diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2019-09-07 09:53:09 +0200 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2019-09-07 09:53:09 +0200 |
commit | 7e9e5cab45e460ae10d3574d48ef0c6c75507a61 (patch) | |
tree | 1a004acd669bc54acf67a359085c7108b10ff6b5 /nixos | |
parent | bcac8869719b7d94517b9d91be69aa8fa1237202 (diff) | |
parent | 416f057bc3404515b020b012f894b99e553b320e (diff) |
Merge master into staging-next
Diffstat (limited to 'nixos')
7 files changed, 39 insertions, 44 deletions
diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix index 2536ba73a1dea..559899b0a3b15 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix @@ -13,9 +13,6 @@ with lib; enable = true; enableQt4Support = false; }; - - # Enable touchpad support for many laptops. - synaptics.enable = true; }; environment.systemPackages = with pkgs; [ diff --git a/nixos/modules/services/desktops/gnome3/chrome-gnome-shell.nix b/nixos/modules/services/desktops/gnome3/chrome-gnome-shell.nix index 2740a22c7ca0d..3d2b3ed85e3a3 100644 --- a/nixos/modules/services/desktops/gnome3/chrome-gnome-shell.nix +++ b/nixos/modules/services/desktops/gnome3/chrome-gnome-shell.nix @@ -23,5 +23,7 @@ with lib; environment.systemPackages = [ pkgs.chrome-gnome-shell ]; services.dbus.packages = [ pkgs.chrome-gnome-shell ]; + + nixpkgs.config.firefox.enableGnomeExtensions = true; }; } diff --git a/nixos/modules/services/networking/iwd.nix b/nixos/modules/services/networking/iwd.nix index 18ed20e288863..839fa48d9a423 100644 --- a/nixos/modules/services/networking/iwd.nix +++ b/nixos/modules/services/networking/iwd.nix @@ -26,6 +26,7 @@ in { systemd.tmpfiles.rules = [ "d /var/lib/iwd 0700 root root -" + "d /var/lib/ead 0700 root root -" ]; }; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 09095294fb5f8..a21d22261ba30 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -227,6 +227,7 @@ in (mkIf serviceCfg.core-shell.enable { services.colord.enable = mkDefault true; + services.gnome3.chrome-gnome-shell.enable = mkDefault true; services.gnome3.glib-networking.enable = true; services.gnome3.gnome-remote-desktop.enable = mkDefault true; services.gnome3.gnome-settings-daemon.enable = true; diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index 862f6431b812d..b10755df4dc26 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -211,6 +211,7 @@ in services.udisks2.enable = true; services.upower.enable = config.powerManagement.enable; services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true)); + services.xserver.libinput.enable = mkDefault true; # Extra UDEV rules used by Solid services.udev.packages = [ diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix index 956c95e48220d..c26a5b6153535 100644 --- a/nixos/modules/services/x11/display-managers/lightdm.nix +++ b/nixos/modules/services/x11/display-managers/lightdm.nix @@ -232,36 +232,41 @@ in # Enable the accounts daemon to find lightdm's dbus interface environment.systemPackages = [ lightdm ]; - security.pam.services.lightdm = { - allowNullPassword = true; - startSession = true; - }; - security.pam.services.lightdm-greeter = { - allowNullPassword = true; - startSession = true; - text = '' - auth required pam_env.so envfile=${config.system.build.pamEnvironment} - auth required pam_permit.so + security.pam.services.lightdm.text = '' + auth substack login + account include login + password substack login + session include login + ''; - account required pam_permit.so + security.pam.services.lightdm-greeter.text = '' + auth required pam_succeed_if.so audit quiet_success user = lightdm + auth optional pam_permit.so - password required pam_deny.so + account required pam_succeed_if.so audit quiet_success user = lightdm + account sufficient pam_unix.so + + password required pam_deny.so + + session required pam_succeed_if.so audit quiet_success user = lightdm + session required pam_env.so envfile=${config.system.build.pamEnvironment} + session optional ${pkgs.systemd}/lib/security/pam_systemd.so + session optional pam_keyinit.so force revoke + session optional pam_permit.so + ''; - session required pam_env.so envfile=${config.system.build.pamEnvironment} - session required pam_unix.so - session optional ${pkgs.systemd}/lib/security/pam_systemd.so - ''; - }; security.pam.services.lightdm-autologin.text = '' - auth requisite pam_nologin.so - auth required pam_succeed_if.so uid >= 1000 quiet - auth required pam_permit.so + auth requisite pam_nologin.so + + auth required pam_succeed_if.so uid >= 1000 quiet + auth required pam_permit.so - account include lightdm + account sufficient pam_unix.so - password include lightdm + password requisite pam_unix.so nullok sha512 - session include lightdm + session optional pam_keyinit.so revoke + session include login ''; users.users.lightdm = { diff --git a/nixos/tests/virtualbox.nix b/nixos/tests/virtualbox.nix index 844ce47d743fd..32637d2c1efe2 100644 --- a/nixos/tests/virtualbox.nix +++ b/nixos/tests/virtualbox.nix @@ -10,17 +10,10 @@ # to run 32-bit guests. useKvmNestedVirt ? false, # Whether to run 64-bit guests instead of 32-bit. Requires nested KVM. - use64bitGuest ? false, - # Whether to enable the virtual UART in VirtualBox guests, allowing to see - # the guest console. There is currently a bug in VirtualBox where this will - # cause a crash if running with SW virtualization - # (https://www.virtualbox.org/ticket/18632). If you need to debug the tests - # then enable this and nested KVM to work around the crash (see above). - enableVBoxUART ? false + use64bitGuest ? false }: assert use64bitGuest -> useKvmNestedVirt; -assert enableVBoxUART -> useKvmNestedVirt; # VirtualBox bug, see above with import ../lib/testing.nix { inherit system pkgs; }; with pkgs.lib; @@ -65,9 +58,6 @@ let "init=${pkgs.writeScript "mini-init.sh" miniInit}" ]; - # XXX: Remove this once TSS location detection has been fixed in VirtualBox - boot.kernelPackages = pkgs.linuxPackages_4_9; - fileSystems."/" = { device = "vboxshare"; fsType = "vboxsf"; @@ -162,11 +152,9 @@ let "--register" ]; - vmFlags = mkFlags ( - (optionals enableVBoxUART [ - "--uart1 0x3F8 4" - "--uartmode1 client /run/virtualbox-log-${name}.sock" - ]) ++ [ + vmFlags = mkFlags ([ + "--uart1 0x3F8 4" + "--uartmode1 client /run/virtualbox-log-${name}.sock" "--memory 768" "--audio none" ] ++ (attrs.vmFlags or [])); @@ -199,7 +187,7 @@ let ]; in { machine = { - systemd.sockets."vboxtestlog-${name}" = mkIf enableVBoxUART { + systemd.sockets."vboxtestlog-${name}" = { description = "VirtualBox Test Machine Log Socket For ${name}"; wantedBy = [ "sockets.target" ]; before = [ "multi-user.target" ]; @@ -207,7 +195,7 @@ let socketConfig.Accept = true; }; - systemd.services."vboxtestlog-${name}@" = mkIf enableVBoxUART { + systemd.services."vboxtestlog-${name}@" = { description = "VirtualBox Test Machine Log For ${name}"; serviceConfig.StandardInput = "socket"; serviceConfig.StandardOutput = "syslog"; |