diff --git a/modules/services/activate-system/default.nix b/modules/services/activate-system/default.nix index 6a982fe83..127514a6c 100644 --- a/modules/services/activate-system/default.nix +++ b/modules/services/activate-system/default.nix @@ -10,7 +10,14 @@ script = '' set -e set -o pipefail + export PATH="${pkgs.gnugrep}/bin:${pkgs.coreutils}/bin:@out@/sw/bin:/usr/bin:/bin:/usr/sbin:/sbin" + export USER=root + export LOGNAME=root + export HOME=~root + export SHELL=$BASH + export LANG=C + export LC_CTYPE=UTF-8 systemConfig=$(cat ${config.system.profile}/systemConfig) @@ -28,7 +35,6 @@ ${config.system.activationScripts.keyboard.text} ''; serviceConfig.RunAtLoad = true; - serviceConfig.KeepAlive.SuccessfulExit = false; }; }; } diff --git a/modules/system/activation-scripts.nix b/modules/system/activation-scripts.nix index 5f8916cc7..0143d2baf 100644 --- a/modules/system/activation-scripts.nix +++ b/modules/system/activation-scripts.nix @@ -37,19 +37,33 @@ in config = { system.activationScripts.script.text = '' - #! ${stdenv.shell} + #!/usr/bin/env -i ${stdenv.shell} + # shellcheck shell=bash + # shellcheck disable=SC2096 + set -e set -o pipefail + export PATH="${pkgs.gnugrep}/bin:${pkgs.coreutils}/bin:@out@/sw/bin:/usr/bin:/bin:/usr/sbin:/sbin" + export USER=root + export LOGNAME=root + export HOME=~root + export SHELL=$BASH + export LANG=C + export LC_CTYPE=UTF-8 systemConfig=@out@ - _status=0 - trap "_status=1" ERR - # Ensure a consistent umask. umask 0022 + cd / + + if [[ $(id -u) -ne 0 ]]; then + printf >&2 '\e[1;31merror: `activate` must be run as root\e[0m\n' + exit 2 + fi + ${cfg.activationScripts.preActivation.text} # We run `etcChecks` again just in case someone runs `activate` @@ -82,8 +96,6 @@ in # Prevent the current configuration from being garbage-collected. ln -sfn /run/current-system /nix/var/nix/gcroots/current-system - - exit $_status ''; # FIXME: activationScripts.checks should be system level