This causes authentication failures such as those generated by SSH brute force
attacks to appear in /var/log/secure, which is picked up by tools such as
fail2ban.
* gnu/services/base.scm (%default-syslog.conf): Add a auth.info selector for
the /var/log/secure log.
Series-to: 62802@debbugs.gnu.org
This is a cosmetic change.
* gnu/services/base.scm (%default-syslog.conf): Add a comment referencing the
documentation. Strip the extraneous leading trailing white space indent.
Having the configuration live at a static location makes it possible to
hot-reload it.
* gnu/services/base.scm (syslog.conf): New variable.
(syslog-etc, syslog-shepherd-service): New procedures.
(syslog-service-type): Rewrite using the above new variable and procedures,
extending etc-service-type with its configuration file.
Previously, on a typical setup without "console=ttyS0" or similar in
'kernel-arguments', the 'term-console' Shepherd service would always be
marked as failing to start. This is undesirable because it raises a
false alarm: the service is expected to do nothing in this case.
This patch instead marks it as succeeding and logs a message explaining
it's doing nothing.
* gnu/services/base.scm (agetty-shepherd-service): In 'start' method,
succeed when TTY is #f and print a message.
Reported by bjc on #guix.
* gnu/services/base.scm (valid-name, cidr->netmask): Wrap in 'eval-when'
since they are used by "compile-time procedures" (macros).
The 'stop' method of Shepherd services is supposed to return #f on
success.
* gnu/services/base.scm (console-font-shepherd-services): 'stop' method
returns #f.
* doc/guix.texi (Base Services): Replace rngd-service with rngd-service-type.
Document <rngd-configuration>.
* gnu/services/base.scm (<rngd-configuration>): Set default values from
the values in the now deprecated 'rngd-service' procedure.
(rngd-service): Deprecate procedure.
(rngd-service-type): Set default value.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a regression introduce in 01334a61c7
that would prevent system cross-compilation (with "guix system image
--target=...") due to 'font-gnu-unifont' depending on 'perl-gd', which
currently cannot be cross-compiled.
* gnu/services/base.scm (%default-console-font, kmscon-service-type):
Refer to 'font-gnu-unifont' with 'ungexp-native'.
It has even better language support than LatGrkCyr-8x16 and can show
fancy progress bars.
* gnu/services/base.scm (%default-console-font): Use unifont.
* gnu/services/base.scm (<host>): New record type.
(host): New procedure.
(hosts-service-type): New variable.
* doc/guix.texi (Service Reference): Document it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/base.scm (<greetd-terminal-configuration>)[source-profile?]:
New field.
(make-greetd-terminal-configuration-file): Serialize new field to
configuration file.
* doc/guix.texi (Base Services): Document it.
This provides glyphs for additional fonts such as Amharic that were
otherwise missing.
Fixes <https://issues.guix.gnu.org/60164>.
Reported by Wolf <wolf@wolfsden.cz>.
* gnu/services/base.scm (kmscon-service-type): In 'start' method,
pass #:environment-variables to set 'XDG_DATA_DIRS'.
This reduces the closure size of systems by removing one glibc
copy--namely (@ (gnu packages base) glibc) in addition to (@ (gnu
packages commencement) glibc-final).
* gnu/services/base.scm (<nscd-configuration>)[glibc]: Change default
value to use 'let-system' and 'canonical-package' as appropriate.
* gnu/services/base.scm (<greetd-configuration>)
[greeter-supplementary-groups]: New field.
(%greetd-accounts): Rename to...
(greetd-accounts): ... this. Convert to a function that takes a config
argument. Use greeter-supplementary-groups.
(greetd-service-type): Adjust accordingly.
* gnu/tests/desktop.scm (%minimal-services): Add test for
greeter-supplementary-groups.
* doc/guix.texi ("Base Services")[greetd-service-type]: Document
greeter-supplementary-groups.
* gnu/services/base.scm (greetd-service-type): New variable
* gnu/services/base.scm (greetd-configuration): New data type
* gnu/services/base.scm (greetd-terminal-configuration): New data type
* gnu/services/base.scm (greetd-agreety-session): New data type
* gnu/services/base.scm (pam-limits-service-type): Should be aware of
greetd PAM service
* gnu/services/pam-mount.scm (pam-mount-pam-service): Should be aware
of greetd PAM service
Signed-off-by: Lars-Dominik Braun <ldb@leibniz-psychology.org>
Fixes <https://issues.guix.gnu.org/55707>.
Previously Inetutils' syslogd would call 'fsync' after each line written
to a file. This would significantly increase boot times on machines
with slow-ish spinning HDDs, where each 'fsync' call would take between
0.1s and 0.4s (and we'd do two of them for each line, one for
/var/log/messages and one for /var/log/debug).
* gnu/services/base.scm (%default-syslog.conf): Add a '-' before each
file name, except /var/log/secure. Change what goes to /var/log/debug.
