| Age | Commit message (Expand) | Author |
|---|
| 5 days | services: Allow specifying user and group for knot resolver....Kresd used to start as root and create cache files with root ownership before
dropping privileges. This made unprivileged kres-cache-gc (in a separate
service) fail when trying to read them. The new default is to start both as
`knot-resolver', with configuration fields that allow overriding this default.
* gnu/services/dns.scm (<knot-resolver-configuration>)[user]: New field.
(<knot-resolver-configuration>)[group]: New field.
(knot-resolver-shepherd-services): Pass the user&group from config to forkexec
constructors.
Change-Id: Id06a8eca140fdca14995a03e910f521d5f4636e5
| W. Kosior |
| 5 days | gnu: Add tmate-ssh-server....* gnu/packages/ssh.scm (tmate-ssh-server): New variable.
Change-Id: Idfc1f1d8835c0681fb957b85a142c0888a15fa04
| W. Kosior |
| 5 days | services: Update cron service to use `privileged-program' API....Uses of deprecated `setuid-program' get replaced with new
`privileged-program'.
* gnu/services/mcron.scm (cron-daemon-setuid-programs): Use
`privileged-program'.
(cron-daemon-service-type): Extend `privileged-program-service-type'.
Change-Id: I819bf75a0bb23c9b2e97ebcb144ca8adb81a9dde
| W. Kosior |
| 5 days | gnu: mcron: Add traditional cron service....TODO: write good changelog entry
Change-Id: Ib1e8f1afcbaae302eac51883e3b02a1d2c32a89e
| W. Kosior |
| 5 days | gnu: gmnisrv: Fix config loading....* gnu/packages/web.scm (gmnisrv)[arguments]<#:phases>: Patch hostname handling
in `src/config.c'.
Change-Id: Ic79591eb45d63732d0d786a2c9994c60c9b84934
| Wojtek Kosior |
| 5 days | gnu: gmnisrv: Use Gexp....* gnu/packages/web.scm (gmnisrv)[arguments]: Use G-Expression.
Change-Id: Ib8d9379e8b2a3940b8a5297622247a3c7a0454ca
| Wojtek Kosior |
| 5 days | services: Add epicyon-service-type....* gnu/services/web.scm (define-module): Use `util-linux' from `(gnu packages
linux)'.
[#:export]: Export new service type as well as configuration constructor,
predicate and getters.
(<epicyon-configuration>): New variable.
(epicyon-activation): New procedure.
(%epicyon-passwd): New variable.
(%ensure-epicyon-overlay-unmounted): New variable.
(epicyon-shepherd-services): New procedure.
(epicyon-service-type): New variable.
Change-Id: I9e786594b75b588099d3b9f6b0ab5663903c9db4
| W. Kosior |
| 5 days | gnu: Add epicyon....* gnu/packages/python-web.scm (define-module): Use `(gnu packages
imagemagick)' and `(gnu packages/photo)' modules.
(epicyon): New variable.
Change-Id: I736cb955038659ee7c88fc2f3e1da198e3c9f70f
| W. Kosior |
| 5 days | gnu: Add python-django-timezone-field....* gnu/packages/django.scm (python-django-timezone-field): New variable.
Change-Id: I3f500a7a088f0311df4962391bdc692d710176e4
| W. Kosior |
| 5 days | services: ldap: Increase pid file timeout for 389-ds....* gnu/services/ldap.scm (directory-server-shepherd-service): Add
`#:pid-file-timeout 30`.
Change-Id: Ie7b3a7c7347b53d4e3629ef2de53c3a76f6751c0
| Wojtek Kosior |
| 5 days | services: ldap: Fix exported name....* gnu/services/ldap.scm (use-modules): Export `backend-userroot-configuration'
instead of non-existent `backend-configuration'.
Change-Id: I07c6d1c777bc42fa4afc3f23dc9d36080beb5bbc
| Wojtek Kosior |
| 5 days | home: services: Add localhost-repo-server....* gnu/home/services/vcs.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Record 'home/services/vcs.scm'.
Change-Id: I37d3c1dacc26eb31b9b7ec434ed760c7cf84cc32
| Wojtek Kosior |
| 5 days | gnu: Add guile-cantius....* gnu/packages/guile-xyz.scm (guile-cantius): New variable.
Change-Id: Iccc7385ae5c3f762f53705c8ebe876f7ad08da00
| Wojtek Kosior |
| 5 days | gnu: Add guile-de-paul-records....* gnu/packages/guile-xyz.scm (guile-de-paul-records): New variable.
Change-Id: I869c65666f83aedec7a34809b66396798e62e2cf
| Wojtek Kosior |
| 5 days | gnu: Add guile-myra-test-utils....* gnu/packages/guile-xyz.scm (guile-myra-test-utils): New variable.
Change-Id: I20ae86fa5fab953524786bffefa3cac9703128df
| Wojtek Kosior |
| 5 days | gnu: Add lawrence-bolierplate....* gnu/packages/autotools.scm (lawrence-boilerplate): New variable.
Change-Id: Ib29e2ef3165ee151226ac4d4bc41ec5b51df8038
| Wojtek Kosior |
| 5 days | system: Allow adding elsewhere-defined system users to extra groups....* gnu/system.scm (define-module): Export `operating-system-extra-groups`.
(<operating-system>)[extra-groups]: New field.
(operating-system-default-essential-services): Also pass extra groups to
account-service.
(hurd-default-essential-services): Same here.
* gnu/system/accounts.scm (define-module): Use (ice-9 vlist), (srfi srfi-8)
and (srfi srfi-26). Export `user-extra-groups`* and `merge-extra-groups-data`.
(<user-extra-groups>): New record type.
(user-account-extend): New procedure.
(merge-extra-groups-data): New procedure.
* gnu/system/shadow.scm (define-module): Re-export `user-extra-groups`*.
(account-service-type)[extend]: Handle <user-extra-groups> records, move field
intializer upward to be able to use `compose`.
Change-Id: I3f489ac794d342267b7627db1d28315ea4b69db2
| Wojtek Kosior |
| 5 days | services: Add overlayfs-service-type....The `overlayfs-service-type` allows overlay filesystems to be automatically
mounted upon boot and reconfiguration.
* gnu/services/overlayfs.scm: New file.
* gnu/local.ml (GNU_SYSTEM_MODULES): Add it.
Change-Id: I94bb3e3a29648faa354931f3c1cebc5947ab1d5c
| Wojtek Kosior |
| 5 days | services: certbot: Facilitate granting key read access to groups....* gnu/services/certbot.scm (certificate-configuration)[key-read-group]: New
field.
(certbot-deploy-hook): Ensure requested group has the right access.
(certbot-command): Pass the requested group to `certbot-deploy-hook'.
(set-key-access-gexp): New procedure.
(generate-certificate-gexp) Ensure the requested group has the right access.
Change-Id: Ia46454a7d2b042cfb682d1d8a7e04aebbc9c19da
| W. Kosior |
| 5 days | services: certbot: Allow it to be used without Nginx....* gnu/services/certbot.scm (define-module)[#:export]: Add
`certbot-sans-nginx-service-type'.
(certbot-configuration)[service-reload]: Add field.
(certbot-configuration)[service-requirement]: Add field.
(certbot-deploy-hook): Reload requested services rather than hardcoded Nginx.
(certbot-command): Pass services to reload to `certbot-deploy-hook'.
(certbot-renewal-one-shot): Pass depended services to Shepherd as configured
instead of passing hardcoded Nginx.
(certbot-sans-nginx-service-type): New variable.
(certbot-service-type): Avoid code duplication by inheriting from the above
service type.
Change-Id: Ic833f24989bbcdcbbc273f9c8eae4c56992aafa0
| Wojtek Kosior |
| 5 days | services: Add snakeoil-service-type....The `snakeoil-service-type' generates self-issued certificates for use by
various system daemons.
* gnu/services/ca.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Change-Id: I57bbe51f43958c0f2f437d81645ce44f9a68470b
| Wojtek Kosior |
| 5 days | services: Update Exim service to use `privileged-program' API....Uses of deprecated `setuid-program' get replaced with new
`privileged-program'.
* gnu/services/mail.scm (exim-setuids): Call `privileged-program' record
constructor macro.
(exim-service-type): Extend `privileged-program-service-type'
Change-Id: Idb00e45ddcc50a37303dc50fe1feef73a109f219
| W. Kosior |
| 5 days | gnu: exim: Use /etc/exim.conf as the default config file....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['symlink-config-file]: New
phase.
Change-Id: I1be49e4a042b42e38ebff8aeff0e9cfc8724456b
| Wojtek Kosior |
| 5 days | services: Support running Exim with setuid/setgid....In a typical configuration, Exim binary is setuid root and the Exim daemon
process listens for connections under a non-root system account (usually
`exim`). Upon receiving a message, it forks into a child process which
re-executes the binary to regain privileges and deliver the mail to its
destination (e.g. a Maildir inside user's home directory).
Besides the setuid binary itself, such setup also requires the Exim
configuration file to live at the path Exim considers safe. It defaults to
/etc/exim.conf and changing it requires rebuilding the Exim daemon. If a
configuration at unsafe path is used instead, Exim drops its privileges before
reading it and becomes unable to perform certain kinds of email delivery.
* gnu/services/mail.scm (<exim-configuration>)[setuid-user]: New field.
(<exim-configuration>)[setgid-group]: New field.
(exim-computed-config-file): Delete variable.
(exim-shepherd-service)[start]: Use Exim's default config at /etc/exim.conf.
(exim-activation): Atomically put Exim's current config at /etc/exim.conf and
verify its syntactic correctness.
(exim-setuids): New variable.
(exim-service-type)[extensions]: Extend `setuid-program-service-type`.
Change-Id: Ie6153baac80180d3d48f6b5a6959895df06aef0b
| Wojtek Kosior |
| 5 days | gnu: exim: Enable Maildir delivery format....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Set
`SUPPORT_MAILDIR` config option to "yes".
Change-Id: Ibb2b0bcd5b4a790eedfdc12f794a43625cb88250
| Wojtek Kosior |
| 5 days | gnu: exim: Set `exim` as the default user....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Configure
Exim to resolve uid/gid of `exim` in runtime and prevent install script from
failing.
Change-Id: I2571d6e5a4d4aca534ed6bdfaa3832b1ec69c1d5
| Wojtek Kosior |
| 5 days | services: Allow cgit footer text to be passed as a file-like object....* gnu/services/cgit.scm (cgit-configuration)[footer]: Specify type as
`file-object`.
Change-Id: Id5790bbdb5e09204b653bc54e1b9b60afe5a2ee0
| Wojtek Kosior |
| 5 days | services: Export cgit config serialization procedure....This procedure alone is useful when deploying cgit under HTTP server other
than Nginx or when deploying multiple cgit instances on a single host.
* gnu/services/cgit.scm (define-module): Export
`serialize-cgit-configuration`.
Change-Id: Ia21c5debbd54a156df703d84694c945e851cd55c
| Wojtek Kosior |
| 8 days | gnu: python-clingo: Build from sources....* gnu/packages/potassco.scm (clingo)[source]: Also delete
“libpyclingo/_clingo.c”.
(python-clingo)[#:phases]: Add ‘generate-sources’. Remove ‘fix-failing-tests’.
Signed-off-by: jgart <jgart@dismail.de>
| Liliana Marie Prikler |
| 8 days | gnu: distrobox: Update to 1.8.1.2....* gnu/packages/containers.scm (distrobox): Update to 1.8.1.2.
Change-Id: I5f4da5bae3e1307a2c2efcad6b4f8d526d9a6481
| jgart |
| 8 days | gnu: Add annextimelog....* gnu/packages/task-management.scm (annextimelog): New variable.
Change-Id: I7adf4263422fdb1edcb5dfc878cb1decb529c27e
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
| Matthias Riße |
| 8 days | gnu: MPD: Update to 0.23.17....* gnu/packages/mpd.scm (mpd): Update to 0.23.17.
Change-Id: Ie5d884b0d56d4d3661b889e8414417da0340b85e
| Leo Famulari |
| 8 days | gnu: system: Disable EFI pstore backend by default...Disabling the EFI pstore backend is expected to reduce the chances of unaware
users running into issues with UEFI and failing to boot their Guix Systems.
This commit disables one of the backends for the persistent storage driver
'pstore' in the Linux kernel. In particular, we disable the backend which stores
the data in EFI variable storage in UEFI NVRAM.
More information about the pstore system:
https://www.kernel.org/doc/Documentation/ABI/testing/pstore
https://docs.kernel.org/admin-guide/pstore-blk.html
https://blogs.oracle.com/linux/post/pstore-linux-kernel-persistent-storage-file-system
This change reduces writes to UEFI to reduce the chances of it wearing out or
malfunctioning for other reasons, with the goal of preventing situations where
the EFI variable storage is full and cannot take new variables. This is known to
cause "Could not prepare Boot variable: No space left on device" errors on
computers with some UEFI implementations which are susceptible to such problems,
typically on relatively older machines. The user is confronted by the issue at
the later stages of Guix system reconfiguration, when the new boot entry is
created. It may be difficult to recover from because the exact cause depends on
UEFI. Sometimes it is enough to remove dumps from efivars, but sometimes the
storage will remain full permanently with no way to reclaim space.
Users may still enable the backend by changing the option via the kernel
command-line arguments, either in the Guix system configuration or in GRUB.
The above is my summary of what was previously discussed in guix-help mailing
list: <https://lists.gnu.org/archive/html/help-guix/2025-01/msg00173.html>.
* gnu/packages/linux.scm (default-extra-linux-options): Enable the kernel
build-time configuration option CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE.
Change-Id: Id0294fa90ccbf3bacbb55a22aeb4f0a863efe22c
Co-authored-by: Leo Famulari <leo@famulari.name>
| Roman Riabenko |
| 8 days | gnu: Add linux-libre 6.13....* gnu/packages/linux.scm (linux-libre-6.13-version,
linux-libre-6.13-gnu-revision, deblob-scripts-6.13,
linux-libre-6.13-pristine-source, linux-libre-6.13-source,
linux-libre-headers-6.13, linux-libre-6.13): New variables.
(linux-libre-headers-latest): Use linux-libre-headers-6.13.
* gnu/packages/aux-files/linux-libre/6.13-arm.conf,
gnu/packages/aux-files/linux-libre/6.13-arm64.conf,
gnu/packages/aux-files/linux-libre/6.13-i686.conf,
gnu/packages/aux-files/linux-libre/6.13-riscv.conf,
gnu/packages/aux-files/linux-libre/6.13-x86_64.conf: New files.
* Makefile.am (AUX_FILES): Add them.
Change-Id: Ib2acb495eb3bd6c2c2e9e5eebd2e8a1826aeed53
| Leo Famulari |
| 8 days | gnu: linux-libre 5.4: Update to 5.4.290....* gnu/packages/linux.scm (linux-libre-5.4-version): Update to 5.4.290.
(linux-libre-5.4-pristine-source): Update hash.
Change-Id: I1a0e7501bab0747ddb973d5dbca1dc83c048d42e
| Leo Famulari |
| 8 days | gnu: linux-libre 5.10: Update to 5.10.234....* gnu/packages/linux.scm (linux-libre-5.10-version): Update to 5.10.234.
(linux-libre-5.10-pristine-source): Update hash.
Change-Id: Ic6d02a2cc48e4424d9126f43269542e15c4f139a
| Leo Famulari |
| 8 days | gnu: linux-libre 5.15: Update to 5.15.178....* gnu/packages/linux.scm (linux-libre-5.15-version): Update to 5.15.178.
(linux-libre-5.15-pristine-source): Update hash.
Change-Id: If7c556c8ee4829a7e772989dc9be005019e1941f
| Leo Famulari |
| 8 days | gnu: linux-libre 6.1: Update to 6.1.128....* gnu/packages/linux.scm (linux-libre-6.1-version): Update to 6.1.128.
(linux-libre-6.1-pristine-source): Update hash.
Change-Id: Icd8fa4921ce0db9d89d1b33cecc1306e2df67051
| Leo Famulari |
| 8 days | gnu: linux-libre 6.6: Update to 6.6.75....* gnu/packages/linux.scm (linux-libre-6.6-version): Update to 6.6.75.
(linux-libre-6.6-pristine-source): Update hash.
Change-Id: I60a5d3b4241ef3362b6b9656e25768ef6ab0897c
| Leo Famulari |
| 8 days | gnu: linux-libre: Update to 6.12.12....* gnu/packages/linux.scm (linux-libre-6.12-version): Update to 6.12.12.
(linux-libre-6.12-pristine-source): Update hash.
Change-Id: I88fe45f71455e08e100bfe800ec415f2e6566616
| Leo Famulari |
| 8 days | gnu: Add ravanan....* gnu/packages/bioinformatics.scm (ravanan): New variable.
Change-Id: Ib93ea64a3a0313be167dd1cd2f036c72f1c0f138
Signed-off-by: jgart <jgart@dismail.de>
| Arun Isaac |
| 8 days | gnu: rclone: Fix subdir for tests....Fixes <https://issues.guix.gnu.org/75977>.
* gnu/packages/sync.scm (rclone)[argument]: Add #:test-subdirs.
Change-Id: Id94a8c9ce1d3caed013f0bfcaf2ce3f2e8739607
Reported by <Konrad Hinsen <konrad.hinsen@fastmail.net>
Change-Id: I4661d48f12497279f4fe5abeb0d1dda7490e721b
| Simon Tournier |
| 8 days | gnu: python-lsp-black: Update to 2.0.0....* gnu/packages/python-xyz.scm (python-lsp-black): Update to 2.0.0.
[arguments]<#:test-flags>: Add failing tests.
Signed-off-by: jgart <jgart@dismail.de>
| Nicolas Graves |
| 8 days | gnu: emacs-dape: Update to 0.22.0....* gnu/packages/emacs-xyz.scm (emacs-dape): Update to 0.22.0.
Change-Id: Id6a988d3263ef858b268506494ab6888c832ac83
| jgart |
| 8 days | gnu: go-github-com-prometheus-client-golang: Skip one more test....* gnu/packages/prometheus.scm (go-github-com-prometheus-client-golang)
[arguments] <test-flags>: Skip one more test on non x86_64 systems.
Change-Id: Iac1f98a355b595a40fa61c5c4f479f8c11343d9b
| Sharlatan Hellseher |
| 8 days | gnu: go-github-com-cespare-xxhash-v2: Update to 2.3.0....* gnu/packages/golang-crypto.scm (go-github-com-cespare-xxhash-v2): Update to 2.3.0.
Change-Id: I07f4933769c9f32a1c9c785497300ff83acd8f7c
| Sharlatan Hellseher |
| 8 days | gnu: go-github-com-cespare-xxhash-v2: Skip dynamic and benchmark tests....Reported in #75970 by Roman Scherer <roman@burningswell.com>.
Tests containing in "dynamic" directory fail to find ld on aarch64-linux
system, these changes limit the number of tests to current project's
root and "xxhsum" subdir.
* gnu/packages/golang-crypto.scm (go-github-com-cespare-xxhash-v2)
[arguments] <test-subdirs>: Limit to "xxhsum" and project's root.
Change-Id: Id67a33c313e127ffafbcf64da01515a6a3cc96fc
| Sharlatan Hellseher |
| 8 days | gnu: cogl: Disable gstreamer plugin....The cogl GStreamer sink has been broken:
<https://gitlab.gnome.org/Archive/cogl/-/issues/15>
* gnu/packages/gnome.scm (cogl)[inputs]: Remove gstreamer and
gst-plugins-base.
[arguments]: Pass "--enable-cogl-gst=no" to configure-flags.
Change-Id: I644da53effb52c6b6d8b1f9b6df293545fab963c
Fixes: <https://issues.guix.gnu.org/39126>
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail>
| 宋文武 |
| 8 days | gnu: Add python-elevate....* gnu/packages/python-xyz.scm (python-elevate): New variable.
Change-Id: Ib29baca60329ac97310b5798643545e707cc484a
| Danny Milosavljevic |
| 8 days | gnu: Add python-dlib....* gnu/packages/machine-learning.scm (python-dlib): New variable.
Change-Id: Ia61ad36998353386b6d00f2ad1dd179ba28e9a38
| Danny Milosavljevic |
