'/>
aboutsummaryrefslogtreecommitdiff
path: root/gnu/build/activation.scm
Makefile.am (SCM_TESTS): Register it. * doc/guix.texi: Update documentation.
AgeCommit message (Expand)Author
2020-06-09activation: Fix function call for system activation...* gnu/build/activation.scm (boot-time-system): Evaluate the linux-command-line thunk for linux systems to boot Signed-off-by: Ludovic Courtès <ludo@gnu.org> Royce Strange
2020-06-08system: Support activation service for the Hurd....* gnu/build/activation.scm (boot-time-system): Use "command-line" for the Hurd. * gnu/system.scm (hurd-default-essential-services): Add %boot-service and %activation-service. Jan (janneke) Nieuwenhuizen
2020-01-06activation: Check whether /proc/sys/kernel/modprobe exists....* gnu/build/activation.scm (activate-modprobe): Check whether /proc/sys/kernel/modprobe exists before writing to it. Co-authored-by: Ludovic Courtès <ludo@gnu.org> kanichos@yandex.ru
2020-01-02activation: Keep going when failing to create one of the setuid programs....Fixes <https://bugs.gnu.org/38800>. Reported by Jakub Kądziołka <kuba@kadziolka.net>. * gnu/build/activation.scm (activate-setuid-programs): Catch 'system-error' around 'make-setuid-program' calls. Ludovic Courtès
2019-06-05activation: Lock /etc/.pwd.lock before accessing databases....Suggested by Florian Pelz <pelzflorian@pelzflorian.de> in <http://bugs.gnu.org/35996>. * gnu/build/accounts.scm (%password-lock-file): New variable. * gnu/build/activation.scm (activate-users+groups): Wrap calls to 'user+group-databases', 'write-group', etc. into 'with-file-lock'. Ludovic Courtès
2019-03-08activation: Shared system home directories are now 555 and root-owned....Fixes <https://bugs.gnu.org/34788>. Reported by Jack Hill <jackhill@jackhill.us>. Regression introduced by the combination of 8bb76f3d44c1f5ffec8011819494db306a51d801 and 0ae735bcc8ff7fdc89d67b492bdee9091ee19e86: /var/empty would be 700 and owned by one of the system accounts (thus inaccessible to others), and /var/run/dbus would be 700 as well, thereby preventing D-Bus clients from connecting to the daemon. * gnu/build/activation.scm (duplicates): New procedure. (activate-users+groups)[system-accounts]: New variable. Use it. Make shared system account home directories #o555 and root-owned. * gnu/services/dbus.scm (dbus-activation): Make /var/run/dbus #o755. * gnu/tests/base.scm (run-basic-test): Test the ownership and permissions of /var/empty. Ludovic Courtès
2019-03-07activation: Build account databases with (gnu build accounts)....* gnu/build/activation.scm (enumerate, current-users, current-groups) (add-group, add-user, modify-user, ensure-user): Remove. (activate-users+groups)[touch, activate-user]: Remove. [make-home-directory]: New procedure. Rewrite in terms of 'user+group-databases', 'write-group', etc. * gnu/build/install.scm (directives): Remove "/root". * gnu/system/shadow.scm (account-activation): Remove (setenv "PATH" ...) expression, which is now unneeded. Ludovic Courtès
2019-03-07activation: Operate on <user-account> and <user-group> records....* gnu/system/accounts.scm (sexp->user-group, sexp->user-account): New procedures. * gnu/system/shadow.scm (account-activation): Call them in the arguments to 'activate-users+groups'. (account-shepherd-service): Likewise. * gnu/build/activation.scm (activate-users+groups): Expect a list of <user-account> and a list of <user-group>. Replace uses of 'match' on tuples with calls to record accessors. (activate-user-home): Likewise. Ludovic Courtès
2019-03-04activation: Make home directories #o700 by default....Until now they'd be #o755, except for /root, which is treated specially in (gnu build install). * gnu/build/activation.scm (activate-user-home): Chmod HOME to #o700. Remove redundant 'unless system?'. Ludovic Courtès
2018-11-18activation: Aways pass '-d HOME' to 'useradd'....Fixes <https://bugs.gnu.org/33422>. Reported by fps. * gnu/build/activation.scm (add-user): Always pass "-d HOME" when HOME is true. Pass "--create-home" only when HOME, CREATE-HOME?, and SYSTEM? are true. (activate-users+groups): Pass #:create-home? create-home? to 'ensure-user'. * gnu/tests/base.scm (run-basic-test)["accounts"]: Test 'passwd:dir' as well. Ludovic Courtès
2018-03-27activation: Pass '-d HOME' to 'usermod'....Fixes a bug whereby changes to user home directories in the OS config would never be effective. Reported by Pierre Neidhardt <ambrevar@gmail.com>. * gnu/build/activation.scm (modify-user): Pass '-d HOME'. Ludovic Courtès
2017-10-08activation: Do not create setuid binaries in the store [security fix]....Fixes <https://bugs.gnu.org/28751>. * gnu/build/activation.scm (activate-setuid-programs)[link-or-copy]: Remove. Use 'copy-file' instead. Ludovic Courtès
2017-08-03activation: Make sure /etc exists....Fixes <http://bugs.gnu.org/27146>. Reported by ng0 <ng0@pragmatique.xyz>. * gnu/build/activation.scm (activate-etc): Add call to 'mkdir-p'. Ludovic Courtès
2017-05-30activation: Change permissions on /root to #o700....Reported by Alex Griffin <a@ajgrf.com>. Fixes <http://bugs.gnu.org/27135>. * gnu/build/activation.scm (add-user): When UID is zero, add 'chmod' call. * gnu/tests/base.scm (run-basic-test)["permissions on /root"]: New test. Ludovic Courtès
2017-05-18services: user-homes: Do not create home directories marked as no-create....Fixes a bug whereby GuixSD would create the /nonexistent directory, from user 'nobody', even though it has 'create-home-directory?' set to #f. * gnu/build/activation.scm (activate-users+groups): Add comment for \#:create-home?. (activate-user-home)[ensure-user-home]: Skip when CREATE-HOME? is #f or SYSTEM? is #t. * gnu/tests/base.scm (run-basic-test)["no extra home directories"]: New tests. Ludovic Courtès
2017-02-10Merge branch 'master' into core-updatesLudovic Courtès
2017-02-08services: Add 'special-files-service-type'....* gnu/build/activation.scm (activate-/bin/sh): Remove. (activate-special-files): New procedure. * gnu/services.scm (activation-script): Remove call to 'activate-/bin/sh'. (special-files-service-type): New variable. (extra-special-file): New procedure. * gnu/services/base.scm (%base-services): Add SPECIAL-FILES-SERVICE-TYPE instance. * gnu/tests/base.scm (run-basic-test)[special-files]: New variables. ["special files"]: New test. Ludovic Courtès
2017-02-04activation: Set the right owner for home directories....This fixes a regression introduced in ae763b5b0b7d5e7316a3d0efe991fe8ab2261031 whereby home directories and skeletons would be root-owned. * gnu/build/activation.scm (copy-account-skeletons): Make 'directory' a keyword parameter. Add #:uid and #:gid and honor them. [set-owner]: New procedure. (activate-user-home): Add call to 'getpw' and 'chown'. Pass UID and GID to 'copy-account-skeletons'. * gnu/tests/base.scm (run-basic-test)["skeletons in home directories"]: Test file ownership under HOME. Ludovic Courtès
2017-02-02Merge branch 'master' into core-updatesLeo Famulari
2017-02-01system: Create home directories once 'file-systems' is up....Fixes <http://bugs.gnu.org/21108>. Reported by Andy Patterson <ajpatter@uwaterloo.ca> and Leo Famulari <leo@famulari.name>. * gnu/build/activation.scm (activate-users+groups)[activate-user]: Pass #:create-home? #t iff CREATE-HOME? and SYSTEM?. (activate-user-home): New procedure. * gnu/system/shadow.scm (account-shepherd-service): New procedure. (account-service-type)[extensions]: Add SHEPHERD-ROOT-SERVICE-TYPE extension. * gnu/tests/base.scm (run-basic-test)["home"] ["skeletons in home directories"]: New tests. * gnu/tests/install.scm (%separate-home-os, %separate-home-os-source) (%test-separate-home-os): New variables. Ludovic Courtès
2017-01-26utils: Add helper method to make files writable....* gnu/build/activation.scm (make-file-writable): Move this to ... * guix/build/utils.scm (make-file-writable): ... here. Export it. * guix/build/gnu-build-system.scm (strip): Use it. Marius Bakke
2016-09-06activation: Don't fail if /var/lib exists....This is a followup to commit 6526d43ea4fb0cd151a0d5e9a072c651c1c963d1. * gnu/build/activation.scm (activate-user+groups): Use mkdir-p to create /var/lib. Leo Famulari
2016-09-06activation: Allow home directories to be created under /var/lib....* gnu/build/activation.scm (activate-user+groups): Make sure /var/lib exists. David Craven
2016-08-28system: Add 'create-home-directory?' field to <user-account>....* gnu/system/shadow.scm (<user-account>)[create-home-directory?]: New field. (user-account->gexp): Serialize it. * gnu/build/activation.scm (activate-users+groups)[activate-user]: Update 'match-lambda' pattern accordingly. Pass #:create-home? to 'ensure-user'. (add-user, modify-user, ensure-user): Add #:create-home? parameter and honor it. * doc/guix.texi (User Accounts): Document it. Ludovic Courtès
2016-03-24activation: Copy account skeletons silently....* gnu/build/activation.scm (copy-account-skeletons): Pass #:log to 'copy-recursively'. Ludovic Courtès
2016-03-20system: Allow account skeletons to be directories....* gnu/system/shadow.scm (skeleton-directory): Use 'copy-recursively' instead of 'copy-file'. * gnu/build/activation.scm (copy-account-skeletons): Likewise. Ludovic Courtès
Maxim Cournoyer
2019-09-08services: ntp: Fix KOD warning....Otherwise the following messages would be printed by ntpd: Sep 2 05:18:21 localhost ntpd[15849]: restrict default: KOD does nothing without LIMITE. Sep 2 05:18:21 localhost ntpd[15849]: restrict ::: KOD does nothing without LIMITED. Debian uses the same set of "restrict" keywords (see: https://sources.debian.org/src/ntp/1:4.2.8p13+dfsg-2/debian/ntp.conf). * gnu/services/networking.scm (ntp-shepherd-service): Add the 'limited' keyword to both the IPv4 and IPv6 'restrict' directives. Maxim Cournoyer
2019-09-08services: ntp: Allow large adjustment by default....This is documented as best practice in `man ntpd', and is required to allow the date to be set correctly when traveling (without having to manually update the hardware clock in the BIOS/UEFI). * gnu/services/networking.scm (<ntp-server>)[allow-large-adjustment?]: Set the default value to #t. * doc/guix.texi (Networking Services): Update documentation. Maxim Cournoyer