* gnu/services/ssh.scm (<openssh-configuration>)[generate-host-keys?]:
New field.
(openssh-activation): Honor it.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/base.scm (<guix-configuration>)[generate-substitute-key?]:
New field.
(guix-activation): Honor it.
* doc/guix.texi (Base Services): Document it.
* po/doc/guix-cookbook.uk.po: New file.
* po/doc/local.mk: Add uk cookbook.
* doc/local.mk: Add uk cookbook.
* po/guix/fa.po: New file.
* po/guix/uk.po: New file.
* po/guix/LINGUAS: Add fa and uk.
* gnu/build/linux-boot.scm (boot-system): Honor rootfstype and rootflags
arguments. Update doc. Error out in case there is insufficient information
with regard to the root file system.
Restore the behavior of inferring the root device from the root file system
from the operating system in case the root argument is not provided.
* doc/guix.texi (Initial RAM Disk): Document the new command-line parameters.
This is to make it less surprising, given the common convention sets forth by
the kernel Linux command-line parameters.
* gnu/build/linux-boot.scm (boot-system): Rename '--load', '--repl', '--root'
and '--system' to 'gnu.load', 'gnu.repl', 'root' and 'gnu.system',
respectively. Adjust doc.
(find-long-option): Adjust doc.
* gnu/installer/parted.scm (installer-root-partition-path): Adjust accordingly.
* gnu/system.scm (bootable-kernel-arguments): Add a VERSION argument and
update doc. Use VERSION to conditionally return old style vs new style initrd
arguments.
(%boot-parameters-version): Increment to 1.
(operating-system-boot-parameters): Adjust doc.
(operating-system-boot-parameters-file): Likewise.
* gnu/system/linux-initrd.scm (raw-initrd, base-initrd): Likewise.
* doc/guix.texi: Adjust doc.
* gnu/build/activation.scm (boot-time-system): Adjust accordingly.
* gnu/build/hurd-boot.scm (boot-hurd-system): Likewise.
* gnu/packages/commencement.scm (%final-inputs-riscv64): Adjust comment.
This package has a long history of confusing users, due to containing only a
small, arbitrary subset of UTF-8 locales.
* gnu/packages/base.scm (glibc-utf8-locales): Define as a hidden package.
* doc/guix.texi (Application Setup): Do not mention glibc-utf8-locales.
Instead, provide an example for defining a custom locales package.
* guix/scripts/pull.scm (display-channel-news): Return #t when news were
displayed.
(display-news): Add #:profile-news? parameter and honor it. Print
something there were no news.
(process-query): For 'display-news', call 'display-channel-news'
directly.
* doc/guix.texi (Invoking guix pull): Adjust accordingly.
%setuid-programs was previously moved to be in the list sexp instead of just
the append one. This causes an "invalid G-expression input" error.
Error reported by: Kolev on #guix.
* doc/guix.texi (Setuid Programs): Move %setuid-programs out to the append
sexp.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* doc/contributing.texi (Building from Git): Tweak so that all the
commands appear in @example boxes. Show --localstatedir=/var instead of
--localstatedir=@var{directory}.
* doc/guix.texi (Swap Space): The examples referred to variables
defined outside of the snippets, and so were not very informative for
people without much Guile knowledge. Instead, refer to mapped-devices
for the first, and use the new helper
file-systme-mount-point-predicate for the second.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a bug whereby authentication of a commit *not* descending from the
introductory commit could succeed, provided the commit verifies the
authorization invariant.
In the example below, A is a common ancestor of the introductory commit
I and of commit X. Authentication of X would succeed, even though it is
not a descendant of I, as long as X is authorized according to the
'.guix-authorizations' in A:
X I
\ /
A
This is because, 'authenticate-repository' would not check whether X
descends from I, and the call (commit-difference X I) would return X.
In practice that only affects forks because it means that ancestors of
the introductory commit already contain a '.guix-authorizations' file.
* guix/git-authenticate.scm (authenticate-repository): Add call to
'commit-descendant?'.
* tests/channels.scm ("authenticate-channel, not a descendant of introductory commit"):
New test.
* tests/git-authenticate.scm ("authenticate-repository, target not a descendant of intro"):
New test.
* tests/guix-git-authenticate.sh: Expect earlier test to fail since
9549f0283a is not a descendant of
$intro_commit. Add new test targeting an ancestor of the introductory
commit, and another test targeting the v1.2.0 commit.
* doc/guix.texi (Specifying Channel Authorizations): Add a sentence.
* doc/guix.texi (Monitoring Services): Document the various 'zabbix-*' service
types, and expand description of all Zabbix services. Use less marketing terms.
(Web Services): Add subsubheading for PHP-FPM, and anchors for
cross-referencing.
* gnu/services/monitoring.scm (zabbix-front-end-configuration): Use @ref
instead of @pxref for cross-referencing.
...to make them in line with the newly generated front-end documentation.
* doc/guix.texi (Monitoring Services): Regenerate zabbix-server-configuration
and zabbix-agent-configuration.
Commit e301f1a8ed removed the NGINX argument
entirely, but users may rely on and override it. Reported by rekado on #guix.
* gnu/services/monitoring.scm (%zabbix-front-end-nginx-configuration): Restore
exported variable.
(zabbix-front-end-nginx-extension): New procedure.
(zabbix-front-end-configuration): Remove FASTCGI-PARAMS field. Restore NGINX
field, but default to the empty list.
(zabbix-front-end-service-type): Extend NGINX-SERVICE-TYPE by
ZABBIX-FRONT-END-NGINX-EXTENSION.
* doc/guix.texi (Monitoring Services): Regenerate documentation.
* gnu/services/guix.scm (<nar-herder-configuration>): Add ttl and negative-ttl
fields.
(nar-herder-shepherd-services): Pass the ttl and negative-ttl values to the
service.
* doc/guix.texi (Guix Services): Document this.
* guix/profiles.scm (generation-number): Add optional 'base-profile'
parameter and use it.
* guix/scripts/system.scm (process-command): Add "/run/current-system"
as first argument to 'generation-number'.
* doc/guix.texi (Invoking guix system): Clarify that 'guix system
describe' shows the running system.
* doc/contributing.texi (Running Guix Before It Is Installed): Mention
how to remedy "source file ... newer than compiled" error by running
`make -j`.
Co-authored-by: jgart <jgart@dismail.de>
Co-authored-by: Julien Lepiller <julien@lepiller.eu>
Co-authored-by: Ryan Prior <rprior@protonmail.com>
Co-authored-by: Blake Shaw <blake@nonconstructivism.com>
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
* doc/contributing.texi (Building from Git): Adds section on using
make clean-go.
Co-authored-by: jgart <jgart@dismail.de>
Co-authored-by: Julien Lepiller <julien@lepiller.eu>
Co-authored-by: Ryan Prior <rprior@protonmail.com>
Co-authored-by: Blake Shaw <blake@nonconstructivism.com>
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
Suggested by Maxime Devos <maximedevos@telenet.be>
and Maxim Cournoyer <maxim.cournoyer@gmail.com>.
* doc/guix.texi (package Reference): Clarify 'native-search-paths'
vs. 'search-paths'.
(Search Paths): Link to it. Remove unnecessarily "define libxml2".
Reword 'file-pattern' description that said "When true".
* doc/build.scm (localization-helper-module)[content](translate): Add
call to 'setenv' before 'write'. Remove use of 'with-language'.
(language-code->native-name): New procedure.
(html-manual-indexes)[build](top-level-index): Use it.
Fixes <https://issues.guix.gnu.org/52766>.
Reported by Michael Rohleder <mike@rohleder.de>.
* gnu/machine/ssh.scm (<machine-ssh-configuration>)[safety-checks?]: New
field.
(machine-check-file-system-availability): Return the empty list when
'safety-checks?' is false.
(machine-check-initrd-modules): Likewise.
* doc/guix.texi (Invoking guix deploy): Document it.
Make sure that the images are created with a non volatile root by default and
the vm are created with a volatile root by default. Break the --volatile
option into --volatile-image and --persistent-vm options.
* guix/scripts/system.scm (perform-action): Turn volatile? argument into
volatile-vm-root?.
(show-help): Introduce --volatile-image and --persistent-vm options instead of
--volatile.
(%default-options): Adapt it.
(%options): Handle those options.
(process-action): Honor them.
* doc/guix.texi (Invoking guix system): Adapt it accordingly.
* gnu/services/telephony.scm (jami-configuration)[jamid]: Rename libring to
libjami.
* gnu/services/telephony.scm
(jami-configuration->command-line-arguments): Adjust daemon file name.
* gnu/services/telephony.scm (jami-service-type): Adjust doc.
* gnu/tests/telephony.scm (run-jami-test): Check for 'jamid' process, not
'dring'.
* doc/guix.texi (Telephony Services): Adjust doc for the jami-qt to jami and
libring to libjami packages renaming.
This enables profile caching not just when '-m' or '-f' is used, but
also when package specs are passed on the command line, as in:
guix shell -D guix git
It also changes profile cache keys to include the system type, which was
previously ignored.
* guix/scripts/shell.scm (options-with-caching)[single-file-for-caching]:
Remove.
Call 'profile-cached-gc-root' instead; adjust to accept two values.
(profile-cache-primary-key): New procedure.
(profile-cache-key): Remove.
(profile-file-cache-key, profile-spec-cache-key): New procedures.
(profile-cached-gc-root): Rewrite to include functionality formally in
'single-file-for-caching', but extend to handle package specs.
* gnu/packages.scm (cache-is-authoritative?): Export.
* guix/transformations.scm (transformation-option-key?): New procedure.
* doc/guix.texi (Invoking guix shell): Move '--rebuild-cache'
documentation to the bottom, just above '--root'. Explain caching and
how these two options relate to that.
The old output differs greatly from the current one and contains a typo.
* doc/guix.texi (Invoking guix home): Update ‘guix home search’ output
sample.
This is a followup to 05c962594c.
Discussed at <https://issues.guix.gnu.org/51307#24>.
* guix/scripts/hash.scm (%options): Warn about deprecation for
"--recursive", but not for '-r' as it's a convenient shorthand. Mention
'--serializer=nar' in the deprecation message.
* doc/guix.texi (Invoking guix hash): Adjust accordingly.
* guix/build/julia-build-system.scm (link-depot): Create 'Project.toml' file
when missing using data provided by the user.
(julia-create-package-toml): Remove from export.
* doc/guix.texi (Build Systems): Update julia-build-system section.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
nmtui does not benefit from being setuid. Oops.
* doc/guix.texi (Setuid Programs): Replace network-manager's /bin/nmtui
with nfs-utils' /sbin/mount.nfs. Change a @code{} to a @command{}.
Based on user feedback, the shadow / passwd example was too obscure for those
who aren't familiar with the shadow collection of tools. And it was also
considered confusing for the two examples to use different packages.
* doc/guix.texi (Setuid Programs): Use 'nmtui' in the examples.
Suggested by Alexander Asteroth <alexander.asteroth@h-brs.de>.
* doc/guix.texi (Defining Package Variants): Document all the supported
clauses of 'modify-inputs'.
This avoids issues where the coordinator component dependencies (like sqitch
and guile-fibers) make it harder to use the agent.
* gnu/packages/package-management.scm (guix-build-coordinator/agent-only): New
variable.
* gnu/services/guix.scm (<guix-build-coordinator-agent-configuration>): Use
the guix-build-coordinator/agent-only package by default.
* doc/guix.texi (Guix Services): Update accordingly.
Fixes <https://issues.guix.gnu.org/52539>.
Reported by Jacob First <jacob.first@member.fsf.org>.
* gnu/build/accounts.scm (allocate-passwd): Add comment as to why
'real-name' is taken from PREVIOUS. Add (not system?) to the
condition.
* gnu/system.scm (operating-system-etc-service) <login.defs>: Add
"CHFN_RESTRICT".
* gnu/system.scm (%setuid-programs): Add "chfn".
* gnu/system/pam.scm (base-pam-services): Add "chfn".
* doc/guix.texi (User Accounts): Document it.
* guix/scripts/system.scm (system-derivation-for-action): Use the image API to
generate the docker images and deprecate the docker-image command.
(process-action): Ditto.
* doc/guix.texi (Invoking guix system): Adapt it.
This code duplicates the (gnu system image) and (gnu build image) code. Using
VM for image generation is not needed, not portable and really slow. Remove
all the VM image generation code to make sure that only the image API is used.
* gnu/build/vm.scm: Remove it. Move the qemu-command procedure to ...
* gnu/build/marionette.scm: ... here.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adapt it.
* tests/modules.scm: Ditto.
* gnu/tests/install.scm: Ditto.
* gnu/system/vm.scm: Adapt it and remove expression->derivation-in-linux-vm,
qemu-img, system-qemu-image/shared-store and system-docker-image procedures.
* doc/guix.texi (G-Expressions): Adapt it.
Until now the rsync service would export a single module, named
"files". This allows users to specify as many modules as they want, in
line with rsyncd.conf(5).
* gnu/services/rsync.scm (warn-share-field-deprecation): New procedure.
(<rsync-configuration>)[modules]: New field.
[share-path, share-comment, read-only?, timeout]: Mark as deprecated.
(<rsync-module>): New record type.
(%default-modules): New variable.
(rsync-configuration-modules): New procedure.
(rsync-activation): Create the directory of each module.
(rsync-config-file): Generate configuration for each module.
(rsync-service-type)[description]: New field.
* doc/guix.texi (Networking Services): Adjust documentation. Augment
example.
* guix/scripts/hash.scm (git-hash): New procedure.
(%options): Use it.
* tests/guix-hash.sh: Test it.
* doc/guix.texi: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>