summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorajs124 <git@ajs124.de>2022-08-11 02:35:29 +0200
committerajs124 <git@ajs124.de>2022-08-11 02:47:34 +0200
commitf7637100655127dffbe14011b45be6a71f0e203d (patch)
tree0023c0449ee55a9642de4ee9002b96c5407a3705 /nixos
parentc84078f7dde0f0d7aa25daebd6d238e0b9ce11f1 (diff)
nixos/udisks2: don't enable by default
This was enabled by default in 18a7ce76fcf80389bc8db2dd3e961a74637b5162
with the reason that it would be "useful regardless of the desktop
environment.", which I'm not arguing against.

The reason why this should not be enabled by default is that there are a
lot of systems that NixOS runs on that are not desktop systems.
Users on such systems most likely do not want or need this feature and
could even consider this an antifeature.
Furthermore, it is surprising to them to find out that they have this
enabled on their systems.
They might be even more surprised to find that they have polkit enabled
by default, which was a default that was flipped in
a813be071ceed15b9238373bd751ee99e2470357. For some discussion as to why
see https://github.com/NixOS/nixpkgs/pull/156858.

Evidently, this default is not only surprising to users, but also module
developers, as most if not all modules for desktop environments already
explicity set services.udisks2.enable = true; which they don't need to
right now.
Diffstat (limited to 'nixos')
-rw-r--r--nixos/doc/manual/from_md/release-notes/rl-2211.section.xml12
-rw-r--r--nixos/doc/manual/release-notes/rl-2211.section.md3
-rw-r--r--nixos/modules/services/hardware/udisks2.nix9
-rw-r--r--nixos/modules/virtualisation/container-config.nix1
4 files changed, 16 insertions, 9 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index 5d09d3a93aae8..aaa85138dfa16 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -394,6 +394,18 @@
       </listitem>
       <listitem>
         <para>
+          The udisks2 service, available at
+          <literal>services.udisks2.enable</literal>, is now disabled by
+          default. It will automatically be enabled through services and
+          desktop environments as needed. This also means that polkit
+          will now actually be disabled by default. The default for
+          <literal>security.polkit.enable</literal> was already flipped
+          in the previous release, but udisks2 being enabled by default
+          re-enabled it.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
           Add udev rules for the Teensy family of microcontrollers.
         </para>
       </listitem>
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md
index f37d7d827bd9a..e1253d46190f1 100644
--- a/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -145,6 +145,9 @@ Use `configure.packages` instead.
 
 - memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
 
+- The udisks2 service, available at `services.udisks2.enable`, is now disabled by default. It will automatically be enabled through services and desktop environments as needed.
+  This also means that polkit will now actually be disabled by default. The default for `security.polkit.enable` was already flipped in the previous release, but udisks2 being enabled by default re-enabled it.
+
 - Add udev rules for the Teensy family of microcontrollers.
 
 - The `pass-secret-service` package now includes systemd units from upstream, so adding it to the NixOS `services.dbus.packages` option will make it start automatically as a systemd user service when an application tries to talk to the libsecret D-Bus API.
diff --git a/nixos/modules/services/hardware/udisks2.nix b/nixos/modules/services/hardware/udisks2.nix
index f9b5afceac326..988e975d7e66c 100644
--- a/nixos/modules/services/hardware/udisks2.nix
+++ b/nixos/modules/services/hardware/udisks2.nix
@@ -19,14 +19,7 @@ in
 
     services.udisks2 = {
 
-      enable = mkOption {
-        type = types.bool;
-        default = true;
-        description = lib.mdDoc ''
-          Whether to enable Udisks, a DBus service that allows
-          applications to query and manipulate storage devices.
-        '';
-      };
+      enable = mkEnableOption "udisks2, a DBus service that allows applications to query and manipulate storage devices.";
 
       settings = mkOption rec {
         type = types.attrsOf settingsFormat.type;
diff --git a/nixos/modules/virtualisation/container-config.nix b/nixos/modules/virtualisation/container-config.nix
index 0966ef84827ff..94f28ea80d094 100644
--- a/nixos/modules/virtualisation/container-config.nix
+++ b/nixos/modules/virtualisation/container-config.nix
@@ -8,7 +8,6 @@ with lib;
 
     # Disable some features that are not useful in a container.
     nix.optimise.automatic = mkDefault false; # the store is host managed
-    services.udisks2.enable = mkDefault false;
     powerManagement.enable = mkDefault false;
     documentation.nixos.enable = mkDefault false;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-23 20:09:23 +0000