switch-to-configuration-ng: fix with nix-upgrade

[Mic92]

Description of changes

See https://hydra.nixos.org/build/271655940/nixlog/29 for the failure

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[Mic92]

This was working previously, so I assume the perl implementation didn't had this issue.

[Mic92]

cc @jmbaur

[jmbaur]

Why is this needed here and not in the perl one?

[Mic92]

I don't know. It wasn't needed when we introduced the test. Was the perl version taking transient mount units into account?

[arianvp]

I think stc shouldn't touch any transient units. Same reason why transient units have IgnoreOnIsolate=yes. Otherwise you'll kill things like people's graphical applications in GNOME and kill their docker containers

[Mic92]

Probably get_active_units should skip those units entirely?

[Mic92]

The dbus interface doesn't seem to return IgnoreOnIsolate directly for the dbus call used, but it may be accessible through some other command.

[arianvp]

There should be a Transient=yes property exposed in dbus. Maybe we can use that?

[Mic92]

Same as IgnoreOnIsolate, it's GetUnit() in https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.systemd1.html
so additional dbus call is needed.
It's just not clear to me how to do this with the generated dbus interface:
https://gist.github.com/Mic92/37f1789f9bfc91fa7376845442fa6d80

[Mic92]

I don't feel familiar enough with this library. Closing this pull request instead. Probably a release blocker if it indeed can break automounts and docker container.

[ElvishJerricco]

Otherwise you'll kill things like people's graphical applications in GNOME

@arianvp Won't those be user units, and thus unaffected?

[roberth]

This is a NixOS / systemd thing that doesn't require review from the Nix team.

It seems pretty harmless. I suppose the kernel is clever enough to "close" the file system when the only mount is read-only or something? Or maybe we're just relying on the kernel to finish up nicely during its final procedure before shutting down the all the remaining hardware. I'm not an expert on this, but as far as Nix is concerned, sounds good to me.
EDIT: not sure why I'm talking about shutdown, which is largely irrelevant. Leaving /nix/store untouched during switching sounds ok.

[Mic92]

The nix-team only got requested here, because I had a nix-related patch in the pull request before.

[Mic92]

Opened an issue instead: #343975