Merge pull request #78426 from Mic92/tmpfiles #78426
Conversation
Especially tmp.conf is important to create /tmp and /var/tmp with the correct permissions.
| @@ -869,11 +869,15 @@ in | |||
| "sysctl.d/50-coredump.conf".source = "${systemd}/example/sysctl.d/50-coredump.conf"; | |||
| "sysctl.d/50-default.conf".source = "${systemd}/example/sysctl.d/50-default.conf"; | |||
|
|
|||
| "tmpfiles.d/home.conf".source = "${systemd}/example/tmpfiles.d/home.conf"; | |||
There was a problem hiding this comment.
| "tmpfiles.d/journal-nocow.conf".source = "${systemd}/example/tmpfiles.d/journal-nocow.conf"; | ||
| "tmpfiles.d/portables.conf".source = "${systemd}/example/tmpfiles.d/portables.conf"; |
There was a problem hiding this comment.
https://github.com/NixOS/systemd/blob/nixos.v243.4/tmpfiles.d/portables.conf
Update fixed link.
There was a problem hiding this comment.
This file is only present in more recent versions: https://github.com/NixOS/systemd/blob/nixos.v243.4/tmpfiles.d/portables.conf
There was a problem hiding this comment.
Note that portabled doesn't even work on nixos currently. It crashes somewhere deep in systemd .
|
Would it be worth having some sort of test which asserts that all of the tmpfiles provided by systemd are either installed or explicitly rejected? |
| "tmpfiles.d/static-nodes-permissions.conf".source = "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf"; | ||
| "tmpfiles.d/systemd.conf".source = "${systemd}/example/tmpfiles.d/systemd.conf"; | ||
| "tmpfiles.d/systemd-nologin.conf".source = "${systemd}/example/tmpfiles.d/systemd-nologin.conf"; |
There was a problem hiding this comment.
| "tmpfiles.d/systemd-nspawn.conf".source = "${systemd}/example/tmpfiles.d/systemd-nspawn.conf"; | ||
| "tmpfiles.d/systemd-tmp.conf".source = "${systemd}/example/tmpfiles.d/systemd-tmp.conf"; | ||
| "tmpfiles.d/tmp.conf".source = "${systemd}/example/tmpfiles.d/tmp.conf"; |
There was a problem hiding this comment.
Yes, but I am not quite sure how to implement that in a smart way. |
Can't we do something similar as done with |
Right, this uses |
|
Fine for me to go with this route for now, but we should really move this to something automatic in the NixOS module to prevent future breakages. |
|
@GrahamcOfBorg test systemd systemd-nspawn |
Mic92
changed the title
Feature freeze for 20.03 was just announced. So if we'd like to get the automated approach into 20.03, that has to happen quickly. |
|
This is more relevant if we perform systemd updates in future for 20.03 it should be fine. |
Especially tmp.conf is important to create /tmp and /var/tmp with the correct
permissions.
Motivation for this change
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)