diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 7fa7f2ada404a..c87b3ecef4da5 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -34,9 +34,6 @@ let # mounting `/`, like `/` on a loopback). fileSystems = filter utils.fsNeededForBoot config.system.build.fileSystems; - # Determine whether zfs-mount(8) is needed. - zfsRequiresMountHelper = any (fs: lib.elem "zfsutil" fs.options) fileSystems; - # A utility for enumerating the shared-library dependencies of a program findLibs = pkgs.buildPackages.writeShellScriptBin "find-libs" '' set -euo pipefail @@ -118,24 +115,9 @@ let copy_bin_and_libs $BIN done - ${optionalString zfsRequiresMountHelper '' - # Filesystems using the "zfsutil" option are mounted regardless of the - # mount.zfs(8) helper, but it is required to ensure that ZFS properties - # are used as mount options. - # - # BusyBox does not use the ZFS helper in the first place. - # util-linux searches /sbin/ as last path for helpers (stage-1-init.sh - # must symlink it to the store PATH). - # Without helper program, both `mount`s silently fails back to internal - # code, using default options and effectively ignore security relevant - # ZFS properties such as `setuid=off` and `exec=off` (unless manually - # duplicated in `fileSystems.*.options`, defeating "zfsutil"'s purpose). - copy_bin_and_libs ${lib.getOutput "mount" pkgs.util-linux}/bin/mount - copy_bin_and_libs ${config.boot.zfs.package}/bin/mount.zfs - ''} - # Copy some util-linux stuff. copy_bin_and_libs ${pkgs.util-linux}/sbin/blkid + copy_bin_and_libs ${lib.getOutput "mount" pkgs.util-linux}/bin/mount # Copy dmsetup and lvm. copy_bin_and_libs ${getBin pkgs.lvm2}/bin/dmsetup @@ -225,17 +207,7 @@ let # Make sure that the patchelf'ed binaries still work. echo "testing patched programs..." $out/bin/ash -c 'echo hello world' | grep "hello world" - ${ - if zfsRequiresMountHelper then - '' - $out/bin/mount -V 1>&1 | grep -q "mount from util-linux" - $out/bin/mount.zfs -h 2>&1 | grep -q "Usage: mount.zfs" - '' - else - '' - $out/bin/mount --help 2>&1 | grep -q "BusyBox" - '' - } + $out/bin/mount -V 2>&1 | grep -q "mount from util-linux" $out/bin/blkid -V 2>&1 | grep -q 'libblkid' $out/bin/udevadm --version $out/bin/dmsetup --version 2>&1 | tee -a log | grep -q "version:" diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index d070b5a4c0e0a..fc3ce114df2c4 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -717,6 +717,7 @@ in kernelModules = [ "zfs" ]; extraUtilsCommands = lib.mkIf (!config.boot.initrd.systemd.enable) '' copy_bin_and_libs ${cfgZfs.package}/sbin/zfs + copy_bin_and_libs ${cfgZfs.package}/sbin/mount.zfs copy_bin_and_libs ${cfgZfs.package}/sbin/zdb copy_bin_and_libs ${cfgZfs.package}/sbin/zpool copy_bin_and_libs ${cfgZfs.package}/lib/udev/vdev_id @@ -725,6 +726,7 @@ in extraUtilsCommandsTest = lib.mkIf (!config.boot.initrd.systemd.enable) '' $out/bin/zfs --help >/dev/null 2>&1 $out/bin/zpool --help >/dev/null 2>&1 + $out/bin/mount.zfs -h 2>&1 | grep -q "Usage: mount.zfs" ''; postResumeCommands = lib.mkIf (!config.boot.initrd.systemd.enable) ( lib.concatStringsSep "\n" ( @@ -796,6 +798,7 @@ in extraBin = { zpool = "${cfgZfs.package}/sbin/zpool"; zfs = "${cfgZfs.package}/sbin/zfs"; + mount.zfs = "${cfgZfs.package}/sbin/mount.zfs"; awk = "${pkgs.gawk}/bin/awk"; }; storePaths = [