Specific versions of Node depend on specific versions of libuv.
* gnu/packages/libevent.scm (libuv-for-node-lts): New package.
Change-Id: I97f6b96002dde37a0cec56dbfd7ff8722982ff89
The node-lts package can now be built using the standard c-ares package.
* gnu/packages/adns.scm (c-ares-for-node): Delete variable.
Change-Id: I9e613f2d4aeacb6079d69f5bef22d11eb8dc6b18
This hidden package is not needed as the ancient version of node we use to
bootstrap llhttp can be built using the standard nghttp2 package.
* gnu/packages/web.scm (assimp-5.0): Delete variable.
Change-Id: Ib077fcc55c9bf7fd3caab69220aa8c86e5c33f8a
This is a follow-up to commit
a1ecd7f56c
system: Add /etc/subuid and /etc/subgid support.
This file was already registered in gnu/local.mk.
* gnu/tests/shadow.scm: New file.
Change-Id: I1785206d56357f8262bd4277ef48f29183c47adc
Previously, since input rewriting did not happen recursively, libgcrypt
would for instance be built against the old libgpg-error.
* etc/manifests/upgrade.scm (joint-security-upgrades): Pass #:recursive? #t
to ‘package-input-rewriting’.
Change-Id: I7daaa11629aa12b833ca941a3a996c3db2754a7a
* gnu/services/containers.scm: New file;
(rootless-podman-configuration): new variable;
(rootless-podman-service-subids): new variable;
(rootless-podman-service-accounts): new variable;
(rootless-podman-service-profile): new variable;
(rootless-podman-shepherd-services): new variable;
(rootless-podman-service-etc): new variable;
(rootless-podman-service-type): new variable.
* gnu/local.mk: Test it.
* gnu/local.mk: Add them.
* doc/guix.texi (Miscellaneous Services): Document it.
Change-Id: I041496474c1027da353bd6852f2554a065914d7a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
There doesn't seem to be a reason to force users to write
(service iptables-service-type
(iptables-configuration))
instead of simply
(service iptables-service-type)
This patch provides a default value for the iptables-service-type.
* gnu/services/networking.scm (iptables-service-type): Set default-value.
Change-Id: I93b6c544dfb064c7a0a999549dff61007a38f842
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit adds a Guix System service to handle allocation of subuid
and subgid requests. Users that don't care can just add themselves as a
subid-range and don't need to specify anything but their user name.
Users that care about specific ranges, such as possibly LXD, can specify
a start and a count.
* doc/guix.texi (Miscellaneous Services): Document it.
* gnu/build/activation.scm (activate-subuids+subgids): New variable.
* gnu/local.mk: Add gnu/tests/shadow.scm.
* gnu/system/accounts.scm (sexp->subid-range): New variable.
* gnu/system/shadow.scm (%root-subid): New variable;
(subids-configuration): new record;
(subid-range->gexp): new variable;
(assert-valid-subids): new variable;
(delete-duplicate-ranges): new variable;
(subids-activation): new variable;
(subids-extension): new record;
(append-subid-ranges): new variable;
(subids-extension-merge): new variable;
(subids-service-type): new variable.
* gnu/tests/shadow.scm (subids): New system test.
Change-Id: I3755e1c75771220c74fe8ae5de1a7d90f2376635
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit adds allocation logic for subid ranges. Subid ranges are
ranges of contiguous subids that are mapped to a user in the host
system. This patch implements a flexible allocation algorithm allowing
users that do not want (or need) to specify details of the subid ranges
that they are requesting to avoid doing so, while upholding requests of
users that need to have specific ranges.
* gnu/build/accounts.scm (%subordinate-id-min): New variable;
(%subordinate-id-max): new variable;
(%subordinate-id-count): new variable;
(subordinate-id?): new variable;
(&subordinate-id-error): new variable;
(&subordinate-id-overflow-error): new variable;
(&illegal-subid-range-error): new variable;
(&specific-subid-range-expected-error): new variable;
(&generic-subid-range-expected-error): new variable;
(within-interval?): new variable;
(allocate-unused-range): new variable;
(allocate-generic-range): new variable;
(allocate-specific-range): new variable;
(reserve-subids): new variable;
(range->entry): new variable;
(entry->range): new variable;
(allocate-subids): new variable;
(subuid+subgid-databases): new variable.
* gnu/system/accounts.scm (subid-range-end): New variable;
(subid-range-has-start?): new variable;
(subid-range-less): new variable.
* test/accounts.scm: Test them.
Change-Id: I8de1fd7cfe508b9c76408064d6f498471da0752d
Co-Authored-By: Ludovic Courtès <ludo@gnu.org>
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit adds a new record type, <subid-entry> and serializers
and deserializers for it in (gnu build accounts). Each instance of this
record represents one line in either /etc/subuid or /etc/subgid. Since
Shadow uses the same representation for both files, it should be ok if
we do it as well.
This commit adds also <subid-range>, a user facing representation of
<subid-entry>. It is supposed to be usable directly in OS configurations.
* gnu/build/accounts.scm (subid-entry): New record;
(write-subgid): add serializer for subgids;
(write-subuid): add serializer for subuids;
(read-subgid): add serializer for subgids;
(read-subuid): add serializer for subuids.
* gnu/system/accounts.scm (subid-range): New record.
* test/accounts.scm: Test them.
Change-Id: I6b037e40e354c069bf556412bb5b626bd3ea1b2c
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/system/examples/bare-hurd64.tmpl: Remove --machine q35, there seems to
be no longer any need for this. Mention that there is no login prompt.
* gnu/system/examples/devel-hurd64.tmpl: Likewise.
Change-Id: Ib918cff3ca96f2a199869e876b6a75fedb09c983
* gnu/packages/patches/librewolf-use-system-wide-dir.patch: New file.
* gnu/local.mk (dist_patch_DATA): Regisiter it.
* gnu/packages/librewolf.scm (make-librewolf-source)[patches]: Add it along with
torbrowser-compare-paths.patch.
(librewolf)[native-search-paths]: Add ICECAT_SYSTEM_DIR.
Change-Id: I8609d25a7e2725ad94ab257d720326639eb06778
* gnu/packages/patches/libjami-libgit2-compatibility.patch: New file.
* gnu/packages/jami.scm (libjami)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
Change-Id: I6a87d47f9a0ec1663b7ad3459960e9aaaf4bf562
* doc/guix.texi Add note on nsncd in Name Service Switch section.
Change-Id: Ib804ab2e7d83d13f8f81d875f957eae2304eb232
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
