Conversation
Member
vcunat
commented
Jul 29, 2022
vcunat
commented
- workflow docs: nixos.org/manual/nixpkgs/unstable/#submitting-changes-commit-policy
- important job(s): hydra.nixos.org/job/nixpkgs/staging-next/unstable#tabs-constituents
- jobset: hydra.nixos.org/jobset/nixpkgs/staging-next
- nix-review reports: https://malob.github.io/nix-review-tools-reports/
- previous staging-next: staging-next 2022-07-21 #182386
appears the lack of sandbox on most darwin machines allows the tests to accidentally find /usr/lib/libxml2.dylib, which causes problems
By default, this is /run/ldapi, which is not compatible with systemd's runtime directories. Change it to /run/slapd/ldapi (in library and server). This makes `ldapi:///` work as a default socket again.
This fixes a bug I observed in deployment on a RPi, but not able to reproduce in tests.
Now that we use notify daemon type, this works safely and simplifies configuration.
This improves security, by starting the service as an unprivileged user, rather than starting as root and relying on the service to drop privileges. This requires a significant cleanup of pre-init scripts, to make use of StateDirectory and RuntimeDirectory for permissions.
This speeds up tests a bit. Also, ensure that mutable config works for manual config dir.
This addresses the original concern behind #92544
Use `openldap` for consistency between `/var/lib` and `/run`.
I don't know if getopt is available everywhere, so I did not use it. in any case, it can be changed to use getopt in the future if needed.
however *do* provide a `passthru.tests.withInstallCheck`. doInstallCheck takes a ridiculous amount of time on darwin, making staging builds ever more painful.
When reviewing #181802 (comment) I noticed outdated code that attempted to override /usr/include. sed -i \ -e "s,glibc_header_dir=/usr/include,glibc_header_dir=$libc_dev/include", \ gcc/configure `glibc_header_dir` was removed from `gcc-4.6` and later in https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=6961669f48aa18168b2d7daa7e2235fbec7cb636 (Dec 2010, "(gcc_cv_ld_eh_frame_hdr): Only check GNU ld for --eh-frame-hdr."). Since then gcc got `--with-native-system-header-dir=` which `nixpkgs` uses for all packaged `gcc` versions. The change should be a no-op.
should be detected automatically
[staging] openldap: remove deprecated options, improve encapsulation
this shouldn't change any binary available in the default build environment because bintools-unwrapped is already in path ( idk where it comes from but i know because objcopy is in path but not in the wrapper ) this just makes all the binaries available under 'bintools' instead of having to use 'bintools-unwrapped' reduces confusion because now 'objcopy' and others will be in 'bintools'
We want Openldap clients to load /etc/ldap.conf at runtime, not
${pkgs.openldap}/etc/ldap.conf which is always a sample config.
Pass sysconfdir=/etc at compile time, so that /etc/krb5.conf is embedded
in the library as the path of its config file.
Pass sysconfdir=${out}/etc at install time, so that the sample configs
and schema files are correctly included in the build output.
This hack works because the Makefiles are not smart enough to notice
that the sysconfdir variable has changed across invocations -- because
nobody ever writes their Makefiles to be that smart. :-)
Fixes #181937.
The ConditionFileNotEmpty override patch wasn't correct for stage1, which does have the modules in /lib. So, remove the patch and set the right path with overrides in the final system. Also, make sure systemd-tmpfiles-setup-dev is pulled in to create all the necessary symlinks.
nixos/systemd: make sure all the device nodes are created in stage1
Member
|
Booted into staging-next, working great. UwU (Even a small graphical glitch on the first firefox start after booting up is gone) |
Otherwise manual build fails as:
$ nix build -f nixos/release.nix manual.x86_64-linux
...
> NotImplementedError: ('md node not supported yet', 'services.openldap.declarativeContents', 'inline_html', ('<code>',))
For full logs, run 'nix log /nix/store/pfa7bg3pflp0c31ma0rc2ahwqabs88dd-base-json-md-converted.drv'.
nixos/openldap: fix option description markdown
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.