aboutsummaryrefslogtreecommitdiff
path: root/gnu/services/base.scm
AgeCommit message (Expand)Author
2024-11-03services: guix: Add access control to daemon socket....* gnu/services/base.scm (guix-configuration-socket-directory-{permissions,group,user}): New fields. (guix-shepherd-service): Use them. * doc/guix.texi (Base Services): Document them. Change-Id: I8f4c2e20392ced47c09812e62903c87cc0f4a97a Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reepca Russelstein
2024-10-15services: nscd: When cross-compiling, Use (cross-libc target)....* gnu/services/base.scm (nscd-configuration)[glibc]: When cross-compiling, Use (cross-libc target). Change-Id: Ib219459b1ec28f7edfac075e70be3d61edf72d27 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Zheng Junjie
2024-09-19services: file-system: Do not try to unmount /dev and /....Previously, when being stopped, the ‘user-file-systems’ service would attempt to unmount / and /dev, which was bound to fail. This was harmless, apart from a couple of lines in /var/log/messages, but it was wrong. * gnu/services/base.scm (file-system-shepherd-services)[user-unmount]: Remove “/” and “/dev” from the list of file systems subject to unmounting. Change-Id: Ieb68fe46c114909a64d54f885c94a9d7cd61f5e0 Ludovic Courtès
2024-09-09services: host-name: Use the host name as the running value....Previously, the “running value” of the ‘host-name’ service would be #<unspecified>. This change makes it more pleasing to the eye. * gnu/services/base.scm (host-name-service-type): ‘start’ returns NAME. Change-Id: I38b8320e43639b6623475871ca6fbad3a459eb59 Ludovic Courtès
2024-06-26services: guix: Default `channels' field to #f....In the absence of the /etc/guix/channels.scm file, %default-channels is used anyway. If user manually (or by extra-special-file) created the file, we should respect it. This commit therefore changes the default to #f, hopefully having zero impact on people not actively using the `channels' field. * gnu/services/base.scm (<guix-configuration>)[channels]: Set default to #f. Change-Id: I516c1735a037a153fabbebfc337051aaf0be2155 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Tomas Volf
2024-06-26services: Never throw when stopping mount-may-fail file systems....This is a followup to 7c27bd115b14afd142da7684cc349369965f9eab. * gnu/services/base.scm (file-system-shepherd-service): Catch 'system-error from ‘umount’ call when FILE-SYSTEM is marked as mount-may-fail. Change-Id: I2234f8da320b43089f4ee058cad8608ce9c078f8 Ludovic Courtès
2024-06-04services: base: Add optional delayed mount of file-systems...Add a mechanism to only require mounting a subset of file-system entries during early Shepherd initialization. Any file-system with additional Shepherd service requirements (e.g. networking) is not required to provision 'file-systems. * gnu/services/base.scm (file-system-shepherd-service): Splice file-system-requirements into the Shepherd service requirement list. (file-system-shepherd-services): Provision 'file-system only when file system services without additional Shepherd requirements are started. * gnu/system/file-systems.scm (file-system): Add shepherd-requirements field to the file-system record. This field is used for adding additional Shepherd requirements to a file-system Shepherd service. * doc/guix.texi: Add documentation for file-system shepherd-requirements. Change-Id: If0392db03d48e8820aa53df1df482c12ec72e1a5 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Richard Sent
2024-06-03services: nscd: Enable ‘passwd’ and ‘group’ caches by default....This allows users to specify NSS plugins such as LDAP via the ‘name-services’ field of <nscd-configuration>. Failing that, user code will dlopen whatever passwd/group plugins are listed in /etc/nsswitch.conf, which is likely to fail, typically because those are not in $LD_LIBRARY_PATH. * gnu/services/base.scm (%nscd-default-caches): Add ‘passwd’ and ‘group’ caches. Change-Id: I9c03346a1de2710685f7801eccd2e08007427f5d Ludovic Courtès
2024-06-02services: nscd: ‘log-file’ defaults to #f....* gnu/services/base.scm (<nscd-configuration>)[log-file]: Default to #f. * doc/guix.texi (Base Services): Clarify documentation. Change-Id: Ia75914fc2665db13bef688d53659083a615ebef4 Ludovic Courtès
2024-05-05services: guix: Use Shepherd 0.10 API for actions....The ‘action’ method was deprecated in Shepherd 0.10.0. * gnu/services/base.scm (shepherd-set-http-proxy-action) (shepherd-discover-action): Use ‘perform-service-action’ instead of the now-deprecated ‘action’ method. Change-Id: Ibe1c79a44148596292c2c8907011ec787f8a9ddd Ludovic Courtès
2024-05-04gnu: guix-configuration: Improve offload build-machines....It’s currently difficult to programmatically add a build-machine, because the `service-extension' mechanism is the only facility which can do that. It relies on the `guix-service-type', ala: (service-extension guix-service-type (guix-extension (build-machines (list ...)))) ...but `guix-service-type' is already instantiated as part of `%base-services', and replacing it may lose other configuration, like substitute servers and authorized keys. Additionally, a default value of `#f' for the build-machines field requires guarding uses of the field with: (or (guix-build-machines config) '()) Changing the default to be the empty list avoids that. One can now add build-machines with code such as: (modify-services %base-services (guix-service-type config => (guix-configuration (inherit config) (authorized-keys (cons %build-machine-key (guix-configuration-authorized-keys config))) (build-machines (cons #~(build-machine ...) (guix-configuration-build-machines config)))))) * gnu/services/base.scm (guix-configuration): Rename `guix-build-machines' to `guix-configuration-build-machines' and export it. Change the default from `#f' to the empty list. * gnu/services/base.scm (guix-activation): Update the build-machines test and reverse the conditions. Change-Id: I6780c6a5579fd9d4b4f22ee2b2bf7ba7a0454407 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Ian Eure
2024-04-06services: guix: Gracefully handle dangling symlink for ‘machines.scm’....Previously, if /etc/guix/machines.scm was a dangling symlink, it would be kept (because ‘file-exists?’ would return #f) and thus the following ‘symlink’ call would throw with EEXIST. * gnu/services/base.scm (guix-machines-files-installation): Use ‘lstat’ rather than ‘file-exists?’. Change-Id: I07c7eed842dacabbd19ae2a17ac3e59cf26e46b2 Ludovic Courtès
2024-03-30Merge branch 'gnome-team'Liliana Marie Prikler
2024-03-22services: guix: Add ‘channels’ field....* doc/guix.texi (Base Services): Document 'guix-configuration-channels' field. (Invoking guix pull): Add cross-reference. * gnu/services/base.scm (install-channels-file): New procedure. (guix-configuration): Add channels field. (guix-activation): Use 'install-channels-file' procedure. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Change-Id: I4d89235bf0bc6dde69984138ccb894b48ace9d76 Antero Mejr
2024-03-21services: guix-publish: Use ‘make-systemd-constructor’ unconditionally....The #:lazy-start? parameter was added in the Shepherd 0.10.0, which is required since commit 477d4f7d241165b5a5fd315c27efd7803fad4a04. * gnu/services/base.scm (guix-publish-shepherd-service): Use ‘make-systemd-constructor’ unconditionally and pass #:lazy-start?. Change-Id: I95aa079732cd21e32091c7deea2ed2f1bc50f2f2 Ludovic Courtès
2024-01-07Merge branch 'master' into gnome-teamLiliana Marie Prikler
2024-01-05daemon: Change default ‘timeout’ and ‘max-silent-time’ values....Having a timeout seems generally preferable as it makes sure build slots are not kept busy for no good reason (few package builds, if any, are expected to exceed these values). * nix/libstore/globals.cc (Settings::Settings): Change ‘maxSilentTime’ and ‘buildTimeout’. * gnu/services/base.scm (<guix-configuration>)[max-silent-time] [timeout]: Change default values. * doc/guix.texi (Invoking guix-daemon, Base Services): Adjust accordingly. Change-Id: I25c50893f3f7fcca451b8f093d9d4d1a15fa58d8 Ludovic Courtès
2023-12-20Merge branch 'master' into gnome-teamLiliana Marie Prikler
2023-12-14services: guix: Allow gexps evaluating to a list of build-machines....* gnu/services/base.scm (guix-machines-files-installation): Handle machines being a mixed list of build-machines and lists of build-machines. * doc/guix.texi (Base Services): Document it. Change-Id: Ie404562ca0b564413233c3a624046da831893dc3 Co-authored-by: Ludovic Courtès <ludo@gnu.org> Saku Laesvuori
2023-12-03Merge branch 'master' into HEAD...Change-Id: I3f5d121162d98ef2ae61a62c4da3b0fd19d864e8 Liliana Marie Prikler
2023-12-02gnu: Use ‘libc-utf8-locales-for-target’....* guix/packages.scm (%standard-patch-inputs): Use ‘libc-utf8-locales-for-target’ instead of ‘glibc-utf8-locales’. * guix/self.scm (%packages): Likewise. * gnu/home/services/ssh.scm (file-join): Likewise * gnu/installer.scm (build-compiled-file): Likewise. * gnu/packages/chromium.scm (ungoogled-chromium/wayland): Likewise. * gnu/packages/gnome.scm (libgweather4, tracker): Likewise. * gnu/packages/javascript.scm (js-mathjax): Likewise. * gnu/packages/package-management.scm (guix, flatpak): Likewise. * gnu/packages/raspberry-pi.scm (raspi-arm64-chainloader): Likewise. * gnu/packages/suckless.scm (svkbd): Likewise. * gnu/services.scm (cleanup-gexp): Likewise. * gnu/services/base.scm (guix-publish-shepherd-service): Likewise. * gnu/services/guix.scm (guix-build-coordinator-shepherd-services) (guix-build-coordinator-agent-shepherd-services): Likewise. * gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services): (guix-data-service-shepherd-services) (nar-herder-shepherd-services) (bffe-shepherd-services): Likewise. * gnu/services/web.scm (anonip-shepherd-service) (mumi-shepherd-services): Likewise. * gnu/system/image.scm (system-disk-image, system-iso9660-image) (system-docker-image, system-tarball-image): Likewise. * gnu/system/install.scm (%installation-services): Likewise. * guix/profiles.scm (info-dir-file): Likewise. (ca-certificate-bundle, profile-derivation): Likewise. * guix/scripts/pack.scm (store-database, set-utf8-locale): Likewise. * tests/pack.scm: Likewise. * tests/profiles.scm ("profile-derivation, cross-compilation"): Likewise. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Co-authored-by: Christopher Baines <mail@cbaines.net> Change-Id: I24239f427bcc930c29d2ba5d00dc615960a6c374 Janneke Nieuwenhuizen
2023-10-23Merge branch 'master' into gnome-team...Change-Id: Ib6f55bebef2fb235fa59fd5442102a3e0ace3191 Liliana Marie Prikler
2023-10-10gnu: udev-service-type: accept hardware description file extensions....The udev-configuration record now has a hardware field. The contents of the /etc/udev directory now includes hwdb.bin, which is computed when the system is instanciated (prior to system activation). The hardware description files used to generate hwdb.bin are not installed in /etc, because they are not required at run-time. The documentation has been reworked so as to explain why creating udev rules or hardware needs helper functions for configuration or extension. * gnu/services/base.scm (udev-hardware): New function. (file->udev-hardware): New function. (udev-hardware-service): New function. (udev-etc): Add hwdb.d and hwdb.bin. (module): Export udev-hardware, file->udev-hardware, and udev-hardware-service. (<udev-configuration>): Add the native-udev field. (udev-service-type) [extend]: Populate the hardware field. * doc/guix.texi (Base Services)[udev-service-type]: Explain configuration and extension values. * doc/guix.texi (Base Services)[udev-hardware]: Document it. [udev-hardware-service]: Same. * doc/guix.texi (Base Services)[udev-configuration]: Document the native-udev field. Vivien Kraus
2023-10-10services: udev: Make udev-rule helper functions generic....* gnu/services/base.scm (udev-configurations-union): New function. (udev-configuration-file): New function, use file->udev-configuration-file. (file->udev-configuration-file): New function. (udev-rules-union): Use udev-configurations-union. (udev-rule): Use udev-configuration-file. (file->udev-rule): Use file->udev-configuration-file. Vivien Kraus
2023-10-10services: udev: Rewrite udev-rule to use file->udev-rule....* gnu/services/base.scm (udev-rule): Use file->udev-rule. Vivien Kraus
2023-10-01services: guix: Support declarative offloading setup....* gnu/services/base.scm (guix-machines-files-installation): New procedure. (<guix-configuration>)[build-machines]: New field. (guix-activation): Call ‘ guix-machines-files-installation’. (<guix-extension>)[build-machines]: New field. (guix-extension-merge): Handle it. (guix-service-type)[extend]: Likewise. * doc/guix.texi (Daemon Offload Setup): Add note linking to ‘guix-configuration’. (Base Services): Document ‘build-machines’ field of <guix-configuration> and of <guix-extension>. (Virtualization Services): Add ‘hurd-vm’ anchor. Ludovic Courtès
2023-10-01services: guix: Use the right locale package on GNU/Hurd....Fixes a bug introduced in 0dd293b4d9095137c9952e16ca951f887b7e7018 whereby guix-daemon on GNU/Hurd would have ‘GUIX_LOCPATH’ set to the “wrong” locale data (2.35 instead of 2.37). Consequently, it would fail to setlocale(3) and calls to ‘std::stoi’ (when reading the output of ‘guix authenticate’) would throw, leading to this error message of guix-daemon: unexpected build daemon error: stoi This would manifest when sending store items to a childhurd: $ guix copy --to=localhost:10022 sed guix copy: sending 1 store item (1 MiB) to 'localhost'... guix copy: error: unknown error while sending files over SSH The “unknown error” is the ‘stoi’ exception. This commit fixes that, but for the ‘guix-daemon’ service only. * gnu/services/base.scm (guix-shepherd-service)[locales]: New variable. Use it instead of ‘glibc-utf8-locales’. Ludovic Courtès
2023-10-11services: static-networking: Add support for bonding....* gnu/services/base.scm (<network-link>): Add mac-address field. Set type field to #f by default, so it won't be mandatory. network-link without a type will be used for existing interfaces. (assert-network-link-mac-address, mac-address?): Add sanitizer. Allow valid mac-address or #f. (assert-network-link-type): Add sanitizer. Allow symbol or #f. * gnu/services/base.scm (network-set-up/linux, network-tear-down/linux): Adapt to new structure. * doc/guix.texi (Networking Setup): Document it. * gnu/tests/networking.scm (run-static-networking-advanced-test): New variable. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Alexey Abramov
2023-08-15services: Use more 'file-append'....* gnu/services/authentication.scm (pam-ldap-pam-service): Use 'file-append' instead of #~(string-append ...). * gnu/services/base.scm (greetd-pam-service): Likewise. * gnu/services/kerberos.scm (pam-krb5-pam-service): Likewise. * gnu/services/pam-mount.scm (pam-mount-pam-service): Likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Felix Lechner
2023-08-15services: pam-limits: Keep 'limits.conf' in the store....* gnu/services/base.scm (pam-limits-service-type)[pam-extension]: Wrap into a 'lambda' that takes 'limits-file'. Pass that in the <pam-entry> 'arguments' field. Define 'make-limits-file' and use it. Remove ETC-SERVICE-TYPE extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Felix Lechner
2023-07-13services: static-networking: Support netdde for the Hurd....As suggested by Sergey Bugaev on bug-hurd https://lists.gnu.org/archive/html/bug-hurd/2023-05//msg00455.html * gnu/services/base.scm (static-networking->hurd-pfinet-options): Use /DEV/ethX. Use long options for settrans. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> Janneke Nieuwenhuizen
2023-06-27services: pam-limits: Add lightdm....Without this a user's pam-limits-service-type configuration does not have an effect when using lightdm. * gnu/services/base.scm (pam-limits-service-type): Add "lightdm" to the list. John Kehayias
2023-06-14services: static-netwoking: Wait for devices to show up....Fixes <https://issues.guix.gnu.org/63516>. * gnu/services/base.scm (network-set-up/linux): Add call to 'wait-for-link'. Ludovic Courtès
2023-05-24services: guix: Depend on 'avahi-daemon' when 'discover?' is set....Previously, with shepherd 0.10.0, guix-daemon would start quickly, possibly before avahi-daemon is running. Consequently, its "guix discover" child process would exit immediately with a warning saying "Avahi daemon is not running". * gnu/services/base.scm (guix-shepherd-service): When DISCOVER? is true, add 'avahi-daemon' to 'requirement'. Ludovic Courtès
2023-05-21services: root-file-system: Remove reference to 'stop-logging'....* gnu/services/base.scm (%root-file-system-shepherd-service): In 'stop' method, remove reference to 'stop-logging'. That procedure is gone in Shepherd 0.10.0, leading to an unbound-variable exception. Additionally, calling is unnecessary since 0.4.0, where shepherd logs to syslog (thus the open file descriptor is not backed by an on-disk file). Ludovic Courtès
2023-05-21services: agetty: 'stop' method does nothing when running is 'idle....This is a followup to 57e731c358d000f614fbda23654cae6a5e79df80. * gnu/services/base.scm (agetty-shepherd-service): Change 'stop' method to return #f immediately when the running value is 'idle. Ludovic Courtès
2023-05-11system: pam: Let PAM extensions add shepherd requirements....* gnu/system/pam.scm (<pam-extension>): New record type. (pam-shepherd-service): Add Shepherd synchronization point. * gnu/services/mail.scm (dovecot-shepherd-service) * gnu/services/lightdm.scm (lightdm-shepherd-service) * gnu/services/mail.scm (opensmtpd-shepherd-service) * gnu/services/sddm.scm (sddm-shepherd-service) * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service) * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service) * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement. * gnu/system/pam.scm (/etc-entry, extend-configuration, pam-root-service-type, pam-root-service) * gnu/services/authentication.scm (pam-ldap-pam-service) * gnu/services/base.scm (pam-limits-service-type) (greetd-pam-service) * gnu/services/desktop.scm (pam-gnome-keyring) * gnu/services/kerberos.scm (pam-krb5-pam-service) * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use pam-extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Josselin Poiret
2023-05-11services: syslog: Do not call 'umask' in PID 1....Fixes a race condition when starting services in parallel with shepherd 0.10.x whereby a service might create files and directories with umask #o137. An example is the bitlbee service with its least-authority wrapper: the wrapper would create a tree with directories set to #o640, thereby making the whole directory tree inaccessible. * gnu/services/base.scm (syslog-shepherd-service): Pass #:file-creation-mask to 'make-forkexec-constructor' instead of calling 'umask' in PID 1. Ludovic Courtès
2023-04-30system: guix: Use config's ACL file location....* gnu/services/base.scm (substitute-key-authorization): Use %acl-file instead of hardcoded "/etc/guix/acl". Signed-off-by: Ludovic Courtès <ludo@gnu.org> Josselin Poiret
2023-04-21services: nscd: Depend on syslogd....This gets rid of nscd debug messages on the console at boot time. * gnu/services/base.scm (nscd-shepherd-service): Add dependency on 'syslogd'. Ludovic Courtès
2023-04-21services: syslog: Log auth.info to /var/log/secure in default configuration....This causes authentication failures such as those generated by SSH brute force attacks to appear in /var/log/secure, which is picked up by tools such as fail2ban. * gnu/services/base.scm (%default-syslog.conf): Add a auth.info selector for the /var/log/secure log. Series-to: 62802@debbugs.gnu.org Maxim Cournoyer
2023-04-21services/syslog: Strip leading white space indent in syslog.conf....This is a cosmetic change. * gnu/services/base.scm (%default-syslog.conf): Add a comment referencing the documentation. Strip the extraneous leading trailing white space indent. Maxim Cournoyer
2023-04-21services: syslog: Add a reload action....* gnu/services/base.scm (syslog-service-type) [actions]: Add a reload action. * doc/guix.texi (Base Services): Document it. Maxim Cournoyer
2023-04-21services: syslog: Move configuration to /etc/syslog.conf....Having the configuration live at a static location makes it possible to hot-reload it. * gnu/services/base.scm (syslog.conf): New variable. (syslog-etc, syslog-shepherd-service): New procedures. (syslog-service-type): Rewrite using the above new variable and procedures, extending etc-service-type with its configuration file. Maxim Cournoyer
2023-04-17services: agetty: 'term-console' succeeds by default....Previously, on a typical setup without "console=ttyS0" or similar in 'kernel-arguments', the 'term-console' Shepherd service would always be marked as failing to start. This is undesirable because it raises a false alarm: the service is expected to do nothing in this case. This patch instead marks it as succeeding and logs a message explaining it's doing nothing. * gnu/services/base.scm (agetty-shepherd-service): In 'start' method, succeed when TTY is #f and print a message. Ludovic Courtès
2023-04-07services: guix-publish: Remove 'compression-level' field....* gnu/services/base.scm (<guix-publish-configuration>)[compression-level]: Remove field. (guix-publish-configuration-compression-level): Remove procedure. (default-compression): Remove compression-level helper code. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Bruno Victal
2023-04-07services: base: Remove 'console-font-service' procedure....* gnu/services/base.scm (console-font-service): Remove procedure. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Bruno Victal
2023-04-07services: base: Remove 'console-keymap-service-type' variable....* gnu/services/base.scm (console-keymap-service-type): Remove variable. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Bruno Victal
2023-03-30services: pam-limits-service-type: Deprecate file-like object support in favo......* doc/guix.texi (Base Services): Document it. * gnu/local.mk: Register test. * gnu/services/base.scm (pam-limits-service-type): Accept both lists and file-like objects. Deprecate file-like object support. * gnu/tests/pam.scm: New file. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Bruno Victal
2023-03-30services: base: Deprecate 'pam-limits-service' procedure....* doc/guix.texi (Base Services): Replace pam-limits-service with pam-limits-service-type. * gnu/packages/benchmark.scm (python-locust)[description]: Update index anchor to manual. * gnu/services/base.scm (pam-limits-service-type): Set default value. (pam-limits-service): Deprecate procedure. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Bruno Victal