On 11/13/25 10:22, Alyssa Ross wrote: > Demi Marie Obenour writes: > >> Due to a systemd bug [1], building systemd-sysupdate does not require >> that systemd-pull is built as well. However, systemd-sysupdate has a >> run-time dependency on systemd-pull. Therefore, override the systemd >> derivation so that systemd-pull is built. Confusingly, this requires >> enabling systemd-importd. >> >> If systemd-pull or systemd-sysupdate is not built, the resulting image >> will be broken and users will not be able to recover without either a >> reinstall or reverting to the previous version. Therefore, add a check >> to ensure that both are in fact built. Use 'cat' rather than just >> 'stat' to catch broken symlinks and the like. >> >> Signed-off-by: Demi Marie Obenour >> --- >> host/rootfs/default.nix | 23 +++++++++++++++++++++-- >> 1 file changed, 21 insertions(+), 2 deletions(-) >> >> diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix >> index aea2e46bb5998176eb6d9b8aef802ae270fdd28c..c2045ad96cca37a1bf1a7b82aa35a583cc5aee93 100644 >> --- a/host/rootfs/default.nix >> +++ b/host/rootfs/default.nix >> @@ -43,7 +43,8 @@ let >> }) >> >> # Take kmod from pkgsGui since we use pkgsGui.kmod.lib below anyway. >> - ] ++ (with pkgsGui; [ cosmic-files crosvm foot fuse3 kmod systemd ]); >> + ] ++ (with pkgsGui; [ cosmic-files crosvm foot fuse3 kmod ]); >> + >> >> nixosAllHardware = nixos ({ modulesPath, ... }: { >> imports = [ (modulesPath + "/profiles/all-hardware.nix") ]; >> @@ -64,7 +65,15 @@ let >> # https://inbox.vuxu.org/musl/20251017-dlopen-use-rpath-of-caller-dso-v1-1-46c69eda1473@iscas.ac.cn/ >> usrPackages = [ >> appvm kernel.modules firmware netvm >> - ] ++ (with pkgsGui; [ dejavu_fonts kmod.lib mesa westonLite ]); >> + ] ++ (with pkgsGui; [ >> + dejavu_fonts kmod.lib mesa westonLite >> + # Work around NixOS/nixpkgs#459020: without "withImportd = true" >> + # systemd-pull doesn't get built, so systemd-sysupdate doesn't work. >> + (systemd.override { >> + withImportd = true; >> + withSysupdate = true; >> + }) >> + ]); > > Let's fix this upstream instead: > > https://github.com/NixOS/nixpkgs/pull/461277 Is it okay if I keep this until that PR is merged and Spectrum uses a nixpkgs that has it? I'd prefer to not send patches that I can't test, and without that PR the override is still needed. Even after the PR is merged, the override is harmless. I'll add a link to the PR in a comment. >> >> appvms = { >> appvm-firefox = callSpectrumPackage ../../vm/app/firefox.nix {}; >> @@ -85,6 +94,16 @@ let >> lndir -ignorelinks -silent "$pkg" "$out/usr" >> done >> >> + # If systemd-pull is missing systemd-sysupdate will fail with a >> + # very confusing error message. If systemd-sysupdate doesn't work, >> + # users will not be able to receive an update that fixes the problem. >> + for i in sysupdate pull; do >> + if ! cat -- "$out/usr/lib/systemd/systemd-$i" > /dev/null; then >> + echo "link to systemd-$i didn't get installed" >&2 >> + exit 1 >> + fi >> + done >> + >> # Weston doesn't support SVG icons. >> inkscape -w 20 -h 20 \ >> -o $out/usr/share/icons/hicolor/20x20/apps/com.system76.CosmicFiles.png \ >> > > Looks like this will be fixed upstream (as a build error) in the next > systemd release. Indeed so. -- Sincerely, Demi Marie Obenour (she/her/hers)