Loading nixos/doc/manual/configuration/profiles.chapter.md +1 −0 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ profiles/graphical.section.md profiles/hardened.section.md profiles/headless.section.md profiles/installation-device.section.md profiles/perlless.section.md profiles/minimal.section.md profiles/qemu-guest.section.md ``` nixos/doc/manual/configuration/profiles/perlless.section.md 0 → 100644 +11 −0 Original line number Diff line number Diff line # Perlless {#sec-perlless} ::: {.warning} If you enable this profile, you will NOT be able to switch to a new configuration and thus you will not be able to rebuild your system with nixos-rebuild! ::: Render your system completely perlless (i.e. without the perl interpreter). This includes a mechanism so that your build fails if it contains a Nix store path that references the string "perl". nixos/doc/manual/configuration/user-mgmt.chapter.md +15 −0 Original line number Diff line number Diff line Loading @@ -89,3 +89,18 @@ A user can be deleted using `userdel`: The flag `-r` deletes the user's home directory. Accounts can be modified using `usermod`. Unix groups can be managed using `groupadd`, `groupmod` and `groupdel`. ## Create users and groups with `systemd-sysusers` {#sec-systemd-sysusers} ::: {.note} This is experimental. ::: Instead of using a custom perl script to create users and groups, you can use systemd-sysusers: ```nix systemd.sysusers.enable = true; ``` The primary benefit of this is to remove a dependency on perl. nixos/doc/manual/development/etc-overlay.section.md 0 → 100644 +36 −0 Original line number Diff line number Diff line # `/etc` via overlay filesystem {#sec-etc-overlay} ::: {.note} This is experimental and requires a kernel version >= 6.6 because it uses new overlay features and relies on the new mount API. ::: Instead of using a custom perl script to activate `/etc`, you activate it via an overlay filesystem: ```nix system.etc.overlay.enable = true; ``` Using an overlay has two benefits: 1. it removes a dependency on perl 2. it makes activation faster (up to a few seconds) By default, the `/etc` overlay is mounted writable (i.e. there is a writable upper layer). However, you can also mount `/etc` immutably (i.e. read-only) by setting: ```nix system.etc.overlay.mutable = false; ``` The overlay is atomically replaced during system switch. However, files that have been modified will NOT be overwritten. This is the biggest change compared to the perl-based system. If you manually make changes to `/etc` on your system and then switch to a new configuration where `system.etc.overlay.mutable = false;`, you will not be able to see the previously made changes in `/etc` anymore. However the changes are not completely gone, they are still in the upperdir of the previous overlay in `/.rw-etc/upper`. nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md +1 −0 Original line number Diff line number Diff line Loading @@ -56,4 +56,5 @@ explained in the next sections. unit-handling.section.md activation-script.section.md non-switchable-systems.section.md etc-overlay.section.md ``` Loading
nixos/doc/manual/configuration/profiles.chapter.md +1 −0 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ profiles/graphical.section.md profiles/hardened.section.md profiles/headless.section.md profiles/installation-device.section.md profiles/perlless.section.md profiles/minimal.section.md profiles/qemu-guest.section.md ```
nixos/doc/manual/configuration/profiles/perlless.section.md 0 → 100644 +11 −0 Original line number Diff line number Diff line # Perlless {#sec-perlless} ::: {.warning} If you enable this profile, you will NOT be able to switch to a new configuration and thus you will not be able to rebuild your system with nixos-rebuild! ::: Render your system completely perlless (i.e. without the perl interpreter). This includes a mechanism so that your build fails if it contains a Nix store path that references the string "perl".
nixos/doc/manual/configuration/user-mgmt.chapter.md +15 −0 Original line number Diff line number Diff line Loading @@ -89,3 +89,18 @@ A user can be deleted using `userdel`: The flag `-r` deletes the user's home directory. Accounts can be modified using `usermod`. Unix groups can be managed using `groupadd`, `groupmod` and `groupdel`. ## Create users and groups with `systemd-sysusers` {#sec-systemd-sysusers} ::: {.note} This is experimental. ::: Instead of using a custom perl script to create users and groups, you can use systemd-sysusers: ```nix systemd.sysusers.enable = true; ``` The primary benefit of this is to remove a dependency on perl.
nixos/doc/manual/development/etc-overlay.section.md 0 → 100644 +36 −0 Original line number Diff line number Diff line # `/etc` via overlay filesystem {#sec-etc-overlay} ::: {.note} This is experimental and requires a kernel version >= 6.6 because it uses new overlay features and relies on the new mount API. ::: Instead of using a custom perl script to activate `/etc`, you activate it via an overlay filesystem: ```nix system.etc.overlay.enable = true; ``` Using an overlay has two benefits: 1. it removes a dependency on perl 2. it makes activation faster (up to a few seconds) By default, the `/etc` overlay is mounted writable (i.e. there is a writable upper layer). However, you can also mount `/etc` immutably (i.e. read-only) by setting: ```nix system.etc.overlay.mutable = false; ``` The overlay is atomically replaced during system switch. However, files that have been modified will NOT be overwritten. This is the biggest change compared to the perl-based system. If you manually make changes to `/etc` on your system and then switch to a new configuration where `system.etc.overlay.mutable = false;`, you will not be able to see the previously made changes in `/etc` anymore. However the changes are not completely gone, they are still in the upperdir of the previous overlay in `/.rw-etc/upper`.
nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md +1 −0 Original line number Diff line number Diff line Loading @@ -56,4 +56,5 @@ explained in the next sections. unit-handling.section.md activation-script.section.md non-switchable-systems.section.md etc-overlay.section.md ```
