Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 5219a3ade193
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: d64f4d03d557
Choose a head ref
1 contributor

Commits on Oct 28, 2020

  1. systemd: stdenv.lib -> lib 

    This is a no-op and makes things a bit smaller.
    @flokli
    flokli committed Oct 28, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    c6bbc94 View commit details

  2. systemd: reorder buildInputs 

    These are all unconditianally anyways.
    @flokli
    flokli committed Oct 28, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    229184f View commit details

  3. systemd: nixpkgs-fmt

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    6456e24 View commit details

  4. systemd: remove perl from nativeBuildInputs 

    This was only used to patch a circular output reference from lib to out
on aarch64, but was removed in b68bddf,

This commit forgot to remove perl, so remove it now.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    8434da5 View commit details

  5. systemd: build without iptables when networkd is disabled 

    upstreams TODO mentions iptables-dev (libiptc) is also used for nspawn,
but it seems like it only makes use of this via networkd anyways (or
does these days) - at least systemdMinimal compiles successfully without
iptables in the build closure.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    39e7333 View commit details

  6. systemd: add withRemote option (default to false), make curl optional 

    This makes curl optional if both remote and importd are disabled, and
makes some assertions more robust by switching from curl.dev != null to
lib.getDev curl != null.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    e1e01fa View commit details

  7. systemd: cleanup cryptsetup input 

    use lib.getDev to retrieve the dev output. Don't pass it to buildInputs
if we don't build with withCryptsetup set to true.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    5f257d7 View commit details

  8. systemd: introduce withCompression flag 

    This will build systemd without some compression utils, useful for
systemdMinimal.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    ff07c6b View commit details

  9. systemd: drop duplicate -Dlocaled=… 

    This is already configurable above.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    c6aada2 View commit details

  10. systemdMinimal: sort feature flags

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    8d18be9 View commit details

  11. systemdMinimal: disable networkd 

    This was missed.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    b027cf2 View commit details

  12. systemd: add withCoredump flag 

    … and default it to false for systemdMinimal
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    987906a View commit details

  13. systemd: add withAnalyze flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    585f4a1 View commit details

  14. systemd: make gcrypt optional

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    13a910e View commit details

  15. systemd: withEfi: move gnu-efi check into assertion

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    54c35f0 View commit details

  16. systemd: disable efi if we don't build with withEfi is set to false

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    0b762c0 View commit details

  17. systemd: add withPolkit option

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    1f93474 View commit details

  18. systemd: add withShellCompletions flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    f142493 View commit details

  19. systemd: add withDocumentation flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    e773262 View commit details

  20. systemd: add withUserDb flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    a079a6f View commit details

  21. systemd: add withNss flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    8526662 View commit details

  22. systemd: add withMachined flag

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    e10a9a8 View commit details

  23. systemdMinimal: disable timesyncd

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    961663a View commit details

  24. systemd: drop libffi from buildInputs 

    This isn't used anywhere.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    e6dff1d View commit details

  25. systemd: add libgpgerror only to buildInputs if we build with resolve… 

    …d support
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    065f057 View commit details

  26. systemd: add withApparmor option

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    93dcbbf View commit details

  27. systemd: add withPCRE2 option

    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    959cea2 View commit details

  28. systemd: stop substituting inside fsck.c, stop substituting mke2fs 

    fsck.c doesn't refer to any of these binaries anymore, and the whole
systmed codebase not to /sbin/mke2fs.
    @flokli
    flokli committed Oct 28, 2020
    Copy the full SHA
    6dbc23e View commit details

Commits on Nov 1, 2020

  1. Merge pull request #101886 from flokli/systemd-more-optional 

    systemd: introduce more options for a more minimal build
    @flokli
    flokli authored Nov 1, 2020
    Copy the full SHA
    d64f4d0 View commit details
Showing with 179 additions and 76 deletions.
  1. +159 −69 pkgs/os-specific/linux/systemd/default.nix
  2. +20 −7 pkgs/top-level/all-packages.nix
228 changes: 159 additions & 69 deletions pkgs/os-specific/linux/systemd/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,60 +1,110 @@
{ stdenv, lib, fetchFromGitHub
{ stdenv
, lib
, fetchFromGitHub
, buildPackages
, ninja, meson, m4, pkgconfig, coreutils, gperf, getent
, patchelf, perl, glibcLocales, glib, substituteAll
, gettext, python3Packages

# Mandatory dependencies
, ninja
, meson
, m4
, pkgconfig
, coreutils
, gperf
, getent
, patchelf
, glibcLocales
, glib
, substituteAll
, gettext
, python3Packages

# Mandatory dependencies
, libcap
, utillinux
, kbd
, kmod

# Optional dependencies
, pam, cryptsetup, lvm2, audit, acl
, lz4, libgcrypt, libgpgerror, libidn2
, curl, gnutar, gnupg, zlib
, xz, libuuid, libffi
, libapparmor, intltool
, bzip2, pcre2, e2fsprogs
# Optional dependencies
, pam
, cryptsetup
, lvm2
, audit
, acl
, lz4
, libgcrypt
, libgpgerror
, libidn2
, curl
, gnutar
, gnupg
, zlib
, xz
, libuuid
, libapparmor
, intltool
, bzip2
, pcre2
, e2fsprogs
, linuxHeaders ? stdenv.cc.libc.linuxHeaders
, gnu-efi
, iptables
, withSelinux ? false, libselinux
, withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp
, withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools
, withSelinux ? false
, libselinux
, withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms
, libseccomp
, withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms
, kexectools
, bashInteractive

, withResolved ? true
, withLogind ? true
, withAnalyze ? true
, withApparmor ? true
, withCoredump ? true
, withCompression ? true # adds bzip2, lz4 and xz
, withCryptsetup ? true
, withDocumentation ? true
, withEfi ? stdenv.hostPlatform.isEfi
, withHostnamed ? true
, withHwdb ? true
, withImportd ? true
, withLocaled ? true
, withLogind ? true
, withMachined ? true
, withNetworkd ? true
, withNss ? true
, withPCRE2 ? true
, withPolkit ? true
, withRemote ? false # has always been disabled on NixOS, upstream version appears broken anyway
, withResolved ? true
, withShellCompletions ? true
, withTimedated ? true
, withTimesyncd ? true
, withHwdb ? true
, withEfi ? stdenv.hostPlatform.isEfi
, withImportd ? true
, withCryptsetup ? true
, withUserDb ? true

# name argument
# name argument
, pname ? "systemd"


, libxslt, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45
, libxslt
, docbook_xsl
, docbook_xml_dtd_42
, docbook_xml_dtd_45
}:

assert withResolved -> (libgcrypt != null && libgpgerror != null);
assert withImportd ->
( curl.dev != null && zlib != null && xz != null && libgcrypt != null
&& gnutar != null && gnupg != null);
(curl.dev != null && zlib != null && xz != null && libgcrypt != null
&& gnutar != null && gnupg != null && withCompression );

assert withCryptsetup ->
( cryptsetup != null );
assert withEfi -> (gnu-efi != null);
assert withRemote -> lib.getDev curl != null;
assert withCoredump -> withCompression;

assert withCryptsetup ->
(cryptsetup != null);
let
wantCurl = withRemote || withImportd;

version = "246.6";
in stdenv.mkDerivation {
in
stdenv.mkDerivation {
inherit version pname;

# We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly
@@ -105,29 +155,53 @@ in stdenv.mkDerivation {
outputs = [ "out" "man" "dev" ];

nativeBuildInputs =
[ pkgconfig gperf
ninja meson
[
pkgconfig
gperf
ninja
meson
coreutils # meson calls date, stat etc.
glibcLocales
patchelf getent m4
perl # to patch the libsystemd.so and remove dependencies on aarch64
patchelf
getent
m4

intltool
gettext

libxslt docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45
(buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]))
libxslt
docbook_xsl
docbook_xml_dtd_42
docbook_xml_dtd_45
(buildPackages.python3Packages.python.withPackages (ps: with ps; [ python3Packages.lxml ]))
];

buildInputs =
[ linuxHeaders libcap curl.dev kmod xz pam acl
cryptsetup libuuid glib libgcrypt libgpgerror libidn2
pcre2 ] ++
stdenv.lib.optional withKexectools kexectools ++
stdenv.lib.optional withLibseccomp libseccomp ++
[ libffi audit lz4 bzip2 libapparmor iptables ] ++
stdenv.lib.optional withEfi gnu-efi ++
stdenv.lib.optional withSelinux libselinux ++
stdenv.lib.optional withCryptsetup cryptsetup.dev;
[
acl
audit
glib
kmod
libcap
libgcrypt
libidn2
libuuid
linuxHeaders
pam
]

++ lib.optional withApparmor libapparmor
++ lib.optional wantCurl (lib.getDev curl)
++ lib.optionals withCompression [ bzip2 lz4 xz ]
++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev)
++ lib.optional withEfi gnu-efi
++ lib.optional withKexectools kexectools
++ lib.optional withLibseccomp libseccomp
++ lib.optional withNetworkd iptables
++ lib.optional withPCRE2 pcre2
++ lib.optional withResolved libgpgerror
++ lib.optional withSelinux libselinux
;

#dontAddPrefix = true;

@@ -143,28 +217,33 @@ in stdenv.mkDerivation {
"-Dsetfont-path=${kbd}/bin/setfont"
"-Dtty-gid=3" # tty in NixOS has gid 3
"-Ddebug-shell=${bashInteractive}/bin/bash"
"-Dglib=${stdenv.lib.boolToString (glib != null)}"
"-Dglib=${lib.boolToString (glib != null)}"
# while we do not run tests we should also not build them. Removes about 600 targets
"-Dtests=false"
"-Dimportd=${stdenv.lib.boolToString withImportd}"
"-Dlz4=true"
"-Danalyze=${lib.boolToString withAnalyze}"
"-Dgcrypt=${lib.boolToString (libgcrypt != null)}"
"-Dimportd=${lib.boolToString withImportd}"
"-Dlz4=${lib.boolToString withCompression}"
"-Dhomed=false"
"-Dlogind=${stdenv.lib.boolToString withLogind}"
"-Dlocaled=${stdenv.lib.boolToString withLocaled}"
"-Dhostnamed=${stdenv.lib.boolToString withHostnamed}"
"-Dnetworkd=${stdenv.lib.boolToString withNetworkd}"
"-Dcryptsetup=${stdenv.lib.boolToString withCryptsetup}"
"-Dlogind=${lib.boolToString withLogind}"
"-Dlocaled=${lib.boolToString withLocaled}"
"-Dhostnamed=${lib.boolToString withHostnamed}"
"-Dmachined=${lib.boolToString withMachined}"
"-Dnetworkd=${lib.boolToString withNetworkd}"
"-Dpolkit=${lib.boolToString withPolkit}"
"-Dcryptsetup=${lib.boolToString withCryptsetup}"
"-Dportabled=false"
"-Dhwdb=${stdenv.lib.boolToString withHwdb}"
"-Dremote=false"
"-Dhwdb=${lib.boolToString withHwdb}"
"-Dremote=${lib.boolToString withRemote}"
"-Dsysusers=false"
"-Dtimedated=${stdenv.lib.boolToString withTimedated}"
"-Dtimesyncd=${stdenv.lib.boolToString withTimesyncd}"
"-Dtimedated=${lib.boolToString withTimedated}"
"-Dtimesyncd=${lib.boolToString withTimesyncd}"
"-Duserdb=${lib.boolToString withUserDb}"
"-Dcoredump=${lib.boolToString withCoredump}"
"-Dfirstboot=false"
"-Dlocaled=true"
"-Dresolve=${stdenv.lib.boolToString withResolved}"
"-Dresolve=${lib.boolToString withResolved}"
"-Dsplit-usr=false"
"-Dlibcurl=true"
"-Dlibcurl=${lib.boolToString wantCurl}"
"-Dlibidn=false"
"-Dlibidn2=true"
"-Dquotacheck=false"
@@ -201,11 +280,20 @@ in stdenv.mkDerivation {
# more frequent development builds
"-Dman=true"

"-Dgnu-efi=${stdenv.lib.boolToString (withEfi && gnu-efi != null)}"
] ++ stdenv.lib.optionals (withEfi && gnu-efi != null) [
"-Defi=${lib.boolToString withEfi}"
"-Dgnu-efi=${lib.boolToString withEfi}"
] ++ lib.optionals withEfi [
"-Defi-libdir=${toString gnu-efi}/lib"
"-Defi-includedir=${toString gnu-efi}/include/efi"
"-Defi-ldsdir=${toString gnu-efi}/lib"
] ++ lib.optionals (withShellCompletions == false) [
"-Dbashcompletiondir=no"
"-Dzshcompletiondir=no"
] ++ lib.optionals (!withNss) [
"-Dnss-myhostname=false"
"-Dnss-mymachines=false"
"-Dnss-resolve=false"
"-Dnss-systemd=false"
];

preConfigure = ''
@@ -217,7 +305,6 @@ in stdenv.mkDerivation {
src/core/mount.c \
src/core/swap.c \
src/cryptsetup/cryptsetup-generator.c \
src/fsck/fsck.c \
src/journal/cat.c \
src/nspawn/nspawn.c \
src/remount-fs/remount-fs.c \
@@ -234,8 +321,6 @@ in stdenv.mkDerivation {
--replace /sbin/mkswap ${lib.getBin utillinux}/sbin/mkswap \
--replace /sbin/swapon ${lib.getBin utillinux}/sbin/swapon \
--replace /sbin/swapoff ${lib.getBin utillinux}/sbin/swapoff \
--replace /sbin/mke2fs ${lib.getBin e2fsprogs}/sbin/mke2fs \
--replace /sbin/fsck ${lib.getBin utillinux}/sbin/fsck \
--replace /bin/echo ${coreutils}/bin/echo \
--replace /bin/cat ${coreutils}/bin/cat \
--replace /sbin/sulogin ${lib.getBin utillinux}/sbin/sulogin \
@@ -272,14 +357,17 @@ in stdenv.mkDerivation {
NIX_CFLAGS_COMPILE = toString [
# Can't say ${polkit.bin}/bin/pkttyagent here because that would
# lead to a cyclic dependency.
"-UPOLKIT_AGENT_BINARY_PATH" "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\""
"-UPOLKIT_AGENT_BINARY_PATH"
"-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\""

# Set the release_agent on /sys/fs/cgroup/systemd to the
# currently running systemd (/run/current-system/systemd) so
# that we don't use an obsolete/garbage-collected release agent.
"-USYSTEMD_CGROUP_AGENT_PATH" "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\""
"-USYSTEMD_CGROUP_AGENT_PATH"
"-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\""

"-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\""
"-USYSTEMD_BINARY_PATH"
"-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\""
];

doCheck = false; # fails a bunch of tests
@@ -311,7 +399,9 @@ in stdenv.mkDerivation {
# "kernel-install" shouldn't be used on NixOS.
find $out -name "*kernel-install*" -exec rm {} \;
''; # */
'' + lib.optionalString (!withDocumentation) ''
rm -rf $out/share/doc
'';

enableParallelBuilding = true;

@@ -323,7 +413,7 @@ in stdenv.mkDerivation {
# runtime; otherwise we can't and we need to reboot.
passthru.interfaceVersion = 2;

meta = with stdenv.lib; {
meta = with lib; {
homepage = "https://www.freedesktop.org/wiki/Software/systemd/";
description = "A system and service manager for Linux";
license = licenses.lgpl21Plus;
27 changes: 20 additions & 7 deletions pkgs/top-level/all-packages.nix
View file
Original file line number Diff line number Diff line change
@@ -18795,17 +18795,30 @@ in
};
systemdMinimal = systemd.override {
pname = "systemd-minimal";
withResolved = false;
withLogind = false;
withAnalyze = false;
withApparmor = false;
withCompression = false;
withCoredump = false;
withCryptsetup = false;
withDocumentation = false;
withEfi = false;
withHostnamed = false;
withLocaled = false;
withTimedated = false;
withHwdb = false;
withEfi = false;
withImportd = false;
withCryptsetup = false;
cryptsetup = null;
withLocaled = false;
withLogind = false;
withMachined = false;
withNetworkd = false;
withNss = false;
withPCRE2 = false;
withPolkit = false;
withResolved = false;
withShellCompletions = false;
withTimedated = false;
withTimesyncd = false;
withUserDb = false;
glib = null;
libgcrypt = null;
lvm2 = null;
};