Age | Commit message (Expand) | Author |
2024-11-03 | activation: Create directory with specified perms in ‘mkdir-p/perms’....There is currently a window of time between when the desired directory is
created and when its permissions are changed. During this time, its
permissions are restricted only by the umask.
Of course, in the "directory already exists" case, this doesn't matter, but if
the directory has been specifically deleted ahead of time so that it is
created afresh, this is an unnecessary window.
We can avoid this by passing the caller-provided BITS to 'mkdirat' when
attempting to create the last directory.
* gnu/build/activation.scm (mkdir-p/perms): Create target directory with BITS
permissions.
Change-Id: I03d2c620872e86b6f591abe0f1c8317aa1245383
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Reepca Russelstein |
2024-10-15 | hurd-boot: Support system init: Create essential device nodes....* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Cater for existing
directories (dev, servers).
(set-hurd-device-translators): Remove /servers/socket/1, that is created by
libexec/console-run. Cater for nonexistent /dev/console.
(boot-hurd-system): Call make-hurd-device-nodes on initial run.
| Janneke Nieuwenhuizen |
2024-10-14 | image: Add support for btrfs....* gnu/build/image.scm (make-btrfs-image): New variable.
* gnu/system/image.scm (system-disk-image): Support btrfs.
Change-Id: I80a5b52ec478ce5927d6208e324cbb70282c647a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Roman Scherer |
2024-10-14 | image: Use file system options in make-vfat-image....* gnu/build/image.scm (make-vfat-image): Use file system options.
Change-Id: I791aadd2803d1ef96fc79cf8910a74a0083d2b6e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Roman Scherer |
2024-09-01 | file-systems: Add support for exFAT....* gnu/build/file-systems.scm (%exfat-endianness): New syntax.
(exfat-superblock?, exfat-bytes-per-sector-shift)
(exfat-sectors-per-cluster-shift, exfat-root-directory-offset)
(exfat-cluster-size, read-exfat-superblock+root-directory-cluster)
(read-exfat-superblock, exfat-superblock-volume-name)
(exfat-superblock-uuid, check-exfat-file-system): New procedures.
(%partition-label-readers, %partition-uuid-readers): Register them.
Change-Id: I08bd3147d2d67e5766c9381ae2159bc01530b814
| Tobias Geerinckx-Rice |
2024-09-06 | activation: Fix TOCTTOU in mkdir-p/perms....Fixes <https://issues.guix.gnu.org/47584>.
I removed the 'Based upon mkdir-p from (guix build utils)'
comment because it's quite a bit different now.
* gnu/build/activation.scm (verify-not-symbolic): Delete.
(mkdir-p/perms): Rewrite in terms of 'openat'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: Id2f5bcbb903283afd45f6109190210d02eb383c7
| Maxime Devos |
2024-08-31 | gnu: image: Reformat comments....I wrote these to fit on their lines, so the pointless widows bug me.
* gnu/build/image.scm (make-iso9660-image): M-q comments.
| Tobias Geerinckx-Rice |
2024-08-11 | privilege: Add POSIX capabilities(7) support....* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported. Include privileged-program-capabilities
in the compatibility hack.
| Tobias Geerinckx-Rice |
2024-08-11 | build: Rename activate-setuid-programs....* gnu/build/activation.scm (activate-setuid-programs): Rename this…
(activate-privileged-programs): …to this.
Operate on a list of <privileged-program> records.
* gnu/services.scm (setuid-program->activation-gexp): Adjust caller.
| Tobias Geerinckx-Rice |
2024-08-11 | services: setuid-program: Populate /run/privileged/bin....Create /run/setuid-programs compatibility symlinks so that we can
migrate all users (both package and human) piecemeal at our leisure.
Apart from being symlinks, this should be a user-invisible change.
* gnu/build/activation.scm (%privileged-program-directory): New variable.
[activate-setuid-programs]: Put privileged copies in
%PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in
%SETUID-DIRECTORY.
* gnu/services.scm (setuid-program-service-type): Update docstring.
* doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
| Tobias Geerinckx-Rice |
2024-07-26 | file-systems: Allow specifying CIFS credentials in a file....As files in the store and /etc/fstab are world readable, specifying the
password in the file-system record is suboptimal. To mitigate this,
`mount.cifs' supports reading `username', `password' and `domain' options from
a file named by the `credentials' or `cred' option.
* gnu/build/file-systems.scm (mount-file-system): Read mount options from the
file specified via the `credentials' or `cred' option if specified.
Change-Id: I786c5da373fc26d45fe7a876c56a8c4854d18532
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| vicvbcun |
2024-07-20 | file-systems: Skip checking the cifs file-system type....* gnu/build/file-systems.scm (check-file-system)[check-procedure]: Add cifs.
Change-Id: I891b18f03884ed45e92ac32556fe04b3087e20dd
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Richard Sent |
2024-06-04 | file-systems: Add support for mounting CIFS file systems...* gnu/build/file-systems (canonicalize-device-name): Do not attempt to resolve
CIFS formatted device specifications.
(mount-file-systems): Add mount-cifs nested function.
* gnu/machine/ssh.scm (machine-check-file-system-availability): Skip checking
for CIFS availability, similar to NFS.
* guix/scripts/system.scm (check-file-system-availability): Likewise.
Change-Id: I182e290eba64bbe5d1332815eb93bb68c01e0c3c
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Richard Sent |
2024-06-04 | file-systems: Add host-to-ip nested function...* gnu/build/file-systems (mount-file-system): Split out getaddrinfo logic into a
dedicated function, (host-to-ip)
Change-Id: I522d70a10651ca79533a4fc60b96b884243a3526
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Richard Sent |
2024-05-29 | gnu: linux-libre: Enable Zstd compression of kernel modules....This brings the on disk size of the kernel from 164 MiB to 144 MiB, or about
12%.
* gnu/packages/linux.scm (default-extra-linux-options)
[version>=5.13]: Enable CONFIG_MODULE_COMPRESS_ZSTD, else
CONFIG_MODULE_COMPRESS_GZIP.
(make-linux-libre*) [phases] {set-environment}: Set ZSTD_CLEVEL environment
variable to 19.
[native-inputs]: Add zstd.
* gnu/build/linux-modules.scm (module-regex): Add .zst to regexp. Update doc.
(modinfo-section-contents): Extend support to Zstd compressed module.
(dot-ko): Register the 'zstd compression type.
(ensure-dot-ko, file-name->module-name, load-linux-module*)
(module-name->file-name/guess, write-module-name-database)
(write-module-alias-database, write-module-device-database): Update doc.
(module-name-lookup): Also consider zstd-compressed modules.
* gnu/installer.scm (installer-program): Add guile-zstd extension to gexp.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Likewise.
Decompress zstd-compressed modules for use in initrd.
* guix/profiles.scm (linux-module-database): Add guile-zstd extension to gexp.
Change-Id: Ide899dc5c58ea5033583b1a91a92c025fc8d901a
| Maxim Cournoyer |
2024-03-27 | linux-modules: Ignore nonexistent module files on boot....This is a follow-up to 8f8ec56052766aa5105d672b77ad9eaca5c1ab3c, which only
covers building initrd, while the booting code still tries to load nonexistent
files for builtin modules.
* gnu/build/linux-modules.scm (load-linux-modules-from-directory): Ignore
nonexistent module files.
Change-Id: I09ef207e82397e915e671c8464b92bcf90f03dcf
| Hilton Chain |
2024-02-19 | services: activation: Ensure /run existence....* gnu/build/activation.scm (activation-script): Ensure /var/run existence.
* gnu/build/install.scm (evaluate-populate-directive)
[directives]: Remove directory /run.
Change-Id: I19ca8e7605c0cff598ab89077a94e20390ba27b0
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Nicolas Graves |
2024-02-19 | services: activation: Ensure /var/run existence....* gnu/services.scm (activation-script): Ensure /var/run existence.
* gnu/build/install.scm (evaluate-populate-directive)
[directives]: Remove directory /var/run.
Change-Id: I5fb93d33b6b1f045f1e5ba206b9b0b74b5184260
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Nicolas Graves |
2024-02-19 | file-systems: Recognize “none” as a valid device spec....* gnu/build/file-systems (canonicalize-device-name): Fallback to tmpfs
if spec is "none".
Change-Id: Ia55c715d04c7611ba8c979f23f1ad4a8ed2e75b6
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Nicolas Graves |
2024-02-10 | marionette: Add #:peek? to ‘wait-for-tcp-port?’....* gnu/build/marionette.scm (wait-for-tcp-port): Add #:peek? parameter
and honor it.
Change-Id: Ie7515a5223299390ab8af6fe5aa3cf63ba5c8078
| Ludovic Courtès |
2024-02-10 | services: secret-service: Make the endpoint configurable....Until now, the secret service had a hard-coded TCP endpoint on port
1004. This change lets users specify arbitrary socket addresses.
* gnu/build/secret-service.scm (socket-address->string): New procedure,
taken from Shepherd.
(secret-service-send-secrets): Replace ‘port’ by ‘address’ and adjust
accordingly.
(secret-service-receive-secrets): Likewise.
* gnu/services/virtualization.scm (secret-service-shepherd-services):
Likewise.
(secret-service-operating-system): Add optional ‘address’ parameter and
honor it. Adjust ‘start’ method accordingly.
Change-Id: I87a9514f1c170dca756ce76083d7182c6ebf6578
| Ludovic Courtès |
2023-12-27 | chromium-extension: Compute json at argument evaluation time....* gnu/build/chromium-extension.scm (make-chromium-extension): Make use of the
make-signing-key procedure inside the argument field, making sure that it is
not evaluated at file-load time. This would otherwise try to resolve gnutls
when we can't guarantee it's defined because of dependency cycles.
Change-Id: Ia7b13acfbca475c2df073e9a88fc8bb9264dd968
| Josselin Poiret |
2023-12-22 | shepherd: Remove ‘make-forkexec-constructor/container’....This was superseded by ‘least-authority-wrapper’.
* gnu/build/shepherd.scm (read-pid-file/container)
(make-forkexec-constructor/container): Remove.
Change-Id: I6acccdff2609a35807608f865a4d381146113a88
| Ludovic Courtès |
2023-12-11 | gnu: cross-toolchain: Add set-cross-path for AVR....* gnu/build/cross-toolchain.scm (set-cross-path/avr): New procedure.
(cross-gcc-build-phases) [string-prefix? "avr"]: Return
set-cross-path/avr procedure.
Signed-off-by: Jean-Pierre De Jesus DIAZ <me@jeandudey.tech>
Change-Id: I00bd39236ac2e31fef02164a7fffc8b56a166f0d
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
| Jean-Pierre De Jesus DIAZ |
2023-12-11 | gnu: cross-gcc: Enable multilib for AVR....* gnu/build/cross-toolchain.scm (patch-multilib-shebang): New procedure.
* gnu/packages/avr.scm (make-avr-gcc): Remove uneeded phases and flags
for multilib.
* gnu/packages/cross-base (cross-gcc-arguments) <#:configure-flags>
[target-avr?]: Remove --disable-multilib and add --enable-multilib.
Change-Id: Id68d803057ac898f0a670f10487b08bf0891ab0b
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
| Jean-Pierre De Jesus DIAZ |
2023-12-10 | gnu: ‘make-icecat-extension’ inherits package location....This is an improvement for the purposes of ‘guix edit’ & co.
* gnu/build/icecat-extension.scm (make-icecat-extension): Add ‘location’
field.
Change-Id: I896ae6823b3fe4ea013fa74e2c536f45664d8042
| Ludovic Courtès |
2023-11-19 | linux-boot: Don't create /root before it's used....* gnu/build/linux-boot.scm (boot-system): Postpone the MKDIR of /root.
Change-Id: I589316a5ddf41cada02173ed4dd5b7df09b795e8
| Tobias Geerinckx-Rice |
2023-10-23 | gnu: icecat: Support Guix packaged extensions and native manifests....* gnu/build/icecat-extension.scm: New file with a MAKE-ICECAT-EXTENSION
procedure that makes sure the add-on directory is a symlink, so that Icecat
can normalize it into a package store path.
* gnu/local.mk (dist_patch_DATA): Register it, as well as new patches.
* gnu/packages/browser-extensions.scm (ublock-origin)[properties]: Store the
add-on ID so that it is accessible in MAKE-ICECAT-EXTENSION.
[arguments]: Use the add-on ID as root directory.
(ublock-origin/icecat): New procedure.
* gnu/packages/gnuzilla.scm (icecat-minimal)[arguments]: Rewrite the unused
'apply-guix-specific-patches' phase so that it applies the following two
patches.
[native-search-paths]: New field.
* gnu/packages/patches/icecat-compare-paths.patch: New patch that compares
add-on paths (which are package store paths) to detect package changes.
* gnu/packages/patches/icecat-use-system-wide-dir.patch: New patch that
replaces "/usr/lib/mozilla" (the system-wide directory for extensions and
native manifests) with "$ICECAT_SYSTEM_DIR".
| Clément Lassieur |
2023-10-15 | linux-modules: Fix module dependency loading....* gnu/build/linux-modules.scm (dot-ko): Make COMPRESSION optional,
as expected by callers RECURSIVE-MODULE-DEPENDENCIES and
LOAD-LINUX-MODULE*.
| Tobias Geerinckx-Rice |
2023-10-12 | accounts: Fix typo in comment....* gnu/build/accounts.scm (passwd->shadow): Fix typo in comment.
| Ludovic Courtès |
2023-10-08 | accounts: Ensure ‘last-change’ field of shadow entries is never zero....* gnu/build/accounts.scm (passwd->shadow): Add ‘max’ call so NOW is
greater than or equal to 1.
| Ludovic Courtès |
2023-10-01 | secret-service: Increase default handshake timeout....* gnu/build/secret-service.scm (secret-service-send-secrets):
Increase #:handshake-timeout.
| Ludovic Courtès |
2023-10-01 | hurd-boot: Setup/dev/hdX, /dev/hdXsY IDE device node translators....The gnumach builtin IDE hd devices are still used, unless booting with
"noide".
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Create /dev/hd{0..3},
/dev/hd{0..3}s{0..3}.
| Janneke Nieuwenhuizen |
2023-08-20 | Revert "gnu: system: Add home-directory-permissions field to <user-account>."...This reverts commit e9a5eebc785cb843034b38c5c5a6dd10904bdf2a, which
as far as I can tell breaks system roll-backs thusly:
[...]
In gnu/build/accounts.scm:
239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >)
In unknown file:
2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>)
In ice-9/boot-9.scm:
1685:16 1 (raise-exception _ #:continuable? _)
1685:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t
| Tobias Geerinckx-Rice |
2023-08-25 | gnu: system: Add home-directory-permissions field to <user-account>....* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New
field.
(user-account-home-directory-permissions): New accessor.
* gnu/build/activation.scm (activate-users+groups): Use home directory
permission bits from the user account object.
* doc/guix.texi (User Accounts): Document new field.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
| David Thompson |
2023-07-19 | marionette: Allow passing custom OCR arguments....* gnu/build/marionette.scm (%default-ocrad-arguments): New variable.
(invoke-ocrad-ocr, invoke-tesseract-ocr, marionette-screen-text)
[ocr-arguments]: New argument.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| Bruno Victal |
2023-07-13 | hurd-boot: Cater for netdde....* gnu/build/hurd-boot.scm (set-hurd-device-translators): Setup translators for
netdde, eth{0,1}. Create /servers/socket/{inet,inet6} symlinks.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
| Janneke Nieuwenhuizen |
2023-07-13 | hurd-boot: Setup pci-arbiter and rumpdisk translators....* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Create "servers/bus/pci.
(set-hurd-device-translators): Create transators for pci-arbiter, rumpdisk,
and /dev/wd0..3s1..4.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
| Janneke Nieuwenhuizen |
2023-06-14 | gnu: image: Add support for unformatted partitions....* gnu/build/image.scm (make-unformatted-image): New procedure.
(make-partition-image): Add support for unformatted partition.
* gnu/system/image.scm (system-disk-image)[partition->gpt-type]: Add
case for using unformatted partition uuid.
| Efraim Flashner |
2023-05-17 | hurd-boot: Symlink /hurd before setting up translators....* gnu/build/hurd-boot.scm (boot-hurd-system): Symlink /hurd before setting up
translators.
Reviewed-by: Janneke Nieuwenhuizen <janneke@gnu.org>
| Josselin Poiret |
2023-05-06 | services: dbus-service, secret-service: Do not cause (fibers) to be loaded....* gnu/build/dbus-service.scm (sleep*): Pass #:ensure #f to 'resolve-module'.
* gnu/build/secret-service.scm (wait-for-readable-fd): Likewise.
| Ludovic Courtès |
2023-02-26 | file-systems: Validate 'no-diratime flag....This follows up on commit c0773455397746b10194bc14c7cef144f4095b65, and
adds a comment to avoid this in future.
* gnu/system/file-systems.scm (invalid-file-system-flags):
Add 'no-diratime to the list of KNOWN-FLAGS.
| Tobias Geerinckx-Rice |
2023-01-30 | linux-container: 'container-excursion' forks to join the PID namespace....Fixes <https://issues.guix.gnu.org/61156>.
* gnu/build/linux-container.scm (container-excursion): Add extra call to
'primitive-fork' and invoke THUNK in the child process.
* tests/containers.scm ("container-excursion"): Remove extra
'primitive-fork' call, now unnecessary.
("container-excursion*, /proc"): New test.
| Ludovic Courtès |
2023-01-30 | container: Correctly report exit status....* gnu/build/linux-container.scm (container-excursion): Return the raw
status value.
* tests/containers.scm ("container-excursion, same namespaces"): Add
'status:exit-val' call.
* guix/scripts/container/exec.scm (guix-container-exec): Correctly
handle the different cases.
| Ludovic Courtès |
2022-12-24 | hurd-boot: Fix list of devices with translators....Fixes a regression introduced in
450f7740283ce160a7482d1c75e6e0ab17f2a6f0 and
e3c6575ee93741a43003cd1aa4663151dd90b9f5, which introduced
unquote-splicing without changing quote to quasiquote.
* gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Use
quasiquote, note quote.
| Ludovic Courtès |
2022-12-17 | activation: Firmware activation handles missing support in kernel....* gnu/build/activation.scm (activate-firmware): Check if firmware loading is
enabled before attempting to use it.
| Marius Bakke |
2022-12-12 | Merge branch 'version-1.4.0' | Ludovic Courtès |
2022-12-12 | image: Use 512 byte blocks for EFI partitions....Addresses <https://issues.guix.gnu.org/59695>.
* gnu/build/image.scm (make-vfat-image): When creating a fat filesystem
for UEFI bootable partition use 512 byte blocks.
| Efraim Flashner |
2022-12-10 | install: 'umount-cow-store' retries upon EBUSY....Possibly fixes <https://issues.guix.gnu.org/59884>.
* gnu/build/install.scm (umount*): New procedure.
(unmount-cow-store): Use it instead of 'umount'.
| Ludovic Courtès |
2022-11-28 | system: hurd: Create more ttys....* gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Add
more /dev/ttyN nodes.
* gnu/system/hurd.scm (%base-services/hurd): Add more
'hurd-getty-service-type' instances.
| Ludovic Courtès |