Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Revert "nixos: remove rsync from base install and add explicit path i…
…n nixos-install" This reverts commit 582313b. Removing rsync is actually pointless because nixos-install depends on it. So if it's part of the system closure, we may as well provide it to users. Probably with the next Nix release we can drop the use of rsync and use "nix copy" instead.
- Loading branch information
Showing
3 changed files
with
3 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,6 +34,7 @@ let | |
config.programs.ssh.package | ||
pkgs.perl | ||
pkgs.procps | ||
pkgs.rsync | ||
pkgs.strace | ||
pkgs.su | ||
pkgs.time | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I personally disagree that everything that's installed should necessarily be in the path.
More importantly, I think explicit paths in scripts are better than relying on stuff being installed (nixos-install can also run on non-NixOS systems) and this revert is now causing the ova test failure: http://hydra.nixos.org/build/39960547
I'll leave rsync in nixos/modules/config/system-path.nix since that is your wish but I'll make the paths explicit again to fix test failure if that's ok.
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Btw one argument to remove rsync from path now is so that nobody is surprised when we drop it when
nix copy
comes around.Also fyi 16.09 was forked without rsync.
See partial revert 3f1ceae
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I honestly wish we'd go in the other direction here, and remove things from the global system path replacing them with more precise links in scripts.
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah sorry, I didn't notice that this commit did more than just remove rsync from the system path.
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I put rsync back to to 16.09 as well 5e86b8a. If we remove it (and I would be fine with it), master should go first and we should put it into release notes.
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shall we remove
rsync
from PATH prior to 17.03 branch-off or leave as be?(Like @copumpkin I feel like just because we depend on it somewhere doesn't mean it should be in system PATH)
cc @globin @edolstra @vcunat
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've got no strong opinion on this point. Including it does not prevent anyone from using more precise paths. (There's less push to do so, but I'm not convinced that's bad.)
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@vcunat not saying it prevents it, just that it's a crutch that enables bad habits. If for example your module that is usually enabled (but not always) adds something to
systemPackages
, I, a newbie module writer, might write my module assuming that your package is in scope by default on NixOS. Then someone customizes their configuration a bit, turns off your thing, and it breaks my service. Yes, I'm technically in the wrong for not being more careful about my dependencies, but it's really just a problem with global state in general; it obscures and makes it harder to reason about dependencies.Personally, I'd rather abolish
environment.systemPackages
altogether, because I don't think it follows that just because the system haspostgresql
installed, every user on the system should want its tooling in their$PATH
by default. And given how people write modules, everyone looks at existing modules as inspiration for new ones, and they see that most existing modules add packages tosystemPackages
so assume that's what we need to do, so we get more and more of this behavior over time.Anyway, it really just feels very un-functional. I know we have the power to set up global state like this, but it seems silly for us to rely on it all over the place, especially when it's almost never necessary.
0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As an example,
firewall.enable
defaults totrue
, but we can disable it. It addsiptables
to oursystemPackages
. I just ran a quick search and found this module that assumesiptables
is in scope, thanks tofirewall
settingsystemPackages
. If someone were to runminiupnpd
with a firewall disabled, it would fail. This is obviously just an example; we can fix individual packages that break this way, but I'm more interested in systematic fixes for issues like this, not one-offs.0aa7520
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I think services shouldn't be allowed to just see general
systemPackages
(during runtime); perhaps some other default set.