aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

32
pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch Normal file
View file

@ -0,0 +1,32 @@
From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Tue, 8 Jan 2013 15:46:30 +0100
Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices
This is necessary because the NixOS service that initialises the
filesystem depends on the appearance of the device unit. Also, this
makes more sense to me: the device is ready; it's the filesystem
that's not, but taking care of that is the responsibility of the mount
unit. (However, this ignores the fsck unit, so it's not perfect...)
---
rules.d/99-systemd.rules.in | 4 ----
1 file changed, 4 deletions(-)
diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in
index 25b8a590a6..d18999ea87 100644
--- a/rules.d/99-systemd.rules.in
+++ b/rules.d/99-systemd.rules.in
@@ -17,10 +17,6 @@ SUBSYSTEM=="ubi", TAG+="systemd"
SUBSYSTEM=="block", TAG+="systemd"
SUBSYSTEM=="block", ACTION=="add", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0"
-# Ignore encrypted devices with no identified superblock on it, since
-# we are probably still calling mke2fs or mkswap on it.
-SUBSYSTEM=="block", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0"
-
# add symlink to GPT root disk
SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root"
SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks"
--
2.34.0

42
pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch Normal file
View file

@ -0,0 +1,42 @@
From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Fri, 12 Apr 2013 13:16:57 +0200
Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store
They'll still be remounted read-only.
https://github.com/NixOS/nixos/issues/126
---
src/shared/fstab-util.c | 2 ++
src/shutdown/umount.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/src/shared/fstab-util.c b/src/shared/fstab-util.c
index f683f05981..5a04c2c2a6 100644
--- a/src/shared/fstab-util.c
+++ b/src/shared/fstab-util.c
@@ -40,6 +40,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) {
/* Don't bother with the OS data itself */
if (PATH_IN_SET(mount,
"/",
+ "/nix",
+ "/nix/store",
"/usr",
"/etc"))
return true;
diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c
index f5a2cb20c1..51608d24c0 100644
--- a/src/shutdown/umount.c
+++ b/src/shutdown/umount.c
@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) {
static bool nonunmountable_path(const char *path) {
return path_equal(path, "/")
+ || path_equal(path, "/nix")
+ || path_equal(path, "/nix/store")
#if ! HAVE_SPLIT_USR
|| path_equal(path, "/usr")
#endif
--
2.34.0

34
pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch Normal file
View file

@ -0,0 +1,34 @@
From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 16 Apr 2014 10:59:28 +0200
Subject: [PATCH 03/19] Fix NixOS containers
In NixOS containers, the init script is bind-mounted into the
container, so checking early whether it exists will fail.
---
src/nspawn/nspawn.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 8f17ab8810..197e5aa252 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) {
goto finish;
}
} else {
+#if 0
const char *p, *q;
if (arg_pivot_root_new)
@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) {
r = -EINVAL;
goto finish;
}
+#endif
}
} else {
--
2.34.0

25
pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch Normal file
View file

@ -0,0 +1,25 @@
From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Thu, 1 May 2014 14:10:10 +0200
Subject: [PATCH 04/19] Look for fsck in the right place
---
src/fsck/fsck.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c
index 745d01ff50..dd4eef45c3 100644
--- a/src/fsck/fsck.c
+++ b/src/fsck/fsck.c
@@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) {
} else
dash_c[0] = 0;
- cmdline[i++] = "/sbin/fsck";
+ cmdline[i++] = "/run/current-system/sw/bin/fsck";
cmdline[i++] = arg_repair;
cmdline[i++] = "-T";
--
2.34.0

126
pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch Normal file
View file

@ -0,0 +1,126 @@
From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Fri, 19 Dec 2014 14:46:17 +0100
Subject: [PATCH 05/19] Add some NixOS-specific unit directories
Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for
units provided by packages installed into the default profile via
`nix-env -iA nixos.$package`.
Also, remove /usr and /lib as these don't exist on NixOS.
---
src/basic/path-lookup.c | 17 ++---------------
src/core/systemd.pc.in | 8 ++++----
2 files changed, 6 insertions(+), 19 deletions(-)
diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
index 6fb8c40e7a..142ecdecec 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) {
}
static const char* const user_data_unit_paths[] = {
- "/usr/local/lib/systemd/user",
- "/usr/local/share/systemd/user",
USER_DATA_UNIT_DIR,
- "/usr/lib/systemd/user",
- "/usr/share/systemd/user",
NULL
};
@@ -614,15 +610,13 @@ int lookup_paths_init(
persistent_config,
SYSTEM_CONFIG_UNIT_DIR,
"/etc/systemd/system",
+ "/nix/var/nix/profiles/default/lib/systemd/system",
STRV_IFNOTNULL(persistent_attached),
runtime_config,
"/run/systemd/system",
STRV_IFNOTNULL(runtime_attached),
STRV_IFNOTNULL(generator),
- "/usr/local/lib/systemd/system",
SYSTEM_DATA_UNIT_DIR,
- "/usr/lib/systemd/system",
- STRV_IFNOTNULL(flags & LOOKUP_PATHS_SPLIT_USR ? "/lib/systemd/system" : NULL),
STRV_IFNOTNULL(generator_late));
break;
@@ -638,14 +632,11 @@ int lookup_paths_init(
persistent_config,
USER_CONFIG_UNIT_DIR,
"/etc/systemd/user",
+ "/nix/var/nix/profiles/default/lib/systemd/user",
runtime_config,
"/run/systemd/user",
STRV_IFNOTNULL(generator),
- "/usr/local/share/systemd/user",
- "/usr/share/systemd/user",
- "/usr/local/lib/systemd/user",
USER_DATA_UNIT_DIR,
- "/usr/lib/systemd/user",
STRV_IFNOTNULL(generator_late));
break;
@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) {
case UNIT_FILE_SYSTEM:
add = strv_new("/run/systemd/system-generators",
"/etc/systemd/system-generators",
- "/usr/local/lib/systemd/system-generators",
SYSTEM_GENERATOR_DIR);
break;
@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) {
case UNIT_FILE_USER:
add = strv_new("/run/systemd/user-generators",
"/etc/systemd/user-generators",
- "/usr/local/lib/systemd/user-generators",
USER_GENERATOR_DIR);
break;
@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) {
if (is_system)
add = strv_new("/run/systemd/system-environment-generators",
"/etc/systemd/system-environment-generators",
- "/usr/local/lib/systemd/system-environment-generators",
SYSTEM_ENV_GENERATOR_DIR);
else
add = strv_new("/run/systemd/user-environment-generators",
"/etc/systemd/user-environment-generators",
- "/usr/local/lib/systemd/user-environment-generators",
USER_ENV_GENERATOR_DIR);
if (!add)
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index fc0f8c34fa..162432e77f 100644
--- a/src/core/systemd.pc.in
+++ b/src/core/systemd.pc.in
@@ -38,10 +38,10 @@ systemdsystemconfdir=${systemd_system_conf_dir}
systemd_user_conf_dir=${sysconfdir}/systemd/user
systemduserconfdir=${systemd_user_conf_dir}
-systemd_system_unit_path=${systemd_system_conf_dir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemd_system_unit_dir}:/usr/lib/systemd/system:/lib/systemd/system
+systemd_system_unit_path=${systemd_system_conf_dir}:/etc/systemd/system:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/system:${systemdsystemunitdir}
systemdsystemunitpath=${systemd_system_unit_path}
-systemd_user_unit_path=${systemd_user_conf_dir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemd_user_unit_dir}:/usr/lib/systemd/user:/usr/share/systemd/user
+systemd_user_unit_path=${systemd_user_conf_dir}:/etc/systemd/user:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/user:${systemduserunitdir}
systemduserunitpath=${systemd_user_unit_path}
systemd_system_generator_dir=${root_prefix}/lib/systemd/system-generators
@@ -50,10 +50,10 @@ systemdsystemgeneratordir=${systemd_system_generator_dir}
systemd_user_generator_dir=${prefix}/lib/systemd/user-generators
systemdusergeneratordir=${systemd_user_generator_dir}
-systemd_system_generator_path=/run/systemd/system-generators:/etc/systemd/system-generators:/usr/local/lib/systemd/system-generators:${systemd_system_generator_dir}
+systemd_system_generator_path=/run/systemd/system-generators:/etc/systemd/system-generators:${systemd_system_generator_dir}
systemdsystemgeneratorpath=${systemd_system_generator_path}
-systemd_user_generator_path=/run/systemd/user-generators:/etc/systemd/user-generators:/usr/local/lib/systemd/user-generators:${systemd_user_generator_dir}
+systemd_user_generator_path=/run/systemd/user-generators:/etc/systemd/user-generators:${systemd_user_generator_dir}
systemdusergeneratorpath=${systemd_user_generator_path}
systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep
--
2.34.0

31
pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch Normal file
View file

@ -0,0 +1,31 @@
From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Mon, 11 May 2015 15:39:38 +0200
Subject: [PATCH 06/19] Get rid of a useless message in user sessions
Namely lots of variants of
Unit nix-var-nix-db.mount is bound to inactive unit dev-disk-by\x2dlabel-nixos.device. Stopping, too.
in containers.
---
src/core/manager.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 9368a1dfa1..5b0bdb1bc7 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) {
if (!unit_is_bound_by_inactive(u, &culprit))
continue;
- log_unit_debug(u, "Unit is stopped because bound to inactive unit %s.", culprit->id);
+ if (u->type != UNIT_MOUNT || detect_container() <= 0)
+ log_unit_debug(u, "Unit is stopped because bound to inactive unit %s.", culprit->id);
/* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the
* service being unnecessary after a while. */
--
2.34.0

108
pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch Normal file
View file

@ -0,0 +1,108 @@
From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001
From: Gabriel Ebner <gebner@gebner.org>
Date: Sun, 6 Dec 2015 14:26:36 +0100
Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that
change system settings.
---
src/hostname/hostnamed.c | 6 ++++++
src/locale/localed.c | 9 +++++++++
src/timedate/timedated.c | 10 ++++++++++
3 files changed, 25 insertions(+)
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c
index b20a93ad81..6292fca4fc 100644
--- a/src/hostname/hostnamed.c
+++ b/src/hostname/hostnamed.c
@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
name = empty_to_null(name);
context_read_etc_hostname(c);
@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
name = empty_to_null(name);
context_read_machine_info(c);
diff --git a/src/locale/localed.c b/src/locale/localed.c
index c228385d0e..942ccaa038 100644
--- a/src/locale/localed.c
+++ b/src/locale/localed.c
@@ -360,6 +360,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
use_localegen = locale_gen_check_available();
/* If single locale without variable name is provided, then we assume it is LANG=. */
@@ -485,6 +488,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
keymap = empty_to_null(keymap);
keymap_toggle = empty_to_null(keymap_toggle);
@@ -665,6 +671,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
layout = empty_to_null(layout);
model = empty_to_null(model);
variant = empty_to_null(variant);
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index 66b454269d..0a8fe25d0f 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -668,6 +668,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error *
if (r < 0)
return r;
+ if (getenv("NIXOS_STATIC_TIMEZONE"))
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing timezone via systemd is not supported when it is set in NixOS configuration.");
+
if (!timezone_is_valid(z, LOG_DEBUG))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid or not installed time zone '%s'", z);
@@ -747,6 +751,9 @@ static int method_set_local_rtc(sd_bus_message *m, void *userdata, sd_bus_error
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
if (lrtc == c->local_rtc && !fix_system)
return sd_bus_reply_method_return(m, NULL);
@@ -930,6 +937,9 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error
if (r < 0)
return r;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
+ "Changing system settings via systemd is not supported on NixOS.");
+
r = context_update_ntp_status(c, bus, m);
if (r < 0)
return r;
--
2.34.0

28
pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch Normal file
View file

@ -0,0 +1,28 @@
From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001
From: Nikolay Amiantov <ab@fmap.me>
Date: Thu, 7 Jul 2016 02:47:13 +0300
Subject: [PATCH 08/19] Fix hwdb paths
Patch by vcunat.
---
src/libsystemd/sd-hwdb/hwdb-internal.h | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/src/libsystemd/sd-hwdb/hwdb-internal.h b/src/libsystemd/sd-hwdb/hwdb-internal.h
index 5ddc2211e6..ee621eec46 100644
--- a/src/libsystemd/sd-hwdb/hwdb-internal.h
+++ b/src/libsystemd/sd-hwdb/hwdb-internal.h
@@ -82,8 +82,5 @@ struct trie_value_entry2_f {
} _packed_;
#define hwdb_bin_paths \
- "/etc/systemd/hwdb/hwdb.bin\0" \
- "/etc/udev/hwdb.bin\0" \
- "/usr/lib/systemd/hwdb/hwdb.bin\0" \
- _CONF_PATHS_SPLIT_USR_NULSTR("systemd/hwdb/hwdb.bin") \
- UDEVLIBEXECDIR "/hwdb.bin\0"
+ "/etc/udev/hwdb.bin\0"
+
--
2.34.0

141
pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch Normal file
View file

@ -0,0 +1,141 @@
From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001
From: Nikolay Amiantov <ab@fmap.me>
Date: Tue, 11 Oct 2016 13:12:08 +0300
Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo
NixOS uses this path.
---
man/localtime.xml | 4 ++--
src/basic/time-util.c | 8 ++++----
src/firstboot/firstboot.c | 2 +-
src/nspawn/nspawn.c | 4 ++--
src/timedate/timedated.c | 8 ++++----
5 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/man/localtime.xml b/man/localtime.xml
index e486474c44..5f373d0723 100644
--- a/man/localtime.xml
+++ b/man/localtime.xml
@@ -20,7 +20,7 @@
</refnamediv>
<refsynopsisdiv>
- <para><filename>/etc/localtime</filename> -&gt; <filename>../usr/share/zoneinfo/…</filename></para>
+ <para><filename>/etc/localtime</filename> -&gt; <filename>zoneinfo/…</filename></para>
</refsynopsisdiv>
<refsect1>
@@ -30,7 +30,7 @@
system-wide timezone of the local system that is used by
applications for presentation to the user. It should be an
absolute or relative symbolic link pointing to
- <filename>/usr/share/zoneinfo/</filename>, followed by a timezone
+ <filename>/etc/zoneinfo/</filename>, followed by a timezone
identifier such as <literal>Europe/Berlin</literal> or
<literal>Etc/UTC</literal>. The resulting link should lead to the
corresponding binary
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
index b659d6905d..660b1c6fed 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) {
assert(ret);
- f = fopen("/usr/share/zoneinfo/zone1970.tab", "re");
+ f = fopen("/etc/zoneinfo/zone1970.tab", "re");
if (!f)
return -errno;
@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) {
_cleanup_strv_free_ char **zones = NULL;
int r;
- f = fopen("/usr/share/zoneinfo/tzdata.zi", "re");
+ f = fopen("/etc/zoneinfo/tzdata.zi", "re");
if (!f)
return -errno;
@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) {
if (p - name >= PATH_MAX)
return -ENAMETOOLONG;
- t = strjoina("/usr/share/zoneinfo/", name);
+ t = strjoina("/etc/zoneinfo/", name);
fd = open(t, O_RDONLY|O_CLOEXEC);
if (fd < 0)
@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) {
if (r < 0)
return r; /* returns EINVAL if not a symlink */
- e = PATH_STARTSWITH_SET(t, "/usr/share/zoneinfo/", "../usr/share/zoneinfo/");
+ e = PATH_STARTSWITH_SET(t, "/etc/zoneinfo/", "../etc/zoneinfo/");
if (!e)
return -EINVAL;
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index d28a416e5d..c7c215731d 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -494,7 +494,7 @@ static int process_timezone(void) {
if (isempty(arg_timezone))
return 0;
- e = strjoina("../usr/share/zoneinfo/", arg_timezone);
+ e = strjoina("zoneinfo/", arg_timezone);
(void) mkdir_parents(etc_localtime, 0755);
if (symlink(e, etc_localtime) < 0)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 197e5aa252..c674fa61d5 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid
static const char *timezone_from_path(const char *path) {
return PATH_STARTSWITH_SET(
path,
- "../usr/share/zoneinfo/",
- "/usr/share/zoneinfo/");
+ "../etc/zoneinfo/",
+ "/etc/zoneinfo/");
}
static bool etc_writable(void) {
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index 0a8fe25d0f..2f02b9a520 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -279,7 +279,7 @@ static int context_read_data(Context *c) {
r = get_timezone(&t);
if (r == -EINVAL)
- log_warning_errno(r, "/etc/localtime should be a symbolic link to a time zone data file in /usr/share/zoneinfo/.");
+ log_warning_errno(r, "/etc/localtime should be a symbolic link to a time zone data file in /etc/zoneinfo/.");
else if (r < 0)
log_warning_errno(r, "Failed to get target of /etc/localtime: %m");
@@ -303,7 +303,7 @@ static int context_write_data_timezone(Context *c) {
if (isempty(c->zone) || streq(c->zone, "UTC")) {
- if (access("/usr/share/zoneinfo/UTC", F_OK) < 0) {
+ if (access("/etc/zoneinfo/UTC", F_OK) < 0) {
if (unlink("/etc/localtime") < 0 && errno != ENOENT)
return -errno;
@@ -311,9 +311,9 @@ static int context_write_data_timezone(Context *c) {
return 0;
}
- source = "../usr/share/zoneinfo/UTC";
+ source = "../etc/zoneinfo/UTC";
} else {
- p = path_join("../usr/share/zoneinfo", c->zone);
+ p = path_join("../etc/zoneinfo", c->zone);
if (!p)
return -ENOMEM;
--
2.34.0

27
pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch Normal file
View file

@ -0,0 +1,27 @@
From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001
From: Imuli <i@imu.li>
Date: Wed, 19 Oct 2016 08:46:47 -0400
Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-*
NixOS has an option to link the xkb data files to /etc/X11, but not to
/usr/share/X11.
---
src/locale/localectl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/locale/localectl.c b/src/locale/localectl.c
index b5624209dc..4ab7adfdb6 100644
--- a/src/locale/localectl.c
+++ b/src/locale/localectl.c
@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) {
} state = NONE, look_for;
int r;
- f = fopen("/usr/share/X11/xkb/rules/base.lst", "re");
+ f = fopen("/etc/X11/xkb/rules/base.lst", "re");
if (!f)
return log_error_errno(errno, "Failed to open keyboard mapping list. %m");
--
2.34.0

26
pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch Normal file
View file

@ -0,0 +1,26 @@
From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Sun, 11 Feb 2018 04:37:44 +0100
Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir
---
meson.build | 3 ---
1 file changed, 3 deletions(-)
diff --git a/meson.build b/meson.build
index c0cbadecb1..8266bf57de 100644
--- a/meson.build
+++ b/meson.build
@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2',
install_subdir('LICENSES',
install_dir : docdir)
-meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir))
-meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir))
-
############################################################
# Ensure that changes to the docs/ directory do not break the
--
2.34.0

44
pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch Normal file
View file

@ -0,0 +1,44 @@
From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Fri, 2 Nov 2018 21:15:42 +0100
Subject: [PATCH 12/19] inherit systemd environment when calling generators.
Systemd generators need access to the environment configured in
stage-2-init.sh since it schedules fsck and mkfs executions based on
being able to find an appropriate binary for the target filesystem.
With this commit I am altering the systemd behaviour since upstream
tries to gather environments with that they call
"environment-generators" and then seems to pass that on to all the other
executables that are being called from managers.
---
src/core/manager.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 5b0bdb1bc7..1538a5200a 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) {
argv[4] = NULL;
RUN_WITH_UMASK(0022)
- (void) execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, NULL, NULL,
- (char**) argv, m->transient_environment,
- EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
-
+ (void) execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
+ // On NixOS we must propagate PATH to generators so they are
+ // able to find binaries such as `fsck.${fstype}` and
+ // `mkfs.${fstype}`. That is why the last argument of the
+ // function (envp) is set to NULL. This propagates systemd's
+ // environment (e.g. PATH) that was setup
+ // before calling systemd from stage-2-init.sh.
+ NULL, NULL, (char**) argv, /* NixOS: use inherited env */ NULL,
+ EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
r = 0;
finish:
--
2.34.0

38
pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch Normal file
View file

@ -0,0 +1,38 @@
From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Thu, 9 May 2019 11:15:22 +0200
Subject: [PATCH 13/19] add rootprefix to lookup dir paths
systemd does not longer use the UDEVLIBEXEC directory as root for
discovery default udev rules. By adding `$out/lib` to the lookup paths
we should again be able to discover the udev rules amongst other default
files that I might have missed.
---
src/basic/def.h | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/basic/def.h b/src/basic/def.h
index eccee3d3fa..e94a2c8bd0 100644
--- a/src/basic/def.h
+++ b/src/basic/def.h
@@ -39,13 +39,15 @@
"/run/" n "\0" \
"/usr/local/lib/" n "\0" \
"/usr/lib/" n "\0" \
- _CONF_PATHS_SPLIT_USR_NULSTR(n)
+ _CONF_PATHS_SPLIT_USR_NULSTR(n) \
+ ROOTPREFIX "/lib/" n "\0"
#define CONF_PATHS_USR(n) \
"/etc/" n, \
"/run/" n, \
"/usr/local/lib/" n, \
- "/usr/lib/" n
+ "/usr/lib/" n, \
+ ROOTPREFIX "/lib/" n
#define CONF_PATHS(n) \
CONF_PATHS_USR(n) \
--
2.34.0

27
pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch Normal file
View file

@ -0,0 +1,27 @@
From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001
From: Nikolay Amiantov <ab@fmap.me>
Date: Thu, 25 Jul 2019 20:45:55 +0300
Subject: [PATCH 14/19] systemd-shutdown: execute scripts in
/etc/systemd/system-shutdown
This is needed for NixOS to use such scripts as systemd directory is immutable.
---
src/shutdown/shutdown.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c
index 7ad9930677..fdb03a2e1a 100644
--- a/src/shutdown/shutdown.c
+++ b/src/shutdown/shutdown.c
@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) {
_cleanup_free_ char *cgroup = NULL;
char *arguments[3];
int cmd, r, umount_log_level = LOG_INFO;
- static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL};
+ static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL};
/* The log target defaults to console, but the original systemd process will pass its log target in through a
* command line argument, which will override this default. Also, ensure we'll never log to the journal or
--
2.34.0

26
pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch Normal file
View file

@ -0,0 +1,26 @@
From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001
From: Nikolay Amiantov <ab@fmap.me>
Date: Thu, 25 Jul 2019 20:46:58 +0300
Subject: [PATCH 15/19] systemd-sleep: execute scripts in
/etc/systemd/system-sleep
This is needed for NixOS to use such scripts as systemd directory is immutable.
---
src/sleep/sleep.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
index 7064f3a905..b60ced9d9b 100644
--- a/src/sleep/sleep.c
+++ b/src/sleep/sleep.c
@@ -182,6 +182,7 @@ static int execute(
};
static const char* const dirs[] = {
SYSTEM_SLEEP_PATH,
+ "/etc/systemd/system-sleep",
NULL
};
--
2.34.0

27
pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch Normal file
View file

@ -0,0 +1,27 @@
From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sat, 7 Mar 2020 22:40:27 +0100
Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty
On NixOS, kernel modules of the currently booted systems are located at
/run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/.
---
units/kmod-static-nodes.service.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in
index 777e82d16b..b6abc2bba0 100644
--- a/units/kmod-static-nodes.service.in
+++ b/units/kmod-static-nodes.service.in
@@ -12,7 +12,7 @@ Description=Create List of Static Device Nodes
DefaultDependencies=no
Before=sysinit.target systemd-tmpfiles-setup-dev.service
ConditionCapability=CAP_SYS_MODULE
-ConditionFileNotEmpty=/lib/modules/%v/modules.devname
+ConditionFileNotEmpty=/run/booted-system/kernel-modules/lib/modules/%v/modules.devname
[Service]
Type=oneshot
--
2.34.0

33
pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch Normal file
View file

@ -0,0 +1,33 @@
From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sun, 8 Mar 2020 01:05:54 +0100
Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL
This will be the $PATH used to lookup ExecStart= etc. options, which
systemd itself uses extensively.
---
src/basic/path-util.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 518f3340bf..18e826ea0b 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -24,11 +24,11 @@
# define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x)
#endif
-#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/")
-#define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/")
+#define DEFAULT_PATH_NORMAL "@defaultPathNormal@"
+#define DEFAULT_PATH_NORMAL_NULSTR "@defaultPathNormal@\0"
#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/")
#define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/")
-#define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/")
+#define DEFAULT_PATH_COMPAT DEFAULT_PATH_NORMAL
#if HAVE_SPLIT_USR
# define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR
--
2.34.0

33
pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch Normal file
View file

@ -0,0 +1,33 @@
From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Sun, 6 Dec 2020 08:34:19 +0100
Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix
Point prefix to the one configured, instead of `/usr` `systemd` has limited
support for making the pkgconfig prefix overridable, and interpolates those
values later down.
So we only need to patch this one value to get the correct paths.
See systemd/systemd@bc4e6e27922a2873985ab9367d79fb099f70b505 for details.
Co-Authored-By: Florian Klink <flokli@flokli.de>
---
src/core/systemd.pc.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index 162432e77f..2fc20daf03 100644
--- a/src/core/systemd.pc.in
+++ b/src/core/systemd.pc.in
@@ -11,7 +11,7 @@
# considered deprecated (though there is no plan to remove them). New names
# shall have underscores.
-prefix=/usr
+prefix={{PREFIX}}
root_prefix={{ROOTPREFIX_NOSLASH}}
rootprefix=${root_prefix}
sysconf_dir={{SYSCONF_DIR}}
--
2.34.0

80
pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch Normal file
View file

@ -0,0 +1,80 @@
From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Wed, 18 Aug 2021 19:10:08 +0200
Subject: [PATCH 19/19] core: handle lookup paths being symlinks
With a recent change paths leaving the statically known lookup paths
would be treated differently then those that remained within those. That
was done (AFAIK) to consistently handle alias names. Unfortunately that
means that on some distributions, especially those where /etc/ consists
mostly of symlinks, would trigger that new detection for every single
unit in /etc/systemd/system. The reason for that is that the units
directory itself is already a symlink.
---
src/basic/unit-file.c | 33 +++++++++++++++++++++++++++++++--
1 file changed, 31 insertions(+), 2 deletions(-)
diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c
index 30c632dfce..6179100126 100644
--- a/src/basic/unit-file.c
+++ b/src/basic/unit-file.c
@@ -255,6 +255,7 @@ int unit_file_build_name_map(
_cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL;
_cleanup_set_free_free_ Set *paths = NULL;
+ _cleanup_strv_free_ char **expanded_search_paths = NULL;
uint64_t timestamp_hash;
char **dir;
int r;
@@ -274,6 +275,34 @@ int unit_file_build_name_map(
return log_oom();
}
+ /* Go over all our search paths, chase their symlinks and store the
+ * result in the expanded_search_paths list.
+ *
+ * This is important for cases where any of the unit directories itself
+ * are symlinks into other directories and would therefore cause all of
+ * the unit files to be recognized as linked units.
+ *
+ * This is important for distributions such as NixOS where most paths
+ * in /etc/ are symlinks to some other location on the filesystem (e.g.
+ * into /nix/store/).
+ */
+ STRV_FOREACH(dir, (char**) lp->search_path) {
+ _cleanup_free_ char *resolved_dir = NULL;
+ r = strv_extend(&expanded_search_paths, *dir);
+ if (r < 0)
+ return log_oom();
+
+ r = chase_symlinks(*dir, NULL, 0, &resolved_dir, NULL);
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to resolve symlink %s, ignoring: %m", *dir);
+ continue;
+ }
+
+ if (strv_consume(&expanded_search_paths, TAKE_PTR(resolved_dir)) < 0)
+ return log_oom();
+ }
+
STRV_FOREACH(dir, (char**) lp->search_path) {
_cleanup_closedir_ DIR *d = NULL;
@@ -386,11 +415,11 @@ int unit_file_build_name_map(
continue;
}
- /* Check if the symlink goes outside of our search path.
+ /* Check if the symlink goes outside of our (expanded) search path.
* If yes, it's a linked unit file or mask, and we don't care about the target name.
* Let's just store the link source directly.
* If not, let's verify that it's a good symlink. */
- char *tail = path_startswith_strv(simplified, lp->search_path);
+ char *tail = path_startswith_strv(simplified, expanded_search_paths);
if (!tail) {
log_debug("%s: linked unit file: %s → %s",
__func__, filename, simplified);
--
2.34.0

704
pkgs/os-specific/linux/systemd/default.nix Normal file
View file

@ -0,0 +1,704 @@
# NOTE: Make sure to (re-)format this file on changes with `nixpkgs-fmt`!
{ stdenv
, lib
, nixosTests
, fetchFromGitHub
, fetchpatch
, fetchzip
, buildPackages
, ninja
, meson
, m4
, pkg-config
, coreutils
, gperf
, getent
, glibcLocales
# glib is only used during tests (test-bus-gvariant, test-bus-marshal)
, glib
, substituteAll
, gettext
, python3Packages
# Mandatory dependencies
, libcap
, util-linux
, kbd
, kmod
# Optional dependencies
, pam
, cryptsetup
, audit
, acl
, lz4
, libgcrypt
, libgpg-error
, libidn2
, curl
, gnutar
, gnupg
, zlib
, xz
, zstd
, tpm2-tss
, libuuid
, libapparmor
, intltool
, bzip2
, pcre2
, e2fsprogs
, elfutils
, linuxHeaders ? stdenv.cc.libc.linuxHeaders
, gnu-efi
, iptables
, withSelinux ? false
, libselinux
, withLibseccomp ? lib.meta.availableOn stdenv.hostPlatform libseccomp
, libseccomp
, withKexectools ? lib.meta.availableOn stdenv.hostPlatform kexec-tools
, kexec-tools
, bashInteractive
, libmicrohttpd
, libfido2
, p11-kit
# the (optional) BPF feature requires bpftool, libbpf, clang and llvm-strip to be available during build time.
# Only libbpf should be a runtime dependency.
, bpftools
, libbpf
, llvmPackages
, withAnalyze ? true
, withApparmor ? true
, withCompression ? true # adds bzip2, lz4, xz and zstd
, withCoredump ? true
, withCryptsetup ? true
, withDocumentation ? true
, withEfi ? stdenv.hostPlatform.isEfi
, withFido2 ? true
, withHomed ? false
, withHostnamed ? true
, withHwdb ? true
, withImportd ? !stdenv.hostPlatform.isMusl
, withLibBPF ? false # currently fails while generating BPF objects
, withLocaled ? true
, withLogind ? true
, withMachined ? true
, withNetworkd ? true
, withNss ? !stdenv.hostPlatform.isMusl
, withOomd ? false
, withPCRE2 ? true
, withPolkit ? true
, withPortabled ? false
, withRemote ? !stdenv.hostPlatform.isMusl
, withResolved ? true
, withShellCompletions ? true
, withTimedated ? true
, withTimesyncd ? true
, withTpm2Tss ? !stdenv.hostPlatform.isMusl
, withUserDb ? !stdenv.hostPlatform.isMusl
# tests assume too much system access for them to be feasible for us right now
, withTests ? false
# name argument
, pname ? "systemd"
, libxslt
, docbook_xsl
, docbook_xml_dtd_42
, docbook_xml_dtd_45
}:
assert withResolved -> (libgcrypt != null && libgpg-error != null);
assert withImportd ->
(curl.dev != null && zlib != null && xz != null && libgcrypt != null
&& gnutar != null && gnupg != null && withCompression);
assert withEfi -> (gnu-efi != null);
assert withRemote -> lib.getDev curl != null;
assert withCoredump -> withCompression;
assert withHomed -> withCryptsetup;
assert withCryptsetup -> (cryptsetup != null);
let
wantCurl = withRemote || withImportd;
wantGcrypt = withResolved || withImportd;
version = "250.4";
# Bump this variable on every (major) version change. See below (in the meson options list) for why.
# command:
# $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \
# jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime'
releaseTimestamp = "1640290180";
in
stdenv.mkDerivation {
inherit pname version;
# We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly
# This has proven to be less error-prone than the previous systemd fork.
src = fetchFromGitHub {
owner = "systemd";
repo = "systemd-stable";
rev = "v${version}";
sha256 = "sha256-AdzPh7dGVrGbbjL9+PqytQOpRzNDUUEftmKZAbFH3L4=";
};
# On major changes, or when otherwise required, you *must* reformat the patches,
# `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent
# systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`.
# Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches
patches = [
./0001-Start-device-units-for-uninitialised-encrypted-devic.patch
./0002-Don-t-try-to-unmount-nix-or-nix-store.patch
./0003-Fix-NixOS-containers.patch
./0004-Look-for-fsck-in-the-right-place.patch
./0005-Add-some-NixOS-specific-unit-directories.patch
./0006-Get-rid-of-a-useless-message-in-user-sessions.patch
./0007-hostnamed-localed-timedated-disable-methods-that-cha.patch
./0008-Fix-hwdb-paths.patch
./0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch
./0010-localectl-use-etc-X11-xkb-for-list-x11.patch
./0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch
./0012-inherit-systemd-environment-when-calling-generators.patch
./0013-add-rootprefix-to-lookup-dir-paths.patch
./0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch
./0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch
./0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch
./0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch
./0018-pkg-config-derive-prefix-from-prefix.patch
# In v248 or v249 we started to get in trouble due to our
# /etc/systemd/system being a symlink and thus being treated differently by
# systemd. With the below patch we mitigate that effect by special casing
# all our root unit dirs if they are symlinks. This does exactly what we
# need (AFAICT).
# See https://github.com/systemd/systemd/pull/20479 for upstream discussion.
./0019-core-handle-lookup-paths-being-symlinks.patch
# fixes reproducability of dbus xml files
# Should no longer be necessary with v251.
(fetchpatch {
url = "https://github.com/systemd/systemd/pull/22174.patch";
sha256 = "sha256-RVhxUEUiISgRlIP/AhU+w1VHfDQw2W16cFl2TXXyxno=";
})
] ++ lib.optional stdenv.hostPlatform.isMusl (
let
oe-core = fetchzip {
url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-7e35a575ef09a85e625a81e0b4d80b020e3e3a92.tar.bz2";
sha256 = "0dvz4685nk0y7nnq3sr2q8ab3wfx0bi8ilwcgn0h6kagwcnav2n8";
};
musl-patches = oe-core + "/meta/recipes-core/systemd/systemd";
in
[
(musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch")
(musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch")
(musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch")
(musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch")
(musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch")
(musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch")
(musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch")
(musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch")
(musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch")
(musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch")
(musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch")
(musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch")
(musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch")
(musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch")
(musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch")
(musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch")
(musl-patches + "/0019-Handle-missing-LOCK_EX.patch")
(musl-patches + "/0021-test-json.c-define-M_PIl.patch")
(musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch")
(musl-patches + "/0025-Handle-__cpu_mask-usage.patch")
(musl-patches + "/0026-Handle-missing-gshadow.patch")
(musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch")
(musl-patches + "/0001-pass-correct-parameters-to-getdents64.patch")
(musl-patches + "/0002-Add-sys-stat.h-for-S_IFDIR.patch")
(musl-patches + "/0001-Adjust-for-musl-headers.patch")
]
);
postPatch = ''
substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/"
substituteInPlace src/boot/efi/meson.build \
--replace \
"find_program('objcopy'" \
"find_program('${stdenv.cc.bintools.targetPrefix}objcopy'"
'' + (
let
# The following patches references to dynamic libraries to ensure that
# all the features that are implemented via dlopen(3) are available (or
# explicitly deactivated) by pointing dlopen to the absolute store path
# instead of relying on the linkers runtime lookup code.
#
# All of the shared library references have to be handled. When new ones
# are introduced by upstream (or one of our patches) they must be
# explicitly declared, otherwise the build will fail.
#
# As of systemd version 247 we've seen a few errors like `libpcre2.… not
# found` when using e.g. --grep with journalctl. Those errors should
# become less unexpected now.
#
# There are generally two classes of dlopen(3) calls. Those that we want to
# support and those that should be deactivated / unsupported. This change
# enforces that we handle all dlopen calls explicitly. Meaning: There is
# not a single dlopen call in the source code tree that we did not
# explicitly handle.
#
# In order to do this we introduced a list of attributes that maps from
# shared object name to the package that contains them. The package can be
# null meaning the reference should be nuked and the shared object will
# never be loadable during runtime (because it points at an invalid store
# path location).
#
# To get a list of dynamically loaded libraries issue something like
# `grep -ri '"lib[a-zA-Z0-9-]*\.so[\.0-9a-zA-z]*"'' $src` and update the below list.
dlopenLibs =
let
opt = condition: pkg: if condition then pkg else null;
in
[
# bpf compilation support
{ name = "libbpf.so.0"; pkg = opt withLibBPF libbpf; }
# We did never provide support for libxkbcommon & qrencode
{ name = "libxkbcommon.so.0"; pkg = null; }
{ name = "libqrencode.so.4"; pkg = null; }
# We did not provide libpwquality before so it is safe to disable it for
# now.
{ name = "libpwquality.so.1"; pkg = null; }
# Only include cryptsetup if it is enabled. We might not be able to
# provide it during "bootstrap" in e.g. the minimal systemd build as
# cryptsetup has udev (aka systemd) in it's dependencies.
{ name = "libcryptsetup.so.12"; pkg = opt withCryptsetup cryptsetup; }
# We are using libidn2 so we only provide that and ignore the others.
# Systemd does this decision during configure time and uses ifdef's to
# enable specific branches. We can safely ignore (nuke) the libidn "v1"
# libraries.
{ name = "libidn2.so.0"; pkg = libidn2; }
{ name = "libidn.so.12"; pkg = null; }
{ name = "libidn.so.11"; pkg = null; }
# journalctl --grep requires libpcre so let's provide it
{ name = "libpcre2-8.so.0"; pkg = pcre2; }
# Support for TPM2 in systemd-cryptsetup, systemd-repart and systemd-cryptenroll
{ name = "libtss2-esys.so.0"; pkg = opt withTpm2Tss tpm2-tss; }
{ name = "libtss2-rc.so.0"; pkg = opt withTpm2Tss tpm2-tss; }
{ name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; }
{ name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; }
{ name = "libfido2.so.1"; pkg = opt withFido2 libfido2; }
# inspect-elf support
{ name = "libelf.so.1"; pkg = opt withCoredump elfutils; }
{ name = "libdw.so.1"; pkg = opt withCoredump elfutils; }
];
patchDlOpen = dl:
let
library = "${lib.makeLibraryPath [ dl.pkg ]}/${dl.name}";
in
if dl.pkg == null then ''
# remove the dependency on the library by replacing it with an invalid path
for file in $(grep -lr '"${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to an invalid store path ("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}")"
substituteInPlace "$file" --replace '"${dl.name}"' '"/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}"'
done
'' else ''
# ensure that the library we provide actually exists
if ! [ -e ${library} ]; then
# exceptional case, details:
# https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157
if ! [[ "${library}" =~ .*libtss2-tcti-$ ]]; then
echo 'The shared library `${library}` does not exist but was given as substitute for `${dl.name}`'
exit 1
fi
fi
# make the path to the dependency explicit
for file in $(grep -lr '"${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to ${library}"
substituteInPlace "$file" --replace '"${dl.name}"' '"${library}"'
done
'';
in
# patch all the dlopen calls to contain absolute paths to the libraries
lib.concatMapStringsSep "\n" patchDlOpen dlopenLibs
)
# finally ensure that there are no left-over dlopen calls (or rather strings pointing to shared libraries) that we didn't handle
+ ''
if grep -qr '"lib[a-zA-Z0-9-]*\.so[\.0-9a-zA-z]*"' src; then
echo "Found unhandled dynamic library calls: "
grep -r '"lib[a-zA-Z0-9-]*\.so[\.0-9a-zA-z]*"' src
exit 1
fi
''
# Finally, patch shebangs in scripts used at build time. This must not patch
# scripts that will end up in the output, to avoid build platform references
# when cross-compiling.
+ ''
shopt -s extglob
patchShebangs tools test src/!(rpm)
'';
outputs = [ "out" "man" "dev" ];
nativeBuildInputs =
[
pkg-config
gperf
ninja
meson
glibcLocales
getent
m4
intltool
gettext
libxslt
docbook_xsl
docbook_xml_dtd_42
docbook_xml_dtd_45
(buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ]))
]
++ lib.optional withLibBPF [
bpftools
llvmPackages.clang
llvmPackages.libllvm
]
;
buildInputs =
[
acl
audit
kmod
libcap
libidn2
libuuid
linuxHeaders
pam
]
++ lib.optional wantGcrypt libgcrypt
++ lib.optional withTests glib
++ lib.optional withApparmor libapparmor
++ lib.optional wantCurl (lib.getDev curl)
++ lib.optionals withCompression [ bzip2 lz4 xz zstd ]
++ lib.optional withCoredump elfutils
++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev)
++ lib.optional withEfi gnu-efi
++ lib.optional withKexectools kexec-tools
++ lib.optional withLibseccomp libseccomp
++ lib.optional withNetworkd iptables
++ lib.optional withPCRE2 pcre2
++ lib.optional withResolved libgpg-error
++ lib.optional withSelinux libselinux
++ lib.optional withRemote libmicrohttpd
++ lib.optionals withHomed [ p11-kit ]
++ lib.optionals (withHomed || withCryptsetup) [ libfido2 ]
++ lib.optionals withLibBPF [ libbpf ]
++ lib.optional withTpm2Tss tpm2-tss
;
#dontAddPrefix = true;
mesonFlags = [
"-Dversion-tag=${version}"
# We bump this variable on every (major) version change to ensure
# that we have known-good value for a timestamp that is in the (not so distant) past.
# This serves as a lower bound for valid system timestamps during startup. Systemd will
# reset the system timestamp if this date is +- 15 years from the system time.
# See the systemd v250 release notes for further details:
# https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266
"-Dtime-epoch=${releaseTimestamp}"
"-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d"
"-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services"
"-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services"
"-Dpamconfdir=${placeholder "out"}/etc/pam.d"
"-Drootprefix=${placeholder "out"}"
"-Dpkgconfiglibdir=${placeholder "dev"}/lib/pkgconfig"
"-Dpkgconfigdatadir=${placeholder "dev"}/share/pkgconfig"
"-Dloadkeys-path=${kbd}/bin/loadkeys"
"-Dsetfont-path=${kbd}/bin/setfont"
"-Dtty-gid=3" # tty in NixOS has gid 3
"-Ddebug-shell=${bashInteractive}/bin/bash"
"-Dglib=${lib.boolToString withTests}"
# while we do not run tests we should also not build them. Removes about 600 targets
"-Dtests=false"
"-Danalyze=${lib.boolToString withAnalyze}"
"-Dgcrypt=${lib.boolToString wantGcrypt}"
"-Dimportd=${lib.boolToString withImportd}"
"-Dlz4=${lib.boolToString withCompression}"
"-Dhomed=${lib.boolToString withHomed}"
"-Dlogind=${lib.boolToString withLogind}"
"-Dlocaled=${lib.boolToString withLocaled}"
"-Dhostnamed=${lib.boolToString withHostnamed}"
"-Dmachined=${lib.boolToString withMachined}"
"-Dnetworkd=${lib.boolToString withNetworkd}"
"-Doomd=${lib.boolToString withOomd}"
"-Dpolkit=${lib.boolToString withPolkit}"
"-Dlibcryptsetup=${lib.boolToString withCryptsetup}"
"-Dportabled=${lib.boolToString withPortabled}"
"-Dhwdb=${lib.boolToString withHwdb}"
"-Dremote=${lib.boolToString withRemote}"
"-Dsysusers=false"
"-Dtimedated=${lib.boolToString withTimedated}"
"-Dtimesyncd=${lib.boolToString withTimesyncd}"
"-Duserdb=${lib.boolToString withUserDb}"
"-Dcoredump=${lib.boolToString withCoredump}"
"-Dfirstboot=false"
"-Dresolve=${lib.boolToString withResolved}"
"-Dsplit-usr=false"
"-Dlibcurl=${lib.boolToString wantCurl}"
"-Dlibidn=false"
"-Dlibidn2=true"
"-Dquotacheck=false"
"-Dldconfig=false"
"-Dsmack=true"
"-Db_pie=true"
"-Dinstall-sysconfdir=false"
"-Dsbat-distro=nixos"
"-Dsbat-distro-summary=NixOS"
"-Dsbat-distro-url=https://nixos.org/"
"-Dsbat-distro-pkgname=${pname}"
"-Dsbat-distro-version=${version}"
/*
As of now, systemd doesn't allow runtime configuration of these values. So
the settings in /etc/login.defs have no effect on it. Many people think this
should be supported however, see
- https://github.com/systemd/systemd/issues/3855
- https://github.com/systemd/systemd/issues/4850
- https://github.com/systemd/systemd/issues/9769
- https://github.com/systemd/systemd/issues/9843
- https://github.com/systemd/systemd/issues/10184
*/
"-Dsystem-uid-max=999"
"-Dsystem-gid-max=999"
"-Dsysvinit-path="
"-Dsysvrcnd-path="
"-Dkmod-path=${kmod}/bin/kmod"
"-Dsulogin-path=${util-linux}/bin/sulogin"
"-Dmount-path=${util-linux}/bin/mount"
"-Dumount-path=${util-linux}/bin/umount"
"-Dcreate-log-dirs=false"
# Use cgroupsv2. This is already the upstream default, but better be explicit.
"-Ddefault-hierarchy=unified"
# Upstream defaulted to disable manpages since they optimize for the much
# more frequent development builds
"-Dman=true"
"-Defi=${lib.boolToString withEfi}"
"-Dgnu-efi=${lib.boolToString withEfi}"
] ++ lib.optionals withEfi [
"-Defi-libdir=${toString gnu-efi}/lib"
"-Defi-includedir=${toString gnu-efi}/include/efi"
] ++ lib.optionals (withShellCompletions == false) [
"-Dbashcompletiondir=no"
"-Dzshcompletiondir=no"
] ++ lib.optionals (!withNss) [
"-Dnss-myhostname=false"
"-Dnss-mymachines=false"
"-Dnss-resolve=false"
"-Dnss-systemd=false"
] ++ lib.optionals withLibBPF [
"-Dbpf-framework=true"
] ++ lib.optionals withTpm2Tss [
"-Dtpm2=true"
] ++ lib.optionals stdenv.hostPlatform.isMusl [
"-Dgshadow=false"
"-Dutmp=false"
"-Didn=false"
];
preConfigure =
let
# A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files.
# As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message.
binaryReplacements = [
{ search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; }
{
search = "/sbin/mkswap";
replacement = "${lib.getBin util-linux}/sbin/mkswap";
where = [
"man/systemd-makefs@.service.xml"
];
}
{ search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; }
{ search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; }
{
search = "/bin/echo";
replacement = "${coreutils}/bin/echo";
where = [
"man/systemd-analyze.xml"
"man/systemd.service.xml"
"src/analyze/test-verify.c"
"src/test/test-env-file.c"
"src/test/test-fileio.c"
];
}
{
search = "/bin/cat";
replacement = "${coreutils}/bin/cat";
where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ];
}
{ search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; }
{
search = "/usr/lib/systemd/systemd-fsck";
replacement = "$out/lib/systemd/systemd-fsck";
where = [
"man/systemd-fsck@.service.xml"
];
}
] ++ lib.optionals withImportd [
{
search = "\"gpg\"";
replacement = "\\\"${gnupg}/bin/gpg\\\"";
where = [ "src/import/pull-common.c" ];
}
{
search = "\"tar\"";
replacement = "\\\"${gnutar}/bin/tar\\\"";
where = [
"src/import/export-tar.c"
"src/import/export.c"
"src/import/import-common.c"
"src/import/import-tar.c"
"src/import/import.c"
"src/import/importd.c"
"src/import/pull-tar.c"
"src/import/pull.c"
];
}
];
# { replacement, search, where } -> List[str]
mkSubstitute = { replacement, search, where }:
map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where;
mkEnsureSubstituted = { replacement, search, where }:
''
if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' | wc -l) -gt 0 ]]; then
echo "Not all references to '${search}' have been replaced. Found the following matches:"
grep '${search}' -r | grep -v "${replacement}" | grep -Ev 'NEWS|^test/'
exit 1
fi
'';
in
''
mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org")
export LC_ALL="en_US.UTF-8";
${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))}
${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements}
substituteInPlace src/libsystemd/sd-journal/catalog.c \
--replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/
'';
# These defines are overridden by CFLAGS and would trigger annoying
# warning messages
postConfigure = ''
substituteInPlace config.h \
--replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \
--replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \
--replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH"
'';
NIX_CFLAGS_COMPILE = toString ([
# Can't say ${polkit.bin}/bin/pkttyagent here because that would
# lead to a cyclic dependency.
"-UPOLKIT_AGENT_BINARY_PATH"
"-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\""
# Set the release_agent on /sys/fs/cgroup/systemd to the
# currently running systemd (/run/current-system/systemd) so
# that we don't use an obsolete/garbage-collected release agent.
"-USYSTEMD_CGROUP_AGENTS_PATH"
"-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\""
"-USYSTEMD_BINARY_PATH"
"-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\""
] ++ lib.optionals stdenv.hostPlatform.isMusl [
"-D__UAPI_DEF_ETHHDR=0"
]);
doCheck = false; # fails a bunch of tests
# trigger the test -n "$DESTDIR" || mutate in upstreams build system
preInstall = ''
export DESTDIR=/
'';
postInstall = ''
mkdir -p $out/example/systemd
mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example
mv $out/lib/systemd/{system,user} $out/example/systemd
rm -rf $out/etc/systemd/system
# Fix reference to /bin/false in the D-Bus services.
for i in $out/share/dbus-1/system-services/*.service; do
substituteInPlace $i --replace /bin/false ${coreutils}/bin/false
done
rm -rf $out/etc/rpm
# "kernel-install" shouldn't be used on NixOS.
find $out -name "*kernel-install*" -exec rm {} \;
'' + lib.optionalString (!withDocumentation) ''
rm -rf $out/share/doc
'';
# Avoid *.EFI binary stripping. At least on aarch64-linux strip
# removes too much from PE32+ files:
# https://github.com/NixOS/nixpkgs/issues/169693
# The hack is to move EFI file out of lib/ before doStrip
# run and return it after doStrip run.
preFixup = lib.optionalString withEfi ''
mv $out/lib/systemd/boot/efi $out/dont-strip-me
'';
postFixup = lib.optionalString withEfi ''
mv $out/dont-strip-me $out/lib/systemd/boot/efi
'';
passthru = {
# The interface version prevents NixOS from switching to an
# incompatible systemd at runtime. (Switching across reboots is
# fine, of course.) It should be increased whenever systemd changes
# in a backwards-incompatible way. If the interface version of two
# systemd builds is the same, then we can switch between them at
# runtime; otherwise we can't and we need to reboot.
interfaceVersion = 2;
inherit withCryptsetup withHostnamed withImportd withLocaled withMachined withTimedated util-linux kmod kbd;
tests = {
inherit (nixosTests) switchTest;
};
};
meta = with lib; {
homepage = "https://www.freedesktop.org/wiki/Software/systemd/";
description = "A system and service manager for Linux";
license = licenses.lgpl21Plus;
platforms = platforms.linux;
# https://github.com/systemd/systemd/issues/20600#issuecomment-912338965
broken = stdenv.hostPlatform.isStatic;
priority = 10;
maintainers = with maintainers; [ flokli kloenk mic92 ];
};
}