Age | Commit message (Expand) | Author |
2024-11-11 | system: hurd: Add swap-services to hurd-default-essential-services....* gnu/services/base.scm (swap-service-type): Do not include 'udev' requirement
for the Hurd. Use system* with "swapon", "swapoff" for the Hurd.
* gnu/system.scm (hurd-default-essential-services): Add swap-services.
* gnu/services/base.scm (swap-service-type):
Change-Id: I1d4d445c614921752dc84aa0dd6ff42cdbf62aa8
| Janneke Nieuwenhuizen |
2024-11-03 | system: %default-privileged-programs: Set ping capabilities...Ping and ping6 don't need setuid, they can work with
cap_net_raw capability only. This means that even if
ping or ping6 had a vulnerability that could be
used for execution as root, it can't anymore if
the program is not setuid.
* gnu/system.scm (%default-privileged-programs): Remove ping, ping6 setuid
programs, add ping, ping6 programs with cap_net_raw=ep capabilities
Change-Id: Ie409b477f548dbff3318eec33d0d2ca16a1b3209
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Rutherther |
2024-10-24 | gnu: system: Privilege programs after creating accounts....Ensure that users and groups are already created when the privileging script
runs. The order these scripts appear in the folded activation-service depends
on the order these services are instantiated in the operating-system.
Fixes <https://issues.guix.gnu.org/73680>.
* gnu/system.scm (operating-system-default-essential-services): Move
privileged-program-service above account-service.
(hurd-default-essential-services): Likewise.
* gnu/tests/base.scm (%activation-os): New variable.
(run-activation-test): New procedure.
(%test-activation): New variable.
Change-Id: I59a191c5519475f256e81bdf2dc4cb01b96c31fe
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Dariqq |
2024-08-11 | system: Add privileged-programs to <operating-system>....* gnu/system.scm (<operating-system>): Add new privileged-programs
field, that defaults to…
(%default-privileged-programs): …this new variable, renamed from…
(%setuid-programs): …this, which is now defined as the empty list.
* doc/guix.texi (Setuid Programs): Rename this…
(Privileged Programs): …to this. Adjust all refs. Update all mentions
of ‘setuid’ (whether in prose, variable names, or code samples) to use
the new ‘privilege[d]’ terminology instead.
(operating-system Reference, X Window, Invoking guix system)
(Service Reference): Adjust likewise.
| Tobias Geerinckx-Rice |
2024-08-11 | system: Use privileged-program-service-type by default....* gnu/system.scm (operating-system-default-essential-services)
(hurd-default-essential-services): Substitute
privileged-program-service-type for setuid-program-service-type.
| Tobias Geerinckx-Rice |
2024-08-11 | system: Use /run/privileged/bin in search paths....* gnu/system.scm (operating-system-etc-service):
Substitute /run/privileged/bin for deprecated /run/setuid-programs.
| Tobias Geerinckx-Rice |
2024-08-11 | system: Disallow file-like setuid-programs....It has been a warning for well over a year now. Now, with
privileged-programs coming, don't let's support nested deprecation
hacks.
* gnu/system.scm (<operating-system>):
Don't ‘sanitize’ the setuid-programs field.
(ensure-setuid-program-list): Delete syntax.
(%ensure-setuid-program-list): Delete variable.
| Tobias Geerinckx-Rice |
2024-05-15 | system: Do not delete all nss-certs packages when they are the same object....Calling 'delete' on the list of packages would delete *all* occurrences of a
given object, not just the first one. This meant that if the user had
something like:
(packages (cons nss-certs %base-packages))
In their operating system declaration, no nss-certs would end up in the final
list. To guard against this, guard against this by checking that more than
one nss-certs package exist even after deduplication.
* gnu/system.scm (operating-system-packages): Guard against deleting all
nss-certs when a single nss-certs package object is listed multiple times.
Fixes: https://issues.guix.gnu.org/70850
Change-Id: Id93be9242e026fd2e96a442941df80b94664ef9a
| Maxim Cournoyer |
2024-04-28 | system: Fix duplicate nss-certs check....* gnu/system.scm (operating-system-packages): Because packages->manifest
allows other formats, don't assume it's a package object in the list.
Fixes: https://issues.guix.gnu.org/70624
Change-Id: I91c64ca2c463ef5c35fa23856e4622e364e58988
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| nathan |
2024-04-26 | system: Warn when multiple nss-certs packages are used....This can happen due to users providing 'nss-certs' and adding it to the
%base-packages, which now include 'nss-certs'.
* gnu/system.scm (operating-system-packages): Warn when multiple nss-certs
packages are detected; keep only the latest one.
Change-Id: I6104f134ea1cc155ae9e8e0ae70bb5a38fc05800
Reported-by: Ian Eure <ian@retrospec.tv>
| Maxim Cournoyer |
2024-04-18 | system: Add 'nss-certs' to %base-packages-networking....See the discussion at
<https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00020.html>.
* gnu/system.scm (%base-packages-networking): Add nss-certs.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Change-Id: I24f336e4bb25561d0ec9344a1a4061d2ecc9aed8
| Jacob Hrbek |
2024-04-17 | gnu: ath9k-htc-firmware: Split package....* gnu/local.mk (dist_patch_DATA): Remove ath9k-htc-firmware-objcopy.patch.
* gnu/packages/firmware.scm (ath9k-htc-firmware): Remove.
(ath9k-htc-ar7010-firmware, ath9k-htc-ar9271-firmware): New variables.
* gnu/packages/patches/ath9k-htc-firmware-objcopy.patch: Delete file.
* gnu/system.scm (%base-firmware): Use new ath9k packages.
Change-Id: I86259e398427abd139c1f310a95bb15e2c03cee3
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| Jean-Pierre De Jesus DIAZ |
2024-03-22 | system, home: Validate ‘services’ field value....This guides newcomers who might stick a single (service …) form
in this field.
* gnu/services.scm (validate-service-list): New macro.
(%validate-service-list): New procedure.
* gnu/system.scm (<operating-system>)[services]: Add ‘sanitize’.
* gnu/home.scm (<home-environment>)[services]: Add ‘sanitize’.
Change-Id: I9e29bd9a078e87b627ab766fd669ba9de79f8473
| Ludovic Courtès |
2024-02-19 | system: Omit “root=” kernel argument when root device is “none”....* gnu/system.scm (bootable-kernel-arguments): Fallback to tmpfs
if root is "none".
Change-Id: I35a656e71169dc786e5256d98a3c04c65043086d
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Nicolas Graves |
2024-01-08 | system: hurd: Use the Shepherd 0.10.x....* gnu/system.scm (hurd-default-essential-services): Remove reference to
‘shepherd-0.8’.
* gnu/system/hurd.scm (%base-packages/hurd): Replace ‘shepherd-0.8’ with
‘shepherd-0.10’.
Change-Id: I9f1800693cda456286450d3d0bb6f7e3da85d55e
| Ludovic Courtès |
2023-12-25 | gnu: Adjust to removing ed.scm and nano.scm...This is a follow-up to f6817e71dff7d0d9fdb55db8b85a1d3d04e2bf5a and
e11e65a9ad08e18ea2faac3c9f4639a7b189bf76.
* gnu/installer.scm, gnu/packages/algebra.scm, gnu/packages/base.scm,
gnu/packages/cook.scm, gnu/packages/lisp.scm,
gnu/packages/patchutils.scm, gnu/packages/version-control.scm,
gnu/packages/web-browsers.scm, gnu/system.scm: Adjust module imports.
Change-Id: I25e5519fa003c35a14b81c3dda37b24527858634
| Efraim Flashner |
2023-07-30 | system: Fix a blown FUSE....I bungled up a merge conflict between 789f7e9 (gnu: fuse@3: Bind to
default FUSE variable.) and my other setuid-related changes.
* gnu/system.scm (%setuid-programs): Look for /bin/fusermount in
FUSE-2, not 3.
Reported by renngar[m] in #guix.
| Tobias Geerinckx-Rice |
2023-07-23 | gnu: fuse@3: Bind to default FUSE variable....* gnu/packages/linux.scm (fuse): Rename this…
(fuse-2): …to this, and…
(fuse-3): …rename this…
(fuse): …to this!
(fuse-static): Rename this…
(fuse-2-static): …to this.
Adjust all users.
| Tobias Geerinckx-Rice |
2023-07-13 | system: hurd: Boot with pci.arbiter and rumpdisk....* gnu/system.scm (hurd-multiboot-modules): Add commands for pci.arbiter and
rumpdisk.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
| Janneke Nieuwenhuizen |
2023-05-10 | system: Fix reference to Hurd bug in comment....* gnu/system.scm (hurd-multiboot-modules): Fix bug reference in
comment.
| Ludovic Courtès |
2023-04-14 | Merge branch 'master' into core-updates....Conflicts:
gnu/local.mk
gnu/packages/build-tools.scm
gnu/packages/certs.scm
gnu/packages/check.scm
gnu/packages/compression.scm
gnu/packages/cups.scm
gnu/packages/fontutils.scm
gnu/packages/gnuzilla.scm
gnu/packages/guile.scm
gnu/packages/ibus.scm
gnu/packages/image-processing.scm
gnu/packages/linux.scm
gnu/packages/music.scm
gnu/packages/nss.scm
gnu/packages/pdf.scm
gnu/packages/python-xyz.scm
gnu/packages/qt.scm
gnu/packages/ruby.scm
gnu/packages/shells.scm
gnu/packages/tex.scm
gnu/packages/video.scm
gnu/packages/vulkan.scm
gnu/packages/web.scm
gnu/packages/webkit.scm
gnu/packages/wm.scm
| Maxim Cournoyer |
2023-03-30 | system: Remove obsolete GUIX_LOCPATH workaround....* gnu/system.scm (operating-system-environment-variables): Do not set GUIX_LOCPATH.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-03-20 | Merge remote-tracking branch 'origin/master' into core-updates | Andreas Enge |
2023-03-16 | services: etc-service: Deprecate etc-service procedure....* gnu/services.scm (etc-service): Deprecate procedure.
* gnu/system.scm (operating-system-etc-service): Replace etc-service
with etc-service-type.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-03-13 | system: Remove redundant gexp-ungexp usage....* gnu/system.scm (os-release): Convert to variable.
(operating-system-etc-service): Remove redundant gexp-ungexps.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-03-13 | system: Simplify nsswitch binding....* gnu/system.scm (operating-system-etc-service): Simplify nsswitch binding.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-03-02 | Merge remote-tracking branch 'savannah/master' into core-updates...Conflicts:
gnu/local.mk
gnu/packages/autotools.scm
gnu/packages/cmake.scm
gnu/packages/gnuzilla.scm
gnu/packages/haskell.scm
gnu/packages/pdf.scm
gnu/packages/python-xyz.scm
gnu/packages/samba.scm
gnu/packages/tex.scm
gnu/packages/tls.scm
gnu/packages/wxwidgets.scm
| Christopher Baines |
2023-03-03 | services: base: Deprecate 'host-name-service' procedure....* doc/guix.texi (operating-system Reference): Reorder cross-reference.
Add an anchor to be used ...
(Base services): ... here by host-name-service-type. Document
host-name-service-type.
* gnu/services/base.scm: Export host-name-service-type.
(host-name-service): Deprecate procedure.
* gnu/system.scm (operating-system-default-essential-services): Use
host-name-service-type.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-02-23 | system: Do not export local-host-entries....Unlike the deprecated 'local-host-aliases', there's no use for
local-host-entries since it's used to set the default value for
hosts-service-type. Given that this service-type is expected to be
extended, one presumes that when they explicitly override the service
default value they do not have much interest in the 'local-host-entries'
procedure.
* gnu/system.scm: Do not export local-host-entries.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-02-09 | system: Deprecate hosts-file....* gnu/system.scm (operating-system-hosts-file): Deprecate procedure.
(warn-hosts-file-field-deprecation): New procedure, helper for
deprecated variable.
(operating-system)[hosts-file]: Use helper to warn deprecated field.
(local-host-aliases): Mark as deprecated.
(local-host-entries): New procedure.
(operating-system-default-essential-services,
hurd-default-essential-services): Use hosts-service-type. Use
'%operating-system-hosts-file' and 'local-host-entries'.
(default-/etc/hosts): Remove procedure.
(operating-system-etc-service): Remove hosts file.
* doc/guix.texi (operating-system Reference)
(Networking Services) (Virtualization Services): Rewrite documentation
entries to use hosts-service-type.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2023-01-30 | Merge remote-tracking branch 'origin/master' into core-updates... Conflicts:
doc/guix.texi
gnu/local.mk
gnu/packages/admin.scm
gnu/packages/base.scm
gnu/packages/chromium.scm
gnu/packages/compression.scm
gnu/packages/databases.scm
gnu/packages/diffoscope.scm
gnu/packages/freedesktop.scm
gnu/packages/gnome.scm
gnu/packages/gnupg.scm
gnu/packages/guile.scm
gnu/packages/inkscape.scm
gnu/packages/llvm.scm
gnu/packages/openldap.scm
gnu/packages/pciutils.scm
gnu/packages/ruby.scm
gnu/packages/samba.scm
gnu/packages/sqlite.scm
gnu/packages/statistics.scm
gnu/packages/syndication.scm
gnu/packages/tex.scm
gnu/packages/tls.scm
gnu/packages/version-control.scm
gnu/packages/xml.scm
guix/build-system/copy.scm
guix/scripts/home.scm
| Efraim Flashner |
2023-01-05 | system: Define default 'PS1' in /etc/bashrc rather than ~/.bashrc....Users can override 'PS1' in ~/.bashrc if they wish.
Previously, on Guix Home, the "default" 'PS1' would be set in ~/.bashrc
when 'home-bash-configuration-guix-defaults?' is true, preventing users
from overriding it via the 'environment-variables' field of
'home-bash-extension'.
* gnu/system/shadow.scm (%default-bashrc): Remove 'PS1' setting.
* gnu/system.scm (operating-system-etc-service): Define PS1 in
/etc/bashrc.
* gnu/home/services/shells.scm (add-bash-configuration): When
'home-bash-configuration-guix-defaults?' is true, add a default 'PS1' to
~/.bash_profile.
| Ludovic Courtès |
2022-12-05 | system: Add e2fsprogs to %base-packages-utils....Rationale: Even when not using an ext file system, the utilities provided by
e2fsprogs are useful, for example to set the copy-on-write attribute of a
Btrfs file system.
* gnu/system.scm (%base-packages-utils): Add e2fsprogs.
| Maxim Cournoyer |
2022-12-05 | system: Rename and move %base-packages-disk-utilities....Rationale: It is only used in INSTALLATION-OS and doesn't make sense to be
used in another context, given that file systems now automatically pull their
dependencies since commit 45eac6cdf5c8d9d7b0c564b105c790d2d2007799 (services:
Add file system utilities to profile).
* gnu/system.scm (%base-packages-disk-utilities): Deprecate and rename to...
* gnu/system/install.scm (%installer-disk-utilities): ... this.
(installation-os) [packages]: Adjust accordingly.
| Maxim Cournoyer |
2022-11-27 | gnu: shadow: Merge in shadow-with-man-pages....* gnu/packages/admin.scm (shadow)[arguments]: Add phase to install the
manpages. Make sure 'remove-groups comes after installing the manpages.
[properties]: Remove field.
(shadow-with-man-pages): Remove variable.
* gnu/system.scm (%base-packages-utils): Replace shadow-with-man-pages
with shadow.
| Efraim Flashner |
2022-10-23 | gnu: Fix typos....* gnu/packages/emacs-xyz.scm (emacs-piem)[description]: Fix use of "This
packages".
* gnu/packages/tex.scm (texlive-hardwrap)[description]: Fix spelling of
"arbitrary".
* gnu/packages/cran.scm (r-shinymanager)[description]: Fix spelling of
"authentication".
* gnu/packages/lisp-xyz.scm (sbcl-utils-kt)[description]: Fix spelling of
"developed".
* gnu/packages/crates-io.scm (rust-fs-utils-1)[description]: Fix spelling of
"filesystem".
[synopsis]: Likewise.
* gnu/packages/haxe.scm (neko)[description]: Fix spelling of "functions".
* gnu/packages/animation.scm (swftools)[description]: Fix needless
pluralization of "information".
* gnu/packages/lisp-xyz.scm (sbcl-slot-extra-options)[description]: Fix
spelling of "inheritance".
* gnu/packages/emacs-xyz.scm (emacs-js-comint)[description]: Fix spelling of
"interpreter".
* gnu/packages/coq.scm (coq-mathcomp-finmap)[description]: Fix spelling of
"library".
* gnu/services/lightdm.scm (lightdm-configuration): Fix spelling of
"mechanism".
* gnu/packages/emacs-xyz.scm (emacs-citar-org-roam)[synopsis]: Fix spelling of
"package".
* gnu/packages/games.scm (freerct)[description]: Fix spelling of
"responsibilities".
* gnu/packages/statistics.scm (r-mixedpower)[description]: Fix spelling of
"separate".
* gnu/packages/accessibility.scm (espeakup)[description]: Fix spelling of
"speech".
* gnu/packages/bioinformatics.scm (r-skitools)[synopsis]: Fix spelling of
"utilities".
* gnu/packages/golang.scm (go-github-com-savsgio-gotils)[synopsis]: Fix
spelling of "utilities".
[description]: Likewise.
* gnu/system.scm (boot-file-system-service os): Fix spelling of "utilities".
| Vagrant Cascadian |
2022-10-23 | system: hurd: Boot with the statically-linked 'exec' server....This works around <https://issues.guix.gnu.org/58631>.
* gnu/system.scm (hurd-multiboot-modules): Use '/hurd/exec.static'
instead of 'ld.so /hurd/exec'.
| Ludovic Courtès |
2022-10-11 | system: operating-system: Make the timezone field default to Etc/UTC....* gnu/system.scm (<operating-system>) [timezone]: Default to "Etc/UTC".
| Maxim Cournoyer |
2022-09-28 | services: Add file system utilities to profile....* gnu/services/base.scm (file-system-type->utilities)
(file-system-utilities): New procedures.
(file-system-service-type): Extend 'profile-service-type' with
'file-system-utilities'.
* gnu/system.scm (boot-file-system-service): New procedure.
(operating-system-default-essential-services): Use it.
(%base-packages): Remove 'e2fsprogs'.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| Brice Waegeneire |
2022-07-14 | gnu: system: Add fusermount3 to setuid-programs....Fixes <https://issues.guix.gnu.org/47716>.
* gnu/system.scm (%setuid-programs): Add /bin/fusermount3 from the fuse-3
package.
Reported-by: raingloom <raingloom@riseup.net>
| Maxim Cournoyer |
2022-06-15 | system: <operating-system> compiler truly honors the 'system' argument....Fixes <https://issues.guix.gnu.org/55951>.
* gnu/system.scm (operating-system-compiler): Parameterize
'%current-system' and '%current-target-system' before calling
'operating-system-derivation'.
* tests/system.scm ("lower-object, %current-system sensitivity"): New
test.
| Ludovic Courtès |
2022-06-06 | system: Fix typo, add doc....* gnu/system.scm (operating-system-kernel-arguments): Fix typo in doc.
(boot-parameters->menu-entry): Add doc.
| Maxim Cournoyer |
2022-05-21 | system: Improve warning when using LUKS mapped devices without UUIDs....This corrects two problems with the previous mapped devices warning:
1. It wasn't clear how to correct the situation.
2. The output would be repeated multiple times, as many times as the procedure
is called during a system reconfigure.
* gnu/system.scm (operating-system-bootloader-crypto-devices): Memoize
procedure. Include the mapped devices source location information in the
warnings. Add a hint to help users fix the warning.
| Maxim Cournoyer |
2022-04-07 | services: shepherd: Default to version 0.9....* gnu/services/shepherd.scm (scm->go): Define 'shepherd&co' and pass it
to 'with-extensions'.
(shepherd-configuration-file): Call 'start-in-the-background' when it is
defined.
(<shepherd-configuration>)[shepherd]: Default to SHEPHERD-0.9.
* gnu/system.scm (hurd-default-essential-services): Use SHEPHERD-0.8.
| Ludovic Courtès |
2022-03-21 | system: Use 'shadow-with-man-pages' in %BASE-PACKAGES-UTILS....* gnu/system.scm (%base-packages-utils): Replace SHADOW with
SHADOW-WITH-MAN-PAGES.
| Ludovic Courtès |
2022-03-16 | system: Improve 'read-boot-parameters' incompatibility diagnostic....Previously, when reading an incompatible "parameters" file, 'guix
system' would print a warning and then crash with a wrong-type-arg
backtrace because code expects 'read-boot-parameters' to always return a
<boot-parameters> record.
* gnu/system.scm (read-boot-parameters): Upon incompatibility, raise an
error instead of returning #f. Also raise a '&fix-hint' condition.
* tests/boot-parameters.scm ("read, construction, mandatory fields"):
Define 'test-read-boot-parameters' as a macro; expect
'formatted-message?' exceptions rather than #f returns.
| Ludovic Courtès |
2022-03-07 | system: Set kernel name for riscv64-linux....* gnu/system.scm (system-linux-image-file-name): Add option for riscv64.
| Efraim Flashner |
2022-03-01 | initrd: Use non-hyphenated kernel command-line parameter names....This is to make it less surprising, given the common convention sets forth by
the kernel Linux command-line parameters.
* gnu/build/linux-boot.scm (boot-system): Rename '--load', '--repl', '--root'
and '--system' to 'gnu.load', 'gnu.repl', 'root' and 'gnu.system',
respectively. Adjust doc.
(find-long-option): Adjust doc.
* gnu/installer/parted.scm (installer-root-partition-path): Adjust accordingly.
* gnu/system.scm (bootable-kernel-arguments): Add a VERSION argument and
update doc. Use VERSION to conditionally return old style vs new style initrd
arguments.
(%boot-parameters-version): Increment to 1.
(operating-system-boot-parameters): Adjust doc.
(operating-system-boot-parameters-file): Likewise.
* gnu/system/linux-initrd.scm (raw-initrd, base-initrd): Likewise.
* doc/guix.texi: Adjust doc.
* gnu/build/activation.scm (boot-time-system): Adjust accordingly.
* gnu/build/hurd-boot.scm (boot-hurd-system): Likewise.
* gnu/packages/commencement.scm (%final-inputs-riscv64): Adjust comment.
| Maxim Cournoyer |
2022-03-01 | system: Streamline operating-system-boot-parameters-file a bit....* gnu/system.scm (operating-system-boot-parameters-file)
[SYSTEM-KERNEL-ARGUMENTS?]: Remove unused argument (it had no callers) and
adjust doc, moving the self-referential tip to...
* gnu/system.scm (operating-system-boot-parameters): ... here, reworded for
clarity.
Suggested-by: Ludovic Courtès <ludo@gnu.org>
| Maxim Cournoyer |
2022-03-01 | system: Add a version field to the <boot-parameters> record....This version field exposes the (already present) version information of a boot
parameters file.
* gnu/system.scm (%boot-parameters-version): New variable.
(<boot-parameters>)[version]: New field.
(read-boot-parameters): Use it.
(operating-system-boot-parameters-file): Likewise.
* tests/boot-parameters.scm (test-read-boot-parameters): Use
%boot-parameters-version as the default version value in the template.
| Maxim Cournoyer |