From f54612264edd7d743488e6469b5f774dbc07e7b7 Mon Sep 17 00:00:00 2001 From: Richard Marko Date: Sat, 18 Jul 2020 13:32:48 +0200 Subject: nixos/jack,pulseaudio: fix pulse connection to jackd service This fixes the case when Jack Audio Daemon is running as a service via `services.jack.jackd` and Pulseaudio running as a *user* service. Two issues prevented connecting `pulse` with `jackd`: * Missing `JACK_PROMISCUOUS_SERVER` environment variable for `pulse` user service, resulting in `pulse` trying to access `jackd` as if it was running as part of the users session. * `jackd` not being able to access socket created by `pulse` due to socket created using user ID and `users` group. Change allows `jackd` to access the socket created by `pulse` correctly. `pulse` now also autoloads `module-jack-sink` and `module-jack-source` if `services.jack.jackd.enable` is set. The default `pulse` package is now set to `pulseaudioFull` automatically if `services.jack.jackd.enable` is set. --- nixos/modules/config/pulseaudio.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index 408d0a9c33f2..044fa48853db 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -36,6 +36,8 @@ let ${addModuleIf cfg.zeroconf.discovery.enable "module-zeroconf-discover"} ${addModuleIf cfg.tcp.enable (concatStringsSep " " ([ "module-native-protocol-tcp" ] ++ allAnon ++ ipAnon))} + ${addModuleIf config.services.jack.jackd.enable "module-jack-sink"} + ${addModuleIf config.services.jack.jackd.enable "module-jack-source"} ${cfg.extraConfig} ''; }; @@ -144,7 +146,9 @@ in { package = mkOption { type = types.package; - default = pkgs.pulseaudio; + default = if config.services.jack.jackd.enable + then pkgs.pulseaudioFull + else pkgs.pulseaudio; defaultText = "pkgs.pulseaudio"; example = literalExample "pkgs.pulseaudioFull"; description = '' @@ -284,6 +288,8 @@ in { RestartSec = "500ms"; PassEnvironment = "DISPLAY"; }; + } // optionalAttrs config.services.jack.jackd.enable { + environment.JACK_PROMISCUOUS_SERVER = "jackaudio"; }; sockets.pulseaudio = { wantedBy = [ "sockets.target" ]; -- cgit v1.2.3 From 52bdb3eb7bc853873d68187494c2a683ce3084bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 23 Sep 2020 10:44:59 +0200 Subject: nixos/update-users-group: treat all file as utf-8 Ideally we would treat everything as bytes however our database is already utf-8 encoded so we need to stay compatible. --- nixos/modules/config/update-users-groups.pl | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index e1c7a46e4304..979f6464f089 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -98,7 +98,7 @@ sub parseGroup { return ($f[0], { name => $f[0], password => $f[1], gid => $gid, members => $f[3] }); } -my %groupsCur = -f "/etc/group" ? map { parseGroup } read_file("/etc/group") : (); +my %groupsCur = -f "/etc/group" ? map { parseGroup } read_file("/etc/group", { binmode => ":utf8" }) : (); # Read the current /etc/passwd. sub parseUser { @@ -109,20 +109,19 @@ sub parseUser { return ($f[0], { name => $f[0], fakePassword => $f[1], uid => $uid, gid => $f[3], description => $f[4], home => $f[5], shell => $f[6] }); } - -my %usersCur = -f "/etc/passwd" ? map { parseUser } read_file("/etc/passwd") : (); +my %usersCur = -f "/etc/passwd" ? map { parseUser } read_file("/etc/passwd", { binmode => ":utf8" }) : (); # Read the groups that were created declaratively (i.e. not by groups) # in the past. These must be removed if they are no longer in the # current spec. my $declGroupsFile = "/var/lib/nixos/declarative-groups"; my %declGroups; -$declGroups{$_} = 1 foreach split / /, -e $declGroupsFile ? read_file($declGroupsFile) : ""; +$declGroups{$_} = 1 foreach split / /, -e $declGroupsFile ? read_file($declGroupsFile, { binmode => ":utf8" }) : ""; # Idem for the users. my $declUsersFile = "/var/lib/nixos/declarative-users"; my %declUsers; -$declUsers{$_} = 1 foreach split / /, -e $declUsersFile ? read_file($declUsersFile) : ""; +$declUsers{$_} = 1 foreach split / /, -e $declUsersFile ? read_file($declUsersFile, { binmode => ":utf8" }) : ""; # Generate a new /etc/group containing the declared groups. @@ -260,7 +259,7 @@ system("nscd --invalidate passwd"); my @shadowNew; my %shadowSeen; -foreach my $line (-f "/etc/shadow" ? read_file("/etc/shadow") : ()) { +foreach my $line (-f "/etc/shadow" ? read_file("/etc/shadow", { binmode => ":utf8" }) : ()) { chomp $line; my ($name, $hashedPassword, @rest) = split(':', $line, -9); my $u = $usersOut{$name};; -- cgit v1.2.3 From f072d4dadcee0b616927f14baf3feb18591a1d68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 23 Sep 2020 10:46:02 +0200 Subject: nixos/update-users-groups: fix encoding of json database The issue here is that updateFile expects a unicode string while encode_json returns a binary string unlike to_json. --- nixos/modules/config/update-users-groups.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index 979f6464f089..ddd7efd82f76 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -174,7 +174,7 @@ foreach my $name (keys %groupsCur) { # Rewrite /etc/group. FIXME: acquire lock. my @lines = map { join(":", $_->{name}, $_->{password}, $_->{gid}, $_->{members}) . "\n" } (sort { $a->{gid} <=> $b->{gid} } values(%groupsOut)); -updateFile($gidMapFile, encode_json($gidMap)); +updateFile($gidMapFile, to_json($gidMap)); updateFile("/etc/group", \@lines); system("nscd --invalidate group"); @@ -250,7 +250,7 @@ foreach my $name (keys %usersCur) { # Rewrite /etc/passwd. FIXME: acquire lock. @lines = map { join(":", $_->{name}, $_->{fakePassword}, $_->{uid}, $_->{gid}, $_->{description}, $_->{home}, $_->{shell}) . "\n" } (sort { $a->{uid} <=> $b->{uid} } (values %usersOut)); -updateFile($uidMapFile, encode_json($uidMap)); +updateFile($uidMapFile, to_json($uidMap)); updateFile("/etc/passwd", \@lines); system("nscd --invalidate passwd"); -- cgit v1.2.3 From 99406adaaee52706201c4277051f4226c1160583 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 23 Sep 2020 10:47:39 +0200 Subject: nixos/update-users-groups: write files truly atomic Having the .tmp suffix is broken w.r.t. to multiple writers, as they would overwrite existing files. using the atomic flag will make write_file to create a unique temporary file it gets renamed to its target. --- nixos/modules/config/update-users-groups.pl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index ddd7efd82f76..86107abae36c 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -16,8 +16,7 @@ my $gidMap = -e $gidMapFile ? decode_json(read_file($gidMapFile)) : {}; sub updateFile { my ($path, $contents, $perms) = @_; - write_file("$path.tmp", { binmode => ':utf8', perms => $perms // 0644 }, $contents); - rename("$path.tmp", $path) or die; + write_file($path, { atomic => 1, binmode => ':utf8', perms => $perms // 0644 }, $contents) or die; } -- cgit v1.2.3 From 0e4d0d95d03d581d4d94ec6a04f58293baaaa167 Mon Sep 17 00:00:00 2001 From: Edmund Wu Date: Sun, 25 Oct 2020 21:18:26 -0400 Subject: treewide: generate pulseaudio pulseDir --- nixos/modules/config/pulseaudio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index 408d0a9c33f2..3939d6aa2d8a 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -259,7 +259,7 @@ in { (drv: drv.override { pulseaudio = overriddenPackage; }) cfg.extraModules; modulePaths = builtins.map - (drv: "${drv}/lib/pulse-${overriddenPackage.version}/modules") + (drv: "${drv}/${overriddenPackage.pulseDir}/modules") # User-provided extra modules take precedence (overriddenModules ++ [ overriddenPackage ]); in lib.concatStringsSep ":" modulePaths; -- cgit v1.2.3 From fc6948cd478ee0506608f8513ba64c7a5e23bfe3 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Tue, 17 Nov 2020 14:02:37 +0000 Subject: nixos/malloc: fix Scudo Fixes segmentation faults. https://github.com/NixOS/nixpkgs/issues/100799 --- nixos/modules/config/malloc.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/malloc.nix b/nixos/modules/config/malloc.nix index 31a659ee83fe..a3eb55d8a42e 100644 --- a/nixos/modules/config/malloc.nix +++ b/nixos/modules/config/malloc.nix @@ -23,7 +23,7 @@ let }; scudo = { - libPath = "${pkgs.llvmPackages.compiler-rt}/lib/linux/libclang_rt.scudo-x86_64.so"; + libPath = "${pkgs.llvmPackages_latest.compiler-rt}/lib/linux/libclang_rt.scudo-x86_64.so"; description = '' A user-mode allocator based on LLVM Sanitizer’s CombinedAllocator, which aims at providing additional mitigations against heap based -- cgit v1.2.3 From bc49a0815ae860010b4d593b02f00ab6f07d50ea Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 24 Nov 2020 10:29:28 -0500 Subject: utillinux: rename to util-linux --- nixos/modules/config/swap.nix | 2 +- nixos/modules/config/system-path.nix | 2 +- nixos/modules/config/zram.nix | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/swap.nix b/nixos/modules/config/swap.nix index adb4e2294213..4bb66e9b5144 100644 --- a/nixos/modules/config/swap.nix +++ b/nixos/modules/config/swap.nix @@ -187,7 +187,7 @@ in before = [ "${realDevice'}.swap" ]; # If swap is encrypted, depending on rngd resolves a possible entropy starvation during boot after = mkIf (config.security.rngd.enable && sw.randomEncryption.enable) [ "rngd.service" ]; - path = [ pkgs.utillinux ] ++ optional sw.randomEncryption.enable pkgs.cryptsetup; + path = [ pkgs.util-linux ] ++ optional sw.randomEncryption.enable pkgs.cryptsetup; script = '' diff --git a/nixos/modules/config/system-path.nix b/nixos/modules/config/system-path.nix index c65fa1a684f8..27d1cef849bc 100644 --- a/nixos/modules/config/system-path.nix +++ b/nixos/modules/config/system-path.nix @@ -37,7 +37,7 @@ let pkgs.procps pkgs.su pkgs.time - pkgs.utillinux + pkgs.util-linux pkgs.which pkgs.zstd ]; diff --git a/nixos/modules/config/zram.nix b/nixos/modules/config/zram.nix index 5e9870bf6b1c..341101bc184c 100644 --- a/nixos/modules/config/zram.nix +++ b/nixos/modules/config/zram.nix @@ -149,8 +149,8 @@ in print int($2*${toString cfg.memoryPercent}/100.0/${toString devicesCount}*1024) }' /proc/meminfo) - ${pkgs.utillinux}/sbin/zramctl --size $mem --algorithm ${cfg.algorithm} /dev/${dev} - ${pkgs.utillinux}/sbin/mkswap /dev/${dev} + ${pkgs.util-linux}/sbin/zramctl --size $mem --algorithm ${cfg.algorithm} /dev/${dev} + ${pkgs.util-linux}/sbin/mkswap /dev/${dev} ''; restartIfChanged = false; }; -- cgit v1.2.3 From ad62155cb65a9aa0153dbde5be8698b715003473 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 5 Nov 2020 02:29:46 +0000 Subject: nixos/zram: add zramSwap.memoryMax option This allows capping the total amount of memory that will be used for zram-swap, in addition to the percentage-based calculation, which is useful when blanket-applying a configuration to many machines. This is based off the strategy used by Fedora for their rollout of zram-swap-by-default in Fedora 33 (https://fedoraproject.org/wiki/Changes/SwapOnZRAM), which caps the maximum amount of memory used for zram at 4GiB. In future it might be good to port this to the systemd zram-generator, instead of using this separate infrastructure. --- nixos/modules/config/zram.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'nixos/modules/config') diff --git a/nixos/modules/config/zram.nix b/nixos/modules/config/zram.nix index 341101bc184c..1f513b7e4dae 100644 --- a/nixos/modules/config/zram.nix +++ b/nixos/modules/config/zram.nix @@ -80,6 +80,15 @@ in ''; }; + memoryMax = mkOption { + default = null; + type = with types; nullOr int; + description = '' + Maximum total amount of memory (in bytes) that can be used by the zram + swap devices. + ''; + }; + priority = mkOption { default = 5; type = types.int; @@ -146,7 +155,12 @@ in # Calculate memory to use for zram mem=$(${pkgs.gawk}/bin/awk '/MemTotal: / { - print int($2*${toString cfg.memoryPercent}/100.0/${toString devicesCount}*1024) + value=int($2*${toString cfg.memoryPercent}/100.0/${toString devicesCount}*1024); + ${lib.optionalString (cfg.memoryMax != null) '' + memory_max=int(${toString cfg.memoryMax}/${toString devicesCount}); + if (value > memory_max) { value = memory_max } + ''} + print value }' /proc/meminfo) ${pkgs.util-linux}/sbin/zramctl --size $mem --algorithm ${cfg.algorithm} /dev/${dev} -- cgit v1.2.3