From 9bdb0fee012cb8bae0080c3d398842cad612070a Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 2 Apr 2020 16:04:12 +0200 Subject: services: mate: Provide all the polkit actions. * gnu/services/desktop.scm (mate-polkit-extension): New procedure. (mate-desktop-service-type): Use it when extending POLKIT-SERVICE-TYPE. --- gnu/services/desktop.scm | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 16ee4d3537..7300ff5f4a 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -932,15 +932,23 @@ (define-record-type* mate-desktop-configuration mate-desktop-configuration? (mate-package mate-package (default mate))) +(define (mate-polkit-extension config) + "Return the list of packages for CONFIG's MATE package that extend polkit." + (let ((mate (mate-package config))) + (map (lambda (input) + ((package-direct-input-selector input) mate)) + '("mate-system-monitor" ;kill, renice processes + "mate-settings-daemon" ;date/time settings + "mate-power-manager" ;modify brightness + "mate-control-center" ;RandR, display properties FIXME + "mate-applets")))) ;CPU frequency scaling + (define mate-desktop-service-type (service-type (name 'mate-desktop) (extensions (list (service-extension polkit-service-type - (compose list - (package-direct-input-selector - "mate-settings-daemon") - mate-package)) + mate-polkit-extension) (service-extension profile-service-type (compose list mate-package)))) -- cgit v1.2.3 From 83670e02bc1be9481a6957a8cdb977f35a0ac483 Mon Sep 17 00:00:00 2001 From: Simon Mages Date: Sun, 29 Mar 2020 15:54:16 +0200 Subject: services: murmur: Add missing newline in murmur-configuration. * gnu/services/telephony.scm (default-murmur-config): Add newline after "max-user-bandwidth". Signed-off-by: Marius Bakke --- gnu/services/telephony.scm | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'gnu/services') diff --git a/gnu/services/telephony.scm b/gnu/services/telephony.scm index 0a735315b4..e1259cc2df 100644 --- a/gnu/services/telephony.scm +++ b/gnu/services/telephony.scm @@ -182,7 +182,9 @@ (define (default-murmur-config config) "welcometext=" welcome-text "\n" "port=" (number->string port) "\n" (if server-password (list "serverpassword=" server-password "\n") '()) - (if max-user-bandwidth (list "bandwidth=" (number->string max-user-bandwidth)) '()) + (if max-user-bandwidth (list "bandwidth=" + (number->string max-user-bandwidth) "\n") + '()) "users=" (number->string max-users) "\n" "uname=" user "\n" "database=" database-file "\n" -- cgit v1.2.3 From 044d1478c9a63a64547c9cc320008f8d8fbf6791 Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Sun, 5 Apr 2020 07:28:03 +0200 Subject: gnu: Add kernel-module-loader-service. * doc/guix.texi (Linux Services): Add a new subsection and document the new service and its configuration. * gnu/services/linux.scm (kernel-module-loader-service-type): New type. (kernel-module-loader-shepherd-service): New procedure. * gnu/tests/linux-modules.scm (module-loader-program): Procedure removed. (modules-loaded?-program): New procedure. (run-loadable-kernel-modules-test): 'module-loader-program' procedure replaced by the new one. [os]: Use 'kernel-module-loader-service'. Signed-off-by: Danny Milosavljevic --- doc/guix.texi | 37 +++++++++++++++++++++++++++++ gnu/services/linux.scm | 57 ++++++++++++++++++++++++++++++++++++++++++++- gnu/tests/linux-modules.scm | 45 ++++++++++++++++++++++++----------- 3 files changed, 125 insertions(+), 14 deletions(-) (limited to 'gnu/services') diff --git a/doc/guix.texi b/doc/guix.texi index 8cb85fe62c..bc5602474e 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -76,6 +76,7 @@ Copyright @copyright{} 2020 Damien Cassou@* Copyright @copyright{} 2020 Jakub Kądziołka@* Copyright @copyright{} 2020 Jack Hill@* Copyright @copyright{} 2020 Naga Malleswari@* +Copyright @copyright{} 2020 Brice Waegeneire@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -25383,6 +25384,42 @@ notifications. @end table @end deftp +@cindex modprobe +@cindex kernel module loader +@subsubsection Kernel Module Loader Service + +The kernel module loader service allows one to load loadable kernel +modules at boot. This is especially useful for modules that don't +autoload and need to be manually loaded, as it's the case with +@code{ddcci}. + +@deffn {Scheme Variable} kernel-module-loader-service-type +The service type for loading loadable kernel modules at boot with +@command{modprobe}. Its value must be a list of strings representing +module names. For example loading the drivers provided by +@code{ddcci-driver-linux}, in debugging mode by passing some module +parameters, can be done as follow: + +@lisp +(use-modules (gnu) (gnu services)) +(use-package-modules linux) +(use-service-modules linux) + +(define ddcci-config + (plain-file "ddcci.conf" + "options ddcci dyndbg delay=120")) + +(operating-system + ... + (services (cons* (service kernel-module-loader-service-type + '("ddcci" "ddcci_backlight")) + (simple-service 'ddcci-config etc-service-type + (list `("modprobe.d/ddcci.conf" + ,ddcci-config))) + %base-services)) + (kernel-loadable-modules (list ddcci-driver-linux))) +@end lisp +@end deffn @node Miscellaneous Services @subsection Miscellaneous Services diff --git a/gnu/services/linux.scm b/gnu/services/linux.scm index caa0326c31..781a61973c 100644 --- a/gnu/services/linux.scm +++ b/gnu/services/linux.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2020 Maxim Cournoyer +;;; Copyright © 2020 Brice Waegeneire ;;; ;;; This file is part of GNU Guix. ;;; @@ -25,6 +26,8 @@ (define-module (gnu services linux) #:use-module (gnu packages linux) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) + #:use-module (srfi srfi-34) + #:use-module (srfi srfi-35) #:use-module (ice-9 match) #:export (earlyoom-configuration earlyoom-configuration? @@ -37,7 +40,9 @@ (define-module (gnu services linux) earlyoom-configuration-ignore-positive-oom-score-adj? earlyoom-configuration-show-debug-messages? earlyoom-configuration-send-notification-command - earlyoom-service-type)) + earlyoom-service-type + + kernel-module-loader-service-type)) ;;; @@ -123,3 +128,53 @@ (define earlyoom-service-type (list (service-extension shepherd-root-service-type (compose list earlyoom-shepherd-service)))) (description "Run @command{earlyoom}, the Early OOM daemon."))) + + +;;; +;;; Kernel module loader. +;;; + +(define kernel-module-loader-shepherd-service + (match-lambda + ((and (? list? kernel-modules) ((? string?) ...)) + (list + (shepherd-service + (documentation "Load kernel modules.") + (provision '(kernel-module-loader)) + (requirement '(file-systems)) + (respawn? #f) + (one-shot? #t) + (modules `((srfi srfi-1) + (srfi srfi-34) + (srfi srfi-35) + (rnrs io ports) + ,@%default-modules)) + (start + #~(lambda _ + (cond + ((null? '#$kernel-modules) #t) + ((file-exists? "/proc/sys/kernel/modprobe") + (let ((modprobe (call-with-input-file + "/proc/sys/kernel/modprobe" get-line))) + (guard (c ((message-condition? c) + (format (current-error-port) "~a~%" + (condition-message c)) + #f)) + (every (lambda (module) + (invoke/quiet modprobe "--" module)) + '#$kernel-modules)))) + (else + (format (current-error-port) "error: ~a~%" + "Kernel is missing loadable module support.") + #f))))))))) + +(define kernel-module-loader-service-type + (service-type + (name 'kernel-module-loader) + (description "Load kernel modules.") + (extensions + (list (service-extension shepherd-root-service-type + kernel-module-loader-shepherd-service))) + (compose concatenate) + (extend append) + (default-value '()))) diff --git a/gnu/tests/linux-modules.scm b/gnu/tests/linux-modules.scm index 39e11587c6..788bdc848a 100644 --- a/gnu/tests/linux-modules.scm +++ b/gnu/tests/linux-modules.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019 Jakob L. Kreuze ;;; Copyright © 2020 Danny Milosavljevic +;;; Copyright © 2020 Brice Waegeneire ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,6 +20,8 @@ (define-module (gnu tests linux-modules) #:use-module (gnu packages linux) + #:use-module (gnu services) + #:use-module (gnu services linux) #:use-module (gnu system) #:use-module (gnu system vm) #:use-module (gnu tests) @@ -37,25 +40,40 @@ (define-module (gnu tests linux-modules) ;;; ;;; Code: -(define* (module-loader-program os modules) - "Return an executable store item that, upon being evaluated, will dry-run -load MODULES." +(define* (modules-loaded?-program os modules) + "Return an executable store item that, upon being evaluated, will verify +that MODULES are actually loaded." (program-file - "load-kernel-modules.scm" - (with-imported-modules (source-module-closure '((guix build utils))) - #~(begin - (use-modules (guix build utils)) - (for-each (lambda (module) - (invoke (string-append #$kmod "/bin/modprobe") "-n" "--" - module)) - '#$modules))))) + "verify-kernel-modules-loaded.scm" + #~(begin + (use-modules (ice-9 rdelim) + (ice-9 popen) + (srfi srfi-1) + (srfi srfi-13)) + (let* ((port (open-input-pipe (string-append #$kmod "/bin/lsmod"))) + (lines (string-split (read-string port) #\newline)) + (separators (char-set #\space #\tab)) + (modules (map (lambda (line) + (string-take line + (or (string-index line separators) + 0))) + lines)) + (status (close-pipe port))) + (and (= status 0) + (and-map (lambda (module) + (member module modules string=?)) + '#$modules)))))) (define* (run-loadable-kernel-modules-test module-packages module-names) - "Run a test of an OS having MODULE-PACKAGES, and modprobe MODULE-NAMES." + "Run a test of an OS having MODULE-PACKAGES, and verify that MODULE-NAMES +are loaded in memory." (define os (marionette-operating-system (operating-system (inherit (simple-operating-system)) + (services (cons (service kernel-module-loader-service-type module-names) + (operating-system-user-services + (simple-operating-system)))) (kernel-loadable-modules module-packages)) #:imported-modules '((guix combinators)))) (define vm (virtual-machine os)) @@ -75,7 +93,8 @@ (define marionette marionette)) (test-end) (exit (= (test-runner-fail-count (test-runner-current)) 0))))) - (gexp->derivation "loadable-kernel-modules" (test (module-loader-program os module-names)))) + (gexp->derivation "loadable-kernel-modules" + (test (modules-loaded?-program os module-names)))) (define %test-loadable-kernel-modules-0 (system-test -- cgit v1.2.3 From f00f52a1fb5ac08f8059dffcd60d36adcda06603 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 6 Apr 2020 08:35:02 +0200 Subject: gnu: mumi: Update to 0.0.0-12.bb2fe92. * gnu/packages/mail.scm (mumi): Update to 0.0.0-12.bb2fe92. [inputs]: Add guile-gcrypt, guile-redis, guile-webutils, mailutils. * gnu/services/web.scm (): New record type. (mumi-configuration, mumi-configuration?, mumi-configuration-mumi, mumi-configuration-mailer?, mumi-configuration-sender, mumi-configuration-smtp): New procedures. (mumi-shepherd-services): Accept configuration; adjust start commands; add Shepherd service for mumi mailer. (mumi-service-type): Pass default configuration. * doc/guix.texi (Web Services): Update documentation. --- doc/guix.texi | 24 +++++++++++++++++ gnu/packages/mail.scm | 10 ++++--- gnu/services/web.scm | 75 +++++++++++++++++++++++++++++++++++++-------------- 3 files changed, 86 insertions(+), 23 deletions(-) (limited to 'gnu/services') diff --git a/doc/guix.texi b/doc/guix.texi index 67cedaec1b..12094e0feb 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -20686,6 +20686,30 @@ but it also fetches and indexes mail retrieved from Debbugs. This is the service type for Mumi. @end defvr +@deftp {Data Type} mumi-configuration +Data type representing the Mumi service configuration. This type has the +following fields: + +@table @asis +@item @code{mumi} (default: @code{mumi}) +The Mumi package to use. + +@item @code{mailer?} (default: @code{#true}) +Whether to enable or disable the mailer component. + +@item @code{mumi-configuration-sender} +The email address used as the sender for comments. + +@item @code{mumi-configuration-smtp} +A URI to configure the SMTP settings for Mailutils. This could be +something like @code{sendmail:///path/to/bin/msmtp} or any other URI +supported by Mailutils. @xref{SMTP Mailboxes, SMTP Mailboxes,, +mailutils, GNU@tie{}Mailutils}. + +@end table +@end deftp + + @subsubheading FastCGI @cindex fastcgi @cindex fcgiwrap diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 2d0e25655f..a4dab88fb2 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -3003,8 +3003,8 @@ (define-public tnef (license gpl2+))) (define-public mumi - (let ((commit "0e9af8d11246eb08152a9bcbc3d04703963b756c") - (revision "11")) + (let ((commit "bb2fe926b496dc44f783430ab16f5219bae36e81") + (revision "12")) (package (name "mumi") (version (git-version "0.0.0" revision commit)) @@ -3016,7 +3016,7 @@ (define-public mumi (file-name (git-file-name name version)) (sha256 (base32 - "0q5x33gc8gi8w7cjphdmhdyfa62b89mcbmj068yd5jxqx8sn4hlw")))) + "0azqrnkcwnh903f3ap8injhld3jicxdjzbbdi56ax46gjahr1rw3")))) (build-system gnu-build-system) (arguments `(#:modules ((guix build gnu-build-system) @@ -3047,11 +3047,15 @@ (define-public mumi (inputs `(("guile-debbugs" ,guile-debbugs) ("guile-email" ,guile-email) + ("guile-gcrypt" ,guile-gcrypt) ("guile-json" ,guile-json-3) + ("guile-redis" ,guile-redis) ("guile-sqlite3" ,guile-sqlite3) ("guile-syntax-highlight" ,guile-syntax-highlight) + ("guile-webutils" ,guile-webutils) ("gnutls" ,gnutls) ;needed to talk to https://debbugs.gnu.org ("guile" ,guile-2.2) + ("mailutils" ,mailutils) ("mumimu" ,mumimu))) ;'mumimu' executable recorded in (mumi config) (native-inputs `(("autoconf" ,autoconf) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index fa5c34d5af..c73ff5ebfc 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -262,6 +262,14 @@ (define-module (gnu services web) patchwork-virtualhost patchwork-service-type + + mumi-configuration + mumi-configuration? + mumi-configuration-mumi + mumi-configuration-mailer? + mumi-configuration-sender + mumi-configuration-smtp + mumi-service-type)) ;;; Commentary: @@ -1678,6 +1686,14 @@ (define patchwork-service-type ;;; Mumi. ;;; +(define-record-type* + mumi-configuration make-mumi-configuration + mumi-configuration? + (mumi mumi-configuration-mumi (default mumi)) + (mailer? mumi-configuration-mailer? (default #t)) + (sender mumi-configuration-sender) + (smtp mumi-configuration-smtp)) + (define %mumi-activation (with-imported-modules '((guix build utils)) #~(begin @@ -1702,25 +1718,43 @@ (define %mumi-accounts (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) -(define (mumi-shepherd-services mumi) - (list (shepherd-service - (provision '(mumi)) - (documentation "Mumi bug-tracking web interface.") - (requirement '(networking)) - (start #~(make-forkexec-constructor - '(#$(file-append mumi "/bin/mumi")) - #:user "mumi" #:group "mumi" - #:log-file "/var/log/mumi.log")) - (stop #~(make-kill-destructor))) - (shepherd-service - (provision '(mumi-worker)) - (documentation "Mumi bug-tracking web interface.") - (requirement '(networking)) - (start #~(make-forkexec-constructor - '(#$(file-append mumi "/bin/mumi") "--worker") - #:user "mumi" #:group "mumi" - #:log-file "/var/log/mumi.worker.log")) - (stop #~(make-kill-destructor))))) +(define (mumi-shepherd-services config) + (match config + (($ mumi mailer? sender smtp) + (list (shepherd-service + (provision '(mumi)) + (documentation "Mumi bug-tracking web interface.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + `(#$(file-append mumi "/bin/mumi") "web" + ,@(if mailer? '() '("--disable-mailer"))) + #:user "mumi" #:group "mumi" + #:log-file "/var/log/mumi.log")) + (stop #~(make-kill-destructor))) + (shepherd-service + (provision '(mumi-worker)) + (documentation "Mumi bug-tracking web interface database worker.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + '(#$(file-append mumi "/bin/mumi") "worker") + #:user "mumi" #:group "mumi" + #:log-file "/var/log/mumi.worker.log")) + (stop #~(make-kill-destructor))) + (shepherd-service + (provision '(mumi-mailer)) + (documentation "Mumi bug-tracking web interface mailer.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + `(#$(file-append mumi "/bin/mumi") "mailer" + ,@(if sender + (list (string-append "--sender=" sender)) + '()) + ,@(if smtp + (list (string-append "--smtp=" smtp)) + '())) + #:user "mumi" #:group "mumi" + #:log-file "/var/log/mumi.mailer.log")) + (stop #~(make-kill-destructor))))))) (define mumi-service-type (service-type @@ -1734,4 +1768,5 @@ (define mumi-service-type mumi-shepherd-services))) (description "Run Mumi, a Web interface to the Debbugs bug-tracking server.") - (default-value mumi))) + (default-value + (mumi-configuration)))) -- cgit v1.2.3 From 6ef1fc8da3e4b82f85e87fc56de137d4653ad2bd Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 6 Apr 2020 08:55:13 +0200 Subject: services/web: Add default values to all mumi-configuration fields. This is a follow-up to commit f00f52a1fb5ac08f8059dffcd60d36adcda06603. * gnu/services/web.scm ()[sender,smtp]: Add default values. --- gnu/services/web.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/web.scm b/gnu/services/web.scm index c73ff5ebfc..2b482fcec7 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -1691,8 +1691,8 @@ (define-record-type* mumi-configuration? (mumi mumi-configuration-mumi (default mumi)) (mailer? mumi-configuration-mailer? (default #t)) - (sender mumi-configuration-sender) - (smtp mumi-configuration-smtp)) + (sender mumi-configuration-sender (default #f)) + (smtp mumi-configuration-smtp (default #f))) (define %mumi-activation (with-imported-modules '((guix build utils)) -- cgit v1.2.3 From 0e8564f8f0f51535b9fd7893082d12eef769a7fc Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 6 Apr 2020 09:44:04 +0200 Subject: services/web: Add missing ungexp for mumi shepherd services. This is a follow-up to commit f00f52a1fb5ac08f8059dffcd60d36adcda06603. * gnu/services/web.scm (mumi-shepherd-services): Ungexp variables. --- gnu/services/web.scm | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 2b482fcec7..9ae84ddbc4 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -1727,7 +1727,7 @@ (define (mumi-shepherd-services config) (requirement '(networking)) (start #~(make-forkexec-constructor `(#$(file-append mumi "/bin/mumi") "web" - ,@(if mailer? '() '("--disable-mailer"))) + ,@(if #$mailer? '() '("--disable-mailer"))) #:user "mumi" #:group "mumi" #:log-file "/var/log/mumi.log")) (stop #~(make-kill-destructor))) @@ -1746,11 +1746,11 @@ (define (mumi-shepherd-services config) (requirement '(networking)) (start #~(make-forkexec-constructor `(#$(file-append mumi "/bin/mumi") "mailer" - ,@(if sender - (list (string-append "--sender=" sender)) + ,@(if #$sender + (list (string-append "--sender=" #$sender)) '()) - ,@(if smtp - (list (string-append "--smtp=" smtp)) + ,@(if #$smtp + (list (string-append "--smtp=" #$smtp)) '())) #:user "mumi" #:group "mumi" #:log-file "/var/log/mumi.mailer.log")) -- cgit v1.2.3 From 0468455e7d279c89ea3ad1b51935efb2b785ec47 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 6 Apr 2020 11:47:04 +0200 Subject: services: Add 'rottlog-service-type' to '%base-services'. * gnu/services/base.scm (%base-services): Add an instance of ROTTLOG-SERVICE-TYPE. * doc/guix.texi (Log Rotation): Mention that it's part of %BASE-SERVICES and change example. --- doc/guix.texi | 20 +++++++++++++++----- gnu/services/base.scm | 2 ++ 2 files changed, 17 insertions(+), 5 deletions(-) (limited to 'gnu/services') diff --git a/doc/guix.texi b/doc/guix.texi index 4d1acf1342..450ca3c5d8 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -13186,17 +13186,27 @@ their contents in separate files, possibly compressed. The @code{(gnu services admin)} module provides an interface to GNU@tie{}Rot[t]log, a log rotation tool (@pxref{Top,,, rottlog, GNU Rot[t]log Manual}). -The example below defines an operating system that provides log rotation -with the default settings, for commonly encountered log files. +This service is part of @code{%base-services}, and thus enabled by +default, with the default settings, for commonly encountered log files. +The example below shows how to extend it with an additional +@dfn{rotation}, should you need to do that (usually, services that +produce log files already take care of that): @lisp (use-modules (guix) (gnu)) -(use-service-modules admin mcron) -(use-package-modules base idutils) +(use-service-modules admin) + +(define my-log-files + ;; Log files that I want to rotate. + '("/var/log/something.log" "/var/log/another.log")) (operating-system ;; @dots{} - (services (cons (service rottlog-service-type) + (services (cons (simple-service 'rotate-my-stuff + rottlog-service-type + (list (log-rotation + (frequency 'daily) + (files my-log-files)))) %base-services))) @end lisp diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 8d9a563e2b..a0179c0259 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -2444,6 +2444,8 @@ (define %base-services (service guix-service-type) (service nscd-service-type) + (service rottlog-service-type) + ;; The LVM2 rules are needed as soon as LVM2 or the device-mapper is ;; used, so enable them by default. The FUSE and ALSA rules are ;; less critical, but handy. -- cgit v1.2.3 From d7113bb655ff80a868a9e624c913f9d23e6c63ad Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 6 Apr 2020 23:50:27 +0200 Subject: services: syslog: Create log files as non-world-readable. Partly fixes . Reported by Diego Nicola Barbato . * gnu/services/base.scm (syslog-service-type): Change 'start' method to set umask to #o137 before spawning syslogd. * gnu/tests/base.scm (run-basic-test)["/var/log/messages is not world-readable"]: New test. --- gnu/services/base.scm | 15 +++++++++++---- gnu/tests/base.scm | 8 ++++++++ 2 files changed, 19 insertions(+), 4 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/base.scm b/gnu/services/base.scm index a0179c0259..f802005e3c 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1436,10 +1436,17 @@ (define syslog-service-type (documentation "Run the syslog daemon (syslogd).") (provision '(syslogd)) (requirement '(user-processes)) - (start #~(make-forkexec-constructor - (list #$(syslog-configuration-syslogd config) - "--rcfile" #$(syslog-configuration-config-file config)) - #:pid-file "/var/run/syslog.pid")) + (start #~(let ((spawn (make-forkexec-constructor + (list #$(syslog-configuration-syslogd config) + "--rcfile" + #$(syslog-configuration-config-file config)) + #:pid-file "/var/run/syslog.pid"))) + (lambda () + ;; Set the umask such that file permissions are #o640. + (let ((mask (umask #o137)) + (pid (spawn))) + (umask mask) + pid)))) (stop #~(make-kill-destructor)))))) ;; Snippet adapted from the GNU inetutils manual. diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 37b83dc7ec..fe63cecbd0 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -195,6 +195,14 @@ (define marionette (pk 'services services) '(root #$@(operating-system-shepherd-service-names os))))) + (test-equal "/var/log/messages is not world-readable" + #o640 ; + (begin + (wait-for-file "/var/log/messages" marionette + #:read 'get-u8) + (marionette-eval '(stat:perms (lstat "/var/log/messages")) + marionette))) + (test-assert "homes" (let ((homes '#$(map user-account-home-directory -- cgit v1.2.3 From 3302e03ba0edca49347c6a2b215e56bd53a6b113 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 7 Apr 2020 12:13:04 +0200 Subject: services: guix: Add 'set-http-proxy' action. Fixes . Reported by Divan Santana . * gnu/services/base.scm (shepherd-set-http-proxy-action): New procedure. (guix-shepherd-service): Add 'actions' field. Change 'start' to a lambda; check the value of the "http_proxy" environment variable and add "http_proxy" and "https_proxy" to #:environment-variables as a function of that. * gnu/tests/base.scm (run-basic-test)["guix-daemon set-http-proxy action", "guix-daemon set-http-proxy action, clear"]: New tests. * doc/guix.texi (Base Services): Document it. --- doc/guix.texi | 19 ++++++++- gnu/services/base.scm | 113 +++++++++++++++++++++++++++++++++----------------- gnu/tests/base.scm | 15 +++++++ 3 files changed, 106 insertions(+), 41 deletions(-) (limited to 'gnu/services') diff --git a/doc/guix.texi b/doc/guix.texi index 450ca3c5d8..7169e03516 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -12779,9 +12779,24 @@ List of extra command-line options for @command{guix-daemon}. File where @command{guix-daemon}'s standard output and standard error are written. +@cindex HTTP proxy, for @code{guix-daemon} +@cindex proxy, for @code{guix-daemon} HTTP access @item @code{http-proxy} (default: @code{#f}) -The HTTP proxy used for downloading fixed-output derivations and -substitutes. +The URL of the HTTP and HTTPS proxy used for downloading fixed-output +derivations and substitutes. + +It is also possible to change the daemon's proxy at run time through the +@code{set-http-proxy} action, which restarts it: + +@example +herd set-http-proxy guix-daemon http://localhost:8118 +@end example + +To clear the proxy settings, run: + +@example +herd set-http-proxy guix-daemon +@end example @item @code{tmpdir} (default: @code{#f}) A directory path where the @command{guix-daemon} will perform builds. diff --git a/gnu/services/base.scm b/gnu/services/base.scm index f802005e3c..cb556e87bc 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1640,6 +1640,30 @@ (define-record-type* (define %default-guix-configuration (guix-configuration)) +(define shepherd-set-http-proxy-action + ;; Shepherd action to change the HTTP(S) proxy. + (shepherd-action + (name 'set-http-proxy) + (documentation + "Change the HTTP(S) proxy used by 'guix-daemon' and restart it.") + (procedure #~(lambda* (_ #:optional proxy) + (let ((environment (environ))) + ;; A bit of a hack: communicate PROXY to the 'start' + ;; method via environment variables. + (if proxy + (begin + (format #t "changing HTTP/HTTPS \ +proxy of 'guix-daemon' to ~s...~%" + proxy) + (setenv "http_proxy" proxy)) + (begin + (format #t "clearing HTTP/HTTPS \ +proxy of 'guix-daemon'...~%") + (unsetenv "http_proxy"))) + (action 'guix-daemon 'restart) + (environ environment) + #t))))) + (define (guix-shepherd-service config) "Return a for the Guix daemon service with CONFIG." (match-record config @@ -1651,47 +1675,58 @@ (define (guix-shepherd-service config) (documentation "Run the Guix daemon.") (provision '(guix-daemon)) (requirement '(user-processes)) + (actions (list shepherd-set-http-proxy-action)) (modules '((srfi srfi-1))) (start - #~(make-forkexec-constructor - (cons* #$(file-append guix "/bin/guix-daemon") - "--build-users-group" #$build-group - "--max-silent-time" #$(number->string max-silent-time) - "--timeout" #$(number->string timeout) - "--log-compression" #$(symbol->string log-compression) - #$@(if use-substitutes? - '() - '("--no-substitutes")) - "--substitute-urls" #$(string-join substitute-urls) - #$@extra-options - - ;; Add CHROOT-DIRECTORIES and all their dependencies (if - ;; these are store items) to the chroot. - (append-map (lambda (file) - (append-map (lambda (directory) - (list "--chroot-directory" - directory)) - (call-with-input-file file - read))) - '#$(map references-file chroot-directories))) - - #:environment-variables - (list #$@(if http-proxy - (list (string-append "http_proxy=" http-proxy)) - '()) - #$@(if tmpdir - (list (string-append "TMPDIR=" tmpdir)) - '()) - - ;; Make sure we run in a UTF-8 locale so that 'guix - ;; offload' correctly restores nars that contain UTF-8 - ;; file names such as 'nss-certs'. See - ;; . - (string-append "GUIX_LOCPATH=" - #$glibc-utf8-locales "/lib/locale") - "LC_ALL=en_US.utf8") - - #:log-file #$log-file)) + #~(lambda _ + (define proxy + ;; HTTP/HTTPS proxy. The 'http_proxy' variable is set by + ;; the 'set-http-proxy' action. + (or (getenv "http_proxy") #$http-proxy)) + + (fork+exec-command + (cons* #$(file-append guix "/bin/guix-daemon") + "--build-users-group" #$build-group + "--max-silent-time" #$(number->string max-silent-time) + "--timeout" #$(number->string timeout) + "--log-compression" #$(symbol->string log-compression) + #$@(if use-substitutes? + '() + '("--no-substitutes")) + "--substitute-urls" #$(string-join substitute-urls) + #$@extra-options + + ;; Add CHROOT-DIRECTORIES and all their dependencies + ;; (if these are store items) to the chroot. + (append-map (lambda (file) + (append-map (lambda (directory) + (list "--chroot-directory" + directory)) + (call-with-input-file file + read))) + '#$(map references-file + chroot-directories))) + + #:environment-variables + (append (list #$@(if tmpdir + (list (string-append "TMPDIR=" tmpdir)) + '()) + + ;; Make sure we run in a UTF-8 locale so that + ;; 'guix offload' correctly restores nars that + ;; contain UTF-8 file names such as + ;; 'nss-certs'. See + ;; . + (string-append "GUIX_LOCPATH=" + #$glibc-utf8-locales + "/lib/locale") + "LC_ALL=en_US.utf8") + (if proxy + (list (string-append "http_proxy=" proxy) + (string-append "https_proxy=" proxy)) + '())) + + #:log-file #$log-file))) (stop #~(make-kill-destructor)))))) (define (guix-accounts config) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index fe63cecbd0..086d2a133f 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -459,6 +459,21 @@ (define (entry->list entry) (marionette-eval '(readlink "/var/guix/gcroots/profiles") marionette)) + (test-equal "guix-daemon set-http-proxy action" + '(#t) ;one value, #t + (marionette-eval '(with-shepherd-action 'guix-daemon + ('set-http-proxy "http://localhost:8118") + result + result) + marionette)) + + (test-equal "guix-daemon set-http-proxy action, clear" + '(#t) ;one value, #t + (marionette-eval '(with-shepherd-action 'guix-daemon + ('set-http-proxy) + result + result) + marionette)) (test-assert "screendump" (begin -- cgit v1.2.3