Fixes <https://issues.guix.gnu.org/54770>.
Regression introduced in 400c9ed3d7.
Previously, for an encrypted /home (say), "cryptsetup open" would be
invoked by shepherd, with /dev/null as its standard input. It would
thus run in non-interactive mode and, instead of asking for a
passphrase, fail with:
Nothing to read on input.
This change ensures it runs in interactive mode.
* gnu/build/file-systems.scm (system*/console, system*/tty): New
procedures.
* gnu/system/mapped-devices.scm (open-luks-device): Use 'system*/tty'
instead of 'system*'.
* gnu/packages/lisp-xyz.scm (sbcl-legit): Update to 1.0.0-2.5f8a2d4 and use
revision variable in let block.
[arguments]: Add 'patch-git-executable' phase.
[inputs]: Add formatting and add missing git input.
Signed-off-by: Guillaume Le Vaillant <glv@posteo.net>
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 100.
(%chromium-version): Set to 100.0.4896.75.
(%debian-revision): Set to debian/100.0.4896.60-1.
(%ungoogled-origin): Update hash.
(%debian-patches): Updates hashes. Remove obsolete.
(ungoogled-chromium): Update hash.
[arguments]: Remove obsolete substitution. Patch libvulkan.so.1 in more
files, and add absolute reference to Mesa ICDs.
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 99.
(%chromium-version): Set to 99.0.4844.84.
(%ungoogled-origin): Update hash.
(ungoogled-chromium): Likewise.
[arguments]: Patch absolute file names to GTK libraries. Patch one more
Opus header inclusion. Remove labels in wrapping phase.
[native-inputs]: Change from CLANG-13 to CLANG-14.
[inputs]: Add AT-SPI2-ATK.
* gnu/packages/llvm.scm (%llvm-monorepo-hashes, %llvm-patches, llvm-monorepo):
New variables.
(clang-runtime-from-llvm): Make HASH optional; use monorepo when not present.
(clang-from-llvm): Likewise.
(llvm-14, clang-runtime-14, clang-14, clang-toolchain-14, lld-14): New variables.
(llvm-13): Inherit from LLVM-14.
(lld-13): Inherit from LLD-14.
(lld): Turn into alias for LLD-14.
* gnu/packages/patches/clang-14.0-libc-search-path.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/zig.scm (zig): Change from LLD to LLD-13.
* gnu/packages/lisp-xyz.scm (sbcl-sxql): Update to 0.1.0-3.cc3478c and use
revision variable in let block.
[inputs]: Add missing sbcl-trivia input.
Signed-off-by: Guillaume Le Vaillant <glv@posteo.net>
This lets the 'childhurd' service start in the background, letting
shepherd perform other tasks in the meantime, including serving
clients (such as the 'herd' command).
* gnu/build/secret-service.scm (with-modules): New macro.
(wait-for-readable-fd): Add cooperative implementation when Fibers is in
use.
(secret-service-send-secrets): Define 'sleep' so that it cooperates when
Fibers is in use.
* gnu/services/ssh.scm (openssh-shepherd-service): Use
'make-inetd-constructor' when it is defined.
(<openssh-configuration>)[max-connections]: New field.
* gnu/tests/ssh.scm (run-ssh-test)["sshd PID"]: Adjust to cope with
PID-FILE being #f.
* gnu/tests/ssh.scm (%test-openssh): Pass #f as the 'pid-file'
argument.
* doc/guix.texi (Networking Services): Document 'max-connections'.
* gnu/home/services/shepherd.scm (<home-shepherd-configuration>)[shepherd]:
Default to SHEPHERD-0.9.
(home-shepherd-configuration-file): Use 'start-in-the-background' when
it is defined.
* gnu/services/shepherd.scm (scm->go): Define 'shepherd&co' and pass it
to 'with-extensions'.
(shepherd-configuration-file): Call 'start-in-the-background' when it is
defined.
(<shepherd-configuration>)[shepherd]: Default to SHEPHERD-0.9.
* gnu/system.scm (hurd-default-essential-services): Use SHEPHERD-0.8.
* gnu/build/shepherd.scm (exec-command*): New procedure, with code
formerly...
(make-forkexec-constructor/container): ... here. Use it.
(fork+exec-command/container): Use 'fork+exec-command' only when
CONTAINER-SUPPORT? is false or PID is the current process.
* gnu/packages/admin.scm (shepherd): Rename to...
(shepherd-0.8): ... this. New variable.
(shepherd): Define as an alias for SHEPHERD-0.8.
(shepherd-0.9): New variable.
(guile2.2-shepherd): Inherit from SHEPHERD-0.9 and adjust inputs
accordingly.
Forbid root user creation as it could lead to a system without any
non-priviledged user accouts.
Fixes: <https://issues.guix.gnu.org/54666>.
* gnu/installer/newt/user.scm (run-user-add-page): Forbid it.
Includes fixes for CVE-2022-1097, CVE-2022-1196, CVE-2022-24713,
CVE-2022-28281, CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, and
CVE-2022-28289.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.