summary refs log tree commit diff
path: root/gnu/services
AgeCommit message (Collapse)Author
2022-08-01services: opensmtpd: Make commands setgid to "smtpq" by default.Maya
This is a patch that fixes "<executable name>: this program must be setgid smtpq". * gnu/services/mail.scm (<opensmtpd-configuration>)[setgid-commands?]: New field. (opensmtpd-set-gids): New procedure. (opensmtpd-service-type)[extensions]: Add SETUID-PROGRAM-SERVICE-TYPE extension. * doc/guix.texi (Mail Services): Document it. Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2022-08-01services: rottlog: More convenient default options for <log-rotation>.Ludovic Courtès
* gnu/services/admin.scm (%default-log-rotation-options): New variable. (%default-rotations): Use it. * gnu/services/cuirass.scm (cuirass-log-rotations): Likewise. * doc/guix.texi (Log Rotation): Adjust accordingly.
2022-08-01services: rottlog: Keep important /var/log files for 16 weeks.Ludovic Courtès
The default "rotate" value is 1 as of rottlog 0.72.2, meaning that only one rotated file would be kept in addition to the active file. * gnu/services/admin.scm (%default-rotations): Add "rotate" option for %ROTATED-FILES.
2022-08-01services: tor: Do not write to /var/log/tor.log.Ludovic Courtès
The service uses syslog and additionally shepherd 0.9 captures its stdout/stderr, so there's no point in passing #:log-file. * gnu/services/networking.scm (tor-shepherd-service): Remove #:log-file argument to 'make-forkexec-constructor'. (%tor-log-rotation): Remove. (tor-service-type): Remove ROTTLOG-SERVICE-TYPE extension.
2022-07-19services: tor: Switch to 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/networking.scm (tor-configuration->torrc): Remove "User" and "PidFile". (tor-shepherd-service): Use 'least-authority-wrapper' and 'make-forkexec-constructor' instead of 'make-forkexec-constructor/container'.
2022-07-15gnu: tests: Fix guix-data-service test.Timotej Lazar
Since revision 32, guix-data-service starts immediately but returns an HTTP error code until initialization is complete. Adjust the test accordingly, and remove the increased startup time limit. * gnu/services/guix.scm (guix-data-service): Use default #:pid-file-timeout. * gnu/tests/guix.scm (guix-data-service): Retry the http-get test several times to give the service time to initialize. Signed-off-by: Christopher Baines <mail@cbaines.net>
2022-07-13services: docker: Fix race condition.Oleg Pykhalov
Fixes <https://issues.guix.gnu.org/38432>. * gnu/packages/patches/containerd-create-pid-file.patch: New file. * gnu/local.mk (dist_patch_DATA): Add this. * gnu/packages/docker.scm (containerd)[source]: Add this patch. * gnu/services/docker.scm (containerd-shepherd-service): Add #:pid-file and #:pid-file-timeout. * gnu/services/docker.scm (docker-shepherd-service): Add --containerd flag. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-07-03services: guix-build-coordinator: Fix passing parallel-hooks.Christopher Baines
The previous approach didn't support a simple alist. * gnu/services/guix.scm (make-guix-build-coordinator-start-script): Fix passing parallel-hooks in to the start gexp.
2022-07-03services: Add anonip-service-type.Ricardo Wurmus
* gnu/services/web.scm (anonip-configuration): New record type. (anonip-configuration?, anonip-configuration-anonip, anonip-configuration-input, anonip-configuration-output, anonip-configuration-skip-private?, anonip-configuration-column, anonip-configuration-replacement, anonip-configuration-ipv4mask, anonip-configuration-ipv6mask, anonip-configuration-increment, anonip-configuration-delimiter, anonip-configuration-regex): New procedures. (anonip-service-type): New service type. * doc/guix.texi (Log Rotation): Add subheading for Anonip Service.
2022-07-01services: openssh: Listen on IPv6 only when IPv6 is supported.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/56327>. Reported by André Batista <nandre@riseup.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[ipv6-support?]: New variable. Use it in 'start' method.
2022-07-01services: root-file-system: Cleanly unmount upon shutdown.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/56209>. Reported by angry rectangle <angryrectangle@cock.li>. * gnu/packages/admin.scm (shepherd-0.9)[modules, snippet]: New fields. * gnu/services/base.scm (%root-file-system-shepherd-service): In 'stop' method, remove 'call-with-blocked-asyncs'. When 'mount' throws to 'system-error, call (@ (fibers) sleep) and try again. * gnu/tests/base.scm (run-root-unmount-test): New procedure. (%test-root-unmount): New variable.
2022-07-01services: nginx: Add support for extra content in upstream blocks.Christopher Baines
I'm looking at this as I'd like to use the keepalive functionality. * gnu/services/web.scm (nginx-upstream-configuration-extra-content): New procedure. (emit-nginx-upstream-config): Include the extra-content if applicable. * doc/guix.texi (NGINX): Document this.
2022-07-01services: guix: Support guix-build-coordinator parallel hooks.Christopher Baines
* gnu/services/guix.scm (guix-build-coordinator-configuration-parallel-hooks): New procedure. (make-guix-build-coordinator-start-script): Accept and use #:parallel-hooks. (guix-build-coordinator-shepherd-services): Pass parallel-hooks to make-guix-build-coordinator-start-script. * doc/guix.texi (Guix Build Coordinator): Document this new field.
2022-06-30services: greetd: Remove unnecessary user groups.Lars-Dominik Braun
* gnu/services/base.scm (%greetd-accounts): Remove supplementary groups users, tty, input, audio. Create special user group “greeter”.
2022-06-24services: configuration: Remove 'validate-configuration'.Ludovic Courtès
Now that configuration records use the 'sanitize' property for each field, 'validate-configuration' has become useless because it's impossible to construct an invalid configuration record. * gnu/services/configuration.scm (validate-configuration): Remove. * gnu/services/mail.scm (dovecot-service): Remove call. * gnu/services/vpn.scm (openvpn-client-service) (openvpn-server-service): Likewise. * doc/guix.texi (Complex Configurations): Remove documentation.
2022-06-24services: configuration: Report the location of field type errors.Ludovic Courtès
Previously field type errors would be reported in a non-standard way, and without any source location information. This fixes it. * gnu/services/configuration.scm (configuration-field-error): Add a 'loc' parameter and honor it. Use 'formatted-message' instead of plain 'format'. (define-configuration-helper)[field-sanitizer]: New procedure. Use it. Use STEM as the identifier of the syntactic constructor of the record type. Add a 'sanitize' property to each field. Remove now useless STEM macro that would call 'validate-configuration'. * gnu/services/mail.scm (serialize-listener-configuration): Adjust to new 'configuration-field-error' prototype. * tests/services/configuration.scm ("wrong type for a field"): New test. * po/guix/POTFILES.in: Add gnu/services/configuration.scm.
2022-06-22services: wireguard: Shepherd 'stop' method really stops.Ludovic Courtès
Until now the 'stop' method would return #t, which shepherd would interpret as "services could not be stopped". * gnu/services/vpn.scm (wireguard-shepherd-service): Have 'stop' return #f.
2022-06-17gnu: desktop: Add seatd-service-type.muradm
* gnu/services/desktop.scm (seatd-service-type): New variable * gnu/services/desktop.scm (seatd-configuration): New data type Signed-off-by: Lars-Dominik Braun <ldb@leibniz-psychology.org>
2022-06-17gnu: base: Add greetd-service-type.muradm
* gnu/services/base.scm (greetd-service-type): New variable * gnu/services/base.scm (greetd-configuration): New data type * gnu/services/base.scm (greetd-terminal-configuration): New data type * gnu/services/base.scm (greetd-agreety-session): New data type * gnu/services/base.scm (pam-limits-service-type): Should be aware of greetd PAM service * gnu/services/pam-mount.scm (pam-mount-pam-service): Should be aware of greetd PAM service Signed-off-by: Lars-Dominik Braun <ldb@leibniz-psychology.org>
2022-06-15services: configuration: Use *unspecified* instead of 'disabled.Attila Lendvai
Use *unspecified* as a marker for field values that have not been set. Rationale: 'disabled may easily clash with user values for boolean fields, is confusing (i.e. its meaning is *not* boolean false, but unspecified) and it also passes silently through the symbol? predicate of a field of type symbol. * gnu/services/configuration.scm (configuration-missing-default-value): Renamed from configuration-no-default-value. (define-maybe-helper): Use *unspecified* instead of 'disabled, and make the default value optional. * gnu/home/services/desktop.scm (home-redshift-configuration): Change (maybe-xyz 'disabled) to maybe-xyz. * gnu/services/authentication.scm (nslcd-configuration): Likewise. * gnu/services/cgit.scm (repository-cgit-configuration): Likewise. * gnu/services/file-sharing.scm (serialize-maybe-string) (serialize-maybe-file-object): Use 'unspecified?' instead of (eq? val 'disabled). * gnu/services/messaging.scm (raw-content?): Likewise. (ssl-configuration): Change (maybe-xyz 'disabled) to maybe-xyz. (prosody-configuration): Likewise. * gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise. * gnu/services/messaging.scm (define-all-configurations): Use *unspecified* instead of 'disabled'. * gnu/services/networking.scm (opendht-configuration): Likewise. * gnu/services/pm.scm (tlp-configuration): Likewise. * gnu/services/telephony.scm (jami-account): Likewise. (jami-configuration): Likewise. * gnu/services/vpn.scm (openvpn-client-configuration): Likewise. * tests/services/configuration.scm ("maybe type, no default") ("maybe type, with default"): New tests. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-06-15services: configuration: Support (field1 maybe-number "") format.Attila Lendvai
As opposed to explicitly using 'disabled as value, or using the (field1 (maybe-number) "") format. It's mostly the work of Maxime Devos shared under #54674, with some modifications by Attila Lendvai. * gnu/services/configuration.scm (normalize-field-type+def): New function. (define-configuration-helper) (define-configuration): Support new field format. * tests/services/configuration.scm (config-with-maybe-number->string): New function. ("maybe value serialization of the instance"): New test. ("maybe value serialization of the instance, unspecified"): New test. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-06-14services: dbus: Add a VERBOSE? configuration option.Maxim Cournoyer
* gnu/services/dbus.scm (<dbus-configuration>)[verbose?]: New field. (dbus-shepherd-service): Use it. (dbus-service)[verbose?]: Add argument and update doc. * doc/guix.texi (Desktop Services): Document it.
2022-06-13services: guix: Generalize extensions.terramorpha
* gnu/services/base.scm (<guix-extension>): New record type. (guix-extension-merge): New procedure. (guix-service-type): Honor extensions. * doc/guix.texi (Base Services): Document it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-06-11system: Align zram priority with swap-space spec to clarify.Josselin Poiret
Fixes <https://issues.guix.gnu.org/54783>. * gnu/services/linux.scm (zram-device-configuration) [priority]: Adapt to use #f or an integer from 0 to 32767. Add sanitizer to warn for the change and delay the field. (zram-device-configuration->udev-string): Adapt as above. * doc/guix.texi (Zram Device Service): Remove double copyright line. Change priority description to refer to the Swap Space one, and suggest not leaving the default #f on to properly use zram. Reported-by: Stefan Baums <baums@stefanbaums.com> Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-06-10services: jami-configuration: Rename 'jamid' field to 'libjami'.Maxim Cournoyer
* gnu/services/telephony.scm (gnu): (jami-configuration)[jamid]: Rename field to... [libjami]: ... this. (jami-configuration->command-line-arguments): Adjust accordingly. (jami-shepherd-services): Likewise.
2022-06-10services: jami: Modernize to adjust to Shepherd 0.9+ changes.Maxim Cournoyer
This partially fixes <https://issues.guix.gnu.org/54786>, allowing the 'jami' and 'jami-provisioning' system tests to pass again. In version 0.9.0, Shepherd constructors are now run concurrently, via cooperative scheduling (Guile Fibers). The Jami service previously relied on blocking sleeps while polling for D-Bus services to become ready after forking a process; this wouldn't work anymore since while blocking the service process wouldn't be given the chance to finish starting. The new reliance on Fibers in Shepherd's fork+exec-command in the helper 'send-dbus' procedure also meant that it wouldn't work outside of Shepherd anymore. Finally, the 'start-service' Shepherd procedure used in the test suite would cause the Jami daemon to be spawned multiple times (a bug introduced in Shepherd 0.9.0). To fix/simplify these problems, this change does the following: 1. Use the Guile AC/D-Bus library for D-Bus communication, which simplify things, such as avoiding the need to fork 'dbus-send' processes. 2. The non-blocking 'sleep' version of Fiber is used for the 'with-retries' waiting syntax. 3. A 'dbus' package variant is used to adjust the session bus configuration, tailoring it for the use case at hand. 4. Avoid start-service in the tests, preferring 'jami-service-available?' for now. * gnu/build/jami-service.scm (parse-dbus-reply, strip-quotes) (deserialize-item, serialize-boolean, dbus-dict->alist) (dbus-array->list, parse-account-ids, parse-account-details) (parse-contacts): Delete procedures. (%send-dbus-binary, %send-dbus-bus, %send-dbus-user, %send-dbus-group) (%send-dbus-debug): Delete parameters. (jami-service-running?): New procedure. (send-dbus/configuration-manager): Rename to... (call-configuration-manager-method): ... this. Turn METHOD into a positional argument. Turn ARGUMENTS into an optional argument. Invoke `call-dbus-method' instead of `send-dbus', adjusting callers accordingly. (get-account-ids, id->account-details, id->account-details) (id->volatile-account-details, username->id, add-account remove-account) (username->contacts, remove-contact, add-contact, set-account-details) (set-all-moderators, username->all-moderators?, username->moderators) (set-moderator): Adjust accordingly. (with-retries, send-dbus, dbus-available-services) (dbus-service-available?): Move to ... * gnu/build/dbus-service.scm: ... this new module. (send-dbus): Rewrite to use the Guile AC/D-Bus library. (%dbus-query-timeout, sleep*): New variables. (%current-dbus-connection): New parameter. (initialize-dbus-connection!, argument->signature-type) (call-dbus-method): New procedures. (dbus-available-services): Adjust accordingly. * gnu/local.mk (GNU_SYSTEM_MODULES): Register new module. * gnu/packages/glib.scm (dbus-for-jami): New variable. * gnu/services/telephony.scm: (jami-configuration)[dbus]: Default to dbus-for-jami. (jami-dbus-session-activation): Write a D-Bus daemon configuration file at '/var/run/jami/session-local.conf'. (jami-shepherd-services): Add the closure of guile-ac-d-bus and guile-fibers as extensions. Adjust imported modules. Remove no longer used parameters. <jami-dbus-session>: Use a PID file, avoiding the need for the manual synchronization. <jami>: Set DBUS_SESSION_BUS_ADDRESS environment variable. Poll using 'jami-service-available?' instead of 'dbus-service-available?'. * gnu/tests/telephony.scm (run-jami-test): Add needed Guile extensions. Set DBUS_SESSION_BUS_ADDRESS environment variable. Adjust all tests to use 'jami-service-available?' to determine if the service is started rather than the now problematic Shepherd's 'start-service'.
2022-06-06services: syslogd: Do not fsync at each line.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55707>. Previously Inetutils' syslogd would call 'fsync' after each line written to a file. This would significantly increase boot times on machines with slow-ish spinning HDDs, where each 'fsync' call would take between 0.1s and 0.4s (and we'd do two of them for each line, one for /var/log/messages and one for /var/log/debug). * gnu/services/base.scm (%default-syslog.conf): Add a '-' before each file name, except /var/log/secure. Change what goes to /var/log/debug.
2022-06-05services: guix-data-service: Increase timeout for service start.Timotej Lazar
The guix-data-service system test fails on a slower machine with a one-minute time limit. * gnu/services/guix.scm (guix-data-service): Double the #:pid-file-timeout. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-06-05services: pam-limits: Add sudo and sshd.Kiran Shila
* gnu/services/base.scm (pam-limits-service-type): Add "sudo" and "sshd" to the list. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-06-04services: bitlbee: Run under a UTF-8 locale.Ludovic Courtès
* gnu/services/messaging.scm (bitlbee-shepherd-service): In the 'make-inetd-constructor' case, set GUIX_LOCPATH and LC_ALL. In the 'least-authority-wrapper' call, preserve GUIX_LOCPATH and LC_ALL, and map /run/current-system/locale.
2022-06-04services: ddclient: No need to import (ice-9 rdelim) from the host.Attila Lendvai
* gnu/services/dns.scm (ddclient-activation): Remove (ice-9 rdelim) from the with-imported-modules form. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-05-31gnu: Remove wicd.Maxim Cournoyer
The last release is from 2017, stuck on Python 2. * gnu/packages/wicd.scm: Delete file. * gnu/packages/patches/wicd-bitrate-none-fix.patch: Delete file. * gnu/packages/patches/wicd-get-selected-profile-fix.patch: Likewise. * gnu/packages/patches/wicd-urwid-1.3.patch: Likewise. * gnu/packages/patches/wicd-wpa2-ttls.patch: Likewise. * gnu/local.mk: De-register them. * gnu/services/networking.scm: Remove wicd service... * doc/guix.texi: ... and its documentation. * gnu/system/linux-container.scm (containerized-operating-system) <services-to-drop>: Remove wicd-service-type.
2022-05-28services: elogind: When started by dbus-daemon, wait for the Shepherd service.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55444>. Previously shepherd and dbus-daemon would race to start elogind. In some cases (for instance if one logs in quickly enough on the tty), dbus-daemon would "win" and start elogind before shepherd has had a chance to do it. Consequently, shepherd would fail to start elogind and mark it as stopped and disabled, in turn preventing services that depend on it such as 'xorg-server' from starting. * gnu/services/desktop.scm (elogind-dbus-service): Rewrite to refer to a wrapper that waits for the 'elogind' Shepherd service.
2022-05-28services: herd: Add 'wait-for-service'.Ludovic Courtès
* gnu/services/herd.scm (wait-for-service): New procedure.
2022-05-26services: openssh: Remove authorized_keys.d before copying the new one.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55661>. * gnu/services/ssh.scm (openssh-activation): Fix typo in 'delete-file-recursively' call.
2022-05-26services: openssh: Fix computation of the authorized-key directory.Ludovic Courtès
Fixes a bug introduced in 1f29ed4a812f86c45e2d9c37fd9f80f6d0418293, whereby 'authorized-key-directory' would end up creating empty files for authorized keys passed as an extension. See <https://issues.guix.gnu.org/55359>. * gnu/services/ssh.scm (extend-openssh-authorized-keys): Call 'alist->vhash' on the alist resulting from the 'append' call.
2022-05-26services: ssh: Fix extend-openssh-authorized-keys.Oleg Pykhalov
Fixes #55359. * gnu/services/ssh.scm (extend-openssh-authorized-keys): Use KEYS argument.
2022-05-25gnu: guix-build-coordinator: Update to 0-53.3de63f1.Christopher Baines
* gnu/packages/package-management.scm (guix-build-coordinator): Update to 0-53.3de63f1. * gnu/services/guix.scm (guix-build-coordinator-queue-builds-configuration-guix-data-service-build-server-id): New procedure. (guix-build-coordinator-queue-builds-shepherd-services): Use the guix-data-service-build-server-id. * doc/guix.texi (Guix Build Coordinator): Document the new queue builds configuration field.
2022-05-24services: Add log rotation to most networking services.ykonai
This adds a simple log rotation extension to every networking service that specifies a #:log-file in its Shepherd service, which should prevent some logs from accumulating indefinitely. * gnu/services/networking.scm (%ntp-log-rotation): New variable. (ntp-service-type): Extend 'rottlog-service-type'. (openntpd-shepherd-service): Change #:log-file argument to "/var/log/ntpd.log". (openntpd-service-type): Extend 'rottlog-service-type'. (%tor-log-rotation): New variable. (tor-service-type): Extend 'rottlog-service-type'. (%connman-log-rotation): New variable. (connman-service-type): Extend 'rottlog-service-type'. (%hostapd-log-rotation): New variable. (hostapd-service-type): Extend 'rottlog-service-type'. (%pagekite-log-rotation): New variable. (pagekite-service-type): Extend 'rottlog-service-type'. (%yggdrasil-log-rotation): New variable. (yggdrasil-service-type): Extend 'rottlog-service-type'. (%ipfs-log-rotation): New variable. (ipfs-service-type): Extend 'rottlog-service-type'. (%keepalived-log-rotation): New variable. (keepalived-service-type): Extend 'rottlog-service-type'. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-05-22services: openssh: Listen on both IPv4 and IPv6.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55335>. Reported by Christopher Baines <mail@cbaines.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[inetd-style?]: New variable. <start>: Use it. When using 'make-inetd-constructor', pass a list of endpoints as is possible with the Shepherd 0.9.1. <stop>: Adjust accordingly. * gnu/tests/ssh.scm (run-ssh-test)["wait for port 22"]: Rename to... ["wait for port 22, IPv4"]: ... this. ["wait for port 22, IPv6"]: New test.
2022-05-18services: Add more description fields.Ludovic Courtès
* gnu/services.scm (simple-service): Add 'description' field. * gnu/services/base.scm (udev-rules-service): Likewise. * gnu/system/install.scm (configuration-template-service-type): Likewise. * gnu/tests.scm (marionette-service-type): Likewise.
2022-05-16services: bitlbee: Run as user "bitlbee".Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55450>. Fixes a bug introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby the inetd-spawned process would run as root (it would still run in a separate user namespace, with UID 1000 inside of it, but had the authority of root). * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:user and #:group to 'make-inetd-constructor'. Remove "-u bitlbee" argument to BITLBEE*.
2022-05-03services: pipefs: Correctly handle lack of extensions.Ludovic Courtès
Previously, in the absence of extensions of 'pipefs-service-type', we'd get a wrong-type-arg exception while folding services: In gnu/services/nfs.scm: 134:37 1 (_ #<<pipefs-configuration> mount-point: "/var/lib/nfs…> …) In ice-9/boot-9.scm: 1685:16 0 (raise-exception _ #:continuable? _) In procedure car: Wrong type argument in position 1 (expecting pair): () * gnu/services/nfs.scm (pipefs-service-type)[extend]: Gracefully handle the case where VALUES is the empty list, as done in 'gss-service-type'.
2022-05-02services: Make sure Shepherd destructors match constructors.Ludovic Courtès
This is a followup to b06ecc57515d4e3c8b2228e8142654e9a26ba6e1, 211fe3f66e6dfdaa64974931c458ab1d92afc182, and fd57ce267c4083fe98242caa31075d2bd62903bf. * gnu/services/base.scm (guix-publish-shepherd-service): Change 'stop' method to use 'make-systemd-destructor' when 'make-systemd-constructor' is used. * gnu/services/dict.scm (dicod-shepherd-service): Change 'stop' method to use 'make-inetd-destructor' when 'make-inetd-constructor' is used. * gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise.
2022-05-02services: bitlbee: Preserve 'PURPLE_PLUGIN_PATH'.Ludovic Courtès
Fixes a regression introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby, in inetd mode, and when using 'bitlbee-purple', libpurple plugins would not be found. * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:preserved-environment-variables to 'least-authority-wrapper'.
2022-05-01services: opendht: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/networking.scm (opendht-configuration->command-line-arguments): Use 'least-authority-wrapper'. (opendht-shepherd-service): Use 'make-forkexec-constructor'.
2022-05-01services: quassel: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/messaging.scm (quassel-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'.
2022-05-01services: wesnothd: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/games.scm (wesnothd-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'.
2022-05-01services: wesnothd: Grant write access to /var/run/wesnothd.Ludovic Courtès
* gnu/services/games.scm (wesnothd-shepherd-service): Augment 'modules' field. Pass #:mappings argument to 'make-forkexec-constructor/container'. (wesnothd-activation): New variable. (wesnothd-service-type): Extend ACTIVATION-SERVICE-TYPE.
2022-05-01services: ipfs: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/networking.scm (ipfs-binary): Call 'least-authority-wrapper'. (%ipfs-home-mapping): Remove surrounding gexp. (ipfs-shepherd-service)[exec-command]: New procedure. [ipfs-config-command, set-config!-gexp, shepherd&co] [container-gexp, container-script]: Remove. [inner-gexp]: Use 'exec-command'.