From f760f0ef486815bf7d7223773addc35952d270b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 7 Oct 2019 20:44:42 +0200 Subject: [PATCH] Revert "Merge #67232: machinectl compliant NixOS installation" This reverts commit 66967ec7521d065f605795d64ddbbbd4fcd448c3, reversing changes made to fb6595eafdb90ef0bc7a31c2bfc9204e4cad11d9. Fixes #70442; discussion: https://github.com/NixOS/nixpkgs/pull/70027 --- .../installing-nspawn-container.xml | 37 ------------- nixos/doc/manual/installation/installing.xml | 3 -- .../modules/installer/tools/nixos-install.sh | 3 +- .../system/activation/activation-script.nix | 7 --- .../virtualisation/container-config.nix | 2 +- nixos/tests/all-tests.nix | 1 - nixos/tests/systemd-machinectl.nix | 52 ------------------- 7 files changed, 2 insertions(+), 103 deletions(-) delete mode 100644 nixos/doc/manual/installation/installing-nspawn-container.xml delete mode 100644 nixos/tests/systemd-machinectl.nix diff --git a/nixos/doc/manual/installation/installing-nspawn-container.xml b/nixos/doc/manual/installation/installing-nspawn-container.xml deleted file mode 100644 index ae893c53c905..000000000000 --- a/nixos/doc/manual/installation/installing-nspawn-container.xml +++ /dev/null @@ -1,37 +0,0 @@ -
- Installing into a nspawn container - - - For installing a NixOS into a systemd nspawn container the NixOS installation tools are needed. - If you run another distribution than NixOS on your host, - please follow steps 1, 2, and 3. - - - - Create a NixOS configuration file /var/lib/machines/my-container/etc/nixos/configuration.nix. - It is important that the container root file system is under /var/lib/machines. - This is the standard location where machinectl will look for containers. - If you choose place the root into another location you need to start the container directly with systemd-nspawn. - The file needs to have at least following options enabled: - - = true; - = true; - - If your host uses systemd-networkd to configure the network, - you can also enable to use networkd default network configuration for your host and container. - - - - Install the container by running following command: - nixos-install --root /var/lib/machines/my-container \ - --no-channel-copy --no-root-passwd --no-bootloader - - - - Start the container by running following command: - machinectl start my-container - - -
diff --git a/nixos/doc/manual/installation/installing.xml b/nixos/doc/manual/installation/installing.xml index 270372022fac..f1e1568c0349 100644 --- a/nixos/doc/manual/installation/installing.xml +++ b/nixos/doc/manual/installation/installing.xml @@ -563,8 +563,5 @@ Retype new UNIX password: *** - - - diff --git a/nixos/modules/installer/tools/nixos-install.sh b/nixos/modules/installer/tools/nixos-install.sh index be3b5c0687a6..8685cb345e1e 100644 --- a/nixos/modules/installer/tools/nixos-install.sh +++ b/nixos/modules/installer/tools/nixos-install.sh @@ -132,9 +132,8 @@ if [[ -z $noBootLoader ]]; then echo "installing the boot loader..." # Grub needs an mtab. ln -sfn /proc/mounts $mountPoint/etc/mtab - export NIXOS_INSTALL_BOOTLOADER=1 + NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot fi -nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot # Ask the user to set a root password, but only if the passwd command # exists (i.e. when mutable user accounts are enabled). diff --git a/nixos/modules/system/activation/activation-script.nix b/nixos/modules/system/activation/activation-script.nix index 2f716f92c62e..ddfd1af4a319 100644 --- a/nixos/modules/system/activation/activation-script.nix +++ b/nixos/modules/system/activation/activation-script.nix @@ -184,14 +184,7 @@ in find /var/empty -mindepth 1 -delete chmod 0555 /var/empty chown root:root /var/empty - - ${ # reasons for not setting immutable flag: - # 1. flag is not changeable inside a container - # 2. systemd-nspawn can not perform chown in case of --private-users-chown - # then the owner is nobody and ssh will not start - optionalString (!config.boot.isContainer) '' ${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true - ''} ''; system.activationScripts.usrbinenv = if config.environment.usrbinenv != null diff --git a/nixos/modules/virtualisation/container-config.nix b/nixos/modules/virtualisation/container-config.nix index adb2f78a0a64..f7a37d8c9f3b 100644 --- a/nixos/modules/virtualisation/container-config.nix +++ b/nixos/modules/virtualisation/container-config.nix @@ -11,7 +11,7 @@ with lib; services.udisks2.enable = mkDefault false; powerManagement.enable = mkDefault false; - networking.useHostResolvConf = mkDefault (!config.services.resolved.enable); + networking.useHostResolvConf = mkDefault true; # Containers should be light-weight, so start sshd on demand. services.openssh.startWhenNeeded = mkDefault true; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 2c6c3a429707..5643da99e557 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -262,7 +262,6 @@ in syncthing-relay = handleTest ./syncthing-relay.nix {}; systemd = handleTest ./systemd.nix {}; systemd-confinement = handleTest ./systemd-confinement.nix {}; - systemd-machinectl = handleTest ./systemd-machinectl.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-networkd-wireguard = handleTest ./systemd-networkd-wireguard.nix {}; pdns-recursor = handleTest ./pdns-recursor.nix {}; diff --git a/nixos/tests/systemd-machinectl.nix b/nixos/tests/systemd-machinectl.nix deleted file mode 100644 index 091f855d043b..000000000000 --- a/nixos/tests/systemd-machinectl.nix +++ /dev/null @@ -1,52 +0,0 @@ -import ./make-test.nix (let - - container = { ... }: { - boot.isContainer = true; - - # use networkd to obtain systemd network setup - networking.useNetworkd = true; - - # systemd-nspawn expects /sbin/init - boot.loader.initScript.enable = true; - - imports = [ ../modules/profiles/minimal.nix ]; - }; - - containerSystem = (import ../lib/eval-config.nix { - modules = [ container ]; - }).config.system.build.toplevel; - - containerName = "container"; - containerRoot = "/var/lib/machines/${containerName}"; - -in { - name = "systemd-machinectl"; - - machine = { lib, ... }: { - # use networkd to obtain systemd network setup - networking.useNetworkd = true; - - # open DHCP server on interface to container - networking.firewall.trustedInterfaces = [ "ve-+" ]; - - # do not try to access cache.nixos.org - nix.binaryCaches = lib.mkForce []; - - virtualisation.pathsInNixDB = [ containerSystem ]; - }; - - testScript = '' - startAll; - - $machine->waitForUnit("default.target"); - $machine->succeed("mkdir -p ${containerRoot}"); - $machine->succeed("nixos-install --root ${containerRoot} --system ${containerSystem} --no-channel-copy --no-root-passwd --no-bootloader"); - - $machine->succeed("machinectl start ${containerName}"); - $machine->waitUntilSucceeds("systemctl -M ${containerName} is-active default.target"); - $machine->succeed("ping -n -c 1 ${containerName}"); - $machine->succeed("test `stat ${containerRoot}/var/empty -c %u%g` != 00"); - - $machine->succeed("machinectl stop ${containerName}"); - ''; -})