for patch
because a hash corresponding to fetchurl was provided.
2017-09-02 13:09:58 +02:00
teh
3e50f0ae0e systemd: add patch to fix suspend.target 2017-08-30 21:22:58 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Thomas Tuegel
631f6b3e11
systemd: unset RANLIB
Commit 093cc00cdd sets the RANLIB environment
variable by default, causing `make' to invoke the wrong program.
2017-07-21 15:46:40 -05:00
Thomas Tuegel
aa11af8bbe
systemd: fix broken source hash 2017-07-21 15:46:33 -05:00
Robin Gloster
ae26f291bc
systemd: 233 -> 234 2017-07-16 17:22:45 +02:00
Eelco Dolstra
32e492251b
systemd: Apply fix for CVE-2017-9445 2017-06-28 14:08:05 +02:00
Jörg Thalheim
dfebb66f65
systemd: v232 -> v233
Changelog: https://github.com/systemd/systemd/blob/v233/NEWS

Upgrade was pretty smooth. One notably change is the new hybrid cgroup
mode: https://github.com/systemd/systemd/blob/v233/NEWS#L5 It should
provide better compatibility with docker.
2017-05-30 08:47:09 +01:00
Eelco Dolstra
6ef630a125
systemd: Include https://github.com/NixOS/systemd/pull/8 2017-03-27 15:37:49 +02:00
Robin Gloster
31ff2ac057
systemd: add patch to fix docker
843d5baf6a

"don't use the unified hierarchy for the systemd cgroup yet"

fixes #22472
2017-02-16 23:56:27 +01:00
Robin Gloster
8a0d1bcf8b
systemd: add patches to fix i686 booting 2017-02-02 01:12:55 +01:00
Robin Gloster
972749f1d4
systemd: fix repository url
Left-over from testing, sorry..
2017-01-26 17:57:10 +01:00
Robin Gloster
a38f1911d3
systemd: 231 -> 232
Includes adding some more upstream units and removing obsolete (-.slice) ones.
2017-01-26 17:52:52 +01:00
Eelco Dolstra
8b09ba32d3 systemd: Apply various upstream bug fixes
This includes the fix for the assertion failure in
https://github.com/systemd/systemd/issues/4234.
2016-09-30 11:23:51 +02:00
Eelco Dolstra
78178d5854 systemd: Separate lib output
This moves libsystemd.so and libudev.so into systemd.lib, and gets rid
of libudev (which just contained a copy of libudev.so and the udev
headers). It thus reduces the closure size of all packages that
(indirectly) depend on libsystemd, of which there are quite a few (for
instance, PulseAudio and dbus). For example, it reduces the closure of
Blender from 430.8 to 400.8 MiB.
2016-09-05 19:17:14 +02:00
Franz Pletz
a1c24ab976
systemd: apply patch to fix #18158
See:
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834367
 - https://github.com/systemd/systemd/issues/3842
2016-09-02 23:39:19 +02:00
Robin Gloster
63c7b4f9a7 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-31 20:51:34 +00:00
Eelco Dolstra
51871dfb37 systemd: 230 -> 231 2016-07-28 17:03:55 +02:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Nikolay Amiantov
00e67f0df0 systemd: use plymouth from system path 2016-07-08 15:23:47 +03:00
Nikolay Amiantov
8bbfba48c4 systemd: move hwdb patch to the fork itself 2016-07-08 15:23:47 +03:00
Nikolay Amiantov
1ac6f1fe25 systemd: update fork revision 2016-07-08 15:23:07 +03:00
Franz Pletz
99cc3fa6ca systemd: Disable stackprotector hardening flag 2016-06-14 10:19:05 +00:00
Tuomas Tynkkynen
06c0209d53 systemd: Disable systemd-boot on ARM
Temporary workaround for the EFI stuff not working.
2016-06-02 14:54:44 +03:00
Eelco Dolstra
66d5ca6f42 systemd: Build EFI image 2016-05-31 17:02:33 +02:00
Luca Bruno
663beaa79f Revert "Revert "systemd: 229 -> 230""
This reverts commit 11894782ed.

cc @edolstra, re-reverting. Looks like it's an intended systemd change.
2016-05-27 11:07:29 +02:00
Luca Bruno
11894782ed Revert "systemd: 229 -> 230"
This reverts commit a2f21a54a1.

cc @edolstra the new version does not install many .pc files
like login, journal, daemon, ...
2016-05-27 11:06:21 +02:00
Eelco Dolstra
a2f21a54a1 systemd: 229 -> 230
See https://github.com/systemd/systemd/blob/v230/NEWS for details.

The main incompatible change is that processes are now killed by
default when you exit a session. Thus, for example, using nohup in an
SSH session no longer works. You have to use "loginctl enable-linger"
and "systemd-run --user" to create a process that survives logout.
2016-05-26 16:20:00 +02:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Joachim Fasting
ec2ddf284d
systemd: get linuxHeaders from stdenv
Building against anything other than the headers used to build libc
doesn't really make any sense.
2016-05-13 19:35:09 +02:00
Dan Peebles
8ca190c496 systemd: add iptables dependency
This allows nspawn to do interesting firewall things when setting
up a private network.
2016-05-10 13:57:24 +00:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra
fb589faa08 systemd: 228 -> 229 2016-02-12 14:35:41 +01:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Eelco Dolstra
20b54bd989 Merge pull request #12724 from abbradar/udev-hwdb
udev service: generate hwdb database from all udev packages
2016-02-03 14:24:11 +01:00
Nikolay Amiantov
5404714997 systemd: add a notice to remove makeFlags on update 2016-02-01 20:15:29 +03:00
Austin Seipp
d787c2258b nixpkgs: systemd - add some more dependencies
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-23 17:48:41 +00:00
Vladimír Čunát
f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Rok Garbas
38a6b5fb43 Merge pull request #11683 from rvl/fail2ban
Make fail2ban work again
2015-12-22 01:46:18 +01:00
Eelco Dolstra
b60f0fdcd4 systemd: Apply upstream fix: networkd: link - do not drop config for loopback device 2015-12-18 18:02:16 +01:00
Rodney Lorrimar
2eb8c3e491 systemd: python module split out since v223 2015-12-18 09:44:22 +00:00
aszlig
fb37fc631a
systemd: Apply VirtualBox fix for detect-virt.
The update is basically just one additional commit, which was an
upstream cherry-pick pushed at NixOS/systemd#3 and it fixes
systemd-detect-virt with VirtualBox so that services with
ConditionVirtualization set to "oracle" will work properly.

I've tested this with the "virtualbox" NixOS VM test, which was failing
since the update to version 228.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-13 05:36:10 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Eelco Dolstra
1da87d4062 systemd: Update to 228 2015-12-07 20:25:53 +01:00
Gabriel Ebner
f4c01fc004 systemd: enable timedated, hostnamed, localed. 2015-12-07 20:25:53 +01:00
Luca Bruno
e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
William A. Kennington III
6602f49495 Revert "Revert "Merge pull request #9543 from NixOS/staging.post-15.06""
This reverts commit 741bf840da.

This reverts the fallout from reverting the major changes.
2015-11-14 12:32:51 -08:00
Domen Kožar
505117f3fb Merge branch 'master' into staging 2015-11-11 12:53:36 +01:00
Eelco Dolstra
3e44182487 Merge remote-tracking branch 'origin/systemd-219' into staging 2015-11-04 15:37:28 +01:00
William A. Kennington III
dd2de66d61 Merge branch 'master.upstream' into staging.upstream 2015-10-30 17:16:07 -07:00
Eelco Dolstra
81f6c62004 Merge remote-tracking branch 'origin/master' into systemd-219 2015-10-30 15:47:37 +01:00
Shea Levy
a7157fa2f0 Remove firmware loader fallback.
Systemd dropped support in 207 (would be nice if configure failed with a bad flag),
so all this does is add an annoying delay if firmware can't be found by the kernel
2015-10-30 10:29:56 -04:00
Vladimír Čunát
2490848627 polkit: split dev and bin outputs 2015-10-14 14:32:26 +02:00
Vladimír Čunát
783c40eb68 dbus: split into multiple outputs and fix referrers 2015-10-13 20:19:01 +02:00
Eelco Dolstra
73f0d83858 systemd: Update to 227 2015-10-07 22:01:21 +02:00