aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/avahi.scm10
-rw-r--r--gnu/packages/compression.scm1
-rw-r--r--gnu/packages/gcc.scm4
-rw-r--r--gnu/packages/glib.scm48
-rw-r--r--gnu/packages/gnutls.scm12
-rw-r--r--gnu/packages/linux-initrd.scm72
-rw-r--r--gnu/packages/linux.scm16
-rw-r--r--gnu/packages/patches/avahi-localstatedir.patch12
-rw-r--r--gnu/packages/patches/dbus-localstatedir.patch30
-rw-r--r--gnu/packages/patches/gnutls-fix-tests-on-32-bits-system.patch36
-rw-r--r--gnu/packages/xorg.scm8
-rw-r--r--gnu/system/grub.scm84
-rw-r--r--gnu/system/linux.scm145
-rw-r--r--gnu/system/shadow.scm57
-rw-r--r--gnu/system/vm.scm233
15 files changed, 621 insertions, 147 deletions
diff --git a/gnu/packages/avahi.scm b/gnu/packages/avahi.scm
index fbdc0e2834..14073b32a0 100644
--- a/gnu/packages/avahi.scm
+++ b/gnu/packages/avahi.scm
@@ -21,6 +21,7 @@
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
+ #:use-module (gnu packages)
#:use-module (gnu packages gdbm)
#:use-module (gnu packages libdaemon)
#:use-module (gnu packages pkg-config)
@@ -42,13 +43,15 @@
(build-system gnu-build-system)
(arguments
'(#:configure-flags '("--with-distro=none"
+ "--localstatedir=/var" ; for the DBus socket
"--disable-python"
"--disable-mono"
"--disable-doxygen-doc"
"--disable-xmltoman"
"--enable-tests"
"--disable-qt3" "--disable-qt4"
- "--disable-gtk" "--disable-gtk3")))
+ "--disable-gtk" "--disable-gtk3")
+ #:patches (list (assoc-ref %build-inputs "patch/localstatedir"))))
(inputs
`(("expat" ,expat)
("glib" ,glib)
@@ -56,7 +59,10 @@
("libdaemon" ,libdaemon)
("intltool" ,intltool)
("pkg-config" ,pkg-config)
- ("gdbm" ,gdbm)))
+ ("gdbm" ,gdbm)
+
+ ("patch/localstatedir"
+ ,(search-patch "avahi-localstatedir.patch"))))
(synopsis "Avahi, an mDNS/DNS-SD implementation")
(description
"Avahi is a system which facilitates service discovery on a local
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 9528cf3199..83ef7a86d8 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -189,6 +189,7 @@ than gzip and 15 % smaller output than bzip2.")
(base32
"0wryshs446s7cclrbjykyj766znhcpnr7s3cxy33ybfn6vwfcygz"))))
(build-system gnu-build-system)
+ (arguments '(#:configure-flags '("--enable-shared")))
(home-page "http://www.oberhumer.com/opensource/lzo")
(synopsis
"A data compresion library suitable for real-time data de-/compression")
diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 571526ebdf..c1a2ce61c5 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -221,7 +221,7 @@ used in the GNU system including the GNU/Linux variant.")
(source (origin
(method url-fetch)
(uri (list (string-append
- "ftp://ftp.linux.student.kuleuven.be/pub/people/skimo/isl/isl-"
+ "http://isl.gforge.inria.fr/isl-"
version
".tar.bz2")
(string-append %gcc-infrastructure
@@ -231,7 +231,7 @@ used in the GNU system including the GNU/Linux variant.")
"13d9cqa5rzhbjq0xf0b2dyxag7pqa72xj9dhsa03m8ccr1a4npq9"))))
(build-system gnu-build-system)
(inputs `(("gmp" ,gmp)))
- (home-page "http://www.kotnet.org/~skimo/isl/")
+ (home-page "http://isl.gforge.inria.fr/")
(synopsis
"A library for manipulating sets and relations of integer points bounded
by linear constraints")
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 72479f21e7..da15d404dd 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -50,9 +50,21 @@
(base32
"1wacqyfkcpayg7f8rvx9awqg275n5pksxq5q7y21lxjx85x6pfjz"))))
(build-system gnu-build-system)
+ (arguments
+ '(#:configure-flags (list ;; Install the system bus socket under /var.
+ "--localstatedir=/var"
+
+ ;; XXX: Fix the following to allow system-wide
+ ;; config.
+ ;; "--sysconfdir=/etc"
+
+ "--with-session-socket-dir=/tmp")
+ #:patches (list (assoc-ref %build-inputs "patch/localstatedir"))))
(inputs
`(("expat" ,expat)
- ("pkg-config" ,pkg-config)))
+ ("pkg-config" ,pkg-config)
+ ("patch/localstatedir"
+ ,(search-patch "dbus-localstatedir.patch"))))
(home-page "http://dbus.freedesktop.org/")
(synopsis "Message bus for inter-process communication (IPC)")
(description
@@ -186,6 +198,40 @@ The intltool collection can be used to do these things:
oaf files. This merge step will happen at build resp. installation time.")
(license license:gpl2+)))
+(define-public itstool
+ (package
+ (name "itstool")
+ (version "1.2.0")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://files.itstool.org/itstool/itstool-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "1akq75aflihm3y7js8biy7b5mw2g11vl8yq90gydnwlwp0zxdzj6"))))
+ (build-system gnu-build-system)
+ (home-page "http://www.itstool.org")
+ (synopsis "Tool to translate XML documents with PO files")
+ (description
+ "ITS Tool allows you to translate your XML documents with PO files, using
+rules from the W3C Internationalization Tag Set (ITS) to determine what to
+translate and how to separate it into PO file messages.
+
+PO files are the standard translation format for GNU and other Unix-like
+systems. They present translatable information as discrete messages, allowing
+each message to be translated independently. In contrast to whole-page
+translation, translating with a message-based format like PO means you can
+easily track changes to the source document down to the paragraph. When new
+strings are added or existing strings are modified, you only need to update the
+corresponding messages.
+
+ITS Tool is designed to make XML documents translatable through PO files by
+applying standard ITS rules, as well as extension rules specific to ITS Tool.
+ITS also provides an industry standard way for authors to override translation
+information in their documents, such as whether a particular element should be
+translated.")
+ (license license:gpl3+)))
+
(define-public dbus-glib
(package
(name "dbus-glib")
diff --git a/gnu/packages/gnutls.scm b/gnu/packages/gnutls.scm
index d636a9c927..766731e289 100644
--- a/gnu/packages/gnutls.scm
+++ b/gnu/packages/gnutls.scm
@@ -54,7 +54,7 @@ portable, and only require an ANSI C89 platform.")
(define-public gnutls
(package
(name "gnutls")
- (version "3.2.1")
+ (version "3.2.4")
(source (origin
(method url-fetch)
(uri
@@ -64,20 +64,14 @@ portable, and only require an ANSI C89 platform.")
version ".tar.xz"))
(sha256
(base32
- "1zi2kq3vcbqdy9khl7r6pgk4hgwibniasm9k6siasdvqjijq3ymb"))))
+ "0zvhzy87v9dfxfvmg1pl951kw55rp647cqdza8942fxq7spp158i"))))
(build-system gnu-build-system)
- (arguments
- `(#:patches (list (assoc-ref %build-inputs
- "patch/fix-tests"))
- #:patch-flags '("-p0")))
(native-inputs
`(("pkg-config" ,pkg-config)))
(inputs
`(("guile" ,guile-2.0)
("zlib" ,guix:zlib)
- ("perl" ,perl)
- ("patch/fix-tests"
- ,(search-patch "gnutls-fix-tests-on-32-bits-system.patch"))))
+ ("perl" ,perl)))
(propagated-inputs
`(("libtasn1" ,libtasn1)
("nettle" ,nettle)
diff --git a/gnu/packages/linux-initrd.scm b/gnu/packages/linux-initrd.scm
index 4a4e437635..b62843aadd 100644
--- a/gnu/packages/linux-initrd.scm
+++ b/gnu/packages/linux-initrd.scm
@@ -284,8 +284,9 @@ the Linux kernel.")
(mkdir "/root/xchg")
(mkdir-p "/root/nix/store")
- (mkdir "/root/dev")
- (make-essential-device-nodes #:root "/root/dev")
+ (unless (file-exists? "/root/dev")
+ (mkdir "/root/dev")
+ (make-essential-device-nodes #:root "/root"))
;; Mount the host's store and exchange directory.
(mount-qemu-smb-share "/store" "/root/nix/store")
@@ -331,4 +332,71 @@ the Linux kernel.")
#:linux linux-libre
#:linux-modules '("cifs.ko" "md4.ko" "ecb.ko")))
+(define-public gnu-system-initrd
+ ;; Initrd for the GNU system itself, with nothing QEMU-specific.
+ (expression->initrd
+ '(begin
+ (use-modules (srfi srfi-1)
+ (srfi srfi-26)
+ (ice-9 match)
+ (guix build utils)
+ (guix build linux-initrd))
+
+ (display "Welcome, this is GNU's early boot Guile.\n")
+ (display "Use '--repl' for an initrd REPL.\n\n")
+
+ (mount-essential-file-systems)
+ (let* ((args (linux-command-line))
+ (option (lambda (opt)
+ (let ((opt (string-append opt "=")))
+ (and=> (find (cut string-prefix? opt <>)
+ args)
+ (lambda (arg)
+ (substring arg (+ 1 (string-index arg #\=))))))))
+ (to-load (option "--load"))
+ (root (option "--root")))
+
+ (when (member "--repl" args)
+ ((@ (system repl repl) start-repl)))
+
+ ;; Make /dev nodes.
+ (make-essential-device-nodes)
+
+ ;; Prepare the real root file system under /root.
+ (unless (file-exists? "/root")
+ (mkdir "/root"))
+ (if root
+ ;; Assume ROOT has a usable /dev tree.
+ (mount root "/root" "ext3")
+ (begin
+ (mount "none" "/root" "tmpfs")
+ (make-essential-device-nodes #:root "/root")))
+
+ (mount-essential-file-systems #:root "/root")
+
+ ;; XXX: We don't copy our fellow Guile modules to /root (see
+ ;; 'qemu-initrd'), so if TO-LOAD tries to load a module (which can
+ ;; happen if it throws, to display the exception!), then we're
+ ;; screwed. Hopefully TO-LOAD is a simple expression that just does
+ ;; '(execlp ...)'.
+
+ (if to-load
+ (begin
+ (format #t "loading '~a'...\n" to-load)
+ (chroot "/root")
+ (primitive-load to-load)
+ (format (current-error-port)
+ "boot program '~a' terminated, rebooting~%"
+ to-load)
+ (sleep 2)
+ (reboot))
+ (begin
+ (display "no init file passed via '--exec'\n")
+ (display "entering a warm and cozy REPL\n")
+ ((@ (system repl repl) start-repl))))))
+ #:name "qemu-system-initrd"
+ #:modules '((guix build linux-initrd)
+ (guix build utils))
+ #:linux linux-libre))
+
;;; linux-initrd.scm ends here
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index e434de477e..38bff72933 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -29,6 +29,7 @@
#:use-module (gnu packages bdb)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages algebra)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu))
@@ -146,7 +147,7 @@
(license gpl2+)))
(define-public linux-libre
- (let* ((version* "3.3.8")
+ (let* ((version* "3.11")
(build-phase
'(lambda* (#:key system #:allow-other-keys #:rest args)
(let ((arch (car (string-split system #\-))))
@@ -192,9 +193,10 @@
(uri (linux-libre-urls version))
(sha256
(base32
- "0jkfh0z1s6izvdnc3njm39dhzp1cg8i06jv06izwqz9w9qsprvnl"))))
+ "1vlk04xkvyy1kc9zz556md173rn1qzlnvhz7c9sljv4bpk3mdspl"))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)
+ ("bc" ,bc)
("module-init-tools" ,module-init-tools)))
(arguments
`(#:modules ((guix build gnu-build-system)
@@ -212,6 +214,11 @@
(license gpl2)
(home-page "http://www.gnu.org/software/linux-libre/"))))
+
+;;;
+;;; Pluggable authentication modules (PAM).
+;;;
+
(define-public linux-pam
(package
(name "linux-pam")
@@ -253,6 +260,11 @@ be used through the PAM API to perform tasks, like authenticating a user
at login. Local and dynamic reconfiguration are its key features")
(license bsd-3)))
+
+;;;
+;;; Miscellaneous.
+;;;
+
(define-public psmisc
(package
(name "psmisc")
diff --git a/gnu/packages/patches/avahi-localstatedir.patch b/gnu/packages/patches/avahi-localstatedir.patch
new file mode 100644
index 0000000000..76377d1057
--- /dev/null
+++ b/gnu/packages/patches/avahi-localstatedir.patch
@@ -0,0 +1,12 @@
+Don't "mkdir $(localstatedir)" since we can't do it (/var).
+
+--- avahi-0.6.27/avahi-daemon/Makefile.in 2010-07-13 05:06:35.000000000 +0200
++++ avahi-0.6.27/avahi-daemon/Makefile.in 2010-07-13 18:03:45.000000000 +0200
+@@ -1554,7 +1554,6 @@ xmllint:
+ done
+
+ install-data-local:
+- test -z "$(localstatedir)/run" || $(mkdir_p) "$(DESTDIR)$(localstatedir)/run"
+
+ update-systemd:
+ curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c
diff --git a/gnu/packages/patches/dbus-localstatedir.patch b/gnu/packages/patches/dbus-localstatedir.patch
new file mode 100644
index 0000000000..61bed91b5c
--- /dev/null
+++ b/gnu/packages/patches/dbus-localstatedir.patch
@@ -0,0 +1,30 @@
+Do not try to create $localstatedir and $sysconfdir since we cannot do this
+when they are /var and /etc.
+
+--- dbus-1.6.4/bus/Makefile.in 2013-09-11 16:15:13.000000000 +0200
++++ dbus-1.6.4/bus/Makefile.in 2013-09-11 16:15:15.000000000 +0200
+@@ -1510,9 +1510,6 @@ clean-local:
+ /bin/rm *.bb *.bbg *.da *.gcov || true
+
+ install-data-hook:
+- $(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/dbus
+- $(mkinstalldirs) $(DESTDIR)$(configdir)/system.d
+- $(mkinstalldirs) $(DESTDIR)$(configdir)/session.d
+ $(mkinstalldirs) $(DESTDIR)$(datadir)/dbus-1/services
+ $(mkinstalldirs) $(DESTDIR)$(datadir)/dbus-1/system-services
+ # Install dbus.socket as default implementation of a D-Bus stack.
+
+--- dbus-1.6.4/tools/Makefile.in 2013-09-11 16:10:31.000000000 +0200
++++ dbus-1.6.4/tools/Makefile.in 2013-09-11 16:10:32.000000000 +0200
+@@ -757,11 +757,6 @@ uninstall-am: uninstall-binPROGRAMS
+
+
+ # create the /var/lib/dbus directory for dbus-uuidgen
+-install-data-local:
+- $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/dbus
+-
+-installcheck-local:
+- test -d $(DESTDIR)$(localstatedir)/lib/dbus
+
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/gnu/packages/patches/gnutls-fix-tests-on-32-bits-system.patch b/gnu/packages/patches/gnutls-fix-tests-on-32-bits-system.patch
deleted file mode 100644
index 07d633149e..0000000000
--- a/gnu/packages/patches/gnutls-fix-tests-on-32-bits-system.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From b12040aeab5fbaf02677571db1d8bf1995bd5ee0 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-Date: Sun, 2 Jun 2013 12:10:06 +0200
-Subject: [PATCH] Avoid comparing the expiration date to prevent false positive
-error in 32-bit systems.
-
----
- tests/cert-tests/pem-decoding | 6 ++++--
- 1 files changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/tests/cert-tests/pem-decoding b/tests/cert-tests/pem-decoding
-index fe769ec..f8c6372 100755
---- tests/cert-tests/pem-decoding
-+++ tests/cert-tests/pem-decoding
-@@ -61,7 +61,9 @@ if test "$rc" != "0"; then
- exit $rc
- fi
-
--diff $srcdir/complex-cert.pem tmp-pem.pem
-+cat $srcdir/complex-cert.pem |grep -v "Not After:" >tmp1
-+cat $srcdir/tmp-pem.pem |grep -v "Not After:" >tmp2
-+diff tmp1 tmp2
- rc=$?
-
- if test "$rc" != "0"; then
-@@ -69,6 +71,6 @@ if test "$rc" != "0"; then
- exit $rc
- fi
-
--rm -f tmp-pem.pem
-+rm -f tmp-pem.pem tmp1 tmp2
-
- exit 0
---
-1.7.1
-
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index b7ce8ad8aa..9a0e3e274b 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -100,7 +100,7 @@ rasterisation.")
(define-public libdrm
(package
(name "libdrm")
- (version "2.4.42")
+ (version "2.4.46")
(source
(origin
(method url-fetch)
@@ -110,7 +110,7 @@ rasterisation.")
".tar.bz2"))
(sha256
(base32
- "1qbnpi64hyqzd650hj6jki1d50pzypdhj3rw9m3whwbqly110rz0"))))
+ "1wah4qmrrcv0gnx65lhrlxb6gprxch92wy8lhxv6102fml6k5krk"))))
(build-system gnu-build-system)
(inputs
`(("libpciaccess" ,libpciaccess)
@@ -4139,9 +4139,9 @@ tracking.")
(define-public mesa
(package
(name "mesa")
- ;; In newer versions (9.0.5 and 9.1 tested), "make" results in an
+ ;; In newer versions (9.0.5, 9.1 and 9.2 tested), "make" results in an
;; infinite configure loop, see
- ;; https://bugs.freedesktop.org/show_bug.cgi?id=61527
+ ;; https://bugs.freedesktop.org/show_bug.cgi?id=58812
(version "8.0.5")
(source
(origin
diff --git a/gnu/system/grub.scm b/gnu/system/grub.scm
new file mode 100644
index 0000000000..695a044bfa
--- /dev/null
+++ b/gnu/system/grub.scm
@@ -0,0 +1,84 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu system grub)
+ #:use-module (guix store)
+ #:use-module (guix packages)
+ #:use-module (guix derivations)
+ #:use-module (guix records)
+ #:use-module (ice-9 match)
+ #:use-module (srfi srfi-1)
+ #:export (menu-entry
+ menu-entry?
+ grub-configuration-file))
+
+;;; Commentary:
+;;;
+;;; Configuration of GNU GRUB.
+;;;
+;;; Code:
+
+(define-record-type* <menu-entry>
+ menu-entry make-menu-entry
+ menu-entry?
+ (label menu-entry-label)
+ (linux menu-entry-linux)
+ (linux-arguments menu-entry-linux-arguments
+ (default '()))
+ (initrd menu-entry-initrd))
+
+(define* (grub-configuration-file store entries
+ #:key (default-entry 1) (timeout 5)
+ (system (%current-system)))
+ "Return the GRUB configuration file in STORE for ENTRIES, a list of
+<menu-entry> objects, defaulting to DEFAULT-ENTRY and with the given TIMEOUT."
+ (define prologue
+ (format #f "
+set default=~a
+set timeout=~a
+search.file ~a~%"
+ default-entry timeout
+ (any (match-lambda
+ (($ <menu-entry> _ linux)
+ (let* ((drv (package-derivation store linux system))
+ (out (derivation-path->output-path drv)))
+ (string-append out "/bzImage"))))
+ entries)))
+
+ (define entry->text
+ (match-lambda
+ (($ <menu-entry> label linux arguments initrd)
+ (let ((linux-drv (package-derivation store linux system))
+ (initrd-drv (package-derivation store initrd system)))
+ ;; XXX: Assume that INITRD is a directory containing an 'initrd' file.
+ (format #f "menuentry ~s {
+ linux ~a/bzImage ~a
+ initrd ~a/initrd
+}~%"
+ label
+ (derivation-path->output-path linux-drv)
+ (string-join arguments)
+ (derivation-path->output-path initrd-drv))))))
+
+ (add-text-to-store store "grub.cfg"
+ (string-append prologue
+ (string-concatenate
+ (map entry->text entries)))
+ '()))
+
+;;; grub.scm ends here
diff --git a/gnu/system/linux.scm b/gnu/system/linux.scm
new file mode 100644
index 0000000000..b2daa13e06
--- /dev/null
+++ b/gnu/system/linux.scm
@@ -0,0 +1,145 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu system linux)
+ #:use-module (guix store)
+ #:use-module (guix records)
+ #:use-module (guix derivations)
+ #:use-module (ice-9 match)
+ #:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-26)
+ #:use-module ((guix utils) #:select (%current-system))
+ #:export (pam-service
+ pam-entry
+ pam-services->directory
+ %pam-other-services
+ unix-pam-service))
+
+;;; Commentary:
+;;;
+;;; Configuration of Linux-related things, including pluggable authentication
+;;; modules (PAM).
+;;;
+;;; Code:
+
+;; PAM services (see
+;; <http://www.linux-pam.org/Linux-PAM-html/sag-configuration-file.html>.)
+(define-record-type* <pam-service> pam-service
+ make-pam-service
+ pam-service?
+ (name pam-service-name) ; string
+
+ ;; The four "management groups".
+ (account pam-service-account ; list of <pam-entry>
+ (default '()))
+ (auth pam-service-auth
+ (default '()))
+ (password pam-service-password
+ (default '()))
+ (session pam-service-session
+ (default '())))
+
+(define-record-type* <pam-entry> pam-entry
+ make-pam-entry
+ pam-entry?
+ (control pam-entry-control) ; string
+ (module pam-entry-module) ; file name
+ (arguments pam-entry-arguments ; list of strings
+ (default '())))
+
+(define (pam-service->configuration service)
+ "Return the configuration string for SERVICE, to be dumped in
+/etc/pam.d/NAME, where NAME is the name of SERVICE."
+ (define (entry->string type entry)
+ (match entry
+ (($ <pam-entry> control module (arguments ...))
+ (string-append type " "
+ control " " module " "
+ (string-join arguments)
+ "\n"))))
+
+ (match service
+ (($ <pam-service> name account auth password session)
+ (string-concatenate
+ (append (map (cut entry->string "account" <>) account)
+ (map (cut entry->string "auth" <>) auth)
+ (map (cut entry->string "password" <>) password)
+ (map (cut entry->string "session" <>) session))))))
+
+(define (pam-services->directory store services)
+ "Return the derivation to build the configuration directory to be used as
+/etc/pam.d for SERVICES."
+ (let ((names (map pam-service-name services))
+ (files (map (match-lambda
+ ((and service ($ <pam-service> name))
+ (let ((config (pam-service->configuration service)))
+ (add-text-to-store store
+ (string-append name ".pam")
+ config '()))))
+ services)))
+ (define builder
+ '(begin
+ (use-modules (ice-9 match))
+
+ (let ((out (assoc-ref %outputs "out")))
+ (mkdir out)
+ (for-each (match-lambda
+ ((name . file)
+ (symlink file (string-append out "/" name))))
+ %build-inputs)
+ #t)))
+
+ (build-expression->derivation store "pam.d" (%current-system)
+ builder
+ (zip names files))))
+
+(define %pam-other-services
+ ;; The "other" PAM configuration, which denies everything (see
+ ;; <http://www.linux-pam.org/Linux-PAM-html/sag-configuration-example.html>.)
+ (let ((deny (pam-entry
+ (control "required")
+ (module "pam_deny.so"))))
+ (pam-service
+ (name "other")
+ (account (list deny))
+ (auth (list deny))
+ (password (list deny))
+ (session (list deny)))))
+
+(define unix-pam-service
+ (let ((unix (pam-entry
+ (control "required")
+ (module "pam_unix.so"))))
+ (lambda* (name #:key allow-empty-passwords?)
+ "Return a standard Unix-style PAM service for NAME. When
+ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords."
+ ;; See <http://www.linux-pam.org/Linux-PAM-html/sag-configuration-example.html>.
+ (let ((name* name))
+ (pam-service
+ (name name*)
+ (account (list unix))
+ (auth (list (if allow-empty-passwords?
+ (pam-entry
+ (control "required")
+ (module "pam_unix.so")
+ (arguments '("nullok")))
+ unix)))
+ (password (list unix))
+ (session (list unix)))))))
+
+;;; linux.scm ends here
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
new file mode 100644
index 0000000000..71f8e0d771
--- /dev/null
+++ b/gnu/system/shadow.scm
@@ -0,0 +1,57 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu system shadow)
+ #:use-module (guix store)
+ #:use-module (ice-9 match)
+ #:export (passwd-file))
+
+;;; Commentary:
+;;;
+;;; Utilities for configuring the Shadow tool suite ('login', 'passwd', etc.)
+;;;
+;;; Code:
+
+(define* (passwd-file store accounts #:key shadow?)
+ "Return a password file for ACCOUNTS, a list of vectors as returned by
+'getpwnam'. If SHADOW? is true, then it is a /etc/shadow file, otherwise it
+is a /etc/passwd file."
+ ;; XXX: The resulting file is world-readable, so beware when SHADOW? is #t!
+ (define contents
+ (let loop ((accounts accounts)
+ (result '()))
+ (match accounts
+ ((#(name pass uid gid comment home-dir shell) rest ...)
+ (loop rest
+ (cons (if shadow?
+ (string-append name
+ ":" ; XXX: use (crypt PASS …)?
+ ":::::::")
+ (string-append name
+ ":" "x"
+ ":" (number->string uid)
+ ":" (number->string gid)
+ ":" comment ":" home-dir ":" shell))
+ result)))
+ (()
+ (string-join (reverse result) "\n" 'suffix)))))
+
+ (add-text-to-store store (if shadow? "shadow" "passwd")
+ contents '()))
+
+;;; shadow.scm ends here
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 3bc94f4575..192ed1d5a3 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -21,7 +21,11 @@
#:use-module (guix store)
#:use-module (guix derivations)
#:use-module (guix packages)
- #:use-module ((gnu packages base) #:select (%final-inputs guile-final))
+ #:use-module ((gnu packages base) #:select (%final-inputs
+ guile-final
+ coreutils))
+ #:use-module (gnu packages guile)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages qemu)
#:use-module (gnu packages parted)
#:use-module (gnu packages grub)
@@ -29,13 +33,19 @@
#:use-module (gnu packages linux-initrd)
#:use-module ((gnu packages make-bootstrap)
#:select (%guile-static-stripped))
- #:use-module ((gnu packages system)
- #:select (shadow))
+ #:use-module (gnu packages system)
+
+ #:use-module (gnu system shadow)
+ #:use-module (gnu system linux)
+ #:use-module (gnu system grub)
+
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match)
+
#:export (expression->derivation-in-linux-vm
- qemu-image))
+ qemu-image
+ system-qemu-image))
;;; Commentary:
@@ -71,6 +81,9 @@ DISK-IMAGE-SIZE bytes and return it.
When REFERENCES-GRAPHS is true, it must be a list of file name/store path
pairs, as for `derivation'. The files containing the reference graphs are
made available under the /xchg CIFS share."
+ ;; FIXME: Allow use of macros from other modules, as done in
+ ;; `build-expression->derivation'.
+
(define input-alist
(map (match-lambda
((input (? package? package))
@@ -176,19 +189,20 @@ made available under the /xchg CIFS share."
(name "qemu-image")
(system (%current-system))
(disk-image-size (* 100 (expt 2 20)))
- (linux linux-libre)
- (initrd qemu-initrd)
+ grub-configuration
+ (populate #f)
(inputs '())
- (inputs-to-copy '())
- (boot-expression #f))
- "Return a bootable, stand-alone QEMU image.
+ (inputs-to-copy '()))
+ "Return a bootable, stand-alone QEMU image. The returned image is a full
+disk image, with a GRUB installation that uses GRUB-CONFIGURATION as its
+configuration file.
INPUTS-TO-COPY is a list of inputs (as for packages) whose closure is copied
into the image being built.
-When BOOT-EXPRESSION is true, it is an expression to evaluate when the basic
-initialization is done. A typical example is `(execl ...)' to launch the init
-process."
+When POPULATE is true, it must be the store file name of a Guile script to run
+in the disk image partition once it has been populated with INPUTS-TO-COPY.
+It can be used to provide additional files, such as /etc files."
(define input->name+derivation
(match-lambda
((name (? package? package))
@@ -197,20 +211,17 @@ process."
((name (? package? package) sub-drv)
`(,name . ,(derivation-path->output-path
(package-derivation store package system)
- sub-drv)))))
-
- (define loader
- (and boot-expression
- (add-text-to-store store "loader"
- (object->string boot-expression)
- '())))
+ sub-drv)))
+ ((input (and (? string?) (? store-path?) file))
+ `(,input . ,file))))
(expression->derivation-in-linux-vm
store "qemu-image"
`(let ()
(use-modules (ice-9 rdelim)
(srfi srfi-1)
- (guix build utils))
+ (guix build utils)
+ (guix build linux-initrd))
(let ((parted (string-append (assoc-ref %build-inputs "parted")
"/sbin/parted"))
@@ -220,12 +231,7 @@ process."
"/sbin/grub-install"))
(umount (string-append (assoc-ref %build-inputs "util-linux")
"/bin/umount")) ; XXX: add to Guile
- (initrd (string-append (assoc-ref %build-inputs "initrd")
- "/initrd"))
- (linux (string-append (assoc-ref %build-inputs "linux")
- "/bzImage"))
- (makedev (lambda (major minor)
- (+ (* major 256) minor))))
+ (grub.cfg (assoc-ref %build-inputs "grub.cfg")))
(define (read-reference-graph port)
;; Return a list of store paths from the reference graph at PORT.
@@ -265,7 +271,6 @@ process."
(assoc-ref %build-inputs "gawk") "/bin"))
(display "creating partition table...\n")
- (mknod "/dev/vda" 'block-special #o644 (makedev 8 0))
(and (zero? (system* parted "/dev/vda" "mklabel" "msdos"
"mkpart" "primary" "ext2" "1MiB"
,(format #f "~aB"
@@ -273,15 +278,13 @@ process."
(* 5 (expt 2 20))))))
(begin
(display "creating ext3 partition...\n")
- (mknod "/dev/vda1" 'block-special #o644 (makedev 8 1))
(and (zero? (system* mkfs "-F" "/dev/vda1"))
(begin
(display "mounting partition...\n")
(mkdir "/fs")
(mount "/dev/vda1" "/fs" "ext3")
(mkdir-p "/fs/boot/grub")
- (copy-file linux "/fs/boot/bzImage")
- (copy-file initrd "/fs/boot/initrd")
+ (symlink grub.cfg "/fs/boot/grub/grub.cfg")
;; Populate the image's store.
(mkdir-p (string-append "/fs" ,%store-directory))
@@ -289,39 +292,41 @@ process."
(copy-recursively thing
(string-append "/fs"
thing)))
- (things-to-copy))
-
- (call-with-output-file "/fs/boot/grub/grub.cfg"
- (lambda (p)
- (format p "
-set default=1
-set timeout=5
-search.file /boot/bzImage
-
-menuentry \"Boot-to-Guile! (GNU System technology preview)\" {
- linux /boot/bzImage --root=/dev/vda1 ~a
- initrd /boot/initrd
-}"
- ,(if loader
- (string-append "--load=" loader)
- ""))))
+ (cons grub.cfg (things-to-copy)))
+
+ ;; Populate /dev.
+ (make-essential-device-nodes #:root "/fs")
+
+ (and=> (assoc-ref %build-inputs "populate")
+ (lambda (populate)
+ (chdir "/fs")
+ (primitive-load populate)
+ (chdir "/")))
+
+ (display "clearing file timestamps...\n")
+ (for-each (lambda (file)
+ (let ((s (lstat file)))
+ ;; XXX: Guile uses libc's 'utime' function
+ ;; (not 'futime'), so the timestamp of
+ ;; symlinks cannot be changed, and there
+ ;; are symlinks here pointing to
+ ;; /nix/store, which is the host,
+ ;; read-only store.
+ (unless (eq? (stat:type s) 'symlink)
+ (utime file 0 0 0 0))))
+ (find-files "/fs" ".*"))
+
(and (zero?
(system* grub "--no-floppy"
"--boot-directory" "/fs/boot"
"/dev/vda"))
- (zero?
- (system* umount "/fs"))
+ (zero? (system* umount "/fs"))
(reboot))))))))
#:system system
#:inputs `(("parted" ,parted)
("grub" ,grub)
("e2fsprogs" ,e2fsprogs)
- ("linux" ,linux-libre)
- ("initrd" ,initrd)
-
- ,@(if loader
- `(("loader" ,loader))
- '())
+ ("grub.cfg" ,grub-configuration)
;; For shell scripts.
("sed" ,(car (assoc-ref %final-inputs "sed")))
@@ -331,49 +336,99 @@ menuentry \"Boot-to-Guile! (GNU System technology preview)\" {
("gawk" ,(car (assoc-ref %final-inputs "gawk")))
("util-linux" ,util-linux)
+ ,@(if populate
+ `(("populate" ,populate))
+ '())
+
,@inputs-to-copy)
#:make-disk-image? #t
#:disk-image-size disk-image-size
#:references-graphs (map input->name+derivation inputs-to-copy)
- #:modules '((guix build utils))))
+ #:modules '((guix build utils)
+ (guix build linux-initrd))))
;;;
-;;; Guile 2.0 potluck examples.
+;;; Stand-alone VM image.
;;;
-(define (example1)
- (let ((store #f))
- (dynamic-wind
- (lambda ()
- (set! store (open-connection)))
- (lambda ()
- (parameterize ((%guile-for-build (package-derivation store guile-final)))
- (expression->derivation-in-linux-vm
- store "vm-test"
- '(begin
- (display "hello from boot!\n")
- (call-with-output-file "/xchg/hello"
- (lambda (p)
- (display "world" p)))))))
- (lambda ()
- (close-connection store)))))
-
-(define (example2)
- (let ((store #f))
- (dynamic-wind
- (lambda ()
- (set! store (open-connection)))
- (lambda ()
- (parameterize ((%guile-for-build (package-derivation store guile-final)))
- (let* ((drv (package-derivation store shadow))
- (login (string-append (derivation-path->output-path drv)
- "/bin/login")))
- (qemu-image store
- #:boot-expression `(execl ,login "login" "tty1")
- #:disk-image-size (* 400 (expt 2 20))
- #:inputs-to-copy `(("shadow" ,shadow))))))
- (lambda ()
- (close-connection store)))))
+(define (system-qemu-image store)
+ "Return the derivation of a QEMU image of the GNU system."
+ (define %pam-services
+ ;; Services known to PAM.
+ (list %pam-other-services
+ (unix-pam-service "login" #:allow-empty-passwords? #t)))
+
+ (parameterize ((%guile-for-build (package-derivation store guile-final)))
+ (let* ((bash-drv (package-derivation store bash))
+ (bash-file (string-append (derivation-path->output-path bash-drv)
+ "/bin/bash"))
+ (accounts (list (vector "root" "" 0 0 "System administrator"
+ "/" bash-file)))
+ (passwd (passwd-file store accounts))
+ (shadow (passwd-file store accounts #:shadow? #t))
+ (pam.d-drv (pam-services->directory store %pam-services))
+ (pam.d (derivation-path->output-path pam.d-drv))
+ (populate
+ (add-text-to-store store "populate-qemu-image"
+ (object->string
+ `(begin
+ (mkdir-p "etc")
+ (symlink ,shadow "etc/shadow")
+ (symlink ,passwd "etc/passwd")
+ (symlink "/dev/null"
+ "etc/login.defs")
+ (symlink ,pam.d "etc/pam.d")
+ (mkdir-p "var/run")))
+ (list passwd)))
+ (out (derivation-path->output-path
+ (package-derivation store mingetty)))
+ (getty (string-append out "/sbin/mingetty"))
+ (iu-drv (package-derivation store inetutils))
+ (syslogd (string-append (derivation-path->output-path iu-drv)
+ "/libexec/syslogd"))
+ (boot (add-text-to-store store "boot"
+ (object->string
+ `(begin
+ ;; Become the session leader,
+ ;; so that mingetty can do
+ ;; 'TIOCSCTTY'.
+ (setsid)
+
+ (when (zero? (primitive-fork))
+ (format #t "starting syslogd as ~a~%"
+ (getpid))
+ (execl ,syslogd "syslogd"))
+
+ ;; Directly into mingetty. XXX
+ ;; (execl ,getty "mingetty"
+ ;; "--noclear" "tty1")
+ (execl ,bash-file "bash")))
+ (list out)))
+ (entries (list (menu-entry
+ (label "Boot-to-Guile! (GNU System technology preview)")
+ (linux linux-libre)
+ (linux-arguments `("--root=/dev/vda1"
+ ,(string-append "--load=" boot)))
+ (initrd gnu-system-initrd))))
+ (grub.cfg (grub-configuration-file store entries)))
+ (build-derivations store (list pam.d-drv))
+ (qemu-image store
+ #:grub-configuration grub.cfg
+ #:populate populate
+ #:disk-image-size (* 400 (expt 2 20))
+ #:inputs-to-copy `(("boot" ,boot)
+ ("linux" ,linux-libre)
+ ("initrd" ,gnu-system-initrd)
+ ("coreutils" ,coreutils)
+ ("bash" ,bash)
+ ("guile" ,guile-2.0)
+ ("mingetty" ,mingetty)
+ ("inetutils" ,inetutils)
+
+ ;; Configuration.
+ ("etc-pam.d" ,pam.d)
+ ("etc-passwd" ,passwd)
+ ("etc-shadow" ,shadow))))))
;;; vm.scm ends here
generated by cgit v1.2.3 (git 2.45.0) at 2024-12-16 17:47:21 +0000