* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported. Include privileged-program-capabilities
in the compatibility hack.
* gnu/system.scm (<operating-system>): Add new privileged-programs
field, that defaults to…
(%default-privileged-programs): …this new variable, renamed from…
(%setuid-programs): …this, which is now defined as the empty list.
* doc/guix.texi (Setuid Programs): Rename this…
(Privileged Programs): …to this. Adjust all refs. Update all mentions
of ‘setuid’ (whether in prose, variable names, or code samples) to use
the new ‘privilege[d]’ terminology instead.
(operating-system Reference, X Window, Invoking guix system)
(Service Reference): Adjust likewise.
Create /run/setuid-programs compatibility symlinks so that we can
migrate all users (both package and human) piecemeal at our leisure.
Apart from being symlinks, this should be a user-invisible change.
* gnu/build/activation.scm (%privileged-program-directory): New variable.
[activate-setuid-programs]: Put privileged copies in
%PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in
%SETUID-DIRECTORY.
* gnu/services.scm (setuid-program-service-type): Update docstring.
* doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
* doc/guix.texi (Desktop Services): Use a straight list for the list of
service types, rather than hiding them in one growing paragraph of prose.
Explain their purpose in general terms beneath it.
Change-Id: I2408ccf38dd62323138854cc5aa46051d2a076ac
* doc/guix.texi (Limitations): Now that KDE Plasma is available,
rewrite the seemingly-exhaustive list to be more general.
Change-Id: I41450302837c963d5f811211e5a498a04f938e55
The example was missing the (gnu packages package-management) import, so it
did not work. While the module was mentioned below, I overlooked the
sentence. So add it also into the example to make it more obvious.
* doc/guix.texi (Customizing the System-Wide Guix): Add import to example.
Change-Id: Ibc5b0be87d40531397660a3b0747f83b851b004b
Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de>
* gnu/services/docker.scm (oci-container-configuration)
[shepherd-actions]: New field.
(sanitize-shepherd-actions): sanitize it.
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: I0ca9826542be7cb8ca280a07a9bff1a262c2a8a7
Signed-off-by: Zheng Junjie <zhengjunjie@iscas.ac.cn>
* gnu/services/docker.scm (oci-container-configuration)
[respawn?]: New field.
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: I0d6367607fd0fd41f90a54b33d80bf4d4f43dd8b
Signed-off-by: Zheng Junjie <zhengjunjie@iscas.ac.cn>
* gnu/services/docker.scm (oci-container-configuration)
[auto-start?]: New field.
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: Id093d93effbbec3e1be757f8be83cf5f62eaeda7
Signed-off-by: Zheng Junjie <zhengjunjie@iscas.ac.cn>
* gnu/services/docker.scm (oci-container-configuration)
[log-file]: New field.
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: Icad29ac6342b6f5bafc0d9be13a93cee99674185
In the absence of the /etc/guix/channels.scm file, %default-channels is used
anyway. If user manually (or by extra-special-file) created the file, we
should respect it. This commit therefore changes the default to #f, hopefully
having zero impact on people not actively using the `channels' field.
* gnu/services/base.scm (<guix-configuration>)[channels]: Set default to #f.
Change-Id: I516c1735a037a153fabbebfc337051aaf0be2155
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
When extra-content is a list, add 4 space indentation and a newline to every
line. If it's a string, continue inserting it directly. This makes the list
serialization behavior more consistent with other services.
* gnu/services/web (default-nginx-config): Support lists.
* doc/guix.texi (Web Services)[nginx-configuration]: Document it.
Change-Id: Iec8614ba3cfc37292a566197e8d39b352b04846a
Signed-off-by: Christopher Baines <mail@cbaines.net>
* gnu/packages/bootloaders.scm (grub): Update to 2.12.
[source](patches): Remove ‘grub-ignore-metadata-csum-seed.patch’.
(snippet): Create ‘grub-core/extra_deps.lst’. Replace “exit 99”
by “exit 77”.
(grub-coreboot): Update value of ‘XFAIL_TESTS’.
* doc/guix.texi (Keyboard Layout and Networking and Partitioning): Update
accordingly (it should now be fine to use LUKS2).
* gnu/packages/patches/grub-ignore-metadata-csum-seed.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
Change-Id: Ia31b3b7e0a2e7de42d30229733e9c196fcd12fd9
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This makes it clearer that this service uses the ISC's dhclient implementation
and does not support DHCP clients that have different command line interfaces.
* doc/guix.texi (Networking Setup): Prepend ISC to all DHCP client references.
Change-Id: I750ef2ffb4b23445c4a2b97aaa44eba56458f430
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/networking.scm (dhcp-client-configuration) [config-file]: New
field.
(dhcp-client-configuration-config-file): New accessor.
(dhcp-client-shepherd-service): Use the config file when invoking
dhclient if supplied.
* doc/guix.texi: Document it.
Change-Id: I286de4ddf59c5e606bf1fe0a7510570869e62b1a
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* doc/guix.texi (radicale-configuration): Update documentation to reflect new
configuration, add new symbols.
* gnu/services/mail.scm (%default-radicale-config-file): Delete.
(radicale-auth-configuration, radicale-auth-configuration?)
(radicale-encoding-configuration, radicale-encoding-configuration?)
(radicale-logging-configuration, radicale-logging-configuration?)
(radicale-rights-configuration, radicale-rights-configuration?)
(radicale-server-configuration, radicale-server-configuration?)
(radicale-storage-configuration, radicale-storage-configuration?):
New configuration types and corresponding predicates.
(radicale-configuration, radicale-configuration?): Use define-configuration.
(radicale-activation, radicale-shepherd-service): Update to new
configuration format.
(radicale-activation): Use user-defined values for service files.
(radicale-service-type): Capitalize "Radicale" in description.
Change-Id: Ic88b8ff2750e3d658f6c7cee02d33417aa8ee6d2
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
* doc/guix.texi (Continuous Integration): Change ‘name’ field of
‘specification’ to be a symbol, as written in upstream Cuirass doc.
Change-Id: I0a8cddfb8ab47f627a01459393aaf346028bb3f6
* doc/guix.texi (gitile-configuration): Update field name
nginx-server-block to nginx.
Change-Id: I215d3d57c1cb88271c580fa1426a661477a775f7
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Add a mechanism to only require mounting a subset of file-system entries
during early Shepherd initialization. Any file-system with additional Shepherd
service requirements (e.g. networking) is not required to provision
'file-systems.
* gnu/services/base.scm (file-system-shepherd-service): Splice
file-system-requirements into the Shepherd service requirement list.
(file-system-shepherd-services): Provision 'file-system only when file system
services without additional Shepherd requirements are started.
* gnu/system/file-systems.scm (file-system): Add shepherd-requirements field
to the file-system record. This field is used for adding additional Shepherd
requirements to a file-system Shepherd service.
* doc/guix.texi: Add documentation for file-system shepherd-requirements.
Change-Id: If0392db03d48e8820aa53df1df482c12ec72e1a5
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This reverts commit dbeef44f3c.
Despite the more semantically correct data type, it doesn't follow the style
of the most services and also breaks user-facing API.
Change-Id: Ib4ef4e9cd2f53ac853a5b7c7c90e57c35c99a5ea
When the user does not use any desktop environment, the typical sequence is to
log in and then type `startx' into the tty to get a window manager running.
Most distributions do provide a startx by default, but Guix has only an
xorg-start-command that is not suitable for this.
This commit adds a second procedure, xorg-start-command-xinit, that correctly
picks a virtual terminal to use, sets up XAUTHORITY and starts xinit with the
correct arguments. That should make running Guix without a desktop
environment more approachable.
* gnu/services/xorg.scm (xorg-start-command-xinit): New public procedure.
* doc/guix.texi (X Window): Document it.
Change-Id: I17cb16093d16a5c6550b1766754700d4fe014ae9
Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
'(map specification->package+output specs)' doesn't work due to
'specification->package+output' will return multiple values.
* doc/guix.texi (Using the Configuration System): Replace
'specification->package+output' with 'specifications->packages'.
Change-Id: I443771327a2ef5ae5e7dddd9785f1eef4200e898
* doc/guix.texi (G-Expressions): Document the use of assume-valid-file-name with
local-file.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I132f78e198cbf3ba2e5a677d671563d753de534c
This commit allows for loading an OCI image tarball before running an
OCI backed Shepherd service. It does so by adding a one shot Shepherd
service to the dependencies of the OCI backed service that at boot runs
docker load on the tarball.
* gnu/services/docker.scm (oci-image): New record;
(lower-oci-image): new variable, lower it;
(string-or-oci-image?): sanitize it;
(oci-container-configuration)[image]: allow also for oci-image records;
(oci-container-shepherd-service): use it;
(%oci-image-loader): new variable.
Change-Id: Ie504f479ea0d47f74b0ec5df9085673ffd3f639d
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/docker.scm (exports): Add missing procedures;
(oci-container-service-type)[description]: Docker and OCI images should
mean the same thing;
(oci-container-configuration): clarify field types;
[extra-arguments]: new field;
(oci-sanitize-extra-arguments): sanitize it;
(oci-container-shepherd-service): use it.
* doc/guix.texi: Document it.
Change-Id: I64e9d82c8ae538d59d1c482f23070a880156ddf7
Signed-off-by: Ludovic Courtès <ludo@gnu.org>