* gnu/system/vm.scm (<virtual-machine>)[cpu-count]: New field.
(virtual-machine-compiler): Honor it.
Change-Id: I907a89365f32ac7a9981c4ae5f59cf6eb199c3cc
Currently it's not possible to set `essential-services' when building
operating systems for containers, since `container-essential-services'
always uses the defaults.
It's possible to reference `essential-services' from the operating
system that's passed in, but since it's thunked, the operating system
needs to be defined in two passes to avoid an infinite loop.
* gnu/system/linux-container.scm (container-essential-services): Use
operating-system-essential-services instead of the defaults to allow
overriding the base services.
(containerized-operating-system): Update accordingly.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I81452487ef1ad01d3fa874c26d93a67d58ce6062
Without this change, trying to create a system image with efi-raw type while
using grub-efi-removable-bootloader fails with fairly confusing message:
EFI bootloader required with GPT partitioning
* gnu/system/image.scm (system-disk-image): Consider
grub-efi-removable-bootloader to be EFI bootloader.
Change-Id: I5f5e1a94e825fd29d6880c5bafb330e16a5ac962
The removed fields are already sourced in /etc/profile.
* gnu/system/shadow.scm (%default-zprofile): Sync with default zprofile
from (gnu home services shells).
Change-Id: I419eadf636344e23e8fd2f7006efa81f45527756
* gnu/system/shadow.scm (%deafult-skeleton-home-config): New variable.
(default-skeletons): Add it.
Change-Id: Ida4cca8b1b3674491a4f18d94bc1b12d426575ba
Requiring the user to input their password in order to unlock a device is not
always reasonable, so having an option to unlock the device using a key file
is a nice quality of life change.
* gnu/system/mapped-devices.scm (open-luks-device): Add #:key-file argument.
(luks-device-mapping-with-options): New procedure.
* doc/guix.texi (Mapped Devices): Describe the new procedure.
Change-Id: I1de4e045f8c2c11f9a94f1656e839c785b0c11c4
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is Ludo's suggestion at <https://issues.guix.gnu.org/36069#26>,
with an added guard against duplicates and a tweaked comment.
* gnu/system/vm.scm (virtualized-operating-system): Add "cirrus" to the
list of INITRD-MODULES.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I1a86286586eee0b8c39706544778c7911a86da33
TLS errors may be confusing to some users. Two comments are added: one
comment should help clarify the extra step required for root CA certificates
to be installed, while the other will help users keep their clocks
synchronized, another source of TLS errors due to clock drift.
* gnu/system/examples/bare-bones.tmpl: Add nss-cert and NTP service comments.
Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is a followup to 05a9d1f378, which
removed its sole user.
* gnu/system/vm.scm (%linux-vm-file-systems): Remove.
(mapping->file-system): Add comment about “cache=loose”.
This is a follow-up of e5ed1712da. Restore the
behaviour before d57cab7641 and produce
hybrid, BIOS and UEFI capable qcow2 images.
* gnu/system/image.scm (qcow2-image-type): Inherit from mbr-hybrid-disk-image.
When using grub-bootloader with a GPT image, GRUB will fail during
installation with a cryptic error message.
* gnu/system/image.scm (system-disk-image): Raise an error when trying to use
a non-EFI compatible bootloader with a GPT image partitioning.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Until 209204e23b and
d57cab7641, the default image type used by "guix
system image" was an MBR image with an ESP partition.
Having both an MBR image and an ESP partition is handy because the image will
boot on most x86 based systems using legacy BIOS and/or UEFI.
We now have a distinction between MBR images and EFI images. Introduce a new
MBR hybrid image type and default to it to restore the default behaviour.
This also fixes the images section of (gnu ci) that was trying to install a
BIOS bootloader on an EFI, GPT image and failing to do so.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
This really removes the locale-2.33 dependency running `guix system build
bare-hurd.tmpl' on the Hurd, that somehow still managed to leak-in?
* gnu/system/hurd.scm (%base-packages/hurd)[locale-libcs]: New field.
This reverts commit e9a5eebc78, which
as far as I can tell breaks system roll-backs thusly:
[...]
In gnu/build/accounts.scm:
239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >)
In unknown file:
2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>)
In ice-9/boot-9.scm:
1685:16 1 (raise-exception _ #:continuable? _)
1685:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t
* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New
field.
(user-account-home-directory-permissions): New accessor.
* gnu/build/activation.scm (activate-users+groups): Use home directory
permission bits from the user account object.
* doc/guix.texi (User Accounts): Document new field.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
* gnu/system/image.scm (mbr-disk-image, mbr-raw-image-type): New variables.
(qcow2-image-type): Inherit mbr-disk-image.
* guix/scripts/system.scm (%default-options): Use mbr-raw-image-type by
default.
* gnu/tests/install.scm (run-install): Use mbr-raw in the tests.
* doc/guix-cookbook.texi (Guix System Image API): Update the list of image
types.
* doc/guix.texi (Invoking guix system, System Images, image-type Reference):
Add mbr-raw and switch documented default to it.
This is a followup to cf28f46930.
* gnu/system/examples/plasma.tmpl (services): Remove both
'gdm-service-type' and 'sddm-service-type' from %DESKTOP-SERVICES.
This led to a 'tests/guix-system.sh' failure on aarch64-linux:
…/plasma.tmpl:60:13: error: modify-services: service 'gdm' not found in service list
This is because 'gdm-service-type' is not among %DESKTOP-SERVICES on
that architecture.
* gnu/system/examples/plasma.tmpl (services): Use 'remove' rather
'modify-services' + 'delete'.
cgroup v2 is the next generation of the control groups API. This patch
replaces the cgroup v1 file systems with the unified cgroup v2 file
system.
cgroup v2 allows for things like containerd/podman to run rootless
containers and opens guix system up to running things like Kubernetes.
Thanks to Hilton Chain <hako@ultrarare.space> for suggesting the Docker
service change.
* gnu/system/file-systems.scm (%control-groups): Change to a single
"cgroup2" mount point.
* gnu/services/docker.scm (docker-shepherd-service): Trim 'requirement'
field accordingly.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
When booting with pci-arbiter and rumpdisk and using 1024MB of memory for
qemu, booting hangs, or seems to hang, at the end of the rumpdisk boot
messages. At least 1200MB is required, currently.
* gnu/services/virtualization.scm (<hurd-vm-configuration>)[memory-size]: Bump
to 2048.
* gnu/system/examples/bare-hurd.tmpl: Suggest using 2048 here too. Update
example `guix system image' and "qemu" command lines too.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
This allows for the use of Guix within a non-privileged Docker container
produced by 'guix system image -t docker'.
* gnu/system/linux-container.scm (containerized-operating-system):
Change 'guix-configuration' to add "--disable-chroot".
Previously, (ntfs-uuid->string (string->ntfs-uuid"5234ED0D34ECF53F"))
would yield "5234EDD34ECF53F".
Reported by sughosha in #guix.
* gnu/system/uuid.scm (ntfs-uuid->string): Pad hex bytes with zero when
needed.
* gnu/system/image.scm (system-disk-image)[partition-image]: Adjust the
inputs used by the image-builder to only use the packages necessary to
build that partition.