From 7058b0ad124279cce4ff28e627c59afac87f0dec Mon Sep 17 00:00:00 2001 From: Arian van Putten Date: Wed, 25 Sep 2019 18:27:19 +0200 Subject: [PATCH] nixos/systemd: Make machinectl work with NixOS Images generated with nixos-install will be supported by machinectl problem is that systemd-nspawn's private usersns feature clashes with DynamicUser and RuntimeDirectory features, which causes NixOS images to not boot. There is an upstream issue for this https://github.com/systemd/systemd/issues/13622 --- nixos/modules/system/boot/systemd-nspawn.nix | 22 ++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/nixos/modules/system/boot/systemd-nspawn.nix b/nixos/modules/system/boot/systemd-nspawn.nix index db6e06b41072..3ddd45b13482 100644 --- a/nixos/modules/system/boot/systemd-nspawn.nix +++ b/nixos/modules/system/boot/systemd-nspawn.nix @@ -113,11 +113,21 @@ in { config = let units = mapAttrs' (n: v: let nspawnFile = "${n}.nspawn"; in nameValuePair nspawnFile (instanceToUnit nspawnFile v)) cfg; - in mkIf (cfg != {}) { - - environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] []; - - systemd.targets.multi-user.wants = [ "machines.target" ]; - }; + in + mkMerge [ + (mkIf (cfg != {}) { + environment.etc."systemd/nspawn".source = mkIf (cfg != {}) (generateUnits "nspawn" units [] []); + }) + { + systemd.targets.multi-user.wants = [ "machines.target" ]; + # Workaround for https://github.com/NixOS/nixpkgs/pull/67232#issuecomment-531315437 and https://github.com/systemd/systemd/issues/13622 + # Once systemd fixes this upstream, we can re-enable -U + systemd.services."systemd-nspawn@".serviceConfig.ExecStart = [ + "" # deliberately empty. signals systemd to override the ExecStart + # Only difference between upstream is that we do not pass the -U flag + "${pkgs.systemd}/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth --settings=override --machine=%i" + ]; + } + ]; }