[Nix-dev] Re: [Nix-commits] SVN commit: nix - 20576 - ludo - in nixos/trunk/modules: . config
Nicolas Pierron
nicolas.b.pierron at gmail.com
Thu Mar 11 18:36:19 CET 2010
On Thu, Mar 11, 2010 at 18:02, Ludovic Courts <ludo at gnu.org> wrote:
> Added: nixos/trunk/modules/config/gnu.nix
> ===================================================================
> --- nixos/trunk/modules/config/gnu.nix (rev 0)
> +++ nixos/trunk/modules/config/gnu.nix 2010-03-11 17:02:57 UTC (rev 20576)
> + config = mkIf config.gnu {
> +
> + environment.systemPackages = with pkgs;
> + # TODO: Adjust `requiredPackages' from `system-path.nix'.
> + # TODO: Add Inetutils once it has the new `ifconfig'.
> + [ grub2 parted fdisk
> + nano zile
> + texinfo # for the stand-alone Info reader
> + ];
> +
> + # GNU GRUB.
> + boot.loader.grub.enable = true;
> + boot.loader.grub.version = 2;
> +
> + # GNU lsh.
> + services.openssh.enable = false;
> + services.lshd.enable = true;
> + services.xserver.startOpenSSHAgent = false;
> + services.xserver.startGnuPGAgent = true;
> +
> + # TODO: GNU dico.
> + # TODO: GNU Inetutils' inetd.
> + # TODO: GNU Pies.
> + };
> +}
Unfortunately this won't work. As I've explained at the Fosdem,
services.xserver.startOpenSSHAgent = false;
does not forbid the user to use it, but
services.xserver.startGnuPGAgent = true;
does.
So you don't want to enable the Gnu versions.
You want to take precedence over user configuration, in which case I
recommend you to use mkOverride, but you don't want to force user to
use all tools. So you cannot write '' whatever = true; ''. You can
only disable non-GNU tools like:
services.xserver.startOpenSSHAgent = mkOverride 0 {} false;
In which case nothing can enable it excepts another "mkOverride 0" (or less).
What you are seeking is something which is similar to the rename
except that it force the other enable flags to be bound to false.
Unfortunately this may be more complicated but it will ensure that you
won't get any non-GNU programs even if you want it.
--
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
More information about the nix-dev
mailing list