gdnc is a user process and can't be made into a NixOS module very
easily. It can still be put in the user's login script. According to the
GNUstep documentation it will be started as soon as it is needed.
Meta data like maintainers, license, and homepage is shared throughout the
"gnustep" project. Everything going through "gsmakeDerivation" now
shares overridable metadata.
This should make merge conflicts easier to
handle. "gnustep" prefix has been removed to
make thing simpler. So "gnustep_make" is now
"make" within the gnustep scope.
Packaging some basic GNUstep apps: GWorkspace and SystemPreferences.
Unfortunately, GWorkspace doesn't work well, because gdomap, gdnc, gpbs
are not started. Also, there is some issue with fonts not being found.
Cleaning up. Adding GNUstep package builder for abstracting out GNUstep
compilation specifics (with thanks to GitHub user lethalman).
The rules for using build_gnustep_package are as simple: any
GNUstep-based package that the package being compiled depends upon are
to be put in [deps] (this is used for setting up a buildEnv), while
other dependencies are put into [buildInputs] as usual.
Removing gnustep-startup (not needed anymore). Adding Gorm and
ProjectCenter applications (these mostly work, provided the environment
is set up manually).
Packing gnustep libs separately, with no use of gnustep-startup. Also,
fixed a bug in WindowMaker package (some imaging dependencies were not supplied).
Adding new library: gnustep-startup, which packages the core
libraries necessary for GNUstep: gnustep-make, gnustep-base,
gnustep-gui, gnustep-backend.
Until we've made sure that most things actually work out of the box, we
need to give people a way of continuing to use the system without
completely disabling grsecurity.
Set sysctl kernel.pax.softmode=1 or boot with pax.softmode=1
- Replace hand-rolled version of nixos-install in make-disk-image by an
actual call to nixos-install
- Required a few cleanups of nixos-install
- nixos-install invokes an activation script which the hand-rolled version
in make-disk-image did not do. We remove /etc/machine-id as that's
a host-specific, impure, output of the activation script
Testing:
nix-build '<nixpkgs/nixos/release.nix>' -A tests.installer.simple passes
Also tried generating an image with:
nix-build -E 'let
pkgs = import <nixpkgs> {};
lib = pkgs.lib;
nixos = import <nixpkgs/nixos> {
configuration = {
fileSystems."/".device = "/dev/disk/by-label/nixos";
boot.loader.grub.devices = [ "/dev/sda" ];
boot.loader.grub.extraEntries = '"''"'
menuentry "Ubuntu" {
insmod ext2
search --set=root --label ubuntu
configfile /boot/grub/grub.cfg
}
'"''"';
};
};
in import <nixpkgs/nixos/lib/make-disk-image.nix> {
inherit pkgs lib;
config = nixos.config;
diskSize = 2000;
partitioned = false;
installBootLoader = false;
}'
Then installed the image:
$ sudo df if=./result/nixos.img of=/dev/sdaX bs=1M
$ sudo resize2fs /dev/disk/by-label/nixos
$ sudo mount /dev/disk/by-label/nixos /mnt
$ sudo mount --rbind /proc /mnt/proc
$ sudo mount --rbind /dev /mnt/dev
$ sudo chroot /mnt /nix/var/nix/profiles/system/bin/switch-to-configuration boot
[ … optionally do something about passwords … ]
and successfully rebooted to that image.
Was doing all this from inside a Ubuntu VM with a single user nix install.
The upgrade of cmake to v3.6.0 broke this build. HDF5 now can
only be found if hdf5-cpp is used as buildInput.
However the upgrade made it possible to remove a patch:
CMake can now find openblas on its own.
- Fix --no-bootloader which didn't do what it advertised
- Hardcode nixbld GID so that systems which do not have a nixbld user
can still run nixos-install (only with --closure since they can't
build anything)
- Cleanup: get rid of NIX_CONF_DIR(=/tmp)/nix.conf and pass arguments instead
- Cleanup: don't assume that the target system has '<nixpkgs/nixos>' or
'<nixos-config>' to see if config.users.mutableUsers. Instead check if
/var/setuid-wrappers/passwd is there
Installing NixOS now works from a Ubuntu host (using --closure).
nix-build -A tests.installer.simple '<nixpkgs/nixos/release.nix>' succeeds ✓
While useless, some builds may dabble with setuid bits (e.g.,
util-linux), which breaks under grsec. In the interest of user
friendliness, we once again compromise by disabling an otherwise useful
feature ...
Closes https://github.com/NixOS/nixpkgs/issues/17501