With offloading to a childhurd is enabled, allowing password-less root
login in the childhurd to anyone amounts to providing write access to
the host’s store to anyone. Thus, disable password-based root logins in
the childhurd.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Change
‘permit-root-login’ to 'prohibit-password.
* gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’
field for ‘hurd-vm-configuration’.
* doc/guix.texi (Virtualization Services): Remove mention of
password-less root login.
* gnu/services/base.scm (guix-machines-files-installation): New
procedure.
(<guix-configuration>)[build-machines]: New field.
(guix-activation): Call ‘ guix-machines-files-installation’.
(<guix-extension>)[build-machines]: New field.
(guix-extension-merge): Handle it.
(guix-service-type)[extend]: Likewise.
* doc/guix.texi (Daemon Offload Setup): Add note linking to
‘guix-configuration’.
(Base Services): Document ‘build-machines’ field of <guix-configuration>
and of <guix-extension>.
(Virtualization Services): Add ‘hurd-vm’ anchor.
* doc/contributing.texi (The Perfect Setup)
<Viewing Bugs within Emacs>: Properly quote Elisp functions. Add 'require'
directives. Set BUG-REFERENCE-URL-FORMAT so the configuration is
self-contained.
Suggested-by: Mekeor Melire <mekeor@posteo.de>
* configure.ac: Check for ‘git’ and substitute ‘GIT’.
* guix/config.scm.in (%git): New variable.
* guix/self.scm (compiled-guix): Define ‘git’ and pass it to
‘make-config.scm’.
(make-config.scm): Add #:git; emit a ‘%git’ variable.
* doc/guix.texi (Requirements): Add it.
* doc/contributing.texi (Circular Module Dependencies): New subsection.
Series-version: 2
Series-to: 65860@debbugs.gnu.org
Patch-cc: mhw@netris.org
Cover-letter:
Resolve a circular module dependencies in embedded modules
This series is the culmination of at least a day of effort tracking down the
source of a module dependency cycle (!). The last commit adds some guidelines
in the hope to avoid a repeat (perhaps 'lint' could be taught to
automate these checks).
END
Lack of clarity reported by lrustland on IRC.
* doc/contributing.texi (Running Guix Before It Is Installed): Refer to
the Building from Git section when giving instructions for generating
the pre-inst-env script.
Until 209204e23b and
d57cab7641, the default image type used by "guix
system image" was an MBR image with an ESP partition.
Having both an MBR image and an ESP partition is handy because the image will
boot on most x86 based systems using legacy BIOS and/or UEFI.
We now have a distinction between MBR images and EFI images. Introduce a new
MBR hybrid image type and default to it to restore the default behaviour.
This also fixes the images section of (gnu ci) that was trying to install a
BIOS bootloader on an EFI, GPT image and failing to do so.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
This fixes a regression introduced with 79cfe30f3 ("build-system: emacs: Use
subdirectories again.") which caused the 'guix-emacs-autoload-packages' to no
longer be able to autoload all packages.
* gnu/packages/aux-files/emacs/guix-emacs.el
(guix-emacs-autoload-packages): Reload subdirs.el files unless NO-RELOAD is
provided. Update docstring.
* doc/guix.texi (Application Setup): Document that
‘guix-emacs-autoload-packages’ can be invoked interactively to auto-reload
newly installed Emacs packages.
* gnu/packages/emacs.scm (emacs)[arguments]<#:phases>: Call
guix-emacs-autoload-packages with an argument in the site-start.el file.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Geiser now has support locating the project root and adding it to the load
path without external help; leverage it.
* .dir-locals.el [nil]: Remove obsolete Geiser configuration. Set the
geiser-repl-per-project-p variable to t.
* doc/contributing.texi (The Perfect Setup): No longer mention explicitly
setting the geiser-guile-load-path; instead mention the effect of the
.dir-locals.el file.
Reported-by: Wolf <wolf@wolfsden.cz>
* doc/guix.texi (Invoking guix shell): Explain that python must be included in
the invocation even if it is already available in the external environment.
Suggested-by: Skyler <skyvine@protonmail.com>
* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New
field.
(user-account-home-directory-permissions): New accessor.
* gnu/build/activation.scm (activate-users+groups): Use home directory
permission bits from the user account object.
* doc/guix.texi (User Accounts): Document new field.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
* gnu/system/image.scm (mbr-disk-image, mbr-raw-image-type): New variables.
(qcow2-image-type): Inherit mbr-disk-image.
* guix/scripts/system.scm (%default-options): Use mbr-raw-image-type by
default.
* gnu/tests/install.scm (run-install): Use mbr-raw in the tests.
* doc/guix-cookbook.texi (Guix System Image API): Update the list of image
types.
* doc/guix.texi (Invoking guix system, System Images, image-type Reference):
Add mbr-raw and switch documented default to it.
This is intended to replace the functionality of the Guix Build Coordinator
queue builds script, and also provide a web interface for build farms.
* gnu/services/guix.scm (<bffe-configuration>): New record type.
(bffe-configuration, bffe-configuration?,
bffe-configuration-package,
bffe-configuration-user,
bffe-configuration-group,
bffe-configuration-arguments
bffe-configuration-extra-environment-variables): New procedures.
(bffe-service-type): New variable.
* gnu/tests/guix.scm (%test-bffe): New variable.
* doc/guix.texi (Guix Services): Document the new service.
* doc/guix.texi (Daemon Offload Setup:): Clarify 'user' field of build-machine
data type and the key pair used by guix archive.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/home/services/syncthing.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/services/syncthing.scm (<syncthing-configuration>)[home-service?]:
New field.
Adjust 'provision' and 'requirement' depending on 'home-service?', and
likewise for #:user and #:group.
Use 'filter' + 'negate' instead of 'remove'.
* doc/guix.texi (Networking Services): Add note and cross-reference to
"Networking Home Services".
(Networking Home Services): New node.
* gnu/home/services/dict.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/services/dict.scm (<dicod-configuration>)[home-service?]: New
field.
(dicod-shepherd-service): Do not map /dev/log when 'home-service?' is
true. Remove 'user-processes' requirement when 'home-service?' is
true.
(dicod-shepherd-service): Set #:user and #:group to #f when
'home-service?' is true.
* doc/guix.texi (Miscellaneous Home Services): New node.
(Miscellaneous Services): Add cross-reference.
* doc/guix-cookbook.texi (Using security keys)
<Disabling OTP code generation for a Yubikey>: New subsection.
Reviewed-by: John Kehayias <john.kehayias@protonmail.com>
* doc/guix.texi (Invoking guix time-machine): Document limitation.
* guix/inferior.scm (cached-channel-instance): New VALIDATE-CHANNELS
argument. Use it to validate channels when there are no cache hit.
* guix/scripts/time-machine.scm
(%options): Tag the given reference with 'tag-or-commit instead of 'commit.
(%oldest-possible-commit): New variable.
(guix-time-machine) <validate-guix-channel>: New nested procedure. Pass it to
the 'cached-channel-instance' call.
* tests/guix-time-machine.sh: New test.
* Makefile.am (SH_TESTS): Register it.
Suggested-by: Simon Tournier <zimon.toutoune@gmail.com>
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
Reviewed-by: Simon Tournier <zimon.toutoune@gmail.com>
ddclient is unmaintained as of 2023-07-04 [1] and this service has been broken
for a while [2]. Remove it rather than shipping a broken service for an
unmaintained program that's unlikely to be fixed.
[1]: <https://github.com/ddclient/ddclient>
[2]: <https://issues.guix.gnu.org/52770>
This reverts commit 8490a8346b.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Add 'createAccount?', 'uid' and 'gid' to <postgresql-configuation>.
Unlike other system daemons, the PostgreSQL data directory is typically
meant to persist across 'guix system reconfigure' and once created, you
don't want it's UID or GID to change anymore.
Furthermore, if you want to place the data directory on a network share
and use NFSv4 with idmap, then the 'postgres' user must exist when the
'rpc.idmapd' daemon is launched; prior to mounting the share. And it
needs to be possible to mount the share without configuring PostgreSQL.
With NFSv3, the UID and GID typically needs to match those on the
server.
The added options allow for both of these scenarios:
You can either create the user in (operating-system (users)) completely
independently of the 'postgresql-service-type' (for instance to get your
NFS setup working first prior to configuring your databases) - or "pin"
it's UID / GID values.
* gnu/services/databases.scm (<postgresql-configuration>)[create-account?]
[uid, gid]: New fields.
(%postgresql-accounts): Remove.
(create-postgresql-account): New procedure.
(postgresql-service-type)[extensions]: Use it.
* doc/guix.texi (Database Services): Update accordingly.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Thanks to Bruno Victal "mirai" for cooperating on this patch and for
generously sharing a wealth of insights about Guix services.
Thanks to Jean-Baptiste Note for an early version of this service!
* doc/guix.texi (Linux Services)[Cachefilesd Service]: New heading.
* gnu/services/linux.scm (serialize-string, non-negative-integer?)
(serialize-non-negative-integer, string, non-negative-integer)
(make-option-serializer, make-percentage-threshold-serializer): New
procedures.
(cachefilesd-configuration): New record type.
(cachefilesd-service-type): New variable.
* gnu/tests/cachefilesd.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Co-authored-by: Bruno Victal <mirai@makinata.eu>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/databases.scm (postgresql-role): Add more role fields.
(postgresql-create-roles): Honor it.
* doc/guix.texi (Database Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/desktop.scm (kde-desktop-service-type): New variable.
(<kde-desktop-configuration>): New record type.
(kde-desktop-configuration): New procedure.
* doc/guix.texi (Desktop Services): Document it.
Co-authored-by: Zheng Junjie <873216071@qq.com>
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
* doc/guix.texi (Invoking guix import): Mention "--recursive" option.
(Using TeX and LaTeX): Improve documentation of modular TeX Live. Insist on
the incompatibility with TEXLIVE package, and expound part about collections
and schemes. Also fix the call to `tlmgr', which does not need to happen from
a "guix shell" invocation.
Co-authored-by: Andreas Enge <andreas@enge.fr>
With suggestions by Iku-Tulo Vilutar <ikutulovilutar@gmail.com>.
Fixes <https://issues.guix.gnu.org/65572>.
* doc/guix.texi (System Installation): Add suggestion when
booting the installer fails with a black screen.
Since commit ca8acad3 ("build: Add dependency on guix script for help2man
targets."), the $< special Make variable in the recipe was matching
scripts/guix instead of the more specific 'guix/scripts/%.scm' source.
* doc/local.mk ($(srcdir)/%D%/guix-%.1): Move the scripts/guix prerequisite to
the end.
The `pam-mount-volumes-service-type' adds additional volumes to the
pam-mount-service-type in addition to any that are already specified in
`pam-mount-rules'.
* doc/guix.texi (PAM Mount Volume Service): add documentation for
`pam-mount-service-type'.
* gnu/services/pam-mount.scm: new file.
* Makefile.am: add pam-mount tests
* tests/services/pam-mount.scm: new tests
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This reverts commit e9a5eebc78, which
as far as I can tell breaks system roll-backs thusly:
[...]
In gnu/build/accounts.scm:
239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >)
In unknown file:
2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>)
In ice-9/boot-9.scm:
1685:16 1 (raise-exception _ #:continuable? _)
1685:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t
* gnu/services/admin.scm (%default-package-database-update-schedule):
New variable.
(<package-database-configuration>): New record type.
(package-database-mcron-jobs): New procedure.
(package-database-service-type): New variable.
* doc/guix.texi (File Search Services): Document it.
* gnu/services/admin.scm (%default-file-database-update-schedule)
(%default-file-database-excluded-directories): New variables.
(<file-database-configuration>): New record type.
(file-database-mcron-jobs): New procedure.
(file-database-service-type): New variable.
* doc/guix.texi (File Search Services): New node.
Relates to <https://issues.guix.gnu.org/63082>.
* doc/guix.texi (Audio Services): Do not use a deprecated user form; keep the
default one. Remove port. Specify a music-directory. Mention the importance
of permissions on the music directory.
Relates to <https://issues.guix.gnu.org/63082>.
* gnu/services/audio.scm (mpd-shepherd-service): Create a default .cache
directory. Use mkdir-p/perms and refactor loop. Set the HOME environment
variables.
Relates to <https://issues.guix.gnu.org/63082>.
* gnu/services/audio.scm (mpd-output) [mixer-type]: Change default value from
"none" to unspecified.
* doc/guix.texi (Audio Services): Regenerate doc.
Rationale: the tristate value was awkward to deal with, the default log file
name was odd (/var/log/mpd/log) and it required special attention to create
the 'mpd' parent directory as root and chowning it to the MPD user. It also
didn't match the default behavior of MPD, which is to log to systemd or syslog
unless a log file is specified.
* gnu/services/audio.scm (mpd-log-file-sanitizer): New procedure.
(mpd-configuration) [log-file]: Remove default maybe value. Add sanitizer.
(mpd-shepherd-service): Validate the log file parent directory exists and has
the right permissions. Conditionally add syslogd to requirements.
(mympd-log-to-sanitizer): New procedure.
(mympd-configuration) [log-to]: Change type to maybe-string. Update doc and
add sanitizer.
(mympd-shepherd-service) [requirement]: Fix to use syslogd. Adjust
accordingly.
[start] Adjust accordingly.
(mympd-log-rotation): Check log-to via maybe-value-set?.
* doc/guix.texi (Audio Services): Update doc.
* gnu/services/audio.scm (mpd-configuration) [log-level]: List log-level in
decreasing verbosity order in doc.
* doc/guix.texi (Audio Services): Update doc.
Previously, the generated config file would contain arbitrary whitespace that
made it look ugly.
* gnu/services/vpn.scm (<wireguard-configuration>) [dns]: Change default value
from #f to '().
(wireguard-configuration-file): Use match-record. Format each line
individually, assembling the lines at the end to avoid extraneous white space.
* doc/guix.texi (VPN Services): Update doc.
At this point, there are three equivalent TeX Live sub-systems:
texlive-scheme-basic, texlive-tiny, and (texlive-updmap.cfg). It is confusing
to keep so many around.
* doc/contributing.texi (Submitting Patches): Remove reference to
TEXLIVE-TINY.
* gnu/packages/algebra.scm (pari-gp)[native-inputs]:
(giac)[native-inputs]:
* gnu/packages/chez.scm (chez-sockets)[native-inputs]:
* gnu/packages/engineering.scm (fastcap)[native-inputs]:
* gnu/packages/gettext.scm (po4a)[native-inputs]:
* gnu/packages/maths.scm (cddlib)[native-inputs]:
(gnuplot)[native-inputs]:
(itpp)[native-inputs]:
* gnu/packages/ocaml.scm (unison)[native-inputs]:
* gnu/packages/pdf.scm (extractpdfmark)[native-inputs]:
* gnu/packages/photo.scm (enblend-enfuse): Replace TEXLIVE-TINY with a call to TEXLIVE-UPDMAP.CFG.
* gnu/packages/radio.scm (gnuradio)[native-inputs]: Remove unnecessary
TEXLIVE-TINY.
* gnu/packages/tex.scm (texlive-tiny): Deprecate it in favor of TEXLIVE-SCHEME-BASIC.
(texlive-makecmds)[native-inputs]: Replace TEXLIVE-TINY with a call to TEXLIVE-UPDMAP.CFG.
* guix/lint.scm (check-inputs-should-be-native): Check only for
"texlive-updmap.cfg" input name.
* doc/guix.texi (Invoking guix import): "texlive.tlpdb" is located in
TEXLIVE-SCRIPTS package.
(Using TeX and LaTeX): Mention collections and schemes as a starting point.
Illustrate it with an updated example. Update tiny TODO list. Fix call to
"tlmgr".
Although `latex-base' is clearly defined on CTAN, it isn't a proper TeX Live
package. Since we're trying to follow as closely as possible this TeX
distribution, we replace the package with the closest one, which is
`texlive-latex-bin'. As a consequence, the #:TEXLIVE-LATEX-BASE argument
becomes #:TEXLIVE-LATEX-BIN?, emphasizing the fact that the meaningful values
for it are booleans.
* gnu/packages/graphviz.scm (dot2tex)[propagated-inputs]: Remove
TEXLIVE-GRAPHICS, TEXLIVE-LATEX-BASE. Add TEXLIVE-LATEX-BIN.
* gnu/packages/plotutils.scm (asymptote)[native-inputs]: Remove
TEXLIVE-LATEX-BASE, TEXLIVE-GRAPHICS, TEXLIVE-L3BACKEND. Use
TEXLIVE-UPDMAP.CFG.
* gnu/packages/sphinx.scm (python-sphinx)[propagated-inputs]: Remove
TEXLIVE-GRAPHICS, TEXLIVE-LATEX-BASE. Add TEXLIVE-LATEX-BIN.
* gnu/packages/tex.scm (texlive-latex-base): Deprecate variable.
(texlive-hyphen-complete):
(texlive-tex):
(texlive-latex):
(texlive-docstrip):
(texlive-unicode-data):
(texlive-hyphen-base):
(texlive-tex-ini-files):
(texlive-metafont):
(texlive-modes):
(texlive-knuth-lib):
(texlive-latex-fonts):
(texlive-etex):
(texlive-plain):
(texlive-kpathsea):
(texlive-latexconfig):
(texlive-latex-bin):
(texlive-l3kernel):
(texlive-l3backend):
(texlive-l3packages):
(texlive-luatex):
(texlive-luahbtex):
(texlive-babel):
(texlive-cyrillic):
(texlive-pdftex):
(texlive-cm)[arguments]: Replace #:TEXLIVE-LATEX-BASE with #:TEXLIVE-LATEX-BIN?.
(texlive-lm):
(texlive-lua-alt-getopt):
(texlive-luaotfload):
(texlive-graphics-def):
(texlive-graphics-cfg): Set #:TEXLIVE-LATEX-BIN? to #F.
(texlive-graphics):
(texlive-lualibs):
(texlive-firstaid):
(texlive-atveryend)[arguments]: Set #:TEXLIVE-LATEX-BIN? to #F.
[native-inputs]: Add TEXLIVE-DOCSTRIP, TEXLIVE-PDFTEX.
(texlive-updmap.cfg): Remove TEXLIVE-CM, TEXLIVE-GRAPHICS,
TEXLIVE-LATEX-BASE. Add TEXLIVE-LATEX-BIN.
(texlive-atbegshi)[arguments]: Set #:TEXLIVE-LATEX-BIN? to #F.
[native-inputs]: Add TEXLIVE-DOCSTRIP, TEXLIVE-PDFTEX.
[propagated-inputs]: Remove TEXLIVE-IFTEX, TEXLIVE-INFWARERR and
TEXLIVE-LTXCMDS.
(texlive-everyshi)[arguments]: Build package with a temporary "latex.fmt"
file.
(texlive-cyrillic): Set #:TEXLIVE-LATEX-BIN? to #T.
* guix/build-system/texlive.scm (default-texlive-latex-base): Rename to
TEXLIVE-LATEX-BIN.
(lower): Set default value for TEXLIVE-LATEX-BIN? to #TRUE.
* gnu/packages/statistics.scm (r-with-tests): Remove TEXLIVE-LATEX-BASE and
TEXLIVE-GRAPHICS.
* doc/guix.texi (Build Systems): Document #:TEXLIVE-LATEX-BIN? argument.
Remove reference to #:TEXLIVE-LATEX-BASE.
* gnu/packages/tex.scm (texlive-base): Deprecate variable.
(texlive-updmap.cfg): Use default packages from now deprecated TEXLIVE-BASE.
Also remove already implemented TODO.
* doc/build.scm (pdf-manual):
* gnu/packages/statistics.scm: Replace TEXLIVE-BASE with call to
TEXLIVE-UPDMAP.CFG.
* guix/profiles.scm (texlive-font-maps): Trigger TeX Live hook whenever
a texlive package is included in the manifest.
* guix/build-system/texlive.scm (texlive-build): Add #:CREATE-FORMATS argument.
* doc/guix.texi (Build Systems): Document it.
* guix/build/texlive-build-system.scm (texlive-input?): New function.
(generate-font-metrics): Use new function above.
(create-formats): New function.
(%standard-phases): Add function above to phases.
* guix/build/texlive-build-system.scm (install-as-runfiles):
(generate-font-metrics): New function.
(build): Use INSTALL-AS-RUNFILES.
(%standard-phases): Add new phase.
* guix/build/texlive-build-system.scm (build): Ignore temporary build files
when moving runfiles around. Remove ".drv" source files prior to compiling
files. Remove need for #:TEX-DIRECTORY keyword. Handle ".ins" and ".dtx"
files in different directories.
(install): Install docfiles in "doc" output when available.
* guix/build-system/texlive.scm (texlive-build): Remove #:TEX-DIRECTORY.
* doc/guix.texi (Build Systems): Remove reference to #:TEX-DIRECTORY in
TEXLIVE-BUILD-SYSTEM documentation. Also mention it now tries to compile
".dtx" files when there is no ".ins" file.
* gnu/packages/patches/gnumach-support-noide.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/hurd.scm (gnumach-headers): Use it.
* doc/guix.texi (Bootloader Configuration): Document it.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
* gnu/home/services/shells.scm (home-inputrc-service-type,
home-inputrc-configuration): New variables.
(serialize-inputrc-key-bindings, serialize-inputrc-variables,
serialize-inputrc-conditional-constructs,
serialize-inputrc-extra-content): New procedures.
* doc/guix.texi (Shells Home Services): Document it.
From man 5 ssh_config:
Unless noted otherwise, for each parameter, the first obtained value
will be used.
We want to allow falling through to the first explicitly chosen user
defined value.
* gnu/home/services.ssh.scm (define-maybe boolean): New configuration.
(openssh-host)[forward-x11?, forward-x11-trusted?, forward-agent?,
compression?]: Replace default value with maybe-boolean.
* doc/guix.texi (Secure Shell): Update documentation to match the
changes in the code.
Move away from using staging and core-updates, and make the strategy
independant of branch names.
Keep the 300 dependent threshold for changes to master, as I don't have any
specific reason to change this.
Most importantly, require using guix-patches issues to coordinate merging of
the branches, as I think that'll address the key issues that have shown up
recently where it's been unclear which branch should be merged next.
* doc/contributing.texi (Submitting Patches): Move the branching strategy to a
new Managing Patches and Branches section.
(Managing Patches and Branches): New section.
(Commit Policy): Simplify through referencing the new Managing Patches and
Branches section.
Signed-off-by: Christopher Baines <mail@cbaines.net>
* gnu/home/services/ssh.scm (<home-openssh-configuration>)[add-keys-to-agent]:
New field.
(serialize-add-keys-to-agent): New procedure.
(openssh-configuration->string): Use it.
* doc/guix.texi (Secure Shell): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
In an effort to homogenize things, commit
3c40dfe285 replaced:
@deffn {Scheme Procedure}
with:
@defun
However, the latter prints "Function" when all existing material about
Scheme uses the term "procedure".
Thus, for consistency, this commit switches to:
@deffn {Procedure}
* doc/guix.texi, doc/contributing.texi: Use "@deffn {Procedure}"
consistently rather than "@defun" or similar.
Thanks to Alexandros Prekates and Markku Korkeala for pointing out the bug in
the documentation. [1]
[1] https://lists.gnu.org/archive/html/help-guix/2023-05/msg00220.html
* doc/gnu.texi (Secure Shell): Replace reference to non-existing (gnu home
services ssh-agent)
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
screen-locker-service-type by default does both define PAM entry
and make program setuid binary. Normally both methods are
mutually exclusive, if binary has setuid set it does not really
needs PAM, otherway around also similar, if PAM is enabled
binary should not relay on setuid.
Recent swaylock package now compiled with PAM support. When PAM
support is compiled in, swaylock rejects executing if binary is
also setuid program.
This change turns screen-locker-configuration from strict
PAM AND setuid to more flexible PAM AND/OR setuid. Allowing
swaylock to be configured properly while supporting other
screen locker preferences.
* gnu/services/xorg.scm (screen-locker-configuration): Switch from
define-record-type to define-configuration.
[using-pam?]: New field to control PAM entry existence.
[using-setuid?]: New field to control setuid binary existence.
(screen-locker-pam-services): Should not make unix-pam-service if
using-pam? is set to #f.
(screen-locker-setuid-programs): Should not make program setuid
program if using-setuid? is set to #f.
(screen-locker-generate-doc): Internal function to generate
configuration documentation.
(screen-locker-service): Adapt to new screen-locker-configuration.
* gnu/services/desktop.scm (desktop-services-for-system): Adapt to
new screen-locker-configuration.
* doc/guix.texi: Reflect new changes to screen-locker-configuration.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
* guix/upstream.scm (update-package-inputs)[filtered-inputs]
[regular-inputs, native-inputs, propagated-inputs]: New procedures.
Use them in 'update-field' calls.
* tests/guix-refresh.sh (GUIX_TEST_UPDATER_TARGETS): Add "libreoffice"
to the dependencies of "the-test-package". Add 'updater-ignored-inputs'
property to "the-test-package".
* doc/guix.texi (Invoking guix refresh): Document it.
Previously, 'guix refresh r-ggplot2 -u' and similar commands would print
of list of input changes that would have to be made manually. With this
change, 'guix refresh -u' takes care of updating input fields
automatically.
* guix/upstream.scm (update-package-inputs): New procedure.
(update-package-source): Call it when 'upstream-source-inputs' returns
true.
* guix/scripts/refresh.scm (update-package): Remove iteration over the
result of 'changed-inputs'.
* guix/import/test.scm (available-updates): Add support for input
lists.
* tests/guix-refresh.sh (GUIX_TEST_UPDATER_TARGETS): Add input list for
"the-test-package".
Make sure 'guix refresh -u' updates 'inputs' accordingly.
* doc/guix.texi (Invoking guix refresh): Mention it.
* gnu/home/services/mail.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Mail Home Services): New node.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Prior to ceb5ef8347, (@ (gnu packages
texinfo) texinfo), which is what is used here, was pointing to version 6.7.
* doc/build.scm (html-manual-identifier-index)[build](worthy-entry?):
Adjust patterns for Texinfo 6.8.
(syntax-highlighted-html)[build](syntax-highlight): Likewise.
* doc/guix.texi (SELinux Support): Add note about 'guix-install.sh'.
Provide the absolute file name of 'guix-daemon.cil'. Wrap important
commands in @example. Suggest relabeling just /gnu and /var/guix
instead of all of /. Add "systemctl restart guix-daemon".
The documentation for git send-email recommends the use of an equal sign when
specifying a recipient with the --to option. [1] Adjusts the reference manual
accordingly.
[1] https://git-scm.com/docs/git-send-email
* doc (contributing.texi): Specify recipient via equal sign in
'git send-email --to'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The default was an empty list which would remove any ~/.ssh/authorized_keys
file and replace it with a symlink to an empty file. On some systems, notably
Ubuntu 22.10, the guix home generated ~/.ssh/authorized_keys file does not
allow login.
* doc/guix.texi (Secure Shell): Update, describe default #false value.
* gnu/home/services/ssh.scm (<home-openssh-configuration>)
[authorized-keys]: Change default to #f.
(openssh-configuration-files): Cater for default #f value: Do not register
"authorized_keys".
Passing '-DBUILD_COMPLEX=OFF' to lapack would eventually lead to a link
error.
Reported by Florian Pelz <pelzflorian@pelzflorian.de>.
* doc/guix.texi (Package Transformation Options): Change
'--with-configure-flag' example.
* etc/news.scm: Likewise.
* gnu/services/guix.scm (nar-herder-configuration-extra-environment-variables):
New procedure.
(nar-herder-shepherd-services): Pass the environment variables to the
shepherd.
* doc/guix.texi (Guix Services): Document it.
This should be usable with the new guile-gnutls.
* gnu/services/guix.scm
(guix-build-coordinator-agent-configuration-max-parallel-uploads): New
procedure.
* gnu/services/guix.scm (guix-build-coordinator-agent-shepherd-services): Use
the new argument.
* doc/guix.texi (Guix Services): Document it.
I'm looking at this because I need to do some debugging of Guile's GC, and
there are some useful environment variables for that, but it should be
generally useful.
* gnu/services/guix.scm (guix-build-coordinator-configuration-extra-environment-variables):
New procedure.
(guix-build-coordinator-shepherd-services): Pass the environment variables to
the shepherd.
* doc/guix.texi (Guix Services): Document it.
Automated via 'M-x texinfo-all-menus-update' in Emacs, and dropping
the *Contributing menu removal, which is erroneously removed because defined
in a different Texinfo file.
* doc/guix.texi: Update all menus.
* doc/contributing.texi (Submitting Patches): Likewise.
The section insisted on GUIX_PACKAGE_PATH, mentioned version 0.16, and
didn't say much about channels, which made it look obsolete.
* doc/guix-cookbook.texi (GUIX_PACKAGE_PATH): Remove section.
(Guix channels): Rename to...
(Channels): ... this. Merge most of the explanations previously in the
GUIX_PACKAGE_PATH section. Say more about channels and add
cross-references.
Fixes <https://issues.guix.gnu.org/58813>. No longer suggests to splice the
output of etc/teams.scm commands into the 'git send-email' command line; this
is now transparently handled by the Git configuration, which is also
automatic.
* doc/contributing.texi (Configuring Git): Streamline section, now automated
via Automake.
(Sending a Patch Series): Do not specify options configured as default by the
above. Prefer long option names, for readability.
(Teams): Rewrite the examples to use --header-cmd.
(Commit Access): Refer to the Configuring Git section instead of detailing
manual steps.
Due to (now renamed) 'hidden-service' record type not being exported, the only
way Onion services (formely hidden services) could have worked is through the
now deprecated 'tor-hidden-service' procedure.
This commit updates the Tor service documentation, corrects some inconsistently
named accessors in <tor-configuration> record-type, renames and refactors
tor-hidden-service-configuration to tor-onion-service-configuration using
define-configuration and also exports it, allowing Onion services to be
configured directly within a <tor-configuration> record.
Lastly, it also deprecates the 'tor-hidden-service' procedure.
* doc/guix.texi (Networking Services): Substitute mentions of “Hidden services”
with “Onion Services”. Add a Tor Onion service configuration example.
Document <tor-onion-service-configuration>. Remove mention of
'tor-hidden-service' procedure.
* gnu/services/networking.scm: Export tor-configuration-tor,
tor-configuration-config-file, tor-configuration-hidden-services,
tor-configuration-socks-socket-type, tor-configuration-control-socket-path,
tor-onion-service-configuration, tor-onion-service-configuration?,
tor-onion-service-configuration-name, tor-onion-service-configuration-mapping.
(<tor-configuration>)[control-socket?]: Rename accessor.
(<hidden-service>): Replace with …
(<tor-onion-service-configuration>): … this.
(tor-configuration->torrc): Update record-type name.
(tor-activation): Ditto.
(tor-hidden-service-type): Remove variable.
(tor-hidden-service): Deprecate procedure.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Add a new 'proxy' field to openssh-host to allow ProxyCommand or
ProxyJump, but not both, to be configured. Configuring both would cause
the serialization order to determine which one is used. Deprecate the
'proxy-command' field because the 'proxy' field replaces it.
* gnu/home/services/ssh.scm (proxy-jump->string,
proxy-command-or-jump-list?, serialize-proxy-command-or-jump-list,
sanitize-proxy-command): New procedure.
(proxy-jump, proxy-command): New record type.
(openssh-host)[proxy-command]: Mark field as deprecated because OpenSSH
can't have ProxyCommand and ProxyJump configured at the same time.
* doc/guix.texi (Secure Shell): Update to match the changes to the
service.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rationale: Even though the section 'X.509 Certificates' is part of the
System Configuration chapter, readers might also come here from a
cross-reference when reading about Application Setup on a foreign
distro.
* doc/guix.texi (System Configuration)[X.509 Certificates]: Clarify.
* gnu/home/services/gnupg.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (GNU Privacy Guard): New node.
(Secure Shell): Link to it.