Commit Graph

142 Commits

Author SHA1 Message Date
Lluís Batlle i Rossell
1adaabef58 Adding an option to luksroot, so it allows to define whether to launch cryptsetup after or before LVM.
To allow dmcrypt over lvm and lvm over dmcrypt.


svn path=/nixos/trunk/; revision=32784
2012-03-04 21:00:35 +00:00
Lluís Batlle i Rossell
79d4b11aeb Making the luks thing of initrd a bit more flexible. I used it to get a
ciphered swap, where I could hibernate ciphered.


svn path=/nixos/trunk/; revision=32754
2012-03-03 16:07:18 +00:00
Eelco Dolstra
ee0769cc42 * If debug2 is passed on the kernel command line, run Upstart with
the --verbose flag to see what it's doing.

svn path=/nixos/trunk/; revision=32747
2012-03-02 16:37:28 +00:00
Eelco Dolstra
f61ad97833 * Run the stage 2 debug shell at a more useful point (just before
starting Upstart).  This also causes $PATH to be set to something
  more sensible.

svn path=/nixos/trunk/; revision=32740
2012-03-02 13:17:05 +00:00
Eelco Dolstra
a218a602d4 * Use openresolv to set the static nameserver configuration. Next
step is to get the DHCP client, OpenVPN etc. to use openresolv as
  well.

svn path=/nixos/trunk/; revision=32411
2012-02-20 00:00:50 +00:00
Florian Friesdorf
eb755d4692 switched all mergeOptionString to pkgs.lib.types.string
pierron recommended the use of types.string over mergeOptionString, as
it is superior but might break things.

For my system the change evaluated to the exactly same.

svn path=/nixos/trunk/; revision=31138
2011-12-29 00:51:35 +00:00
Florian Friesdorf
3ebc7727f7 Revert "test we have cryptsetup-1.4.1 in initrd"
This reverts commit 025f8c40b40fad50086e8761eee61098d8fb2651.

The check was intened for building the initrd of the installer.

svn path=/nixos/trunk/; revision=31137
2011-12-28 22:37:38 +00:00
Florian Friesdorf
0544a008db Revert "added an "error" to luksroot that should be caught"
This reverts commit c7967af35a13f68a8785c142582b639dc8c8e92c.

svn path=/nixos/trunk/; revision=31136
2011-12-28 22:36:26 +00:00
Florian Friesdorf
829bd9a727 added an "error" to luksroot that should be caught
svn path=/nixos/trunk/; revision=31135
2011-12-28 22:21:31 +00:00
Florian Friesdorf
c7fd05a650 test we have cryptsetup-1.4.1 in initrd
svn path=/nixos/trunk/; revision=31132
2011-12-28 21:46:50 +00:00
Florian Friesdorf
c15aa7aea3 luksroot uses preLVMCommands instead of postDeviceCommands
svn path=/nixos/trunk/; revision=31131
2011-12-28 21:46:48 +00:00
Florian Friesdorf
90756a787c add preLVMCommands hook
svn path=/nixos/trunk/; revision=31130
2011-12-28 21:46:45 +00:00
Florian Friesdorf
0a9f3a36ec luksroot waits for usb drive
svn path=/nixos/trunk/; revision=31129
2011-12-28 21:46:42 +00:00
Florian Friesdorf
dd8e725d7d copy only cryptsetup deps to stage-1 and test cryptsetup
popt-0.16 and cryptsetup-1.4.1 both generated pkgconfig (in contrast
to older versions). The pkgconfig files (popt.pc and cryptsetup.pc)
contain references into the store that are not removed by patchelf and
stage-1 fails with errors like: "output is not allowed to refer to
path `/nix/store/qccjhn063cfv171rcaxvxh0yk96zf7l2-cryptsetup-1.4.1'".

Now, only the cryptsetup binaries and its dependencies are copied,
determined by ldd. In addition the cryptsetup binary and lvm are
tested after patchelf has adjusted the library paths.

Thanks to Peter Simons and Eelco Dolstra for giving the rights hints.

svn path=/nixos/trunk/; revision=31128
2011-12-28 21:46:40 +00:00
Florian Friesdorf
d98ecd1d9e enable testing of extraUtilsCommands after patchelf
svn path=/nixos/trunk/; revision=31127
2011-12-28 21:46:35 +00:00
Eelco Dolstra
2ff7b1284a * Handle the util-linux-ng -> util-linux rename
(http://hydra.nixos.org/build/1646277/nixlog/1).

svn path=/nixos/trunk/; revision=30984
2011-12-20 13:36:11 +00:00
Eelco Dolstra
6e95485a28 * Set boot.vesa to false if we don't have a fbcondecor-enabled kernel.
svn path=/nixos/trunk/; revision=30802
2011-12-08 12:25:33 +00:00
Eelco Dolstra
508fea8dac * Remove the cfq_iosched module.
svn path=/nixos/trunk/; revision=30618
2011-11-29 14:19:55 +00:00
Eelco Dolstra
fdc51c2c97 * Disable all fbcondecor-related stuff if boot.vesa is disabled.
svn path=/nixos/trunk/; revision=30343
2011-11-08 19:43:15 +00:00
Eelco Dolstra
fe566d84ae * Remove references to the "safemode" boot option, which doesn't do
anything.

svn path=/nixos/trunk/; revision=30199
2011-11-03 00:46:29 +00:00
Eelco Dolstra
3fd482677e * modprobe wants /etc/modprobe.d now.
svn path=/nixos/trunk/; revision=30164
2011-11-01 15:39:30 +00:00
Peter Simons
20b364f4de Reverting revisions 30103-30106: "always set nixpkgs.config.{state,store}Dir", etc.
After the change from revision 30103, nixos-rebuild suddenly consumed
freaky amounts of memory. I had to abort the process after it had
allocated well in excess of 30GB(!) of RAM. I'm not sure what is causing
this behavior, but undoing that assignment fixes the problem. The other
two commits needed to be revoked, too, because they depend on 30103.

svn path=/nixos/trunk/; revision=30127
2011-10-30 15:19:58 +00:00
Shea Levy
09cf6ce70c find modules | fgrep .nix | fgrep -v .svn | fgrep -v nixpkgs.nix | xargs sed -i -e 's|/nix/var|${config.nixpkgs.config.nix.stateDir}|g' -e 's|/nix/store|${config.nixpkgs.config.nix.storeDir}|g'
Don't assume /nix/store or /nix/var in NixOS modules, this is configurable

svn path=/nixos/trunk/; revision=30104
2011-10-29 21:03:57 +00:00
Eelco Dolstra
926091c265 * Make the permissions on /run less liberal.
svn path=/nixos/trunk/; revision=30065
2011-10-27 17:34:16 +00:00
Nicolas Pierron
38bc39c299 Add support for NFS root file system.
Patch by Rickard Nilsson.

svn path=/nixos/trunk/; revision=29855
2011-10-15 21:01:30 +00:00
Eelco Dolstra
3fa2bbd029 * Properly shut down udevd in stage 1. Otherwise there is a slight
possibility that a udevd process survives, preventing udevd from
  starting in stage 2:

  machine# udevd[1421]: bind failed: Address already in use
  machine# udevd[1421]: error binding udev control socket

svn path=/nixos/trunk/; revision=29434
2011-09-22 08:26:58 +00:00
Peter Simons
eb6e1310b8 strip trailing whitespace; no functional change
svn path=/nixos/trunk/; revision=29285
2011-09-14 18:20:50 +00:00
Peter Simons
a499049ce5 Strip trailing whitespace.
svn path=/nixos/trunk/; revision=29246
2011-09-13 18:49:50 +00:00
Peter Simons
d3528a3c4e modules/system/boot/stage-1-init.sh: added "boot.runSize" option to determine the maximum size of the /run tmpfs
svn path=/nixos/trunk/; revision=29245
2011-09-13 18:49:47 +00:00
Peter Simons
c01c41e2da modules/system/boot/kernel.nix: disable "elevator=cfq" boot parameter for the time being
This setting causes the init ram disk to hang indefinitely on some systems.

svn path=/nixos/trunk/; revision=29228
2011-09-12 18:01:18 +00:00
Peter Simons
6c08bf40a6 modules/system/boot/kernel.nix: stripped trailing whitespace
svn path=/nixos/trunk/; revision=29101
2011-09-07 20:36:13 +00:00
Eelco Dolstra
4b8275d2c4 * Force loading of the CFQ module, i.e. don't do it on demand — that
seems to cause weird modprobe hangs.

svn path=/nixos/trunk/; revision=29027
2011-09-05 14:58:26 +00:00
Eelco Dolstra
8b3fd3ed49 * Use the CFQ I/O scheduler, rather than the ‘none’ scheduler. This
was already the case on Linux 2.6.32, but in newer kernels the CFQ
  scheduler is built as a module, so all block devices got the ‘none’
  scheduler instead.

svn path=/nixos/trunk/; revision=28972
2011-09-02 13:19:45 +00:00
Shea Levy
25594961ad modprobe.nix: Blacklist snd_pcsp by default
svn path=/nixos/trunk/; revision=28805
2011-08-24 23:37:40 +00:00
Yury G. Kudryashov
e5917ea6fc Merge with udev-173
The only conflict was the addition of two different options at the same place.

svn path=/nixos/trunk/; revision=28801
2011-08-24 21:24:39 +00:00
Eelco Dolstra
74586fd2bb * Fix the permissions on /tmp.
svn path=/nixos/trunk/; revision=28435
2011-08-09 15:32:39 +00:00
Eelco Dolstra
1e5bd11a53 * Create /run in the initrd and bind-mount it into the target root.
This allows Udev to share its database between stage 1 and 2, which
  in turn is expected by the LVM Udev rules.

svn path=/nixos/trunk/; revision=27926
2011-07-24 23:36:30 +00:00
Eelco Dolstra
14636ba057 * The Powers That Be have decided that there shall be a /run to
replace /var/run and /var/lock.  For instance, udev now keeps state
  in /run/udev instead of /dev/.udev.  See

    http://lists.fedoraproject.org/pipermail/devel/2011-March/150031.html
    http://bugs.freestandards.org/show_bug.cgi?id=718

  So this patch creates /run as a tmpfs, and symlinks /var/run to /run
  and /var/lock to /run/lock.

  TODO: create /run in stage 1 and propagate it to stage 2.    

svn path=/nixos/trunk/; revision=27803
2011-07-16 19:27:45 +00:00
Eelco Dolstra
97a37f7c12 * "stage1panic" -> "stage1panic=1" to get rid of a harmless warning.
svn path=/nixos/trunk/; revision=26756
2011-04-08 14:42:35 +00:00
Eelco Dolstra
63bd2744b7 * Partially revert r25991 because it depends on the x-updates branch.
svn path=/nixos/trunk/; revision=25995
2011-02-16 16:48:34 +00:00
Eelco Dolstra
131f3c8e63 * Because cdrom_id now links against libpthread, LD_LIBRARY_PATH must
be set when udevd calls external programs.  (The udev manpage claims
  that udevd passes its own environment variables, but this is not the
  case.)
* Get rid of some udev rule hacks that no longer seem needed.

svn path=/nixos/trunk/; revision=25991
2011-02-16 14:38:52 +00:00
Eelco Dolstra
dff372db3c * Fix evaluation of the luksroot module when luksRoot == null. The
problem is that configuration values below a mkIf are evaluated
  strictly even if the condition is false.  Thus "${luksRoot}" causes
  an evaluation error.  As a workaround, use the empty string instead
  of `null' as the default value.  However, we should really fix the
  laziness of mkIf.  It's likely that NixOS evaluation would be much
  faster if it didn't have to evaluate disabled configuration values.

svn path=/nixos/trunk/; revision=24477
2010-10-25 22:21:51 +00:00
Evgeny Egorochkin
791c758b41 Encrypted root support via LUKS
svn path=/nixos/trunk/; revision=24459
2010-10-25 00:57:30 +00:00
Eelco Dolstra
c4f910f550 * Substitute the path of the system derivation directly in the stage 2
init script.  This removes the need for the `systemConfig' boot
  parameter; `init=<stage-2-init>' is enough.  However, the GRUB menu
  builder still needs to add `systemConfig' to the kernel command line
  for compatibility with old configurations.

svn path=/nixos/trunk/; revision=23775
2010-09-13 22:10:25 +00:00
Eelco Dolstra
4046056cdc * In the activation script, don't require the path to the "system"
derivation on the command line.

svn path=/nixos/trunk/; revision=23770
2010-09-13 18:19:15 +00:00
Eelco Dolstra
f729f12e4e Some cleanups in the activation script:
* Moved some scriptlets to the appropriate modules.
* Put the scriptlet that sets the default path at the start, since it
  never makes sense not to have it there.  It no longer needs to be
  declared as a dependency.
* If a scriptlet has no dependencies, it can be denoted as a plain
  string (i.e., `noDepEntry' is not needed anymore).

svn path=/nixos/trunk/; revision=23762
2010-09-13 15:41:38 +00:00
Eelco Dolstra
6258845b61 svn path=/nixos/trunk/; revision=23727 2010-09-10 15:25:58 +00:00
Eelco Dolstra
f067d179ab * Create /nix/var/nix/gcroots/tmp in the activation script. The
build hook uses this directory to store temporary GC roots.  (It
  creates it if it doesn't exist, but it's better to do it here as
  well to ensure the right ownership and permissions.)
* Clear /nix/var/nix/gcroots/tmp and /nix/var/nix/temproots at boot
  time.

svn path=/nixos/trunk/; revision=23417
2010-08-25 11:59:04 +00:00
Eelco Dolstra
3f10cf70f6 * Regression test for the build hook mechanism.
svn path=/nixos/trunk/; revision=23395
2010-08-24 13:27:28 +00:00
Lluís Batlle i Rossell
fe2f7eae17 Making the stage1 work on mips too (for the name of the dynamic loader)
svn path=/nixos/trunk/; revision=23325
2010-08-21 18:23:55 +00:00