The systemd.tmpfiles.settings.<name>.<path>.<type>.argument option may
contain arbitrary strings. This could allow intentional or unintentional
introduction of new configuration lines.
The argument field cannot be quoted, C‐style \xNN escape sequences are
however permitted. By escaping whitespace and newline characters, the
issue can be mitigated.
Follow-up on #169733
For `data`, Nextcloud checks on its own if everything is readable.
However, for `config` it's crucial that the ownership is actually
correct: otherwise, systemd-tmpfiles will refuse any operations inside
because of unsafe path transitions.
This can result in a subtly broken setup by the `override.config.php`
not being updated, but also not part of the system closure anymore
(another override.config.php is referenced now) which means it'll be
GCed eventually even though Nextcloud relies on it.
If this precondition is not met, the following error will be printed:
nextcloud-setup-start[972]: /var/lib/nextcloud/config is not owned by user 'nextcloud'!
nextcloud-setup-start[972]: Please check the logs via 'journalctl -u systemd-tmpfiles-setup'
nextcloud-setup-start[972]: and make sure there are no unsafe path transitions.
nextcloud-setup-start[972]: (https://nixos.org/manual/nixos/stable/#module-services-nextcloud-pitfalls-during-upgrade)
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
This changes the previously used `site_id` in the tests'
REST-API usage to `scope_type`+`scope_id`.
Netbox 3.6 is deprecated and no longer available, the test for it
has been removed.
This was a workaround to begin with, as hardened kernel didn't support tracing.
Back then kernel level tracing was only available through debugfs, and now that
tracefs has been available on NixOS for a while now, enabled in
Link: https://github.com/NixOS/nixpkgs/pull/388751
This workaround can be removed and bpf can be used with tracefs.
Link: https://github.com/NixOS/nixpkgs/issues/360957
Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
the initial change was already made ad hoc in 10a75ab, in response to the recently introduced enforced redirects mapping that is supposed to keep stable URLs.
due to the redirect mechanism's current limitation to locations within
the same site (that is, either the Nixpkgs xor the NixOS manual), and
the observation that noteworthy Nixpkgs changes tend to be
self-contained, it seemed reasonable to introduce a seperate release
notes document. it also has the advantage that users of only Nixpkgs
don't have to deal with release notes that are only relevant for NixOS.
the original change was already lossless for NixOS users, since the
Nixpkgs release notes are appended to the NixOS release notes.
this change moves the pre-existing Nixpkgs notes to the new dedicated page.
Co-authored-by: Gagarin Valentin Gagarin <valentin@gagarin.work>
