For some time, OpenSSH's option 'PermitRootLogin' has deprecated the
ambiguous argument 'without-password' with 'prohibit-password'.
* doc/guix.texi (Network Services): Replace 'without-password by
'prohibit-password.
* gnu/machine/digital-ocean.scm (guix-infect): Change system
configuration to use 'prohibit-password.
* gnu/services/ssh.scm (openssh-configuration): Change comment to use
'prohibit-password.
(openssh-config-file): Add support for 'prohibit-password to
'permit-root-login'. Warn about deprecated 'without-password usage.
* gnu/tests/ganeti.scm (%ganeti-os): Replace 'without-password by
'prohibit-password.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* gnu/tests/linux-modules.scm
(run-loadable-kernel-modules-service-test): Actually load the modules
with kernel-module-loader-service-type. Use a singleton service instead
of defining a custom one.
* doc/guix.texi (Service Reference): To give an example of
linux-loadable-module-service-type use a singleton instead of defining a
new service.
* gnu/system.scm (operating-system-directory-base-entries): Remove code
to handle generation of "kernel" for linux-libre kernels.
(operating-system-default-essential-services): Instantiate
linux-builder-service-type.
(package-for-kernel): Move ...
* gnu/services.scm: ... to here.
(linux-builder-service-type): New variable.
(linux-builder-configuration): New type.
(linux-loadable-module-service-type): New variable.
* gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test): Move
code to ...
(run-loadable-kernel-modules-test-base): ... new procedure here.
(run-loadable-kernel-modules-service-test): New procedure.
(%test-loadable-kernel-modules-service-0): New variable.
(%test-loadable-kernel-modules-service-1): New variable.
(%test-loadable-kernel-modules-service-2): New variable.
* doc/guix.texi: Document linux-loadable-module-service-type.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
* gnu/installer/tests.scm (conclude-installation): Rename it into ...
(start-installation): ... this new procedure.
(complete-installation): New procedure.
(choose-partitioning): Add an uefi-support? argument.
* gnu/tests/install.scm (uefi-firmware): New procedure.
(run-install, qemu-command/writable-image, gui-test-program,
installation-target-os-for-gui-tests): Add an uefi-support? argument.
(%extra-packages): Add grub-efi, fatfsck/static and dosfstools.
(%test-gui-installed-os): New variable.
Fixes: <https://issues.guix.gnu.org/47745>.
* gnu/tests/ldap.scm (run-ldap-test): Use a password with more that 8
characters so that dscreate doesn't fail.
The patchwork test sometimes fail because there's not enough available RAM in
the marionette. Increase the VM memory size to 1024MiB.
* gnu/tests/web.scm (run-patchwork-test): Increase VM memory size to 1024MiB.
The "http-get" test is sometimes failing because the Web server is not yet
initialized and returns the 500 error code.
Use the retry-or-error procedure, like in the tailon test to do a few retries.
* gnu/tests/web.scm (run-tailon-test): Move "retry-or-error" procedure to the
top level and adapt its call.
(run-patchwork-test): Use it.
This fixes: <https://issues.guix.gnu.org/47727>. The OCR prompt detection is
failing, so remove it altogether. It looks like the test doesn't need the
prompt detection delay to work properly.
* gnu/tests/base.scm (run-halt-test): Remove failing OCR detection.
Fixes <https://bugs.gnu.org/46737>.
PostgreSQL running with a different socket directory to the default one in the
package itself breaks some services, this commit restores the previous
behaviour where PostgreSQL by default will run with a socket directory that
matches the default used by PostgreSQL packaged for Guix.
Switching to a different default value can happen, but only alongside changing
the PostgreSQL package.
* gnu/services/databases.scm (<postgresql-config-file>)[socket-directory]:
Change default to #false.
* doc/guix.texi (Database Services): Update documentation, and specify a
different value for disabling connections via sockets.
* gnu/tests/guix.scm (%guix-data-service-os): Use default PostgreSQL
behaviour.
* gnu/tests/monitoring.scm (%zabbix-os): Likewise.
* gnu/tests/web.scm (patchwork-os): Likewise.
Signed-off-by: Leo Famulari <leo@famulari.name>
It is tested whether the IPFS service listens
at the gateway and API ports and whether it
is possible to upload and download a bytevector.
* gnu/tests/networking.scm
(%ipfs-os): New variable.
(run-ipfs-test): New procedure.
(%test-ipfs): New system test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This fixes the following error when running the "docker-system" test:
In ice-9/ftw.scm:
553:30 1 (_ #<directory stream db6660>)
In unknown file:
0 (readdir #<directory stream db6660>)
ERROR: In procedure readdir:
In procedure readdir: Cannot allocate memory
* gnu/tests/docker.scm (%test-docker-system): Bump image building VM memory
size to 1024 MiB.
Those tests don't make sense anymore as the Cuirass 1.0 version has removed
the possibility to execute a custom registration procedure.
* gnu/tests/cuirass.scm: Remove it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Ditto.
mongodb 3.4.10 has unpatched CVEs and mongodb 3.4.24 has some files in the
release tarball under the SSPL, therefore we cannot provide mongodb while
upholding to good security standards.
It turns out feff80cec3 was right since while
the main license file wasnt altered to SSPL, some files in the tree contain
SSPL headers.
* gnu/packages/databases.scm (go-gopkg.in-mgo.v2): Remove.
* gnu/packages/databases.scm (mongo-tools): Remove.
* doc/guix.texi (mongodb-service-type): Remove.
* gnu/tests/databases.scm (%test-mongodb, %mongodb-os, run-mongodb-test):
Remove.
* gnu/services/databases.scm (mongodb-configuration, mongodb-configuration?,
mongodb-configuration-mongodb, mongodb-configuration-config-file,
mongodb-configuration-data-directory, mongodb-service-type,
%default-mongodb-configuration-file, %mongodb-accounts, mongodb-activation,
mongodb-shepherd-service): Remove.
* gnu/packages/databases.scm (mongodb): Remove.
This is a follow-up of ab054868af. The test was
failing because the Shepherd control socket wasn't ready yet. Restore it but
make sure that the control socket is available first.
* gnu/tests/cuirass.scm ("shepherd socket ready"): New test.
("cuirass running"): Restore it.
Instead of returning multiple services in simple-cuirass-services, rely on the
instantiate-missing-services procedure to instantiate postgresql and
postgresql-role-service-type when missing.
Turn simple-cuirass-services procedure into
simple-cuirass-configuration->specs, that takes a simple-cuirass-configuration
record and returns a Cuirass specification.
Suggested-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/cuirass.scm (%default-cuirass-config): Remove it.
(simple-cuirass-services): Rename it to ...
(simple-cuirass-configuration->specs): ... this procedure.
* gnu/tests/cuirass.scm (cuirass-services): Remove postgresql and
postgresql-role services that are automatically instantiated.
(simple-cuirass-service): New variable.
(%cuirass-simple-test): Adapt it to use simple-cuirass-configuration->specs
instead of simple-cuirass-services.
* doc/guix.texi (Simple Cuirass): Update it.
* gnu/services/cuirass.scm (<build-manifest>,
<simple-cuirass-configuration>): New records.
(build-manifest, build-manifest?, simple-cuirass-configuration,
simple-cuirass-configuration?, simple-cuirass-services): New procedures.
(%default-cuirass-config): New variable.
* gnu/tests/cuirass.scm (%cuirass-simple-test): New variable.
* doc/guix.texi (Continuous Integration): Document it.
Rewrite so that "run-cuirass-test" takes an operating-system argument. This is
functionally equivalent.
* gnu/tests/cuirass.scm (%derivation-file, git-service, cow-service,
%cuirass-specs): New variables.
(cuirass-services): New procedure.
(run-cuirass-test): Add an "operating-system" argument.
(%cuirass-test): Adapt it.
(%cuirass-remote-test): Ditto.
* gnu/services/databases.scm (postgresql-configuration-log-directory): New
procedure.
(<postgresql-configuration>)[log-directory]: New field.
(postgresql-activation): Create the log directory.
(postgresql-shepherd-service): Honor it.
* gnu/tests/databases.scm (%postgresql-log-directory): New variable.
(log-file): New test case.
* doc/guix.texi (Database Services): Document it.
* gnu/services/databases.scm (postgresql-config-file-compiler): Support Guile
datatypes in the "extra-config" field.
* gnu/tests/databases.scm (%postgresql-os): Test it.
* doc/guix.texi (Database Services): Document it.
This avoids a package collision while building the operating-system profile.
* gnu/tests/monitoring.scm (%zabbix-os): Use POSTGRESQL instead of
POSTGRESQL-10.
* gnu/bootloader/grub.scm (grub-configuration-file): New parameter
store-crypto-devices.
[crypto-devices]: New helper function.
[builder]: Use crypto-devices.
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* gnu/tests/install.scm (%encrypted-root-not-boot-os,
%encrypted-root-not-boot-os): New os declaration.
(%encrypted-root-not-boot-installation-script): New script, whose contents
were initially taken from %encrypted-root-installation-script.
(%test-encrypted-root-not-boot-os): New test.
* gnu/system.scm (define-module): Export
operating-system-bootoader-crypto-devices and
boot-parameters-store-crypto-devices.
(<boot-parameters>): Add field store-crypto-devices.
(read-boot-parameters): Parse store-crypto-devices field.
[uuid-sexp->uuid]: New helper function extracted from
device-sexp->device.
(operating-system-bootloader-crypto-devices): New function.
(operating-system-bootcfg): Use
operating-system-bootloader-crypto-devices to provide its contents to
the bootloader configuration generation process.
(operating-system-boot-parameters): Add store-crypto-devices to the
generated boot-parameters.
(operating-system-boot-parameters-file): Likewise to the file with
the serialized structure.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-crypto-devices to provide its contents to the
bootloader configuration generation process.
* tests/boot-parameters.scm (%default-store-crypto-devices): New
variable.
(%grub-boot-parameters, test-read-boot-parameters): Use
%default-store-crypto-devices.
(tests store-crypto-devices): New tests.
* gnu/services/databases.scm (<mysql-configuration>): Add AUTO-UPGRADE? field.
(mysql-upgrade-wrapper, mysql-upgrade-shepherd-service,
mysql-shepherd-services): New variables.
(mysql-service-type): Use MYSQL-SHEPHERD-SERVICES instead of
MYSQL-SHEPHERD-SERVICE.
* doc/guix.texi (Database Services): Document the AUTO-UPGRADE? field of
MYSQL-SERVICE-TYPE.
* gnu/tests/databases.scm (run-mysql-test): Test that mysql_upgrade has run.
* gnu/services/databases.scm (mysql-service): Define in terms of DEFINE-DEPRECATED.
* gnu/tests/databases.scm (%mysql-os): Adjust accordingly.
* doc/guix.texi (Database Services): Adjust the MariaDB/MySQL section to
document MYSQL-SERVICE-TYPE instead of MYSQL-SERVICE. While at it, document
the EXTRA-CONTENT field.
* gnu/tests/audio.scm (%mpd-os): Use the default 'mpd-configuration'.
(run-mpd-test)[test]("mpd listening"): New test.
("mpc connect"): Use 'system*' and 'test-equal'.
The test was failing with ENOSPC.
* gnu/tests/docker.scm (run-docker-system-test)[vm]: Increase 'memory-size'.
(%test-docker-system): Change 'locale-libcs' for the OS passed to
'system-docker-image'.
Fixes: <https://issues.guix.gnu.org/44101>.
* gnu/build/bootloader.scm (write-file-on-device): Pass 'no-fail flag instead
of 'no-create. Use a latin-1 transcoder.
* guix/scripts/system/reconfigure.scm (install-bootloader-program): Add a
"disk-installer" argument and use it as a fallback.
(install-bootloader): Adapt accordingly.
* gnu/tests/reconfigure.scm (run-install-bootloader-test): Ditto.
Note: This change requires an updated 'guix' package that contains
Linux-swap support in (gnu build file-systems).
* gnu/installer/parted.scm (user-partitions->configuration): Use UUIDs
in the 'swap-devices' field.
* gnu/installer/newt/final.scm (run-final-page)[wait-for-clients]: New
procedure. Use it.
* gnu/installer/tests.scm (choose-partitioning): Wait for
'starting-final-step' message and move configuration file dialog
handling to...
(conclude-installation): ... here. Send over PORT the reply
corresponding to 'starting-final-step'.
* gnu/tests/install.scm (gui-test-program): When ENCRYPTED? is false,
invoke 'swaplabel' in the marionette.
(installation-target-os-for-gui-tests): When ENCRYPTED? is false, except
a fixed UUID.