diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml
index 60b4a3bc17b64c..96c41edabd4e5f 100644
--- a/nixos/doc/manual/release-notes/rl-1909.xml
+++ b/nixos/doc/manual/release-notes/rl-1909.xml
@@ -104,6 +104,40 @@
+
+
+ The option
+ was renamed to
+ (capital L). This follows
+
+ upstreams renaming
+ of the setting.
+
+
+
+
+ As of this release the NixOps feature autoLuks is deprecated. It no longer works
+ with our systemd version without manual intervention.
+
+
+ Whenever the usage of the module is detected the evaluation will fail with a message
+ explaining why and how to deal with the situation.
+
+
+ A new knob named nixops.enableDeprecatedAutoLuks
+ has been introduced to disable the eval failure and to acknowledge the notice was received and read.
+ If you plan on using the feature please note that it might break with subsequent updates.
+
+
+ Make sure you set the _netdev option for each of the file systems referring to block
+ devices provided by the autoLuks module. Not doing this might render the system in a
+ state where it doesn't boot anymore.
+
+
+ If you are actively using the autoLuks module please let us know in
+ issue #62211.
+
+
@@ -162,6 +196,20 @@
which is linked to fr-toutesvariantes.{aff,dic}.
-
+
+
+ With the upgrade to systemd version 242 the systemd-timesyncd
+ service is no longer using DynamicUser=yes. In order for the
+ upgrade to work we rely on an activation script to move the state from the old
+ to the new directory. The older directory (prior 19.09) was
+ /var/lib/private/systemd/timesync.
+
+
+ As long as the system.config.stateVersion is below
+ 19.09 the state folder will migrated to its proper location
+ (/var/lib/systemd/timesync), if required.
+
+
+
diff --git a/nixos/modules/misc/nixops-autoluks.nix b/nixos/modules/misc/nixops-autoluks.nix
new file mode 100644
index 00000000000000..2153c6f975ad57
--- /dev/null
+++ b/nixos/modules/misc/nixops-autoluks.nix
@@ -0,0 +1,44 @@
+{ config, options, lib, ... }:
+let
+ path = [ "deployment" "autoLuks" ];
+ hasAutoLuksOption = lib.hasAttrByPath path options;
+ hasAutoLuksConfig = lib.hasAttrByPath path config && (lib.attrByPath path {} config) != {};
+
+ inherit (config.nixops) enableDeprecatedAutoLuks;
+in {
+ options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption "Enable the deprecated NixOps AutoLuks module";
+
+ config = {
+ assertions = [
+ {
+ assertion = if hasAutoLuksConfig then hasAutoLuksConfig && enableDeprecatedAutoLuks else true;
+ message = ''
+ ⚠️ !!! WARNING !!! ⚠️
+
+ NixOps autoLuks is deprecated. The feature was never widely used and the maintenance did outgrow the benefit.
+ If you still want to use the module:
+ a) Please raise your voice in the issue tracking usage of the module:
+ https://github.com/NixOS/nixpkgs/issues/62211
+ b) make sure you set the `_netdev` option for each of the file
+ systems referring to block devices provided by the autoLuks module.
+
+ ⚠️ If you do not set the option your system will not boot anymore! ⚠️
+
+ {
+ fileSystems."/secret" = { options = [ "_netdev" ]; };
+ }
+
+ b) set the option >nixops.enableDeprecatedAutoLuks = true< to remove this error.
+
+
+ For more details read through the following resources:
+ - https://github.com/NixOS/nixops/pull/1156
+ - https://github.com/NixOS/nixpkgs/issues/47550
+ - https://github.com/NixOS/nixpkgs/issues/62211
+ - https://github.com/NixOS/nixpkgs/pull/61321
+ '';
+ }
+ ];
+ };
+
+}
diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix
index c576cf4cb925eb..c9b374b6d7b1ab 100644
--- a/nixos/modules/misc/version.nix
+++ b/nixos/modules/misc/version.nix
@@ -95,6 +95,7 @@ in
PRETTY_NAME="NixOS ${cfg.version} (${cfg.codeName})"
LOGO="nix-snowflake"
HOME_URL="https://nixos.org/"
+ DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html"
SUPPORT_URL="https://nixos.org/nixos/support.html"
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"
'';
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index bc8bcc0cd8f673..9152121d43d2c3 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -84,6 +84,7 @@
./misc/nixpkgs.nix
./misc/passthru.nix
./misc/version.nix
+ ./misc/nixops-autoluks.nix
./programs/adb.nix
./programs/atop.nix
./programs/autojump.nix
diff --git a/nixos/modules/services/hardware/80-net-setup-link.rules b/nixos/modules/services/hardware/80-net-setup-link.rules
deleted file mode 100644
index 18547f170a3f9c..00000000000000
--- a/nixos/modules/services/hardware/80-net-setup-link.rules
+++ /dev/null
@@ -1,13 +0,0 @@
-# Copied from systemd 203.
-ACTION=="remove", GOTO="net_name_slot_end"
-SUBSYSTEM!="net", GOTO="net_name_slot_end"
-NAME!="", GOTO="net_name_slot_end"
-
-IMPORT{cmdline}="net.ifnames"
-ENV{net.ifnames}=="0", GOTO="net_name_slot_end"
-
-NAME=="", ENV{ID_NET_NAME_ONBOARD}!="", NAME="$env{ID_NET_NAME_ONBOARD}"
-NAME=="", ENV{ID_NET_NAME_SLOT}!="", NAME="$env{ID_NET_NAME_SLOT}"
-NAME=="", ENV{ID_NET_NAME_PATH}!="", NAME="$env{ID_NET_NAME_PATH}"
-
-LABEL="net_name_slot_end"
diff --git a/nixos/modules/services/hardware/udev.nix b/nixos/modules/services/hardware/udev.nix
index 0266286aaacf9d..cb2f1e6621ae55 100644
--- a/nixos/modules/services/hardware/udev.nix
+++ b/nixos/modules/services/hardware/udev.nix
@@ -116,10 +116,6 @@ let
exit 1
fi
- ${optionalString config.networking.usePredictableInterfaceNames ''
- cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules
- ''}
-
# If auto-configuration is disabled, then remove
# udev's 80-drivers.rules file, which contains rules for
# automatically calling modprobe.
@@ -282,6 +278,8 @@ in
services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ];
+ boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ];
+
environment.etc =
[ { source = udevRules;
target = "udev/rules.d";
diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix
index 63a6f7fbe09979..14a3832b0dc0b2 100644
--- a/nixos/modules/system/boot/networkd.nix
+++ b/nixos/modules/system/boot/networkd.nix
@@ -203,7 +203,7 @@ let
checkRoute = checkUnitConfig "Route" [
(assertOnlyFields [
- "Gateway" "GatewayOnlink" "Destination" "Source" "Metric"
+ "Gateway" "GatewayOnLink" "Destination" "Source" "Metric"
"IPv6Preference" "Scope" "PreferredSource" "Table" "Protocol" "Type"
"InitialCongestionWindow" "InitialAdvertisedReceiveWindow" "QuickAck"
"MTUBytes"
diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix
index 18ee2ef1b8f53c..8499b700d3eaf7 100644
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@@ -940,7 +940,6 @@ in
# Don't bother with certain units in containers.
systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container";
systemd.services.systemd-random-seed.unitConfig.ConditionVirtualization = "!container";
-
};
# FIXME: Remove these eventually.
@@ -949,5 +948,4 @@ in
(mkRenamedOptionModule [ "boot" "systemd" "targets" ] [ "systemd" "targets" ])
(mkRenamedOptionModule [ "boot" "systemd" "services" ] [ "systemd" "services" ])
];
-
}
diff --git a/nixos/modules/system/boot/timesyncd.nix b/nixos/modules/system/boot/timesyncd.nix
index 8d8bfe5900a982..8282cdd6f3aadf 100644
--- a/nixos/modules/system/boot/timesyncd.nix
+++ b/nixos/modules/system/boot/timesyncd.nix
@@ -40,6 +40,15 @@ with lib;
users.users.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.groups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
+ system.activationScripts.systemd-timesyncd-migration = mkIf (versionOlder config.system.stateVersion "19.09") ''
+ # workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes
+ # - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742
+ # - https://github.com/systemd/systemd/issues/12131
+ if [ -L /var/lib/systemd/timesync ]; then
+ rm /var/lib/systemd/timesync
+ mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync
+ fi
+ '';
};
}
diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix
index 2318bdd1d58263..857aaf1e6e30c7 100644
--- a/nixos/modules/tasks/network-interfaces-systemd.nix
+++ b/nixos/modules/tasks/network-interfaces-systemd.nix
@@ -12,7 +12,7 @@ let
i.ipv4.addresses
++ optionals cfg.enableIPv6 i.ipv6.addresses;
- dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "none";
+ dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "no";
slaves =
concatLists (map (bond: bond.interfaces) (attrValues cfg.bonds))
@@ -59,7 +59,14 @@ in
in {
DHCP = override (dhcpStr cfg.useDHCP);
} // optionalAttrs (gateway != [ ]) {
- gateway = override gateway;
+ routes = override [
+ {
+ routeConfig = {
+ Gateway = gateway;
+ GatewayOnLink = false;
+ };
+ }
+ ];
} // optionalAttrs (domains != [ ]) {
domains = override domains;
};
diff --git a/nixos/modules/testing/test-instrumentation.nix b/nixos/modules/testing/test-instrumentation.nix
index ed4cfa7805e2d5..1a11d9ce7c26bf 100644
--- a/nixos/modules/testing/test-instrumentation.nix
+++ b/nixos/modules/testing/test-instrumentation.nix
@@ -129,9 +129,6 @@ with import ../../lib/qemu-flags.nix { inherit pkgs; };
users.users.root.initialHashedPassword = mkOverride 150 "";
services.xserver.displayManager.job.logToJournal = true;
-
- # set default stateVersion to avoid warnings during eval
- system.stateVersion = mkDefault "18.03";
};
}
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 9bce49c9e30275..ddc253adbd0b93 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -237,6 +237,7 @@ in
syncthing-relay = handleTest ./syncthing-relay.nix {};
systemd = handleTest ./systemd.nix {};
systemd-confinement = handleTest ./systemd-confinement.nix {};
+ systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
pdns-recursor = handleTest ./pdns-recursor.nix {};
taskserver = handleTest ./taskserver.nix {};
telegraf = handleTest ./telegraf.nix {};
diff --git a/nixos/tests/containers-imperative.nix b/nixos/tests/containers-imperative.nix
index 0c101037aa7f16..2e7e4b2f1d69ae 100644
--- a/nixos/tests/containers-imperative.nix
+++ b/nixos/tests/containers-imperative.nix
@@ -35,7 +35,17 @@ import ./make-test.nix ({ pkgs, ...} : {
];
};
- testScript =
+ testScript = let
+ tmpfilesContainerConfig = pkgs.writeText "container-config-tmpfiles" ''
+ {
+ systemd.tmpfiles.rules = [ "d /foo - - - - -" ];
+ systemd.services.foo = {
+ serviceConfig.Type = "oneshot";
+ script = "ls -al /foo";
+ wantedBy = [ "multi-user.target" ];
+ };
+ }
+ ''; in
''
# Make sure we have a NixOS tree (required by ‘nixos-container create’).
$machine->succeed("PAGER=cat nix-env -qa -A nixos.hello >&2");
@@ -93,6 +103,15 @@ import ./make-test.nix ({ pkgs, ...} : {
$machine->succeed("nixos-container stop $id1");
$machine->succeed("nixos-container start $id1");
+ # Ensure tmpfiles are present
+ $machine->log("creating container tmpfiles");
+ $machine->succeed("nixos-container create tmpfiles --config-file ${tmpfilesContainerConfig}");
+ $machine->log("created, starting…");
+ $machine->succeed("nixos-container start tmpfiles");
+ $machine->log("done starting, investigating…");
+ $machine->succeed("echo \$(nixos-container run tmpfiles -- systemctl is-active foo.service) | grep -q active;");
+ $machine->succeed("nixos-container destroy tmpfiles");
+
# Execute commands via the root shell.
$machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/ or die;
diff --git a/nixos/tests/radicale.nix b/nixos/tests/radicale.nix
index bf22fc9291af8b..6079642556407e 100644
--- a/nixos/tests/radicale.nix
+++ b/nixos/tests/radicale.nix
@@ -85,7 +85,7 @@ in
$radicale->succeed('mv /tmp/collections-new/collection-root /tmp/collections');
$radicale->succeed('${switchToConfig "radicale2_verify"} >&2');
$radicale->waitUntilFails('systemctl status radicale');
- my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 5');
+ my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 10');
if ($retcode != 0 || index($logs, 'Verifying storage') == -1) {
die "Radicale 2 didn't verify storage"
}
diff --git a/nixos/tests/systemd-timesyncd.nix b/nixos/tests/systemd-timesyncd.nix
new file mode 100644
index 00000000000000..d12b8eb2bf7eb4
--- /dev/null
+++ b/nixos/tests/systemd-timesyncd.nix
@@ -0,0 +1,52 @@
+# Regression test for systemd-timesync having moved the state directory without
+# upstream providing a migration path. https://github.com/systemd/systemd/issues/12131
+
+import ./make-test.nix (let
+ common = { lib, ... }: {
+ # override the `false` value from the qemu-vm base profile
+ services.timesyncd.enable = lib.mkForce true;
+ };
+ mkVM = conf: { imports = [ conf common ]; };
+in {
+ name = "systemd-timesyncd";
+ nodes = {
+ current = mkVM {};
+ pre1909 = mkVM ({lib, ... }: with lib; {
+ # create the path that should be migrated by our activation script when
+ # upgrading to a newer nixos version
+ system.stateVersion = "19.03";
+ system.activationScripts.simulate-old-timesync-state-dir = mkBefore ''
+ rm -f /var/lib/systemd/timesync
+ mkdir -p /var/lib/systemd /var/lib/private/systemd/timesync
+ ln -s /var/lib/private/systemd/timesync /var/lib/systemd/timesync
+ chown systemd-timesync: /var/lib/private/systemd/timesync
+ '';
+ });
+ };
+
+ testScript = ''
+ startAll;
+ $current->succeed('systemctl status systemd-timesyncd.service');
+ # on a new install with a recent systemd there should not be any
+ # leftovers from the dynamic user mess
+ $current->succeed('test -e /var/lib/systemd/timesync');
+ $current->succeed('test ! -L /var/lib/systemd/timesync');
+
+ # timesyncd should be running on the upgrading system since we fixed the
+ # file bits in the activation script
+ $pre1909->succeed('systemctl status systemd-timesyncd.service');
+
+ # the path should be gone after the migration
+ $pre1909->succeed('test ! -e /var/lib/private/systemd/timesync');
+
+ # and the new path should no longer be a symlink
+ $pre1909->succeed('test -e /var/lib/systemd/timesync');
+ $pre1909->succeed('test ! -L /var/lib/systemd/timesync');
+
+ # after a restart things should still work and not fail in the activation
+ # scripts and cause the boot to fail..
+ $pre1909->shutdown;
+ $pre1909->start;
+ $pre1909->succeed('systemctl status systemd-timesyncd.service');
+ '';
+})
diff --git a/pkgs/os-specific/linux/multipath-tools/default.nix b/pkgs/os-specific/linux/multipath-tools/default.nix
index 14996fd76be539..0e90a08147678d 100644
--- a/pkgs/os-specific/linux/multipath-tools/default.nix
+++ b/pkgs/os-specific/linux/multipath-tools/default.nix
@@ -1,16 +1,17 @@
-{ stdenv, fetchurl, lvm2, libaio, gzip, readline, systemd, liburcu }:
+{ stdenv, fetchurl, pkgconfig, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c }:
stdenv.mkDerivation rec {
name = "multipath-tools-${version}";
- version = "0.6.2";
+ version = "0.8.1";
src = fetchurl {
name = "${name}.tar.gz";
- url = "https://git.opensvc.com/?p=multipath-tools/.git;a=snapshot;h=${version};sf=tgz";
- sha256 = "159hxvbk9kh1qay9x04w0gsqzg0hkl5yghfc1wi9kv2n5pcwbkpm";
+ url = "https://git.opensvc.com/gitweb.cgi?p=multipath-tools/.git;a=snapshot;h=refs/tags/${version};sf=tgz";
+ sha256 = "0669zl4dpai63dl04lf8vpwnpsff6qf19fifxfc4frawnh699k95";
};
postPatch = ''
+ substituteInPlace libmultipath/Makefile --replace /usr/include/libdevmapper.h ${lvm2}/include/libdevmapper.h
sed -i -re '
s,^( *#define +DEFAULT_MULTIPATHDIR\>).*,\1 "'"$out/lib/multipath"'",
' libmultipath/defaults.h
@@ -20,8 +21,8 @@ stdenv.mkDerivation rec {
Makefile.inc
'';
- nativeBuildInputs = [ gzip ];
- buildInputs = [ systemd lvm2 libaio readline liburcu ];
+ nativeBuildInputs = [ gzip pkgconfig perl ];
+ buildInputs = [ systemd lvm2 libaio readline liburcu json_c ];
makeFlags = [
"LIB=lib"
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix
index 84890b5691638f..8aa518ed1d01b8 100644
--- a/pkgs/os-specific/linux/systemd/default.nix
+++ b/pkgs/os-specific/linux/systemd/default.nix
@@ -9,16 +9,14 @@
, patchelf
, getent
, buildPackages
+, perl
, withSelinux ? false, libselinux
, withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp
, withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools
}:
-let
- pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]);
-
-in stdenv.mkDerivation rec {
- version = "239.20190219";
+stdenv.mkDerivation rec {
+ version = "242";
name = "systemd-${version}";
# When updating, use https://github.com/systemd/systemd-stable tree, not the development one!
@@ -27,27 +25,9 @@ in stdenv.mkDerivation rec {
owner = "NixOS";
repo = "systemd";
rev = "nixos-v${version}";
- sha256 = "0aczg25ih2gfjq810x8rw6rnpr6sw1lz6z0lvlyw2qphyih68b4x";
+ sha256 = "0ldyhfxdy4qlgygvpc92wp0qp6p1c9y3rnm77zwbkga48x60d9i8";
};
- prePatch = let
- # Upstream's maintenance branches are still too intrusive:
- # https://github.com/systemd/systemd-stable/tree/v239-stable
- patches-deb = fetchurl {
- # This URL should point to a stable location that does not easily
- # disappear. In the past we were using `mirror://debian` but that
- # eventually causes the files to disappear. While that was a good sign
- # for us to update our patch collection it does break reproducibility.
- name = "systemd-debian-patches.tar.xz";
- url = http://snapshot.debian.org/archive/debian/20190301T035241Z/pool/main/s/systemd/systemd_239-12%7Ebpo9%2B1.debian.tar.xz;
- sha256 = "0v9f62gyfiw5icdrdlcvjcipsqrsm49w6n8bqp9nb8s2ih6rsfhg";
- };
- # Note that we skip debian-specific patches, i.e. ./debian/patches/debian/*
- in ''
- tar xf ${patches-deb}
- patches="$patches $(cat debian/patches/series | grep -v '^debian/' | sed 's|^|debian/patches/|')"
- '';
-
outputs = [ "out" "lib" "man" "dev" ];
nativeBuildInputs =
@@ -56,6 +36,9 @@ in stdenv.mkDerivation rec {
coreutils # meson calls date, stat etc.
glibcLocales
patchelf getent m4
+ perl # to patch the libsystemd.so and remove dependencies on aarch64
+
+ (buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]))
];
buildInputs =
[ linuxHeaders libcap kmod xz pam acl
@@ -65,17 +48,24 @@ in stdenv.mkDerivation rec {
stdenv.lib.optional withLibseccomp libseccomp ++
[ libffi audit lz4 bzip2 libapparmor
iptables gnu-efi
- # This is actually native, but we already pull it from buildPackages
- pythonLxmlEnv
] ++ stdenv.lib.optional withSelinux libselinux;
#dontAddPrefix = true;
mesonFlags = [
+ "-Ddbuspolicydir=${placeholder "out"}/etc/dbus-1/system.d"
+ "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services"
+ "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services"
+ "-Dpamconfdir=${placeholder "out"}/etc/pam.d"
+ "-Drootprefix=${placeholder "out"}"
+ "-Drootlibdir=${placeholder "lib"}/lib"
+ "-Dpkgconfiglibdir=${placeholder "dev"}/lib/pkgconfig"
+ "-Dpkgconfigdatadir=${placeholder "dev"}/share/pkgconfig"
"-Dloadkeys-path=${kbd}/bin/loadkeys"
"-Dsetfont-path=${kbd}/bin/setfont"
"-Dtty-gid=3" # tty in NixOS has gid 3
- # "-Dtests=" # TODO
+ # while we do not run tests we should also not build them. Removes about 600 targets
+ "-Dtests=false"
"-Dlz4=true"
"-Dhostnamed=true"
"-Dnetworkd=true"
@@ -92,6 +82,7 @@ in stdenv.mkDerivation rec {
"-Dquotacheck=false"
"-Dldconfig=false"
"-Dsmack=true"
+ "-Db_pie=true"
"-Dsystem-uid-max=499" #TODO: debug why awking around in /etc/login.defs doesn't work
"-Dsystem-gid-max=499"
# "-Dtime-epoch=1"
@@ -113,19 +104,10 @@ in stdenv.mkDerivation rec {
preConfigure = ''
mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org")
- mesonFlagsArray+=(-Ddbuspolicydir=$out/etc/dbus-1/system.d)
- mesonFlagsArray+=(-Ddbussessionservicedir=$out/share/dbus-1/services)
- mesonFlagsArray+=(-Ddbussystemservicedir=$out/share/dbus-1/system-services)
- mesonFlagsArray+=(-Dpamconfdir=$out/etc/pam.d)
- mesonFlagsArray+=(-Drootprefix=$out)
- mesonFlagsArray+=(-Drootlibdir=$lib/lib)
- mesonFlagsArray+=(-Dpkgconfiglibdir=$dev/lib/pkgconfig)
- mesonFlagsArray+=(-Dpkgconfigdatadir=$dev/share/pkgconfig)
-
export LC_ALL="en_US.UTF-8";
# FIXME: patch this in systemd properly (and send upstream).
# already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount
- for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do
+ for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/shutdown/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do
test -e $i
substituteInPlace $i \
--replace /usr/bin/getent ${getent}/bin/getent \
@@ -139,14 +121,8 @@ in stdenv.mkDerivation rec {
--replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency
done
- for i in tools/xml_helper.py tools/make-directive-index.py tools/make-man-index.py test/sys-script.py; do
- substituteInPlace $i \
- --replace "#!/usr/bin/env python" "#!${pythonLxmlEnv}/bin/python"
- done
-
- for i in src/basic/generate-gperfs.py src/resolve/generate-dns_type-gperf.py src/test/generate-sym-test.py ; do
- substituteInPlace $i \
- --replace "#!/usr/bin/env python" "#!${buildPackages.python3Packages.python}/bin/python"
+ for dir in tools src/resolve test src/test; do
+ patchShebangs $dir
done
substituteInPlace src/journal/catalog.c \
@@ -207,13 +183,37 @@ in stdenv.mkDerivation rec {
enableParallelBuilding = true;
+ # On aarch64 we "leak" a reference to $out/lib/systemd/catalog in the lib
+ # output. The result of that is a dependency cycle between $out and $lib.
+ # Thus nix (rightfully) marks the build as failed. That reference originates
+ # from an array of strings (catalog_file_dirs) in systemd
+ # (src/src/journal/catalog.{c,h}). The only consumer (as of v242) of the
+ # symbol is the main function of journalctl. Still libsystemd.so contains
+ # the VALUE but not the symbol. Systemd seems to be properly using function
+ # & data sections together with the linker flags to garbage collect unused
+ # sections (-Wl,--gc-sections). For unknown reasons those flags do not
+ # eliminate the unused string constants, in this case on aarch64-linux. The
+ # hacky way is to just remove the reference after we finished compiling.
+ # Since it can not be used (there is no symbol to actually refer to it) there
+ # should not be any harm. It is a bit odd and I really do not like starting
+ # these kind of hacks but there doesn't seem to be a straight forward way at
+ # this point in time.
+ # The reference will be replaced by the same reference the usual nukeRefs
+ # tooling uses. The standard tooling can not / should not be uesd since it
+ # is a bit too excessive and could potentially do us some (more) harm.
+ postFixup = ''
+ nukedRef=$(echo $out | sed -e "s,$NIX_STORE/[^-]*-\(.*\),$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-\1,")
+ cat $lib/lib/libsystemd.so | perl -pe "s|$out/lib/systemd/catalog|$nukedRef/lib/systemd/catalog|" > $lib/lib/libsystemd.so.tmp
+ mv $lib/lib/libsystemd.so.tmp $(readlink -f $lib/lib/libsystemd.so)
+ '';
+
# The interface version prevents NixOS from switching to an
# incompatible systemd at runtime. (Switching across reboots is
# fine, of course.) It should be increased whenever systemd changes
# in a backwards-incompatible way. If the interface version of two
# systemd builds is the same, then we can switch between them at
# runtime; otherwise we can't and we need to reboot.
- passthru.interfaceVersion = 2;
+ passthru.interfaceVersion = 3;
meta = with stdenv.lib; {
homepage = http://www.freedesktop.org/wiki/Software/systemd;