The "image-root" derivation output is used as a temporary directory that is
passed to mke2fs and mkdosfs later on. By merging the creation of this
directory and the production of partition images, we can get rid of the
derivation.
As mke2fs and mkdosfs are not able to override file permissions, call those
commands with fakeroot. This way, all the image files will be owned by root,
even if image generation is done in an unprivilegded context.
* gnu/system/image.scm (system-disk-image): Merge "image-root" and
"iso9660-image" derivations so that we spare an extra derivation. Also add
"fakeroot" and its runtime dependencies to the inputs.
* gnu/build/image.scm (make-ext-image, make-vfat-image): Make sure that mke2fs
and mkdosfs are respectively called by fakeroot.
The "image-root" derivation output is used as a temporary directory that is
passed to GNU Xorriso later on. By merging the creation of this directory and
the production of an ISO image, we can get rid of the derivation.
* gnu/system/image.scm (system-iso9660-image): Merge "image-root" and
"iso9660-image" derivations so that we spare an extra derivation.
* gnu/image.scm (<image>)[target]: New field,
(image-target): new public method.
* gnu/system/image.scm (hurd-disk-image): Set "i586-pc-gnu" as image 'target'
field,
(maybe-with-target): new procedure,
(system-image): honor image 'target' field using the above procedure.
The initial
guix build -f gnu/system/hurd.scm
hack has been superseded by regular guix system (cross) build.
* gnu/system/hurd.scm (compile-manifest, cross-hurd-image): Remove.
* gnu/system/hurd.scm (%hurd-def%hurd-default-operating-system-kernel,
%hurd-default-operating-system): New exported variables.
* gnu/system/examples/bare-hurd.tmpl: New file.
* Makefile.am (EXAMPLES): Add it.
* tests/guix-system.sh: Add --target=i586-pc-gnu when testing it.
Use "openssh-sans-x" to prevent the inclusion of X libraries to the bare-bones
system closure.
* gnu/system/examples/bare-bones.tmpl (operating-system)[services]: Use
openssh-sans-x instead of openssh.
During the installation, it may be needed to build locales that are not
covered by glibc-utf8-locales. Make sure that the libraries required to build
locales are available.
This is a follow-up of 0eed771275.
* gnu/system/install.scm (installation-os)[services]: Add
%default-locale-libcs to gc-root-service-type.
* gnu/system/vm.scm (qemu-image)[preserve-target, inputs*]: New variables.
In gexp, use INPUTS* instead of INPUTS. Wrap OS and BOOTCFG-DRV in
'preserve-target'. Pass INPUTS* instead of INPUTS as the #:references-graphs.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Remove #:target.
[builder]: Use #+. Don't pass #:target-arm32? and #:target-aarch64? to
'load-in-linux-vm'.
Pass #:target #f to 'gexp->derivation'.
(qemu-image): Adjust accordingly.
* gnu/build/vm.scm (load-in-linux-vm): Remove #:target-aarch64?
and #:target-arm32?. Define them as local variables.
Now that installing Grub on raw disk-images is supported, we do not need to
rely on (gnu system vm) module.
* gnu/system/image.scm (make-system-image): Rename to ...
(system-image): ... this, and remove the compatibility wrapper.
(find-image): Turn to a monadic procedure. This will become useful when
introducing Hurd support, to be able to detect the target system.
* gnu/ci.scm (qemu-jobs): Use lower-object now that system-image returns a
file-like object.
* gnu/tests/install.scm (run-install): Ditto.
* guix/scripts/system.scm (system-derivation-for-action): Add a 'base-image'
argument,
(perform-action): adapt accordingly.
The generic 'efi-disk-image' needs to be bootable on systems without EFI. To
do that, GRUB is installed in the post-MBR gap. Make sure that the first
partition starts with an offset, to make this gap large enough for GRUB.
* gnu/system/image.scm (root-offset, root-label): New variables,
(esp-partition): use 'root-offset' as the partition offset,
(root-partition): use 'root-label' as the partition label.
* gnu/build/image.scm (initialize-root-partition): Add bootloader-package and
bootloader-installer arguments. Run the bootloader-installer if defined.
* gnu/system/image.scm (system-disk-image): Adapt the partition initializer
call accordingly.
* gnu/bootloader.scm (<bootloader>)[disk-image-installer]: New field,
(bootloader-disk-image-installer): export it.
* gnu/bootloader/grub.scm (install-grub-disk-image): New procedure ...
(grub-bootloader): ... used as "disk-image-installer" here.
(grub-efi-bootloader): set "disk-image-installer" to #f.
* gnu/system/image.scm (root-partition?, find-root-partition): Move to
"Helpers" section.
(root-partition-index): New procedure.
(system-disk-image): Honor disk-image-installer, and
use it to install the bootloader directly on the disk-image, if supported.
This is superseded by <profile>, which was added in
ef674a24c5.
* gnu/system/hurd.scm (compile-manifest): Remove.
(cross-hurd-image)[system-profile]: Define using 'profile'.
* gnu/system/image.scm (system-disk-image): Use the native version of the
helper packages (e2fsprogs, dosfstools, mtools, genimage, coreutils and
findutils).
* gnu/image.scm (partition-offset): New procedure,
(<partition>)[offset]: new field.
* gnu/system/image.scm (system-disk-image): Apply the partition offset.
* gnu/bootloader/grub.scm (strip-mount-point): Remove procedure.
(normalize-file): Add procedure.
(grub-configuration-file): New BTRFS-SUBVOLUME-FILE-NAME parameter. When
defined, prepend its value to the kernel and initrd file names, using the
NORMALIZE-FILE procedure. Adjust the call to EYE-CANDY to pass the
BTRFS-SUBVOLUME-FILE-NAME argument. Normalize the KEYMAP file as well.
(eye-candy): Add a BTRFS-SUBVOLUME-FILE-NAME parameter, and use it, along with
the NORMALIZE-FILE procedure, to normalize the FONT-FILE and IMAGE nested
variables. Adjust doc.
* gnu/bootloader/depthcharge.scm (depthcharge-configuration-file): Adapt.
* gnu/bootloader/extlinux.scm (extlinux-configuration-file): Likewise.
* gnu/system/file-systems.scm (btrfs-subvolume?)
(btrfs-store-subvolume-file-name): New procedures.
* gnu/system.scm (operating-system-bootcfg): Specify the Btrfs
subvolume file name the store resides on to the
`operating-system-bootcfg' procedure, using the new
BTRFS-SUBVOLUME-FILE-NAME argument.
* doc/guix.texi (File Systems): Add a Btrfs subsection to document the use of
subvolumes.
* gnu/tests/install.scm (%btrfs-root-on-subvolume-os)
(%btrfs-root-on-subvolume-os-source)
(%btrfs-root-on-subvolume-installation-script)
(%test-btrfs-root-on-subvolume-os): New variables.
Previously, since the switch to Guile 3, we'd see this warning repeated
several times at boot time:
WARNING: …: imported module (guix build utils) overrides core binding `delete'
* gnu/system/linux-initrd.scm (raw-initrd): In gexp, #:hide 'delete'
from (guix build utils). Wrap 'boot-system' in 'parameterize'.
* gnu/system/vm.scm (expression->derivation-in-linux-vm)[check]: New macro.
[builder]: Use 'let-system' and 'check' instead of referencing
'%current-system' and '%current-target-system'.
* gnu/services/dbus.scm (polkit-service-type)[description]: New field.
* gnu/services/dict.scm (dicod-service-type)[description]: New field.
* gnu/services/dns.scm (knot-service-type)[description]: New field.
* gnu/services/networking.scm (dhcpd-service-type)[description]: New field.
* gnu/services/shepherd.scm (shepherd-root-service-type)[description]:
New field.
* gnu/services/xorg.scm (slim-service-type)[description]: New field.
(screen-locker-service-type)[description]: New field.
* gnu/system/pam.scm (pam-root-service-type)[description]: New field.
* gnu/system/shadow.scm (account-service-type)[description]: New field.
* gnu/system/vm.scm (system-docker-image): Add #:shared-network? and
pass it to 'containerized-operating-system'.
(qemu-image):
* guix/scripts/system.scm (system-derivation-for-action): Pass
#:shared-network? to 'system-docker-image'.
* doc/guix.texi (Invoking guix system): Document it.
* gnu/build/vm.scm (install-efi, make-iso9660-image): Remove those procedures
that are now implemented in (gnu build image) module,
(initialize-hard-disk): remove efi support.
* gnu/system/vm.scm (iso9660-image): Remove it,
(qemu-image): adapt it to remove ISO9660 support.
Raw disk-images and ISO9660 images are created in a Qemu virtual machine. This
is quite fragile, very slow, and almost unusable without KVM.
For all these reasons, add support for host image generation. This implies the
use new image generation mechanisms.
- Raw disk images: images of partitions are created using tools such as mke2fs
and mkdosfs depending on the partition file-system type. The partition
images are then assembled into a final image using genimage.
- ISO9660 images: the ISO root directory is populated within the store. GNU
xorriso is then called on that directory, in the exact same way as this is
done in (gnu build vm) module.
Those mechanisms are built upon the new (gnu image) module.
* gnu/image.scm: New file.
* gnu/system/image.scm: New file.
* gnu/build/image: New file.
* gnu/local.mk: Add them.
* gnu/system/vm.scm (system-disk-image): Rename to system-disk-image-in-vm.
* gnu/ci.scm (qemu-jobs): Adapt to new API.
* gnu/tests/install.scm (run-install): Ditto.
* guix/scripts/system.scm (system-derivation-for-action): Ditto.
This eases transition for anyone reconfiguring and still having profiles
with packages using the former libc.
* gnu/system/locale.scm (%default-locale-libcs): Add GLIBC-2.29.
* gnu/system/file-systems.scm (%control-groups): Add "pids".
* gnu/services/docker.scm (docker-shepherd-service): Resolve a TODO.
This has allowed me to make a specific configuration of nsjail work.
Because the installer's uvesafb service loads uvesafb only on some machines.
This is a follow-up to commit 0ad60b2a89.
* gnu/system/install.scm (uvesafb-shepherd-service): Adjust provision and
description fields.
Until now, 'user-homes' happened to start right after 'user-processes'
and before services that depend on a home directory but the dependency
was not explicit. This addresses it.
* gnu/system/shadow.scm (account-service-type): Extend
USER-PROCESSES-SERVICE-TYPE.
Fixes <https://bugs.gnu.org/40538>.
Machines without Kernel Mode Setting (those with many old and current AMD
GPUs, SiS GPUs, …) need uvesafb to show the GUI installer. Some may also need
a kernel parameter like nomodeset or vga=793, but we leave that for the user
to specify in GRUB.
* gnu/system/install.scm (uvesafb-shepherd-service): New procedure.
(uvesafb-service-type): New variable.
(%installation-services): Add it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This fixes
In procedure getaddrinfo: Servname not supported for ai_socktype
* gnu/system/hurd.scm (%base-packages/hurd): Add net-base, inetutils.
(cross-hurd-image): Add /etc/{services,protocols} from net-base.
* gnu/system/hurd.scm (%base-packages/hurd): New variable.
(cross-hurd-image)[for-hurd]: New function.
(cross-hurd-image)[hurd-os]: Use them.
(cross-hurd-image)[profile]: Hack'y .profile for root, only setting PATH.
* gnu/build/vm.scm (root-partition-initializer): Add #:make-device-nodes
parameter and use it.
* gnu/system/vm.scm (qemu-image): Add #:device-node parameter. Pass
#:make-device-nodes to 'root-partition-initializer'.
* gnu/build/vm.scm (<partition>)[file-system-options]: New field.
(create-ext-file-system, create-fat-file-system)
(format-partition): Add #:options and honor it.
(initialize-partition): Pass #:options to 'format-partition'.
* gnu/system/vm.scm (qemu-image): Add #:file-system-options and use it
for the root partition.
* gnu/build/vm.scm (root-partition-initializer): Add #:extra-directives
parameter and pass it to 'populate-root-file-system'.
* gnu/system/vm.scm (qemu-image): Add #:extra-directives parameter and
pass it to 'root-partition-initializer'.
This fixes a regression introduced in 8e53fe2b91
where 'guix system vm' would no longer be using virtio.
* gnu/system/vm.scm (common-qemu-options): Add "-nic user,model=virtio-net-pci".
This is a followup to a328f66a9e.
* gnu/system/vm.scm (iso9660-image): Add #:substitutable? and pass it to
'expression->derivation-in-linux-vm'.
(system-disk-image): Pass #:substitutable? to 'iso9660-image'.
This is a followup to a328f66a9e.
* gnu/system/vm.scm (iso9660-image): Add #:substitutable? and pass it to
'expression->derivation-in-linux-vm'.
(system-disk-image): Pass #:substitutable? to 'iso9660-image'.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Add
#:substitutable? parameter. Pass it to 'gexp->derivation'.
(qemu-image): Add #:substitutable? and pass it to
'expression->derivation-in-linux-vm'.
(system-disk-image): Add #:substitutable? and pass it to 'qemu-image'.
Reported by Florian Pelz <pelzflorian@pelzflorian.de>.
* gnu/bootloader/grub.scm (keyboard-layout-file): Replace commas with
hyphens in the first argument to 'computed-file'.
* gnu/system/keyboard.scm (keyboard-layout->console-keymap): Likewise.
* doc/guix.texi (Keyboard Layout): Add example.
This reverts commit bd71818df3.
This changed caused system reconfiguration to fail like this:
------
building /gnu/store/y1x8asbzw624ywgkpin35p1i4bqnyfy2-skel.drv...
Backtrace:
4 (primitive-load "/gnu/store/2x7d0jsbgf2ndb5fsk0nj07rhsx?")
In ice-9/eval.scm:
619:8 3 (_ #f)
In ice-9/boot-9.scm:
260:13 2 (for-each #<procedure 7ffff6ad8100 at ice-9/eval.scm:3?> ?)
In guix/build/utils.scm:
343:27 1 (_ "/gnu/store/ajrgkj1s9vdcq00drn703f4zj9dvfrsv-nanorc" ?)
In unknown file:
0 (copy-file "/gnu/store/ajrgkj1s9vdcq00drn703f4zj9dvfrs?" ?)
ERROR: In procedure copy-file:
In procedure copy-file: No such file or directory
`/gnu/store/v1grsca743phw41lyf63dzmh9nz5jlpn-bash_profile' -> `.bash_profile'
`/gnu/store/xdsaw0mj6axj427hyi6ysrnsxi21n7d5-bashrc' -> `.bashrc'
`/gnu/store/6i0b236dyar78zc5k5hrj5dv3vr4zb9w-zprofile' -> `.zprofile'
`/gnu/store/ajrgkj1s9vdcq00drn703f4zj9dvfrsv-nanorc' -> `.config/nano/nanorc'
builder for `/gnu/store/y1x8asbzw624ywgkpin35p1i4bqnyfy2-skel.drv' failed with exit code 1
------
Fixes <https://bugs.gnu.org/34276>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
* gnu/system/vm.scm (expression->derivation-in-linux-vm)[loader]:
Produce '/xchg/.exit-status' file upon success.
* gnu/build/vm.scm (load-in-linux-vm): Check for 'xchg/.exit-status'
once QEMU has completed and respond accordingly.
This is a followup to 1540075c79.
The mistake had no effect on prior Guile versions but it's visible since
Guile 3.0.1 and the fix for <https://bugs.gnu.org/39634>.
* gnu/system/vm.scm (operating-system-uuid): Hash a list of
'file-system-digest' values, not the 'file-system-type' procedure.
This is a follow-up of dfc8ccbf5d. Building
locales using the same glibc as the one programs are linked against is
enough.
* gnu/system/locale.scm (%default-locale-libcs): Use the plain glibc package.
* gnu/build/vm.scm (load-in-linux-vm): Move Qemu network configuration from
ARCH-SPECIFIC-FLAGS to the Qemu command line. Use the "-nic" option of Qemu
instead of "-device" and "-net".
* gnu/system/vm.scm (common-qemu-options): Do not add a '-net' command.
(virtual-machine-compiler): Use "-nic user,..." instead of "-net".
* doc/guix.texi (Installing Guix in a VM, Invoking guix system, Running Guix
in a VM): Do the same for examples.
This example is broken since commit
99c45877a9 (wrong file name passed to
'local-file'), and its functionality is superseded by the upcoming
'provenance-service-type'.
* gnu/system/examples/vm-image.tmpl (this-file): Remove.
<services>: Remove 'config-file service.
This is a followup to 99c45877a9, which
introduced a regression: "guix system build gnu/system/install.scm"
would fail to find the .tmpl files.
* gnu/system/install.scm (/etc/configuration-files)[file]: Remove.
[directory]: Use 'local-file' with a literal string.
* gnu/system.scm (system-linux-image-file-name): Add support for cross-built
systems. Remove system argument that was ignored,
(operating-system-kernel-file): adapt by removing ignored os argument.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Add target
argument and turn inputs into native-inputs. Pass target to qemu-command
and gexp->derivation calls.
(iso9660-image): Add target argument and pass it to
expression->derivation-in-linux-vm. Remove qemu from inputs as it
is not necessary.
(qemu-image): Add target argument, also remove qemu from inputs. Pass
target argument to expression->derivation-in-linux-vm call.
* gnu/build/vm.scm (load-in-linux-vm): Add target-arm64? argument and use it
to pass correct arguments to qemu.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Pass the new
target-arm64? argument added above. Do not add ESP partition on all ARM
targets. Do not pass grub-efi package to initialize-hard-disk on ARM targets.
* gnu/system/vm.scm (system-disk-image): Honor the VOLATILE? parameter instead
of hard coding its value to #t.
Reported-by: Jelle Licht <jlicht@fsfe.org>
Fixes <https://bugs.gnu.org/37967>.
Reported by Ivan Vilata i Balaguer <ivan@selidor.net>.
* gnu/system/file-systems.scm (%network-file-mappings): Set 'writable?'
to #true for /var/run/nscd.
* gnu/packages/bootloaders (u-boot-firefly-rk3399): New variable.
* gnu/bootloader/u-boot (install-firefly-rk3399-u-boot): New variable.
(u-boot-firefly-rk3399-bootloader): New variable.
* gnu/system/install (define firefly-rk3399-installation-os): New variable.
* gnu/packages/bootloaders (u-boot-rock64-rk3328): New variable.
* gnu/bootloader/u-boot (install-rock64-rk3328-u-boot): New variable.
(u-boot-rock64-rk3328-bootloader): New variable.
* gnu/system/install (define rock64-installation-os): New variable.
This fixes a type error.
* gnu/system/linux-container.scm (eval/container): Use 'append-map', not
'map'.
* tests/containers.scm ("eval/container, non-empty load path"): New test.
* gnu/build/linux-container.scm (call-with-container): Add
#:process-spawned-hook and honor it.
* gnu/system/linux-container.scm (container-script)[script]:
Define 'explain' and pass it as #:process-spawned-hook'.
This allows containers created by "guix environment -CN" or by
"guix system container -N" to talk to the host nscd.
* gnu/system/file-systems.scm (%network-file-mappings): Add
"/var/run/nscd".
* gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove.
* gnu/system/linux-container.scm (container-script)[nscd-run-directory]
[nscd-mapping, nscd-os, nscd-specs]: Remove.
[script]: Filter out from SPECS bind-mounts where the device does not
exist.
* guix/scripts/environment.scm (launch-environment/container)
[optional-mapping->fs]: New procedure.
[mappings]: Remove %NETWORK-FILE-MAPPINGS.
[file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through
'optional-mapping->fs'.
Fixes <https://bugs.gnu.org/34902>.
Reported by Julien Lepiller <julien@lepiller.eu>.
* gnu/build/linux-modules.scm (module-formal-name): New procedure.
(load-linux-modules-from-directory)[lookup-module]: Remove.
[module-name->file-name]: New variable. Use it.
(module-name->file-name/guess, module-name-lookup)
(write-module-name-database): New procedures.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Call
'write-module-name-database'.
Guile-JSON 3.x is incompatible with Guile-JSON 1.x, which we relied on
until now: it maps JSON dictionaries to alists (instead of hash tables),
and JSON arrays to vectors (instead of lists). This commit is about
adjusting all the existing code to this new mapping.
* m4/guix.m4 (GUIX_CHECK_GUILE_JSON): New macro.
* configure.ac: Use it.
* doc/guix.texi (Requirements): Mention the Guile-JSON version.
* guix/git-download.scm (git-fetch)[guile-json]: Use GUILE-JSON-3.
* guix/import/cpan.scm (string->license): Expect vectors instead of
lists.
(module->dist-name): Use 'json-fetch' instead of 'json-fetch-alist'.
(cpan-fetch): Likewise.
* guix/import/crate.scm (crate-fetch): Likewise, and call 'vector->list'
for DEPS.
* guix/import/gem.scm (rubygems-fetch): Likewise.
* guix/import/json.scm (json-fetch-alist): Remove.
* guix/import/pypi.scm (pypi-fetch): Use 'json-fetch' instead of
'json-fetch-alist'.
(latest-source-release, latest-wheel-release): Call 'vector->list' on
RELEASES.
* guix/import/stackage.scm (stackage-lts-info-fetch): Use 'json-fetch'
instead of 'json-fetch-alist'.
(lts-package-version): Use 'vector->list'.
* guix/import/utils.scm (hash-table->alist): Remove.
(alist->package): Pass 'vector->list' on the inputs fields, and default
to the empty vector.
* guix/scripts/import/json.scm (guix-import-json): Remove call to
'hash-table->alist'.
* guix/swh.scm (define-json-reader): Expect pair? or null? instead of
hash-table?.
[extract-field]: Use 'assoc-ref' instead of 'hash-ref'.
(json->branches): Use 'map' instead of 'hash-map->list'.
(json->checksums): Likewise.
(json->directory-entries, origin-visits): Call 'vector->list' on the
result of 'json->scm'.
* tests/import-utils.scm ("alist->package with dependencies"): New test.
* gnu/installer.scm (build-compiled-file)[builder]: Use GUILE-JSON-3.
* gnu/installer.scm (installer-program)[installer-builder]: Likewise.
* gnu/installer/locale.scm (iso639->iso639-languages): Use 'assoc-ref'
instead of 'hash-ref', and pass vectors through 'vector->list'.
(iso3166->iso3166-territories): Likewise.
* gnu/system/vm.scm (system-docker-image)[build]: Use GUILE-JSON-3.
* guix/docker.scm (manifest, config): Adjust for Guile-JSON 3.
* guix/scripts/pack.scm (docker-image)[build]: Use GUILE-JSON-3.
* guix/import/github.scm (fetch-releases-or-tags): Update docstring.
(latest-released-version): Use 'assoc-ref' instead of 'hash-ref'. Pass
the result of 'fetch-releases-or-tags' to 'vector->list'.
* guix/import/launchpad.scm (latest-released-version): Likewise.
* gnu/system/linux-container.scm (dummy-networking-service-type): New
variable.
(containerized-operating-system): If network is shared with host, replace
static-networking-service-type with dummy-networking-service-type.
Fixes <https://bugs.gnu.org/36215>.
Reported by Björn Höfling <bjoern.hoefling@bjoernhoefling.de>.
This is a followup to 9c941364bf.
* gnu/system/vm.scm (system-docker-image)[build]: Set GUIX_LOCPATH and
call 'setlocale'.
* gnu/system/linux-container.scm (containerized-operating-system):
(container-script): Check for existence of the host nscd run directory in the
container script. This check should be run when the container is started, not
when the container script is created.
[network-mappings]: Delete variable.
[nscd-run-directory, nscd-mapping]: New variables.
This simplifies use of images created with 'guix system docker-image'.
* gnu/system/vm.scm (system-docker-image)[boot-program]: New variable.
[os]: Add it to the GC roots.
[build]: Pass #:entry-point to 'build-docker-image'.
* gnu/tests/docker.scm (run-docker-system-test): New procedure.
(%test-docker-system): New variable.
* doc/guix.texi (Invoking guix system): Remove GUIX_NEW_SYSTEM hack and
'--entrypoint' from the example. Mention 'docker create', 'docker
start', and 'docker exec'.
Previously, the 'essential-services' would correspond to the initial,
non-containerized OS. Thus, all the file systems removed in
'container-essential-services' would actually still be there because the
essential services would be computed on the non-containerized OS.
This is a followup to 69cae3d335.
* gnu/system/linux-container.scm (container-essential-services): Call
'operating-system-default-essential-services' to get the baseline
services.
(containerized-operating-system): Pass THIS-OPERATING-SYSTEM, not OS, to
'container-essential-services'.
Add a dummy root file system to 'file-systems'.
(container-script)[mountable-file-system?]: New procedure.
Use it.
Previously, 'guix system docker-image' would end up providing an OS that
would try to mount all of %CONTAINER-FILE-SYSTEMS as well as /gnu/store,
which is bound to fail in unprivileged Docker.
This patch makes it so that 'guix system container' still gets those
file systems, but 'guix system docker-image' doesn't.
* gnu/system/linux-container.scm (containerized-operating-system): Add
#:extra-file-systems parameter and honor it. Do not include
%STORE-MAPPING and SHARED-NETWORK-FILE-MAPPINGS.
(container-script): Add %STORE-MAPPING and optionally NETWORK-MAPPINGS
to MAPPINGS and pass #:extra-file-systems.
The default value of the argument REGISTER-CLOSURE? of the ISO9660-IMAGE,
QEMU-IMAGE and SYSTEM-DOCKER-IMAGE procedures can be computed automatically,
since the operating-system definition is available in its context. When the
operating-system definition does not contain the GUIX-SERVICE-TYPE, do not
register the closure in the database of Guix, as it takes time and doesn't
serve a purpose.
* gnu/system/vm.scm (has-guix-service-type): Add predicate.
(iso9660-image)[register-closures?]: Use it to compute the argument's default
value.
(qemu-image)[register-closures?]: Likewise, and update docstring.
(system-docker-image)[register-closures?]: Likewise.
(system-disk-image): Do not explicit a value for the REGISTER-CLOSURES?
argument of the ISO9660-IMAGE and QEMU-IMAGE procedure calls, so that its
default value is used instead.
* guix/scripts/system.scm (system-derivation-for-action): Do not explicit a
value for the REGISTER-CLOSURES? argument of the SYSTEM-DOCKER-IMAGE
procedure call, so that its default value is used instead.
* gnu/system/linux-container.scm (container-essential-services): If network is
to be shared with the host, remove network configuration files from etc
service.
(containerized-operating-system): If network is to be shared with the host,
remove nscd service and map host's /var/run/nscd if it exists.
(container-script): If network is to be shared with the host, do not create
network namespace.
* guix/scripts/system.scm (system-derivation-for-action): Add
#:container-shared-network? argument.
(perform-action): Add #:container-shared-network? argument.
(show-help): Add "-N, --network" help information.
(%options): Add network option.
(process-action): Call perform-action with #container-shared-network? argument.
* doc/guix.texi (Invoking guix system): Document the "-N, --network" option.
Co-authored-by: Christopher Baines <mail@cbaines.net>
* gnu/system/pam.scm (unix-pam-service): Add #:login-uid? parameter. In
then 'session' field, add "pam_loginuid.so" as required when LOGIN-UID?
is true.
Fixes <https://bugs.gnu.org/35582>.
Reported by sirgazil <sirgazil@zoho.com>.
Previously, leading zeros would be removed, leading to an "invalid"
UUID:
(uuid->string (uuid "00CA-050E" 'fat32))
⇒ "CA-50E"
(string->uuid "CA-50E" 'fat32)
⇒ #f
* gnu/system/uuid.scm (fat-uuid->string): Pad digits with zeros.
* tests/uuid.scm ("uuid, FAT32, leading zeros preserved"): New test.