Sorry this is a massive commit. It's kinda impossible to split it
without either completely breaking basic functionality or making a buggy
shim layer that's written just to be immediately removed.
But anyway, this is the real body of the bootloader subsystem update.
One of my favorite new things possible with this is easy generation of
disk images using arbitrary bootloaders, including ones that require one
or more data/install partitions, such as p-boot or depthcharge!
* gnu/build/image.scm (initialize-root-partition): Don't install
bootloader here.
(make-iso9660-image): Pull in grub.dir instead of a bootcfg.
* gnu/build/install.scm (install-boot-config): Delete procedure.
* gnu/machine/ssh.scm (deploy-managed-host, roll-back-managed-host): Use
new bootloader system.
(operating-system)[bootloader]: Use wrap-element sanitizer and support
multiple bootloaders.
(operating-system-bootcfg): Rename to...
(operating-system-bootmeta): ...this. Rewrite to return relevant
information instead of calling the config procedure directly.
(operating-system-boot-parameters): Support multiple bootloaders.
* gnu/system/boot.scm (read-boot-parameters): Support multiple
bootloaders.
* gnu/system/image.scm (root-partition-index): Delete procedure.
(system-disk-image, system-iso9960-image): Support new bootloader system.
(system-disk-image)[targets]: New subprocedure.
* guix/scripts/system.scm (install, install-bootloader-from-provenance,
perform-action): Support multiple bootloaders and work with new
bootloader system instead of bootcfgs.
(display-system-generation): Support multiple bootloaders.
* guix/scripts/system/reconfigure.scm (install-bootloader-program):
Rewrite to simply insert each bootloader's installer in the gexp
directly, instead of copying bootcfgs.
(install-bootloader): Work with new bootloader system. Just in case,
add install-bootloader.scm to the gc roots too.
Change-Id: I3654d160f7306bb45a78b82ea6b249ff4281f739
* gnu/system/boot.scm (<boot-alternative>): New record.
(boot-alternative->menu-entry): New procedure.
* gnu/machine/ssh.scm (machine->boot-alternatives): Return a
boot-alternative encapsulating previous return value.
(deploy-managed-host): Get menu-entries from boot-alternatives.
(roll-back-managed-host): Get parameters from boot-alternatives.
* guix/scripts/system.scm (generation->boot-parameters): Rename to...
(generation->boot-alternative): ...this. Return a boot-alternative
encapsulating previous return value.
(profile->boot-alternatives): Rename uses as above.
(reinstall-bootloader, perform-action): Get menu-entries from
boot-alternatives.
Change-Id: Iaef0b0a3fa9240ca8315a9699bcf4a7bfe908e33
* gnu/machine/ssh.scm (roll-back-managed-host): Factor out a
subexpression into new variable parameters.
Change-Id: I8d70684142bea736042d6c9dc8276ea7bdb9c181
Both refer to data sets returned from the remote expression, and one of them
shadowed an element of itself.
* gnu/machine/ssh.scm (machine->boot-alternatives): Rename generations
to remote-results.
Change-Id: Ibd8a3036126d9da1215cfc191884c0f54df637df
Throughout the code base, the token 'boot-parameters' refers to collection of
data that is stored on disk for each system generation. It was confusing to
use it for a list of such records. This comment imposes an alternative name.
* gnu/machine/ssh.scm (machine-boot-parameters): Rename to
machine->boot-alternatives.
(machine->boot-alternatives, roll-back-managed-host): Use
boot-alternatives instead of boot-parameters as appropriate.
* guix/scripts/system.scm (profile-boot-parameters): Rename to
profile->boot-alternatives.
(reinstall-bootloader, perform-action): Use boot-alternatives instead
of boot-parameters as appropriate.
Change-Id: Iabb04dbb39f42f989692bede7304f20a69bef9fb
* guix/scripts/system.scm (profile-boot-parameters): Rename time to
epoch to fit new procedure name.
(epoch->date-string): Move to...
* gnu/system/boot.scm (epoch->date-string): ...here.
* gnu/machine/ssh.scm (machine-boot-parameters): Rename time to epoch.
(machine-boot-parameters)[boot-parameters]: Use epoch->date-string.
Change-Id: I6a5f793567221f81edd7b2d8d9f0f3e801d1b113
When using "guix deploy" on an x86_64-linux machine to deploy a system to
i686-linux, DEPLOY-MANAGED-HOST would revert %CURRENT-SYSTEM to the host
system's value by the time it evaluated UPGRADE-SHEPHERD-SERVICES. The
earlier PARAMETERIZE would no longer be effective.
* gnu/machine/ssh.scm (deploy-managed-host): Ensure that
UPGRADE-SHEPHERD-SERVICES is evaluated for the architecture of the target
machine.
Change-Id: I0816da79cd7c46a69418717fa33b2fe4e2fabae0
Reported by hako on #guix.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Filter out pseudo
file systems from 'file-systems'.
* guix/scripts/system.scm (check-initrd-modules): Likewise.
* gnu/machine/digital-ocean.scm (guix-infect): Define the operating system
declaration as an s-expression and paste it into the generated Bash script to
simplify editing.
* gnu/machine/digital-ocean.scm (guix-infect, add-static-networking): Set
GUILE_LOAD_PATH and GUILE_LOAD_COMPILED_PATH to directories for Guile 3.0
instead of 2.2.
* gnu/machine/digital-ocean.scm (ip+netmask->cidr): New procedure.
(guix-infect, add-static-networking): Use static-networking-service-type
instead of the deprecated static-networking-service.
These typos were found and reported through weblate.
* gnu/packages/audio.scm (wildmidi)[description]: Fix typo.
* gnu/packages/games.scm (cgoban)[description]: Fix typo.
* gnu/services/version-control.scm (gitolite-service-type)[description]:
Fix typo.
* gnu/installer/newt/substitutes.scm (run-substitutes-page): Remove full
stop at end of title.
* gnu/machine/ssh.scm (machine-ssh-configuration-system): Move
punctuation outside of quotes.
* guix/scripts/home.scm (process-action): Remove trailing space before
newline.
* guix/scripts/system.scm (show-help): Fix typo.
* guix/scripts/environment.scm (with-store/maybe): Fix typo.
Fixes <https://issues.guix.gnu.org/58084>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
Previously, "sanity checks" and other operations would happen in a
context where '%current-system' has its default value. Thus, running
'guix deploy' on x86_64-linux machine for an aarch64-linux one would
lead things like '%base-initrd-modules' to see "x86_64-linux" as the
'%current-system' value, in turn making the wrong choices.
* gnu/machine/ssh.scm (check-deployment-sanity)[assertions]: Wrap in
'parameterize'.
(deploy-managed-host): Likewise for the 'mlet' body.
This is to make it less surprising, given the common convention sets forth by
the kernel Linux command-line parameters.
* gnu/build/linux-boot.scm (boot-system): Rename '--load', '--repl', '--root'
and '--system' to 'gnu.load', 'gnu.repl', 'root' and 'gnu.system',
respectively. Adjust doc.
(find-long-option): Adjust doc.
* gnu/installer/parted.scm (installer-root-partition-path): Adjust accordingly.
* gnu/system.scm (bootable-kernel-arguments): Add a VERSION argument and
update doc. Use VERSION to conditionally return old style vs new style initrd
arguments.
(%boot-parameters-version): Increment to 1.
(operating-system-boot-parameters): Adjust doc.
(operating-system-boot-parameters-file): Likewise.
* gnu/system/linux-initrd.scm (raw-initrd, base-initrd): Likewise.
* doc/guix.texi: Adjust doc.
* gnu/build/activation.scm (boot-time-system): Adjust accordingly.
* gnu/build/hurd-boot.scm (boot-hurd-system): Likewise.
* gnu/packages/commencement.scm (%final-inputs-riscv64): Adjust comment.
Fixes <https://issues.guix.gnu.org/52766>.
Reported by Michael Rohleder <mike@rohleder.de>.
* gnu/machine/ssh.scm (<machine-ssh-configuration>)[safety-checks?]: New
field.
(machine-check-file-system-availability): Return the empty list when
'safety-checks?' is false.
(machine-check-initrd-modules): Likewise.
* doc/guix.texi (Invoking guix deploy): Document it.
Previously, any call to 'managed-host-remote-eval' and similar would
open a new SSH session to the host. With this change, an SSH session is
opened once, cached, and then reused by all subsequent calls to
'machine-ssh-session'.
* gnu/machine/ssh.scm (<machine-ssh-configuration>): Add
'this-machine-ssh-configuration'.
[session]: Mark as thunked and change default value to an
'open-machine-ssh-session*' call.
(open-machine-ssh-session, open-machine-ssh-session*): New procedures.
(machine-ssh-session): Replace inline code by call to
'open-machine-ssh-session'.
For some time, OpenSSH's option 'PermitRootLogin' has deprecated the
ambiguous argument 'without-password' with 'prohibit-password'.
* doc/guix.texi (Network Services): Replace 'without-password by
'prohibit-password.
* gnu/machine/digital-ocean.scm (guix-infect): Change system
configuration to use 'prohibit-password.
* gnu/services/ssh.scm (openssh-configuration): Change comment to use
'prohibit-password.
(openssh-config-file): Add support for 'prohibit-password to
'permit-root-login'. Warn about deprecated 'without-password usage.
* gnu/tests/ganeti.scm (%ganeti-os): Replace 'without-password by
'prohibit-password.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
Fixes a regression introduced in
2885c3568e.
Reported by Mathieu Othacehe.
* gnu/machine/ssh.scm (deploy-managed-host)[eval/error-handling]: Return
two values in the standard case.
Previously, '&inferior-exception' raised by 'upgrade-shepherd-services'
and co. would go through as-is, leaving users with an ugly backtrace.
* gnu/machine/ssh.scm (deploy-managed-host): Define
'eval/error-handling' and use it in lieu of EVAL as arguments to
'switch-to-system', 'upgrade-shepherd-services', and
'install-bootloader'.
This is a followup to 70ffa8af1e, which
did not really solve the problem.
* gnu/machine/ssh.scm (not-config?): New procedure.
(machine-boot-parameters): Use it as an argument to
'source-module-closure'.
* gnu/bootloader/grub.scm (grub-configuration-file): New parameter
store-crypto-devices.
[crypto-devices]: New helper function.
[builder]: Use crypto-devices.
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* gnu/tests/install.scm (%encrypted-root-not-boot-os,
%encrypted-root-not-boot-os): New os declaration.
(%encrypted-root-not-boot-installation-script): New script, whose contents
were initially taken from %encrypted-root-installation-script.
(%test-encrypted-root-not-boot-os): New test.
* gnu/system.scm (define-module): Export
operating-system-bootoader-crypto-devices and
boot-parameters-store-crypto-devices.
(<boot-parameters>): Add field store-crypto-devices.
(read-boot-parameters): Parse store-crypto-devices field.
[uuid-sexp->uuid]: New helper function extracted from
device-sexp->device.
(operating-system-bootloader-crypto-devices): New function.
(operating-system-bootcfg): Use
operating-system-bootloader-crypto-devices to provide its contents to
the bootloader configuration generation process.
(operating-system-boot-parameters): Add store-crypto-devices to the
generated boot-parameters.
(operating-system-boot-parameters-file): Likewise to the file with
the serialized structure.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* tests/boot-parameters.scm (%default-store-crypto-devices): New
variable.
(%grub-boot-parameters, test-read-boot-parameters): Use
%default-store-crypto-devices.
(tests store-crypto-devices): New tests.
Fixes <http://issues.guix.gnu.org/44196>
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-directory-prefix.
* gnu/system.scm (define-module): Export
boot-parameters-store-directory-prefix.
(<boot-parameters>)[store-directory-prefix]: New field. It is used to
generate the correct paths when /gnu/store is installed on a btrfs
subvolume whose name doesn't match the final runtime path, as the
bootloader doesn't have knowledge about the final mounting points.
[boot-parameters-store-directory-prefix]: New accessor.
(read-boot-parameters): Read directory-prefix from store field.
(operating-system-boot-parameters-file): Add directory-prefix to
store field.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-directory-prefix.
* test/boot-parameters.scm (%default-btrfs-subvolume,
%default-store-directory-prefix): New variables.
(%grub-boot-parameters): Use %default-store-directory-prefix.
(%default-operating-system): Use %default-btrfs-subvolume.
(test-boot-parameters): Add directory-prefix.
(test optional fields): Add test for directory-prefix.
(test os store-directory-prefix): New test.
* gnu/machine/ssh.scm (roll-back-managed-host): Use locale information
from boot-parameters.
* gnu/system.scm (operating-system-bootcfg): Provide locale information
to the bootloader.
* guix/system/script.scm (reinstall-bootloader): Use locale information
from boot-parameters.
This is a follow-up of 755f365b02.
As (zlib) is autoloaded in (gnu build linux-modules), "guile-zlib" is needed
as an extension only when it is effectively used.
* gnu/installer.scm (installer-program): Remove "guile-zlib" from the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/shadow.scm (account-shepherd-service): Ditto.
This commit adds support for GZIP compression for linux-libre kernel
modules. The initrd modules are kept uncompressed as the initrd is already
compressed as a whole.
The linux-libre kernel also supports XZ compression, but as Guix does not have
any available bindings for now, and the compression time is far more
significant, GZIP seems to be a better option.
* gnu/build/linux-modules.scm (modinfo-section-contents): Use
'call-with-gzip-input-port' to read from a module file using '.gz' extension,
(strip-extension): new procedure,
(dot-ko): adapt to support compression,
(ensure-dot-ko): ditto,
(file-name->module-name): ditto,
(find-module-file): ditto,
(load-linux-module*): ditto,
(module-name->file-name/guess): ditto,
(module-name-lookup): ditto,
(write-module-name-database): ditto,
(write-module-alias-database): ditto,
(write-module-device-database): ditto.
* gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib"
to the extensions and make sure that the initrd only contains
uncompressed module files.
* gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the
extensions.
* guix/profiles.scm (linux-module-database): Ditto.
This is a followup to 8e31736b0a.
* guix/scripts/system/reconfigure.scm (check-forward-update): Add
#:current-channels. Use it instead of OLD.
* gnu/services.scm (sexp->system-provenance): New procedure.
(system-provenance): Use it.
* gnu/machine/ssh.scm (<machine-ssh-configuration>)[allow-downgrades?]:
New field.
(machine-check-forward-update): New procedure.
(check-deployment-sanity)[assertions]: Call it.
* doc/guix.texi (Invoking guix deploy): Document 'allow-downgrades?'
field.
Fixes <https://issues.guix.gnu.org/issue/41237>.
The UUID type information was lost when passing to the lower gexp code strata,
which led to not being able to recreate the UUID in the generated script.
This occurred for non-DCE type UUIDs such as that of a FAT file system.
A following commit will prevent the find-partition-by-uuid procedure from
entering a loop when its UUID argument is invalid.
Reported-by: Brice Waegeneire <brice@waegenei.re>
* gnu/machine/ssh.scm (machine-check-file-system-availability): Replace the
STRING->UUID procedure by the UUID macro, and provide the UUID type as its
second argument.
* gnu/machine/ssh.scm (<remote-assertion>): New record type.
(remote-let): New macro.
(machine-check-file-system-availability): Rewrite to use 'remote-let'
instead of 'mlet' and 'machine-remote-eval'.
(machine-check-initrd-modules): Likewise.
(machine-check-building-for-appropriate-system): Make non-monadic.
(check-deployment-sanity): Rewrite to gather all the assertions as a
single gexp and pass it to 'machine-remote-eval'.
'this-machine' and 'this-machine-ssh-configuration' were useless given
that there are no thunked fields.
* gnu/machine.scm (<machine>)[this-machine]: Remove.
* gnu/machine/ssh.scm (<machine-ssh-configuration>)
[this-machine-ssh-configuration]: Remove.
* gnu/machine/ssh.scm
(machine-check-file-system-availability)[check-labeled-file-system]: Use
'source-module-closure' for '(gnu build file-systems)'.
(machine-check-initrd-modules): Unquote 'file-system-label->string' instead of
'device'.
