Fixes#361592.
I was able to test this change by doing the following:
1. Create a file named “test-systemd-run0.nix” that contains this Nix
expression:
let
nixpkgs = /path/to/nixpkgs;
pkgs = import nixpkgs { };
in
pkgs.testers.runNixOSTest {
name = "test-systemd-run0";
nodes.machine = {
security.polkit.enable = true;
};
testScript = ''
start_all()
machine.succeed("run0 env")
'';
}
2. Replace “/path/to/nixpkgs” with the actual path to an actual copy of
Nixpkgs.
3. Run the integration test by running this command:
nix-build <path to test-systemd-run0.nix>
(cherry picked from commit d54262911c)
Calling to sendmail without AF_NETLINK causes:
> sendmail: fatal: inet_addr_local[getifaddrs]: getifaddrs: Address family not supported by protocol
and without AF_INET/AF_INET6:
> sendmail: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
> sendmail: warning: inet_protocols: disabling IPv4 name/address support: Address family not supported by protocol
Move the configurePostfix option one level up, since it now also
reconfigures the reportd systemd unit.
(cherry picked from commit b438f32b2a)
At work we have the use-case that several people connect to a large
Linux box to run tests and debug those interactively.
All tests write their state into a global `/tmp` -- e.g. the vde1 socket
and the VMs' state. This leads to conflicts when multiple people are
doing this.
This change tries to use XDG_RUNTIME_DIR before using Python's detection
of a global temp directory: when connecting, this requires a working
user session, but then we get working directories per user. This is
preferable over doing something like `mktemp -d` per run since that
would break use-cases where you want to keep the VMs' state across
multiple sessions (`--keep-vm-state`).
(cherry picked from commit 59b4d0de90)
Resolves the installer failing on devices that include this hardware, as
broadcom_sta was marked as insecure due to being unmaintained and having
active CVE's.
This commit be reverted when/if the installer has a mechanism for allowing
insecure packages.
(cherry picked from commit 9c9f467d49)
This is the best indicator we have about whether to use a local resolver.
In the meantime I'm lobbying upstream to read /etc/resolv.conf.
(cherry picked from commit b201963951)
Upstream stores the model cache in the config directory, which is
unnecessarily messy. The cache directory is still the correct place for
these, since they can be pruned and redownloaded, we just don't want it
to happen on every restart.
Fixes: #427714
(cherry picked from commit cb4fd4e3ca)
This will allow dropping the linuxPackages_ham variant. Fedora sets
these in their default kernel, so I don't anticipate any problem with
us doing the same.
Tested building linux_5_4, linux, and linux_latest on x86_64.
(cherry picked from commit d735743b39)
Fixes all code blocks with "nix" language in markdown files for syntax
errors to be able to run nixfmt in the next step.
(cherry picked from commit 6c47e7d5da)
Same as with other services giving postfix access, this needs to happen
for the postfix user. Adding supplementary group permissions to the
systemd unit does not propagate to child processes that ultimately call
the unix domain socket.
(cherry picked from commit e48d12554c)
Plasma 6 requires the `qtsensors` package to be installed in order
for autorotation to work correctly. Simply enabling the IIO module
is not sufficient, although it's also required. Both are required
for autorotation to work correctly.
(cherry picked from commit 864ffcd1e1)
hydra-build-products is automatically updated with the right name, as
is image-info.json.
This breaks hardcoded uses of the filename, but ensures that all the
other outputs are consistent and image.filePath is correct
(cherry picked from commit 5aba7c7131)
vpc files use the extension "vhd". `make-disk-image-nix` contains a
lookup table, but does not expose that. vpc is the only format
supported by the amazon image which is affected. Format and extension
are the same for raw and qcow2.
(cherry picked from commit 8cbc6d6da6)
