aboutsummaryrefslogtreecommitdiff
path: root/gnu/system
Commit message (Collapse)AuthorAge
* privilege: Add file-like->setuid-program helper.Tobias Geerinckx-Rice2024-09-08
| | | | | | | | | | | * gnu/system/privilege.scm (file-like->setuid-program): New public procedure. * gnu/system/setuid.scm: Re-export it for compatibility. (file-like->setuid-program): Remove this old version. * gnu/services/docker.scm (singularity-setuid-programs): Use it (again). * gnu/services/desktop.scm (enlightenment-privileged-programs): Likewise. Change-Id: I8e41144438677a15cdadb3063651dbc780715497
* uuid: Add support for exFAT.Tobias Geerinckx-Rice2024-09-01
| | | | | | | | | | | | We expect users to use the generic STRING->FAT-UUID procedure. This is consistent with how we already treat FAT32 vs FAT16. It is not consistent with how we export 8 different aliases for STRING->DCE-UUID, but I'm unconvinced that would be better. * gnu/system/uuid.scm (%uuid-parsers, %uuid-printers): Add the ‘exfat’ file system type. Change-Id: Ia31482716e4395f9f10f794f49fb31c9f330a2e3
* system: locale: ‘glibc-supported-locales’ uses zstd instead of xz.Ludovic Courtès2024-09-09
| | | | | | | | | | This is a followup to c9666c120b8e40321d6044f572533e160c1e0351. Fixes <https://issues.guix.gnu.org/73065>. * gnu/system/locale.scm (glibc-supported-locales): Change XZ to ZSTD. Change-Id: Ie3cb5d50648a0698ce5246591fb405e4eb690af5
* gnu: %default-locale-libcs: Add glibc-2.35 and generalize for Hurd.Josselin Poiret2024-08-31
| | | | | | | * gnu/system/locale.scm (%default-locale-libcs): Stop checking for Hurd, since we have the same libc now. Also add glibc-2.35 while the transition happens. Change-Id: I1f4980d18184580f3a42a86ca244c8015df15269
* install: Set ‘privileged-programs’ rather than ‘setuid-programs’.Ludovic Courtès2024-08-19
| | | | | | | * gnu/system/install.scm (installation-os)[setuid-programs]: Remove. [privileged-programs]: New field. Change-Id: I5c93f282f5ec790f13ac076e0ab0f6d59d92d59d
* system: hurd: Empty default ‘privileged-programs’ list.Ludovic Courtès2024-08-19
| | | | | | | | | | Fixes a bug whereby Hurd systems would find themselves including ‘%default-privileged-programs’ in addition to ‘%setuid-programs/hurd’. * gnu/system/hurd.scm (%hurd-default-operating-system)[privileged-programs]: New field. Change-Id: I5b6a55a8df7e6af697d22166e9f483f6dd816e64
* privilege: Add POSIX capabilities(7) support.Tobias Geerinckx-Rice2024-08-11
| | | | | | | | | | | | * gnu/system/privilege.scm (<privileged-program>): Add a field representing the program's POSIX capabilities. (privileged-program-capabilities): New public procedure. * doc/guix.texi (Privileged Programs): Document it. * gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP package argument providing setcap(8) to apply said capabilities. * gnu/services.scm (privileged-program->activation-gexp): Pass said package argument where supported. Include privileged-program-capabilities in the compatibility hack.
* system: (gnu system setuid) wraps (gnu system privilege).Tobias Geerinckx-Rice2024-08-11
| | | | | | | | * gnu/system/setuid.scm (setuid-program): Rewrite as syntax to create a <privileged-program> record that is setuid by default. (setuid-program?, setuid-program-program, setuid-program-setuid?) (setuid-program-setgid?, setuid-program-user, setuid-program-group): Alias their privileged-program equivalent.
* system: Add (gnu system privilege).Tobias Geerinckx-Rice2024-08-11
| | | | | * gnu/system/privilege.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* services: base: Add optional delayed mount of file-systemsRichard Sent2024-06-04
| | | | | | | | | | | | | | | | | | | Add a mechanism to only require mounting a subset of file-system entries during early Shepherd initialization. Any file-system with additional Shepherd service requirements (e.g. networking) is not required to provision 'file-systems. * gnu/services/base.scm (file-system-shepherd-service): Splice file-system-requirements into the Shepherd service requirement list. (file-system-shepherd-services): Provision 'file-system only when file system services without additional Shepherd requirements are started. * gnu/system/file-systems.scm (file-system): Add shepherd-requirements field to the file-system record. This field is used for adding additional Shepherd requirements to a file-system Shepherd service. * doc/guix.texi: Add documentation for file-system shepherd-requirements. Change-Id: If0392db03d48e8820aa53df1df482c12ec72e1a5 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu: linux-libre: Enable Zstd compression of kernel modules.Maxim Cournoyer2024-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | This brings the on disk size of the kernel from 164 MiB to 144 MiB, or about 12%. * gnu/packages/linux.scm (default-extra-linux-options) [version>=5.13]: Enable CONFIG_MODULE_COMPRESS_ZSTD, else CONFIG_MODULE_COMPRESS_GZIP. (make-linux-libre*) [phases] {set-environment}: Set ZSTD_CLEVEL environment variable to 19. [native-inputs]: Add zstd. * gnu/build/linux-modules.scm (module-regex): Add .zst to regexp. Update doc. (modinfo-section-contents): Extend support to Zstd compressed module. (dot-ko): Register the 'zstd compression type. (ensure-dot-ko, file-name->module-name, load-linux-module*) (module-name->file-name/guess, write-module-name-database) (write-module-alias-database, write-module-device-database): Update doc. (module-name-lookup): Also consider zstd-compressed modules. * gnu/installer.scm (installer-program): Add guile-zstd extension to gexp. * gnu/system/linux-initrd.scm (flat-linux-module-directory): Likewise. Decompress zstd-compressed modules for use in initrd. * guix/profiles.scm (linux-module-database): Add guile-zstd extension to gexp. Change-Id: Ide899dc5c58ea5033583b1a91a92c025fc8d901a
* mapped-devices: lvm: Add missing module import.Lars-Dominik Braun2024-05-27
| | | | | | | | | Tested with (locally fixed) lvm-separate-home-os system test. * gnu/system/mapped-devices.scm (lvm-device-mapping): Add SRFI-1 to modules. Change-Id: I8c155b47c29004bdc59057391dfba94ce33bdbc2
* system: images: Add visionfive2 module.Zheng Junjie2024-05-22
| | | | | | | * gnu/system/images/visionfive2.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Change-Id: I8831f1148bcddb0d604e1174034fca85cd2887a1
* image: Raise error when use both grub-efi* bootloader and not gpt image.Zheng Junjie2024-05-22
| | | | | | | * gnu/system/image.scm: Switch Inversion logic, it allow we use customize bootloader with gpt image. Change-Id: I801327f6e826a37588b8f0f5246ca820e742f721
* file-systems: Add "virtiofs" to the list of pseudo file system types.Massimo Zaniboni2024-05-13
| | | | | | | | * gnu/system/file-systems.scm (%pseudo-file-system-types): Add "virtiofs" to the list of pseudo file system types. Change-Id: Ib1d99127e65f6543c592faec1c54bd0c5eae3ad7 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* linux-initrd: Further strip the static Guile.Ludovic Courtès2024-04-29
| | | | | | | | | | | | | | ‘guile-static-initrd’ weighs in at 46 MiB, compared to 54 MiB for ‘guile-static-stripped’ (15% reduction). * gnu/packages/make-bootstrap.scm (make-guile-static-stripped): Add ‘directories-to-remove’ parameter and honor it. (%guile-static-initrd): New variable. * gnu/system/linux-initrd.scm (expression->initrd): Default to ‘%guile-static-initrd’. * doc/guix.texi (Initial RAM Disk): Adjust accordingly. Change-Id: I2baf06fed7a3698433e7c83b1d7726054a8c746e
* locale: Shrink ‘%default-locale-definitions’ from 34 to 10 locales.Ludovic Courtès2024-04-29
| | | | | | | | | This reduces the default set of locales from 92 MiB to 28 MiB. * gnu/system/locale.scm (%default-locale-definitions): Reduce to 10 locales. Change-Id: I3c092604301d69db591957bcfd62a062c3ac5ab0
* system: Remove ‘glibc-2.33’ from ‘%default-locale-libcs’.Ludovic Courtès2024-04-29
| | | | | | | | | | | | | The transition from glibc 2.33 to 2.35 was done in c919bfefd98bf2e29549539b4e28e6dc2a8a6f32 (one year ago), so we can assume that the backward-compatible locales are no longer needed by default. This removes 92 MiB from the system closure. * gnu/system/locale.scm (%default-locale-libcs): Remove GLIBC-2.33. Change-Id: I85948bbe6b2d424f9f158eeafdb5543688c66c6b
* system: Remove nss-certs from OS templates, adjust doc.Maxim Cournoyer2024-04-18
| | | | | | | | | | | | | | | | | | | | | | | | | This is a follow-up to commit 86afaadb51 ("system: Add 'nss-certs' to %base-packages-networking.") * doc/guix-cookbook.texi (Running Guix on a Linode Server): Remove nss-certs from operating system's packages field. (Running Guix on a Kimsufi Server): Likewise. * doc/guix.texi (Using the Configuration System): Likewise. (X.509 Certificates): Adjust to mention nss-certs *is* part of %base-packages. * gnu/installer/services.scm (%system-services): Remove recommendation to install nss-certs. * gnu/system/examples/bare-bones.tmpl (host-name): Remove obsolete comments. * gnu/system/examples/desktop.tmpl (packages): Remove nss-certs. * gnu/system/examples/lightweight-desktop.tmpl (packages): Likewise. * gnu/system/examples/plasma.tmpl (packages): Likewise. * gnu/system/examples/raspberry-pi-64-nfs-root.tmpl (packages): Likewise. * gnu/system/examples/raspberry-pi-64.tmpl (packages): Likewise. * gnu/system/examples/vm-image.tmpl (packages): Likewise. * gnu/system/images/orangepi-r1-plus-lts-rk3328.scm (packages): Likewise. * gnu/system/images/pine64.scm (packages): Likewise. * gnu/system/install.scm (installation-os) [packages]: Likewise. Change-Id: If09123a69b987178bcb0aab61c4570c14fc1286f
* linux-initrd: Gracefully handle lack of “modules.builtin” file.Ludovic Courtès2024-04-17
| | | | | | | | | | | | | | Fixes a regression introduced in 8f8ec56052766aa5105d672b77ad9eaca5c1ab3c, whereby passing a “fake” kernel package would no longer work. Fixes <https://issues.guix.gnu.org/70239>. * gnu/system/linux-initrd.scm (flat-linux-module-directory)[build-exp]: Gracefully handle lack of “modules.builtin” file. Reported-by: Tomas Volf <~@wolfsden.cz> Change-Id: I3acf48123b20f0b6a3b9cc0bf22f76cec3e64361
* vm: Always use a native emulator in ‘guix system vm’.Ludovic Courtès2024-04-17
| | | | | | | | | Suggested by Zheng Junjie <zhengjunjie@iscas.ac.cn>. * gnu/system/vm.scm (system-qemu-image/shared-store-script)[qemu-exec]: Wrap first element in ‘with-parameters’. Change-Id: Iab9905aaa7e80bad0372c1ee7c3ea88a89564f8f
* mapped-devices: luks: Specify modules needed at the top-level.Ludovic Courtès2024-04-08
| | | | | | | | | | | | Fixes <https://issues.guix.gnu.org/70266>. * gnu/system/mapped-devices.scm (luks-device-mapping)[modules]: New field. (open-luks-device): Remove non-top-level ‘use-modules’ form. * gnu/system/linux-initrd.scm (raw-initrd): Remove modules that were added specifically for ‘luks-device-mapping’. Change-Id: I4253c3dd5e3cbcee41ec84fd57227abd428d1bd6
* mapped-devices: <mapped-device-type> can specify modules to import.Ludovic Courtès2024-04-08
| | | | | | | | | * gnu/system/mapped-devices.scm (<mapped-device-type>)[modules]: New field. (device-mapping-service-type): Honor it. * gnu/system/linux-initrd.scm (raw-initrd): Likewise. Change-Id: Icc702cb6f281741975e33203f87fbc1ffa9856da
* vm: If not the same local architecture, don't enable kvm.Zheng Junjie2024-03-31
| | | | | | | * gnu/system/vm.scm (common-qemu-options): Add target keyword. Change-Id: Ic9bf18cf60ac5ce623289df31ea050a22c6e604e Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* vm: add arguments to use virt machine type for qemu-riscv64.Zheng Junjie2024-03-31
| | | | | | | | * gnu/system/vm.scm (system-qemu-image/shared-store-script): When target riscv64, add arguments to set qemu virt machine type. Change-Id: I974c82fdd2d5bfc01caff9e6411db38e472b5cd4 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* linux-initrd: don't add hid-apple module for riscv64-linux.Zheng Junjie2024-03-31
| | | | | | | | * gnu/system/linux-initrd.scm(default-initrd-modules): when target-riscv64, don't add hid-apple module. Change-Id: I633468421db0cb1ebd61e0603021fa1c79038473 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* vm: When target riscv64-linux, use u-boot-qemu-riscv64-bootloader.Zheng Junjie2024-03-31
| | | | | | | | * gnu/system/vm.scm (virtualized-operating-system) When target riscv64-linux, use u-boot-qemu-riscv64-bootloader. Add system, target keyword. Change-Id: I22d64d00670a705e4b81427e44a83d504598b536 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* vm: use #$ for kernel-arguments.Zheng Junjie2024-03-31
| | | | | | | | | | | | Use #$ allow cross-compile to with support current system kernel. e.g. linux-libre-riscv64-generic. * gnu/system/vm.scm(system-qemu-image/shared-store-script) (linux-image-startup-command): use #$ for kernel-arguments. Change-Id: I9d2e7df296ce590b95cd30996b33f8ca692ac1b1 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* linux-initrd: Avoid looking up builtin modules.Hilton Chain2024-03-09
| | | | | | | | * gnu/system/linux-initrd.scm (flat-linux-module-directory) [build-exp]<builtin-modules,modules-to-lookup>: New variables. <modules>: Use ‘modules-to-lookup’ to avoid looking up builtin modules. Change-Id: I60fdae0211bb6632508b1c63582e013e78186cd1
* system: default-bash-profile: Add Guix Home search paths as well.Florian Pelz2024-02-28
| | | | | | | Ordinary .guix-profile is searched already. Also this makes desktop environments find packages installed in Guix Home. * gnu/system/shadow.scm (%default-bash-profile): Add Home search paths.
* services: Add ‘virtual-build-machine’ service.Ludovic Courtès2024-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * gnu/services/virtualization.scm (<virtual-build-machine>): New record type. (%build-vm-ssh-port, %build-vm-secrets-port, %x86-64-intel-cpu-models): New variables. (qemu-cpu-model-for-date, virtual-build-machine-ssh-port) (virtual-build-machine-secrets-port): New procedures. (%minimal-vm-syslog-config, %virtual-build-machine-operating-system): New variables. (virtual-build-machine-default-image): (virtual-build-machine-account-name) (virtual-build-machine-accounts) (build-vm-shepherd-services) (initialize-build-vm-substitutes) (build-vm-activation) (virtual-build-machine-offloading-ssh-key) (virtual-build-machine-activation) (virtual-build-machine-secret-root) (check-vm-availability) (build-vm-guix-extension): New procedures. (initialize-hurd-vm-substitutes): Remove. (hurd-vm-activation): Rewrite in terms of ‘build-vm-activation’. * gnu/system/vm.scm (linux-image-startup-command): New procedure. (operating-system-for-image): Export. * gnu/tests/virtualization.scm (run-command-over-ssh): New procedure, extracted from… (run-childhurd-test): … here. [test]: Adjust accordingly. (%build-vm-os): New variable. (run-build-vm-test): New procedure. (%test-build-vm): New variable. * doc/guix.texi (Virtualization Services)[Virtual Build Machines]: New section. (Build Environment Setup): Add cross-reference. Change-Id: I0a47652a583062314020325aedb654f11cb2499c
* vm: Add ‘cpu-count’ field to <virtual-machine>.Ludovic Courtès2024-02-10
| | | | | | | * gnu/system/vm.scm (<virtual-machine>)[cpu-count]: New field. (virtual-machine-compiler): Honor it. Change-Id: I907a89365f32ac7a9981c4ae5f59cf6eb199c3cc
* vm: Export <virtual-machine> accessors.Ludovic Courtès2024-02-10
| | | | | | * gnu/system/vm.scm: Export. Change-Id: If65d96f4052d070af5baee26f3dd9b233b8480f4
* vm: Add ‘date’ field to <virtual-machine>.Ludovic Courtès2024-02-10
| | | | | | | * gnu/system/vm.scm (<virtual-machine>)[date]: New field. (virtual-machine-compiler): Honor it. Change-Id: Idab1c152466d57cbc6784c031a99fdfd37080bcb
* linux-container: Inherit essential services.Leo Nikkilä2024-02-05
| | | | | | | | | | | | | | | | | | Currently it's not possible to set `essential-services' when building operating systems for containers, since `container-essential-services' always uses the defaults. It's possible to reference `essential-services' from the operating system that's passed in, but since it's thunked, the operating system needs to be defined in two passes to avoid an infinite loop. * gnu/system/linux-container.scm (container-essential-services): Use operating-system-essential-services instead of the defaults to allow overriding the base services. (containerized-operating-system): Update accordingly. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Change-Id: I81452487ef1ad01d3fa874c26d93a67d58ce6062
* image: Consider grub-efi-removable-bootloader to be EFI bootloader.Tomas Volf2024-01-17
| | | | | | | | | | | | Without this change, trying to create a system image with efi-raw type while using grub-efi-removable-bootloader fails with fairly confusing message: EFI bootloader required with GPT partitioning * gnu/system/image.scm (system-disk-image): Consider grub-efi-removable-bootloader to be EFI bootloader. Change-Id: I5f5e1a94e825fd29d6880c5bafb330e16a5ac962
* system: default-zprofile: Sync with home zprofile.Efraim Flashner2024-01-17
| | | | | | | | | The removed fields are already sourced in /etc/profile. * gnu/system/shadow.scm (%default-zprofile): Sync with default zprofile from (gnu home services shells). Change-Id: I419eadf636344e23e8fd2f7006efa81f45527756
* system: Add default guix-home-config.Efraim Flashner2024-01-17
| | | | | | | * gnu/system/shadow.scm (%deafult-skeleton-home-config): New variable. (default-skeletons): Add it. Change-Id: Ida4cca8b1b3674491a4f18d94bc1b12d426575ba
* system: Export default guile config.Efraim Flashner2024-01-17
| | | | | | | | * gnu/system/shadow.scm (%default-dotguile): Extract from default-skeletons, export. (default-skeletons): Use %default-dotguile. Change-Id: Ibe91b3b517ae542bd28070a08e14152f87ed75ec
* system: Export default nanorc.Efraim Flashner2024-01-17
| | | | | | | | * gnu/system/shadow.scm (%default-nanorc): Extract from default-skeletons, export. (default-skeletons): Use %default-nanorc. Change-Id: I0d07b13ed4894b1152a08b96d9ef8527dde073ce
* system: Export default gdbinit.Efraim Flashner2024-01-17
| | | | | | | | * gnu/system/shadow.scm (%default-gdbinit): Extract from default-skeletons, export. (default-skeletons): Use %default-gdbinit. Change-Id: Ia5188f8083a83ad4cdb96e234dbd730b1bfe0072
* system: Export default xdefaults.Efraim Flashner2024-01-17
| | | | | | | | * gnu/system/shadow.scm (%default-xdefaults): Extract from default-skeletons, export. (default-skeletons): Use %default-xdefaults. Change-Id: I44018516ec3687a68d32ca5c86c41bc29507a273
* system: Export default zprofile.Efraim Flashner2024-01-17
| | | | | | | | * gnu/system/shadow.scm (%default-zprofile): Extract from default-skeletons, export. (default-skeletons): Use %default-zprofile. Change-Id: I6c6e158bca2e462a2eae709fbc2c25a2c7f3f8b4
* system: Export default bash-profile.Efraim Flashner2024-01-17
| | | | | | | | gnu/system/shadow.scm (%default-bash-profile): Extract from default-skeletons, export. (default-skeletons): Use %default-bash-profile. Change-Id: I45641b1091daee3495a5f92bdc1a63050e0cc59e
* mapped-devices: Allow unlocking by a key file.Tomas Volf2024-01-14
| | | | | | | | | | | | | Requiring the user to input their password in order to unlock a device is not always reasonable, so having an option to unlock the device using a key file is a nice quality of life change. * gnu/system/mapped-devices.scm (open-luks-device): Add #:key-file argument. (luks-device-mapping-with-options): New procedure. * doc/guix.texi (Mapped Devices): Describe the new procedure. Change-Id: I1de4e045f8c2c11f9a94f1656e839c785b0c11c4 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* system: hurd: Use the Shepherd 0.10.x.Ludovic Courtès2024-01-08
| | | | | | | | | * gnu/system.scm (hurd-default-essential-services): Remove reference to ‘shepherd-0.8’. * gnu/system/hurd.scm (%base-packages/hurd): Replace ‘shepherd-0.8’ with ‘shepherd-0.10’. Change-Id: I9f1800693cda456286450d3d0bb6f7e3da85d55e
* scripts: system: Build layered images.Oleg Pykhalov2024-01-08
| | | | | | | | | | | * guix/scripts/system.scm (show-help, %docker-format-options, %options, %default-options, show-docker-format-options, show-docker-format-options/detailed, process-action): Handle '--max-layers' option. * gnu/system/image.scm (system-docker-image): Same. * gnu/image.scm (<image>)[max-layers]: New record field. Change-Id: I2726655aefd6688b976057fd5a38e9972ebfc292
* gnu: vm-image.tmpl: Improve SPICE dynamic resizing.Maxim Cournoyer2023-12-30
| | | | | | | | | | | * gnu/system/examples/vm-image.tmpl (auto-update-resolution-crutch): Delete variable. (operating-system) [packages]: Add x-resize. [services]: Remove auto-update-resolution-crutch mcron service. Fixes: https://issues.guix.gnu.org/57068 Reported-by: Ludovic Courtès <ludo@gnu.org> Change-Id: I45cd3d79b94ece2511d324c7b180f8f37bd9ba49
* images: Add orangepi-r1-plus-lts image.Herman Rimm2023-12-22
| | | | | | | | | * gnu/local.mk: Register image. * gnu/system/images/orangepi-r1-plus-lts-rk3328.scm: New file. * gnu/system/install.scm (orangepi-r1-plus-lts-rk3328-installation-os): New variable. Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
* file-systems: Add tracefs to %pseudo-file-system-types.Leo Nikkilä2023-12-10
| | | | | | * gnu/system/file-systems.scm (%pseudo-file-system-types): Add tracefs. Signed-off-by: Ludovic Courtès <ludo@gnu.org>