-
-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos: make symlinks in /etc
relative (except /etc/static
)
#54980
Conversation
so that the links can be followed if the NixOS installation is not mounted as filesystem root. In particular, this makes /etc/os-release adhere to the standard: https://www.freedesktop.org/software/systemd/man/os-release.html Fixes NixOS#28833.
Looks good to me. Not immediately useful to me as 1) I want read-only /etc with symlinks to mutable stuff and atomic switching — and I have it — and this change is only useful as long as you have |
Pretty sure it's this PR, but after upgrading this morning, I've been getting boot warnings on One such example:
|
@eadwu I'll take a look |
Same warnings here. Basically the check for
Some of this can be fixed but I don't know if there's a great answer for this that doesn't involve manually walking the filesystem or making some assumptions (perhaps enabled by constructing /etc to make this easier?). Well nevermind, I was puttering late at night so maybe there's a good answer here :). But I think this should be fixed soon and carefully. And if this is going to 19.03 resolving these warnings should be a blocker so as to not confuse or mislead users. It looks like |
@dtzWill you were correct. I've spent a few hours trying to make this coversion
isn't same as
and none of it's primitives resolve I tend to reverting this PR, until I can figure out what is the most appropriate way to fix this. :( |
On Fri, 22 Feb 2019 23:41:14 -0800, Danylo Hlynskyi ***@***.***> wrote:
@dtzWill you were correct.
:( I was hoping I'd missed something.
I've spent a few hours trying to make this coversion `/etc/udev/rules.d` -> `../static/udev/rules.d` -> `/etc/static/udev/rules.d`, but failed. Perl explicitly warns that
```
/etc/udev/../static/udev/rules.d
```
isn't same as
```
/etc/static/udev/rules.d
```
and none of it's primitives resolve `..` without taking symlink realpath. And realpath doesn't work, because `/etc/static` is itself tree of symlinks, so `/etc/static` realpath and `/etc/static/udev/rules.d` realpath are different.
I tend to reverting this PR, until I can figure out what is the most appropriate way to fix this. :(
I've reverted it locally for this reason.
If this can't be sorted out perhaps the original goal
re:`/etc/os-release` can just be special-cased?
…
--
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
#54980 (comment) part: text/html
|
This pull request has been mentioned on Nix community. There might be relevant details there: |
@danbst It turns out that checking if the symlink resolves to something inside /etc/static is indeed difficult. I think that you need to perform symlink resolution, just like the kernel does. The algorithm is not trivial to implement, but my rust (and python) versions are in http://github.com/layus/readlinks. Reimplementing this in perl will be error prone. My own implementation is still buggy. |
@layus there is also This has to be solved in some other way. Currently "static" files are checked by being symlink to |
Motivation for this change
Main motivation is to fix extra-container, so it can run declarative NixOS containers on non-NixOS (erikarvstedt/extra-container#1 (comment)).
But seriously, there is a real problem with symlinking stuff currently. Let me show an example. Here's a simple container, where we override NixOS version.
Now let's see, if that works:
Indeed, in second case
/var/lib/containers/custom/etc/os-release
points to/etc/static/os-release
of the host system, not container! This is wrong, but even worse happens on non-NixOS, where there is no/etc/static
on the host - container can be created and started, but can't be rebooted.This builds on top of #35364, however, I am not fixing the original problem (allow
machinectl pull-tar
to run NixOS containers). I'll make a separate PR, which builds on top of this (and #35364) and makes/etc
relative symlink for container tarballs.cc @edolstra
cc @florianjacob as original author
cc @Ekleog @7c6f434c @erikarvstedt as potential interested parties
Things done
This makes symlinks relative in host's
/etc
too. Rebuild-switch is handled correctly, and my machine survives multiple reboots. Also,simple
installer NixOS test passes.sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)