Commit graph

420 commits

Author SHA1 Message Date
Ludovic Courtès
b665dd4a99
file-systems: 'mount-file-system' preserves the right mount flags.
Fixes <https://bugs.gnu.org/47007>.
Reported by Jelle Licht <jlicht@fsfe.org>.

Since commit dcb640f02b, we could end up
applying the wrong mount flags because the (find ...) expression could
pick the "wrong" mount point in the presence of bind mounts.

* gnu/build/file-systems.scm (mount-file-system): Use 'statfs' to
compute FLAGS whe FS is a bind mount.
2021-03-10 23:21:33 +01:00
Maxime Devos
520bac7ed0
services: Prevent following symlinks during activation.
This addresses a potential security issue, where a compromised
service could trick the activation code in changing the permissions,
owner and group of arbitrary files.  However, this patch is
currently only a partial fix, due to a TOCTTOU (time-of-check to
time-of-use) race, which can be fixed once guile has bindings
to openat and friends.

Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html>

* gnu/build/activation.scm: new procedure 'mkdir-p/perms'.
* gnu/services/authentication.scm
  (%nslcd-activation, nslcd-service-type): use new procedure.
* gnu/services/cups.scm (%cups-activation): likewise.
* gnu/services/dbus.scm (dbus-activation): likewise.
* gnu/services/dns.scm (knot-activation): likewise.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-10 18:01:47 +01:00
Ludovic Courtès
dcb640f02b
file-systems: 'mount-file-system' preserves source flags for bind mounts.
Fixes <https://bugs.gnu.org/46292>.

* gnu/build/file-systems.scm (mount-file-system): If FS is a bind mount,
add its original mount flags to FLAGS.
2021-02-25 11:29:35 +01:00
Ludovic Courtès
aa8de80625
activation: Do not make setuid programs setgid-root [security].
Fixes <https://bugs.gnu.org/46395>.
Reported by Duncan Overbruck <mail@duncano.de>.

* gnu/build/activation.scm (activate-setuid-programs): Change TARGET
mode to not be setgid.
2021-02-09 10:06:02 +01:00
Tobias Geerinckx-Rice
2072f617ad
linux-boot: Fix noresume argument parsing.
* gnu/build/linux-boot.scm (boot-system): Check for "hibernate=noresume"
in addition to "noresume".
2020-12-17 23:01:23 +01:00
Ludovic Courtès
0793833c59
database: Remove #:deduplicate? from 'register-items'.
It is now up to the caller to deduplicate store contents.

* guix/store/database.scm (register-items): Remove #:deduplicate?
parameter and call to 'deduplicate'.
(register-path): Call 'deduplicate' when #:deduplicate? is true.
* gnu/build/image.scm (register-closure): Adjust call accordingly.
* gnu/build/vm.scm (register-closure): Likewise.
* guix/nar.scm (finalize-store-file): Likewise.
* guix/scripts/pack.scm (store-database): Likewise.
2020-12-15 17:32:11 +01:00
Ludovic Courtès
2aa512ec28
image: 'register-closure' leaves it up to the caller to deduplicate.
* gnu/build/image.scm (register-closure): Remove #:deduplicate?
parameter and pass #:deduplicate? #f to 'register-items'.
(initialize-root-partition): Adjust accordingly.
* gnu/build/vm.scm (register-closure, root-partition-initializer):
Likewise.
2020-12-15 17:32:10 +01:00
Ludovic Courtès
6a060ff27f
store-copy: 'populate-store' can optionally deduplicate files.
Until now deduplication was performed as an additional pass after
copying files, which involve re-traversing all the files that had just
been copied.

* guix/store/deduplication.scm (copy-file/deduplicate): New procedure.
* tests/store-deduplication.scm ("copy-file/deduplicate"): New test.
* guix/build/store-copy.scm (populate-store): Add #:deduplicate?
parameter and honor it.
* tests/gexp.scm ("gexp->derivation, store copy"): Pass #:deduplicate? #f
to 'populate-store'.
* gnu/build/image.scm (initialize-root-partition): Pass #:deduplicate?
to 'populate-store'.  Pass #:deduplicate? #f to 'register-closure'.
* gnu/build/vm.scm (root-partition-initializer): Likewise.
* gnu/build/install.scm (populate-single-profile-directory): Pass
 #:deduplicate? #f to 'populate-store'.
* gnu/build/linux-initrd.scm (build-initrd): Likewise.
* guix/scripts/pack.scm (self-contained-tarball)[import-module?]: New
procedure.
[build]: Pass it as an argument to 'source-module-closure'.
* guix/scripts/pack.scm (squashfs-image)[build]: Wrap in
'with-extensions'.
* gnu/system/linux-initrd.scm (expression->initrd)[import-module?]: New
procedure.
[builder]: Pass it to 'source-module-closure'.
* gnu/system/install.scm (cow-store-service-type)[import-module?]: New
procedure.  Pass it to 'source-module-closure'.
2020-12-15 17:32:10 +01:00
Ludovic Courtès
dea1ee1fd7
database: Remove #:reset-timestamps? from 'register-items'.
The assumption now is that the caller took care of resetting timestamps
and permissions.

* guix/store/database.scm (register-items): Remove #:reset-timestamps?
parameter and the call to 'reset-timestamps'.
(register-path): Adjust accordingly and add call to 'reset-timestamps'.
* gnu/build/image.scm (register-closure): Remove #:reset-timestamps?
parameter to 'register-items'.
* gnu/build/vm.scm (register-closure): Likewise.
* guix/nar.scm (finalize-store-file): Adjust accordingly.
* guix/scripts/pack.scm (store-database)[build]: Likewise.
2020-12-15 17:32:10 +01:00
Ludovic Courtès
0f15fd5c12
image: 'register-closure' assumes already-reset timestamps.
* gnu/build/image.scm (register-closure): Remove #:reset-timestamps?
parameter.  Pass #:reset-timestamps? #f to 'register-items'.
(initialize-root-partition): Adjust accordingly.
* gnu/build/vm.scm (register-closure, root-partition-initializer):
Likewise.
2020-12-15 17:32:10 +01:00
Ludovic Courtès
7b8d239ec2
store-copy: 'populate-store' resets timestamps.
Until now, 'populate-store' would reset permissions but not timestamps,
so callers would resort to going through an extra directory traversal to
reset timestamps.

* guix/build/store-copy.scm (reset-permissions): Remove.
(copy-recursively): New procedure.
(populate-store): Pass #:keep-permissions? to 'copy-recursively'.
Remove call to 'reset-permissions'.
* tests/gexp.scm ("gexp->derivation, store copy"): In BUILD-DRV, check
whether 'populate-store' canonicalizes permissions and timestamps.
* gnu/build/image.scm (initialize-root-partition): Pass #:reset-timestamps? #f
to 'register-closure'.
* gnu/build/vm.scm (root-partition-initializer): Likewise.
2020-12-15 17:32:10 +01:00
Marius Bakke
329fa5bdbb
Revert "linux-container: Correct test for unprivileged user namespace support."
This broke 'guix environment --container' on non-Debian distributions.
Fixes <https://bugs.gnu.org/45066>.  Reported by luhux <luhux@outlook.com>.

This reverts commit 8bc5ca5160.
2020-12-06 21:55:18 +01:00
Tobias Geerinckx-Rice
23be018d4f
file-systems: Fix ‘bcachefs fsck’ exit value logic.
Bit 1 means the target device was mounted read-only whilst checking.
This should never happen in an initrd context but is not an error.

* gnu/build/file-systems.scm (check-bcachefs-file-system): Ignore status
bits that don't signal an error.  Remove the 'reboot-required case.
2020-12-06 16:11:43 +01:00
Paul Garlick
8bc5ca5160
linux-container: Correct test for unprivileged user namespace support.
Fixes <https://bugs.gnu.org/31977>.
Reported by Paul Garlick <pgarlick@tourbillion-technology.com>.

* gnu/build/linux-container.scm (unprivileged-user-namespace-supported?):
Return #f when the 'userns-file' does not exist.
2020-12-03 16:25:45 +00:00
Ludovic Courtès
2200bb2146
linux-initrd: Remove unnecessary timestamp reset phase.
* gnu/build/linux-initrd.scm (write-cpio-archive): Mention timestamps in
docstring.
(build-initrd): Remove unnecessary timestamp reset phase.
2020-11-21 12:39:14 +01:00
Marius Bakke
d7a295b24b
Add (gnu build chromium-extension).
* gnu/build/chromium-extension.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
2020-11-08 18:21:15 +01:00
Tobias Geerinckx-Rice
b9abb301d0
linux-boot: Resume from hibernation.
* gnu/build/linux-boot.scm (resume-if-hibernated): New procedure.
(boot-system): Call it.
2020-11-07 13:40:46 +01:00
Tobias Geerinckx-Rice
174254749d
file-systems: Add support for bcachefs.
* gnu/build/file-systems.scm (%bcachefs-endianness): New syntax.
(bcachefs-superblock?, read-bcachefs-superblock)
(bcachefs-superblock-external-uuid, bcachefs-superblock-volume-name)
(check-bcachefs-file-system): New procedures.
(%partition-label-readers, %partition-uuid-readers, check-file-system):
Register them.
2020-11-07 13:40:45 +01:00
Ludovic Courtès
e6934c0429
shepherd: Remove dependency on (guix utils).
Since commit 8ce6f4dc28, importing this
module in a gexp would pull in (guix config) from the host, thereby
leading to non-reproducible derivations.  Users in (gnu services ...) do
not expect that so simply remove the (guix utils) dependency for now.

* gnu/build/shepherd.scm (fork+exec-command/container)[strip-pid]: New
procedure.
Use it instead of 'strip-keyword-arguments'.
2020-11-05 16:13:50 +01:00
Ludovic Courtès
61d9c4458e
image: Error out when passed an unsupported partition type.
* gnu/build/image.scm (make-partition-image): Use 'raise' instead of
'format' when TYPE is not supported.
(convert-disk-image): Remove unneeded 'begin'.
2020-11-05 16:13:50 +01:00
Mathieu Othacehe
a38d861e57
system: reconfigure: Use the disk-installer if provided.
Fixes: <https://issues.guix.gnu.org/44101>.

* gnu/build/bootloader.scm (write-file-on-device): Pass 'no-fail flag instead
of 'no-create. Use a latin-1 transcoder.
* guix/scripts/system/reconfigure.scm (install-bootloader-program): Add a
"disk-installer" argument and use it as a fallback.
(install-bootloader): Adapt accordingly.
* gnu/tests/reconfigure.scm (run-install-bootloader-test): Ditto.
2020-11-03 07:59:59 +01:00
Ludovic Courtès
11e19555e5
file-systems: Allow swap space lookup by UUID/label.
* gnu/build/file-systems.scm (%linux-swap-magic, %page-size): New
variables.
(linux-swap-superblock?, read-linux-swap-superblock)
(linux-swap-superblock-uuid, linux-swap-superblock-volume-name): New
procedures.
(%partition-label-readers, %partition-uuid-readers): Add them.
2020-10-30 01:14:20 +01:00
Ludovic Courtès
57a7aa1ae3
hurd-boot: Set /hurd/magic on /dev/fd.
* gnu/build/hurd-boot.scm (set-hurd-device-translators)[devices]: Add
"/dev/fd".
2020-10-14 15:22:55 +02:00
Ludovic Courtès
44e65a7588
hurd-boot: Create /servers/crash.
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Create
/servers/crash.
2020-10-08 12:26:56 +02:00
Mathieu Othacehe
b97b423e3f
bootloader: Fix u-boot installation.
This is a follow-up of f19cf27c2b. The
bootloader installation must be done on the final disk-image, hence using
"disk-image-installer" instead of "installer" callback.

* gnu/bootloader/u-boot.scm: Turn all installer callbacks into
disk-image-installer callbacks.
* gnu/build/bootloader.scm (write-file-on-device): Open the output file with
'no-truncate and 'no-create options.
* gnu/system/image.scm (with-imported-modules*): Add (gnu build bootloader)
module.
2020-10-05 11:10:35 +02:00
Jelle Licht
e748183538
linux-container: Reset jailed root permissions.
* gnu/build/linux-container.scm (mount-file-systems): Add 'chmod' call.
* tests/containers.scm
("call-with-container, mnt namespace, root permissions"): New test.
2020-10-01 12:51:13 +02:00
Ludovic Courtès
d5366500ec
secret-service: Add proper logging procedure and log to syslog.
* gnu/build/secret-service.scm (log): New macro.
(secret-service-send-secrets, secret-service-receive-secrets): Use it
instead of raw 'format' calls.
2020-09-29 21:56:27 +02:00
Ludovic Courtès
59261a22f9
services: secret-service: Add initial client/server handshake.
This allows the client running on the host to know when it's actually
connect to the server running in the guest.  Failing that, the client
would connect right away to QEMU and send secrets even though the server
is not running yet in the guest, which is unreliable.

* gnu/build/secret-service.scm (secret-service-send-secrets): Add
 #:handshake-timeout.  Read from SOCK an initial message from the
server.  Return #f on error.
(secret-service-receive-secrets): Send 'secret-service-server' message
to the client.  Close SOCK upon timeout.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start'
method returns #f when 'secret-service-send-secrets' returns #f.
2020-09-29 21:56:27 +02:00
Ludovic Courtès
f9090015c5
secret-service: Fix file port leak in 'secret-service-send-secrets'.
* gnu/build/secret-service.scm (secret-service-send-secrets): Use
'call-with-input-file' instead of 'open-input-file'.
2020-09-29 21:56:27 +02:00
Ludovic Courtès
4d047853da
secret-service: Add a timeout when waiting for a client.
* gnu/build/secret-service.scm (secret-service-receive-secrets)
[wait-for-client]: Call 'select' with a 60s timeout before 'accept'.
Return #f upon timeout.
[read-secrets]: Return FILES on success.
Adjust caller of 'wait-for-client' to handle #f.
2020-09-29 21:56:27 +02:00
Ludovic Courtès
118b6dbb46
secret-service: Clarify the origin of messages.
* gnu/build/secret-service.scm (secret-service-send-secrets)
(secret-service-receive-secrets): Prefix messages by "secret service".
2020-09-29 21:56:26 +02:00
Mathieu Othacehe
f441e3e8b5
image: Add support for compressed-qcow2 format.
* gnu/build/image.scm (convert-disk-image): New procedure.
(genimage): Remove target argument.
* gnu/system/image.scm (system-disk-image): Add support for 'compressed-qcow2
image format. Call "convert-disk-image" to apply image conversions on the
final image. Add "qemu-minimal" to the build inputs.
(system-image): Also add support for 'compressed-qcow2.
2020-09-29 11:42:52 +02:00
Mathieu Othacehe
6453915cf7
build: shepherd: Check for container support.
Fixes: <https://issues.guix.gnu.org/43533>.

* gnu/build/shepherd.scm (fork+exec-command/container): Check if containers
are supported before joining PID namespaces.
2020-09-21 10:22:12 +02:00
Mathieu Othacehe
b3a83f1ece
build: linux-container: Fix run-container.
This is a follow-up of 5316dfc0f1. Some users of
run-container may expect that the container is jailed, even if there are no
mounts. This is the case for some Guix tests.

* gnu/build/linux-container.scm (run-container): Do not jail the container
when the requested root is "/".
2020-09-10 09:38:52 +02:00
Stefan
1c3b709edb
linux-boot: Handle nfs-root device strings.
* gnu/build/linux-boot.scm (device-string->file-system-device): Support
nfs-root "device" strings.
* gnu/build/file-systems.scm (canonicalize-device-spec): Support nfs-root
"device" strings.
* gnu/machine/ssh.scm (machine-check-file-system-availability): Avoid
checking of NFS file systems.
* gnu/system.scm (read-boot-parameters, device-sexp->device): Support
nfs-root "device" strings.

Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
2020-09-07 11:00:48 +02:00
Mathieu Othacehe
8ce6f4dc28
installer: Run the installation inside a container.
When the store overlay is mounted, other processes such as kmscon, udev
and guix-daemon may open files from the store, preventing the
underlying install support from being umounted. See:
https://lists.gnu.org/archive/html/guix-devel/2018-12/msg00161.html.

To avoid this situation, mount the store overlay inside a container,
and run the installation from within that container.

* gnu/build/shepherd.scm (fork+exec-command/container): New procedure.
* gnu/services/base.scm (guix-shepherd-service): Support an optional PID
argument passed to the "start" method. If that argument is passed, ensure that
guix-daemon enters the given PID MNT namespace by using
fork+exec-command/container procedure.
* gnu/installer/final.scm (umount-cow-store): Remove it,
(install-system): run the installation from within a container.
* gnu/installer/newt/final.scm (run-install-shell): Remove the display hack.
2020-09-02 17:05:23 +02:00
Mathieu Othacehe
5316dfc0f1
linux-container: Do not jail the container unconditionally.
We may want to run a container inside the MNT namespace, without jailing the
container. If RUN-CONTAINER is passed a null MOUNTS list, do not jail the
container.

* gnu/build/linux-container.scm (run-container): Do not call
MOUNT-FILE-SYSTEMS if MOUNTS list is empty.
2020-09-02 17:05:23 +02:00
Mathieu Othacehe
22827396ba
install: Factorize cow-store procedure.
Move the cow-store procedure from the service declaration in (gnu system
install) to (gnu build install), so that it can be called from within a
different context than Shepherd.

* gnu/build/install.scm (mount-cow-store, unmount-cow-store): New procedures.
* gnu/system/install.scm (make-cow-store): Remove it,
(cow-store-service-type): adapt it accordingly.
2020-09-02 17:05:22 +02:00
Jan (janneke) Nieuwenhuizen
ec32d4f291
services: Add secret-service-type.
This adds a "secret-service" that can be added to a Childhurd VM to receive
out-of-band secrets (keys) sent from the host.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>

* gnu/services/virtualization.scm (secret-service-activation): New procedure.
(secret-service-type): New variable.
* gnu/build/secret-service.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
2020-09-01 16:06:38 +02:00
Mathieu Othacehe
755f365b02
linux-libre: Support module compression.
This commit adds support for GZIP compression for linux-libre kernel
modules. The initrd modules are kept uncompressed as the initrd is already
compressed as a whole.

The linux-libre kernel also supports XZ compression, but as Guix does not have
any available bindings for now, and the compression time is far more
significant, GZIP seems to be a better option.

* gnu/build/linux-modules.scm (modinfo-section-contents): Use
'call-with-gzip-input-port' to read from a module file using '.gz' extension,
(strip-extension): new procedure,
(dot-ko): adapt to support compression,
(ensure-dot-ko): ditto,
(file-name->module-name): ditto,
(find-module-file): ditto,
(load-linux-module*): ditto,
(module-name->file-name/guess): ditto,
(module-name-lookup): ditto,
(write-module-name-database): ditto,
(write-module-alias-database): ditto,
(write-module-device-database): ditto.
* gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib"
to the extensions and make sure that the initrd only contains
uncompressed module files.
* gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the
extensions.
* guix/profiles.scm (linux-module-database): Ditto.
2020-08-25 11:53:20 +02:00
Mathieu Othacehe
7c27bd115b
file-system: Add mount-may-fail? option.
* gnu/system/file-systems.scm (<file-system>): Add a mount-may-fail? field.
(file-system->spec): adapt accordingly,
(spec->file-system): ditto.
* gnu/build/file-systems.scm (mount-file-system): If 'system-error is raised
and mount-may-fail? is true, ignore it. Otherwise, re-raise the exception.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2020-07-31 13:43:20 +02:00
Mathieu Othacehe
675e56221e
file-systems: Add NTFS support.
* gnu/system/uuid.scm (%ntfs-endianness): New macro,
(ntfs-uuid->string): new procedure,
(%ntfs-endianness): new variable,
(string->ntfs-uuid): new exported procedure,
(%uuid-parsers): add NTFS support,
(%uuid-printers): add NTFS support.
* gnu/build/file-systems.scm (%ntfs-endianness): New macro,
(ntfs-superblock?, read-ntfs-superblock, ntfs-superblock-uuid,
check-ntfs-file-system): new procedure,
(%partition-uuid-readers): add NTFS support,
(check-file-system): add NTFS support.
2020-07-26 18:35:10 +02:00
Jan (janneke) Nieuwenhuizen
4b9eecd322
image: Do not set journal_model=WAL for the Hurd.
This fixes <https://bugs.gnu.org/42151>.

* gnu/system/images/hurd.scm (hurd-initialize-root-partition): Use #:wal-mode #f
in call to ...
* gnu/build/image.scm (initialize-root-partition): ... this, add #:wal-mode?
parameter, pass it to ...
(register-closure): ... this, add #:wal-mode? parameter, pass it to ...
* guix/store/database.scm (with-database): ... this, add #:wal-mode?
parameter, pass it to ...
(call-with-database): ... this, add #:wal-mode? parameter; when
set to #f, do not set journal_model=WAL.
2020-07-11 16:34:01 +02:00
Jan (janneke) Nieuwenhuizen
65d95e5d85
hurd-boot: Mount /proc, add /etc/mtab.
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Mount /proc.  Add
symlink to /etc/mtab into /proc/mounts.
2020-06-27 13:01:40 +02:00
Jan (janneke) Nieuwenhuizen
db08a0d203
hurd-boot: Remove duplicate calls to 'scope'.
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Remove duplicate
calls to 'scope'.
2020-06-27 12:59:40 +02:00
Mathieu Othacehe
7f75a7ec08
system: image: Remove "image-root" when building raw disk-images.
The "image-root" derivation output is used as a temporary directory that is
passed to mke2fs and mkdosfs later on. By merging the creation of this
directory and the production of partition images, we can get rid of the
derivation.

As mke2fs and mkdosfs are not able to override file permissions, call those
commands with fakeroot. This way, all the image files will be owned by root,
even if image generation is done in an unprivilegded context.

* gnu/system/image.scm (system-disk-image): Merge "image-root" and
"iso9660-image" derivations so that we spare an extra derivation. Also add
"fakeroot" and its runtime dependencies to the inputs.
* gnu/build/image.scm (make-ext-image, make-vfat-image): Make sure that mke2fs
and mkdosfs are respectively called by fakeroot.
2020-06-22 17:49:19 +02:00
Jan (janneke) Nieuwenhuizen
f25e8f76fe
hurd-boot: Use 'setxattr' instead of invoking settrans.
Note: Using `getxattr' on the Hurd instead of running showtrans does not
work (yet?).

* gnu/build/hurd-boot.scm (setup-translator): Use 'setxattr' instead of
invoking settrans.
* gnu/system.scm (hurd-multiboot-modules): Add --x-xattr-translator-records to
enable xattr-embedding of translators.
2020-06-19 10:40:53 +02:00
Jan (janneke) Nieuwenhuizen
951847ee37
hurd-boot: Create individual translators instead of running MAKEDEV.
* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Do not create
dev/{null,zero,full,random,urandom} mount points.
(passive-translator-xattr?, passive-translator-installed?, translated?,
set-translator, set-hurd-device-translators): New procedures.
(false-if-EEXIST): New macro.
(boot-hurd-system): Use them instead of running MAKEDEV.
2020-06-19 10:38:26 +02:00
Ludovic Courtès
97a46055ca
database: 'register-items' takes an open database.
* guix/store/database.scm (store-database-directory)
(store-database-file): New procedures.
(call-with-database): Add call to 'mkdir-p'.
(register-items): Add 'db' parameter and remove #:state-directory and #:schema.
(register-path): Use 'store-database-file' and 'with-database', and
parameterize SQL-SCHEMA.
* gnu/build/image.scm (register-closure): Likewise.
* gnu/build/vm.scm (register-closure): Likewise.
* guix/scripts/pack.scm (store-database)[build]: Likewise.
2020-06-18 14:48:17 +02:00
Ludovic Courtès
8a02e45d93
shepherd: 'read-pid-file/container' terminates the whole process group.
This mirrors a change made in the Shepherd 0.8.0.  Previously, upon
startup failure, we could have left processes behind.

* gnu/build/shepherd.scm (read-pid-file/container): Kill (- PID) instead
of PID.
2020-06-12 00:04:42 +02:00