This causes authentication failures such as those generated by SSH brute force
attacks to appear in /var/log/secure, which is picked up by tools such as
fail2ban.
* gnu/services/base.scm (%default-syslog.conf): Add a auth.info selector for
the /var/log/secure log.
Series-to: 62802@debbugs.gnu.org
This is a cosmetic change.
* gnu/services/base.scm (%default-syslog.conf): Add a comment referencing the
documentation. Strip the extraneous leading trailing white space indent.
Having the configuration live at a static location makes it possible to
hot-reload it.
* gnu/services/base.scm (syslog.conf): New variable.
(syslog-etc, syslog-shepherd-service): New procedures.
(syslog-service-type): Rewrite using the above new variable and procedures,
extending etc-service-type with its configuration file.
Previously, on a typical setup without "console=ttyS0" or similar in
'kernel-arguments', the 'term-console' Shepherd service would always be
marked as failing to start. This is undesirable because it raises a
false alarm: the service is expected to do nothing in this case.
This patch instead marks it as succeeding and logs a message explaining
it's doing nothing.
* gnu/services/base.scm (agetty-shepherd-service): In 'start' method,
succeed when TTY is #f and print a message.
Deprecate using strings for these fields and prefer user-account
(resp. user-group) instead to avoid duplication within account-service-type.
Fixes#61570 <https://issues.guix.gnu.org/61570>.
* gnu/services/audio.scm (%mpd-user, %mpd-group)
(mpd-serialize-user-account, mpd-serialize-user-group)
(mpd-user-sanitizer, mpd-group-sanitizer): New variables.
(mpd-configuration)[user]: Use user-account as value type.
Sanitize via mpd-user-sanitizer.
[group]: Use user-group as value type.
Sanitize via mpd-group-sanitizer.
(mpd-shepherd-service): Adjust accordingly.
(mpd-accounts): Likewise.
* doc/guix.texi (Audio Services)[Music Player Daemon]: Likewise.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
* gnu/services/audio.scm (mpd-output)[mixer-type]: Use sanitizer to
accept both strings and symbols as values.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
This is required to allow log file rotations using rottlog, etc.
* gnu/services/web.scm (nginx-shepherd-service): Add reopen shepherd action.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/audio.scm (%mympd-user, %mympd-group)
(mympd-user-sanitizer, mympd-group-sanitizer): New variables.
(mympd-configuration)[user]: Use user-account as value type.
Sanitize via mympd-user-sanitizer.
[group]: Use user-group as value type.
Sanitize via mympd-group-sanitizer.
(mympd-serialize-configuration): Adjust accordingly.
(mympd-accounts): Likewise.
* doc/guix.texi (Audio Services)[myMPD]: Likewise.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Deprecate using strings for these fields and prefer user-account
(resp. user-group) instead to avoid duplication within account-service-type.
Fixes#61570 <https://issues.guix.gnu.org/61570>.
* gnu/services/audio.scm (%mpd-user, %mpd-group)
(mpd-serialize-user-account, mpd-serialize-user-group)
(mpd-user-sanitizer, mpd-group-sanitizer): New variables.
(mpd-configuration)[user]: Use user-account as value type.
Sanitize via mpd-user-sanitizer.
[group]: Use user-group as value type.
Sanitize via mpd-group-sanitizer.
(mpd-shepherd-service): Adjust accordingly.
(mpd-accounts): Likewise.
* doc/guix.texi (Audio Services)[Music Player Daemon]: Likewise.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
* gnu/services/audio.scm (mpd-output)[mixer-type]: Use sanitizer to
accept both strings and symbols as values.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
This changes the 'custom-serializer' field into a generic
'extra-args' field that can be extended to support new literals.
Within extra-args, the literals 'sanitizer' and 'serializer' allow
for user-defined sanitization and serialization procedures respectively.
The 'empty-serializer' was also added as a literal to be used as before.
To prevent confusion between the new “explicit” style of specifying
a sanitizer, and the old “implicit” style, the latter has been
deprecated, and a warning is issued if it is encountered.
* gnu/services/configuration.scm (define-configuration-helper):
Rename 'custom-serializer' to 'extra-args'. Add support for literals
'sanitizer', 'serializer' and 'empty-serializer'. Rename procedure
'field-sanitizer' to 'default-field-sanitizer' to avoid syntax clash.
Only define default field sanitizers if user-defined ones are absent.
(normalize-extra-args): New variable.
(<configuration-field>)[sanitizer]: New field.
* doc/guix.texi (Complex Configurations): Document the newly added
literals.
* tests/services/configuration.scm: Add tests for the new literals.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Previously, only the first level of the list would be quoted,
resulting in a schedule of the sort:
'(next-second (range 0 60 30))
being incorrectly ungexp'd into:
(list next-second (0 30))
* gnu/services/linux.scm (fstrim-mcron-job): Fix schedule ungexp.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This patch adds support for proper xorg server input rewriting. It uses the
lookup-package-direct-input procedure to configure the X server paths
dynamically, instead of always using the hard coded package. Something like
this is now possible:
(define other-mesa
(package-input-rewriting/spec `(("mesa" . ,(const other-mesa)))))
(xorg-configuration
(xorg-configuration
(server (other-mesa xorg-server))))
Without this patch the X server would still be configured with mesa (causing
version issues), and not with other-mesa (as per the input rewrite).
* gnu/services/xorg.scm (xorg-configuration-server-package-path)
(xorg-configuration-dri-driver-path, xorg-configuration-xkb-bin-dir)
(xorg-configuration-xkb-dir): New procedures.
(xorg-wrapper): Use them for dri and xkb paths.
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
These variables are necessary for PulseAudio to work properly out-of-the-box
for 'non-interactive' users.
* doc/guix.texi (Audio Services): Update environment-variables field description for
mpd-configuration data type.
* gnu/services/audio.scm (mpd-configuration)[environment-variables]: Set
PULSE_CLIENTCONFIG and PULSE_CONFIG environment variables to the system-wide
PulseAudio configuration.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/audio.scm (mympd-shepherd-service): Depend on 'syslog when
configured to log to syslog.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Fixes <https://issues.guix.gnu.org/62409>.
* gnu/services/networking.scm (network-manager-shepherd-service): Set the
LINUX_MODULE_DIRECTORY environment variable.
The x11-socket-directory-service misuses activation-service-type
to create directories. This kind of usage is incorrect since
activation-service-type does not depend on file-systems, hence incompatible
with user defined /tmp mount.
This commit turns x11-socket-directory-service into a shepherd one-shot
service by defining a new x11-socket-directory-service-type.
* gnu/services/desktop.scm (x11-socket-directory-service-type): New variable.
(x11-socket-directory-service): Deprecate procedure.
(desktop-services-for-system): Use new service-type.
* gnu/tests/lightdm.scm: Ditto.
Reviewed-by: Josselin Poiret <dev@jpoiret.xyz>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Reported by bjc on #guix.
* gnu/services/base.scm (valid-name, cidr->netmask): Wrap in 'eval-when'
since they are used by "compile-time procedures" (macros).