| Age | Commit message (Expand) | Author |
|---|
| 2023-10-05 | services: hurd-vm: Leave root password uninitialized when offloading....Starting with 953c65ffdd43c02c934518fb7a1c68542584b223, offloading to
the Hurd VM would be enabled by default. However, ‘root’ had an empty
password so any user on the host could connect to the VM over VNC, log
in as root, and potentially populate the host’s store from there. This
change fixes that.
* gnu/services/virtualization.scm (operating-system-with-locked-root-account):
New procedure.
(hurd-vm-disk-image)[transform]: Add
‘operating-system-with-locked-root-account’ when offloading.
| Ludovic Courtès |
| 2023-10-01 | services: hurd-vm: Implement zero-configuration offloading....This allows for zero-configuration offloading to a childhurd.
* gnu/services/virtualization.scm (operating-system-with-offloading-account):
New procedure.
(<hurd-vm-configuration>)[offloading?]: New field.
(hurd-vm-disk-image): Define ‘transform’ and use it.
(hurd-vm-activation): Generate SSH key for user ‘offloading’ and add
authorize it via /etc/childhurd/etc/ssh/authorized_keys.d.
(hurd-vm-configuration-offloading-ssh-key)
(hurd-vm-guix-extension): New procedures.
(hurd-vm-service-type): Add GUIX-SERVICE-TYPE extension.
* gnu/tests/virtualization.scm (run-childhurd-test)[import-module?]: New
procedure.
[os]: Add (gnu build install) and its closure to #:import-modules.
[test]: Add “copy-on-write store” and “offloading” tests.
* doc/guix.texi (Virtualization Services): Document it.
| Ludovic Courtès |
| 2023-10-01 | services: hurd-vm: Disable password-based authentication for root....With offloading to a childhurd is enabled, allowing password-less root
login in the childhurd to anyone amounts to providing write access to
the host’s store to anyone. Thus, disable password-based root logins in
the childhurd.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Change
‘permit-root-login’ to 'prohibit-password.
* gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’
field for ‘hurd-vm-configuration’.
* doc/guix.texi (Virtualization Services): Remove mention of
password-less root login.
| Ludovic Courtès |
| 2023-10-01 | services: hurd-vm: ‘image’ field has to be an <image> record....* gnu/services/virtualization.scm (<hurd-vm-configuration>)[image]:
Document as being an <image> record.
(hurd-vm-disk-image): Remove call to ‘system-image’.
(hurd-vm-shepherd-service): Add call to ‘system-image’.
* gnu/tests/virtualization.scm (hurd-vm-disk-image-raw): Remove call to
‘system-image’.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
| Ludovic Courtès |
| 2023-10-01 | services: childhurd: Authorize the childhurd’s key on the host....This partly automates setting up a childhurd for offloading purposes.
* gnu/services/virtualization.scm (authorize-guest-substitutes-on-host):
New procedure.
(hurd-vm-activation): Use it.
| Ludovic Courtès |
| 2023-10-01 | services: hurd-vm: Use the default SSH port number....* gnu/services/virtualization.scm (%hurd-vm-operating-system): Remove
‘port-number’ from ‘openssh-configuration’.
(hurd-vm-net-options): Change 2222 to 22 in port forwarding.
| Ludovic Courtès |
| 2023-09-18 | services: hurd-vm: Use ‘qemu-system-x86_64’....Fixes <https://issues.guix.gnu.org/66053>.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Use ‘qemu-system-x86_64’.
| Ludovic Courtès |
