diff options
Diffstat (limited to 'doc/guix.texi')
| -rw-r--r-- | doc/guix.texi | 97 |
1 files changed, 85 insertions, 12 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index e3b0cf61f0..51884c3c6f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -2850,8 +2850,7 @@ The system does not yet provide graphical desktop environments such as GNOME and KDE. @item -Support for encrypted disks, the Logical Volume Manager (LVM), and swap -devices is missing. +Support for the Logical Volume Manager (LVM) is missing. @item Few system services are currently supported out-of-the-box @@ -3040,6 +3039,7 @@ instance to support new system services. @menu * Using the Configuration System:: Customizing your GNU system. * File Systems:: Configuring file system mounts. +* Mapped Devices:: Block device extra processing. * User Accounts:: Specifying user accounts. * Services:: Specifying system services. * Setuid Programs:: Programs running with root privileges. @@ -3245,6 +3245,69 @@ and unmount user-space FUSE file systems. This requires the @code{fuse.ko} kernel module to be loaded. @end defvr +@node Mapped Devices +@subsection Mapped Devices + +@cindex device mapping +@cindex mapped devices +The Linux kernel has a notion of @dfn{device mapping}: a block device, +such as a hard disk partition, can be @dfn{mapped} into another device, +with additional processing over the data that flows through +it@footnote{Note that the GNU@tie{}Hurd makes no difference between the +concept of a ``mapped device'' and that of a file system: both boil down +to @emph{translating} input/output operations made on a file to +operations on its backing store. Thus, the Hurd implements mapped +devices, like file systems, using the generic @dfn{translator} mechanism +(@pxref{Translators,,, hurd, The GNU Hurd Reference Manual}).}. A +typical example is encryption device mapping: all writes to the mapped +device are encrypted, and all reads are deciphered, transparently. + +Mapped devices are declared using the @code{mapped-device} form: + +@example +(mapped-device + (source "/dev/sda3") + (target "home") + (type luks-device-mapping)) +@end example + +@noindent +@cindex disk encryption +@cindex LUKS +This example specifies a mapping from @file{/dev/sda3} to +@file{/dev/mapper/home} using LUKS---the +@url{http://code.google.com/p/cryptsetup,Linux Unified Key Setup}, a +standard mechanism for disk encryption. The @file{/dev/mapper/home} +device can then be used as the @code{device} of a @code{file-system} +declaration (@pxref{File Systems}). The @code{mapped-device} form is +detailed below. + +@deftp {Data Type} mapped-device +Objects of this type represent device mappings that will be made when +the system boots up. + +@table @code +@item source +This string specifies the name of the block device to be mapped, such as +@code{"/dev/sda3"}. + +@item target +This string specifies the name of the mapping to be established. For +example, specifying @code{"my-partition"} will lead to the creation of +the @code{"/dev/mapper/my-partition"} device. + +@item type +This must be a @code{mapped-device-kind} object, which specifies how +@var{source} is mapped to @var{target}. +@end table +@end deftp + +@defvr {Scheme Variable} luks-device-mapping +This defines LUKS block device encryption using the @command{cryptsetup} +command, from the same-named package. This relies on the +@code{dm-crypt} Linux kernel module. +@end defvr + @node User Accounts @subsection User Accounts @@ -3254,7 +3317,10 @@ User accounts are specified with the @code{user-account} form: (user-account (name "alice") (group "users") - (supplementary-groups '("wheel")) ; allow use of sudo, etc. + (supplementary-groups '("wheel" ;allow use of sudo, etc. + "audio" ;sound card + "video" ;video devices such as webcams + "cdrom")) ;the good ol' CD-ROM (comment "Bob's sister") (home-directory "/home/alice")) @end example @@ -3446,6 +3512,12 @@ Run @var{udev}, which populates the @file{/dev} directory dynamically. The @code{(gnu system networking)} module provides services to configure the network interface. +@cindex DHCP, networking service +@deffn {Monadic Procedure} dhcp-client-service [#:dhcp @var{isc-dhcp}] +Return a service that runs @var{dhcp}, a Dynamic Host Configuration +Protocol (DHCP) client, on all the non-loopback network interfaces. +@end deffn + @deffn {Monadic Procedure} static-networking-service @var{interface} @var{ip} @ [#:gateway #f] [#:name-services @code{'()}] Return a service that starts @var{interface} with address @var{ip}. If @@ -3577,23 +3649,24 @@ at boot time, you can define the @code{initrd} field of the operating system declaration like this: @example -(initrd (cut base-initrd <> - #:extra-modules '("my.ko" "modules.ko"))) +(initrd (lambda (file-systems . rest) + (apply base-initrd file-systems + #:extra-modules '("my.ko" "modules.ko") + rest))) @end example -@noindent -Note that for the example above, the SRFI-26 module needs to be imported -(@pxref{SRFI-26,,, guile, GNU Guile Reference Manual}). - -It also handles common use cases that involves using the system as a -QEMU guest, or as a ``live'' system whose root file system is volatile. +The @code{base-initrd} procedure also handles common use cases that +involves using the system as a QEMU guest, or as a ``live'' system whose +root file system is volatile. @deffn {Monadic Procedure} base-initrd @var{file-systems} @ [#:qemu-networking? #f] [#:virtio? #f] [#:volatile-root? #f] @ - [#:extra-modules '()] + [#:extra-modules '()] [#:mapped-devices '()] Return a monadic derivation that builds a generic initrd. @var{file-systems} is a list of file-systems to be mounted by the initrd, possibly in addition to the root file system specified on the kernel command line via @code{--root}. +@var{mapped-devices} is a list of device mappings to realize before +@var{file-systems} are mounted (@pxref{Mapped Devices}). When @var{qemu-networking?} is true, set up networking with the standard QEMU parameters. When @var{virtio?} is true, load additional modules so the initrd can |