aboutsummaryrefslogtreecommitdiff
path: root/gnu/build
Commit message (Collapse)AuthorAge
* activation: Do not dereference symlinks during home directory creation.Maxime Devos2021-04-03
| | | | | | | | | | | Fixes <https://bugs.gnu.org/47584>. * gnu/build/activation.scm (copy-account-skeletons): Do not chown the home directory; leave this to 'activate-user-home'. (activate-user-home): Only chown the home directory after the account skeletons have been copied. Co-authored-by: Ludovic Courtès <ludo@gnu.org>.
* file-systems: 'mount-file-system' preserves the right mount flags.Ludovic Courtès2021-03-10
| | | | | | | | | | | | Fixes <https://bugs.gnu.org/47007>. Reported by Jelle Licht <jlicht@fsfe.org>. Since commit dcb640f02b1f9590c3bd4301a22bf31bd60c56d4, we could end up applying the wrong mount flags because the (find ...) expression could pick the "wrong" mount point in the presence of bind mounts. * gnu/build/file-systems.scm (mount-file-system): Use 'statfs' to compute FLAGS whe FS is a bind mount.
* services: Prevent following symlinks during activation.Maxime Devos2021-03-10
| | | | | | | | | | | | | | | | | | | | This addresses a potential security issue, where a compromised service could trick the activation code in changing the permissions, owner and group of arbitrary files. However, this patch is currently only a partial fix, due to a TOCTTOU (time-of-check to time-of-use) race, which can be fixed once guile has bindings to openat and friends. Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html> * gnu/build/activation.scm: new procedure 'mkdir-p/perms'. * gnu/services/authentication.scm (%nslcd-activation, nslcd-service-type): use new procedure. * gnu/services/cups.scm (%cups-activation): likewise. * gnu/services/dbus.scm (dbus-activation): likewise. * gnu/services/dns.scm (knot-activation): likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* file-systems: 'mount-file-system' preserves source flags for bind mounts.Ludovic Courtès2021-02-25
| | | | | | | Fixes <https://bugs.gnu.org/46292>. * gnu/build/file-systems.scm (mount-file-system): If FS is a bind mount, add its original mount flags to FLAGS.
* activation: Do not make setuid programs setgid-root [security].Ludovic Courtès2021-02-09
| | | | | | | | Fixes <https://bugs.gnu.org/46395>. Reported by Duncan Overbruck <mail@duncano.de>. * gnu/build/activation.scm (activate-setuid-programs): Change TARGET mode to not be setgid.
* linux-boot: Fix noresume argument parsing.Tobias Geerinckx-Rice2020-12-17
| | | | | * gnu/build/linux-boot.scm (boot-system): Check for "hibernate=noresume" in addition to "noresume".
* database: Remove #:deduplicate? from 'register-items'.Ludovic Courtès2020-12-15
| | | | | | | | | | | | It is now up to the caller to deduplicate store contents. * guix/store/database.scm (register-items): Remove #:deduplicate? parameter and call to 'deduplicate'. (register-path): Call 'deduplicate' when #:deduplicate? is true. * gnu/build/image.scm (register-closure): Adjust call accordingly. * gnu/build/vm.scm (register-closure): Likewise. * guix/nar.scm (finalize-store-file): Likewise. * guix/scripts/pack.scm (store-database): Likewise.
* image: 'register-closure' leaves it up to the caller to deduplicate.Ludovic Courtès2020-12-15
| | | | | | | | * gnu/build/image.scm (register-closure): Remove #:deduplicate? parameter and pass #:deduplicate? #f to 'register-items'. (initialize-root-partition): Adjust accordingly. * gnu/build/vm.scm (register-closure, root-partition-initializer): Likewise.
* store-copy: 'populate-store' can optionally deduplicate files.Ludovic Courtès2020-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Until now deduplication was performed as an additional pass after copying files, which involve re-traversing all the files that had just been copied. * guix/store/deduplication.scm (copy-file/deduplicate): New procedure. * tests/store-deduplication.scm ("copy-file/deduplicate"): New test. * guix/build/store-copy.scm (populate-store): Add #:deduplicate? parameter and honor it. * tests/gexp.scm ("gexp->derivation, store copy"): Pass #:deduplicate? #f to 'populate-store'. * gnu/build/image.scm (initialize-root-partition): Pass #:deduplicate? to 'populate-store'. Pass #:deduplicate? #f to 'register-closure'. * gnu/build/vm.scm (root-partition-initializer): Likewise. * gnu/build/install.scm (populate-single-profile-directory): Pass #:deduplicate? #f to 'populate-store'. * gnu/build/linux-initrd.scm (build-initrd): Likewise. * guix/scripts/pack.scm (self-contained-tarball)[import-module?]: New procedure. [build]: Pass it as an argument to 'source-module-closure'. * guix/scripts/pack.scm (squashfs-image)[build]: Wrap in 'with-extensions'. * gnu/system/linux-initrd.scm (expression->initrd)[import-module?]: New procedure. [builder]: Pass it to 'source-module-closure'. * gnu/system/install.scm (cow-store-service-type)[import-module?]: New procedure. Pass it to 'source-module-closure'.
* database: Remove #:reset-timestamps? from 'register-items'.Ludovic Courtès2020-12-15
| | | | | | | | | | | | | | The assumption now is that the caller took care of resetting timestamps and permissions. * guix/store/database.scm (register-items): Remove #:reset-timestamps? parameter and the call to 'reset-timestamps'. (register-path): Adjust accordingly and add call to 'reset-timestamps'. * gnu/build/image.scm (register-closure): Remove #:reset-timestamps? parameter to 'register-items'. * gnu/build/vm.scm (register-closure): Likewise. * guix/nar.scm (finalize-store-file): Adjust accordingly. * guix/scripts/pack.scm (store-database)[build]: Likewise.
* image: 'register-closure' assumes already-reset timestamps.Ludovic Courtès2020-12-15
| | | | | | | | * gnu/build/image.scm (register-closure): Remove #:reset-timestamps? parameter. Pass #:reset-timestamps? #f to 'register-items'. (initialize-root-partition): Adjust accordingly. * gnu/build/vm.scm (register-closure, root-partition-initializer): Likewise.
* store-copy: 'populate-store' resets timestamps.Ludovic Courtès2020-12-15
| | | | | | | | | | | | | | | | Until now, 'populate-store' would reset permissions but not timestamps, so callers would resort to going through an extra directory traversal to reset timestamps. * guix/build/store-copy.scm (reset-permissions): Remove. (copy-recursively): New procedure. (populate-store): Pass #:keep-permissions? to 'copy-recursively'. Remove call to 'reset-permissions'. * tests/gexp.scm ("gexp->derivation, store copy"): In BUILD-DRV, check whether 'populate-store' canonicalizes permissions and timestamps. * gnu/build/image.scm (initialize-root-partition): Pass #:reset-timestamps? #f to 'register-closure'. * gnu/build/vm.scm (root-partition-initializer): Likewise.
* Revert "linux-container: Correct test for unprivileged user namespace support."Marius Bakke2020-12-06
| | | | | | | This broke 'guix environment --container' on non-Debian distributions. Fixes <https://bugs.gnu.org/45066>. Reported by luhux <luhux@outlook.com>. This reverts commit 8bc5ca5160db3d82bd5b6b2b7ed80c96f42bd33e.
* file-systems: Fix ‘bcachefs fsck’ exit value logic.Tobias Geerinckx-Rice2020-12-06
| | | | | | | | Bit 1 means the target device was mounted read-only whilst checking. This should never happen in an initrd context but is not an error. * gnu/build/file-systems.scm (check-bcachefs-file-system): Ignore status bits that don't signal an error. Remove the 'reboot-required case.
* linux-container: Correct test for unprivileged user namespace support.Paul Garlick2020-12-03
| | | | | | | | Fixes <https://bugs.gnu.org/31977>. Reported by Paul Garlick <pgarlick@tourbillion-technology.com>. * gnu/build/linux-container.scm (unprivileged-user-namespace-supported?): Return #f when the 'userns-file' does not exist.
* linux-initrd: Remove unnecessary timestamp reset phase.Ludovic Courtès2020-11-21
| | | | | | * gnu/build/linux-initrd.scm (write-cpio-archive): Mention timestamps in docstring. (build-initrd): Remove unnecessary timestamp reset phase.
* Add (gnu build chromium-extension).Marius Bakke2020-11-08
| | | | | * gnu/build/chromium-extension.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
* linux-boot: Resume from hibernation.Tobias Geerinckx-Rice2020-11-07
| | | | | * gnu/build/linux-boot.scm (resume-if-hibernated): New procedure. (boot-system): Call it.
* file-systems: Add support for bcachefs.Tobias Geerinckx-Rice2020-11-07
| | | | | | | | | * gnu/build/file-systems.scm (%bcachefs-endianness): New syntax. (bcachefs-superblock?, read-bcachefs-superblock) (bcachefs-superblock-external-uuid, bcachefs-superblock-volume-name) (check-bcachefs-file-system): New procedures. (%partition-label-readers, %partition-uuid-readers, check-file-system): Register them.
* shepherd: Remove dependency on (guix utils).Ludovic Courtès2020-11-05
| | | | | | | | | | | Since commit 8ce6f4dc2879919c12bc76a2f4b01200af97e019, importing this module in a gexp would pull in (guix config) from the host, thereby leading to non-reproducible derivations. Users in (gnu services ...) do not expect that so simply remove the (guix utils) dependency for now. * gnu/build/shepherd.scm (fork+exec-command/container)[strip-pid]: New procedure. Use it instead of 'strip-keyword-arguments'.
* image: Error out when passed an unsupported partition type.Ludovic Courtès2020-11-05
| | | | | | * gnu/build/image.scm (make-partition-image): Use 'raise' instead of 'format' when TYPE is not supported. (convert-disk-image): Remove unneeded 'begin'.
* system: reconfigure: Use the disk-installer if provided.Mathieu Othacehe2020-11-03
| | | | | | | | | | | Fixes: <https://issues.guix.gnu.org/44101>. * gnu/build/bootloader.scm (write-file-on-device): Pass 'no-fail flag instead of 'no-create. Use a latin-1 transcoder. * guix/scripts/system/reconfigure.scm (install-bootloader-program): Add a "disk-installer" argument and use it as a fallback. (install-bootloader): Adapt accordingly. * gnu/tests/reconfigure.scm (run-install-bootloader-test): Ditto.
* file-systems: Allow swap space lookup by UUID/label.Ludovic Courtès2020-10-30
| | | | | | | | | * gnu/build/file-systems.scm (%linux-swap-magic, %page-size): New variables. (linux-swap-superblock?, read-linux-swap-superblock) (linux-swap-superblock-uuid, linux-swap-superblock-volume-name): New procedures. (%partition-label-readers, %partition-uuid-readers): Add them.
* hurd-boot: Set /hurd/magic on /dev/fd.Ludovic Courtès2020-10-14
| | | | | * gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Add "/dev/fd".
* hurd-boot: Create /servers/crash.Ludovic Courtès2020-10-08
| | | | | * gnu/build/hurd-boot.scm (set-hurd-device-translators): Create /servers/crash.
* bootloader: Fix u-boot installation.Mathieu Othacehe2020-10-05
| | | | | | | | | | | | | This is a follow-up of f19cf27c2b9ff92e2c0fd931ef7fde39c376adaa. The bootloader installation must be done on the final disk-image, hence using "disk-image-installer" instead of "installer" callback. * gnu/bootloader/u-boot.scm: Turn all installer callbacks into disk-image-installer callbacks. * gnu/build/bootloader.scm (write-file-on-device): Open the output file with 'no-truncate and 'no-create options. * gnu/system/image.scm (with-imported-modules*): Add (gnu build bootloader) module.
* linux-container: Reset jailed root permissions.Jelle Licht2020-10-01
| | | | | | * gnu/build/linux-container.scm (mount-file-systems): Add 'chmod' call. * tests/containers.scm ("call-with-container, mnt namespace, root permissions"): New test.
* secret-service: Add proper logging procedure and log to syslog.Ludovic Courtès2020-09-29
| | | | | | * gnu/build/secret-service.scm (log): New macro. (secret-service-send-secrets, secret-service-receive-secrets): Use it instead of raw 'format' calls.
* services: secret-service: Add initial client/server handshake.Ludovic Courtès2020-09-29
| | | | | | | | | | | | | | | This allows the client running on the host to know when it's actually connect to the server running in the guest. Failing that, the client would connect right away to QEMU and send secrets even though the server is not running yet in the guest, which is unreliable. * gnu/build/secret-service.scm (secret-service-send-secrets): Add #:handshake-timeout. Read from SOCK an initial message from the server. Return #f on error. (secret-service-receive-secrets): Send 'secret-service-server' message to the client. Close SOCK upon timeout. * gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start' method returns #f when 'secret-service-send-secrets' returns #f.
* secret-service: Fix file port leak in 'secret-service-send-secrets'.Ludovic Courtès2020-09-29
| | | | | * gnu/build/secret-service.scm (secret-service-send-secrets): Use 'call-with-input-file' instead of 'open-input-file'.
* secret-service: Add a timeout when waiting for a client.Ludovic Courtès2020-09-29
| | | | | | | | * gnu/build/secret-service.scm (secret-service-receive-secrets) [wait-for-client]: Call 'select' with a 60s timeout before 'accept'. Return #f upon timeout. [read-secrets]: Return FILES on success. Adjust caller of 'wait-for-client' to handle #f.
* secret-service: Clarify the origin of messages.Ludovic Courtès2020-09-29
| | | | | * gnu/build/secret-service.scm (secret-service-send-secrets) (secret-service-receive-secrets): Prefix messages by "secret service".
* image: Add support for compressed-qcow2 format.Mathieu Othacehe2020-09-29
| | | | | | | | | * gnu/build/image.scm (convert-disk-image): New procedure. (genimage): Remove target argument. * gnu/system/image.scm (system-disk-image): Add support for 'compressed-qcow2 image format. Call "convert-disk-image" to apply image conversions on the final image. Add "qemu-minimal" to the build inputs. (system-image): Also add support for 'compressed-qcow2.
* build: shepherd: Check for container support.Mathieu Othacehe2020-09-21
| | | | | | | Fixes: <https://issues.guix.gnu.org/43533>. * gnu/build/shepherd.scm (fork+exec-command/container): Check if containers are supported before joining PID namespaces.
* build: linux-container: Fix run-container.Mathieu Othacehe2020-09-10
| | | | | | | | | This is a follow-up of 5316dfc0f125b658e4a2acf7f00f49501663d943. Some users of run-container may expect that the container is jailed, even if there are no mounts. This is the case for some Guix tests. * gnu/build/linux-container.scm (run-container): Do not jail the container when the requested root is "/".
* linux-boot: Handle nfs-root device strings.Stefan2020-09-07
| | | | | | | | | | | | | * gnu/build/linux-boot.scm (device-string->file-system-device): Support nfs-root "device" strings. * gnu/build/file-systems.scm (canonicalize-device-spec): Support nfs-root "device" strings. * gnu/machine/ssh.scm (machine-check-file-system-availability): Avoid checking of NFS file systems. * gnu/system.scm (read-boot-parameters, device-sexp->device): Support nfs-root "device" strings. Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
* installer: Run the installation inside a container.Mathieu Othacehe2020-09-02
| | | | | | | | | | | | | | | | | | | When the store overlay is mounted, other processes such as kmscon, udev and guix-daemon may open files from the store, preventing the underlying install support from being umounted. See: https://lists.gnu.org/archive/html/guix-devel/2018-12/msg00161.html. To avoid this situation, mount the store overlay inside a container, and run the installation from within that container. * gnu/build/shepherd.scm (fork+exec-command/container): New procedure. * gnu/services/base.scm (guix-shepherd-service): Support an optional PID argument passed to the "start" method. If that argument is passed, ensure that guix-daemon enters the given PID MNT namespace by using fork+exec-command/container procedure. * gnu/installer/final.scm (umount-cow-store): Remove it, (install-system): run the installation from within a container. * gnu/installer/newt/final.scm (run-install-shell): Remove the display hack.
* linux-container: Do not jail the container unconditionally.Mathieu Othacehe2020-09-02
| | | | | | | | | We may want to run a container inside the MNT namespace, without jailing the container. If RUN-CONTAINER is passed a null MOUNTS list, do not jail the container. * gnu/build/linux-container.scm (run-container): Do not call MOUNT-FILE-SYSTEMS if MOUNTS list is empty.
* install: Factorize cow-store procedure.Mathieu Othacehe2020-09-02
| | | | | | | | | | Move the cow-store procedure from the service declaration in (gnu system install) to (gnu build install), so that it can be called from within a different context than Shepherd. * gnu/build/install.scm (mount-cow-store, unmount-cow-store): New procedures. * gnu/system/install.scm (make-cow-store): Remove it, (cow-store-service-type): adapt it accordingly.
* services: Add secret-service-type.Jan (janneke) Nieuwenhuizen2020-09-01
| | | | | | | | | | | | This adds a "secret-service" that can be added to a Childhurd VM to receive out-of-band secrets (keys) sent from the host. Co-authored-by: Ludovic Courtès <ludo@gnu.org> * gnu/services/virtualization.scm (secret-service-activation): New procedure. (secret-service-type): New variable. * gnu/build/secret-service.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* linux-libre: Support module compression.Mathieu Othacehe2020-08-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds support for GZIP compression for linux-libre kernel modules. The initrd modules are kept uncompressed as the initrd is already compressed as a whole. The linux-libre kernel also supports XZ compression, but as Guix does not have any available bindings for now, and the compression time is far more significant, GZIP seems to be a better option. * gnu/build/linux-modules.scm (modinfo-section-contents): Use 'call-with-gzip-input-port' to read from a module file using '.gz' extension, (strip-extension): new procedure, (dot-ko): adapt to support compression, (ensure-dot-ko): ditto, (file-name->module-name): ditto, (find-module-file): ditto, (load-linux-module*): ditto, (module-name->file-name/guess): ditto, (module-name-lookup): ditto, (write-module-name-database): ditto, (write-module-alias-database): ditto, (write-module-device-database): ditto. * gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions. * gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto. * gnu/services.scm (activation-script): Ditto. * gnu/services/base.scm (default-serial-port): Ditto, (agetty-shepherd-service): ditto, (udev-service-type): ditto. * gnu/system/image.scm (gcrypt-sqlite3&co): Ditto. * gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib" to the extensions and make sure that the initrd only contains uncompressed module files. * gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the extensions. * guix/profiles.scm (linux-module-database): Ditto.
* file-system: Add mount-may-fail? option.Mathieu Othacehe2020-07-31
| | | | | | | | | | * gnu/system/file-systems.scm (<file-system>): Add a mount-may-fail? field. (file-system->spec): adapt accordingly, (spec->file-system): ditto. * gnu/build/file-systems.scm (mount-file-system): If 'system-error is raised and mount-may-fail? is true, ignore it. Otherwise, re-raise the exception. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* file-systems: Add NTFS support.Mathieu Othacehe2020-07-26
| | | | | | | | | | | | | | * gnu/system/uuid.scm (%ntfs-endianness): New macro, (ntfs-uuid->string): new procedure, (%ntfs-endianness): new variable, (string->ntfs-uuid): new exported procedure, (%uuid-parsers): add NTFS support, (%uuid-printers): add NTFS support. * gnu/build/file-systems.scm (%ntfs-endianness): New macro, (ntfs-superblock?, read-ntfs-superblock, ntfs-superblock-uuid, check-ntfs-file-system): new procedure, (%partition-uuid-readers): add NTFS support, (check-file-system): add NTFS support.
* image: Do not set journal_model=WAL for the Hurd.Jan (janneke) Nieuwenhuizen2020-07-11
| | | | | | | | | | | | | | This fixes <https://bugs.gnu.org/42151>. * gnu/system/images/hurd.scm (hurd-initialize-root-partition): Use #:wal-mode #f in call to ... * gnu/build/image.scm (initialize-root-partition): ... this, add #:wal-mode? parameter, pass it to ... (register-closure): ... this, add #:wal-mode? parameter, pass it to ... * guix/store/database.scm (with-database): ... this, add #:wal-mode? parameter, pass it to ... (call-with-database): ... this, add #:wal-mode? parameter; when set to #f, do not set journal_model=WAL.
* hurd-boot: Mount /proc, add /etc/mtab.Jan (janneke) Nieuwenhuizen2020-06-27
| | | | | * gnu/build/hurd-boot.scm (set-hurd-device-translators): Mount /proc. Add symlink to /etc/mtab into /proc/mounts.
* hurd-boot: Remove duplicate calls to 'scope'.Jan (janneke) Nieuwenhuizen2020-06-27
| | | | | * gnu/build/hurd-boot.scm (set-hurd-device-translators): Remove duplicate calls to 'scope'.
* system: image: Remove "image-root" when building raw disk-images.Mathieu Othacehe2020-06-22
| | | | | | | | | | | | | | | | | The "image-root" derivation output is used as a temporary directory that is passed to mke2fs and mkdosfs later on. By merging the creation of this directory and the production of partition images, we can get rid of the derivation. As mke2fs and mkdosfs are not able to override file permissions, call those commands with fakeroot. This way, all the image files will be owned by root, even if image generation is done in an unprivilegded context. * gnu/system/image.scm (system-disk-image): Merge "image-root" and "iso9660-image" derivations so that we spare an extra derivation. Also add "fakeroot" and its runtime dependencies to the inputs. * gnu/build/image.scm (make-ext-image, make-vfat-image): Make sure that mke2fs and mkdosfs are respectively called by fakeroot.
* hurd-boot: Use 'setxattr' instead of invoking settrans.Jan (janneke) Nieuwenhuizen2020-06-19
| | | | | | | | | | Note: Using `getxattr' on the Hurd instead of running showtrans does not work (yet?). * gnu/build/hurd-boot.scm (setup-translator): Use 'setxattr' instead of invoking settrans. * gnu/system.scm (hurd-multiboot-modules): Add --x-xattr-translator-records to enable xattr-embedding of translators.
* hurd-boot: Create individual translators instead of running MAKEDEV.Jan (janneke) Nieuwenhuizen2020-06-19
| | | | | | | | | * gnu/build/hurd-boot.scm (make-hurd-device-nodes): Do not create dev/{null,zero,full,random,urandom} mount points. (passive-translator-xattr?, passive-translator-installed?, translated?, set-translator, set-hurd-device-translators): New procedures. (false-if-EEXIST): New macro. (boot-hurd-system): Use them instead of running MAKEDEV.
* database: 'register-items' takes an open database.Ludovic Courtès2020-06-18
| | | | | | | | | | | | * guix/store/database.scm (store-database-directory) (store-database-file): New procedures. (call-with-database): Add call to 'mkdir-p'. (register-items): Add 'db' parameter and remove #:state-directory and #:schema. (register-path): Use 'store-database-file' and 'with-database', and parameterize SQL-SCHEMA. * gnu/build/image.scm (register-closure): Likewise. * gnu/build/vm.scm (register-closure): Likewise. * guix/scripts/pack.scm (store-database)[build]: Likewise.