Commits on Sep 30, 2019

1. nixos/systemd: pick more upstream tmpfiles confs …

   In #68792 it was discovered that /dev/fuse doesn't have
   wordl-read-writeable permissions anymore. The cause of this is that the
   tmpfiles examples in systemd were reorganized and split into more files.
   We thus lost some of the configuration we were depending on.
   
   In this commit some of the new tmpfiles configuration that are
   applicable to us are added which also makes wtmp/lastlog in the pam
   module not necessary anymore.
   
   Rationale for the new tmpfile configs:
   
     - `journal-nowcow.conf`: Contains chattr +C for journald logs which
     makes sense on copy-on-write filesystems like Btrfs. Other filesystems
     shouldn't do anything funny when that flag is set.
   
     - `static-nodes-permissions.conf`: Contains some permission overrides
     for some device nodes like audio, loop, tun, fuse and kvm.
   
     - `systemd-nspawn.conf`: Makes sure `/var/lib/machines` exists and old
     snapshots are properly removed.
   
     - `systemd-tmp.conf`: Removes systemd services related private tmp
     folders and temporary coredump files.
   
     - `var.conf`: Creates some useful directories in `/var` which we would
     create anyway at some point. Also includes
     `/var/log/{wtmp,btmp,lastlog}`.
   
   Fixes #68792.
   
   (cherry picked from commit 0dc4fe0)

   

   fpletz authored and lheckemann committed Sep 30, 2019
   Copy the full SHA

   ad36169 View commit details

   Browse the repository at this point in the history