| Age | Commit message (Collapse) | Author |
|---|
|
Fixes guix/guix#2410.
Until now, ‘guix shell’ and ‘guix time-machine’ would store GC roots under
~/.cache/guix. However, this directory is unreadable to guix-daemon when it’s
running without root privileges. This commit changes ‘guix shell’ and ‘guix
time-machine’ so they store GC roots under /var/guix/profiles/per-user/$USER,
in a world-readable directory.
An added benefit is that, in cluster setups, user homes no longer need to be
mounted on the head node for GC to work (assuming ‘guix build -r’ and similar
are not used).
* guix/inferior.scm (%inferior-cache-directory): Change default value to be
under ‘%profile-directory’.
(%legacy-inferior-cache-directory): New variable.
(cached-channel-instance): Add ‘maybe-remove-expired-cache-entries’ call.
* guix/scripts/environment.scm (launch-environment/container)[nesting-mappings]:
Add /inferiors and /profiles sub-directories of ‘%profile-directory’. Call
‘mkdir-p’ for these two directories.
* guix/scripts/shell.scm (%profile-cache-directory): Change default value to
be under ‘%profile-directory’.
(%legacy-cache-directory): New variable.
(guix-shell): Add call to ‘maybe-remove-expired-cache-entries’.
Change-Id: Ie7d6c16a55b35c7beb18078c967d6fc902bf68d0
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes guix/guix#2450.
This reverts commit b5745a327e8dae21caaf10b59256dc7b16d54588, which introduced
discrepancies in how substitutes are served; in particular, narinfos of
non-substitutable items would still be served, and likewise for narinfos and
nars of dependents of non-substitutable items.
|
|
Fixes guix/guix#1901.
Previously, ‘guix gc --list-busy’ (which is invoked by ‘guix-daemon’) would
open a connection to the daemon, which in turn attempts to create
/var/guix/profiles/per-user/$USER. However, when ‘guix-daemon‘ is running as
an unprivileged user, creating that directory fails with EPERM. Because of
this, garbage collection would always fail when running the unprivileged
daemon on Guix System.
* guix/scripts/gc.scm (guix-gc): Remove upfront call to ‘open-connection’.
Instead, use ‘with-store’ only for operations that require it.
Change-Id: I1fbfd97cf7ba9e3087f7287b4776ea2f6623400d
|
|
This reverts commit a7db92d9b389cbe565395523882c34c6eff2c21a, this time with
the more careful command, to avoid a world rebuild:
grep -rl --exclude-dir=build --exclude-dir=patches --exclude=ld-wrapper.in \
--exclude=sitecustomize.py --exclude=guix-emacs.el maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
Change-Id: I0871f5cf9ace79e34e78e24154d0da6ea95a3a91
|
|
This reverts commit d0d87a744d724b7e7d5ac013c586039652087bb3. Oops! This
caused a world rebuild.
Change-Id: I25fff644b2b61d0ee93d69b457b04c72b5b74d15
|
|
The change was automated via:
git grep -l maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
* .mailmap: New entry.
Change-Id: Iaa88b1e51c94159c49138fb43910badb990eb169
|
|
* guix/scripts/home.scm (spawn-home-container): Add ‘options’ field to
the /run/user/$UID and ‘home-directory’ file systems.
Change-Id: Ic6d987fe186f9c49718f15c71867953a20f2fb68
|
|
Fixes guix/guix#1994.
* gnu/build/linux-container.scm (%writable-/tmp): New variable.
* guix/scripts/environment.scm (launch-environment/container): Remove ‘tmpfs’
and use it. Adjust ‘file-system’ declaration for /run/user/$UID.
* guix/scripts/home.scm (spawn-home-container): Likewise.
Reported-by: Romain GARBAGE <romain.garbage@inria.fr>
Change-Id: Ia8289fb5386971738caf2ccc1e815daa6ac28459
|
|
Fixes guix/guix#2429
* guix/scripts/size.scm (file-size): Improve error message.
Change-Id: I0e0f6de1eded8a780d2edc07ce1fbc5c7ff73e25
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
"guix perform-download" is used to implement the daemon's "download" and
"git-download" builtin builders. Because these are builtins, it runs without
any additional isolation beyond merely running as a build user. In such a
context, allowing arbitrary user-supplied code to be evaluated will easily
lead to the build user being taken over, which can then be used to corrupt
future builds, enable exploitation of certain vulnerabilities, and in the case
of the rootless daemon completely take over guix-daemon.
Use (ice-9 sandbox) to ensure that only safe bindings are available during the
evaluation of the content-addressed-mirrors file.
* guix/perform-download.scm (%safe-bindings, %sandbox-module): new variables.
(syntax-noop): new syntax.
(eval-content-addressed-mirrors, assert-store-file,
call-with-input-file/no-symlinks): new procedures.
(perform-download): use assert-store-file to ensure files are in the store
before being read. Use call-with-input-file/no-symlinks for opening
untrusted files. Use eval-content-addressed-mirrors to evaluate the
content-addressed-mirrors file.
Change-Id: I8ed27a95d84dbcc7d72d0d75f172d113f8be6c79
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Since this is used to implement the "download" and "git-download" builtins,
which are run outside of any chroot, this is trusted code with respect to the
user-supplied strings it reads.
* guix/scripts/perform-download.scm (read/safe): new procedure.
(perform-download, perform-git-download): use it.
(guix-perform-download): explicitly set 'read-eval?' to #f and
'read-hash-procedures' to '(). #f is the default value of 'read-eval?' on
startup, but set it anyway to be certain.
Change-Id: I93cb8e32607a6f9a559a26c1cbd6b88212ead884
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/import/crate.scm (show-help, %options, guix-import-crate)
[--recursive, --recursive-dev-dependencies, --mark-missing]: Remove options.
* doc/guix.texi (Invoking guix import)[crate]: Adjust accordingly.
Mention packaging workflow.
* guix/import/crate.scm (make-crate-sexp): Don't use "rust-" prefix and semver
suffix for package name.
[#:cargo-inputs, #:cargo-development-inputs, #:build?]: Remove arguments.
(crate->guix-package)[#:include-dev-deps?, #:mark-missing?]: Remove arguments.
(<crate-dependency>): Remove data type.
(make-crate-dependency, crate-dependency?, json->crate-dependency)
(crate-version-dependencies, package-names->package-inputs)
(maybe-cargo-inputs, maybe-cargo-development-inputs, maybe-arguments)
(version->semver-prefix, find-package-version, crate-recursive-import): Remove
procedures.
* tests/crate.scm (test-foo-crate, test-bar-crate): Adjust for modified tests.
(test-foo-dependencies, test-bar-dependencies, test-root-crate)
(test-root-dependencies, test-intermediate-a-crate)
(test-intermediate-a-dependencies, test-intermediate-b-crate)
(test-intermediate-b-dependencies, test-intermediate-c-crate)
(test-intermediate-c-dependencies, test-leaf-alice-crate)
(test-leaf-alice-dependencies, test-leaf-bob-crate)
(test-leaf-bob-dependencies, rust-leaf-bob-3, rust-leaf-bob-3.0.2-yanked):
Remove variables.
("crate->guix-package yanked", "crate->guix-package only yanked available"): New
tests.
("crate->guix-package"): Adjust accordingly.
("crate->guix-package-marks-missing-packages", "crate-recursive-import")
("crate-recursive-import-honors-existing-packages")
("crate-import-only-yanked-available"): Remove tests.
Change-Id: Ib1d24511ed0ea1a2373f53de12e06afa7950a7d7
|
|
* guix/import/crate.scm (cargo-inputs-from-lockfile)
find-cargo-inputs-location, extract-cargo-inputs): New procedures.
* guix/scripts/import/crate.scm (%options): Add ‘--lockfile’ option.
(show-help): Add it.
(guix-import-crate): Use it.
* doc/guix.texi (Invoking guix import): Document it.
Change-Id: I291478e04adf9f2df0bf216425a5e8aeba0bedd9
|
|
* guix/scripts/import.scm (guix-import): Skip existing definition for
‘--insert’ option.
Change-Id: I2c4242669f974b263a018ab0cf56538bd7c81d06
|
|
So that importers can adjust the file before inserting.
* guix/scripts/import.scm (%standard-import-options): Add ‘--file-to-insert’.
(guix-import): Pass it to importers when ‘--insert’ is set.
Change-Id: I8e7a18ee8e0f96d7fc5688a207a7a5390ad2fa30
|
|
* guix/utils.scm (find-definition-location): New procedure.
(find-definition-insertion-location): Define with it.
* guix/scripts/import.scm (import-as-definitions, guix-import): Support
expressions defined by 'define.
Change-Id: I03118e1a3372028b4f0530964aba871b4a1a4d25
|
|
For consistency with ‘insert-expression’.
* guix/scripts/import.scm (guix-import): Add two newlines after inserting.
Change-Id: I55b45ca137d175fdf6ee5c0bb2b6b1ca8385750d
|
|
The info manual documents ‘--insert=FILE’, but it wasn't actually supported.
* guix/scripts/import.scm (show-help): Add missing ‘FILE’.
(guix-import): Accept ‘--insert=FILE’.
Change-Id: I540d5feae3fe49c00e9bd6f7a8649ffe0d6e006d
|
|
* guix/scripts/offload.scm (choose-build-machine): Display amount of
free space using more specific units.
(check-machine-status): Same.
Change-Id: I93ebbf3115f15dacf57be7e63350bfbe8a3974b6
|
|
* guix/ui.scm (number->size): New procedure.
* guix/scripts/gc.scm (guix-gc)[actions]: Display the amount of
collected-garbage using more specific units.
[ensure-free-space]: Display the size using an appropriate size unit.
* nix/libstore/gc.cc (deletePathRecursive, removeUnusedLinks): Same.
* nix/libstore/optimise-store.cc (showBytes): Move function ...
* nix/libstore/misc.cc: ... to here. Expand to adjust the output based
on the amount of bytes received.
Change-Id: Idceb1a13f8e45f959d327f53d1a8accb29d2678b
|
|
Fixes <https://issues.guix.gnu.org/70826>.
This allows users to specify extra arguments specific to the underlying
mapped device type.
* gnu/system/mapped-devices.scm (<mapped-device>)[arguments]: New field.
(device-mapping-service-type): Honor it.
* guix/scripts/system.scm (check-mapped-devices): Likewise.
* gnu/system/linux-initrd.scm (raw-initrd): Likewise.
* doc/guix.texi (Mapped Devices): Document it.
Reported-by: 45mg <45mg.writes@gmail.com>
Change-Id: Idef5a3e68535c412f13bae9a92c81c49053d4f4a
|
|
Fixes guix/guix#664.
This is necessary when running ‘guix-daemon’ as an unprivileged user and
also when running ‘guix weather’ as an unprivileged user.
* guix/pki.scm (ensure-acl): Make ‘%acl-file’ #o644.
* guix/scripts/archive.scm (authorize-key): Likewise.
* guix/ssh.scm (remote-authorize-signing-key): Likewise.
Change-Id: I3c979b2cdf52e7cb657d8fafa244c58854e7fb67
|
|
* gnu/packages/luanti.scm: New file.
(luanti, luanti-server, luanti-topic, luanti-moreores, luanti-sound-api-core)
(luanti-basic-materials, luanti-coloredwood, luanti-ethereal)
(luanti-homedecor-modpack, luanti-mesecons, luanti-mineclone, luanti-mobs)
(luanti-mobs-animal, luanti-mobs-monster, luanti-pipeworks, luanti-technic)
(luanti-throwing, luanti-throwing-arrows, luanti-worldedit)
(luanti-unifieddyes, luanti-unified-inventory, luanti-advtrains)
(luanti-basic-trains, luanti-oneblock, luanti-wielded-light): New variables.
* gnu/packages/minetest.scm:
(minetest, minetest-server, minetest-topic, minetest-moreores)
(minetest-sound-api-core, minetest-basic-materials, minetest-coloredwood)
(minetest-ethereal, minetest-homedecor-modpack, minetest-mesecons)
(minetest-mineclone, minetest-mobs, minetest-mobs-animal)
(minetest-mobs-monster, minetest-pipeworks, minetest-technic)
(minetest-throwing, minetest-throwing-arrows, minetest-worldedit)
(minetest-unifieddyes, minetest-unified-inventory, minetest-advtrains)
(minetest-basic-trains, minetest-oneblock, minetest-wielded-light): Deprecate
in favor of the above.
(minetest-game): Move to…
* gnu/packages/luanti.scm (minetest-game): … here.
* gnu/local.mk (GNU_SYSTEM_MODULES): Register luanti.scm.
* guix/build-system/luanti.scm: New file.
(luanti-mod-build-system): New public variable.
* guix/build-system/minetest.scm (minetest-mod-build-system): Deprecate in
favor of luanti-mod-build-system.
* guix/build/luanti-build-system.scm: New file, renamed from…
* guix/build/minetest-build-system.scm: … this. Deprecate in favor of
luanti-build-system.
* guix/import/luanti.scm: New file, renamed from guix/import/minetest.scm.
(%contentdb-api): Switch to “https://content.luanti.org/api/”.
(luanti-package?, latest-luanti-release, luanti->guix-package)
(luanti-recursive-import, %luanti-updater): New public variables.
* guix/import/minetest.scm (minetest-package?, latest-minetest-release)
(minetest->guix-package, minetest-recursive-import, %minetest-updater):
Deprecate in favor of the luanti variants above.
* guix/scripts/import/luanti.scm: New file, renamed from
guix/scripts/import/minetest.scm.
(guix-import-luanti): New public variable.
* guix/scripts/import/minetest.scm (guix-import-minetest): Deprecate in favor
of guix-import-luanti.
* tests/minetest.scm: Rename to…
* tests/luanti.scm: … this.
* Makefile.am (MODULES, SCM_TESTS): Adjust accordingly.
* etc/teams.scm (games): Adjust accordingly.
* CODEOWNERS: Adjust accordingly.
|
|
Fixes guix/guix#640.
* guix/scripts/pack.scm <top-level>: Autoload (gnu packages …) modules.
(bootstrap-xz): Turn into a thunk and update user.
(gcrypt-sqlite3&co): Move to…
(store-database): … here.
Reported-by: Luca Cirrottola <luca.cirrottola@inria.fr>
Change-Id: I345a872a7c2a94ad148052fef3b2b674cc94c9d0
|
|
* guix/scripts/git/authenticate.scm (install-hooks): Create Git hooks
directory if necessary.
Change-Id: Icb9b0674d42af78fe03a3c820369f8324db960b4
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/pack.scm (guix-pack): Don't export properties when SAVE-PROVENANCE is not set.
Change-Id: I956721d1238631451758057a7c9cf13e2da7c59a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes <https://issues.guix.gnu.org/78283>.
* guix/scripts/git/authenticate.scm (guix-git-authenticate): Call
‘current-branch’ and do nothing if it returns the keyring branch.
Reported-by: Vagrant Cascadian <vagrant@debian.org>
Change-Id: I66c2a3f4babf68ac1df0913db6bc708ac0c7968e
|
|
Partly fixes <https://issues.guix.gnu.org/74583>.
Previously, passing an annotated tag to ‘--end’, as can happen when
‘guix git authenticate’ is invoked by the pre-push hook when pushing
tags, would lead to an error:
guix git: error: Git error: the requested type does not match the type in the ODB
* guix/scripts/git/authenticate.scm (ensure-commit-id): New procedure.
(guix-git-authenticate): Use it.
* tests/guix-git-authenticate.sh: Test with $v1_2_0_annotated_tag.
Change-Id: I22e8eb665609522c80c1f0dcb9e77a46c23c0c3c
|
|
Partly fixes <https://issues.guix.gnu.org/74583>.
* guix/scripts/git/authenticate.scm (%pre-push-hook): New variable.
(install-hooks): Use it.
(broken-pre-push-hook?, maybe-upgrade-hooks): New procedures.
(guix-git-authenticate): Call ‘maybe-upgrade-hooks’ when ‘configured?’
returns true.
Change-Id: I39d34ab66ffe0f34170c0f562e9f97f2f69c9fdc
|
|
Guile-Git 0.7.0 was released in May 2024.
* guix/scripts/git/authenticate.scm (record-configuration): Remove
‘module-defined?’ condition for Guile-Git < 0.7.0.
(install-hooks): Likewise.
Change-Id: I27af82068b989d6a18ff1a66453e0a8d397ed380
|
|
* guix/import/nuget.scm: New file.
* guix/scripts/import/nuget.scm: New file.
* guix/scripts/import.scm: Add reference to it.
* gnu/packages/guile-xyz.scm (guile-semver): Update to 0.2.0.
[source]: Switch.
Change-Id: I159c5cf3b02b42435b03d989d5815d3fcf001c92
|
|
Fixes #419 where the same search path is used multiple times, leading to the
last one overriding the previous one.
The solution relies on the #$profile/etc/profile file that is already verified
and in case of errors, it is just one place to repair instead of repairing at
multiple places, like in singularity-environment-file
* guix/pack.scm (singularity-environment-file): Source #$profile/etc/profile
Reported-by: Alexis Simon <alexis.simon@runbox.com>
Change-Id: Ic304fef99ad34d83e4e10cdd2b26d3b1802b5251
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
This commit prevents Guix substitute servers from distributing binaries
which are marked non-substitutable. This prevents substitute servers
from accidentally committing copyright violations by distributing
binaries that are non-substitutable for copyright reasons.
* guix/scripts/publish.scm (render-nar): Query the derivers of
‘store-path’ and do nothing if one of them does not match
‘substitutable-derivation?’.
* tests/publish.scm ("non-substitutable derivation"): New test.
Change-Id: Iaca81f5bdb430a12a3ad41e9b83e0bcc535af607
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/environment.scm (launch-environment/container): Set LANG
to C.UTF-8 unless already set.
Change-Id: I2dba595c8d5f4e9b45264f8185c72779fead2ce6
Signed-off-by: Ekaitz Zarraga <ekaitz@elenq.tech>
|
|
Fixes <https://issues.guix.gnu.org/78210>.
This patch adds the /gnu and /gnu/store directories to the Docker layer
created by ‘guix pack -f docker …’, which enables the Docker image to be
used to create an AWS Lambda function. Without the patch, creating the
AWS Lambda function fails with this error:
"MissingParentDirectory: Parent directory does not exist for file: gnu/store/…-info-dir/"
* guix/scripts/pack.scm (docker-image)[build]: Add store directory to
the docker layer.
* guix/docker.scm (build-docker-image): Change order of arguments to
‘tar’ so parent directories are added before their contents.
Change-Id: I2b103c59981e828c965564ccc5d2415b00a7e52e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/environment.scm (launch-environment/container): Export.
Change-Id: I98d1b3e785015b34f4b434ccd931d8cf8988ee3c
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* guix/scripts/environment.scm (launch-environment/container): Add
/run/user/UID to ‘file-systems’.
* tests/guix-environment-container.sh: Test it.
Change-Id: I44c70a7554a06f40d073c25929ea7c6ded356d08
|
|
* guix/scripts/describe.scm (%vcs-web-views): Add git.guix.gnu.org.
Change-Id: I47ded4618dec3073925efdfa5df87ab47643f8c4
|
|
* guix/import/elpa.scm (elpa-url)[elpa-archives]: Move from here…
(%elpa-archives): … to here.
* guix/scripts/import/elpa.scm (%options): Add “list-archives”.
(show-help): Adjust accordingly.
Change-Id: Ib686bd9ff5eff2d4c37b8751ec1410666d568c1f
Co-authored-by: jgart <jgart@dismail.de>
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
|
|
* guix/scripts/refresh.scm (update-specification->update-spec): Flag the
update-spec as partial when it is prefixed with '~'.
* tests/guix-refresh.sh: Test it. Remove extraneous 'guix refresh'
invocation.
* doc/guix.texi (Invoking guix refresh): Document it.
Change-Id: Iab4482d9367105f6ffcd2d6a49148736c93d53e4
Reviewed-by: Florian Pelz <pelzflorian@pelzflorian.de>
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes <https://issues.guix.gnu.org/78363>.
* guix/scripts/environment.scm (launch-environment/container): Add tmpfs for
home.
* tests/guix-environment-container.sh: Add test.
Change-Id: Iadd9b838f6442a8080998ed7e07414db562068bf
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/environment.scm (file-name-equal-or-under?): New procedure.
(override-user-mappings, override-user-dir): Use it.
Change-Id: Iadd9b838f6442a8080998ed7e07414db562068bf
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/scripts/environment.scm (override-user-mappings): Use inherit.
Change-Id: Iadd9b838f6442a8080998ed7e07414db562068bf
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes <https://issues.guix.gnu.org/78272>.
Fixes a bug caused by commit ce363c1dc7bd63a74dcf7788d340819f6d5db89f,
which inadvertently made /tmp read-only as well.
* guix/scripts/environment.scm (launch-environment/container)[tmpfs]:
New variable.
Add it to ‘file-systems’.
* guix/scripts/home.scm (spawn-home-container): Add /tmp file system
to #:mounts.
* tests/guix-environment-container.sh: Add test.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I5cb449e6d0c213d4b5866cbcbd14990437a7d4c5
|
|
* gnu/build/linux-container.scm (run-container): Add #:loopback-network?
and honor it via #:populate-file-system.
(call-with-container): Add #:loopback-network? and pass it to
‘run-container’.
* guix/scripts/environment.scm (launch-environment/container): Remove
call to ‘set-network-interface-up’ and remove generation of /etc/hosts.
* guix/scripts/home.scm (spawn-home-container): Likewise.
Change-Id: I5933a4e8dc6d8e19235a79696b62299d74d1ba21
|
|
This is an incompatible change where the root file system in
‘guix shell -C’ is now read-only by default.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add ‘--writable-root’.
* guix/scripts/environment.scm (setup-fhs): Invoke /sbin/ldconfig; moved
from…
(launch-environment): … here.
(launch-environment/container): Add #:writable-root? and pass it to
‘call-with-container’. Move root file system setup to #:populate-file-system.
(guix-environment*): Honor ‘--writable-root’.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document ‘--writable-root’.
(Debugging Build Failures): Mention it before “rm /bin/sh”.
Change-Id: I2e8517d6f01eb8093160bffc0f9f56071ad6fee6
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
* guix/scripts/home.scm (spawn-home-container): Move creation of
accounts, /etc/hosts, /tmp, and HOME-DIRECTORY from the first argument
of ‘eval/container’ to #:populate-file-system. Remove #:writable-root?.
* tests/guix-home.sh: Test that the root file system is read-only.
Change-Id: Icda54706321d51b95b563c86c3fb2238cc65ee20
|
|
Until now, the read-only file system set up by ‘call-with-container’
would always be writable. With this change, it can be made read-only.
With this patch, only ‘least-authority-wrapper’ switches to a read-only
root file system.
* gnu/build/linux-container.scm (remount-read-only): New procedure.
(mount-file-systems): Add #:writable-root? and #:populate-file-system
and honor them.
(run-container): Likewise.
(call-with-container): Likewise.
* gnu/system/linux-container.scm (container-script): Pass #:writable-root?
to ‘call-with-container’.
(eval/container): Add #:populate-file-system and #:writable-root? and
honor them.
* guix/scripts/environment.scm (launch-environment/container):
Pass #:writable-root? to ‘call-with-container’.
* guix/scripts/home.scm (spawn-home-container): Likewise.
* tests/containers.scm ("call-with-container, mnt namespace, read-only root")
("call-with-container, mnt namespace, writable root"): New tests.
Change-Id: I603e2fd08851338b737bb16c8af3f765e2538906
|
|
* guix/scripts/home.scm (spawn-home-container): Pass #:mounts to
‘eval/container’.
Change-Id: I1986c1411711cebaf623f97897d91436d8167037
|
|
Code in `ui.scm' in `initialize-guix' procedure changes the handling of
SIGPIPE to SIG_IGN. So restore the handling to SIG_DFL so that process
executed will have the usual action. Technically we should record what the
handling was, and restore it to the previous value, but that would be much
more invasive change.
Always setting it to SIG_DFL is at least less surprising than always setting
to SIG_IGN.
* guix/scripts/environment.scm (launch-environment): Restore default action
for SIGPIPE.
Change-Id: Ifabae1d3e71aa44e63078cea5bd3824b8f61ba14
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
