guix/gnu/system, branch koszko Wojtek's customized Guix https://git.koszko.org/guix/atom?h=koszko 2025-05-26T12:07:23Z system: Allow adding elsewhere-defined system users to extra groups. 2025-05-26T12:07:23Z Wojtek Kosior koszko@koszko.org 2024-01-22T19:50:24Z urn:sha1:f18ff17f7ad1d79ff69c452df6b2e69299bded1c * gnu/system.scm (define-module): Export `operating-system-extra-groups`. (<operating-system>)[extra-groups]: New field. (operating-system-default-essential-services): Also pass extra groups to account-service. (hurd-default-essential-services): Same here. * gnu/system/accounts.scm (define-module): Use (ice-9 vlist), (srfi srfi-8) and (srfi srfi-26). Export `user-extra-groups`* and `merge-extra-groups-data`. (<user-extra-groups>): New record type. (user-account-extend): New procedure. (merge-extra-groups-data): New procedure. * gnu/system/shadow.scm (define-module): Re-export `user-extra-groups`*. (account-service-type)[extend]: Handle <user-extra-groups> records, move field intializer upward to be able to use `compose`. Change-Id: I3f489ac794d342267b7627db1d28315ea4b69db2 system: Add sgx group to %base-groups. 2025-05-14T13:10:44Z Maxim Cournoyer maxim.cournoyer@gmail.com 2025-05-14T08:29:42Z urn:sha1:c5265b90b055ee15908298c5d463301f1aae2eb1 * gnu/system/shadow.scm (%base-groups): Add 'sgx' group. Fixes: <https://issues.guix.gnu.org/70278> Change-Id: I4f9e3c7751ac11f0c7a4283390223778511494f8 linux-container: Do not attempt to lock mounts for ‘guix system container’. 2025-05-12T08:40:02Z Ludovic Courtès ludo@gnu.org 2025-05-10T16:58:35Z urn:sha1:437bb9ece55f37d4b5a62cafc98c0c3b848a53ce Fixes <https://issues.guix.gnu.org/78356>. * gnu/system/linux-container.scm (container-script): Pass #:lock-mounts? #f to ‘call-with-container’. Reported-by: Rutherther <rutherther@ditigal.xyz> Change-Id: Ie670868147f32baf2c2a94c9c7b1636bc84d0a0a install: Do not leak local checkout URL. 2025-05-05T22:16:33Z Ludovic Courtès ludo@gnu.org 2025-05-05T20:40:50Z urn:sha1:94c9e53fa4b45e85c1664a9bab6aea0d5c3ac123 Fixes <https://issues.guix.gnu.org/67707>. Previously ‘guix describe’ in the installation image would show the URL of the local checkout that was used to build the image. It now shows the default URL. * gnu/system/install.scm (%installation-services): Change channel of ‘guix’ package to inherit from ‘%default-guix-channel’. Change-Id: If848b5a6166904e982e0f9a0780f3e3f53bdfc28 linux-container: Support having a read-only root file system. 2025-05-05T12:33:59Z Ludovic Courtès ludo@gnu.org 2025-04-04T14:36:17Z urn:sha1:a391394a22f76e29459132888f9950ad74993c5f Until now, the read-only file system set up by ‘call-with-container’ would always be writable. With this change, it can be made read-only. With this patch, only ‘least-authority-wrapper’ switches to a read-only root file system. * gnu/build/linux-container.scm (remount-read-only): New procedure. (mount-file-systems): Add #:writable-root? and #:populate-file-system and honor them. (run-container): Likewise. (call-with-container): Likewise. * gnu/system/linux-container.scm (container-script): Pass #:writable-root? to ‘call-with-container’. (eval/container): Add #:populate-file-system and #:writable-root? and honor them. * guix/scripts/environment.scm (launch-environment/container): Pass #:writable-root? to ‘call-with-container’. * guix/scripts/home.scm (spawn-home-container): Likewise. * tests/containers.scm ("call-with-container, mnt namespace, read-only root") ("call-with-container, mnt namespace, writable root"): New tests. Change-Id: I603e2fd08851338b737bb16c8af3f765e2538906 linux-container: Add #:mounts to ‘eval/container’. 2025-05-05T12:33:59Z Ludovic Courtès ludo@gnu.org 2025-04-04T14:07:15Z urn:sha1:d4c3b31b86dcdc29dee5ae9f7e3399b388cded7e * gnu/system/linux-container.scm (eval/container): Add #:mounts parameter and honor it. Change-Id: I1d5970f53a3d67db93e937e392f9bf36e75d1573 vm: Account for an upstream change in the name of the Cirrus kernel module. 2025-04-27T06:29:41Z Leo Famulari leo@famulari.name 2025-04-27T03:56:12Z urn:sha1:8f885a2bb3474a29dc24875466993e1256d0eb22 * gnu/system/vm.scm (virtualized-operating-system): Choose the module name based on the kernel version Change-Id: I77d70fa44a8d5d2412ae0aaa645fa67146b76432 services: account: Create /var/guix/profiles/per-user/$USER. 2025-04-20T16:50:51Z Ludovic Courtès ludo@gnu.org 2025-03-25T15:53:55Z urn:sha1:da741d89310efd0530351670d9c55ec2f952ab98 * gnu/system/shadow.scm (account-shepherd-service): Create /var/guix/profiles/per-user/$USER in ‘user-homes’ service. Change-Id: I22e66e8a34d63686df9bae64c68df65c8889e72a gnu: Fix guix system vm --share argument error. 2025-04-09T23:30:38Z Feng Shu tumashu@163.com 2025-03-29T07:48:26Z urn:sha1:2934de1447f87b361608ef3a2a756b8a5d2f42e6 * gnu/system/vm.scm (common-qemu-options): Fix guix system vm --share argument error. Change-Id: I4182e2dbe1b54e6eec2fb6ca53f9345f6d396f14 Signed-off-by: Danny Milosavljevic <dannym@friendly-machines.com> images: visionfive2: Add support for booting from nvme. 2025-04-08T06:58:19Z Zheng Junjie z572@z572.online 2025-04-04T19:33:59Z urn:sha1:0770929ddeb82cb681b91e4019b74429285c9f73 * gnu/system/images/visionfive2.scm (visionfive2-barebones-os): [initrd-modules]: Add mmc_block, clk-starfive-jh7110-aon, clk-starfive-jh7110-stg, phy-jh7110-dphy-tx, pcie_starfive and nvme. Change-Id: I1d7ced9bad7e94045ab1caa2315871cd56ca50f4