Commit graph

590 commits

Author SHA1 Message Date
Giacomo Leidi
a1ecd7f56c
system: Add /etc/subuid and /etc/subgid support.
This commit adds a Guix System service to handle allocation of subuid
and subgid requests.  Users that don't care can just add themselves as a
subid-range and don't need to specify anything but their user name.
Users that care about specific ranges, such as possibly LXD, can specify
a start and a count.

* doc/guix.texi (Miscellaneous Services): Document it.
* gnu/build/activation.scm (activate-subuids+subgids): New variable.
* gnu/local.mk: Add gnu/tests/shadow.scm.
* gnu/system/accounts.scm (sexp->subid-range): New variable.
* gnu/system/shadow.scm (%root-subid): New variable;
(subids-configuration): new record;
(subid-range->gexp): new variable;
(assert-valid-subids): new variable;
(delete-duplicate-ranges): new variable;
(subids-activation): new variable;
(subids-extension): new record;
(append-subid-ranges): new variable;
(subids-extension-merge): new variable;
(subids-service-type): new variable.
* gnu/tests/shadow.scm (subids): New system test.

Change-Id: I3755e1c75771220c74fe8ae5de1a7d90f2376635
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-12-18 18:32:40 +01:00
Giacomo Leidi
337037d22c
accounts: Add /etc/subid and /etc/subgid allocation logic.
This commit adds allocation logic for subid ranges. Subid ranges are
ranges of contiguous subids that are mapped to a user in the host
system. This patch implements a flexible allocation algorithm allowing
users that do not want (or need) to specify details of the subid ranges
that they are requesting to avoid doing so, while upholding requests of
users that need to have specific ranges.

* gnu/build/accounts.scm (%subordinate-id-min): New variable;
(%subordinate-id-max): new variable;
(%subordinate-id-count): new variable;
(subordinate-id?): new variable;
(&subordinate-id-error): new variable;
(&subordinate-id-overflow-error): new variable;
(&illegal-subid-range-error): new variable;
(&specific-subid-range-expected-error): new variable;
(&generic-subid-range-expected-error): new variable;
(within-interval?): new variable;
(allocate-unused-range): new variable;
(allocate-generic-range): new variable;
(allocate-specific-range): new variable;
(reserve-subids): new variable;
(range->entry): new variable;
(entry->range): new variable;
(allocate-subids): new variable;
(subuid+subgid-databases): new variable.

* gnu/system/accounts.scm (subid-range-end): New variable;
(subid-range-has-start?): new variable;
(subid-range-less): new variable.

* test/accounts.scm: Test them.

Change-Id: I8de1fd7cfe508b9c76408064d6f498471da0752d
Co-Authored-By: Ludovic Courtès <ludo@gnu.org>
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-12-18 18:32:40 +01:00
Giacomo Leidi
58f430f69e
accounts: Add /etc/subuid and /etc/subgid support.
This commit adds a new record type, <subid-entry> and serializers
and deserializers for it in (gnu build accounts).  Each instance of this
record represents one line in either /etc/subuid or /etc/subgid.  Since
Shadow uses the same representation for both files, it should be ok if
we do it as well.

This commit adds also <subid-range>, a user facing representation of
<subid-entry>. It is supposed to be usable directly in OS configurations.

* gnu/build/accounts.scm (subid-entry): New record;
(write-subgid): add serializer for subgids;
(write-subuid): add serializer for subuids;
(read-subgid): add serializer for subgids;
(read-subuid): add serializer for subuids.
* gnu/system/accounts.scm (subid-range): New record.
* test/accounts.scm: Test them.

Change-Id: I6b037e40e354c069bf556412bb5b626bd3ea1b2c
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-12-18 18:32:40 +01:00
Janneke Nieuwenhuizen
f2cefd700d
hurd-boot: Support second boot.
* gnu/build/hurd-boot.scm (boot-hurd-system): Check for stale shepherd socket
and remove it.  Be chattier about /hurd symlink replacement.

Change-Id: I5e528c131ebeadb7ebc9727336a0f9301af3e68e
2024-11-11 07:28:33 +01:00
Janneke Nieuwenhuizen
fdb23d9db8
bootloader: grub: Remove hardcoded partition number for the Hurd.
This supports using another than the default DISK0 PART1 and using LABEL or
UUID as root file-system specifier.  It still defaults to DISK0 PART1 if
the file-system cannot be found, i.e., lives only at the build side: A
virtual machine/childhurd build.

* gnu/build/file-systems.scm (%hurd-device-spec-regexp, %device-spec-regexp):
New variables.
(device-name->hurd-device-name, hurd-device-name->device-name,
device-spec->device, device-spec->device-name): Use them in new procedures.
* gnu/bootloader/grub.scm (make-grub-configuration): Use them to remove
hardcoded partition number (root-index 1).

Change-Id: I49fa93dacc09883dfb4d695402c5eac2e0e17286
2024-11-11 07:28:33 +01:00
Reepca Russelstein
4e6df8040e
activation: Create directory with specified perms in ‘mkdir-p/perms’.
There is currently a window of time between when the desired directory is
created and when its permissions are changed.  During this time, its
permissions are restricted only by the umask.

Of course, in the "directory already exists" case, this doesn't matter, but if
the directory has been specifically deleted ahead of time so that it is
created afresh, this is an unnecessary window.

We can avoid this by passing the caller-provided BITS to 'mkdirat' when
attempting to create the last directory.

* gnu/build/activation.scm (mkdir-p/perms): Create target directory with BITS
  permissions.

Change-Id: I03d2c620872e86b6f591abe0f1c8317aa1245383
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-11-03 23:10:44 +01:00
Janneke Nieuwenhuizen
7c93145d9e
hurd-boot: Support system init: Create essential device nodes.
* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Cater for existing
directories (dev, servers).
(set-hurd-device-translators): Remove /servers/socket/1, that is created by
libexec/console-run.  Cater for nonexistent /dev/console.
(boot-hurd-system): Call make-hurd-device-nodes on initial run.
2024-10-15 11:13:48 +02:00
Roman Scherer
886b410e6f
image: Add support for btrfs.
* gnu/build/image.scm (make-btrfs-image): New variable.
* gnu/system/image.scm (system-disk-image): Support btrfs.

Change-Id: I80a5b52ec478ce5927d6208e324cbb70282c647a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-10-14 14:08:43 +02:00
Roman Scherer
727a72c5e2
image: Use file system options in make-vfat-image.
* gnu/build/image.scm (make-vfat-image): Use file system options.

Change-Id: I791aadd2803d1ef96fc79cf8910a74a0083d2b6e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-10-14 14:08:43 +02:00
Tobias Geerinckx-Rice
191e0f9e52
file-systems: Add support for exFAT.
* gnu/build/file-systems.scm (%exfat-endianness): New syntax.
(exfat-superblock?, exfat-bytes-per-sector-shift)
(exfat-sectors-per-cluster-shift, exfat-root-directory-offset)
(exfat-cluster-size, read-exfat-superblock+root-directory-cluster)
(read-exfat-superblock, exfat-superblock-volume-name)
(exfat-superblock-uuid, check-exfat-file-system): New procedures.
(%partition-label-readers, %partition-uuid-readers): Register them.

Change-Id: I08bd3147d2d67e5766c9381ae2159bc01530b814
2024-09-01 02:00:00 +02:00
Maxime Devos
c1283e2039
activation: Fix TOCTTOU in mkdir-p/perms.
Fixes <https://issues.guix.gnu.org/47584>.

I removed the 'Based upon mkdir-p from (guix build utils)'
comment because it's quite a bit different now.

* gnu/build/activation.scm (verify-not-symbolic): Delete.
(mkdir-p/perms): Rewrite in terms of 'openat'.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: Id2f5bcbb903283afd45f6109190210d02eb383c7
2024-09-06 11:46:26 +02:00
Tobias Geerinckx-Rice
a97ca00a5d
gnu: image: Reformat comments.
I wrote these to fit on their lines, so the pointless widows bug me.

* gnu/build/image.scm (make-iso9660-image): M-q comments.
2024-08-31 10:42:46 +02:00
Tobias Geerinckx-Rice
71f0676a29
privilege: Add POSIX capabilities(7) support.
* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported.  Include privileged-program-capabilities
in the compatibility hack.
2024-08-11 02:00:00 +02:00
Tobias Geerinckx-Rice
f3b84be52d
build: Rename activate-setuid-programs.
* gnu/build/activation.scm (activate-setuid-programs): Rename this…
(activate-privileged-programs): …to this.
Operate on a list of <privileged-program> records.
* gnu/services.scm (setuid-program->activation-gexp): Adjust caller.
2024-08-11 02:00:00 +02:00
Tobias Geerinckx-Rice
d6c9754c56
services: setuid-program: Populate /run/privileged/bin.
Create /run/setuid-programs compatibility symlinks so that we can
migrate all users (both package and human) piecemeal at our leisure.

Apart from being symlinks, this should be a user-invisible change.

* gnu/build/activation.scm (%privileged-program-directory): New variable.
[activate-setuid-programs]: Put privileged copies in
%PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in
%SETUID-DIRECTORY.
* gnu/services.scm (setuid-program-service-type): Update docstring.
* doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
2024-08-11 02:00:00 +02:00
vicvbcun
2cbdec8bcd
file-systems: Allow specifying CIFS credentials in a file.
As files in the store and /etc/fstab are world readable, specifying the
password in the file-system record is suboptimal.  To mitigate this,
`mount.cifs' supports reading `username', `password' and `domain' options from
a file named by the `credentials' or `cred' option.

* gnu/build/file-systems.scm (mount-file-system): Read mount options from the
file specified via the `credentials' or `cred' option if specified.

Change-Id: I786c5da373fc26d45fe7a876c56a8c4854d18532
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-07-26 18:50:53 +02:00
Richard Sent
de0fbfbf0b
file-systems: Skip checking the cifs file-system type.
* gnu/build/file-systems.scm (check-file-system)[check-procedure]: Add cifs.

Change-Id: I891b18f03884ed45e92ac32556fe04b3087e20dd
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-07-20 12:12:16 +02:00
Richard Sent
3e87b207ce
file-systems: Add support for mounting CIFS file systems
* gnu/build/file-systems (canonicalize-device-name): Do not attempt to resolve
CIFS formatted device specifications.
(mount-file-systems): Add mount-cifs nested function.
* gnu/machine/ssh.scm (machine-check-file-system-availability): Skip checking
for CIFS availability, similar to NFS.
* guix/scripts/system.scm (check-file-system-availability): Likewise.

Change-Id: I182e290eba64bbe5d1332815eb93bb68c01e0c3c
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-06-04 12:08:34 +02:00
Richard Sent
9d6c4f5160
file-systems: Add host-to-ip nested function
* gnu/build/file-systems (mount-file-system): Split out getaddrinfo logic into a
dedicated function, (host-to-ip)

Change-Id: I522d70a10651ca79533a4fc60b96b884243a3526
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-06-04 12:08:34 +02:00
Maxim Cournoyer
afacfa33ec
gnu: linux-libre: Enable Zstd compression of kernel modules.
This brings the on disk size of the kernel from 164 MiB to 144 MiB, or about
12%.

* gnu/packages/linux.scm (default-extra-linux-options)
[version>=5.13]: Enable CONFIG_MODULE_COMPRESS_ZSTD, else
CONFIG_MODULE_COMPRESS_GZIP.
(make-linux-libre*) [phases] {set-environment}: Set ZSTD_CLEVEL environment
variable to 19.
[native-inputs]: Add zstd.
* gnu/build/linux-modules.scm (module-regex): Add .zst to regexp.  Update doc.
(modinfo-section-contents): Extend support to Zstd compressed module.
(dot-ko): Register the 'zstd compression type.
(ensure-dot-ko, file-name->module-name, load-linux-module*)
(module-name->file-name/guess, write-module-name-database)
(write-module-alias-database, write-module-device-database): Update doc.
(module-name-lookup): Also consider zstd-compressed modules.
* gnu/installer.scm (installer-program): Add guile-zstd extension to gexp.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Likewise.
Decompress zstd-compressed modules for use in initrd.
* guix/profiles.scm (linux-module-database): Add guile-zstd extension to gexp.

Change-Id: Ide899dc5c58ea5033583b1a91a92c025fc8d901a
2024-05-29 22:01:23 -04:00
Hilton Chain
7995816ec4
linux-modules: Ignore nonexistent module files on boot.
This is a follow-up to 8f8ec56052, which only
covers building initrd, while the booting code still tries to load nonexistent
files for builtin modules.

* gnu/build/linux-modules.scm (load-linux-modules-from-directory): Ignore
nonexistent module files.

Change-Id: I09ef207e82397e915e671c8464b92bcf90f03dcf
2024-03-27 22:23:38 +08:00
Nicolas Graves
27ee6f06d0
services: activation: Ensure /run existence.
* gnu/build/activation.scm (activation-script): Ensure /var/run existence.
* gnu/build/install.scm (evaluate-populate-directive)
[directives]: Remove directory /run.

Change-Id: I19ca8e7605c0cff598ab89077a94e20390ba27b0
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-02-19 18:42:12 +01:00
Nicolas Graves
e73db355b1
services: activation: Ensure /var/run existence.
* gnu/services.scm (activation-script): Ensure /var/run existence.
* gnu/build/install.scm (evaluate-populate-directive)
[directives]: Remove directory /var/run.

Change-Id: I5fb93d33b6b1f045f1e5ba206b9b0b74b5184260
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-02-19 18:41:47 +01:00
Nicolas Graves
a5f66c2446
file-systems: Recognize “none” as a valid device spec.
* gnu/build/file-systems (canonicalize-device-name): Fallback to tmpfs
if spec is "none".

Change-Id: Ia55c715d04c7611ba8c979f23f1ad4a8ed2e75b6
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-02-19 18:41:10 +01:00
Ludovic Courtès
5f34796dc4
marionette: Add #:peek? to ‘wait-for-tcp-port?’.
* gnu/build/marionette.scm (wait-for-tcp-port): Add #:peek? parameter
and honor it.

Change-Id: Ie7515a5223299390ab8af6fe5aa3cf63ba5c8078
2024-02-10 22:59:56 +01:00
Ludovic Courtès
f331a667d3
services: secret-service: Make the endpoint configurable.
Until now, the secret service had a hard-coded TCP endpoint on port
1004.  This change lets users specify arbitrary socket addresses.

* gnu/build/secret-service.scm (socket-address->string): New procedure,
taken from Shepherd.
(secret-service-send-secrets): Replace ‘port’ by ‘address’ and adjust
accordingly.
(secret-service-receive-secrets): Likewise.
* gnu/services/virtualization.scm (secret-service-shepherd-services):
Likewise.
(secret-service-operating-system): Add optional ‘address’ parameter and
honor it.  Adjust ‘start’ method accordingly.

Change-Id: I87a9514f1c170dca756ce76083d7182c6ebf6578
2024-02-10 22:59:43 +01:00
Josselin Poiret
93ac4c20bf
chromium-extension: Compute json at argument evaluation time.
* gnu/build/chromium-extension.scm (make-chromium-extension): Make use of the
make-signing-key procedure inside the argument field, making sure that it is
not evaluated at file-load time.  This would otherwise try to resolve gnutls
when we can't guarantee it's defined because of dependency cycles.

Change-Id: Ia7b13acfbca475c2df073e9a88fc8bb9264dd968
2023-12-27 17:18:52 +01:00
Ludovic Courtès
ca81317389
shepherd: Remove ‘make-forkexec-constructor/container’.
This was superseded by ‘least-authority-wrapper’.

* gnu/build/shepherd.scm (read-pid-file/container)
(make-forkexec-constructor/container): Remove.

Change-Id: I6acccdff2609a35807608f865a4d381146113a88
2023-12-22 00:31:42 +01:00
Jean-Pierre De Jesus DIAZ
c7d2faf178
gnu: cross-toolchain: Add set-cross-path for AVR.
* gnu/build/cross-toolchain.scm (set-cross-path/avr): New procedure.
(cross-gcc-build-phases) [string-prefix? "avr"]: Return
set-cross-path/avr procedure.

Signed-off-by: Jean-Pierre De Jesus DIAZ <me@jeandudey.tech>
Change-Id: I00bd39236ac2e31fef02164a7fffc8b56a166f0d
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2023-12-11 13:36:51 +02:00
Jean-Pierre De Jesus DIAZ
9095e10620
gnu: cross-gcc: Enable multilib for AVR.
* gnu/build/cross-toolchain.scm (patch-multilib-shebang): New procedure.
* gnu/packages/avr.scm (make-avr-gcc): Remove uneeded phases and flags
  for multilib.
* gnu/packages/cross-base (cross-gcc-arguments) <#:configure-flags>
  [target-avr?]: Remove --disable-multilib and add --enable-multilib.

Change-Id: Id68d803057ac898f0a670f10487b08bf0891ab0b
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2023-12-11 13:24:09 +02:00
Ludovic Courtès
1300c316e9
gnu: ‘make-icecat-extension’ inherits package location.
This is an improvement for the purposes of ‘guix edit’ & co.

* gnu/build/icecat-extension.scm (make-icecat-extension): Add ‘location’
field.

Change-Id: I896ae6823b3fe4ea013fa74e2c536f45664d8042
2023-12-10 21:46:52 +01:00
Tobias Geerinckx-Rice
d553249f72
linux-boot: Don't create /root before it's used.
* gnu/build/linux-boot.scm (boot-system): Postpone the MKDIR of /root.

Change-Id: I589316a5ddf41cada02173ed4dd5b7df09b795e8
2023-11-19 01:00:00 +01:00
Clément Lassieur
25043e01b6
gnu: icecat: Support Guix packaged extensions and native manifests.
* gnu/build/icecat-extension.scm: New file with a MAKE-ICECAT-EXTENSION
procedure that makes sure the add-on directory is a symlink, so that Icecat
can normalize it into a package store path.
* gnu/local.mk (dist_patch_DATA): Register it, as well as new patches.
* gnu/packages/browser-extensions.scm (ublock-origin)[properties]: Store the
add-on ID so that it is accessible in MAKE-ICECAT-EXTENSION.
[arguments]: Use the add-on ID as root directory.
(ublock-origin/icecat): New procedure.
* gnu/packages/gnuzilla.scm (icecat-minimal)[arguments]: Rewrite the unused
'apply-guix-specific-patches' phase so that it applies the following two
patches.
[native-search-paths]: New field.
* gnu/packages/patches/icecat-compare-paths.patch: New patch that compares
add-on paths (which are package store paths) to detect package changes.
* gnu/packages/patches/icecat-use-system-wide-dir.patch: New patch that
replaces "/usr/lib/mozilla" (the system-wide directory for extensions and
native manifests) with "$ICECAT_SYSTEM_DIR".
2023-10-23 11:19:02 +02:00
Tobias Geerinckx-Rice
47e265af75
linux-modules: Fix module dependency loading.
* gnu/build/linux-modules.scm (dot-ko): Make COMPRESSION optional,
as expected by callers RECURSIVE-MODULE-DEPENDENCIES and
LOAD-LINUX-MODULE*.
2023-10-15 02:00:00 +02:00
Ludovic Courtès
8b8ab17561
accounts: Fix typo in comment.
* gnu/build/accounts.scm (passwd->shadow): Fix typo in comment.
2023-10-12 18:53:06 +02:00
Ludovic Courtès
002c5bec07
accounts: Ensure ‘last-change’ field of shadow entries is never zero.
* gnu/build/accounts.scm (passwd->shadow): Add ‘max’ call so NOW is
greater than or equal to 1.
2023-10-08 23:43:49 +02:00
Ludovic Courtès
e90a972ce2
secret-service: Increase default handshake timeout.
* gnu/build/secret-service.scm (secret-service-send-secrets):
Increase #:handshake-timeout.
2023-10-01 22:58:19 +02:00
Janneke Nieuwenhuizen
0a1af11ff8
hurd-boot: Setup/dev/hdX, /dev/hdXsY IDE device node translators.
The gnumach builtin IDE hd devices are still used, unless booting with
"noide".

* gnu/build/hurd-boot.scm (set-hurd-device-translators): Create /dev/hd{0..3},
/dev/hd{0..3}s{0..3}.
2023-10-01 15:51:23 +02:00
Tobias Geerinckx-Rice
5a2c3352d8
Revert "gnu: system: Add home-directory-permissions field to <user-account>."
This reverts commit e9a5eebc78, which
as far as I can tell breaks system roll-backs thusly:

[...]
In gnu/build/accounts.scm:
   239:27  3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >)
In unknown file:
           2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>)
In ice-9/boot-9.scm:
  1685:16  1 (raise-exception _ #:continuable? _)
  1685:16  0 (raise-exception _ #:continuable? _)

ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t
2023-08-20 02:00:00 +02:00
David Thompson
e9a5eebc78
gnu: system: Add home-directory-permissions field to <user-account>.
* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New
field.
(user-account-home-directory-permissions): New accessor.
* gnu/build/activation.scm (activate-users+groups): Use home directory
permission bits from the user account object.
* doc/guix.texi (User Accounts): Document new field.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-08-25 15:12:54 +02:00
Bruno Victal
6a86e2d13a
marionette: Allow passing custom OCR arguments.
* gnu/build/marionette.scm (%default-ocrad-arguments): New variable.
(invoke-ocrad-ocr, invoke-tesseract-ocr, marionette-screen-text)
[ocr-arguments]: New argument.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-07-19 10:38:15 -04:00
Janneke Nieuwenhuizen
030b15d466
hurd-boot: Cater for netdde.
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Setup translators for
netdde, eth{0,1}.  Create /servers/socket/{inet,inet6} symlinks.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-07-13 18:59:57 +02:00
Janneke Nieuwenhuizen
fe873fb417
hurd-boot: Setup pci-arbiter and rumpdisk translators.
* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Create "servers/bus/pci.
(set-hurd-device-translators): Create transators for pci-arbiter, rumpdisk,
and /dev/wd0..3s1..4.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-07-13 18:58:58 +02:00
Efraim Flashner
cd55aa9801
gnu: image: Add support for unformatted partitions.
* gnu/build/image.scm (make-unformatted-image): New procedure.
(make-partition-image): Add support for unformatted partition.
* gnu/system/image.scm (system-disk-image)[partition->gpt-type]: Add
case for using unformatted partition uuid.
2023-06-14 14:52:21 +03:00
Josselin Poiret
e041801e61
hurd-boot: Symlink /hurd before setting up translators.
* gnu/build/hurd-boot.scm (boot-hurd-system): Symlink /hurd before setting up
translators.

Reviewed-by: Janneke Nieuwenhuizen <janneke@gnu.org>
2023-05-17 22:26:06 +02:00
Ludovic Courtès
e88bf64e6f
services: dbus-service, secret-service: Do not cause (fibers) to be loaded.
* gnu/build/dbus-service.scm (sleep*): Pass #:ensure #f to 'resolve-module'.
* gnu/build/secret-service.scm (wait-for-readable-fd): Likewise.
2023-05-06 17:12:45 +02:00
Tobias Geerinckx-Rice
4ef9a5dd5e
file-systems: Validate 'no-diratime flag.
This follows up on commit c077345539, and
adds a comment to avoid this in future.

* gnu/system/file-systems.scm (invalid-file-system-flags):
Add 'no-diratime to the list of KNOWN-FLAGS.
2023-02-26 01:00:07 +01:00
Ludovic Courtès
0ef8fe22ed
linux-container: 'container-excursion' forks to join the PID namespace.
Fixes <https://issues.guix.gnu.org/61156>.

* gnu/build/linux-container.scm (container-excursion): Add extra call to
'primitive-fork' and invoke THUNK in the child process.
* tests/containers.scm ("container-excursion"): Remove extra
'primitive-fork' call, now unnecessary.
("container-excursion*, /proc"): New test.
2023-01-30 22:24:27 +01:00
Ludovic Courtès
52eb3db19c
container: Correctly report exit status.
* gnu/build/linux-container.scm (container-excursion): Return the raw
status value.
* tests/containers.scm ("container-excursion, same namespaces"): Add
'status:exit-val' call.
* guix/scripts/container/exec.scm (guix-container-exec): Correctly
handle the different cases.
2023-01-30 22:24:27 +01:00
Ludovic Courtès
69fc67b6bb
hurd-boot: Fix list of devices with translators.
Fixes a regression introduced in
450f774028 and
e3c6575ee9, which introduced
unquote-splicing without changing quote to quasiquote.

* gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Use
quasiquote, note quote.
2022-12-24 00:45:47 +01:00