This brings back the ability to e.g. configure sane-airscan with
`environment.etc."sane.d/airscan.conf".text = ...`.
(AFAICT, sane-airscan loads all config files it finds, so it'll first
load the one from the nixos hardware.sane.* configuration, then the user
specified one in /etc/sane.d/airscan.conf.)
Fixes: 4fbec87a5b ("nixos/sane: point env vars to /etc for quick reload")
Fixes https://github.com/NixOS/nixpkgs/issues/207262
Without this, you get the following error message in the logs:
udisksd[4082]: Failed to load config files: Failed to get contents of the config dir (/etc/libblockdev/conf.d/)Error opening directory “/etc/libblockdev/conf.d/”: No such file or directory. Using the built-in config
It's a very useful backend (that probably should be enabled by default,
like on Ubuntu), let's start by making it easier to discover.
Ref https://github.com/NixOS/nixpkgs/issues/28406.
Point $SANE_CONFIG_DIR and $LD_LIBRARY_PATH to symlinks in /etc, instead
of directly to nix store paths, so that activating a new configuration
takes effect immediately, instead of requiring users to re-login.
The polkit support in pcsclite is entirely optional but package enables
it unconditionally and this breaks connecting to the pcscd daemon on
systems without polkit.
The fix is making this configurable and automatically disabling
`polkitSupport` when the polkit service is disabled.
We are building fwupd daemon with polkit support which means
polkit daemon is required.
Previously polkit was enabled by default via udisks2 but that
stopped with f763710065
breaking the fwupd installed tests as a result.
Let’s add the polkit dependency to the fwupd module to ensure polkit is available.
most of these are hidden because they're either part of a submodule that
doesn't have its type rendered (eg because the submodule type is used in
an either type) or because they are explicitly hidden. some of them are
merely hidden from nix-doc-munge by how their option is put together.
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running
nix-doc-munge nixos/**/*.nix
nix-doc-munge --import nixos/**/*.nix
the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
mostly no rendering changes. some lists (like simplelist) don't have an
exact translation to markdown, so we use a comma-separated list of
literals instead.
In version 1.5.5 of fwupd the uefi plugin was renamed to
uefi-capsule. As part of those changes the configuration file was
renamed and changed.
This modules configuration mismatch was generally hidden because
when udisks2 is enabled fwupd will use that instead. Without
udisks2 the following warning is seen:
WARNING: UEFI ESP partition not detected or configured
This was enabled by default in 18a7ce76fc
with the reason that it would be "useful regardless of the desktop
environment.", which I'm not arguing against.
The reason why this should not be enabled by default is that there are a
lot of systems that NixOS runs on that are not desktop systems.
Users on such systems most likely do not want or need this feature and
could even consider this an antifeature.
Furthermore, it is surprising to them to find out that they have this
enabled on their systems.
They might be even more surprised to find that they have polkit enabled
by default, which was a default that was flipped in
a813be071c. For some discussion as to why
see https://github.com/NixOS/nixpkgs/pull/156858.
Evidently, this default is not only surprising to users, but also module
developers, as most if not all modules for desktop environments already
explicity set services.udisks2.enable = true; which they don't need to
right now.
- improve some descriptions
- device -> devices
- add options
- extraArgs
- port
- create a symlink in RUNTIME_DIRECTORY
- grant it read permission of /dev/uinput
- relax network-related restrictions when port is used
- change type of some hardening options to list to align with systemd
- CapabilityBoundingSet
- IPAddressDeny
- SystemCallArchitectures
now nix-doc-munge will not introduce whitespace changes when it replaces
manpage references with the MD equivalent.
no change to the manpage, changes to the HTML manual are whitespace only.
