aboutsummaryrefslogtreecommitdiff
# This is a "service unit file" for the systemd init system to launch
# 'guix-daemon'.  Drop it in /etc/systemd/system or similar to have
# 'guix-daemon' automatically started.

[Unit]
Description=Build daemon for GNU Guix

[Service]
ExecStart=@localstatedir@/guix/profiles/per-user/root/current-guix/bin/guix-daemon \
    --build-users-group=guixbuild --discover=no \
    --substitute-urls='@GUIX_SUBSTITUTE_URLS@'
Environment='GUIX_LOCPATH=@localstatedir@/guix/profiles/per-user/root/guix-profile/lib/locale' LC_ALL=en_US.utf8
StandardOutput=journal
StandardError=journal

# Work around a nasty systemd ‘feature’ that kills the entire process tree
# (including the daemon!) if any child, such as cc1plus, runs out of memory.
OOMPolicy=continue

# Despite the name, this is rate-limited: a broken daemon will eventually fail.
Restart=always

# See <https://lists.gnu.org/archive/html/guix-devel/2016-04/msg00608.html>.
# Some package builds (for example, go@1.8.1) may require even more than
# 1024 tasks.
TasksMax=8192

[Install]
WantedBy=multi-user.target
generated by cgit
68e3cb98adb'>tests: Skip tests that requires gpg when gpg is unavailable....Partly fixes <https://bugs.gnu.org/41932>. Reported by Simen Endsjø <simendsjo@gmail.com>. * tests/git-authenticate.scm ("signed commits, SHA1 signature"): Use 'gpg+git-available?' in skip guard. Ludovic Courtès 2020-06-16tests: Move OpenPGP helpers to (guix tests gnupg)....* tests/git-authenticate.scm (key-id): Remove. (%ed25519-public-key-file, %ed25519-secret-key-file) (%ed25519bis-public-key-file, %ed25519bis-secret-key-file) (read-openpgp-packet, key-fingerprint): Move to... * guix/tests/gnupg.scm: ... here. Ludovic Courtès 2020-06-12git-authenticate: Disallow SHA1 (and MD5) signatures....* guix/git-authenticate.scm (commit-signing-key): Add #:disallowed-hash-algorithms and honor it. (authenticate-commit)[recent-commit?]: New variable. Pass #:disallowed-hash-algorithms to 'commit-signing-key'. * tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test. Ludovic Courtès 2020-06-07git-authenticate: Prevent removal of '.guix-authorizations'....* guix/git-authenticate.scm (commit-authorized-keys) [parents-have-authorizations-file?, assert-parents-lack-authorizations]: New procedures. Use the latter before returning DEFAULT-AUTHORIZATIONS. * guix/git.scm (false-if-git-not-found): Export. * guix/tests/git.scm (populate-git-repository): Add 'remove' clause. * tests/git-authenticate.scm ("signed commits, .guix-authorizations removed"): New test. Ludovic Courtès 2020-06-05git-authenticate: Add tests....* guix/tests/git.scm (call-with-environment-variables) (with-environment-variables): Remove. * guix/tests/git.scm (populate-git-repository): Add clauses for signed commits and signed merges. * guix/tests/gnupg.scm: New file. * tests/git-authenticate.scm: New file. * tests/ed25519bis.key, tests/ed25519bis.sec: New files. * Makefile.am (dist_noinst_DATA): Add 'guix/tests/gnupg.scm'. (SCM_TESTS): Add 'tests/git-authenticate.scm'. (EXTRA_DIST): Add tests/ed25519bis.{key,sec}. Ludovic Courtès