commit d64f4d03d5575abe54718e3cbfda5d8518818d04 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #101886 from flokli/systemd-more-optional

systemd: introduce more options for a more minimal build

authored by Florian Klink and committed by GitHub 5 years ago d64f4d03 5219a3ad

+178 -75

2 changed files

expand all

unified split

pkgs

os-specific

linux

systemd

default.nix

top-level

all-packages.nix

+158 -68

pkgs/os-specific/linux/systemd/default.nix

··· 1 - { stdenv, lib, fetchFromGitHub 1 + { stdenv 2 + , lib 3 + , fetchFromGitHub 2 4 , buildPackages 3 - , ninja, meson, m4, pkgconfig, coreutils, gperf, getent 4 - , patchelf, perl, glibcLocales, glib, substituteAll 5 - , gettext, python3Packages 5 + , ninja 6 + , meson 7 + , m4 8 + , pkgconfig 9 + , coreutils 10 + , gperf 11 + , getent 12 + , patchelf 13 + , glibcLocales 14 + , glib 15 + , substituteAll 16 + , gettext 17 + , python3Packages 6 18 7 - # Mandatory dependencies 19 + # Mandatory dependencies 8 20 , libcap 9 21 , utillinux 10 22 , kbd 11 23 , kmod 12 24 13 - # Optional dependencies 14 - , pam, cryptsetup, lvm2, audit, acl 15 - , lz4, libgcrypt, libgpgerror, libidn2 16 - , curl, gnutar, gnupg, zlib 17 - , xz, libuuid, libffi 18 - , libapparmor, intltool 19 - , bzip2, pcre2, e2fsprogs 25 + # Optional dependencies 26 + , pam 27 + , cryptsetup 28 + , lvm2 29 + , audit 30 + , acl 31 + , lz4 32 + , libgcrypt 33 + , libgpgerror 34 + , libidn2 35 + , curl 36 + , gnutar 37 + , gnupg 38 + , zlib 39 + , xz 40 + , libuuid 41 + , libapparmor 42 + , intltool 43 + , bzip2 44 + , pcre2 45 + , e2fsprogs 20 46 , linuxHeaders ? stdenv.cc.libc.linuxHeaders 21 47 , gnu-efi 22 48 , iptables 23 - , withSelinux ? false, libselinux 24 - , withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp 25 - , withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools 49 + , withSelinux ? false 50 + , libselinux 51 + , withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms 52 + , libseccomp 53 + , withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms 54 + , kexectools 26 55 , bashInteractive 27 56 28 - , withResolved ? true 29 - , withLogind ? true 57 + , withAnalyze ? true 58 + , withApparmor ? true 59 + , withCoredump ? true 60 + , withCompression ? true # adds bzip2, lz4 and xz 61 + , withCryptsetup ? true 62 + , withDocumentation ? true 63 + , withEfi ? stdenv.hostPlatform.isEfi 30 64 , withHostnamed ? true 65 + , withHwdb ? true 66 + , withImportd ? true 31 67 , withLocaled ? true 68 + , withLogind ? true 69 + , withMachined ? true 32 70 , withNetworkd ? true 71 + , withNss ? true 72 + , withPCRE2 ? true 73 + , withPolkit ? true 74 + , withRemote ? false # has always been disabled on NixOS, upstream version appears broken anyway 75 + , withResolved ? true 76 + , withShellCompletions ? true 33 77 , withTimedated ? true 34 78 , withTimesyncd ? true 35 - , withHwdb ? true 36 - , withEfi ? stdenv.hostPlatform.isEfi 37 - , withImportd ? true 38 - , withCryptsetup ? true 79 + , withUserDb ? true 39 80 40 - # name argument 81 + # name argument 41 82 , pname ? "systemd" 42 83 43 84 44 - , libxslt, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 85 + , libxslt 86 + , docbook_xsl 87 + , docbook_xml_dtd_42 88 + , docbook_xml_dtd_45 45 89 }: 46 90 47 91 assert withResolved -> (libgcrypt != null && libgpgerror != null); 48 92 assert withImportd -> 49 - ( curl.dev != null && zlib != null && xz != null && libgcrypt != null 50 - && gnutar != null && gnupg != null); 93 + (curl.dev != null && zlib != null && xz != null && libgcrypt != null 94 + && gnutar != null && gnupg != null && withCompression ); 95 + 96 + assert withEfi -> (gnu-efi != null); 97 + assert withRemote -> lib.getDev curl != null; 98 + assert withCoredump -> withCompression; 51 99 52 100 assert withCryptsetup -> 53 - ( cryptsetup != null ); 54 - 101 + (cryptsetup != null); 55 102 let 103 + wantCurl = withRemote || withImportd; 104 + 56 105 version = "246.6"; 57 - in stdenv.mkDerivation { 106 + in 107 + stdenv.mkDerivation { 58 108 inherit version pname; 59 109 60 110 # We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly ··· 105 155 outputs = [ "out" "man" "dev" ]; 106 156 107 157 nativeBuildInputs = 108 - [ pkgconfig gperf 109 - ninja meson 158 + [ 159 + pkgconfig 160 + gperf 161 + ninja 162 + meson 110 163 coreutils # meson calls date, stat etc. 111 164 glibcLocales 112 - patchelf getent m4 113 - perl # to patch the libsystemd.so and remove dependencies on aarch64 165 + patchelf 166 + getent 167 + m4 114 168 115 169 intltool 116 170 gettext 117 171 118 - libxslt docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 119 - (buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ])) 172 + libxslt 173 + docbook_xsl 174 + docbook_xml_dtd_42 175 + docbook_xml_dtd_45 176 + (buildPackages.python3Packages.python.withPackages (ps: with ps; [ python3Packages.lxml ])) 120 177 ]; 178 + 121 179 buildInputs = 122 - [ linuxHeaders libcap curl.dev kmod xz pam acl 123 - cryptsetup libuuid glib libgcrypt libgpgerror libidn2 124 - pcre2 ] ++ 125 - stdenv.lib.optional withKexectools kexectools ++ 126 - stdenv.lib.optional withLibseccomp libseccomp ++ 127 - [ libffi audit lz4 bzip2 libapparmor iptables ] ++ 128 - stdenv.lib.optional withEfi gnu-efi ++ 129 - stdenv.lib.optional withSelinux libselinux ++ 130 - stdenv.lib.optional withCryptsetup cryptsetup.dev; 180 + [ 181 + acl 182 + audit 183 + glib 184 + kmod 185 + libcap 186 + libgcrypt 187 + libidn2 188 + libuuid 189 + linuxHeaders 190 + pam 191 + ] 192 + 193 + ++ lib.optional withApparmor libapparmor 194 + ++ lib.optional wantCurl (lib.getDev curl) 195 + ++ lib.optionals withCompression [ bzip2 lz4 xz ] 196 + ++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev) 197 + ++ lib.optional withEfi gnu-efi 198 + ++ lib.optional withKexectools kexectools 199 + ++ lib.optional withLibseccomp libseccomp 200 + ++ lib.optional withNetworkd iptables 201 + ++ lib.optional withPCRE2 pcre2 202 + ++ lib.optional withResolved libgpgerror 203 + ++ lib.optional withSelinux libselinux 204 + ; 131 205 132 206 #dontAddPrefix = true; 133 207 ··· 143 217 "-Dsetfont-path=${kbd}/bin/setfont" 144 218 "-Dtty-gid=3" # tty in NixOS has gid 3 145 219 "-Ddebug-shell=${bashInteractive}/bin/bash" 146 - "-Dglib=${stdenv.lib.boolToString (glib != null)}" 220 + "-Dglib=${lib.boolToString (glib != null)}" 147 221 # while we do not run tests we should also not build them. Removes about 600 targets 148 222 "-Dtests=false" 149 - "-Dimportd=${stdenv.lib.boolToString withImportd}" 150 - "-Dlz4=true" 223 + "-Danalyze=${lib.boolToString withAnalyze}" 224 + "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" 225 + "-Dimportd=${lib.boolToString withImportd}" 226 + "-Dlz4=${lib.boolToString withCompression}" 151 227 "-Dhomed=false" 152 - "-Dlogind=${stdenv.lib.boolToString withLogind}" 153 - "-Dlocaled=${stdenv.lib.boolToString withLocaled}" 154 - "-Dhostnamed=${stdenv.lib.boolToString withHostnamed}" 155 - "-Dnetworkd=${stdenv.lib.boolToString withNetworkd}" 156 - "-Dcryptsetup=${stdenv.lib.boolToString withCryptsetup}" 228 + "-Dlogind=${lib.boolToString withLogind}" 229 + "-Dlocaled=${lib.boolToString withLocaled}" 230 + "-Dhostnamed=${lib.boolToString withHostnamed}" 231 + "-Dmachined=${lib.boolToString withMachined}" 232 + "-Dnetworkd=${lib.boolToString withNetworkd}" 233 + "-Dpolkit=${lib.boolToString withPolkit}" 234 + "-Dcryptsetup=${lib.boolToString withCryptsetup}" 157 235 "-Dportabled=false" 158 - "-Dhwdb=${stdenv.lib.boolToString withHwdb}" 159 - "-Dremote=false" 236 + "-Dhwdb=${lib.boolToString withHwdb}" 237 + "-Dremote=${lib.boolToString withRemote}" 160 238 "-Dsysusers=false" 161 - "-Dtimedated=${stdenv.lib.boolToString withTimedated}" 162 - "-Dtimesyncd=${stdenv.lib.boolToString withTimesyncd}" 239 + "-Dtimedated=${lib.boolToString withTimedated}" 240 + "-Dtimesyncd=${lib.boolToString withTimesyncd}" 241 + "-Duserdb=${lib.boolToString withUserDb}" 242 + "-Dcoredump=${lib.boolToString withCoredump}" 163 243 "-Dfirstboot=false" 164 - "-Dlocaled=true" 165 - "-Dresolve=${stdenv.lib.boolToString withResolved}" 244 + "-Dresolve=${lib.boolToString withResolved}" 166 245 "-Dsplit-usr=false" 167 - "-Dlibcurl=true" 246 + "-Dlibcurl=${lib.boolToString wantCurl}" 168 247 "-Dlibidn=false" 169 248 "-Dlibidn2=true" 170 249 "-Dquotacheck=false" ··· 201 280 # more frequent development builds 202 281 "-Dman=true" 203 282 204 - "-Dgnu-efi=${stdenv.lib.boolToString (withEfi && gnu-efi != null)}" 205 - ] ++ stdenv.lib.optionals (withEfi && gnu-efi != null) [ 283 + "-Defi=${lib.boolToString withEfi}" 284 + "-Dgnu-efi=${lib.boolToString withEfi}" 285 + ] ++ lib.optionals withEfi [ 206 286 "-Defi-libdir=${toString gnu-efi}/lib" 207 287 "-Defi-includedir=${toString gnu-efi}/include/efi" 208 288 "-Defi-ldsdir=${toString gnu-efi}/lib" 289 + ] ++ lib.optionals (withShellCompletions == false) [ 290 + "-Dbashcompletiondir=no" 291 + "-Dzshcompletiondir=no" 292 + ] ++ lib.optionals (!withNss) [ 293 + "-Dnss-myhostname=false" 294 + "-Dnss-mymachines=false" 295 + "-Dnss-resolve=false" 296 + "-Dnss-systemd=false" 209 297 ]; 210 298 211 299 preConfigure = '' ··· 217 305 src/core/mount.c \ 218 306 src/core/swap.c \ 219 307 src/cryptsetup/cryptsetup-generator.c \ 220 - src/fsck/fsck.c \ 221 308 src/journal/cat.c \ 222 309 src/nspawn/nspawn.c \ 223 310 src/remount-fs/remount-fs.c \ ··· 234 321 --replace /sbin/mkswap ${lib.getBin utillinux}/sbin/mkswap \ 235 322 --replace /sbin/swapon ${lib.getBin utillinux}/sbin/swapon \ 236 323 --replace /sbin/swapoff ${lib.getBin utillinux}/sbin/swapoff \ 237 - --replace /sbin/mke2fs ${lib.getBin e2fsprogs}/sbin/mke2fs \ 238 - --replace /sbin/fsck ${lib.getBin utillinux}/sbin/fsck \ 239 324 --replace /bin/echo ${coreutils}/bin/echo \ 240 325 --replace /bin/cat ${coreutils}/bin/cat \ 241 326 --replace /sbin/sulogin ${lib.getBin utillinux}/sbin/sulogin \ ··· 272 357 NIX_CFLAGS_COMPILE = toString [ 273 358 # Can't say ${polkit.bin}/bin/pkttyagent here because that would 274 359 # lead to a cyclic dependency. 275 - "-UPOLKIT_AGENT_BINARY_PATH" "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\"" 360 + "-UPOLKIT_AGENT_BINARY_PATH" 361 + "-DPOLKIT_AGENT_BINARY_PATH=\"/run/current-system/sw/bin/pkttyagent\"" 276 362 277 363 # Set the release_agent on /sys/fs/cgroup/systemd to the 278 364 # currently running systemd (/run/current-system/systemd) so 279 365 # that we don't use an obsolete/garbage-collected release agent. 280 - "-USYSTEMD_CGROUP_AGENT_PATH" "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" 366 + "-USYSTEMD_CGROUP_AGENT_PATH" 367 + "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" 281 368 282 - "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" 369 + "-USYSTEMD_BINARY_PATH" 370 + "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" 283 371 ]; 284 372 285 373 doCheck = false; # fails a bunch of tests ··· 311 399 312 400 # "kernel-install" shouldn't be used on NixOS. 313 401 find $out -name "*kernel-install*" -exec rm {} \; 314 - ''; # */ 402 + '' + lib.optionalString (!withDocumentation) '' 403 + rm -rf $out/share/doc 404 + ''; 315 405 316 406 enableParallelBuilding = true; 317 407 ··· 323 413 # runtime; otherwise we can't and we need to reboot. 324 414 passthru.interfaceVersion = 2; 325 415 326 - meta = with stdenv.lib; { 416 + meta = with lib; { 327 417 homepage = "https://www.freedesktop.org/wiki/Software/systemd/"; 328 418 description = "A system and service manager for Linux"; 329 419 license = licenses.lgpl21Plus;

+20 -7

pkgs/top-level/all-packages.nix

··· 18795 18795 }; 18796 18796 systemdMinimal = systemd.override { 18797 18797 pname = "systemd-minimal"; 18798 - withResolved = false; 18799 - withLogind = false; 18798 + withAnalyze = false; 18799 + withApparmor = false; 18800 + withCompression = false; 18801 + withCoredump = false; 18802 + withCryptsetup = false; 18803 + withDocumentation = false; 18804 + withEfi = false; 18800 18805 withHostnamed = false; 18806 + withHwdb = false; 18807 + withImportd = false; 18801 18808 withLocaled = false; 18809 + withLogind = false; 18810 + withMachined = false; 18811 + withNetworkd = false; 18812 + withNss = false; 18813 + withPCRE2 = false; 18814 + withPolkit = false; 18815 + withResolved = false; 18816 + withShellCompletions = false; 18802 18817 withTimedated = false; 18803 - withHwdb = false; 18804 - withEfi = false; 18805 - withImportd = false; 18806 - withCryptsetup = false; 18807 - cryptsetup = null; 18818 + withTimesyncd = false; 18819 + withUserDb = false; 18808 18820 glib = null; 18821 + libgcrypt = null; 18809 18822 lvm2 = null; 18810 18823 }; 18811 18824