Age | Commit message (Collapse) | Author |
|
Commit a7ac19851baab3fbcc40c4b2cf5b00a6ac9cd2f3 led configs such as the
following one, which were previously valid, to be rejected:
(operating-system
;; ...
(setuid-programs (cons #~(string-append #$wireshark "/bin/dumpcap")
%setuid-programs)))
They are now accepted again.
Reported by wonko on #guix.
* gnu/system.scm (%ensure-setuid-program-list): Handle the case where
PROGRAM is not a file-like.
|
|
Previously, evaluating an OS configuration with a childhurd (for
instance) would produce tens of lines like:
guix system: warning: representing setuid programs with '#<file-append #<package shadow@4.8.1 gnu/packages/admin.scm:798 7ff97f6f7640> "/bin/passwd">' is deprecated; use 'setuid-program' instead
Now, it prints this one line:
gnu/system/hurd.scm:105:2: warning: representing setuid programs with file-like objects is deprecated; use 'setuid-program' instead
This change also means that extensions of 'setuid-program-service-type'
now have to provide a list of <setuid-program>, so it's stricter in this
sense.
* gnu/services.scm (setuid-program-file-like-deprecated): Remove.
(setuid-program-service-type)[extend]: Remove
'setuid-program-file-like-deprecated' call. Assume CONFIG and
EXTENSIONS are already lists of <setuid-program> records.
* gnu/system.scm (<operating-system>)[setuid-programs]: Add 'sanitize'
property. Change accessor name from '%operating-system-setuid-programs'
to 'operating-system-setuid-programs'.
(operating-system-default-essential-services)
(hurd-default-essential-services): Adjust accordingly.
(ensure-setuid-program-list): New macro.
(%ensure-setuid-program-list): New procedure, based on
'setuid-program-file-like-deprecated'.
|
|
* gnu/services/dbus.scm (dbus-setuid-programs, polkit-setuid-programs):
Return setuid-programs.
* gnu/services/desktop.scm (enlightenment-setuid-programs): Return
setuid-programs.
(%desktop-services)[mount-setuid-helpers]: Use setuid-programs.
* gnu/services/docker.scm (singularity-setuid-programs): Return
setuid-programs.
* gnu/services/xorg.scm(screen-locker-setuid-programs): Return
setuid-programs.
* gnu/system.scm (%setuid-programs): Return setuid-programs.
* doc/guix.texi (Setuid Programs, operating-system Reference): Replace
'list of G-expressions' with 'list of <setuid-program>'.
|
|
New record <setuid-program> with fields for setting the specific user
and group, as well as specifically selecting the setuid and setgid bits,
for a program within the setuid-program-service.
* gnu/services.scm (setuid-program-file-like-deprecated): New function.
(setuid-program-service-type): Make use of
setuid-program->activation-gexp. Adjust the extend property to handle
<setuid-program>.
* gnu/build/activation.scm (activate-setuid-programs): Update to expect a
<setuid-record> list for each program entry.
* gnu/system.scm: (operating-system-setuid-programs): Renamed to
%operating-system-setuid-programs and replace it with new procedure.
(operating-system-default-essential-services,
hurd-default-essential-services): Replace
operating-system-setuid-programs with
%operating-system-setuid-programs.
* gnu/system/setuid.scm: New file.
* doc/guix.texi (Setuid Programs): Document <setuid-program>.
Co-authored-by: Brice Waegeneire <brice@waegenei.re>
|
|
Since the update to the 2.6.2 release, the closure size of zile has
increased. Switch to mg which is lighter.
* gnu/system.scm (%base-packages-interactive): Replace zile by mg.
* doc/guix.texi (Proceeding with the Installation,
Using the Configuration System): Adapt those sections.
|
|
|
|
* gnu/system.scm (operating-system-directory-base-entries): Remove code
to handle generation of "kernel" for linux-libre kernels.
(operating-system-default-essential-services): Instantiate
linux-builder-service-type.
(package-for-kernel): Move ...
* gnu/services.scm: ... to here.
(linux-builder-service-type): New variable.
(linux-builder-configuration): New type.
(linux-loadable-module-service-type): New variable.
* gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test): Move
code to ...
(run-loadable-kernel-modules-test-base): ... new procedure here.
(run-loadable-kernel-modules-service-test): New procedure.
(%test-loadable-kernel-modules-service-0): New variable.
(%test-loadable-kernel-modules-service-1): New variable.
(%test-loadable-kernel-modules-service-2): New variable.
* doc/guix.texi: Document linux-loadable-module-service-type.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
|
|
Fixes <https://issues.guix.gnu.org/43530>.
Wget is typically included with most GNU/Linux distributions. It adds about
~3 MiB to the system size.
* gnu/system.scm (%base-packages-networking): Add the wget package.
|
|
* gnu/services/shepherd.scm (<shepherd-configuration>): New record.
(shepherd-boot-gexp, shepherd-root-service-type): Use it.
(scm->go, shepherd-configuration-file): Allow passing custom
shepherd package.
* gnu/system.scm (operating-system-shepherd-service-names): Use the new
record.
* guix/scripts/system.scm (export-shepherd-graph): Adjust accordingly.
* doc/guix.texi (Shepherd Services). Document it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system.scm (operating-system-etc-service): Fix typo.
|
|
* gnu/bootloader/grub.scm (grub-configuration-file): New parameter
store-crypto-devices.
[crypto-devices]: New helper function.
[builder]: Use crypto-devices.
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* gnu/tests/install.scm (%encrypted-root-not-boot-os,
%encrypted-root-not-boot-os): New os declaration.
(%encrypted-root-not-boot-installation-script): New script, whose contents
were initially taken from %encrypted-root-installation-script.
(%test-encrypted-root-not-boot-os): New test.
* gnu/system.scm (define-module): Export
operating-system-bootoader-crypto-devices and
boot-parameters-store-crypto-devices.
(<boot-parameters>): Add field store-crypto-devices.
(read-boot-parameters): Parse store-crypto-devices field.
[uuid-sexp->uuid]: New helper function extracted from
device-sexp->device.
(operating-system-bootloader-crypto-devices): New function.
(operating-system-bootcfg): Use
operating-system-bootloader-crypto-devices to provide its contents to
the bootloader configuration generation process.
(operating-system-boot-parameters): Add store-crypto-devices to the
generated boot-parameters.
(operating-system-boot-parameters-file): Likewise to the file with
the serialized structure.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* tests/boot-parameters.scm (%default-store-crypto-devices): New
variable.
(%grub-boot-parameters, test-read-boot-parameters): Use
%default-store-crypto-devices.
(tests store-crypto-devices): New tests.
|
|
* gnu/system/mapped-devices.scm (<mapped-device>): Rename constructor to
%mapped-device.
[target]: Remove field.
[targets]: New field. Adjust users.
(mapped-device-compatibility-helper, mapped-device): New macros.
(mapped-device-target): New deprecated procedure.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system.scm (<boot-parameters>)<Comment>: Substitute path with file name.
|
|
Fixes <http://issues.guix.gnu.org/44196>
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-directory-prefix.
* gnu/system.scm (define-module): Export
boot-parameters-store-directory-prefix.
(<boot-parameters>)[store-directory-prefix]: New field. It is used to
generate the correct paths when /gnu/store is installed on a btrfs
subvolume whose name doesn't match the final runtime path, as the
bootloader doesn't have knowledge about the final mounting points.
[boot-parameters-store-directory-prefix]: New accessor.
(read-boot-parameters): Read directory-prefix from store field.
(operating-system-boot-parameters-file): Add directory-prefix to
store field.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-directory-prefix.
* test/boot-parameters.scm (%default-btrfs-subvolume,
%default-store-directory-prefix): New variables.
(%grub-boot-parameters): Use %default-store-directory-prefix.
(%default-operating-system): Use %default-btrfs-subvolume.
(test-boot-parameters): Add directory-prefix.
(test optional fields): Add test for directory-prefix.
(test os store-directory-prefix): New test.
|
|
* gnu/machine/ssh.scm (roll-back-managed-host): Use locale information
from boot-parameters.
* gnu/system.scm (operating-system-bootcfg): Provide locale information
to the bootloader.
* guix/system/script.scm (reinstall-bootloader): Use locale information
from boot-parameters.
|
|
* gnu/system.scm (define-module)[export]: Add boot-parameters-locale.
(<boot-parameters>)[locale]: New field.
[boot-parameters-locale]: New accessor.
(read-boot-parameters): Read locale field.
(operating-system-boot-parameters): Provide operating-system locale to
boot-parameters record.
(opeating-system-boot-parameters-file): Likewise.
* Makefile.am (SCM_TESTS): Add tests/boot-parameters.scm.
* tests/boot-parameters.scm: New test file.
|
|
* gnu/system.scm (%base-packages-interactive): Add nvi.
* gnu/system/install.scm (installation-os)[packages]: Remove parted,
gptfdisk, ddrescue, cryptsetup, mdadm, dosfstools, btrfs-progs,
f2fs-tools, jfstools, openssh, wireless-tools, iw,
wpa-supplicant-minimal, iproute, bash-completion, nvi. Add
%base-packages-disk-utilities.
|
|
* gnu/system.scm (%base-packages-disk-utilities): New variable.
|
|
* gnu/system.scm (hurd-default-essential-services): Add
setuid-program-service-type.
* gnu/system/hurd.scm (%base-packages/hurd): Add shadow, sudo.
(%setuid-programs/hurd): New variable.
(%hurd-default-operating-system)[setuid-program]: Use it.
[pam-services, sudoers-file]: Remove overrides; enabling regular defaults.
* gnu/system/examples/bare-hurd.tmpl (%hurd-os)[users]: New field.
[services]: Do not disable PAM in SSH.
|
|
* gnu/system.scm (%base-packages-utils): Change GUILE-3.0 to
GUILE-3.0-LATEST.
|
|
* gnu/build/linux-boot.scm (device-string->file-system-device): Support
nfs-root "device" strings.
* gnu/build/file-systems.scm (canonicalize-device-spec): Support nfs-root
"device" strings.
* gnu/machine/ssh.scm (machine-check-file-system-availability): Avoid
checking of NFS file systems.
* gnu/system.scm (read-boot-parameters, device-sexp->device): Support
nfs-root "device" strings.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
|
|
Suggested by pkill9 <pkill9@runbox.com>.
* gnu/system.scm (validated-sudoers-file): New procedure.
(operating-system-etc-service): Use it.
|
|
This allows 'guix deploy' to save the config file when it's available.
* gnu/system.scm (operating-system-configuration-file): New procedure.
(operating-system-with-provenance): 'config-file' defaults to the value
returned by 'operating-system-configuration-file'.
|
|
* gnu.scm (%try-use-modules): Use 'formatted-message' instead of
'&message'.
* gnu/machine/digital-ocean.scm (maybe-raise-unsupported-configuration-error):
Likewise.
* gnu/machine/ssh.scm (machine-check-file-system-availability): Likewise.
(machine-check-building-for-appropriate-system): Likewise.
(deploy-managed-host): Likewise.
(maybe-raise-unsupported-configuration-error): Likewise.
* gnu/packages.scm (search-patch): Likewise.
* gnu/services.scm (%service-with-default-value): Likewise.
(files->etc-directory): Likewise.
(fold-services): Likewise.
* gnu/system.scm (locale-name->definition*): Likewise.
* gnu/system/mapped-devices.scm (check-device-initrd-modules): Likewise.
(check-luks-device): Likewise.
* guix/channels.scm (latest-channel-instance): Likewise.
* guix/cve.scm (json->cve-items): Likewise.
* guix/git-authenticate.scm (commit-signing-key): Likewise.
(commit-authorized-keys): Likewise.
(authenticate-commit): Likewise.
(verify-introductory-commit): Likewise.
* guix/remote.scm (remote-pipe-for-gexp): Likewise.
* guix/scripts/graph.scm (assert-package): Likewise.
* guix/scripts/offload.scm (private-key-from-file*): Likewise.
* guix/ssh.scm (authenticate-server*): Likewise.
(open-ssh-session): Likewise.
(remote-inferior): Likewise.
* guix/ui.scm (matching-generations): Likewise.
* guix/upstream.scm (package-update): Likewise.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
Catch 'formatted-message?'.
("authenticate-channel, wrong first commit signer"): Likewise.
* tests/lint.scm ("patches: not found"): Adjust message string.
* tests/packages.scm ("patch not found yields a run-time error"): Catch
'formatted-message?'.
* guix/lint.scm (check-patch-file-names): Handle 'formatted-message?'.
(check-derivation): Ditto.
|
|
* guix/utils.scm (<location>, source-properties->location)
(location->source-properties, &error-location): Move to...
* guix/diagnostics.scm: ... here.
* gnu.scm: Adjust imports accordingly.
* gnu/machine.scm: Likewise.
* gnu/system.scm: Likewise.
* gnu/tests.scm: Likewise.
* guix/inferior.scm: Likewise.
* tests/channels.scm: Likewise.
* tests/packages.scm: Likewise.
|
|
* gnu/system.scm (operating-system-root-file-system): Raise when 'find'
returns #f.
|
|
This allows error messages to include source location info.
* gnu/system.scm (<operating-system>)[location]: New field.
|
|
Fix the following issue, that happens during CI evaluation:
In guix/gexp.scm:
782:4 19 (_ _)
In guix/store.scm:
1907:12 18 (_ #<store-connection 256.99 7f3727b6de10>)
1340:2 17 (map/accumulate-builds #<store-connection 256.99 7f372…> …)
In srfi/srfi-1.scm:
586:29 16 (map1 ((#<file-append #<package hurd@0.9-1.91a516…> …) …))
586:29 15 (map1 ((#<file-append #<<parameterized> bindings:…> …) …))
586:29 14 (map1 ((#<file-append #<package hurd@0.9-1.91a516…> …) …))
586:17 13 (map1 ((#<<operating-system> kernel: #<<parameter…> …) …))
In guix/store.scm:
1299:8 12 (call-with-build-handler #<procedure build-accumulator…> …)
2025:24 11 (run-with-store #<store-connection 256.99 7f3727b6de10> …)
In guix/gexp.scm:
785:13 10 (_ _)
In guix/store.scm:
1859:8 9 (_ _)
In guix/gexp.scm:
243:18 8 (_ _)
In guix/store.scm:
1894:38 7 (_ #<store-connection 256.99 7f3727b6de10>)
In gnu/system.scm:
1012:19 6 (_ #<store-connection 256.99 7f3727b6de10>)
634:11 5 (operating-system-services #<<operating-system> kernel:…>)
611:17 4 (hurd-default-essential-services #<<operating-system> k…>)
555:18 3 (operating-system-directory-base-entries #<<operating-s…>)
1270:18 2 (operating-system-boot-parameters-file #<<operating-sy…> …)
1225:35 1 (operating-system-boot-parameters #<<operating-system>…> …)
1225:35 0 (operating-system-boot-parameters (#<<file-system> de…>) …)
gnu/system.scm:1225:35: In procedure operating-system-boot-parameters:
Wrong type to apply: #f
"hurd-target?" is returning false when it should return true in that context.
* gnu/system.scm (operating-system-boot-parameters): Check for "hurd" target
field of "os" instead of using the "hurd-target?" procedure.
|
|
When creating a disk-image using --save-provenance, "guix system describe"
now works.
* gnu/system.scm (operating-system-directory-base-entries): Add conditional
"hurd" parameter, make "initrd" parameter conditional.
(hurd-default-essential-services): Use them.
(operating-system-boot-parameters-file): Only add 'initrd' when set.
|
|
* gnu/system.scm (read-boot-parameters): Allow initrd to be missing.
|
|
* gnu/system.scm (read-boot-parameters): Oops, only return value for
multiboot-modules instead of (key value).
|
|
* gnu/system.scm (%setuid-programs): Add 'sg' and 'newgrp'.
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
|
|
Note: Using `getxattr' on the Hurd instead of running showtrans does not
work (yet?).
* gnu/build/hurd-boot.scm (setup-translator): Use 'setxattr' instead of
invoking settrans.
* gnu/system.scm (hurd-multiboot-modules): Add --x-xattr-translator-records to
enable xattr-embedding of translators.
|
|
Reported by Vitaliy Shatrov <D0dyBo0D0dyBo0@protonmail.com> via IRC.
* gnu/system.scm (operating-system-etc-service): For the Hurd, add '/etc/ttys'
symlink. This fixes terminal behavior in the console by setting TERM=hurd.
|
|
* gnu/system.scm (boot-parameters->menu-entry): Delete quote to evalutate and
get kernel boot parameters.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
This decouples startup of the Hurd from the "hurd" package, moving the RC
script into SYSTEM.
* gnu/packages/hurd.scm (hurd)[inputs]: Remove hurd-rc-script.
[arguments]: Do not substitute it. Update "runsystem.sh" to parse kernel
arguments and exec into --system=SYSTEM/rc.
(hurd-rc-script): Move to...
* gnu/services.scm (%hurd-rc-file): ...this new variable.
(hurd-rc-entry): New procedure.
(%hurd-startup-service): Use it in new variable.
* gnu/system.scm (hurd-default-essential-services): Use it.
|
|
* gnu/system/hurd.scm (%base-services/hurd): Add hurd-console-service,
hurd-getty-services, guix-service. Also add sylog and loopback, needed for
...
* gnu/system.scm (hurd-default-essential-services): ... add
%shepherd-root-service with dependencies: %boot-service, %activation-service,
user-processes, root-file-system-service, file-system-service,
pam-root-service.
|
|
* gnu/system.scm (hurd-default-essential-services): Populate profile with
packages.
|
|
* gnu/system.scm (operating-system-etc-service): Cater for missing nsswitch
and missing sudoers-file. For the Hurd, add "login" and "motd".
(hurd-default-essential-services): Add operating-system-etc-service.
|
|
* gnu/build/activation.scm (boot-time-system): Use "command-line" for the
Hurd.
* gnu/system.scm (hurd-default-essential-services): Add %boot-service and
%activation-service.
|
|
* gnu/system.scm (kernel->boot-label): Add keyword parameter 'hurd'. If set,
use it for label.
(operating-system-default-label): Call with it with operating-system-hurd.
|
|
* gnu/system.scm (<boot-parameters>)[multiboot-modules]: New field.
(read-boot-parameters): Initialize it.
(operating-system-multiboot-modules, hurd-multiboot-modules): New procedure.
(operating-system-boot-parameters): Cater for multiboot the Hurd and
initialize it; avoid initrd in that case.
(operating-system-kernel-file): Cater for for Gnumach (the Hurd) besides Linux.
(boot-parameters->menu-entry): Use it to support a multiboot <menu-entry>.
|
|
* gnu/system.scm (<operating-system>)[hurd]: New field.
* doc/guix.texi (operating-system Reference): Document 'hurd'.
|
|
* gnu/system.scm (hurd-default-essential-services): New procedure.
|
|
* gnu/system.scm (system-linux-image-file-name): Make 'target' an
optional parameter.
|
|
Following discussion in <https://issues.guix.gnu.org/37305>, it seems more
appropriate to give the parameter a more generic name that better describes
what it does.
* gnu/bootloader/grub.scm (normalize-file): Rename the
BTRFS-SUBVOLUME-FILE-NAME parameter to STORE-DIRECTORY-PREFIX, and always
assume this argument to be a string.
(eye-candy): Likewise. Default STORE-DIRECTORY-PREFIX to "".
(grub-configuration-file): Likewise.
* gnu/system.scm (operating-system-bootcfg): Adapt.
|
|
* gnu/bootloader/grub.scm (strip-mount-point): Remove procedure.
(normalize-file): Add procedure.
(grub-configuration-file): New BTRFS-SUBVOLUME-FILE-NAME parameter. When
defined, prepend its value to the kernel and initrd file names, using the
NORMALIZE-FILE procedure. Adjust the call to EYE-CANDY to pass the
BTRFS-SUBVOLUME-FILE-NAME argument. Normalize the KEYMAP file as well.
(eye-candy): Add a BTRFS-SUBVOLUME-FILE-NAME parameter, and use it, along with
the NORMALIZE-FILE procedure, to normalize the FONT-FILE and IMAGE nested
variables. Adjust doc.
* gnu/bootloader/depthcharge.scm (depthcharge-configuration-file): Adapt.
* gnu/bootloader/extlinux.scm (extlinux-configuration-file): Likewise.
* gnu/system/file-systems.scm (btrfs-subvolume?)
(btrfs-store-subvolume-file-name): New procedures.
* gnu/system.scm (operating-system-bootcfg): Specify the Btrfs
subvolume file name the store resides on to the
`operating-system-bootcfg' procedure, using the new
BTRFS-SUBVOLUME-FILE-NAME argument.
* doc/guix.texi (File Systems): Add a Btrfs subsection to document the use of
subvolumes.
* gnu/tests/install.scm (%btrfs-root-on-subvolume-os)
(%btrfs-root-on-subvolume-os-source)
(%btrfs-root-on-subvolume-installation-script)
(%test-btrfs-root-on-subvolume-os): New variables.
|
|
|
|
* gnu/system/vm.scm (operating-system-uuid): Move to ...
* gnu/system.scm: ... here.
|
|
|