Age | Commit message (Expand) | Author |
2024-09-25 | services: cleanup: Reintroduce explicit ‘chmod’ calls....This reverts commit e74d05db53fdf02956ccee0950896c6ca9f10573.
* gnu/services.scm (cleanup-gexp): Introduce explicit ‘chmod’ calls
after ‘mkdir’ calls.
* gnu/tests/base.scm (run-basic-test)[test]("permissions on /tmp"):
New test.
Reported-by: Hilton Chain <hako@ultrarare.space>
Change-Id: I1e14dbe52eac526d2ed4ec1dd9c6fd9036f96a63
| Ludovic Courtès |
2024-09-25 | services: cleanup: Delete /run upon boot....Fixes <https://issues.guix.gnu.org/64775>.
* gnu/services.scm (cleanup-gexp): Delete /run and recreate it.
Reported-by: Vagrant Cascadian <vagrant@debian.org>
Change-Id: Iae39f1aa734712a3755b24b156802ec0282d3f14
| Ludovic Courtès |
2024-09-25 | services: cleanup: Create directories with the right mode upfront....* gnu/services.scm (cleanup-gexp): Pass mode as second argument to
‘mkdir’; remove ‘chmod’ calls.
Change-Id: I8ac2dde0ca5d9bd6b2ef104d77141d8463d8b3fa
| Ludovic Courtès |
2024-09-08 | services: Warn about unprivileged privileged-programs....* gnu/services.scm (privileged-program->activation-gexp): Warn when a
privileged-program appears to lack all possible privilege.
Change-Id: I68ed8cb2cff88b11b090cf99a2cc7d6264b888e0
| Tobias Geerinckx-Rice |
2024-08-19 | services: Truly mark ‘setuid-program-service-type’ as deprecated....* gnu/services.scm (setuid-program-service-type): Define with
‘define-deprecated/alias’.
Change-Id: Ibafe333e7f261185b5a70b38cfb4845abf2f643b
| Ludovic Courtès |
2024-08-19 | services: privileged-program: No libcap when cross-compiling to the Hurd....* gnu/services.scm (privileged-program->activation-gexp): Add
‘let-system’ form to define staged ‘libcap’ variable. Use
‘supported-package?’ only when not cross-compiling.
Change-Id: Ifa9bd97b5dc8c3a162d8427533b41d3c30bac18d
| Ludovic Courtès |
2024-08-11 | privilege: Add POSIX capabilities(7) support....* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported. Include privileged-program-capabilities
in the compatibility hack.
| Tobias Geerinckx-Rice |
2024-08-11 | system: Add privileged-programs to <operating-system>....* gnu/system.scm (<operating-system>): Add new privileged-programs
field, that defaults to…
(%default-privileged-programs): …this new variable, renamed from…
(%setuid-programs): …this, which is now defined as the empty list.
* doc/guix.texi (Setuid Programs): Rename this…
(Privileged Programs): …to this. Adjust all refs. Update all mentions
of ‘setuid’ (whether in prose, variable names, or code samples) to use
the new ‘privilege[d]’ terminology instead.
(operating-system Reference, X Window, Invoking guix system)
(Service Reference): Adjust likewise.
| Tobias Geerinckx-Rice |
2024-08-11 | services: Rename setuid-program-service-type....* gnu/services.scm (setuid-program->activation-gexp): Rename this…
(privileged-program->activation-gexp): …to this.
Operate on a list of <privileged-program> records.
(privileged-program-service-type): New variable, renamed from
setuid-program-service-type. Rename the service-type accordingly.
(setuid-program-service-type): Redefine as an alias for the above.
| Tobias Geerinckx-Rice |
2024-08-11 | build: Rename activate-setuid-programs....* gnu/build/activation.scm (activate-setuid-programs): Rename this…
(activate-privileged-programs): …to this.
Operate on a list of <privileged-program> records.
* gnu/services.scm (setuid-program->activation-gexp): Adjust caller.
| Tobias Geerinckx-Rice |
2024-08-11 | services: setuid-program: Populate /run/privileged/bin....Create /run/setuid-programs compatibility symlinks so that we can
migrate all users (both package and human) piecemeal at our leisure.
Apart from being symlinks, this should be a user-invisible change.
* gnu/build/activation.scm (%privileged-program-directory): New variable.
[activate-setuid-programs]: Put privileged copies in
%PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in
%SETUID-DIRECTORY.
* gnu/services.scm (setuid-program-service-type): Update docstring.
* doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
| Tobias Geerinckx-Rice |
2024-03-22 | system, home: Validate ‘services’ field value....This guides newcomers who might stick a single (service …) form
in this field.
* gnu/services.scm (validate-service-list): New macro.
(%validate-service-list): New procedure.
* gnu/system.scm (<operating-system>)[services]: Add ‘sanitize’.
* gnu/home.scm (<home-environment>)[services]: Add ‘sanitize’.
Change-Id: I9e29bd9a078e87b627ab766fd669ba9de79f8473
| Ludovic Courtès |
2024-02-19 | services: activation: Ensure /var/run existence....* gnu/services.scm (activation-script): Ensure /var/run existence.
* gnu/build/install.scm (evaluate-populate-directive)
[directives]: Remove directory /var/run.
Change-Id: I5fb93d33b6b1f045f1e5ba206b9b0b74b5184260
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Nicolas Graves |
2023-12-02 | gnu: Use ‘libc-utf8-locales-for-target’....* guix/packages.scm (%standard-patch-inputs): Use
‘libc-utf8-locales-for-target’ instead of ‘glibc-utf8-locales’.
* guix/self.scm (%packages): Likewise.
* gnu/home/services/ssh.scm (file-join): Likewise
* gnu/installer.scm (build-compiled-file): Likewise.
* gnu/packages/chromium.scm (ungoogled-chromium/wayland): Likewise.
* gnu/packages/gnome.scm (libgweather4, tracker): Likewise.
* gnu/packages/javascript.scm (js-mathjax): Likewise.
* gnu/packages/package-management.scm (guix, flatpak): Likewise.
* gnu/packages/raspberry-pi.scm (raspi-arm64-chainloader): Likewise.
* gnu/packages/suckless.scm (svkbd): Likewise.
* gnu/services.scm (cleanup-gexp): Likewise.
* gnu/services/base.scm (guix-publish-shepherd-service): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services)
(guix-build-coordinator-agent-shepherd-services): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services):
(guix-data-service-shepherd-services)
(nar-herder-shepherd-services)
(bffe-shepherd-services): Likewise.
* gnu/services/web.scm (anonip-shepherd-service)
(mumi-shepherd-services): Likewise.
* gnu/system/image.scm (system-disk-image, system-iso9660-image)
(system-docker-image, system-tarball-image): Likewise.
* gnu/system/install.scm (%installation-services): Likewise.
* guix/profiles.scm (info-dir-file): Likewise.
(ca-certificate-bundle, profile-derivation): Likewise.
* guix/scripts/pack.scm (store-database, set-utf8-locale): Likewise.
* tests/pack.scm: Likewise.
* tests/profiles.scm ("profile-derivation, cross-compilation"):
Likewise.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Co-authored-by: Christopher Baines <mail@cbaines.net>
Change-Id: I24239f427bcc930c29d2ba5d00dc615960a6c374
| Janneke Nieuwenhuizen |
2023-08-31 | gnu: services: Revert to deleting and updating all matching services...This patch reverts the behavior introduced in
181951207339508789b28ba7cb914f983319920f which caused ‘modify-services’
clauses to only match a single instance of a service.
We will now match all service instances when doing a deletion or update, while
still raising an exception when trying to match against a service that does
not exist in the services list, or which was deleted explicitly by a ‘delete’
clause (or an update clause that returns ‘#f’ for the service).
Fixes: #64106
* gnu/services.scm (%modify-services): New procedure.
(modify-services): Use it.
(apply-clauses): Add DELETED-SERVICES argument, change to modify one service
at a time.
* tests/services.scm
("modify-services: delete then modify")
("modify-services: modify then delete")
("modify-services: delete multiple services of the same type")
("modify-services: modify multiple services of the same type"): New tests.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| Brian Cully |
2023-08-20 | services: Define 'for-home'....* gnu/services.scm (remove-service-extensions): New procedure.
(for-home?): New syntax parameter.
(for-home): New macro.
| Ludovic Courtès |
2023-06-06 | services: Check if service is #f before applying clause....* gnu/services.scm (apply-clauses): Check if service is #f before trying to
apply clause. Follow up of 181951207339508789b28ba7cb914f983319920f.
| Josselin Poiret |
2023-06-06 | services: 'modify-services' preserves service ordering....Fixes <https://issues.guix.gnu.org/63921>.
The regression was introduced in
dbbc7e946131ba257728f1d05b96c4339b7ee88b, which changed the order of
services. As a result, someone using 'modify-services' could find
themselves with incorrect ordering of expressions in the "boot" script,
whereby the cleanup expressions would come after (execl ".../shepherd").
This, in turn, would lead shepherd to error out at boot with EADDRINUSE
on /var/run/shepherd/socket.
* gnu/services.scm (%delete-service, %apply-clauses): Remove.
(clause-alist): New macro.
(apply-clauses): New procedure.
(modify-services): Use it. Adjust docstring.
* tests/services.scm ("modify-services: do nothing"): Remove 'sort' call.
("modify-services: delete service"): Likewise, and add 't4' service.
("modify-services: change value"): Remove 'sort' call and fix expected value.
| Ludovic Courtès |
2023-06-02 | services: Error in MODIFY-SERVICES when services don't exist...This patch causes MODIFY-SERVICES to raise an error if a reference is made to
a service which isn't in its service list. This it to help users notice if
they have an invalid rule, which is currently silently ignored.
* gnu/services.scm (%delete-service): new procedure
(%apply-clauses): new syntax rule
(%modify-service): remove syntax rule
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Brian Cully |
2023-05-16 | services: Add default values....* gnu/services.scm (boot-service-type, activation-service-type,
etc-service-type, profile-service-type): Add default-value.
* gnu/system/shadow.scm (account-service-type): Add default-value.
| Andrew Tropin |
2023-03-16 | services: etc-service: Deprecate etc-service procedure....* gnu/services.scm (etc-service): Deprecate procedure.
* gnu/system.scm (operating-system-etc-service): Replace etc-service
with etc-service-type.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Bruno Victal |
2022-08-30 | services: provenance: Use 'current-channels' to obtain provenance data....Previously, build-time metadata from (guix config) would be ignored when
available--e.g., when running /run/current-system/profile/bin/guix.
This is a followup to 316fc2acbb112bfa572ae30f95a93bcd56621234.
* gnu/services.scm (provenance-entry): Use 'current-channels' instead of
'current-profile' + 'profile-channels'.
| Ludovic Courtès |