Commit a7ac19851b led configs such as the
following one, which were previously valid, to be rejected:
(operating-system
;; ...
(setuid-programs (cons #~(string-append #$wireshark "/bin/dumpcap")
%setuid-programs)))
They are now accepted again.
Reported by wonko on #guix.
* gnu/system.scm (%ensure-setuid-program-list): Handle the case where
PROGRAM is not a file-like.
Previously, evaluating an OS configuration with a childhurd (for
instance) would produce tens of lines like:
guix system: warning: representing setuid programs with '#<file-append #<package shadow@4.8.1 gnu/packages/admin.scm:798 7ff97f6f7640> "/bin/passwd">' is deprecated; use 'setuid-program' instead
Now, it prints this one line:
gnu/system/hurd.scm:105:2: warning: representing setuid programs with file-like objects is deprecated; use 'setuid-program' instead
This change also means that extensions of 'setuid-program-service-type'
now have to provide a list of <setuid-program>, so it's stricter in this
sense.
* gnu/services.scm (setuid-program-file-like-deprecated): Remove.
(setuid-program-service-type)[extend]: Remove
'setuid-program-file-like-deprecated' call. Assume CONFIG and
EXTENSIONS are already lists of <setuid-program> records.
* gnu/system.scm (<operating-system>)[setuid-programs]: Add 'sanitize'
property. Change accessor name from '%operating-system-setuid-programs'
to 'operating-system-setuid-programs'.
(operating-system-default-essential-services)
(hurd-default-essential-services): Adjust accordingly.
(ensure-setuid-program-list): New macro.
(%ensure-setuid-program-list): New procedure, based on
'setuid-program-file-like-deprecated'.
New record <setuid-program> with fields for setting the specific user
and group, as well as specifically selecting the setuid and setgid bits,
for a program within the setuid-program-service.
* gnu/services.scm (setuid-program-file-like-deprecated): New function.
(setuid-program-service-type): Make use of
setuid-program->activation-gexp. Adjust the extend property to handle
<setuid-program>.
* gnu/build/activation.scm (activate-setuid-programs): Update to expect a
<setuid-record> list for each program entry.
* gnu/system.scm: (operating-system-setuid-programs): Renamed to
%operating-system-setuid-programs and replace it with new procedure.
(operating-system-default-essential-services,
hurd-default-essential-services): Replace
operating-system-setuid-programs with
%operating-system-setuid-programs.
* gnu/system/setuid.scm: New file.
* doc/guix.texi (Setuid Programs): Document <setuid-program>.
Co-authored-by: Brice Waegeneire <brice@waegenei.re>
Since the update to the 2.6.2 release, the closure size of zile has
increased. Switch to mg which is lighter.
* gnu/system.scm (%base-packages-interactive): Replace zile by mg.
* doc/guix.texi (Proceeding with the Installation,
Using the Configuration System): Adapt those sections.
* gnu/system.scm (operating-system-directory-base-entries): Remove code
to handle generation of "kernel" for linux-libre kernels.
(operating-system-default-essential-services): Instantiate
linux-builder-service-type.
(package-for-kernel): Move ...
* gnu/services.scm: ... to here.
(linux-builder-service-type): New variable.
(linux-builder-configuration): New type.
(linux-loadable-module-service-type): New variable.
* gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test): Move
code to ...
(run-loadable-kernel-modules-test-base): ... new procedure here.
(run-loadable-kernel-modules-service-test): New procedure.
(%test-loadable-kernel-modules-service-0): New variable.
(%test-loadable-kernel-modules-service-1): New variable.
(%test-loadable-kernel-modules-service-2): New variable.
* doc/guix.texi: Document linux-loadable-module-service-type.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
Fixes <https://issues.guix.gnu.org/43530>.
Wget is typically included with most GNU/Linux distributions. It adds about
~3 MiB to the system size.
* gnu/system.scm (%base-packages-networking): Add the wget package.
* gnu/bootloader/grub.scm (grub-configuration-file): New parameter
store-crypto-devices.
[crypto-devices]: New helper function.
[builder]: Use crypto-devices.
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* gnu/tests/install.scm (%encrypted-root-not-boot-os,
%encrypted-root-not-boot-os): New os declaration.
(%encrypted-root-not-boot-installation-script): New script, whose contents
were initially taken from %encrypted-root-installation-script.
(%test-encrypted-root-not-boot-os): New test.
* gnu/system.scm (define-module): Export
operating-system-bootoader-crypto-devices and
boot-parameters-store-crypto-devices.
(<boot-parameters>): Add field store-crypto-devices.
(read-boot-parameters): Parse store-crypto-devices field.
[uuid-sexp->uuid]: New helper function extracted from
device-sexp->device.
(operating-system-bootloader-crypto-devices): New function.
(operating-system-bootcfg): Use
operating-system-bootloader-crypto-devices to provide its contents to
the bootloader configuration generation process.
(operating-system-boot-parameters): Add store-crypto-devices to the
generated boot-parameters.
(operating-system-boot-parameters-file): Likewise to the file with
the serialized structure.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* tests/boot-parameters.scm (%default-store-crypto-devices): New
variable.
(%grub-boot-parameters, test-read-boot-parameters): Use
%default-store-crypto-devices.
(tests store-crypto-devices): New tests.
Fixes <http://issues.guix.gnu.org/44196>
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-directory-prefix.
* gnu/system.scm (define-module): Export
boot-parameters-store-directory-prefix.
(<boot-parameters>)[store-directory-prefix]: New field. It is used to
generate the correct paths when /gnu/store is installed on a btrfs
subvolume whose name doesn't match the final runtime path, as the
bootloader doesn't have knowledge about the final mounting points.
[boot-parameters-store-directory-prefix]: New accessor.
(read-boot-parameters): Read directory-prefix from store field.
(operating-system-boot-parameters-file): Add directory-prefix to
store field.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-directory-prefix.
* test/boot-parameters.scm (%default-btrfs-subvolume,
%default-store-directory-prefix): New variables.
(%grub-boot-parameters): Use %default-store-directory-prefix.
(%default-operating-system): Use %default-btrfs-subvolume.
(test-boot-parameters): Add directory-prefix.
(test optional fields): Add test for directory-prefix.
(test os store-directory-prefix): New test.
* gnu/machine/ssh.scm (roll-back-managed-host): Use locale information
from boot-parameters.
* gnu/system.scm (operating-system-bootcfg): Provide locale information
to the bootloader.
* guix/system/script.scm (reinstall-bootloader): Use locale information
from boot-parameters.
This allows 'guix deploy' to save the config file when it's available.
* gnu/system.scm (operating-system-configuration-file): New procedure.
(operating-system-with-provenance): 'config-file' defaults to the value
returned by 'operating-system-configuration-file'.
When creating a disk-image using --save-provenance, "guix system describe"
now works.
* gnu/system.scm (operating-system-directory-base-entries): Add conditional
"hurd" parameter, make "initrd" parameter conditional.
(hurd-default-essential-services): Use them.
(operating-system-boot-parameters-file): Only add 'initrd' when set.
Note: Using `getxattr' on the Hurd instead of running showtrans does not
work (yet?).
* gnu/build/hurd-boot.scm (setup-translator): Use 'setxattr' instead of
invoking settrans.
* gnu/system.scm (hurd-multiboot-modules): Add --x-xattr-translator-records to
enable xattr-embedding of translators.
Reported by Vitaliy Shatrov <D0dyBo0D0dyBo0@protonmail.com> via IRC.
* gnu/system.scm (operating-system-etc-service): For the Hurd, add '/etc/ttys'
symlink. This fixes terminal behavior in the console by setting TERM=hurd.
This decouples startup of the Hurd from the "hurd" package, moving the RC
script into SYSTEM.
* gnu/packages/hurd.scm (hurd)[inputs]: Remove hurd-rc-script.
[arguments]: Do not substitute it. Update "runsystem.sh" to parse kernel
arguments and exec into --system=SYSTEM/rc.
(hurd-rc-script): Move to...
* gnu/services.scm (%hurd-rc-file): ...this new variable.
(hurd-rc-entry): New procedure.
(%hurd-startup-service): Use it in new variable.
* gnu/system.scm (hurd-default-essential-services): Use it.
* gnu/system.scm (operating-system-etc-service): Cater for missing nsswitch
and missing sudoers-file. For the Hurd, add "login" and "motd".
(hurd-default-essential-services): Add operating-system-etc-service.
* gnu/build/activation.scm (boot-time-system): Use "command-line" for the
Hurd.
* gnu/system.scm (hurd-default-essential-services): Add %boot-service and
%activation-service.
* gnu/system.scm (kernel->boot-label): Add keyword parameter 'hurd'. If set,
use it for label.
(operating-system-default-label): Call with it with operating-system-hurd.
* gnu/system.scm (<boot-parameters>)[multiboot-modules]: New field.
(read-boot-parameters): Initialize it.
(operating-system-multiboot-modules, hurd-multiboot-modules): New procedure.
(operating-system-boot-parameters): Cater for multiboot the Hurd and
initialize it; avoid initrd in that case.
(operating-system-kernel-file): Cater for for Gnumach (the Hurd) besides Linux.
(boot-parameters->menu-entry): Use it to support a multiboot <menu-entry>.
Following discussion in <https://issues.guix.gnu.org/37305>, it seems more
appropriate to give the parameter a more generic name that better describes
what it does.
* gnu/bootloader/grub.scm (normalize-file): Rename the
BTRFS-SUBVOLUME-FILE-NAME parameter to STORE-DIRECTORY-PREFIX, and always
assume this argument to be a string.
(eye-candy): Likewise. Default STORE-DIRECTORY-PREFIX to "".
(grub-configuration-file): Likewise.
* gnu/system.scm (operating-system-bootcfg): Adapt.
* gnu/bootloader/grub.scm (strip-mount-point): Remove procedure.
(normalize-file): Add procedure.
(grub-configuration-file): New BTRFS-SUBVOLUME-FILE-NAME parameter. When
defined, prepend its value to the kernel and initrd file names, using the
NORMALIZE-FILE procedure. Adjust the call to EYE-CANDY to pass the
BTRFS-SUBVOLUME-FILE-NAME argument. Normalize the KEYMAP file as well.
(eye-candy): Add a BTRFS-SUBVOLUME-FILE-NAME parameter, and use it, along with
the NORMALIZE-FILE procedure, to normalize the FONT-FILE and IMAGE nested
variables. Adjust doc.
* gnu/bootloader/depthcharge.scm (depthcharge-configuration-file): Adapt.
* gnu/bootloader/extlinux.scm (extlinux-configuration-file): Likewise.
* gnu/system/file-systems.scm (btrfs-subvolume?)
(btrfs-store-subvolume-file-name): New procedures.
* gnu/system.scm (operating-system-bootcfg): Specify the Btrfs
subvolume file name the store resides on to the
`operating-system-bootcfg' procedure, using the new
BTRFS-SUBVOLUME-FILE-NAME argument.
* doc/guix.texi (File Systems): Add a Btrfs subsection to document the use of
subvolumes.
* gnu/tests/install.scm (%btrfs-root-on-subvolume-os)
(%btrfs-root-on-subvolume-os-source)
(%btrfs-root-on-subvolume-installation-script)
(%test-btrfs-root-on-subvolume-os): New variables.
This is said to avoid a race with the usbhid kernel module.
See <https://issues.guix.gnu.org/35574#18>.
* gnu/system.scm (%default-modprobe-blacklist): Blacklist it.
This avoids a race with the bcm5974 kernel module.
Fixes <https://bugs.gnu.org/35574>.
* gnu/system.scm (%default-modprobe-blacklist): New variable.
(<operating-system>)[kernel-arguments]: Default to ...
(%default-kernel-arguments): ... this new variable.
* doc/guix.texi (operating-system Reference): Document the change.
operating-system's kernel.
* gnu/system.scm (package-for-kernel): New procedure.
(operating-system-directory-base-entries): Use it.
* gnu/tests/linux-module.scm: Test it.
* gnu/system.scm: (%base-packages-interactive, %base-packages-linux,
%base-packages-networking, %base-packages-utils): New variables.
(%base-packages): Use those new variables.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This reverts commit b2fff3b5de.
Fixes <https://bugs.gnu.org/40713>.
Reported by pkill9 <pkill9@runbox.com>.
This commit is incorrect: its effect depends on whether KERNEL's build
output is already available in the store, it breaks with non-package
kernels as reported at <https://bugs.gnu.org/40713>, and the
LINUX-MODULE-DATABASE hook is required at all times since
5c79f23863 removed the relevant bits from
the 'linux-libre' package.
* gnu/system.scm (operating-system-directory-base-entries): Don't create
a module database when no modules are available.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
Exporting this variable allows reusing the default value of the `sudoers-file'
field when configuring it.
* gnu/system.scm (gnu): Export %sudoers-specification.
* doc/guix.texi (Invoking guix deploy): Document an example, to use with 'guix
deploy'.
Fixes <https://bugs.gnu.org/37931>.
Reported by Bengt Richter <bokr@bokr.com>.
* gnu/system.scm (%base-packages): Change from UTIL-LINUX to UTIL-LINUX+UDEV.
* gnu/system.scm (system-linux-image-file-name): Add support for cross-built
systems. Remove system argument that was ignored,
(operating-system-kernel-file): adapt by removing ignored os argument.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Add target
argument and turn inputs into native-inputs. Pass target to qemu-command
and gexp->derivation calls.
(iso9660-image): Add target argument and pass it to
expression->derivation-in-linux-vm. Remove qemu from inputs as it
is not necessary.
(qemu-image): Add target argument, also remove qemu from inputs. Pass
target argument to expression->derivation-in-linux-vm call.
Fixes <https://bugs.gnu.org/37569>.
Reported by Diego Nicola Barbato <dnbarbato@posteo.de>.
* gnu/system.scm (%setuid-programs): Add "mount" and "umount" from
util-linux.
This allows us to keep track of the extra menu entries specified in the
OS configuration.
* gnu/system.scm (<boot-parameters>)[bootloader-menu-entries]: New field.
(read-boot-parameters): Initialize it.
(operating-system-boot-parameters): Likewise.
(operating-system-boot-parameters-file): Serialize it.
* gnu/bootloader.scm (menu-entry->sexp, sexp->menu-entry): New
procedures.
This improves the readability of the boot process, especially when using full
disk encryption where you're required to enter the passphrase at a particular
point.
* gnu/system.scm (<operating-system>)[kernel-arguments]: Change the default to
'("quiet").
* doc/guix.texi (operating-system Reference): Document this change.
* gnu/system.scm (<operating-system>)[label]: New field.
(operating-system-default-label): New procedure.
(operating-system-boot-parameters): Use it instead of
'kernel->boot-label'.
* doc/guix.texi (operating-system Reference): Document it.
* gnu/system.scm (<operating-system>)[essential-services]: New field.
(operating-system-directory-base-entries): Remove #:container? keyword
and keep only the not-container branch.
(essential-services): Likewise.
(operating-system-services): Likewise, and call
'operating-system-essential-services' instead of 'essential-services'.
(operating-system-activation-script): Remove #:container?.
(operating-system-boot-script): Likewise.
(operating-system-derivation): Likewise.
* gnu/system/linux-container.scm (container-essential-services): New procedure.
(containerized-operating-system): Use it and set the
'essential-services' field.
(container-script): Remove call to 'operating-system-derivation'.
* gnu/system/vm.scm (system-docker-image): Likewise.
* doc/guix.texi (operating-system Reference): Document 'essential-services'.
* configure.ac: Require that guile-newt is available.
* gnu/installer.scm: New file.
* gnu/installer/aux-files/logo.txt: New file.
* gnu/installer/build-installer.scm: New file.
* gnu/installer/connman.scm: New file.
* gnu/installer/keymap.scm: New file.
* gnu/installer/locale.scm: New file.
* gnu/installer/newt.scm: New file.
* gnu/installer/newt/ethernet.scm: New file.
* gnu/installer/newt/hostname.scm: New file.
* gnu/installer/newt/keymap.scm: New file.
* gnu/installer/newt/locale.scm: New file.
* gnu/installer/newt/menu.scm: New file.
* gnu/installer/newt/network.scm: New file.
* gnu/installer/newt/page.scm: New file.
* gnu/installer/newt/timezone.scm: New file.
* gnu/installer/newt/user.scm: New file.
* gnu/installer/newt/utils.scm: New file.
* gnu/installer/newt/welcome.scm: New file.
* gnu/installer/newt/wifi.scm: New file.
* gnu/installer/steps.scm: New file.
* gnu/installer/timezone.scm: New file.
* gnu/installer/utils.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add previous files.
* gnu/system.scm: Export %root-account.
* gnu/system/install.scm (%installation-services): Use kmscon instead of linux
VT for all tty.
(installation-os)[users]: Add the graphical installer as shell of the root
account.
[packages]: Add font related packages.
* po/guix/POTFILES.in: Add installer files.