Age | Commit message (Collapse) | Author |
|
* gnu/system/install.scm (installation-os)[setuid-programs]: Remove.
[privileged-programs]: New field.
Change-Id: I5c93f282f5ec790f13ac076e0ab0f6d59d92d59d
|
|
Fixes a bug whereby Hurd systems would find themselves including
‘%default-privileged-programs’ in addition to ‘%setuid-programs/hurd’.
* gnu/system/hurd.scm (%hurd-default-operating-system)[privileged-programs]:
New field.
Change-Id: I5b6a55a8df7e6af697d22166e9f483f6dd816e64
|
|
* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported. Include privileged-program-capabilities
in the compatibility hack.
|
|
* gnu/system/setuid.scm (setuid-program): Rewrite as syntax to create a
<privileged-program> record that is setuid by default.
(setuid-program?, setuid-program-program, setuid-program-setuid?)
(setuid-program-setgid?, setuid-program-user, setuid-program-group):
Alias their privileged-program equivalent.
|
|
* gnu/system/privilege.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
|
|
Add a mechanism to only require mounting a subset of file-system entries
during early Shepherd initialization. Any file-system with additional Shepherd
service requirements (e.g. networking) is not required to provision
'file-systems.
* gnu/services/base.scm (file-system-shepherd-service): Splice
file-system-requirements into the Shepherd service requirement list.
(file-system-shepherd-services): Provision 'file-system only when file system
services without additional Shepherd requirements are started.
* gnu/system/file-systems.scm (file-system): Add shepherd-requirements field
to the file-system record. This field is used for adding additional Shepherd
requirements to a file-system Shepherd service.
* doc/guix.texi: Add documentation for file-system shepherd-requirements.
Change-Id: If0392db03d48e8820aa53df1df482c12ec72e1a5
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
This brings the on disk size of the kernel from 164 MiB to 144 MiB, or about
12%.
* gnu/packages/linux.scm (default-extra-linux-options)
[version>=5.13]: Enable CONFIG_MODULE_COMPRESS_ZSTD, else
CONFIG_MODULE_COMPRESS_GZIP.
(make-linux-libre*) [phases] {set-environment}: Set ZSTD_CLEVEL environment
variable to 19.
[native-inputs]: Add zstd.
* gnu/build/linux-modules.scm (module-regex): Add .zst to regexp. Update doc.
(modinfo-section-contents): Extend support to Zstd compressed module.
(dot-ko): Register the 'zstd compression type.
(ensure-dot-ko, file-name->module-name, load-linux-module*)
(module-name->file-name/guess, write-module-name-database)
(write-module-alias-database, write-module-device-database): Update doc.
(module-name-lookup): Also consider zstd-compressed modules.
* gnu/installer.scm (installer-program): Add guile-zstd extension to gexp.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Likewise.
Decompress zstd-compressed modules for use in initrd.
* guix/profiles.scm (linux-module-database): Add guile-zstd extension to gexp.
Change-Id: Ide899dc5c58ea5033583b1a91a92c025fc8d901a
|
|
Tested with (locally fixed) lvm-separate-home-os system test.
* gnu/system/mapped-devices.scm (lvm-device-mapping): Add SRFI-1 to
modules.
Change-Id: I8c155b47c29004bdc59057391dfba94ce33bdbc2
|
|
* gnu/system/images/visionfive2.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Change-Id: I8831f1148bcddb0d604e1174034fca85cd2887a1
|
|
* gnu/system/image.scm: Switch Inversion logic, it allow we use customize
bootloader with gpt image.
Change-Id: I801327f6e826a37588b8f0f5246ca820e742f721
|
|
* gnu/system/file-systems.scm (%pseudo-file-system-types): Add "virtiofs"
to the list of pseudo file system types.
Change-Id: Ib1d99127e65f6543c592faec1c54bd0c5eae3ad7
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
‘guile-static-initrd’ weighs in at 46 MiB, compared to 54 MiB for
‘guile-static-stripped’ (15% reduction).
* gnu/packages/make-bootstrap.scm (make-guile-static-stripped): Add
‘directories-to-remove’ parameter and honor it.
(%guile-static-initrd): New variable.
* gnu/system/linux-initrd.scm (expression->initrd): Default to
‘%guile-static-initrd’.
* doc/guix.texi (Initial RAM Disk): Adjust accordingly.
Change-Id: I2baf06fed7a3698433e7c83b1d7726054a8c746e
|
|
This reduces the default set of locales from 92 MiB to 28 MiB.
* gnu/system/locale.scm (%default-locale-definitions): Reduce to 10
locales.
Change-Id: I3c092604301d69db591957bcfd62a062c3ac5ab0
|
|
The transition from glibc 2.33 to 2.35 was done in
c919bfefd98bf2e29549539b4e28e6dc2a8a6f32 (one year ago), so we can
assume that the backward-compatible locales are no longer needed by
default.
This removes 92 MiB from the system closure.
* gnu/system/locale.scm (%default-locale-libcs): Remove GLIBC-2.33.
Change-Id: I85948bbe6b2d424f9f158eeafdb5543688c66c6b
|
|
This is a follow-up to commit 86afaadb51 ("system: Add 'nss-certs' to
%base-packages-networking.")
* doc/guix-cookbook.texi (Running Guix on a Linode Server): Remove nss-certs
from operating system's packages field.
(Running Guix on a Kimsufi Server): Likewise.
* doc/guix.texi (Using the Configuration System): Likewise.
(X.509 Certificates): Adjust to mention nss-certs *is* part of %base-packages.
* gnu/installer/services.scm (%system-services): Remove recommendation to
install nss-certs.
* gnu/system/examples/bare-bones.tmpl (host-name): Remove obsolete comments.
* gnu/system/examples/desktop.tmpl (packages): Remove nss-certs.
* gnu/system/examples/lightweight-desktop.tmpl (packages): Likewise.
* gnu/system/examples/plasma.tmpl (packages): Likewise.
* gnu/system/examples/raspberry-pi-64-nfs-root.tmpl (packages): Likewise.
* gnu/system/examples/raspberry-pi-64.tmpl (packages): Likewise.
* gnu/system/examples/vm-image.tmpl (packages): Likewise.
* gnu/system/images/orangepi-r1-plus-lts-rk3328.scm (packages): Likewise.
* gnu/system/images/pine64.scm (packages): Likewise.
* gnu/system/install.scm (installation-os) [packages]: Likewise.
Change-Id: If09123a69b987178bcb0aab61c4570c14fc1286f
|
|
Fixes a regression introduced in
8f8ec56052766aa5105d672b77ad9eaca5c1ab3c, whereby passing a “fake”
kernel package would no longer work.
Fixes <https://issues.guix.gnu.org/70239>.
* gnu/system/linux-initrd.scm (flat-linux-module-directory)[build-exp]:
Gracefully handle lack of “modules.builtin” file.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I3acf48123b20f0b6a3b9cc0bf22f76cec3e64361
|
|
Suggested by Zheng Junjie <zhengjunjie@iscas.ac.cn>.
* gnu/system/vm.scm (system-qemu-image/shared-store-script)[qemu-exec]:
Wrap first element in ‘with-parameters’.
Change-Id: Iab9905aaa7e80bad0372c1ee7c3ea88a89564f8f
|
|
Fixes <https://issues.guix.gnu.org/70266>.
* gnu/system/mapped-devices.scm (luks-device-mapping)[modules]: New
field.
(open-luks-device): Remove non-top-level ‘use-modules’ form.
* gnu/system/linux-initrd.scm (raw-initrd): Remove modules that were
added specifically for ‘luks-device-mapping’.
Change-Id: I4253c3dd5e3cbcee41ec84fd57227abd428d1bd6
|
|
* gnu/system/mapped-devices.scm (<mapped-device-type>)[modules]: New
field.
(device-mapping-service-type): Honor it.
* gnu/system/linux-initrd.scm (raw-initrd): Likewise.
Change-Id: Icc702cb6f281741975e33203f87fbc1ffa9856da
|
|
* gnu/system/vm.scm (common-qemu-options): Add target keyword.
Change-Id: Ic9bf18cf60ac5ce623289df31ea050a22c6e604e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system/vm.scm (system-qemu-image/shared-store-script): When target
riscv64, add arguments to set qemu virt machine type.
Change-Id: I974c82fdd2d5bfc01caff9e6411db38e472b5cd4
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system/linux-initrd.scm(default-initrd-modules): when target-riscv64,
don't add hid-apple module.
Change-Id: I633468421db0cb1ebd61e0603021fa1c79038473
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system/vm.scm (virtualized-operating-system) When target riscv64-linux,
use u-boot-qemu-riscv64-bootloader. Add system, target keyword.
Change-Id: I22d64d00670a705e4b81427e44a83d504598b536
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Use #$ allow cross-compile to with support current system kernel.
e.g. linux-libre-riscv64-generic.
* gnu/system/vm.scm(system-qemu-image/shared-store-script)
(linux-image-startup-command): use #$ for kernel-arguments.
Change-Id: I9d2e7df296ce590b95cd30996b33f8ca692ac1b1
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system/linux-initrd.scm (flat-linux-module-directory)
[build-exp]<builtin-modules,modules-to-lookup>: New variables.
<modules>: Use ‘modules-to-lookup’ to avoid looking up builtin modules.
Change-Id: I60fdae0211bb6632508b1c63582e013e78186cd1
|
|
Ordinary .guix-profile is searched already. Also this makes desktop
environments find packages installed in Guix Home.
* gnu/system/shadow.scm (%default-bash-profile): Add Home search paths.
|
|
* gnu/services/virtualization.scm (<virtual-build-machine>): New record type.
(%build-vm-ssh-port, %build-vm-secrets-port, %x86-64-intel-cpu-models):
New variables.
(qemu-cpu-model-for-date, virtual-build-machine-ssh-port)
(virtual-build-machine-secrets-port): New procedures.
(%minimal-vm-syslog-config, %virtual-build-machine-operating-system):
New variables.
(virtual-build-machine-default-image):
(virtual-build-machine-account-name)
(virtual-build-machine-accounts)
(build-vm-shepherd-services)
(initialize-build-vm-substitutes)
(build-vm-activation)
(virtual-build-machine-offloading-ssh-key)
(virtual-build-machine-activation)
(virtual-build-machine-secret-root)
(check-vm-availability)
(build-vm-guix-extension): New procedures.
(initialize-hurd-vm-substitutes): Remove.
(hurd-vm-activation): Rewrite in terms of ‘build-vm-activation’.
* gnu/system/vm.scm (linux-image-startup-command): New procedure.
(operating-system-for-image): Export.
* gnu/tests/virtualization.scm (run-command-over-ssh): New procedure,
extracted from…
(run-childhurd-test): … here.
[test]: Adjust accordingly.
(%build-vm-os): New variable.
(run-build-vm-test): New procedure.
(%test-build-vm): New variable.
* doc/guix.texi (Virtualization Services)[Virtual Build Machines]: New
section.
(Build Environment Setup): Add cross-reference.
Change-Id: I0a47652a583062314020325aedb654f11cb2499c
|
|
* gnu/system/vm.scm (<virtual-machine>)[cpu-count]: New field.
(virtual-machine-compiler): Honor it.
Change-Id: I907a89365f32ac7a9981c4ae5f59cf6eb199c3cc
|
|
* gnu/system/vm.scm: Export.
Change-Id: If65d96f4052d070af5baee26f3dd9b233b8480f4
|
|
* gnu/system/vm.scm (<virtual-machine>)[date]: New field.
(virtual-machine-compiler): Honor it.
Change-Id: Idab1c152466d57cbc6784c031a99fdfd37080bcb
|
|
Currently it's not possible to set `essential-services' when building
operating systems for containers, since `container-essential-services'
always uses the defaults.
It's possible to reference `essential-services' from the operating
system that's passed in, but since it's thunked, the operating system
needs to be defined in two passes to avoid an infinite loop.
* gnu/system/linux-container.scm (container-essential-services): Use
operating-system-essential-services instead of the defaults to allow
overriding the base services.
(containerized-operating-system): Update accordingly.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I81452487ef1ad01d3fa874c26d93a67d58ce6062
|
|
Without this change, trying to create a system image with efi-raw type while
using grub-efi-removable-bootloader fails with fairly confusing message:
EFI bootloader required with GPT partitioning
* gnu/system/image.scm (system-disk-image): Consider
grub-efi-removable-bootloader to be EFI bootloader.
Change-Id: I5f5e1a94e825fd29d6880c5bafb330e16a5ac962
|
|
The removed fields are already sourced in /etc/profile.
* gnu/system/shadow.scm (%default-zprofile): Sync with default zprofile
from (gnu home services shells).
Change-Id: I419eadf636344e23e8fd2f7006efa81f45527756
|
|
* gnu/system/shadow.scm (%deafult-skeleton-home-config): New variable.
(default-skeletons): Add it.
Change-Id: Ida4cca8b1b3674491a4f18d94bc1b12d426575ba
|
|
* gnu/system/shadow.scm (%default-dotguile): Extract from
default-skeletons, export.
(default-skeletons): Use %default-dotguile.
Change-Id: Ibe91b3b517ae542bd28070a08e14152f87ed75ec
|
|
* gnu/system/shadow.scm (%default-nanorc): Extract from
default-skeletons, export.
(default-skeletons): Use %default-nanorc.
Change-Id: I0d07b13ed4894b1152a08b96d9ef8527dde073ce
|
|
* gnu/system/shadow.scm (%default-gdbinit): Extract from
default-skeletons, export.
(default-skeletons): Use %default-gdbinit.
Change-Id: Ia5188f8083a83ad4cdb96e234dbd730b1bfe0072
|
|
* gnu/system/shadow.scm (%default-xdefaults): Extract from
default-skeletons, export.
(default-skeletons): Use %default-xdefaults.
Change-Id: I44018516ec3687a68d32ca5c86c41bc29507a273
|
|
* gnu/system/shadow.scm (%default-zprofile): Extract from
default-skeletons, export.
(default-skeletons): Use %default-zprofile.
Change-Id: I6c6e158bca2e462a2eae709fbc2c25a2c7f3f8b4
|
|
gnu/system/shadow.scm (%default-bash-profile): Extract from
default-skeletons, export.
(default-skeletons): Use %default-bash-profile.
Change-Id: I45641b1091daee3495a5f92bdc1a63050e0cc59e
|
|
Requiring the user to input their password in order to unlock a device is not
always reasonable, so having an option to unlock the device using a key file
is a nice quality of life change.
* gnu/system/mapped-devices.scm (open-luks-device): Add #:key-file argument.
(luks-device-mapping-with-options): New procedure.
* doc/guix.texi (Mapped Devices): Describe the new procedure.
Change-Id: I1de4e045f8c2c11f9a94f1656e839c785b0c11c4
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system.scm (hurd-default-essential-services): Remove reference to
‘shepherd-0.8’.
* gnu/system/hurd.scm (%base-packages/hurd): Replace ‘shepherd-0.8’ with
‘shepherd-0.10’.
Change-Id: I9f1800693cda456286450d3d0bb6f7e3da85d55e
|
|
* guix/scripts/system.scm (show-help, %docker-format-options, %options,
%default-options, show-docker-format-options,
show-docker-format-options/detailed, process-action): Handle '--max-layers'
option.
* gnu/system/image.scm (system-docker-image): Same.
* gnu/image.scm (<image>)[max-layers]: New record field.
Change-Id: I2726655aefd6688b976057fd5a38e9972ebfc292
|
|
* gnu/system/examples/vm-image.tmpl (auto-update-resolution-crutch): Delete
variable.
(operating-system) [packages]: Add x-resize.
[services]: Remove auto-update-resolution-crutch mcron service.
Fixes: https://issues.guix.gnu.org/57068
Reported-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I45cd3d79b94ece2511d324c7b180f8f37bd9ba49
|
|
* gnu/local.mk: Register image.
* gnu/system/images/orangepi-r1-plus-lts-rk3328.scm: New file.
* gnu/system/install.scm (orangepi-r1-plus-lts-rk3328-installation-os):
New variable.
Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
|
|
* gnu/system/file-systems.scm (%pseudo-file-system-types): Add tracefs.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/packages.scm (%standard-patch-inputs): Use
‘libc-utf8-locales-for-target’ instead of ‘glibc-utf8-locales’.
* guix/self.scm (%packages): Likewise.
* gnu/home/services/ssh.scm (file-join): Likewise
* gnu/installer.scm (build-compiled-file): Likewise.
* gnu/packages/chromium.scm (ungoogled-chromium/wayland): Likewise.
* gnu/packages/gnome.scm (libgweather4, tracker): Likewise.
* gnu/packages/javascript.scm (js-mathjax): Likewise.
* gnu/packages/package-management.scm (guix, flatpak): Likewise.
* gnu/packages/raspberry-pi.scm (raspi-arm64-chainloader): Likewise.
* gnu/packages/suckless.scm (svkbd): Likewise.
* gnu/services.scm (cleanup-gexp): Likewise.
* gnu/services/base.scm (guix-publish-shepherd-service): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services)
(guix-build-coordinator-agent-shepherd-services): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services):
(guix-data-service-shepherd-services)
(nar-herder-shepherd-services)
(bffe-shepherd-services): Likewise.
* gnu/services/web.scm (anonip-shepherd-service)
(mumi-shepherd-services): Likewise.
* gnu/system/image.scm (system-disk-image, system-iso9660-image)
(system-docker-image, system-tarball-image): Likewise.
* gnu/system/install.scm (%installation-services): Likewise.
* guix/profiles.scm (info-dir-file): Likewise.
(ca-certificate-bundle, profile-derivation): Likewise.
* guix/scripts/pack.scm (store-database, set-utf8-locale): Likewise.
* tests/pack.scm: Likewise.
* tests/profiles.scm ("profile-derivation, cross-compilation"):
Likewise.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Co-authored-by: Christopher Baines <mail@cbaines.net>
Change-Id: I24239f427bcc930c29d2ba5d00dc615960a6c374
|
|
This is Ludo's suggestion at <https://issues.guix.gnu.org/36069#26>,
with an added guard against duplicates and a tweaked comment.
* gnu/system/vm.scm (virtualized-operating-system): Add "cirrus" to the
list of INITRD-MODULES.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I1a86286586eee0b8c39706544778c7911a86da33
|
|
* gnu/system/file-systems.scm (%pseudo-file-system-types): Add xenfs.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/system/shadow.scm (%default-bashrc): Add an alias for 'ip' that enables
output colorization.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
|