diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index ca89732fa801d..b9f3654b6b7b1 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -13,6 +13,8 @@ In addition to numerous new and upgraded packages, this release has the followin - PHP 8.1 is now available +- Systemd has been upgraded to the version 250. + ## New Services {#sec-release-22.05-new-services} - [aesmd](https://github.com/intel/linux-sgx#install-the-intelr-sgx-psw), the Intel SGX Architectural Enclave Service Manager. Available as [services.aesmd](#opt-services.aesmd.enable). @@ -24,6 +26,21 @@ In addition to numerous new and upgraded packages, this release has the followin ## Backward Incompatibilities {#sec-release-22.05-incompatibilities} +- Since systemd version 250 wireguard tunnels that are managed using networkd + will install routes for each of the `AllowedIPs` entries. This is in contrast + to the previous behaviour where routes had to be added manually. + To disable the new behaviour you must set the `RoutingTable=off` option in + the `WireGuard` section within each of your netdev definitions. + For example like this: + ```nix + { + systemd.network.netdev.my-wireguard-interface = { + wireguardConfig.RouteTable = "off"; + }; + } + ``` +- + - `pkgs.ghc` now refers to `pkgs.targetPackages.haskellPackages.ghc`. This *only* makes a difference if you are cross-compiling and will ensure that `pkgs.ghc` always runs on the host platform and compiles diff --git a/nixos/modules/system/boot/timesyncd.nix b/nixos/modules/system/boot/timesyncd.nix index 5f35a15476965..6279957fcd63b 100644 --- a/nixos/modules/system/boot/timesyncd.nix +++ b/nixos/modules/system/boot/timesyncd.nix @@ -60,15 +60,27 @@ with lib; }; users.groups.systemd-timesync.gid = config.ids.gids.systemd-timesync; - system.activationScripts.systemd-timesyncd-migration = mkIf (versionOlder config.system.stateVersion "19.09") '' + system.activationScripts.systemd-timesyncd-migration = # workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes # - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742 # - https://github.com/systemd/systemd/issues/12131 - if [ -L /var/lib/systemd/timesync ]; then - rm /var/lib/systemd/timesync - mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync + mkIf (versionOlder config.system.stateVersion "19.09") '' + if [ -L /var/lib/systemd/timesync ]; then + rm /var/lib/systemd/timesync + mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync + fi + ''; + system.activationScripts.systemd-timesyncd-init-clock = + # Ensure that we have some stored time to prevent systemd-timesyncd to + # resort back to the fallback time. + # If the file doesn't exist we assume that our current system clock is + # good enough to provide an initial value. + '' + if ! [ -f /var/lib/systemd/timesync/clock ]; then + test -d /var/lib/systemd/timesync || mkdir -p /var/lib/systemd/timesync + touch /var/lib/systemd/timesync/clock fi - ''; + ''; }; } diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index ac95dc745fe19..404b0d2ee6f30 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,7 +1,7 @@ -From d4ea219a35a09fe02bc9e47e8530644cb4fc4146 Mon Sep 17 00:00:00 2001 +From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Jan 2013 15:46:30 +0100 -Subject: [PATCH 01/21] Start device units for uninitialised encrypted devices +Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices This is necessary because the NixOS service that initialises the filesystem depends on the appearance of the device unit. Also, this @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index dd351c0010063..d37ace3250c23 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,7 +1,7 @@ -From 67abd8f22f70d9348bc9d8e0e93dde4d325627ba Mon Sep 17 00:00:00 2001 +From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 12 Apr 2013 13:16:57 +0200 -Subject: [PATCH 02/21] Don't try to unmount /nix or /nix/store +Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index c2a26242c0..9936398f32 100644 +index f5a2cb20c1..51608d24c0 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -496,6 +496,8 @@ static int delete_md(MountPoint *m) { +@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index c2a26242c0..9936398f32 100644 || path_equal(path, "/usr") #endif -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 2dd3d87f6ed27..56c6238b81f26 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,7 +1,7 @@ -From 37c9471f59bd57223014a4a645b5f96a71d78787 Mon Sep 17 00:00:00 2001 +From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 16 Apr 2014 10:59:28 +0200 -Subject: [PATCH 03/21] Fix NixOS containers +Subject: [PATCH 03/19] Fix NixOS containers In NixOS containers, the init script is bind-mounted into the container, so checking early whether it exists will fail. @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 575b9da447..438ca294db 100644 +index 8f17ab8810..197e5aa252 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { +@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 575b9da447..438ca294db 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5604,6 +5605,7 @@ static int run(int argc, char *argv[]) { +@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index 54d9ff93b43b8..36d0ee0cde24f 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,14 +1,14 @@ -From 987d6f94dac8e1a75615fd9ddcfb0eb1c2c4c349 Mon Sep 17 00:00:00 2001 +From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 1 May 2014 14:10:10 +0200 -Subject: [PATCH 04/21] Look for fsck in the right place +Subject: [PATCH 04/19] Look for fsck in the right place --- src/fsck/fsck.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index cd7adfaeb9..68cebdd158 100644 +index 745d01ff50..dd4eef45c3 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index ee878b410f048..6acac84a9d28b 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,7 +1,7 @@ -From da4f855044b2babe052ce303cca1de736cf952cd Mon Sep 17 00:00:00 2001 +From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 19 Dec 2014 14:46:17 +0100 -Subject: [PATCH 05/21] Add some NixOS-specific unit directories +Subject: [PATCH 05/19] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for units provided by packages installed into the default profile via @@ -14,10 +14,10 @@ Also, remove /usr and /lib as these don't exist on NixOS. 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index 05eb17d66c..1cd141d012 100644 +index 6fb8c40e7a..142ecdecec 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c -@@ -91,11 +91,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { @@ -29,7 +29,7 @@ index 05eb17d66c..1cd141d012 100644 NULL }; -@@ -613,15 +609,13 @@ int lookup_paths_init( +@@ -614,15 +610,13 @@ int lookup_paths_init( persistent_config, SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", @@ -46,7 +46,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -637,14 +631,11 @@ int lookup_paths_init( +@@ -638,14 +632,11 @@ int lookup_paths_init( persistent_config, USER_CONFIG_UNIT_DIR, "/etc/systemd/user", @@ -62,7 +62,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -794,7 +785,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", @@ -70,7 +70,7 @@ index 05eb17d66c..1cd141d012 100644 SYSTEM_GENERATOR_DIR); break; -@@ -802,7 +792,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", @@ -78,7 +78,7 @@ index 05eb17d66c..1cd141d012 100644 USER_GENERATOR_DIR); break; -@@ -841,12 +830,10 @@ char **env_generator_binary_paths(bool is_system) { +@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) { if (is_system) add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 482eeacb0218f..438d841bb1c7a 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,7 +1,7 @@ -From c06abdb631527f56a626b739340d1b275349612c Mon Sep 17 00:00:00 2001 +From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 11 May 2015 15:39:38 +0200 -Subject: [PATCH 06/21] Get rid of a useless message in user sessions +Subject: [PATCH 06/19] Get rid of a useless message in user sessions Namely lots of variants of @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 34891a8754..b9b4789720 100644 +index 9368a1dfa1..5b0bdb1bc7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index 22e4c74d08d74..a93488afbf92a 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,7 +1,7 @@ -From 207c69466cdd164c42ed1901deb06f57b12f4363 Mon Sep 17 00:00:00 2001 +From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner Date: Sun, 6 Dec 2015 14:26:36 +0100 -Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that +Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that change system settings. --- @@ -11,10 +11,10 @@ Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36702f2fb0..669257ea2f 100644 +index b20a93ad81..6292fca4fc 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -797,6 +797,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36702f2fb0..669257ea2f 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -860,6 +863,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index e5a0bf7d97fa6..e1bc44a148ea0 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,7 +1,7 @@ -From 3ca3855259c3015615983587063fa159cfa7e93c Mon Sep 17 00:00:00 2001 +From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 7 Jul 2016 02:47:13 +0300 -Subject: [PATCH 08/21] Fix hwdb paths +Subject: [PATCH 08/19] Fix hwdb paths Patch by vcunat. --- @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 9e22ea719e35b..68d40980ab169 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,7 +1,7 @@ -From 717226ad0dc37ceb6c667c1f56396848978b6e83 Mon Sep 17 00:00:00 2001 +From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 11 Oct 2016 13:12:08 +0300 -Subject: [PATCH 09/21] Change /usr/share/zoneinfo to /etc/zoneinfo +Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo NixOS uses this path. --- @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 Etc/UTC. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 5d162e8ffe..1bec83e555 100644 +index b659d6905d..660b1c6fed 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1269,7 +1269,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,7 +47,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1308,7 +1308,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { +@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { _cleanup_strv_free_ char **zones = NULL; int r; @@ -56,7 +56,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1421,7 +1421,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 5d162e8ffe..1bec83e555 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1512,7 +1512,7 @@ int get_timezone(char **ret) { +@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,10 +75,10 @@ index 5d162e8ffe..1bec83e555 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 2cb4f80d5d..ebeaeac52f 100644 +index d28a416e5d..c7c215731d 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -491,7 +491,7 @@ static int process_timezone(void) { +@@ -494,7 +494,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -88,10 +88,10 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 438ca294db..98bd110d92 100644 +index 197e5aa252..c674fa61d5 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index ce0ad7e4ddc30..f2514de6c6629 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,7 +1,7 @@ -From 75d12cf65073458f091899d673c613dfc43f60c0 Mon Sep 17 00:00:00 2001 +From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001 From: Imuli Date: Wed, 19 Oct 2016 08:46:47 -0400 -Subject: [PATCH 10/21] localectl: use /etc/X11/xkb for list-x11-* +Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* NixOS has an option to link the xkb data files to /etc/X11, but not to /usr/share/X11. @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 548ac8eb2c..5e372f1566 100644 +index b5624209dc..4ab7adfdb6 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -280,7 +280,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index a03c5a14ad898..c21a1bda41226 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,19 +1,19 @@ -From bce75eb4cdeb0b86df6b0a577e886c49a88303f6 Mon Sep 17 00:00:00 2001 +From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Sun, 11 Feb 2018 04:37:44 +0100 -Subject: [PATCH 11/21] build: don't create statedir and don't touch prefixdir +Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir --- meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index b5a51b6d0d..99b071542c 100644 +index c0cbadecb1..8266bf57de 100644 --- a/meson.build +++ b/meson.build -@@ -3540,9 +3540,6 @@ install_data('LICENSE.GPL2', - 'docs/GVARIANT-SERIALIZATION.md', - install_dir : docdir) +@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2', + install_subdir('LICENSES', + install_dir : docdir) -meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) -meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) @@ -22,5 +22,5 @@ index b5a51b6d0d..99b071542c 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index 0576f7a62f2c9..5f27e41752328 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,7 +1,7 @@ -From ecdf0c5d9f88f526521f093cc9ee85f43efab4b7 Mon Sep 17 00:00:00 2001 +From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 2 Nov 2018 21:15:42 +0100 -Subject: [PATCH 12/21] inherit systemd environment when calling generators. +Subject: [PATCH 12/19] inherit systemd environment when calling generators. Systemd generators need access to the environment configured in stage-2-init.sh since it schedules fsck and mkfs executions based on @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index b9b4789720..79239afe4a 100644 +index 5b0bdb1bc7..1538a5200a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { +@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index a424cf1061cc0..d008cf2821c7a 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,7 +1,7 @@ -From 39969a1b01d6c223a21c770093209b7f4047aaa4 Mon Sep 17 00:00:00 2001 +From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Thu, 9 May 2019 11:15:22 +0200 -Subject: [PATCH 13/21] add rootprefix to lookup dir paths +Subject: [PATCH 13/19] add rootprefix to lookup dir paths systemd does not longer use the UDEVLIBEXEC directory as root for discovery default udev rules. By adding `$out/lib` to the lookup paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 2e60abb4f1..732ec51d36 100644 +index eccee3d3fa..e94a2c8bd0 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 5610d4d3ecc61..49c6651c0edff 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,7 +1,7 @@ -From e7c960789b0ca97b24a66e9eeaa56ea645d9c66b Mon Sep 17 00:00:00 2001 +From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:45:55 +0300 -Subject: [PATCH 14/21] systemd-shutdown: execute scripts in +Subject: [PATCH 14/19] systemd-shutdown: execute scripts in /etc/systemd/system-shutdown This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,12 +10,12 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index a98cfc4d8a..b0b34edda7 100644 +index 7ad9930677..fdb03a2e1a 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { +@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; - char *arguments[3], *watchdog_device; + char *arguments[3]; int cmd, r, umount_log_level = LOG_INFO; - static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; + static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 11848a623a327..78d77c0058229 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,7 +1,7 @@ -From 6124720aa2b9dbc07f2fb898f0db150a44a86041 Mon Sep 17 00:00:00 2001 +From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:46:58 +0300 -Subject: [PATCH 15/21] systemd-sleep: execute scripts in +Subject: [PATCH 15/19] systemd-sleep: execute scripts in /etc/systemd/system-sleep This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index a3aeb24633..0ed6a34d79 100644 +index 7064f3a905..b60ced9d9b 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -182,6 +182,7 @@ static int execute( @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 156195d9a9009..3c1643e0f1ab8 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,7 +1,7 @@ -From bee1d855d4fb7f2d6f6b9beb1dfd14b1dea31887 Mon Sep 17 00:00:00 2001 +From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sat, 7 Mar 2020 22:40:27 +0100 -Subject: [PATCH 16/21] kmod-static-nodes.service: Update ConditionFileNotEmpty +Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty On NixOS, kernel modules of the currently booted systems are located at /run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. @@ -23,5 +23,5 @@ index 777e82d16b..b6abc2bba0 100644 [Service] Type=oneshot -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 1f21b628e9236..882690ad9140f 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,7 +1,7 @@ -From 62198599bbc559eeb8e2a3caebce7b9135085270 Mon Sep 17 00:00:00 2001 +From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sun, 8 Mar 2020 01:05:54 +0100 -Subject: [PATCH 17/21] path-util.h: add placeholder for DEFAULT_PATH_NORMAL +Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL This will be the $PATH used to lookup ExecStart= etc. options, which systemd itself uses extensively. @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 26e7362d1f..a8f8a863ec 100644 +index 518f3340bf..18e826ea0b 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 344b8b3952ff6..e602bef9c3d7f 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,7 +1,7 @@ -From 7654964344ba083529cb232ab229db7c0888f782 Mon Sep 17 00:00:00 2001 +From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 08:34:19 +0100 -Subject: [PATCH 18/21] pkg-config: derive prefix from --prefix +Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix Point prefix to the one configured, instead of `/usr` `systemd` has limited support for making the pkgconfig prefix overridable, and interpolates those @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 4f950650d3206..916f95e194ac6 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,7 +1,7 @@ -From 4e9b4aa87d299be08cffc77a86d6f473a7a4109a Mon Sep 17 00:00:00 2001 +From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 18 Aug 2021 19:10:08 +0200 -Subject: [PATCH 19/21] core: handle lookup paths being symlinks +Subject: [PATCH 19/19] core: handle lookup paths being symlinks With a recent change paths leaving the statically known lookup paths would be treated differently then those that remained within those. That @@ -15,10 +15,10 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 0d58b1c4fe..7314f1245f 100644 +index 30c632dfce..6179100126 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c -@@ -254,6 +254,7 @@ int unit_file_build_name_map( +@@ -255,6 +255,7 @@ int unit_file_build_name_map( _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; _cleanup_set_free_free_ Set *paths = NULL; @@ -26,7 +26,7 @@ index 0d58b1c4fe..7314f1245f 100644 uint64_t timestamp_hash; char **dir; int r; -@@ -273,6 +274,34 @@ int unit_file_build_name_map( +@@ -274,6 +275,34 @@ int unit_file_build_name_map( return log_oom(); } @@ -59,9 +59,9 @@ index 0d58b1c4fe..7314f1245f 100644 + } + STRV_FOREACH(dir, (char**) lp->search_path) { - struct dirent *de; _cleanup_closedir_ DIR *d = NULL; -@@ -351,11 +380,11 @@ int unit_file_build_name_map( + +@@ -386,11 +415,11 @@ int unit_file_build_name_map( continue; } @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch b/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch deleted file mode 100644 index 5c82cdbd6fab3..0000000000000 --- a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch +++ /dev/null @@ -1,401 +0,0 @@ -From 3cf1b5fb6d1dc342e836cf0990df3170d2e9db49 Mon Sep 17 00:00:00 2001 -From: Jan Janssen -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 20/21] sd-boot: Unify error handling - -log_error_stall() and log_error_status_stall() will ensure the user has -a chance to catch an error message by stalling and also forcing a -lightred/black color on it. Also, convert several Print() calls to it -since they are actually error messages. - -(cherry picked from commit 8aba0eec499b762657f528988c2f093ac490620d) ---- - src/boot/efi/boot.c | 62 ++++++++++---------------------- - src/boot/efi/random-seed.c | 73 +++++++++++++------------------------- - src/boot/efi/stub.c | 24 ++++--------- - src/boot/efi/util.c | 17 +++++++-- - src/boot/efi/util.h | 9 +++++ - 5 files changed, 75 insertions(+), 110 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 13940a6df7..54d704f0d1 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -527,7 +527,7 @@ static BOOLEAN menu_run( - err = console_set_mode(&config->console_mode, config->console_mode_change); - if (EFI_ERROR(err)) { - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -- Print(L"Error switching console mode to %ld: %r.\r", (UINT64)config->console_mode, err); -+ log_error_stall(L"Error switching console mode to %lu: %r", (UINT64)config->console_mode, err); - } - } else - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -1221,8 +1221,7 @@ static VOID config_entry_bump_counters( - break; - - if (r != EFI_BUFFER_TOO_SMALL || file_info_size * 2 < file_info_size) { -- Print(L"\nFailed to get file info for '%s': %r\n", old_path, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to get file info for '%s': %r", old_path, r); - return; - } - -@@ -1234,8 +1233,7 @@ static VOID config_entry_bump_counters( - StrCpy(file_info->FileName, entry->next_name); - r = uefi_call_wrapper(handle->SetInfo, 4, handle, &EfiFileInfoGuid, file_info_size, file_info); - if (EFI_ERROR(r)) { -- Print(L"\nFailed to rename '%s' to '%s', ignoring: %r\n", old_path, entry->next_name, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to rename '%s' to '%s', ignoring: %r", old_path, entry->next_name, r); - return; - } - -@@ -2165,18 +2163,12 @@ static EFI_STATUS image_start( - EFI_STATUS err; - - path = FileDevicePath(entry->device, entry->loader); -- if (!path) { -- Print(L"Error getting device path."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_INVALID_PARAMETER; -- } -+ if (!path) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Error getting device path."); - - err = uefi_call_wrapper(BS->LoadImage, 6, FALSE, parent_image, path, NULL, 0, &image); -- if (EFI_ERROR(err)) { -- Print(L"Error loading %s: %r", entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error loading %s: %r", entry->loader, err); - - if (config->options_edit) - options = config->options_edit; -@@ -2190,8 +2182,7 @@ static EFI_STATUS image_start( - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); - if (EFI_ERROR(err)) { -- Print(L"Error getting LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Error getting LoadedImageProtocol handle: %r", err); - goto out_unload; - } - loaded_image->LoadOptions = options; -@@ -2202,10 +2193,8 @@ static EFI_STATUS image_start( - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -2231,9 +2220,7 @@ static EFI_STATUS reboot_into_firmware(VOID) { - return err; - - err = uefi_call_wrapper(RT->ResetSystem, 4, EfiResetCold, EFI_SUCCESS, 0, NULL); -- Print(L"Error calling ResetSystem: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Error calling ResetSystem: %r", err); - } - - static VOID config_free(Config *config) { -@@ -2305,30 +2292,21 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - /* export the device path this image is started from */ - if (disk_get_part_uuid(loaded_image->DeviceHandle, uuid) == EFI_SUCCESS) - efivar_set(LOADER_GUID, L"LoaderDevicePartUUID", uuid, 0); - - root_dir = LibOpenRoot(loaded_image->DeviceHandle); -- if (!root_dir) { -- Print(L"Unable to open root directory."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_LOAD_ERROR; -- } -+ if (!root_dir) -+ return log_error_status_stall(EFI_LOAD_ERROR, L"Unable to open root directory.", EFI_LOAD_ERROR); - - if (secure_boot_enabled() && shim_loaded()) { - err = security_policy_install(); -- if (EFI_ERROR(err)) { -- Print(L"Error installing security policy: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error installing security policy: %r", err); - } - - /* the filesystem path to this image, to prevent adding ourselves to the menu */ -@@ -2367,8 +2345,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - } - - if (config.entry_count == 0) { -- Print(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); - goto out; - } - -@@ -2440,8 +2417,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = image_start(image, &config, entry); - if (EFI_ERROR(err)) { - graphics_mode(FALSE); -- Print(L"\nFailed to execute %s (%s): %r\n", entry->title, entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to execute %s (%s): %r", entry->title, entry->loader, err); - goto out; - } - -diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c -index 3e179851b0..939daf3e41 100644 ---- a/src/boot/efi/random-seed.c -+++ b/src/boot/efi/random-seed.c -@@ -35,10 +35,8 @@ static EFI_STATUS acquire_rng(UINTN size, VOID **ret) { - return log_oom(); - - err = uefi_call_wrapper(rng->GetRNG, 3, rng, NULL, size, data); -- if (EFI_ERROR(err)) { -- Print(L"Failed to acquire RNG data: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to acquire RNG data: %r", err); - - *ret = TAKE_PTR(data); - return EFI_SUCCESS; -@@ -149,14 +147,12 @@ static EFI_STATUS acquire_system_token(VOID **ret, UINTN *ret_size) { - err = efivar_get_raw(LOADER_GUID, L"LoaderSystemToken", &data, &size); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND) -- Print(L"Failed to read LoaderSystemToken EFI variable: %r", err); -+ log_error_stall(L"Failed to read LoaderSystemToken EFI variable: %r", err); - return err; - } - -- if (size <= 0) { -- Print(L"System token too short, ignoring."); -- return EFI_NOT_FOUND; -- } -+ if (size <= 0) -+ return log_error_status_stall(EFI_NOT_FOUND, L"System token too short, ignoring."); - - *ret = TAKE_PTR(data); - *ret_size = size; -@@ -209,8 +205,7 @@ static VOID validate_sha256(void) { - sha256_finish_ctx(&hash, result); - - if (CompareMem(result, array[i].hash, HASH_VALUE_SIZE) != 0) { -- Print(L"SHA256 failed validation.\n"); -- uefi_call_wrapper(BS->Stall, 1, 120 * 1000 * 1000); -+ log_error_stall(L"SHA256 failed validation."); - return; - } - } -@@ -246,7 +241,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &handle, (CHAR16*) L"\\loader\\random-seed", EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE, 0ULL); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND && err != EFI_WRITE_PROTECTED) -- Print(L"Failed to open random seed file: %r\n", err); -+ log_error_stall(L"Failed to open random seed file: %r", err); - return err; - } - -@@ -255,15 +250,11 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - return log_oom(); - - size = info->FileSize; -- if (size < RANDOM_MAX_SIZE_MIN) { -- Print(L"Random seed file is too short?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size < RANDOM_MAX_SIZE_MIN) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too short."); - -- if (size > RANDOM_MAX_SIZE_MAX) { -- Print(L"Random seed file is too large?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size > RANDOM_MAX_SIZE_MAX) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too large."); - - seed = AllocatePool(size); - if (!seed) -@@ -271,20 +262,14 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - - rsize = size; - err = uefi_call_wrapper(handle->Read, 3, handle, &rsize, seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to read random seed file: %r\n", err); -- return err; -- } -- if (rsize != size) { -- Print(L"Short read on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to read random seed file: %r", err); -+ if (rsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short read on random seed file."); - - err = uefi_call_wrapper(handle->SetPosition, 2, handle, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to seek to beginning of random seed file: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to seek to beginning of random seed file: %r", err); - - /* Request some random data from the UEFI RNG. We don't need this to work safely, but it's a good - * idea to use it because it helps us for cases where users mistakenly include a random seed in -@@ -299,27 +284,19 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - /* Update the random seed on disk before we use it */ - wsize = size; - err = uefi_call_wrapper(handle->Write, 3, handle, &wsize, new_seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed file: %r\n", err); -- return err; -- } -- if (wsize != size) { -- Print(L"Short write on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed file: %r", err); -+ if (wsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short write on random seed file."); - - err = uefi_call_wrapper(handle->Flush, 1, handle); -- if (EFI_ERROR(err)) { -- Print(L"Failed to flush random seed file: %r\n"); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to flush random seed file: %r", err); - - /* We are good to go */ - err = efivar_set_raw(LOADER_GUID, L"LoaderRandomSeed", for_kernel, size, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed to EFI variable: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed to EFI variable: %r", err); - - return EFI_SUCCESS; - } -diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c -index 082fe91c9e..82da1d3ec4 100644 ---- a/src/boot/efi/stub.c -+++ b/src/boot/efi/stub.c -@@ -36,18 +36,12 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, offs, szs); -- if (EFI_ERROR(err)) { -- Print(L"Unable to locate embedded .linux section: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err); - - if (szs[0] > 0) - cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0]; -@@ -72,10 +66,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -126,7 +118,5 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - (UINTN)loaded_image->ImageBase + addrs[2], szs[2]); - - graphics_mode(FALSE); -- Print(L"Execution of embedded linux image failed: %r\n", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err); - } -diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c -index 6f4e5933d3..aee076060b 100644 ---- a/src/boot/efi/util.c -+++ b/src/boot/efi/util.c -@@ -411,8 +411,21 @@ EFI_STATUS file_read(EFI_FILE_HANDLE dir, const CHAR16 *name, UINTN off, UINTN s - return err; - } - -+VOID log_error_stall(const CHAR16 *fmt, ...) { -+ va_list args; -+ -+ uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut, EFI_LIGHTRED|EFI_BACKGROUND_BLACK); -+ -+ Print(L"\n"); -+ va_start(args, fmt); -+ VPrint(fmt, args); -+ va_end(args); -+ Print(L"\n"); -+ -+ uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+} -+ - EFI_STATUS log_oom(void) { -- Print(L"Out of memory."); -- (void) uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Out of memory."); - return EFI_OUT_OF_RESOURCES; - } -diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h -index 1a42b01033..d3bf848a95 100644 ---- a/src/boot/efi/util.h -+++ b/src/boot/efi/util.h -@@ -74,4 +74,13 @@ static inline void FileHandleClosep(EFI_FILE_HANDLE *handle) { - #define UINT64_MAX ((UINT64) -1) - #endif - -+VOID log_error_stall(const CHAR16 *fmt, ...); - EFI_STATUS log_oom(void); -+ -+/* This works just like log_error_errno() from userspace, but requires you -+ * to provide err a second time if you want to use %r in the message! */ -+#define log_error_status_stall(err, fmt, ...) \ -+ ({ \ -+ log_error_stall(fmt, ##__VA_ARGS__); \ -+ err; \ -+ }) --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch b/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch deleted file mode 100644 index 7cdc2491fa33e..0000000000000 --- a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch +++ /dev/null @@ -1,320 +0,0 @@ -From 2d9fcfcfa38667ada306e095599944f941576e53 Mon Sep 17 00:00:00 2001 -From: Jan Janssen -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 21/21] sd-boot: Rework console input handling - -Fixes: #15847 -Probably fixes: #19191 - -(cherry picked from commit e98d271e57f3d0356e444b6ea2d48836ee2769b0) ---- - src/boot/efi/boot.c | 55 +++++++--------------- - src/boot/efi/console.c | 102 +++++++++++++++++++++++++++++------------ - src/boot/efi/console.h | 2 +- - 3 files changed, 91 insertions(+), 68 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 54d704f0d1..b4f3b9605a 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -134,7 +134,7 @@ static BOOLEAN line_edit( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, print); - uefi_call_wrapper(ST->ConOut->SetCursorPosition, 3, ST->ConOut, cursor, y_pos); - -- err = console_key_read(&key, TRUE); -+ err = console_key_read(&key, 0); - if (EFI_ERROR(err)) - continue; - -@@ -387,7 +387,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"OsIndicationsSupported: %d\n", indvar); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - Print(L"timeout: %u\n", config->timeout_sec); - if (config->timeout_sec_efivar >= 0) -@@ -432,7 +432,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"LoaderEntryDefault: %s\n", defaultstr); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - for (UINTN i = 0; i < config->entry_count; i++) { - ConfigEntry *entry; -@@ -482,7 +482,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - entry->path, entry->next_name); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - } - - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -509,11 +509,10 @@ static BOOLEAN menu_run( - UINTN y_max; - CHAR16 *status; - CHAR16 *clearline; -- INTN timeout_remain; -+ UINTN timeout_remain = config->timeout_sec; - INT16 idx; - BOOLEAN exit = FALSE; - BOOLEAN run = TRUE; -- BOOLEAN wait = FALSE; - - graphics_mode(FALSE); - uefi_call_wrapper(ST->ConIn->Reset, 2, ST->ConIn, FALSE); -@@ -538,12 +537,6 @@ static BOOLEAN menu_run( - y_max = 25; - } - -- /* we check 10 times per second for a keystroke */ -- if (config->timeout_sec > 0) -- timeout_remain = config->timeout_sec * 10; -- else -- timeout_remain = -1; -- - idx_highlight = config->idx_default; - idx_highlight_prev = 0; - -@@ -643,7 +636,7 @@ static BOOLEAN menu_run( - - if (timeout_remain > 0) { - FreePool(status); -- status = PoolPrint(L"Boot in %d sec.", (timeout_remain + 5) / 10); -+ status = PoolPrint(L"Boot in %d s.", timeout_remain); - } - - /* print status at last line of screen */ -@@ -664,27 +657,18 @@ static BOOLEAN menu_run( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, clearline+1 + x + len); - } - -- err = console_key_read(&key, wait); -- if (EFI_ERROR(err)) { -- /* timeout reached */ -+ err = console_key_read(&key, timeout_remain > 0 ? 1000 * 1000 : 0); -+ if (err == EFI_TIMEOUT) { -+ timeout_remain--; - if (timeout_remain == 0) { - exit = TRUE; - break; - } - -- /* sleep and update status */ -- if (timeout_remain > 0) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- timeout_remain--; -- continue; -- } -- -- /* timeout disabled, wait for next key */ -- wait = TRUE; -+ /* update status */ - continue; -- } -- -- timeout_remain = -1; -+ } else -+ timeout_remain = 0; - - /* clear status after keystroke */ - if (status) { -@@ -787,7 +771,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", config->timeout_sec_efivar); -+ status = PoolPrint(L"Menu timeout set to %d s.", config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); - } else if (config->timeout_sec_efivar <= 0){ -@@ -795,7 +779,7 @@ static BOOLEAN menu_run( - efivar_set( - LOADER_GUID, L"LoaderConfigTimeout", NULL, EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_config > 0) -- status = PoolPrint(L"Menu timeout of %d sec is defined by configuration file.", -+ status = PoolPrint(L"Menu timeout of %d s is defined by configuration file.", - config->timeout_sec_config); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -813,7 +797,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", -+ status = PoolPrint(L"Menu timeout set to %d s.", - config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -2369,13 +2353,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - else { - UINT64 key; - -- err = console_key_read(&key, FALSE); -- -- if (err == EFI_NOT_READY) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- err = console_key_read(&key, FALSE); -- } -- -+ /* Block up to 100ms to give firmware time to get input working. */ -+ err = console_key_read(&key, 100 * 1000); - if (!EFI_ERROR(err)) { - INT16 idx; - -diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c -index 83619d2147..369c549daf 100644 ---- a/src/boot/efi/console.c -+++ b/src/boot/efi/console.c -@@ -11,61 +11,105 @@ - - #define EFI_SIMPLE_TEXT_INPUT_EX_GUID &(EFI_GUID) EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { -+static inline void EventClosep(EFI_EVENT *event) { -+ if (!*event) -+ return; -+ -+ uefi_call_wrapper(BS->CloseEvent, 1, *event); -+} -+ -+/* -+ * Reading input from the console sounds like an easy task to do, but thanks to broken -+ * firmware it is actually a nightmare. -+ * -+ * There is a ConIn and TextInputEx API for this. Ideally we want to use TextInputEx, -+ * because that gives us Ctrl/Alt/Shift key state information. Unfortunately, it is not -+ * always available and sometimes just non-functional. -+ * -+ * On the other hand we have ConIn, where some firmware likes to just freeze on us -+ * if we call ReadKeyStroke on it. -+ * -+ * Therefore, we use WaitForEvent on both ConIn and TextInputEx (if available) along -+ * with a timer event. The timer ensures there is no need to call into functions -+ * that might freeze on us, while still allowing us to show a timeout counter. -+ */ -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec) { - static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; - static BOOLEAN checked; - UINTN index; - EFI_INPUT_KEY k; - EFI_STATUS err; -+ _cleanup_(EventClosep) EFI_EVENT timer = NULL; -+ EFI_EVENT events[3] = { ST->ConIn->WaitForKey }; -+ UINTN n_events = 1; - - if (!checked) { - err = LibLocateProtocol(EFI_SIMPLE_TEXT_INPUT_EX_GUID, (VOID **)&TextInputEx); -- if (EFI_ERROR(err)) -+ if (EFI_ERROR(err) || -+ uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx) == EFI_INVALID_PARAMETER) -+ /* If WaitForKeyEx fails here, the firmware pretends it talks this -+ * protocol, but it really doesn't. */ - TextInputEx = NULL; -+ else -+ events[n_events++] = TextInputEx->WaitForKeyEx; - - checked = TRUE; - } - -- /* wait until key is pressed */ -- if (wait) -- uefi_call_wrapper(BS->WaitForEvent, 3, 1, &ST->ConIn->WaitForKey, &index); -+ if (timeout_usec > 0) { -+ err = uefi_call_wrapper(BS->CreateEvent, 5, EVT_TIMER, 0, NULL, NULL, &timer); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error creating timer event: %r", err); -+ -+ /* SetTimer expects 100ns units for some reason. */ -+ err = uefi_call_wrapper(BS->SetTimer, 3, timer, TimerRelative, timeout_usec * 10); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error arming timer event: %r", err); - -- if (TextInputEx) { -+ events[n_events++] = timer; -+ } -+ -+ err = uefi_call_wrapper(BS->WaitForEvent, 3, n_events, events, &index); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error waiting for events: %r", err); -+ -+ if (timeout_usec > 0 && timer == events[index]) -+ return EFI_TIMEOUT; -+ -+ /* TextInputEx might be ready too even if ConIn got to signal first. */ -+ if (TextInputEx && !EFI_ERROR(uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx))) { - EFI_KEY_DATA keydata; - UINT64 keypress; -+ UINT32 shift = 0; - - err = uefi_call_wrapper(TextInputEx->ReadKeyStrokeEx, 2, TextInputEx, &keydata); -- if (!EFI_ERROR(err)) { -- UINT32 shift = 0; -- -- /* do not distinguish between left and right keys */ -- if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -- shift |= EFI_CONTROL_PRESSED; -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -- shift |= EFI_ALT_PRESSED; -- }; -- -- /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -- keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -- if (keypress > 0) { -- *key = keypress; -- return 0; -- } -+ if (EFI_ERROR(err)) -+ return err; -+ -+ /* do not distinguish between left and right keys */ -+ if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -+ shift |= EFI_CONTROL_PRESSED; -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -+ shift |= EFI_ALT_PRESSED; -+ }; -+ -+ /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -+ keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -+ if (keypress > 0) { -+ *key = keypress; -+ return EFI_SUCCESS; - } -+ -+ return EFI_NOT_READY; - } - -- /* fallback for firmware which does not support SimpleTextInputExProtocol -- * -- * This is also called in case ReadKeyStrokeEx did not return a key, because -- * some broken firmwares offer SimpleTextInputExProtocol, but never actually -- * handle any key. */ - err = uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2, ST->ConIn, &k); - if (EFI_ERROR(err)) - return err; - - *key = KEYPRESS(0, k.ScanCode, k.UnicodeChar); -- return 0; -+ return EFI_SUCCESS; - } - - static EFI_STATUS change_mode(UINTN mode) { -diff --git a/src/boot/efi/console.h b/src/boot/efi/console.h -index 2c69af552a..23848a9c58 100644 ---- a/src/boot/efi/console.h -+++ b/src/boot/efi/console.h -@@ -16,5 +16,5 @@ enum console_mode_change_type { - CONSOLE_MODE_MAX, - }; - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait); -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec); - EFI_STATUS console_set_mode(UINTN *mode, enum console_mode_change_type how); --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 70036127fc896..e928d60394e1c 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -15,6 +15,8 @@ , gperf , getent , glibcLocales + + # glib is only used during tests (test-bus-gvariant, test-bus-marshal) , glib , substituteAll , gettext @@ -29,7 +31,6 @@ # Optional dependencies , pam , cryptsetup -, lvm2 , audit , acl , lz4 @@ -61,6 +62,8 @@ , kexec-tools , bashInteractive , libmicrohttpd +, libfido2 +, p11-kit # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. # Only libbpf should be a runtime dependency. @@ -97,8 +100,8 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl -, libfido2 -, p11-kit + # tests assume too much system access for them to be feasible for us right now +, withTests ? false # name argument , pname ? "systemd" @@ -123,7 +126,14 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.5"; + wantGcrypt = withResolved || withImportd; + version = "250.1"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +144,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "0bir2syy20rdi59sv8xp8nw1c92zl9z0wmv7ggsll8dca7niqwbp"; + sha256 = "1v92hrx17zjrsa2fjr8zznw0kxw5yd7bx3950z98xmnxah0swzkf"; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -160,55 +170,49 @@ stdenv.mkDerivation { ./0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch ./0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch ./0018-pkg-config-derive-prefix-from-prefix.patch - # In v248 or v249 we started to get in trouble due to our # /etc/systemd/system being a symlink and thus being treated differently by # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). ./0019-core-handle-lookup-paths-being-symlinks.patch - - # In v248 compiler weirdness and refactoring lead to the bootloader - # erroring out handling keyboard input on some systems. See - # https://github.com/systemd/systemd/issues/19191 - # This should be redundant in v249.6 when it offically gets tagged in - # systemd-stable - ./0020-sd-boot-Unify-error-handling.patch - ./0021-sd-boot-Rework-console-input-handling.patch - ] ++ lib.optional stdenv.hostPlatform.isMusl (let - oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; - }; - musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; - in [ - (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") - (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") - (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") - (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") - (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") - (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") - (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") - (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") - (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") - (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") - (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") - (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") - (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") - (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") - (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") - (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") - (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") - (musl-patches + "/0021-test-json.c-define-M_PIl.patch") - (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") - (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") - (musl-patches + "/0026-Handle-missing-gshadow.patch") - (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff - ]); + ] ++ lib.optional stdenv.hostPlatform.isMusl ( + let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; + sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in + [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0006-Include-netinet-if_ether.h.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + + # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 + ./musl.diff + ] + ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" @@ -283,6 +287,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -363,16 +371,16 @@ stdenv.mkDerivation { [ acl audit - glib kmod libcap - libgcrypt libidn2 libuuid linuxHeaders pam ] + ++ lib.optional wantGcrypt libgcrypt + ++ lib.optional withTests glib ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -396,6 +404,14 @@ stdenv.mkDerivation { mesonFlags = [ "-Dversion-tag=${version}" + # We bump this variable on every (major) version change to ensure + # that we have known-good value for a timestamp that is in the (not so distant) past. + # This serves as a lower bound for valid system timestamps during startup. Systemd will + # reset the system timestamp if this date is +- 15 years from the system time. + # See the systemd v250 release notes for further details: + # https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266 + "-Dtime-epoch=${releaseTimestamp}" + "-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d" "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services" "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" @@ -407,11 +423,11 @@ stdenv.mkDerivation { "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" - "-Dglib=${lib.boolToString (glib != null)}" + "-Dglib=${lib.boolToString withTests}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" - "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dgcrypt=${lib.boolToString wantGcrypt}" "-Dimportd=${lib.boolToString withImportd}" "-Dlz4=${lib.boolToString withCompression}" "-Dhomed=${lib.boolToString withHomed}" @@ -422,7 +438,6 @@ stdenv.mkDerivation { "-Dnetworkd=${lib.boolToString withNetworkd}" "-Doomd=${lib.boolToString withOomd}" "-Dpolkit=${lib.boolToString withPolkit}" - "-Dcryptsetup=${lib.boolToString withCryptsetup}" "-Dportabled=${lib.boolToString withPortabled}" "-Dhwdb=${lib.boolToString withHwdb}" "-Dremote=${lib.boolToString withRemote}" @@ -442,7 +457,12 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Defi-ld=gold" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -460,7 +480,6 @@ stdenv.mkDerivation { "-Dsysvinit-path=" "-Dsysvrcnd-path=" - "-Dkill-path=${coreutils}/bin/kill" "-Dkmod-path=${kmod}/bin/kmod" "-Dsulogin-path=${util-linux}/bin/sulogin" "-Dmount-path=${util-linux}/bin/mount" @@ -478,7 +497,6 @@ stdenv.mkDerivation { ] ++ lib.optionals withEfi [ "-Defi-libdir=${toString gnu-efi}/lib" "-Defi-includedir=${toString gnu-efi}/include/efi" - "-Defi-ldsdir=${toString gnu-efi}/lib" ] ++ lib.optionals (withShellCompletions == false) [ "-Dbashcompletiondir=no" "-Dzshcompletiondir=no" @@ -496,57 +514,105 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + "test/test-execute/exec-systemcallfilter-failing2.service" + "test/test-execute/exec-systemcallfilter-failing3.service" + "test/test-execute/exec-systemcallfilter-failing.service" + "test/testsuite-06.units/hola.service" + "test/udev-test.pl" + "test/units/hello.service" + "test/units/testsuite-07.sh" + "test/units/testsuite-15.sh" + "test/units/testsuite-17.05.sh" + "test/units/testsuite-40.sh" + "test/units/unstoppable.service" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ "man/systemd-fsck@.service.xml" ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -v NEWS | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replace. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -v NEWS + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -554,7 +620,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -566,8 +632,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" @@ -609,6 +675,13 @@ stdenv.mkDerivation { rm -rf $out/share/doc ''; + disallowedReferences = + [ + + ] + ++ lib.optional withTests [ glib ] + ; + # The interface version prevents NixOS from switching to an # incompatible systemd at runtime. (Switching across reboots is # fine, of course.) It should be increased whenever systemd changes diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 15186d004ddf1..8c3988762a9ee 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22969,11 +22969,6 @@ with pkgs; withTimesyncd = false; withTpm2Tss = false; withUserDb = false; - glib = null; - libgcrypt = null; - lvm2 = null; - libfido2 = null; - p11-kit = null; };