This pulls in another instance of nixpkgs including glibc.
This is both not great from a evaluation perspective and a dependency
closure.
So let's remove this part from nixpkgs again and re-enable it, when we
have slimmed down the build according to `environment.ldso32 = mkIf
pkgs.stdenv.hostPlatform.isx86_64 (mkDefault stub-ld32);`
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
This makes it so that the getty units are only included if
`config.console.enable` is set to `true`. Previously, they would be
included, but disabled in that case, which is unnecessary.
Testing showed that the existing documentation regarding password override
ordering was incorrect. This commit corrects the errors and refactors
the way the text is constructed to make updating future ordering
changes significantly easier.
From hosts(5):
> For each host a single line should be present with the following
> information:
>
> IP_address canonical_hostname [aliases...]
With lines like "::1 localhost ahost.adomin ahost", we were saying
that the canonical name for "ahost" was "localhost", the opposite of a
canonical name. This is why a second loopback address (127.0.0.2) is
used for hostnames with IPv4 — if they were put after "localhost" on
the 127.0.0.1 line, the same thing would happen. With IPv6 we can't
do the same thing as there's only a single loopback address, so
instead the right thing to do is to simply not list the hostnames in
/etc/hosts, and rely on the myhostname NSS plugin, which will handle
this correctly.
(Note that the examples in hosts(5) also do not include IPv6 FQDN or
hostname entries.)
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.
Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.
A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.
This commit was automatically created and can be verified using
nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \
--argstr baseRev b32a094368
result/bin/apply-formatting $NIXPKGS_PATH
Before the error message only mentioned isSystemUser/isNormalUser which
lead to a confusing situation when setting isNormalUser and an uid like
500 which would generate an error like:
error:
Failed assertions:
- Exactly one of users.users.other.isSystemUser and users.users.other.isNormalUser must be set.
from which you cannot know that setting the uid to 500 *and* setting
isNormalUser is the actual problem.
With this patch the error looks like:
error:
Failed assertions:
- A user cannot have a users.users.fixme.uid set below 1000 and set users.users.fixme.isNormalUser.
Either users.users.fixme.isSystemUser must be set to true instead of users.users.fixme.isNormalUser
or users.users.fixme.uid must be changed to 1000 or above.
If `resolvconf` is invoked by a process not running with the resolvconf
group as primary group, other processes will run into trouble as files
or directories under /run/resolvconf won't have write permissions.
This ACL rule ensure that resolvconf files, include new files created by
any process, are always accessible by users of the resolvconf group.
