popt-0.16 and cryptsetup-1.4.1 both generated pkgconfig (in contrast
to older versions). The pkgconfig files (popt.pc and cryptsetup.pc)
contain references into the store that are not removed by patchelf and
stage-1 fails with errors like: "output is not allowed to refer to
path `/nix/store/qccjhn063cfv171rcaxvxh0yk96zf7l2-cryptsetup-1.4.1'".
Now, only the cryptsetup binaries and its dependencies are copied,
determined by ldd. In addition the cryptsetup binary and lvm are
tested after patchelf has adjusted the library paths.
Thanks to Peter Simons and Eelco Dolstra for giving the rights hints.
svn path=/nixos/trunk/; revision=31128
After the change from revision 30103, nixos-rebuild suddenly consumed
freaky amounts of memory. I had to abort the process after it had
allocated well in excess of 30GB(!) of RAM. I'm not sure what is causing
this behavior, but undoing that assignment fixes the problem. The other
two commits needed to be revoked, too, because they depend on 30103.
svn path=/nixos/trunk/; revision=30127
possibility that a udevd process survives, preventing udevd from
starting in stage 2:
machine# udevd[1421]: bind failed: Address already in use
machine# udevd[1421]: error binding udev control socket
svn path=/nixos/trunk/; revision=29434
directory. This happened with /etc/polkit-1, which used to be a
symlink to /etc/static/polkit-1, which was itself a symlink but now
is a directory. Not handling this correctly led to /etc/static
being clobbered with symlinks pointing to themselves.
svn path=/nixos/trunk/; revision=29061
was already the case on Linux 2.6.32, but in newer kernels the CFQ
scheduler is built as a module, so all block devices got the ‘none’
scheduler instead.
svn path=/nixos/trunk/; revision=28972
then every unshare(CLONE_NEWNS) system call causes a new entry to be
created in /dev/cgroup/<pid>, which is not removed automatically.
This can cause subsequent calls to unshare() to fail if the PID has
wrapped around. Worse, a large number of entries in /dev/cgroup
causes a very substantial system slowdown: doing 10,000
fork()/unshare(CLONE_NEWNS)/exit() calls took 21s without the "ns"
subsystem, but 2m43s with it, and the system slows down permanently
until the entries in /dev/cgroup are removed (going to a load of > 6
on my laptop).
This is particularly important for Nix because its chroot feature
uses unshare(CLONE_NEWNS). (http://yellowgrass.org/issue/Nix/219)
svn path=/nixos/trunk/; revision=27216
be set when udevd calls external programs. (The udev manpage claims
that udevd passes its own environment variables, but this is not the
case.)
* Get rid of some udev rule hacks that no longer seem needed.
svn path=/nixos/trunk/; revision=25991
problem is that configuration values below a mkIf are evaluated
strictly even if the condition is false. Thus "${luksRoot}" causes
an evaluation error. As a workaround, use the empty string instead
of `null' as the default value. However, we should really fix the
laziness of mkIf. It's likely that NixOS evaluation would be much
faster if it didn't have to evaluate disabled configuration values.
svn path=/nixos/trunk/; revision=24477
in /etc/xen/auto at boot time, to save all running domains during
shutdown, and to restore all saved domains at boot time.
svn path=/nixos/trunk/; revision=24121