* Move the stuff in boot-stage-2-init.sh that doesn't have to happen
at boot time into a separate script. This will allow us to change the configuration without rebooting (provided that the configuration doesn't have a different kernel, init, etc.). svn path=/nixos/trunk/; revision=7294
This commit is contained in:
parent
af8dc724d1
commit
9986bda673
@ -72,26 +72,9 @@ mkdir -m 0755 -p /var/log
|
|||||||
ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
|
ln -sf /nix/var/nix/profiles /nix/var/nix/gcroots/
|
||||||
|
|
||||||
|
|
||||||
# Set up the statically computed bits of /etc.
|
# Run the script that performs all configuration activation that does
|
||||||
staticEtc=/etc/static
|
# not have to be done at boot time.
|
||||||
rm -f $staticEtc
|
source @activateConfiguration@
|
||||||
ln -s @etc@/etc $staticEtc
|
|
||||||
for i in $(cd $staticEtc && find * -type l); do
|
|
||||||
mkdir -p /etc/$(dirname $i)
|
|
||||||
rm -f /etc/$i
|
|
||||||
ln -s $staticEtc/$i /etc/$i
|
|
||||||
done
|
|
||||||
|
|
||||||
|
|
||||||
# Remove dangling symlinks that point to /etc/static. These are
|
|
||||||
# configuration files that existed in a previous configuration but not
|
|
||||||
# in the current one.
|
|
||||||
for i in $(find /etc/ -type l); do
|
|
||||||
target=$(readlink "$i")
|
|
||||||
if test "${target:0:${#staticEtc}}" = "$staticEtc" -a ! -e "$i"; then
|
|
||||||
rm -f "$i"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
|
|
||||||
# Ensure that the module tools can find the kernel modules.
|
# Ensure that the module tools can find the kernel modules.
|
||||||
@ -117,103 +100,10 @@ udevtrigger
|
|||||||
udevsettle # wait for udev to finish
|
udevsettle # wait for udev to finish
|
||||||
|
|
||||||
|
|
||||||
# !!! Hack - should be done with udev rules.
|
|
||||||
chmod 666 /dev/null
|
|
||||||
|
|
||||||
|
|
||||||
# Enable a password-less root login.
|
|
||||||
source @accounts@
|
|
||||||
|
|
||||||
if ! test -e /etc/passwd; then
|
|
||||||
if test -n "@readOnlyRoot@"; then
|
|
||||||
rootHome=/
|
|
||||||
else
|
|
||||||
rootHome=/home/root
|
|
||||||
mkdir -p $rootHome
|
|
||||||
fi
|
|
||||||
createUser root '' 0 0 'System administrator' $rootHome/var/empty @shell@
|
|
||||||
fi
|
|
||||||
|
|
||||||
if ! test -e /etc/group; then
|
|
||||||
echo "root:*:0" > /etc/group
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# Set up Nix accounts.
|
|
||||||
if test -z "@readOnlyRoot@"; then
|
|
||||||
|
|
||||||
for i in $(seq 1 10); do
|
|
||||||
account=nixbld$i
|
|
||||||
if ! userExists $account; then
|
|
||||||
createUser $account x \
|
|
||||||
$((i + 30000)) 30000 \
|
|
||||||
'Nix build user' /var/empty /noshell
|
|
||||||
fi
|
|
||||||
accounts="$accounts${accounts:+,}$account"
|
|
||||||
done
|
|
||||||
|
|
||||||
if ! grep -q "^nixbld:" /etc/group; then
|
|
||||||
echo "nixbld:*:30000:$accounts" >> /etc/group
|
|
||||||
fi
|
|
||||||
|
|
||||||
mkdir -p /nix/etc/nix
|
|
||||||
cat > /nix/etc/nix/nix.conf <<EOF
|
|
||||||
build-users-group = nixbld
|
|
||||||
EOF
|
|
||||||
|
|
||||||
chown root.nixbld /nix/store
|
|
||||||
chmod 1775 /nix/store
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# Set up the Upstart jobs.
|
|
||||||
export UPSTART_CFG_DIR=/etc/event.d
|
|
||||||
|
|
||||||
rm -f /etc/event.d
|
|
||||||
ln -sf @upstartJobs@/etc/event.d /etc/event.d
|
|
||||||
|
|
||||||
|
|
||||||
# Additional path for the interactive shell.
|
|
||||||
PATH=@wrapperDir@:@fullPath@/bin:@fullPath@/sbin
|
|
||||||
|
|
||||||
cat > /etc/profile <<EOF
|
|
||||||
export PATH=$PATH
|
|
||||||
export MODULE_DIR=$MODULE_DIR
|
|
||||||
export NIX_CONF_DIR=/nix/etc/nix
|
|
||||||
if test "\$USER" != root; then
|
|
||||||
export NIX_REMOTE=daemon
|
|
||||||
fi
|
|
||||||
|
|
||||||
source $(dirname $(readlink -f $(type -tp nix-env)))/../etc/profile.d/nix.sh
|
|
||||||
|
|
||||||
alias ll="ls -l"
|
|
||||||
|
|
||||||
if test -f /etc/profile.local; then
|
|
||||||
source /etc/profile.local
|
|
||||||
fi
|
|
||||||
EOF
|
|
||||||
|
|
||||||
|
|
||||||
# Make a few setuid programs work.
|
|
||||||
wrapperDir=@wrapperDir@
|
|
||||||
if test -d $wrapperDir; then rm -f $wrapperDir/*; fi
|
|
||||||
mkdir -p $wrapperDir
|
|
||||||
for i in passwd su; do
|
|
||||||
program=$(type -tp $i)
|
|
||||||
cp $(type -tp setuid-wrapper) $wrapperDir/$i
|
|
||||||
echo -n $program > $wrapperDir/$i.real
|
|
||||||
chown root.root $wrapperDir/$i
|
|
||||||
chmod 4755 $wrapperDir/$i
|
|
||||||
done
|
|
||||||
|
|
||||||
|
|
||||||
# Set the host name.
|
|
||||||
hostname @hostName@
|
|
||||||
|
|
||||||
|
|
||||||
# Start an interactive shell.
|
# Start an interactive shell.
|
||||||
#exec @shell@
|
#exec @shell@
|
||||||
|
|
||||||
|
|
||||||
# Start Upstart's init.
|
# Start Upstart's init.
|
||||||
|
export UPSTART_CFG_DIR=/etc/event.d
|
||||||
exec @upstart@/sbin/init -v
|
exec @upstart@/sbin/init -v
|
||||||
|
@ -1,19 +1,10 @@
|
|||||||
{ genericSubstituter, buildEnv, shell, coreutils, findutils
|
{ genericSubstituter, shell, coreutils, findutils
|
||||||
, gnugrep, utillinux, kernel, udev, upstart, setuidWrapper
|
, gnugrep, utillinux, kernel, udev, upstart
|
||||||
, path ? []
|
, activateConfiguration
|
||||||
|
|
||||||
, # Whether the root device is root only. If so, we'll mount a
|
, # Whether the root device is root only. If so, we'll mount a
|
||||||
# ramdisk on /etc, /var and so on.
|
# ramdisk on /etc, /var and so on.
|
||||||
readOnlyRoot
|
readOnlyRoot
|
||||||
|
|
||||||
, # The Upstart job configuration.
|
|
||||||
upstartJobs
|
|
||||||
|
|
||||||
, # Static configuration files to be placed (through symlinks) in
|
|
||||||
# /etc.
|
|
||||||
etc
|
|
||||||
|
|
||||||
, hostName
|
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
@ -25,7 +16,6 @@ let
|
|||||||
utillinux
|
utillinux
|
||||||
udev
|
udev
|
||||||
upstart
|
upstart
|
||||||
setuidWrapper
|
|
||||||
];
|
];
|
||||||
|
|
||||||
in
|
in
|
||||||
@ -33,21 +23,6 @@ in
|
|||||||
genericSubstituter {
|
genericSubstituter {
|
||||||
src = ./boot-stage-2-init.sh;
|
src = ./boot-stage-2-init.sh;
|
||||||
isExecutable = true;
|
isExecutable = true;
|
||||||
inherit shell kernel upstart readOnlyRoot upstartJobs etc hostName;
|
inherit shell kernel upstart readOnlyRoot activateConfiguration;
|
||||||
inherit startPath;
|
inherit startPath;
|
||||||
|
|
||||||
# We don't want to put all of `startPath' and `path' in $PATH, since
|
|
||||||
# then we get an embarrassingly long $PATH. So use the user
|
|
||||||
# environment builder to make a directory with symlinks to those
|
|
||||||
# packages.
|
|
||||||
fullPath = buildEnv {
|
|
||||||
name = "boot-stage-2-path";
|
|
||||||
paths = startPath ++ path;
|
|
||||||
pathsToLink = ["/bin" "/sbin" "/man/man1" "/share/man/man1"];
|
|
||||||
ignoreCollisions = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
wrapperDir = setuidWrapper.wrapperDir;
|
|
||||||
|
|
||||||
accounts = ../helpers/accounts.sh;
|
|
||||||
}
|
}
|
||||||
|
110
configuration/activate-configuration.sh
Normal file
110
configuration/activate-configuration.sh
Normal file
@ -0,0 +1,110 @@
|
|||||||
|
#! @shell@
|
||||||
|
|
||||||
|
|
||||||
|
# !!! Hack - should be done with udev rules.
|
||||||
|
chmod 666 /dev/null
|
||||||
|
|
||||||
|
|
||||||
|
# Set up the statically computed bits of /etc.
|
||||||
|
staticEtc=/etc/static
|
||||||
|
rm -f $staticEtc
|
||||||
|
ln -s @etc@/etc $staticEtc
|
||||||
|
for i in $(cd $staticEtc && find * -type l); do
|
||||||
|
mkdir -p /etc/$(dirname $i)
|
||||||
|
rm -f /etc/$i
|
||||||
|
ln -s $staticEtc/$i /etc/$i
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
# Remove dangling symlinks that point to /etc/static. These are
|
||||||
|
# configuration files that existed in a previous configuration but not
|
||||||
|
# in the current one.
|
||||||
|
for i in $(find /etc/ -type l); do
|
||||||
|
target=$(readlink "$i")
|
||||||
|
if test "${target:0:${#staticEtc}}" = "$staticEtc" -a ! -e "$i"; then
|
||||||
|
rm -f "$i"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
# Enable a password-less root login.
|
||||||
|
source @accounts@
|
||||||
|
|
||||||
|
if ! test -e /etc/passwd; then
|
||||||
|
if test -n "@readOnlyRoot@"; then
|
||||||
|
rootHome=/
|
||||||
|
else
|
||||||
|
rootHome=/home/root
|
||||||
|
mkdir -p $rootHome
|
||||||
|
fi
|
||||||
|
createUser root '' 0 0 'System administrator' $rootHome/var/empty @shell@
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! test -e /etc/group; then
|
||||||
|
echo "root:*:0" > /etc/group
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Set up Nix accounts.
|
||||||
|
if test -z "@readOnlyRoot@"; then
|
||||||
|
|
||||||
|
for i in $(seq 1 10); do
|
||||||
|
account=nixbld$i
|
||||||
|
if ! userExists $account; then
|
||||||
|
createUser $account x \
|
||||||
|
$((i + 30000)) 30000 \
|
||||||
|
'Nix build user' /var/empty /noshell
|
||||||
|
fi
|
||||||
|
accounts="$accounts${accounts:+,}$account"
|
||||||
|
done
|
||||||
|
|
||||||
|
if ! grep -q "^nixbld:" /etc/group; then
|
||||||
|
echo "nixbld:*:30000:$accounts" >> /etc/group
|
||||||
|
fi
|
||||||
|
|
||||||
|
mkdir -p /nix/etc/nix
|
||||||
|
cat > /nix/etc/nix/nix.conf <<EOF
|
||||||
|
build-users-group = nixbld
|
||||||
|
EOF
|
||||||
|
|
||||||
|
chown root.nixbld /nix/store
|
||||||
|
chmod 1775 /nix/store
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Additional path for the interactive shell.
|
||||||
|
PATH=@wrapperDir@:@fullPath@/bin:@fullPath@/sbin
|
||||||
|
|
||||||
|
cat > /etc/profile <<EOF
|
||||||
|
export PATH=$PATH
|
||||||
|
export MODULE_DIR=@kernel@/lib/modules
|
||||||
|
export NIX_CONF_DIR=/nix/etc/nix
|
||||||
|
if test "\$USER" != root; then
|
||||||
|
export NIX_REMOTE=daemon
|
||||||
|
fi
|
||||||
|
|
||||||
|
source $(dirname $(readlink -f $(type -tp nix-env)))/../etc/profile.d/nix.sh
|
||||||
|
|
||||||
|
alias ll="ls -l"
|
||||||
|
|
||||||
|
if test -f /etc/profile.local; then
|
||||||
|
source /etc/profile.local
|
||||||
|
fi
|
||||||
|
EOF
|
||||||
|
|
||||||
|
|
||||||
|
# Make a few setuid programs work.
|
||||||
|
wrapperDir=@wrapperDir@
|
||||||
|
if test -d $wrapperDir; then rm -f $wrapperDir/*; fi
|
||||||
|
mkdir -p $wrapperDir
|
||||||
|
for i in passwd su; do
|
||||||
|
program=$(type -tp $i)
|
||||||
|
cp $(type -tp setuid-wrapper) $wrapperDir/$i
|
||||||
|
echo -n $program > $wrapperDir/$i.real
|
||||||
|
chown root.root $wrapperDir/$i
|
||||||
|
chmod 4755 $wrapperDir/$i
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
# Set the host name.
|
||||||
|
hostname @hostName@
|
@ -231,6 +231,11 @@ rec {
|
|||||||
target = "ssh/sshd_config";
|
target = "ssh/sshd_config";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{ # The Upstart events defined above.
|
||||||
|
source = upstartJobs + "/etc/event.d";
|
||||||
|
target = "event.d";
|
||||||
|
}
|
||||||
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -246,23 +251,16 @@ rec {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
# The init script of boot stage 2, which is supposed to do
|
# The packages you want in the boot environment.
|
||||||
# everything else to bring up the system.
|
fullPath = [
|
||||||
bootStage2 = import ../boot/boot-stage-2.nix {
|
|
||||||
inherit (pkgs) genericSubstituter buildEnv coreutils findutils
|
|
||||||
gnugrep utillinux kernel udev upstart;
|
|
||||||
inherit setuidWrapper;
|
|
||||||
inherit upstartJobs;
|
|
||||||
inherit etc;
|
|
||||||
shell = pkgs.bash + "/bin/sh";
|
|
||||||
|
|
||||||
# Additional stuff; add whatever you want here.
|
|
||||||
path = [
|
|
||||||
pkgs.bash
|
pkgs.bash
|
||||||
pkgs.bzip2
|
pkgs.bzip2
|
||||||
|
pkgs.coreutils
|
||||||
pkgs.cpio
|
pkgs.cpio
|
||||||
pkgs.curl
|
pkgs.curl
|
||||||
pkgs.e2fsprogs
|
pkgs.e2fsprogs
|
||||||
|
pkgs.findutils
|
||||||
|
pkgs.gnugrep
|
||||||
pkgs.gnused
|
pkgs.gnused
|
||||||
pkgs.gnutar
|
pkgs.gnutar
|
||||||
pkgs.grub
|
pkgs.grub
|
||||||
@ -279,14 +277,53 @@ rec {
|
|||||||
pkgs.shadowutils
|
pkgs.shadowutils
|
||||||
pkgs.strace
|
pkgs.strace
|
||||||
pkgs.sysklogd
|
pkgs.sysklogd
|
||||||
|
pkgs.udev
|
||||||
|
pkgs.upstart
|
||||||
|
pkgs.utillinux
|
||||||
# pkgs.vim
|
# pkgs.vim
|
||||||
nix
|
nix
|
||||||
nixosInstaller
|
nixosInstaller
|
||||||
|
setuidWrapper
|
||||||
];
|
];
|
||||||
|
|
||||||
inherit readOnlyRoot;
|
|
||||||
|
|
||||||
|
# The script that activates the configuration, i.e., it sets up
|
||||||
|
# /etc, accounts, etc. It doesn't do anything that can only be done
|
||||||
|
# at boot time (such as start `init').
|
||||||
|
activateConfiguration = pkgs.genericSubstituter {
|
||||||
|
src = ./activate-configuration.sh;
|
||||||
|
isExecutable = true;
|
||||||
|
|
||||||
|
shell = pkgs.bash + "/bin/sh";
|
||||||
|
|
||||||
|
inherit etc;
|
||||||
|
inherit readOnlyRoot;
|
||||||
|
inherit (pkgs) kernel;
|
||||||
hostName = config.get ["networking" "hostname"];
|
hostName = config.get ["networking" "hostname"];
|
||||||
|
wrapperDir = setuidWrapper.wrapperDir;
|
||||||
|
accounts = ../helpers/accounts.sh;
|
||||||
|
|
||||||
|
# We don't want to put all of `startPath' and `path' in $PATH, since
|
||||||
|
# then we get an embarrassingly long $PATH. So use the user
|
||||||
|
# environment builder to make a directory with symlinks to those
|
||||||
|
# packages.
|
||||||
|
fullPath = pkgs.buildEnv {
|
||||||
|
name = "boot-stage-2-path";
|
||||||
|
paths = fullPath;
|
||||||
|
pathsToLink = ["/bin" "/sbin" "/man/man1" "/share/man/man1"];
|
||||||
|
ignoreCollisions = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# The init script of boot stage 2, which is supposed to do
|
||||||
|
# everything else to bring up the system.
|
||||||
|
bootStage2 = import ../boot/boot-stage-2.nix {
|
||||||
|
inherit (pkgs) genericSubstituter coreutils findutils
|
||||||
|
gnugrep utillinux kernel udev upstart;
|
||||||
|
shell = pkgs.bash + "/bin/sh";
|
||||||
|
inherit readOnlyRoot;
|
||||||
|
inherit activateConfiguration;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user