From 78d6d5e8d9b10affb4a97dfe869ae4646b3c3c98 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 3 May 2019 17:12:09 +0200 Subject: shepherd: Include /etc/localtime in service containers. Fixes a bug whereby Tor (for example) would emit syslog messages with a UTC timestamp instead of local time. * gnu/build/shepherd.scm (default-mounts): Add /etc/localtime to MAPPINGS. --- gnu/build/shepherd.scm | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'gnu/build') diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm index f383259924..cf68f2108b 100644 --- a/gnu/build/shepherd.scm +++ b/gnu/build/shepherd.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2017, 2018 Ludovic Courtès +;;; Copyright © 2017, 2018, 2019 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -81,6 +81,14 @@ (not (memq 'user namespaces))) accounts '()) + + ;; Tell the process what timezone we're in. This + ;; makes sure that, for instance, its syslog + ;; messages have the correct timestamp. + ,(file-system-mapping + (source "/etc/localtime") + (target source)) + ,%store-mapping))) ;XXX: coarse-grain (map file-system-mapping->bind-mount (filter (lambda (mapping) -- cgit v1.2.3 From 604b167bf27d307c5bd30145b6486f90417d0d06 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 15 May 2019 12:06:34 +0200 Subject: marionette: Add braces to the keystrokes. * gnu/build/marionette.scm (%qwerty-us-keystrokes): Add braces. --- gnu/build/marionette.scm | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'gnu/build') diff --git a/gnu/build/marionette.scm b/gnu/build/marionette.scm index f94eab5cc0..1dbe385e89 100644 --- a/gnu/build/marionette.scm +++ b/gnu/build/marionette.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2016, 2017, 2018 Ludovic Courtès +;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès ;;; Copyright © 2018 Chris Marusich ;;; ;;; This file is part of GNU Guix. @@ -310,6 +310,8 @@ PREDICATE, whichever comes first. Raise an error when TIMEOUT is exceeded." (#\? . "shift-slash") (#\[ . "bracket_left") (#\] . "bracket_right") + (#\{ . "shift-bracket_left") + (#\} . "shift-bracket_right") (#\( . "shift-9") (#\) . "shift-0") (#\/ . "slash") -- cgit v1.2.3 From 1d86b05618a063378d7ffc89a9b4c33dd65a760c Mon Sep 17 00:00:00 2001 From: Danny Milosavljevic Date: Sat, 18 May 2019 17:49:05 +0200 Subject: vm: Create installation media with MBR and HFS only, no GPT. * gnu/build/vm.scm (make-iso9660-image): Accept XORRISO, GRUB-MKRESCUE-ENVIRONMENT. * gnu/system/vm.scm (iso9660-image): Pass XORRISO; accept GRUB-MKRESCUE-ENVIRONMENT. (system-disk-image): Pass GRUB-MKRESCUE-ENVIRONMENT. * gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch: New file. * gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch: New file. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/cdrom.scm (xorriso)[source]: Add patches. [arguments]<#:phases>[install-frontends]: Add phase. --- gnu/build/vm.scm | 18 +++- gnu/local.mk | 4 +- gnu/packages/cdrom.scm | 14 ++- .../patches/xorriso-no-mbr-in-inner-efi.patch | 47 +++++++++ .../xorriso-no-partition-table-in-inner-efi.patch | 107 +++++++++++++++++++++ gnu/system/vm.scm | 11 ++- 6 files changed, 194 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch create mode 100644 gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch (limited to 'gnu/build') diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm index ac99d6b1a3..a5d9fefa62 100644 --- a/gnu/build/vm.scm +++ b/gnu/build/vm.scm @@ -423,7 +423,8 @@ SYSTEM-DIRECTORY is the name of the directory of the 'system' derivation." ;; Graft the configuration file onto the image. (string-append "boot/grub/grub.cfg=" config-file)))) -(define* (make-iso9660-image grub config-file os-drv target +(define* (make-iso9660-image xorriso grub-mkrescue-environment + grub config-file os-drv target #:key (volume-id "Guix_image") (volume-uuid #f) register-closures? (closures '())) "Given a GRUB package, creates an iso image as TARGET, using CONFIG-FILE as @@ -431,6 +432,9 @@ GRUB configuration and OS-DRV as the stuff in it." (define grub-mkrescue (string-append grub "/bin/grub-mkrescue")) + (define grub-mkrescue-sed.sh + (string-append xorriso "/bin/grub-mkrescue-sed.sh")) + (define target-store (string-append "/tmp/root" (%store-directory))) @@ -483,9 +487,19 @@ GRUB configuration and OS-DRV as the stuff in it." #x77777777) 16)) + (setenv "MKRESCUE_SED_MODE" "original") + (setenv "MKRESCUE_SED_XORRISO" (string-append xorriso + "/bin/xorriso")) + (setenv "MKRESCUE_SED_IN_EFI_NO_PT" "yes") + (for-each (match-lambda + ((name . value) (setenv name value))) + grub-mkrescue-environment) + (let ((pipe (apply open-pipe* OPEN_WRITE - grub-mkrescue "-o" target + grub-mkrescue + (string-append "--xorriso=" grub-mkrescue-sed.sh) + "-o" target (string-append "boot/grub/grub.cfg=" config-file) "etc=/tmp/root/etc" "var=/tmp/root/var" diff --git a/gnu/local.mk b/gnu/local.mk index ac55e1dd28..694bbfd367 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1372,7 +1372,9 @@ dist_patch_DATA = \ %D%/packages/patches/xfce4-session-fix-xflock4.patch \ %D%/packages/patches/xfce4-settings-defaults.patch \ %D%/packages/patches/xinetd-fix-fd-leak.patch \ - %D%/packages/patches/xinetd-CVE-2013-4342.patch + %D%/packages/patches/xinetd-CVE-2013-4342.patch \ + %D%/packages/patches/xorriso-no-partition-table-in-inner-efi.patch \ + %D%/packages/patches/xorriso-no-mbr-in-inner-efi.patch MISC_DISTRO_FILES = \ %D%/packages/ld-wrapper.in diff --git a/gnu/packages/cdrom.scm b/gnu/packages/cdrom.scm index 2bd5745ad3..8d9778176f 100644 --- a/gnu/packages/cdrom.scm +++ b/gnu/packages/cdrom.scm @@ -162,8 +162,20 @@ libcdio.") version ".tar.gz")) (sha256 (base32 - "0aq6lvlwlkxz56l5sbvgycr6j5c82ch2bv6zrnc2345ibfpafgx9")))) + "0aq6lvlwlkxz56l5sbvgycr6j5c82ch2bv6zrnc2345ibfpafgx9")) + (patches + (search-patches "xorriso-no-partition-table-in-inner-efi.patch" + "xorriso-no-mbr-in-inner-efi.patch")))) (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'install 'install-frontends + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (out-bin (string-append out "/bin"))) + (install-file "frontend/grub-mkrescue-sed.sh" out-bin) + #t)))))) (inputs `(("acl" ,acl) ("readline" ,readline) diff --git a/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch new file mode 100644 index 0000000000..a43889d2c6 --- /dev/null +++ b/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch @@ -0,0 +1,47 @@ +https://dev.lovelyhq.com/libburnia/libisoburn/commit/1eb51f44dadb8b6c5f87533ca357186cdc1ac625 +diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh +index b3948c99..dcd9d696 100755 +--- a/frontend/grub-mkrescue-sed.sh ++++ b/frontend/grub-mkrescue-sed.sh +@@ -120,6 +120,7 @@ fi + # "yes" overwrites the MBR partition table area in the EFI boot image by zeros. + # Some EFI implementations get stuck when seeing in the EFI partition a + # partition table entry which begins at LBA 0. ++# "extra" not only zeros the partition table but also the MBR signature. + efi_zero_inner_pt=no + if test -n "$MKRESCUE_SED_IN_EFI_NO_PT" + then +@@ -192,24 +193,31 @@ then + find "$dir" + fi + +-if test "$efi_zero_inner_pt" = yes ++if test "$efi_zero_inner_pt" = yes -o "$efi_zero_inner_pt" = extra + then + did_dd=0 + if test -e "$dir"/efi.img + then ++ # Look for 0x55 0xAA in bytes 510 and 511 + magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \ + od -c | head -1 | awk '{print $2 " " $3}') + if test "$magic" = "U 252" + then ++ echo "Performing actions for MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2 + dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img + did_dd=1 ++ if test "$efi_zero_inner_pt" = extra ++ then ++ dd if=/dev/zero bs=1 seek=510 count=2 conv=notrunc of="$dir"/efi.img ++ fi ++ echo >&2 + fi + fi + if test "$did_dd" = 0 + then + echo >&2 + echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2 +- echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2 ++ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2 + echo >&2 + fi + fi diff --git a/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch new file mode 100644 index 0000000000..a719ca1f89 --- /dev/null +++ b/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch @@ -0,0 +1,107 @@ +https://dev.lovelyhq.com/libburnia/libisoburn/commit/3a2a3ba737a06162c22ace0ae09d33ba97aa2673 +diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh +index d772ff22..b3948c99 100755 +--- a/frontend/grub-mkrescue-sed.sh ++++ b/frontend/grub-mkrescue-sed.sh +@@ -1,6 +1,6 @@ + #!/bin/sh + +-# Copyright (C) 2015 - 2016 ++# Copyright (C) 2015 - 2019 + # Thomas Schmitt , libburnia-project.org + # Provided under BSD license: Use, modify, and distribute as you like. + +@@ -117,6 +117,15 @@ fi + # command line.) + # Each argument must be a single word. No whitespace. No quotation marks. + ++# "yes" overwrites the MBR partition table area in the EFI boot image by zeros. ++# Some EFI implementations get stuck when seeing in the EFI partition a ++# partition table entry which begins at LBA 0. ++efi_zero_inner_pt=no ++if test -n "$MKRESCUE_SED_IN_EFI_NO_PT" ++then ++ efi_zero_inner_pt="$MKRESCUE_SED_IN_EFI_NO_PT" ++fi ++ + + # + # Do the work +@@ -183,12 +192,48 @@ then + find "$dir" + fi + ++if test "$efi_zero_inner_pt" = yes ++then ++ did_dd=0 ++ if test -e "$dir"/efi.img ++ then ++ magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \ ++ od -c | head -1 | awk '{print $2 " " $3}') ++ if test "$magic" = "U 252" ++ then ++ dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img ++ did_dd=1 ++ fi ++ fi ++ if test "$did_dd" = 0 ++ then ++ echo >&2 ++ echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2 ++ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2 ++ echo >&2 ++ fi ++fi ++ + efi_tmp_name= ++if test x"$mode" = xmjg \ ++ -o x"$mode" = xmbr_only \ ++ -o x"$mode" = xgpt_appended \ ++ -o x"$mode" = xmbr_hfs ++then ++ # Move EFI partition image file out of the "$dir" tree, i.e. out of the ISO ++ efi_tmp_name=grub-mkrescue-sed-efi-img.$$ ++ if test -e "$dir"/efi.img ++ then ++ mv "$dir"/efi.img /tmp/$efi_tmp_name ++ elif test -e /tmp/$efi_tmp_name ++ then ++ rm /tmp/$efi_tmp_name ++ fi ++fi ++ + if test x"$mode" = xmjg + then + # Exchange arguments for the experimental GRUB2 mjg layout +- efi_tmp_name=grub-mkrescue-sed-efi-img.$$ +- mv "$dir"/efi.img /tmp/$efi_tmp_name + x=$(echo " $*" | sed \ + -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition $partno 0xef \/tmp\/$efi_tmp_name/" \ + -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_${partno}:all:: -no-emul-boot -isohybrid-gpt-basdat/" \ +@@ -207,8 +252,6 @@ then + elif test x"$mode" = xmbr_only + then + # Exchange arguments for no-HFS MBR-only layout +- efi_tmp_name=grub-mkrescue-sed-efi-img.$$ +- mv "$dir"/efi.img /tmp/$efi_tmp_name + x=$(echo " $*" | sed \ + -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \ + -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \ +@@ -228,8 +271,6 @@ then + elif test x"$mode" = xmbr_hfs + then + # Exchange arguments for MBR and HFS+ layout +- efi_tmp_name=grub-mkrescue-sed-efi-img.$$ +- mv "$dir"/efi.img /tmp/$efi_tmp_name + x=$(echo " $*" | sed \ + -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \ + -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \ +@@ -247,8 +288,6 @@ then + elif test x"$mode" = xgpt_appended + then + # Exchange arguments for no-HFS MBR-only layout +- efi_tmp_name=grub-mkrescue-sed-efi-img.$$ +- mv "$dir"/efi.img /tmp/$efi_tmp_name + x=$(echo " $*" | sed \ + -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name -appended_part_as_gpt -partition_offset 16/" \ + -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \ diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index aa37896498..0d4ed63eec 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -266,7 +266,8 @@ made available under the /xchg CIFS share." bootcfg-drv bootloader (register-closures? (has-guix-service-type? os)) - (inputs '())) + (inputs '()) + (grub-mkrescue-environment '())) "Return a bootable, stand-alone iso9660 image. INPUTS is a list of inputs (as for packages)." @@ -313,7 +314,9 @@ INPUTS is a list of inputs (as for packages)." inputs))) (set-path-environment-variable "PATH" '("bin" "sbin") inputs) - (make-iso9660-image #$(bootloader-package bootloader) + (make-iso9660-image #$xorriso + '#$grub-mkrescue-environment + #$(bootloader-package bootloader) #$bootcfg-drv #$os "/xchg/guixsd.iso" @@ -704,7 +707,9 @@ to USB sticks meant to be read-only." #:bootloader (bootloader-configuration-bootloader (operating-system-bootloader os)) #:inputs `(("system" ,os) - ("bootcfg" ,bootcfg))) + ("bootcfg" ,bootcfg)) + #:grub-mkrescue-environment + '(("MKRESCUE_SED_MODE" . "mbr_hfs"))) (qemu-image #:name name #:os os #:bootcfg-drv bootcfg -- cgit v1.2.3