nixpkgs-suyu/nixos
Dominique Martinet 45ef5c1741 logrotate: add configuration check at build time
Now the service no longer starts immediately,
check if the config we generated makes sense as soon as possible.

The check isn't perfect because logrotate --debug wants to check
users required, there are two problems:
 - /etc/passwd and /etc/group are sandboxed and we don't have
visibility of system users
 - the check phase runs as nixbld which cannot su to other users
and logrotate fails on this

Until these two problems can be addressed, users-related checks
are filtered out, it's still much better than no check.
The check can be disabled with services.logrotate.checkConfig
if required
(bird also has a preCheck param, to prepare the environment
before check, but we can add it if it becomes necessary)

Since this makes for very verbose builds, we only show errors:
There is no way to control log level, but logrotate hardcodes
'error:' at common log level, so we can use grep, taking care
to keep error codes

Some manual tests:
───────┬──────────────────────────────────────────
       │ File: valid-config.conf
───────┼──────────────────────────────────────────
   1   │ missingok
───────┴──────────────────────────────────────────
logrotate --debug ok
grep ok

───────┬──────────────────────────────────────────
       │ File: postrotate-no-end.conf
───────┼──────────────────────────────────────────
   1   │ missingok
   2   │ /file {
   3   │    postrotate
   4   │      test
   5   │ }
───────┴──────────────────────────────────────────
error: postrotate-no-end.conf:prerotate, postrotate or preremove without endscript

───────┬──────────────────────────────────────────
       │ File: missing-file.conf
───────┼──────────────────────────────────────────
   1   │ "test" { daily }
───────┴──────────────────────────────────────────
error: stat of test failed: No such file or directory

───────┬──────────────────────────────────────────
       │ File: unknown-option.conf
───────┼──────────────────────────────────────────
   1   │ some syntax error
───────┴──────────────────────────────────────────
logrotate --debug ok
error: unknown-option.conf:1 unknown option 'some' -- ignoring line

───────┬──────────────────────────────────────────
       │ File: unknown-user.conf
───────┼──────────────────────────────────────────
   1   │ su notauser notagroup
───────┴──────────────────────────────────────────
error: unknown-user.conf:1 unknown user 'notauser'

In particular note that logrotate would not error on unknown option
(it just ignores the line) but this change makes the check fail.
2022-04-01 07:09:27 +09:00
..
doc nixos/logrotate: convert to freeform 2022-04-01 07:09:26 +09:00
lib nixosTest: Simplify doc by deprecating syntax sugar 2022-03-28 14:11:58 +02:00
maintainers nixos/nix-daemon: use structural settings 2022-01-26 21:04:50 -05:00
modules logrotate: add configuration check at build time 2022-04-01 07:09:27 +09:00
tests logrotate: add configuration check at build time 2022-04-01 07:09:27 +09:00
COPYING
default.nix
README
release-combined.nix nixos/release tested job: drop nano test 2022-03-01 19:28:31 +01:00
release-small.nix nixos/release: disable nfs3.simple 2022-03-03 06:34:59 +10:00
release.nix

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
https://nixos.org/nixos and in the manual in doc/manual.