aboutsummaryrefslogtreecommitdiff
path: root/gnu/build
AgeCommit message (Expand)Author
2024-11-03activation: Create directory with specified perms in ‘mkdir-p/perms’....There is currently a window of time between when the desired directory is created and when its permissions are changed. During this time, its permissions are restricted only by the umask. Of course, in the "directory already exists" case, this doesn't matter, but if the directory has been specifically deleted ahead of time so that it is created afresh, this is an unnecessary window. We can avoid this by passing the caller-provided BITS to 'mkdirat' when attempting to create the last directory. * gnu/build/activation.scm (mkdir-p/perms): Create target directory with BITS permissions. Change-Id: I03d2c620872e86b6f591abe0f1c8317aa1245383 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reepca Russelstein
2024-10-15hurd-boot: Support system init: Create essential device nodes....* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Cater for existing directories (dev, servers). (set-hurd-device-translators): Remove /servers/socket/1, that is created by libexec/console-run. Cater for nonexistent /dev/console. (boot-hurd-system): Call make-hurd-device-nodes on initial run. Janneke Nieuwenhuizen
2024-10-14image: Add support for btrfs....* gnu/build/image.scm (make-btrfs-image): New variable. * gnu/system/image.scm (system-disk-image): Support btrfs. Change-Id: I80a5b52ec478ce5927d6208e324cbb70282c647a Signed-off-by: Ludovic Courtès <ludo@gnu.org> Roman Scherer
2024-10-14image: Use file system options in make-vfat-image....* gnu/build/image.scm (make-vfat-image): Use file system options. Change-Id: I791aadd2803d1ef96fc79cf8910a74a0083d2b6e Signed-off-by: Ludovic Courtès <ludo@gnu.org> Roman Scherer
2024-09-01file-systems: Add support for exFAT....* gnu/build/file-systems.scm (%exfat-endianness): New syntax. (exfat-superblock?, exfat-bytes-per-sector-shift) (exfat-sectors-per-cluster-shift, exfat-root-directory-offset) (exfat-cluster-size, read-exfat-superblock+root-directory-cluster) (read-exfat-superblock, exfat-superblock-volume-name) (exfat-superblock-uuid, check-exfat-file-system): New procedures. (%partition-label-readers, %partition-uuid-readers): Register them. Change-Id: I08bd3147d2d67e5766c9381ae2159bc01530b814 Tobias Geerinckx-Rice
2024-09-06activation: Fix TOCTTOU in mkdir-p/perms....Fixes <https://issues.guix.gnu.org/47584>. I removed the 'Based upon mkdir-p from (guix build utils)' comment because it's quite a bit different now. * gnu/build/activation.scm (verify-not-symbolic): Delete. (mkdir-p/perms): Rewrite in terms of 'openat'. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Change-Id: Id2f5bcbb903283afd45f6109190210d02eb383c7 Maxime Devos
2024-08-31gnu: image: Reformat comments....I wrote these to fit on their lines, so the pointless widows bug me. * gnu/build/image.scm (make-iso9660-image): M-q comments. Tobias Geerinckx-Rice
2024-08-11privilege: Add POSIX capabilities(7) support....* gnu/system/privilege.scm (<privileged-program>): Add a field representing the program's POSIX capabilities. (privileged-program-capabilities): New public procedure. * doc/guix.texi (Privileged Programs): Document it. * gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP package argument providing setcap(8) to apply said capabilities. * gnu/services.scm (privileged-program->activation-gexp): Pass said package argument where supported. Include privileged-program-capabilities in the compatibility hack. Tobias Geerinckx-Rice
2024-08-11build: Rename activate-setuid-programs....* gnu/build/activation.scm (activate-setuid-programs): Rename this… (activate-privileged-programs): …to this. Operate on a list of <privileged-program> records. * gnu/services.scm (setuid-program->activation-gexp): Adjust caller. Tobias Geerinckx-Rice
2024-08-11services: setuid-program: Populate /run/privileged/bin....Create /run/setuid-programs compatibility symlinks so that we can migrate all users (both package and human) piecemeal at our leisure. Apart from being symlinks, this should be a user-invisible change. * gnu/build/activation.scm (%privileged-program-directory): New variable. [activate-setuid-programs]: Put privileged copies in %PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in %SETUID-DIRECTORY. * gnu/services.scm (setuid-program-service-type): Update docstring. * doc/guix.texi (Setuid Programs): Update @file{} name accordingly. Tobias Geerinckx-Rice
2024-07-26file-systems: Allow specifying CIFS credentials in a file....As files in the store and /etc/fstab are world readable, specifying the password in the file-system record is suboptimal. To mitigate this, `mount.cifs' supports reading `username', `password' and `domain' options from a file named by the `credentials' or `cred' option. * gnu/build/file-systems.scm (mount-file-system): Read mount options from the file specified via the `credentials' or `cred' option if specified. Change-Id: I786c5da373fc26d45fe7a876c56a8c4854d18532 Signed-off-by: Ludovic Courtès <ludo@gnu.org> vicvbcun
2024-07-20file-systems: Skip checking the cifs file-system type....* gnu/build/file-systems.scm (check-file-system)[check-procedure]: Add cifs. Change-Id: I891b18f03884ed45e92ac32556fe04b3087e20dd Signed-off-by: Ludovic Courtès <ludo@gnu.org> Richard Sent
2024-06-04file-systems: Add support for mounting CIFS file systems...* gnu/build/file-systems (canonicalize-device-name): Do not attempt to resolve CIFS formatted device specifications. (mount-file-systems): Add mount-cifs nested function. * gnu/machine/ssh.scm (machine-check-file-system-availability): Skip checking for CIFS availability, similar to NFS. * guix/scripts/system.scm (check-file-system-availability): Likewise. Change-Id: I182e290eba64bbe5d1332815eb93bb68c01e0c3c Signed-off-by: Ludovic Courtès <ludo@gnu.org> Richard Sent
2024-06-04file-systems: Add host-to-ip nested function...* gnu/build/file-systems (mount-file-system): Split out getaddrinfo logic into a dedicated function, (host-to-ip) Change-Id: I522d70a10651ca79533a4fc60b96b884243a3526 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Richard Sent
2024-05-29gnu: linux-libre: Enable Zstd compression of kernel modules....This brings the on disk size of the kernel from 164 MiB to 144 MiB, or about 12%. * gnu/packages/linux.scm (default-extra-linux-options) [version>=5.13]: Enable CONFIG_MODULE_COMPRESS_ZSTD, else CONFIG_MODULE_COMPRESS_GZIP. (make-linux-libre*) [phases] {set-environment}: Set ZSTD_CLEVEL environment variable to 19. [native-inputs]: Add zstd. * gnu/build/linux-modules.scm (module-regex): Add .zst to regexp. Update doc. (modinfo-section-contents): Extend support to Zstd compressed module. (dot-ko): Register the 'zstd compression type. (ensure-dot-ko, file-name->module-name, load-linux-module*) (module-name->file-name/guess, write-module-name-database) (write-module-alias-database, write-module-device-database): Update doc. (module-name-lookup): Also consider zstd-compressed modules. * gnu/installer.scm (installer-program): Add guile-zstd extension to gexp. * gnu/system/linux-initrd.scm (flat-linux-module-directory): Likewise. Decompress zstd-compressed modules for use in initrd. * guix/profiles.scm (linux-module-database): Add guile-zstd extension to gexp. Change-Id: Ide899dc5c58ea5033583b1a91a92c025fc8d901a Maxim Cournoyer
2024-03-27linux-modules: Ignore nonexistent module files on boot....This is a follow-up to 8f8ec56052766aa5105d672b77ad9eaca5c1ab3c, which only covers building initrd, while the booting code still tries to load nonexistent files for builtin modules. * gnu/build/linux-modules.scm (load-linux-modules-from-directory): Ignore nonexistent module files. Change-Id: I09ef207e82397e915e671c8464b92bcf90f03dcf Hilton Chain
2024-02-19services: activation: Ensure /run existence....* gnu/build/activation.scm (activation-script): Ensure /var/run existence. * gnu/build/install.scm (evaluate-populate-directive) [directives]: Remove directory /run. Change-Id: I19ca8e7605c0cff598ab89077a94e20390ba27b0 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Nicolas Graves
2024-02-19services: activation: Ensure /var/run existence....* gnu/services.scm (activation-script): Ensure /var/run existence. * gnu/build/install.scm (evaluate-populate-directive) [directives]: Remove directory /var/run. Change-Id: I5fb93d33b6b1f045f1e5ba206b9b0b74b5184260 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Nicolas Graves
2024-02-19file-systems: Recognize “none” as a valid device spec....* gnu/build/file-systems (canonicalize-device-name): Fallback to tmpfs if spec is "none". Change-Id: Ia55c715d04c7611ba8c979f23f1ad4a8ed2e75b6 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Nicolas Graves
2024-02-10marionette: Add #:peek? to ‘wait-for-tcp-port?’....* gnu/build/marionette.scm (wait-for-tcp-port): Add #:peek? parameter and honor it. Change-Id: Ie7515a5223299390ab8af6fe5aa3cf63ba5c8078 Ludovic Courtès
2024-02-10services: secret-service: Make the endpoint configurable....Until now, the secret service had a hard-coded TCP endpoint on port 1004. This change lets users specify arbitrary socket addresses. * gnu/build/secret-service.scm (socket-address->string): New procedure, taken from Shepherd. (secret-service-send-secrets): Replace ‘port’ by ‘address’ and adjust accordingly. (secret-service-receive-secrets): Likewise. * gnu/services/virtualization.scm (secret-service-shepherd-services): Likewise. (secret-service-operating-system): Add optional ‘address’ parameter and honor it. Adjust ‘start’ method accordingly. Change-Id: I87a9514f1c170dca756ce76083d7182c6ebf6578 Ludovic Courtès
2023-12-27chromium-extension: Compute json at argument evaluation time....* gnu/build/chromium-extension.scm (make-chromium-extension): Make use of the make-signing-key procedure inside the argument field, making sure that it is not evaluated at file-load time. This would otherwise try to resolve gnutls when we can't guarantee it's defined because of dependency cycles. Change-Id: Ia7b13acfbca475c2df073e9a88fc8bb9264dd968 Josselin Poiret
2023-12-22shepherd: Remove ‘make-forkexec-constructor/container’....This was superseded by ‘least-authority-wrapper’. * gnu/build/shepherd.scm (read-pid-file/container) (make-forkexec-constructor/container): Remove. Change-Id: I6acccdff2609a35807608f865a4d381146113a88 Ludovic Courtès
2023-12-11gnu: cross-toolchain: Add set-cross-path for AVR....* gnu/build/cross-toolchain.scm (set-cross-path/avr): New procedure. (cross-gcc-build-phases) [string-prefix? "avr"]: Return set-cross-path/avr procedure. Signed-off-by: Jean-Pierre De Jesus DIAZ <me@jeandudey.tech> Change-Id: I00bd39236ac2e31fef02164a7fffc8b56a166f0d Signed-off-by: Efraim Flashner <efraim@flashner.co.il> Jean-Pierre De Jesus DIAZ
2023-12-11gnu: cross-gcc: Enable multilib for AVR....* gnu/build/cross-toolchain.scm (patch-multilib-shebang): New procedure. * gnu/packages/avr.scm (make-avr-gcc): Remove uneeded phases and flags for multilib. * gnu/packages/cross-base (cross-gcc-arguments) <#:configure-flags> [target-avr?]: Remove --disable-multilib and add --enable-multilib. Change-Id: Id68d803057ac898f0a670f10487b08bf0891ab0b Signed-off-by: Efraim Flashner <efraim@flashner.co.il> Jean-Pierre De Jesus DIAZ
2023-12-10gnu: ‘make-icecat-extension’ inherits package location....This is an improvement for the purposes of ‘guix edit’ & co. * gnu/build/icecat-extension.scm (make-icecat-extension): Add ‘location’ field. Change-Id: I896ae6823b3fe4ea013fa74e2c536f45664d8042 Ludovic Courtès
2023-11-19linux-boot: Don't create /root before it's used....* gnu/build/linux-boot.scm (boot-system): Postpone the MKDIR of /root. Change-Id: I589316a5ddf41cada02173ed4dd5b7df09b795e8 Tobias Geerinckx-Rice
2023-10-23gnu: icecat: Support Guix packaged extensions and native manifests....* gnu/build/icecat-extension.scm: New file with a MAKE-ICECAT-EXTENSION procedure that makes sure the add-on directory is a symlink, so that Icecat can normalize it into a package store path. * gnu/local.mk (dist_patch_DATA): Register it, as well as new patches. * gnu/packages/browser-extensions.scm (ublock-origin)[properties]: Store the add-on ID so that it is accessible in MAKE-ICECAT-EXTENSION. [arguments]: Use the add-on ID as root directory. (ublock-origin/icecat): New procedure. * gnu/packages/gnuzilla.scm (icecat-minimal)[arguments]: Rewrite the unused 'apply-guix-specific-patches' phase so that it applies the following two patches. [native-search-paths]: New field. * gnu/packages/patches/icecat-compare-paths.patch: New patch that compares add-on paths (which are package store paths) to detect package changes. * gnu/packages/patches/icecat-use-system-wide-dir.patch: New patch that replaces "/usr/lib/mozilla" (the system-wide directory for extensions and native manifests) with "$ICECAT_SYSTEM_DIR". Clément Lassieur
2023-10-15linux-modules: Fix module dependency loading....* gnu/build/linux-modules.scm (dot-ko): Make COMPRESSION optional, as expected by callers RECURSIVE-MODULE-DEPENDENCIES and LOAD-LINUX-MODULE*. Tobias Geerinckx-Rice
2023-10-12accounts: Fix typo in comment....* gnu/build/accounts.scm (passwd->shadow): Fix typo in comment. Ludovic Courtès
2023-10-08accounts: Ensure ‘last-change’ field of shadow entries is never zero....* gnu/build/accounts.scm (passwd->shadow): Add ‘max’ call so NOW is greater than or equal to 1. Ludovic Courtès
2023-10-01secret-service: Increase default handshake timeout....* gnu/build/secret-service.scm (secret-service-send-secrets): Increase #:handshake-timeout. Ludovic Courtès
2023-10-01hurd-boot: Setup/dev/hdX, /dev/hdXsY IDE device node translators....The gnumach builtin IDE hd devices are still used, unless booting with "noide". * gnu/build/hurd-boot.scm (set-hurd-device-translators): Create /dev/hd{0..3}, /dev/hd{0..3}s{0..3}. Janneke Nieuwenhuizen
2023-08-20Revert "gnu: system: Add home-directory-permissions field to <user-account>."...This reverts commit e9a5eebc785cb843034b38c5c5a6dd10904bdf2a, which as far as I can tell breaks system roll-backs thusly: [...] In gnu/build/accounts.scm: 239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >) In unknown file: 2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>) In ice-9/boot-9.scm: 1685:16 1 (raise-exception _ #:continuable? _) 1685:16 0 (raise-exception _ #:continuable? _) ice-9/boot-9.scm:1685:16: In procedure raise-exception: In procedure string-append: Wrong type (expecting string): #t Tobias Geerinckx-Rice
2023-08-25gnu: system: Add home-directory-permissions field to <user-account>....* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New field. (user-account-home-directory-permissions): New accessor. * gnu/build/activation.scm (activate-users+groups): Use home directory permission bits from the user account object. * doc/guix.texi (User Accounts): Document new field. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> David Thompson
2023-07-19marionette: Allow passing custom OCR arguments....* gnu/build/marionette.scm (%default-ocrad-arguments): New variable. (invoke-ocrad-ocr, invoke-tesseract-ocr, marionette-screen-text) [ocr-arguments]: New argument. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Bruno Victal
2023-07-13hurd-boot: Cater for netdde....* gnu/build/hurd-boot.scm (set-hurd-device-translators): Setup translators for netdde, eth{0,1}. Create /servers/socket/{inet,inet6} symlinks. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> Janneke Nieuwenhuizen
2023-07-13hurd-boot: Setup pci-arbiter and rumpdisk translators....* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Create "servers/bus/pci. (set-hurd-device-translators): Create transators for pci-arbiter, rumpdisk, and /dev/wd0..3s1..4. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> Janneke Nieuwenhuizen
2023-06-14gnu: image: Add support for unformatted partitions....* gnu/build/image.scm (make-unformatted-image): New procedure. (make-partition-image): Add support for unformatted partition. * gnu/system/image.scm (system-disk-image)[partition->gpt-type]: Add case for using unformatted partition uuid. Efraim Flashner
2023-05-17hurd-boot: Symlink /hurd before setting up translators....* gnu/build/hurd-boot.scm (boot-hurd-system): Symlink /hurd before setting up translators. Reviewed-by: Janneke Nieuwenhuizen <janneke@gnu.org> Josselin Poiret
2023-05-06services: dbus-service, secret-service: Do not cause (fibers) to be loaded....* gnu/build/dbus-service.scm (sleep*): Pass #:ensure #f to 'resolve-module'. * gnu/build/secret-service.scm (wait-for-readable-fd): Likewise. Ludovic Courtès
2023-02-26file-systems: Validate 'no-diratime flag....This follows up on commit c0773455397746b10194bc14c7cef144f4095b65, and adds a comment to avoid this in future. * gnu/system/file-systems.scm (invalid-file-system-flags): Add 'no-diratime to the list of KNOWN-FLAGS. Tobias Geerinckx-Rice
2023-01-30linux-container: 'container-excursion' forks to join the PID namespace....Fixes <https://issues.guix.gnu.org/61156>. * gnu/build/linux-container.scm (container-excursion): Add extra call to 'primitive-fork' and invoke THUNK in the child process. * tests/containers.scm ("container-excursion"): Remove extra 'primitive-fork' call, now unnecessary. ("container-excursion*, /proc"): New test. Ludovic Courtès
2023-01-30container: Correctly report exit status....* gnu/build/linux-container.scm (container-excursion): Return the raw status value. * tests/containers.scm ("container-excursion, same namespaces"): Add 'status:exit-val' call. * guix/scripts/container/exec.scm (guix-container-exec): Correctly handle the different cases. Ludovic Courtès
2022-12-24hurd-boot: Fix list of devices with translators....Fixes a regression introduced in 450f7740283ce160a7482d1c75e6e0ab17f2a6f0 and e3c6575ee93741a43003cd1aa4663151dd90b9f5, which introduced unquote-splicing without changing quote to quasiquote. * gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Use quasiquote, note quote. Ludovic Courtès
2022-12-17activation: Firmware activation handles missing support in kernel....* gnu/build/activation.scm (activate-firmware): Check if firmware loading is enabled before attempting to use it. Marius Bakke
2022-12-12Merge branch 'version-1.4.0'Ludovic Courtès
2022-12-12image: Use 512 byte blocks for EFI partitions....Addresses <https://issues.guix.gnu.org/59695>. * gnu/build/image.scm (make-vfat-image): When creating a fat filesystem for UEFI bootable partition use 512 byte blocks. Efraim Flashner
2022-12-10install: 'umount-cow-store' retries upon EBUSY....Possibly fixes <https://issues.guix.gnu.org/59884>. * gnu/build/install.scm (umount*): New procedure. (unmount-cow-store): Use it instead of 'umount'. Ludovic Courtès
2022-11-28system: hurd: Create more ttys....* gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Add more /dev/ttyN nodes. * gnu/system/hurd.scm (%base-services/hurd): Add more 'hurd-getty-service-type' instances. Ludovic Courtès