From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id D49B619A35; Mon, 08 Sep 2025 08:59:31 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 87E2B199D3; Mon, 08 Sep 2025 08:59:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fhigh-b7-smtp.messagingengine.com (fhigh-b7-smtp.messagingengine.com [202.12.124.158]) by atuin.qyliss.net (Postfix) with ESMTPS id 0E991199D2 for ; Mon, 08 Sep 2025 08:59:28 +0000 (UTC) Received: from phl-compute-10.internal (phl-compute-10.internal [10.202.2.50]) by mailfhigh.stl.internal (Postfix) with ESMTP id CF34E7A0116; Mon, 8 Sep 2025 04:59:26 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-10.internal (MEProxy); Mon, 08 Sep 2025 04:59:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1757321966; x=1757408366; bh=wBN1BlRNGQ tpI5DpyJbpgPamXrmsPCpbiUfDZx+wjNg=; b=Lp/9INJUmf7dv4zctPSoP9rNGa NNJDtTGP0xLaEBkdWa8FWWhBnfwUTa/uNQahwwNZUgyypywBDE3u/dKQEAh6MgGJ ZrcRo5lWDQc9LxwIYFfBgU+Xk60Gb2OxGAZStejvDUjMV/tHu10bMAiNFoaG47hc Ht/WTcY1QW5bJcaWB++DNs2ecTdea9tWWs9bcXrE9qeyZB7arCd8HpmIkWn0ieHP hHS7y0g7fEq6q1AQYFPGRAtg43vFiUIzH3BsLHtZ1Ec8YfSUTBDQ2r9oIWdbT82N KxtdKg0gscQx3Va2N53FZk8d7H/1psbsa/env+UU8GU5iAuxF4xJ7qlyMMOA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1757321966; x=1757408366; bh=wBN1BlRNGQtpI5DpyJbpgPamXrmsPCpbiUf DZx+wjNg=; b=SaSgnxRaEcTh4ozfURH8CikqqMHcTbIpur5qGs2UMe2VtucyPQE K21JgZPK1fRJXJfblhy6XqJzdhNs2JigDGqIRG10chOxQaLsgcVwAROQXDwdZzwc r0ArTxoWWVa5/4irZEfW4pNyI8oIbpaZdmaPXcI5NMyr+Twy01p0vKclfn5C+s+y ZR0ETry0jTiEJ3KMPvmkfSJeuj8JDxtUpPcAiX9XfDTTQ9+LrHrvUa9h7/4XNK6I lDg95gu8Om2dpYb1iAdLR4DJ/ShS/lEmYwm17NvfUdEU4a+ba48M/2HL6sEdkXcx hUVnfBsnCZ4D9Xh2BixmkSwMqPsLnE38whw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddujeduvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefhvfevufgjfhffkfggtgesghdtreertddttdenucfhrhhomheptehlhihsshgrucft ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepleeglefhge fhueeukeehuefhvdetveekudffvdeiiedvueffkedvteejhfehheejnecuffhomhgrihhn pehlihhnuhigqdhkvghrnhgvlhdrthgrrhhgvghtnecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhspdhnsggprhgt phhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopeguvghmihhosggvnh houhhrsehgmhgrihhlrdgtohhmpdhrtghpthhtohepuggvvhgvlhesshhpvggtthhruhhm qdhoshdrohhrgh X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 8 Sep 2025 04:59:26 -0400 (EDT) Received: by mbp.qyliss.net (Postfix, from userid 1000) id 89A341674CC6; Mon, 08 Sep 2025 10:59:24 +0200 (CEST) From: Alyssa Ross To: Demi Marie Obenour Subject: Re: [PATCH 08/20] Standardize directories and symlinks in images In-Reply-To: <20250904-systemd-v1-8-2a63b790a913@gmail.com> References: <20250904-systemd-v1-0-2a63b790a913@gmail.com> <20250904-systemd-v1-8-2a63b790a913@gmail.com> Date: Mon, 08 Sep 2025 10:59:24 +0200 Message-ID: <87plc1jp5f.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: LNQRN532OXGQENKPQQGUIBUOKPBZYFRK X-Message-ID-Hash: LNQRN532OXGQENKPQQGUIBUOKPBZYFRK X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Spectrum OS Development X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Demi Marie Obenour writes: > There are a few directories and symbolic links that a Linux system > should always have. Even if Spectrum OS itself does not use them, > third-party dependencies and/or applications might rely on them. > Create these in scripts/make-erofs.sh rather than separately in > each VM's build scripts. The creation of /run/lock assumes that > s6-linux-init is being used, but that assumption is easy to fix later. > This also enforces that the symlinks and directories were *not* created > in other places. The app VM build violated this rule, so fix it. > > Signed-off-by: Demi Marie Obenour This really seems like it's making things substantially more complicated, especially with the need to remove links so they can later be recreated again by make-erofs.sh. If we really want to make sure we don't forget certain directories, we could do that in a much simpler way by just checking for existence once we've assembled the directory that will become the image. > --- > host/rootfs/Makefile | 15 ++------ > host/rootfs/bin | 1 - > host/rootfs/lib | 1 - > host/rootfs/sbin | 1 - > img/app/Makefile | 8 ++-- > img/app/bin | 1 - > img/app/default.nix | 101 +++++++++++++++++++++++++++++--------------= ------ > img/app/sbin | 1 - > scripts/make-erofs.sh | 34 +++++++++++++++++ > vm/sys/net/Makefile | 8 +--- > vm/sys/net/bin | 1 - > vm/sys/net/default.nix | 2 + > vm/sys/net/lib | 1 - > vm/sys/net/sbin | 1 - > vm/sys/net/var/run | 1 - > 15 files changed, 106 insertions(+), 71 deletions(-) > > diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile > index dce78e60bc1a8c18f5f448aaa9aeed2c8a7da04e..6cdbac201257faedb70344bcf= d5cf9d4fd25b507 100644 > --- a/host/rootfs/Makefile > +++ b/host/rootfs/Makefile > @@ -54,7 +54,6 @@ FILES =3D \ > etc/s6-linux-init/scripts/rc.init \ > etc/xdg/weston/autolaunch \ > etc/xdg/weston/weston.ini \ > - usr/share/dbus-1/services/org.freedesktop.portal.Documents.service \ > usr/bin/assign-devices \ > usr/bin/create-vm-dependencies \ > usr/bin/run-appimage \ > @@ -63,10 +62,10 @@ FILES =3D \ > usr/bin/vm-import \ > usr/bin/vm-start \ > usr/bin/vm-stop \ > - usr/bin/xdg-open > + usr/bin/xdg-open \ > + usr/share/dbus-1/services/org.freedesktop.portal.Documents.service Would nice for this sort of trivial fix to be a separate patch that could be immediately applied. >=20=20 > DIRS =3D \ > - dev \ > etc/s6-linux-init/env \ > etc/s6-linux-init/run-image/configs \ > etc/s6-linux-init/run-image/service/dbus/instance \ > @@ -90,14 +89,11 @@ DIRS =3D \ > etc/s6-linux-init/run-image/service/xdg-desktop-portal-spectrum-host/in= stances \ > etc/s6-linux-init/run-image/service/xdg-desktop-portal-spectrum-host/te= mplate/data \ > etc/s6-linux-init/run-image/service/xdg-desktop-portal-spectrum-host/te= mplate/env \ > - etc/s6-linux-init/run-image/user \ > etc/s6-linux-init/run-image/vm/by-id \ > etc/s6-linux-init/run-image/vm/by-name \ > etc/s6-linux-init/run-image/wait \ > ext \ > - run \ > - proc \ > - sys \ > + root \ I'm not sure what we'd want /root for? Root's home directory is /. > var >=20=20 > FIFOS =3D etc/s6-linux-init/run-image/service/s6-svscan-log/fifo > @@ -105,11 +101,8 @@ FIFOS =3D etc/s6-linux-init/run-image/service/s6-svs= can-log/fifo > # These are separate because they need to be included, but putting > # them as make dependencies would confuse make. > LINKS =3D \ > - bin \ > etc/s6-linux-init/run-image/opengl-driver \ > - etc/s6-linux-init/run-image/service/vmm/template/run \ > - lib \ > - sbin > + etc/s6-linux-init/run-image/service/vmm/template/run >=20=20 > BUILD_FILES =3D build/etc/s6-rc >=20=20 > diff --git a/host/rootfs/bin b/host/rootfs/bin > deleted file mode 120000 > index 1e881eda3a544eaa86b6019cbe7067ffc58bfafc..0000000000000000000000000= 000000000000000 > --- a/host/rootfs/bin > +++ /dev/null > @@ -1 +0,0 @@ > -usr/bin > \ No newline at end of file > diff --git a/host/rootfs/lib b/host/rootfs/lib > deleted file mode 120000 > index 0d5487ba8608d4d1a7328cf8a4e0242d1988c491..0000000000000000000000000= 000000000000000 > --- a/host/rootfs/lib > +++ /dev/null > @@ -1 +0,0 @@ > -usr/lib > \ No newline at end of file > diff --git a/host/rootfs/sbin b/host/rootfs/sbin > deleted file mode 120000 > index 1e881eda3a544eaa86b6019cbe7067ffc58bfafc..0000000000000000000000000= 000000000000000 > --- a/host/rootfs/sbin > +++ /dev/null > @@ -1 +0,0 @@ > -usr/bin > \ No newline at end of file > diff --git a/img/app/Makefile b/img/app/Makefile > index c6b9a23ce8796582d6e2f5121c30c2269975aa2d..062082e35ba352a8f0520b283= 79690f5a2ba2ed3 100644 > --- a/img/app/Makefile > +++ b/img/app/Makefile > @@ -57,15 +57,15 @@ VM_FILES =3D \ > etc/wireplumber/wireplumber.conf.d/99_spectrum.conf \ > etc/xdg/xdg-desktop-portal/portals.conf >=20=20 > -VM_DIRS =3D dev run proc sys tmp var \ > +VM_DIRS =3D \ > etc/s6-linux-init/run-image/service \ > - etc/s6-linux-init/run-image/user \ > - etc/s6-linux-init/run-image/wait > + etc/s6-linux-init/run-image/wait \ > + var > VM_FIFOS =3D etc/s6-linux-init/run-image/service/s6-linux-init-shutdownd= /fifo >=20=20 > # These are separate because they need to be included, but putting > # them as make dependencies would confuse make. > -VM_LINKS =3D bin etc/ssl/certs/ca-certificates.crt sbin > +VM_LINKS =3D etc/ssl/certs/ca-certificates.crt >=20=20 > VM_BUILD_FILES =3D build/etc/s6-rc >=20=20 > diff --git a/img/app/bin b/img/app/bin > deleted file mode 120000 > index 1e881eda3a544eaa86b6019cbe7067ffc58bfafc..0000000000000000000000000= 000000000000000 > --- a/img/app/bin > +++ /dev/null > @@ -1 +0,0 @@ > -usr/bin > \ No newline at end of file > diff --git a/img/app/default.nix b/img/app/default.nix > index d3eed1f0accdc8968d1ba5bdec74ab597789082f..4daee260afd41de14de06a006= b00c2c6db0f5e2a 100644 > --- a/img/app/default.nix > +++ b/img/app/default.nix > @@ -12,6 +12,42 @@ pkgsStatic.callPackage ( > }: >=20=20 > let > + kernelTarget =3D > + if stdenvNoCC.hostPlatform.isx86 then > + # vmlinux.bin is the stripped version of vmlinux. > + # Confusingly, compressed/vmlinux.bin is the stripped version of > + # the top-level vmlinux target, while the top-level vmlinux.bin > + # is the stripped version of compressed/vmlinux. So we use > + # compressed/vmlinux.bin, since we want a stripped version of > + # the kernel that *hasn't* been built to be compressed. Weird! > + "compressed/vmlinux.bin" > + else > + stdenvNoCC.hostPlatform.linux-kernel.target; > + > + kernel =3D (linux_latest.override { > + structuredExtraConfig =3D with lib.kernel; { > + DRM_FBDEV_EMULATION =3D lib.mkForce no; > + EROFS_FS =3D yes; > + FONTS =3D lib.mkForce unset; > + FONT_8x8 =3D lib.mkForce unset; > + FONT_TER16x32 =3D lib.mkForce unset; > + FRAMEBUFFER_CONSOLE =3D lib.mkForce unset; > + FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER =3D lib.mkForce unset; > + FRAMEBUFFER_CONSOLE_DETECT_PRIMARY =3D lib.mkForce unset; > + FRAMEBUFFER_CONSOLE_ROTATION =3D lib.mkForce unset; > + RC_CORE =3D lib.mkForce unset; > + VIRTIO =3D yes; > + VIRTIO_BLK =3D yes; > + VIRTIO_CONSOLE =3D yes; > + VIRTIO_PCI =3D yes; > + VT =3D no; > + }; > + }).overrideAttrs ({ installFlags ? [], ... }: { > + installFlags =3D installFlags ++ [ > + "KBUILD_IMAGE=3D$(boot)/${kernelTarget}" > + ]; > + }); > + > appimageFhsenv =3D (buildFHSEnv (appimageTools.defaultFhsEnvArgs // { > name =3D "vm-fhs-env"; > targetPkgs =3D pkgs: appimageTools.defaultFhsEnvArgs.targetPkgs pkgs= ++ [ > @@ -53,50 +89,33 @@ let > pkgs.wireplumber > ]; > })).fhsenv; > -in >=20=20 > -let Another cleanup that would be really nice to have separately, so I don't have to try to review two things at once. > packagesSysroot =3D runCommand "packages-sysroot" {} '' > - mkdir -p $out/etc/ssl/certs > - ln -s ${appimageFhsenv}/{lib64,usr} ${kernel}/lib $out > - ln -s ${cacert}/etc/ssl/certs/* $out/etc/ssl/certs > + set -eu > + mkdir -p -- "$out/etc/ssl/certs" "$out/usr/bin" > + # ../../scripts/make-erofs.sh will re-create these > + rm -f -- "$out/usr/lib64" "$out/usr/lib" > + source_dir=3D${lib.escapeShellArg appimageFhsenv}/usr > + for i in "$source_dir"/*; do > + subdir=3D''${i##*/} > + case $subdir in > + (bin|include|lib|lib64|libexec|sbin|share) :;; > + (*) printf 'Bad subdirectory %s\n' "$subdir" >&2; exit 1;; > + esac > + done > + if ! [ -h "$source_dir/lib" ]; then echo "FHSenv didn't make lib a s= ymlink" >&2; exit 1; fi > + ln -s -- "$source_dir/include" "$source_dir/libexec" "$source_dir/sh= are" "$out/usr" > + cp -RT -- "$source_dir/lib64" "$out/usr/lib" > + # Do this first so that the subsequent call to cp (without -T) > + # will create new entries in the existing bin directory. > + cp -RT -- "$source_dir/sbin" "$out/usr/bin" > + # with -T cp tries to delete the whole target directory first > + cp -R -- "$source_dir/bin" "$out/usr" > + # so that ln can make the symlink > + chmod -- 0755 "$out/usr/lib" > + ln -s -- ${lib.escapeShellArg kernel}/lib/modules "$out/usr/lib/" > + ln -s -- ${lib.escapeShellArg cacert}/etc/ssl/certs/* "$out/etc/ssl/= certs" > ''; > - > - kernelTarget =3D > - if stdenvNoCC.hostPlatform.isx86 then > - # vmlinux.bin is the stripped version of vmlinux. > - # Confusingly, compressed/vmlinux.bin is the stripped version of > - # the top-level vmlinux target, while the top-level vmlinux.bin > - # is the stripped version of compressed/vmlinux. So we use > - # compressed/vmlinux.bin, since we want a stripped version of > - # the kernel that *hasn't* been built to be compressed. Weird! > - "compressed/vmlinux.bin" > - else > - stdenvNoCC.hostPlatform.linux-kernel.target; > - > - kernel =3D (linux_latest.override { > - structuredExtraConfig =3D with lib.kernel; { > - DRM_FBDEV_EMULATION =3D lib.mkForce no; > - EROFS_FS =3D yes; > - FONTS =3D lib.mkForce unset; > - FONT_8x8 =3D lib.mkForce unset; > - FONT_TER16x32 =3D lib.mkForce unset; > - FRAMEBUFFER_CONSOLE =3D lib.mkForce unset; > - FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER =3D lib.mkForce unset; > - FRAMEBUFFER_CONSOLE_DETECT_PRIMARY =3D lib.mkForce unset; > - FRAMEBUFFER_CONSOLE_ROTATION =3D lib.mkForce unset; > - RC_CORE =3D lib.mkForce unset; > - VIRTIO =3D yes; > - VIRTIO_BLK =3D yes; > - VIRTIO_CONSOLE =3D yes; > - VIRTIO_PCI =3D yes; > - VT =3D no; > - }; > - }).overrideAttrs ({ installFlags ? [], ... }: { > - installFlags =3D installFlags ++ [ > - "KBUILD_IMAGE=3D$(boot)/${kernelTarget}" > - ]; > - }); > in >=20=20 > stdenvNoCC.mkDerivation { > diff --git a/img/app/sbin b/img/app/sbin > deleted file mode 120000 > index 1e881eda3a544eaa86b6019cbe7067ffc58bfafc..0000000000000000000000000= 000000000000000 > --- a/img/app/sbin > +++ /dev/null > @@ -1 +0,0 @@ > -usr/bin > \ No newline at end of file > diff --git a/scripts/make-erofs.sh b/scripts/make-erofs.sh > index d566a4ac7b30f55338fe9b8b6a94702686f6ddd1..5196394d405310971659b0dbc= 0c91cfcaaaf9118 100755 > --- a/scripts/make-erofs.sh > +++ b/scripts/make-erofs.sh > @@ -115,5 +115,39 @@ find "$root" \ > find "$root/etc" "$root/var" ! -type l -execdir chmod u+w,go-w,ugo+rX --= '{}' + > chmod 0755 "$root" >=20=20 > +# Fix permissions on / so that the subsequent commands work > +chmod 0755 "$root" > + > +# Create the basic mount points for pseudo-filesystems and tmpfs filesys= tems. > +# These should always be mounted over, so use 0400 permissions for them. > +# 0000 would be better, but it breaks mkfs.erofs as it tries to open the > +# directories for reading. > +mkdir -m 0400 "$root/dev" "$root/proc" "$root/run" "$root/sys" "$root/tm= p" > + > +# Cause s6-linux-init to create /run/lock and /run/user > +# with the correct mode (0755) and create /home, > +# /var/cache, /var/log, and /var/spool directly. > +mkdir -m 0755 \ > + "$root/etc/s6-linux-init/run-image/lock" \ > + "$root/etc/s6-linux-init/run-image/user" \ > + "$root/home" \ > + "$root/var/cache" \ > + "$root/var/log" \ > + "$root/var/spool" > + > +# Create symbolic links that are always expected to exist. > +chmod 0755 "$root/usr" > +ln -s ../proc/self/mounts "$root/etc/mtab" > +ln -s ../run "$root/var/run" > +ln -s ../run/lock "$root/var/lock" > +ln -s ../tmp "$root/var/tmp" > +ln -s bin "$root/usr/sbin" > +ln -s lib "$root/usr/lib64" This doesn't seem right as a generic thing. Nix-built binaries won't ever need this. It's only in img/app for AppImage etc. compatibility. Not relevant to other images. > +ln -s usr/bin "$root/bin" > +ln -s usr/bin "$root/sbin" > +ln -s usr/lib "$root/lib" > +ln -s usr/lib "$root/lib64" > +chmod 0555 "$root/usr" > + > # Make the erofs image. > mkfs.erofs -x-1 -b4096 --all-root "$@" "$root" > diff --git a/vm/sys/net/Makefile b/vm/sys/net/Makefile > index e6819400b2079e3eaa9d24737b2fc4b816a592c8..a8ad03862165a69f3f7dd3e49= f668cfa887d817f 100644 > --- a/vm/sys/net/Makefile > +++ b/vm/sys/net/Makefile > @@ -39,11 +39,7 @@ VM_FILES =3D \ > etc/s6-linux-init/run-image/service/getty-hvc0/run \ > etc/s6-linux-init/scripts/rc.init \ > etc/sysctl.conf > -VM_DIRS =3D dev etc/s6-linux-init/env run proc sys var/lib/connman > - > -# These are separate because they need to be included, but putting > -# them as make dependencies would confuse make. > -VM_LINKS =3D bin lib sbin var/run > +VM_DIRS =3D etc/s6-linux-init/env var/lib/connman >=20=20 > VM_BUILD_FILES =3D build/etc/s6-rc >=20=20 > @@ -53,7 +49,7 @@ build/empty: > build/rootfs.erofs: ../../../scripts/make-erofs.sh $(PACKAGES_FILE) $(VM= _FILES) $(VM_BUILD_FILES) build/empty > ( \ > cat $(PACKAGES_FILE) ;\ > - for file in $(VM_FILES) $(VM_LINKS); do printf '%s\n%s\n' $$file $$= file; done ;\ > + for file in $(VM_FILES); do printf '%s\n%s\n' $$file $$file; done ;\ > for file in $(VM_BUILD_FILES); do printf '%s\n%s\n' $$file $${file#= build/}; done ;\ > printf 'build/empty\n%s\n' $(VM_DIRS) ;\ > ) | ../../../scripts/make-erofs.sh $@ > diff --git a/vm/sys/net/bin b/vm/sys/net/bin > deleted file mode 120000 > index 1e881eda3a544eaa86b6019cbe7067ffc58bfafc..0000000000000000000000000= 000000000000000 > --- a/vm/sys/net/bin > +++ /dev/null > @@ -1 +0,0 @@ > -usr/bin > \ No newline at end of file > diff --git a/vm/sys/net/default.nix b/vm/sys/net/default.nix > index b5873ebe1e80dd88c1ba997f7ebd3ee7369bb40f..a2c635e8ff09ab2b0ae469434= 4f3810c1b9739a5 100644 > --- a/vm/sys/net/default.nix > +++ b/vm/sys/net/default.nix > @@ -51,6 +51,8 @@ let > for pkg in ${lib.escapeShellArgs usrPackages}; do > lndir -ignorelinks -silent "$pkg" "$out/usr" > done > + [ -h "$out/usr/sbin" ] > + rm -f -- "$out/usr/sbin" > ''; >=20=20 > nixosAllHardware =3D nixos ({ modulesPath, ... }: { --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaL6a7AAKCRBbRZGEIw/w oly5AP94OpMdjhPDfLW1dEKOeFlLl9T4AZDM7cs1PqK4hvVfXAD/acYT3XA5tau0 YwSxDiq5E15WeZwQ7vPYjcdsBGKlew8= =8jd6 -----END PGP SIGNATURE----- --=-=-=--