Even if the tools that assemble /etc can handle leading slashes, this
still is not correct. For example, you could have both /X11 and X11 in
environment.etc which makes overriding hard.
Until now, if you set `services.xserver.xkb.dir` to a dir containing
a custom keyboard layout, and making this layout the default via
`services.xserver.xkb.layout`, `xkbvalidate` would complain:
The value `gb-CapsLockIsHyperL' for keyboard layout is invalid.
Please check the definition in `services.xserver.xkb.layout'.
Detailed XKB compiler errors:
Couldn't find file "symbols/gb-CapsLockIsHyperL" in include paths
1 include paths searched:
/nix/store/x1ahkafwzv66s3yxffvrjc0ixkcjiig6-xkeyboard-config-2.31/etc/X11/xkb
3 include paths could not be added:
/homeless-shelter/.config/xkb
/homeless-shelter/.xkb
/etc/xkb
Abandoning symbols file "(unnamed)"
Failed to compile xkb_symbols
Failed to compile keymap
This is because the `xkb_*()` functions in `xkbvalidate` were not
told to use our `xkbDir`.
This commit fixes it by passing the dir as an environment variable
as described on:
* https://xkbcommon.org/doc/current/group__include-path.html
* https://xkbcommon.org/doc/current/group__context.html
If `services.samba.enable` is true, the the samba Module already adds the samba Package. If a User sets a differnet Package in `services.samba.package` then `environment.systemPackages` will contain two different samba Packages.
```
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/testparm' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/testparm'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/testparm' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/testparm'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/nmbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/nmbd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/nmbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/nmbd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbcontrol' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbcontrol'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbcontrol' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbcontrol'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/gentest' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/gentest'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/gentest' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/gentest'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbpasswd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbpasswd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbd'
...
```
(The original samba will still stay in the closure as `kdenetwork-filesharing` depends on it.)
This adds a NixOS module for XScreenSaver (from @aidalgol in #130218,
with a few updates).
The module:
* Installs XScreenSaver
* Sets up a suid wrapper for xscreensaver-auth
* Sets up a user service for xscreensaver
The suid wrapper should function correctly when xscreensaver is
installed via the derivation update in 40a00547b71.
Co-authored-by: Aidan Gauland <aidalgol@fastmail.net>
Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
In https://github.com/NixOS/nixpkgs/pull/254071, a mismatch between usage of
the Nix language and the NixOS module system was introduced. By merging the
kwin_wayland wrapper attrset into the mkIf representation, the former was
effectively ignored.
As a result, the capability wrapper for kwin_wayland stopped being installed,
leading to realtime scheduling being disabled. The issue was not detected
because the behavioral change is very subtle.
By consistently using language-level constructs, this mismatch is resolved.
The capability wrapper is thus installed again and realtime scheduling is
restored.
[Motivation](NixOS#257817 (comment))
`extraLayouts` was missed in #259891, so moving it to the other xkb
options with this PR.
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Runs dbus-update-activation-environment and systemctl import-environment on session start
to ensure xdg portals work, and user services have correct PATH / XDG env vars.
Matches behavior of Plasma/Gnome sessions.
without this
```
nix-repl> nixosTests.xfce.nodes.machine.services.xserver.xkb
error: The option 'nodes.machine.services.xserver.xkb' is used but not defined.
```
with this
```
nix-repl> nixosTests.xfce.nodes.machine.services.xserver.xkb
{ dir = "/nix/store/096yg7fc67py86w0bm6g7a32npgyh5ic-xkeyboard-config-2.39/etc/X11/xkb"; layout = "us"; model = "pc104"; options = "terminate:ctrl_alt_bksp"; variant = ""; }
```
[Motivation](https://github.com/NixOS/nixpkgs/issues/257817#issuecomment-1741705042):
- Having all the XKB options in the same attribute set clarifies their
relation better than using a common option name prefix ("xkb").
- `services.xserver.layout` is an XKB option, but this is not obvious
from its name. Putting it with the other XKB options clarifies this.
Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>
This exposes the banner message option in GDM. Some computing
environments have compliance requirements which include displaying a
message to the user before logon.
The module for Plasma 5 contained two pointless setuid wrappers:
* kscreenlocker_greet was introduced when the kscreenlocker package
dropped kcheckpass. However, this was actually replaced by making
proper use of PAM (which finally calls its unix_chkpwd setuid binary).
kscreenlocker_greet itself was never intended to be setuid.
Fortunately, this is not exploitable, because QCoreApplication
immediately aborts if it detects setuid. The wrapper is still
incorrect and pointless, so remove it.
* start_kdeinit can optionally use setuid root or setcap
CAP_SYS_RESOURCE to reduce its OOM killer score. However, with systemd
startup, start_kdeinit does not get used at all. So in this case, the
setuid wrapper is pointless, and so is removed as well. Ideally, the
case where systemd startup is not enabled would use a capability
wrapper instead, but since systemd startup is the default in NixOS and
kinit is deprecated upstream for KF6, I don't bother any more.
dwm is not in Java's internal list of non-reparrenting
window managers. Running Java GUI programs without this
variable on window managers (eg. jd-gui) causes the window
to be blank.
