From 4de445f3dae5f5b42d59003cceddecfb296fb73b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 31 Jul 2022 23:03:36 +0200 Subject: guix gc: '--delete-generations' now deletes old Home generations. This reverts commit 24c0518dd404cbb3c434fb6704f4f551bbc78693, thereby reinstating ba22560627f848f40891a56355ff26b6de1380bc, with an additional fix in (guix self). Fixes . Reported by "(" . * guix/scripts/gc.scm (guix-gc)[delete-generations]: Add call to 'home-generation-base'. * guix/self.scm (compiled-guix)[*core-cli-modules*]: Remove (guix scripts gc). * doc/guix.texi (Invoking guix gc): Document the change. --- doc/guix.texi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 12ecc1b952..6e867839a4 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4362,7 +4362,8 @@ nothing and exit immediately. @item --delete-generations[=@var{duration}] @itemx -d [@var{duration}] Before starting the garbage collection process, delete all the generations -older than @var{duration}, for all the user profiles; when run as root, this +older than @var{duration}, for all the user profiles and home environment +generations; when run as root, this applies to all the profiles @emph{of all the users}. For example, this command deletes all the generations of all your profiles -- cgit 1.4.1 From 7d0ebc467ff2a76b75ef0817ac24af4b22c0ab8e Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 31 Jul 2022 23:35:27 +0200 Subject: services: rottlog: More convenient default options for . * gnu/services/admin.scm (%default-log-rotation-options): New variable. (%default-rotations): Use it. * gnu/services/cuirass.scm (cuirass-log-rotations): Likewise. * doc/guix.texi (Log Rotation): Adjust accordingly. --- doc/guix.texi | 5 +++-- gnu/services/admin.scm | 18 ++++++++++++------ gnu/services/cuirass.scm | 5 +++-- 3 files changed, 18 insertions(+), 10 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 6e867839a4..271aad32f0 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18811,9 +18811,10 @@ The log rotation frequency, a symbol. @item @code{files} The list of files or file glob patterns to rotate. -@item @code{options} (default: @code{'()}) +@vindex %default-log-rotation-options +@item @code{options} (default: @code{%default-log-rotation-options}) The list of rottlog options for this rotation (@pxref{Configuration -parameters,,, rottlog, GNU Rot[t]lg Manual}). +parameters,,, rottlog, GNU Rot[t]log Manual}). @item @code{post-rotate} (default: @code{#f}) Either @code{#f} or a gexp to execute once the rotation has completed. diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm index 6951c7a9fd..252bedb0bd 100644 --- a/gnu/services/admin.scm +++ b/gnu/services/admin.scm @@ -40,6 +40,7 @@ log-rotation-files log-rotation-options log-rotation-post-rotate + %default-log-rotation-options rottlog-configuration rottlog-configuration? @@ -82,7 +83,12 @@ (post-rotate log-rotation-post-rotate ;#f | gexp (default #f)) (options log-rotation-options ;list of strings - (default '()))) + (default %default-log-rotation-options))) + +(define %default-log-rotation-options + ;; Default log rotation options: append ".gz" to file names. + '("storefile @FILENAME.@COMP_EXT" + "notifempty")) (define %rotated-files ;; Syslog files subject to rotation. @@ -94,20 +100,20 @@ (files %rotated-files) (frequency 'weekly) - (options '(;; These files are worth keeping for a few weeks. + (options `(;; These files are worth keeping for a few weeks. "rotate 16" ;; Run post-rotate once per rotation "sharedscripts" - ;; Append .gz to rotated files - "storefile @FILENAME.@COMP_EXT")) + + ,@%default-log-rotation-options)) ;; Restart syslogd after rotation. (post-rotate #~(let ((pid (call-with-input-file "/var/run/syslog.pid" read))) (kill pid SIGHUP)))) (log-rotation (files '("/var/log/guix-daemon.log")) - (options '("rotate 4" ;don't keep too many of them - "storefile @FILENAME.@COMP_EXT"))))) + (options `("rotate 4" ;don't keep too many of them + ,@%default-log-rotation-options))))) (define (log-rotation->config rotation) "Return a string-valued gexp representing the rottlog configuration snippet diff --git a/gnu/services/cuirass.scm b/gnu/services/cuirass.scm index d666d6243b..52de5ca7c0 100644 --- a/gnu/services/cuirass.scm +++ b/gnu/services/cuirass.scm @@ -1,6 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Mathieu Lirzin -;;; Copyright © 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès +;;; Copyright © 2016-2022 Ludovic Courtès ;;; Copyright © 2017, 2020 Mathieu Othacehe ;;; Copyright © 2017 Jan Nieuwenhuizen ;;; Copyright © 2018, 2019 Ricardo Wurmus @@ -305,7 +305,8 @@ (files (list (cuirass-configuration-log-file config) (cuirass-configuration-web-log-file config))) (frequency 'weekly) - (options '("rotate 40"))))) ;worth keeping + (options `("rotate 40" ;worth keeping + ,@%default-log-rotation-options))))) (define cuirass-service-type (service-type -- cgit 1.4.1 From dd3cf144028ccd4e12b32133846525e97101d9cd Mon Sep 17 00:00:00 2001 From: Maya Date: Mon, 25 Jul 2022 09:02:18 +0000 Subject: services: opensmtpd: Make commands setgid to "smtpq" by default. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a patch that fixes ": this program must be setgid smtpq". * gnu/services/mail.scm ()[setgid-commands?]: New field. (opensmtpd-set-gids): New procedure. (opensmtpd-service-type)[extensions]: Add SETUID-PROGRAM-SERVICE-TYPE extension. * doc/guix.texi (Mail Services): Document it. Co-authored-by: Ludovic Courtès --- doc/guix.texi | 5 +++++ gnu/services/mail.scm | 45 +++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 48 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 271aad32f0..fc6f477c9a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25149,6 +25149,11 @@ it listens on the loopback network interface, and allows for mail from users and daemons on the local machine, as well as permitting email to remote servers. Run @command{man smtpd.conf} for more information. +@item @code{setgid-commands?} (default: @code{#t}) +Make the following commands setgid to @code{smtpq} so they can be +executed: @command{smtpctl}, @command{sendmail}, @command{send-mail}, +@command{makemap}, @command{mailq}, and @command{newaliases}. +@xref{Setuid Programs}, for more information on setgid programs. @end table @end deftp diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index 10e6523861..43f144a42d 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -30,6 +30,7 @@ #:use-module (gnu services shepherd) #:use-module (gnu system pam) #:use-module (gnu system shadow) + #:use-module (gnu system setuid) #:use-module (gnu packages mail) #:use-module (gnu packages admin) #:use-module (gnu packages dav) @@ -1653,7 +1654,8 @@ by @code{dovecot-configuration}. @var{config} may also be created by (package opensmtpd-configuration-package (default opensmtpd)) (config-file opensmtpd-configuration-config-file - (default %default-opensmtpd-config-file))) + (default %default-opensmtpd-config-file)) + (setgid-commands? opensmtpd-setgid-commands? (default #t))) (define %default-opensmtpd-config-file (plain-file "smtpd.conf" " @@ -1714,6 +1716,43 @@ match from local for any action outbound (define %opensmtpd-pam-services (list (unix-pam-service "smtpd"))) +(define opensmtpd-set-gids + (match-lambda + (($ package config-file set-gids?) + (if set-gids? + (list + (setuid-program + (program (file-append package "/sbin/smtpctl")) + (setuid? #false) + (setgid? #true) + (group "smtpq")) + (setuid-program + (program (file-append package "/sbin/sendmail")) + (setuid? #false) + (setgid? #true) + (group "smtpq")) + (setuid-program + (program (file-append package "/sbin/send-mail")) + (setuid? #false) + (setgid? #true) + (group "smtpq")) + (setuid-program + (program (file-append package "/sbin/makemap")) + (setuid? #false) + (setgid? #true) + (group "smtpq")) + (setuid-program + (program (file-append package "/sbin/mailq")) + (setuid? #false) + (setgid? #true) + (group "smtpq")) + (setuid-program + (program (file-append package "/sbin/newaliases")) + (setuid? #false) + (setgid? #true) + (group "smtpq"))) + '())))) + (define opensmtpd-service-type (service-type (name 'opensmtpd) @@ -1727,7 +1766,9 @@ match from local for any action outbound (service-extension profile-service-type (compose list opensmtpd-configuration-package)) (service-extension shepherd-root-service-type - opensmtpd-shepherd-service))) + opensmtpd-shepherd-service) + (service-extension setuid-program-service-type + opensmtpd-set-gids))) (description "Run the OpenSMTPD, a lightweight @acronym{SMTP, Simple Mail Transfer Protocol} server."))) -- cgit 1.4.1 From a2b89a3319dc1d621c546855f578acae5baaf6da Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Wed, 27 Jul 2022 15:18:51 -0400 Subject: services: configuration: Step back from *unspecified*. Fixes . This partially reverts 8cb1a49a3998c39f315a4199b7d4a121a6d66449. Rationale: *unspecified* cannot be serialized thus used as a G-Expression input, which is problematic/inconvenient when using deeply nested records. As an example, jami-service-type was broken when using partially defined records. * gnu/services/configuration.scm (define-maybe-helper): Check against the 'unset symbol. (normalize-field-type+def): Adjust value to 'unset. (define-configuration-helper): Use 'unset as the default value thunk. * gnu/services/file-sharing.scm (serialize-maybe-string): Check against the 'unset symbol. (serialize-maybe-file-object): Likewise. * gnu/services/messaging.scm (define-all-configurations): Use 'unset as value. (raw-content?): Check against 'unset symbol. (prosody-configuration)[http-max-content-size]: Default to 'unset. [http-external-url]: Likewise. [mod-muc]: Likewise. [raw-content]: Likewise. * gnu/services/networking.scm (opendht-configuration): Adjust documentation. * gnu/services/telephony.scm (jami-shepherd-services): Replace *undefined* with the 'unset symbol. * tests/services/configuration.scm ("maybe type, no default"): Check against the 'unset symbol. * doc/guix.texi: Regenerate the opendht-configuration, openvpn-client-configuration and openvpn-server-configuration documentation. --- doc/guix.texi | 367 +++++++++------------------------------ gnu/services/configuration.scm | 11 +- gnu/services/file-sharing.scm | 4 +- gnu/services/messaging.scm | 12 +- gnu/services/networking.scm | 6 +- gnu/services/telephony.scm | 6 +- tests/services/configuration.scm | 6 +- 7 files changed, 102 insertions(+), 310 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index fc6f477c9a..9d17050ffc 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -19769,75 +19769,46 @@ The value of this service is a @code{opendht-configuration} object, as described below. @end defvr -@deftp {Data Type} opendht-configuration -This is the data type for the OpenDHT service configuration. - @c The fields documentation has been auto-generated using the @c configuration->documentation procedure from @c (gnu services configuration). +@deftp {Data Type} opendht-configuration Available @code{opendht-configuration} fields are: -@deftypevr {@code{opendht-configuration} parameter} package opendht +@table @asis +@item @code{opendht} (default: @code{opendht}) (type: file-like) The @code{opendht} package to use. -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} boolean peer-discovery? +@item @code{peer-discovery?} (default: @code{#f}) (type: boolean) Whether to enable the multicast local peer discovery mechanism. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} boolean enable-logging? +@item @code{enable-logging?} (default: @code{#f}) (type: boolean) Whether to enable logging messages to syslog. It is disabled by default as it is rather verbose. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} boolean debug? +@item @code{debug?} (default: @code{#f}) (type: boolean) Whether to enable debug-level logging messages. This has no effect if logging is disabled. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} maybe-string bootstrap-host +@item @code{bootstrap-host} (default: @code{"bootstrap.jami.net:4222"}) (type: maybe-string) The node host name that is used to make the first connection to the network. A specific port value can be provided by appending the @code{:PORT} suffix. By default, it uses the Jami bootstrap nodes, but any host can be specified here. It's also possible to disable -bootsrapping by explicitly setting this to the @code{*unspecified*} -value. +bootstrapping by explicitly setting this field to the +@code{'unset} value. -Defaults to @samp{"bootstrap.jami.net:4222"}. - -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} maybe-number port -The UDP port to bind to. When explicitly set to @code{*unspecified*}, -an available port is automatically selected. - -Defaults to @samp{4222}. - -@end deftypevr +@item @code{port} (default: @code{4222}) (type: maybe-number) +The UDP port to bind to. When left unspecified, an available port is +automatically selected. -@deftypevr {@code{opendht-configuration} parameter} maybe-number proxy-server-port +@item @code{proxy-server-port} (type: maybe-number) Spawn a proxy server listening on the specified port. -Defaults to @samp{disabled}. - -@end deftypevr - -@deftypevr {@code{opendht-configuration} parameter} maybe-number proxy-server-port-tls +@item @code{proxy-server-port-tls} (type: maybe-number) Spawn a proxy server listening to TLS connections on the specified port. -Defaults to @samp{disabled}. - -@end deftypevr +@end table @end deftp @cindex Tor @@ -30532,362 +30503,184 @@ Both can be run simultaneously. @c %automatically generated documentation +@deftp {Data Type} openvpn-client-configuration Available @code{openvpn-client-configuration} fields are: -@deftypevr {@code{openvpn-client-configuration} parameter} package openvpn +@table @asis +@item @code{openvpn} (default: @code{openvpn}) (type: file-like) The OpenVPN package. -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} string pid-file +@item @code{pid-file} (default: @code{"/var/run/openvpn/openvpn.pid"}) (type: string) The OpenVPN pid file. -Defaults to @samp{"/var/run/openvpn/openvpn.pid"}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} proto proto +@item @code{proto} (default: @code{udp}) (type: proto) The protocol (UDP or TCP) used to open a channel between clients and servers. -Defaults to @samp{udp}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} dev dev +@item @code{dev} (default: @code{tun}) (type: dev) The device type used to represent the VPN connection. -Defaults to @samp{tun}. - -@end deftypevr - -If you do not have some of these files (eg.@: you use a username and -password), you can disable any of the following three fields by setting -it to @code{*unspecified*}. - -@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string ca +@item @code{ca} (default: @code{"/etc/openvpn/ca.crt"}) (type: maybe-string) The certificate authority to check connections against. -Defaults to @samp{"/etc/openvpn/ca.crt"}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string cert +@item @code{cert} (default: @code{"/etc/openvpn/client.crt"}) (type: maybe-string) The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}. -Defaults to @samp{"/etc/openvpn/client.crt"}. +@item @code{key} (default: @code{"/etc/openvpn/client.key"}) (type: maybe-string) +The key of the machine the daemon is running on. It must be the key +whose certificate is @code{cert}. -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string key -The key of the machine the daemon is running on. It must be the key whose -certificate is @code{cert}. - -Defaults to @samp{"/etc/openvpn/client.key"}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} boolean comp-lzo? +@item @code{comp-lzo?} (default: @code{#t}) (type: boolean) Whether to use the lzo compression algorithm. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} boolean persist-key? +@item @code{persist-key?} (default: @code{#t}) (type: boolean) Don't re-read key files across SIGUSR1 or --ping-restart. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} boolean persist-tun? +@item @code{persist-tun?} (default: @code{#t}) (type: boolean) Don't close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 or --ping-restart restarts. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} boolean fast-io? +@item @code{fast-io?} (default: @code{#f}) (type: boolean) (Experimental) Optimize TUN/TAP/UDP I/O writes by avoiding a call to poll/epoll/select prior to the write operation. -Defaults to @samp{#f}. -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} number verbosity +@item @code{verbosity} (default: @code{3}) (type: number) Verbosity level. -Defaults to @samp{3}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} tls-auth-client tls-auth +@item @code{tls-auth} (default: @code{#f}) (type: tls-auth-client) Add an additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string auth-user-pass +@item @code{auth-user-pass} (type: maybe-string) Authenticate with server using username/password. The option is a file -containing username/password on 2 lines. Do not use a file-like object as it -would be added to the store and readable by any user. +containing username/password on 2 lines. Do not use a file-like object +as it would be added to the store and readable by any user. -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} key-usage verify-key-usage? +@item @code{verify-key-usage?} (default: @code{#t}) (type: key-usage) Whether to check the server certificate has server usage extension. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} bind bind? +@item @code{bind?} (default: @code{#f}) (type: bind) Bind to a specific local port number. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} resolv-retry resolv-retry? +@item @code{resolv-retry?} (default: @code{#t}) (type: resolv-retry) Retry resolving server address. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-client-configuration} parameter} openvpn-remote-list remote +@item @code{remote} (default: @code{()}) (type: openvpn-remote-list) A list of remote servers to connect to. -Defaults to @samp{()}. - +@deftp {Data Type} openvpn-remote-configuration Available @code{openvpn-remote-configuration} fields are: -@deftypevr {@code{openvpn-remote-configuration} parameter} string name +@table @asis +@item @code{name} (default: @code{"my-server"}) (type: string) Server name. -Defaults to @samp{"my-server"}. +@item @code{port} (default: @code{1194}) (type: number) +Port number the server listens to. -@end deftypevr +@end table -@deftypevr {@code{openvpn-remote-configuration} parameter} number port -Port number the server listens to. +@end deftp -Defaults to @samp{1194}. +@end table -@end deftypevr +@end deftp -@end deftypevr @c %end of automatic openvpn-client documentation @c %automatically generated documentation +@deftp {Data Type} openvpn-server-configuration Available @code{openvpn-server-configuration} fields are: -@deftypevr {@code{openvpn-server-configuration} parameter} package openvpn +@table @asis +@item @code{openvpn} (default: @code{openvpn}) (type: file-like) The OpenVPN package. -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} string pid-file +@item @code{pid-file} (default: @code{"/var/run/openvpn/openvpn.pid"}) (type: string) The OpenVPN pid file. -Defaults to @samp{"/var/run/openvpn/openvpn.pid"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} proto proto +@item @code{proto} (default: @code{udp}) (type: proto) The protocol (UDP or TCP) used to open a channel between clients and servers. -Defaults to @samp{udp}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} dev dev +@item @code{dev} (default: @code{tun}) (type: dev) The device type used to represent the VPN connection. -Defaults to @samp{tun}. - -@end deftypevr - -If you do not have some of these files (eg.@: you use a username and -password), you can disable any of the following three fields by setting -it to @code{*unspecified*}. - -@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string ca +@item @code{ca} (default: @code{"/etc/openvpn/ca.crt"}) (type: maybe-string) The certificate authority to check connections against. -Defaults to @samp{"/etc/openvpn/ca.crt"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string cert +@item @code{cert} (default: @code{"/etc/openvpn/client.crt"}) (type: maybe-string) The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}. -Defaults to @samp{"/etc/openvpn/client.crt"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string key -The key of the machine the daemon is running on. It must be the key whose -certificate is @code{cert}. - -Defaults to @samp{"/etc/openvpn/client.key"}. - -@end deftypevr +@item @code{key} (default: @code{"/etc/openvpn/client.key"}) (type: maybe-string) +The key of the machine the daemon is running on. It must be the key +whose certificate is @code{cert}. -@deftypevr {@code{openvpn-server-configuration} parameter} boolean comp-lzo? +@item @code{comp-lzo?} (default: @code{#t}) (type: boolean) Whether to use the lzo compression algorithm. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} boolean persist-key? +@item @code{persist-key?} (default: @code{#t}) (type: boolean) Don't re-read key files across SIGUSR1 or --ping-restart. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} boolean persist-tun? +@item @code{persist-tun?} (default: @code{#t}) (type: boolean) Don't close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 or --ping-restart restarts. -Defaults to @samp{#t}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} boolean fast-io? +@item @code{fast-io?} (default: @code{#f}) (type: boolean) (Experimental) Optimize TUN/TAP/UDP I/O writes by avoiding a call to poll/epoll/select prior to the write operation. -Defaults to @samp{#f}. -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} number verbosity +@item @code{verbosity} (default: @code{3}) (type: number) Verbosity level. -Defaults to @samp{3}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} tls-auth-server tls-auth +@item @code{tls-auth} (default: @code{#f}) (type: tls-auth-server) Add an additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} number port +@item @code{port} (default: @code{1194}) (type: number) Specifies the port number on which the server listens. -Defaults to @samp{1194}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} ip-mask server +@item @code{server} (default: @code{"10.8.0.0 255.255.255.0"}) (type: ip-mask) An ip and mask specifying the subnet inside the virtual network. -Defaults to @samp{"10.8.0.0 255.255.255.0"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} cidr6 server-ipv6 +@item @code{server-ipv6} (default: @code{#f}) (type: cidr6) A CIDR notation specifying the IPv6 subnet inside the virtual network. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} string dh +@item @code{dh} (default: @code{"/etc/openvpn/dh2048.pem"}) (type: string) The Diffie-Hellman parameters file. -Defaults to @samp{"/etc/openvpn/dh2048.pem"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} string ifconfig-pool-persist +@item @code{ifconfig-pool-persist} (default: @code{"/etc/openvpn/ipp.txt"}) (type: string) The file that records client IPs. -Defaults to @samp{"/etc/openvpn/ipp.txt"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} gateway redirect-gateway? +@item @code{redirect-gateway?} (default: @code{#f}) (type: gateway) When true, the server will act as a gateway for its clients. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} boolean client-to-client? +@item @code{client-to-client?} (default: @code{#f}) (type: boolean) When true, clients are allowed to talk to each other inside the VPN. -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} keepalive keepalive +@item @code{keepalive} (default: @code{(10 120)}) (type: keepalive) Causes ping-like messages to be sent back and forth over the link so that each side knows when the other side has gone down. @code{keepalive} requires a pair. The first element is the period of the ping sending, and the second element is the timeout before considering the other side down. -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} number max-clients +@item @code{max-clients} (default: @code{100}) (type: number) The maximum number of clients. -Defaults to @samp{100}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} string status +@item @code{status} (default: @code{"/var/run/openvpn/status"}) (type: string) The status file. This file shows a small report on current connection. It is truncated and rewritten every minute. -Defaults to @samp{"/var/run/openvpn/status"}. - -@end deftypevr - -@deftypevr {@code{openvpn-server-configuration} parameter} openvpn-ccd-list client-config-dir +@item @code{client-config-dir} (default: @code{()}) (type: openvpn-ccd-list) The list of configuration for some clients. -Defaults to @samp{()}. - -Available @code{openvpn-ccd-configuration} fields are: - -@deftypevr {@code{openvpn-ccd-configuration} parameter} string name -Client name. - -Defaults to @samp{"client"}. - -@end deftypevr - -@deftypevr {@code{openvpn-ccd-configuration} parameter} ip-mask iroute -Client own network - -Defaults to @samp{#f}. - -@end deftypevr - -@deftypevr {@code{openvpn-ccd-configuration} parameter} ip-mask ifconfig-push -Client VPN IP. - -Defaults to @samp{#f}. - -@end deftypevr +@end table -@end deftypevr +@end deftp @c %end of automatic openvpn-server documentation @@ -31519,7 +31312,7 @@ Each parameter definition is preceded by its type; for example, @samp{boolean foo} indicates that the @code{foo} parameter should be specified as a boolean. Types starting with @code{maybe-} denote parameters that won't show up in TLP config file when their value is -left unset, or is explicitly set to the @code{*unspecified*} value. +left unset, or is explicitly set to the @code{'unset} value. @c The following documentation was initially generated by @c (generate-tlp-documentation) in (gnu services pm). Manually maintained @@ -39136,7 +38929,7 @@ macro which is a shorthand of this. Sometimes a field should not be serialized if the user doesn’t specify a value. To achieve this, you can use the @code{define-maybe} macro to define a ``maybe type''; if the value of a maybe type is left unset, or -is set to the @code{*unspecified*} value, then it will not be +is set to the @code{'unset} value, then it will not be serialized. When defining a ``maybe type'', the corresponding serializer for the diff --git a/gnu/services/configuration.scm b/gnu/services/configuration.scm index e3c101d042..3007e8de35 100644 --- a/gnu/services/configuration.scm +++ b/gnu/services/configuration.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2017, 2018 Clément Lassieur ;;; Copyright © 2021 Xinglu Chen -;;; Copyright © 2021 Maxim Cournoyer +;;; Copyright © 2021, 2022 Maxim Cournoyer ;;; Copyright © 2021 Andrew Tropin ;;; Copyright © 2022 Maxime Devos ;;; @@ -142,8 +142,7 @@ does not have a default value" field kind))) (id #'stem #'serialize-maybe- #'stem)))) #`(begin (define (maybe-stem? val) - (or (unspecified? val) - (stem? val))) + (or (eq? val 'unset) (stem? val))) #,@(if serialize? (list #'(define (serialize-maybe-stem field-name val) (if (stem? val) @@ -171,10 +170,10 @@ does not have a default value" field kind))) (values #'(field-type def))) ((field-type) (identifier? #'field-type) - (values #'(field-type *unspecified*))) + (values #'(field-type 'unset))) (field-type (identifier? #'field-type) - (values #'(field-type *unspecified*))))) + (values #'(field-type 'unset))))) (define (define-configuration-helper serialize? serializer-prefix syn) (syntax-case syn () @@ -262,7 +261,7 @@ does not have a default value" field kind))) (lambda () (display '#,(id #'stem #'% #'stem)) (if (eq? (syntax->datum field-default) - '*unspecified*) + 'unset) (configuration-missing-default-value '#,(id #'stem #'% #'stem) 'field) field-default))) diff --git a/gnu/services/file-sharing.scm b/gnu/services/file-sharing.scm index e32d1f145d..5df8b0d597 100644 --- a/gnu/services/file-sharing.scm +++ b/gnu/services/file-sharing.scm @@ -115,7 +115,7 @@ type generated and used by Transmission clients, suitable for passing to the (set! serialize-maybe-string (lambda (field-name val) (serialize-string field-name - (if (unspecified? val) + (if (eq? val 'unset) "" val)))) @@ -180,7 +180,7 @@ type generated and used by Transmission clients, suitable for passing to the (define-maybe file-object) (set! serialize-maybe-file-object (lambda (field-name val) - (if (unspecified? val) + (if (eq? val 'unset) (serialize-string field-name "") (serialize-file-object field-name val)))) diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm index 651f90adb2..00a1c80a14 100644 --- a/gnu/services/messaging.scm +++ b/gnu/services/messaging.scm @@ -90,7 +90,7 @@ ((new-def ...) (map (lambda (def target) (if (eq? 'common (syntax->datum target)) - #'*unspecified* def)) + #''unset def)) #'(def ...) #'(target ...))) ((new-doc ...) (map (lambda (doc target) @@ -200,7 +200,7 @@ (define-maybe file-object-list) (define (raw-content? val) - (not (unspecified? val))) + (not (eq? val 'unset))) (define (serialize-raw-content field-name val) val) (define-maybe raw-content) @@ -474,12 +474,12 @@ by the Prosody service. See @url{https://prosody.im/doc/logging}." global) (http-max-content-size - (maybe-non-negative-integer *unspecified*) + (maybe-non-negative-integer 'unset) "Maximum allowed size of the HTTP body (in bytes)." common) (http-external-url - (maybe-string *unspecified*) + (maybe-string 'unset) "Some modules expose their own URL in various ways. This URL is built from the protocol, host and port used. If Prosody sits behind a proxy, the public URL will be @code{http-external-url} instead. See @@ -556,7 +556,7 @@ support. To add an external component, you simply fill the hostname field. See int-component) (mod-muc - (maybe-mod-muc-configuration *unspecified*) + (maybe-mod-muc-configuration 'unset) "Multi-user chat (MUC) is Prosody's module for allowing you to create hosted chatrooms/conferences for XMPP users. @@ -573,7 +573,7 @@ See also @url{https://prosody.im/doc/modules/mod_muc}." ext-component) (raw-content - (maybe-raw-content *unspecified*) + (maybe-raw-content 'unset) "Raw content that will be added to the configuration file." common))) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 3ddcdcc251..3c6395b6ca 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -772,11 +772,11 @@ logging is disabled.") network. A specific port value can be provided by appending the @code{:PORT} suffix. By default, it uses the Jami bootstrap nodes, but any host can be specified here. It's also possible to disable bootstrapping by explicitly -setting this field to the @code{*unspecified*} value.") +setting this field to the @code{'unset} value.") (port (maybe-number 4222) - "The UDP port to bind to. When set to @code{*unspecified*}, an available -port is automatically selected.") + "The UDP port to bind to. When left unspecified, an available port is +automatically selected.") (proxy-server-port maybe-number "Spawn a proxy server listening on the specified port.") diff --git a/gnu/services/telephony.scm b/gnu/services/telephony.scm index e8bfbc88c5..7152f3b38d 100644 --- a/gnu/services/telephony.scm +++ b/gnu/services/telephony.scm @@ -307,7 +307,7 @@ CONFIG, a object." (dbus (jami-configuration-dbus config)) (dbus-daemon (file-append dbus "/bin/dbus-daemon")) (accounts (jami-configuration-accounts config)) - (declarative-mode? (not (unspecified? accounts)))) + (declarative-mode? (not (eq? 'unset accounts)))) (with-extensions (list guile-packrat ;used by guile-ac-d-bus guile-ac-d-bus @@ -649,7 +649,7 @@ argument, either a registered username or the fingerprint of the account.") account-details) (let ((username (archive-name->username archive))) - (when (not (unspecified? allowed-contacts)) + (when (not (eq? 'unset allowed-contacts)) ;; Reject calls from unknown contacts. (set-account-details '(("DHT.PublicInCalls" . "false")) username) @@ -659,7 +659,7 @@ argument, either a registered username or the fingerprint of the account.") ;; Add allowed ones. (for-each (cut add-contact <> username) allowed-contacts)) - (when (not (unspecified? moderators)) + (when (not (eq? 'unset moderators)) ;; Disable the 'AllModerators' property. (set-all-moderators #f username) ;; Remove all moderators. diff --git a/tests/services/configuration.scm b/tests/services/configuration.scm index 6268525317..548c400bfe 100644 --- a/tests/services/configuration.scm +++ b/tests/services/configuration.scm @@ -151,9 +151,9 @@ (not (defined? 'serialize-maybe-string))) (test-assert "maybe type, no default" - (unspecified? - (config-with-maybe-string/no-serialization-name - (config-with-maybe-string/no-serialization)))) + (eq? 'unset + (config-with-maybe-string/no-serialization-name + (config-with-maybe-string/no-serialization)))) (test-assert "maybe type, with default" (equal? -- cgit 1.4.1 From f9a267c6d266355b48bd12288f4414eaf4db8b33 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 4 Aug 2022 15:15:18 +0200 Subject: doc: Fix Guix manual URLs in 'htmlxref.cnf'. Fixes a regression introduced in 868da34d54365023223a4ff7520043ba55ad64e8. * doc/htmlxref.cnf (GUIX): Remove "/guix". --- doc/htmlxref.cnf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/htmlxref.cnf b/doc/htmlxref.cnf index ca99df81bb..21efbe2ddc 100644 --- a/doc/htmlxref.cnf +++ b/doc/htmlxref.cnf @@ -1,7 +1,7 @@ # htmlxref.cnf - reference file for free Texinfo manuals on the web. # Modified by Ludovic Courtès for the GNU Guix manual. -htmlxrefversion=2022-06-16.15; # UTC +htmlxrefversion=2022-08-04.13; # UTC # Copyright 2010-2020, 2022 Free Software Foundation, Inc. # @@ -413,7 +413,7 @@ guile-rpc mono ${GS}/guile-rpc/manual/guile-rpc.html guile-rpc node ${GS}/guile-rpc/manual/html_node/ GUIX_ROOT = https://guix.gnu.org -GUIX = ${GUIX_ROOT}/guix/manual +GUIX = ${GUIX_ROOT}/manual guix.de mono ${GUIX}/de/guix.de.html guix.de node ${GUIX}/de/html_node/ guix.es mono ${GUIX}/es/guix.es.html -- cgit 1.4.1 From 79fbe4f524cf89ab5bcc739ac61500392ebfa07b Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 31 Jul 2022 02:00:00 +0200 Subject: doc: Fix typo. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * doc/guix.texi (X Window): Fix ‘string-apppend’ typo. --- doc/guix.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 9d17050ffc..b8d1f391c2 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -21141,7 +21141,7 @@ Select display server to use for the greeter. Valid values are @item @code{numlock} (default: "on") Valid values are @samp{"on"}, @samp{"off"} or @samp{"none"}. -@item @code{halt-command} (default @code{#~(string-apppend #$shepherd "/sbin/halt")}) +@item @code{halt-command} (default @code{#~(string-append #$shepherd "/sbin/halt")}) Command to run when halting. @item @code{reboot-command} (default @code{#~(string-append #$shepherd "/sbin/reboot")}) -- cgit 1.4.1 From 6e5a1e2a6259d0d8ebb4015148247b1d91c6eb23 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 6 Aug 2022 22:22:19 +0200 Subject: doc: Add reference to "Writing Manifests". * doc/guix.texi (Defining Package Variants): Rewrite to "Writing Manifests" rather than the 'profile-manifest' anchor. --- doc/guix.texi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index b8d1f391c2..21cee4e369 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -7876,8 +7876,8 @@ upstream version, with different dependencies, different compilation options, and so on. Some of these custom packages can be defined straight from the command line (@pxref{Package Transformation Options}). This section describes how to define package variants in code. This can -be useful in ``manifests'' (@pxref{profile-manifest, -@option{--manifest}}) and in your own package collection +be useful in ``manifests'' (@pxref{Writing Manifests}) +and in your own package collection (@pxref{Creating a Channel}), among others! @cindex inherit, for package definitions -- cgit 1.4.1 From ad8beb6325acf067387ac6387f9ee1b6f84893b4 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 7 Aug 2022 11:53:32 +0200 Subject: lint: Add '-e'. * guix/scripts/lint.scm (show-help, %options): Add '-e'. (guix-lint): Call 'specification->package' while traversing OPTS. Add case for 'expression pair. Adjust 'for-each' loop to expect packages. * doc/guix.texi (Invoking guix lint): Document it. --- doc/guix.texi | 10 ++++++++++ guix/scripts/lint.scm | 22 ++++++++++++++-------- 2 files changed, 24 insertions(+), 8 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 21cee4e369..d6460a785f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14359,6 +14359,16 @@ names returned by @option{--list-checkers}. Only disable the checkers specified in a comma-separated list using the names returned by @option{--list-checkers}. +@item --expression=@var{expr} +@itemx -e @var{expr} +Consider the package @var{expr} evaluates to. + +This is useful to unambiguously designate packages, as in this example: + +@example +guix lint -c archival -e '(@@ (gnu packages guile) guile-3.0)' +@end example + @item --no-network @itemx -n Only enable the checkers that do not depend on Internet access. diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm index c72dc3caad..9920c3ee62 100644 --- a/guix/scripts/lint.scm +++ b/guix/scripts/lint.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Cyril Roelandt ;;; Copyright © 2014, 2015 Eric Bavier -;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès +;;; Copyright © 2013-2020, 2022 Ludovic Courtès ;;; Copyright © 2015, 2016 Mathieu Lirzin ;;; Copyright © 2016 Danny Milosavljevic ;;; Copyright © 2016 Hartmut Goebel @@ -108,6 +108,8 @@ run the checkers on all packages.\n")) exclude the specified checkers")) (display (G_ " -n, --no-network only run checkers that do not access the network")) + (display (G_ " + -e, --expression=EXPR consider the package EXPR evaluates to")) (display (G_ " -L, --load-path=DIR prepend DIR to the package module search path")) @@ -161,9 +163,11 @@ run the checkers on all packages.\n")) (exit 0))) (option '(#\l "list-checkers") #f #f (lambda (opt name arg result) - (alist-cons 'list? - #t - result))) + (alist-cons 'list? #t result))) + (option '(#\e "expression") #t #f + (lambda (opt name arg result) + (alist-cons 'expression arg result))) + (option '(#\V "version") #f #f (lambda args (show-version-and-exit "guix lint"))))) @@ -184,8 +188,10 @@ run the checkers on all packages.\n")) (let* ((opts (parse-options)) (args (filter-map (match-lambda - (('argument . value) - value) + (('argument . spec) + (specification->package spec)) + (('expression . exp) + (read/eval-package-expression exp)) (_ #f)) (reverse opts))) (no-checkers (or (assoc-ref opts 'exclude) '())) @@ -219,7 +225,7 @@ run the checkers on all packages.\n")) (fold-packages (lambda (p r) (run-checkers p checkers #:store store)) '())) (else - (for-each (lambda (spec) - (run-checkers (specification->package spec) checkers + (for-each (lambda (package) + (run-checkers package checkers #:store store)) args))))))))) -- cgit 1.4.1 From a15542d26df42dabdb5e2f76d150ae200230c3b0 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 2 Aug 2022 18:01:35 +0200 Subject: style: Add '--whole-file' option. * guix/scripts/style.scm (format-whole-file): New procedure. (%options, show-help): Add '--whole-file'. (guix-style): Honor it. * tests/guix-style.sh: New file. * Makefile.am (SH_TESTS): Add it. * doc/guix.texi (Invoking guix style): Document it. --- Makefile.am | 1 + doc/guix.texi | 28 ++++++++++++++++-- guix/scripts/style.scm | 65 ++++++++++++++++++++++++++++------------ tests/guix-style.sh | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 153 insertions(+), 21 deletions(-) create mode 100644 tests/guix-style.sh (limited to 'doc') diff --git a/Makefile.am b/Makefile.am index 2cda20e61c..f7c42e8153 100644 --- a/Makefile.am +++ b/Makefile.am @@ -580,6 +580,7 @@ SH_TESTS = \ tests/guix-package.sh \ tests/guix-package-aliases.sh \ tests/guix-package-net.sh \ + tests/guix-style.sh \ tests/guix-system.sh \ tests/guix-home.sh \ tests/guix-archive.sh \ diff --git a/doc/guix.texi b/doc/guix.texi index d6460a785f..9a6a5c307d 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14058,9 +14058,12 @@ otherwise. @node Invoking guix style @section Invoking @command{guix style} -The @command{guix style} command helps packagers style their package -definitions according to the latest fashionable trends. The command -currently provides the following styling rules: +The @command{guix style} command helps users and packagers alike style +their package definitions and configuration files according to the +latest fashionable trends. It can either reformat whole files, with the +@option{--whole-file} option, or apply specific @dfn{styling rules} to +individual package definitions. The command currently provides the +following styling rules: @itemize @item @@ -14115,6 +14118,12 @@ the packages. The @option{--styling} or @option{-S} option allows you to select the style rule, the default rule being @code{format}---see below. +To reformat entire source files, the syntax is: + +@example +guix style --whole-file @var{file}@dots{} +@end example + The available options are listed below. @table @code @@ -14122,6 +14131,19 @@ The available options are listed below. @itemx -n Show source file locations that would be edited but do not modify them. +@item --whole-file +@itemx -f +Reformat the given files in their entirety. In that case, subsequent +arguments are interpreted as file names (rather than package names), and +the @option{--styling} option has no effect. + +As an example, here is how you might reformat your operating system +configuration (you need write permissions for the file): + +@example +guix style -f /etc/config.scm +@end example + @item --styling=@var{rule} @itemx -S @var{rule} Apply @var{rule}, one of the following styling rules: diff --git a/guix/scripts/style.scm b/guix/scripts/style.scm index 2e14bc68fd..c0b9ea1a28 100644 --- a/guix/scripts/style.scm +++ b/guix/scripts/style.scm @@ -328,6 +328,21 @@ PACKAGE." (< (location-line loc1) (location-line loc2)) (stringpackage spec)) - (('expression . str) - (read/eval str)) - (_ #f)) - opts)) (edit (if (assoc-ref opts 'dry-run?) edit-expression/dry-run edit-expression)) (style (assoc-ref opts 'styling-procedure)) (policy (assoc-ref opts 'input-simplification-policy))) (with-error-handling - (for-each (lambda (package) - (style package #:policy policy - #:edit-expression edit)) - ;; Sort package by source code location so that we start editing - ;; files from the bottom and going upward. That way, the - ;; 'location' field of records is not invalidated as - ;; we modify files. - (sort (if (null? packages) - (fold-packages cons '() #:select? (const #t)) - packages) - (negate package-locationpackage spec)) + (('expression . str) + (read/eval str)) + (_ #f)) + opts))) + (for-each (lambda (package) + (style package #:policy policy + #:edit-expression edit)) + ;; Sort package by source code location so that we start + ;; editing files from the bottom and going upward. That + ;; way, the 'location' field of records is not + ;; invalidated as we modify files. + (sort (if (null? packages) + (fold-packages cons '() #:select? (const #t)) + packages) + (negate package-location +# +# This file is part of GNU Guix. +# +# GNU Guix is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GNU Guix is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Guix. If not, see . + +# +# Test 'guix style'. +# + +set -e + +guix style --version + +tmpdir="guix-style-$$" +trap 'rm -r "$tmpdir"' EXIT + +tmpfile="$tmpdir/os.scm" +mkdir "$tmpdir" +cat > "$tmpfile" < Date: Fri, 5 Aug 2022 17:09:10 +0200 Subject: build-system: Add 'channel-build-system'. * gnu/ci.scm (channel-build-system, channel-source->package): Remove. * gnu/packages/package-management.scm (channel-source->package): New procedure, moved from (gnu ci). * guix/build-system/channel.scm: New file, with code moved from (gnu ci). * doc/guix.texi (Build Systems): Document it. --- Makefile.am | 1 + doc/guix.texi | 9 ++++++ etc/system-tests.scm | 3 +- gnu/ci.scm | 42 ++------------------------- gnu/packages/package-management.scm | 16 ++++++++++ guix/build-system/channel.scm | 58 +++++++++++++++++++++++++++++++++++++ 6 files changed, 87 insertions(+), 42 deletions(-) create mode 100644 guix/build-system/channel.scm (limited to 'doc') diff --git a/Makefile.am b/Makefile.am index f7c42e8153..f707b930b2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -142,6 +142,7 @@ MODULES = \ guix/build-system/android-ndk.scm \ guix/build-system/ant.scm \ guix/build-system/cargo.scm \ + guix/build-system/channel.scm \ guix/build-system/chicken.scm \ guix/build-system/clojure.scm \ guix/build-system/cmake.scm \ diff --git a/doc/guix.texi b/doc/guix.texi index 9a6a5c307d..5dab9cf169 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9568,6 +9568,15 @@ with @code{build-expression->derivation} (@pxref{Derivations, @code{build-expression->derivation}}). @end defvr +@defvr {Scheme Variable} channel-build-system +This variable is exported by @code{(guix build-system channel)}. + +This build system is meant primarily for internal use. It requires two +arguments, @code{#:commit} and @code{#:source}, and builds a Guix +instance from that channel, in the same way @command{guix time-machine} +would do it (@pxref{Channels}). +@end defvr + @node Build Phases @section Build Phases diff --git a/etc/system-tests.scm b/etc/system-tests.scm index cd22b7e6d3..221a63bb7f 100644 --- a/etc/system-tests.scm +++ b/etc/system-tests.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2016, 2018, 2019, 2020 Ludovic Courtès +;;; Copyright © 2016, 2018-2020, 2022 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -20,7 +20,6 @@ (gnu packages package-management) (guix monads) (guix store) - ((gnu ci) #:select (channel-source->package)) ((guix git-download) #:select (git-predicate)) ((guix utils) #:select (current-source-directory)) (git) diff --git a/gnu/ci.scm b/gnu/ci.scm index 9389b43824..9cc3a1a81f 100644 --- a/gnu/ci.scm +++ b/gnu/ci.scm @@ -21,9 +21,9 @@ ;;; along with GNU Guix. If not, see . (define-module (gnu ci) - #:use-module (guix channels) + #:use-module (guix build-system channel) #:use-module (guix config) - #:use-module (guix describe) + #:autoload (guix describe) (package-channels) #:use-module (guix store) #:use-module (guix grafts) #:use-module (guix profiles) @@ -32,7 +32,6 @@ #:use-module (guix channels) #:use-module (guix config) #:use-module (guix derivations) - #:use-module (guix build-system) #:use-module (guix monads) #:use-module (guix gexp) #:use-module (guix ui) @@ -71,7 +70,6 @@ image->job %core-packages - channel-source->package arguments->systems cuirass-jobs)) @@ -288,42 +286,6 @@ otherwise use the IMAGE name." '())) '())) -(define channel-build-system - ;; Build system used to "convert" a channel instance to a package. - (let* ((build (lambda* (name inputs - #:key source commit system - #:allow-other-keys) - (mlet* %store-monad ((source (if (string? source) - (return source) - (lower-object source))) - (instance - -> (checkout->channel-instance - source #:commit commit))) - (channel-instances->derivation (list instance))))) - (lower (lambda* (name #:key system source commit - #:allow-other-keys) - (bag - (name name) - (system system) - (build build) - (arguments `(#:source ,source - #:commit ,commit)))))) - (build-system (name 'channel) - (description "Turn a channel instance into a package.") - (lower lower)))) - -(define* (channel-source->package source #:key commit) - "Return a package for the given channel SOURCE, a lowerable object." - (package - (inherit guix) - (version (string-append (package-version guix) "+")) - (build-system channel-build-system) - (arguments `(#:source ,source - #:commit ,commit)) - (inputs '()) - (native-inputs '()) - (propagated-inputs '()))) - (define* (system-test-jobs store system #:key source commit) "Return a list of jobs for the system tests." diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index c22c9f7a43..b9cd74eb27 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -110,6 +110,7 @@ #:use-module (gnu packages xml) #:use-module (gnu packages xorg) #:use-module (gnu packages version-control) + #:autoload (guix build-system channel) (channel-build-system) #:use-module (guix build-system glib-or-gtk) #:use-module (guix build-system gnu) #:use-module (guix build-system guile) @@ -489,6 +490,21 @@ the Nix package manager.") (license license:gpl3+) (properties '((ftp-server . "alpha.gnu.org")))))) +(define* (channel-source->package source #:key commit) + "Return a package for the given channel SOURCE, a lowerable object." + (package + (inherit guix) + (version (string-append (package-version guix) "." + (if commit (string-take commit 7) ""))) + (build-system channel-build-system) + (arguments `(#:source ,source + #:commit ,commit)) + (inputs '()) + (native-inputs '()) + (propagated-inputs '()))) + +(export channel-source->package) + (define-public guix-for-cuirass ;; Known-good revision before commit ;; bd86bbd300474204878e927f6cd3f0defa1662a5, which introduced diff --git a/guix/build-system/channel.scm b/guix/build-system/channel.scm new file mode 100644 index 0000000000..227eb08373 --- /dev/null +++ b/guix/build-system/channel.scm @@ -0,0 +1,58 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019-2021 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix build-system channel) + #:use-module ((guix store) #:select (%store-monad)) + #:use-module ((guix gexp) #:select (lower-object)) + #:use-module (guix monads) + #:use-module (guix channels) + #:use-module (guix build-system) + #:export (channel-build-system)) + +;;; Commentary: +;;; +;;; The "channel" build system lets you build Guix instances from channel +;;; specifications, similar to how 'guix time-machine' would do it, as regular +;;; packages. +;;; +;;; Code: + +(define channel-build-system + ;; Build system used to "convert" a channel instance to a package. + (let* ((build (lambda* (name inputs + #:key source commit system + #:allow-other-keys) + (mlet* %store-monad ((source (if (string? source) + (return source) + (lower-object source))) + (instance + -> (checkout->channel-instance + source #:commit commit))) + (channel-instances->derivation (list instance))))) + (lower (lambda* (name #:key system source commit + #:allow-other-keys) + (bag + (name name) + (system system) + (build build) + (arguments `(#:source ,source + #:commit ,commit)))))) + (build-system (name 'channel) + (description "Turn a channel instance into a package.") + (lower lower)))) + -- cgit 1.4.1 From cf60a0a906440ccb007bae1243c3e0397c3a0aba Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 8 Aug 2022 23:06:11 +0200 Subject: build-system/channel: Accept a channel or instance as the source. * guix/build-system/channel.scm (latest-channel-instances*): New variable. (build-channels): New procedure, with code formerly in 'channel-build-system', augmented with clauses for when SOURCE is a channel instance or a channel. * doc/guix.texi (Build Systems): Adjust accordingly. --- doc/guix.texi | 12 ++++++---- guix/build-system/channel.scm | 53 +++++++++++++++++++++++++++---------------- 2 files changed, 41 insertions(+), 24 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 5dab9cf169..306c7b635b 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9571,10 +9571,14 @@ with @code{build-expression->derivation} (@pxref{Derivations, @defvr {Scheme Variable} channel-build-system This variable is exported by @code{(guix build-system channel)}. -This build system is meant primarily for internal use. It requires two -arguments, @code{#:commit} and @code{#:source}, and builds a Guix -instance from that channel, in the same way @command{guix time-machine} -would do it (@pxref{Channels}). +This build system is meant primarily for internal use. A package using +this build system must have a channel specification as its @code{source} +field (@pxref{Channels}); alternatively, its source can be a directory +name, in which case an additional @code{#:commit} argument must be +supplied to specify the commit being built (a hexadecimal string). + +The resulting package is a Guix instance of the given channel, similar +to how @command{guix time-machine} would build it. @end defvr @node Build Phases diff --git a/guix/build-system/channel.scm b/guix/build-system/channel.scm index 227eb08373..b6ef3bfacf 100644 --- a/guix/build-system/channel.scm +++ b/guix/build-system/channel.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2019-2021 Ludovic Courtès +;;; Copyright © 2019-2022 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -17,7 +17,7 @@ ;;; along with GNU Guix. If not, see . (define-module (guix build-system channel) - #:use-module ((guix store) #:select (%store-monad)) + #:use-module ((guix store) #:select (%store-monad store-lift)) #:use-module ((guix gexp) #:select (lower-object)) #:use-module (guix monads) #:use-module (guix channels) @@ -32,26 +32,39 @@ ;;; ;;; Code: +(define latest-channel-instances* + (store-lift latest-channel-instances)) + +(define* (build-channels name inputs + #:key source system commit + (authenticate? #t) + #:allow-other-keys) + (mlet* %store-monad ((instances + (cond ((channel-instance? source) + (return (list source))) + ((channel? source) + (latest-channel-instances* + (list source) + #:authenticate? authenticate?)) + (else + (mlet %store-monad ((source + (lower-object source))) + (return + (list (checkout->channel-instance + source #:commit commit)))))))) + (channel-instances->derivation instances))) + (define channel-build-system ;; Build system used to "convert" a channel instance to a package. - (let* ((build (lambda* (name inputs - #:key source commit system - #:allow-other-keys) - (mlet* %store-monad ((source (if (string? source) - (return source) - (lower-object source))) - (instance - -> (checkout->channel-instance - source #:commit commit))) - (channel-instances->derivation (list instance))))) - (lower (lambda* (name #:key system source commit - #:allow-other-keys) - (bag - (name name) - (system system) - (build build) - (arguments `(#:source ,source - #:commit ,commit)))))) + (let ((lower (lambda* (name #:key system source commit (authenticate? #t) + #:allow-other-keys) + (bag + (name name) + (system system) + (build build-channels) + (arguments `(#:source ,source + #:authenticate? ,authenticate? + #:commit ,commit)))))) (build-system (name 'channel) (description "Turn a channel instance into a package.") (lower lower)))) -- cgit 1.4.1 From 26af06b66b65354a46b2196d1c11c90168b7fa12 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 9 Aug 2022 14:36:02 +0200 Subject: linux-container: container-script: Parse command line options. * gnu/system/linux-container.scm (container-script): Accept command line options to bind mount host directories into the container. * doc/guix.texi (Invoking guix system): Document options. --- doc/guix.texi | 4 ++ gnu/system/linux-container.scm | 97 +++++++++++++++++++++++++++++++----------- 2 files changed, 76 insertions(+), 25 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 306c7b635b..896c830aeb 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -37500,6 +37500,10 @@ guix system container my-config.scm \ --expose=$HOME --share=$HOME/tmp=/exchange @end example +The @option{--share} and @option{--expose} options can also be passed to +the generated script to bind-mount additional directories into the +container. + @quotation Note This option requires Linux-libre 3.19 or newer. @end quotation diff --git a/gnu/system/linux-container.scm b/gnu/system/linux-container.scm index 24077e347a..69080bcacb 100644 --- a/gnu/system/linux-container.scm +++ b/gnu/system/linux-container.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2019 Arun Isaac ;;; Copyright © 2020 Efraim Flashner ;;; Copyright © 2020 Google LLC +;;; Copyright © 2022 Ricardo Wurmus ;;; ;;; This file is part of GNU Guix. ;;; @@ -202,16 +203,49 @@ that will be shared with the host system." (guix build utils) (guix i18n) (guix diagnostics) - (srfi srfi-1)) + (srfi srfi-1) + (srfi srfi-37) + (ice-9 match)) - (define file-systems - (filter-map (lambda (spec) - (let* ((fs (spec->file-system spec)) - (flags (file-system-flags fs))) - (and (or (not (memq 'bind-mount flags)) - (file-exists? (file-system-device fs))) - fs))) - '#$specs)) + (define (show-help) + (display (G_ "Usage: run-container [OPTION ...] +Run the container with the given options.")) + (newline) + (display (G_ " + --share=SPEC share host file system with read/write access + according to SPEC")) + (display (G_ " + --expose=SPEC expose host file system directory as read-only + according to SPEC")) + (newline) + (display (G_ " + -h, --help display this help and exit")) + (newline)) + + (define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '("share") #t #f + (lambda (opt name arg result) + (alist-cons 'file-system-mapping + (specification->file-system-mapping arg #t) + result))) + (option '("expose") #t #f + (lambda (opt name arg result) + (alist-cons 'file-system-mapping + (specification->file-system-mapping arg #f) + result))))) + + (define (parse-options args options) + (args-fold args options + (lambda (opt name arg . rest) + (report-error (G_ "~A: unrecognized option~%") name) + (exit 1)) + (lambda (op res) (cons op res)) + '())) (define (explain pid) ;; XXX: We can't quite call 'bindtextdomain' so there's actually @@ -225,22 +259,35 @@ that will be shared with the host system." (info (G_ "or run 'sudo nsenter -a -t ~a' to get a shell into it.~%") pid) (newline (guix-warning-port))) - (call-with-container file-systems - (lambda () - (setenv "HOME" "/root") - (setenv "TMPDIR" "/tmp") - (setenv "GUIX_NEW_SYSTEM" #$os) - (for-each mkdir-p '("/run" "/bin" "/etc" "/home" "/var")) - (primitive-load (string-append #$os "/boot"))) - ;; A range of 65536 uid/gids is used to cover 16 bits worth of - ;; users and groups, which is sufficient for most cases. - ;; - ;; See: http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html#--private-users= - #:host-uids 65536 - #:namespaces (if #$shared-network? - (delq 'net %namespaces) - %namespaces) - #:process-spawned-hook explain)))) + (let* ((opts (parse-options (cdr (command-line)) %options)) + (mappings (filter-map (match-lambda + (('file-system-mapping . mapping) mapping) + (_ #f)) + opts)) + (file-systems + (filter-map (lambda (fs) + (let ((flags (file-system-flags fs))) + (and (or (not (memq 'bind-mount flags)) + (file-exists? (file-system-device fs))) + fs))) + (append (map file-system-mapping->bind-mount mappings) + (map spec->file-system '#$specs))))) + (call-with-container file-systems + (lambda () + (setenv "HOME" "/root") + (setenv "TMPDIR" "/tmp") + (setenv "GUIX_NEW_SYSTEM" #$os) + (for-each mkdir-p '("/run" "/bin" "/etc" "/home" "/var")) + (primitive-load (string-append #$os "/boot"))) + ;; A range of 65536 uid/gids is used to cover 16 bits worth of + ;; users and groups, which is sufficient for most cases. + ;; + ;; See: http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html#--private-users= + #:host-uids 65536 + #:namespaces (if #$shared-network? + (delq 'net %namespaces) + %namespaces) + #:process-spawned-hook explain))))) (gexp->script "run-container" script))) -- cgit 1.4.1 From 4b780d002d8eb79ac0de035c4a3861f1696f6430 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 2 Aug 2022 17:49:30 -0400 Subject: doc: Fix name of gdm-configuration x-session field. * doc/guix.texi (X Window): Correctly refer to 'x-session', not 'xsession', as the name of the field. --- doc/guix.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 896c830aeb..eb3a1a4eb5 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -21033,7 +21033,7 @@ List of GNOME Shell assets needed by GDM: icon theme, fonts, etc. @item @code{xorg-configuration} (default: @code{(xorg-configuration)}) Configuration of the Xorg graphical server. -@item @code{xsession} (default: @code{(xinitrc)}) +@item @code{x-session} (default: @code{(xinitrc)}) Script to run before starting a X session. @item @code{dbus-daemon} (default: @code{dbus-daemon-wrapper}) -- cgit 1.4.1 From 4b494878380920c8c7eecccd1f299164dd4a2c3f Mon Sep 17 00:00:00 2001 From: Oleg Pykhalov Date: Tue, 19 Jul 2022 19:40:28 +0300 Subject: gnu: system: file-systems: Add shared flag. * gnu/build/file-systems.scm (mount-flags->bit-mask, mount-file-system): Handle shared flag. * gnu/system/file-systems.scm (invalid-file-system-flags): Add shared to known flags. * guix/build/syscalls.scm (MS_SHARED): New variable. * doc/guix.texi (File Systems): Document shared flag. --- doc/guix.texi | 5 +++-- gnu/build/file-systems.scm | 6 ++++++ gnu/system/file-systems.scm | 4 +++- guix/build/syscalls.scm | 3 +++ 4 files changed, 15 insertions(+), 3 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index eb3a1a4eb5..99321929cc 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16421,8 +16421,9 @@ include @code{read-only}, @code{bind-mount}, @code{no-dev} (disallow access to special files), @code{no-suid} (ignore setuid and setgid bits), @code{no-atime} (do not update file access times), @code{strict-atime} (update file access time), @code{lazy-time} (only -update time on the in-memory version of the file inode), and -@code{no-exec} (disallow program execution). +update time on the in-memory version of the file inode), +@code{no-exec} (disallow program execution), and @code{shared} (make the +mount shared). @xref{Mount-Unmount-Remount,,, libc, The GNU C Library Reference Manual}, for more information on these flags. diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm index 1d3b33e7bd..b9d46c9350 100644 --- a/gnu/build/file-systems.scm +++ b/gnu/build/file-systems.scm @@ -6,6 +6,7 @@ ;;; Copyright © 2019–2021 Tobias Geerinckx-Rice ;;; Copyright © 2019 David C. Trudgian ;;; Copyright © 2020 Maxim Cournoyer +;;; Copyright © 2022 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; @@ -1123,6 +1124,8 @@ corresponds to the symbols listed in FLAGS." (logior MS_STRICTATIME (loop rest))) (('lazy-time rest ...) (logior MS_LAZYTIME (loop rest))) + (('shared rest ...) + (loop rest)) (() 0)))) @@ -1186,6 +1189,9 @@ corresponds to the symbols listed in FLAGS." (cond ((string-prefix? "nfs" type) (mount-nfs source target type flags options)) + ((memq 'shared (file-system-flags fs)) + (mount source target type flags options) + (mount "none" target #f MS_SHARED)) (else (mount source target type flags options))) diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm index f8f4276283..464b76a2ca 100644 --- a/gnu/system/file-systems.scm +++ b/gnu/system/file-systems.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2020 Jakub Kądziołka ;;; Copyright © 2020, 2021 Maxim Cournoyer ;;; Copyright © 2021 Tobias Geerinckx-Rice +;;; Copyright © 2022 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; @@ -121,7 +122,8 @@ ;; Note: Keep in sync with 'mount-flags->bit-mask'. (let ((known-flags '(read-only bind-mount no-suid no-dev no-exec - no-atime strict-atime lazy-time))) + no-atime strict-atime lazy-time + shared))) (lambda (flags) "Return the subset of FLAGS that is invalid." (remove (cut memq <> known-flags) flags)))) diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index a7401fd73f..eda487f52e 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -8,6 +8,7 @@ ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen ;;; Copyright © 2021 Chris Marusich ;;; Copyright © 2021 Tobias Geerinckx-Rice +;;; Copyright © 2022 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; @@ -49,6 +50,7 @@ MS_RELATIME MS_BIND MS_MOVE + MS_SHARED MS_LAZYTIME MNT_FORCE MNT_DETACH @@ -537,6 +539,7 @@ the last argument of `mknod'." (define MS_NOATIME 1024) (define MS_BIND 4096) (define MS_MOVE 8192) +(define MS_SHARED 1048576) (define MS_RELATIME 2097152) (define MS_STRICTATIME 16777216) (define MS_LAZYTIME 33554432) -- cgit 1.4.1 From 59ee837d8b11d7d688045b601e8b240ccbdbe7c7 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 9 Aug 2022 23:51:48 -0400 Subject: services: elogind: Fix default behavior for lid close. Fixes , which was a behavior change introduced inadvertently in 4c698cd51209a0102477478b026ea04bd7e45908. * gnu/services/desktop.scm () [handle-lid-switch-external-power]: Default to *unspecified*, which serializes to nothing. This matches upstream behavior, meaning that even when plugged to a power cord, a laptop will suspend when the lid is closed. * doc/guix.texi (Desktop Services): Update doc. Reported-by: Cairn --- doc/guix.texi | 2 +- gnu/services/desktop.scm | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 99321929cc..86cfe7d49c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -22442,7 +22442,7 @@ their default values are: @item handle-lid-switch-docked @code{ignore} @item handle-lid-switch-external-power -@code{ignore} +@code{*unspecified*} @item power-key-ignore-inhibited? @code{#f} @item suspend-key-ignore-inhibited? diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 29a3722f1b..f891d1b5cc 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2015 Andy Wingo ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Sou Bunnbu -;;; Copyright © 2017, 2020 Maxim Cournoyer +;;; Copyright © 2017, 2020, 2022 Maxim Cournoyer ;;; Copyright © 2017 Nikita ;;; Copyright © 2018, 2020 Efraim Flashner ;;; Copyright © 2018 Ricardo Wurmus @@ -971,7 +971,7 @@ include the @command{udisksctl} command, part of UDisks, and GNOME Disks." (handle-lid-switch-docked elogind-handle-lid-switch-docked (default 'ignore)) (handle-lid-switch-external-power elogind-handle-lid-switch-external-power - (default 'ignore)) + (default *unspecified*)) (power-key-ignore-inhibited? elogind-power-key-ignore-inhibited? (default #f)) (suspend-key-ignore-inhibited? elogind-suspend-key-ignore-inhibited? @@ -1032,7 +1032,9 @@ include the @command{udisksctl} command, part of UDisks, and GNOME Disks." (define handle-actions '(ignore poweroff reboot halt kexec suspend hibernate hybrid-sleep lock)) (define (handle-action x) - (enum x handle-actions)) + (if (unspecified? x) + "" ;empty serializer + (enum x handle-actions))) (define (sleep-list tokens) (unless (valid-list? tokens char-set:user-name) (error "invalid sleep list" tokens)) -- cgit 1.4.1