When accessing libvrtd remotely, polkit can't be used unless you are
logged as root. Instead allow libvirt groups member access to the
control socket.
* gnu/services/virtualization.scm (libvirt-configuration)
[unix-sock-group]: Change default from "root" to "libvirt".
* gnu/services/virtualization.scm (libvirt-configuration): Add 'qemu'
field.
(libvirt-service-type): Replace 'qemu' package with the one specified in
the service configuration.
* gnu/services/version-control.scm (gitile-service-type): New variable.
* doc/guix.texi (Version Control Services): Document it.
* gnu/tests/version-control.scm (%test-gitile): New variable.
When building an image with the "system" parameter set to an emulated
architecture, the xorg-configuration-modules field needs to be evaluated once
the %current-system parameter is set, otherwise this parameter is set to the
current host system.
* gnu/services/xorg.scm (<xorg-configuration>)[modules]: Make it a thunked
field.
The i486 target has been removed from qemu since at least 5.2.0.
* gnu/services/virtualization.scm (%i486): Remove variable.
(%qemu-platforms): Remove it.
Fixes <https://issues.guix.gnu.org/40158>.
* gnu/services/base.scm (file-system-shepherd-service): Update doc. Return a
shepherd service for the mount point when either MOUNT? or CREATE? is true.
[start]: Only mount when MOUNT? is true.
(file-system-shepherd-services): Also consider file systems with
create-mount-point? set to #t.
* gnu/system/pam.scm (unix-pam-service): Add account and session PAM entries
for pam-gnupg. Don't pass "#f" to "allow-root?" argument, because "lambda*"
already does this by default.
* doc/guix.texi (X Window): Document this.
* gnu/services/xorg.scm (<slim-configuration>)[gnupg?]: New record field.
(slim-pam-service): Pass "#:gnupg?" argument to "unix-pam-service".
This is a follow-up of d128c6fd33.
* gnu/services/cuirass.scm (<cuirass-remote-server-configuration>)
[no-publish?]: Rename it to ...
[publish?]: ... this new field.
(cuirass-shepherd-service): Adapt it.
* doc/guix.texi (Cuirass remote building): Document it.
It's more explicit to specify used fields instead of depending on their
position.
* gnu/services/base.scm (guix-activation): Replace "match" with
"match-record".
This reverts commit 4673f81793, which reverted
commit 69dcc24c9f with the fix detailed below.
Thanks to Christopher Baines for reporting the failure and proposing a fix.
* guix/self.scm (compiled-guix) [*system-test-modules*]: Add the test data
files via the 'extra-files' argument.
* gnu/local.mk (dist_patch_DATA): Move the tests/data/jami-dummy-account.dat
file to...
* gnu/local.mk (MODULES_NOT_COMPILED): ... here.
* gnu/services/telephony.scm (string-or-computed-file?)
(string-list?, account-fingerprint-list?): New procedures.
(maybe-string-list, maybe-account-fingerprint-list)
(maybe-boolean, maybe-string, jami-account-list): New configuration field
types.
(serialize-string-list, serialize-boolean, serialize-string)
(jami-account, jami-account->alist, jami-configuration)
(jami-account-list?, jami-account-list-maybe): New procedures.
(%jami-accounts): New variable.
(jami-configuration->command-line-arguments): New procedure.
(jami-dbus-session-activation, jami-shepherd-services): New procedures.
(jami-service-type): New variable.
* gnu/build/jami-service.scm: New file.
* gnu/tests/data/jami-dummy-account.dat: Likewise.
* gnu/tests/telephony.scm: Likewise.
* gnu/local.mk (GNU_SYSTEM_MODULES): Register them.
* Makefile.am (SCM_TESTS): Register the test file.
(dist_patch_DATA): Register the new data file.
* doc/guix.texi (Telephony Services): Document it.
If the type of a configuration field is a package, show the name of its
package *variable* as the default value.
* gnu/services/configuration.scm (generate-documentation){show-default}
{package->symbol}: New nested procedures. Use them to format the field
entries.
Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Make the formatting of the generated docs more consistent with the rest of the
docs in the “Services” section of the manual.
* gnu/services/configuration (generate-documentation): Represent the data type
documentation of a field using a DEFTP table rather than DEFTYPEVR elements.
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Previously, argv[0] would be replaced by the absolute file name of the
executable. This could cause discrepancies, for example in the
Coreutils test suite: <https://issues.guix.gnu.org/49485>.
* gnu/services/virtualization.scm (<qemu-platform>)[flags]: Default to "FP".
"pcscd" wouldn't handle SIGTERM as it inherit ignoring this signal (and
others) from its parent shepherd; fork+exec-command restore signal
handling. Fixes <https://issues.guix.gnu.org/45202>.
* gnu/services/security-token.scm (pcscd)[start]: Use
fork+exec-command to start "pcscd".
Sometimes two configurations might have the same types for their field values,
but the values might be serialized in two completely different
ways (e.g. because the two programs have different configuration languages).
An example of this would be the ‘serialize-boolean’ procedure in (gnu services
mail) and (gnu services getmail). They both serialize a boolean value, but
because the Dovecot’s configuration language has a different syntax to the
configuration language for Getmail, two different procedures have to be
defined.
One way to workaround this would be to specify custom serializers for many
fields in order to separate the serialization of the values that have the same
type but serialize in different ways. This could get very tedious, especially
if there are many configurations in the same module.
Another way would be to move one of the configurations to its own module, like
what was done with (gnu services getmail). However, this would mean that
there would be multiple modules containing configurations for related
programs, e.g. we have (gnu services mail) and (gnu services getmail), it
doesn’t make much sense to keep the Getmail configuration in its own module.
This patch will allow one to write something like this:
(define-configuration foo-configuration
(bar
(string "bob")
"Option bar.")
(prefix bar-))
and the value of the ‘bar’ field would be serialized using a procedure named
‘bar-serialize-string’ instead of just ‘serialize-string’.
* gnu/services/configuration.scm (define-maybe-helper): Accept ‘prefix’
argument for using serializer with custom prefix.
(define-maybe): Pattern match on ‘prefix’ literal.
(define-configuration-helper): Accept ‘prefix’ argument for using serializer
with custom prefix.
(define-configuration): Pattern match on ‘prefix’ literal.
* tests/services/configuration.scm ("serialize-configuration with prefix"):
New test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/vpn.scm (<strongswan-configuration>): New record type.
(charon-plugins, strongswan-configuration-file)
(strongswan-shepherd-service, strongswan-service-type): New variables.
* doc/guix.tex (VPN Services): Document them all.
For some time, OpenSSH's option 'PermitRootLogin' has deprecated the
ambiguous argument 'without-password' with 'prohibit-password'.
* doc/guix.texi (Network Services): Replace 'without-password by
'prohibit-password.
* gnu/machine/digital-ocean.scm (guix-infect): Change system
configuration to use 'prohibit-password.
* gnu/services/ssh.scm (openssh-configuration): Change comment to use
'prohibit-password.
(openssh-config-file): Add support for 'prohibit-password to
'permit-root-login'. Warn about deprecated 'without-password usage.
* gnu/tests/ganeti.scm (%ganeti-os): Replace 'without-password by
'prohibit-password.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
Otherwise when pcscd doesn't terminate properly (ie. receive a SIGKILL),
it won't start again because of it's socket already existing.
* gnu/services/security-token.scm (pcscd-shepherd-service)[start]:
Remove existing socket file.
This follows on from the changes in 4985a42724.
* gnu/services/base.scm (%default-authorized-guix-keys): Add
bordeaux.guix.gnu.org.pub.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Fixes <https://issues.guix.gnu.org/48521>.
The problem was caused by the 'file-system-mapping' record not being in scope.
* gnu/services/networking.scm (opendht-shepherd-service): Import the (gnu
system file-systems) module.
[requirement]: Depend on networking, to avoid spurious output.
[modules]: New field.
[start] <group>: New argument.
* gnu/services/networking.scm (maybe-number?, maybe-string?): New procedures.
(<opendht-configuration>): New configuration record.
(%opendht-accounts): New variable.
(opendht-configuration->command-line-arguments): New procedure.
(opendht-shepherd-service, opendht-service-type): New variables.
* doc/guix.texi (Networking Services): Document the new service.
This is added for convenience and for uniformity with the
define-maybe/no-serialization syntax introduced in the previous commit.
* gnu/services/configuration.scm
(define-configuration/no-serialization): New syntax.