Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
If `opts.home` is not a string, an evaluation failure occurs in
`mapAttrs'`. Converting `opts.home` to string solves this issue.
The type of `users.users.<name>.home` is `lib.types.path`. Values
other than strings, e.g., derivations can also have the type
`lib.types.path`.
- Introduce more possible options by using the krb format generator.
- Enforce package choice is using a correct package.
- Use meta attribute to decide implementation, allows for overriding the
package.
- Make necessary changes to the format, to allow for multiple ACL files in
heimdal.
- Add systemd target and slice for both implementations.
- Move state to `/var/lib`
- Add documentation
This reverts commit e827697fd3.
This seems to cause various issues during system activation, as reported
in https://github.com/NixOS/nixpkgs/issues/302771 for example.
Due to being close to branchoff, revert this for now.
We'll open a tracking issue to collect and sort out remaining issues.
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
Otherwise /run/dbus is created with the wrong permissions.
For some reason our recent changes made /run/dbus be 0700 instead of
0755. This is actually the default of homeMode. So something worked by
accident before?
- Make inputs more diff friendly
- Add flags for enabling certain libraries
- Disable LDAP support as HDB module by default
- Add support for CJSON
- Flatten contents of `$out/libexec`, which earlier had an
`heimdal/heimdal` directory
- Use SRI hash
- Enable package tests
- Add `passthru.tests.nixos`
- Add `meta.homepage` and `meta.changelog`
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
This replaces the krb5 module's options with RFC 42-style krb5.settings
option, while greatly simplifying the code and fixing a few bugs,
namely:
- #243068 krb5: Configuration silently gets ignored when set by
multiple modules
- not being able to use mkIf etc. inside subattributes of
krb5.libdefaults, e.g. krb5.libdefaults.default_realm = mkIf ...
See #144575.
Closes#243068.
Co-authored-by: h7x4 <h7x4@nani.wtf>
When reloading the dbus-broker service (e.g. when switching to a new generation),
the reload fails when /tmp got remounted after the service had been started.
Since the dbus-broker service starts early, and does not have default dependencies,
this situation does occur in practice.
This change makes sure that if there are mount units for /tmp, dbus-broker gets
ordered after them.
See also https://github.com/systemd/systemd/issues/28515
