| Age | Commit message (Expand) | Author |
|---|
| 2021-05-31 | services: dnsmasq: Extend 'activation-service'....* gnu/services/dns.scm (dnsmasq-activation): New procedure …
(dnsmasq-service-type): … use it.
| Brice Waegeneire |
| 2021-03-10 | services: Prevent following symlinks during activation....This addresses a potential security issue, where a compromised
service could trick the activation code in changing the permissions,
owner and group of arbitrary files. However, this patch is
currently only a partial fix, due to a TOCTTOU (time-of-check to
time-of-use) race, which can be fixed once guile has bindings
to openat and friends.
Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html>
* gnu/build/activation.scm: new procedure 'mkdir-p/perms'.
* gnu/services/authentication.scm
(%nslcd-activation, nslcd-service-type): use new procedure.
* gnu/services/cups.scm (%cups-activation): likewise.
* gnu/services/dbus.scm (dbus-activation): likewise.
* gnu/services/dns.scm (knot-activation): likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Maxime Devos |
| 2021-02-11 | services: knot: Fix configuration verification....* gnu/services/dns.scm (verify-knot-key-configuration): Fix the
order of memq arguments.
(verify-knot-keystore-configuration): Likewise.
(verify-knot-acl-configuration): Replace fold with every procedure.
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
| Alexey Abramov |
| 2020-10-27 | services: knot-resolver: Replace deprecated command-line option....This silences a warning from the service at startup.
* gnu/services/dns.scm (knot-resolver-shepherd-services)[start]: Use the "-n"
command-line option to kresd in place of the deprecated "-f 1".
Signed-off-by: Leo Famulari <leo@famulari.name>
| Simon South |
| 2020-10-06 | services: dnsmasq: Add TFTP configuration fields....* gnu/services/dns.scm (<dnsmasq-configuration>): Add TFTP configuration
fields.
(dnsmasq-shepherd-service): Use them.
* doc/guix.texi (DNS Services): Document them.
| Danny Milosavljevic |
| 2020-05-08 | services: Add descriptions....* gnu/services/dbus.scm (polkit-service-type)[description]: New field.
* gnu/services/dict.scm (dicod-service-type)[description]: New field.
* gnu/services/dns.scm (knot-service-type)[description]: New field.
* gnu/services/networking.scm (dhcpd-service-type)[description]: New field.
* gnu/services/shepherd.scm (shepherd-root-service-type)[description]:
New field.
* gnu/services/xorg.scm (slim-service-type)[description]: New field.
(screen-locker-service-type)[description]: New field.
* gnu/system/pam.scm (pam-root-service-type)[description]: New field.
* gnu/system/shadow.scm (account-service-type)[description]: New field.
| Ludovic Courtès |
| 2020-05-02 | services: dnsmasq: Support the --address flag....Introduce a new `addresses' field that translates to passing `--address='
multiple times to dnsmasq.
* gnu/services/dns.scm (<dnsmasq-configuration>): Add an addresses field.
(dnsmasq-shepherd-service): Match the addresses field and translate it to
multiple '--address=' flags.
* doc/guix.texi (DNS Services): Document it.
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
| Pierre Langlois |
| 2020-01-22 | services: knot-resolver: Manage a root TA at /var/cache/knot-resolver....* gnu/services/dns.scm (%kresd.conf): Add /var/cache/knot-resolver/root.keys
as the root TA.
| 宋文武 |
| 2019-11-11 | services: Add knot-resolver-service-type....* gnu/services/dns.scm (<knot-resolver-configuration>): New record type.
(knot-resolver-activation, knot-resolver-shpherd-services): New procedures.
(%knot-resolver-accounts, %kresd.conf, knot-resolver-service-type): New
variables.
* doc/guix.texi (DNS Services): Document it.
| 宋文武 |
