- nix.conf: max-jobs=2 http-connections=10 to limit RAM during nix
package downloads in the live session (was causing OOM with 4GB)
- sha256sum tee: add || true so pipefail doesn't mark BUILD FAILED
when sha256sum writes to the Docker-relative path after the ISO
is already successfully created outside the container
When the DHCP-provided nameserver fails (QEMU 10.0.2.3, slow/broken DNS),
first-login.sh would spin forever waiting for network. Add a live-setup.sh
step that replaces 10.0.2.3 with 8.8.8.8/1.1.1.1 so first-login always
has working DNS immediately on login.
getent blocks indefinitely when the nameserver is unreachable (QEMU 10.0.2.3,
or any network where DNS responds slowly). Replace with curl --connect-timeout 3
which has a hard 3s per-attempt timeout and is independent of the NSS stack.
- dconf 00-cinnamon: add org.cinnamon+gnome.desktop.default-applications.terminal
exec='alacritty' exec-arg='-e' so Nemo right-click → Open in Terminal works
- dconf locks/keyboard: lock input-sources/sources and terminal exec keys so
csd-keyboard doesn't reset them to defaults on first session start
- build-live-iso.sh: add code-open wrapper script (/usr/local/bin/code-open)
that finds 'code' in the live user's nix profile; add open-in-vscode
Nemo action to /usr/share/nemo/actions/
- config/install.conf: add nixpkgs#vscode to NIX_USER_PACKAGES
- packages.live-desktop.list: add setxkbmap (needed by csd-keyboard to
apply XKB keyboard layout)
- first-login.sh: remove nix-env --switch-profile (caused .nix-profile->
.nix-profile circular symlink, breaking all nix profile commands and
causing ELOOP on any exec via nix PATH including xz/tar/node)
- first-login.sh: add circular symlink guard before nix profile add
- first-login.sh: nix profile install -> nix profile add (deprecated alias)
- live-setup.sh: strip mdns from nsswitch.conf hosts line at boot (no
libnss_mdns/Avahi in live; caused first-login DNS hang)
- docs/LIVE_ISO.md: document all three issues and their fixes
