Loading nixos/modules/system/etc/etc-activation.nix +3 −1 Original line number Diff line number Diff line Loading @@ -52,7 +52,7 @@ where = "/run/nixos-etc-metadata"; what = "/etc-metadata-image"; type = "erofs"; options = "loop,ro"; options = "loop,ro,nodev,nosuid"; unitConfig = { # Since this unit depends on the nix store being mounted, it cannot # be a dependency of local-fs.target, because if it did, we'd have Loading Loading @@ -81,6 +81,8 @@ type = "overlay"; options = lib.concatStringsSep "," ( [ "nodev" "nosuid" "relatime" "redirect_dir=on" "metacopy=on" Loading nixos/modules/system/etc/etc.nix +7 −7 Original line number Diff line number Diff line Loading @@ -283,23 +283,23 @@ in ''} tmpMetadataMount=$(TMPDIR="/run" mktemp --directory -t nixos-etc-metadata.XXXXXXXXXX) mount --type erofs -o ro ${config.system.build.etcMetadataImage} $tmpMetadataMount mount --type erofs --options ro,nodev,nosuid ${config.system.build.etcMetadataImage} $tmpMetadataMount # There was no previous /etc mounted. This happens when we're called # directly without an initrd, like with nixos-enter. if ! mountpoint -q /etc; then mount --type overlay overlay \ --options lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ /etc mount --type overlay \ --options nodev,nosuid,lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ overlay /etc else # Mount the new /etc overlay to a temporary private mount. # This needs the indirection via a private bind mount because you # cannot move shared mounts. tmpEtcMount=$(TMPDIR="/run" mktemp --directory -t nixos-etc.XXXXXXXXXX) mount --bind --make-private $tmpEtcMount $tmpEtcMount mount --type overlay overlay \ --options lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ $tmpEtcMount mount --type overlay \ --options nodev,nosuid,lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ overlay $tmpEtcMount # Before moving the new /etc overlay under the old /etc, we have to # move mounts on top of /etc to the new /etc mountpoint. Loading Loading
nixos/modules/system/etc/etc-activation.nix +3 −1 Original line number Diff line number Diff line Loading @@ -52,7 +52,7 @@ where = "/run/nixos-etc-metadata"; what = "/etc-metadata-image"; type = "erofs"; options = "loop,ro"; options = "loop,ro,nodev,nosuid"; unitConfig = { # Since this unit depends on the nix store being mounted, it cannot # be a dependency of local-fs.target, because if it did, we'd have Loading Loading @@ -81,6 +81,8 @@ type = "overlay"; options = lib.concatStringsSep "," ( [ "nodev" "nosuid" "relatime" "redirect_dir=on" "metacopy=on" Loading
nixos/modules/system/etc/etc.nix +7 −7 Original line number Diff line number Diff line Loading @@ -283,23 +283,23 @@ in ''} tmpMetadataMount=$(TMPDIR="/run" mktemp --directory -t nixos-etc-metadata.XXXXXXXXXX) mount --type erofs -o ro ${config.system.build.etcMetadataImage} $tmpMetadataMount mount --type erofs --options ro,nodev,nosuid ${config.system.build.etcMetadataImage} $tmpMetadataMount # There was no previous /etc mounted. This happens when we're called # directly without an initrd, like with nixos-enter. if ! mountpoint -q /etc; then mount --type overlay overlay \ --options lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ /etc mount --type overlay \ --options nodev,nosuid,lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ overlay /etc else # Mount the new /etc overlay to a temporary private mount. # This needs the indirection via a private bind mount because you # cannot move shared mounts. tmpEtcMount=$(TMPDIR="/run" mktemp --directory -t nixos-etc.XXXXXXXXXX) mount --bind --make-private $tmpEtcMount $tmpEtcMount mount --type overlay overlay \ --options lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ $tmpEtcMount mount --type overlay \ --options nodev,nosuid,lowerdir=$tmpMetadataMount::${config.system.build.etcBasedir},${etcOverlayOptions} \ overlay $tmpEtcMount # Before moving the new /etc overlay under the old /etc, we have to # move mounts on top of /etc to the new /etc mountpoint. Loading
