diff --git a/doc/contributing.fr.texi b/doc/contributing.fr.texi new file mode 100644 index 0000000000..0ded44c5fd --- /dev/null +++ b/doc/contributing.fr.texi @@ -0,0 +1,505 @@ +@node Contribuer +@chapter Contribuer + +Ce projet est un effort coopératif et nous avons besoin de votre aide pour +le faire grandir ! Contactez-nous sur @email{guix-devel@@gnu.org} et +@code{#guix} sur le réseau IRC Freenode. Nous accueillons les idées, les +rapports de bogues, les correctifs et tout ce qui pourrait aider le +projet. Nous apprécions particulièrement toute aide sur la création de +paquets (@pxref{Consignes d'empaquetage}). + +@cindex code de conduite, des contributeurs +@cindex convention de contribution +Nous souhaitons fournir un environnement chaleureux, amical et sans +harcèlement pour que tout le monde puisse contribuer au mieux de ses +capacités. Pour cela notre projet a une « Convention de contribution » +adaptée de @url{http://contributor-covenant.org/}. Vous pouvez trouver une +version locale dans le fichier @file{CODE-OF-CONDUCT} dans l'arborescence +des sources. + +Les contributeurs n'ont pas besoin d'utiliser leur nom légal dans leurs +correctifs et leurs communications en ligne ; ils peuvent utiliser n'importe +quel nom ou pseudonyme de leur choix. + +@menu +* Construire depuis Git:: The latest and greatest. +* Lancer Guix avant qu'il ne soit installé:: Astuces pour les hackers. +* La configuration parfaite:: Les bons outils. +* Style de code:: Hygiène du contributeur. +* Envoyer des correctifs:: Partager votre travail. +@end menu + +@node Construire depuis Git +@section Construire depuis Git + +Si vous souhaitez travailler sur Guix lui-même, il est recommandé d'utiliser +la dernière version du dépôt Git : + +@example +git clone https://git.savannah.gnu.org/git/guix.git +@end example + +Lors de la construction de Guix depuis un extrait, les paquets suivants sont +requis en plus de ceux mentionnés dans les instructions d'installation +(@pxref{Prérequis}). + +@itemize +@item @url{http://gnu.org/software/autoconf/, GNU Autoconf}; +@item @url{http://gnu.org/software/automake/, GNU Automake}; +@item @url{http://gnu.org/software/gettext/, GNU Gettext}; +@item @url{http://gnu.org/software/texinfo/, GNU Texinfo}; +@item @url{http://www.graphviz.org/, Graphviz}; +@item @url{http://www.gnu.org/software/help2man/, GNU Help2man (facultatif)}. +@end itemize + +La manière la plus simple de configurer un environnement de développement +pour Guix est, bien sûr, d'utiliser Guix ! La commande suivante démarre un +nouveau shell où toutes les dépendances et les variables d'environnements +appropriées sont configurés pour travailler sur Guix : + +@example +guix environment guix +@end example + +@xref{Invoquer guix environment}, pour plus d'information sur cette +commande. On peut ajouter des dépendances supplémentaires avec +@option{--ad-hoc} : + +@example +guix environment guix --ad-hoc help2man git strace +@end example + +Lancez @command{./bootstrap} pour générer l'infrastructure du système de +construction avec Autoconf et Automake. Si vous avez une erreur comme : + +@example +configure.ac:46: error: possibly undefined macro: PKG_CHECK_MODULES +@end example + +@noindent +cela signifie probablement qu'Autoconf n'a pas pu trouver @file{pkg.m4} qui +est fournit par pkg-config. Assurez-vous que @file{pkg.m4} est +disponible. C'est aussi vrai pour l'ensemble de macros de @file{guile.m4} +fournies par Guile. Par exemple, si vous avez installé Automake dans +@file{/usr/local}, il ne cherchera pas les fichiers @file{.m4} dans +@file{/usr/share}. Dans ce case vous devez invoquer la commande suivante : + +@example +export ACLOCAL_PATH=/usr/share/aclocal +@end example + +@xref{Macro Search Path,,, automake, The GNU Automake Manual}, pour plus +d'information. + +Ensuite, lancez @command{./configure} comme d'habitude. Assurez-vous de +passer @code{--localstatedir=@var{directory}} où @var{directory} est la +valeur @code{localstatedir} utilisée par votre installation actuelle +(@pxref{Le dépôt} pour plus d'informations à ce propos). + +Finalement, vous devez invoquer @code{make check} pour lancer les tests +(@pxref{Lancer la suite de tests}). Si quelque chose échoue, jetez un œil +aux instructions d'installation (@pxref{Installation}) ou envoyez un message +à la list @email{guix-devel@@gnu.org}. + + +@node Lancer Guix avant qu'il ne soit installé +@section Lancer Guix avant qu'il ne soit installé + +Pour garder un environnement de travail sain, il est utile de tester les +changement localement sans les installer pour de vrai. Pour pouvoir +distinguer votre rôle « d'utilisateur final » de celui parfois haut en +couleur de « développeur ». + +Pour cela, tous les outils en ligne de commande sont utilisables même sans +avoir lancé @code{make install}. Vous devez pour cela préfixer chaque +commande par @command{./pre-inst-env} (le script @file{pre-inst-env} se +trouve dans le répertoire de plus haut niveau de l'arborescence des sources +de Guix) comme cela@footnote{L'option @option{-E} de @command{sudo} garantie +que @code{GUILE_LOAD_PATH} est bien paramétré pour @command{guix-daemon} et +les outils qu'il utilise puissent trouver les modules Guile dont ils ont +besoin.} : + +@example +$ sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild +$ ./pre-inst-env guix build hello +@end example + +@noindent +De même, pour une session Guile qui utilise les modules Guix : + +@example +$ ./pre-inst-env guile -c '(use-modules (guix utils)) (pk (%current-system))' + +;;; ("x86_64-linux") +@end example + +@noindent +@cindex REPL +@cindex read-eval-print loop +@dots{} et pour un REPL (@pxref{Using Guile Interactively,,, guile, Guile +Reference Manual}) + +@example +$ ./pre-inst-env guile +scheme@@(guile-user)> ,use(guix) +scheme@@(guile-user)> ,use(gnu) +scheme@@(guile-user)> (define snakes + (fold-packages + (lambda (package lst) + (if (string-prefix? "python" + (package-name package)) + (cons package lst) + lst)) + '())) +scheme@@(guile-user)> (length snakes) +$1 = 361 +@end example + +Le script @command{pre-inst-env} paramètre toutes les variables +d'environnement nécessaires, dont @env{PATH} et @env{GUILE_LOAD_PATH}. + +Remarquez que @command{./pre-inst-env guix pull} ne met @emph{pas} à jour +l'arborescence des sources locale ; il met seulement à jour le lien +symbolique @file{~/.config/guix/latest} (@pxref{Invoquer guix pull}). Lancez +@command{git pull} à la place si vous voulez mettre à jour votre +arborescence des sources locale@footnote{Si vous voulez paramétrer +@command{guix} pour qu'il utilise votre dépôt Git, vous pouvez faire pointer +le lien symbolique @file{~/.config/guix/latest} vers le répertoire contenant +ce dépôt. Si vous le seul utilisateur du système, vous pouvez aussi +considérer faire pointer le lien symbolique @file{/root/.config/guix/latest} +vers @file{~/.config/guix/latest} ; comme ça root aura toujours la même +commande @command{guix} que votre utilisateur}. + + +@node La configuration parfaite +@section La configuration parfaite + +La configuration parfaite pour travailler sur Guix est simplement la +configuration parfaite pour travailler en Guile (@pxref{Using Guile in +Emacs,,, guile, Guile Reference Manual}). Tout d'abord, vous avez besoin de +mieux qu'un éditeur de texte, vous avez besoin de +@url{http://www.gnu.org/software/emacs, Emacs}, amélioré par le superbe +@url{http://nongnu.org/geiser/, Geiser}. + +Geiser permet le développement interactif et incrémental depuis Emacs : la +compilation du code et son évaluation depuis les buffers, l'accès à la +documentation en ligne (docstrings), la complétion sensible au contexte, +@kbd{M-.} pour sauter à la définition d'un objet, un REPL pour tester votre +code, et bien plus (@pxref{Introduction,,, geiser, Geiser User +Manual}). Pour travailler confortablement sur Guix, assurez-vous de modifier +le chemin de chargement de Guile pour qu'il trouve les fichiers source de +votre dépôt : + +@lisp +;; @r{Si l'extrait est dans ~/src/guix.} +(with-eval-after-load 'geiser-guile + (add-to-list 'geiser-guile-load-path "~/src/guix")) +@end lisp + +To actually edit the code, Emacs already has a neat Scheme mode. But in +addition to that, you must not miss +@url{http://www.emacswiki.org/emacs/ParEdit, Paredit}. It provides +facilities to directly operate on the syntax tree, such as raising an +s-expression or wrapping it, swallowing or rejecting the following +s-expression, etc. + +@cindex extraits de code +@cindex modèles +@cindex réduire la quantité de code commun +Nous fournissons aussi des modèles pour les messages de commit git communs +et les définitions de paquets dans le répertoire @file{etc/snippets}. Ces +modèles s'utilisent avec @url{http://joaotavora.github.io/yasnippet/, +YASnippet} pour développer des chaînes courtes de déclenchement en extraits +de texte interactifs. Vous pouvez ajouter le répertoire des modèles dans la +variables @var{yas-snippet-dirs} d'Emacs. + +@lisp +;; @r{Si l'extrait est dans ~/src/guix.} +(with-eval-after-load 'yasnippet + (add-to-list 'yas-snippet-dirs "~/src/guix/etc/snippets")) +@end lisp + +Les extraits de messages de commit dépendent de @url{https://magit.vc/, +Magit} pour afficher les fichiers sélectionnés. Lors de la modification d'un +message de commit, tapez @code{add} suivi de @kbd{TAB} pour insérer un +modèle de message de commit pour ajouter un paquet ; tapez @code{update} +suivi de @kbd{TAB} pour insérer un modèle pour la mise à jour d'un paquet. + +L'extrait principal pour @code{scheme-mode} est lancé en tapant +@code{package…} suivi par @kbd{TAB}. Cet extrait insère aussi la chaîne de +déclenchement @code{origin…}, qui peut aussi être étendue. L'extrait +@code{origin} lui-même peut aussi insérer des chaînes de déclenchement qui +finissent sur @code{…}, qui peuvent aussi être étendues. + + +@node Style de code +@section Style de code + +En général notre code suit le Standard de Code GNU (@pxref{Top,,, standards, +GNU Coding Standards}). Cependant, il ne parle pas beaucoup de Scheme, donc +voici quelques règles supplémentaires. + +@menu +* Paradigme de programmation:: Comment composer vos éléments. +* Modules:: Où stocker votre code ? +* Types de données et reconnaissance de motif:: Implémenter des + structures de données. +* Formatage du code:: Conventions d'écriture. +@end menu + +@node Paradigme de programmation +@subsection Paradigme de programmation + +Le code Scheme dans Guix est écrit dans un style purement fonctionnel. Le +code qui s'occupe des entrées-sorties est une exception ainsi que les +procédures qui implémentent des concepts bas-niveau comme la procédure +@code{memoize}. + +@node Modules +@subsection Modules + +Les modules Guile qui sont sensés être utilisés du côté de la construction +doivent se trouver dans l'espace de nom @code{(guix build @dots{})}. Ils ne +doivent pas se référer à d'autres modules Guix ou GNU. Cependant il est +correct pour un module « côté hôte » de dépendre d'un module coté +construction. + +Les modules qui s'occupent du système GNU général devraient se trouver dans +l'espace de nom @code{(gnu @dots{})} plutôt que @code{(guix @dots{})}. + +@node Types de données et reconnaissance de motif +@subsection Types de données et reconnaissance de motif + +La tendance en Lisp classique est d'utiliser des listes pour tout +représenter et de naviguer dedans « à la main ( avec @code{car}, @code{cdr}, +@code{cadr} et compagnie. Il y a plusieurs problèmes avec ce style, +notamment le fait qu'il soit dur à lire, source d'erreur et un obstacle aux +rapports d'erreur bien typés. + +Le code de Guix devrait définir des types de données appropriées (par +exemple, avec @code{define-record-type*}) plutôt que d'abuser des listes. En +plus, il devrait utiliser la recherche de motifs, via le module Guile +@code{(ice-9 match)}, surtout pour rechercher dans des listes. + +@node Formatage du code +@subsection Formatage du code + +@cindex formater le code +@cindex style de code +Lorsque nous écrivons du code Scheme, nous suivons la sagesse commune aux +programmeurs Scheme. En général, nous suivons les +@url{http://mumble.net/~campbell/scheme/style.txt, règles de style de +Riastradh}. Ce document décrit aussi les conventions utilisées dans le code +de Guile. Il est bien pensé et bien écrit, alors n'hésitez pas à le lire. + +Certaines formes spéciales introduites dans Guix comme la macro +@code{substitute*} ont des règles d'indentation spécifiques. Elles sont +définies dans le fichier @file{.dir-locals.el} qu'Emacs utilise +automatiquement. Remarquez aussi qu'Emacs-Guix fournit le mode +@code{guix-devel-mode} qui indente et colore le code Guix correctement +(@pxref{Development,,, emacs-guix, The Emacs-Guix Reference Manual}). + +@cindex indentation, du code +@cindex formatage, du code +Si vous n'utilisez pas Emacs, assurez-vous que votre éditeur connaisse ces +règles. Pour indenter automatiquement une définition de paquet, vous pouvez +aussi lancer : + +@example +./etc/indent-code.el gnu/packages/@var{file}.scm @var{package} +@end example + +@noindent +Cela indente automatiquement la définition de @var{package} dans +@file{gnu/packages/@var{file}.scm} en lançant Emacs en mode commande. Pour +indenter un fichier complet, n'indiquez pas de second argument : + +@example +./etc/indent-code.el gnu/services/@var{file}.scm +@end example + +Nous demandons que toutes les procédure de premier niveau contiennent une +chaîne de documentation. Ce pré-requis peut être relâché pour les procédures +privées simples dans l'espace de nom @code{(guix build @dots{})} cependant. + +Les procédures ne devraient pas avoir plus de quatre paramètres +positionnés. Utilisez des paramètres par mot-clefs pour les procédures qui +prennent plus de quatre paramètres. + + +@node Envoyer des correctifs +@section Envoyer des correctifs + +Le développement se fait avec le système de contrôle de version Git. Ainsi, +l'accès au dépôt n'est pas strictement nécessaire. Nous accueillons les +contributions sous forme de correctifs produits par @code{git format-patch} +envoyés sur la liste de diffusion @email{guix-patches@@gnu.org}. + +Cette liste de diffusion est gérée par une instance Debbugs accessible à +l'adresse @uref{https://bugs.gnu.org/guix-patches}, qui nous permet de +suivre les soumissions. Chaque message envoyé à cette liste se voit +attribuer un numéro de suivi ; les gens peuvent ensuite répondre à cette +soumission en envoyant un courriel à @code{@var{NNN}@@debbugs.gnu.org}, où +@var{NNN} est le numéro de suivi (@pxref{Envoyer une série de correctifs}). + +Veuillez écrire les messages de commit dans le format ChangeLog +(@pxref{Change Logs,,, standards, GNU Coding Standards}) ; vous pouvez +regarder l'historique des commits pour trouver des exemples. + +Avant de soumettre un correctif qui ajoute ou modifie la définition d'un +paquet, veuillez vérifier cette check-list : + +@enumerate +@item +Si les auteurs du paquet logiciel fournissent une signature cryptographique +pour l'archive, faîtes un effort pour vérifier l'authenticité de +l'archive. Pour un fichier de signature GPG détaché, cela se fait avec la +commande @code{gpg --verify}. + +@item +Prenez un peu de temps pour fournir un synopsis et une description adéquats +pour le paquet. Voir @xref{Synopsis et descriptions} pour quelques lignes +directrices. + +@item +Lancez @code{guix lint @var{paquet}}, où @var{paquet} est le nom du nouveau +paquet ou du paquet modifié, et corrigez les erreurs qu'il rapporte +(@pxref{Invoquer guix lint}). + +@item +Assurez-vous que le paquet se construise sur votre plate-forme avec +@code{guix build @var{paquet}}. + +@item +@cindex construction groupée +Assurez-vous que le paquet n'utilise pas de copie groupée d'un logiciel déjà +disponible dans un paquet séparé. + +Parfois, les paquets incluent des copie du code source de leurs dépendances +pour le confort de leurs utilisateurs. Cependant, en tant que distribution, +nous voulons nous assurer que ces paquets utilisent bien les copient que +nous avons déjà dans la distribution si elles existent. Cela améliore +l'utilisation des ressources (la dépendance n'est construite et stockée +qu'une seule fois) et permet à la distribution de faire des changements +transversaux comme appliquer des correctifs de sécurité pour un paquet donné +depuis un unique emplacement et qu'ils affectent tout le système, ce +qu'empêchent les copies groupées. + +@item +Regardez le profile rapporté par @command{guix size} (@pxref{Invoquer guix size}). Cela vous permettra de remarquer des références à d'autres paquets +qui ont été retenus. Il peut aussi aider à déterminer s'il faut découper le +paquet (@pxref{Des paquets avec plusieurs résultats}) et quelle dépendance +facultative utiliser. + +@item +Pour les changements important, vérifiez que les paquets qui en dépendent +(s'ils existent) ne sont pas affectés par le changement ; @code{guix refresh +--list-dependant @var{paquet}} vous aidera (@pxref{Invoquer guix refresh}). + +@c =========================================================================== +@c +@c This file was generated with po4a. Translate the source file. +@c +@c =========================================================================== +@c See . +@cindex stratégie de branche +@cindex stratégie de planification des reconstructions +Suivant le nombre de paquets dépendants et donc le nombre de reconstruction +induites, les commits vont vers des branches différentes, suivant ces +principes : + +@table @asis +@item 300 paquets dépendants ou moins +branche @code{master} (changements non-disruptifs). + +@item entre 300 et 1 200 paquets dépendants +branche @code{staging} (changemets non-disruptifs). Cette branche devrait +être fusionnées dans @code{master} tous les 3 semaines. Les changements par +thèmes (par exemple une mise à jour de la pile GNOME) peuvent aller dans une +branche spécifique (disons, @code{gnome-updates}). + +@item plus de 1 200 paquets dépendants +branche @code{core-updates} (peut inclure des changements majeurs et +potentiellement disruptifs). Cette branche devrait être fusionnée dans +@code{master} tous les 2,5 mois environ. +@end table + +Toutes ces branches sont gérées par notre ferme de construction et +fusionnées dans @code{master} une fois que tout a été construit +correctement. Cela nous permet de corriger des problèmes avant qu'ils +n'atteignent les utilisateurs et réduit la fenêtre pendant laquelle les +binaires pré-construits ne sont pas disponibles. + +@item +@cindex déterminisme, du processus de construction +@cindex construction reproductibles, vérification +Vérifiez si le processus de construction du paquet est déterministe. Cela +signifie typiquement vérifier qu'une construction indépendante du paquet +renvoie exactement le même résultat que vous avez obtenu, bit à bit. + +Une manière simple de le faire est de reconstruire le paquet plusieurs fois +à la suite sur votre machine (@pxref{Invoquer guix build}) : + +@example +guix build --rounds=2 mon-paquet +@end example + +Cela est suffisant pour trouver une classe de non-déterminisme commune, +comme l'horodatage ou des sorties générées aléatoirement dans le résultat de +la construction. + +Une autre option consiste à utiliser @command{guix challenge} +(@pxref{Invoquer guix challenge}). Vous pouvez lancer la commande une fois +que les paquets ont été commités et construits par @code{hydra.gnu.org} pour +vérifier s'il obtient le même résultat que vous. Mieux encore : trouvez une +autre machine qui peut le construire et lancez @command{guix publish}. Puis +la machine distante est sûrement différente de la vôtre, cela peut trouver +des problèmes de non-déterminisme liés au matériel — par exemple utiliser +une extension du jeu d'instruction — ou du noyau du système d'exploitation — +par exemple se reposer sur @code{uname} ou les fichiers de @file{/proc}. + +@item +Lorsque vous écrivez de la documentation, utilisez une formulation au genre +neutre lorsque vous vous référez à des personnes, comme le +@uref{https://fr.wikipedia.org/wiki/They_singulier, ``they''@comma{} +``their''@comma{} ``them'' singulier} (en anglais). + +@item +Vérifiez que votre correctif contienne seulement un ensemble de changements +liés. Grouper des changements non liés ensemble rend la revue plus difficile +et plus lente. + +Ajouter plusieurs paquet ou une mise à jour d'un paquet avec des corrections +dans ce paquet sont des exemples de changements sans rapport. + +@item +Suivez nos règles de formatage de code, éventuellement en lançant le script +@command{et/indent-code.el} pour le faire automatiquement (@pxref{Formatage +du code}). + +@end enumerate + +Lorsque vous envoyez un correctif à la liste de diffusion, utilisez +@samp{[PATCH] @dots{}} comme sujet. Vous pouvez utiliser votre client de +courriel ou la commande @command{git send-email} (@pxref{Envoyer une série +de correctifs}). Nous préférons recevoir des correctifs en texte brut, soit +en ligne, soit en pièce-jointe MIME. Nous vous conseillons de faire +attention si votre client de courriel change par exemple les retours à la +ligne ou l'indentation, ce qui peut casser les correctifs. + +Lorsqu'un bogue est résolu, veuillez fermer le fil en envoyant un courriel à +@email{@var{NNN}-done@@debbugs.gnu.org}. + +@unnumberedsubsec Envoyer une série de correctifs +@anchor{Envoyer une série de correctifs} +@cindex série de correctifs +@cindex @code{git send-email} +@cindex @code{git-send-email} + +@c Debbugs bug: https://debbugs.gnu.org/db/15/15361.html +Lorsque vous envoyez une série de correctifs (p.e. avec @code{git +send-email}), envoyez d'abord une premier message à +@email{guix-patches@@gnu.org} puis envoyez le reste des correctifs à +@email{@var{NNN}@@debbugs.gnu.org} pour vous assurer qu'ils seront groupés +ensemble. Voyez @uref{https://debbugs.gnu.org/Advanced.html, la +documentation de Debbugs} pour plus d'informations. diff --git a/doc/guix.fr.texi b/doc/guix.fr.texi new file mode 100644 index 0000000000..5ad167a317 --- /dev/null +++ b/doc/guix.fr.texi @@ -0,0 +1,21884 @@ +\input texinfo +@c =========================================================================== +@c +@c This file was generated with po4a. Translate the source file. +@c +@c =========================================================================== +@c -*-texinfo-*- + +@c %**start of header +@setfilename guix.fr.info +@documentencoding UTF-8 +@documentlanguage fr +@settitle Manuel de référence de GNU Guix +@c %**end of header + +@include version-fr.texi + +@c Identifier of the OpenPGP key used to sign tarballs and such. +@set OPENPGP-SIGNING-KEY-ID 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 + +@copying +Copyright @copyright{} 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic +Courtès@* Copyright @copyright{} 2013, 2014, 2016 Andreas Enge@* Copyright +@copyright{} 2013 Nikita Karetnikov@* Copyright @copyright{} 2014, 2015, +2016 Alex Kost@* Copyright @copyright{} 2015, 2016 Mathieu Lirzin@* +Copyright @copyright{} 2014 Pierre-Antoine Rault@* Copyright @copyright{} +2015 Taylan Ulrich Bayırlı/Kammer@* Copyright @copyright{} 2015, 2016, 2017 +Leo Famulari@* Copyright @copyright{} 2015, 2016, 2017, 2018 Ricardo +Wurmus@* Copyright @copyright{} 2016 Ben Woodcroft@* Copyright @copyright{} +2016, 2017, 2018 Chris Marusich@* Copyright @copyright{} 2016, 2017, 2018 +Efraim Flashner@* Copyright @copyright{} 2016 John Darrington@* Copyright +@copyright{} 2016, 2017 Nils Gillmann@* Copyright @copyright{} 2016, 2017 +Jan Nieuwenhuizen@* Copyright @copyright{} 2016 Julien Lepiller@* Copyright +@copyright{} 2016 Alex ter Weele@* Copyright @copyright{} 2017, 2018 Clément +Lassieur@* Copyright @copyright{} 2017 Mathieu Othacehe@* Copyright +@copyright{} 2017 Federico Beffa@* Copyright @copyright{} 2017 Carlo +Zancanaro@* Copyright @copyright{} 2017 Thomas Danckaert@* Copyright +@copyright{} 2017 humanitiesNerd@* Copyright @copyright{} 2017 Christopher +Allan Webber@* Copyright @copyright{} 2017 Marius Bakke@* Copyright +@copyright{} 2017 Hartmut Goebel@* Copyright @copyright{} 2017 Maxim +Cournoyer@* Copyright @copyright{} 2017, 2018 Tobias Geerinckx-Rice@* +Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 +Andy Wingo@* Copyright @copyright{} 2017, 2018 Arun Isaac@* Copyright +@copyright{} 2017 nee@* Copyright @copyright{} 2018 Rutger Helling@* +Copyright @copyright{} 2018 Oleg Pykhalov@* Copyright @copyright{} 2018 Mike +Gerwitz + +Vous avez la permission de copier, distribuer ou modifier ce document sous +les termes de la Licence GNU Free Documentation, version 1.3 ou toute +version ultérieure publiée par la Free Software Foundation ; sans section +invariante, texte de couverture et sans texte de quatrième de +couverture. Une copie de la licence est incluse dans la section intitulée +« GNU Free Documentation License ». +@end copying + +@dircategory Administration système +@direntry +* Guix: (guix). Gérer les logiciels installés et la + configuration du système. +* guix package : (guix)Invoquer guix package. Intaller, supprimer et + mettre à jour des paquets. +* guix gc : (guix)Invoquer guix gc. Récupérer de l'espace disque + inutilisé. +* guix pull : (guix)Invoquer guix pull. Mettre à jour la liste des + paquets disponibles. +* guix system : (guix)Invoquer guix system. Gérer la configuration du + système d'exploitation. +@end direntry + +@dircategory Développement logiciel +@direntry +* guix environment : (guix)Invoquer guix environment. Construire des + environnements de + construction avec + Guix. +* guix build : (guix)Invoquer guix build. Construire des paquets. +* guix pack : (guix) Invoquer guix pack. Créer des lots binaires. +@end direntry + +@titlepage +@title Manuel de référence de GNU Guix +@subtitle Utiliser le gestionnaire de paquet fonctionnel GNU Guix +@author Les développeurs de GNU Guix + +@page +@vskip 0pt plus 1filll +Édition @value{EDITION} @* @value{UPDATED} @* + +@insertcopying +@end titlepage + +@contents + +@c ********************************************************************* +@node Top +@top GNU Guix + +Cette documentation décrit GNU Guix version @value{VERSION}, un outils de +gestion de paquets fonctionnel écrit pour le système GNU. + +@menu +* Introduction:: Qu'est-ce que Guix ? +* Installation:: Installer Guix. +* Gestion de paquets:: Installation des paquets, mises à jour, etc. +* Interface de programmation:: Utiliser Guix en Scheme. +* Utilitaires:: Commandes de gestion de paquets. +* Distribution GNU:: Des logiciels pour un système GNU convivial. +* Contribuer:: Nous avons besoin de votre aide ! + +* Remerciements:: Merci ! +* La licence GNU Free Documentation:: La licence de ce manuel. +* Index des concepts:: Les concepts. +* Index de programmation:: Types de données, fonctions et variables. + +@detailmenu + --- Liste détaillée des nœuds --- + + + +Installation + + + +* Installation binaire:: Commencer à utiliser Guix en un rien de temps + ! +* Prérequis:: Logiciels requis pour construire et lancer + Guix. +* Lancer la suite de tests:: Tester Guix. +* Paramétrer le démon:: Préparer l'environnement du démon de + construction. +* Invoquer guix-daemon:: Lancer le démon de construction. +* Réglages applicatifs:: Réglages spécifiques pour les application. + +Paramétrer le démon + + + +* Réglages de l'environnement de construction:: Préparer l'environnement + de construction isolé. +* Réglages du délestage du démon:: Envoyer des constructions à des + machines distantes. +* Support de SELinux:: Utiliser une politique SELinux pour le démon. + +Gestion de paquets + + + +* Fonctionnalités:: Comment Guix va rendre votre vie plus heureuse. +* Invoquer guix package:: Installation, suppression, etc. de paquets. +* Substituts:: Télécharger des binaire déjà construits. +* Des paquets avec plusieurs résultats:: Un seul paquet source, plusieurs + résultats. +* Invoquer guix gc:: Lancer le ramasse-miettes. +* Invoquer guix pull:: Récupérer la dernière version de Guix et de + la distribution. +* Invoquer guix pack:: Créer des lots de logiciels. +* Invoquer guix archive:: Exporter et importer des fichiers du dépôt. + +Substituts + + + +* Serveur de substituts officiel:: Une source particulière de substituts. +* Autoriser un serveur de substituts:: Comment activer ou désactiver les + substituts. +* Authentification des substituts:: Coment Guix vérifie les substituts. +* Paramètres de serveur mandataire:: Comment récupérer des substituts à + travers un serveur mandataire. +* Échec de substitution:: Qu'arrive-t-il quand la substitution échoue. +* De la confiance en des binaires:: Comment pouvez-vous avoir confiance en + un paquet binaire ? + +Interface de programmation + + + +* Définition des paquets:: Définir de nouveaux paquets. +* Systèmes de construction:: Spécifier comment construire les paquets. +* Le dépôt:: Manipuler le dépôt de paquets. +* Dérivations:: Interface de bas-niveau avec les dérivations + de paquets. +* La monad du dépôt:: Interface purement fonctionnelle avec le + dépôt. +* G-Expressions:: Manipuler les expressions de construction. + +Définition des paquets + + + +* Référence de paquet :: Le type de donnée des paquets. +* Référence d'origine:: Le type de données d'origine. + +Utilitaires + + + +* Invoquer guix build:: Construire des paquets depuis la ligne de + commande. +* Invoquer guix edit:: Modifier les définitions de paquets. +* Invoquer guix download:: Télécharger un fichier et afficher son hash. +* Invoquer guix hash:: Calculer le hash cryptographique d'un fichier. +* Invoquer guix import:: Importer des définitions de paquets. +* Invoquer guix refresh:: Mettre à jour les définitions de paquets. +* Invoquer guix lint:: Trouver des erreurs dans les définitions de + paquets. +* Invoquer guix size:: Profiler l'utilisation du disque. +* Invoquer guix graph:: Visualiser le graphe des paquets. +* Invoquer guix environment:: Mettre en place des environnements de + développement. +* Invoquer guix publish:: Partager des substituts. +* Invoquer guix challenge:: Défier les serveurs de substituts. +* Invoquer guix copy:: Copier vers et depuis un dépôt distant. +* Invoquer guix container:: Isolation de processus. +* Invoquer guix weather:: Mesurer la disponibilité des substituts. + +Invoquer @command{guix build} + + + +* Options de construction communes:: Options de construction pour la + plupart des commandes. +* Options de transformation de paquets:: Créer des variantes de paquets. +* Options de construction supplémentaires:: Options spécifiques à « + guix build ». +* Débogage des échecs de construction:: La vie d'un empaqueteur. + +Distribution GNU + + + +* Installation du système:: Installer le système d'exploitation complet. +* Configuration système:: Configurer le système d'exploitation. +* Documentation:: Visualiser les manuels d'utilisateur des + logiciels. +* Installer les fichiers de débogage:: Nourrir le débogueur. +* Mises à jour de sécurité:: Déployer des correctifs de sécurité + rapidement. +* Modules de paquets:: Les paquets du point de vu du programmeur. +* Consignes d'empaquetage:: Faire grandir la distribution. +* Bootstrapping:: GNU/Linux depuis zéro. +* Porter:: Cibler une autre plateforme ou un autre noyau. + +Installation du système + + + +* Limitations:: Ce à quoi vous attendre. +* Considérations matérielles:: Matériel supporté. +* Installation depuis une clef USB ou un DVD:: Préparer le média + d'installation. +* Préparer l'installation:: Réseau, partitionnement, etc. +* Effectuer l'installation:: Pour de vrai. +* Installer GuixSD dans une VM:: Jouer avec GuixSD. +* Construire l'image d'installation:: D'où vient tout cela. + +Configuration système + + + +* Utiliser le système de configuration:: Personnaliser votre système GNU. +* Référence de système d'exploitation:: Détail sur la déclaration de + système d'exploitation. +* Systèmes de fichiers:: Configurer les montages de systèmes de + fichiers. +* Périphériques mappés:: Gestion des périphériques de bloc. +* Comptes utilisateurs:: Spécifier des comptes utilisateurs. +* Régionalisation:: Paramétrer la langue et les conventions + culturelles. +* Services:: Spécifier les services du système. +* Programmes setuid:: Programmes tournant avec les privilèges root. +* Certificats X.509:: Authentifier les serveurs HTTPS. +* Name Service Switch:: Configurer le « name service switch » de la + libc. +* Disque de RAM initial:: Démarrage de Linux-Libre. +* Configuration du chargeur d'amorçage:: Configurer le chargeur + d'amorçage. +* Invoquer guix system:: Instantier une configuration du système. +* Lancer GuixSD dans une VM:: Comment lancer GuixSD dans une machine + virtuelle. +* Définir des services:: Ajouter de nouvelles définitions de services. + +Services + + + +* Services de base:: Services systèmes essentiels. +* Scheduled Job Execution:: The mcron service. +* Log Rotation:: The rottlog service. +* Networking Services:: Network setup, SSH daemon, etc. +* X Window:: Graphical display. +* Printing Services:: Local and remote printer support. +* Desktop Services:: D-Bus and desktop services. +* Database Services:: SQL databases, key-value stores, etc. +* Mail Services:: IMAP, POP3, SMTP, and all that. +* Messaging Services:: Messaging services. +* Telephony Services:: Telephony services. +* Monitoring Services:: Monitoring services. +* Kerberos Services:: Kerberos services. +* Web Services:: Web servers. +* Certificate Services:: TLS certificates via Let's Encrypt. +* DNS Services:: DNS daemons. +* VPN Services:: VPN daemons. +* Network File System:: NFS related services. +* Continuous Integration:: The Cuirass service. +* Power management Services:: The TLP tool. +* Audio Services:: The MPD. +* Virtualization Services:: Virtualization services. +* Version Control Services:: Providing remote access to Git repositories. +* Game Services:: Game servers. +* Miscellaneous Services:: Other services. + +Définir des services + + + +* Composition de services:: Le modèle de composition des services. +* Types service et services:: Types et services. +* Référence de service:: Référence de l'API. +* Services Shepherd:: Un type de service particulier. + +Consignes d'empaquetage + + + +* Liberté logiciel:: Ce que la distribution peut contenir. +* Conventions de nommage:: Qu'est-ce qu'un bon nom ? +* Numéros de version:: Lorsque le nom n'est pas suffisant. +* Synopsis et descriptions:: Aider les utilisateurs à trouver le bon + paquet. +* Modules python:: Un peu de comédie anglaise. +* Modules perl:: Petites perles. +* Paquets java:: Pause café. +* Polices de caractères:: Fond of fonts. + +Contribuer + + + +* Construire depuis Git:: The latest and greatest. +* Lancer Guix avant qu'il ne soit installé:: Astuces pour les hackers. +* La configuration parfaite:: Les bons outils. +* Style de code:: Hygiène du contributeur. +* Envoyer des correctifs:: Partager votre travail. + +Style de code + + + +* Paradigme de programmation:: Comment composer vos éléments. +* Modules:: Où stocker votre code ? +* Types de données et reconnaissance de motif:: Implémenter des + structures de données. +* Formatage du code:: Conventions d'écriture. + +@end detailmenu +@end menu + +@c ********************************************************************* +@node Introduction +@chapter Introduction + +@cindex but +GNU Guix@footnote{« Guix » se prononce comme « geeks » (en prononçant le +« s »), ou « ɡiːks » dans l'alphabet phonétique international (API).} est un +outil de gestion de paquets pour le système GNU. Guix facilite pour les +utilisateurs non privilégiés l'installation, la mise à jour et la +suppression de paquets, la restauration à un ensemble de paquets précédent, +la construction de paquets depuis les sources et plus généralement aide à la +création et à la maintenance d'environnements logiciels. + +@cindex interfaces utilisateurs +Guix fournit une interface de gestion des paquets par la ligne de commande +(@pxref{Invoquer guix package}), un ensemble d'utilitaires en ligne de +commande (@pxref{Utilitaires}) ainsi que des interfaces de programmation +Scheme (@pxref{Interface de programmation}). +@cindex démon de construction +Son @dfn{démon de construction} est responsable de la construction des +paquets pour les utilisateurs (@pxref{Paramétrer le démon}) et du +téléchargement des binaires pré-construits depuis les sources autorisées +(@pxref{Substituts}). + +@cindex extensibilité de la distribution +@cindex personnalisation, des paquets +Guix contient de nombreuses définitions de paquet GNU et non-GNU qui +respectent tous les @uref{https://www.gnu.org/philosophy/free-sw.fr.html, +libertés de l'utilisateur}. Il est @emph{extensible} : les utilisateurs +peuvent écrire leurs propres définitions de paquets (@pxref{Définition des paquets}) et les rendre disponibles dans des modules de paquets +indépendants (@pxref{Modules de paquets}). Il est aussi +@emph{personnalisable} : les utilisateurs peuvent @emph{dériver} des +définitions de paquets spécialisées à partir de définitions existantes, même +depuis la ligne de commande (@pxref{Options de transformation de paquets}). + +@cindex Distribution Système Guix +@cindex GuixSD +Vous pouvez installer GNU@tie{}Guix sur un système GNU/Linux existant pour +compléter les outils disponibles sans interférence (@pxref{Installation}) ou +vous pouvez l'utiliser à travers la @dfn{Distribution Système Guix} ou +GuixSD (@pxref{Distribution GNU}) distincte. Avec GNU@tie{}GuixSD, vous +@emph{déclarez} tous les aspects de la configuration du système +d'exploitation et Guix s'occupe de créer la configuration d'une manière +transactionnelle, reproductible et sans état (@pxref{Configuration +système}). + +@cindex gestion de paquet fonctionnelle +Sous le capot, Guix implémente la discipline de @dfn{gestion de paquet +fonctionnel} inventé par Nix (@pxref{Remerciements}). Dans Guix le processus +de construction et d'installation des paquets est vu comme une +@emph{fonction} dans le sens mathématique du terme. Cette fonction a des +entrées (comme des scripts de construction, un compilateur et des +bibliothèques) et renvoie un paquet installé. En tant que fonction pure, son +résultat ne dépend que de ses entrées. Par exemple, il ne peut pas faire +référence à des logiciels ou des scripts qui n'ont pas été explicitement +passés en entrée. Une fonction de construction produit toujours le même +résultat quand on lui donne le même ensemble d'entrée. Elle ne peut pas +modifier l'environnement du système en cours d'exécution d'aucune manière ; +par exemple elle ne peut pas créer, modifier ou supprimer des fichiers en +dehors de ses répertoires de construction et d'installation. Ce résultat +s'obtient en lançant les processus de construction dans des environnements +isolés (ou des @dfn{conteneurs}) où seules les entrées explicites sont +visibles. + +@cindex dépôt +Le résultat des fonctions de construction de paquets est mis en @dfn{cache} +dans le système de fichier, dans répertoire spécial appelé le @dfn{dépôt} +(@pxref{Le dépôt}). Chaque paquet est installé dans son répertoire propre +dans le dépôt — par défaut dans @file{/gnu/store}. Le nom du répertoire +contient un hash de toutes les entrées utilisées pour construire le paquet ; +ainsi, changer une entrée donnera un nom de répertoire différent. + +Cette approche est le fondement des fonctionnalités les plus importante de +Guix : le support des mises à jour des paquets et des retours en arrière +transactionnels, l'installation différenciée par utilisateur et le ramassage +de miettes pour les paquets (@pxref{Fonctionnalités}). + + +@c ********************************************************************* +@node Installation +@chapter Installation + +@cindex installer Guix +GNU Guix est disponible au téléchargement depuis son site web sur +@url{http://www.gnu.org/software/guix/}. Cette section décrit les pré-requis +logiciels de Guix ainsi que la manière de l'installer et de se préparer à +l'utiliser. + +Remarquez que cette section concerne l'installation du gestionnaire de +paquet, ce qui se fait sur un système GNU/Linux en cours d'exécution. Si +vous souhaitez plutôt installer le système d'exploitation GNU complet, +@pxref{Installation du système}. + +@cindex distro extérieure +Lorsqu'il est installé sur an système GNU/Linux existant — ci-après nommé +@dfn{distro extérieure} — GNU@tie{}Guix complète les outils disponibles sans +interférence. Ses données se trouvent exclusivement dans deux répertoires, +typiquement @file{/gnu/store} et @file{/var/guix} ; les autres fichiers de +votre système comme @file{/etc} sont laissés intacts. + +Une fois installé, Guix peut être mis à jour en lançant @command{guix pull} +(@pxref{Invoquer guix pull}). + +@menu +* Installation binaire:: Commencer à utiliser Guix en un rien de temps + ! +* Prérequis:: Logiciels requis pour construire et lancer + Guix. +* Lancer la suite de tests:: Tester Guix. +* Paramétrer le démon:: Préparer l'environnement du démon de + construction. +* Invoquer guix-daemon:: Lancer le démon de construction. +* Réglages applicatifs:: Réglages spécifiques pour les application. +@end menu + +@node Installation binaire +@section Installation binaire + +@cindex installing Guix from binaries +This section describes how to install Guix on an arbitrary system from a +self-contained tarball providing binaries for Guix and for all its +dependencies. This is often quicker than installing from source, which is +described in the next sections. The only requirement is to have +GNU@tie{}tar and Xz. + +We provide a +@uref{https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh, +shell installer script}, which automates the download, installation, and +initial configuration of Guix. It should be run as the root user. + +Installing goes along these lines: + +@enumerate +@item +@cindex downloading Guix binary +Download the binary tarball from +@indicateurl{ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz}, +where @var{system} is @code{x86_64-linux} for an @code{x86_64} machine +already running the kernel Linux, and so on. + +@c The following is somewhat duplicated in ``System Installation''. +Make sure to download the associated @file{.sig} file and to verify the +authenticity of the tarball against it, along these lines: + +@example +$ wget ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz.sig +$ gpg --verify guix-binary-@value{VERSION}.@var{system}.tar.xz.sig +@end example + +If that command fails because you do not have the required public key, then +run this command to import it: + +@example +$ gpg --keyserver pgp.mit.edu --recv-keys @value{OPENPGP-SIGNING-KEY-ID} +@end example + +@noindent +@c end authentication part +and rerun the @code{gpg --verify} command. + +@item +Now, you need to become the @code{root} user. Depending on your +distribution, you may have to run @code{su -} or @code{sudo -i}. As +@code{root}, run: + +@example +# cd /tmp +# tar --warning=no-timestamp -xf \ + guix-binary-@value{VERSION}.@var{system}.tar.xz +# mv var/guix /var/ && mv gnu / +@end example + +This creates @file{/gnu/store} (@pxref{Le dépôt}) and @file{/var/guix}. +The latter contains a ready-to-use profile for @code{root} (see next step.) + +Do @emph{not} unpack the tarball on a working Guix system since that would +overwrite its own essential files. + +The @code{--warning=no-timestamp} option makes sure GNU@tie{}tar does not +emit warnings about ``implausibly old time stamps'' (such warnings were +triggered by GNU@tie{}tar 1.26 and older; recent versions are fine.) They +stem from the fact that all the files in the archive have their modification +time set to zero (which means January 1st, 1970.) This is done on purpose +to make sure the archive content is independent of its creation time, thus +making it reproducible. + +@item +Make @code{root}'s profile available under @file{~root/.guix-profile}: + +@example +# ln -sf /var/guix/profiles/per-user/root/guix-profile \ + ~root/.guix-profile +@end example + +Source @file{etc/profile} to augment @code{PATH} and other relevant +environment variables: + +@example +# GUIX_PROFILE="`echo ~root`/.guix-profile" ; \ + source $GUIX_PROFILE/etc/profile +@end example + +@item +Create the group and user accounts for build users as explained below +(@pxref{Réglages de l'environnement de construction}). + +@item +Run the daemon, and set it to automatically start on boot. + +If your host distro uses the systemd init system, this can be achieved with +these commands: + +@c Versions of systemd that supported symlinked service files are not +@c yet widely deployed, so we should suggest that users copy the service +@c files into place. +@c +@c See this thread for more information: +@c http://lists.gnu.org/archive/html/guix-devel/2017-01/msg01199.html + +@example +# cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ + /etc/systemd/system/ +# systemctl start guix-daemon && systemctl enable guix-daemon +@end example + +If your host distro uses the Upstart init system: + +@example +# initctl reload-configuration +# cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf /etc/init/ +# start guix-daemon +@end example + +Otherwise, you can still start the daemon manually with: + +@example +# ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild +@end example + +@item +Make the @command{guix} command available to other users on the machine, for +instance with: + +@example +# mkdir -p /usr/local/bin +# cd /usr/local/bin +# ln -s /var/guix/profiles/per-user/root/guix-profile/bin/guix +@end example + +It is also a good idea to make the Info version of this manual available +there: + +@example +# mkdir -p /usr/local/share/info +# cd /usr/local/share/info +# for i in /var/guix/profiles/per-user/root/guix-profile/share/info/* ; + do ln -s $i ; done +@end example + +That way, assuming @file{/usr/local/share/info} is in the search path, +running @command{info guix} will open this manual (@pxref{Other Info +Directories,,, texinfo, GNU Texinfo}, for more details on changing the Info +search path.) + +@item +@cindex substitutes, authorization thereof +Pour utiliser les substituts de @code{hydra.gnu.org} ou l'un de ses mirroirs +(@pxref{Substituts}), autorisez-les : + +@example +# guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub +@end example + +@item +Each user may need to perform a few additional steps to make their Guix +environment ready for use, @pxref{Réglages applicatifs}. +@end enumerate + +Voilà, the installation is complete! + +You can confirm that Guix is working by installing a sample package into the +root profile: + +@example +# guix package -i hello +@end example + +The @code{guix} package must remain available in @code{root}'s profile, or +it would become subject to garbage collection---in which case you would find +yourself badly handicapped by the lack of the @command{guix} command. In +other words, do not remove @code{guix} by running @code{guix package -r +guix}. + +The binary installation tarball can be (re)produced and verified simply by +running the following command in the Guix source tree: + +@example +make guix-binary.@var{system}.tar.xz +@end example + +@noindent +... which, in turn, runs: + +@example +guix pack -s @var{system} --localstatedir guix +@end example + +@xref{Invoquer guix pack}, for more info on this handy tool. + +@node Prérequis +@section Prérequis + +This section lists requirements when building Guix from source. The build +procedure for Guix is the same as for other GNU software, and is not covered +here. Please see the files @file{README} and @file{INSTALL} in the Guix +source tree for additional details. + +GNU Guix depends on the following packages: + +@itemize +@item @url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.13 or +later, including 2.2.x; +@item @url{http://gnupg.org/, GNU libgcrypt}; +@item +@uref{http://gnutls.org/, GnuTLS}, specifically its Guile bindings +(@pxref{Guile Preparations, how to install the GnuTLS bindings for Guile,, +gnutls-guile, GnuTLS-Guile}); +@item +@c FIXME: Specify a version number once a release has been made. +@uref{https://gitlab.com/guile-git/guile-git, Guile-Git}, from August 2017 +or later; +@item @url{http://zlib.net, zlib}; +@item @url{http://www.gnu.org/software/make/, GNU Make}. +@end itemize + +The following dependencies are optional: + +@itemize +@item +Installing @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} +will allow you to use the @command{guix import pypi} command +(@pxref{Invoquer guix import}). It is of interest primarily for developers +and not for casual users. + +@item +@c Note: We need at least 0.10.2 for 'channel-send-eof'. +Support for build offloading (@pxref{Réglages du délestage du démon}) and +@command{guix copy} (@pxref{Invoquer guix copy}) depends on +@uref{https://github.com/artyom-poptsov/guile-ssh, Guile-SSH}, version +0.10.2 or later. + +@item +When @url{http://www.bzip.org, libbz2} is available, @command{guix-daemon} +can use it to compress build logs. +@end itemize + +Unless @code{--disable-daemon} was passed to @command{configure}, the +following packages are also needed: + +@itemize +@item @url{http://sqlite.org, SQLite 3}; +@item @url{http://gcc.gnu.org, GCC's g++}, with support for the +C++11 standard. +@end itemize + +@cindex state directory +When configuring Guix on a system that already has a Guix installation, be +sure to specify the same state directory as the existing installation using +the @code{--localstatedir} option of the @command{configure} script +(@pxref{Directory Variables, @code{localstatedir},, standards, GNU Coding +Standards}). The @command{configure} script protects against unintended +misconfiguration of @var{localstatedir} so you do not inadvertently corrupt +your store (@pxref{Le dépôt}). + +@cindex Nix, compatibility +When a working installation of @url{http://nixos.org/nix/, the Nix package +manager} is available, you can instead configure Guix with +@code{--disable-daemon}. In that case, Nix replaces the three dependencies +above. + +Guix is compatible with Nix, so it is possible to share the same store +between both. To do so, you must pass @command{configure} not only the same +@code{--with-store-dir} value, but also the same @code{--localstatedir} +value. The latter is essential because it specifies where the database that +stores metadata about the store is located, among other things. The default +values for Nix are @code{--with-store-dir=/nix/store} and +@code{--localstatedir=/nix/var}. Note that @code{--disable-daemon} is not +required if your goal is to share the store with Nix. + +@node Lancer la suite de tests +@section Lancer la suite de tests + +@cindex test suite +After a successful @command{configure} and @code{make} run, it is a good +idea to run the test suite. It can help catch issues with the setup or +environment, or bugs in Guix itself---and really, reporting test failures is +a good way to help improve the software. To run the test suite, type: + +@example +make check +@end example + +Test cases can run in parallel: you can use the @code{-j} option of +GNU@tie{}make to speed things up. The first run may take a few minutes on a +recent machine; subsequent runs will be faster because the store that is +created for test purposes will already have various things in cache. + +It is also possible to run a subset of the tests by defining the +@code{TESTS} makefile variable as in this example: + +@example +make check TESTS="tests/store.scm tests/cpio.scm" +@end example + +By default, tests results are displayed at a file level. In order to see +the details of every individual test cases, it is possible to define the +@code{SCM_LOG_DRIVER_FLAGS} makefile variable as in this example: + +@example +make check TESTS="tests/base64.scm" SCM_LOG_DRIVER_FLAGS="--brief=no" +@end example + +Upon failure, please email @email{bug-guix@@gnu.org} and attach the +@file{test-suite.log} file. Please specify the Guix version being used as +well as version numbers of the dependencies (@pxref{Prérequis}) in your +message. + +Guix also comes with a whole-system test suite that tests complete GuixSD +operating system instances. It can only run on systems where Guix is +already installed, using: + +@example +make check-system +@end example + +@noindent +or, again, by defining @code{TESTS} to select a subset of tests to run: + +@example +make check-system TESTS="basic mcron" +@end example + +Ces tests systèmes sont définis dans les modules @code{(gnu tests +@dots{})}. Ils fonctionnent en lançant les systèmes d'exploitation sous test +avec une instrumentation légère dans une machine virtuelle (VM). Ils peuvent +être intenses en terme de calculs ou plutôt rapides en fonction de la +disponibilité des substituts de leurs dépendances +(@pxref{Substituts}). Certains requièrent beaucoup d'espace disque pour +contenir les images des VM. + +Again in case of test failures, please send @email{bug-guix@@gnu.org} all +the details. + +@node Paramétrer le démon +@section Paramétrer le démon + +@cindex daemon +Operations such as building a package or running the garbage collector are +all performed by a specialized process, the @dfn{build daemon}, on behalf of +clients. Only the daemon may access the store and its associated database. +Thus, any operation that manipulates the store goes through the daemon. For +instance, command-line tools such as @command{guix package} and +@command{guix build} communicate with the daemon (@i{via} remote procedure +calls) to instruct it what to do. + +Les sections suivantes expliquent comment préparer l'environnement du démon +de construction. Voir aussi @ref{Substituts} pour apprendre comment +permettre le téléchargement de binaires pré-construits. + +@menu +* Réglages de l'environnement de construction:: Préparer l'environnement + de construction isolé. +* Réglages du délestage du démon:: Envoyer des constructions à des + machines distantes. +* Support de SELinux:: Utiliser une politique SELinux pour le démon. +@end menu + +@node Réglages de l'environnement de construction +@subsection Réglages de l'environnement de construction + +@cindex build environment +In a standard multi-user setup, Guix and its daemon---the +@command{guix-daemon} program---are installed by the system administrator; +@file{/gnu/store} is owned by @code{root} and @command{guix-daemon} runs as +@code{root}. Unprivileged users may use Guix tools to build packages or +otherwise access the store, and the daemon will do it on their behalf, +ensuring that the store is kept in a consistent state, and allowing built +packages to be shared among users. + +@cindex build users +When @command{guix-daemon} runs as @code{root}, you may not want package +build processes themselves to run as @code{root} too, for obvious security +reasons. To avoid that, a special pool of @dfn{build users} should be +created for use by build processes started by the daemon. These build users +need not have a shell and a home directory: they will just be used when the +daemon drops @code{root} privileges in build processes. Having several such +users allows the daemon to launch distinct build processes under separate +UIDs, which guarantees that they do not interfere with each other---an +essential feature since builds are regarded as pure functions +(@pxref{Introduction}). + +On a GNU/Linux system, a build user pool may be created like this (using +Bash syntax and the @code{shadow} commands): + +@c See http://lists.gnu.org/archive/html/bug-guix/2013-01/msg00239.html +@c for why `-G' is needed. +@example +# groupadd --system guixbuild +# for i in `seq -w 1 10`; + do + useradd -g guixbuild -G guixbuild \ + -d /var/empty -s `which nologin` \ + -c "Guix build user $i" --system \ + guixbuilder$i; + done +@end example + +@noindent +The number of build users determines how many build jobs may run in +parallel, as specified by the @option{--max-jobs} option (@pxref{Invoquer guix-daemon, @option{--max-jobs}}). To use @command{guix system vm} and +related commands, you may need to add the build users to the @code{kvm} +group so they can access @file{/dev/kvm}, using @code{-G guixbuild,kvm} +instead of @code{-G guixbuild} (@pxref{Invoquer guix system}). + +The @code{guix-daemon} program may then be run as @code{root} with the +following command@footnote{If your machine uses the systemd init system, +dropping the @file{@var{prefix}/lib/systemd/system/guix-daemon.service} file +in @file{/etc/systemd/system} will ensure that @command{guix-daemon} is +automatically started. Similarly, if your machine uses the Upstart init +system, drop the @file{@var{prefix}/lib/upstart/system/guix-daemon.conf} +file in @file{/etc/init}.}: + +@example +# guix-daemon --build-users-group=guixbuild +@end example + +@cindex chroot +@noindent +This way, the daemon starts build processes in a chroot, under one of the +@code{guixbuilder} users. On GNU/Linux, by default, the chroot environment +contains nothing but: + +@c Keep this list in sync with libstore/build.cc! ----------------------- +@itemize +@item +a minimal @code{/dev} directory, created mostly independently from the host +@code{/dev}@footnote{``Mostly'', because while the set of files that appear +in the chroot's @code{/dev} is fixed, most of these files can only be +created if the host has them.}; + +@item +the @code{/proc} directory; it only shows the processes of the container +since a separate PID name space is used; + +@item +@file{/etc/passwd} with an entry for the current user and an entry for user +@file{nobody}; + +@item +@file{/etc/group} with an entry for the user's group; + +@item +@file{/etc/hosts} with an entry that maps @code{localhost} to +@code{127.0.0.1}; + +@item +a writable @file{/tmp} directory. +@end itemize + +You can influence the directory where the daemon stores build trees @i{via} +the @code{TMPDIR} environment variable. However, the build tree within the +chroot is always called @file{/tmp/guix-build-@var{name}.drv-0}, where +@var{name} is the derivation name---e.g., @code{coreutils-8.24}. This way, +the value of @code{TMPDIR} does not leak inside build environments, which +avoids discrepancies in cases where build processes capture the name of +their build tree. + +@vindex http_proxy +Le démon tient aussi compte de la variable d'environnement @code{http_proxy} +pour ses téléchargements HTTP, que ce soit pour les dérivations à sortie +fixes (@pxref{Dérivations}) ou pour les substituts (@pxref{Substituts}). + +If you are installing Guix as an unprivileged user, it is still possible to +run @command{guix-daemon} provided you pass @code{--disable-chroot}. +However, build processes will not be isolated from one another, and not from +the rest of the system. Thus, build processes may interfere with each +other, and may access programs, libraries, and other files available on the +system---making it much harder to view them as @emph{pure} functions. + + +@node Réglages du délestage du démon +@subsection Using the Offload Facility + +@cindex offloading +@cindex build hook +When desired, the build daemon can @dfn{offload} derivation builds to other +machines running Guix, using the @code{offload} @dfn{build +hook}@footnote{This feature is available only when +@uref{https://github.com/artyom-poptsov/guile-ssh, Guile-SSH} is present.}. +When that feature is enabled, a list of user-specified build machines is +read from @file{/etc/guix/machines.scm}; every time a build is requested, +for instance via @code{guix build}, the daemon attempts to offload it to one +of the machines that satisfy the constraints of the derivation, in +particular its system type---e.g., @file{x86_64-linux}. Missing +prerequisites for the build are copied over SSH to the target machine, which +then proceeds with the build; upon success the output(s) of the build are +copied back to the initial machine. + +The @file{/etc/guix/machines.scm} file typically looks like this: + +@example +(list (build-machine + (name "eightysix.example.org") + (system "x86_64-linux") + (host-key "ssh-ed25519 AAAAC3Nza@dots{}") + (user "bob") + (speed 2.)) ;incredibly fast! + + (build-machine + (name "meeps.example.org") + (system "mips64el-linux") + (host-key "ssh-rsa AAAAB3Nza@dots{}") + (user "alice") + (private-key + (string-append (getenv "HOME") + "/.ssh/identity-for-guix")))) +@end example + +@noindent +In the example above we specify a list of two build machines, one for the +@code{x86_64} architecture and one for the @code{mips64el} architecture. + +In fact, this file is---not surprisingly!---a Scheme file that is evaluated +when the @code{offload} hook is started. Its return value must be a list of +@code{build-machine} objects. While this example shows a fixed list of +build machines, one could imagine, say, using DNS-SD to return a list of +potential build machines discovered in the local network +(@pxref{Introduction, Guile-Avahi,, guile-avahi, Using Avahi in Guile Scheme +Programs}). The @code{build-machine} data type is detailed below. + +@deftp {Data Type} build-machine +This data type represents build machines to which the daemon may offload +builds. The important fields are: + +@table @code + +@item name +The host name of the remote machine. + +@item system +The system type of the remote machine---e.g., @code{"x86_64-linux"}. + +@item user +The user account to use when connecting to the remote machine over SSH. +Note that the SSH key pair must @emph{not} be passphrase-protected, to allow +non-interactive logins. + +@item host-key +This must be the machine's SSH @dfn{public host key} in OpenSSH format. +This is used to authenticate the machine when we connect to it. It is a +long string that looks like this: + +@example +ssh-ed25519 AAAAC3NzaC@dots{}mde+UhL hint@@example.org +@end example + +If the machine is running the OpenSSH daemon, @command{sshd}, the host key +can be found in a file such as @file{/etc/ssh/ssh_host_ed25519_key.pub}. + +If the machine is running the SSH daemon of GNU@tie{}lsh, @command{lshd}, +the host key is in @file{/etc/lsh/host-key.pub} or a similar file. It can +be converted to the OpenSSH format using @command{lsh-export-key} +(@pxref{Converting keys,,, lsh, LSH Manual}): + +@example +$ lsh-export-key --openssh < /etc/lsh/host-key.pub +ssh-rsa AAAAB3NzaC1yc2EAAAAEOp8FoQAAAQEAs1eB46LV@dots{} +@end example + +@end table + +A number of optional fields may be specified: + +@table @asis + +@item @code{port} (default: @code{22}) +Port number of SSH server on the machine. + +@item @code{private-key} (default: @file{~root/.ssh/id_rsa}) +The SSH private key file to use when connecting to the machine, in OpenSSH +format. + +Note that the default value is the private key @emph{of the root account}. +Make sure it exists if you use the default. + +@item @code{compression} (default: @code{"zlib@@openssh.com,zlib"}) +@itemx @code{compression-level} (default: @code{3}) +The SSH-level compression methods and compression level requested. + +Note that offloading relies on SSH compression to reduce bandwidth usage +when transferring files to and from build machines. + +@item @code{daemon-socket} (default: @code{"/var/guix/daemon-socket/socket"}) +File name of the Unix-domain socket @command{guix-daemon} is listening to on +that machine. + +@item @code{parallel-builds} (default: @code{1}) +The number of builds that may run in parallel on the machine. + +@item @code{speed} (default: @code{1.0}) +A ``relative speed factor''. The offload scheduler will tend to prefer +machines with a higher speed factor. + +@item @code{features} (default: @code{'()}) +A list of strings denoting specific features supported by the machine. An +example is @code{"kvm"} for machines that have the KVM Linux modules and +corresponding hardware support. Derivations can request features by name, +and they will be scheduled on matching build machines. + +@end table +@end deftp + +The @code{guile} command must be in the search path on the build machines. +In addition, the Guix modules must be in @code{$GUILE_LOAD_PATH} on the +build machine---you can check whether this is the case by running: + +@example +ssh build-machine guile -c "'(use-modules (guix config))'" +@end example + +There is one last thing to do once @file{machines.scm} is in place. As +explained above, when offloading, files are transferred back and forth +between the machine stores. For this to work, you first need to generate a +key pair on each machine to allow the daemon to export signed archives of +files from the store (@pxref{Invoquer guix archive}): + +@example +# guix archive --generate-key +@end example + +@noindent +Each build machine must authorize the key of the master machine so that it +accepts store items it receives from the master: + +@example +# guix archive --authorize < master-public-key.txt +@end example + +@noindent +Likewise, the master machine must authorize the key of each build machine. + +All the fuss with keys is here to express pairwise mutual trust relations +between the master and the build machines. Concretely, when the master +receives files from a build machine (and @i{vice versa}), its build daemon +can make sure they are genuine, have not been tampered with, and that they +are signed by an authorized key. + +@cindex offload test +To test whether your setup is operational, run this command on the master +node: + +@example +# guix offload test +@end example + +This will attempt to connect to each of the build machines specified in +@file{/etc/guix/machines.scm}, make sure Guile and the Guix modules are +available on each machine, attempt to export to the machine and import from +it, and report any error in the process. + +If you want to test a different machine file, just specify it on the command +line: + +@example +# guix offload test machines-qualif.scm +@end example + +Last, you can test the subset of the machines whose name matches a regular +expression like this: + +@example +# guix offload test machines.scm '\.gnu\.org$' +@end example + +@cindex offload status +To display the current load of all build hosts, run this command on the main +node: + +@example +# guix offload status +@end example + + +@node Support de SELinux +@subsection Support de SELinux + +@cindex SELinux, daemon policy +@cindex mandatory access control, SELinux +@cindex security, guix-daemon +Guix includes an SELinux policy file at @file{etc/guix-daemon.cil} that can +be installed on a system where SELinux is enabled, in order to label Guix +files and to specify the expected behavior of the daemon. Since GuixSD does +not provide an SELinux base policy, the daemon policy cannot be used on +GuixSD. + +@subsubsection Installing the SELinux policy +@cindex SELinux, policy installation +To install the policy run this command as root: + +@example +semodule -i etc/guix-daemon.cil +@end example + +Then relabel the file system with @code{restorecon} or by a different +mechanism provided by your system. + +Once the policy is installed, the file system has been relabeled, and the +daemon has been restarted, it should be running in the @code{guix_daemon_t} +context. You can confirm this with the following command: + +@example +ps -Zax | grep guix-daemon +@end example + +Monitor the SELinux log files as you run a command like @code{guix build +hello} to convince yourself that SELinux permits all necessary operations. + +@subsubsection Limitations +@cindex SELinux, limitations + +This policy is not perfect. Here is a list of limitations or quirks that +should be considered when deploying the provided SELinux policy for the Guix +daemon. + +@enumerate +@item +@code{guix_daemon_socket_t} isn’t actually used. None of the socket +operations involve contexts that have anything to do with +@code{guix_daemon_socket_t}. It doesn’t hurt to have this unused label, but +it would be preferrable to define socket rules for only this label. + +@item +@code{guix gc} cannot access arbitrary links to profiles. By design, the +file label of the destination of a symlink is independent of the file label +of the link itself. Although all profiles under $localstatedir are +labelled, the links to these profiles inherit the label of the directory +they are in. For links in the user’s home directory this will be +@code{user_home_t}. But for links from the root user’s home directory, or +@file{/tmp}, or the HTTP server’s working directory, etc, this won’t work. +@code{guix gc} would be prevented from reading and following these links. + +@item +The daemon’s feature to listen for TCP connections might no longer work. +This might require extra rules, because SELinux treats network sockets +differently from files. + +@item +Currently all files with a name matching the regular expression +@code{/gnu/store/.+-(guix-.+|profile)/bin/guix-daemon} are assigned the +label @code{guix_daemon_exec_t}; this means that @emph{any} file with that +name in any profile would be permitted to run in the @code{guix_daemon_t} +domain. This is not ideal. An attacker could build a package that provides +this executable and convince a user to install and run it, which lifts it +into the @code{guix_daemon_t} domain. At that point SELinux could not +prevent it from accessing files that are allowed for processes in that +domain. + +We could generate a much more restrictive policy at installation time, so +that only the @emph{exact} file name of the currently installed +@code{guix-daemon} executable would be labelled with +@code{guix_daemon_exec_t}, instead of using a broad regular expression. The +downside is that root would have to install or upgrade the policy at +installation time whenever the Guix package that provides the effectively +running @code{guix-daemon} executable is upgraded. +@end enumerate + +@node Invoquer guix-daemon +@section Invoking @command{guix-daemon} + +The @command{guix-daemon} program implements all the functionality to access +the store. This includes launching build processes, running the garbage +collector, querying the availability of a build result, etc. It is normally +run as @code{root} like this: + +@example +# guix-daemon --build-users-group=guixbuild +@end example + +@noindent +Pour des détails sur son paramétrage, @pxref{Paramétrer le démon}. + +@cindex chroot +@cindex container, build environment +@cindex build environment +@cindex reproducible builds +Par défaut, @command{guix-daemon} lance les processus de construction sous +différents UID récupérés depuis le groupe de construction spécifié avec +@code{--build-users-group}. En plus, chaque processus de construction est +lancé dans un environnement chroot qui ne contient que le sous-ensemble du +dépôt dont le processus de construction dépend, tel que spécifié par sa +dérivation (@pxref{Interface de programmation, dérivation}), plus un +ensemble de répertoires systèmes spécifiques. Par défaut ce dernier contient +@file{/dev} et @file{/dev/pts}. De plus, sous GNU/Linux, l'environnement de +construction est un @dfn{conteneur} : en plus d'avoir sa propre arborescence +du système de fichier, elle a un espace de montage séparé, son propre espace +de PID, son espace de réseau, etc. Cela aide à obtenir des constructions +reproductibles (@pxref{Fonctionnalités}). + +When the daemon performs a build on behalf of the user, it creates a build +directory under @file{/tmp} or under the directory specified by its +@code{TMPDIR} environment variable; this directory is shared with the +container for the duration of the build. Be aware that using a directory +other than @file{/tmp} can affect build results---for example, with a longer +directory name, a build process that uses Unix-domain sockets might hit the +name length limitation for @code{sun_path}, which it would otherwise not +hit. + +The build directory is automatically deleted upon completion, unless the +build failed and the client specified @option{--keep-failed} +(@pxref{Invoquer guix build, @option{--keep-failed}}). + +The following command-line options are supported: + +@table @code +@item --build-users-group=@var{group} +Prend les utilisateurs de @var{group} pour lancer les processus de +construction (@pxref{Paramétrer le démon, utilisateurs de construction}). + +@item --no-substitutes +@cindex substitutes +Ne pas utiliser de substitut pour les résultats de la +construction. C'est-à-dire, toujours construire localement plutôt que de +permettre le téléchargement de binaires pré-construits (@pxref{Substituts}). + +When the daemon runs with @code{--no-substitutes}, clients can still +explicitly enable substitution @i{via} the @code{set-build-options} remote +procedure call (@pxref{Le dépôt}). + +@item --substitute-urls=@var{urls} +@anchor{daemon-substitute-urls} +Consider @var{urls} the default whitespace-separated list of substitute +source URLs. When this option is omitted, +@indicateurl{https://mirror.hydra.gnu.org https://hydra.gnu.org} is used +(@code{mirror.hydra.gnu.org} is a mirror of @code{hydra.gnu.org}). + +Cela signifie que les substituts sont téléchargés depuis les @var{urls}, +tant qu'ils sont signés par une signature de confiance (@pxref{Substituts}). + +@cindex build hook +@item --no-build-hook +Do not use the @dfn{build hook}. + +The build hook is a helper program that the daemon can start and to which it +submits build requests. This mechanism is used to offload builds to other +machines (@pxref{Réglages du délestage du démon}). + +@item --cache-failures +Cache build failures. By default, only successful builds are cached. + +When this option is used, @command{guix gc --list-failures} can be used to +query the set of store items marked as failed; @command{guix gc +--clear-failures} removes store items from the set of cached failures. +@xref{Invoquer guix gc}. + +@item --cores=@var{n} +@itemx -c @var{n} +Use @var{n} CPU cores to build each derivation; @code{0} means as many as +available. + +The default value is @code{0}, but it may be overridden by clients, such as +the @code{--cores} option of @command{guix build} (@pxref{Invoquer guix build}). + +The effect is to define the @code{NIX_BUILD_CORES} environment variable in +the build process, which can then use it to exploit internal +parallelism---for instance, by running @code{make -j$NIX_BUILD_CORES}. + +@item --max-jobs=@var{n} +@itemx -M @var{n} +Allow at most @var{n} build jobs in parallel. The default value is +@code{1}. Setting it to @code{0} means that no builds will be performed +locally; instead, the daemon will offload builds (@pxref{Réglages du délestage du démon}), or simply fail. + +@item --max-silent-time=@var{seconds} +When the build or substitution process remains silent for more than +@var{seconds}, terminate it and report a build failure. + +The default value is @code{0}, which disables the timeout. + +The value specified here can be overridden by clients (@pxref{Options de construction communes, @code{--max-silent-time}}). + +@item --timeout=@var{seconds} +Likewise, when the build or substitution process lasts for more than +@var{seconds}, terminate it and report a build failure. + +The default value is @code{0}, which disables the timeout. + +The value specified here can be overridden by clients (@pxref{Options de construction communes, @code{--timeout}}). + +@item --rounds=@var{N} +Build each derivation @var{n} times in a row, and raise an error if +consecutive build results are not bit-for-bit identical. Note that this +setting can be overridden by clients such as @command{guix build} +(@pxref{Invoquer guix build}). + +When used in conjunction with @option{--keep-failed}, the differing output +is kept in the store, under @file{/gnu/store/@dots{}-check}. This makes it +easy to look for differences between the two results. + +@item --debug +Produce debugging output. + +This is useful to debug daemon start-up issues, but then it may be +overridden by clients, for example the @code{--verbosity} option of +@command{guix build} (@pxref{Invoquer guix build}). + +@item --chroot-directory=@var{dir} +Add @var{dir} to the build chroot. + +Doing this may change the result of build processes---for instance if they +use optional dependencies found in @var{dir} when it is available, and not +otherwise. For that reason, it is not recommended to do so. Instead, make +sure that each derivation declares all the inputs that it needs. + +@item --disable-chroot +Disable chroot builds. + +Using this option is not recommended since, again, it would allow build +processes to gain access to undeclared dependencies. It is necessary, +though, when @command{guix-daemon} is running under an unprivileged user +account. + +@item --log-compression=@var{type} +Compress build logs according to @var{type}, one of @code{gzip}, +@code{bzip2}, or @code{none}. + +Unless @code{--lose-logs} is used, all the build logs are kept in the +@var{localstatedir}. To save space, the daemon automatically compresses +them with bzip2 by default. + +@item --disable-deduplication +@cindex deduplication +Disable automatic file ``deduplication'' in the store. + +By default, files added to the store are automatically ``deduplicated'': if +a newly added file is identical to another one found in the store, the +daemon makes the new file a hard link to the other file. This can +noticeably reduce disk usage, at the expense of slightly increased +input/output load at the end of a build process. This option disables this +optimization. + +@item --gc-keep-outputs[=yes|no] +Tell whether the garbage collector (GC) must keep outputs of live +derivations. + +@cindex GC roots +@cindex garbage collector roots +When set to ``yes'', the GC will keep the outputs of any live derivation +available in the store---the @code{.drv} files. The default is ``no'', +meaning that derivation outputs are kept only if they are GC roots. +@xref{Invoquer guix gc}, for more on GC roots. + +@item --gc-keep-derivations[=yes|no] +Tell whether the garbage collector (GC) must keep derivations corresponding +to live outputs. + +When set to ``yes'', as is the case by default, the GC keeps +derivations---i.e., @code{.drv} files---as long as at least one of their +outputs is live. This allows users to keep track of the origins of items in +their store. Setting it to ``no'' saves a bit of disk space. + +Note that when both @code{--gc-keep-derivations} and +@code{--gc-keep-outputs} are used, the effect is to keep all the build +prerequisites (the sources, compiler, libraries, and other build-time tools) +of live objects in the store, regardless of whether these prerequisites are +live. This is convenient for developers since it saves rebuilds or +downloads. + +@item --impersonate-linux-2.6 +On Linux-based systems, impersonate Linux 2.6. This means that the kernel's +@code{uname} system call will report 2.6 as the release number. + +This might be helpful to build programs that (usually wrongfully) depend on +the kernel version number. + +@item --lose-logs +Do not keep build logs. By default they are kept under +@code{@var{localstatedir}/guix/log}. + +@item --system=@var{system} +Assume @var{system} as the current system type. By default it is the +architecture/kernel pair found at configure time, such as +@code{x86_64-linux}. + +@item --listen=@var{endpoint} +Listen for connections on @var{endpoint}. @var{endpoint} is interpreted as +the file name of a Unix-domain socket if it starts with @code{/} (slash +sign). Otherwise, @var{endpoint} is interpreted as a host name or host name +and port to listen to. Here are a few examples: + +@table @code +@item --listen=/gnu/var/daemon +Listen for connections on the @file{/gnu/var/daemon} Unix-domain socket, +creating it if needed. + +@item --listen=localhost +@cindex daemon, remote access +@cindex remote access to the daemon +@cindex daemon, cluster setup +@cindex clusters, daemon setup +Listen for TCP connections on the network interface corresponding to +@code{localhost}, on port 44146. + +@item --listen=128.0.0.42:1234 +Listen for TCP connections on the network interface corresponding to +@code{128.0.0.42}, on port 1234. +@end table + +This option can be repeated multiple times, in which case +@command{guix-daemon} accepts connections on all the specified endpoints. +Users can tell client commands what endpoint to connect to by setting the +@code{GUIX_DAEMON_SOCKET} environment variable (@pxref{Le dépôt, +@code{GUIX_DAEMON_SOCKET}}). + +@quotation Note +The daemon protocol is @emph{unauthenticated and unencrypted}. Using +@code{--listen=@var{host}} is suitable on local networks, such as clusters, +where only trusted nodes may connect to the build daemon. In other cases +where remote access to the daemon is needed, we recommend using Unix-domain +sockets along with SSH. +@end quotation + +When @code{--listen} is omitted, @command{guix-daemon} listens for +connections on the Unix-domain socket located at +@file{@var{localstatedir}/guix/daemon-socket/socket}. +@end table + + +@node Réglages applicatifs +@section Réglages applicatifs + +@cindex distro extérieure +When using Guix on top of GNU/Linux distribution other than GuixSD---a +so-called @dfn{foreign distro}---a few additional steps are needed to get +everything in place. Here are some of them. + +@subsection Régionalisation + +@anchor{locales-and-locpath} +@cindex locales, when not on GuixSD +@vindex LOCPATH +@vindex GUIX_LOCPATH +Packages installed @i{via} Guix will not use the locale data of the host +system. Instead, you must first install one of the locale packages +available with Guix and then define the @code{GUIX_LOCPATH} environment +variable: + +@example +$ guix package -i glibc-locales +$ export GUIX_LOCPATH=$HOME/.guix-profile/lib/locale +@end example + +Note that the @code{glibc-locales} package contains data for all the locales +supported by the GNU@tie{}libc and weighs in at around 110@tie{}MiB. +Alternatively, the @code{glibc-utf8-locales} is smaller but limited to a few +UTF-8 locales. + +The @code{GUIX_LOCPATH} variable plays a role similar to @code{LOCPATH} +(@pxref{Locale Names, @code{LOCPATH},, libc, The GNU C Library Reference +Manual}). There are two important differences though: + +@enumerate +@item +@code{GUIX_LOCPATH} is honored only by the libc in Guix, and not by the libc +provided by foreign distros. Thus, using @code{GUIX_LOCPATH} allows you to +make sure the programs of the foreign distro will not end up loading +incompatible locale data. + +@item +libc suffixes each entry of @code{GUIX_LOCPATH} with @code{/X.Y}, where +@code{X.Y} is the libc version---e.g., @code{2.22}. This means that, should +your Guix profile contain a mixture of programs linked against different +libc version, each libc version will only try to load locale data in the +right format. +@end enumerate + +This is important because the locale data format used by different libc +versions may be incompatible. + +@subsection Name Service Switch + +@cindex name service switch, glibc +@cindex NSS (name service switch), glibc +@cindex nscd (name service caching daemon) +@cindex name service caching daemon (nscd) +When using Guix on a foreign distro, we @emph{strongly recommend} that the +system run the GNU C library's @dfn{name service cache daemon}, +@command{nscd}, which should be listening on the @file{/var/run/nscd/socket} +socket. Failing to do that, applications installed with Guix may fail to +look up host names or user accounts, or may even crash. The next paragraphs +explain why. + +@cindex @file{nsswitch.conf} +The GNU C library implements a @dfn{name service switch} (NSS), which is an +extensible mechanism for ``name lookups'' in general: host name resolution, +user accounts, and more (@pxref{Name Service Switch,,, libc, The GNU C +Library Reference Manual}). + +@cindex Network information service (NIS) +@cindex NIS (Network information service) +Being extensible, the NSS supports @dfn{plugins}, which provide new name +lookup implementations: for example, the @code{nss-mdns} plugin allow +resolution of @code{.local} host names, the @code{nis} plugin allows user +account lookup using the Network information service (NIS), and so on. +These extra ``lookup services'' are configured system-wide in +@file{/etc/nsswitch.conf}, and all the programs running on the system honor +those settings (@pxref{NSS Configuration File,,, libc, The GNU C Reference +Manual}). + +When they perform a name lookup---for instance by calling the +@code{getaddrinfo} function in C---applications first try to connect to the +nscd; on success, nscd performs name lookups on their behalf. If the nscd +is not running, then they perform the name lookup by themselves, by loading +the name lookup services into their own address space and running it. These +name lookup services---the @file{libnss_*.so} files---are @code{dlopen}'d, +but they may come from the host system's C library, rather than from the C +library the application is linked against (the C library coming from Guix). + +And this is where the problem is: if your application is linked against +Guix's C library (say, glibc 2.24) and tries to load NSS plugins from +another C library (say, @code{libnss_mdns.so} for glibc 2.22), it will +likely crash or have its name lookups fail unexpectedly. + +Running @command{nscd} on the system, among other advantages, eliminates +this binary incompatibility problem because those @code{libnss_*.so} files +are loaded in the @command{nscd} process, not in applications themselves. + +@subsection X11 Fonts + +@cindex fonts +The majority of graphical applications use Fontconfig to locate and load +fonts and perform X11-client-side rendering. The @code{fontconfig} package +in Guix looks for fonts in @file{$HOME/.guix-profile} by default. Thus, to +allow graphical applications installed with Guix to display fonts, you have +to install fonts with Guix as well. Essential font packages include +@code{gs-fonts}, @code{font-dejavu}, and @code{font-gnu-freefont-ttf}. + +To display text written in Chinese languages, Japanese, or Korean in +graphical applications, consider installing +@code{font-adobe-source-han-sans} or @code{font-wqy-zenhei}. The former has +multiple outputs, one per language family (@pxref{Des paquets avec plusieurs résultats}). For instance, the following command installs fonts for Chinese +languages: + +@example +guix package -i font-adobe-source-han-sans:cn +@end example + +@cindex @code{xterm} +Older programs such as @command{xterm} do not use Fontconfig and instead +rely on server-side font rendering. Such programs require to specify a full +name of a font using XLFD (X Logical Font Description), like this: + +@example +-*-dejavu sans-medium-r-normal-*-*-100-*-*-*-*-*-1 +@end example + +To be able to use such full names for the TrueType fonts installed in your +Guix profile, you need to extend the font path of the X server: + +@c Note: 'xset' does not accept symlinks so the trick below arranges to +@c get at the real directory. See . +@example +xset +fp $(dirname $(readlink -f ~/.guix-profile/share/fonts/truetype/fonts.dir)) +@end example + +@cindex @code{xlsfonts} +After that, you can run @code{xlsfonts} (from @code{xlsfonts} package) to +make sure your TrueType fonts are listed there. + +@cindex @code{fc-cache} +@cindex font cache +After installing fonts you may have to refresh the font cache to use them in +applications. The same applies when applications installed via Guix do not +seem to find fonts. To force rebuilding of the font cache run +@code{fc-cache -f}. The @code{fc-cache} command is provided by the +@code{fontconfig} package. + +@subsection Certificats X.509 + +@cindex @code{nss-certs} +The @code{nss-certs} package provides X.509 certificates, which allow +programs to authenticate Web servers accessed over HTTPS. + +When using Guix on a foreign distro, you can install this package and define +the relevant environment variables so that packages know where to look for +certificates. @xref{Certificats X.509}, for detailed information. + +@subsection Emacs Packages + +@cindex @code{emacs} +When you install Emacs packages with Guix, the elisp files may be placed +either in @file{$HOME/.guix-profile/share/emacs/site-lisp/} or in +sub-directories of +@file{$HOME/.guix-profile/share/emacs/site-lisp/guix.d/}. The latter +directory exists because potentially there may exist thousands of Emacs +packages and storing all their files in a single directory may not be +reliable (because of name conflicts). So we think using a separate +directory for each package is a good idea. It is very similar to how the +Emacs package system organizes the file structure (@pxref{Package Files,,, +emacs, The GNU Emacs Manual}). + +By default, Emacs (installed with Guix) ``knows'' where these packages are +placed, so you do not need to perform any configuration. If, for some +reason, you want to avoid auto-loading Emacs packages installed with Guix, +you can do so by running Emacs with @code{--no-site-file} option +(@pxref{Init File,,, emacs, The GNU Emacs Manual}). + +@subsection The GCC toolchain + +@cindex GCC +@cindex ld-wrapper + +Guix offers individual compiler packages such as @code{gcc} but if you are +in need of a complete toolchain for compiling and linking source code what +you really want is the @code{gcc-toolchain} package. This package provides +a complete GCC toolchain for C/C++ development, including GCC itself, the +GNU C Library (headers and binaries, plus debugging symbols in the +@code{debug} output), Binutils, and a linker wrapper. + +@cindex attempt to use impure library, error message + +The wrapper's purpose is to inspect the @code{-L} and @code{-l} switches +passed to the linker, add corresponding @code{-rpath} arguments, and invoke +the actual linker with this new set of arguments. By default, the linker +wrapper refuses to link to libraries outside the store to ensure +``purity''. This can be annoying when using the toolchain to link with +local libraries. To allow references to libraries outside the store you +need to define the environment variable +@code{GUIX_LD_WRAPPER_ALLOW_IMPURITIES}. + +@c TODO What else? + +@c ********************************************************************* +@node Gestion de paquets +@chapter Gestion de paquets + +@cindex packages +The purpose of GNU Guix is to allow users to easily install, upgrade, and +remove software packages, without having to know about their build +procedures or dependencies. Guix also goes beyond this obvious set of +features. + +Ce chapitre décrit les principales fonctionnalités de Guix, ainsi que des +outils de gestion des paquets qu'il fournit. En plus de l'interface en ligne +de commande décrite en dessous de (@pxref{Invoquer guix package, @code{guix +package}}), vous pouvez aussi utiliser l'interface Emacs-Guix (@pxref{Top,,, +emacs-guix, Le manuel de référence de emacs-guix}), après avoir installé le +paquet @code{emacs-guix} (lancez la commande @kbd{M-x guix-help} pour le +démarrer) : + +@example +guix package -i emacs-guix +@end example + +@menu +* Fonctionnalités:: Comment Guix va rendre votre vie plus heureuse. +* Invoquer guix package:: Installation, suppression, etc. de paquets. +* Substituts:: Télécharger des binaire déjà construits. +* Des paquets avec plusieurs résultats:: Un seul paquet source, plusieurs + résultats. +* Invoquer guix gc:: Lancer le ramasse-miettes. +* Invoquer guix pull:: Récupérer la dernière version de Guix et de + la distribution. +* Invoquer guix pack:: Créer des lots de logiciels. +* Invoquer guix archive:: Exporter et importer des fichiers du dépôt. +@end menu + +@node Fonctionnalités +@section Fonctionnalités + +When using Guix, each package ends up in the @dfn{package store}, in its own +directory---something that resembles @file{/gnu/store/xxx-package-1.2}, +where @code{xxx} is a base32 string. + +Instead of referring to these directories, users have their own +@dfn{profile}, which points to the packages that they actually want to use. +These profiles are stored within each user's home directory, at +@code{$HOME/.guix-profile}. + +For example, @code{alice} installs GCC 4.7.2. As a result, +@file{/home/alice/.guix-profile/bin/gcc} points to +@file{/gnu/store/@dots{}-gcc-4.7.2/bin/gcc}. Now, on the same machine, +@code{bob} had already installed GCC 4.8.0. The profile of @code{bob} +simply continues to point to +@file{/gnu/store/@dots{}-gcc-4.8.0/bin/gcc}---i.e., both versions of GCC +coexist on the same system without any interference. + +The @command{guix package} command is the central tool to manage packages +(@pxref{Invoquer guix package}). It operates on the per-user profiles, and +can be used @emph{with normal user privileges}. + +@cindex transactions +The command provides the obvious install, remove, and upgrade operations. +Each invocation is actually a @emph{transaction}: either the specified +operation succeeds, or nothing happens. Thus, if the @command{guix package} +process is terminated during the transaction, or if a power outage occurs +during the transaction, then the user's profile remains in its previous +state, and remains usable. + +In addition, any package transaction may be @emph{rolled back}. So, if, for +example, an upgrade installs a new version of a package that turns out to +have a serious bug, users may roll back to the previous instance of their +profile, which was known to work well. Similarly, the global system +configuration on GuixSD is subject to transactional upgrades and roll-back +(@pxref{Utiliser le système de configuration}). + +All packages in the package store may be @emph{garbage-collected}. Guix can +determine which packages are still referenced by user profiles, and remove +those that are provably no longer referenced (@pxref{Invoquer guix gc}). +Users may also explicitly remove old generations of their profile so that +the packages they refer to can be collected. + +@cindex reproducibility +@cindex reproducible builds +Finally, Guix takes a @dfn{purely functional} approach to package +management, as described in the introduction (@pxref{Introduction}). Each +@file{/gnu/store} package directory name contains a hash of all the inputs +that were used to build that package---compiler, libraries, build scripts, +etc. This direct correspondence allows users to make sure a given package +installation matches the current state of their distribution. It also helps +maximize @dfn{build reproducibility}: thanks to the isolated build +environments that are used, a given build is likely to yield bit-identical +files when performed on different machines (@pxref{Invoquer guix-daemon, +container}). + +@cindex substitutes +Ce fondement permet à Guix de supporter le @dfn{déploiement transparent de +binaire ou source}. Lorsqu'une binaire pré-construit pour une entrée de +@file{/gnu/store} est disponible depuis une source externe (un +@dfn{substitut}), Guix le télécharge simplement et le décompresse ; sinon, +il construit le paquet depuis les sources localement +(@pxref{Substituts}). Comme les résultats des constructions sont +généralement reproductibles au bit près, si vous n'avez pas besoin de faire +confiance aux serveurs qui fournissent les substituts : vous pouvez forcer +une construction locale et @emph{défier} les fournisseurs (@pxref{Invoquer guix challenge}). + +Control over the build environment is a feature that is also useful for +developers. The @command{guix environment} command allows developers of a +package to quickly set up the right development environment for their +package, without having to manually install the dependencies of the package +into their profile (@pxref{Invoquer guix environment}). + +@node Invoquer guix package +@section Invoking @command{guix package} + +@cindex installing packages +@cindex removing packages +@cindex package installation +@cindex package removal +La commande @command{guix package} est l'outil qui permet d'installer, +mettre à jour et supprimer les paquets ainsi que de revenir à une +configuration précédente. Elle n'opère que dans le profil de l'utilisateur +et fonctionne avec les privilèges utilisateurs normaux +(@pxref{Fonctionnalités}). Sa syntaxe est : + +@example +guix package @var{options} +@end example +@cindex transactions +Primarily, @var{options} specifies the operations to be performed during the +transaction. Upon completion, a new profile is created, but previous +@dfn{generations} of the profile remain available, should the user want to +roll back. + +For example, to remove @code{lua} and install @code{guile} and +@code{guile-cairo} in a single transaction: + +@example +guix package -r lua -i guile guile-cairo +@end example + +@command{guix package} also supports a @dfn{declarative approach} whereby +the user specifies the exact set of packages to be available and passes it +@i{via} the @option{--manifest} option (@pxref{profile-manifest, +@option{--manifest}}). + +@cindex profile +For each user, a symlink to the user's default profile is automatically +created in @file{$HOME/.guix-profile}. This symlink always points to the +current generation of the user's default profile. Thus, users can add +@file{$HOME/.guix-profile/bin} to their @code{PATH} environment variable, +and so on. +@cindex search paths +If you are not using the Guix System Distribution, consider adding the +following lines to your @file{~/.bash_profile} (@pxref{Bash Startup Files,,, +bash, The GNU Bash Reference Manual}) so that newly-spawned shells get all +the right environment variable definitions: + +@example +GUIX_PROFILE="$HOME/.guix-profile" ; \ +source "$HOME/.guix-profile/etc/profile" +@end example + +In a multi-user setup, user profiles are stored in a place registered as a +@dfn{garbage-collector root}, which @file{$HOME/.guix-profile} points to +(@pxref{Invoquer guix gc}). That directory is normally +@code{@var{localstatedir}/guix/profiles/per-user/@var{user}}, where +@var{localstatedir} is the value passed to @code{configure} as +@code{--localstatedir}, and @var{user} is the user name. The +@file{per-user} directory is created when @command{guix-daemon} is started, +and the @var{user} sub-directory is created by @command{guix package}. + +The @var{options} can be among the following: + +@table @code + +@item --install=@var{package} @dots{} +@itemx -i @var{package} @dots{} +Install the specified @var{package}s. + +Each @var{package} may specify either a simple package name, such as +@code{guile}, or a package name followed by an at-sign and version number, +such as @code{guile@@1.8.8} or simply @code{guile@@1.8} (in the latter case, +the newest version prefixed by @code{1.8} is selected.) + +If no version number is specified, the newest available version will be +selected. In addition, @var{package} may contain a colon, followed by the +name of one of the outputs of the package, as in @code{gcc:doc} or +@code{binutils@@2.22:lib} (@pxref{Des paquets avec plusieurs résultats}). +Packages with a corresponding name (and optionally version) are searched for +among the GNU distribution modules (@pxref{Modules de paquets}). + +@cindex propagated inputs +Sometimes packages have @dfn{propagated inputs}: these are dependencies that +automatically get installed along with the required package +(@pxref{package-propagated-inputs, @code{propagated-inputs} in +@code{package} objects}, for information about propagated inputs in package +definitions). + +@anchor{package-cmd-propagated-inputs} +An example is the GNU MPC library: its C header files refer to those of the +GNU MPFR library, which in turn refer to those of the GMP library. Thus, +when installing MPC, the MPFR and GMP libraries also get installed in the +profile; removing MPC also removes MPFR and GMP---unless they had also been +explicitly installed by the user. + +Besides, packages sometimes rely on the definition of environment variables +for their search paths (see explanation of @code{--search-paths} below). +Any missing or possibly incorrect environment variable definitions are +reported here. + +@item --install-from-expression=@var{exp} +@itemx -e @var{exp} +Install the package @var{exp} evaluates to. + +@var{exp} must be a Scheme expression that evaluates to a @code{} +object. This option is notably useful to disambiguate between same-named +variants of a package, with expressions such as @code{(@@ (gnu packages +base) guile-final)}. + +Note that this option installs the first output of the specified package, +which may be insufficient when needing a specific output of a +multiple-output package. + +@item --install-from-file=@var{file} +@itemx -f @var{file} +Install the package that the code within @var{file} evaluates to. + +As an example, @var{file} might contain a definition like this +(@pxref{Définition des paquets}): + +@example +@verbatiminclude package-hello.scm +@end example + +Developers may find it useful to include such a @file{guix.scm} file in the +root of their project source tree that can be used to test development +snapshots and create reproducible development environments (@pxref{Invoquer guix environment}). + +@item --remove=@var{package} @dots{} +@itemx -r @var{package} @dots{} +Remove the specified @var{package}s. + +As for @code{--install}, each @var{package} may specify a version number +and/or output name in addition to the package name. For instance, @code{-r +glibc:debug} would remove the @code{debug} output of @code{glibc}. + +@item --upgrade[=@var{regexp} @dots{}] +@itemx -u [@var{regexp} @dots{}] +@cindex upgrading packages +Upgrade all the installed packages. If one or more @var{regexp}s are +specified, upgrade only installed packages whose name matches a +@var{regexp}. Also see the @code{--do-not-upgrade} option below. + +Note that this upgrades package to the latest version of packages found in +the distribution currently installed. To update your distribution, you +should regularly run @command{guix pull} (@pxref{Invoquer guix pull}). + +@item --do-not-upgrade[=@var{regexp} @dots{}] +When used together with the @code{--upgrade} option, do @emph{not} upgrade +any packages whose name matches a @var{regexp}. For example, to upgrade all +packages in the current profile except those containing the substring +``emacs'': + +@example +$ guix package --upgrade . --do-not-upgrade emacs +@end example + +@item @anchor{profile-manifest}--manifest=@var{file} +@itemx -m @var{file} +@cindex profile declaration +@cindex profile manifest +Create a new generation of the profile from the manifest object returned by +the Scheme code in @var{file}. + +This allows you to @emph{declare} the profile's contents rather than +constructing it through a sequence of @code{--install} and similar +commands. The advantage is that @var{file} can be put under version +control, copied to different machines to reproduce the same profile, and so +on. + +@c FIXME: Add reference to (guix profile) documentation when available. +@var{file} must return a @dfn{manifest} object, which is roughly a list of +packages: + +@findex packages->manifest +@example +(use-package-modules guile emacs) + +(packages->manifest + (list emacs + guile-2.0 + ;; Use a specific package output. + (list guile-2.0 "debug"))) +@end example + +@findex specifications->manifest +In this example we have to know which modules define the @code{emacs} and +@code{guile-2.0} variables to provide the right @code{use-package-modules} +line, which can be cumbersome. We can instead provide regular package +specifications and let @code{specifications->manifest} look up the +corresponding package objects, like this: + +@example +(specifications->manifest + '("emacs" "guile@@2.2" "guile@@2.2:debug")) +@end example + +@item --roll-back +@cindex rolling back +@cindex undoing transactions +@cindex transactions, undoing +Roll back to the previous @dfn{generation} of the profile---i.e., undo the +last transaction. + +When combined with options such as @code{--install}, roll back occurs before +any other actions. + +When rolling back from the first generation that actually contains installed +packages, the profile is made to point to the @dfn{zeroth generation}, which +contains no files apart from its own metadata. + +After having rolled back, installing, removing, or upgrading packages +overwrites previous future generations. Thus, the history of the +generations in a profile is always linear. + +@item --switch-generation=@var{pattern} +@itemx -S @var{pattern} +@cindex generations +Switch to a particular generation defined by @var{pattern}. + +@var{pattern} may be either a generation number or a number prefixed with +``+'' or ``-''. The latter means: move forward/backward by a specified +number of generations. For example, if you want to return to the latest +generation after @code{--roll-back}, use @code{--switch-generation=+1}. + +The difference between @code{--roll-back} and @code{--switch-generation=-1} +is that @code{--switch-generation} will not make a zeroth generation, so if +a specified generation does not exist, the current generation will not be +changed. + +@item --search-paths[=@var{kind}] +@cindex search paths +Report environment variable definitions, in Bash syntax, that may be needed +in order to use the set of installed packages. These environment variables +are used to specify @dfn{search paths} for files used by some of the +installed packages. + +For example, GCC needs the @code{CPATH} and @code{LIBRARY_PATH} environment +variables to be defined so it can look for headers and libraries in the +user's profile (@pxref{Environment Variables,,, gcc, Using the GNU Compiler +Collection (GCC)}). If GCC and, say, the C library are installed in the +profile, then @code{--search-paths} will suggest setting these variables to +@code{@var{profile}/include} and @code{@var{profile}/lib}, respectively. + +The typical use case is to define these environment variables in the shell: + +@example +$ eval `guix package --search-paths` +@end example + +@var{kind} may be one of @code{exact}, @code{prefix}, or @code{suffix}, +meaning that the returned environment variable definitions will either be +exact settings, or prefixes or suffixes of the current value of these +variables. When omitted, @var{kind} defaults to @code{exact}. + +This option can also be used to compute the @emph{combined} search paths of +several profiles. Consider this example: + +@example +$ guix package -p foo -i guile +$ guix package -p bar -i guile-json +$ guix package -p foo -p bar --search-paths +@end example + +The last command above reports about the @code{GUILE_LOAD_PATH} variable, +even though, taken individually, neither @file{foo} nor @file{bar} would +lead to that recommendation. + + +@item --profile=@var{profile} +@itemx -p @var{profile} +Use @var{profile} instead of the user's default profile. + +@cindex collisions, in a profile +@cindex colliding packages in profiles +@cindex profile collisions +@item --allow-collisions +Allow colliding packages in the new profile. Use at your own risk! + +By default, @command{guix package} reports as an error @dfn{collisions} in +the profile. Collisions happen when two or more different versions or +variants of a given package end up in the profile. + +@item --verbose +Produce verbose output. In particular, emit the build log of the +environment on the standard error port. + +@item --bootstrap +Use the bootstrap Guile to build the profile. This option is only useful to +distribution developers. + +@end table + +In addition to these actions, @command{guix package} supports the following +options to query the current state of a profile, or the availability of +packages: + +@table @option + +@item --search=@var{regexp} +@itemx -s @var{regexp} +@cindex searching for packages +List the available packages whose name, synopsis, or description matches +@var{regexp}, sorted by relevance. Print all the metadata of matching +packages in @code{recutils} format (@pxref{Top, GNU recutils databases,, +recutils, GNU recutils manual}). + +This allows specific fields to be extracted using the @command{recsel} +command, for instance: + +@example +$ guix package -s malloc | recsel -p name,version,relevance +name: jemalloc +version: 4.5.0 +relevance: 6 + +name: glibc +version: 2.25 +relevance: 1 + +name: libgc +version: 7.6.0 +relevance: 1 +@end example + +Similarly, to show the name of all the packages available under the terms of +the GNU@tie{}LGPL version 3: + +@example +$ guix package -s "" | recsel -p name -e 'license ~ "LGPL 3"' +name: elfutils + +name: gmp +@dots{} +@end example + +It is also possible to refine search results using several @code{-s} flags. +For example, the following command returns a list of board games: + +@example +$ guix package -s '\' -s game | recsel -p name +name: gnubg +@dots{} +@end example + +If we were to omit @code{-s game}, we would also get software packages that +deal with printed circuit boards; removing the angle brackets around +@code{board} would further add packages that have to do with keyboards. + +And now for a more elaborate example. The following command searches for +cryptographic libraries, filters out Haskell, Perl, Python, and Ruby +libraries, and prints the name and synopsis of the matching packages: + +@example +$ guix package -s crypto -s library | \ + recsel -e '! (name ~ "^(ghc|perl|python|ruby)")' -p name,synopsis +@end example + +@noindent +@xref{Selection Expressions,,, recutils, GNU recutils manual}, for more +information on @dfn{selection expressions} for @code{recsel -e}. + +@item --show=@var{package} +Show details about @var{package}, taken from the list of available packages, +in @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, +GNU recutils manual}). + +@example +$ guix package --show=python | recsel -p name,version +name: python +version: 2.7.6 + +name: python +version: 3.3.5 +@end example + +You may also specify the full name of a package to only get details about a +specific version of it: +@example +$ guix package --show=python@@3.4 | recsel -p name,version +name: python +version: 3.4.3 +@end example + + + +@item --list-installed[=@var{regexp}] +@itemx -I [@var{regexp}] +List the currently installed packages in the specified profile, with the +most recently installed packages shown last. When @var{regexp} is +specified, list only installed packages whose name matches @var{regexp}. + +For each installed package, print the following items, separated by tabs: +the package name, its version string, the part of the package that is +installed (for instance, @code{out} for the default output, @code{include} +for its headers, etc.), and the path of this package in the store. + +@item --list-available[=@var{regexp}] +@itemx -A [@var{regexp}] +Liste les paquets actuellement disponibles dans la distribution pour ce +système (@pxref{Distribution GNU}). Lorsque @var{regexp} est spécifié, liste +uniquement les paquets dont le nom correspond à @var{regexp}. + +For each package, print the following items separated by tabs: its name, its +version string, the parts of the package (@pxref{Des paquets avec plusieurs résultats}), and the source location of its definition. + +@item --list-generations[=@var{pattern}] +@itemx -l [@var{pattern}] +@cindex generations +Return a list of generations along with their creation dates; for each +generation, show the installed packages, with the most recently installed +packages shown last. Note that the zeroth generation is never shown. + +For each installed package, print the following items, separated by tabs: +the name of a package, its version string, the part of the package that is +installed (@pxref{Des paquets avec plusieurs résultats}), and the location of this +package in the store. + +When @var{pattern} is used, the command returns only matching generations. +Valid patterns include: + +@itemize +@item @emph{Integers and comma-separated integers}. Both patterns denote +generation numbers. For instance, @code{--list-generations=1} returns the +first one. + +And @code{--list-generations=1,8,2} outputs three generations in the +specified order. Neither spaces nor trailing commas are allowed. + +@item @emph{Ranges}. @code{--list-generations=2..9} prints the +specified generations and everything in between. Note that the start of a +range must be smaller than its end. + +It is also possible to omit the endpoint. For example, +@code{--list-generations=2..}, returns all generations starting from the +second one. + +@item @emph{Durations}. You can also get the last @emph{N}@tie{}days, weeks, +or months by passing an integer along with the first letter of the +duration. For example, @code{--list-generations=20d} lists generations that +are up to 20 days old. +@end itemize + +@item --delete-generations[=@var{pattern}] +@itemx -d [@var{pattern}] +When @var{pattern} is omitted, delete all generations except the current +one. + +This command accepts the same patterns as @option{--list-generations}. When +@var{pattern} is specified, delete the matching generations. When +@var{pattern} specifies a duration, generations @emph{older} than the +specified duration match. For instance, @code{--delete-generations=1m} +deletes generations that are more than one month old. + +If the current generation matches, it is @emph{not} deleted. Also, the +zeroth generation is never deleted. + +Note that deleting generations prevents rolling back to them. Consequently, +this command must be used with care. + +@end table + +Finally, since @command{guix package} may actually start build processes, it +supports all the common build options (@pxref{Options de construction communes}). It +also supports package transformation options, such as @option{--with-source} +(@pxref{Options de transformation de paquets}). However, note that package +transformations are lost when upgrading; to preserve transformations across +upgrades, you should define your own package variant in a Guile module and +add it to @code{GUIX_PACKAGE_PATH} (@pxref{Définition des paquets}). + +@node Substituts +@section Substituts + +@cindex substitutes +@cindex pre-built binaries +Guix supports transparent source/binary deployment, which means that it can +either build things locally, or download pre-built items from a server, or +both. We call these pre-built items @dfn{substitutes}---they are +substitutes for local build results. In many cases, downloading a +substitute is much faster than building things locally. + +Substitutes can be anything resulting from a derivation build +(@pxref{Dérivations}). Of course, in the common case, they are pre-built +package binaries, but source tarballs, for instance, which also result from +derivation builds, can be available as substitutes. + +@menu +* Serveur de substituts officiel:: Une source particulière de substituts. +* Autoriser un serveur de substituts:: Comment activer ou désactiver les + substituts. +* Authentification des substituts:: Coment Guix vérifie les substituts. +* Paramètres de serveur mandataire:: Comment récupérer des substituts à + travers un serveur mandataire. +* Échec de substitution:: Qu'arrive-t-il quand la substitution échoue. +* De la confiance en des binaires:: Comment pouvez-vous avoir confiance en + un paquet binaire ? +@end menu + +@node Serveur de substituts officiel +@subsection Serveur de substituts officiel + +@cindex hydra +@cindex build farm +The @code{mirror.hydra.gnu.org} server is a front-end to an official build +farm that builds packages from Guix continuously for some architectures, and +makes them available as substitutes. This is the default source of +substitutes; it can be overridden by passing the @option{--substitute-urls} +option either to @command{guix-daemon} (@pxref{daemon-substitute-urls,, +@code{guix-daemon --substitute-urls}}) or to client tools such as +@command{guix package} (@pxref{client-substitute-urls,, client +@option{--substitute-urls} option}). + +Substitute URLs can be either HTTP or HTTPS. HTTPS is recommended because +communications are encrypted; conversely, using HTTP makes all +communications visible to an eavesdropper, who could use the information +gathered to determine, for instance, whether your system has unpatched +security vulnerabilities. + +Substitutes from the official build farm are enabled by default when using +the Guix System Distribution (@pxref{Distribution GNU}). However, they are +disabled by default when using Guix on a foreign distribution, unless you +have explicitly enabled them via one of the recommended installation steps +(@pxref{Installation}). The following paragraphs describe how to enable or +disable substitutes for the official build farm; the same procedure can also +be used to enable substitutes for any other substitute server. + +@node Autoriser un serveur de substituts +@subsection Autoriser un serveur de substituts + +@cindex security +@cindex substitutes, authorization thereof +@cindex access control list (ACL), for substitutes +@cindex ACL (access control list), for substitutes +To allow Guix to download substitutes from @code{hydra.gnu.org} or a mirror +thereof, you must add its public key to the access control list (ACL) of +archive imports, using the @command{guix archive} command (@pxref{Invoquer guix archive}). Doing so implies that you trust @code{hydra.gnu.org} to not +be compromised and to serve genuine substitutes. + +The public key for @code{hydra.gnu.org} is installed along with Guix, in +@code{@var{prefix}/share/guix/hydra.gnu.org.pub}, where @var{prefix} is the +installation prefix of Guix. If you installed Guix from source, make sure +you checked the GPG signature of @file{guix-@value{VERSION}.tar.gz}, which +contains this public key file. Then, you can run something like this: + +@example +# guix archive --authorize < @var{prefix}/share/guix/hydra.gnu.org.pub +@end example + +@quotation Note +Similarly, the @file{berlin.guixsd.org.pub} file contains the public key for +the project's new build farm, reachable at +@indicateurl{https://berlin.guixsd.org}. + +As of this writing @code{berlin.guixsd.org} is being upgraded so it can +better scale up, but you might want to give it a try. It is backed by 20 +x86_64/i686 build nodes and may be able to provide substitutes more quickly +than @code{mirror.hydra.gnu.org}. +@end quotation + +Once this is in place, the output of a command like @code{guix build} should +change from something like: + +@example +$ guix build emacs --dry-run +The following derivations would be built: + /gnu/store/yr7bnx8xwcayd6j95r2clmkdl1qh688w-emacs-24.3.drv + /gnu/store/x8qsh1hlhgjx6cwsjyvybnfv2i37z23w-dbus-1.6.4.tar.gz.drv + /gnu/store/1ixwp12fl950d15h2cj11c73733jay0z-alsa-lib-1.0.27.1.tar.bz2.drv + /gnu/store/nlma1pw0p603fpfiqy7kn4zm105r5dmw-util-linux-2.21.drv +@dots{} +@end example + +@noindent +to something like: + +@example +$ guix build emacs --dry-run +112.3 MB would be downloaded: + /gnu/store/pk3n22lbq6ydamyymqkkz7i69wiwjiwi-emacs-24.3 + /gnu/store/2ygn4ncnhrpr61rssa6z0d9x22si0va3-libjpeg-8d + /gnu/store/71yz6lgx4dazma9dwn2mcjxaah9w77jq-cairo-1.12.16 + /gnu/store/7zdhgp0n1518lvfn8mb96sxqfmvqrl7v-libxrender-0.9.7 +@dots{} +@end example + +@noindent +This indicates that substitutes from @code{hydra.gnu.org} are usable and +will be downloaded, when possible, for future builds. + +@cindex substitutes, how to disable +The substitute mechanism can be disabled globally by running +@code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoquer guix-daemon}). It can also be disabled temporarily by passing the +@code{--no-substitutes} option to @command{guix package}, @command{guix +build}, and other command-line tools. + +@node Authentification des substituts +@subsection Authentification des substituts + +@cindex digital signatures +Guix detects and raises an error when attempting to use a substitute that +has been tampered with. Likewise, it ignores substitutes that are not +signed, or that are not signed by one of the keys listed in the ACL. + +There is one exception though: if an unauthorized server provides +substitutes that are @emph{bit-for-bit identical} to those provided by an +authorized server, then the unauthorized server becomes eligible for +downloads. For example, assume we have chosen two substitute servers with +this option: + +@example +--substitute-urls="https://a.example.org https://b.example.org" +@end example + +@noindent +@cindex reproducible builds +If the ACL contains only the key for @code{b.example.org}, and if +@code{a.example.org} happens to serve the @emph{exact same} substitutes, +then Guix will download substitutes from @code{a.example.org} because it +comes first in the list and can be considered a mirror of +@code{b.example.org}. In practice, independent build machines usually +produce the same binaries, thanks to bit-reproducible builds (see below). + +When using HTTPS, the server's X.509 certificate is @emph{not} validated (in +other words, the server is not authenticated), contrary to what HTTPS +clients such as Web browsers usually do. This is because Guix authenticates +substitute information itself, as explained above, which is what we care +about (whereas X.509 certificates are about authenticating bindings between +domain names and public keys.) + +@node Paramètres de serveur mandataire +@subsection Paramètres de serveur mandataire + +@vindex http_proxy +Substitutes are downloaded over HTTP or HTTPS. The @code{http_proxy} +environment variable can be set in the environment of @command{guix-daemon} +and is honored for downloads of substitutes. Note that the value of +@code{http_proxy} in the environment where @command{guix build}, +@command{guix package}, and other client commands are run has +@emph{absolutely no effect}. + +@node Échec de substitution +@subsection Échec de substitution + +Even when a substitute for a derivation is available, sometimes the +substitution attempt will fail. This can happen for a variety of reasons: +the substitute server might be offline, the substitute may recently have +been deleted, the connection might have been interrupted, etc. + +When substitutes are enabled and a substitute for a derivation is available, +but the substitution attempt fails, Guix will attempt to build the +derivation locally depending on whether or not @code{--fallback} was given +(@pxref{fallback-option,, common build option @code{--fallback}}). +Specifically, if @code{--fallback} was omitted, then no local build will be +performed, and the derivation is considered to have failed. However, if +@code{--fallback} was given, then Guix will attempt to build the derivation +locally, and the success or failure of the derivation depends on the success +or failure of the local build. Note that when substitutes are disabled or +no substitute is available for the derivation in question, a local build +will @emph{always} be performed, regardless of whether or not +@code{--fallback} was given. + +To get an idea of how many substitutes are available right now, you can try +running the @command{guix weather} command (@pxref{Invoquer guix weather}). +This command provides statistics on the substitutes provided by a server. + +@node De la confiance en des binaires +@subsection De la confiance en des binaires + +@cindex trust, of pre-built binaries +Today, each individual's control over their own computing is at the mercy of +institutions, corporations, and groups with enough power and determination +to subvert the computing infrastructure and exploit its weaknesses. While +using @code{hydra.gnu.org} substitutes can be convenient, we encourage users +to also build on their own, or even run their own build farm, such that +@code{hydra.gnu.org} is less of an interesting target. One way to help is +by publishing the software you build using @command{guix publish} so that +others have one more choice of server to download substitutes from +(@pxref{Invoquer guix publish}). + +Guix has the foundations to maximize build reproducibility +(@pxref{Fonctionnalités}). In most cases, independent builds of a given package or +derivation should yield bit-identical results. Thus, through a diverse set +of independent package builds, we can strengthen the integrity of our +systems. The @command{guix challenge} command aims to help users assess +substitute servers, and to assist developers in finding out about +non-deterministic package builds (@pxref{Invoquer guix challenge}). +Similarly, the @option{--check} option of @command{guix build} allows users +to check whether previously-installed substitutes are genuine by rebuilding +them locally (@pxref{build-check, @command{guix build --check}}). + +In the future, we want Guix to have support to publish and retrieve binaries +to/from other users, in a peer-to-peer fashion. If you would like to +discuss this project, join us on @email{guix-devel@@gnu.org}. + +@node Des paquets avec plusieurs résultats +@section Des paquets avec plusieurs résultats + +@cindex multiple-output packages +@cindex package outputs +@cindex outputs + +Often, packages defined in Guix have a single @dfn{output}---i.e., the +source package leads to exactly one directory in the store. When running +@command{guix package -i glibc}, one installs the default output of the GNU +libc package; the default output is called @code{out}, but its name can be +omitted as shown in this command. In this particular case, the default +output of @code{glibc} contains all the C header files, shared libraries, +static libraries, Info documentation, and other supporting files. + +Sometimes it is more appropriate to separate the various types of files +produced from a single source package into separate outputs. For instance, +the GLib C library (used by GTK+ and related packages) installs more than +20 MiB of reference documentation as HTML pages. To save space for users +who do not need it, the documentation goes to a separate output, called +@code{doc}. To install the main GLib output, which contains everything but +the documentation, one would run: + +@example +guix package -i glib +@end example + +@cindex documentation +The command to install its documentation is: + +@example +guix package -i glib:doc +@end example + +Some packages install programs with different ``dependency footprints''. +For instance, the WordNet package installs both command-line tools and +graphical user interfaces (GUIs). The former depend solely on the C +library, whereas the latter depend on Tcl/Tk and the underlying X +libraries. In this case, we leave the command-line tools in the default +output, whereas the GUIs are in a separate output. This allows users who do +not need the GUIs to save space. The @command{guix size} command can help +find out about such situations (@pxref{Invoquer guix size}). @command{guix +graph} can also be helpful (@pxref{Invoquer guix graph}). + +There are several such multiple-output packages in the GNU distribution. +Other conventional output names include @code{lib} for libraries and +possibly header files, @code{bin} for stand-alone programs, and @code{debug} +for debugging information (@pxref{Installer les fichiers de débogage}). The outputs +of a packages are listed in the third column of the output of @command{guix +package --list-available} (@pxref{Invoquer guix package}). + + +@node Invoquer guix gc +@section Invoking @command{guix gc} + +@cindex garbage collector +@cindex disk space +Packages that are installed, but not used, may be @dfn{garbage-collected}. +The @command{guix gc} command allows users to explicitly run the garbage +collector to reclaim space from the @file{/gnu/store} directory. It is the +@emph{only} way to remove files from @file{/gnu/store}---removing files or +directories manually may break it beyond repair! + +@cindex GC roots +@cindex garbage collector roots +The garbage collector has a set of known @dfn{roots}: any file under +@file{/gnu/store} reachable from a root is considered @dfn{live} and cannot +be deleted; any other file is considered @dfn{dead} and may be deleted. The +set of garbage collector roots (``GC roots'' for short) includes default +user profiles; by default, the symlinks under @file{/var/guix/gcroots} +represent these GC roots. New GC roots can be added with @command{guix +build --root}, for example (@pxref{Invoquer guix build}). + +Prior to running @code{guix gc --collect-garbage} to make space, it is often +useful to remove old generations from user profiles; that way, old package +builds referenced by those generations can be reclaimed. This is achieved +by running @code{guix package --delete-generations} (@pxref{Invoquer guix package}). + +Our recommendation is to run a garbage collection periodically, or when you +are short on disk space. For instance, to guarantee that at least 5@tie{}GB +are available on your disk, simply run: + +@example +guix gc -F 5G +@end example + +It is perfectly safe to run as a non-interactive periodic job +(@pxref{Scheduled Job Execution}, for how to set up such a job on GuixSD). +Running @command{guix gc} with no arguments will collect as much garbage as +it can, but that is often inconvenient: you may find yourself having to +rebuild or re-download software that is ``dead'' from the GC viewpoint but +that is necessary to build other pieces of software---e.g., the compiler +tool chain. + +The @command{guix gc} command has three modes of operation: it can be used +to garbage-collect any dead files (the default), to delete specific files +(the @code{--delete} option), to print garbage-collector information, or for +more advanced queries. The garbage collection options are as follows: + +@table @code +@item --collect-garbage[=@var{min}] +@itemx -C [@var{min}] +Collect garbage---i.e., unreachable @file{/gnu/store} files and +sub-directories. This is the default operation when no option is specified. + +When @var{min} is given, stop once @var{min} bytes have been collected. +@var{min} may be a number of bytes, or it may include a unit as a suffix, +such as @code{MiB} for mebibytes and @code{GB} for gigabytes (@pxref{Block +size, size specifications,, coreutils, GNU Coreutils}). + +When @var{min} is omitted, collect all the garbage. + +@item --free-space=@var{free} +@itemx -F @var{free} +Collect garbage until @var{free} space is available under @file{/gnu/store}, +if possible; @var{free} denotes storage space, such as @code{500MiB}, as +described above. + +When @var{free} or more is already available in @file{/gnu/store}, do +nothing and exit immediately. + +@item --delete +@itemx -d +Attempt to delete all the store files and directories specified as +arguments. This fails if some of the files are not in the store, or if they +are still live. + +@item --list-failures +List store items corresponding to cached build failures. + +This prints nothing unless the daemon was started with +@option{--cache-failures} (@pxref{Invoquer guix-daemon, +@option{--cache-failures}}). + +@item --clear-failures +Remove the specified store items from the failed-build cache. + +Again, this option only makes sense when the daemon is started with +@option{--cache-failures}. Otherwise, it does nothing. + +@item --list-dead +Show the list of dead files and directories still present in the +store---i.e., files and directories no longer reachable from any root. + +@item --list-live +Show the list of live store files and directories. + +@end table + +In addition, the references among existing store files can be queried: + +@table @code + +@item --references +@itemx --referrers +@cindex package dependencies +List the references (respectively, the referrers) of store files given as +arguments. + +@item --requisites +@itemx -R +@cindex closure +List the requisites of the store files passed as arguments. Requisites +include the store files themselves, their references, and the references of +these, recursively. In other words, the returned list is the +@dfn{transitive closure} of the store files. + +@xref{Invoquer guix size}, for a tool to profile the size of the closure of +an element. @xref{Invoquer guix graph}, for a tool to visualize the graph +of references. + +@item --derivers +@cindex derivation +Return the derivation(s) leading to the given store items +(@pxref{Dérivations}). + +For example, this command: + +@example +guix gc --derivers `guix package -I ^emacs$ | cut -f4` +@end example + +@noindent +returns the @file{.drv} file(s) leading to the @code{emacs} package +installed in your profile. + +Note that there may be zero matching @file{.drv} files, for instance because +these files have been garbage-collected. There can also be more than one +matching @file{.drv} due to fixed-output derivations. +@end table + +Lastly, the following options allow you to check the integrity of the store +and to control disk usage. + +@table @option + +@item --verify[=@var{options}] +@cindex integrity, of the store +@cindex integrity checking +Verify the integrity of the store. + +By default, make sure that all the store items marked as valid in the +database of the daemon actually exist in @file{/gnu/store}. + +When provided, @var{options} must be a comma-separated list containing one +or more of @code{contents} and @code{repair}. + +When passing @option{--verify=contents}, the daemon computes the content +hash of each store item and compares it against its hash in the database. +Hash mismatches are reported as data corruptions. Because it traverses +@emph{all the files in the store}, this command can take a long time, +especially on systems with a slow disk drive. + +@cindex repairing the store +@cindex corruption, recovering from +Utiliser @option{--verify=repair} ou @option{--verify=contents,repair} fait +que le démon essaie de réparer les objets du dépôt corrompus en récupérant +leurs substituts (@pxref{Substituts}). Comme la réparation n'est pas +atomique et donc potentiellement dangereuse, elle n'est disponible que pour +l'administrateur système. Une alternative plus légère lorsque vous +connaissez exactement quelle entrée est corrompue consiste à lancer +@command{guix build --repair} (@pxref{Invoquer guix build}). + +@item --optimize +@cindex deduplication +Optimize the store by hard-linking identical files---this is +@dfn{deduplication}. + +The daemon performs deduplication after each successful build or archive +import, unless it was started with @code{--disable-deduplication} +(@pxref{Invoquer guix-daemon, @code{--disable-deduplication}}). Thus, this +option is primarily useful when the daemon was running with +@code{--disable-deduplication}. + +@end table + +@node Invoquer guix pull +@section Invoking @command{guix pull} + +@cindex upgrading Guix +@cindex updating Guix +@cindex @command{guix pull} +@cindex pull +Packages are installed or upgraded to the latest version available in the +distribution currently available on your local machine. To update that +distribution, along with the Guix tools, you must run @command{guix pull}: +the command downloads the latest Guix source code and package descriptions, +and deploys it. Source code is downloaded from a @uref{https://git-scm.com, +Git} repository. + +On completion, @command{guix package} will use packages and package versions +from this just-retrieved copy of Guix. Not only that, but all the Guix +commands and Scheme modules will also be taken from that latest version. +New @command{guix} sub-commands added by the update also become available. + +Any user can update their Guix copy using @command{guix pull}, and the +effect is limited to the user who run @command{guix pull}. For instance, +when user @code{root} runs @command{guix pull}, this has no effect on the +version of Guix that user @code{alice} sees, and vice versa@footnote{Under +the hood, @command{guix pull} updates the @file{~/.config/guix/latest} +symbolic link to point to the latest Guix, and the @command{guix} command +loads code from there. Currently, the only way to roll back an invocation +of @command{guix pull} is to manually update this symlink to point to the +previous Guix.}. + +The @command{guix pull} command is usually invoked with no arguments, but it +supports the following options: + +@table @code +@item --verbose +Produce verbose output, writing build logs to the standard error output. + +@item --url=@var{url} +Download Guix from the Git repository at @var{url}. + +@vindex GUIX_PULL_URL +By default, the source is taken from its canonical Git repository at +@code{gnu.org}, for the stable branch of Guix. To use a different source, +set the @code{GUIX_PULL_URL} environment variable. + +@item --commit=@var{commit} +Deploy @var{commit}, a valid Git commit ID represented as a hexadecimal +string. + +@item --branch=@var{branch} +Deploy the tip of @var{branch}, the name of a Git branch available on the +repository at @var{url}. + +@item --bootstrap +Use the bootstrap Guile to build the latest Guix. This option is only +useful to Guix developers. +@end table + +In addition, @command{guix pull} supports all the common build options +(@pxref{Options de construction communes}). + +@node Invoquer guix pack +@section Invoking @command{guix pack} + +Occasionally you want to pass software to people who are not (yet!) lucky +enough to be using Guix. You'd tell them to run @command{guix package -i +@var{something}}, but that's not possible in this case. This is where +@command{guix pack} comes in. + +@quotation Note +If you are looking for ways to exchange binaries among machines that already +run Guix, @pxref{Invoquer guix copy}, @ref{Invoquer guix publish}, and +@ref{Invoquer guix archive}. +@end quotation + +@cindex pack +@cindex bundle +@cindex application bundle +@cindex software bundle +The @command{guix pack} command creates a shrink-wrapped @dfn{pack} or +@dfn{software bundle}: it creates a tarball or some other archive containing +the binaries of the software you're interested in, and all its +dependencies. The resulting archive can be used on any machine that does +not have Guix, and people can run the exact same binaries as those you have +with Guix. The pack itself is created in a bit-reproducible fashion, so +anyone can verify that it really contains the build results that you pretend +to be shipping. + +For example, to create a bundle containing Guile, Emacs, Geiser, and all +their dependencies, you can run: + +@example +$ guix pack guile emacs geiser +@dots{} +/gnu/store/@dots{}-pack.tar.gz +@end example + +The result here is a tarball containing a @file{/gnu/store} directory with +all the relevant packages. The resulting tarball contains a @dfn{profile} +with the three packages of interest; the profile is the same as would be +created by @command{guix package -i}. It is this mechanism that is used to +create Guix's own standalone binary tarball (@pxref{Installation binaire}). + +Users of this pack would have to run +@file{/gnu/store/@dots{}-profile/bin/guile} to run Guile, which you may find +inconvenient. To work around it, you can create, say, a @file{/opt/gnu/bin} +symlink to the profile: + +@example +guix pack -S /opt/gnu/bin=bin guile emacs geiser +@end example + +@noindent +That way, users can happily type @file{/opt/gnu/bin/guile} and enjoy. + +Alternatively, you can produce a pack in the Docker image format using the +following command: + +@example +guix pack -f docker guile emacs geiser +@end example + +@noindent +The result is a tarball that can be passed to the @command{docker load} +command. See the +@uref{https://docs.docker.com/engine/reference/commandline/load/, Docker +documentation} for more information. + +Several command-line options allow you to customize your pack: + +@table @code +@item --format=@var{format} +@itemx -f @var{format} +Produce a pack in the given @var{format}. + +The available formats are: + +@table @code +@item tarball +This is the default format. It produces a tarball containing all the +specified binaries and symlinks. + +@item docker +This produces a tarball that follows the +@uref{https://github.com/docker/docker/blob/master/image/spec/v1.2.md, +Docker Image Specification}. +@end table + +@item --expression=@var{expr} +@itemx -e @var{expr} +Consider the package @var{expr} evaluates to. + +This has the same purpose as the same-named option in @command{guix build} +(@pxref{Options de construction supplémentaires, @code{--expression} in @command{guix +build}}). + +@item --manifest=@var{file} +@itemx -m @var{file} +Use the packages contained in the manifest object returned by the Scheme +code in @var{file}. + +This has a similar purpose as the same-named option in @command{guix +package} (@pxref{profile-manifest, @option{--manifest}}) and uses the same +manifest files. It allows you to define a collection of packages once and +use it both for creating profiles and for creating archives for use on +machines that do not have Guix installed. Note that you can specify +@emph{either} a manifest file @emph{or} a list of packages, but not both. + +@item --system=@var{system} +@itemx -s @var{system} +Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of the +system type of the build host. + +@item --target=@var{triplet} +@cindex cross-compilation +Cross-build for @var{triplet}, which must be a valid GNU triplet, such as +@code{"mips64el-linux-gnu"} (@pxref{Specifying target triplets, GNU +configuration triplets,, autoconf, Autoconf}). + +@item --compression=@var{tool} +@itemx -C @var{tool} +Compress the resulting tarball using @var{tool}---one of @code{gzip}, +@code{bzip2}, @code{xz}, @code{lzip}, or @code{none} for no compression. + +@item --symlink=@var{spec} +@itemx -S @var{spec} +Add the symlinks specified by @var{spec} to the pack. This option can +appear several times. + +@var{spec} has the form @code{@var{source}=@var{target}}, where @var{source} +is the symlink that will be created and @var{target} is the symlink target. + +For instance, @code{-S /opt/gnu/bin=bin} creates a @file{/opt/gnu/bin} +symlink pointing to the @file{bin} sub-directory of the profile. + +@item --localstatedir +Include the ``local state directory'', @file{/var/guix}, in the resulting +pack. + +@file{/var/guix} contains the store database (@pxref{Le dépôt}) as well as +garbage-collector roots (@pxref{Invoquer guix gc}). Providing it in the +pack means that the store is ``complete'' and manageable by Guix; not +providing it pack means that the store is ``dead'': items cannot be added to +it or removed from it after extraction of the pack. + +One use case for this is the Guix self-contained binary tarball +(@pxref{Installation binaire}). + +@item --bootstrap +Use the bootstrap binaries to build the pack. This option is only useful to +Guix developers. +@end table + +In addition, @command{guix pack} supports all the common build options +(@pxref{Options de construction communes}) and all the package transformation options +(@pxref{Options de transformation de paquets}). + + +@node Invoquer guix archive +@section Invoking @command{guix archive} + +@cindex @command{guix archive} +@cindex archive +The @command{guix archive} command allows users to @dfn{export} files from +the store into a single archive, and to later @dfn{import} them on a machine +that runs Guix. In particular, it allows store files to be transferred from +one machine to the store on another machine. + +@quotation Note +If you're looking for a way to produce archives in a format suitable for +tools other than Guix, @pxref{Invoquer guix pack}. +@end quotation + +@cindex exporting store items +To export store files as an archive to standard output, run: + +@example +guix archive --export @var{options} @var{specifications}... +@end example + +@var{specifications} may be either store file names or package +specifications, as for @command{guix package} (@pxref{Invoquer guix package}). For instance, the following command creates an archive +containing the @code{gui} output of the @code{git} package and the main +output of @code{emacs}: + +@example +guix archive --export git:gui /gnu/store/...-emacs-24.3 > great.nar +@end example + +If the specified packages are not built yet, @command{guix archive} +automatically builds them. The build process may be controlled with the +common build options (@pxref{Options de construction communes}). + +To transfer the @code{emacs} package to a machine connected over SSH, one +would run: + +@example +guix archive --export -r emacs | ssh the-machine guix archive --import +@end example + +@noindent +Similarly, a complete user profile may be transferred from one machine to +another like this: + +@example +guix archive --export -r $(readlink -f ~/.guix-profile) | \ + ssh the-machine guix-archive --import +@end example + +@noindent +However, note that, in both examples, all of @code{emacs} and the profile as +well as all of their dependencies are transferred (due to @code{-r}), +regardless of what is already available in the store on the target machine. +The @code{--missing} option can help figure out which items are missing from +the target store. The @command{guix copy} command simplifies and optimizes +this whole process, so this is probably what you should use in this case +(@pxref{Invoquer guix copy}). + +@cindex nar, archive format +@cindex normalized archive (nar) +Archives are stored in the ``normalized archive'' or ``nar'' format, which +is comparable in spirit to `tar', but with differences that make it more +appropriate for our purposes. First, rather than recording all Unix +metadata for each file, the nar format only mentions the file type (regular, +directory, or symbolic link); Unix permissions and owner/group are +dismissed. Second, the order in which directory entries are stored always +follows the order of file names according to the C locale collation order. +This makes archive production fully deterministic. + +@c FIXME: Add xref to daemon doc about signatures. +When exporting, the daemon digitally signs the contents of the archive, and +that digital signature is appended. When importing, the daemon verifies the +signature and rejects the import in case of an invalid signature or if the +signing key is not authorized. + +The main options are: + +@table @code +@item --export +Export the specified store files or packages (see below.) Write the +resulting archive to the standard output. + +Dependencies are @emph{not} included in the output, unless +@code{--recursive} is passed. + +@item -r +@itemx --recursive +When combined with @code{--export}, this instructs @command{guix archive} to +include dependencies of the given items in the archive. Thus, the resulting +archive is self-contained: it contains the closure of the exported store +items. + +@item --import +Read an archive from the standard input, and import the files listed therein +into the store. Abort if the archive has an invalid digital signature, or +if it is signed by a public key not among the authorized keys (see +@code{--authorize} below.) + +@item --missing +Read a list of store file names from the standard input, one per line, and +write on the standard output the subset of these files missing from the +store. + +@item --generate-key[=@var{parameters}] +@cindex signing, archives +Generate a new key pair for the daemon. This is a prerequisite before +archives can be exported with @code{--export}. Note that this operation +usually takes time, because it needs to gather enough entropy to generate +the key pair. + +The generated key pair is typically stored under @file{/etc/guix}, in +@file{signing-key.pub} (public key) and @file{signing-key.sec} (private key, +which must be kept secret.) When @var{parameters} is omitted, an ECDSA key +using the Ed25519 curve is generated, or, for Libgcrypt versions before +1.6.0, it is a 4096-bit RSA key. Alternatively, @var{parameters} can +specify @code{genkey} parameters suitable for Libgcrypt (@pxref{General +public-key related Functions, @code{gcry_pk_genkey},, gcrypt, The Libgcrypt +Reference Manual}). + +@item --authorize +@cindex authorizing, archives +Authorize imports signed by the public key passed on standard input. The +public key must be in ``s-expression advanced format''---i.e., the same +format as the @file{signing-key.pub} file. + +The list of authorized keys is kept in the human-editable file +@file{/etc/guix/acl}. The file contains +@url{http://people.csail.mit.edu/rivest/Sexp.txt, ``advanced-format +s-expressions''} and is structured as an access-control list in the +@url{http://theworld.com/~cme/spki.txt, Simple Public-Key Infrastructure +(SPKI)}. + +@item --extract=@var{directory} +@itemx -x @var{directory} +Lit une archive à un seul élément telle que servie par un serveur de +substituts (@pxref{Substituts}) et l'extrait dans @var{directory}. C'est une +opération de bas niveau requise seulement dans de rares cas d'usage ; voir +plus loin. + +For example, the following command extracts the substitute for Emacs served +by @code{hydra.gnu.org} to @file{/tmp/emacs}: + +@example +$ wget -O - \ + https://hydra.gnu.org/nar/@dots{}-emacs-24.5 \ + | bunzip2 | guix archive -x /tmp/emacs +@end example + +Single-item archives are different from multiple-item archives produced by +@command{guix archive --export}; they contain a single store item, and they +do @emph{not} embed a signature. Thus this operation does @emph{no} +signature verification and its output should be considered unsafe. + +The primary purpose of this operation is to facilitate inspection of archive +contents coming from possibly untrusted substitute servers. + +@end table + +@c ********************************************************************* +@node Interface de programmation +@chapter Interface de programmation + +GNU Guix provides several Scheme programming interfaces (APIs) to define, +build, and query packages. The first interface allows users to write +high-level package definitions. These definitions refer to familiar +packaging concepts, such as the name and version of a package, its build +system, and its dependencies. These definitions can then be turned into +concrete build actions. + +Build actions are performed by the Guix daemon, on behalf of users. In a +standard setup, the daemon has write access to the store---the +@file{/gnu/store} directory---whereas users do not. The recommended setup +also has the daemon perform builds in chroots, under a specific build users, +to minimize interference with the rest of the system. + +@cindex derivation +Lower-level APIs are available to interact with the daemon and the store. +To instruct the daemon to perform a build action, users actually provide it +with a @dfn{derivation}. A derivation is a low-level representation of the +build actions to be taken, and the environment in which they should +occur---derivations are to package definitions what assembly is to C +programs. The term ``derivation'' comes from the fact that build results +@emph{derive} from them. + +This chapter describes all these APIs in turn, starting from high-level +package definitions. + +@menu +* Définition des paquets:: Définir de nouveaux paquets. +* Systèmes de construction:: Spécifier comment construire les paquets. +* Le dépôt:: Manipuler le dépôt de paquets. +* Dérivations:: Interface de bas-niveau avec les dérivations + de paquets. +* La monad du dépôt:: Interface purement fonctionnelle avec le + dépôt. +* G-Expressions:: Manipuler les expressions de construction. +@end menu + +@node Définition des paquets +@section Définition des paquets + +The high-level interface to package definitions is implemented in the +@code{(guix packages)} and @code{(guix build-system)} modules. As an +example, the package definition, or @dfn{recipe}, for the GNU Hello package +looks like this: + +@example +(define-module (gnu packages hello) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module (guix licenses) + #:use-module (gnu packages gawk)) + +(define-public hello + (package + (name "hello") + (version "2.10") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnu/hello/hello-" version + ".tar.gz")) + (sha256 + (base32 + "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i")))) + (build-system gnu-build-system) + (arguments '(#:configure-flags '("--enable-silent-rules"))) + (inputs `(("gawk" ,gawk))) + (synopsis "Hello, GNU world: An example GNU package") + (description "Guess what GNU Hello prints!") + (home-page "http://www.gnu.org/software/hello/") + (license gpl3+))) +@end example + +@noindent +Without being a Scheme expert, the reader may have guessed the meaning of +the various fields here. This expression binds the variable @code{hello} to +a @code{} object, which is essentially a record (@pxref{SRFI-9, +Scheme records,, guile, GNU Guile Reference Manual}). This package object +can be inspected using procedures found in the @code{(guix packages)} +module; for instance, @code{(package-name hello)} +returns---surprise!---@code{"hello"}. + +With luck, you may be able to import part or all of the definition of the +package you are interested in from another repository, using the @code{guix +import} command (@pxref{Invoquer guix import}). + +In the example above, @var{hello} is defined in a module of its own, +@code{(gnu packages hello)}. Technically, this is not strictly necessary, +but it is convenient to do so: all the packages defined in modules under +@code{(gnu packages @dots{})} are automatically known to the command-line +tools (@pxref{Modules de paquets}). + +There are a few points worth noting in the above package definition: + +@itemize +@item +The @code{source} field of the package is an @code{} object +(@pxref{Référence d'origine}, for the complete reference). Here, the +@code{url-fetch} method from @code{(guix download)} is used, meaning that +the source is a file to be downloaded over FTP or HTTP. + +The @code{mirror://gnu} prefix instructs @code{url-fetch} to use one of the +GNU mirrors defined in @code{(guix download)}. + +The @code{sha256} field specifies the expected SHA256 hash of the file being +downloaded. It is mandatory, and allows Guix to check the integrity of the +file. The @code{(base32 @dots{})} form introduces the base32 representation +of the hash. You can obtain this information with @code{guix download} +(@pxref{Invoquer guix download}) and @code{guix hash} (@pxref{Invoquer guix hash}). + +@cindex patches +When needed, the @code{origin} form can also have a @code{patches} field +listing patches to be applied, and a @code{snippet} field giving a Scheme +expression to modify the source code. + +@item +@cindex GNU Build System +The @code{build-system} field specifies the procedure to build the package +(@pxref{Systèmes de construction}). Here, @var{gnu-build-system} represents the +familiar GNU Build System, where packages may be configured, built, and +installed with the usual @code{./configure && make && make check && make +install} command sequence. + +@item +The @code{arguments} field specifies options for the build system +(@pxref{Systèmes de construction}). Here it is interpreted by @var{gnu-build-system} +as a request run @file{configure} with the @code{--enable-silent-rules} +flag. + +@cindex quote +@cindex quoting +@findex ' +@findex quote +What about these quote (@code{'}) characters? They are Scheme syntax to +introduce a literal list; @code{'} is synonymous with @code{quote}. +@xref{Expression Syntax, quoting,, guile, GNU Guile Reference Manual}, for +details. Here the value of the @code{arguments} field is a list of +arguments passed to the build system down the road, as with @code{apply} +(@pxref{Fly Evaluation, @code{apply},, guile, GNU Guile Reference Manual}). + +The hash-colon (@code{#:}) sequence defines a Scheme @dfn{keyword} +(@pxref{Keywords,,, guile, GNU Guile Reference Manual}), and +@code{#:configure-flags} is a keyword used to pass a keyword argument to the +build system (@pxref{Coding With Keywords,,, guile, GNU Guile Reference +Manual}). + +@item +The @code{inputs} field specifies inputs to the build process---i.e., +build-time or run-time dependencies of the package. Here, we define an +input called @code{"gawk"} whose value is that of the @var{gawk} variable; +@var{gawk} is itself bound to a @code{} object. + +@cindex backquote (quasiquote) +@findex ` +@findex quasiquote +@cindex comma (unquote) +@findex , +@findex unquote +@findex ,@@ +@findex unquote-splicing +Again, @code{`} (a backquote, synonymous with @code{quasiquote}) allows us +to introduce a literal list in the @code{inputs} field, while @code{,} (a +comma, synonymous with @code{unquote}) allows us to insert a value in that +list (@pxref{Expression Syntax, unquote,, guile, GNU Guile Reference +Manual}). + +Note that GCC, Coreutils, Bash, and other essential tools do not need to be +specified as inputs here. Instead, @var{gnu-build-system} takes care of +ensuring that they are present (@pxref{Systèmes de construction}). + +However, any other dependencies need to be specified in the @code{inputs} +field. Any dependency not specified here will simply be unavailable to the +build process, possibly leading to a build failure. +@end itemize + +@xref{Référence de paquet}, for a full description of possible fields. + +Once a package definition is in place, the package may actually be built +using the @code{guix build} command-line tool (@pxref{Invoquer guix build}), +troubleshooting any build failures you encounter (@pxref{Débogage des échecs de construction}). You can easily jump back to the package definition using the +@command{guix edit} command (@pxref{Invoquer guix edit}). @xref{Consignes d'empaquetage}, for more information on how to test package definitions, and +@ref{Invoquer guix lint}, for information on how to check a definition for +style conformance. +@vindex GUIX_PACKAGE_PATH +Lastly, @pxref{Modules de paquets}, for information on how to extend the +distribution by adding your own package definitions to +@code{GUIX_PACKAGE_PATH}. + +Finally, updating the package definition to a new upstream version can be +partly automated by the @command{guix refresh} command (@pxref{Invoquer guix refresh}). + +Behind the scenes, a derivation corresponding to the @code{} object +is first computed by the @code{package-derivation} procedure. That +derivation is stored in a @code{.drv} file under @file{/gnu/store}. The +build actions it prescribes may then be realized by using the +@code{build-derivations} procedure (@pxref{Le dépôt}). + +@deffn {Scheme Procedure} package-derivation @var{store} @var{package} [@var{system}] +Return the @code{} object of @var{package} for @var{system} +(@pxref{Dérivations}). + +@var{package} must be a valid @code{} object, and @var{system} must +be a string denoting the target system type---e.g., @code{"x86_64-linux"} +for an x86_64 Linux-based GNU system. @var{store} must be a connection to +the daemon, which operates on the store (@pxref{Le dépôt}). +@end deffn + +@noindent +@cindex cross-compilation +Similarly, it is possible to compute a derivation that cross-builds a +package for some other system: + +@deffn {Scheme Procedure} package-cross-derivation @var{store} @ + @var{package} @var{target} [@var{system}] Return the @code{} +object of @var{package} cross-built from @var{system} to @var{target}. + +@var{target} must be a valid GNU triplet denoting the target hardware and +operating system, such as @code{"mips64el-linux-gnu"} (@pxref{Configuration +Names, GNU configuration triplets,, configure, GNU Configure and Build +System}). +@end deffn + +@cindex package transformations +@cindex input rewriting +@cindex dependency tree rewriting +Packages can be manipulated in arbitrary ways. An example of a useful +transformation is @dfn{input rewriting}, whereby the dependency tree of a +package is rewritten by replacing specific inputs by others: + +@deffn {Scheme Procedure} package-input-rewriting @var{replacements} @ + [@var{rewrite-name}] Return a procedure that, when passed a package, +replaces its direct and indirect dependencies (but not its implicit inputs) +according to @var{replacements}. @var{replacements} is a list of package +pairs; the first element of each pair is the package to replace, and the +second one is the replacement. + +Optionally, @var{rewrite-name} is a one-argument procedure that takes the +name of a package and returns its new name after rewrite. +@end deffn + +@noindent +Consider this example: + +@example +(define libressl-instead-of-openssl + ;; This is a procedure to replace OPENSSL by LIBRESSL, + ;; recursively. + (package-input-rewriting `((,openssl . ,libressl)))) + +(define git-with-libressl + (libressl-instead-of-openssl git)) +@end example + +@noindent +Here we first define a rewriting procedure that replaces @var{openssl} with +@var{libressl}. Then we use it to define a @dfn{variant} of the @var{git} +package that uses @var{libressl} instead of @var{openssl}. This is exactly +what the @option{--with-input} command-line option does (@pxref{Options de transformation de paquets, @option{--with-input}}). + +A more generic procedure to rewrite a package dependency graph is +@code{package-mapping}: it supports arbitrary changes to nodes in the graph. + +@deffn {Scheme Procedure} package-mapping @var{proc} [@var{cut?}] +Return a procedure that, given a package, applies @var{proc} to all the +packages depended on and returns the resulting package. The procedure stops +recursion when @var{cut?} returns true for a given package. +@end deffn + +@menu +* Référence de paquet :: Le type de donnée des paquets. +* Référence d'origine:: Le type de données d'origine. +@end menu + + +@node Référence de paquet +@subsection @code{package} Reference + +This section summarizes all the options available in @code{package} +declarations (@pxref{Définition des paquets}). + +@deftp {Data Type} package +This is the data type representing a package recipe. + +@table @asis +@item @code{name} +The name of the package, as a string. + +@item @code{version} +The version of the package, as a string. + +@item @code{source} +An object telling how the source code for the package should be acquired. +Most of the time, this is an @code{origin} object, which denotes a file +fetched from the Internet (@pxref{Référence d'origine}). It can also be any +other ``file-like'' object such as a @code{local-file}, which denotes a file +from the local file system (@pxref{G-Expressions, @code{local-file}}). + +@item @code{build-system} +The build system that should be used to build the package (@pxref{Systèmes de construction}). + +@item @code{arguments} (default: @code{'()}) +The arguments that should be passed to the build system. This is a list, +typically containing sequential keyword-value pairs. + +@item @code{inputs} (default: @code{'()}) +@itemx @code{native-inputs} (default: @code{'()}) +@itemx @code{propagated-inputs} (default: @code{'()}) +@cindex inputs, of packages +These fields list dependencies of the package. Each one is a list of +tuples, where each tuple has a label for the input (a string) as its first +element, a package, origin, or derivation as its second element, and +optionally the name of the output thereof that should be used, which +defaults to @code{"out"} (@pxref{Des paquets avec plusieurs résultats}, for more +on package outputs). For example, the list below specifies three inputs: + +@example +`(("libffi" ,libffi) + ("libunistring" ,libunistring) + ("glib:bin" ,glib "bin")) ;the "bin" output of Glib +@end example + +@cindex cross compilation, package dependencies +The distinction between @code{native-inputs} and @code{inputs} is necessary +when considering cross-compilation. When cross-compiling, dependencies +listed in @code{inputs} are built for the @emph{target} architecture; +conversely, dependencies listed in @code{native-inputs} are built for the +architecture of the @emph{build} machine. + +@code{native-inputs} is typically used to list tools needed at build time, +but not at run time, such as Autoconf, Automake, pkg-config, Gettext, or +Bison. @command{guix lint} can report likely mistakes in this area +(@pxref{Invoquer guix lint}). + +@anchor{package-propagated-inputs} +Lastly, @code{propagated-inputs} is similar to @code{inputs}, but the +specified packages will be automatically installed alongside the package +they belong to (@pxref{package-cmd-propagated-inputs, @command{guix +package}}, for information on how @command{guix package} deals with +propagated inputs.) + +For example this is necessary when a C/C++ library needs headers of another +library to compile, or when a pkg-config file refers to another one @i{via} +its @code{Requires} field. + +Another example where @code{propagated-inputs} is useful is for languages +that lack a facility to record the run-time search path akin to the +@code{RUNPATH} of ELF files; this includes Guile, Python, Perl, and more. +To ensure that libraries written in those languages can find library code +they depend on at run time, run-time dependencies must be listed in +@code{propagated-inputs} rather than @code{inputs}. + +@item @code{self-native-input?} (default: @code{#f}) +This is a Boolean field telling whether the package should use itself as a +native input when cross-compiling. + +@item @code{outputs} (default: @code{'("out")}) +The list of output names of the package. @xref{Des paquets avec plusieurs résultats}, for typical uses of additional outputs. + +@item @code{native-search-paths} (default: @code{'()}) +@itemx @code{search-paths} (default: @code{'()}) +A list of @code{search-path-specification} objects describing search-path +environment variables honored by the package. + +@item @code{replacement} (default: @code{#f}) +This must be either @code{#f} or a package object that will be used as a +@dfn{replacement} for this package. @xref{Mises à jour de sécurité, grafts}, for +details. + +@item @code{synopsis} +A one-line description of the package. + +@item @code{description} +A more elaborate description of the package. + +@item @code{license} +@cindex license, of packages +The license of the package; a value from @code{(guix licenses)}, or a list +of such values. + +@item @code{home-page} +The URL to the home-page of the package, as a string. + +@item @code{supported-systems} (default: @var{%supported-systems}) +The list of systems supported by the package, as strings of the form +@code{architecture-kernel}, for example @code{"x86_64-linux"}. + +@item @code{maintainers} (default: @code{'()}) +The list of maintainers of the package, as @code{maintainer} objects. + +@item @code{location} (default: source location of the @code{package} form) +The source location of the package. It is useful to override this when +inheriting from another package, in which case this field is not +automatically corrected. +@end table +@end deftp + + +@node Référence d'origine +@subsection @code{origin} Reference + +This section summarizes all the options available in @code{origin} +declarations (@pxref{Définition des paquets}). + +@deftp {Data Type} origin +This is the data type representing a source code origin. + +@table @asis +@item @code{uri} +An object containing the URI of the source. The object type depends on the +@code{method} (see below). For example, when using the @var{url-fetch} +method of @code{(guix download)}, the valid @code{uri} values are: a URL +represented as a string, or a list thereof. + +@item @code{method} +A procedure that handles the URI. + +Examples include: + +@table @asis +@item @var{url-fetch} from @code{(guix download)} +download a file from the HTTP, HTTPS, or FTP URL specified in the @code{uri} +field; + +@vindex git-fetch +@item @var{git-fetch} from @code{(guix git-download)} +clone the Git version control repository, and check out the revision +specified in the @code{uri} field as a @code{git-reference} object; a +@code{git-reference} looks like this: + +@example +(git-reference + (url "git://git.debian.org/git/pkg-shadow/shadow") + (commit "v4.1.5.1")) +@end example +@end table + +@item @code{sha256} +A bytevector containing the SHA-256 hash of the source. Typically the +@code{base32} form is used here to generate the bytevector from a base-32 +string. + +You can obtain this information using @code{guix download} (@pxref{Invoquer guix download}) or @code{guix hash} (@pxref{Invoquer guix hash}). + +@item @code{file-name} (default: @code{#f}) +The file name under which the source code should be saved. When this is +@code{#f}, a sensible default value will be used in most cases. In case the +source is fetched from a URL, the file name from the URL will be used. For +version control checkouts, it is recommended to provide the file name +explicitly because the default is not very descriptive. + +@item @code{patches} (default: @code{'()}) +A list of file names, origins, or file-like objects (@pxref{G-Expressions, +file-like objects}) pointing to patches to be applied to the source. + +This list of patches must be unconditional. In particular, it cannot depend +on the value of @code{%current-system} or @code{%current-target-system}. + +@item @code{snippet} (default: @code{#f}) +A G-expression (@pxref{G-Expressions}) or S-expression that will be run in +the source directory. This is a convenient way to modify the source, +sometimes more convenient than a patch. + +@item @code{patch-flags} (default: @code{'("-p1")}) +A list of command-line flags that should be passed to the @code{patch} +command. + +@item @code{patch-inputs} (default: @code{#f}) +Input packages or derivations to the patching process. When this is +@code{#f}, the usual set of inputs necessary for patching are provided, such +as GNU@tie{}Patch. + +@item @code{modules} (default: @code{'()}) +A list of Guile modules that should be loaded during the patching process +and while running the code in the @code{snippet} field. + +@item @code{patch-guile} (default: @code{#f}) +The Guile package that should be used in the patching process. When this is +@code{#f}, a sensible default is used. +@end table +@end deftp + + +@node Systèmes de construction +@section Systèmes de construction + +@cindex build system +Each package definition specifies a @dfn{build system} and arguments for +that build system (@pxref{Définition des paquets}). This @code{build-system} +field represents the build procedure of the package, as well as implicit +dependencies of that build procedure. + +Build systems are @code{} objects. The interface to create +and manipulate them is provided by the @code{(guix build-system)} module, +and actual build systems are exported by specific modules. + +@cindex bag (low-level package representation) +Under the hood, build systems first compile package objects to @dfn{bags}. +A @dfn{bag} is like a package, but with less ornamentation---in other words, +a bag is a lower-level representation of a package, which includes all the +inputs of that package, including some that were implicitly added by the +build system. This intermediate representation is then compiled to a +derivation (@pxref{Dérivations}). + +Build systems accept an optional list of @dfn{arguments}. In package +definitions, these are passed @i{via} the @code{arguments} field +(@pxref{Définition des paquets}). They are typically keyword arguments +(@pxref{Optional Arguments, keyword arguments in Guile,, guile, GNU Guile +Reference Manual}). The value of these arguments is usually evaluated in +the @dfn{build stratum}---i.e., by a Guile process launched by the daemon +(@pxref{Dérivations}). + +The main build system is @var{gnu-build-system}, which implements the +standard build procedure for GNU and many other packages. It is provided by +the @code{(guix build-system gnu)} module. + +@defvr {Scheme Variable} gnu-build-system +@var{gnu-build-system} represents the GNU Build System, and variants thereof +(@pxref{Configuration, configuration and makefile conventions,, standards, +GNU Coding Standards}). + +@cindex build phases +In a nutshell, packages using it are configured, built, and installed with +the usual @code{./configure && make && make check && make install} command +sequence. In practice, a few additional steps are often needed. All these +steps are split up in separate @dfn{phases}, notably@footnote{Please see the +@code{(guix build gnu-build-system)} modules for more details about the +build phases.}: + +@table @code +@item unpack +Unpack the source tarball, and change the current directory to the extracted +source tree. If the source is actually a directory, copy it to the build +tree, and enter that directory. + +@item patch-source-shebangs +Patch shebangs encountered in source files so they refer to the right store +file names. For instance, this changes @code{#!/bin/sh} to +@code{#!/gnu/store/@dots{}-bash-4.3/bin/sh}. + +@item configure +Run the @file{configure} script with a number of default options, such as +@code{--prefix=/gnu/store/@dots{}}, as well as the options specified by the +@code{#:configure-flags} argument. + +@item build +Run @code{make} with the list of flags specified with @code{#:make-flags}. +If the @code{#:parallel-build?} argument is true (the default), build with +@code{make -j}. + +@item check +Run @code{make check}, or some other target specified with +@code{#:test-target}, unless @code{#:tests? #f} is passed. If the +@code{#:parallel-tests?} argument is true (the default), run @code{make +check -j}. + +@item install +Run @code{make install} with the flags listed in @code{#:make-flags}. + +@item patch-shebangs +Patch shebangs on the installed executable files. + +@item strip +Strip debugging symbols from ELF files (unless @code{#:strip-binaries?} is +false), copying them to the @code{debug} output when available +(@pxref{Installer les fichiers de débogage}). +@end table + +@vindex %standard-phases +The build-side module @code{(guix build gnu-build-system)} defines +@var{%standard-phases} as the default list of build phases. +@var{%standard-phases} is a list of symbol/procedure pairs, where the +procedure implements the actual phase. + +The list of phases used for a particular package can be changed with the +@code{#:phases} parameter. For instance, passing: + +@example +#:phases (modify-phases %standard-phases (delete 'configure)) +@end example + +means that all the phases described above will be used, except the +@code{configure} phase. + +In addition, this build system ensures that the ``standard'' environment for +GNU packages is available. This includes tools such as GCC, libc, +Coreutils, Bash, Make, Diffutils, grep, and sed (see the @code{(guix +build-system gnu)} module for a complete list). We call these the +@dfn{implicit inputs} of a package, because package definitions do not have +to mention them. +@end defvr + +Other @code{} objects are defined to support other conventions +and tools used by free software packages. They inherit most of +@var{gnu-build-system}, and differ mainly in the set of inputs implicitly +added to the build process, and in the list of phases executed. Some of +these build systems are listed below. + +@defvr {Scheme Variable} ant-build-system +This variable is exported by @code{(guix build-system ant)}. It implements +the build procedure for Java packages that can be built with +@url{http://ant.apache.org/, Ant build tool}. + +It adds both @code{ant} and the @dfn{Java Development Kit} (JDK) as provided +by the @code{icedtea} package to the set of inputs. Different packages can +be specified with the @code{#:ant} and @code{#:jdk} parameters, +respectively. + +When the original package does not provide a suitable Ant build file, the +parameter @code{#:jar-name} can be used to generate a minimal Ant build file +@file{build.xml} with tasks to build the specified jar archive. In this +case the parameter @code{#:source-dir} can be used to specify the source +sub-directory, defaulting to ``src''. + +The @code{#:main-class} parameter can be used with the minimal ant buildfile +to specify the main class of the resulting jar. This makes the jar file +executable. The @code{#:test-include} parameter can be used to specify the +list of junit tests to run. It defaults to @code{(list "**/*Test.java")}. +The @code{#:test-exclude} can be used to disable some tests. It defaults to +@code{(list "**/Abstract*.java")}, because abstract classes cannot be run as +tests. + +The parameter @code{#:build-target} can be used to specify the Ant task that +should be run during the @code{build} phase. By default the ``jar'' task +will be run. + +@end defvr + +@defvr {Scheme Variable} asdf-build-system/source +@defvrx {Scheme Variable} asdf-build-system/sbcl +@defvrx {Scheme Variable} asdf-build-system/ecl + +These variables, exported by @code{(guix build-system asdf)}, implement +build procedures for Common Lisp packages using +@url{https://common-lisp.net/project/asdf/, ``ASDF''}. ASDF is a system +definition facility for Common Lisp programs and libraries. + +The @code{asdf-build-system/source} system installs the packages in source +form, and can be loaded using any common lisp implementation, via ASDF. The +others, such as @code{asdf-build-system/sbcl}, install binary systems in the +format which a particular implementation understands. These build systems +can also be used to produce executable programs, or lisp images which +contain a set of packages pre-loaded. + +The build system uses naming conventions. For binary packages, the package +name should be prefixed with the lisp implementation, such as @code{sbcl-} +for @code{asdf-build-system/sbcl}. + +Additionally, the corresponding source package should be labeled using the +same convention as python packages (see @ref{Modules python}), using the +@code{cl-} prefix. + +For binary packages, each system should be defined as a Guix package. If +one package @code{origin} contains several systems, package variants can be +created in order to build all the systems. Source packages, which use +@code{asdf-build-system/source}, may contain several systems. + +In order to create executable programs and images, the build-side procedures +@code{build-program} and @code{build-image} can be used. They should be +called in a build phase after the @code{create-symlinks} phase, so that the +system which was just built can be used within the resulting image. +@code{build-program} requires a list of Common Lisp expressions to be passed +as the @code{#:entry-program} argument. + +If the system is not defined within its own @code{.asd} file of the same +name, then the @code{#:asd-file} parameter should be used to specify which +file the system is defined in. Furthermore, if the package defines a system +for its tests in a separate file, it will be loaded before the tests are run +if it is specified by the @code{#:test-asd-file} parameter. If it is not +set, the files @code{-tests.asd}, @code{-test.asd}, +@code{tests.asd}, and @code{test.asd} will be tried if they exist. + +If for some reason the package must be named in a different way than the +naming conventions suggest, the @code{#:asd-system-name} parameter can be +used to specify the name of the system. + +@end defvr + +@defvr {Scheme Variable} cargo-build-system +@cindex Rust programming language +@cindex Cargo (Rust build system) +This variable is exported by @code{(guix build-system cargo)}. It supports +builds of packages using Cargo, the build tool of the +@uref{https://www.rust-lang.org, Rust programming language}. + +In its @code{configure} phase, this build system replaces dependencies +specified in the @file{Carto.toml} file with inputs to the Guix package. +The @code{install} phase installs the binaries, and it also installs the +source code and @file{Cargo.toml} file. +@end defvr + +@defvr {Scheme Variable} cmake-build-system +This variable is exported by @code{(guix build-system cmake)}. It +implements the build procedure for packages using the +@url{http://www.cmake.org, CMake build tool}. + +It automatically adds the @code{cmake} package to the set of inputs. Which +package is used can be specified with the @code{#:cmake} parameter. + +The @code{#:configure-flags} parameter is taken as a list of flags passed to +the @command{cmake} command. The @code{#:build-type} parameter specifies in +abstract terms the flags passed to the compiler; it defaults to +@code{"RelWithDebInfo"} (short for ``release mode with debugging +information''), which roughly means that code is compiled with @code{-O2 +-g}, as is the case for Autoconf-based packages by default. +@end defvr + +@defvr {Scheme Variable} go-build-system +This variable is exported by @code{(guix build-system go)}. It implements a +build procedure for Go packages using the standard +@url{https://golang.org/cmd/go/#hdr-Compile_packages_and_dependencies, Go +build mechanisms}. + +The user is expected to provide a value for the key @code{#:import-path} +and, in some cases, @code{#:unpack-path}. The +@url{https://golang.org/doc/code.html#ImportPaths, import path} corresponds +to the file system path expected by the package's build scripts and any +referring packages, and provides a unique way to refer to a Go package. It +is typically based on a combination of the package source code's remote URI +and file system hierarchy structure. In some cases, you will need to unpack +the package's source code to a different directory structure than the one +indicated by the import path, and @code{#:unpack-path} should be used in +such cases. + +Packages that provide Go libraries should be installed along with their +source code. The key @code{#:install-source?}, which defaults to @code{#t}, +controls whether or not the source code is installed. It can be set to +@code{#f} for packages that only provide executable files. +@end defvr + +@defvr {Scheme Variable} glib-or-gtk-build-system +This variable is exported by @code{(guix build-system glib-or-gtk)}. It is +intended for use with packages making use of GLib or GTK+. + +This build system adds the following two phases to the ones defined by +@var{gnu-build-system}: + +@table @code +@item glib-or-gtk-wrap +The phase @code{glib-or-gtk-wrap} ensures that programs in @file{bin/} are +able to find GLib ``schemas'' and +@uref{https://developer.gnome.org/gtk3/stable/gtk-running.html, GTK+ +modules}. This is achieved by wrapping the programs in launch scripts that +appropriately set the @code{XDG_DATA_DIRS} and @code{GTK_PATH} environment +variables. + +It is possible to exclude specific package outputs from that wrapping +process by listing their names in the +@code{#:glib-or-gtk-wrap-excluded-outputs} parameter. This is useful when +an output is known not to contain any GLib or GTK+ binaries, and where +wrapping would gratuitously add a dependency of that output on GLib and +GTK+. + +@item glib-or-gtk-compile-schemas +The phase @code{glib-or-gtk-compile-schemas} makes sure that all +@uref{https://developer.gnome.org/gio/stable/glib-compile-schemas.html, +GSettings schemas} of GLib are compiled. Compilation is performed by the +@command{glib-compile-schemas} program. It is provided by the package +@code{glib:bin} which is automatically imported by the build system. The +@code{glib} package providing @command{glib-compile-schemas} can be +specified with the @code{#:glib} parameter. +@end table + +Both phases are executed after the @code{install} phase. +@end defvr + +@defvr {Scheme Variable} minify-build-system +This variable is exported by @code{(guix build-system minify)}. It +implements a minification procedure for simple JavaScript packages. + +It adds @code{uglify-js} to the set of inputs and uses it to compress all +JavaScript files in the @file{src} directory. A different minifier package +can be specified with the @code{#:uglify-js} parameter, but it is expected +that the package writes the minified code to the standard output. + +When the input JavaScript files are not all located in the @file{src} +directory, the parameter @code{#:javascript-files} can be used to specify a +list of file names to feed to the minifier. +@end defvr + +@defvr {Scheme Variable} ocaml-build-system +This variable is exported by @code{(guix build-system ocaml)}. It +implements a build procedure for @uref{https://ocaml.org, OCaml} packages, +which consists of choosing the correct set of commands to run for each +package. OCaml packages can expect many different commands to be run. This +build system will try some of them. + +When the package has a @file{setup.ml} file present at the top-level, it +will run @code{ocaml setup.ml -configure}, @code{ocaml setup.ml -build} and +@code{ocaml setup.ml -install}. The build system will assume that this file +was generated by @uref{http://oasis.forge.ocamlcore.org/, OASIS} and will +take care of setting the prefix and enabling tests if they are not +disabled. You can pass configure and build flags with the +@code{#:configure-flags} and @code{#:build-flags}. The @code{#:test-flags} +key can be passed to change the set of flags used to enable tests. The +@code{#:use-make?} key can be used to bypass this system in the build and +install phases. + +When the package has a @file{configure} file, it is assumed that it is a +hand-made configure script that requires a different argument format than in +the @code{gnu-build-system}. You can add more flags with the +@code{#:configure-flags} key. + +When the package has a @file{Makefile} file (or @code{#:use-make?} is +@code{#t}), it will be used and more flags can be passed to the build and +install phases with the @code{#:make-flags} key. + +Finally, some packages do not have these files and use a somewhat standard +location for its build system. In that case, the build system will run +@code{ocaml pkg/pkg.ml} or @code{ocaml pkg/build.ml} and take care of +providing the path to the required findlib module. Additional flags can be +passed via the @code{#:build-flags} key. Install is taken care of by +@command{opam-installer}. In this case, the @code{opam} package must be +added to the @code{native-inputs} field of the package definition. + +Note that most OCaml packages assume they will be installed in the same +directory as OCaml, which is not what we want in guix. In particular, they +will install @file{.so} files in their module's directory, which is usually +fine because it is in the OCaml compiler directory. In guix though, these +libraries cannot be found and we use @code{CAML_LD_LIBRARY_PATH}. This +variable points to @file{lib/ocaml/site-lib/stubslibs} and this is where +@file{.so} libraries should be installed. +@end defvr + +@defvr {Scheme Variable} python-build-system +This variable is exported by @code{(guix build-system python)}. It +implements the more or less standard build procedure used by Python +packages, which consists in running @code{python setup.py build} and then +@code{python setup.py install --prefix=/gnu/store/@dots{}}. + +For packages that install stand-alone Python programs under @code{bin/}, it +takes care of wrapping these programs so that their @code{PYTHONPATH} +environment variable points to all the Python libraries they depend on. + +Which Python package is used to perform the build can be specified with the +@code{#:python} parameter. This is a useful way to force a package to be +built for a specific version of the Python interpreter, which might be +necessary if the package is only compatible with a single interpreter +version. + +By default guix calls @code{setup.py} under control of @code{setuptools}, +much like @command{pip} does. Some packages are not compatible with +setuptools (and pip), thus you can disable this by setting the +@code{#:use-setuptools} parameter to @code{#f}. +@end defvr + +@defvr {Scheme Variable} perl-build-system +This variable is exported by @code{(guix build-system perl)}. It implements +the standard build procedure for Perl packages, which either consists in +running @code{perl Build.PL --prefix=/gnu/store/@dots{}}, followed by +@code{Build} and @code{Build install}; or in running @code{perl Makefile.PL +PREFIX=/gnu/store/@dots{}}, followed by @code{make} and @code{make install}, +depending on which of @code{Build.PL} or @code{Makefile.PL} is present in +the package distribution. Preference is given to the former if both +@code{Build.PL} and @code{Makefile.PL} exist in the package distribution. +This preference can be reversed by specifying @code{#t} for the +@code{#:make-maker?} parameter. + +The initial @code{perl Makefile.PL} or @code{perl Build.PL} invocation +passes flags specified by the @code{#:make-maker-flags} or +@code{#:module-build-flags} parameter, respectively. + +Which Perl package is used can be specified with @code{#:perl}. +@end defvr + +@defvr {Scheme Variable} r-build-system +This variable is exported by @code{(guix build-system r)}. It implements +the build procedure used by @uref{http://r-project.org, R} packages, which +essentially is little more than running @code{R CMD INSTALL +--library=/gnu/store/@dots{}} in an environment where @code{R_LIBS_SITE} +contains the paths to all R package inputs. Tests are run after +installation using the R function @code{tools::testInstalledPackage}. +@end defvr + +@defvr {Scheme Variable} texlive-build-system +This variable is exported by @code{(guix build-system texlive)}. It is used +to build TeX packages in batch mode with a specified engine. The build +system sets the @code{TEXINPUTS} variable to find all TeX source files in +the inputs. + +By default it runs @code{luatex} on all files ending on @code{ins}. A +different engine and format can be specified with the @code{#:tex-format} +argument. Different build targets can be specified with the +@code{#:build-targets} argument, which expects a list of file names. The +build system adds only @code{texlive-bin} and @code{texlive-latex-base} +(both from @code{(gnu packages tex}) to the inputs. Both can be overridden +with the arguments @code{#:texlive-bin} and @code{#:texlive-latex-base}, +respectively. + +The @code{#:tex-directory} parameter tells the build system where to install +the built files under the texmf tree. +@end defvr + +@defvr {Scheme Variable} ruby-build-system +This variable is exported by @code{(guix build-system ruby)}. It implements +the RubyGems build procedure used by Ruby packages, which involves running +@code{gem build} followed by @code{gem install}. + +The @code{source} field of a package that uses this build system typically +references a gem archive, since this is the format that Ruby developers use +when releasing their software. The build system unpacks the gem archive, +potentially patches the source, runs the test suite, repackages the gem, and +installs it. Additionally, directories and tarballs may be referenced to +allow building unreleased gems from Git or a traditional source release +tarball. + +Which Ruby package is used can be specified with the @code{#:ruby} +parameter. A list of additional flags to be passed to the @command{gem} +command can be specified with the @code{#:gem-flags} parameter. +@end defvr + +@defvr {Scheme Variable} waf-build-system +This variable is exported by @code{(guix build-system waf)}. It implements +a build procedure around the @code{waf} script. The common +phases---@code{configure}, @code{build}, and @code{install}---are +implemented by passing their names as arguments to the @code{waf} script. + +The @code{waf} script is executed by the Python interpreter. Which Python +package is used to run the script can be specified with the @code{#:python} +parameter. +@end defvr + +@defvr {Scheme Variable} scons-build-system +This variable is exported by @code{(guix build-system scons)}. It +implements the build procedure used by the SCons software construction +tool. This build system runs @code{scons} to build the package, @code{scons +test} to run tests, and then @code{scons install} to install the package. + +Additional flags to be passed to @code{scons} can be specified with the +@code{#:scons-flags} parameter. The version of Python used to run SCons can +be specified by selecting the appropriate SCons package with the +@code{#:scons} parameter. +@end defvr + +@defvr {Scheme Variable} haskell-build-system +This variable is exported by @code{(guix build-system haskell)}. It +implements the Cabal build procedure used by Haskell packages, which +involves running @code{runhaskell Setup.hs configure +--prefix=/gnu/store/@dots{}} and @code{runhaskell Setup.hs build}. Instead +of installing the package by running @code{runhaskell Setup.hs install}, to +avoid trying to register libraries in the read-only compiler store +directory, the build system uses @code{runhaskell Setup.hs copy}, followed +by @code{runhaskell Setup.hs register}. In addition, the build system +generates the package documentation by running @code{runhaskell Setup.hs +haddock}, unless @code{#:haddock? #f} is passed. Optional Haddock +parameters can be passed with the help of the @code{#:haddock-flags} +parameter. If the file @code{Setup.hs} is not found, the build system looks +for @code{Setup.lhs} instead. + +Which Haskell compiler is used can be specified with the @code{#:haskell} +parameter which defaults to @code{ghc}. +@end defvr + +@defvr {Scheme Variable} dub-build-system +This variable is exported by @code{(guix build-system dub)}. It implements +the Dub build procedure used by D packages, which involves running @code{dub +build} and @code{dub run}. Installation is done by copying the files +manually. + +Which D compiler is used can be specified with the @code{#:ldc} parameter +which defaults to @code{ldc}. +@end defvr + +@defvr {Scheme Variable} emacs-build-system +This variable is exported by @code{(guix build-system emacs)}. It +implements an installation procedure similar to the packaging system of +Emacs itself (@pxref{Packages,,, emacs, The GNU Emacs Manual}). + +It first creates the @code{@var{package}-autoloads.el} file, then it byte +compiles all Emacs Lisp files. Differently from the Emacs packaging system, +the Info documentation files are moved to the standard documentation +directory and the @file{dir} file is deleted. Each package is installed in +its own directory under @file{share/emacs/site-lisp/guix.d}. +@end defvr + +@defvr {Scheme Variable} font-build-system +This variable is exported by @code{(guix build-system font)}. It implements +an installation procedure for font packages where upstream provides +pre-compiled TrueType, OpenType, etc. font files that merely need to be +copied into place. It copies font files to standard locations in the output +directory. +@end defvr + +@defvr {Scheme Variable} meson-build-system +This variable is exported by @code{(guix build-system meson)}. It +implements the build procedure for packages that use +@url{http://mesonbuild.com, Meson} as their build system. + +It adds both Meson and @uref{https://ninja-build.org/, Ninja} to the set of +inputs, and they can be changed with the parameters @code{#:meson} and +@code{#:ninja} if needed. The default Meson is @code{meson-for-build}, +which is special because it doesn't clear the @code{RUNPATH} of binaries and +libraries when they are installed. + +This build system is an extension of @var{gnu-build-system}, but with the +following phases changed to some specific for Meson: + +@table @code + +@item configure +The phase runs @code{meson} with the flags specified in +@code{#:configure-flags}. The flag @code{--build-type} is always set to +@code{plain} unless something else is specified in @code{#:build-type}. + +@item build +The phase runs @code{ninja} to build the package in parallel by default, but +this can be changed with @code{#:parallel-build?}. + +@item check +The phase runs @code{ninja} with the target specified in +@code{#:test-target}, which is @code{"test"} by default. + +@item install +The phase runs @code{ninja install} and can not be changed. +@end table + +Apart from that, the build system also adds the following phases: + +@table @code + +@item fix-runpath +This phase ensures that all binaries can find the libraries they need. It +searches for required libraries in subdirectories of the package being +built, and adds those to @code{RUNPATH} where needed. It also removes +references to libraries left over from the build phase by +@code{meson-for-build}, such as test dependencies, that aren't actually +required for the program to run. + +@item glib-or-gtk-wrap +This phase is the phase provided by @code{glib-or-gtk-build-system}, and it +is not enabled by default. It can be enabled with @code{#:glib-or-gtk?}. + +@item glib-or-gtk-compile-schemas +This phase is the phase provided by @code{glib-or-gtk-build-system}, and it +is not enabled by default. It can be enabled with @code{#:glib-or-gtk?}. +@end table +@end defvr + +Lastly, for packages that do not need anything as sophisticated, a +``trivial'' build system is provided. It is trivial in the sense that it +provides basically no support: it does not pull any implicit inputs, and +does not have a notion of build phases. + +@defvr {Scheme Variable} trivial-build-system +This variable is exported by @code{(guix build-system trivial)}. + +This build system requires a @code{#:builder} argument. This argument must +be a Scheme expression that builds the package output(s)---as with +@code{build-expression->derivation} (@pxref{Dérivations, +@code{build-expression->derivation}}). +@end defvr + +@node Le dépôt +@section Le dépôt + +@cindex dépôt +@cindex store items +@cindex store paths + +Conceptually, the @dfn{store} is the place where derivations that have been +built successfully are stored---by default, @file{/gnu/store}. +Sub-directories in the store are referred to as @dfn{store items} or +sometimes @dfn{store paths}. The store has an associated database that +contains information such as the store paths referred to by each store path, +and the list of @emph{valid} store items---results of successful builds. +This database resides in @file{@var{localstatedir}/guix/db}, where +@var{localstatedir} is the state directory specified @i{via} +@option{--localstatedir} at configure time, usually @file{/var}. + +The store is @emph{always} accessed by the daemon on behalf of its clients +(@pxref{Invoquer guix-daemon}). To manipulate the store, clients connect to +the daemon over a Unix-domain socket, send requests to it, and read the +result---these are remote procedure calls, or RPCs. + +@quotation Note +Users must @emph{never} modify files under @file{/gnu/store} directly. This +would lead to inconsistencies and break the immutability assumptions of +Guix's functional model (@pxref{Introduction}). + +@xref{Invoquer guix gc, @command{guix gc --verify}}, for information on how +to check the integrity of the store and attempt recovery from accidental +modifications. +@end quotation + +The @code{(guix store)} module provides procedures to connect to the daemon, +and to perform RPCs. These are described below. By default, +@code{open-connection}, and thus all the @command{guix} commands, connect to +the local daemon or to the URI specified by the @code{GUIX_DAEMON_SOCKET} +environment variable. + +@defvr {Environment Variable} GUIX_DAEMON_SOCKET +When set, the value of this variable should be a file name or a URI +designating the daemon endpoint. When it is a file name, it denotes a +Unix-domain socket to connect to. In addition to file names, the supported +URI schemes are: + +@table @code +@item file +@itemx unix +These are for Unix-domain sockets. +@code{file:///var/guix/daemon-socket/socket} is equivalent to +@file{/var/guix/daemon-socket/socket}. + +@item guix +@cindex daemon, remote access +@cindex remote access to the daemon +@cindex daemon, cluster setup +@cindex clusters, daemon setup +These URIs denote connections over TCP/IP, without encryption nor +authentication of the remote host. The URI must specify the host name and +optionally a port number (by default port 44146 is used): + +@example +guix://master.guix.example.org:1234 +@end example + +This setup is suitable on local networks, such as clusters, where only +trusted nodes may connect to the build daemon at +@code{master.guix.example.org}. + +The @code{--listen} option of @command{guix-daemon} can be used to instruct +it to listen for TCP connections (@pxref{Invoquer guix-daemon, +@code{--listen}}). + +@item ssh +@cindex SSH access to build daemons +These URIs allow you to connect to a remote daemon over SSH@footnote{This +feature requires Guile-SSH (@pxref{Prérequis}).}. A typical URL might +look like this: + +@example +ssh://charlie@@guix.example.org:22 +@end example + +As for @command{guix copy}, the usual OpenSSH client configuration files are +honored (@pxref{Invoquer guix copy}). +@end table + +Additional URI schemes may be supported in the future. + +@c XXX: Remove this note when the protocol incurs fewer round trips +@c and when (guix derivations) no longer relies on file system access. +@quotation Note +The ability to connect to remote build daemons is considered experimental as +of @value{VERSION}. Please get in touch with us to share any problems or +suggestions you may have (@pxref{Contribuer}). +@end quotation +@end defvr + +@deffn {Scheme Procedure} open-connection [@var{uri}] [#:reserve-space? #t] +Connect to the daemon over the Unix-domain socket at @var{uri} (a string). +When @var{reserve-space?} is true, instruct it to reserve a little bit of +extra space on the file system so that the garbage collector can still +operate should the disk become full. Return a server object. + +@var{file} defaults to @var{%default-socket-path}, which is the normal +location given the options that were passed to @command{configure}. +@end deffn + +@deffn {Scheme Procedure} close-connection @var{server} +Close the connection to @var{server}. +@end deffn + +@defvr {Scheme Variable} current-build-output-port +This variable is bound to a SRFI-39 parameter, which refers to the port +where build and error logs sent by the daemon should be written. +@end defvr + +Procedures that make RPCs all take a server object as their first argument. + +@deffn {Scheme Procedure} valid-path? @var{server} @var{path} +@cindex invalid store items +Return @code{#t} when @var{path} designates a valid store item and @code{#f} +otherwise (an invalid item may exist on disk but still be invalid, for +instance because it is the result of an aborted or failed build.) + +A @code{&nix-protocol-error} condition is raised if @var{path} is not +prefixed by the store directory (@file{/gnu/store}). +@end deffn + +@deffn {Scheme Procedure} add-text-to-store @var{server} @var{name} @var{text} [@var{references}] +Add @var{text} under file @var{name} in the store, and return its store +path. @var{references} is the list of store paths referred to by the +resulting store path. +@end deffn + +@deffn {Scheme Procedure} build-derivations @var{server} @var{derivations} +Build @var{derivations} (a list of @code{} objects or derivation +paths), and return when the worker is done building them. Return @code{#t} +on success. +@end deffn + +Note that the @code{(guix monads)} module provides a monad as well as +monadic versions of the above procedures, with the goal of making it more +convenient to work with code that accesses the store (@pxref{La monad du dépôt}). + +@c FIXME +@i{This section is currently incomplete.} + +@node Dérivations +@section Dérivations + +@cindex derivations +Low-level build actions and the environment in which they are performed are +represented by @dfn{derivations}. A derivation contains the following +pieces of information: + +@itemize +@item +The outputs of the derivation---derivations produce at least one file or +directory in the store, but may produce more. + +@item +The inputs of the derivations, which may be other derivations or plain files +in the store (patches, build scripts, etc.) + +@item +The system type targeted by the derivation---e.g., @code{x86_64-linux}. + +@item +The file name of a build script in the store, along with the arguments to be +passed. + +@item +A list of environment variables to be defined. + +@end itemize + +@cindex derivation path +Derivations allow clients of the daemon to communicate build actions to the +store. They exist in two forms: as an in-memory representation, both on the +client- and daemon-side, and as files in the store whose name end in +@code{.drv}---these files are referred to as @dfn{derivation paths}. +Derivations paths can be passed to the @code{build-derivations} procedure to +perform the build actions they prescribe (@pxref{Le dépôt}). + +@cindex fixed-output derivations +Operations such as file downloads and version-control checkouts for which +the expected content hash is known in advance are modeled as +@dfn{fixed-output derivations}. Unlike regular derivations, the outputs of +a fixed-output derivation are independent of its inputs---e.g., a source +code download produces the same result regardless of the download method and +tools being used. + +The @code{(guix derivations)} module provides a representation of +derivations as Scheme objects, along with procedures to create and otherwise +manipulate derivations. The lowest-level primitive to create a derivation +is the @code{derivation} procedure: + +@deffn {Scheme Procedure} derivation @var{store} @var{name} @var{builder} @ + @var{args} [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ [#:recursive? +#f] [#:inputs '()] [#:env-vars '()] @ [#:system (%current-system)] +[#:references-graphs #f] @ [#:allowed-references #f] +[#:disallowed-references #f] @ [#:leaked-env-vars #f] [#:local-build? #f] @ +[#:substitutable? #t] Construit une dérivation avec les arguments donnés et +renvie l'objet @code{} obtenu. + +When @var{hash} and @var{hash-algo} are given, a @dfn{fixed-output +derivation} is created---i.e., one whose result is known in advance, such as +a file download. If, in addition, @var{recursive?} is true, then that fixed +output may be an executable file or a directory and @var{hash} must be the +hash of an archive containing this output. + +When @var{references-graphs} is true, it must be a list of file name/store +path pairs. In that case, the reference graph of each store path is +exported in the build environment in the corresponding file, in a simple +text format. + +When @var{allowed-references} is true, it must be a list of store items or +outputs that the derivation's output may refer to. Likewise, +@var{disallowed-references}, if true, must be a list of things the outputs +may @emph{not} refer to. + +When @var{leaked-env-vars} is true, it must be a list of strings denoting +environment variables that are allowed to ``leak'' from the daemon's +environment to the build environment. This is only applicable to +fixed-output derivations---i.e., when @var{hash} is true. The main use is +to allow variables such as @code{http_proxy} to be passed to derivations +that download files. + +When @var{local-build?} is true, declare that the derivation is not a good +candidate for offloading and should rather be built locally (@pxref{Réglages du délestage du démon}). This is the case for small derivations where the costs of +data transfers would outweigh the benefits. + +Lorsque que @var{substitutable?} est faux, déclare que les substituts de la +sortie de la dérivation ne devraient pas être utilisés +(@pxref{Substituts}). Cela est utile par exemple pour construire des paquets +qui utilisent des détails du jeu d'instruction du CPU hôte. +@end deffn + +@noindent +Here's an example with a shell script as its builder, assuming @var{store} +is an open connection to the daemon, and @var{bash} points to a Bash +executable in the store: + +@lisp +(use-modules (guix utils) + (guix store) + (guix derivations)) + +(let ((builder ; add the Bash script to the store + (add-text-to-store store "my-builder.sh" + "echo hello world > $out\n" '()))) + (derivation store "foo" + bash `("-e" ,builder) + #:inputs `((,bash) (,builder)) + #:env-vars '(("HOME" . "/homeless")))) +@result{} # /gnu/store/@dots{}-foo> +@end lisp + +As can be guessed, this primitive is cumbersome to use directly. A better +approach is to write build scripts in Scheme, of course! The best course of +action for that is to write the build code as a ``G-expression'', and to +pass it to @code{gexp->derivation}. For more information, +@pxref{G-Expressions}. + +Once upon a time, @code{gexp->derivation} did not exist and constructing +derivations with build code written in Scheme was achieved with +@code{build-expression->derivation}, documented below. This procedure is +now deprecated in favor of the much nicer @code{gexp->derivation}. + +@deffn {Scheme Procedure} build-expression->derivation @var{store} @ + @var{name} @var{exp} @ [#:system (%current-system)] [#:inputs '()] @ +[#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ [#:recursive? #f] +[#:env-vars '()] [#:modules '()] @ [#:references-graphs #f] +[#:allowed-references #f] @ [#:disallowed-references #f] @ [#:local-build? +#f] [#:substitutable? #t] [#:guile-for-build #f] Return a derivation that +executes Scheme expression @var{exp} as a builder for derivation +@var{name}. @var{inputs} must be a list of @code{(name drv-path sub-drv)} +tuples; when @var{sub-drv} is omitted, @code{"out"} is assumed. +@var{modules} is a list of names of Guile modules from the current search +path to be copied in the store, compiled, and made available in the load +path during the execution of @var{exp}---e.g., @code{((guix build utils) +(guix build gnu-build-system))}. + +@var{exp} is evaluated in an environment where @code{%outputs} is bound to a +list of output/path pairs, and where @code{%build-inputs} is bound to a list +of string/output-path pairs made from @var{inputs}. Optionally, +@var{env-vars} is a list of string pairs specifying the name and value of +environment variables visible to the builder. The builder terminates by +passing the result of @var{exp} to @code{exit}; thus, when @var{exp} returns +@code{#f}, the build is considered to have failed. + +@var{exp} is built using @var{guile-for-build} (a derivation). When +@var{guile-for-build} is omitted or is @code{#f}, the value of the +@code{%guile-for-build} fluid is used instead. + +See the @code{derivation} procedure for the meaning of +@var{references-graphs}, @var{allowed-references}, +@var{disallowed-references}, @var{local-build?}, and @var{substitutable?}. +@end deffn + +@noindent +Here's an example of a single-output derivation that creates a directory +containing one file: + +@lisp +(let ((builder '(let ((out (assoc-ref %outputs "out"))) + (mkdir out) ; create /gnu/store/@dots{}-goo + (call-with-output-file (string-append out "/test") + (lambda (p) + (display '(hello guix) p)))))) + (build-expression->derivation store "goo" builder)) + +@result{} # @dots{}> +@end lisp + + +@node La monad du dépôt +@section La monad du dépôt + +@cindex monad + +The procedures that operate on the store described in the previous sections +all take an open connection to the build daemon as their first argument. +Although the underlying model is functional, they either have side effects +or depend on the current state of the store. + +The former is inconvenient: the connection to the build daemon has to be +carried around in all those functions, making it impossible to compose +functions that do not take that parameter with functions that do. The +latter can be problematic: since store operations have side effects and/or +depend on external state, they have to be properly sequenced. + +@cindex monadic values +@cindex monadic functions +This is where the @code{(guix monads)} module comes in. This module +provides a framework for working with @dfn{monads}, and a particularly +useful monad for our uses, the @dfn{store monad}. Monads are a construct +that allows two things: associating ``context'' with values (in our case, +the context is the store), and building sequences of computations (here +computations include accesses to the store). Values in a monad---values +that carry this additional context---are called @dfn{monadic values}; +procedures that return such values are called @dfn{monadic procedures}. + +Consider this ``normal'' procedure: + +@example +(define (sh-symlink store) + ;; Return a derivation that symlinks the 'bash' executable. + (let* ((drv (package-derivation store bash)) + (out (derivation->output-path drv)) + (sh (string-append out "/bin/bash"))) + (build-expression->derivation store "sh" + `(symlink ,sh %output)))) +@end example + +Using @code{(guix monads)} and @code{(guix gexp)}, it may be rewritten as a +monadic function: + +@example +(define (sh-symlink) + ;; Same, but return a monadic value. + (mlet %store-monad ((drv (package->derivation bash))) + (gexp->derivation "sh" + #~(symlink (string-append #$drv "/bin/bash") + #$output)))) +@end example + +There are several things to note in the second version: the @code{store} +parameter is now implicit and is ``threaded'' in the calls to the +@code{package->derivation} and @code{gexp->derivation} monadic procedures, +and the monadic value returned by @code{package->derivation} is @dfn{bound} +using @code{mlet} instead of plain @code{let}. + +As it turns out, the call to @code{package->derivation} can even be omitted +since it will take place implicitly, as we will see later +(@pxref{G-Expressions}): + +@example +(define (sh-symlink) + (gexp->derivation "sh" + #~(symlink (string-append #$bash "/bin/bash") + #$output))) +@end example + +@c See +@c +@c for the funny quote. +Calling the monadic @code{sh-symlink} has no effect. As someone once said, +``you exit a monad like you exit a building on fire: by running''. So, to +exit the monad and get the desired effect, one must use +@code{run-with-store}: + +@example +(run-with-store (open-connection) (sh-symlink)) +@result{} /gnu/store/...-sh-symlink +@end example + +Note that the @code{(guix monad-repl)} module extends the Guile REPL with +new ``meta-commands'' to make it easier to deal with monadic procedures: +@code{run-in-store}, and @code{enter-store-monad}. The former is used to +``run'' a single monadic value through the store: + +@example +scheme@@(guile-user)> ,run-in-store (package->derivation hello) +$1 = # @dots{}> +@end example + +The latter enters a recursive REPL, where all the return values are +automatically run through the store: + +@example +scheme@@(guile-user)> ,enter-store-monad +store-monad@@(guile-user) [1]> (package->derivation hello) +$2 = # @dots{}> +store-monad@@(guile-user) [1]> (text-file "foo" "Hello!") +$3 = "/gnu/store/@dots{}-foo" +store-monad@@(guile-user) [1]> ,q +scheme@@(guile-user)> +@end example + +@noindent +Note that non-monadic values cannot be returned in the @code{store-monad} +REPL. + +The main syntactic forms to deal with monads in general are provided by the +@code{(guix monads)} module and are described below. + +@deffn {Scheme Syntax} with-monad @var{monad} @var{body} ... +Evaluate any @code{>>=} or @code{return} forms in @var{body} as being in +@var{monad}. +@end deffn + +@deffn {Scheme Syntax} return @var{val} +Return a monadic value that encapsulates @var{val}. +@end deffn + +@deffn {Scheme Syntax} >>= @var{mval} @var{mproc} ... +@dfn{Bind} monadic value @var{mval}, passing its ``contents'' to monadic +procedures @var{mproc}@dots{}@footnote{This operation is commonly referred +to as ``bind'', but that name denotes an unrelated procedure in Guile. Thus +we use this somewhat cryptic symbol inherited from the Haskell language.}. +There can be one @var{mproc} or several of them, as in this example: + +@example +(run-with-state + (with-monad %state-monad + (>>= (return 1) + (lambda (x) (return (+ 1 x))) + (lambda (x) (return (* 2 x))))) + 'some-state) + +@result{} 4 +@result{} some-state +@end example +@end deffn + +@deffn {Scheme Syntax} mlet @var{monad} ((@var{var} @var{mval}) ...) @ + @var{body} ... +@deffnx {Scheme Syntax} mlet* @var{monad} ((@var{var} @var{mval}) ...) @ + @var{body} ... Bind the variables @var{var} to the monadic values +@var{mval} in @var{body}, which is a sequence of expressions. As with the +bind operator, this can be thought of as ``unpacking'' the raw, non-monadic +value ``contained'' in @var{mval} and making @var{var} refer to that raw, +non-monadic value within the scope of the @var{body}. The form (@var{var} +-> @var{val}) binds @var{var} to the ``normal'' value @var{val}, as per +@code{let}. The binding operations occur in sequence from left to right. +The last expression of @var{body} must be a monadic expression, and its +result will become the result of the @code{mlet} or @code{mlet*} when run in +the @var{monad}. + +@code{mlet*} is to @code{mlet} what @code{let*} is to @code{let} +(@pxref{Local Bindings,,, guile, GNU Guile Reference Manual}). +@end deffn + +@deffn {Scheme System} mbegin @var{monad} @var{mexp} ... +Bind @var{mexp} and the following monadic expressions in sequence, returning +the result of the last expression. Every expression in the sequence must be +a monadic expression. + +This is akin to @code{mlet}, except that the return values of the monadic +expressions are ignored. In that sense, it is analogous to @code{begin}, +but applied to monadic expressions. +@end deffn + +@deffn {Scheme System} mwhen @var{condition} @var{mexp0} @var{mexp*} ... +When @var{condition} is true, evaluate the sequence of monadic expressions +@var{mexp0}..@var{mexp*} as in an @code{mbegin}. When @var{condition} is +false, return @code{*unspecified*} in the current monad. Every expression +in the sequence must be a monadic expression. +@end deffn + +@deffn {Scheme System} munless @var{condition} @var{mexp0} @var{mexp*} ... +When @var{condition} is false, evaluate the sequence of monadic expressions +@var{mexp0}..@var{mexp*} as in an @code{mbegin}. When @var{condition} is +true, return @code{*unspecified*} in the current monad. Every expression in +the sequence must be a monadic expression. +@end deffn + +@cindex state monad +The @code{(guix monads)} module provides the @dfn{state monad}, which allows +an additional value---the state---to be @emph{threaded} through monadic +procedure calls. + +@defvr {Scheme Variable} %state-monad +The state monad. Procedures in the state monad can access and change the +state that is threaded. + +Consider the example below. The @code{square} procedure returns a value in +the state monad. It returns the square of its argument, but also increments +the current state value: + +@example +(define (square x) + (mlet %state-monad ((count (current-state))) + (mbegin %state-monad + (set-current-state (+ 1 count)) + (return (* x x))))) + +(run-with-state (sequence %state-monad (map square (iota 3))) 0) +@result{} (0 1 4) +@result{} 3 +@end example + +When ``run'' through @var{%state-monad}, we obtain that additional state +value, which is the number of @code{square} calls. +@end defvr + +@deffn {Monadic Procedure} current-state +Return the current state as a monadic value. +@end deffn + +@deffn {Monadic Procedure} set-current-state @var{value} +Set the current state to @var{value} and return the previous state as a +monadic value. +@end deffn + +@deffn {Monadic Procedure} state-push @var{value} +Push @var{value} to the current state, which is assumed to be a list, and +return the previous state as a monadic value. +@end deffn + +@deffn {Monadic Procedure} state-pop +Pop a value from the current state and return it as a monadic value. The +state is assumed to be a list. +@end deffn + +@deffn {Scheme Procedure} run-with-state @var{mval} [@var{state}] +Run monadic value @var{mval} starting with @var{state} as the initial +state. Return two values: the resulting value, and the resulting state. +@end deffn + +The main interface to the store monad, provided by the @code{(guix store)} +module, is as follows. + +@defvr {Scheme Variable} %store-monad +The store monad---an alias for @var{%state-monad}. + +Values in the store monad encapsulate accesses to the store. When its +effect is needed, a value of the store monad must be ``evaluated'' by +passing it to the @code{run-with-store} procedure (see below.) +@end defvr + +@deffn {Scheme Procedure} run-with-store @var{store} @var{mval} [#:guile-for-build] [#:system (%current-system)] +Run @var{mval}, a monadic value in the store monad, in @var{store}, an open +store connection. +@end deffn + +@deffn {Monadic Procedure} text-file @var{name} @var{text} [@var{references}] +Return as a monadic value the absolute file name in the store of the file +containing @var{text}, a string. @var{references} is a list of store items +that the resulting text file refers to; it defaults to the empty list. +@end deffn + +@deffn {Monadic Procedure} interned-file @var{file} [@var{name}] @ + [#:recursive? #t] [#:select? (const #t)] Return the name of @var{file} once +interned in the store. Use @var{name} as its store name, or the basename of +@var{file} if @var{name} is omitted. + +When @var{recursive?} is true, the contents of @var{file} are added +recursively; if @var{file} designates a flat file and @var{recursive?} is +true, its contents are added, and its permission bits are kept. + +When @var{recursive?} is true, call @code{(@var{select?} @var{file} +@var{stat})} for each directory entry, where @var{file} is the entry's +absolute file name and @var{stat} is the result of @code{lstat}; exclude +entries for which @var{select?} does not return true. + +The example below adds a file to the store, under two different names: + +@example +(run-with-store (open-connection) + (mlet %store-monad ((a (interned-file "README")) + (b (interned-file "README" "LEGU-MIN"))) + (return (list a b)))) + +@result{} ("/gnu/store/rwm@dots{}-README" "/gnu/store/44i@dots{}-LEGU-MIN") +@end example + +@end deffn + +The @code{(guix packages)} module exports the following package-related +monadic procedures: + +@deffn {Monadic Procedure} package-file @var{package} [@var{file}] @ + [#:system (%current-system)] [#:target #f] @ [#:output "out"] Return as a +monadic value in the absolute file name of @var{file} within the +@var{output} directory of @var{package}. When @var{file} is omitted, return +the name of the @var{output} directory of @var{package}. When @var{target} +is true, use it as a cross-compilation target triplet. +@end deffn + +@deffn {Monadic Procedure} package->derivation @var{package} [@var{system}] +@deffnx {Monadic Procedure} package->cross-derivation @var{package} @ + @var{target} [@var{system}] Monadic version of @code{package-derivation} and +@code{package-cross-derivation} (@pxref{Définition des paquets}). +@end deffn + + +@node G-Expressions +@section G-Expressions + +@cindex G-expression +@cindex build code quoting +So we have ``derivations'', which represent a sequence of build actions to +be performed to produce an item in the store (@pxref{Dérivations}). These +build actions are performed when asking the daemon to actually build the +derivations; they are run by the daemon in a container (@pxref{Invoquer guix-daemon}). + +@cindex strata of code +It should come as no surprise that we like to write these build actions in +Scheme. When we do that, we end up with two @dfn{strata} of Scheme +code@footnote{The term @dfn{stratum} in this context was coined by Manuel +Serrano et al.@: in the context of their work on Hop. Oleg Kiselyov, who +has written insightful +@url{http://okmij.org/ftp/meta-programming/#meta-scheme, essays and code on +this topic}, refers to this kind of code generation as @dfn{staging}.}: the +``host code''---code that defines packages, talks to the daemon, etc.---and +the ``build code''---code that actually performs build actions, such as +making directories, invoking @command{make}, etc. + +To describe a derivation and its build actions, one typically needs to embed +build code inside host code. It boils down to manipulating build code as +data, and the homoiconicity of Scheme---code has a direct representation as +data---comes in handy for that. But we need more than the normal +@code{quasiquote} mechanism in Scheme to construct build expressions. + +The @code{(guix gexp)} module implements @dfn{G-expressions}, a form of +S-expressions adapted to build expressions. G-expressions, or @dfn{gexps}, +consist essentially of three syntactic forms: @code{gexp}, @code{ungexp}, +and @code{ungexp-splicing} (or simply: @code{#~}, @code{#$}, and +@code{#$@@}), which are comparable to @code{quasiquote}, @code{unquote}, and +@code{unquote-splicing}, respectively (@pxref{Expression Syntax, +@code{quasiquote},, guile, GNU Guile Reference Manual}). However, there are +major differences: + +@itemize +@item +Gexps are meant to be written to a file and run or manipulated by other +processes. + +@item +When a high-level object such as a package or derivation is unquoted inside +a gexp, the result is as if its output file name had been introduced. + +@item +Gexps carry information about the packages or derivations they refer to, and +these dependencies are automatically added as inputs to the build processes +that use them. +@end itemize + +@cindex lowering, of high-level objects in gexps +This mechanism is not limited to package and derivation objects: +@dfn{compilers} able to ``lower'' other high-level objects to derivations or +files in the store can be defined, such that these objects can also be +inserted into gexps. For example, a useful type of high-level objects that +can be inserted in a gexp is ``file-like objects'', which make it easy to +add files to the store and to refer to them in derivations and such (see +@code{local-file} and @code{plain-file} below.) + +To illustrate the idea, here is an example of a gexp: + +@example +(define build-exp + #~(begin + (mkdir #$output) + (chdir #$output) + (symlink (string-append #$coreutils "/bin/ls") + "list-files"))) +@end example + +This gexp can be passed to @code{gexp->derivation}; we obtain a derivation +that builds a directory containing exactly one symlink to +@file{/gnu/store/@dots{}-coreutils-8.22/bin/ls}: + +@example +(gexp->derivation "the-thing" build-exp) +@end example + +As one would expect, the @code{"/gnu/store/@dots{}-coreutils-8.22"} string +is substituted to the reference to the @var{coreutils} package in the actual +build code, and @var{coreutils} is automatically made an input to the +derivation. Likewise, @code{#$output} (equivalent to @code{(ungexp +output)}) is replaced by a string containing the directory name of the +output of the derivation. + +@cindex cross compilation +In a cross-compilation context, it is useful to distinguish between +references to the @emph{native} build of a package---that can run on the +host---versus references to cross builds of a package. To that end, the +@code{#+} plays the same role as @code{#$}, but is a reference to a native +package build: + +@example +(gexp->derivation "vi" + #~(begin + (mkdir #$output) + (system* (string-append #+coreutils "/bin/ln") + "-s" + (string-append #$emacs "/bin/emacs") + (string-append #$output "/bin/vi"))) + #:target "mips64el-linux-gnu") +@end example + +@noindent +In the example above, the native build of @var{coreutils} is used, so that +@command{ln} can actually run on the host; but then the cross-compiled build +of @var{emacs} is referenced. + +@cindex imported modules, for gexps +@findex with-imported-modules +Another gexp feature is @dfn{imported modules}: sometimes you want to be +able to use certain Guile modules from the ``host environment'' in the gexp, +so those modules should be imported in the ``build environment''. The +@code{with-imported-modules} form allows you to express that: + +@example +(let ((build (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p (string-append #$output "/bin")))))) + (gexp->derivation "empty-dir" + #~(begin + #$build + (display "success!\n") + #t))) +@end example + +@noindent +In this example, the @code{(guix build utils)} module is automatically +pulled into the isolated build environment of our gexp, such that +@code{(use-modules (guix build utils))} works as expected. + +@cindex module closure +@findex source-module-closure +Usually you want the @emph{closure} of the module to be imported---i.e., the +module itself and all the modules it depends on---rather than just the +module; failing to do that, attempts to use the module will fail because of +missing dependent modules. The @code{source-module-closure} procedure +computes the closure of a module by looking at its source file headers, +which comes in handy in this case: + +@example +(use-modules (guix modules)) ;for 'source-module-closure' + +(with-imported-modules (source-module-closure + '((guix build utils) + (gnu build vm))) + (gexp->derivation "something-with-vms" + #~(begin + (use-modules (guix build utils) + (gnu build vm)) + @dots{}))) +@end example + +The syntactic form to construct gexps is summarized below. + +@deffn {Scheme Syntax} #~@var{exp} +@deffnx {Scheme Syntax} (gexp @var{exp}) +Return a G-expression containing @var{exp}. @var{exp} may contain one or +more of the following forms: + +@table @code +@item #$@var{obj} +@itemx (ungexp @var{obj}) +Introduce a reference to @var{obj}. @var{obj} may have one of the supported +types, for example a package or a derivation, in which case the +@code{ungexp} form is replaced by its output file name---e.g., +@code{"/gnu/store/@dots{}-coreutils-8.22}. + +If @var{obj} is a list, it is traversed and references to supported objects +are substituted similarly. + +If @var{obj} is another gexp, its contents are inserted and its dependencies +are added to those of the containing gexp. + +If @var{obj} is another kind of object, it is inserted as is. + +@item #$@var{obj}:@var{output} +@itemx (ungexp @var{obj} @var{output}) +This is like the form above, but referring explicitly to the @var{output} of +@var{obj}---this is useful when @var{obj} produces multiple outputs +(@pxref{Des paquets avec plusieurs résultats}). + +@item #+@var{obj} +@itemx #+@var{obj}:output +@itemx (ungexp-native @var{obj}) +@itemx (ungexp-native @var{obj} @var{output}) +Same as @code{ungexp}, but produces a reference to the @emph{native} build +of @var{obj} when used in a cross compilation context. + +@item #$output[:@var{output}] +@itemx (ungexp output [@var{output}]) +Insert a reference to derivation output @var{output}, or to the main output +when @var{output} is omitted. + +This only makes sense for gexps passed to @code{gexp->derivation}. + +@item #$@@@var{lst} +@itemx (ungexp-splicing @var{lst}) +Like the above, but splices the contents of @var{lst} inside the containing +list. + +@item #+@@@var{lst} +@itemx (ungexp-native-splicing @var{lst}) +Like the above, but refers to native builds of the objects listed in +@var{lst}. + +@end table + +G-expressions created by @code{gexp} or @code{#~} are run-time objects of +the @code{gexp?} type (see below.) +@end deffn + +@deffn {Scheme Syntax} with-imported-modules @var{modules} @var{body}@dots{} +Mark the gexps defined in @var{body}@dots{} as requiring @var{modules} in +their execution environment. + +Each item in @var{modules} can be the name of a module, such as @code{(guix +build utils)}, or it can be a module name, followed by an arrow, followed by +a file-like object: + +@example +`((guix build utils) + (guix gcrypt) + ((guix config) => ,(scheme-file "config.scm" + #~(define-module @dots{})))) +@end example + +@noindent +In the example above, the first two modules are taken from the search path, +and the last one is created from the given file-like object. + +This form has @emph{lexical} scope: it has an effect on the gexps directly +defined in @var{body}@dots{}, but not on those defined, say, in procedures +called from @var{body}@dots{}. +@end deffn + +@deffn {Scheme Procedure} gexp? @var{obj} +Return @code{#t} if @var{obj} is a G-expression. +@end deffn + +G-expressions are meant to be written to disk, either as code building some +derivation, or as plain files in the store. The monadic procedures below +allow you to do that (@pxref{La monad du dépôt}, for more information about +monads.) + +@deffn {Monadic Procedure} gexp->derivation @var{name} @var{exp} @ + [#:system (%current-system)] [#:target #f] [#:graft? #t] @ [#:hash #f] +[#:hash-algo #f] @ [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ +[#:module-path @var{%load-path}] @ [#:references-graphs #f] +[#:allowed-references #f] @ [#:disallowed-references #f] @ +[#:leaked-env-vars #f] @ [#:script-name (string-append @var{name} +"-builder")] @ [#:deprecation-warnings #f] @ [#:local-build? #f] +[#:substitutable? #t] [#:guile-for-build #f] Return a derivation @var{name} +that runs @var{exp} (a gexp) with @var{guile-for-build} (a derivation) on +@var{system}; @var{exp} is stored in a file called @var{script-name}. When +@var{target} is true, it is used as the cross-compilation target triplet for +packages referred to by @var{exp}. + +@var{modules} is deprecated in favor of @code{with-imported-modules}. Its +meaning is to make @var{modules} available in the evaluation context of +@var{exp}; @var{modules} is a list of names of Guile modules searched in +@var{module-path} to be copied in the store, compiled, and made available in +the load path during the execution of @var{exp}---e.g., @code{((guix build +utils) (guix build gnu-build-system))}. + +@var{graft?} determines whether packages referred to by @var{exp} should be +grafted when applicable. + +When @var{references-graphs} is true, it must be a list of tuples of one of +the following forms: + +@example +(@var{file-name} @var{package}) +(@var{file-name} @var{package} @var{output}) +(@var{file-name} @var{derivation}) +(@var{file-name} @var{derivation} @var{output}) +(@var{file-name} @var{store-item}) +@end example + +The right-hand-side of each element of @var{references-graphs} is +automatically made an input of the build process of @var{exp}. In the build +environment, each @var{file-name} contains the reference graph of the +corresponding item, in a simple text format. + +@var{allowed-references} must be either @code{#f} or a list of output names +and packages. In the latter case, the list denotes store items that the +result is allowed to refer to. Any reference to another store item will +lead to a build error. Similarly for @var{disallowed-references}, which can +list items that must not be referenced by the outputs. + +@var{deprecation-warnings} determines whether to show deprecation warnings +while compiling modules. It can be @code{#f}, @code{#t}, or +@code{'detailed}. + +The other arguments are as for @code{derivation} (@pxref{Dérivations}). +@end deffn + +@cindex file-like objects +The @code{local-file}, @code{plain-file}, @code{computed-file}, +@code{program-file}, and @code{scheme-file} procedures below return +@dfn{file-like objects}. That is, when unquoted in a G-expression, these +objects lead to a file in the store. Consider this G-expression: + +@example +#~(system* #$(file-append glibc "/sbin/nscd") "-f" + #$(local-file "/tmp/my-nscd.conf")) +@end example + +The effect here is to ``intern'' @file{/tmp/my-nscd.conf} by copying it to +the store. Once expanded, for instance @i{via} @code{gexp->derivation}, the +G-expression refers to that copy under @file{/gnu/store}; thus, modifying or +removing the file in @file{/tmp} does not have any effect on what the +G-expression does. @code{plain-file} can be used similarly; it differs in +that the file content is directly passed as a string. + +@deffn {Scheme Procedure} local-file @var{file} [@var{name}] @ + [#:recursive? #f] [#:select? (const #t)] Return an object representing local +file @var{file} to add to the store; this object can be used in a gexp. If +@var{file} is a relative file name, it is looked up relative to the source +file where this form appears. @var{file} will be added to the store under +@var{name}--by default the base name of @var{file}. + +When @var{recursive?} is true, the contents of @var{file} are added +recursively; if @var{file} designates a flat file and @var{recursive?} is +true, its contents are added, and its permission bits are kept. + +When @var{recursive?} is true, call @code{(@var{select?} @var{file} +@var{stat})} for each directory entry, where @var{file} is the entry's +absolute file name and @var{stat} is the result of @code{lstat}; exclude +entries for which @var{select?} does not return true. + +This is the declarative counterpart of the @code{interned-file} monadic +procedure (@pxref{La monad du dépôt, @code{interned-file}}). +@end deffn + +@deffn {Scheme Procedure} plain-file @var{name} @var{content} +Return an object representing a text file called @var{name} with the given +@var{content} (a string) to be added to the store. + +This is the declarative counterpart of @code{text-file}. +@end deffn + +@deffn {Scheme Procedure} computed-file @var{name} @var{gexp} @ + [#:options '(#:local-build? #t)] Return an object representing the store +item @var{name}, a file or directory computed by @var{gexp}. @var{options} +is a list of additional arguments to pass to @code{gexp->derivation}. + +This is the declarative counterpart of @code{gexp->derivation}. +@end deffn + +@deffn {Monadic Procedure} gexp->script @var{name} @var{exp} @ + [#:guile (default-guile)] [#:module-path %load-path] Return an executable +script @var{name} that runs @var{exp} using @var{guile}, with @var{exp}'s +imported modules in its search path. Look up @var{exp}'s modules in +@var{module-path}. + +The example below builds a script that simply invokes the @command{ls} +command: + +@example +(use-modules (guix gexp) (gnu packages base)) + +(gexp->script "list-files" + #~(execl #$(file-append coreutils "/bin/ls") + "ls")) +@end example + +When ``running'' it through the store (@pxref{La monad du dépôt, +@code{run-with-store}}), we obtain a derivation that produces an executable +file @file{/gnu/store/@dots{}-list-files} along these lines: + +@example +#!/gnu/store/@dots{}-guile-2.0.11/bin/guile -ds +!# +(execl "/gnu/store/@dots{}-coreutils-8.22"/bin/ls" "ls") +@end example +@end deffn + +@deffn {Scheme Procedure} program-file @var{name} @var{exp} @ + [#:guile #f] [#:module-path %load-path] Return an object representing the +executable store item @var{name} that runs @var{gexp}. @var{guile} is the +Guile package used to execute that script. Imported modules of @var{gexp} +are looked up in @var{module-path}. + +This is the declarative counterpart of @code{gexp->script}. +@end deffn + +@deffn {Monadic Procedure} gexp->file @var{name} @var{exp} @ + [#:set-load-path? #t] [#:module-path %load-path] @ [#:splice? #f] @ [#:guile +(default-guile)] Return a derivation that builds a file @var{name} +containing @var{exp}. When @var{splice?} is true, @var{exp} is considered +to be a list of expressions that will be spliced in the resulting file. + +When @var{set-load-path?} is true, emit code in the resulting file to set +@code{%load-path} and @code{%load-compiled-path} to honor @var{exp}'s +imported modules. Look up @var{exp}'s modules in @var{module-path}. + +The resulting file holds references to all the dependencies of @var{exp} or +a subset thereof. +@end deffn + +@deffn {Scheme Procedure} scheme-file @var{name} @var{exp} [#:splice? #f] +Return an object representing the Scheme file @var{name} that contains +@var{exp}. + +This is the declarative counterpart of @code{gexp->file}. +@end deffn + +@deffn {Monadic Procedure} text-file* @var{name} @var{text} @dots{} +Return as a monadic value a derivation that builds a text file containing +all of @var{text}. @var{text} may list, in addition to strings, objects of +any type that can be used in a gexp: packages, derivations, local file +objects, etc. The resulting store file holds references to all these. + +This variant should be preferred over @code{text-file} anytime the file to +create will reference items from the store. This is typically the case when +building a configuration file that embeds store file names, like this: + +@example +(define (profile.sh) + ;; Return the name of a shell script in the store that + ;; initializes the 'PATH' environment variable. + (text-file* "profile.sh" + "export PATH=" coreutils "/bin:" + grep "/bin:" sed "/bin\n")) +@end example + +In this example, the resulting @file{/gnu/store/@dots{}-profile.sh} file +will reference @var{coreutils}, @var{grep}, and @var{sed}, thereby +preventing them from being garbage-collected during its lifetime. +@end deffn + +@deffn {Scheme Procedure} mixed-text-file @var{name} @var{text} @dots{} +Return an object representing store file @var{name} containing @var{text}. +@var{text} is a sequence of strings and file-like objects, as in: + +@example +(mixed-text-file "profile" + "export PATH=" coreutils "/bin:" grep "/bin") +@end example + +This is the declarative counterpart of @code{text-file*}. +@end deffn + +@deffn {Scheme Procedure} file-union @var{name} @var{files} +Return a @code{} that builds a directory containing all of +@var{files}. Each item in @var{files} must be a two-element list where the +first element is the file name to use in the new directory, and the second +element is a gexp denoting the target file. Here's an example: + +@example +(file-union "etc" + `(("hosts" ,(plain-file "hosts" + "127.0.0.1 localhost")) + ("bashrc" ,(plain-file "bashrc" + "alias ls='ls --color'")))) +@end example + +This yields an @code{etc} directory containing these two files. +@end deffn + +@deffn {Scheme Procedure} directory-union @var{name} @var{things} +Return a directory that is the union of @var{things}, where @var{things} is +a list of file-like objects denoting directories. For example: + +@example +(directory-union "guile+emacs" (list guile emacs)) +@end example + +yields a directory that is the union of the @code{guile} and @code{emacs} +packages. +@end deffn + +@deffn {Scheme Procedure} file-append @var{obj} @var{suffix} @dots{} +Return a file-like object that expands to the concatenation of @var{obj} and +@var{suffix}, where @var{obj} is a lowerable object and each @var{suffix} is +a string. + +As an example, consider this gexp: + +@example +(gexp->script "run-uname" + #~(system* #$(file-append coreutils + "/bin/uname"))) +@end example + +The same effect could be achieved with: + +@example +(gexp->script "run-uname" + #~(system* (string-append #$coreutils + "/bin/uname"))) +@end example + +There is one difference though: in the @code{file-append} case, the +resulting script contains the absolute file name as a string, whereas in the +second case, the resulting script contains a @code{(string-append @dots{})} +expression to construct the file name @emph{at run time}. +@end deffn + + +Of course, in addition to gexps embedded in ``host'' code, there are also +modules containing build tools. To make it clear that they are meant to be +used in the build stratum, these modules are kept in the @code{(guix build +@dots{})} name space. + +@cindex lowering, of high-level objects in gexps +Internally, high-level objects are @dfn{lowered}, using their compiler, to +either derivations or store items. For instance, lowering a package yields +a derivation, and lowering a @code{plain-file} yields a store item. This is +achieved using the @code{lower-object} monadic procedure. + +@deffn {Monadic Procedure} lower-object @var{obj} [@var{system}] @ + [#:target #f] Return as a value in @var{%store-monad} the derivation or +store item corresponding to @var{obj} for @var{system}, cross-compiling for +@var{target} if @var{target} is true. @var{obj} must be an object that has +an associated gexp compiler, such as a @code{}. +@end deffn + + +@c ********************************************************************* +@node Utilitaires +@chapter Utilitaires + +This section describes Guix command-line utilities. Some of them are +primarily targeted at developers and users who write new package +definitions, while others are more generally useful. They complement the +Scheme programming interface of Guix in a convenient way. + +@menu +* Invoquer guix build:: Construire des paquets depuis la ligne de + commande. +* Invoquer guix edit:: Modifier les définitions de paquets. +* Invoquer guix download:: Télécharger un fichier et afficher son hash. +* Invoquer guix hash:: Calculer le hash cryptographique d'un fichier. +* Invoquer guix import:: Importer des définitions de paquets. +* Invoquer guix refresh:: Mettre à jour les définitions de paquets. +* Invoquer guix lint:: Trouver des erreurs dans les définitions de + paquets. +* Invoquer guix size:: Profiler l'utilisation du disque. +* Invoquer guix graph:: Visualiser le graphe des paquets. +* Invoquer guix environment:: Mettre en place des environnements de + développement. +* Invoquer guix publish:: Partager des substituts. +* Invoquer guix challenge:: Défier les serveurs de substituts. +* Invoquer guix copy:: Copier vers et depuis un dépôt distant. +* Invoquer guix container:: Isolation de processus. +* Invoquer guix weather:: Mesurer la disponibilité des substituts. +@end menu + +@node Invoquer guix build +@section Invoquer @command{guix build} + +@cindex package building +@cindex @command{guix build} +The @command{guix build} command builds packages or derivations and their +dependencies, and prints the resulting store paths. Note that it does not +modify the user's profile---this is the job of the @command{guix package} +command (@pxref{Invoquer guix package}). Thus, it is mainly useful for +distribution developers. + +The general syntax is: + +@example +guix build @var{options} @var{package-or-derivation}@dots{} +@end example + +As an example, the following command builds the latest versions of Emacs and +of Guile, displays their build logs, and finally displays the resulting +directories: + +@example +guix build emacs guile +@end example + +Similarly, the following command builds all the available packages: + +@example +guix build --quiet --keep-going \ + `guix package -A | cut -f1,2 --output-delimiter=@@` +@end example + +@var{package-or-derivation} may be either the name of a package found in the +software distribution such as @code{coreutils} or @code{coreutils@@8.20}, or +a derivation such as @file{/gnu/store/@dots{}-coreutils-8.19.drv}. In the +former case, a package with the corresponding name (and optionally version) +is searched for among the GNU distribution modules (@pxref{Modules de paquets}). + +Alternatively, the @code{--expression} option may be used to specify a +Scheme expression that evaluates to a package; this is useful when +disambiguating among several same-named packages or package variants is +needed. + +There may be zero or more @var{options}. The available options are +described in the subsections below. + +@menu +* Options de construction communes:: Options de construction pour la + plupart des commandes. +* Options de transformation de paquets:: Créer des variantes de paquets. +* Options de construction supplémentaires:: Options spécifiques à « + guix build ». +* Débogage des échecs de construction:: La vie d'un empaqueteur. +@end menu + +@node Options de construction communes +@subsection Options de construction communes + +A number of options that control the build process are common to +@command{guix build} and other commands that can spawn builds, such as +@command{guix package} or @command{guix archive}. These are the following: + +@table @code + +@item --load-path=@var{directory} +@itemx -L @var{directory} +Add @var{directory} to the front of the package module search path +(@pxref{Modules de paquets}). + +This allows users to define their own packages and make them visible to the +command-line tools. + +@item --keep-failed +@itemx -K +Keep the build tree of failed builds. Thus, if a build fails, its build +tree is kept under @file{/tmp}, in a directory whose name is shown at the +end of the build log. This is useful when debugging build issues. +@xref{Débogage des échecs de construction}, for tips and tricks on how to debug build +issues. + +@item --keep-going +@itemx -k +Keep going when some of the derivations fail to build; return only once all +the builds have either completed or failed. + +The default behavior is to stop as soon as one of the specified derivations +has failed. + +@item --dry-run +@itemx -n +Do not build the derivations. + +@anchor{fallback-option} +@item --fallback +When substituting a pre-built binary fails, fall back to building packages +locally (@pxref{Échec de substitution}). + +@item --substitute-urls=@var{urls} +@anchor{client-substitute-urls} +Consider @var{urls} the whitespace-separated list of substitute source URLs, +overriding the default list of URLs of @command{guix-daemon} +(@pxref{daemon-substitute-urls,, @command{guix-daemon} URLs}). + +Cela signifie que les substituts peuvent être téléchargés depuis @var{urls}, +tant qu'ils sont signés par une clef autorisée par l'administrateur système +(@pxref{Substituts}). + +When @var{urls} is the empty string, substitutes are effectively disabled. + +@item --no-substitutes +Ne pas utiliser de substitut pour les résultats de la +construction. C'est-à-dire, toujours construire localement plutôt que de +permettre le téléchargement de binaires pré-construits (@pxref{Substituts}). + +@item --no-grafts +Do not ``graft'' packages. In practice, this means that package updates +available as grafts are not applied. @xref{Mises à jour de sécurité}, for more +information on grafts. + +@item --rounds=@var{n} +Build each derivation @var{n} times in a row, and raise an error if +consecutive build results are not bit-for-bit identical. + +This is a useful way to detect non-deterministic builds processes. +Non-deterministic build processes are a problem because they make it +practically impossible for users to @emph{verify} whether third-party +binaries are genuine. @xref{Invoquer guix challenge}, for more. + +Note that, currently, the differing build results are not kept around, so +you will have to manually investigate in case of an error---e.g., by +stashing one of the build results with @code{guix archive --export} +(@pxref{Invoquer guix archive}), then rebuilding, and finally comparing the +two results. + +@item --no-build-hook +Do not attempt to offload builds @i{via} the ``build hook'' of the daemon +(@pxref{Réglages du délestage du démon}). That is, always build things locally +instead of offloading builds to remote machines. + +@item --max-silent-time=@var{seconds} +When the build or substitution process remains silent for more than +@var{seconds}, terminate it and report a build failure. + +By default, the daemon's setting is honored (@pxref{Invoquer guix-daemon, +@code{--max-silent-time}}). + +@item --timeout=@var{seconds} +Likewise, when the build or substitution process lasts for more than +@var{seconds}, terminate it and report a build failure. + +By default, the daemon's setting is honored (@pxref{Invoquer guix-daemon, +@code{--timeout}}). + +@item --verbosity=@var{level} +Use the given verbosity level. @var{level} must be an integer between 0 and +5; higher means more verbose output. Setting a level of 4 or more may be +helpful when debugging setup issues with the build daemon. + +@item --cores=@var{n} +@itemx -c @var{n} +Allow the use of up to @var{n} CPU cores for the build. The special value +@code{0} means to use as many CPU cores as available. + +@item --max-jobs=@var{n} +@itemx -M @var{n} +Allow at most @var{n} build jobs in parallel. @xref{Invoquer guix-daemon, +@code{--max-jobs}}, for details about this option and the equivalent +@command{guix-daemon} option. + +@end table + +Behind the scenes, @command{guix build} is essentially an interface to the +@code{package-derivation} procedure of the @code{(guix packages)} module, +and to the @code{build-derivations} procedure of the @code{(guix +derivations)} module. + +In addition to options explicitly passed on the command line, @command{guix +build} and other @command{guix} commands that support building honor the +@code{GUIX_BUILD_OPTIONS} environment variable. + +@defvr {Environment Variable} GUIX_BUILD_OPTIONS +Users can define this variable to a list of command line options that will +automatically be used by @command{guix build} and other @command{guix} +commands that can perform builds, as in the example below: + +@example +$ export GUIX_BUILD_OPTIONS="--no-substitutes -c 2 -L /foo/bar" +@end example + +These options are parsed independently, and the result is appended to the +parsed command-line options. +@end defvr + + +@node Options de transformation de paquets +@subsection Options de transformation de paquets + +@cindex package variants +Another set of command-line options supported by @command{guix build} and +also @command{guix package} are @dfn{package transformation options}. These +are options that make it possible to define @dfn{package variants}---for +instance, packages built from different source code. This is a convenient +way to create customized packages on the fly without having to type in the +definitions of package variants (@pxref{Définition des paquets}). + +@table @code + +@item --with-source=@var{source} +@itemx --with-source=@var{package}=@var{source} +@itemx --with-source=@var{package}@@@var{version}=@var{source} +Use @var{source} as the source of @var{package}, and @var{version} as its +version number. @var{source} must be a file name or a URL, as for +@command{guix download} (@pxref{Invoquer guix download}). + +When @var{package} is omitted, it is taken to be the package name specified +on the command line that matches the base of @var{source}---e.g., if +@var{source} is @code{/src/guile-2.0.10.tar.gz}, the corresponding package +is @code{guile}. + +Likewise, when @var{version} is omitted, the version string is inferred from +@var{source}; in the previous example, it is @code{2.0.10}. + +This option allows users to try out versions of packages other than the one +provided by the distribution. The example below downloads +@file{ed-1.7.tar.gz} from a GNU mirror and uses that as the source for the +@code{ed} package: + +@example +guix build ed --with-source=mirror://gnu/ed/ed-1.7.tar.gz +@end example + +As a developer, @code{--with-source} makes it easy to test release +candidates: + +@example +guix build guile --with-source=../guile-2.0.9.219-e1bb7.tar.xz +@end example + +@dots{} or to build from a checkout in a pristine environment: + +@example +$ git clone git://git.sv.gnu.org/guix.git +$ guix build guix --with-source=guix@@1.0=./guix +@end example + +@item --with-input=@var{package}=@var{replacement} +Replace dependency on @var{package} by a dependency on @var{replacement}. +@var{package} must be a package name, and @var{replacement} must be a +package specification such as @code{guile} or @code{guile@@1.8}. + +For instance, the following command builds Guix, but replaces its dependency +on the current stable version of Guile with a dependency on the legacy +version of Guile, @code{guile@@2.0}: + +@example +guix build --with-input=guile=guile@@2.0 guix +@end example + +This is a recursive, deep replacement. So in this example, both @code{guix} +and its dependency @code{guile-json} (which also depends on @code{guile}) +get rebuilt against @code{guile@@2.0}. + +This is implemented using the @code{package-input-rewriting} Scheme +procedure (@pxref{Définition des paquets, @code{package-input-rewriting}}). + +@item --with-graft=@var{package}=@var{replacement} +This is similar to @code{--with-input} but with an important difference: +instead of rebuilding the whole dependency chain, @var{replacement} is built +and then @dfn{grafted} onto the binaries that were initially referring to +@var{package}. @xref{Mises à jour de sécurité}, for more information on grafts. + +For example, the command below grafts version 3.5.4 of GnuTLS onto Wget and +all its dependencies, replacing references to the version of GnuTLS they +currently refer to: + +@example +guix build --with-graft=gnutls=gnutls@@3.5.4 wget +@end example + +This has the advantage of being much faster than rebuilding everything. But +there is a caveat: it works if and only if @var{package} and +@var{replacement} are strictly compatible---for example, if they provide a +library, the application binary interface (ABI) of those libraries must be +compatible. If @var{replacement} is somehow incompatible with +@var{package}, then the resulting package may be unusable. Use with care! + +@end table + +@node Options de construction supplémentaires +@subsection Options de construction supplémentaires + +The command-line options presented below are specific to @command{guix +build}. + +@table @code + +@item --quiet +@itemx -q +Build quietly, without displaying the build log. Upon completion, the build +log is kept in @file{/var} (or similar) and can always be retrieved using +the @option{--log-file} option. + +@item --file=@var{file} +@itemx -f @var{file} + +Build the package or derivation that the code within @var{file} evaluates +to. + +As an example, @var{file} might contain a package definition like this +(@pxref{Définition des paquets}): + +@example +@verbatiminclude package-hello.scm +@end example + +@item --expression=@var{expr} +@itemx -e @var{expr} +Build the package or derivation @var{expr} evaluates to. + +For example, @var{expr} may be @code{(@@ (gnu packages guile) guile-1.8)}, +which unambiguously designates this specific variant of version 1.8 of +Guile. + +Alternatively, @var{expr} may be a G-expression, in which case it is used as +a build program passed to @code{gexp->derivation} (@pxref{G-Expressions}). + +Lastly, @var{expr} may refer to a zero-argument monadic procedure +(@pxref{La monad du dépôt}). The procedure must return a derivation as a +monadic value, which is then passed through @code{run-with-store}. + +@item --source +@itemx -S +Build the source derivations of the packages, rather than the packages +themselves. + +For instance, @code{guix build -S gcc} returns something like +@file{/gnu/store/@dots{}-gcc-4.7.2.tar.bz2}, which is the GCC source +tarball. + +The returned source tarball is the result of applying any patches and code +snippets specified in the package @code{origin} (@pxref{Définition des paquets}). + +@item --sources +Fetch and return the source of @var{package-or-derivation} and all their +dependencies, recursively. This is a handy way to obtain a local copy of +all the source code needed to build @var{packages}, allowing you to +eventually build them even without network access. It is an extension of +the @code{--source} option and can accept one of the following optional +argument values: + +@table @code +@item package +This value causes the @code{--sources} option to behave in the same way as +the @code{--source} option. + +@item all +Build the source derivations of all packages, including any source that +might be listed as @code{inputs}. This is the default value. + +@example +$ guix build --sources tzdata +The following derivations will be built: + /gnu/store/@dots{}-tzdata2015b.tar.gz.drv + /gnu/store/@dots{}-tzcode2015b.tar.gz.drv +@end example + +@item transitive +Build the source derivations of all packages, as well of all transitive +inputs to the packages. This can be used e.g. to prefetch package source +for later offline building. + +@example +$ guix build --sources=transitive tzdata +The following derivations will be built: + /gnu/store/@dots{}-tzcode2015b.tar.gz.drv + /gnu/store/@dots{}-findutils-4.4.2.tar.xz.drv + /gnu/store/@dots{}-grep-2.21.tar.xz.drv + /gnu/store/@dots{}-coreutils-8.23.tar.xz.drv + /gnu/store/@dots{}-make-4.1.tar.xz.drv + /gnu/store/@dots{}-bash-4.3.tar.xz.drv +@dots{} +@end example + +@end table + +@item --system=@var{system} +@itemx -s @var{system} +Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of the +system type of the build host. + +@quotation Note +The @code{--system} flag is for @emph{native} compilation and must not be +confused with cross-compilation. See @code{--target} below for information +on cross-compilation. +@end quotation + +An example use of this is on Linux-based systems, which can emulate +different personalities. For instance, passing @code{--system=i686-linux} +on an @code{x86_64-linux} system allows you to build packages in a complete +32-bit environment. + +Similarly, when transparent emulation with QEMU and @code{binfmt_misc} is +enabled (@pxref{Virtualization Services, @code{qemu-binfmt-service-type}}), +you can build for any system for which a QEMU @code{binfmt_misc} handler is +installed. + +Builds for a system other than that of the machine you are using can also be +offloaded to a remote machine of the right architecture. @xref{Réglages du délestage du démon}, for more information on offloading. + +@item --target=@var{triplet} +@cindex cross-compilation +Cross-build for @var{triplet}, which must be a valid GNU triplet, such as +@code{"mips64el-linux-gnu"} (@pxref{Specifying target triplets, GNU +configuration triplets,, autoconf, Autoconf}). + +@anchor{build-check} +@item --check +@cindex déterminisme, vérification +@cindex reproductibilité, vérification +Rebuild @var{package-or-derivation}, which are already available in the +store, and raise an error if the build results are not bit-for-bit +identical. + +Ce mécanisme vous permet de vérifier si les substituts précédemment +installés sont authentiques (@pxref{Substituts}) ou si le résultat de la +construction d'un paquet est déterministe. @xref{Invoquer guix challenge} +pour plus d'informations et pour les outils. + +When used in conjunction with @option{--keep-failed}, the differing output +is kept in the store, under @file{/gnu/store/@dots{}-check}. This makes it +easy to look for differences between the two results. + +@item --repair +@cindex repairing store items +@cindex corruption, recovering from +Attempt to repair the specified store items, if they are corrupt, by +re-downloading or rebuilding them. + +This operation is not atomic and thus restricted to @code{root}. + +@item --derivations +@itemx -d +Return the derivation paths, not the output paths, of the given packages. + +@item --root=@var{file} +@itemx -r @var{file} +@cindex GC roots, adding +@cindex garbage collector roots, adding +Make @var{file} a symlink to the result, and register it as a garbage +collector root. + +Consequently, the results of this @command{guix build} invocation are +protected from garbage collection until @var{file} is removed. When that +option is omitted, build results are eligible for garbage collection as soon +as the build completes. @xref{Invoquer guix gc}, for more on GC roots. + +@item --log-file +@cindex build logs, access +Return the build log file names or URLs for the given +@var{package-or-derivation}, or raise an error if build logs are missing. + +This works regardless of how packages or derivations are specified. For +instance, the following invocations are equivalent: + +@example +guix build --log-file `guix build -d guile` +guix build --log-file `guix build guile` +guix build --log-file guile +guix build --log-file -e '(@@ (gnu packages guile) guile-2.0)' +@end example + +If a log is unavailable locally, and unless @code{--no-substitutes} is +passed, the command looks for a corresponding log on one of the substitute +servers (as specified with @code{--substitute-urls}.) + +So for instance, imagine you want to see the build log of GDB on MIPS, but +you are actually on an @code{x86_64} machine: + +@example +$ guix build --log-file gdb -s mips64el-linux +https://hydra.gnu.org/log/@dots{}-gdb-7.10 +@end example + +You can freely access a huge library of build logs! +@end table + +@node Débogage des échecs de construction +@subsection Débogage des échecs de construction + +@cindex build failures, debugging +When defining a new package (@pxref{Définition des paquets}), you will probably +find yourself spending some time debugging and tweaking the build until it +succeeds. To do that, you need to operate the build commands yourself in an +environment as close as possible to the one the build daemon uses. + +To that end, the first thing to do is to use the @option{--keep-failed} or +@option{-K} option of @command{guix build}, which will keep the failed build +tree in @file{/tmp} or whatever directory you specified as @code{TMPDIR} +(@pxref{Invoquer guix build, @code{--keep-failed}}). + +From there on, you can @command{cd} to the failed build tree and source the +@file{environment-variables} file, which contains all the environment +variable definitions that were in place when the build failed. So let's say +you're debugging a build failure in package @code{foo}; a typical session +would look like this: + +@example +$ guix build foo -K +@dots{} @i{build fails} +$ cd /tmp/guix-build-foo.drv-0 +$ source ./environment-variables +$ cd foo-1.2 +@end example + +Now, you can invoke commands as if you were the daemon (almost) and +troubleshoot your build process. + +Sometimes it happens that, for example, a package's tests pass when you run +them manually but they fail when the daemon runs them. This can happen +because the daemon runs builds in containers where, unlike in our +environment above, network access is missing, @file{/bin/sh} does not exist, +etc. (@pxref{Réglages de l'environnement de construction}). + +In such cases, you may need to run inspect the build process from within a +container similar to the one the build daemon creates: + +@example +$ guix build -K foo +@dots{} +$ cd /tmp/guix-build-foo.drv-0 +$ guix environment --no-grafts -C foo --ad-hoc strace gdb +[env]# source ./environment-variables +[env]# cd foo-1.2 +@end example + +Here, @command{guix environment -C} creates a container and spawns a new +shell in it (@pxref{Invoquer guix environment}). The @command{--ad-hoc +strace gdb} part adds the @command{strace} and @command{gdb} commands to the +container, which would may find handy while debugging. The +@option{--no-grafts} option makes sure we get the exact same environment, +with ungrafted packages (@pxref{Mises à jour de sécurité}, for more info on grafts). + +To get closer to a container like that used by the build daemon, we can +remove @file{/bin/sh}: + +@example +[env]# rm /bin/sh +@end example + +(Don't worry, this is harmless: this is all happening in the throw-away +container created by @command{guix environment}.) + +The @command{strace} command is probably not in the search path, but we can +run: + +@example +[env]# $GUIX_ENVIRONMENT/bin/strace -f -o log make check +@end example + +In this way, not only you will have reproduced the environment variables the +daemon uses, you will also be running the build process in a container +similar to the one the daemon uses. + + +@node Invoquer guix edit +@section Invoking @command{guix edit} + +@cindex @command{guix edit} +@cindex package definition, editing +So many packages, so many source files! The @command{guix edit} command +facilitates the life of users and packagers by pointing their editor at the +source file containing the definition of the specified packages. For +instance: + +@example +guix edit gcc@@4.9 vim +@end example + +@noindent +launches the program specified in the @code{VISUAL} or in the @code{EDITOR} +environment variable to view the recipe of GCC@tie{}4.9.3 and that of Vim. + +If you are using a Guix Git checkout (@pxref{Construire depuis Git}), or have +created your own packages on @code{GUIX_PACKAGE_PATH} (@pxref{Définition des paquets}), you will be able to edit the package recipes. Otherwise, you +will be able to examine the read-only recipes for packages currently in the +store. + + +@node Invoquer guix download +@section Invoking @command{guix download} + +@cindex @command{guix download} +@cindex downloading package sources +When writing a package definition, developers typically need to download a +source tarball, compute its SHA256 hash, and write that hash in the package +definition (@pxref{Définition des paquets}). The @command{guix download} tool +helps with this task: it downloads a file from the given URI, adds it to the +store, and prints both its file name in the store and its SHA256 hash. + +The fact that the downloaded file is added to the store saves bandwidth: +when the developer eventually tries to build the newly defined package with +@command{guix build}, the source tarball will not have to be downloaded +again because it is already in the store. It is also a convenient way to +temporarily stash files, which may be deleted eventually (@pxref{Invoquer guix gc}). + +The @command{guix download} command supports the same URIs as used in +package definitions. In particular, it supports @code{mirror://} URIs. +@code{https} URIs (HTTP over TLS) are supported @emph{provided} the Guile +bindings for GnuTLS are available in the user's environment; when they are +not available, an error is raised. @xref{Guile Preparations, how to install +the GnuTLS bindings for Guile,, gnutls-guile, GnuTLS-Guile}, for more +information. + +@command{guix download} verifies HTTPS server certificates by loading the +certificates of X.509 authorities from the directory pointed to by the +@code{SSL_CERT_DIR} environment variable (@pxref{Certificats X.509}), +unless @option{--no-check-certificate} is used. + +The following options are available: + +@table @code +@item --format=@var{fmt} +@itemx -f @var{fmt} +Write the hash in the format specified by @var{fmt}. For more information +on the valid values for @var{fmt}, @pxref{Invoquer guix hash}. + +@item --no-check-certificate +Do not validate the X.509 certificates of HTTPS servers. + +When using this option, you have @emph{absolutely no guarantee} that you are +communicating with the authentic server responsible for the given URL, which +makes you vulnerable to ``man-in-the-middle'' attacks. + +@item --output=@var{file} +@itemx -o @var{file} +Save the downloaded file to @var{file} instead of adding it to the store. +@end table + +@node Invoquer guix hash +@section Invoking @command{guix hash} + +@cindex @command{guix hash} +The @command{guix hash} command computes the SHA256 hash of a file. It is +primarily a convenience tool for anyone contributing to the distribution: it +computes the cryptographic hash of a file, which can be used in the +definition of a package (@pxref{Définition des paquets}). + +The general syntax is: + +@example +guix hash @var{option} @var{file} +@end example + +When @var{file} is @code{-} (a hyphen), @command{guix hash} computes the +hash of data read from standard input. @command{guix hash} has the +following options: + +@table @code + +@item --format=@var{fmt} +@itemx -f @var{fmt} +Write the hash in the format specified by @var{fmt}. + +Supported formats: @code{nix-base32}, @code{base32}, @code{base16} +(@code{hex} and @code{hexadecimal} can be used as well). + +If the @option{--format} option is not specified, @command{guix hash} will +output the hash in @code{nix-base32}. This representation is used in the +definitions of packages. + +@item --recursive +@itemx -r +Compute the hash on @var{file} recursively. + +@c FIXME: Replace xref above with xref to an ``Archive'' section when +@c it exists. +In this case, the hash is computed on an archive containing @var{file}, +including its children if it is a directory. Some of the metadata of +@var{file} is part of the archive; for instance, when @var{file} is a +regular file, the hash is different depending on whether @var{file} is +executable or not. Metadata such as time stamps has no impact on the hash +(@pxref{Invoquer guix archive}). + +@item --exclude-vcs +@itemx -x +When combined with @option{--recursive}, exclude version control system +directories (@file{.bzr}, @file{.git}, @file{.hg}, etc.) + +@vindex git-fetch +As an example, here is how you would compute the hash of a Git checkout, +which is useful when using the @code{git-fetch} method (@pxref{Référence d'origine}): + +@example +$ git clone http://example.org/foo.git +$ cd foo +$ guix hash -rx . +@end example +@end table + +@node Invoquer guix import +@section Invoking @command{guix import} + +@cindex importing packages +@cindex package import +@cindex package conversion +@cindex Invoking @command{guix import} +The @command{guix import} command is useful for people who would like to add +a package to the distribution with as little work as possible---a legitimate +demand. The command knows of a few repositories from which it can +``import'' package metadata. The result is a package definition, or a +template thereof, in the format we know (@pxref{Définition des paquets}). + +The general syntax is: + +@example +guix import @var{importer} @var{options}@dots{} +@end example + +@var{importer} specifies the source from which to import package metadata, +and @var{options} specifies a package identifier and other options specific +to @var{importer}. Currently, the available ``importers'' are: + +@table @code +@item gnu +Import metadata for the given GNU package. This provides a template for the +latest version of that GNU package, including the hash of its source +tarball, and its canonical synopsis and description. + +Additional information such as the package dependencies and its license +needs to be figured out manually. + +For example, the following command returns a package definition for +GNU@tie{}Hello: + +@example +guix import gnu hello +@end example + +Specific command-line options are: + +@table @code +@item --key-download=@var{policy} +As for @code{guix refresh}, specify the policy to handle missing OpenPGP +keys when verifying the package signature. @xref{Invoquer guix refresh, +@code{--key-download}}. +@end table + +@item pypi +@cindex pypi +Import metadata from the @uref{https://pypi.python.org/, Python Package +Index}@footnote{This functionality requires Guile-JSON to be installed. +@xref{Prérequis}.}. Information is taken from the JSON-formatted +description available at @code{pypi.python.org} and usually includes all the +relevant information, including package dependencies. For maximum +efficiency, it is recommended to install the @command{unzip} utility, so +that the importer can unzip Python wheels and gather data from them. + +The command below imports metadata for the @code{itsdangerous} Python +package: + +@example +guix import pypi itsdangerous +@end example + +@item gem +@cindex gem +Import metadata from @uref{https://rubygems.org/, RubyGems}@footnote{This +functionality requires Guile-JSON to be installed. @xref{Prérequis}.}. +Information is taken from the JSON-formatted description available at +@code{rubygems.org} and includes most relevant information, including +runtime dependencies. There are some caveats, however. The metadata +doesn't distinguish between synopses and descriptions, so the same string is +used for both fields. Additionally, the details of non-Ruby dependencies +required to build native extensions is unavailable and left as an exercise +to the packager. + +The command below imports metadata for the @code{rails} Ruby package: + +@example +guix import gem rails +@end example + +@item cpan +@cindex CPAN +Import metadata from @uref{https://www.metacpan.org/, +MetaCPAN}@footnote{This functionality requires Guile-JSON to be installed. +@xref{Prérequis}.}. Information is taken from the JSON-formatted +metadata provided through @uref{https://fastapi.metacpan.org/, MetaCPAN's +API} and includes most relevant information, such as module dependencies. +License information should be checked closely. If Perl is available in the +store, then the @code{corelist} utility will be used to filter core modules +out of the list of dependencies. + +The command command below imports metadata for the @code{Acme::Boolean} Perl +module: + +@example +guix import cpan Acme::Boolean +@end example + +@item cran +@cindex CRAN +@cindex Bioconductor +Import metadata from @uref{https://cran.r-project.org/, CRAN}, the central +repository for the @uref{http://r-project.org, GNU@tie{}R statistical and +graphical environment}. + +Information is extracted from the @code{DESCRIPTION} file of the package. + +The command command below imports metadata for the @code{Cairo} R package: + +@example +guix import cran Cairo +@end example + +When @code{--recursive} is added, the importer will traverse the dependency +graph of the given upstream package recursively and generate package +expressions for all those packages that are not yet in Guix. + +When @code{--archive=bioconductor} is added, metadata is imported from +@uref{https://www.bioconductor.org/, Bioconductor}, a repository of R +packages for for the analysis and comprehension of high-throughput genomic +data in bioinformatics. + +Information is extracted from the @code{DESCRIPTION} file of a package +published on the web interface of the Bioconductor SVN repository. + +The command below imports metadata for the @code{GenomicRanges} R package: + +@example +guix import cran --archive=bioconductor GenomicRanges +@end example + +@item texlive +@cindex TeX Live +@cindex CTAN +Import metadata from @uref{http://www.ctan.org/, CTAN}, the comprehensive +TeX archive network for TeX packages that are part of the +@uref{https://www.tug.org/texlive/, TeX Live distribution}. + +Information about the package is obtained through the XML API provided by +CTAN, while the source code is downloaded from the SVN repository of the Tex +Live project. This is done because the CTAN does not keep versioned +archives. + +The command command below imports metadata for the @code{fontspec} TeX +package: + +@example +guix import texlive fontspec +@end example + +When @code{--archive=DIRECTORY} is added, the source code is downloaded not +from the @file{latex} sub-directory of the @file{texmf-dist/source} tree in +the TeX Live SVN repository, but from the specified sibling directory under +the same root. + +The command below imports metadata for the @code{ifxetex} package from CTAN +while fetching the sources from the directory @file{texmf/source/generic}: + +@example +guix import texlive --archive=generic ifxetex +@end example + +@item json +@cindex JSON, import +Import package metadata from a local JSON file@footnote{This functionality +requires Guile-JSON to be installed. @xref{Prérequis}.}. Consider the +following example package definition in JSON format: + +@example +@{ + "name": "hello", + "version": "2.10", + "source": "mirror://gnu/hello/hello-2.10.tar.gz", + "build-system": "gnu", + "home-page": "https://www.gnu.org/software/hello/", + "synopsis": "Hello, GNU world: An example GNU package", + "description": "GNU Hello prints a greeting.", + "license": "GPL-3.0+", + "native-inputs": ["gcc@@6"] +@} +@end example + +The field names are the same as for the @code{} record +(@xref{Définition des paquets}). References to other packages are provided as +JSON lists of quoted package specification strings such as @code{guile} or +@code{guile@@2.0}. + +The importer also supports a more explicit source definition using the +common fields for @code{} records: + +@example +@{ + @dots{} + "source": @{ + "method": "url-fetch", + "uri": "mirror://gnu/hello/hello-2.10.tar.gz", + "sha256": @{ + "base32": "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i" + @} + @} + @dots{} +@} +@end example + +The command below reads metadata from the JSON file @code{hello.json} and +outputs a package expression: + +@example +guix import json hello.json +@end example + +@item nix +Import metadata from a local copy of the source of the +@uref{http://nixos.org/nixpkgs/, Nixpkgs distribution}@footnote{This relies +on the @command{nix-instantiate} command of @uref{http://nixos.org/nix/, +Nix}.}. Package definitions in Nixpkgs are typically written in a mixture +of Nix-language and Bash code. This command only imports the high-level +package structure that is written in the Nix language. It normally includes +all the basic fields of a package definition. + +When importing a GNU package, the synopsis and descriptions are replaced by +their canonical upstream variant. + +Usually, you will first need to do: + +@example +export NIX_REMOTE=daemon +@end example + +@noindent +so that @command{nix-instantiate} does not try to open the Nix database. + +As an example, the command below imports the package definition of +LibreOffice (more precisely, it imports the definition of the package bound +to the @code{libreoffice} top-level attribute): + +@example +guix import nix ~/path/to/nixpkgs libreoffice +@end example + +@item hackage +@cindex hackage +Import metadata from the Haskell community's central package archive +@uref{https://hackage.haskell.org/, Hackage}. Information is taken from +Cabal files and includes all the relevant information, including package +dependencies. + +Specific command-line options are: + +@table @code +@item --stdin +@itemx -s +Read a Cabal file from standard input. +@item --no-test-dependencies +@itemx -t +Do not include dependencies required only by the test suites. +@item --cabal-environment=@var{alist} +@itemx -e @var{alist} +@var{alist} is a Scheme alist defining the environment in which the Cabal +conditionals are evaluated. The accepted keys are: @code{os}, @code{arch}, +@code{impl} and a string representing the name of a flag. The value +associated with a flag has to be either the symbol @code{true} or +@code{false}. The value associated with other keys has to conform to the +Cabal file format definition. The default value associated with the keys +@code{os}, @code{arch} and @code{impl} is @samp{linux}, @samp{x86_64} and +@samp{ghc}, respectively. +@end table + +The command below imports metadata for the latest version of the @code{HTTP} +Haskell package without including test dependencies and specifying the value +of the flag @samp{network-uri} as @code{false}: + +@example +guix import hackage -t -e "'((\"network-uri\" . false))" HTTP +@end example + +A specific package version may optionally be specified by following the +package name by an at-sign and a version number as in the following example: + +@example +guix import hackage mtl@@2.1.3.1 +@end example + +@item stackage +@cindex stackage +The @code{stackage} importer is a wrapper around the @code{hackage} one. It +takes a package name, looks up the package version included in a long-term +support (LTS) @uref{https://www.stackage.org, Stackage} release and uses the +@code{hackage} importer to retrieve its metadata. Note that it is up to you +to select an LTS release compatible with the GHC compiler used by Guix. + +Specific command-line options are: + +@table @code +@item --no-test-dependencies +@itemx -t +Do not include dependencies required only by the test suites. +@item --lts-version=@var{version} +@itemx -r @var{version} +@var{version} is the desired LTS release version. If omitted the latest +release is used. +@end table + +The command below imports metadata for the @code{HTTP} Haskell package +included in the LTS Stackage release version 7.18: + +@example +guix import stackage --lts-version=7.18 HTTP +@end example + +@item elpa +@cindex elpa +Import metadata from an Emacs Lisp Package Archive (ELPA) package repository +(@pxref{Packages,,, emacs, The GNU Emacs Manual}). + +Specific command-line options are: + +@table @code +@item --archive=@var{repo} +@itemx -a @var{repo} +@var{repo} identifies the archive repository from which to retrieve the +information. Currently the supported repositories and their identifiers +are: +@itemize - +@item +@uref{http://elpa.gnu.org/packages, GNU}, selected by the @code{gnu} +identifier. This is the default. + +Packages from @code{elpa.gnu.org} are signed with one of the keys contained +in the GnuPG keyring at @file{share/emacs/25.1/etc/package-keyring.gpg} (or +similar) in the @code{emacs} package (@pxref{Package Installation, ELPA +package signatures,, emacs, The GNU Emacs Manual}). + +@item +@uref{http://stable.melpa.org/packages, MELPA-Stable}, selected by the +@code{melpa-stable} identifier. + +@item +@uref{http://melpa.org/packages, MELPA}, selected by the @code{melpa} +identifier. +@end itemize +@end table + +@item crate +@cindex crate +Import metadata from the crates.io Rust package repository +@uref{https://crates.io, crates.io}. +@end table + +The structure of the @command{guix import} code is modular. It would be +useful to have more importers for other package formats, and your help is +welcome here (@pxref{Contribuer}). + +@node Invoquer guix refresh +@section Invoking @command{guix refresh} + +@cindex @command{guix refresh} +The primary audience of the @command{guix refresh} command is developers of +the GNU software distribution. By default, it reports any packages provided +by the distribution that are outdated compared to the latest upstream +version, like this: + +@example +$ guix refresh +gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1 +gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0 +@end example + +Alternately, one can specify packages to consider, in which case a warning +is emitted for packages that lack an updater: + +@example +$ guix refresh coreutils guile guile-ssh +gnu/packages/ssh.scm:205:2: warning: no updater for guile-ssh +gnu/packages/guile.scm:136:12: guile would be upgraded from 2.0.12 to 2.0.13 +@end example + +@command{guix refresh} browses the upstream repository of each package and +determines the highest version number of the releases therein. The command +knows how to update specific types of packages: GNU packages, ELPA packages, +etc.---see the documentation for @option{--type} below. There are many +packages, though, for which it lacks a method to determine whether a new +upstream release is available. However, the mechanism is extensible, so +feel free to get in touch with us to add a new method! + +Sometimes the upstream name differs from the package name used in Guix, and +@command{guix refresh} needs a little help. Most updaters honor the +@code{upstream-name} property in package definitions, which can be used to +that effect: + +@example +(define-public network-manager + (package + (name "network-manager") + ;; @dots{} + (properties '((upstream-name . "NetworkManager"))))) +@end example + +When passed @code{--update}, it modifies distribution source files to update +the version numbers and source tarball hashes of those package recipes +(@pxref{Définition des paquets}). This is achieved by downloading each package's +latest source tarball and its associated OpenPGP signature, authenticating +the downloaded tarball against its signature using @command{gpg}, and +finally computing its hash. When the public key used to sign the tarball is +missing from the user's keyring, an attempt is made to automatically +retrieve it from a public key server; when this is successful, the key is +added to the user's keyring; otherwise, @command{guix refresh} reports an +error. + +The following options are supported: + +@table @code + +@item --expression=@var{expr} +@itemx -e @var{expr} +Consider the package @var{expr} evaluates to. + +This is useful to precisely refer to a package, as in this example: + +@example +guix refresh -l -e '(@@@@ (gnu packages commencement) glibc-final)' +@end example + +This command lists the dependents of the ``final'' libc (essentially all the +packages.) + +@item --update +@itemx -u +Update distribution source files (package recipes) in place. This is +usually run from a checkout of the Guix source tree (@pxref{Lancer Guix avant qu'il ne soit installé}): + +@example +$ ./pre-inst-env guix refresh -s non-core -u +@end example + +@xref{Définition des paquets}, for more information on package definitions. + +@item --select=[@var{subset}] +@itemx -s @var{subset} +Select all the packages in @var{subset}, one of @code{core} or +@code{non-core}. + +The @code{core} subset refers to all the packages at the core of the +distribution---i.e., packages that are used to build ``everything else''. +This includes GCC, libc, Binutils, Bash, etc. Usually, changing one of +these packages in the distribution entails a rebuild of all the others. +Thus, such updates are an inconvenience to users in terms of build time or +bandwidth used to achieve the upgrade. + +The @code{non-core} subset refers to the remaining packages. It is +typically useful in cases where an update of the core packages would be +inconvenient. + +@item --manifest=@var{file} +@itemx -m @var{file} +Select all the packages from the manifest in @var{file}. This is useful to +check if any packages of the user manifest can be updated. + +@item --type=@var{updater} +@itemx -t @var{updater} +Select only packages handled by @var{updater} (may be a comma-separated list +of updaters). Currently, @var{updater} may be one of: + +@table @code +@item gnu +the updater for GNU packages; +@item gnome +the updater for GNOME packages; +@item kde +the updater for KDE packages; +@item xorg +the updater for X.org packages; +@item kernel.org +the updater for packages hosted on kernel.org; +@item elpa +the updater for @uref{http://elpa.gnu.org/, ELPA} packages; +@item cran +the updater for @uref{https://cran.r-project.org/, CRAN} packages; +@item bioconductor +the updater for @uref{https://www.bioconductor.org/, Bioconductor} R +packages; +@item cpan +the updater for @uref{http://www.cpan.org/, CPAN} packages; +@item pypi +the updater for @uref{https://pypi.python.org, PyPI} packages. +@item gem +the updater for @uref{https://rubygems.org, RubyGems} packages. +@item github +the updater for @uref{https://github.com, GitHub} packages. +@item hackage +the updater for @uref{https://hackage.haskell.org, Hackage} packages. +@item stackage +the updater for @uref{https://www.stackage.org, Stackage} packages. +@item crate +the updater for @uref{https://crates.io, Crates} packages. +@end table + +For instance, the following command only checks for updates of Emacs +packages hosted at @code{elpa.gnu.org} and for updates of CRAN packages: + +@example +$ guix refresh --type=elpa,cran +gnu/packages/statistics.scm:819:13: r-testthat would be upgraded from 0.10.0 to 0.11.0 +gnu/packages/emacs.scm:856:13: emacs-auctex would be upgraded from 11.88.6 to 11.88.9 +@end example + +@end table + +In addition, @command{guix refresh} can be passed one or more package names, +as in this example: + +@example +$ ./pre-inst-env guix refresh -u emacs idutils gcc@@4.8 +@end example + +@noindent +The command above specifically updates the @code{emacs} and @code{idutils} +packages. The @code{--select} option would have no effect in this case. + +When considering whether to upgrade a package, it is sometimes convenient to +know which packages would be affected by the upgrade and should be checked +for compatibility. For this the following option may be used when passing +@command{guix refresh} one or more package names: + +@table @code + +@item --list-updaters +@itemx -L +List available updaters and exit (see @option{--type} above.) + +For each updater, display the fraction of packages it covers; at the end, +display the fraction of packages covered by all these updaters. + +@item --list-dependent +@itemx -l +List top-level dependent packages that would need to be rebuilt as a result +of upgrading one or more packages. + +@xref{Invoquer guix graph, the @code{reverse-package} type of @command{guix +graph}}, for information on how to visualize the list of dependents of a +package. + +@end table + +Be aware that the @code{--list-dependent} option only @emph{approximates} +the rebuilds that would be required as a result of an upgrade. More +rebuilds might be required under some circumstances. + +@example +$ guix refresh --list-dependent flex +Building the following 120 packages would ensure 213 dependent packages are rebuilt: +hop@@2.4.0 geiser@@0.4 notmuch@@0.18 mu@@0.9.9.5 cflow@@1.4 idutils@@4.6 @dots{} +@end example + +The command above lists a set of packages that could be built to check for +compatibility with an upgraded @code{flex} package. + +The following options can be used to customize GnuPG operation: + +@table @code + +@item --gpg=@var{command} +Use @var{command} as the GnuPG 2.x command. @var{command} is searched for +in @code{$PATH}. + +@item --key-download=@var{policy} +Handle missing OpenPGP keys according to @var{policy}, which may be one of: + +@table @code +@item always +Always download missing OpenPGP keys from the key server, and add them to +the user's GnuPG keyring. + +@item never +Never try to download missing OpenPGP keys. Instead just bail out. + +@item interactive +When a package signed with an unknown OpenPGP key is encountered, ask the +user whether to download it or not. This is the default behavior. +@end table + +@item --key-server=@var{host} +Use @var{host} as the OpenPGP key server when importing a public key. + +@end table + +The @code{github} updater uses the @uref{https://developer.github.com/v3/, +GitHub API} to query for new releases. When used repeatedly e.g. when +refreshing all packages, GitHub will eventually refuse to answer any further +API requests. By default 60 API requests per hour are allowed, and a full +refresh on all GitHub packages in Guix requires more than this. +Authentication with GitHub through the use of an API token alleviates these +limits. To use an API token, set the environment variable +@code{GUIX_GITHUB_TOKEN} to a token procured from +@uref{https://github.com/settings/tokens} or otherwise. + + +@node Invoquer guix lint +@section Invoking @command{guix lint} + +@cindex @command{guix lint} +@cindex package, checking for errors +The @command{guix lint} command is meant to help package developers avoid +common errors and use a consistent style. It runs a number of checks on a +given set of packages in order to find common mistakes in their +definitions. Available @dfn{checkers} include (see @code{--list-checkers} +for a complete list): + +@table @code +@item synopsis +@itemx description +Validate certain typographical and stylistic rules about package +descriptions and synopses. + +@item inputs-should-be-native +Identify inputs that should most likely be native inputs. + +@item source +@itemx home-page +@itemx mirror-url +@itemx source-file-name +Probe @code{home-page} and @code{source} URLs and report those that are +invalid. Suggest a @code{mirror://} URL when applicable. Check that the +source file name is meaningful, e.g. is not just a version number or +``git-checkout'', without a declared @code{file-name} (@pxref{Référence d'origine}). + +@item cve +@cindex security vulnerabilities +@cindex CVE, Common Vulnerabilities and Exposures +Report known vulnerabilities found in the Common Vulnerabilities and +Exposures (CVE) databases of the current and past year +@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US NIST}. + +To view information about a particular vulnerability, visit pages such as: + +@itemize +@item +@indicateurl{https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-YYYY-ABCD} +@item +@indicateurl{https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-YYYY-ABCD} +@end itemize + +@noindent +where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g., +@code{CVE-2015-7554}. + +Package developers can specify in package recipes the +@uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)} name +and version of the package when they differ from the name that Guix uses, as +in this example: + +@example +(package + (name "grub") + ;; @dots{} + ;; CPE calls this package "grub2". + (properties '((cpe-name . "grub2")))) +@end example + +@item formatting +Warn about obvious source code formatting issues: trailing white space, use +of tabulations, etc. +@end table + +The general syntax is: + +@example +guix lint @var{options} @var{package}@dots{} +@end example + +If no package is given on the command line, then all packages are checked. +The @var{options} may be zero or more of the following: + +@table @code +@item --list-checkers +@itemx -l +List and describe all the available checkers that will be run on packages +and exit. + +@item --checkers +@itemx -c +Only enable the checkers specified in a comma-separated list using the names +returned by @code{--list-checkers}. + +@end table + +@node Invoquer guix size +@section Invoking @command{guix size} + +@cindex size +@cindex package size +@cindex closure +@cindex @command{guix size} +The @command{guix size} command helps package developers profile the disk +usage of packages. It is easy to overlook the impact of an additional +dependency added to a package, or the impact of using a single output for a +package that could easily be split (@pxref{Des paquets avec plusieurs résultats}). Such are the typical issues that @command{guix size} can +highlight. + +The command can be passed a package specification such as @code{gcc@@4.8} or +@code{guile:debug}, or a file name in the store. Consider this example: + +@example +$ guix size coreutils +store item total self +/gnu/store/@dots{}-coreutils-8.23 70.0 13.9 19.8% +/gnu/store/@dots{}-gmp-6.0.0a 55.3 2.5 3.6% +/gnu/store/@dots{}-acl-2.2.52 53.7 0.5 0.7% +/gnu/store/@dots{}-attr-2.4.46 53.2 0.3 0.5% +/gnu/store/@dots{}-gcc-4.8.4-lib 52.9 15.7 22.4% +/gnu/store/@dots{}-glibc-2.21 37.2 37.2 53.1% +@end example + +@cindex closure +The store items listed here constitute the @dfn{transitive closure} of +Coreutils---i.e., Coreutils and all its dependencies, recursively---as would +be returned by: + +@example +$ guix gc -R /gnu/store/@dots{}-coreutils-8.23 +@end example + +Here the output shows three columns next to store items. The first column, +labeled ``total'', shows the size in mebibytes (MiB) of the closure of the +store item---that is, its own size plus the size of all its dependencies. +The next column, labeled ``self'', shows the size of the item itself. The +last column shows the ratio of the size of the item itself to the space +occupied by all the items listed here. + +In this example, we see that the closure of Coreutils weighs in at +70@tie{}MiB, half of which is taken by libc. (That libc represents a large +fraction of the closure is not a problem @i{per se} because it is always +available on the system anyway.) + +When the package passed to @command{guix size} is available in the store, +@command{guix size} queries the daemon to determine its dependencies, and +measures its size in the store, similar to @command{du -ms --apparent-size} +(@pxref{du invocation,,, coreutils, GNU Coreutils}). + +Lorsque le paquet donné n'est @emph{pas} dans le dépôt, @command{guix size} +rapporte les informations en se basant sur les substituts disponibles +(@pxref{Substituts}). Cela permet de profiler l'utilisation du disque des +éléments du dépôt qui ne sont pas sur le disque, mais seulement disponibles +à distance. + +You can also specify several package names: + +@example +$ guix size coreutils grep sed bash +store item total self +/gnu/store/@dots{}-coreutils-8.24 77.8 13.8 13.4% +/gnu/store/@dots{}-grep-2.22 73.1 0.8 0.8% +/gnu/store/@dots{}-bash-4.3.42 72.3 4.7 4.6% +/gnu/store/@dots{}-readline-6.3 67.6 1.2 1.2% +@dots{} +total: 102.3 MiB +@end example + +@noindent +In this example we see that the combination of the four packages takes +102.3@tie{}MiB in total, which is much less than the sum of each closure +since they have a lot of dependencies in common. + +The available options are: + +@table @option + +@item --substitute-urls=@var{urls} +Use substitute information from @var{urls}. @xref{client-substitute-urls, +the same option for @code{guix build}}. + +@item --sort=@var{key} +Sort lines according to @var{key}, one of the following options: + +@table @code +@item self +the size of each item (the default); +@item closure +the total size of the item's closure. +@end table + +@item --map-file=@var{file} +Write a graphical map of disk usage in PNG format to @var{file}. + +For the example above, the map looks like this: + +@image{images/coreutils-size-map,5in,, map of Coreutils disk usage produced +by @command{guix size}} + +This option requires that +@uref{http://wingolog.org/software/guile-charting/, Guile-Charting} be +installed and visible in Guile's module search path. When that is not the +case, @command{guix size} fails as it tries to load it. + +@item --system=@var{system} +@itemx -s @var{system} +Consider packages for @var{system}---e.g., @code{x86_64-linux}. + +@end table + +@node Invoquer guix graph +@section Invoking @command{guix graph} + +@cindex DAG +@cindex @command{guix graph} +@cindex package dependencies +Packages and their dependencies form a @dfn{graph}, specifically a directed +acyclic graph (DAG). It can quickly become difficult to have a mental model +of the package DAG, so the @command{guix graph} command provides a visual +representation of the DAG. By default, @command{guix graph} emits a DAG +representation in the input format of @uref{http://www.graphviz.org/, +Graphviz}, so its output can be passed directly to the @command{dot} command +of Graphviz. It can also emit an HTML page with embedded JavaScript code to +display a ``chord diagram'' in a Web browser, using the +@uref{https://d3js.org/, d3.js} library, or emit Cypher queries to construct +a graph in a graph database supporting the @uref{http://www.opencypher.org/, +openCypher} query language. The general syntax is: + +@example +guix graph @var{options} @var{package}@dots{} +@end example + +For example, the following command generates a PDF file representing the +package DAG for the GNU@tie{}Core Utilities, showing its build-time +dependencies: + +@example +guix graph coreutils | dot -Tpdf > dag.pdf +@end example + +The output looks like this: + +@image{images/coreutils-graph,2in,,Dependency graph of the GNU Coreutils} + +Nice little graph, no? + +But there is more than one graph! The one above is concise: it is the graph +of package objects, omitting implicit inputs such as GCC, libc, grep, etc. +It is often useful to have such a concise graph, but sometimes one may want +to see more details. @command{guix graph} supports several types of graphs, +allowing you to choose the level of detail: + +@table @code +@item package +This is the default type used in the example above. It shows the DAG of +package objects, excluding implicit dependencies. It is concise, but +filters out many details. + +@item reverse-package +This shows the @emph{reverse} DAG of packages. For example: + +@example +guix graph --type=reverse-package ocaml +@end example + +... yields the graph of packages that depend on OCaml. + +Note that for core packages this can yield huge graphs. If all you want is +to know the number of packages that depend on a given package, use +@command{guix refresh --list-dependent} (@pxref{Invoquer guix refresh, +@option{--list-dependent}}). + +@item bag-emerged +This is the package DAG, @emph{including} implicit inputs. + +For instance, the following command: + +@example +guix graph --type=bag-emerged coreutils | dot -Tpdf > dag.pdf +@end example + +... yields this bigger graph: + +@image{images/coreutils-bag-graph,,5in,Detailed dependency graph of the GNU +Coreutils} + +At the bottom of the graph, we see all the implicit inputs of +@var{gnu-build-system} (@pxref{Systèmes de construction, @code{gnu-build-system}}). + +Now, note that the dependencies of these implicit inputs---that is, the +@dfn{bootstrap dependencies} (@pxref{Bootstrapping})---are not shown here, +for conciseness. + +@item bag +Similar to @code{bag-emerged}, but this time including all the bootstrap +dependencies. + +@item bag-with-origins +Similar to @code{bag}, but also showing origins and their dependencies. + +@item derivation +This is the most detailed representation: It shows the DAG of derivations +(@pxref{Dérivations}) and plain store items. Compared to the above +representation, many additional nodes are visible, including build scripts, +patches, Guile modules, etc. + +For this type of graph, it is also possible to pass a @file{.drv} file name +instead of a package name, as in: + +@example +guix graph -t derivation `guix system build -d my-config.scm` +@end example + +@item module +This is the graph of @dfn{package modules} (@pxref{Modules de paquets}). For +example, the following command shows the graph for the package module that +defines the @code{guile} package: + +@example +guix graph -t module guile | dot -Tpdf > module-graph.pdf +@end example +@end table + +All the types above correspond to @emph{build-time dependencies}. The +following graph type represents the @emph{run-time dependencies}: + +@table @code +@item references +This is the graph of @dfn{references} of a package output, as returned by +@command{guix gc --references} (@pxref{Invoquer guix gc}). + +If the given package output is not available in the store, @command{guix +graph} attempts to obtain dependency information from substitutes. + +Here you can also pass a store file name instead of a package name. For +example, the command below produces the reference graph of your profile +(which can be big!): + +@example +guix graph -t references `readlink -f ~/.guix-profile` +@end example + +@item referrers +This is the graph of the @dfn{referrers} of a store item, as returned by +@command{guix gc --referrers} (@pxref{Invoquer guix gc}). + +This relies exclusively on local information from your store. For instance, +let us suppose that the current Inkscape is available in 10 profiles on your +machine; @command{guix graph -t referrers inkscape} will show a graph rooted +at Inkscape and with those 10 profiles linked to it. + +It can help determine what is preventing a store item from being garbage +collected. + +@end table + +The available options are the following: + +@table @option +@item --type=@var{type} +@itemx -t @var{type} +Produce a graph output of @var{type}, where @var{type} must be one of the +values listed above. + +@item --list-types +List the supported graph types. + +@item --backend=@var{backend} +@itemx -b @var{backend} +Produce a graph using the selected @var{backend}. + +@item --list-backends +List the supported graph backends. + +Currently, the available backends are Graphviz and d3.js. + +@item --expression=@var{expr} +@itemx -e @var{expr} +Consider the package @var{expr} evaluates to. + +This is useful to precisely refer to a package, as in this example: + +@example +guix graph -e '(@@@@ (gnu packages commencement) gnu-make-final)' +@end example +@end table + + +@node Invoquer guix environment +@section Invoking @command{guix environment} + +@cindex reproducible build environments +@cindex development environments +@cindex @command{guix environment} +@cindex environment, package build environment +The purpose of @command{guix environment} is to assist hackers in creating +reproducible development environments without polluting their package +profile. The @command{guix environment} tool takes one or more packages, +builds all of their inputs, and creates a shell environment to use them. + +The general syntax is: + +@example +guix environment @var{options} @var{package}@dots{} +@end example + +The following example spawns a new shell set up for the development of +GNU@tie{}Guile: + +@example +guix environment guile +@end example + +If the needed dependencies are not built yet, @command{guix environment} +automatically builds them. The environment of the new shell is an augmented +version of the environment that @command{guix environment} was run in. It +contains the necessary search paths for building the given package added to +the existing environment variables. To create a ``pure'' environment, in +which the original environment variables have been unset, use the +@code{--pure} option@footnote{Users sometimes wrongfully augment environment +variables such as @code{PATH} in their @file{~/.bashrc} file. As a +consequence, when @code{guix environment} launches it, Bash may read +@file{~/.bashrc}, thereby introducing ``impurities'' in these environment +variables. It is an error to define such environment variables in +@file{.bashrc}; instead, they should be defined in @file{.bash_profile}, +which is sourced only by log-in shells. @xref{Bash Startup Files,,, bash, +The GNU Bash Reference Manual}, for details on Bash start-up files.}. + +@vindex GUIX_ENVIRONMENT +@command{guix environment} defines the @code{GUIX_ENVIRONMENT} variable in +the shell it spawns; its value is the file name of the profile of this +environment. This allows users to, say, define a specific prompt for +development environments in their @file{.bashrc} (@pxref{Bash Startup +Files,,, bash, The GNU Bash Reference Manual}): + +@example +if [ -n "$GUIX_ENVIRONMENT" ] +then + export PS1="\u@@\h \w [dev]\$ " +fi +@end example + +@noindent +... or to browse the profile: + +@example +$ ls "$GUIX_ENVIRONMENT/bin" +@end example + +Additionally, more than one package may be specified, in which case the +union of the inputs for the given packages are used. For example, the +command below spawns a shell where all of the dependencies of both Guile and +Emacs are available: + +@example +guix environment guile emacs +@end example + +Sometimes an interactive shell session is not desired. An arbitrary command +may be invoked by placing the @code{--} token to separate the command from +the rest of the arguments: + +@example +guix environment guile -- make -j4 +@end example + +In other situations, it is more convenient to specify the list of packages +needed in the environment. For example, the following command runs +@command{python} from an environment containing Python@tie{}2.7 and NumPy: + +@example +guix environment --ad-hoc python2-numpy python-2.7 -- python +@end example + +Furthermore, one might want the dependencies of a package and also some +additional packages that are not build-time or runtime dependencies, but are +useful when developing nonetheless. Because of this, the @code{--ad-hoc} +flag is positional. Packages appearing before @code{--ad-hoc} are +interpreted as packages whose dependencies will be added to the +environment. Packages appearing after are interpreted as packages that will +be added to the environment directly. For example, the following command +creates a Guix development environment that additionally includes Git and +strace: + +@example +guix environment guix --ad-hoc git strace +@end example + +Sometimes it is desirable to isolate the environment as much as possible, +for maximal purity and reproducibility. In particular, when using Guix on a +host distro that is not GuixSD, it is desirable to prevent access to +@file{/usr/bin} and other system-wide resources from the development +environment. For example, the following command spawns a Guile REPL in a +``container'' where only the store and the current working directory are +mounted: + +@example +guix environment --ad-hoc --container guile -- guile +@end example + +@quotation Note +The @code{--container} option requires Linux-libre 3.19 or newer. +@end quotation + +The available options are summarized below. + +@table @code +@item --root=@var{file} +@itemx -r @var{file} +@cindex persistent environment +@cindex garbage collector root, for environments +Make @var{file} a symlink to the profile for this environment, and register +it as a garbage collector root. + +This is useful if you want to protect your environment from garbage +collection, to make it ``persistent''. + +When this option is omitted, the environment is protected from garbage +collection only for the duration of the @command{guix environment} session. +This means that next time you recreate the same environment, you could have +to rebuild or re-download packages. @xref{Invoquer guix gc}, for more on GC +roots. + +@item --expression=@var{expr} +@itemx -e @var{expr} +Create an environment for the package or list of packages that @var{expr} +evaluates to. + +For example, running: + +@example +guix environment -e '(@@ (gnu packages maths) petsc-openmpi)' +@end example + +starts a shell with the environment for this specific variant of the PETSc +package. + +Running: + +@example +guix environment --ad-hoc -e '(@@ (gnu) %base-packages)' +@end example + +starts a shell with all the GuixSD base packages available. + +The above commands only use the default output of the given packages. To +select other outputs, two element tuples can be specified: + +@example +guix environment --ad-hoc -e '(list (@@ (gnu packages bash) bash) "include")' +@end example + +@item --load=@var{file} +@itemx -l @var{file} +Create an environment for the package or list of packages that the code +within @var{file} evaluates to. + +As an example, @var{file} might contain a definition like this +(@pxref{Définition des paquets}): + +@example +@verbatiminclude environment-gdb.scm +@end example + +@item --manifest=@var{file} +@itemx -m @var{file} +Create an environment for the packages contained in the manifest object +returned by the Scheme code in @var{file}. + +This is similar to the same-named option in @command{guix package} +(@pxref{profile-manifest, @option{--manifest}}) and uses the same manifest +files. + +@item --ad-hoc +Include all specified packages in the resulting environment, as if an @i{ad +hoc} package were defined with them as inputs. This option is useful for +quickly creating an environment without having to write a package expression +to contain the desired inputs. + +For instance, the command: + +@example +guix environment --ad-hoc guile guile-sdl -- guile +@end example + +runs @command{guile} in an environment where Guile and Guile-SDL are +available. + +Note that this example implicitly asks for the default output of +@code{guile} and @code{guile-sdl}, but it is possible to ask for a specific +output---e.g., @code{glib:bin} asks for the @code{bin} output of @code{glib} +(@pxref{Des paquets avec plusieurs résultats}). + +This option may be composed with the default behavior of @command{guix +environment}. Packages appearing before @code{--ad-hoc} are interpreted as +packages whose dependencies will be added to the environment, the default +behavior. Packages appearing after are interpreted as packages that will be +added to the environment directly. + +@item --pure +Unset existing environment variables when building the new environment. +This has the effect of creating an environment in which search paths only +contain package inputs. + +@item --search-paths +Display the environment variable definitions that make up the environment. + +@item --system=@var{system} +@itemx -s @var{system} +Attempt to build for @var{system}---e.g., @code{i686-linux}. + +@item --container +@itemx -C +@cindex container +Run @var{command} within an isolated container. The current working +directory outside the container is mapped inside the container. +Additionally, unless overridden with @code{--user}, a dummy home directory +is created that matches the current user's home directory, and +@file{/etc/passwd} is configured accordingly. The spawned process runs as +the current user outside the container, but has root privileges in the +context of the container. + +@item --network +@itemx -N +For containers, share the network namespace with the host system. +Containers created without this flag only have access to the loopback +device. + +@item --link-profile +@itemx -P +For containers, link the environment profile to @file{~/.guix-profile} +within the container. This is equivalent to running the command @command{ln +-s $GUIX_ENVIRONMENT ~/.guix-profile} within the container. Linking will +fail and abort the environment if the directory already exists, which will +certainly be the case if @command{guix environment} was invoked in the +user's home directory. + +Certain packages are configured to look in @code{~/.guix-profile} for +configuration files and data;@footnote{For example, the @code{fontconfig} +package inspects @file{~/.guix-profile/share/fonts} for additional fonts.} +@code{--link-profile} allows these programs to behave as expected within the +environment. + +@item --user=@var{user} +@itemx -u @var{user} +For containers, use the username @var{user} in place of the current user. +The generated @file{/etc/passwd} entry within the container will contain the +name @var{user}; the home directory will be @file{/home/USER}; and no user +GECOS data will be copied. @var{user} need not exist on the system. + +Additionally, any shared or exposed path (see @code{--share} and +@code{--expose} respectively) whose target is within the current user's home +directory will be remapped relative to @file{/home/USER}; this includes the +automatic mapping of the current working directory. + +@example +# will expose paths as /home/foo/wd, /home/foo/test, and /home/foo/target +cd $HOME/wd +guix environment --container --user=foo \ + --expose=$HOME/test \ + --expose=/tmp/target=$HOME/target +@end example + +While this will limit the leaking of user identity through home paths and +each of the user fields, this is only one useful component of a broader +privacy/anonymity solution---not one in and of itself. + +@item --expose=@var{source}[=@var{target}] +For containers, expose the file system @var{source} from the host system as +the read-only file system @var{target} within the container. If +@var{target} is not specified, @var{source} is used as the target mount +point in the container. + +The example below spawns a Guile REPL in a container in which the user's +home directory is accessible read-only via the @file{/exchange} directory: + +@example +guix environment --container --expose=$HOME=/exchange --ad-hoc guile -- guile +@end example + +@item --share=@var{source}[=@var{target}] +For containers, share the file system @var{source} from the host system as +the writable file system @var{target} within the container. If @var{target} +is not specified, @var{source} is used as the target mount point in the +container. + +The example below spawns a Guile REPL in a container in which the user's +home directory is accessible for both reading and writing via the +@file{/exchange} directory: + +@example +guix environment --container --share=$HOME=/exchange --ad-hoc guile -- guile +@end example +@end table + +@command{guix environment} also supports all of the common build options +that @command{guix build} supports (@pxref{Options de construction communes}). + + +@node Invoquer guix publish +@section Invoking @command{guix publish} + +@cindex @command{guix publish} +Le but de @command{guix publish} est de vous permettre de partager +facilement votre dépôt avec d'autres personnes qui peuvent ensuite +l'utiliser comme serveur de substituts (@pxref{Substituts}). + +When @command{guix publish} runs, it spawns an HTTP server which allows +anyone with network access to obtain substitutes from it. This means that +any machine running Guix can also act as if it were a build farm, since the +HTTP interface is compatible with Hydra, the software behind the +@code{hydra.gnu.org} build farm. + +Pour des raisons de sécurité, chaque substitut est signé, ce qui permet aux +destinataires de vérifier leur authenticité et leur intégrité +(@pxref{Substituts}). Comme @command{guix publish} utilise la clef de +signature du système, qui n'est lisible que par l'administrateur système, il +doit être lancé en root ; l'option @code{--user} lui fait baisser ses +privilèges le plus tôt possible. + +The signing key pair must be generated before @command{guix publish} is +launched, using @command{guix archive --generate-key} (@pxref{Invoquer guix archive}). + +The general syntax is: + +@example +guix publish @var{options}@dots{} +@end example + +Running @command{guix publish} without any additional arguments will spawn +an HTTP server on port 8080: + +@example +guix publish +@end example + +Once a publishing server has been authorized (@pxref{Invoquer guix archive}), the daemon may download substitutes from it: + +@example +guix-daemon --substitute-urls=http://example.org:8080 +@end example + +By default, @command{guix publish} compresses archives on the fly as it +serves them. This ``on-the-fly'' mode is convenient in that it requires no +setup and is immediately available. However, when serving lots of clients, +we recommend using the @option{--cache} option, which enables caching of the +archives before they are sent to clients---see below for details. The +@command{guix weather} command provides a handy way to check what a server +provides (@pxref{Invoquer guix weather}). + +As a bonus, @command{guix publish} also serves as a content-addressed mirror +for source files referenced in @code{origin} records (@pxref{Référence d'origine}). For instance, assuming @command{guix publish} is running on +@code{example.org}, the following URL returns the raw +@file{hello-2.10.tar.gz} file with the given SHA256 hash (represented in +@code{nix-base32} format, @pxref{Invoquer guix hash}): + +@example +http://example.org/file/hello-2.10.tar.gz/sha256/0ssi1@dots{}ndq1i +@end example + +Obviously, these URLs only work for files that are in the store; in other +cases, they return 404 (``Not Found''). + +@cindex build logs, publication +Build logs are available from @code{/log} URLs like: + +@example +http://example.org/log/gwspk@dots{}-guile-2.2.3 +@end example + +@noindent +When @command{guix-daemon} is configured to save compressed build logs, as +is the case by default (@pxref{Invoquer guix-daemon}), @code{/log} URLs +return the compressed log as-is, with an appropriate @code{Content-Type} +and/or @code{Content-Encoding} header. We recommend running +@command{guix-daemon} with @code{--log-compression=gzip} since Web browsers +can automatically decompress it, which is not the case with bzip2 +compression. + +The following options are available: + +@table @code +@item --port=@var{port} +@itemx -p @var{port} +Listen for HTTP requests on @var{port}. + +@item --listen=@var{host} +Listen on the network interface for @var{host}. The default is to accept +connections from any interface. + +@item --user=@var{user} +@itemx -u @var{user} +Change privileges to @var{user} as soon as possible---i.e., once the server +socket is open and the signing key has been read. + +@item --compression[=@var{level}] +@itemx -C [@var{level}] +Compress data using the given @var{level}. When @var{level} is zero, +disable compression. The range 1 to 9 corresponds to different gzip +compression levels: 1 is the fastest, and 9 is the best (CPU-intensive). +The default is 3. + +Unless @option{--cache} is used, compression occurs on the fly and the +compressed streams are not cached. Thus, to reduce load on the machine that +runs @command{guix publish}, it may be a good idea to choose a low +compression level, to run @command{guix publish} behind a caching proxy, or +to use @option{--cache}. Using @option{--cache} has the advantage that it +allows @command{guix publish} to add @code{Content-Length} HTTP header to +its responses. + +@item --cache=@var{directory} +@itemx -c @var{directory} +Cache archives and meta-data (@code{.narinfo} URLs) to @var{directory} and +only serve archives that are in cache. + +When this option is omitted, archives and meta-data are created on-the-fly. +This can reduce the available bandwidth, especially when compression is +enabled, since this may become CPU-bound. Another drawback of the default +mode is that the length of archives is not known in advance, so +@command{guix publish} does not add a @code{Content-Length} HTTP header to +its responses, which in turn prevents clients from knowing the amount of +data being downloaded. + +Conversely, when @option{--cache} is used, the first request for a store +item (@i{via} a @code{.narinfo} URL) returns 404 and triggers a background +process to @dfn{bake} the archive---computing its @code{.narinfo} and +compressing the archive, if needed. Once the archive is cached in +@var{directory}, subsequent requests succeed and are served directly from +the cache, which guarantees that clients get the best possible bandwidth. + +The ``baking'' process is performed by worker threads. By default, one +thread per CPU core is created, but this can be customized. See +@option{--workers} below. + +When @option{--ttl} is used, cached entries are automatically deleted when +they have expired. + +@item --workers=@var{N} +When @option{--cache} is used, request the allocation of @var{N} worker +threads to ``bake'' archives. + +@item --ttl=@var{ttl} +Produce @code{Cache-Control} HTTP headers that advertise a time-to-live +(TTL) of @var{ttl}. @var{ttl} must denote a duration: @code{5d} means 5 +days, @code{1m} means 1 month, and so on. + +This allows the user's Guix to keep substitute information in cache for +@var{ttl}. However, note that @code{guix publish} does not itself guarantee +that the store items it provides will indeed remain available for as long as +@var{ttl}. + +Additionally, when @option{--cache} is used, cached entries that have not +been accessed for @var{ttl} and that no longer have a corresponding item in +the store, may be deleted. + +@item --nar-path=@var{path} +Use @var{path} as the prefix for the URLs of ``nar'' files (@pxref{Invoquer guix archive, normalized archives}). + +By default, nars are served at a URL such as +@code{/nar/gzip/@dots{}-coreutils-8.25}. This option allows you to change +the @code{/nar} part to @var{path}. + +@item --public-key=@var{file} +@itemx --private-key=@var{file} +Use the specific @var{file}s as the public/private key pair used to sign the +store items being published. + +The files must correspond to the same key pair (the private key is used for +signing and the public key is merely advertised in the signature metadata). +They must contain keys in the canonical s-expression format as produced by +@command{guix archive --generate-key} (@pxref{Invoquer guix archive}). By +default, @file{/etc/guix/signing-key.pub} and +@file{/etc/guix/signing-key.sec} are used. + +@item --repl[=@var{port}] +@itemx -r [@var{port}] +Spawn a Guile REPL server (@pxref{REPL Servers,,, guile, GNU Guile Reference +Manual}) on @var{port} (37146 by default). This is used primarily for +debugging a running @command{guix publish} server. +@end table + +Enabling @command{guix publish} on a GuixSD system is a one-liner: just +instantiate a @code{guix-publish-service-type} service in the +@code{services} field of the @code{operating-system} declaration +(@pxref{guix-publish-service-type, @code{guix-publish-service-type}}). + +If you are instead running Guix on a ``foreign distro'', follow these +instructions:” + +@itemize +@item +If your host distro uses the systemd init system: + +@example +# ln -s ~root/.guix-profile/lib/systemd/system/guix-publish.service \ + /etc/systemd/system/ +# systemctl start guix-publish && systemctl enable guix-publish +@end example + +@item +If your host distro uses the Upstart init system: + +@example +# ln -s ~root/.guix-profile/lib/upstart/system/guix-publish.conf /etc/init/ +# start guix-publish +@end example + +@item +Otherwise, proceed similarly with your distro's init system. +@end itemize + +@node Invoquer guix challenge +@section Invoking @command{guix challenge} + +@cindex reproducible builds +@cindex verifiable builds +@cindex @command{guix challenge} +@cindex challenge +Do the binaries provided by this server really correspond to the source code +it claims to build? Is a package build process deterministic? These are the +questions the @command{guix challenge} command attempts to answer. + +La première question est évidemment importante : avant d'utiliser un serveur +de substituts (@pxref{Substituts}), il vaut mieux @emph{vérifier} qu'il +fournit les bons binaires et donc le @emph{défier}. La deuxième est ce qui +permet la première : si les constructions des paquets sont déterministes +alors des constructions indépendantes du paquet devraient donner le même +résultat, bit à bit ; si un serveur fournit un binaire différent de celui +obtenu localement, il peut être soit corrompu, soit malveillant. + +We know that the hash that shows up in @file{/gnu/store} file names is the +hash of all the inputs of the process that built the file or +directory---compilers, libraries, build scripts, +etc. (@pxref{Introduction}). Assuming deterministic build processes, one +store file name should map to exactly one build output. @command{guix +challenge} checks whether there is, indeed, a single mapping by comparing +the build outputs of several independent builds of any given store item. + +The command output looks like this: + +@smallexample +$ guix challenge --substitute-urls="https://hydra.gnu.org https://guix.example.org" +updating list of substitutes from 'https://hydra.gnu.org'... 100.0% +updating list of substitutes from 'https://guix.example.org'... 100.0% +/gnu/store/@dots{}-openssl-1.0.2d contents differ: + local hash: 0725l22r5jnzazaacncwsvp9kgf42266ayyp814v7djxs7nk963q + https://hydra.gnu.org/nar/@dots{}-openssl-1.0.2d: 0725l22r5jnzazaacncwsvp9kgf42266ayyp814v7djxs7nk963q + https://guix.example.org/nar/@dots{}-openssl-1.0.2d: 1zy4fmaaqcnjrzzajkdn3f5gmjk754b43qkq47llbyak9z0qjyim +/gnu/store/@dots{}-git-2.5.0 contents differ: + local hash: 00p3bmryhjxrhpn2gxs2fy0a15lnip05l97205pgbk5ra395hyha + https://hydra.gnu.org/nar/@dots{}-git-2.5.0: 069nb85bv4d4a6slrwjdy8v1cn4cwspm3kdbmyb81d6zckj3nq9f + https://guix.example.org/nar/@dots{}-git-2.5.0: 0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73 +/gnu/store/@dots{}-pius-2.1.1 contents differ: + local hash: 0k4v3m9z1zp8xzzizb7d8kjj72f9172xv078sq4wl73vnq9ig3ax + https://hydra.gnu.org/nar/@dots{}-pius-2.1.1: 0k4v3m9z1zp8xzzizb7d8kjj72f9172xv078sq4wl73vnq9ig3ax + https://guix.example.org/nar/@dots{}-pius-2.1.1: 1cy25x1a4fzq5rk0pmvc8xhwyffnqz95h2bpvqsz2mpvlbccy0gs + +@dots{} + +6,406 store items were analyzed: + - 4,749 (74.1%) were identical + - 525 (8.2%) differed + - 1,132 (17.7%) were inconclusive +@end smallexample + +@noindent +In this example, @command{guix challenge} first scans the store to determine +the set of locally-built derivations---as opposed to store items that were +downloaded from a substitute server---and then queries all the substitute +servers. It then reports those store items for which the servers obtained a +result different from the local build. + +@cindex non-determinism, in package builds +As an example, @code{guix.example.org} always gets a different answer. +Conversely, @code{hydra.gnu.org} agrees with local builds, except in the +case of Git. This might indicate that the build process of Git is +non-deterministic, meaning that its output varies as a function of various +things that Guix does not fully control, in spite of building packages in +isolated environments (@pxref{Fonctionnalités}). Most common sources of +non-determinism include the addition of timestamps in build results, the +inclusion of random numbers, and directory listings sorted by inode number. +See @uref{https://reproducible-builds.org/docs/}, for more information. + +To find out what is wrong with this Git binary, we can do something along +these lines (@pxref{Invoquer guix archive}): + +@example +$ wget -q -O - https://hydra.gnu.org/nar/@dots{}-git-2.5.0 \ + | guix archive -x /tmp/git +$ diff -ur --no-dereference /gnu/store/@dots{}-git.2.5.0 /tmp/git +@end example + +This command shows the difference between the files resulting from the local +build, and the files resulting from the build on @code{hydra.gnu.org} +(@pxref{Overview, Comparing and Merging Files,, diffutils, Comparing and +Merging Files}). The @command{diff} command works great for text files. +When binary files differ, a better option is @uref{https://diffoscope.org/, +Diffoscope}, a tool that helps visualize differences for all kinds of files. + +Once you have done that work, you can tell whether the differences are due +to a non-deterministic build process or to a malicious server. We try hard +to remove sources of non-determinism in packages to make it easier to verify +substitutes, but of course, this is a process that involves not just Guix, +but a large part of the free software community. In the meantime, +@command{guix challenge} is one tool to help address the problem. + +If you are writing packages for Guix, you are encouraged to check whether +@code{hydra.gnu.org} and other substitute servers obtain the same build +result as you did with: + +@example +$ guix challenge @var{package} +@end example + +@noindent +where @var{package} is a package specification such as @code{guile@@2.0} or +@code{glibc:debug}. + +The general syntax is: + +@example +guix challenge @var{options} [@var{packages}@dots{}] +@end example + +When a difference is found between the hash of a locally-built item and that +of a server-provided substitute, or among substitutes provided by different +servers, the command displays it as in the example above and its exit code +is 2 (other non-zero exit codes denote other kinds of errors.) + +The one option that matters is: + +@table @code + +@item --substitute-urls=@var{urls} +Consider @var{urls} the whitespace-separated list of substitute source URLs +to compare to. + +@item --verbose +@itemx -v +Show details about matches (identical contents) in addition to information +about mismatches. + +@end table + +@node Invoquer guix copy +@section Invoking @command{guix copy} + +@cindex copy, of store items, over SSH +@cindex SSH, copy of store items +@cindex sharing store items across machines +@cindex transferring store items across machines +The @command{guix copy} command copies items from the store of one machine +to that of another machine over a secure shell (SSH) +connection@footnote{This command is available only when Guile-SSH was +found. @xref{Prérequis}, for details.}. For example, the following +command copies the @code{coreutils} package, the user's profile, and all +their dependencies over to @var{host}, logged in as @var{user}: + +@example +guix copy --to=@var{user}@@@var{host} \ + coreutils `readlink -f ~/.guix-profile` +@end example + +If some of the items to be copied are already present on @var{host}, they +are not actually sent. + +The command below retrieves @code{libreoffice} and @code{gimp} from +@var{host}, assuming they are available there: + +@example +guix copy --from=@var{host} libreoffice gimp +@end example + +The SSH connection is established using the Guile-SSH client, which is +compatible with OpenSSH: it honors @file{~/.ssh/known_hosts} and +@file{~/.ssh/config}, and uses the SSH agent for authentication. + +The key used to sign items that are sent must be accepted by the remote +machine. Likewise, the key used by the remote machine to sign items you are +retrieving must be in @file{/etc/guix/acl} so it is accepted by your own +daemon. @xref{Invoquer guix archive}, for more information about store item +authentication. + +The general syntax is: + +@example +guix copy [--to=@var{spec}|--from=@var{spec}] @var{items}@dots{} +@end example + +You must always specify one of the following options: + +@table @code +@item --to=@var{spec} +@itemx --from=@var{spec} +Specify the host to send to or receive from. @var{spec} must be an SSH spec +such as @code{example.org}, @code{charlie@@example.org}, or +@code{charlie@@example.org:2222}. +@end table + +The @var{items} can be either package names, such as @code{gimp}, or store +items, such as @file{/gnu/store/@dots{}-idutils-4.6}. + +When specifying the name of a package to send, it is first built if needed, +unless @option{--dry-run} was specified. Common build options are supported +(@pxref{Options de construction communes}). + + +@node Invoquer guix container +@section Invoking @command{guix container} +@cindex container +@cindex @command{guix container} +@quotation Note +As of version @value{VERSION}, this tool is experimental. The interface is +subject to radical change in the future. +@end quotation + +The purpose of @command{guix container} is to manipulate processes running +within an isolated environment, commonly known as a ``container'', typically +created by the @command{guix environment} (@pxref{Invoquer guix environment}) and @command{guix system container} (@pxref{Invoquer guix system}) commands. + +The general syntax is: + +@example +guix container @var{action} @var{options}@dots{} +@end example + +@var{action} specifies the operation to perform with a container, and +@var{options} specifies the context-specific arguments for the action. + +The following actions are available: + +@table @code +@item exec +Execute a command within the context of a running container. + +The syntax is: + +@example +guix container exec @var{pid} @var{program} @var{arguments}@dots{} +@end example + +@var{pid} specifies the process ID of the running container. @var{program} +specifies an executable file name within the root file system of the +container. @var{arguments} are the additional options that will be passed +to @var{program}. + +The following command launches an interactive login shell inside a GuixSD +container, started by @command{guix system container}, and whose process ID +is 9001: + +@example +guix container exec 9001 /run/current-system/profile/bin/bash --login +@end example + +Note that the @var{pid} cannot be the parent process of a container. It +must be PID 1 of the container or one of its child processes. + +@end table + +@node Invoquer guix weather +@section Invoking @command{guix weather} + +Vous pouvez parfois grogner lorsque les substituts ne sont pas disponibles +et que vous devez construire les paquets vous-même (@pxref{Substituts}). La +commande @command{guix weather} rapporte la disponibilité des substituts sur +les serveurs spécifiés pour que vous sachiez si vous allez raller +aujourd'hui. Cela peut parfois être une information utile pour les +utilisateurs, mais elle est surtout utile pour les personnes qui font +tourner @command{guix publish} (@pxref{Invoquer guix publish}). + +@cindex statistics, for substitutes +@cindex availability of substitutes +@cindex substitute availability +@cindex weather, substitute availability +Here's a sample run: + +@example +$ guix weather --substitute-urls=https://guix.example.org +computing 5,872 package derivations for x86_64-linux... +looking for 6,128 store items on https://guix.example.org.. +updating list of substitutes from 'https://guix.example.org'... 100.0% +https://guix.example.org + 43.4% substitutes available (2,658 out of 6,128) + 7,032.5 MiB of nars (compressed) + 19,824.2 MiB on disk (uncompressed) + 0.030 seconds per request (182.9 seconds in total) + 33.5 requests per second + + 9.8% (342 out of 3,470) of the missing items are queued + 867 queued builds + x86_64-linux: 518 (59.7%) + i686-linux: 221 (25.5%) + aarch64-linux: 128 (14.8%) + build rate: 23.41 builds per hour + x86_64-linux: 11.16 builds per hour + i686-linux: 6.03 builds per hour + aarch64-linux: 6.41 builds per hour +@end example + +@cindex continuous integration, statistics +As you can see, it reports the fraction of all the packages for which +substitutes are available on the server---regardless of whether substitutes +are enabled, and regardless of whether this server's signing key is +authorized. It also reports the size of the compressed archives (``nars'') +provided by the server, the size the corresponding store items occupy in the +store (assuming deduplication is turned off), and the server's throughput. +The second part gives continuous integration (CI) statistics, if the server +supports it. + +To achieve that, @command{guix weather} queries over HTTP(S) meta-data +(@dfn{narinfos}) for all the relevant store items. Like @command{guix +challenge}, it ignores signatures on those substitutes, which is innocuous +since the command only gathers statistics and cannot install those +substitutes. + +Among other things, it is possible to query specific system types and +specific package sets. The available options are listed below. + +@table @code +@item --substitute-urls=@var{urls} +@var{urls} is the space-separated list of substitute server URLs to query. +When this option is omitted, the default set of substitute servers is +queried. + +@item --system=@var{system} +@itemx -s @var{system} +Query substitutes for @var{system}---e.g., @code{aarch64-linux}. This +option can be repeated, in which case @command{guix weather} will query +substitutes for several system types. + +@item --manifest=@var{file} +Instead of querying substitutes for all the packages, only ask for those +specified in @var{file}. @var{file} must contain a @dfn{manifest}, as with +the @code{-m} option of @command{guix package} (@pxref{Invoquer guix package}). +@end table + + +@c ********************************************************************* +@node Distribution GNU +@chapter Distribution GNU + +@cindex Distribution Système Guix +@cindex GuixSD +Guix comes with a distribution of the GNU system consisting entirely of free +software@footnote{The term ``free'' here refers to the +@url{http://www.gnu.org/philosophy/free-sw.html,freedom provided to users of +that software}.}. The distribution can be installed on its own +(@pxref{Installation du système}), but it is also possible to install Guix as a +package manager on top of an installed GNU/Linux system +(@pxref{Installation}). To distinguish between the two, we refer to the +standalone distribution as the Guix System Distribution, or GuixSD. + +The distribution provides core GNU packages such as GNU libc, GCC, and +Binutils, as well as many GNU and non-GNU applications. The complete list +of available packages can be browsed +@url{http://www.gnu.org/software/guix/packages,on-line} or by running +@command{guix package} (@pxref{Invoquer guix package}): + +@example +guix package --list-available +@end example + +Our goal is to provide a practical 100% free software distribution of +Linux-based and other variants of GNU, with a focus on the promotion and +tight integration of GNU components, and an emphasis on programs and tools +that help users exert that freedom. + +Packages are currently available on the following platforms: + +@table @code + +@item x86_64-linux +Intel/AMD @code{x86_64} architecture, Linux-Libre kernel; + +@item i686-linux +Intel 32-bit architecture (IA32), Linux-Libre kernel; + +@item armhf-linux +ARMv7-A architecture with hard float, Thumb-2 and NEON, using the EABI +hard-float application binary interface (ABI), and Linux-Libre kernel. + +@item aarch64-linux +little-endian 64-bit ARMv8-A processors, Linux-Libre kernel. This is +currently in an experimental stage, with limited support. +@xref{Contribuer}, for how to help! + +@item mips64el-linux +little-endian 64-bit MIPS processors, specifically the Loongson series, n32 +ABI, and Linux-Libre kernel. + +@end table + +GuixSD itself is currently only available on @code{i686} and @code{x86_64}. + +@noindent +For information on porting to other architectures or kernels, +@pxref{Porter}. + +@menu +* Installation du système:: Installer le système d'exploitation complet. +* Configuration système:: Configurer le système d'exploitation. +* Documentation:: Visualiser les manuels d'utilisateur des + logiciels. +* Installer les fichiers de débogage:: Nourrir le débogueur. +* Mises à jour de sécurité:: Déployer des correctifs de sécurité + rapidement. +* Modules de paquets:: Les paquets du point de vu du programmeur. +* Consignes d'empaquetage:: Faire grandir la distribution. +* Bootstrapping:: GNU/Linux depuis zéro. +* Porter:: Cibler une autre plateforme ou un autre noyau. +@end menu + +Building this distribution is a cooperative effort, and you are invited to +join! @xref{Contribuer}, for information about how you can help. + +@node Installation du système +@section Installation du système + +@cindex installing GuixSD +@cindex Distribution Système Guix +This section explains how to install the Guix System Distribution (GuixSD) +on a machine. The Guix package manager can also be installed on top of a +running GNU/Linux system, @pxref{Installation}. + +@ifinfo +@quotation Note +@c This paragraph is for people reading this from tty2 of the +@c installation image. +You are reading this documentation with an Info reader. For details on how +to use it, hit the @key{RET} key (``return'' or ``enter'') on the link that +follows: @pxref{Top, Info reader,, info-stnd, Stand-alone GNU Info}. Hit +@kbd{l} afterwards to come back here. + +Alternately, run @command{info info} in another tty to keep the manual +available. +@end quotation +@end ifinfo + +@menu +* Limitations:: Ce à quoi vous attendre. +* Considérations matérielles:: Matériel supporté. +* Installation depuis une clef USB ou un DVD:: Préparer le média + d'installation. +* Préparer l'installation:: Réseau, partitionnement, etc. +* Effectuer l'installation:: Pour de vrai. +* Installer GuixSD dans une VM:: Jouer avec GuixSD. +* Construire l'image d'installation:: D'où vient tout cela. +@end menu + +@node Limitations +@subsection Limitations + +As of version @value{VERSION}, the Guix System Distribution (GuixSD) is not +production-ready. It may contain bugs and lack important features. Thus, +if you are looking for a stable production system that respects your freedom +as a computer user, a good solution at this point is to consider +@url{http://www.gnu.org/distros/free-distros.html, one of the more +established GNU/Linux distributions}. We hope you can soon switch to the +GuixSD without fear, of course. In the meantime, you can also keep using +your distribution and try out the package manager on top of it +(@pxref{Installation}). + +Before you proceed with the installation, be aware of the following +noteworthy limitations applicable to version @value{VERSION}: + +@itemize +@item +The installation process does not include a graphical user interface and +requires familiarity with GNU/Linux (see the following subsections to get a +feel of what that means.) + +@item +Support for the Logical Volume Manager (LVM) is missing. + +@item +More and more system services are provided (@pxref{Services}), but some may +be missing. + +@item +More than 6,500 packages are available, but you might occasionally find that +a useful package is missing. + +@item +GNOME, Xfce, LXDE, and Enlightenment are available (@pxref{Desktop +Services}), as well as a number of X11 window managers. However, some +graphical applications may be missing, as well as KDE. +@end itemize + +You have been warned! But more than a disclaimer, this is an invitation to +report issues (and success stories!), and to join us in improving it. +@xref{Contribuer}, for more info. + + +@node Considérations matérielles +@subsection Considérations matérielles + +@cindex hardware support on GuixSD +GNU@tie{}GuixSD focuses on respecting the user's computing freedom. It +builds around the kernel Linux-libre, which means that only hardware for +which free software drivers and firmware exist is supported. Nowadays, a +wide range of off-the-shelf hardware is supported on GNU/Linux-libre---from +keyboards to graphics cards to scanners and Ethernet controllers. +Unfortunately, there are still areas where hardware vendors deny users +control over their own computing, and such hardware is not supported on +GuixSD. + +@cindex WiFi, hardware support +One of the main areas where free drivers or firmware are lacking is WiFi +devices. WiFi devices known to work include those using Atheros chips +(AR9271 and AR7010), which corresponds to the @code{ath9k} Linux-libre +driver, and those using Broadcom/AirForce chips (BCM43xx with Wireless-Core +Revision 5), which corresponds to the @code{b43-open} Linux-libre driver. +Free firmware exists for both and is available out-of-the-box on GuixSD, as +part of @var{%base-firmware} (@pxref{Référence de système d'exploitation, +@code{firmware}}). + +@cindex RYF, Respects Your Freedom +The @uref{https://www.fsf.org/, Free Software Foundation} runs +@uref{https://www.fsf.org/ryf, @dfn{Respects Your Freedom}} (RYF), a +certification program for hardware products that respect your freedom and +your privacy and ensure that you have control over your device. We +encourage you to check the list of RYF-certified devices. + +Another useful resource is the @uref{https://www.h-node.org/, H-Node} web +site. It contains a catalog of hardware devices with information about +their support in GNU/Linux. + + +@node Installation depuis une clef USB ou un DVD +@subsection Installation depuis une clef USB ou un DVD + +An ISO-9660 installation image that can be written to a USB stick or burnt +to a DVD can be downloaded from +@indicateurl{ftp://alpha.gnu.org/gnu/guix/guixsd-install-@value{VERSION}.@var{system}.iso.xz}, +where @var{system} is one of: + +@table @code +@item x86_64-linux +for a GNU/Linux system on Intel/AMD-compatible 64-bit CPUs; + +@item i686-linux +for a 32-bit GNU/Linux system on Intel-compatible CPUs. +@end table + +@c start duplication of authentication part from ``Binary Installation'' +Make sure to download the associated @file{.sig} file and to verify the +authenticity of the image against it, along these lines: + +@example +$ wget ftp://alpha.gnu.org/gnu/guix/guixsd-install-@value{VERSION}.@var{system}.iso.xz.sig +$ gpg --verify guixsd-install-@value{VERSION}.@var{system}.iso.xz.sig +@end example + +If that command fails because you do not have the required public key, then +run this command to import it: + +@example +$ gpg --keyserver pgp.mit.edu --recv-keys @value{OPENPGP-SIGNING-KEY-ID} +@end example + +@noindent +@c end duplication +and rerun the @code{gpg --verify} command. + +This image contains the tools necessary for an installation. It is meant to +be copied @emph{as is} to a large-enough USB stick or DVD. + +@unnumberedsubsubsec Copying to a USB Stick + +To copy the image to a USB stick, follow these steps: + +@enumerate +@item +Decompress the image using the @command{xz} command: + +@example +xz -d guixsd-install-@value{VERSION}.@var{system}.iso.xz +@end example + +@item +Insert a USB stick of 1@tie{}GiB or more into your machine, and determine +its device name. Assuming that the USB stick is known as @file{/dev/sdX}, +copy the image with: + +@example +dd if=guixsd-install-@value{VERSION}.x86_64-linux.iso of=/dev/sdX +sync +@end example + +Access to @file{/dev/sdX} usually requires root privileges. +@end enumerate + +@unnumberedsubsubsec Burning on a DVD + +To copy the image to a DVD, follow these steps: + +@enumerate +@item +Decompress the image using the @command{xz} command: + +@example +xz -d guixsd-install-@value{VERSION}.@var{system}.iso.xz +@end example + +@item +Insert a blank DVD into your machine, and determine its device name. +Assuming that the DVD drive is known as @file{/dev/srX}, copy the image +with: + +@example +growisofs -dvd-compat -Z /dev/srX=guixsd-install-@value{VERSION}.x86_64.iso +@end example + +Access to @file{/dev/srX} usually requires root privileges. +@end enumerate + +@unnumberedsubsubsec Booting + +Once this is done, you should be able to reboot the system and boot from the +USB stick or DVD. The latter usually requires you to get in the BIOS or +UEFI boot menu, where you can choose to boot from the USB stick. + +@xref{Installer GuixSD dans une VM}, if, instead, you would like to install +GuixSD in a virtual machine (VM). + + +@node Préparer l'installation +@subsection Préparer l'installation + +Once you have successfully booted your computer using the installation +medium, you should end up with a root prompt. Several console TTYs are +configured and can be used to run commands as root. TTY2 shows this +documentation, browsable using the Info reader commands (@pxref{Top,,, +info-stnd, Stand-alone GNU Info}). The installation system runs the GPM +mouse daemon, which allows you to select text with the left mouse button and +to paste it with the middle button. + +@quotation Note +Installation requires access to the Internet so that any missing +dependencies of your system configuration can be downloaded. See the +``Networking'' section below. +@end quotation + +The installation system includes many common tools needed for this task. +But it is also a full-blown GuixSD system, which means that you can install +additional packages, should you need it, using @command{guix package} +(@pxref{Invoquer guix package}). + +@subsubsection Keyboard Layout + +@cindex keyboard layout +The installation image uses the US qwerty keyboard layout. If you want to +change it, you can use the @command{loadkeys} command. For example, the +following command selects the Dvorak keyboard layout: + +@example +loadkeys dvorak +@end example + +See the files under @file{/run/current-system/profile/share/keymaps} for a +list of available keyboard layouts. Run @command{man loadkeys} for more +information. + +@subsubsection Networking + +Run the following command see what your network interfaces are called: + +@example +ifconfig -a +@end example + +@noindent +@dots{} or, using the GNU/Linux-specific @command{ip} command: + +@example +ip a +@end example + +@c http://cgit.freedesktop.org/systemd/systemd/tree/src/udev/udev-builtin-net_id.c#n20 +Wired interfaces have a name starting with @samp{e}; for example, the +interface corresponding to the first on-board Ethernet controller is called +@samp{eno1}. Wireless interfaces have a name starting with @samp{w}, like +@samp{w1p2s0}. + +@table @asis +@item Wired connection +To configure a wired network run the following command, substituting +@var{interface} with the name of the wired interface you want to use. + +@example +ifconfig @var{interface} up +@end example + +@item Wireless connection +@cindex wireless +@cindex WiFi +To configure wireless networking, you can create a configuration file for +the @command{wpa_supplicant} configuration tool (its location is not +important) using one of the available text editors such as @command{nano}: + +@example +nano wpa_supplicant.conf +@end example + +As an example, the following stanza can go to this file and will work for +many wireless networks, provided you give the actual SSID and passphrase for +the network you are connecting to: + +@example +network=@{ + ssid="@var{my-ssid}" + key_mgmt=WPA-PSK + psk="the network's secret passphrase" +@} +@end example + +Start the wireless service and run it in the background with the following +command (substitute @var{interface} with the name of the network interface +you want to use): + +@example +wpa_supplicant -c wpa_supplicant.conf -i @var{interface} -B +@end example + +Run @command{man wpa_supplicant} for more information. +@end table + +@cindex DHCP +At this point, you need to acquire an IP address. On a network where IP +addresses are automatically assigned @i{via} DHCP, you can run: + +@example +dhclient -v @var{interface} +@end example + +Try to ping a server to see if networking is up and running: + +@example +ping -c 3 gnu.org +@end example + +Setting up network access is almost always a requirement because the image +does not contain all the software and tools that may be needed. + +@cindex installing over SSH +If you want to, you can continue the installation remotely by starting an +SSH server: + +@example +herd start ssh-daemon +@end example + +Make sure to either set a password with @command{passwd}, or configure +OpenSSH public key authentication before logging in. + +@subsubsection Disk Partitioning + +Unless this has already been done, the next step is to partition, and then +format the target partition(s). + +The installation image includes several partitioning tools, including Parted +(@pxref{Overview,,, parted, GNU Parted User Manual}), @command{fdisk}, and +@command{cfdisk}. Run it and set up your disk with the partition layout you +want: + +@example +cfdisk +@end example + +If your disk uses the GUID Partition Table (GPT) format and you plan to +install BIOS-based GRUB (which is the default), make sure a BIOS Boot +Partition is available (@pxref{BIOS installation,,, grub, GNU GRUB manual}). + +@cindex EFI, installation +@cindex UEFI, installation +@cindex ESP, EFI system partition +If you instead wish to use EFI-based GRUB, a FAT32 @dfn{EFI System +Partition} (ESP) is required. This partition should be mounted at +@file{/boot/efi} and must have the @code{esp} flag set. E.g., for +@command{parted}: + +@example +parted /dev/sda set 1 esp on +@end example + +Once you are done partitioning the target hard disk drive, you have to +create a file system on the relevant partition(s)@footnote{Currently GuixSD +only supports ext4 and btrfs file systems. In particular, code that reads +file system UUIDs and labels only works for these file system types.}. For +the ESP, if you have one and assuming it is @file{/dev/sda2}, run: + +@example +mkfs.fat -F32 /dev/sda2 +@end example + +Preferably, assign file systems a label so that you can easily and reliably +refer to them in @code{file-system} declarations (@pxref{Systèmes de fichiers}). +This is typically done using the @code{-L} option of @command{mkfs.ext4} and +related commands. So, assuming the target root partition lives at +@file{/dev/sda1}, a file system with the label @code{my-root} can be created +with: + +@example +mkfs.ext4 -L my-root /dev/sda1 +@end example + +@cindex encrypted disk +If you are instead planning to encrypt the root partition, you can use the +Cryptsetup/LUKS utilities to do that (see @inlinefmtifelse{html, +@uref{https://linux.die.net/man/8/cryptsetup, @code{man cryptsetup}}, +@code{man cryptsetup}} for more information.) Assuming you want to store +the root partition on @file{/dev/sda1}, the command sequence would be along +these lines: + +@example +cryptsetup luksFormat /dev/sda1 +cryptsetup open --type luks /dev/sda1 my-partition +mkfs.ext4 -L my-root /dev/mapper/my-partition +@end example + +Once that is done, mount the target file system under @file{/mnt} with a +command like (again, assuming @code{my-root} is the label of the root file +system): + +@example +mount LABEL=my-root /mnt +@end example + +Also mount any other file systems you would like to use on the target system +relative to this path. If you have @file{/boot} on a separate partition for +example, mount it at @file{/mnt/boot} now so it is found by @code{guix +system init} afterwards. + +Finally, if you plan to use one or more swap partitions (@pxref{Memory +Concepts, swap space,, libc, The GNU C Library Reference Manual}), make sure +to initialize them with @command{mkswap}. Assuming you have one swap +partition on @file{/dev/sda2}, you would run: + +@example +mkswap /dev/sda2 +swapon /dev/sda2 +@end example + +Alternatively, you may use a swap file. For example, assuming that in the +new system you want to use the file @file{/swapfile} as a swap file, you +would run@footnote{This example will work for many types of file systems +(e.g., ext4). However, for copy-on-write file systems (e.g., btrfs), the +required steps may be different. For details, see the manual pages for +@command{mkswap} and @command{swapon}.}: + +@example +# This is 10 GiB of swap space. Adjust "count" to change the size. +dd if=/dev/zero of=/mnt/swapfile bs=1MiB count=10240 +# For security, make the file readable and writable only by root. +chmod 600 /mnt/swapfile +mkswap /mnt/swapfile +swapon /mnt/swapfile +@end example + +Note that if you have encrypted the root partition and created a swap file +in its file system as described above, then the encryption also protects the +swap file, just like any other file in that file system. + +@node Effectuer l'installation +@subsection Effectuer l'installation + +With the target partitions ready and the target root mounted on @file{/mnt}, +we're ready to go. First, run: + +@example +herd start cow-store /mnt +@end example + +This makes @file{/gnu/store} copy-on-write, such that packages added to it +during the installation phase are written to the target disk on @file{/mnt} +rather than kept in memory. This is necessary because the first phase of +the @command{guix system init} command (see below) entails downloads or +builds to @file{/gnu/store} which, initially, is an in-memory file system. + +Next, you have to edit a file and provide the declaration of the operating +system to be installed. To that end, the installation system comes with +three text editors. We recommend GNU nano (@pxref{Top,,, nano, GNU nano +Manual}), which supports syntax highlighting and parentheses matching; other +editors include GNU Zile (an Emacs clone), and nvi (a clone of the original +BSD @command{vi} editor). We strongly recommend storing that file on the +target root file system, say, as @file{/mnt/etc/config.scm}. Failing to do +that, you will have lost your configuration file once you have rebooted into +the newly-installed system. + +@xref{Utiliser le système de configuration}, for an overview of the configuration +file. The example configurations discussed in that section are available +under @file{/etc/configuration} in the installation image. Thus, to get +started with a system configuration providing a graphical display server (a +``desktop'' system), you can run something along these lines: + +@example +# mkdir /mnt/etc +# cp /etc/configuration/desktop.scm /mnt/etc/config.scm +# nano /mnt/etc/config.scm +@end example + +You should pay attention to what your configuration file contains, and in +particular: + +@itemize +@item +Make sure the @code{bootloader-configuration} form refers to the target you +want to install GRUB on. It should mention @code{grub-bootloader} if you +are installing GRUB in the legacy way, or @code{grub-efi-bootloader} for +newer UEFI systems. For legacy systems, the @code{target} field names a +device, like @code{/dev/sda}; for UEFI systems it names a path to a mounted +EFI partition, like @code{/boot/efi}, and do make sure the path is actually +mounted. + +@item +Be sure that your file system labels match the value of their respective +@code{device} fields in your @code{file-system} configuration, assuming your +@code{file-system} configuration sets the value of @code{title} to +@code{'label}. + +@item +If there are encrypted or RAID partitions, make sure to add a +@code{mapped-devices} field to describe them (@pxref{Périphériques mappés}). +@end itemize + +Once you are done preparing the configuration file, the new system must be +initialized (remember that the target root file system is mounted under +@file{/mnt}): + +@example +guix system init /mnt/etc/config.scm /mnt +@end example + +@noindent +This copies all the necessary files and installs GRUB on @file{/dev/sdX}, +unless you pass the @option{--no-bootloader} option. For more information, +@pxref{Invoquer guix system}. This command may trigger downloads or builds +of missing packages, which can take some time. + +Once that command has completed---and hopefully succeeded!---you can run +@command{reboot} and boot into the new system. The @code{root} password in +the new system is initially empty; other users' passwords need to be +initialized by running the @command{passwd} command as @code{root}, unless +your configuration specifies otherwise (@pxref{user-account-password, user +account passwords}). + +@cindex upgrading GuixSD +From then on, you can update GuixSD whenever you want by running +@command{guix pull} as @code{root} (@pxref{Invoquer guix pull}), and then +running @command{guix system reconfigure} to build a new system generation +with the latest packages and services (@pxref{Invoquer guix system}). We +recommend doing that regularly so that your system includes the latest +security updates (@pxref{Mises à jour de sécurité}). + +Join us on @code{#guix} on the Freenode IRC network or on +@file{guix-devel@@gnu.org} to share your experience---good or not so good. + +@node Installer GuixSD dans une VM +@subsection Installing GuixSD in a Virtual Machine + +@cindex virtual machine, GuixSD installation +@cindex virtual private server (VPS) +@cindex VPS (virtual private server) +If you'd like to install GuixSD in a virtual machine (VM) or on a virtual +private server (VPS) rather than on your beloved machine, this section is +for you. + +To boot a @uref{http://qemu.org/,QEMU} VM for installing GuixSD in a disk +image, follow these steps: + +@enumerate +@item +First, retrieve and decompress the GuixSD installation image as described +previously (@pxref{Installation depuis une clef USB ou un DVD}). + +@item +Create a disk image that will hold the installed system. To make a +qcow2-formatted disk image, use the @command{qemu-img} command: + +@example +qemu-img create -f qcow2 guixsd.img 50G +@end example + +The resulting file will be much smaller than 50 GB (typically less than 1 +MB), but it will grow as the virtualized storage device is filled up. + +@item +Boot the USB installation image in an VM: + +@example +qemu-system-x86_64 -m 1024 -smp 1 \ + -net user -net nic,model=virtio -boot menu=on \ + -drive file=guixsd-install-@value{VERSION}.@var{system}.iso \ + -drive file=guixsd.img +@end example + +The ordering of the drives matters. + +In the VM console, quickly press the @kbd{F12} key to enter the boot menu. +Then press the @kbd{2} key and the @kbd{RET} key to validate your selection. + +@item +You're now root in the VM, proceed with the installation process. +@xref{Préparer l'installation}, and follow the instructions. +@end enumerate + +Once installation is complete, you can boot the system that's on your +@file{guixsd.img} image. @xref{Lancer GuixSD dans une VM}, for how to do that. + +@node Construire l'image d'installation +@subsection Construire l'image d'installation + +@cindex installation image +The installation image described above was built using the @command{guix +system} command, specifically: + +@example +guix system disk-image gnu/system/install.scm +@end example + +Have a look at @file{gnu/system/install.scm} in the source tree, and see +also @ref{Invoquer guix system} for more information about the installation +image. + +@node Configuration système +@section Configuration système + +@cindex system configuration +The Guix System Distribution supports a consistent whole-system +configuration mechanism. By that we mean that all aspects of the global +system configuration---such as the available system services, timezone and +locale settings, user accounts---are declared in a single place. Such a +@dfn{system configuration} can be @dfn{instantiated}---i.e., effected. + +@c Yes, we're talking of Puppet, Chef, & co. here. ↑ +One of the advantages of putting all the system configuration under the +control of Guix is that it supports transactional system upgrades, and makes +it possible to roll back to a previous system instantiation, should +something go wrong with the new one (@pxref{Fonctionnalités}). Another advantage +is that it makes it easy to replicate the exact same configuration across +different machines, or at different points in time, without having to resort +to additional administration tools layered on top of the own tools of the +system. + +This section describes this mechanism. First we focus on the system +administrator's viewpoint---explaining how the system is configured and +instantiated. Then we show how this mechanism can be extended, for instance +to support new system services. + +@menu +* Utiliser le système de configuration:: Personnaliser votre système GNU. +* Référence de système d'exploitation:: Détail sur la déclaration de + système d'exploitation. +* Systèmes de fichiers:: Configurer les montages de systèmes de + fichiers. +* Périphériques mappés:: Gestion des périphériques de bloc. +* Comptes utilisateurs:: Spécifier des comptes utilisateurs. +* Régionalisation:: Paramétrer la langue et les conventions + culturelles. +* Services:: Spécifier les services du système. +* Programmes setuid:: Programmes tournant avec les privilèges root. +* Certificats X.509:: Authentifier les serveurs HTTPS. +* Name Service Switch:: Configurer le « name service switch » de la + libc. +* Disque de RAM initial:: Démarrage de Linux-Libre. +* Configuration du chargeur d'amorçage:: Configurer le chargeur + d'amorçage. +* Invoquer guix system:: Instantier une configuration du système. +* Lancer GuixSD dans une VM:: Comment lancer GuixSD dans une machine + virtuelle. +* Définir des services:: Ajouter de nouvelles définitions de services. +@end menu + +@node Utiliser le système de configuration +@subsection Utiliser le système de configuration + +The operating system is configured by providing an @code{operating-system} +declaration in a file that can then be passed to the @command{guix system} +command (@pxref{Invoquer guix system}). A simple setup, with the default +system services, the default Linux-Libre kernel, initial RAM disk, and boot +loader looks like this: + +@findex operating-system +@lisp +@include os-config-bare-bones.texi +@end lisp + +This example should be self-describing. Some of the fields defined above, +such as @code{host-name} and @code{bootloader}, are mandatory. Others, such +as @code{packages} and @code{services}, can be omitted, in which case they +get a default value. + +Below we discuss the effect of some of the most important fields +(@pxref{Référence de système d'exploitation}, for details about all the available +fields), and how to @dfn{instantiate} the operating system using +@command{guix system}. + +@unnumberedsubsubsec Globally-Visible Packages + +@vindex %base-packages +The @code{packages} field lists packages that will be globally visible on +the system, for all user accounts---i.e., in every user's @code{PATH} +environment variable---in addition to the per-user profiles (@pxref{Invoquer guix package}). The @var{%base-packages} variable provides all the tools +one would expect for basic user and administrator tasks---including the GNU +Core Utilities, the GNU Networking Utilities, the GNU Zile lightweight text +editor, @command{find}, @command{grep}, etc. The example above adds +GNU@tie{}Screen and OpenSSH to those, taken from the @code{(gnu packages +screen)} and @code{(gnu packages ssh)} modules (@pxref{Modules de paquets}). +The @code{(list package output)} syntax can be used to add a specific output +of a package: + +@lisp +(use-modules (gnu packages)) +(use-modules (gnu packages dns)) + +(operating-system + ;; ... + (packages (cons (list bind "utils") + %base-packages))) +@end lisp + +@findex specification->package +Referring to packages by variable name, like @code{bind} above, has the +advantage of being unambiguous; it also allows typos and such to be +diagnosed right away as ``unbound variables''. The downside is that one +needs to know which module defines which package, and to augment the +@code{use-package-modules} line accordingly. To avoid that, one can use the +@code{specification->package} procedure of the @code{(gnu packages)} module, +which returns the best package for a given name or name and version: + +@lisp +(use-modules (gnu packages)) + +(operating-system + ;; ... + (packages (append (map specification->package + '("tcpdump" "htop" "gnupg@@2.0")) + %base-packages))) +@end lisp + +@unnumberedsubsubsec System Services + +@cindex services +@vindex %base-services +The @code{services} field lists @dfn{system services} to be made available +when the system starts (@pxref{Services}). The @code{operating-system} +declaration above specifies that, in addition to the basic services, we want +the @command{lshd} secure shell daemon listening on port 2222 +(@pxref{Networking Services, @code{lsh-service}}). Under the hood, +@code{lsh-service} arranges so that @code{lshd} is started with the right +command-line options, possibly with supporting configuration files generated +as needed (@pxref{Définir des services}). + +@cindex customization, of services +@findex modify-services +Occasionally, instead of using the base services as is, you will want to +customize them. To do this, use @code{modify-services} (@pxref{Référence de service, @code{modify-services}}) to modify the list. + +For example, suppose you want to modify @code{guix-daemon} and Mingetty (the +console log-in) in the @var{%base-services} list (@pxref{Services de base, +@code{%base-services}}). To do that, you can write the following in your +operating system declaration: + +@lisp +(define %my-services + ;; My very own list of services. + (modify-services %base-services + (guix-service-type config => + (guix-configuration + (inherit config) + (use-substitutes? #f) + (extra-options '("--gc-keep-derivations")))) + (mingetty-service-type config => + (mingetty-configuration + (inherit config))))) + +(operating-system + ;; @dots{} + (services %my-services)) +@end lisp + +This changes the configuration---i.e., the service parameters---of the +@code{guix-service-type} instance, and that of all the +@code{mingetty-service-type} instances in the @var{%base-services} list. +Observe how this is accomplished: first, we arrange for the original +configuration to be bound to the identifier @code{config} in the @var{body}, +and then we write the @var{body} so that it evaluates to the desired +configuration. In particular, notice how we use @code{inherit} to create a +new configuration which has the same values as the old configuration, but +with a few modifications. + +@cindex encrypted disk +The configuration for a typical ``desktop'' usage, with an encrypted root +partition, the X11 display server, GNOME and Xfce (users can choose which of +these desktop environments to use at the log-in screen by pressing +@kbd{F1}), network management, power management, and more, would look like +this: + +@lisp +@include os-config-desktop.texi +@end lisp + +@cindex UEFI +A graphical UEFI system with a choice of lightweight window managers instead +of full-blown desktop environments would look like this: + +@lisp +@include os-config-lightweight-desktop.texi +@end lisp + +This example refers to the @file{/boot/efi} file system by its UUID, +@code{1234-ABCD}. Replace this UUID with the right UUID on your system, as +returned by the @command{blkid} command. + +@xref{Desktop Services}, for the exact list of services provided by +@var{%desktop-services}. @xref{Certificats X.509}, for background +information about the @code{nss-certs} package that is used here. + +Again, @var{%desktop-services} is just a list of service objects. If you +want to remove services from there, you can do so using the procedures for +list filtering (@pxref{SRFI-1 Filtering and Partitioning,,, guile, GNU Guile +Reference Manual}). For instance, the following expression returns a list +that contains all the services in @var{%desktop-services} minus the Avahi +service: + +@example +(remove (lambda (service) + (eq? (service-kind service) avahi-service-type)) + %desktop-services) +@end example + +@unnumberedsubsubsec Instantiating the System + +Assuming the @code{operating-system} declaration is stored in the +@file{my-system-config.scm} file, the @command{guix system reconfigure +my-system-config.scm} command instantiates that configuration, and makes it +the default GRUB boot entry (@pxref{Invoquer guix system}). + +The normal way to change the system configuration is by updating this file +and re-running @command{guix system reconfigure}. One should never have to +touch files in @file{/etc} or to run commands that modify the system state +such as @command{useradd} or @command{grub-install}. In fact, you must +avoid that since that would not only void your warranty but also prevent you +from rolling back to previous versions of your system, should you ever need +to. + +@cindex roll-back, of the operating system +Speaking of roll-back, each time you run @command{guix system reconfigure}, +a new @dfn{generation} of the system is created---without modifying or +deleting previous generations. Old system generations get an entry in the +bootloader boot menu, allowing you to boot them in case something went wrong +with the latest generation. Reassuring, no? The @command{guix system +list-generations} command lists the system generations available on disk. +It is also possible to roll back the system via the commands @command{guix +system roll-back} and @command{guix system switch-generation}. + +Although the command @command{guix system reconfigure} will not modify +previous generations, must take care when the current generation is not the +latest (e.g., after invoking @command{guix system roll-back}), since the +operation might overwrite a later generation (@pxref{Invoquer guix system}). + +@unnumberedsubsubsec The Programming Interface + +At the Scheme level, the bulk of an @code{operating-system} declaration is +instantiated with the following monadic procedure (@pxref{La monad du dépôt}): + +@deffn {Monadic Procedure} operating-system-derivation os +Return a derivation that builds @var{os}, an @code{operating-system} object +(@pxref{Dérivations}). + +The output of the derivation is a single directory that refers to all the +packages, configuration files, and other supporting files needed to +instantiate @var{os}. +@end deffn + +This procedure is provided by the @code{(gnu system)} module. Along with +@code{(gnu services)} (@pxref{Services}), this module contains the guts of +GuixSD. Make sure to visit it! + + +@node Référence de système d'exploitation +@subsection @code{operating-system} Reference + +This section summarizes all the options available in @code{operating-system} +declarations (@pxref{Utiliser le système de configuration}). + +@deftp {Data Type} operating-system +This is the data type representing an operating system configuration. By +that, we mean all the global system configuration, not per-user +configuration (@pxref{Utiliser le système de configuration}). + +@table @asis +@item @code{kernel} (default: @var{linux-libre}) +The package object of the operating system kernel to use@footnote{Currently +only the Linux-libre kernel is supported. In the future, it will be +possible to use the GNU@tie{}Hurd.}. + +@item @code{kernel-arguments} (default: @code{'()}) +List of strings or gexps representing additional arguments to pass on the +command-line of the kernel---e.g., @code{("console=ttyS0")}. + +@item @code{bootloader} +The system bootloader configuration object. @xref{Configuration du chargeur d'amorçage}. + +@item @code{initrd-modules} (default: @code{%base-initrd-modules}) +@cindex initrd +@cindex initial RAM disk +The list of Linux kernel modules that need to be available in the initial +RAM disk. @xref{Disque de RAM initial}. + +@item @code{initrd} (default: @code{base-initrd}) +A monadic procedure that returns an initial RAM disk for the Linux kernel. +This field is provided to support low-level customization and should rarely +be needed for casual use. @xref{Disque de RAM initial}. + +@item @code{firmware} (default: @var{%base-firmware}) +@cindex firmware +List of firmware packages loadable by the operating system kernel. + +The default includes firmware needed for Atheros- and Broadcom-based WiFi +devices (Linux-libre modules @code{ath9k} and @code{b43-open}, +respectively). @xref{Considérations matérielles}, for more info on supported +hardware. + +@item @code{host-name} +The host name. + +@item @code{hosts-file} +@cindex hosts file +A file-like object (@pxref{G-Expressions, file-like objects}) for use as +@file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference +Manual}). The default is a file with entries for @code{localhost} and +@var{host-name}. + +@item @code{mapped-devices} (default: @code{'()}) +A list of mapped devices. @xref{Périphériques mappés}. + +@item @code{file-systems} +A list of file systems. @xref{Systèmes de fichiers}. + +@item @code{swap-devices} (default: @code{'()}) +@cindex swap devices +A list of strings identifying devices or files to be used for ``swap space'' +(@pxref{Memory Concepts,,, libc, The GNU C Library Reference Manual}). For +example, @code{'("/dev/sda3")} or @code{'("/swapfile")}. It is possible to +specify a swap file in a file system on a mapped device, provided that the +necessary device mapping and file system are also specified. @xref{Périphériques mappés} and @ref{Systèmes de fichiers}. + +@item @code{users} (default: @code{%base-user-accounts}) +@itemx @code{groups} (default: @var{%base-groups}) +List of user accounts and groups. @xref{Comptes utilisateurs}. + +If the @code{users} list lacks a user account with UID@tie{}0, a ``root'' +account with UID@tie{}0 is automatically added. + +@item @code{skeletons} (default: @code{(default-skeletons)}) +A list target file name/file-like object tuples (@pxref{G-Expressions, +file-like objects}). These are the skeleton files that will be added to the +home directory of newly-created user accounts. + +For instance, a valid value may look like this: + +@example +`((".bashrc" ,(plain-file "bashrc" "echo Hello\n")) + (".guile" ,(plain-file "guile" + "(use-modules (ice-9 readline)) + (activate-readline)"))) +@end example + +@item @code{issue} (default: @var{%default-issue}) +A string denoting the contents of the @file{/etc/issue} file, which is +displayed when users log in on a text console. + +@item @code{packages} (default: @var{%base-packages}) +The set of packages installed in the global profile, which is accessible at +@file{/run/current-system/profile}. + +The default set includes core utilities and it is good practice to install +non-core utilities in user profiles (@pxref{Invoquer guix package}). + +@item @code{timezone} +A timezone identifying string---e.g., @code{"Europe/Paris"}. + +You can run the @command{tzselect} command to find out which timezone string +corresponds to your region. Choosing an invalid timezone name causes +@command{guix system} to fail. + +@item @code{locale} (default: @code{"en_US.utf8"}) +The name of the default locale (@pxref{Locale Names,,, libc, The GNU C +Library Reference Manual}). @xref{Régionalisation}, for more information. + +@item @code{locale-definitions} (default: @var{%default-locale-definitions}) +The list of locale definitions to be compiled and that may be used at run +time. @xref{Régionalisation}. + +@item @code{locale-libcs} (default: @code{(list @var{glibc})}) +The list of GNU@tie{}libc packages whose locale data and tools are used to +build the locale definitions. @xref{Régionalisation}, for compatibility +considerations that justify this option. + +@item @code{name-service-switch} (default: @var{%default-nss}) +Configuration of the libc name service switch (NSS)---a +@code{} object. @xref{Name Service Switch}, for +details. + +@item @code{services} (default: @var{%base-services}) +A list of service objects denoting system services. @xref{Services}. + +@item @code{pam-services} (default: @code{(base-pam-services)}) +@cindex PAM +@cindex pluggable authentication modules +@c FIXME: Add xref to PAM services section. +Linux @dfn{pluggable authentication module} (PAM) services. + +@item @code{setuid-programs} (default: @var{%setuid-programs}) +List of string-valued G-expressions denoting setuid programs. @xref{Programmes setuid}. + +@item @code{sudoers-file} (default: @var{%sudoers-specification}) +@cindex sudoers file +The contents of the @file{/etc/sudoers} file as a file-like object +(@pxref{G-Expressions, @code{local-file} and @code{plain-file}}). + +This file specifies which users can use the @command{sudo} command, what +they are allowed to do, and what privileges they may gain. The default is +that only @code{root} and members of the @code{wheel} group may use +@code{sudo}. + +@end table +@end deftp + +@node Systèmes de fichiers +@subsection Systèmes de fichiers + +The list of file systems to be mounted is specified in the +@code{file-systems} field of the operating system declaration (@pxref{Utiliser le système de configuration}). Each file system is declared using the +@code{file-system} form, like this: + +@example +(file-system + (mount-point "/home") + (device "/dev/sda3") + (type "ext4")) +@end example + +As usual, some of the fields are mandatory---those shown in the example +above---while others can be omitted. These are described below. + +@deftp {Data Type} file-system +Objects of this type represent file systems to be mounted. They contain the +following members: + +@table @asis +@item @code{type} +This is a string specifying the type of the file system---e.g., +@code{"ext4"}. + +@item @code{mount-point} +This designates the place where the file system is to be mounted. + +@item @code{device} +This names the ``source'' of the file system. By default it is the name of +a node under @file{/dev}, but its meaning depends on the @code{title} field +described below. + +@item @code{title} (default: @code{'device}) +This is a symbol that specifies how the @code{device} field is to be +interpreted. + +When it is the symbol @code{device}, then the @code{device} field is +interpreted as a file name; when it is @code{label}, then @code{device} is +interpreted as a file system label name; when it is @code{uuid}, +@code{device} is interpreted as a file system unique identifier (UUID). + +UUIDs may be converted from their string representation (as shown by the +@command{tune2fs -l} command) using the @code{uuid} form@footnote{The +@code{uuid} form expects 16-byte UUIDs as defined in +@uref{https://tools.ietf.org/html/rfc4122, RFC@tie{}4122}. This is the form +of UUID used by the ext2 family of file systems and others, but it is +different from ``UUIDs'' found in FAT file systems, for instance.}, like +this: + +@example +(file-system + (mount-point "/home") + (type "ext4") + (title 'uuid) + (device (uuid "4dab5feb-d176-45de-b287-9b0a6e4c01cb"))) +@end example + +The @code{label} and @code{uuid} options offer a way to refer to file +systems without having to hard-code their actual device name@footnote{Note +that, while it is tempting to use @file{/dev/disk/by-uuid} and similar +device names to achieve the same result, this is not recommended: These +special device nodes are created by the udev daemon and may be unavailable +at the time the device is mounted.}. + +However, when the source of a file system is a mapped device (@pxref{Périphériques mappés}), its @code{device} field @emph{must} refer to the mapped device +name---e.g., @file{/dev/mapper/root-partition}---and consequently +@code{title} must be set to @code{'device}. This is required so that the +system knows that mounting the file system depends on having the +corresponding device mapping established. + +@item @code{flags} (default: @code{'()}) +This is a list of symbols denoting mount flags. Recognized flags include +@code{read-only}, @code{bind-mount}, @code{no-dev} (disallow access to +special files), @code{no-suid} (ignore setuid and setgid bits), and +@code{no-exec} (disallow program execution.) + +@item @code{options} (default: @code{#f}) +This is either @code{#f}, or a string denoting mount options. + +@item @code{mount?} (default: @code{#t}) +This value indicates whether to automatically mount the file system when the +system is brought up. When set to @code{#f}, the file system gets an entry +in @file{/etc/fstab} (read by the @command{mount} command) but is not +automatically mounted. + +@item @code{needed-for-boot?} (default: @code{#f}) +This Boolean value indicates whether the file system is needed when +booting. If that is true, then the file system is mounted when the initial +RAM disk (initrd) is loaded. This is always the case, for instance, for the +root file system. + +@item @code{check?} (default: @code{#t}) +This Boolean indicates whether the file system needs to be checked for +errors before being mounted. + +@item @code{create-mount-point?} (default: @code{#f}) +When true, the mount point is created if it does not exist yet. + +@item @code{dependencies} (default: @code{'()}) +This is a list of @code{} or @code{} objects +representing file systems that must be mounted or mapped devices that must +be opened before (and unmounted or closed after) this one. + +As an example, consider a hierarchy of mounts: @file{/sys/fs/cgroup} is a +dependency of @file{/sys/fs/cgroup/cpu} and @file{/sys/fs/cgroup/memory}. + +Another example is a file system that depends on a mapped device, for +example for an encrypted partition (@pxref{Périphériques mappés}). +@end table +@end deftp + +The @code{(gnu system file-systems)} exports the following useful variables. + +@defvr {Scheme Variable} %base-file-systems +These are essential file systems that are required on normal systems, such +as @var{%pseudo-terminal-file-system} and @var{%immutable-store} (see +below.) Operating system declarations should always contain at least these. +@end defvr + +@defvr {Scheme Variable} %pseudo-terminal-file-system +This is the file system to be mounted as @file{/dev/pts}. It supports +@dfn{pseudo-terminals} created @i{via} @code{openpty} and similar functions +(@pxref{Pseudo-Terminals,,, libc, The GNU C Library Reference Manual}). +Pseudo-terminals are used by terminal emulators such as @command{xterm}. +@end defvr + +@defvr {Scheme Variable} %shared-memory-file-system +This file system is mounted as @file{/dev/shm} and is used to support memory +sharing across processes (@pxref{Memory-mapped I/O, @code{shm_open},, libc, +The GNU C Library Reference Manual}). +@end defvr + +@defvr {Scheme Variable} %immutable-store +This file system performs a read-only ``bind mount'' of @file{/gnu/store}, +making it read-only for all the users including @code{root}. This prevents +against accidental modification by software running as @code{root} or by +system administrators. + +The daemon itself is still able to write to the store: it remounts it +read-write in its own ``name space.'' +@end defvr + +@defvr {Scheme Variable} %binary-format-file-system +The @code{binfmt_misc} file system, which allows handling of arbitrary +executable file types to be delegated to user space. This requires the +@code{binfmt.ko} kernel module to be loaded. +@end defvr + +@defvr {Scheme Variable} %fuse-control-file-system +The @code{fusectl} file system, which allows unprivileged users to mount and +unmount user-space FUSE file systems. This requires the @code{fuse.ko} +kernel module to be loaded. +@end defvr + +@node Périphériques mappés +@subsection Périphériques mappés + +@cindex device mapping +@cindex mapped devices +The Linux kernel has a notion of @dfn{device mapping}: a block device, such +as a hard disk partition, can be @dfn{mapped} into another device, usually +in @code{/dev/mapper/}, with additional processing over the data that flows +through it@footnote{Note that the GNU@tie{}Hurd makes no difference between +the concept of a ``mapped device'' and that of a file system: both boil down +to @emph{translating} input/output operations made on a file to operations +on its backing store. Thus, the Hurd implements mapped devices, like file +systems, using the generic @dfn{translator} mechanism (@pxref{Translators,,, +hurd, The GNU Hurd Reference Manual}).}. A typical example is encryption +device mapping: all writes to the mapped device are encrypted, and all reads +are deciphered, transparently. Guix extends this notion by considering any +device or set of devices that are @dfn{transformed} in some way to create a +new device; for instance, RAID devices are obtained by @dfn{assembling} +several other devices, such as hard disks or partitions, into a new one that +behaves as one partition. Other examples, not yet implemented, are LVM +logical volumes. + +Mapped devices are declared using the @code{mapped-device} form, defined as +follows; for examples, see below. + +@deftp {Data Type} mapped-device +Objects of this type represent device mappings that will be made when the +system boots up. + +@table @code +@item source +This is either a string specifying the name of the block device to be +mapped, such as @code{"/dev/sda3"}, or a list of such strings when several +devices need to be assembled for creating a new one. + +@item target +This string specifies the name of the resulting mapped device. For kernel +mappers such as encrypted devices of type @code{luks-device-mapping}, +specifying @code{"my-partition"} leads to the creation of the +@code{"/dev/mapper/my-partition"} device. For RAID devices of type +@code{raid-device-mapping}, the full device name such as @code{"/dev/md0"} +needs to be given. + +@item type +This must be a @code{mapped-device-kind} object, which specifies how +@var{source} is mapped to @var{target}. +@end table +@end deftp + +@defvr {Scheme Variable} luks-device-mapping +This defines LUKS block device encryption using the @command{cryptsetup} +command from the package with the same name. It relies on the +@code{dm-crypt} Linux kernel module. +@end defvr + +@defvr {Scheme Variable} raid-device-mapping +This defines a RAID device, which is assembled using the @code{mdadm} +command from the package with the same name. It requires a Linux kernel +module for the appropriate RAID level to be loaded, such as @code{raid456} +for RAID-4, RAID-5 or RAID-6, or @code{raid10} for RAID-10. +@end defvr + +@cindex disk encryption +@cindex LUKS +The following example specifies a mapping from @file{/dev/sda3} to +@file{/dev/mapper/home} using LUKS---the +@url{https://gitlab.com/cryptsetup/cryptsetup,Linux Unified Key Setup}, a +standard mechanism for disk encryption. The @file{/dev/mapper/home} device +can then be used as the @code{device} of a @code{file-system} declaration +(@pxref{Systèmes de fichiers}). + +@example +(mapped-device + (source "/dev/sda3") + (target "home") + (type luks-device-mapping)) +@end example + +Alternatively, to become independent of device numbering, one may obtain the +LUKS UUID (@dfn{unique identifier}) of the source device by a command like: + +@example +cryptsetup luksUUID /dev/sda3 +@end example + +and use it as follows: + +@example +(mapped-device + (source (uuid "cb67fc72-0d54-4c88-9d4b-b225f30b0f44")) + (target "home") + (type luks-device-mapping)) +@end example + +@cindex swap encryption +It is also desirable to encrypt swap space, since swap space may contain +sensitive data. One way to accomplish that is to use a swap file in a file +system on a device mapped via LUKS encryption. In this way, the swap file +is encrypted because the entire device is encrypted. @xref{Préparer l'installation,,Disk Partitioning}, for an example. + +A RAID device formed of the partitions @file{/dev/sda1} and @file{/dev/sdb1} +may be declared as follows: + +@example +(mapped-device + (source (list "/dev/sda1" "/dev/sdb1")) + (target "/dev/md0") + (type raid-device-mapping)) +@end example + +The @file{/dev/md0} device can then be used as the @code{device} of a +@code{file-system} declaration (@pxref{Systèmes de fichiers}). Note that the RAID +level need not be given; it is chosen during the initial creation and +formatting of the RAID device and is determined automatically later. + + +@node Comptes utilisateurs +@subsection Comptes utilisateurs + +@cindex users +@cindex accounts +@cindex user accounts +User accounts and groups are entirely managed through the +@code{operating-system} declaration. They are specified with the +@code{user-account} and @code{user-group} forms: + +@example +(user-account + (name "alice") + (group "users") + (supplementary-groups '("wheel" ;allow use of sudo, etc. + "audio" ;sound card + "video" ;video devices such as webcams + "cdrom")) ;the good ol' CD-ROM + (comment "Bob's sister") + (home-directory "/home/alice")) +@end example + +When booting or upon completion of @command{guix system reconfigure}, the +system ensures that only the user accounts and groups specified in the +@code{operating-system} declaration exist, and with the specified +properties. Thus, account or group creations or modifications made by +directly invoking commands such as @command{useradd} are lost upon +reconfiguration or reboot. This ensures that the system remains exactly as +declared. + +@deftp {Data Type} user-account +Objects of this type represent user accounts. The following members may be +specified: + +@table @asis +@item @code{name} +The name of the user account. + +@item @code{group} +@cindex groups +This is the name (a string) or identifier (a number) of the user group this +account belongs to. + +@item @code{supplementary-groups} (default: @code{'()}) +Optionally, this can be defined as a list of group names that this account +belongs to. + +@item @code{uid} (default: @code{#f}) +This is the user ID for this account (a number), or @code{#f}. In the +latter case, a number is automatically chosen by the system when the account +is created. + +@item @code{comment} (default: @code{""}) +A comment about the account, such as the account owner's full name. + +@item @code{home-directory} +This is the name of the home directory for the account. + +@item @code{create-home-directory?} (default: @code{#t}) +Indicates whether the home directory of this account should be created if it +does not exist yet. + +@item @code{shell} (default: Bash) +This is a G-expression denoting the file name of a program to be used as the +shell (@pxref{G-Expressions}). + +@item @code{system?} (default: @code{#f}) +This Boolean value indicates whether the account is a ``system'' account. +System accounts are sometimes treated specially; for instance, graphical +login managers do not list them. + +@anchor{user-account-password} +@item @code{password} (default: @code{#f}) +You would normally leave this field to @code{#f}, initialize user passwords +as @code{root} with the @command{passwd} command, and then let users change +it with @command{passwd}. Passwords set with @command{passwd} are of course +preserved across reboot and reconfiguration. + +If you @emph{do} want to have a preset password for an account, then this +field must contain the encrypted password, as a string. @xref{crypt,,, +libc, The GNU C Library Reference Manual}, for more information on password +encryption, and @ref{Encryption,,, guile, GNU Guile Reference Manual}, for +information on Guile's @code{crypt} procedure. + +@end table +@end deftp + +@cindex groups +User group declarations are even simpler: + +@example +(user-group (name "students")) +@end example + +@deftp {Data Type} user-group +This type is for, well, user groups. There are just a few fields: + +@table @asis +@item @code{name} +The name of the group. + +@item @code{id} (default: @code{#f}) +The group identifier (a number). If @code{#f}, a new number is +automatically allocated when the group is created. + +@item @code{system?} (default: @code{#f}) +This Boolean value indicates whether the group is a ``system'' group. +System groups have low numerical IDs. + +@item @code{password} (default: @code{#f}) +What, user groups can have a password? Well, apparently yes. Unless +@code{#f}, this field specifies the password of the group. + +@end table +@end deftp + +For convenience, a variable lists all the basic user groups one may expect: + +@defvr {Scheme Variable} %base-groups +This is the list of basic user groups that users and/or packages expect to +be present on the system. This includes groups such as ``root'', ``wheel'', +and ``users'', as well as groups used to control access to specific devices +such as ``audio'', ``disk'', and ``cdrom''. +@end defvr + +@defvr {Scheme Variable} %base-user-accounts +This is the list of basic system accounts that programs may expect to find +on a GNU/Linux system, such as the ``nobody'' account. + +Note that the ``root'' account is not included here. It is a special-case +and is automatically added whether or not it is specified. +@end defvr + +@node Régionalisation +@subsection Régionalisation + +@cindex locale +A @dfn{locale} defines cultural conventions for a particular language and +region of the world (@pxref{Régionalisation,,, libc, The GNU C Library Reference +Manual}). Each locale has a name that typically has the form +@code{@var{language}_@var{territory}.@var{codeset}}---e.g., +@code{fr_LU.utf8} designates the locale for the French language, with +cultural conventions from Luxembourg, and using the UTF-8 encoding. + +@cindex locale definition +Usually, you will want to specify the default locale for the machine using +the @code{locale} field of the @code{operating-system} declaration +(@pxref{Référence de système d'exploitation, @code{locale}}). + +The selected locale is automatically added to the @dfn{locale definitions} +known to the system if needed, with its codeset inferred from its +name---e.g., @code{bo_CN.utf8} will be assumed to use the @code{UTF-8} +codeset. Additional locale definitions can be specified in the +@code{locale-definitions} slot of @code{operating-system}---this is useful, +for instance, if the codeset could not be inferred from the locale name. +The default set of locale definitions includes some widely used locales, but +not all the available locales, in order to save space. + +For instance, to add the North Frisian locale for Germany, the value of that +field may be: + +@example +(cons (locale-definition + (name "fy_DE.utf8") (source "fy_DE")) + %default-locale-definitions) +@end example + +Likewise, to save space, one might want @code{locale-definitions} to list +only the locales that are actually used, as in: + +@example +(list (locale-definition + (name "ja_JP.eucjp") (source "ja_JP") + (charset "EUC-JP"))) +@end example + +@vindex LOCPATH +The compiled locale definitions are available at +@file{/run/current-system/locale/X.Y}, where @code{X.Y} is the libc version, +which is the default location where the GNU@tie{}libc provided by Guix looks +for locale data. This can be overridden using the @code{LOCPATH} +environment variable (@pxref{locales-and-locpath, @code{LOCPATH} and locale +packages}). + +The @code{locale-definition} form is provided by the @code{(gnu system +locale)} module. Details are given below. + +@deftp {Data Type} locale-definition +This is the data type of a locale definition. + +@table @asis + +@item @code{name} +The name of the locale. @xref{Locale Names,,, libc, The GNU C Library +Reference Manual}, for more information on locale names. + +@item @code{source} +The name of the source for that locale. This is typically the +@code{@var{language}_@var{territory}} part of the locale name. + +@item @code{charset} (default: @code{"UTF-8"}) +The ``character set'' or ``code set'' for that locale, +@uref{http://www.iana.org/assignments/character-sets, as defined by IANA}. + +@end table +@end deftp + +@defvr {Scheme Variable} %default-locale-definitions +A list of commonly used UTF-8 locales, used as the default value of the +@code{locale-definitions} field of @code{operating-system} declarations. + +@cindex locale name +@cindex normalized codeset in locale names +These locale definitions use the @dfn{normalized codeset} for the part that +follows the dot in the name (@pxref{Using gettextized software, normalized +codeset,, libc, The GNU C Library Reference Manual}). So for instance it +has @code{uk_UA.utf8} but @emph{not}, say, @code{uk_UA.UTF-8}. +@end defvr + +@subsubsection Locale Data Compatibility Considerations + +@cindex incompatibility, of locale data +@code{operating-system} declarations provide a @code{locale-libcs} field to +specify the GNU@tie{}libc packages that are used to compile locale +declarations (@pxref{Référence de système d'exploitation}). ``Why would I care?'', +you may ask. Well, it turns out that the binary format of locale data is +occasionally incompatible from one libc version to another. + +@c See +@c and . +For instance, a program linked against libc version 2.21 is unable to read +locale data produced with libc 2.22; worse, that program @emph{aborts} +instead of simply ignoring the incompatible locale data@footnote{Versions +2.23 and later of GNU@tie{}libc will simply skip the incompatible locale +data, which is already an improvement.}. Similarly, a program linked +against libc 2.22 can read most, but not all, of the locale data from libc +2.21 (specifically, @code{LC_COLLATE} data is incompatible); thus calls to +@code{setlocale} may fail, but programs will not abort. + +The ``problem'' in GuixSD is that users have a lot of freedom: They can +choose whether and when to upgrade software in their profiles, and might be +using a libc version different from the one the system administrator used to +build the system-wide locale data. + +Fortunately, unprivileged users can also install their own locale data and +define @var{GUIX_LOCPATH} accordingly (@pxref{locales-and-locpath, +@code{GUIX_LOCPATH} and locale packages}). + +Still, it is best if the system-wide locale data at +@file{/run/current-system/locale} is built for all the libc versions +actually in use on the system, so that all the programs can access it---this +is especially crucial on a multi-user system. To do that, the administrator +can specify several libc packages in the @code{locale-libcs} field of +@code{operating-system}: + +@example +(use-package-modules base) + +(operating-system + ;; @dots{} + (locale-libcs (list glibc-2.21 (canonical-package glibc)))) +@end example + +This example would lead to a system containing locale definitions for both +libc 2.21 and the current version of libc in +@file{/run/current-system/locale}. + + +@node Services +@subsection Services + +@cindex system services +An important part of preparing an @code{operating-system} declaration is +listing @dfn{system services} and their configuration (@pxref{Utiliser le système de configuration}). System services are typically daemons launched when +the system boots, or other actions needed at that time---e.g., configuring +network access. + +GuixSD has a broad definition of ``service'' (@pxref{Composition de services}), +but many services are managed by the GNU@tie{}Shepherd (@pxref{Services Shepherd}). On a running system, the @command{herd} command allows you to +list the available services, show their status, start and stop them, or do +other specific operations (@pxref{Jump Start,,, shepherd, The GNU Shepherd +Manual}). For example: + +@example +# herd status +@end example + +The above command, run as @code{root}, lists the currently defined +services. The @command{herd doc} command shows a synopsis of the given +service: + +@example +# herd doc nscd +Run libc's name service cache daemon (nscd). +@end example + +The @command{start}, @command{stop}, and @command{restart} sub-commands have +the effect you would expect. For instance, the commands below stop the nscd +service and restart the Xorg display server: + +@example +# herd stop nscd +Service nscd has been stopped. +# herd restart xorg-server +Service xorg-server has been stopped. +Service xorg-server has been started. +@end example + +The following sections document the available services, starting with the +core services, that may be used in an @code{operating-system} declaration. + +@menu +* Services de base:: Services systèmes essentiels. +* Scheduled Job Execution:: The mcron service. +* Log Rotation:: The rottlog service. +* Networking Services:: Network setup, SSH daemon, etc. +* X Window:: Graphical display. +* Printing Services:: Local and remote printer support. +* Desktop Services:: D-Bus and desktop services. +* Database Services:: SQL databases, key-value stores, etc. +* Mail Services:: IMAP, POP3, SMTP, and all that. +* Messaging Services:: Messaging services. +* Telephony Services:: Telephony services. +* Monitoring Services:: Monitoring services. +* Kerberos Services:: Kerberos services. +* Web Services:: Web servers. +* Certificate Services:: TLS certificates via Let's Encrypt. +* DNS Services:: DNS daemons. +* VPN Services:: VPN daemons. +* Network File System:: NFS related services. +* Continuous Integration:: The Cuirass service. +* Power management Services:: The TLP tool. +* Audio Services:: The MPD. +* Virtualization Services:: Virtualization services. +* Version Control Services:: Providing remote access to Git repositories. +* Game Services:: Game servers. +* Miscellaneous Services:: Other services. +@end menu + +@node Services de base +@subsubsection Services de base + +The @code{(gnu services base)} module provides definitions for the basic +services that one expects from the system. The services exported by this +module are listed below. + +@defvr {Scheme Variable} %base-services +This variable contains a list of basic services (@pxref{Types service et services}, for more information on service objects) one would expect from +the system: a login service (mingetty) on each tty, syslogd, the libc name +service cache daemon (nscd), the udev device manager, and more. + +This is the default value of the @code{services} field of +@code{operating-system} declarations. Usually, when customizing a system, +you will want to append services to @var{%base-services}, like this: + +@example +(cons* (avahi-service) (lsh-service) %base-services) +@end example +@end defvr + +@defvr {Scheme Variable} special-files-service-type +This is the service that sets up ``special files'' such as @file{/bin/sh}; +an instance of it is part of @code{%base-services}. + +The value associated with @code{special-files-service-type} services must be +a list of tuples where the first element is the ``special file'' and the +second element is its target. By default it is: + +@cindex @file{/bin/sh} +@cindex @file{sh}, in @file{/bin} +@example +`(("/bin/sh" ,(file-append @var{bash} "/bin/sh"))) +@end example + +@cindex @file{/usr/bin/env} +@cindex @file{env}, in @file{/usr/bin} +If you want to add, say, @code{/usr/bin/env} to your system, you can change +it to: + +@example +`(("/bin/sh" ,(file-append @var{bash} "/bin/sh")) + ("/usr/bin/env" ,(file-append @var{coreutils} "/bin/env"))) +@end example + +Since this is part of @code{%base-services}, you can use +@code{modify-services} to customize the set of special files (@pxref{Référence de service, @code{modify-services}}). But the simple way to add a special +file is @i{via} the @code{extra-special-file} procedure (see below.) +@end defvr + +@deffn {Scheme Procedure} extra-special-file @var{file} @var{target} +Use @var{target} as the ``special file'' @var{file}. + +For example, adding the following lines to the @code{services} field of your +operating system declaration leads to a @file{/usr/bin/env} symlink: + +@example +(extra-special-file "/usr/bin/env" + (file-append coreutils "/bin/env")) +@end example +@end deffn + +@deffn {Scheme Procedure} host-name-service @var{name} +Return a service that sets the host name to @var{name}. +@end deffn + +@deffn {Scheme Procedure} login-service @var{config} +Return a service to run login according to @var{config}, a +@code{} object, which specifies the message of the day, +among other things. +@end deffn + +@deftp {Data Type} login-configuration +This is the data type representing the configuration of login. + +@table @asis + +@item @code{motd} +@cindex message of the day +A file-like object containing the ``message of the day''. + +@item @code{allow-empty-passwords?} (default: @code{#t}) +Allow empty passwords by default so that first-time users can log in when +the 'root' account has just been created. + +@end table +@end deftp + +@deffn {Scheme Procedure} mingetty-service @var{config} +Return a service to run mingetty according to @var{config}, a +@code{} object, which specifies the tty to run, +among other things. +@end deffn + +@deftp {Data Type} mingetty-configuration +This is the data type representing the configuration of Mingetty, which +provides the default implementation of virtual console log-in. + +@table @asis + +@item @code{tty} +The name of the console this Mingetty runs on---e.g., @code{"tty1"}. + +@item @code{auto-login} (default: @code{#f}) +When true, this field must be a string denoting the user name under which +the system automatically logs in. When it is @code{#f}, a user name and +password must be entered to log in. + +@item @code{login-program} (default: @code{#f}) +This must be either @code{#f}, in which case the default log-in program is +used (@command{login} from the Shadow tool suite), or a gexp denoting the +name of the log-in program. + +@item @code{login-pause?} (default: @code{#f}) +When set to @code{#t} in conjunction with @var{auto-login}, the user will +have to press a key before the log-in shell is launched. + +@item @code{mingetty} (default: @var{mingetty}) +The Mingetty package to use. + +@end table +@end deftp + +@deffn {Scheme Procedure} agetty-service @var{config} +Return a service to run agetty according to @var{config}, an +@code{} object, which specifies the tty to run, among +other things. +@end deffn + +@deftp {Data Type} agetty-configuration +This is the data type representing the configuration of agetty, which +implements virtual and serial console log-in. See the @code{agetty(8)} man +page for more information. + +@table @asis + +@item @code{tty} +The name of the console this agetty runs on, as a string---e.g., +@code{"ttyS0"}. This argument is optional, it will default to a reasonable +default serial port used by the kernel Linux. + +For this, if there is a value for an option @code{agetty.tty} in the kernel +command line, agetty will extract the device name of the serial port from it +and use that. + +If not and if there is a value for an option @code{console} with a tty in +the Linux command line, agetty will extract the device name of the serial +port from it and use that. + +In both cases, agetty will leave the other serial device settings (baud rate +etc.) alone---in the hope that Linux pinned them to the correct values. + +@item @code{baud-rate} (default: @code{#f}) +A string containing a comma-separated list of one or more baud rates, in +descending order. + +@item @code{term} (default: @code{#f}) +A string containing the value used for the @code{TERM} environment variable. + +@item @code{eight-bits?} (default: @code{#f}) +When @code{#t}, the tty is assumed to be 8-bit clean, and parity detection +is disabled. + +@item @code{auto-login} (default: @code{#f}) +When passed a login name, as a string, the specified user will be logged in +automatically without prompting for their login name or password. + +@item @code{no-reset?} (default: @code{#f}) +When @code{#t}, don't reset terminal cflags (control modes). + +@item @code{host} (default: @code{#f}) +This accepts a string containing the "login_host", which will be written +into the @file{/var/run/utmpx} file. + +@item @code{remote?} (default: @code{#f}) +When set to @code{#t} in conjunction with @var{host}, this will add an +@code{-r} fakehost option to the command line of the login program specified +in @var{login-program}. + +@item @code{flow-control?} (default: @code{#f}) +When set to @code{#t}, enable hardware (RTS/CTS) flow control. + +@item @code{no-issue?} (default: @code{#f}) +When set to @code{#t}, the contents of the @file{/etc/issue} file will not +be displayed before presenting the login prompt. + +@item @code{init-string} (default: @code{#f}) +This accepts a string that will be sent to the tty or modem before sending +anything else. It can be used to initialize a modem. + +@item @code{no-clear?} (default: @code{#f}) +When set to @code{#t}, agetty will not clear the screen before showing the +login prompt. + +@item @code{login-program} (default: (file-append shadow "/bin/login")) +This must be either a gexp denoting the name of a log-in program, or unset, +in which case the default value is the @command{login} from the Shadow tool +suite. + +@item @code{local-line} (default: @code{#f}) +Control the CLOCAL line flag. This accepts one of three symbols as +arguments, @code{'auto}, @code{'always}, or @code{'never}. If @code{#f}, the +default value chosen by agetty is @code{'auto}. + +@item @code{extract-baud?} (default: @code{#f}) +When set to @code{#t}, instruct agetty to try to extract the baud rate from +the status messages produced by certain types of modems. + +@item @code{skip-login?} (default: @code{#f}) +When set to @code{#t}, do not prompt the user for a login name. This can be +used with @var{login-program} field to use non-standard login systems. + +@item @code{no-newline?} (default: @code{#f}) +When set to @code{#t}, do not print a newline before printing the +@file{/etc/issue} file. + +@c Is this dangerous only when used with login-program, or always? +@item @code{login-options} (default: @code{#f}) +This option accepts a string containing options that are passed to the login +program. When used with the @var{login-program}, be aware that a malicious +user could try to enter a login name containing embedded options that could +be parsed by the login program. + +@item @code{login-pause} (default: @code{#f}) +When set to @code{#t}, wait for any key before showing the login prompt. +This can be used in conjunction with @var{auto-login} to save memory by +lazily spawning shells. + +@item @code{chroot} (default: @code{#f}) +Change root to the specified directory. This option accepts a directory +path as a string. + +@item @code{hangup?} (default: @code{#f}) +Use the Linux system call @code{vhangup} to do a virtual hangup of the +specified terminal. + +@item @code{keep-baud?} (default: @code{#f}) +When set to @code{#t}, try to keep the existing baud rate. The baud rates +from @var{baud-rate} are used when agetty receives a @key{BREAK} character. + +@item @code{timeout} (default: @code{#f}) +When set to an integer value, terminate if no user name could be read within +@var{timeout} seconds. + +@item @code{detect-case?} (default: @code{#f}) +When set to @code{#t}, turn on support for detecting an uppercase-only +terminal. This setting will detect a login name containing only uppercase +letters as indicating an uppercase-only terminal and turn on some +upper-to-lower case conversions. Note that this will not support Unicode +characters. + +@item @code{wait-cr?} (default: @code{#f}) +When set to @code{#t}, wait for the user or modem to send a carriage-return +or linefeed character before displaying @file{/etc/issue} or login prompt. +This is typically used with the @var{init-string} option. + +@item @code{no-hints?} (default: @code{#f}) +When set to @code{#t}, do not print hints about Num, Caps, and Scroll locks. + +@item @code{no-hostname?} (default: @code{#f}) +By default, the hostname is printed. When this option is set to @code{#t}, +no hostname will be shown at all. + +@item @code{long-hostname?} (default: @code{#f}) +By default, the hostname is only printed until the first dot. When this +option is set to @code{#t}, the fully qualified hostname by +@code{gethostname} or @code{getaddrinfo} is shown. + +@item @code{erase-characters} (default: @code{#f}) +This option accepts a string of additional characters that should be +interpreted as backspace when the user types their login name. + +@item @code{kill-characters} (default: @code{#f}) +This option accepts a string that should be interpreted to mean "ignore all +previous characters" (also called a "kill" character) when the types their +login name. + +@item @code{chdir} (default: @code{#f}) +This option accepts, as a string, a directory path that will be changed to +before login. + +@item @code{delay} (default: @code{#f}) +This options accepts, as an integer, the number of seconds to sleep before +opening the tty and displaying the login prompt. + +@item @code{nice} (default: @code{#f}) +This option accepts, as an integer, the nice value with which to run the +@command{login} program. + +@item @code{extra-options} (default: @code{'()}) +This option provides an "escape hatch" for the user to provide arbitrary +command-line arguments to @command{agetty} as a list of strings. + +@end table +@end deftp + +@deffn {Scheme Procedure} kmscon-service-type @var{config} +Return a service to run +@uref{https://www.freedesktop.org/wiki/Software/kmscon,kmscon} according to +@var{config}, a @code{} object, which specifies the +tty to run, among other things. +@end deffn + +@deftp {Data Type} kmscon-configuration +This is the data type representing the configuration of Kmscon, which +implements virtual console log-in. + +@table @asis + +@item @code{virtual-terminal} +The name of the console this Kmscon runs on---e.g., @code{"tty1"}. + +@item @code{login-program} (default: @code{#~(string-append #$shadow "/bin/login")}) +A gexp denoting the name of the log-in program. The default log-in program +is @command{login} from the Shadow tool suite. + +@item @code{login-arguments} (default: @code{'("-p")}) +A list of arguments to pass to @command{login}. + +@item @code{hardware-acceleration?} (default: #f) +Whether to use hardware acceleration. + +@item @code{kmscon} (default: @var{kmscon}) +The Kmscon package to use. + +@end table +@end deftp + +@cindex name service cache daemon +@cindex nscd +@deffn {Scheme Procedure} nscd-service [@var{config}] [#:glibc glibc] @ + [#:name-services '()] Return a service that runs the libc name service cache +daemon (nscd) with the given @var{config}---an @code{} +object. @xref{Name Service Switch}, for an example. +@end deffn + +@defvr {Scheme Variable} %nscd-default-configuration +This is the default @code{} value (see below) used by +@code{nscd-service}. It uses the caches defined by +@var{%nscd-default-caches}; see below. +@end defvr + +@deftp {Data Type} nscd-configuration +This is the data type representing the name service cache daemon (nscd) +configuration. + +@table @asis + +@item @code{name-services} (default: @code{'()}) +List of packages denoting @dfn{name services} that must be visible to the +nscd---e.g., @code{(list @var{nss-mdns})}. + +@item @code{glibc} (default: @var{glibc}) +Package object denoting the GNU C Library providing the @command{nscd} +command. + +@item @code{log-file} (default: @code{"/var/log/nscd.log"}) +Name of the nscd log file. This is where debugging output goes when +@code{debug-level} is strictly positive. + +@item @code{debug-level} (default: @code{0}) +Integer denoting the debugging levels. Higher numbers mean that more +debugging output is logged. + +@item @code{caches} (default: @var{%nscd-default-caches}) +List of @code{} objects denoting things to be cached; see below. + +@end table +@end deftp + +@deftp {Data Type} nscd-cache +Data type representing a cache database of nscd and its parameters. + +@table @asis + +@item @code{database} +This is a symbol representing the name of the database to be cached. Valid +values are @code{passwd}, @code{group}, @code{hosts}, and @code{services}, +which designate the corresponding NSS database (@pxref{NSS Basics,,, libc, +The GNU C Library Reference Manual}). + +@item @code{positive-time-to-live} +@itemx @code{negative-time-to-live} (default: @code{20}) +A number representing the number of seconds during which a positive or +negative lookup result remains in cache. + +@item @code{check-files?} (default: @code{#t}) +Whether to check for updates of the files corresponding to @var{database}. + +For instance, when @var{database} is @code{hosts}, setting this flag +instructs nscd to check for updates in @file{/etc/hosts} and to take them +into account. + +@item @code{persistent?} (default: @code{#t}) +Whether the cache should be stored persistently on disk. + +@item @code{shared?} (default: @code{#t}) +Whether the cache should be shared among users. + +@item @code{max-database-size} (default: 32@tie{}MiB) +Maximum size in bytes of the database cache. + +@c XXX: 'suggested-size' and 'auto-propagate?' seem to be expert +@c settings, so leave them out. + +@end table +@end deftp + +@defvr {Scheme Variable} %nscd-default-caches +List of @code{} objects used by default by +@code{nscd-configuration} (see above). + +It enables persistent and aggressive caching of service and host name +lookups. The latter provides better host name lookup performance, +resilience in the face of unreliable name servers, and also better +privacy---often the result of host name lookups is in local cache, so +external name servers do not even need to be queried. +@end defvr + +@anchor{syslog-configuration-type} +@cindex syslog +@cindex logging +@deftp {Data Type} syslog-configuration +This data type represents the configuration of the syslog daemon. + +@table @asis +@item @code{syslogd} (default: @code{#~(string-append #$inetutils "/libexec/syslogd")}) +The syslog daemon to use. + +@item @code{config-file} (default: @code{%default-syslog.conf}) +The syslog configuration file to use. + +@end table +@end deftp + +@anchor{syslog-service} +@cindex syslog +@deffn {Scheme Procedure} syslog-service @var{config} +Return a service that runs a syslog daemon according to @var{config}. + +@xref{syslogd invocation,,, inetutils, GNU Inetutils}, for more information +on the configuration file syntax. +@end deffn + +@anchor{guix-configuration-type} +@deftp {Data Type} guix-configuration +This data type represents the configuration of the Guix build daemon. +@xref{Invoquer guix-daemon}, for more information. + +@table @asis +@item @code{guix} (default: @var{guix}) +The Guix package to use. + +@item @code{build-group} (default: @code{"guixbuild"}) +Name of the group for build user accounts. + +@item @code{build-accounts} (default: @code{10}) +Number of build user accounts to create. + +@item @code{authorize-key?} (default: @code{#t}) +@cindex substitutes, authorization thereof +Autoriser ou non les clefs de substituts listées dans @code{authorize-keys} +— par défaut celle de @code{hydra.gny.org} (@pxref{Substituts}). + +@vindex %default-authorized-guix-keys +@item @code{authorized-keys} (default: @var{%default-authorized-guix-keys}) +La liste des fichiers de clefs autorisées pour les imports d'archives, en +tant que liste de gexps sous forme de chaînes (@pxref{Invoquer guix archive}). Par défaut, elle contient celle de @code{hydra.gnu.org} +(@pxref{Substituts}). + +@item @code{use-substitutes?} (default: @code{#t}) +Whether to use substitutes. + +@item @code{substitute-urls} (default: @var{%default-substitute-urls}) +The list of URLs where to look for substitutes by default. + +@item @code{max-silent-time} (default: @code{0}) +@itemx @code{timeout} (default: @code{0}) +The number of seconds of silence and the number of seconds of activity, +respectively, after which a build process times out. A value of zero +disables the timeout. + +@item @code{log-compression} (default: @code{'bzip2}) +The type of compression used for build logs---one of @code{gzip}, +@code{bzip2}, or @code{none}. + +@item @code{extra-options} (default: @code{'()}) +List of extra command-line options for @command{guix-daemon}. + +@item @code{log-file} (default: @code{"/var/log/guix-daemon.log"}) +File where @command{guix-daemon}'s standard output and standard error are +written. + +@item @code{http-proxy} (default: @code{#f}) +The HTTP proxy used for downloading fixed-output derivations and +substitutes. + +@item @code{tmpdir} (default: @code{#f}) +A directory path where the @command{guix-daemon} will perform builds. + +@end table +@end deftp + +@deffn {Scheme Procedure} guix-service @var{config} +Return a service that runs the Guix build daemon according to @var{config}. +@end deffn + +@deffn {Scheme Procedure} udev-service [#:udev @var{eudev} #:rules @code{'()}] +Run @var{udev}, which populates the @file{/dev} directory dynamically. udev +rules can be provided as a list of files through the @var{rules} variable. +The procedures @var{udev-rule} and @var{file->udev-rule} from @code{(gnu +services base)} simplify the creation of such rule files. + +@deffn {Scheme Procedure} udev-rule [@var{file-name} @var{contents}] +Return a udev-rule file named @var{file-name} containing the rules defined +by the @var{contents} literal. + +In the following example, a rule for a USB device is defined to be stored in +the file @file{90-usb-thing.rules}. The rule runs a script upon detecting a +USB device with a given product identifier. + +@example +(define %example-udev-rule + (udev-rule + "90-usb-thing.rules" + (string-append "ACTION==\"add\", SUBSYSTEM==\"usb\", " + "ATTR@{product@}==\"Example\", " + "RUN+=\"/path/to/script\""))) +@end example +@end deffn + +Here we show how the default @var{udev-service} can be extended with it. + +@example +(operating-system + ;; @dots{} + (services + (modify-services %desktop-services + (udev-service-type config => + (udev-configuration (inherit config) + (rules (append (udev-configuration-rules config) + (list %example-udev-rule)))))))) +@end example + +@deffn {Scheme Procedure} file->udev-rule [@var{file-name} @var{file}] +Return a udev file named @var{file-name} containing the rules defined within +@var{file}, a file-like object. + +The following example showcases how we can use an existing rule file. + +@example +(use-modules (guix download) ;for url-fetch + (guix packages) ;for origin + ;; @dots{}) + +(define %android-udev-rules + (file->udev-rule + "51-android-udev.rules" + (let ((version "20170910")) + (origin + (method url-fetch) + (uri (string-append "https://raw.githubusercontent.com/M0Rf30/" + "android-udev-rules/" version "/51-android.rules")) + (sha256 + (base32 "0lmmagpyb6xsq6zcr2w1cyx9qmjqmajkvrdbhjx32gqf1d9is003")))))) +@end example +@end deffn + +Additionally, Guix package definitions can be included in @var{rules} in +order to extend the udev rules with the definitions found under their +@file{lib/udev/rules.d} sub-directory. In lieu of the previous +@var{file->udev-rule} example, we could have used the +@var{android-udev-rules} package which exists in Guix in the @code{(gnu +packages android)} module. + +The following example shows how to use the @var{android-udev-rules} package +so that the Android tool @command{adb} can detect devices without root +privileges. It also details how to create the @code{adbusers} group, which +is required for the proper functioning of the rules defined within the +@var{android-udev-rules} package. To create such a group, we must define it +both as part of the @var{supplementary-groups} of our @var{user-account} +declaration, as well as in the @var{groups} field of the +@var{operating-system} record. + +@example +(use-modules (gnu packages android) ;for android-udev-rules + (gnu system shadow) ;for user-group + ;; @dots{}) + +(operating-system + ;; @dots{} + (users (cons (user-acount + ;; @dots{} + (supplementary-groups + '("adbusers" ;for adb + "wheel" "netdev" "audio" "video")) + ;; @dots{}))) + + (groups (cons (user-group (system? #t) (name "adbusers")) + %base-groups)) + + ;; @dots{} + + (services + (modify-services %desktop-services + (udev-service-type config => + (udev-configuration (inherit config) + (rules (cons* android-udev-rules + (udev-configuration-rules config)))))))) +@end example +@end deffn + +@defvr {Scheme Variable} urandom-seed-service-type +Save some entropy in @var{%random-seed-file} to seed @file{/dev/urandom} +when rebooting. It also tries to seed @file{/dev/urandom} from +@file{/dev/hwrng} while booting, if @file{/dev/hwrng} exists and is +readable. +@end defvr + +@defvr {Scheme Variable} %random-seed-file +This is the name of the file where some random bytes are saved by +@var{urandom-seed-service} to seed @file{/dev/urandom} when rebooting. It +defaults to @file{/var/lib/random-seed}. +@end defvr + +@cindex keymap +@cindex keyboard +@deffn {Scheme Procedure} console-keymap-service @var{files} ... +@cindex keyboard layout +Return a service to load console keymaps from @var{files} using +@command{loadkeys} command. Most likely, you want to load some default +keymap, which can be done like this: + +@example +(console-keymap-service "dvorak") +@end example + +Or, for example, for a Swedish keyboard, you may need to combine the +following keymaps: +@example +(console-keymap-service "se-lat6" "se-fi-lat6") +@end example + +Also you can specify a full file name (or file names) of your keymap(s). +See @code{man loadkeys} for details. + +@end deffn + +@cindex mouse +@cindex gpm +@deffn {Scheme Procedure} gpm-service [#:gpm @var{gpm}] @ + [#:options] Run @var{gpm}, the general-purpose mouse daemon, with the given +command-line @var{options}. GPM allows users to use the mouse in the +console, notably to select, copy, and paste text. The default value of +@var{options} uses the @code{ps2} protocol, which works for both USB and +PS/2 mice. + +This service is not part of @var{%base-services}. +@end deffn + +@anchor{guix-publish-service-type} +@deffn {Scheme Variable} guix-publish-service-type +This is the service type for @command{guix publish} (@pxref{Invoquer guix publish}). Its value must be a @code{guix-configuration} object, as +described below. + +This assumes that @file{/etc/guix} already contains a signing key pair as +created by @command{guix archive --generate-key} (@pxref{Invoquer guix archive}). If that is not the case, the service will fail to start. +@end deffn + +@deftp {Data Type} guix-publish-configuration +Data type representing the configuration of the @code{guix publish} service. + +@table @asis +@item @code{guix} (default: @code{guix}) +The Guix package to use. + +@item @code{port} (default: @code{80}) +The TCP port to listen for connections. + +@item @code{host} (default: @code{"localhost"}) +The host (and thus, network interface) to listen to. Use @code{"0.0.0.0"} +to listen on all the network interfaces. + +@item @code{compression-level} (default: @code{3}) +The gzip compression level at which substitutes are compressed. Use +@code{0} to disable compression altogether, and @code{9} to get the best +compression ratio at the expense of increased CPU usage. + +@item @code{nar-path} (default: @code{"nar"}) +The URL path at which ``nars'' can be fetched. @xref{Invoquer guix publish, +@code{--nar-path}}, for details. + +@item @code{cache} (default: @code{#f}) +When it is @code{#f}, disable caching and instead generate archives on +demand. Otherwise, this should be the name of a directory---e.g., +@code{"/var/cache/guix/publish"}---where @command{guix publish} caches +archives and meta-data ready to be sent. @xref{Invoquer guix publish, +@option{--cache}}, for more information on the tradeoffs involved. + +@item @code{workers} (default: @code{#f}) +When it is an integer, this is the number of worker threads used for +caching; when @code{#f}, the number of processors is used. @xref{Invoquer guix publish, @option{--workers}}, for more information. + +@item @code{ttl} (default: @code{#f}) +When it is an integer, this denotes the @dfn{time-to-live} in seconds of the +published archives. @xref{Invoquer guix publish, @option{--ttl}}, for more +information. +@end table +@end deftp + +@anchor{rngd-service} +@deffn {Scheme Procedure} rngd-service [#:rng-tools @var{rng-tools}] @ + [#:device "/dev/hwrng"] Return a service that runs the @command{rngd} +program from @var{rng-tools} to add @var{device} to the kernel's entropy +pool. The service will fail if @var{device} does not exist. +@end deffn + +@anchor{pam-limits-service} +@cindex session limits +@cindex ulimit +@cindex priority +@cindex realtime +@cindex jackd +@deffn {Scheme Procedure} pam-limits-service [#:limits @code{'()}] + +Return a service that installs a configuration file for the +@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html, +@code{pam_limits} module}. The procedure optionally takes a list of +@code{pam-limits-entry} values, which can be used to specify @code{ulimit} +limits and nice priority limits to user sessions. + +The following limits definition sets two hard and soft limits for all login +sessions of users in the @code{realtime} group: + +@example +(pam-limits-service + (list + (pam-limits-entry "@@realtime" 'both 'rtprio 99) + (pam-limits-entry "@@realtime" 'both 'memlock 'unlimited))) +@end example + +The first entry increases the maximum realtime priority for non-privileged +processes; the second entry lifts any restriction of the maximum address +space that can be locked in memory. These settings are commonly used for +real-time audio systems. +@end deffn + +@node Scheduled Job Execution +@subsubsection Scheduled Job Execution + +@cindex cron +@cindex mcron +@cindex scheduling jobs +The @code{(gnu services mcron)} module provides an interface to +GNU@tie{}mcron, a daemon to run jobs at scheduled times (@pxref{Top,,, +mcron, GNU@tie{}mcron}). GNU@tie{}mcron is similar to the traditional Unix +@command{cron} daemon; the main difference is that it is implemented in +Guile Scheme, which provides a lot of flexibility when specifying the +scheduling of jobs and their actions. + +The example below defines an operating system that runs the +@command{updatedb} (@pxref{Invoking updatedb,,, find, Finding Files}) and +the @command{guix gc} commands (@pxref{Invoquer guix gc}) daily, as well as +the @command{mkid} command on behalf of an unprivileged user (@pxref{mkid +invocation,,, idutils, ID Database Utilities}). It uses gexps to introduce +job definitions that are passed to mcron (@pxref{G-Expressions}). + +@lisp +(use-modules (guix) (gnu) (gnu services mcron)) +(use-package-modules base idutils) + +(define updatedb-job + ;; Run 'updatedb' at 3AM every day. Here we write the + ;; job's action as a Scheme procedure. + #~(job '(next-hour '(3)) + (lambda () + (execl (string-append #$findutils "/bin/updatedb") + "updatedb" + "--prunepaths=/tmp /var/tmp /gnu/store")))) + +(define garbage-collector-job + ;; Collect garbage 5 minutes after midnight every day. + ;; The job's action is a shell command. + #~(job "5 0 * * *" ;Vixie cron syntax + "guix gc -F 1G")) + +(define idutils-job + ;; Update the index database as user "charlie" at 12:15PM + ;; and 19:15PM. This runs from the user's home directory. + #~(job '(next-minute-from (next-hour '(12 19)) '(15)) + (string-append #$idutils "/bin/mkid src") + #:user "charlie")) + +(operating-system + ;; @dots{} + (services (cons (mcron-service (list garbage-collector-job + updatedb-job + idutils-job)) + %base-services))) +@end lisp + +@xref{Guile Syntax, mcron job specifications,, mcron, GNU@tie{}mcron}, for +more information on mcron job specifications. Below is the reference of the +mcron service. + +@deffn {Scheme Procedure} mcron-service @var{jobs} [#:mcron @var{mcron}] +Return an mcron service running @var{mcron} that schedules @var{jobs}, a +list of gexps denoting mcron job specifications. + +This is a shorthand for: +@example +(service mcron-service-type + (mcron-configuration (mcron mcron) (jobs jobs))) +@end example +@end deffn + +@defvr {Scheme Variable} mcron-service-type +This is the type of the @code{mcron} service, whose value is an +@code{mcron-configuration} object. + +This service type can be the target of a service extension that provides it +additional job specifications (@pxref{Composition de services}). In other +words, it is possible to define services that provide additional mcron jobs +to run. +@end defvr + +@deftp {Data Type} mcron-configuration +Data type representing the configuration of mcron. + +@table @asis +@item @code{mcron} (default: @var{mcron}) +The mcron package to use. + +@item @code{jobs} +This is a list of gexps (@pxref{G-Expressions}), where each gexp corresponds +to an mcron job specification (@pxref{Syntax, mcron job specifications,, +mcron, GNU@tie{}mcron}). +@end table +@end deftp + + +@node Log Rotation +@subsubsection Log Rotation + +@cindex rottlog +@cindex log rotation +@cindex logging +Log files such as those found in @file{/var/log} tend to grow endlessly, so +it's a good idea to @dfn{rotate} them once in a while---i.e., archive their +contents in separate files, possibly compressed. The @code{(gnu services +admin)} module provides an interface to GNU@tie{}Rot[t]log, a log rotation +tool (@pxref{Top,,, rottlog, GNU Rot[t]log Manual}). + +The example below defines an operating system that provides log rotation +with the default settings, for commonly encountered log files. + +@lisp +(use-modules (guix) (gnu)) +(use-service-modules admin mcron) +(use-package-modules base idutils) + +(operating-system + ;; @dots{} + (services (cons (service rottlog-service-type) + %base-services))) +@end lisp + +@defvr {Scheme Variable} rottlog-service-type +This is the type of the Rottlog service, whose value is a +@code{rottlog-configuration} object. + +Other services can extend this one with new @code{log-rotation} objects (see +below), thereby augmenting the set of files to be rotated. + +This service type can define mcron jobs (@pxref{Scheduled Job Execution}) to +run the rottlog service. +@end defvr + +@deftp {Data Type} rottlog-configuration +Data type representing the configuration of rottlog. + +@table @asis +@item @code{rottlog} (default: @code{rottlog}) +The Rottlog package to use. + +@item @code{rc-file} (default: @code{(file-append rottlog "/etc/rc")}) +The Rottlog configuration file to use (@pxref{Mandatory RC Variables,,, +rottlog, GNU Rot[t]log Manual}). + +@item @code{rotations} (default: @code{%default-rotations}) +A list of @code{log-rotation} objects as defined below. + +@item @code{jobs} +This is a list of gexps where each gexp corresponds to an mcron job +specification (@pxref{Scheduled Job Execution}). +@end table +@end deftp + +@deftp {Data Type} log-rotation +Data type representing the rotation of a group of log files. + +Taking an example from the Rottlog manual (@pxref{Period Related File +Examples,,, rottlog, GNU Rot[t]log Manual}), a log rotation might be defined +like this: + +@example +(log-rotation + (frequency 'daily) + (files '("/var/log/apache/*")) + (options '("storedir apache-archives" + "rotate 6" + "notifempty" + "nocompress"))) +@end example + +The list of fields is as follows: + +@table @asis +@item @code{frequency} (default: @code{'weekly}) +The log rotation frequency, a symbol. + +@item @code{files} +The list of files or file glob patterns to rotate. + +@item @code{options} (default: @code{'()}) +The list of rottlog options for this rotation (@pxref{Configuration +parameters,,, rottlog, GNU Rot[t]lg Manual}). + +@item @code{post-rotate} (default: @code{#f}) +Either @code{#f} or a gexp to execute once the rotation has completed. +@end table +@end deftp + +@defvr {Scheme Variable} %default-rotations +Specifies weekly rotation of @var{%rotated-files} and a couple of other +files. +@end defvr + +@defvr {Scheme Variable} %rotated-files +The list of syslog-controlled files to be rotated. By default it is: +@code{'("/var/log/messages" "/var/log/secure")}. +@end defvr + +@node Networking Services +@subsubsection Networking Services + +The @code{(gnu services networking)} module provides services to configure +the network interface. + +@cindex DHCP, networking service +@deffn {Scheme Procedure} dhcp-client-service [#:dhcp @var{isc-dhcp}] +Return a service that runs @var{dhcp}, a Dynamic Host Configuration Protocol +(DHCP) client, on all the non-loopback network interfaces. +@end deffn + +@defvr {Scheme Variable} static-networking-service-type +@c TODO Document data structures. +This is the type for statically-configured network interfaces. +@end defvr + +@deffn {Scheme Procedure} static-networking-service @var{interface} @var{ip} @ + [#:netmask #f] [#:gateway #f] [#:name-servers @code{'()}] [#:requirement +@code{'(udev)}] Return a service that starts @var{interface} with address +@var{ip}. If @var{netmask} is true, use it as the network mask. If +@var{gateway} is true, it must be a string specifying the default network +gateway. @var{requirement} can be used to declare a dependency on another +service before configuring the interface. + +This procedure can be called several times, one for each network interface +of interest. Behind the scenes what it does is extend +@code{static-networking-service-type} with additional network interfaces to +handle. +@end deffn + +@cindex wicd +@cindex wireless +@cindex WiFi +@cindex network management +@deffn {Scheme Procedure} wicd-service [#:wicd @var{wicd}] +Return a service that runs @url{https://launchpad.net/wicd,Wicd}, a network +management daemon that aims to simplify wired and wireless networking. + +This service adds the @var{wicd} package to the global profile, providing +several commands to interact with the daemon and configure networking: +@command{wicd-client}, a graphical user interface, and the +@command{wicd-cli} and @command{wicd-curses} user interfaces. +@end deffn + +@cindex NetworkManager + +@defvr {Scheme Variable} network-manager-service-type +This is the service type for the +@uref{https://wiki.gnome.org/Projects/NetworkManager, NetworkManager} +service. The value for this service type is a +@code{network-manager-configuration} record. + +This service is part of @code{%desktop-services} (@pxref{Desktop Services}). +@end defvr + +@deftp {Data Type} network-manager-configuration +Data type representing the configuration of NetworkManager. + +@table @asis +@item @code{network-manager} (default: @code{network-manager}) +The NetworkManager package to use. + +@item @code{dns} (default: @code{"default"}) +Processing mode for DNS, which affects how NetworkManager uses the +@code{resolv.conf} configuration file. + +@table @samp +@item default +NetworkManager will update @code{resolv.conf} to reflect the nameservers +provided by currently active connections. + +@item dnsmasq +NetworkManager will run @code{dnsmasq} as a local caching nameserver, using +a "split DNS" configuration if you are connected to a VPN, and then update +@code{resolv.conf} to point to the local nameserver. + +@item none +NetworkManager will not modify @code{resolv.conf}. +@end table + +@item @code{vpn-plugins} (default: @code{'()}) +This is the list of available plugins for virtual private networks (VPNs). +An example of this is the @code{network-manager-openvpn} package, which +allows NetworkManager to manage VPNs @i{via} OpenVPN. + +@end table +@end deftp + +@cindex Connman +@deffn {Scheme Variable} connman-service-type +This is the service type to run @url{https://01.org/connman,Connman}, a +network connection manager. + +Its value must be an @code{connman-configuration} record as in this example: + +@example +(service connman-service-type + (connman-configuration + (disable-vpn? #t))) +@end example + +See below for details about @code{connman-configuration}. +@end deffn + +@deftp {Data Type} connman-configuration +Data Type representing the configuration of connman. + +@table @asis +@item @code{connman} (default: @var{connman}) +The connman package to use. + +@item @code{disable-vpn?} (default: @code{#f}) +When true, enable connman's vpn plugin. +@end table +@end deftp + +@cindex WPA Supplicant +@defvr {Scheme Variable} wpa-supplicant-service-type +This is the service type to run @url{https://w1.fi/wpa_supplicant/,WPA +supplicant}, an authentication daemon required to authenticate against +encrypted WiFi or ethernet networks. It is configured to listen for +requests on D-Bus. + +The value of this service is the @code{wpa-supplicant} package to use. +Thus, it can be instantiated like this: + +@lisp +(use-modules (gnu services networking)) + +(service wpa-supplicant-service-type) +@end lisp +@end defvr + +@cindex NTP +@cindex real time clock +@deffn {Scheme Procedure} ntp-service [#:ntp @var{ntp}] @ + [#:servers @var{%ntp-servers}] @ [#:allow-large-adjustment? #f] Return a +service that runs the daemon from @var{ntp}, the @uref{http://www.ntp.org, +Network Time Protocol package}. The daemon will keep the system clock +synchronized with that of @var{servers}. @var{allow-large-adjustment?} +determines whether @command{ntpd} is allowed to make an initial adjustment +of more than 1,000 seconds. +@end deffn + +@defvr {Scheme Variable} %ntp-servers +List of host names used as the default NTP servers. +@end defvr + +@cindex OpenNTPD +@deffn {Scheme Procedure} openntpd-service-type +Run the @command{ntpd}, the Network Time Protocol (NTP) daemon, as +implemented by @uref{http://www.openntpd.org, OpenNTPD}. The daemon will +keep the system clock synchronized with that of the given servers. + +@example +(service + openntpd-service-type + (openntpd-configuration + (listen-on '("127.0.0.1" "::1")) + (sensor '("udcf0 correction 70000")) + (constraint-from '("www.gnu.org")) + (constraints-from '("https://www.google.com/")) + (allow-large-adjustment? #t))) + +@end example +@end deffn + +@deftp {Data Type} openntpd-configuration +@table @asis +@item @code{openntpd} (default: @code{(file-append openntpd "/sbin/ntpd")}) +The openntpd executable to use. +@item @code{listen-on} (default: @code{'("127.0.0.1" "::1")}) +A list of local IP addresses or hostnames the ntpd daemon should listen on. +@item @code{query-from} (default: @code{'()}) +A list of local IP address the ntpd daemon should use for outgoing queries. +@item @code{sensor} (default: @code{'()}) +Specify a list of timedelta sensor devices ntpd should use. @code{ntpd} +will listen to each sensor that acutally exists and ignore non-existant +ones. See @uref{https://man.openbsd.org/ntpd.conf, upstream documentation} +for more information. +@item @code{server} (default: @var{%ntp-servers}) +Specify a list of IP addresses or hostnames of NTP servers to synchronize +to. +@item @code{servers} (default: @code{'()}) +Specify a list of IP addresses or hostnames of NTP pools to synchronize to. +@item @code{constraint-from} (default: @code{'()}) +@code{ntpd} can be configured to query the ‘Date’ from trusted HTTPS servers +via TLS. This time information is not used for precision but acts as an +authenticated constraint, thereby reducing the impact of unauthenticated NTP +man-in-the-middle attacks. Specify a list of URLs, IP addresses or +hostnames of HTTPS servers to provide a constraint. +@item @code{constraints-from} (default: @code{'()}) +As with constraint from, specify a list of URLs, IP addresses or hostnames +of HTTPS servers to provide a constraint. Should the hostname resolve to +multiple IP addresses, @code{ntpd} will calculate a median constraint from +all of them. +@item @code{allow-large-adjustment?} (default: @code{#f}) +Determines if @code{ntpd} is allowed to make an initial adjustment of more +than 180 seconds. +@end table +@end deftp + +@cindex inetd +@deffn {Scheme variable} inetd-service-type +This service runs the @command{inetd} (@pxref{inetd invocation,,, inetutils, +GNU Inetutils}) daemon. @command{inetd} listens for connections on internet +sockets, and lazily starts the specified server program when a connection is +made on one of these sockets. + +The value of this service is an @code{inetd-configuration} object. The +following example configures the @command{inetd} daemon to provide the +built-in @command{echo} service, as well as an smtp service which forwards +smtp traffic over ssh to a server @code{smtp-server} behind a gateway +@code{hostname}: + +@example +(service + inetd-service-type + (inetd-configuration + (entries (list + (inetd-entry + (name "echo") + (socket-type 'stream) + (protocol "tcp") + (wait? #f) + (user "root")) + (inetd-entry + (node "127.0.0.1") + (name "smtp") + (socket-type 'stream) + (protocol "tcp") + (wait? #f) + (user "root") + (program (file-append openssh "/bin/ssh")) + (arguments + '("ssh" "-qT" "-i" "/path/to/ssh_key" + "-W" "smtp-server:25" "user@@hostname"))))) +@end example + +See below for more details about @code{inetd-configuration}. +@end deffn + +@deftp {Data Type} inetd-configuration +Data type representing the configuration of @command{inetd}. + +@table @asis +@item @code{program} (default: @code{(file-append inetutils "/libexec/inetd")}) +The @command{inetd} executable to use. + +@item @code{entries} (default: @code{'()}) +A list of @command{inetd} service entries. Each entry should be created by +the @code{inetd-entry} constructor. +@end table +@end deftp + +@deftp {Data Type} inetd-entry +Data type representing an entry in the @command{inetd} configuration. Each +entry corresponds to a socket where @command{inetd} will listen for +requests. + +@table @asis +@item @code{node} (default: @code{#f}) +Optional string, a comma-separated list of local addresses @command{inetd} +should use when listening for this service. @xref{Configuration file,,, +inetutils, GNU Inetutils} for a complete description of all options. +@item @code{name} +A string, the name must correspond to an entry in @code{/etc/services}. +@item @code{socket-type} +One of @code{'stream}, @code{'dgram}, @code{'raw}, @code{'rdm} or +@code{'seqpacket}. +@item @code{protocol} +A string, must correspond to an entry in @code{/etc/protocols}. +@item @code{wait?} (default: @code{#t}) +Whether @command{inetd} should wait for the server to exit before listening +to new service requests. +@item @code{user} +A string containing the user (and, optionally, group) name of the user as +whom the server should run. The group name can be specified in a suffix, +separated by a colon or period, i.e. @code{"user"}, @code{"user:group"} or +@code{"user.group"}. +@item @code{program} (default: @code{"internal"}) +The server program which will serve the requests, or @code{"internal"} if +@command{inetd} should use a built-in service. +@item @code{arguments} (default: @code{'()}) +A list strings or file-like objects, which are the server program's +arguments, starting with the zeroth argument, i.e. the name of the program +itself. For @command{inetd}'s internal services, this entry must be +@code{'()} or @code{'("internal")}. +@end table + +@xref{Configuration file,,, inetutils, GNU Inetutils} for a more detailed +discussion of each configuration field. +@end deftp + +@cindex Tor +@deffn {Scheme Procedure} tor-service [@var{config-file}] [#:tor @var{tor}] +Return a service to run the @uref{https://torproject.org, Tor} anonymous +networking daemon. + +The daemon runs as the @code{tor} unprivileged user. It is passed +@var{config-file}, a file-like object, with an additional @code{User tor} +line and lines for hidden services added via @code{tor-hidden-service}. Run +@command{man tor} for information about the configuration file. +@end deffn + +@cindex hidden service +@deffn {Scheme Procedure} tor-hidden-service @var{name} @var{mapping} +Define a new Tor @dfn{hidden service} called @var{name} and implementing +@var{mapping}. @var{mapping} is a list of port/host tuples, such as: + +@example + '((22 "127.0.0.1:22") + (80 "127.0.0.1:8080")) +@end example + +In this example, port 22 of the hidden service is mapped to local port 22, +and port 80 is mapped to local port 8080. + +This creates a @file{/var/lib/tor/hidden-services/@var{name}} directory, +where the @file{hostname} file contains the @code{.onion} host name for the +hidden service. + +See @uref{https://www.torproject.org/docs/tor-hidden-service.html.en, the +Tor project's documentation} for more information. +@end deffn + +The @code{(gnu services rsync)} module provides the following services: + +You might want an rsync daemon if you have files that you want available so +anyone (or just yourself) can download existing files or upload new files. + +@deffn {Scheme Variable} rsync-service-type +This is the type for the @uref{https://rsync.samba.org, rsync} rsync daemon, +@command{rsync-configuration} record as in this example: + +@example +(service rsync-service-type) +@end example + +See below for details about @code{rsync-configuration}. +@end deffn + +@deftp {Data Type} rsync-configuration +Data type representing the configuration for @code{rsync-service}. + +@table @asis +@item @code{package} (default: @var{rsync}) +@code{rsync} package to use. + +@item @code{port-number} (default: @code{873}) +TCP port on which @command{rsync} listens for incoming connections. If port +is less than @code{1024} @command{rsync} needs to be started as the +@code{root} user and group. + +@item @code{pid-file} (default: @code{"/var/run/rsyncd/rsyncd.pid"}) +Name of the file where @command{rsync} writes its PID. + +@item @code{lock-file} (default: @code{"/var/run/rsyncd/rsyncd.lock"}) +Name of the file where @command{rsync} writes its lock file. + +@item @code{log-file} (default: @code{"/var/log/rsyncd.log"}) +Name of the file where @command{rsync} writes its log file. + +@item @code{use-chroot?} (default: @var{#t}) +Whether to use chroot for @command{rsync} shared directory. + +@item @code{share-path} (default: @file{/srv/rsync}) +Location of the @command{rsync} shared directory. + +@item @code{share-comment} (default: @code{"Rsync share"}) +Comment of the @command{rsync} shared directory. + +@item @code{read-only?} (default: @var{#f}) +Read-write permissions to shared directory. + +@item @code{timeout} (default: @code{300}) +I/O timeout in seconds. + +@item @code{user} (default: @var{"root"}) +Owner of the @code{rsync} process. + +@item @code{group} (default: @var{"root"}) +Group of the @code{rsync} process. + +@item @code{uid} (default: @var{"rsyncd"}) +User name or user ID that file transfers to and from that module should take +place as when the daemon was run as @code{root}. + +@item @code{gid} (default: @var{"rsyncd"}) +Group name or group ID that will be used when accessing the module. + +@end table +@end deftp + +Furthermore, @code{(gnu services ssh)} provides the following services. +@cindex SSH +@cindex SSH server + +@deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @ + [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @ +[#:allow-empty-passwords? #f] [#:root-login? #f] @ [#:syslog-output? #t] +[#:x11-forwarding? #t] @ [#:tcp/ip-forwarding? #t] +[#:password-authentication? #t] @ [#:public-key-authentication? #t] +[#:initialize? #t] Run the @command{lshd} program from @var{lsh} to listen +on port @var{port-number}. @var{host-key} must designate a file containing +the host key, and readable only by root. + +When @var{daemonic?} is true, @command{lshd} will detach from the +controlling terminal and log its output to syslogd, unless one sets +@var{syslog-output?} to false. Obviously, it also makes lsh-service depend +on existence of syslogd service. When @var{pid-file?} is true, +@command{lshd} writes its PID to the file called @var{pid-file}. + +When @var{initialize?} is true, automatically create the seed and host key +upon service activation if they do not exist yet. This may take long and +require interaction. + +When @var{initialize?} is false, it is up to the user to initialize the +randomness generator (@pxref{lsh-make-seed,,, lsh, LSH Manual}), and to +create a key pair with the private key stored in file @var{host-key} +(@pxref{lshd basics,,, lsh, LSH Manual}). + +When @var{interfaces} is empty, lshd listens for connections on all the +network interfaces; otherwise, @var{interfaces} must be a list of host names +or addresses. + +@var{allow-empty-passwords?} specifies whether to accept log-ins with empty +passwords, and @var{root-login?} specifies whether to accept log-ins as +root. + +The other options should be self-descriptive. +@end deffn + +@cindex SSH +@cindex SSH server +@deffn {Scheme Variable} openssh-service-type +This is the type for the @uref{http://www.openssh.org, OpenSSH} secure shell +daemon, @command{sshd}. Its value must be an @code{openssh-configuration} +record as in this example: + +@example +(service openssh-service-type + (openssh-configuration + (x11-forwarding? #t) + (permit-root-login 'without-password) + (authorized-keys + `(("alice" ,(local-file "alice.pub")) + ("bob" ,(local-file "bob.pub")))))) +@end example + +See below for details about @code{openssh-configuration}. + +This service can be extended with extra authorized keys, as in this example: + +@example +(service-extension openssh-service-type + (const `(("charlie" + ,(local-file "charlie.pub"))))) +@end example +@end deffn + +@deftp {Data Type} openssh-configuration +This is the configuration record for OpenSSH's @command{sshd}. + +@table @asis +@item @code{pid-file} (default: @code{"/var/run/sshd.pid"}) +Name of the file where @command{sshd} writes its PID. + +@item @code{port-number} (default: @code{22}) +TCP port on which @command{sshd} listens for incoming connections. + +@item @code{permit-root-login} (default: @code{#f}) +This field determines whether and when to allow logins as root. If +@code{#f}, root logins are disallowed; if @code{#t}, they are allowed. If +it's the symbol @code{'without-password}, then root logins are permitted but +not with password-based authentication. + +@item @code{allow-empty-passwords?} (default: @code{#f}) +When true, users with empty passwords may log in. When false, they may not. + +@item @code{password-authentication?} (default: @code{#t}) +When true, users may log in with their password. When false, they have +other authentication methods. + +@item @code{public-key-authentication?} (default: @code{#t}) +When true, users may log in using public key authentication. When false, +users have to use other authentication method. + +Authorized public keys are stored in @file{~/.ssh/authorized_keys}. This is +used only by protocol version 2. + +@item @code{x11-forwarding?} (default: @code{#f}) +When true, forwarding of X11 graphical client connections is enabled---in +other words, @command{ssh} options @option{-X} and @option{-Y} will work. + +@item @code{challenge-response-authentication?} (default: @code{#f}) +Specifies whether challenge response authentication is allowed (e.g. via +PAM). + +@item @code{use-pam?} (default: @code{#t}) +Enables the Pluggable Authentication Module interface. If set to @code{#t}, +this will enable PAM authentication using +@code{challenge-response-authentication?} and +@code{password-authentication?}, in addition to PAM account and session +module processing for all authentication types. + +Because PAM challenge response authentication usually serves an equivalent +role to password authentication, you should disable either +@code{challenge-response-authentication?} or +@code{password-authentication?}. + +@item @code{print-last-log?} (default: @code{#t}) +Specifies whether @command{sshd} should print the date and time of the last +user login when a user logs in interactively. + +@item @code{subsystems} (default: @code{'(("sftp" "internal-sftp"))}) +Configures external subsystems (e.g. file transfer daemon). + +This is a list of two-element lists, each of which containing the subsystem +name and a command (with optional arguments) to execute upon subsystem +request. + +The command @command{internal-sftp} implements an in-process SFTP server. +Alternately, one can specify the @command{sftp-server} command: +@example +(service openssh-service-type + (openssh-configuration + (subsystems + `(("sftp" ,(file-append openssh "/libexec/sftp-server")))))) +@end example + +@item @code{accepted-environment} (default: @code{'()}) +List of strings describing which environment variables may be exported. + +Each string gets on its own line. See the @code{AcceptEnv} option in +@code{man sshd_config}. + +This example allows ssh-clients to export the @code{COLORTERM} variable. It +is set by terminal emulators, which support colors. You can use it in your +shell's ressource file to enable colors for the prompt and commands if this +variable is set. + +@example +(service openssh-service-type + (openssh-configuration + (accepted-environment '("COLORTERM")))) +@end example + +@item @code{authorized-keys} (default: @code{'()}) +@cindex authorized keys, SSH +@cindex SSH authorized keys +This is the list of authorized keys. Each element of the list is a user +name followed by one or more file-like objects that represent SSH public +keys. For example: + +@example +(openssh-configuration + (authorized-keys + `(("rekado" ,(local-file "rekado.pub")) + ("chris" ,(local-file "chris.pub")) + ("root" ,(local-file "rekado.pub") ,(local-file "chris.pub"))))) +@end example + +@noindent +registers the specified public keys for user accounts @code{rekado}, +@code{chris}, and @code{root}. + +Additional authorized keys can be specified @i{via} +@code{service-extension}. + +Note that this does @emph{not} interfere with the use of +@file{~/.ssh/authorized_keys}. +@end table +@end deftp + +@deffn {Scheme Procedure} dropbear-service [@var{config}] +Run the @uref{https://matt.ucc.asn.au/dropbear/dropbear.html,Dropbear SSH +daemon} with the given @var{config}, a @code{} +object. + +For example, to specify a Dropbear service listening on port 1234, add this +call to the operating system's @code{services} field: + +@example +(dropbear-service (dropbear-configuration + (port-number 1234))) +@end example +@end deffn + +@deftp {Data Type} dropbear-configuration +This data type represents the configuration of a Dropbear SSH daemon. + +@table @asis +@item @code{dropbear} (default: @var{dropbear}) +The Dropbear package to use. + +@item @code{port-number} (default: 22) +The TCP port where the daemon waits for incoming connections. + +@item @code{syslog-output?} (default: @code{#t}) +Whether to enable syslog output. + +@item @code{pid-file} (default: @code{"/var/run/dropbear.pid"}) +File name of the daemon's PID file. + +@item @code{root-login?} (default: @code{#f}) +Whether to allow @code{root} logins. + +@item @code{allow-empty-passwords?} (default: @code{#f}) +Whether to allow empty passwords. + +@item @code{password-authentication?} (default: @code{#t}) +Whether to enable password-based authentication. +@end table +@end deftp + +@defvr {Scheme Variable} %facebook-host-aliases +This variable contains a string for use in @file{/etc/hosts} (@pxref{Host +Names,,, libc, The GNU C Library Reference Manual}). Each line contains a +entry that maps a known server name of the Facebook on-line service---e.g., +@code{www.facebook.com}---to the local host---@code{127.0.0.1} or its IPv6 +equivalent, @code{::1}. + +This variable is typically used in the @code{hosts-file} field of an +@code{operating-system} declaration (@pxref{Référence de système d'exploitation, +@file{/etc/hosts}}): + +@example +(use-modules (gnu) (guix)) + +(operating-system + (host-name "mymachine") + ;; ... + (hosts-file + ;; Create a /etc/hosts file with aliases for "localhost" + ;; and "mymachine", as well as for Facebook servers. + (plain-file "hosts" + (string-append (local-host-aliases host-name) + %facebook-host-aliases)))) +@end example + +This mechanism can prevent programs running locally, such as Web browsers, +from accessing Facebook. +@end defvr + +The @code{(gnu services avahi)} provides the following definition. + +@deffn {Scheme Procedure} avahi-service [#:avahi @var{avahi}] @ + [#:host-name #f] [#:publish? #t] [#:ipv4? #t] @ [#:ipv6? #t] [#:wide-area? +#f] @ [#:domains-to-browse '()] [#:debug? #f] Return a service that runs +@command{avahi-daemon}, a system-wide mDNS/DNS-SD responder that allows for +service discovery and "zero-configuration" host name lookups (see +@uref{http://avahi.org/}), and extends the name service cache daemon (nscd) +so that it can resolve @code{.local} host names using +@uref{http://0pointer.de/lennart/projects/nss-mdns/, nss-mdns}. +Additionally, add the @var{avahi} package to the system profile so that +commands such as @command{avahi-browse} are directly usable. + +If @var{host-name} is different from @code{#f}, use that as the host name to +publish for this machine; otherwise, use the machine's actual host name. + +When @var{publish?} is true, publishing of host names and services is +allowed; in particular, avahi-daemon will publish the machine's host name +and IP address via mDNS on the local network. + +When @var{wide-area?} is true, DNS-SD over unicast DNS is enabled. + +Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use +IPv4/IPv6 sockets. +@end deffn + +@deffn {Scheme Variable} openvswitch-service-type +This is the type of the @uref{http://www.openvswitch.org, Open vSwitch} +service, whose value should be an @code{openvswitch-configuration} object. +@end deffn + +@deftp {Data Type} openvswitch-configuration +Data type representing the configuration of Open vSwitch, a multilayer +virtual switch which is designed to enable massive network automation +through programmatic extension. + +@table @asis +@item @code{package} (default: @var{openvswitch}) +Package object of the Open vSwitch. + +@end table +@end deftp + +@node X Window +@subsubsection X Window + +@cindex X11 +@cindex X Window System +@cindex login manager +Support for the X Window graphical display system---specifically Xorg---is +provided by the @code{(gnu services xorg)} module. Note that there is no +@code{xorg-service} procedure. Instead, the X server is started by the +@dfn{login manager}, by default SLiM. + +@cindex window manager +To use X11, you must install at least one @dfn{window manager}---for example +the @code{windowmaker} or @code{openbox} packages---preferably by adding it +to the @code{packages} field of your operating system definition +(@pxref{Référence de système d'exploitation, system-wide packages}). + +@defvr {Scheme Variable} slim-service-type +This is the type for the SLiM graphical login manager for X11. + +@cindex session types (X11) +@cindex X11 session types +SLiM looks for @dfn{session types} described by the @file{.desktop} files in +@file{/run/current-system/profile/share/xsessions} and allows users to +choose a session from the log-in screen using @kbd{F1}. Packages such as +@code{xfce}, @code{sawfish}, and @code{ratpoison} provide @file{.desktop} +files; adding them to the system-wide set of packages automatically makes +them available at the log-in screen. + +In addition, @file{~/.xsession} files are honored. When available, +@file{~/.xsession} must be an executable that starts a window manager and/or +other X clients. +@end defvr + +@deftp {Data Type} slim-configuration +Data type representing the configuration of @code{slim-service-type}. + +@table @asis +@item @code{allow-empty-passwords?} (default: @code{#t}) +Whether to allow logins with empty passwords. + +@item @code{auto-login?} (default: @code{#f}) +@itemx @code{default-user} (default: @code{""}) +When @code{auto-login?} is false, SLiM presents a log-in screen. + +When @code{auto-login?} is true, SLiM logs in directly as +@code{default-user}. + +@item @code{theme} (default: @code{%default-slim-theme}) +@itemx @code{theme-name} (default: @code{%default-slim-theme-name}) +The graphical theme to use and its name. + +@item @code{auto-login-session} (default: @code{#f}) +If true, this must be the name of the executable to start as the default +session---e.g., @code{(file-append windowmaker "/bin/windowmaker")}. + +If false, a session described by one of the available @file{.desktop} files +in @code{/run/current-system/profile} and @code{~/.guix-profile} will be +used. + +@quotation Note +You must install at least one window manager in the system profile or in +your user profile. Failing to do that, if @code{auto-login-session} is +false, you will be unable to log in. +@end quotation + +@item @code{startx} (default: @code{(xorg-start-command)}) +The command used to start the X11 graphical server. + +@item @code{xauth} (default: @code{xauth}) +The XAuth package to use. + +@item @code{shepherd} (default: @code{shepherd}) +The Shepherd package used when invoking @command{halt} and @command{reboot}. + +@item @code{sessreg} (default: @code{sessreg}) +The sessreg package used in order to register the session. + +@item @code{slim} (default: @code{slim}) +The SLiM package to use. +@end table +@end deftp + +@defvr {Scheme Variable} %default-theme +@defvrx {Scheme Variable} %default-theme-name +The default SLiM theme and its name. +@end defvr + + +@deftp {Data Type} sddm-configuration +This is the data type representing the sddm service configuration. + +@table @asis +@item @code{display-server} (default: "x11") +Select display server to use for the greeter. Valid values are "x11" or +"wayland". + +@item @code{numlock} (default: "on") +Valid values are "on", "off" or "none". + +@item @code{halt-command} (default @code{#~(string-apppend #$shepherd "/sbin/halt")}) +Command to run when halting. + +@item @code{reboot-command} (default @code{#~(string-append #$shepherd "/sbin/reboot")}) +Command to run when rebooting. + +@item @code{theme} (default "maldives") +Theme to use. Default themes provided by SDDM are "elarun" or "maldives". + +@item @code{themes-directory} (default "/run/current-system/profile/share/sddm/themes") +Directory to look for themes. + +@item @code{faces-directory} (default "/run/current-system/profile/share/sddm/faces") +Directory to look for faces. + +@item @code{default-path} (default "/run/current-system/profile/bin") +Default PATH to use. + +@item @code{minimum-uid} (default 1000) +Minimum UID to display in SDDM. + +@item @code{maximum-uid} (default 2000) +Maximum UID to display in SDDM + +@item @code{remember-last-user?} (default #t) +Remember last user. + +@item @code{remember-last-session?} (default #t) +Remember last session. + +@item @code{hide-users} (default "") +Usernames to hide from SDDM greeter. + +@item @code{hide-shells} (default @code{#~(string-append #$shadow "/sbin/nologin")}) +Users with shells listed will be hidden from the SDDM greeter. + +@item @code{session-command} (default @code{#~(string-append #$sddm "/share/sddm/scripts/wayland-session")}) +Script to run before starting a wayland session. + +@item @code{sessions-directory} (default "/run/current-system/profile/share/wayland-sessions") +Directory to look for desktop files starting wayland sessions. + +@item @code{xorg-server-path} (default @code{xorg-start-command}) +Path to xorg-server. + +@item @code{xauth-path} (default @code{#~(string-append #$xauth "/bin/xauth")}) +Path to xauth. + +@item @code{xephyr-path} (default @code{#~(string-append #$xorg-server "/bin/Xephyr")}) +Path to Xephyr. + +@item @code{xdisplay-start} (default @code{#~(string-append #$sddm "/share/sddm/scripts/Xsetup")}) +Script to run after starting xorg-server. + +@item @code{xdisplay-stop} (default @code{#~(string-append #$sddm "/share/sddm/scripts/Xstop")}) +Script to run before stopping xorg-server. + +@item @code{xsession-command} (default: @code{xinitr }) +Script to run before starting a X session. + +@item @code{xsessions-directory} (default: "/run/current-system/profile/share/xsessions") +Directory to look for desktop files starting X sessions. + +@item @code{minimum-vt} (default: 7) +Minimum VT to use. + +@item @code{xserver-arguments} (default "-nolisten tcp") +Arguments to pass to xorg-server. + +@item @code{auto-login-user} (default "") +User to use for auto-login. + +@item @code{auto-login-session} (default "") +Desktop file to use for auto-login. + +@item @code{relogin?} (default #f) +Relogin after logout. + +@end table +@end deftp + +@cindex login manager +@cindex X11 login +@deffn {Scheme Procedure} sddm-service config +Return a service that spawns the SDDM graphical login manager for config of +type @code{}. + +@example + (sddm-service (sddm-configuration + (auto-login-user "Alice") + (auto-login-session "xfce.desktop"))) +@end example +@end deffn + +@deffn {Scheme Procedure} xorg-start-command [#:guile] @ + [#:modules %default-xorg-modules] @ [#:fonts %default-xorg-fonts] @ +[#:configuration-file (xorg-configuration-file @dots{})] @ [#:xorg-server +@var{xorg-server}] Return a @code{startx} script in which @var{modules}, a +list of X module packages, and @var{fonts}, a list of X font directories, +are available. See @code{xorg-wrapper} for more details on the arguments. +The result should be used in place of @code{startx}. + +Usually the X server is started by a login manager. +@end deffn + +@deffn {Scheme Procedure} xorg-configuration-file @ + [#:modules %default-xorg-modules] @ [#:fonts %default-xorg-fonts] @ +[#:drivers '()] [#:resolutions '()] [#:extra-config '()] Return a +configuration file for the Xorg server containing search paths for all the +common drivers. + +@var{modules} must be a list of @dfn{module packages} loaded by the Xorg +server---e.g., @code{xf86-video-vesa}, @code{xf86-input-keyboard}, and so +on. @var{fonts} must be a list of font directories to add to the server's +@dfn{font path}. + +@var{drivers} must be either the empty list, in which case Xorg chooses a +graphics driver automatically, or a list of driver names that will be tried +in this order---e.g., @code{("modesetting" "vesa")}. + +Likewise, when @var{resolutions} is the empty list, Xorg chooses an +appropriate screen resolution; otherwise, it must be a list of +resolutions---e.g., @code{((1024 768) (640 480))}. + +Last, @var{extra-config} is a list of strings or objects appended to the +configuration file. It is used to pass extra text to be added verbatim to +the configuration file. +@end deffn + +@deffn {Scheme Procedure} screen-locker-service @var{package} [@var{program}] +Add @var{package}, a package for a screen locker or screen saver whose +command is @var{program}, to the set of setuid programs and add a PAM entry +for it. For example: + +@lisp +(screen-locker-service xlockmore "xlock") +@end lisp + +makes the good ol' XlockMore usable. +@end deffn + + +@node Printing Services +@subsubsection Printing Services + +@cindex printer support with CUPS +The @code{(gnu services cups)} module provides a Guix service definition for +the CUPS printing service. To add printer support to a GuixSD system, add a +@code{cups-service} to the operating system definition: + +@deffn {Scheme Variable} cups-service-type +The service type for the CUPS print server. Its value should be a valid +CUPS configuration (see below). To use the default settings, simply write: +@example +(service cups-service-type) +@end example +@end deffn + +The CUPS configuration controls the basic things about your CUPS +installation: what interfaces it listens on, what to do if a print job +fails, how much logging to do, and so on. To actually add a printer, you +have to visit the @url{http://localhost:631} URL, or use a tool such as +GNOME's printer configuration services. By default, configuring a CUPS +service will generate a self-signed certificate if needed, for secure +connections to the print server. + +Suppose you want to enable the Web interface of CUPS and also add support +for Epson printers @i{via} the @code{escpr} package and for HP printers +@i{via} the @code{hplip} package. You can do that directly, like this (you +need to use the @code{(gnu packages cups)} module): + +@example +(service cups-service-type + (cups-configuration + (web-interface? #t) + (extensions + (list cups-filters escpr hplip)))) +@end example + +The available configuration parameters follow. Each parameter definition is +preceded by its type; for example, @samp{string-list foo} indicates that the +@code{foo} parameter should be specified as a list of strings. There is +also a way to specify the configuration as a string, if you have an old +@code{cupsd.conf} file that you want to port over from some other system; +see the end for more details. + +@c The following documentation was initially generated by +@c (generate-documentation) in (gnu services cups). Manually maintained +@c documentation is better, so we shouldn't hesitate to edit below as +@c needed. However if the change you want to make to this documentation +@c can be done in an automated way, it's probably easier to change +@c (generate-documentation) than to make it below and have to deal with +@c the churn as CUPS updates. + + +Available @code{cups-configuration} fields are: + +@deftypevr {@code{cups-configuration} parameter} package cups +The CUPS package. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} package-list extensions +Drivers and other extensions to the CUPS package. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} files-configuration files-configuration +Configuration of where to write logs, what directories to use for print +spools, and related privileged configuration parameters. + +Available @code{files-configuration} fields are: + +@deftypevr {@code{files-configuration} parameter} log-location access-log +Defines the access log filename. Specifying a blank filename disables +access log generation. The value @code{stderr} causes log entries to be +sent to the standard error file when the scheduler is running in the +foreground, or to the system log daemon when run in the background. The +value @code{syslog} causes log entries to be sent to the system log daemon. +The server name may be included in filenames using the string @code{%s}, as +in @code{/var/log/cups/%s-access_log}. + +Defaults to @samp{"/var/log/cups/access_log"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} file-name cache-dir +Where CUPS should cache data. + +Defaults to @samp{"/var/cache/cups"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string config-file-perm +Specifies the permissions for all configuration files that the scheduler +writes. + +Note that the permissions for the printers.conf file are currently masked to +only allow access from the scheduler user (typically root). This is done +because printer device URIs sometimes contain sensitive authentication +information that should not be generally known on the system. There is no +way to disable this security feature. + +Defaults to @samp{"0640"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} log-location error-log +Defines the error log filename. Specifying a blank filename disables access +log generation. The value @code{stderr} causes log entries to be sent to +the standard error file when the scheduler is running in the foreground, or +to the system log daemon when run in the background. The value +@code{syslog} causes log entries to be sent to the system log daemon. The +server name may be included in filenames using the string @code{%s}, as in +@code{/var/log/cups/%s-error_log}. + +Defaults to @samp{"/var/log/cups/error_log"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string fatal-errors +Specifies which errors are fatal, causing the scheduler to exit. The kind +strings are: + +@table @code +@item none +No errors are fatal. + +@item all +All of the errors below are fatal. + +@item browse +Browsing initialization errors are fatal, for example failed connections to +the DNS-SD daemon. + +@item config +Configuration file syntax errors are fatal. + +@item listen +Listen or Port errors are fatal, except for IPv6 failures on the loopback or +@code{any} addresses. + +@item log +Log file creation or write errors are fatal. + +@item permissions +Bad startup file permissions are fatal, for example shared TLS certificate +and key files with world-read permissions. +@end table + +Defaults to @samp{"all -browse"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} boolean file-device? +Specifies whether the file pseudo-device can be used for new printer +queues. The URI @uref{file:///dev/null} is always allowed. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string group +Specifies the group name or ID that will be used when executing external +programs. + +Defaults to @samp{"lp"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string log-file-perm +Specifies the permissions for all log files that the scheduler writes. + +Defaults to @samp{"0644"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} log-location page-log +Defines the page log filename. Specifying a blank filename disables access +log generation. The value @code{stderr} causes log entries to be sent to +the standard error file when the scheduler is running in the foreground, or +to the system log daemon when run in the background. The value +@code{syslog} causes log entries to be sent to the system log daemon. The +server name may be included in filenames using the string @code{%s}, as in +@code{/var/log/cups/%s-page_log}. + +Defaults to @samp{"/var/log/cups/page_log"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string remote-root +Specifies the username that is associated with unauthenticated accesses by +clients claiming to be the root user. The default is @code{remroot}. + +Defaults to @samp{"remroot"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} file-name request-root +Specifies the directory that contains print jobs and other HTTP request +data. + +Defaults to @samp{"/var/spool/cups"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} sandboxing sandboxing +Specifies the level of security sandboxing that is applied to print filters, +backends, and other child processes of the scheduler; either @code{relaxed} +or @code{strict}. This directive is currently only used/supported on macOS. + +Defaults to @samp{strict}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} file-name server-keychain +Specifies the location of TLS certificates and private keys. CUPS will look +for public and private keys in this directory: a @code{.crt} files for +PEM-encoded certificates and corresponding @code{.key} files for PEM-encoded +private keys. + +Defaults to @samp{"/etc/cups/ssl"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} file-name server-root +Specifies the directory containing the server configuration files. + +Defaults to @samp{"/etc/cups"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} boolean sync-on-close? +Specifies whether the scheduler calls fsync(2) after writing configuration +or state files. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} space-separated-string-list system-group +Specifies the group(s) to use for @code{@@SYSTEM} group authentication. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} file-name temp-dir +Specifies the directory where temporary files are stored. + +Defaults to @samp{"/var/spool/cups/tmp"}. +@end deftypevr + +@deftypevr {@code{files-configuration} parameter} string user +Specifies the user name or ID that is used when running external programs. + +Defaults to @samp{"lp"}. +@end deftypevr +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} access-log-level access-log-level +Specifies the logging level for the AccessLog file. The @code{config} level +logs when printers and classes are added, deleted, or modified and when +configuration files are accessed or updated. The @code{actions} level logs +when print jobs are submitted, held, released, modified, or canceled, and +any of the conditions for @code{config}. The @code{all} level logs all +requests. + +Defaults to @samp{actions}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean auto-purge-jobs? +Specifies whether to purge job history data automatically when it is no +longer required for quotas. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} browse-local-protocols browse-local-protocols +Specifies which protocols to use for local printer sharing. + +Defaults to @samp{dnssd}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean browse-web-if? +Specifies whether the CUPS web interface is advertised. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean browsing? +Specifies whether shared printers are advertised. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string classification +Specifies the security classification of the server. Any valid banner name +can be used, including "classified", "confidential", "secret", "topsecret", +and "unclassified", or the banner can be omitted to disable secure printing +functions. + +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean classify-override? +Specifies whether users may override the classification (cover page) of +individual print jobs using the @code{job-sheets} option. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} default-auth-type default-auth-type +Specifies the default type of authentication to use. + +Defaults to @samp{Basic}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} default-encryption default-encryption +Specifies whether encryption will be used for authenticated requests. + +Defaults to @samp{Required}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string default-language +Specifies the default language to use for text and web content. + +Defaults to @samp{"en"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string default-paper-size +Specifies the default paper size for new print queues. @samp{"Auto"} uses a +locale-specific default, while @samp{"None"} specifies there is no default +paper size. Specific size names are typically @samp{"Letter"} or +@samp{"A4"}. + +Defaults to @samp{"Auto"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string default-policy +Specifies the default access policy to use. + +Defaults to @samp{"default"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean default-shared? +Specifies whether local printers are shared by default. + +Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer dirty-clean-interval +Specifies the delay for updating of configuration and state files, in +seconds. A value of 0 causes the update to happen as soon as possible, +typically within a few milliseconds. + +Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} error-policy error-policy +Specifies what to do when an error occurs. Possible values are +@code{abort-job}, which will discard the failed print job; @code{retry-job}, +which will retry the job at a later time; @code{retry-this-job}, which +retries the failed job immediately; and @code{stop-printer}, which stops the +printer. + +Defaults to @samp{stop-printer}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer filter-limit +Specifies the maximum cost of filters that are run concurrently, which can +be used to minimize disk, memory, and CPU resource problems. A limit of 0 +disables filter limiting. An average print to a non-PostScript printer +needs a filter limit of about 200. A PostScript printer needs about half +that (100). Setting the limit below these thresholds will effectively limit +the scheduler to printing a single job at any time. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer filter-nice +Specifies the scheduling priority of filters that are run to print a job. +The nice value ranges from 0, the highest priority, to 19, the lowest +priority. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} host-name-lookups host-name-lookups +Specifies whether to do reverse lookups on connecting clients. The +@code{double} setting causes @code{cupsd} to verify that the hostname +resolved from the address matches one of the addresses returned for that +hostname. Double lookups also prevent clients with unregistered addresses +from connecting to your server. Only set this option to @code{#t} or +@code{double} if absolutely required. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-kill-delay +Specifies the number of seconds to wait before killing the filters and +backend associated with a canceled or held job. + +Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-retry-interval +Specifies the interval between retries of jobs in seconds. This is +typically used for fax queues but can also be used with normal print queues +whose error policy is @code{retry-job} or @code{retry-current-job}. + +Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer job-retry-limit +Specifies the number of retries that are done for jobs. This is typically +used for fax queues but can also be used with normal print queues whose +error policy is @code{retry-job} or @code{retry-current-job}. + +Defaults to @samp{5}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean keep-alive? +Specifies whether to support HTTP keep-alive connections. + +Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer keep-alive-timeout +Specifies how long an idle client connection remains open, in seconds. + +Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer limit-request-body +Specifies the maximum size of print files, IPP requests, and HTML form +data. A limit of 0 disables the limit check. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} multiline-string-list listen +Listens on the specified interfaces for connections. Valid values are of +the form @var{address}:@var{port}, where @var{address} is either an IPv6 +address enclosed in brackets, an IPv4 address, or @code{*} to indicate all +addresses. Values can also be file names of local UNIX domain sockets. The +Listen directive is similar to the Port directive but allows you to restrict +access to specific interfaces or networks. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer listen-back-log +Specifies the number of pending connections that will be allowed. This +normally only affects very busy servers that have reached the MaxClients +limit, but can also be triggered by large numbers of simultaneous +connections. When the limit is reached, the operating system will refuse +additional connections until the scheduler can accept the pending ones. + +Defaults to @samp{128}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} location-access-control-list location-access-controls +Specifies a set of additional access controls. + +Available @code{location-access-controls} fields are: + +@deftypevr {@code{location-access-controls} parameter} file-name path +Specifies the URI path to which the access control applies. +@end deftypevr + +@deftypevr {@code{location-access-controls} parameter} access-control-list access-controls +Access controls for all access to this path, in the same format as the +@code{access-controls} of @code{operation-access-control}. + +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{location-access-controls} parameter} method-access-control-list method-access-controls +Access controls for method-specific access to this path. + +Defaults to @samp{()}. + +Available @code{method-access-controls} fields are: + +@deftypevr {@code{method-access-controls} parameter} boolean reverse? +If @code{#t}, apply access controls to all methods except the listed +methods. Otherwise apply to only the listed methods. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{method-access-controls} parameter} method-list methods +Methods to which this access control applies. + +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{method-access-controls} parameter} access-control-list access-controls +Access control directives, as a list of strings. Each string should be one +directive, such as "Order allow,deny". + +Defaults to @samp{()}. +@end deftypevr +@end deftypevr +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer log-debug-history +Specifies the number of debugging messages that are retained for logging if +an error occurs in a print job. Debug messages are logged regardless of the +LogLevel setting. + +Defaults to @samp{100}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} log-level log-level +Specifies the level of logging for the ErrorLog file. The value @code{none} +stops all logging while @code{debug2} logs everything. + +Defaults to @samp{info}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} log-time-format log-time-format +Specifies the format of the date and time in the log files. The value +@code{standard} logs whole seconds while @code{usecs} logs microseconds. + +Defaults to @samp{standard}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-clients +Specifies the maximum number of simultaneous clients that are allowed by the +scheduler. + +Defaults to @samp{100}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-clients-per-host +Specifies the maximum number of simultaneous clients that are allowed from a +single address. + +Defaults to @samp{100}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-copies +Specifies the maximum number of copies that a user can print of each job. + +Defaults to @samp{9999}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-hold-time +Specifies the maximum time a job may remain in the @code{indefinite} hold +state before it is canceled. A value of 0 disables cancellation of held +jobs. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs +Specifies the maximum number of simultaneous jobs that are allowed. Set to +0 to allow an unlimited number of jobs. + +Defaults to @samp{500}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs-per-printer +Specifies the maximum number of simultaneous jobs that are allowed per +printer. A value of 0 allows up to MaxJobs jobs per printer. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-jobs-per-user +Specifies the maximum number of simultaneous jobs that are allowed per +user. A value of 0 allows up to MaxJobs jobs per user. + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-job-time +Specifies the maximum time a job may take to print before it is canceled, in +seconds. Set to 0 to disable cancellation of "stuck" jobs. + +Defaults to @samp{10800}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer max-log-size +Specifies the maximum size of the log files before they are rotated, in +bytes. The value 0 disables log rotation. + +Defaults to @samp{1048576}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer multiple-operation-timeout +Specifies the maximum amount of time to allow between files in a multiple +file print job, in seconds. + +Defaults to @samp{300}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string page-log-format +Specifies the format of PageLog lines. Sequences beginning with percent +(@samp{%}) characters are replaced with the corresponding information, while +all other characters are copied literally. The following percent sequences +are recognized: + +@table @samp +@item %% +insert a single percent character + +@item %@{name@} +insert the value of the specified IPP attribute + +@item %C +insert the number of copies for the current page + +@item %P +insert the current page number + +@item %T +insert the current date and time in common log format + +@item %j +insert the job ID + +@item %p +insert the printer name + +@item %u +insert the username +@end table + +A value of the empty string disables page logging. The string @code{%p %u +%j %T %P %C %@{job-billing@} %@{job-originating-host-name@} %@{job-name@} +%@{media@} %@{sides@}} creates a page log with the standard items. + +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} environment-variables environment-variables +Passes the specified environment variable(s) to child processes; a list of +strings. + +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} policy-configuration-list policies +Specifies named access control policies. + +Available @code{policy-configuration} fields are: + +@deftypevr {@code{policy-configuration} parameter} string name +Name of the policy. +@end deftypevr + +@deftypevr {@code{policy-configuration} parameter} string job-private-access +Specifies an access list for a job's private values. @code{@@ACL} maps to +the printer's requesting-user-name-allowed or requesting-user-name-denied +values. @code{@@OWNER} maps to the job's owner. @code{@@SYSTEM} maps to +the groups listed for the @code{system-group} field of the +@code{files-config} configuration, which is reified into the +@code{cups-files.conf(5)} file. Other possible elements of the access list +include specific user names, and @code{@@@var{group}} to indicate members of +a specific group. The access list may also be simply @code{all} or +@code{default}. + +Defaults to @samp{"@@OWNER @@SYSTEM"}. +@end deftypevr + +@deftypevr {@code{policy-configuration} parameter} string job-private-values +Specifies the list of job values to make private, or @code{all}, +@code{default}, or @code{none}. + +Defaults to @samp{"job-name job-originating-host-name +job-originating-user-name phone"}. +@end deftypevr + +@deftypevr {@code{policy-configuration} parameter} string subscription-private-access +Specifies an access list for a subscription's private values. @code{@@ACL} +maps to the printer's requesting-user-name-allowed or +requesting-user-name-denied values. @code{@@OWNER} maps to the job's +owner. @code{@@SYSTEM} maps to the groups listed for the +@code{system-group} field of the @code{files-config} configuration, which is +reified into the @code{cups-files.conf(5)} file. Other possible elements of +the access list include specific user names, and @code{@@@var{group}} to +indicate members of a specific group. The access list may also be simply +@code{all} or @code{default}. + +Defaults to @samp{"@@OWNER @@SYSTEM"}. +@end deftypevr + +@deftypevr {@code{policy-configuration} parameter} string subscription-private-values +Specifies the list of job values to make private, or @code{all}, +@code{default}, or @code{none}. + +Defaults to @samp{"notify-events notify-pull-method notify-recipient-uri +notify-subscriber-user-name notify-user-data"}. +@end deftypevr + +@deftypevr {@code{policy-configuration} parameter} operation-access-control-list access-controls +Access control by IPP operation. + +Defaults to @samp{()}. +@end deftypevr +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-files +Specifies whether job files (documents) are preserved after a job is +printed. If a numeric value is specified, job files are preserved for the +indicated number of seconds after printing. Otherwise a boolean value +applies indefinitely. + +Defaults to @samp{86400}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-history +Specifies whether the job history is preserved after a job is printed. If a +numeric value is specified, the job history is preserved for the indicated +number of seconds after printing. If @code{#t}, the job history is +preserved until the MaxJobs limit is reached. + +Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer reload-timeout +Specifies the amount of time to wait for job completion before restarting +the scheduler. + +Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string rip-cache +Specifies the maximum amount of memory to use when converting documents into +bitmaps for a printer. + +Defaults to @samp{"128m"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string server-admin +Specifies the email address of the server administrator. + +Defaults to @samp{"root@@localhost.localdomain"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} host-name-list-or-* server-alias +The ServerAlias directive is used for HTTP Host header validation when +clients connect to the scheduler from external interfaces. Using the +special name @code{*} can expose your system to known browser-based DNS +rebinding attacks, even when accessing sites through a firewall. If the +auto-discovery of alternate names does not work, we recommend listing each +alternate name with a ServerAlias directive instead of using @code{*}. + +Defaults to @samp{*}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string server-name +Specifies the fully-qualified host name of the server. + +Defaults to @samp{"localhost"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} server-tokens server-tokens +Specifies what information is included in the Server header of HTTP +responses. @code{None} disables the Server header. @code{ProductOnly} +reports @code{CUPS}. @code{Major} reports @code{CUPS 2}. @code{Minor} +reports @code{CUPS 2.0}. @code{Minimal} reports @code{CUPS 2.0.0}. +@code{OS} reports @code{CUPS 2.0.0 (@var{uname})} where @var{uname} is the +output of the @code{uname} command. @code{Full} reports @code{CUPS 2.0.0 +(@var{uname}) IPP/2.0}. + +Defaults to @samp{Minimal}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} string set-env +Set the specified environment variable to be passed to child processes. + +Defaults to @samp{"variable value"}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} multiline-string-list ssl-listen +Listens on the specified interfaces for encrypted connections. Valid values +are of the form @var{address}:@var{port}, where @var{address} is either an +IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to indicate +all addresses. + +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} ssl-options ssl-options +Sets encryption options. By default, CUPS only supports encryption using +TLS v1.0 or higher using known secure cipher suites. The @code{AllowRC4} +option enables the 128-bit RC4 cipher suites, which are required for some +older clients that do not implement newer ones. The @code{AllowSSL3} option +enables SSL v3.0, which is required for some older clients that do not +support TLS v1.0. + +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean strict-conformance? +Specifies whether the scheduler requires clients to strictly adhere to the +IPP specifications. + +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} non-negative-integer timeout +Specifies the HTTP request timeout, in seconds. + +Defaults to @samp{300}. + +@end deftypevr + +@deftypevr {@code{cups-configuration} parameter} boolean web-interface? +Specifies whether the web interface is enabled. + +Defaults to @samp{#f}. +@end deftypevr + +At this point you're probably thinking ``oh dear, Guix manual, I like you +but you can stop already with the configuration options''. Indeed. +However, one more point: it could be that you have an existing +@code{cupsd.conf} that you want to use. In that case, you can pass an +@code{opaque-cups-configuration} as the configuration of a +@code{cups-service-type}. + +Available @code{opaque-cups-configuration} fields are: + +@deftypevr {@code{opaque-cups-configuration} parameter} package cups +The CUPS package. +@end deftypevr + +@deftypevr {@code{opaque-cups-configuration} parameter} string cupsd.conf +The contents of the @code{cupsd.conf}, as a string. +@end deftypevr + +@deftypevr {@code{opaque-cups-configuration} parameter} string cups-files.conf +The contents of the @code{cups-files.conf} file, as a string. +@end deftypevr + +For example, if your @code{cupsd.conf} and @code{cups-files.conf} are in +strings of the same name, you could instantiate a CUPS service like this: + +@example +(service cups-service-type + (opaque-cups-configuration + (cupsd.conf cupsd.conf) + (cups-files.conf cups-files.conf))) +@end example + + +@node Desktop Services +@subsubsection Desktop Services + +The @code{(gnu services desktop)} module provides services that are usually +useful in the context of a ``desktop'' setup---that is, on a machine running +a graphical display server, possibly with graphical user interfaces, etc. +It also defines services that provide specific desktop environments like +GNOME, XFCE or MATE. + +To simplify things, the module defines a variable containing the set of +services that users typically expect on a machine with a graphical +environment and networking: + +@defvr {Scheme Variable} %desktop-services +This is a list of services that builds upon @var{%base-services} and adds or +adjusts services for a typical ``desktop'' setup. + +In particular, it adds a graphical login manager (@pxref{X Window, +@code{slim-service}}), screen lockers, a network management tool +(@pxref{Networking Services, @code{network-manager-service-type}}), energy +and color management services, the @code{elogind} login and seat manager, +the Polkit privilege service, the GeoClue location service, the +AccountsService daemon that allows authorized users change system passwords, +an NTP client (@pxref{Networking Services}), the Avahi daemon, and has the +name service switch service configured to be able to use @code{nss-mdns} +(@pxref{Name Service Switch, mDNS}). +@end defvr + +The @var{%desktop-services} variable can be used as the @code{services} +field of an @code{operating-system} declaration (@pxref{Référence de système d'exploitation, @code{services}}). + +Additionally, the @code{gnome-desktop-service}, @code{xfce-desktop-service} +and @code{mate-desktop-service} procedures can add GNOME, XFCE and/or MATE +to a system. To ``add GNOME'' means that system-level services like the +backlight adjustment helpers and the power management utilities are added to +the system, extending @code{polkit} and @code{dbus} appropriately, allowing +GNOME to operate with elevated privileges on a limited number of +special-purpose system interfaces. Additionally, adding a service made by +@code{gnome-desktop-service} adds the GNOME metapackage to the system +profile. Likewise, adding the XFCE service not only adds the @code{xfce} +metapackage to the system profile, but it also gives the Thunar file manager +the ability to open a ``root-mode'' file management window, if the user +authenticates using the administrator's password via the standard polkit +graphical interface. To ``add MATE'' means that @code{polkit} and +@code{dbus} are extended appropriately, allowing MATE to operate with +elevated privileges on a limited number of special-purpose system +interfaces. Additionally, adding a service made by +@code{mate-desktop-service} adds the MATE metapackage to the system profile. + +The desktop environments in Guix use the Xorg display server by default. If +you'd like to use the newer display server protocol called Wayland, you need +to use the @code{sddm-service} instead of the @code{slim-service} for the +graphical login manager. You should then select the ``GNOME (Wayland)'' +session in SDDM. Alternatively you can also try starting GNOME on Wayland +manually from a TTY with the command ``XDG_SESSION_TYPE=wayland exec +dbus-run-session gnome-session``. Currently only GNOME has support for +Wayland. + +@deffn {Scheme Procedure} gnome-desktop-service +Return a service that adds the @code{gnome} package to the system profile, +and extends polkit with the actions from @code{gnome-settings-daemon}. +@end deffn + +@deffn {Scheme Procedure} xfce-desktop-service +Return a service that adds the @code{xfce} package to the system profile, +and extends polkit with the ability for @code{thunar} to manipulate the file +system as root from within a user session, after the user has authenticated +with the administrator's password. +@end deffn + +@deffn {Scheme Procedure} mate-desktop-service +Return a service that adds the @code{mate} package to the system profile, +and extends polkit with the actions from @code{mate-settings-daemon}. +@end deffn + +Because the GNOME, XFCE and MATE desktop services pull in so many packages, +the default @code{%desktop-services} variable doesn't include either of them +by default. To add GNOME, XFCE or MATE, just @code{cons} them onto +@code{%desktop-services} in the @code{services} field of your +@code{operating-system}: + +@example +(use-modules (gnu)) +(use-service-modules desktop) +(operating-system + ... + ;; cons* adds items to the list given as its last argument. + (services (cons* (gnome-desktop-service) + (xfce-desktop-service) + %desktop-services)) + ...) +@end example + +These desktop environments will then be available as options in the +graphical login window. + +The actual service definitions included in @code{%desktop-services} and +provided by @code{(gnu services dbus)} and @code{(gnu services desktop)} are +described below. + +@deffn {Scheme Procedure} dbus-service [#:dbus @var{dbus}] [#:services '()] +Return a service that runs the ``system bus'', using @var{dbus}, with +support for @var{services}. + +@uref{http://dbus.freedesktop.org/, D-Bus} is an inter-process communication +facility. Its system bus is used to allow system services to communicate +and to be notified of system-wide events. + +@var{services} must be a list of packages that provide an +@file{etc/dbus-1/system.d} directory containing additional D-Bus +configuration and policy files. For example, to allow avahi-daemon to use +the system bus, @var{services} must be equal to @code{(list avahi)}. +@end deffn + +@deffn {Scheme Procedure} elogind-service [#:config @var{config}] +Return a service that runs the @code{elogind} login and seat management +daemon. @uref{https://github.com/elogind/elogind, Elogind} exposes a D-Bus +interface that can be used to know which users are logged in, know what kind +of sessions they have open, suspend the system, inhibit system suspend, +reboot the system, and other tasks. + +Elogind handles most system-level power events for a computer, for example +suspending the system when a lid is closed, or shutting it down when the +power button is pressed. + +The @var{config} keyword argument specifies the configuration for elogind, +and should be the result of an @code{(elogind-configuration (@var{parameter} +@var{value})...)} invocation. Available parameters and their default values +are: + +@table @code +@item kill-user-processes? +@code{#f} +@item kill-only-users +@code{()} +@item kill-exclude-users +@code{("root")} +@item inhibit-delay-max-seconds +@code{5} +@item handle-power-key +@code{poweroff} +@item handle-suspend-key +@code{suspend} +@item handle-hibernate-key +@code{hibernate} +@item handle-lid-switch +@code{suspend} +@item handle-lid-switch-docked +@code{ignore} +@item power-key-ignore-inhibited? +@code{#f} +@item suspend-key-ignore-inhibited? +@code{#f} +@item hibernate-key-ignore-inhibited? +@code{#f} +@item lid-switch-ignore-inhibited? +@code{#t} +@item holdoff-timeout-seconds +@code{30} +@item idle-action +@code{ignore} +@item idle-action-seconds +@code{(* 30 60)} +@item runtime-directory-size-percent +@code{10} +@item runtime-directory-size +@code{#f} +@item remove-ipc? +@code{#t} +@item suspend-state +@code{("mem" "standby" "freeze")} +@item suspend-mode +@code{()} +@item hibernate-state +@code{("disk")} +@item hibernate-mode +@code{("platform" "shutdown")} +@item hybrid-sleep-state +@code{("disk")} +@item hybrid-sleep-mode +@code{("suspend" "platform" "shutdown")} +@end table +@end deffn + +@deffn {Scheme Procedure} accountsservice-service @ + [#:accountsservice @var{accountsservice}] Return a service that runs +AccountsService, a system service that can list available accounts, change +their passwords, and so on. AccountsService integrates with PolicyKit to +enable unprivileged users to acquire the capability to modify their system +configuration. +@uref{https://www.freedesktop.org/wiki/Software/AccountsService/, the +accountsservice web site} for more information. + +The @var{accountsservice} keyword argument is the @code{accountsservice} +package to expose as a service. +@end deffn + +@deffn {Scheme Procedure} polkit-service @ + [#:polkit @var{polkit}] Return a service that runs the +@uref{http://www.freedesktop.org/wiki/Software/polkit/, Polkit privilege +management service}, which allows system administrators to grant access to +privileged operations in a structured way. By querying the Polkit service, +a privileged system component can know when it should grant additional +capabilities to ordinary users. For example, an ordinary user can be +granted the capability to suspend the system if the user is logged in +locally. +@end deffn + +@deffn {Scheme Procedure} upower-service [#:upower @var{upower}] @ + [#:watts-up-pro? #f] @ [#:poll-batteries? #t] @ [#:ignore-lid? #f] @ +[#:use-percentage-for-policy? #f] @ [#:percentage-low 10] @ +[#:percentage-critical 3] @ [#:percentage-action 2] @ [#:time-low 1200] @ +[#:time-critical 300] @ [#:time-action 120] @ [#:critical-power-action +'hybrid-sleep] Return a service that runs +@uref{http://upower.freedesktop.org/, @command{upowerd}}, a system-wide +monitor for power consumption and battery levels, with the given +configuration settings. It implements the @code{org.freedesktop.UPower} +D-Bus interface, and is notably used by GNOME. +@end deffn + +@deffn {Scheme Procedure} udisks-service [#:udisks @var{udisks}] +Return a service for @uref{http://udisks.freedesktop.org/docs/latest/, +UDisks}, a @dfn{disk management} daemon that provides user interfaces with +notifications and ways to mount/unmount disks. Programs that talk to UDisks +include the @command{udisksctl} command, part of UDisks, and GNOME Disks. +@end deffn + +@deffn {Scheme Procedure} colord-service [#:colord @var{colord}] +Return a service that runs @command{colord}, a system service with a D-Bus +interface to manage the color profiles of input and output devices such as +screens and scanners. It is notably used by the GNOME Color Manager +graphical tool. See @uref{http://www.freedesktop.org/software/colord/, the +colord web site} for more information. +@end deffn + +@deffn {Scheme Procedure} geoclue-application name [#:allowed? #t] [#:system? #f] [#:users '()] +Return a configuration allowing an application to access GeoClue location +data. @var{name} is the Desktop ID of the application, without the +@code{.desktop} part. If @var{allowed?} is true, the application will have +access to location information by default. The boolean @var{system?} value +indicates whether an application is a system component or not. Finally +@var{users} is a list of UIDs of all users for which this application is +allowed location info access. An empty users list means that all users are +allowed. +@end deffn + +@defvr {Scheme Variable} %standard-geoclue-applications +The standard list of well-known GeoClue application configurations, granting +authority to the GNOME date-and-time utility to ask for the current location +in order to set the time zone, and allowing the IceCat and Epiphany web +browsers to request location information. IceCat and Epiphany both query +the user before allowing a web page to know the user's location. +@end defvr + +@deffn {Scheme Procedure} geoclue-service [#:colord @var{colord}] @ + [#:whitelist '()] @ [#:wifi-geolocation-url +"https://location.services.mozilla.com/v1/geolocate?key=geoclue"] @ +[#:submit-data? #f] [#:wifi-submission-url +"https://location.services.mozilla.com/v1/submit?key=geoclue"] @ +[#:submission-nick "geoclue"] @ [#:applications +%standard-geoclue-applications] Return a service that runs the GeoClue +location service. This service provides a D-Bus interface to allow +applications to request access to a user's physical location, and optionally +to add information to online location databases. See +@uref{https://wiki.freedesktop.org/www/Software/GeoClue/, the GeoClue web +site} for more information. +@end deffn + +@deffn {Scheme Procedure} bluetooth-service [#:bluez @var{bluez}] @ + [@w{#:auto-enable? #f}] Return a service that runs the @command{bluetoothd} +daemon, which manages all the Bluetooth devices and provides a number of +D-Bus interfaces. When AUTO-ENABLE? is true, the bluetooth controller is +powered automatically at boot, which can be useful when using a bluetooth +keyboard or mouse. + +Users need to be in the @code{lp} group to access the D-Bus service. +@end deffn + +@node Database Services +@subsubsection Database Services + +@cindex database +@cindex SQL +The @code{(gnu services databases)} module provides the following services. + +@deffn {Scheme Procedure} postgresql-service [#:postgresql postgresql] @ + [#:config-file] [#:data-directory ``/var/lib/postgresql/data''] @ [#:port +5432] [#:locale ``en_US.utf8''] Return a service that runs @var{postgresql}, +the PostgreSQL database server. + +The PostgreSQL daemon loads its runtime configuration from +@var{config-file}, creates a database cluster with @var{locale} as the +default locale, stored in @var{data-directory}. It then listens on +@var{port}. +@end deffn + +@deffn {Scheme Procedure} mysql-service [#:config (mysql-configuration)] +Return a service that runs @command{mysqld}, the MySQL or MariaDB database +server. + +The optional @var{config} argument specifies the configuration for +@command{mysqld}, which should be a @code{} object. +@end deffn + +@deftp {Data Type} mysql-configuration +Data type representing the configuration of @var{mysql-service}. + +@table @asis +@item @code{mysql} (default: @var{mariadb}) +Package object of the MySQL database server, can be either @var{mariadb} or +@var{mysql}. + +For MySQL, a temporary root password will be displayed at activation time. +For MariaDB, the root password is empty. + +@item @code{port} (default: @code{3306}) +TCP port on which the database server listens for incoming connections. +@end table +@end deftp + +@defvr {Scheme Variable} memcached-service-type +This is the service type for the @uref{https://memcached.org/, Memcached} +service, which provides a distributed in memory cache. The value for the +service type is a @code{memcached-configuration} object. +@end defvr + +@example +(service memcached-service-type) +@end example + +@deftp {Data Type} memcached-configuration +Data type representing the configuration of memcached. + +@table @asis +@item @code{memcached} (default: @code{memcached}) +The Memcached package to use. + +@item @code{interfaces} (default: @code{'("0.0.0.0")}) +Network interfaces on which to listen. + +@item @code{tcp-port} (default: @code{11211}) +Port on which to accept connections on, + +@item @code{udp-port} (default: @code{11211}) +Port on which to accept UDP connections on, a value of 0 will disable +listening on a UDP socket. + +@item @code{additional-options} (default: @code{'()}) +Additional command line options to pass to @code{memcached}. +@end table +@end deftp + +@defvr {Scheme Variable} mongodb-service-type +This is the service type for @uref{https://www.mongodb.com/, MongoDB}. The +value for the service type is a @code{mongodb-configuration} object. +@end defvr + +@example +(service mongodb-service-type) +@end example + +@deftp {Data Type} mongodb-configuration +Data type representing the configuration of mongodb. + +@table @asis +@item @code{mongodb} (default: @code{mongodb}) +The MongoDB package to use. + +@item @code{config-file} (default: @code{%default-mongodb-configuration-file}) +The configuration file for MongoDB. + +@item @code{data-directory} (default: @code{"/var/lib/mongodb"}) +This value is used to create the directory, so that it exists and is owned +by the mongodb user. It should match the data-directory which MongoDB is +configured to use through the configuration file. +@end table +@end deftp + +@defvr {Scheme Variable} redis-service-type +This is the service type for the @uref{https://redis.io/, Redis} key/value +store, whose value is a @code{redis-configuration} object. +@end defvr + +@deftp {Data Type} redis-configuration +Data type representing the configuration of redis. + +@table @asis +@item @code{redis} (default: @code{redis}) +The Redis package to use. + +@item @code{bind} (default: @code{"127.0.0.1"}) +Network interface on which to listen. + +@item @code{port} (default: @code{6379}) +Port on which to accept connections on, a value of 0 will disable listening +on a TCP socket. + +@item @code{working-directory} (default: @code{"/var/lib/redis"}) +Directory in which to store the database and related files. +@end table +@end deftp + +@node Mail Services +@subsubsection Mail Services + +@cindex mail +@cindex email +The @code{(gnu services mail)} module provides Guix service definitions for +email services: IMAP, POP3, and LMTP servers, as well as mail transport +agents (MTAs). Lots of acronyms! These services are detailed in the +subsections below. + +@subsubheading Dovecot Service + +@deffn {Scheme Procedure} dovecot-service [#:config (dovecot-configuration)] +Return a service that runs the Dovecot IMAP/POP3/LMTP mail server. +@end deffn + +By default, Dovecot does not need much configuration; the default +configuration object created by @code{(dovecot-configuration)} will suffice +if your mail is delivered to @code{~/Maildir}. A self-signed certificate +will be generated for TLS-protected connections, though Dovecot will also +listen on cleartext ports by default. There are a number of options, +though, which mail administrators might need to change, and as is the case +with other services, Guix allows the system administrator to specify these +parameters via a uniform Scheme interface. + +For example, to specify that mail is located at @code{maildir~/.mail}, one +would instantiate the Dovecot service like this: + +@example +(dovecot-service #:config + (dovecot-configuration + (mail-location "maildir:~/.mail"))) +@end example + +The available configuration parameters follow. Each parameter definition is +preceded by its type; for example, @samp{string-list foo} indicates that the +@code{foo} parameter should be specified as a list of strings. There is +also a way to specify the configuration as a string, if you have an old +@code{dovecot.conf} file that you want to port over from some other system; +see the end for more details. + +@c The following documentation was initially generated by +@c (generate-documentation) in (gnu services mail). Manually maintained +@c documentation is better, so we shouldn't hesitate to edit below as +@c needed. However if the change you want to make to this documentation +@c can be done in an automated way, it's probably easier to change +@c (generate-documentation) than to make it below and have to deal with +@c the churn as dovecot updates. + +Available @code{dovecot-configuration} fields are: + +@deftypevr {@code{dovecot-configuration} parameter} package dovecot +The dovecot package. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} comma-separated-string-list listen +A list of IPs or hosts where to listen for connections. @samp{*} listens on +all IPv4 interfaces, @samp{::} listens on all IPv6 interfaces. If you want +to specify non-default ports or anything more complex, customize the address +and port fields of the @samp{inet-listener} of the specific services you are +interested in. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} protocol-configuration-list protocols +List of protocols we want to serve. Available protocols include +@samp{imap}, @samp{pop3}, and @samp{lmtp}. + +Available @code{protocol-configuration} fields are: + +@deftypevr {@code{protocol-configuration} parameter} string name +The name of the protocol. +@end deftypevr + +@deftypevr {@code{protocol-configuration} parameter} string auth-socket-path +UNIX socket path to the master authentication server to find users. This is +used by imap (for shared users) and lda. It defaults to +@samp{"/var/run/dovecot/auth-userdb"}. +@end deftypevr + +@deftypevr {@code{protocol-configuration} parameter} space-separated-string-list mail-plugins +Space separated list of plugins to load. +@end deftypevr + +@deftypevr {@code{protocol-configuration} parameter} non-negative-integer mail-max-userip-connections +Maximum number of IMAP connections allowed for a user from each IP address. +NOTE: The username is compared case-sensitively. Defaults to @samp{10}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} service-configuration-list services +List of services to enable. Available services include @samp{imap}, +@samp{imap-login}, @samp{pop3}, @samp{pop3-login}, @samp{auth}, and +@samp{lmtp}. + +Available @code{service-configuration} fields are: + +@deftypevr {@code{service-configuration} parameter} string kind +The service kind. Valid values include @code{director}, @code{imap-login}, +@code{pop3-login}, @code{lmtp}, @code{imap}, @code{pop3}, @code{auth}, +@code{auth-worker}, @code{dict}, @code{tcpwrap}, @code{quota-warning}, or +anything else. +@end deftypevr + +@deftypevr {@code{service-configuration} parameter} listener-configuration-list listeners +Listeners for the service. A listener is either a +@code{unix-listener-configuration}, a @code{fifo-listener-configuration}, or +an @code{inet-listener-configuration}. Defaults to @samp{()}. + +Available @code{unix-listener-configuration} fields are: + +@deftypevr {@code{unix-listener-configuration} parameter} string path +Path to the file, relative to @code{base-dir} field. This is also used as +the section name. +@end deftypevr + +@deftypevr {@code{unix-listener-configuration} parameter} string mode +The access mode for the socket. Defaults to @samp{"0600"}. +@end deftypevr + +@deftypevr {@code{unix-listener-configuration} parameter} string user +The user to own the socket. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{unix-listener-configuration} parameter} string group +The group to own the socket. Defaults to @samp{""}. +@end deftypevr + + +Available @code{fifo-listener-configuration} fields are: + +@deftypevr {@code{fifo-listener-configuration} parameter} string path +Path to the file, relative to @code{base-dir} field. This is also used as +the section name. +@end deftypevr + +@deftypevr {@code{fifo-listener-configuration} parameter} string mode +The access mode for the socket. Defaults to @samp{"0600"}. +@end deftypevr + +@deftypevr {@code{fifo-listener-configuration} parameter} string user +The user to own the socket. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{fifo-listener-configuration} parameter} string group +The group to own the socket. Defaults to @samp{""}. +@end deftypevr + + +Available @code{inet-listener-configuration} fields are: + +@deftypevr {@code{inet-listener-configuration} parameter} string protocol +The protocol to listen for. +@end deftypevr + +@deftypevr {@code{inet-listener-configuration} parameter} string address +The address on which to listen, or empty for all addresses. Defaults to +@samp{""}. +@end deftypevr + +@deftypevr {@code{inet-listener-configuration} parameter} non-negative-integer port +The port on which to listen. +@end deftypevr + +@deftypevr {@code{inet-listener-configuration} parameter} boolean ssl? +Whether to use SSL for this service; @samp{yes}, @samp{no}, or +@samp{required}. Defaults to @samp{#t}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{service-configuration} parameter} non-negative-integer service-count +Number of connections to handle before starting a new process. Typically +the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 is +faster. . Defaults to @samp{1}. +@end deftypevr + +@deftypevr {@code{service-configuration} parameter} non-negative-integer process-min-avail +Number of processes to always keep waiting for more connections. Defaults +to @samp{0}. +@end deftypevr + +@deftypevr {@code{service-configuration} parameter} non-negative-integer vsz-limit +If you set @samp{service-count 0}, you probably need to grow this. Defaults +to @samp{256000000}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} dict-configuration dict +Dict configuration, as created by the @code{dict-configuration} constructor. + +Available @code{dict-configuration} fields are: + +@deftypevr {@code{dict-configuration} parameter} free-form-fields entries +A list of key-value pairs that this dict should hold. Defaults to +@samp{()}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} passdb-configuration-list passdbs +A list of passdb configurations, each one created by the +@code{passdb-configuration} constructor. + +Available @code{passdb-configuration} fields are: + +@deftypevr {@code{passdb-configuration} parameter} string driver +The driver that the passdb should use. Valid values include @samp{pam}, +@samp{passwd}, @samp{shadow}, @samp{bsdauth}, and @samp{static}. Defaults +to @samp{"pam"}. +@end deftypevr + +@deftypevr {@code{passdb-configuration} parameter} space-separated-string-list args +Space separated list of arguments to the passdb driver. Defaults to +@samp{""}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} userdb-configuration-list userdbs +List of userdb configurations, each one created by the +@code{userdb-configuration} constructor. + +Available @code{userdb-configuration} fields are: + +@deftypevr {@code{userdb-configuration} parameter} string driver +The driver that the userdb should use. Valid values include @samp{passwd} +and @samp{static}. Defaults to @samp{"passwd"}. +@end deftypevr + +@deftypevr {@code{userdb-configuration} parameter} space-separated-string-list args +Space separated list of arguments to the userdb driver. Defaults to +@samp{""}. +@end deftypevr + +@deftypevr {@code{userdb-configuration} parameter} free-form-args override-fields +Override fields from passwd. Defaults to @samp{()}. +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} plugin-configuration plugin-configuration +Plug-in configuration, created by the @code{plugin-configuration} +constructor. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} list-of-namespace-configuration namespaces +List of namespaces. Each item in the list is created by the +@code{namespace-configuration} constructor. + +Available @code{namespace-configuration} fields are: + +@deftypevr {@code{namespace-configuration} parameter} string name +Name for this namespace. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} string type +Namespace type: @samp{private}, @samp{shared} or @samp{public}. Defaults to +@samp{"private"}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} string separator +Hierarchy separator to use. You should use the same separator for all +namespaces or some clients get confused. @samp{/} is usually a good one. +The default however depends on the underlying mail storage format. Defaults +to @samp{""}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} string prefix +Prefix required to access this namespace. This needs to be different for +all namespaces. For example @samp{Public/}. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} string location +Physical location of the mailbox. This is in the same format as +mail_location, which is also the default for it. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} boolean inbox? +There can be only one INBOX, and this setting defines which namespace has +it. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} boolean hidden? +If namespace is hidden, it's not advertised to clients via NAMESPACE +extension. You'll most likely also want to set @samp{list? #f}. This is +mostly useful when converting from another server with different namespaces +which you want to deprecate but still keep working. For example you can +create hidden namespaces with prefixes @samp{~/mail/}, @samp{~%u/mail/} and +@samp{mail/}. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} boolean list? +Show the mailboxes under this namespace with the LIST command. This makes +the namespace visible for clients that do not support the NAMESPACE +extension. The special @code{children} value lists child mailboxes, but +hides the namespace prefix. Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} boolean subscriptions? +Namespace handles its own subscriptions. If set to @code{#f}, the parent +namespace handles them. The empty prefix should always have this as +@code{#t}). Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{namespace-configuration} parameter} mailbox-configuration-list mailboxes +List of predefined mailboxes in this namespace. Defaults to @samp{()}. + +Available @code{mailbox-configuration} fields are: + +@deftypevr {@code{mailbox-configuration} parameter} string name +Name for this mailbox. +@end deftypevr + +@deftypevr {@code{mailbox-configuration} parameter} string auto +@samp{create} will automatically create this mailbox. @samp{subscribe} will +both create and subscribe to the mailbox. Defaults to @samp{"no"}. +@end deftypevr + +@deftypevr {@code{mailbox-configuration} parameter} space-separated-string-list special-use +List of IMAP @code{SPECIAL-USE} attributes as specified by RFC 6154. Valid +values are @code{\All}, @code{\Archive}, @code{\Drafts}, @code{\Flagged}, +@code{\Junk}, @code{\Sent}, and @code{\Trash}. Defaults to @samp{()}. +@end deftypevr + +@end deftypevr + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} file-name base-dir +Base directory where to store runtime data. Defaults to +@samp{"/var/run/dovecot/"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string login-greeting +Greeting message for clients. Defaults to @samp{"Dovecot ready."}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list login-trusted-networks +List of trusted network ranges. Connections from these IPs are allowed to +override their IP addresses and ports (for logging and for authentication +checks). @samp{disable-plaintext-auth} is also ignored for these networks. +Typically you would specify your IMAP proxy servers here. Defaults to +@samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list login-access-sockets +List of login access check sockets (e.g. tcpwrap). Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean verbose-proctitle? +Show more verbose process titles (in ps). Currently shows user name and IP +address. Useful for seeing who is actually using the IMAP processes +(e.g. shared mailboxes or if the same uid is used for multiple accounts). +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean shutdown-clients? +Should all processes be killed when Dovecot master process shuts down. +Setting this to @code{#f} means that Dovecot can be upgraded without forcing +existing client connections to close (although that could also be a problem +if the upgrade is e.g. due to a security fix). Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer doveadm-worker-count +If non-zero, run mail commands via this many connections to doveadm server, +instead of running them directly in the same process. Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string doveadm-socket-path +UNIX socket or host:port used for connecting to doveadm server. Defaults to +@samp{"doveadm-server"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list import-environment +List of environment variables that are preserved on Dovecot startup and +passed down to all of its child processes. You can also give key=value +pairs to always set specific settings. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean disable-plaintext-auth? +Disable LOGIN command and all other plaintext authentications unless SSL/TLS +is used (LOGINDISABLED capability). Note that if the remote IP matches the +local IP (i.e. you're connecting from the same computer), the connection is +considered secure and plaintext authentication is allowed. See also +ssl=required setting. Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer auth-cache-size +Authentication cache size (e.g. @samp{#e10e6}). 0 means it's disabled. +Note that bsdauth, PAM and vpopmail require @samp{cache-key} to be set for +caching to be used. Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-cache-ttl +Time to live for cached data. After TTL expires the cached record is no +longer used, *except* if the main database lookup returns internal failure. +We also try to handle password changes automatically: If user's previous +authentication was successful, but this one wasn't, the cache isn't used. +For now this works only with plaintext authentication. Defaults to @samp{"1 +hour"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-cache-negative-ttl +TTL for negative hits (user not found, password mismatch). 0 disables +caching them completely. Defaults to @samp{"1 hour"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list auth-realms +List of realms for SASL authentication mechanisms that need them. You can +leave it empty if you don't want to support multiple realms. Many clients +simply use the first one listed here, so keep the default realm first. +Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-default-realm +Default realm/domain to use if none was specified. This is used for both +SASL realms and appending @@domain to username in plaintext logins. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-username-chars +List of allowed characters in username. If the user-given username contains +a character not listed in here, the login automatically fails. This is just +an extra check to make sure user can't exploit any potential quote escaping +vulnerabilities with SQL/LDAP databases. If you want to allow all +characters, set this value to empty. Defaults to +@samp{"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@@"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-username-translation +Username character translations before it's looked up from databases. The +value contains series of from -> to characters. For example @samp{#@@/@@} +means that @samp{#} and @samp{/} characters are translated to @samp{@@}. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-username-format +Username formatting before it's looked up from databases. You can use the +standard variables here, e.g. %Lu would lowercase the username, %n would +drop away the domain if it was given, or @samp{%n-AT-%d} would change the +@samp{@@} into @samp{-AT-}. This translation is done after +@samp{auth-username-translation} changes. Defaults to @samp{"%Lu"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-master-user-separator +If you want to allow master users to log in by specifying the master +username within the normal username string (i.e. not using SASL mechanism's +support for it), you can specify the separator character here. The format +is then . UW-IMAP uses @samp{*} as +the separator, so that could be a good choice. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-anonymous-username +Username to use for users logging in with ANONYMOUS SASL mechanism. +Defaults to @samp{"anonymous"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer auth-worker-max-count +Maximum number of dovecot-auth worker processes. They're used to execute +blocking passdb and userdb queries (e.g. MySQL and PAM). They're +automatically created and destroyed as needed. Defaults to @samp{30}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-gssapi-hostname +Host name to use in GSSAPI principal names. The default is to use the name +returned by gethostname(). Use @samp{$ALL} (with quotes) to allow all +keytab entries. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-krb5-keytab +Kerberos keytab to use for the GSSAPI mechanism. Will use the system +default (usually @file{/etc/krb5.keytab}) if not specified. You may need to +change the auth service to run as root to be able to read this file. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-use-winbind? +Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and +@samp{ntlm-auth} helper. . +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} file-name auth-winbind-helper-path +Path for Samba's @samp{ntlm-auth} helper binary. Defaults to +@samp{"/usr/bin/ntlm_auth"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string auth-failure-delay +Time to delay before replying to failed authentications. Defaults to +@samp{"2 secs"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-ssl-require-client-cert? +Require a valid SSL client certificate or the authentication fails. +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-ssl-username-from-cert? +Take the username from client's SSL certificate, using +@code{X509_NAME_get_text_by_NID()} which returns the subject's DN's +CommonName. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list auth-mechanisms +List of wanted authentication mechanisms. Supported mechanisms are: +@samp{plain}, @samp{login}, @samp{digest-md5}, @samp{cram-md5}, @samp{ntlm}, +@samp{rpa}, @samp{apop}, @samp{anonymous}, @samp{gssapi}, @samp{otp}, +@samp{skey}, and @samp{gss-spnego}. NOTE: See also +@samp{disable-plaintext-auth} setting. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list director-servers +List of IPs or hostnames to all director servers, including ourself. Ports +can be specified as ip:port. The default port is the same as what director +service's @samp{inet-listener} is using. Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list director-mail-servers +List of IPs or hostnames to all backend mail servers. Ranges are allowed +too, like 10.0.0.10-10.0.0.30. Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string director-user-expire +How long to redirect users to a specific server after it no longer has any +connections. Defaults to @samp{"15 min"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string director-username-hash +How the username is translated before being hashed. Useful values include +%Ln if user can log in with or without @@domain, %Ld if mailboxes are shared +within domain. Defaults to @samp{"%Lu"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string log-path +Log file to use for error messages. @samp{syslog} logs to syslog, +@samp{/dev/stderr} logs to stderr. Defaults to @samp{"syslog"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string info-log-path +Log file to use for informational messages. Defaults to @samp{log-path}. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string debug-log-path +Log file to use for debug messages. Defaults to @samp{info-log-path}. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string syslog-facility +Syslog facility to use if you're logging to syslog. Usually if you don't +want to use @samp{mail}, you'll use local0..local7. Also other standard +facilities are supported. Defaults to @samp{"mail"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-verbose? +Log unsuccessful authentication attempts and the reasons why they failed. +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-verbose-passwords? +In case of password mismatches, log the attempted password. Valid values +are no, plain and sha1. sha1 can be useful for detecting brute force +password attempts vs. user simply trying the same password over and over +again. You can also truncate the value to n chars by appending ":n" +(e.g. sha1:6). Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-debug? +Even more verbose logging for debugging purposes. Shows for example SQL +queries. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean auth-debug-passwords? +In case of password mismatches, log the passwords and used scheme so the +problem can be debugged. Enabling this also enables @samp{auth-debug}. +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mail-debug? +Enable mail process debugging. This can help you figure out why Dovecot +isn't finding your mails. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean verbose-ssl? +Show protocol level SSL errors. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string log-timestamp +Prefix for each line written to log file. % codes are in strftime(3) +format. Defaults to @samp{"\"%b %d %H:%M:%S \""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list login-log-format-elements +List of elements we want to log. The elements which have a non-empty +variable value are joined together to form a comma-separated string. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string login-log-format +Login log format. %s contains @samp{login-log-format-elements} string, %$ +contains the data we want to log. Defaults to @samp{"%$: %s"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-log-prefix +Log prefix for mail processes. See doc/wiki/Variables.txt for list of +possible variables you can use. Defaults to +@samp{"\"%s(%u)<%@{pid@}><%@{session@}>: \""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string deliver-log-format +Format to use for logging mail deliveries. You can use variables: +@table @code +@item %$ +Delivery status message (e.g. @samp{saved to INBOX}) +@item %m +Message-ID +@item %s +Subject +@item %f +From address +@item %p +Physical size +@item %w +Virtual size. +@end table +Defaults to @samp{"msgid=%m: %$"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-location +Location for users' mailboxes. The default is empty, which means that +Dovecot tries to find the mailboxes automatically. This won't work if the +user doesn't yet have any mail, so you should explicitly tell Dovecot the +full location. + +If you're using mbox, giving a path to the INBOX file (e.g. /var/mail/%u) +isn't enough. You'll also need to tell Dovecot where the other mailboxes +are kept. This is called the "root mail directory", and it must be the +first path given in the @samp{mail-location} setting. + +There are a few special variables you can use, eg.: + +@table @samp +@item %u +username +@item %n +user part in user@@domain, same as %u if there's no domain +@item %d +domain part in user@@domain, empty if there's no domain +@item %h +home director +@end table + +See doc/wiki/Variables.txt for full list. Some examples: +@table @samp +@item maildir:~/Maildir +@item mbox:~/mail:INBOX=/var/mail/%u +@item mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/% +@end table +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-uid +System user and group used to access mails. If you use multiple, userdb can +override these by returning uid or gid fields. You can use either numbers +or names. . Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-gid + +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-privileged-group +Group to enable temporarily for privileged operations. Currently this is +used only with INBOX when either its initial creation or dotlocking fails. +Typically this is set to "mail" to give access to /var/mail. Defaults to +@samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-access-groups +Grant access to these supplementary groups for mail processes. Typically +these are used to set up access to shared mailboxes. Note that it may be +dangerous to set these if users can create symlinks (e.g. if "mail" group is +set here, ln -s /var/mail ~/mail/var could allow a user to delete others' +mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading +it). Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mail-full-filesystem-access? +Allow full file system access to clients. There's no access checks other +than what the operating system does for the active UID/GID. It works with +both maildir and mboxes, allowing you to prefix mailboxes names with +e.g. /path/ or ~user/. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mmap-disable? +Don't use mmap() at all. This is required if you store indexes to shared +file systems (NFS or clustered file system). Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean dotlock-use-excl? +Rely on @samp{O_EXCL} to work when creating dotlock files. NFS supports +@samp{O_EXCL} since version 3, so this should be safe to use nowadays by +default. Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-fsync +When to use fsync() or fdatasync() calls: +@table @code +@item optimized +Whenever necessary to avoid losing important data +@item always +Useful with e.g. NFS when write()s are delayed +@item never +Never use it (best performance, but crashes can lose data). +@end table +Defaults to @samp{"optimized"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mail-nfs-storage? +Mail storage exists in NFS. Set this to yes to make Dovecot flush NFS +caches whenever needed. If you're using only a single mail server this +isn't needed. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mail-nfs-index? +Mail index files also exist in NFS. Setting this to yes requires +@samp{mmap-disable? #t} and @samp{fsync-disable? #f}. Defaults to +@samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string lock-method +Locking method for index files. Alternatives are fcntl, flock and dotlock. +Dotlocking uses some tricks which may create more disk I/O than other +locking methods. NFS users: flock doesn't work, remember to change +@samp{mmap-disable}. Defaults to @samp{"fcntl"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} file-name mail-temp-dir +Directory in which LDA/LMTP temporarily stores incoming mails >128 kB. +Defaults to @samp{"/tmp"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer first-valid-uid +Valid UID range for users. This is mostly to make sure that users can't log +in as daemons or other system users. Note that denying root logins is +hardcoded to dovecot binary and can't be done even if @samp{first-valid-uid} +is set to 0. Defaults to @samp{500}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer last-valid-uid + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer first-valid-gid +Valid GID range for users. Users having non-valid GID as primary group ID +aren't allowed to log in. If user belongs to supplementary groups with +non-valid GIDs, those groups are not set. Defaults to @samp{1}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer last-valid-gid + +Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mail-max-keyword-length +Maximum allowed length for mail keyword name. It's only forced when trying +to create new keywords. Defaults to @samp{50}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} colon-separated-file-name-list valid-chroot-dirs +List of directories under which chrooting is allowed for mail processes +(i.e. /var/mail will allow chrooting to /var/mail/foo/bar too). This +setting doesn't affect @samp{login-chroot} @samp{mail-chroot} or auth chroot +settings. If this setting is empty, "/./" in home dirs are ignored. +WARNING: Never add directories here which local users can modify, that may +lead to root exploit. Usually this should be done only if you don't allow +shell access for users. . Defaults to @samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-chroot +Default chroot directory for mail processes. This can be overridden for +specific users in user database by giving /./ in user's home directory +(e.g. /home/./user chroots into /home). Note that usually there is no real +need to do chrooting, Dovecot doesn't allow users to access files outside +their mail directory anyway. If your home directories are prefixed with the +chroot directory, append "/." to @samp{mail-chroot}. +. Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} file-name auth-socket-path +UNIX socket path to master authentication server to find users. This is +used by imap (for shared users) and lda. Defaults to +@samp{"/var/run/dovecot/auth-userdb"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} file-name mail-plugin-dir +Directory where to look up mail plugins. Defaults to +@samp{"/usr/lib/dovecot"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list mail-plugins +List of plugins to load for all services. Plugins specific to IMAP, LDA, +etc. are added to this list in their own .conf files. Defaults to +@samp{()}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mail-cache-min-mail-count +The minimum number of mails in a mailbox before updates are done to cache +file. This allows optimizing Dovecot's behavior to do less disk writes at +the cost of more disk reads. Defaults to @samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mailbox-idle-check-interval +When IDLE command is running, mailbox is checked once in a while to see if +there are any new mails or other changes. This setting defines the minimum +time to wait between those checks. Dovecot can also use dnotify, inotify +and kqueue to find out immediately when changes occur. Defaults to +@samp{"30 secs"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mail-save-crlf? +Save mails with CR+LF instead of plain LF. This makes sending those mails +take less CPU, especially with sendfile() syscall with Linux and FreeBSD. +But it also creates a bit more disk I/O which may just make it slower. Also +note that if other software reads the mboxes/maildirs, they may handle the +extra CRs wrong and cause problems. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean maildir-stat-dirs? +By default LIST command returns all entries in maildir beginning with a +dot. Enabling this option makes Dovecot return only entries which are +directories. This is done by stat()ing each entry, so it causes more disk +I/O. (For systems setting struct @samp{dirent->d_type} this check is free +and it's done always regardless of this setting). Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean maildir-copy-with-hardlinks? +When copying a message, do it with hard links whenever possible. This makes +the performance much better, and it's unlikely to have any side effects. +Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean maildir-very-dirty-syncs? +Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only +when its mtime changes unexpectedly or when we can't find the mail +otherwise. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list mbox-read-locks +Which locking methods to use for locking mbox. There are four available: + +@table @code +@item dotlock +Create .lock file. This is the oldest and most NFS-safe solution. +If you want to use /var/mail/ like directory, the users will need write +access to that directory. +@item dotlock-try +Same as dotlock, but if it fails because of permissions or because there +isn't enough disk space, just skip it. +@item fcntl +Use this if possible. Works with NFS too if lockd is used. +@item flock +May not exist in all systems. Doesn't work with NFS. +@item lockf +May not exist in all systems. Doesn't work with NFS. +@end table + +You can use multiple locking methods; if you do the order they're declared +in is important to avoid deadlocks if other MTAs/MUAs are using multiple +locking methods as well. Some operating systems don't allow using some of +them simultaneously. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list mbox-write-locks + +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mbox-lock-timeout +Maximum time to wait for lock (all of them) before aborting. Defaults to +@samp{"5 mins"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mbox-dotlock-change-timeout +If dotlock exists but the mailbox isn't modified in any way, override the +lock file after this much time. Defaults to @samp{"2 mins"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mbox-dirty-syncs? +When mbox changes unexpectedly we have to fully read it to find out what +changed. If the mbox is large this can take a long time. Since the change +is usually just a newly appended mail, it'd be faster to simply read the new +mails. If this setting is enabled, Dovecot does this but still safely +fallbacks to re-reading the whole mbox file whenever something in mbox isn't +how it's expected to be. The only real downside to this setting is that if +some other MUA changes message flags, Dovecot doesn't notice it +immediately. Note that a full sync is done with SELECT, EXAMINE, EXPUNGE +and CHECK commands. Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mbox-very-dirty-syncs? +Like @samp{mbox-dirty-syncs}, but don't do full syncs even with SELECT, +EXAMINE, EXPUNGE or CHECK commands. If this is set, @samp{mbox-dirty-syncs} +is ignored. Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mbox-lazy-writes? +Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK +commands and when closing the mailbox). This is especially useful for POP3 +where clients often delete all mails. The downside is that our changes +aren't immediately visible to other MUAs. Defaults to @samp{#t}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mbox-min-index-size +If mbox size is smaller than this (e.g. 100k), don't write index files. If +an index file already exists it's still read, just not updated. Defaults to +@samp{0}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mdbox-rotate-size +Maximum dbox file size until it's rotated. Defaults to @samp{10000000}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mdbox-rotate-interval +Maximum dbox file age until it's rotated. Typically in days. Day begins +from midnight, so 1d = today, 2d = yesterday, etc. 0 = check disabled. +Defaults to @samp{"1d"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean mdbox-preallocate-space? +When creating new mdbox files, immediately preallocate their size to +@samp{mdbox-rotate-size}. This setting currently works only in Linux with +some file systems (ext4, xfs). Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-attachment-dir +sdbox and mdbox support saving mail attachments to external files, which +also allows single instance storage for them. Other backends don't support +this for now. + +WARNING: This feature hasn't been tested much yet. Use at your own risk. + +Directory root where to store mail attachments. Disabled, if empty. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mail-attachment-min-size +Attachments smaller than this aren't saved externally. It's also possible +to write a plugin to disable saving specific attachments externally. +Defaults to @samp{128000}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-attachment-fs +File system backend to use for saving attachments: +@table @code +@item posix +No SiS done by Dovecot (but this might help FS's own deduplication) +@item sis posix +SiS with immediate byte-by-byte comparison during saving +@item sis-queue posix +SiS with delayed comparison and deduplication. +@end table +Defaults to @samp{"sis posix"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string mail-attachment-hash +Hash format to use in attachment filenames. You can add any text and +variables: @code{%@{md4@}}, @code{%@{md5@}}, @code{%@{sha1@}}, +@code{%@{sha256@}}, @code{%@{sha512@}}, @code{%@{size@}}. Variables can be +truncated, e.g. @code{%@{sha256:80@}} returns only first 80 bits. Defaults +to @samp{"%@{sha1@}"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer default-process-limit + +Defaults to @samp{100}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer default-client-limit + +Defaults to @samp{1000}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer default-vsz-limit +Default VSZ (virtual memory size) limit for service processes. This is +mainly intended to catch and kill processes that leak memory before they eat +up everything. Defaults to @samp{256000000}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string default-login-user +Login user is internally used by login processes. This is the most +untrusted user in Dovecot system. It shouldn't have access to anything at +all. Defaults to @samp{"dovenull"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string default-internal-user +Internal user is used by unprivileged processes. It should be separate from +login user, so that login processes can't disturb other processes. Defaults +to @samp{"dovecot"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string ssl? +SSL/TLS support: yes, no, required. . Defaults to +@samp{"required"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string ssl-cert +PEM encoded X.509 SSL/TLS certificate (public key). Defaults to +@samp{" was automatically rejected:%n%r"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string recipient-delimiter +Delimiter character between local-part and detail in email address. +Defaults to @samp{"+"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string lda-original-recipient-header +Header where the original recipient address (SMTP's RCPT TO: address) is +taken from if not available elsewhere. With dovecot-lda -a parameter +overrides this. A commonly used header for this is X-Original-To. Defaults +to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean lda-mailbox-autocreate? +Should saving a mail to a nonexistent mailbox automatically create it?. +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} boolean lda-mailbox-autosubscribe? +Should automatically created mailboxes be also automatically subscribed?. +Defaults to @samp{#f}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer imap-max-line-length +Maximum IMAP command line length. Some clients generate very long command +lines with huge mailboxes, so you may need to raise this if you get "Too +long argument" or "IMAP command line too large" errors often. Defaults to +@samp{64000}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string imap-logout-format +IMAP logout format string: +@table @code +@item %i +total number of bytes read from client +@item %o +total number of bytes sent to client. +@end table +See @file{doc/wiki/Variables.txt} for a list of all the variables you can +use. Defaults to @samp{"in=%i out=%o deleted=%@{deleted@} +expunged=%@{expunged@} trashed=%@{trashed@} hdr_count=%@{fetch_hdr_count@} +hdr_bytes=%@{fetch_hdr_bytes@} body_count=%@{fetch_body_count@} +body_bytes=%@{fetch_body_bytes@}"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string imap-capability +Override the IMAP CAPABILITY response. If the value begins with '+', add +the given capabilities on top of the defaults (e.g. +XFOO XBAR). Defaults +to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string imap-idle-notify-interval +How long to wait between "OK Still here" notifications when client is +IDLEing. Defaults to @samp{"2 mins"}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string imap-id-send +ID field names and values to send to clients. Using * as the value makes +Dovecot use the default value. The following fields have default values +currently: name, version, os, os-version, support-url, support-email. +Defaults to @samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} string imap-id-log +ID fields sent by client to log. * means everything. Defaults to +@samp{""}. +@end deftypevr + +@deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list imap-client-workarounds +Workarounds for various client bugs: + +@table @code +@item delay-newmail +Send EXISTS/RECENT new mail notifications only when replying to NOOP and +CHECK commands. Some clients ignore them otherwise, for example OSX Mail +(' before setting it here, to get a feel for which cipher suites you +will get. After setting this option, it is recommend that you inspect your +Murmur log to ensure that Murmur is using the cipher suites that you +expected it to. + +Note: Changing this option may impact the backwards compatibility of your +Murmur server, and can remove the ability for older Mumble clients to be +able to connect to it. + +@item @code{public-registration} (default: @code{#f}) +Must be a @code{} record or +@code{#f}. + +You can optionally register your server in the public server list that the +@code{mumble} client shows on startup. You cannot register your server if +you have set a @code{server-password}, or set @code{allow-ping} to +@code{#f}. + +It might take a few hours until it shows up in the public list. + +@item @code{file} (default: @code{#f}) +Optional alternative override for this configuration. +@end table +@end deftp + +@deftp {Data Type} murmur-public-registration-configuration +Configuration for public registration of a murmur service. + +@table @asis +@item @code{name} +This is a display name for your server. Not to be confused with the +hostname. + +@item @code{password} +A password to identify your registration. Subsequent updates will need the +same password. Don't lose your password. + +@item @code{url} +This should be a @code{http://} or @code{https://} link to your web site. + +@item @code{hostname} (default: @code{#f}) +By default your server will be listed by its IP address. If it is set your +server will be linked by this host name instead. +@end table +@end deftp + + + +@node Monitoring Services +@subsubsection Monitoring Services + +@subsubheading Tailon Service + +@uref{https://tailon.readthedocs.io/, Tailon} is a web application for +viewing and searching log files. + +The following example will configure the service with default values. By +default, Tailon can be accessed on port 8080 (@code{http://localhost:8080}). + +@example +(service tailon-service-type) +@end example + +The following example customises more of the Tailon configuration, adding +@command{sed} to the list of allowed commands. + +@example +(service tailon-service-type + (tailon-configuration + (config-file + (tailon-configuration-file + (allowed-commands '("tail" "grep" "awk" "sed")))))) +@end example + + +@deftp {Data Type} tailon-configuration +Data type representing the configuration of Tailon. This type has the +following parameters: + +@table @asis +@item @code{config-file} (default: @code{(tailon-configuration-file)}) +The configuration file to use for Tailon. This can be set to a +@dfn{tailon-configuration-file} record value, or any gexp +(@pxref{G-Expressions}). + +For example, to instead use a local file, the @code{local-file} function can +be used: + +@example +(service tailon-service-type + (tailon-configuration + (config-file (local-file "./my-tailon.conf")))) +@end example + +@item @code{package} (default: @code{tailon}) +The tailon package to use. + +@end table +@end deftp + +@deftp {Data Type} tailon-configuration-file +Data type representing the configuration options for Tailon. This type has +the following parameters: + +@table @asis +@item @code{files} (default: @code{(list "/var/log")}) +List of files to display. The list can include strings for a single file or +directory, or a list, where the first item is the name of a subsection, and +the remaining items are the files or directories in that subsection. + +@item @code{bind} (default: @code{"localhost:8080"}) +Address and port to which Tailon should bind on. + +@item @code{relative-root} (default: @code{#f}) +URL path to use for Tailon, set to @code{#f} to not use a path. + +@item @code{allow-transfers?} (default: @code{#t}) +Allow downloading the log files in the web interface. + +@item @code{follow-names?} (default: @code{#t}) +Allow tailing of not-yet existent files. + +@item @code{tail-lines} (default: @code{200}) +Number of lines to read initially from each file. + +@item @code{allowed-commands} (default: @code{(list "tail" "grep" "awk")}) +Commands to allow running. By default, @code{sed} is disabled. + +@item @code{debug?} (default: @code{#f}) +Set @code{debug?} to @code{#t} to show debug messages. + +@item @code{wrap-lines} (default: @code{#t}) +Initial line wrapping state in the web interface. Set to @code{#t} to +initially wrap lines (the default), or to @code{#f} to initially not wrap +lines. + +@item @code{http-auth} (default: @code{#f}) +HTTP authentication type to use. Set to @code{#f} to disable authentication +(the default). Supported values are @code{"digest"} or @code{"basic"}. + +@item @code{users} (default: @code{#f}) +If HTTP authentication is enabled (see @code{http-auth}), access will be +restricted to the credentials provided here. To configure users, use a list +of pairs, where the first element of the pair is the username, and the 2nd +element of the pair is the password. + +@example +(tailon-configuration-file + (http-auth "basic") + (users '(("user1" . "password1") + ("user2" . "password2")))) +@end example + +@end table +@end deftp + + +@subsubheading Darkstat Service +@cindex darkstat +Darkstat is a packet sniffer that captures network traffic, calculates +statistics about usage, and serves reports over HTTP. + +@defvar {Scheme Variable} darkstat-service-type +This is the service type for the @uref{https://unix4lyfe.org/darkstat/, +darkstat} service, its value must be a @code{darkstat-configuration} record +as in this example: + +@example +(service darkstat-service-type + (darkstat-configuration + (interface "eno1"))) +@end example +@end defvar + +@deftp {Data Type} darkstat-configuration +Data type representing the configuration of @command{darkstat}. + +@table @asis +@item @code{package} (default: @code{darkstat}) +The darkstat package to use. + +@item @code{interface} +Capture traffic on the specified network interface. + +@item @code{port} (default: @code{"667"}) +Bind the web interface to the specified port. + +@item @code{bind-address} (default: @code{"127.0.0.1"}) +Bind the web interface to the specified address. + +@item @code{base} (default: @code{"/"}) +Specify the path of the base URL. This can be useful if @command{darkstat} +is accessed via a reverse proxy. + +@end table +@end deftp + + +@node Kerberos Services +@subsubsection Kerberos Services +@cindex Kerberos + +The @code{(gnu services kerberos)} module provides services relating to the +authentication protocol @dfn{Kerberos}. + +@subsubheading Krb5 Service + +Programs using a Kerberos client library normally expect a configuration +file in @file{/etc/krb5.conf}. This service generates such a file from a +definition provided in the operating system declaration. It does not cause +any daemon to be started. + +No ``keytab'' files are provided by this service---you must explicitly +create them. This service is known to work with the MIT client library, +@code{mit-krb5}. Other implementations have not been tested. + +@defvr {Scheme Variable} krb5-service-type +A service type for Kerberos 5 clients. +@end defvr + +@noindent +Here is an example of its use: +@lisp +(service krb5-service-type + (krb5-configuration + (default-realm "EXAMPLE.COM") + (allow-weak-crypto? #t) + (realms (list + (krb5-realm + (name "EXAMPLE.COM") + (admin-server "groucho.example.com") + (kdc "karl.example.com")) + (krb5-realm + (name "ARGRX.EDU") + (admin-server "kerb-admin.argrx.edu") + (kdc "keys.argrx.edu")))))) +@end lisp + +@noindent +This example provides a Kerberos@tie{}5 client configuration which: +@itemize +@item Recognizes two realms, @i{viz:} ``EXAMPLE.COM'' and ``ARGRX.EDU'', both +of which have distinct administration servers and key distribution centers; +@item Will default to the realm ``EXAMPLE.COM'' if the realm is not explicitly +specified by clients; +@item Accepts services which only support encryption types known to be weak. +@end itemize + +The @code{krb5-realm} and @code{krb5-configuration} types have many fields. +Only the most commonly used ones are described here. For a full list, and +more detailed explanation of each, see the MIT +@uref{http://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html,,krb5.conf} +documentation. + + +@deftp {Data Type} krb5-realm +@cindex realm, kerberos +@table @asis +@item @code{name} +This field is a string identifying the name of the realm. A common +convention is to use the fully qualified DNS name of your organization, +converted to upper case. + +@item @code{admin-server} +This field is a string identifying the host where the administration server +is running. + +@item @code{kdc} +This field is a string identifying the key distribution center for the +realm. +@end table +@end deftp + +@deftp {Data Type} krb5-configuration + +@table @asis +@item @code{allow-weak-crypto?} (default: @code{#f}) +If this flag is @code{#t} then services which only offer encryption +algorithms known to be weak will be accepted. + +@item @code{default-realm} (default: @code{#f}) +This field should be a string identifying the default Kerberos realm for the +client. You should set this field to the name of your Kerberos realm. If +this value is @code{#f} then a realm must be specified with every Kerberos +principal when invoking programs such as @command{kinit}. + +@item @code{realms} +This should be a non-empty list of @code{krb5-realm} objects, which clients +may access. Normally, one of them will have a @code{name} field matching +the @code{default-realm} field. +@end table +@end deftp + + +@subsubheading PAM krb5 Service +@cindex pam-krb5 + +The @code{pam-krb5} service allows for login authentication and password +management via Kerberos. You will need this service if you want PAM enabled +applications to authenticate users using Kerberos. + +@defvr {Scheme Variable} pam-krb5-service-type +A service type for the Kerberos 5 PAM module. +@end defvr + +@deftp {Data Type} pam-krb5-configuration +Data type representing the configuration of the Kerberos 5 PAM module This +type has the following parameters: +@table @asis +@item @code{pam-krb5} (default: @code{pam-krb5}) +The pam-krb5 package to use. + +@item @code{minimum-uid} (default: @code{1000}) +The smallest user ID for which Kerberos authentications should be +attempted. Local accounts with lower values will silently fail to +authenticate. +@end table +@end deftp + + +@node Web Services +@subsubsection Web Services + +@cindex web +@cindex www +@cindex HTTP +The @code{(gnu services web)} module provides the Apache HTTP Server, the +nginx web server, and also a fastcgi wrapper daemon. + +@subsubheading Apache HTTP Server + +@deffn {Scheme Variable} httpd-service-type +Service type for the @uref{https://httpd.apache.org/,Apache HTTP} server +(@dfn{httpd}). The value for this service type is a +@code{https-configuration} record. + +A simple example configuration is given below. + +@example +(service httpd-service-type + (httpd-configuration + (config + (httpd-config-file + (server-name "www.example.com") + (document-root "/srv/http/www.example.com"))))) +@end example + +Other services can also extend the @code{httpd-service-type} to add to the +configuration. + +@example +(simple-service 'my-extra-server httpd-service-type + (list + (httpd-virtualhost + "*:80" + (list (string-append + "ServerName "www.example.com + DocumentRoot \"/srv/http/www.example.com\""))))) +@end example +@end deffn + +The details for the @code{httpd-configuration}, @code{httpd-module}, +@code{httpd-config-file} and @code{httpd-virtualhost} record types are given +below. + +@deffn {Data Type} httpd-configuration +This data type represents the configuration for the httpd service. + +@table @asis +@item @code{package} (default: @code{httpd}) +The httpd package to use. + +@item @code{pid-file} (default: @code{"/var/run/httpd"}) +The pid file used by the shepherd-service. + +@item @code{config} (default: @code{(httpd-config-file)}) +The configuration file to use with the httpd service. The default value is a +@code{httpd-config-file} record, but this can also be a different +G-expression that generates a file, for example a @code{plain-file}. A file +outside of the store can also be specified through a string. + +@end table +@end deffn + +@deffn {Data Type} httpd-module +This data type represents a module for the httpd service. + +@table @asis +@item @code{name} +The name of the module. + +@item @code{file} +The file for the module. This can be relative to the httpd package being +used, the absolute location of a file, or a G-expression for a file within +the store, for example @code{(file-append mod-wsgi "/modules/mod_wsgi.so")}. + +@end table +@end deffn + +@deffn {Data Type} httpd-config-file +This data type represents a configuration file for the httpd service. + +@table @asis +@item @code{modules} (default: @code{%default-httpd-modules}) +The modules to load. Additional modules can be added here, or loaded by +additional configuration. + +@item @code{server-root} (default: @code{httpd}) +The @code{ServerRoot} in the configuration file, defaults to the httpd +package. Directives including @code{Include} and @code{LoadModule} are taken +as relative to the server root. + +@item @code{server-name} (default: @code{#f}) +The @code{ServerName} in the configuration file, used to specify the request +scheme, hostname and port that the server uses to identify itself. + +This doesn't need to be set in the server config, and can be specifyed in +virtual hosts. The default is @code{#f} to not specify a @code{ServerName}. + +@item @code{document-root} (default: @code{"/srv/http"}) +The @code{DocumentRoot} from which files will be served. + +@item @code{listen} (default: @code{'("80")}) +The list of values for the @code{Listen} directives in the config file. The +value should be a list of strings, when each string can specify the port +number to listen on, and optionally the IP address and protocol to use. + +@item @code{pid-file} (default: @code{"/var/run/httpd"}) +The @code{PidFile} to use. This should match the @code{pid-file} set in the +@code{httpd-configuration} so that the Shepherd service is configured +correctly. + +@item @code{error-log} (default: @code{"/var/log/httpd/error_log"}) +The @code{ErrorLog} to which the server will log errors. + +@item @code{user} (default: @code{"httpd"}) +The @code{User} which the server will answer requests as. + +@item @code{group} (default: @code{"httpd"}) +The @code{Group} which the server will answer requests as. + +@item @code{extra-config} (default: @code{(list "TypesConfig etc/httpd/mime.types")}) +A flat list of strings and G-expressions which will be added to the end of +the configuration file. + +Any values which the service is extended with will be appended to this list. + +@end table +@end deffn + +@deffn {Data Type} httpd-virtualhost +This data type represents a virtualhost configuration block for the httpd +service. + +These should be added to the extra-config for the httpd-service. + +@example +(simple-service 'my-extra-server httpd-service-type + (list + (httpd-virtualhost + "*:80" + (list (string-append + "ServerName "www.example.com + DocumentRoot \"/srv/http/www.example.com\""))))) +@end example + +@table @asis +@item @code{addresses-and-ports} +The addresses and ports for the @code{VirtualHost} directive. + +@item @code{contents} +The contents of the @code{VirtualHost} directive, this should be a list of +strings and G-expressions. + +@end table +@end deffn + +@subsubheading NGINX + +@deffn {Scheme Variable} nginx-service-type +Service type for the @uref{https://nginx.org/,NGinx} web server. The value +for this service type is a @code{} record. + +A simple example configuration is given below. + +@example +(service nginx-service-type + (nginx-configuration + (server-blocks + (list (nginx-server-configuration + (server-name '("www.example.com")) + (root "/srv/http/www.example.com")))))) +@end example + +In addition to adding server blocks to the service configuration directly, +this service can be extended by other services to add server blocks, as in +this example: + +@example +(simple-service 'my-extra-server nginx-service-type + (list (nginx-server-configuration + (root "/srv/http/extra-website") + (try-files (list "$uri" "$uri/index.html"))))) +@end example +@end deffn + +At startup, @command{nginx} has not yet read its configuration file, so it +uses a default file to log error messages. If it fails to load its +configuration file, that is where error messages are logged. After the +configuration file is loaded, the default error log file changes as per +configuration. In our case, startup error messages can be found in +@file{/var/run/nginx/logs/error.log}, and after configuration in +@file{/var/log/nginx/error.log}. The second location can be changed with +the @var{log-directory} configuration option. + +@deffn {Data Type} nginx-configuration +This data type represents the configuration for NGinx. Some configuration +can be done through this and the other provided record types, or +alternatively, a config file can be provided. + +@table @asis +@item @code{nginx} (default: @code{nginx}) +The nginx package to use. + +@item @code{log-directory} (default: @code{"/var/log/nginx"}) +The directory to which NGinx will write log files. + +@item @code{run-directory} (default: @code{"/var/run/nginx"}) +The directory in which NGinx will create a pid file, and write temporary +files. + +@item @code{server-blocks} (default: @code{'()}) +A list of @dfn{server blocks} to create in the generated configuration file, +the elements should be of type @code{}. + +The following example would setup NGinx to serve @code{www.example.com} from +the @code{/srv/http/www.example.com} directory, without using HTTPS. +@example +(service nginx-service-type + (nginx-configuration + (server-blocks + (list (nginx-server-configuration + (server-name '("www.example.com")) + (root "/srv/http/www.example.com")))))) +@end example + +@item @code{upstream-blocks} (default: @code{'()}) +A list of @dfn{upstream blocks} to create in the generated configuration +file, the elements should be of type @code{}. + +Configuring upstreams through the @code{upstream-blocks} can be useful when +combined with @code{locations} in the @code{} +records. The following example creates a server configuration with one +location configuration, that will proxy requests to a upstream +configuration, which will handle requests with two servers. + +@example +(service + nginx-service-type + (nginx-configuration + (server-blocks + (list (nginx-server-configuration + (server-name '("www.example.com")) + (root "/srv/http/www.example.com") + (locations + (list + (nginx-location-configuration + (uri "/path1") + (body '("proxy_pass http://server-proxy;")))))))) + (upstream-blocks + (list (nginx-upstream-configuration + (name "server-proxy") + (servers (list "server1.example.com" + "server2.example.com"))))))) +@end example + +@item @code{file} (default: @code{#f}) +If a configuration @var{file} is provided, this will be used, rather than +generating a configuration file from the provided @code{log-directory}, +@code{run-directory}, @code{server-blocks} and @code{upstream-blocks}. For +proper operation, these arguments should match what is in @var{file} to +ensure that the directories are created when the service is activated. + +This can be useful if you have an existing configuration file, or it's not +possible to do what is required through the other parts of the +nginx-configuration record. + +@item @code{server-names-hash-bucket-size} (default: @code{#f}) +Bucket size for the server names hash tables, defaults to @code{#f} to use +the size of the processors cache line. + +@item @code{server-names-hash-bucket-max-size} (default: @code{#f}) +Maximum bucket size for the server names hash tables. + +@end table +@end deffn + +@deftp {Data Type} nginx-server-configuration +Data type representing the configuration of an nginx server block. This +type has the following parameters: + +@table @asis +@item @code{listen} (default: @code{'("80" "443 ssl")}) +Each @code{listen} directive sets the address and port for IP, or the path +for a UNIX-domain socket on which the server will accept requests. Both +address and port, or only address or only port can be specified. An address +may also be a hostname, for example: + +@example +'("127.0.0.1:8000" "127.0.0.1" "8000" "*:8000" "localhost:8000") +@end example + +@item @code{server-name} (default: @code{(list 'default)}) +A list of server names this server represents. @code{'default} represents +the default server for connections matching no other server. + +@item @code{root} (default: @code{"/srv/http"}) +Root of the website nginx will serve. + +@item @code{locations} (default: @code{'()}) +A list of @dfn{nginx-location-configuration} or +@dfn{nginx-named-location-configuration} records to use within this server +block. + +@item @code{index} (default: @code{(list "index.html")}) +Index files to look for when clients ask for a directory. If it cannot be +found, Nginx will send the list of files in the directory. + +@item @code{try-files} (default: @code{'()}) +A list of files whose existence is checked in the specified order. +@code{nginx} will use the first file it finds to process the request. + +@item @code{ssl-certificate} (default: @code{#f}) +Where to find the certificate for secure connections. Set it to @code{#f} +if you don't have a certificate or you don't want to use HTTPS. + +@item @code{ssl-certificate-key} (default: @code{#f}) +Where to find the private key for secure connections. Set it to @code{#f} +if you don't have a key or you don't want to use HTTPS. + +@item @code{server-tokens?} (default: @code{#f}) +Whether the server should add its configuration to response. + +@item @code{raw-content} (default: @code{'()}) +A list of raw lines added to the server block. + +@end table +@end deftp + +@deftp {Data Type} nginx-upstream-configuration +Data type representing the configuration of an nginx @code{upstream} block. +This type has the following parameters: + +@table @asis +@item @code{name} +Name for this group of servers. + +@item @code{servers} +Specify the addresses of the servers in the group. The address can be +specified as a IP address (e.g. @samp{127.0.0.1}), domain name +(e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the +prefix @samp{unix:}. For addresses using an IP address or domain name, the +default port is 80, and a different port can be specified explicitly. + +@end table +@end deftp + +@deftp {Data Type} nginx-location-configuration +Data type representing the configuration of an nginx @code{location} block. +This type has the following parameters: + +@table @asis +@item @code{uri} +URI which this location block matches. + +@anchor{nginx-location-configuration body} +@item @code{body} +Body of the location block, specified as a list of strings. This can contain +many configuration directives. For example, to pass requests to a upstream +server group defined using an @code{nginx-upstream-configuration} block, the +following directive would be specified in the body @samp{(list "proxy_pass +http://upstream-name;")}. + +@end table +@end deftp + +@deftp {Data Type} nginx-named-location-configuration +Data type representing the configuration of an nginx named location block. +Named location blocks are used for request redirection, and not used for +regular request processing. This type has the following parameters: + +@table @asis +@item @code{name} +Name to identify this location block. + +@item @code{body} +@xref{nginx-location-configuration body}, as the body for named location +blocks can be used in a similar way to the +@code{nginx-location-configuration body}. One restriction is that the body +of a named location block cannot contain location blocks. + +@end table +@end deftp + +@cindex fastcgi +@cindex fcgiwrap +FastCGI is an interface between the front-end and the back-end of a web +service. It is a somewhat legacy facility; new web services should +generally just talk HTTP between the front-end and the back-end. However +there are a number of back-end services such as PHP or the optimized HTTP +Git repository access that use FastCGI, so we have support for it in Guix. + +To use FastCGI, you configure the front-end web server (e.g., nginx) to +dispatch some subset of its requests to the fastcgi backend, which listens +on a local TCP or UNIX socket. There is an intermediary @code{fcgiwrap} +program that sits between the actual backend process and the web server. +The front-end indicates which backend program to run, passing that +information to the @code{fcgiwrap} process. + +@defvr {Scheme Variable} fcgiwrap-service-type +A service type for the @code{fcgiwrap} FastCGI proxy. +@end defvr + +@deftp {Data Type} fcgiwrap-configuration +Data type representing the configuration of the @code{fcgiwrap} serice. +This type has the following parameters: +@table @asis +@item @code{package} (default: @code{fcgiwrap}) +The fcgiwrap package to use. + +@item @code{socket} (default: @code{tcp:127.0.0.1:9000}) +The socket on which the @code{fcgiwrap} process should listen, as a string. +Valid @var{socket} values include @code{unix:@var{/path/to/unix/socket}}, +@code{tcp:@var{dot.ted.qu.ad}:@var{port}} and +@code{tcp6:[@var{ipv6_addr}]:port}. + +@item @code{user} (default: @code{fcgiwrap}) +@itemx @code{group} (default: @code{fcgiwrap}) +The user and group names, as strings, under which to run the @code{fcgiwrap} +process. The @code{fastcgi} service will ensure that if the user asks for +the specific user or group names @code{fcgiwrap} that the corresponding user +and/or group is present on the system. + +It is possible to configure a FastCGI-backed web service to pass HTTP +authentication information from the front-end to the back-end, and to allow +@code{fcgiwrap} to run the back-end process as a corresponding local user. +To enable this capability on the back-end., run @code{fcgiwrap} as the +@code{root} user and group. Note that this capability also has to be +configured on the front-end as well. +@end table +@end deftp + +@cindex php-fpm +PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI +implementation with some additional features useful for sites of any size. + +These features include: +@itemize @bullet +@item Adaptive process spawning +@item Basic statistics (similar to Apache's mod_status) +@item Advanced process management with graceful stop/start +@item Ability to start workers with different uid/gid/chroot/environment +and different php.ini (replaces safe_mode) +@item Stdout & stderr logging +@item Emergency restart in case of accidental opcode cache destruction +@item Accelerated upload support +@item Support for a "slowlog" +@item Enhancements to FastCGI, such as fastcgi_finish_request() - +a special function to finish request & flush all data while continuing to do +something time-consuming (video converting, stats processing, etc.) +@end itemize +... and much more. + +@defvr {Scheme Variable} php-fpm-service-type +A Service type for @code{php-fpm}. +@end defvr + +@deftp {Data Type} php-fpm-configuration +Data Type for php-fpm service configuration. +@table @asis +@item @code{php} (default: @code{php}) +The php package to use. +@item @code{socket} (default: @code{(string-append "/var/run/php" (version-major (package-version php)) "-fpm.sock")}) +The address on which to accept FastCGI requests. Valid syntaxes are: +@table @asis +@item @code{"ip.add.re.ss:port"} +Listen on a TCP socket to a specific address on a specific port. +@item @code{"port"} +Listen on a TCP socket to all addresses on a specific port. +@item @code{"/path/to/unix/socket"} +Listen on a unix socket. +@end table + +@item @code{user} (default: @code{php-fpm}) +User who will own the php worker processes. +@item @code{group} (default: @code{php-fpm}) +Group of the worker processes. +@item @code{socket-user} (default: @code{php-fpm}) +User who can speak to the php-fpm socket. +@item @code{socket-group} (default: @code{php-fpm}) +Group that can speak to the php-fpm socket. +@item @code{pid-file} (default: @code{(string-append "/var/run/php" (version-major (package-version php)) "-fpm.pid")}) +The process id of the php-fpm process is written to this file once the +service has started. +@item @code{log-file} (default: @code{(string-append "/var/log/php" (version-major (package-version php)) "-fpm.log")}) +Log for the php-fpm master process. +@item @code{process-manager} (default: @code{(php-fpm-dynamic-process-manager-configuration)}) +Detailed settings for the php-fpm process manager. Must be either: +@table @asis +@item @code{} +@item @code{} +@item @code{} +@end table +@item @code{display-errors} (default @code{#f}) +Determines whether php errors and warning should be sent to clients and +displayed in their browsers. This is useful for local php development, but +a security risk for public sites, as error messages can reveal passwords and +personal data. +@item @code{workers-logfile} (default @code{(string-append "/var/log/php" (version-major (package-version php)) "-fpm.www.log")}) +This file will log the @code{stderr} outputs of php worker processes. Can +be set to @code{#f} to disable logging. +@item @code{file} (default @code{#f}) +An optional override of the whole configuration. You can use the +@code{mixed-text-file} function or an absolute filepath for it. +@end table +@end deftp + +@deftp {Data type} php-fpm-dynamic-process-manager-configuration +Data Type for the @code{dynamic} php-fpm process manager. With the +@code{dynamic} process manager, spare worker processes are kept around based +on it's configured limits. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@item @code{start-servers} (default: @code{2}) +How many worker processes should be started on start-up. +@item @code{min-spare-servers} (default: @code{1}) +How many spare worker processes should be kept around at minimum. +@item @code{max-spare-servers} (default: @code{3}) +How many spare worker processes should be kept around at maximum. +@end table +@end deftp + +@deftp {Data type} php-fpm-static-process-manager-configuration +Data Type for the @code{static} php-fpm process manager. With the +@code{static} process manager, an unchanging number of worker processes are +created. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@end table +@end deftp + +@deftp {Data type} php-fpm-on-demand-process-manager-configuration +Data Type for the @code{on-demand} php-fpm process manager. With the +@code{on-demand} process manager, worker processes are only created as +requests arrive. +@table @asis +@item @code{max-children} (default: @code{5}) +Maximum of worker processes. +@item @code{process-idle-timeout} (default: @code{10}) +The time in seconds after which a process with no requests is killed. +@end table +@end deftp + + +@deffn {Scheme Procedure} nginx-php-fpm-location @ + [#:nginx-package nginx] @ [socket (string-append "/var/run/php" @ +(version-major (package-version php)) @ "-fpm.sock")] A helper function to +quickly add php to an @code{nginx-server-configuration}. +@end deffn + +A simple services setup for nginx with php can look like this: +@example +(services (cons* (dhcp-client-service) + (service php-fpm-service-type) + (service nginx-service-type + (nginx-server-configuration + (server-name '("example.com")) + (root "/srv/http/") + (locations + (list (nginx-php-location))) + (https-port #f) + (ssl-certificate #f) + (ssl-certificate-key #f))) + %base-services)) +@end example + +@cindex cat-avatar-generator +The cat avatar generator is a simple service to demonstrate the use of +php-fpm in @code{Nginx}. It is used to generate cat avatar from a seed, for +instance the hash of a user's email address. + +@deffn {Scheme Procedure} cat-avatar-generator-serice @ + [#:cache-dir "/var/cache/cat-avatar-generator"] @ [#:package +cat-avatar-generator] @ [#:configuration (nginx-server-configuration)] +Returns an nginx-server-configuration that inherits @code{configuration}. +It extends the nginx configuration to add a server block that serves +@code{package}, a version of cat-avatar-generator. During execution, +cat-avatar-generator will be able to use @code{cache-dir} as its cache +directory. +@end deffn + +A simple setup for cat-avatar-generator can look like this: +@example +(services (cons* (cat-avatar-generator-service + #:configuration + (nginx-server-configuration + (server-name '("example.com")))) + ... + %base-services)) +@end example + +@node Certificate Services +@subsubsection Certificate Services + +@cindex Web +@cindex HTTP, HTTPS +@cindex Let's Encrypt +@cindex TLS certificates +The @code{(gnu services certbot)} module provides a service to automatically +obtain a valid TLS certificate from the Let's Encrypt certificate +authority. These certificates can then be used to serve content securely +over HTTPS or other TLS-based protocols, with the knowledge that the client +will be able to verify the server's authenticity. + +@url{https://letsencrypt.org/, Let's Encrypt} provides the @code{certbot} +tool to automate the certification process. This tool first securely +generates a key on the server. It then makes a request to the Let's Encrypt +certificate authority (CA) to sign the key. The CA checks that the request +originates from the host in question by using a challenge-response protocol, +requiring the server to provide its response over HTTP. If that protocol +completes successfully, the CA signs the key, resulting in a certificate. +That certificate is valid for a limited period of time, and therefore to +continue to provide TLS services, the server needs to periodically ask the +CA to renew its signature. + +The certbot service automates this process: the initial key generation, the +initial certification request to the Let's Encrypt service, the web server +challenge/response integration, writing the certificate to disk, the +automated periodic renewals, and the deployment tasks associated with the +renewal (e.g. reloading services, copying keys with different permissions). + +Certbot is run twice a day, at a random minute within the hour. It won't do +anything until your certificates are due for renewal or revoked, but running +it regularly would give your service a chance of staying online in case a +Let's Encrypt-initiated revocation happened for some reason. + +By using this service, you agree to the ACME Subscriber Agreement, which can +be found there: @url{https://acme-v01.api.letsencrypt.org/directory}. + +@defvr {Scheme Variable} certbot-service-type +A service type for the @code{certbot} Let's Encrypt client. Its value must +be a @code{certbot-configuration} record as in this example: + +@example +(define %nginx-deploy-hook + (program-file + "nginx-deploy-hook" + #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) + (kill pid SIGHUP)))) + +(service certbot-service-type + (certbot-configuration + (email "foo@@example.net") + (certificates + (list + (certificate-configuration + (domains '("example.net" "www.example.net")) + (deploy-hook %nginx-deploy-hook)) + (certificate-configuration + (domains '("bar.example.net"))))))) +@end example + +See below for details about @code{certbot-configuration}. +@end defvr + +@deftp {Data Type} certbot-configuration +Data type representing the configuration of the @code{certbot} service. +This type has the following parameters: + +@table @asis +@item @code{package} (default: @code{certbot}) +The certbot package to use. + +@item @code{webroot} (default: @code{/var/www}) +The directory from which to serve the Let's Encrypt challenge/response +files. + +@item @code{certificates} (default: @code{()}) +A list of @code{certificates-configuration}s for which to generate +certificates and request signatures. Each certificate has a @code{name} and +several @code{domains}. + +@item @code{email} +Mandatory email used for registration, recovery contact, and important +account notifications. + +@item @code{rsa-key-size} (default: @code{2048}) +Size of the RSA key. + +@item @code{default-location} (default: @i{see below}) +The default @code{nginx-location-configuration}. Because @code{certbot} +needs to be able to serve challenges and responses, it needs to be able to +run a web server. It does so by extending the @code{nginx} web service with +an @code{nginx-server-configuration} listening on the @var{domains} on port +80, and which has a @code{nginx-location-configuration} for the +@code{/.well-known/} URI path subspace used by Let's Encrypt. @xref{Web +Services}, for more on these nginx configuration data types. + +Requests to other URL paths will be matched by the @code{default-location}, +which if present is added to all @code{nginx-server-configuration}s. + +By default, the @code{default-location} will issue a redirect from +@code{http://@var{domain}/...} to @code{https://@var{domain}/...}, leaving +you to define what to serve on your site via @code{https}. + +Pass @code{#f} to not issue a default location. +@end table +@end deftp + +@deftp {Data Type} certificate-configuration +Data type representing the configuration of a certificate. This type has +the following parameters: + +@table @asis +@item @code{name} (default: @i{see below}) +This name is used by Certbot for housekeeping and in file paths; it doesn't +affect the content of the certificate itself. To see certificate names, run +@code{certbot certificates}. + +Its default is the first provided domain. + +@item @code{domains} (default: @code{()}) +The first domain provided will be the subject CN of the certificate, and all +domains will be Subject Alternative Names on the certificate. + +@item @code{deploy-hook} (default: @code{#f}) +Command to be run in a shell once for each successfully issued certificate. +For this command, the shell variable @code{$RENEWED_LINEAGE} will point to +the config live subdirectory (for example, +@samp{"/etc/letsencrypt/live/example.com"}) containing the new certificates +and keys; the shell variable @code{$RENEWED_DOMAINS} will contain a +space-delimited list of renewed certificate domains (for example, +@samp{"example.com www.example.com"}. + +@end table +@end deftp + +For each @code{certificate-configuration}, the certificate is saved to +@code{/etc/letsencrypt/live/@var{name}/fullchain.pem} and the key is saved +to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}. +@node DNS Services +@subsubsection DNS Services +@cindex DNS (domain name system) +@cindex domain name system (DNS) + +The @code{(gnu services dns)} module provides services related to the +@dfn{domain name system} (DNS). It provides a server service for hosting an +@emph{authoritative} DNS server for multiple zones, slave or master. This +service uses @uref{https://www.knot-dns.cz/, Knot DNS}. + +An example configuration of an authoritative server for two zones, one +master and one slave, is: + +@lisp +(define-zone-entries example.org.zone +;; Name TTL Class Type Data + ("@@" "" "IN" "A" "127.0.0.1") + ("@@" "" "IN" "NS" "ns") + ("ns" "" "IN" "A" "127.0.0.1")) + +(define master-zone + (knot-zone-configuration + (domain "example.org") + (zone (zone-file + (origin "example.org") + (entries example.org.zone))))) + +(define slave-zone + (knot-zone-configuration + (domain "plop.org") + (dnssec-policy "default") + (master (list "plop-master")))) + +(define plop-master + (knot-remote-configuration + (id "plop-master") + (address (list "208.76.58.171")))) + +(operating-system + ;; ... + (services (cons* (service knot-service-type + (knot-configuration + (remotes (list plop-master)) + (zones (list master-zone slave-zone)))) + ;; ... + %base-services))) +@end lisp + +@deffn {Scheme Variable} knot-service-type +This is the type for the Knot DNS server. + +Knot DNS is an authoritative DNS server, meaning that it can serve multiple +zones, that is to say domain names you would buy from a registrar. This +server is not a resolver, meaning that it can only resolve names for which +it is authoritative. This server can be configured to serve zones as a +master server or a slave server as a per-zone basis. Slave zones will get +their data from masters, and will serve it as an authoritative server. From +the point of view of a resolver, there is no difference between master and +slave. + +The following data types are used to configure the Knot DNS server: +@end deffn + +@deftp {Data Type} knot-key-configuration +Data type representing a key. This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for other configuration fields to refer to this key. IDs must +be unique and must not be empty. + +@item @code{algorithm} (default: @code{#f}) +The algorithm to use. Choose between @code{#f}, @code{'hmac-md5}, +@code{'hmac-sha1}, @code{'hmac-sha224}, @code{'hmac-sha256}, +@code{'hmac-sha384} and @code{'hmac-sha512}. + +@item @code{secret} (default: @code{""}) +The secret key itself. + +@end table +@end deftp + +@deftp {Data Type} knot-acl-configuration +Data type representing an Access Control List (ACL) configuration. This +type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for ether configuration fields to refer to this key. IDs must +be unique and must not be empty. + +@item @code{address} (default: @code{'()}) +An ordered list of IP addresses, network subnets, or network ranges +represented with strings. The query must match one of them. Empty value +means that address match is not required. + +@item @code{key} (default: @code{'()}) +An ordered list of references to keys represented with strings. The string +must match a key ID defined in a @code{knot-key-configuration}. No key +means that a key is not require to match that ACL. + +@item @code{action} (default: @code{'()}) +An ordered list of actions that are permitted or forbidden by this ACL. +Possible values are lists of zero or more elements from @code{'transfer}, +@code{'notify} and @code{'update}. + +@item @code{deny?} (default: @code{#f}) +When true, the ACL defines restrictions. Listed actions are forbidden. +When false, listed actions are allowed. + +@end table +@end deftp + +@deftp {Data Type} zone-entry +Data type represnting a record entry in a zone file. This type has the +following parameters: + +@table @asis +@item @code{name} (default: @code{"@@"}) +The name of the record. @code{"@@"} refers to the origin of the zone. +Names are relative to the origin of the zone. For example, in the +@code{example.org} zone, @code{"ns.example.org"} actually refers to +@code{ns.example.org.example.org}. Names ending with a dot are absolute, +which means that @code{"ns.example.org."} refers to @code{ns.example.org}. + +@item @code{ttl} (default: @code{""}) +The Time-To-Live (TTL) of this record. If not set, the default TTL is used. + +@item @code{class} (default: @code{"IN"}) +The class of the record. Knot currently supports only @code{"IN"} and +partially @code{"CH"}. + +@item @code{type} (default: @code{"A"}) +The type of the record. Common types include A (IPv4 address), AAAA (IPv6 +address), NS (Name Server) and MX (Mail eXchange). Many other types are +defined. + +@item @code{data} (default: @code{""}) +The data contained in the record. For instance an IP address associated +with an A record, or a domain name associated with an NS record. Remember +that domain names are relative to the origin unless they end with a dot. + +@end table +@end deftp + +@deftp {Data Type} zone-file +Data type representing the content of a zone file. This type has the +following parameters: + +@table @asis +@item @code{entries} (default: @code{'()}) +The list of entries. The SOA record is taken care of, so you don't need to +put it in the list of entries. This list should probably contain an entry +for your primary authoritative DNS server. Other than using a list of +entries directly, you can use @code{define-zone-entries} to define a object +containing the list of entries more easily, that you can later pass to the +@code{entries} field of the @code{zone-file}. + +@item @code{origin} (default: @code{""}) +The name of your zone. This parameter cannot be empty. + +@item @code{ns} (default: @code{"ns"}) +The domain of your primary authoritative DNS server. The name is relative +to the origin, unless it ends with a dot. It is mandatory that this primary +DNS server corresponds to an NS record in the zone and that it is associated +to an IP address in the list of entries. + +@item @code{mail} (default: @code{"hostmaster"}) +An email address people can contact you at, as the owner of the zone. This +is translated as @code{@@}. + +@item @code{serial} (default: @code{1}) +The serial number of the zone. As this is used to keep track of changes by +both slaves and resolvers, it is mandatory that it @emph{never} decreases. +Always increment it when you make a change in your zone. + +@item @code{refresh} (default: @code{(* 2 24 3600)}) +The frequency at which slaves will do a zone transfer. This value is a +number of seconds. It can be computed by multiplications or with +@code{(string->duration)}. + +@item @code{retry} (default: @code{(* 15 60)}) +The period after which a slave will retry to contact its master when it +fails to do so a first time. + +@item @code{expiry} (default: @code{(* 14 24 3600)}) +Default TTL of records. Existing records are considered correct for at most +this amount of time. After this period, resolvers will invalidate their +cache and check again that it still exists. + +@item @code{nx} (default: @code{3600}) +Default TTL of inexistant records. This delay is usually short because you +want your new domains to reach everyone quickly. + +@end table +@end deftp + +@deftp {Data Type} knot-remote-configuration +Data type representing a remote configuration. This type has the following +parameters: + +@table @asis +@item @code{id} (default: @code{""}) +An identifier for other configuration fields to refer to this remote. IDs +must be unique and must not be empty. + +@item @code{address} (default: @code{'()}) +An ordered list of destination IP addresses. Addresses are tried in +sequence. An optional port can be given with the @@ separator. For +instance: @code{(list "1.2.3.4" "2.3.4.5@@53")}. Default port is 53. + +@item @code{via} (default: @code{'()}) +An ordered list of source IP addresses. An empty list will have Knot choose +an appropriate source IP. An optional port can be given with the @@ +separator. The default is to choose at random. + +@item @code{key} (default: @code{#f}) +A reference to a key, that is a string containing the identifier of a key +defined in a @code{knot-key-configuration} field. + +@end table +@end deftp + +@deftp {Data Type} knot-keystore-configuration +Data type representing a keystore to hold dnssec keys. This type has the +following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +The id of the keystore. It must not be empty. + +@item @code{backend} (default: @code{'pem}) +The backend to store the keys in. Can be @code{'pem} or @code{'pkcs11}. + +@item @code{config} (default: @code{"/var/lib/knot/keys/keys"}) +The configuration string of the backend. An example for the PKCS#11 is: +@code{"pkcs11:token=knot;pin-value=1234 +/gnu/store/.../lib/pkcs11/libsofthsm2.so"}. For the pem backend, the string +reprensents a path in the file system. + +@end table +@end deftp + +@deftp {Data Type} knot-policy-configuration +Data type representing a dnssec policy. Knot DNS is able to automatically +sign your zones. It can either generate and manage your keys automatically +or use keys that you generate. + +Dnssec is usually implemented using two keys: a Key Signing Key (KSK) that +is used to sign the second, and a Zone Signing Key (ZSK) that is used to +sign the zone. In order to be trusted, the KSK needs to be present in the +parent zone (usually a top-level domain). If your registrar supports +dnssec, you will have to send them your KSK's hash so they can add a DS +record in their zone. This is not automated and need to be done each time +you change your KSK. + +The policy also defines the lifetime of keys. Usually, ZSK can be changed +easily and use weaker cryptographic functions (they use lower parameters) in +order to sign records quickly, so they are changed often. The KSK however +requires manual interaction with the registrar, so they are changed less +often and use stronger parameters because they sign only one record. + +This type has the following parameters: + +@table @asis +@item @code{id} (default: @code{""}) +The id of the policy. It must not be empty. + +@item @code{keystore} (default: @code{"default"}) +A reference to a keystore, that is a string containing the identifier of a +keystore defined in a @code{knot-keystore-configuration} field. The +@code{"default"} identifier means the default keystore (a kasp database that +was setup by this service). + +@item @code{manual?} (default: @code{#f}) +Whether the key management is manual or automatic. + +@item @code{single-type-signing?} (default: @code{#f}) +When @code{#t}, use the Single-Type Signing Scheme. + +@item @code{algorithm} (default: @code{"ecdsap256sha256"}) +An algorithm of signing keys and issued signatures. + +@item @code{ksk-size} (default: @code{256}) +The length of the KSK. Note that this value is correct for the default +algorithm, but would be unsecure for other algorithms. + +@item @code{zsk-size} (default: @code{256}) +The length of the ZSK. Note that this value is correct for the default +algorithm, but would be unsecure for other algorithms. + +@item @code{dnskey-ttl} (default: @code{'default}) +The TTL value for DNSKEY records added into zone apex. The special +@code{'default} value means same as the zone SOA TTL. + +@item @code{zsk-lifetime} (default: @code{(* 30 24 3600)}) +The period between ZSK publication and the next rollover initiation. + +@item @code{propagation-delay} (default: @code{(* 24 3600)}) +An extra delay added for each key rollover step. This value should be high +enough to cover propagation of data from the master server to all slaves. + +@item @code{rrsig-lifetime} (default: @code{(* 14 24 3600)}) +A validity period of newly issued signatures. + +@item @code{rrsig-refresh} (default: @code{(* 7 24 3600)}) +A period how long before a signature expiration the signature will be +refreshed. + +@item @code{nsec3?} (default: @code{#f}) +When @code{#t}, NSEC3 will be used instead of NSEC. + +@item @code{nsec3-iterations} (default: @code{5}) +The number of additional times the hashing is performed. + +@item @code{nsec3-salt-length} (default: @code{8}) +The length of a salt field in octets, which is appended to the original +owner name before hashing. + +@item @code{nsec3-salt-lifetime} (default: @code{(* 30 24 3600)}) +The validity period of newly issued salt field. + +@end table +@end deftp + +@deftp {Data Type} knot-zone-configuration +Data type representing a zone served by Knot. This type has the following +parameters: + +@table @asis +@item @code{domain} (default: @code{""}) +The domain served by this configuration. It must not be empty. + +@item @code{file} (default: @code{""}) +The file where this zone is saved. This parameter is ignored by master +zones. Empty means default location that depends on the domain name. + +@item @code{zone} (default: @code{(zone-file)}) +The content of the zone file. This parameter is ignored by slave zones. It +must contain a zone-file record. + +@item @code{master} (default: @code{'()}) +A list of master remotes. When empty, this zone is a master. When set, +this zone is a slave. This is a list of remotes identifiers. + +@item @code{ddns-master} (default: @code{#f}) +The main master. When empty, it defaults to the first master in the list of +masters. + +@item @code{notify} (default: @code{'()}) +A list of slave remote identifiers. + +@item @code{acl} (default: @code{'()}) +A list of acl identifiers. + +@item @code{semantic-checks?} (default: @code{#f}) +When set, this adds more semantic checks to the zone. + +@item @code{disable-any?} (default: @code{#f}) +When set, this forbids queries of the ANY type. + +@item @code{zonefile-sync} (default: @code{0}) +The delay between a modification in memory and on disk. 0 means immediate +synchronization. + +@item @code{serial-policy} (default: @code{'increment}) +A policy between @code{'increment} and @code{'unixtime}. + +@end table +@end deftp + +@deftp {Data Type} knot-configuration +Data type representing the Knot configuration. This type has the following +parameters: + +@table @asis +@item @code{knot} (default: @code{knot}) +The Knot package. + +@item @code{run-directory} (default: @code{"/var/run/knot"}) +The run directory. This directory will be used for pid file and sockets. + +@item @code{listen-v4} (default: @code{"0.0.0.0"}) +An ip address on which to listen. + +@item @code{listen-v6} (default: @code{"::"}) +An ip address on which to listen. + +@item @code{listen-port} (default: @code{53}) +A port on which to listen. + +@item @code{keys} (default: @code{'()}) +The list of knot-key-configuration used by this configuration. + +@item @code{acls} (default: @code{'()}) +The list of knot-acl-configuration used by this configuration. + +@item @code{remotes} (default: @code{'()}) +The list of knot-remote-configuration used by this configuration. + +@item @code{zones} (default: @code{'()}) +The list of knot-zone-configuration used by this configuration. + +@end table +@end deftp + + +@node VPN Services +@subsubsection VPN Services +@cindex VPN (virtual private network) +@cindex virtual private network (VPN) + +The @code{(gnu services vpn)} module provides services related to +@dfn{virtual private networks} (VPNs). It provides a @emph{client} service +for your machine to connect to a VPN, and a @emph{servire} service for your +machine to host a VPN. Both services use @uref{https://openvpn.net/, +OpenVPN}. + +@deffn {Scheme Procedure} openvpn-client-service @ + [#:config (openvpn-client-configuration)] + +Return a service that runs @command{openvpn}, a VPN daemon, as a client. +@end deffn + +@deffn {Scheme Procedure} openvpn-server-service @ + [#:config (openvpn-server-configuration)] + +Return a service that runs @command{openvpn}, a VPN daemon, as a server. + +Both can be run simultaneously. +@end deffn + +@c %automatically generated documentation + +Available @code{openvpn-client-configuration} fields are: + +@deftypevr {@code{openvpn-client-configuration} parameter} package openvpn +The OpenVPN package. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} string pid-file +The OpenVPN pid file. + +Defaults to @samp{"/var/run/openvpn/openvpn.pid"}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} proto proto +The protocol (UDP or TCP) used to open a channel between clients and +servers. + +Defaults to @samp{udp}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} dev dev +The device type used to represent the VPN connection. + +Defaults to @samp{tun}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} string ca +The certificate authority to check connections against. + +Defaults to @samp{"/etc/openvpn/ca.crt"}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} string cert +The certificate of the machine the daemon is running on. It should be +signed by the authority given in @code{ca}. + +Defaults to @samp{"/etc/openvpn/client.crt"}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} string key +The key of the machine the daemon is running on. It must be the key whose +certificate is @code{cert}. + +Defaults to @samp{"/etc/openvpn/client.key"}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} boolean comp-lzo? +Whether to use the lzo compression algorithm. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} boolean persist-key? +Don't re-read key files across SIGUSR1 or --ping-restart. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} boolean persist-tun? +Don't close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 +or --ping-restart restarts. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} number verbosity +Verbosity level. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} tls-auth-client tls-auth +Add an additional layer of HMAC authentication on top of the TLS control +channel to protect against DoS attacks. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} key-usage verify-key-usage? +Whether to check the server certificate has server usage extension. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} bind bind? +Bind to a specific local port number. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} resolv-retry resolv-retry? +Retry resolving server address. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-client-configuration} parameter} openvpn-remote-list remote +A list of remote servers to connect to. + +Defaults to @samp{()}. + +Available @code{openvpn-remote-configuration} fields are: + +@deftypevr {@code{openvpn-remote-configuration} parameter} string name +Server name. + +Defaults to @samp{"my-server"}. + +@end deftypevr + +@deftypevr {@code{openvpn-remote-configuration} parameter} number port +Port number the server listens to. + +Defaults to @samp{1194}. + +@end deftypevr + +@end deftypevr +@c %end of automatic openvpn-client documentation + +@c %automatically generated documentation + +Available @code{openvpn-server-configuration} fields are: + +@deftypevr {@code{openvpn-server-configuration} parameter} package openvpn +The OpenVPN package. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string pid-file +The OpenVPN pid file. + +Defaults to @samp{"/var/run/openvpn/openvpn.pid"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} proto proto +The protocol (UDP or TCP) used to open a channel between clients and +servers. + +Defaults to @samp{udp}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} dev dev +The device type used to represent the VPN connection. + +Defaults to @samp{tun}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string ca +The certificate authority to check connections against. + +Defaults to @samp{"/etc/openvpn/ca.crt"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string cert +The certificate of the machine the daemon is running on. It should be +signed by the authority given in @code{ca}. + +Defaults to @samp{"/etc/openvpn/client.crt"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string key +The key of the machine the daemon is running on. It must be the key whose +certificate is @code{cert}. + +Defaults to @samp{"/etc/openvpn/client.key"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} boolean comp-lzo? +Whether to use the lzo compression algorithm. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} boolean persist-key? +Don't re-read key files across SIGUSR1 or --ping-restart. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} boolean persist-tun? +Don't close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 +or --ping-restart restarts. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} number verbosity +Verbosity level. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} tls-auth-server tls-auth +Add an additional layer of HMAC authentication on top of the TLS control +channel to protect against DoS attacks. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} number port +Specifies the port number on which the server listens. + +Defaults to @samp{1194}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} ip-mask server +An ip and mask specifying the subnet inside the virtual network. + +Defaults to @samp{"10.8.0.0 255.255.255.0"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} cidr6 server-ipv6 +A CIDR notation specifying the IPv6 subnet inside the virtual network. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string dh +The Diffie-Hellman parameters file. + +Defaults to @samp{"/etc/openvpn/dh2048.pem"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string ifconfig-pool-persist +The file that records client IPs. + +Defaults to @samp{"/etc/openvpn/ipp.txt"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} gateway redirect-gateway? +When true, the server will act as a gateway for its clients. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} boolean client-to-client? +When true, clients are allowed to talk to each other inside the VPN. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} keepalive keepalive +Causes ping-like messages to be sent back and forth over the link so that +each side knows when the other side has gone down. @code{keepalive} +requires a pair. The first element is the period of the ping sending, and +the second element is the timeout before considering the other side down. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} number max-clients +The maximum number of clients. + +Defaults to @samp{100}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} string status +The status file. This file shows a small report on current connection. It +is truncated and rewritten every minute. + +Defaults to @samp{"/var/run/openvpn/status"}. + +@end deftypevr + +@deftypevr {@code{openvpn-server-configuration} parameter} openvpn-ccd-list client-config-dir +The list of configuration for some clients. + +Defaults to @samp{()}. + +Available @code{openvpn-ccd-configuration} fields are: + +@deftypevr {@code{openvpn-ccd-configuration} parameter} string name +Client name. + +Defaults to @samp{"client"}. + +@end deftypevr + +@deftypevr {@code{openvpn-ccd-configuration} parameter} ip-mask iroute +Client own network + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{openvpn-ccd-configuration} parameter} ip-mask ifconfig-push +Client VPN IP. + +Defaults to @samp{#f}. + +@end deftypevr + +@end deftypevr + + +@c %end of automatic openvpn-server documentation + + +@node Network File System +@subsubsection Network File System +@cindex NFS + +The @code{(gnu services nfs)} module provides the following services, which +are most commonly used in relation to mounting or exporting directory trees +as @dfn{network file systems} (NFS). + +@subsubheading RPC Bind Service +@cindex rpcbind + +The RPC Bind service provides a facility to map program numbers into +universal addresses. Many NFS related services use this facility. Hence it +is automatically started when a dependent service starts. + +@defvr {Scheme Variable} rpcbind-service-type +A service type for the RPC portmapper daemon. +@end defvr + + +@deftp {Data Type} rpcbind-configuration +Data type representing the configuration of the RPC Bind Service. This type +has the following parameters: +@table @asis +@item @code{rpcbind} (default: @code{rpcbind}) +The rpcbind package to use. + +@item @code{warm-start?} (default: @code{#t}) +If this parameter is @code{#t}, then the daemon will read a state file on +startup thus reloading state information saved by a previous instance. +@end table +@end deftp + + +@subsubheading Pipefs Pseudo File System +@cindex pipefs +@cindex rpc_pipefs + +The pipefs file system is used to transfer NFS related data between the +kernel and user space programs. + +@defvr {Scheme Variable} pipefs-service-type +A service type for the pipefs pseudo file system. +@end defvr + +@deftp {Data Type} pipefs-configuration +Data type representing the configuration of the pipefs pseudo file system +service. This type has the following parameters: +@table @asis +@item @code{mount-point} (default: @code{"/var/lib/nfs/rpc_pipefs"}) +The directory to which the file system is to be attached. +@end table +@end deftp + + +@subsubheading GSS Daemon Service +@cindex GSSD +@cindex GSS +@cindex global security system + +The @dfn{global security system} (GSS) daemon provides strong security for +RPC based protocols. Before exchanging RPC requests an RPC client must +establish a security context. Typically this is done using the Kerberos +command @command{kinit} or automatically at login time using PAM services +(@pxref{Kerberos Services}). + +@defvr {Scheme Variable} gss-service-type +A service type for the Global Security System (GSS) daemon. +@end defvr + +@deftp {Data Type} gss-configuration +Data type representing the configuration of the GSS daemon service. This +type has the following parameters: +@table @asis +@item @code{nfs-utils} (default: @code{nfs-utils}) +The package in which the @command{rpc.gssd} command is to be found. + +@item @code{pipefs-directory} (default: @code{"/var/lib/nfs/rpc_pipefs"}) +The directory where the pipefs file system is mounted. + +@end table +@end deftp + + +@subsubheading IDMAP Daemon Service +@cindex idmapd +@cindex name mapper + +The idmap daemon service provides mapping between user IDs and user names. +Typically it is required in order to access file systems mounted via NFSv4. + +@defvr {Scheme Variable} idmap-service-type +A service type for the Identity Mapper (IDMAP) daemon. +@end defvr + +@deftp {Data Type} idmap-configuration +Data type representing the configuration of the IDMAP daemon service. This +type has the following parameters: +@table @asis +@item @code{nfs-utils} (default: @code{nfs-utils}) +The package in which the @command{rpc.idmapd} command is to be found. + +@item @code{pipefs-directory} (default: @code{"/var/lib/nfs/rpc_pipefs"}) +The directory where the pipefs file system is mounted. + +@item @code{domain} (default: @code{#f}) +The local NFSv4 domain name. This must be a string or @code{#f}. If it is +@code{#f} then the daemon will use the host's fully qualified domain name. + +@end table +@end deftp + +@node Continuous Integration +@subsubsection Continuous Integration + +@cindex continuous integration +@uref{https://notabug.org/mthl/cuirass, Cuirass} est un outil d'intégration +continue pour Guix. On peut l'utiliser aussi bien pour le développement que +pour fournir des substituts à d'autres (@pxref{Substituts}). + +The @code{(gnu services cuirass)} module provides the following service. + +@defvr {Scheme Procedure} cuirass-service-type +The type of the Cuirass service. Its value must be a +@code{cuirass-configuration} object, as described below. +@end defvr + +To add build jobs, you have to set the @code{specifications} field of the +configuration. Here is an example of a service defining a build job based +on a specification that can be found in Cuirass source tree. This service +polls the Guix repository and builds a subset of the Guix packages, as +prescribed in the @file{gnu-system.scm} example spec: + +@example +(let ((spec #~((#:name . "guix") + (#:url . "git://git.savannah.gnu.org/guix.git") + (#:load-path . ".") + (#:file . "build-aux/cuirass/gnu-system.scm") + (#:proc . cuirass-jobs) + (#:arguments (subset . "hello")) + (#:branch . "master")))) + (service cuirass-service-type + (cuirass-configuration + (specifications #~(list '#$spec))))) +@end example + +While information related to build jobs is located directly in the +specifications, global settings for the @command{cuirass} process are +accessible in other @code{cuirass-configuration} fields. + +@deftp {Data Type} cuirass-configuration +Data type representing the configuration of Cuirass. + +@table @asis +@item @code{log-file} (default: @code{"/var/log/cuirass.log"}) +Location of the log file. + +@item @code{cache-directory} (default: @code{"/var/cache/cuirass"}) +Location of the repository cache. + +@item @code{user} (default: @code{"cuirass"}) +Owner of the @code{cuirass} process. + +@item @code{group} (default: @code{"cuirass"}) +Owner's group of the @code{cuirass} process. + +@item @code{interval} (default: @code{60}) +Number of seconds between the poll of the repositories followed by the +Cuirass jobs. + +@item @code{database} (default: @code{"/var/run/cuirass/cuirass.db"}) +Location of sqlite database which contains the build results and previously +added specifications. + +@item @code{port} (default: @code{8081}) +Port number used by the HTTP server. + +@item --listen=@var{host} +Listen on the network interface for @var{host}. The default is to accept +connections from localhost. + +@item @code{specifications} (default: @code{#~'()}) +A gexp (@pxref{G-Expressions}) that evaluates to a list of specifications, +where a specification is an association list (@pxref{Associations Lists,,, +guile, GNU Guile Reference Manual}) whose keys are keywords +(@code{#:keyword-example}) as shown in the example above. + +@item @code{use-substitutes?} (default: @code{#f}) +This allows using substitutes to avoid building every dependencies of a job +from source. + +@item @code{one-shot?} (default: @code{#f}) +Only evaluate specifications and build derivations once. + +@item @code{fallback?} (default: @code{#f}) +When substituting a pre-built binary fails, fall back to building packages +locally. + +@item @code{load-path} (default: @code{'()}) +This allows users to define their own packages and make them visible to +cuirass as in @command{guix build} command. + +@item @code{cuirass} (default: @code{cuirass}) +The Cuirass package to use. +@end table +@end deftp + +@node Power management Services +@subsubsection Power management Services + +@cindex power management with TLP +The @code{(gnu services pm)} module provides a Guix service definition for +the Linux power management tool TLP. + +TLP enables various powersaving modes in userspace and kernel. Contrary to +@code{upower-service}, it is not a passive, monitoring tool, as it will +apply custom settings each time a new power source is detected. More +information can be found at @uref{http://linrunner.de/en/tlp/tlp.html, TLP +home page}. + +@deffn {Scheme Variable} tlp-service-type +The service type for the TLP tool. Its value should be a valid TLP +configuration (see below). To use the default settings, simply write: +@example +(service tlp-service-type) +@end example +@end deffn + +By default TLP does not need much configuration but most TLP parameters can +be tweaked using @code{tlp-configuration}. + +Each parameter definition is preceded by its type; for example, +@samp{boolean foo} indicates that the @code{foo} parameter should be +specified as a boolean. Types starting with @code{maybe-} denote parameters +that won't show up in TLP config file when their value is @code{'disabled}. + +@c The following documentation was initially generated by +@c (generate-tlp-documentation) in (gnu services pm). Manually maintained +@c documentation is better, so we shouldn't hesitate to edit below as +@c needed. However if the change you want to make to this documentation +@c can be done in an automated way, it's probably easier to change +@c (generate-documentation) than to make it below and have to deal with +@c the churn as TLP updates. + +Available @code{tlp-configuration} fields are: + +@deftypevr {@code{tlp-configuration} parameter} package tlp +The TLP package. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean tlp-enable? +Set to true if you wish to enable TLP. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string tlp-default-mode +Default mode when no power supply can be detected. Alternatives are AC and +BAT. + +Defaults to @samp{"AC"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer disk-idle-secs-on-ac +Number of seconds Linux kernel has to wait after the disk goes idle, before +syncing on AC. + +Defaults to @samp{0}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer disk-idle-secs-on-bat +Same as @code{disk-idle-ac} but on BAT mode. + +Defaults to @samp{2}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer max-lost-work-secs-on-ac +Dirty pages flushing periodicity, expressed in seconds. + +Defaults to @samp{15}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer max-lost-work-secs-on-bat +Same as @code{max-lost-work-secs-on-ac} but on BAT mode. + +Defaults to @samp{60}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list cpu-scaling-governor-on-ac +CPU frequency scaling governor on AC mode. With intel_pstate driver, +alternatives are powersave and performance. With acpi-cpufreq driver, +alternatives are ondemand, powersave, performance and conservative. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list cpu-scaling-governor-on-bat +Same as @code{cpu-scaling-governor-on-ac} but on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-min-freq-on-ac +Set the min available frequency for the scaling governor on AC. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-max-freq-on-ac +Set the max available frequency for the scaling governor on AC. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-min-freq-on-bat +Set the min available frequency for the scaling governor on BAT. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-max-freq-on-bat +Set the max available frequency for the scaling governor on BAT. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-min-perf-on-ac +Limit the min P-state to control the power dissipation of the CPU, in AC +mode. Values are stated as a percentage of the available performance. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-max-perf-on-ac +Limit the max P-state to control the power dissipation of the CPU, in AC +mode. Values are stated as a percentage of the available performance. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-min-perf-on-bat +Same as @code{cpu-min-perf-on-ac} on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-max-perf-on-bat +Same as @code{cpu-max-perf-on-ac} on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-boolean cpu-boost-on-ac? +Enable CPU turbo boost feature on AC mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-boolean cpu-boost-on-bat? +Same as @code{cpu-boost-on-ac?} on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean sched-powersave-on-ac? +Allow Linux kernel to minimize the number of CPU cores/hyper-threads used +under light load conditions. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean sched-powersave-on-bat? +Same as @code{sched-powersave-on-ac?} but on BAT mode. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean nmi-watchdog? +Enable Linux kernel NMI watchdog. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-string phc-controls +For Linux kernels with PHC patch applied, change CPU voltages. An example +value would be @samp{"F:V F:V F:V F:V"}. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string energy-perf-policy-on-ac +Set CPU performance versus energy saving policy on AC. Alternatives are +performance, normal, powersave. + +Defaults to @samp{"performance"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string energy-perf-policy-on-bat +Same as @code{energy-perf-policy-ac} but on BAT mode. + +Defaults to @samp{"powersave"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} space-separated-string-list disks-devices +Hard disk devices. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} space-separated-string-list disk-apm-level-on-ac +Hard disk advanced power management level. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} space-separated-string-list disk-apm-level-on-bat +Same as @code{disk-apm-bat} but on BAT mode. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-spindown-timeout-on-ac +Hard disk spin down timeout. One value has to be specified for each +declared hard disk. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-spindown-timeout-on-bat +Same as @code{disk-spindown-timeout-on-ac} but on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-iosched +Select IO scheduler for disk devices. One value has to be specified for +each declared hard disk. Example alternatives are cfq, deadline and noop. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string sata-linkpwr-on-ac +SATA aggressive link power management (ALPM) level. Alternatives are +min_power, medium_power, max_performance. + +Defaults to @samp{"max_performance"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string sata-linkpwr-on-bat +Same as @code{sata-linkpwr-ac} but on BAT mode. + +Defaults to @samp{"min_power"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-string sata-linkpwr-blacklist +Exclude specified SATA host devices for link power management. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-on-off-boolean ahci-runtime-pm-on-ac? +Enable Runtime Power Management for AHCI controller and disks on AC mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-on-off-boolean ahci-runtime-pm-on-bat? +Same as @code{ahci-runtime-pm-on-ac} on BAT mode. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer ahci-runtime-pm-timeout +Seconds of inactivity before disk is suspended. + +Defaults to @samp{15}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string pcie-aspm-on-ac +PCI Express Active State Power Management level. Alternatives are default, +performance, powersave. + +Defaults to @samp{"performance"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string pcie-aspm-on-bat +Same as @code{pcie-aspm-ac} but on BAT mode. + +Defaults to @samp{"powersave"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-power-profile-on-ac +Radeon graphics clock speed level. Alternatives are low, mid, high, auto, +default. + +Defaults to @samp{"high"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-power-profile-on-bat +Same as @code{radeon-power-ac} but on BAT mode. + +Defaults to @samp{"low"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-dpm-state-on-ac +Radeon dynamic power management method (DPM). Alternatives are battery, +performance. + +Defaults to @samp{"performance"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-dpm-state-on-bat +Same as @code{radeon-dpm-state-ac} but on BAT mode. + +Defaults to @samp{"battery"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-dpm-perf-level-on-ac +Radeon DPM performance level. Alternatives are auto, low, high. + +Defaults to @samp{"auto"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string radeon-dpm-perf-level-on-bat +Same as @code{radeon-dpm-perf-ac} but on BAT mode. + +Defaults to @samp{"auto"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} on-off-boolean wifi-pwr-on-ac? +Wifi power saving mode. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} on-off-boolean wifi-pwr-on-bat? +Same as @code{wifi-power-ac?} but on BAT mode. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} y-n-boolean wol-disable? +Disable wake on LAN. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer sound-power-save-on-ac +Timeout duration in seconds before activating audio power saving on Intel +HDA and AC97 devices. A value of 0 disables power saving. + +Defaults to @samp{0}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} non-negative-integer sound-power-save-on-bat +Same as @code{sound-powersave-ac} but on BAT mode. + +Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} y-n-boolean sound-power-save-controller? +Disable controller in powersaving mode on Intel HDA devices. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean bay-poweroff-on-bat? +Enable optical drive in UltraBay/MediaBay on BAT mode. Drive can be powered +on again by releasing (and reinserting) the eject lever or by pressing the +disc eject button on newer models. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string bay-device +Name of the optical drive device to power off. + +Defaults to @samp{"sr0"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string runtime-pm-on-ac +Runtime Power Management for PCI(e) bus devices. Alternatives are on and +auto. + +Defaults to @samp{"on"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} string runtime-pm-on-bat +Same as @code{runtime-pm-ac} but on BAT mode. + +Defaults to @samp{"auto"}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean runtime-pm-all? +Runtime Power Management for all PCI(e) bus devices, except blacklisted +ones. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-space-separated-string-list runtime-pm-blacklist +Exclude specified PCI(e) device addresses from Runtime Power Management. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} space-separated-string-list runtime-pm-driver-blacklist +Exclude PCI(e) devices assigned to the specified drivers from Runtime Power +Management. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean usb-autosuspend? +Enable USB autosuspend feature. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-string usb-blacklist +Exclude specified devices from USB autosuspend. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean usb-blacklist-wwan? +Exclude WWAN devices from USB autosuspend. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-string usb-whitelist +Include specified devices into USB autosuspend, even if they are already +excluded by the driver or via @code{usb-blacklist-wwan?}. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} maybe-boolean usb-autosuspend-disable-on-shutdown? +Enable USB autosuspend before shutdown. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{tlp-configuration} parameter} boolean restore-device-state-on-startup? +Restore radio device state (bluetooth, wifi, wwan) from previous shutdown on +system startup. + +Defaults to @samp{#f}. + +@end deftypevr + + +The @code{(gnu services pm)} module provides an interface to thermald, a CPU +frequency scaling service which helps prevent overheating. + +@defvr {Scheme Variable} thermald-service-type +This is the service type for @uref{https://01.org/linux-thermal-daemon/, +thermald}, the Linux Thermal Daemon, which is responsible for controlling +the thermal state of processors and preventing overheating. +@end defvr + +@deftp {Data Type} thermald-configuration +Data type representing the configuration of @code{thermald-service-type}. + +@table @asis +@item @code{ignore-cpuid-check?} (default: @code{#f}) +Ignore cpuid check for supported CPU models. + +@item @code{thermald} (default: @var{thermald}) +Package object of thermald. + +@end table +@end deftp + +@node Audio Services +@subsubsection Audio Services + +The @code{(gnu services audio)} module provides a service to start MPD (the +Music Player Daemon). + +@cindex mpd +@subsubheading Music Player Daemon + +The Music Player Daemon (MPD) is a service that can play music while being +controlled from the local machine or over the network by a variety of +clients. + +The following example shows how one might run @code{mpd} as user +@code{"bob"} on port @code{6666}. It uses pulseaudio for output. + +@example +(service mpd-service-type + (mpd-configuration + (user "bob") + (port "6666"))) +@end example + +@defvr {Scheme Variable} mpd-service-type +The service type for @command{mpd} +@end defvr + +@deftp {Data Type} mpd-configuration +Data type representing the configuration of @command{mpd}. + +@table @asis +@item @code{user} (default: @code{"mpd"}) +The user to run mpd as. + +@item @code{music-dir} (default: @code{"~/Music"}) +The directory to scan for music files. + +@item @code{playlist-dir} (default: @code{"~/.mpd/playlists"}) +The directory to store playlists. + +@item @code{port} (default: @code{"6600"}) +The port to run mpd on. + +@item @code{address} (default: @code{"any"}) +The address that mpd will bind to. To use a Unix domain socket, an absolute +path can be specified here. + +@end table +@end deftp + +@node Virtualization Services +@subsubsection Virtualization services + +The @code{(gnu services virtualization)} module provides services for the +libvirt and virtlog daemons, as well as other virtualization-related +services. + +@subsubheading Libvirt daemon +@code{libvirtd} is the server side daemon component of the libvirt +virtualization management system. This daemon runs on host servers and +performs required management tasks for virtualized guests. + +@deffn {Scheme Variable} libvirt-service-type +This is the type of the @uref{https://libvirt.org, libvirt daemon}. Its +value must be a @code{libvirt-configuration}. + +@example +(service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt") + (tls-port "16555"))) +@end example +@end deffn + +@c Auto-generated with (generate-libvirt-documentation) +Available @code{libvirt-configuration} fields are: + +@deftypevr {@code{libvirt-configuration} parameter} package libvirt +Libvirt package. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean listen-tls? +Flag listening for secure TLS connections on the public TCP/IP port. must +set @code{listen} for this to have any effect. + +It is necessary to setup a CA and issue server certificates before using +this capability. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean listen-tcp? +Listen for unencrypted TCP connections on the public TCP/IP port. must set +@code{listen} for this to have any effect. + +Using the TCP socket requires SASL authentication by default. Only SASL +mechanisms which support data encryption are allowed. This is DIGEST_MD5 +and GSSAPI (Kerberos5) + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tls-port +Port for accepting secure TLS connections This can be a port number, or +service name + +Defaults to @samp{"16514"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tcp-port +Port for accepting insecure TCP connections This can be a port number, or +service name + +Defaults to @samp{"16509"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string listen-addr +IP address or hostname used for client connections. + +Defaults to @samp{"0.0.0.0"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean mdns-adv? +Flag toggling mDNS advertisement of the libvirt service. + +Alternatively can disable for all services on a host by stopping the Avahi +daemon. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string mdns-name +Default mDNS advertisement name. This must be unique on the immediate +broadcast network. + +Defaults to @samp{"Virtualization Host "}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-group +UNIX domain socket group ownership. This can be used to allow a 'trusted' +set of users access to management capabilities without becoming root. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-ro-perms +UNIX socket permissions for the R/O socket. This is used for monitoring VM +status only. + +Defaults to @samp{"0777"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-rw-perms +UNIX socket permissions for the R/W socket. Default allows only root. If +PolicyKit is enabled on the socket, the default will change to allow +everyone (eg, 0777) + +Defaults to @samp{"0770"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-admin-perms +UNIX socket permissions for the admin socket. Default allows only owner +(root), do not change it unless you are sure to whom you are exposing the +access to. + +Defaults to @samp{"0777"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string unix-sock-dir +The directory in which sockets will be found/created. + +Defaults to @samp{"/var/run/libvirt"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-unix-ro +Authentication scheme for UNIX read-only sockets. By default socket +permissions allow anyone to connect + +Defaults to @samp{"polkit"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-unix-rw +Authentication scheme for UNIX read-write sockets. By default socket +permissions only allow root. If PolicyKit support was compiled into +libvirt, the default will be to use 'polkit' auth. + +Defaults to @samp{"polkit"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-tcp +Authentication scheme for TCP sockets. If you don't enable SASL, then all +TCP traffic is cleartext. Don't do this outside of a dev/test scenario. + +Defaults to @samp{"sasl"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string auth-tls +Authentication scheme for TLS sockets. TLS sockets already have encryption +provided by the TLS layer, and limited authentication is done by +certificates. + +It is possible to make use of any SASL authentication mechanism as well, by +using 'sasl' for this option + +Defaults to @samp{"none"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list access-drivers +API access control scheme. + +By default an authenticated user is allowed access to all APIs. Access +drivers can place restrictions on this. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string key-file +Server key file path. If set to an empty string, then no private key is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string cert-file +Server key file path. If set to an empty string, then no certificate is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string ca-file +Server key file path. If set to an empty string, then no CA certificate is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string crl-file +Certificate revocation list path. If set to an empty string, then no CRL is +loaded. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean tls-no-sanity-cert +Disable verification of our own server certificates. + +When libvirtd starts it performs some sanity checks against its own +certificates. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean tls-no-verify-cert +Disable verification of client certificates. + +Client certificate verification is the primary authentication mechanism. +Any client which does not present a certificate signed by the CA will be +rejected. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list tls-allowed-dn-list +Whitelist of allowed x509 Distinguished Name. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-list sasl-allowed-usernames +Whitelist of allowed SASL usernames. The format for username depends on the +SASL authentication mechanism. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string tls-priority +Override the compile time default TLS priority string. The default is +usually "NORMAL" unless overridden at build time. Only set this is it is +desired for libvirt to deviate from the global default settings. + +Defaults to @samp{"NORMAL"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-clients +Maximum number of concurrent client connections to allow over all sockets +combined. + +Defaults to @samp{5000}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-queued-clients +Maximum length of queue of connections waiting to be accepted by the +daemon. Note, that some protocols supporting retransmission may obey this +so that a later reattempt at connection succeeds. + +Defaults to @samp{1000}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-anonymous-clients +Maximum length of queue of accepted but not yet authenticated clients. Set +this to zero to turn this feature off + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer min-workers +Number of workers to start up initially. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-workers +Maximum number of worker threads. + +If the number of active clients exceeds @code{min-workers}, then more +threads are spawned, up to max_workers limit. Typically you'd want +max_workers to equal maximum number of clients allowed. + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer prio-workers +Number of priority workers. If all workers from above pool are stuck, some +calls marked as high priority (notably domainDestroy) can be executed in +this pool. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-requests +Total global limit on concurrent RPC calls. + +Defaults to @samp{20}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer max-client-requests +Limit on concurrent requests from a single client connection. To avoid one +client monopolizing the server this should be a small fraction of the global +max_requests and max_workers parameter. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-min-workers +Same as @code{min-workers} but for the admin interface. + +Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-workers +Same as @code{max-workers} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-clients +Same as @code{max-clients} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-queued-clients +Same as @code{max-queued-clients} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-max-client-requests +Same as @code{max-client-requests} but for the admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer log-level +Logging level. 4 errors, 3 warnings, 2 information, 1 debug. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string log-filters +Logging filters. + +A filter allows to select a different logging level for a given category of +logs The format for a filter is one of: + +@itemize @bullet +@item +x:name + +@item +x:+name + +@end itemize + +where @code{name} is a string which is matched against the category given in +the @code{VIR_LOG_INIT()} at the top of each libvirt source file, e.g., +"remote", "qemu", or "util.json" (the name in the filter can be a substring +of the full category name, in order to match multiple similar categories), +the optional "+" prefix tells libvirt to log stack trace for each message +matching name, and @code{x} is the minimal level where matching messages +should be logged: + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple filters can be defined in a single filters statement, they just +need to be separated by spaces. + +Defaults to @samp{"3:remote 4:event"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string log-outputs +Logging outputs. + +An output is one of the places to save logging information The format for an +output can be: + +@table @code +@item x:stderr +output goes to stderr + +@item x:syslog:name +use syslog for the output and use the given name as the ident + +@item x:file:file_path +output to a file, with the given filepath + +@item x:journald +output to journald logging system + +@end table + +In all case the x prefix is the minimal level, acting as a filter + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple outputs can be defined, they just need to be separated by spaces. + +Defaults to @samp{"3:stderr"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer audit-level +Allows usage of the auditing subsystem to be altered + +@itemize @bullet +@item +0: disable all auditing + +@item +1: enable auditing, only if enabled on host + +@item +2: enable auditing, and exit if disabled on host. + +@end itemize + +Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} boolean audit-logging +Send audit messages via libvirt logging infrastructure. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} optional-string host-uuid +Host UUID. UUID must not have all digits be the same. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} string host-uuid-source +Source to read host UUID. + +@itemize @bullet +@item +@code{smbios}: fetch the UUID from @code{dmidecode -s system-uuid} + +@item +@code{machine-id}: fetch the UUID from @code{/etc/machine-id} + +@end itemize + +If @code{dmidecode} does not provide a valid UUID a temporary UUID will be +generated. + +Defaults to @samp{"smbios"}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer keepalive-interval +A keepalive message is sent to a client after @code{keepalive_interval} +seconds of inactivity to check if the client is still responding. If set to +-1, libvirtd will never send keepalive requests; however clients can still +send them and the daemon will send responses. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer keepalive-count +Maximum number of keepalive messages that are allowed to be sent to the +client without getting any response before the connection is considered +broken. + +In other words, the connection is automatically closed approximately after +@code{keepalive_interval * (keepalive_count + 1)} seconds since the last +message received from the client. When @code{keepalive-count} is set to 0, +connections will be automatically closed after @code{keepalive-interval} +seconds of inactivity without sending any keepalive messages. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-keepalive-interval +Same as above but for admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer admin-keepalive-count +Same as above but for admin interface. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{libvirt-configuration} parameter} integer ovs-timeout +Timeout for Open vSwitch calls. + +The @code{ovs-vsctl} utility is used for the configuration and its timeout +option is set by default to 5 seconds to avoid potential infinite waits +blocking libvirt. + +Defaults to @samp{5}. + +@end deftypevr + +@c %end of autogenerated docs + +@subsubheading Virtlog daemon +The virtlogd service is a server side daemon component of libvirt that is +used to manage logs from virtual machine consoles. + +This daemon is not used directly by libvirt client applications, rather it +is called on their behalf by @code{libvirtd}. By maintaining the logs in a +standalone daemon, the main @code{libvirtd} daemon can be restarted without +risk of losing logs. The @code{virtlogd} daemon has the ability to re-exec() +itself upon receiving @code{SIGUSR1}, to allow live upgrades without +downtime. + +@deffn {Scheme Variable} virtlog-service-type +This is the type of the virtlog daemon. Its value must be a +@code{virtlog-configuration}. + +@example +(service virtlog-service-type + (virtlog-configuration + (max-clients 1000))) +@end example +@end deffn + +@deftypevr {@code{virtlog-configuration} parameter} integer log-level +Logging level. 4 errors, 3 warnings, 2 information, 1 debug. + +Defaults to @samp{3}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} string log-filters +Logging filters. + +A filter allows to select a different logging level for a given category of +logs The format for a filter is one of: + +@itemize @bullet +@item +x:name + +@item +x:+name + +@end itemize + +where @code{name} is a string which is matched against the category given in +the @code{VIR_LOG_INIT()} at the top of each libvirt source file, e.g., +"remote", "qemu", or "util.json" (the name in the filter can be a substring +of the full category name, in order to match multiple similar categories), +the optional "+" prefix tells libvirt to log stack trace for each message +matching name, and @code{x} is the minimal level where matching messages +should be logged: + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple filters can be defined in a single filters statement, they just +need to be separated by spaces. + +Defaults to @samp{"3:remote 4:event"}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} string log-outputs +Logging outputs. + +An output is one of the places to save logging information The format for an +output can be: + +@table @code +@item x:stderr +output goes to stderr + +@item x:syslog:name +use syslog for the output and use the given name as the ident + +@item x:file:file_path +output to a file, with the given filepath + +@item x:journald +output to journald logging system + +@end table + +In all case the x prefix is the minimal level, acting as a filter + +@itemize @bullet +@item +1: DEBUG + +@item +2: INFO + +@item +3: WARNING + +@item +4: ERROR + +@end itemize + +Multiple outputs can be defined, they just need to be separated by spaces. + +Defaults to @samp{"3:stderr"}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-clients +Maximum number of concurrent client connections to allow over all sockets +combined. + +Defaults to @samp{1024}. + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-size +Maximum file size before rolling over. + +Defaults to @samp{2MB} + +@end deftypevr + +@deftypevr {@code{virtlog-configuration} parameter} integer max-backups +Maximum number of backup files to keep. + +Defaults to @samp{3} + +@end deftypevr + +@subsubheading Transparent Emulation with QEMU + +@cindex emulation +@cindex @code{binfmt_misc} +@code{qemu-binfmt-service-type} provides support for transparent emulation +of program binaries built for different architectures---e.g., it allows you +to transparently execute an ARMv7 program on an x86_64 machine. It achieves +this by combining the @uref{https://www.qemu.org, QEMU} emulator and the +@code{binfmt_misc} feature of the kernel Linux. + +@defvr {Scheme Variable} qemu-binfmt-service-type +This is the type of the QEMU/binfmt service for transparent emulation. Its +value must be a @code{qemu-binfmt-configuration} object, which specifies the +QEMU package to use as well as the architecture we want to emulated: + +@example +(service qemu-binfmt-service-type + (qemu-binfmt-configuration + (platforms (lookup-qemu-platforms "arm" "aarch64" "ppc")))) +@end example + +In this example, we enable transparent emulation for the ARM and aarch64 +platforms. Running @code{herd stop qemu-binfmt} turns it off, and running +@code{herd start qemu-binfmt} turns it back on (@pxref{Invoking herd, the +@command{herd} command,, shepherd, The GNU Shepherd Manual}). +@end defvr + +@deftp {Data Type} qemu-binfmt-configuration +This is the configuration for the @code{qemu-binfmt} service. + +@table @asis +@item @code{platforms} (default: @code{'()}) +The list of emulated QEMU platforms. Each item must be a @dfn{platform +object} as returned by @code{lookup-qemu-platforms} (see below). + +@item @code{guix-support?} (default: @code{#f}) +When it is true, QEMU and all its dependencies are added to the build +environment of @command{guix-daemon} (@pxref{Invoquer guix-daemon, +@code{--chroot-directory} option}). This allows the @code{binfmt_misc} +handlers to be used within the build environment, which in turn means that +you can transparently build programs for another architecture. + +For example, let's suppose you're on an x86_64 machine and you have this +service: + +@example +(service qemu-binfmt-service-type + (qemu-binfmt-configuration + (platforms (lookup-qemu-platforms "arm")) + (guix-support? #t))) +@end example + +You can run: + +@example +guix build -s armhf-linux inkscape +@end example + +@noindent +and it will build Inkscape for ARMv7 @emph{as if it were a native build}, +transparently using QEMU to emulate the ARMv7 CPU. Pretty handy if you'd +like to test a package build for an architecture you don't have access to! + +@item @code{qemu} (default: @code{qemu}) +The QEMU package to use. +@end table +@end deftp + +@deffn {Scheme Procedure} lookup-qemu-platforms @var{platforms}@dots{} +Return the list of QEMU platform objects corresponding to +@var{platforms}@dots{}. @var{platforms} must be a list of strings +corresponding to platform names, such as @code{"arm"}, @code{"sparc"}, +@code{"mips64el"}, and so on. +@end deffn + +@deffn {Scheme Procedure} qemu-platform? @var{obj} +Return true if @var{obj} is a platform object. +@end deffn + +@deffn {Scheme Procedure} qemu-platform-name @var{platform} +Return the name of @var{platform}---a string such as @code{"arm"}. +@end deffn + +@node Version Control Services +@subsubsection Version Control Services + +The @code{(gnu services version-control)} module provides a service to allow +remote access to local Git repositories. There are three options: the +@code{git-daemon-service}, which provides access to repositories via the +@code{git://} unsecured TCP-based protocol, extending the @code{nginx} web +server to proxy some requests to @code{git-http-backend}, or providing a web +interface with @code{cgit-service-type}. + +@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)] + +Return a service that runs @command{git daemon}, a simple TCP server to +expose repositories over the Git protocol for anonymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported@footnote{By creating the magic file +"git-daemon-export-ok" in the repository directory.} repositories under +@file{/srv/git}. + +@end deffn + +@deftp {Data Type} git-daemon-configuration +Data type representing the configuration for @code{git-daemon-service}. + +@table @asis +@item @code{package} (default: @var{git}) +Package object of the Git distributed version control system. + +@item @code{export-all?} (default: @var{#f}) +Whether to allow access for all Git repositories, even if they do not have +the @file{git-daemon-export-ok} file. + +@item @code{base-path} (default: @file{/srv/git}) +Whether to remap all the path requests as relative to the given path. If +you run git daemon with @var{(base-path "/srv/git")} on example.com, then if +you later try to pull @code{git://example.com/hello.git}, git daemon will +interpret the path as @code{/srv/git/hello.git}. + +@item @code{user-path} (default: @var{#f}) +Whether to allow @code{~user} notation to be used in requests. When +specified with empty string, requests to @code{git://host/~alice/foo} is +taken as a request to access @code{foo} repository in the home directory of +user @code{alice}. If @var{(user-path "path")} is specified, the same +request is taken as a request to access @code{path/foo} repository in the +home directory of user @code{alice}. + +@item @code{listen} (default: @var{'()}) +Whether to listen on specific IP addresses or hostnames, defaults to all. + +@item @code{port} (default: @var{#f}) +Whether to listen on an alternative port, which defaults to 9418. + +@item @code{whitelist} (default: @var{'()}) +If not empty, only allow access to this list of directories. + +@item @code{extra-options} (default: @var{'()}) +Extra options will be passed to @code{git daemon}, please run @command{man +git-daemon} for more information. + +@end table +@end deftp + +The @code{git://} protocol lacks authentication. When you pull from a +repository fetched via @code{git://}, you don't know that the data you +receive was modified is really coming from the specified host, and you have +your connection is subject to eavesdropping. It's better to use an +authenticated and encrypted transport, such as @code{https}. Although Git +allows you to serve repositories using unsophisticated file-based web +servers, there is a faster protocol implemented by the +@code{git-http-backend} program. This program is the back-end of a proper +Git web service. It is designed to sit behind a FastCGI proxy. @xref{Web +Services}, for more on running the necessary @code{fcgiwrap} daemon. + +Guix has a separate configuration data type for serving Git repositories +over HTTP. + +@deftp {Data Type} git-http-configuration +Data type representing the configuration for @code{git-http-service}. + +@table @asis +@item @code{package} (default: @var{git}) +Package object of the Git distributed version control system. + +@item @code{git-root} (default: @file{/srv/git}) +Directory containing the Git repositories to expose to the world. + +@item @code{export-all?} (default: @var{#f}) +Whether to expose access for all Git repositories in @var{git-root}, even if +they do not have the @file{git-daemon-export-ok} file. + +@item @code{uri-path} (default: @file{/git/}) +Path prefix for Git access. With the default @code{/git/} prefix, this will +map @code{http://@var{server}/git/@var{repo}.git} to +@code{/srv/git/@var{repo}.git}. Requests whose URI paths do not begin with +this prefix are not passed on to this Git instance. + +@item @code{fcgiwrap-socket} (default: @code{127.0.0.1:9000}) +The socket on which the @code{fcgiwrap} daemon is listening. @xref{Web +Services}. +@end table +@end deftp + +There is no @code{git-http-service-type}, currently; instead you can create +an @code{nginx-location-configuration} from a @code{git-http-configuration} +and then add that location to a web server. + +@deffn {Scheme Procedure} git-http-nginx-location-configuration @ + [config=(git-http-configuration)] Compute an +@code{nginx-location-configuration} that corresponds to the given Git http +configuration. An example nginx service definition to serve the default +@file{/srv/git} over HTTPS might be: + +@example +(service nginx-service-type + (nginx-configuration + (server-blocks + (list + (nginx-server-configuration + (listen '("443 ssl")) + (server-name "git.my-host.org") + (ssl-certificate + "/etc/letsencrypt/live/git.my-host.org/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/git.my-host.org/privkey.pem") + (locations + (list + (git-http-nginx-location-configuration + (git-http-configuration (uri-path "/")))))))))) +@end example + +This example assumes that you are using Let's Encrypt to get your TLS +certificate. @xref{Certificate Services}. The default @code{certbot} +service will redirect all HTTP traffic on @code{git.my-host.org} to HTTPS. +You will also need to add an @code{fcgiwrap} proxy to your system services. +@xref{Web Services}. +@end deffn + +@subsubheading Cgit Service + +@cindex Cgit service +@cindex Git, web interface +@uref{https://git.zx2c4.com/cgit/, Cgit} is a web frontend for Git +repositories written in C. + +The following example will configure the service with default values. By +default, Cgit can be accessed on port 80 (@code{http://localhost:80}). + +@example +(service cgit-service-type) +@end example + +The @code{file-object} type designates either a file-like object +(@pxref{G-Expressions, file-like objects}) or a string. + +@c %start of fragment + +Available @code{cgit-configuration} fields are: + +@deftypevr {@code{cgit-configuration} parameter} package package +The CGIT package. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} nginx-server-configuration-list nginx +NGINX configuration. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object about-filter +Specifies a command which will be invoked to format the content of about +pages (both top-level and for each repository). + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string agefile +Specifies a path, relative to each repository path, which can be used to +specify the date and time of the youngest commit in the repository. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object auth-filter +Specifies a command that will be invoked for authenticating repository +access. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string branch-sort +Flag which, when set to @samp{age}, enables date ordering in the branch ref +list, and when set @samp{name} enables ordering by branch name. + +Defaults to @samp{"name"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string cache-root +Path used to store the cgit cache entries. + +Defaults to @samp{"/var/cache/cgit"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-static-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of repository pages accessed with a fixed SHA1. + +Defaults to @samp{-1}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-dynamic-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of repository pages accessed without a fixed SHA1. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-repo-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of the repository summary page. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-root-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of the repository index page. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-scanrc-ttl +Number which specifies the time-to-live, in minutes, for the result of +scanning a path for Git repositories. + +Defaults to @samp{15}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-about-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of the repository about page. + +Defaults to @samp{15}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-snapshot-ttl +Number which specifies the time-to-live, in minutes, for the cached version +of snapshots. + +Defaults to @samp{5}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer cache-size +The maximum number of entries in the cgit cache. When set to @samp{0}, +caching is disabled. + +Defaults to @samp{0}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean case-sensitive-sort? +Sort items in the repo list case sensitively. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} list clone-prefix +List of common prefixes which, when combined with a repository URL, +generates valid clone URLs for the repository. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} list clone-url +List of @code{clone-url} templates. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object commit-filter +Command which will be invoked to format commit messages. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string commit-sort +Flag which, when set to @samp{date}, enables strict date ordering in the +commit log, and when set to @samp{topo} enables strict topological ordering. + +Defaults to @samp{"git log"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object css +URL which specifies the css document to include in all cgit pages. + +Defaults to @samp{"/share/cgit/cgit.css"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object email-filter +Specifies a command which will be invoked to format names and email address +of committers, authors, and taggers, as represented in various places +throughout the cgit interface. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean embedded? +Flag which, when set to @samp{#t}, will make cgit generate a HTML fragment +suitable for embedding in other HTML pages. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-commit-graph? +Flag which, when set to @samp{#t}, will make cgit print an ASCII-art commit +history graph to the left of the commit messages in the repository log page. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-filter-overrides? +Flag which, when set to @samp{#t}, allows all filter settings to be +overridden in repository-specific cgitrc files. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-follow-links? +Flag which, when set to @samp{#t}, allows users to follow a file in the log +view. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-http-clone? +If set to @samp{#t}, cgit will act as an dumb HTTP endpoint for Git clones. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-index-links? +Flag which, when set to @samp{#t}, will make cgit generate extra links +"summary", "commit", "tree" for each repo in the repository index. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-index-owner? +Flag which, when set to @samp{#t}, will make cgit display the owner of each +repo in the repository index. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-log-filecount? +Flag which, when set to @samp{#t}, will make cgit print the number of +modified files for each commit on the repository log page. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-log-linecount? +Flag which, when set to @samp{#t}, will make cgit print the number of added +and removed lines for each commit on the repository log page. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-remote-branches? +Flag which, when set to @code{#t}, will make cgit display remote branches in +the summary and refs views. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-subject-links? +Flag which, when set to @code{1}, will make cgit use the subject of the +parent commit as link text when generating links to parent commits in commit +view. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-html-serving? +Flag which, when set to @samp{#t}, will make cgit use the subject of the +parent commit as link text when generating links to parent commits in commit +view. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-tree-linenumbers? +Flag which, when set to @samp{#t}, will make cgit generate linenumber links +for plaintext blobs printed in the tree view. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean enable-git-config? +Flag which, when set to @samp{#f}, will allow cgit to use Git config to set +any repo specific settings. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object favicon +URL used as link to a shortcut icon for cgit. + +Defaults to @samp{"/favicon.ico"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string footer +The content of the file specified with this option will be included verbatim +at the bottom of all pages (i.e. it replaces the standard "generated by..." +message). + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string head-include +The content of the file specified with this option will be included verbatim +in the HTML HEAD section on all pages. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string header +The content of the file specified with this option will be included verbatim +at the top of all pages. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object include +Name of a configfile to include before the rest of the current config- file +is parsed. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string index-header +The content of the file specified with this option will be included verbatim +above the repository index. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string index-info +The content of the file specified with this option will be included verbatim +below the heading on the repository index page. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean local-time? +Flag which, if set to @samp{#t}, makes cgit print commit and tag times in +the servers timezone. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object logo +URL which specifies the source of an image which will be used as a logo on +all cgit pages. + +Defaults to @samp{"/share/cgit/cgit.png"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string logo-link +URL loaded when clicking on the cgit logo image. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object owner-filter +Command which will be invoked to format the Owner column of the main page. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-atom-items +Number of items to display in atom feeds view. + +Defaults to @samp{10}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-commit-count +Number of entries to list per page in "log" view. + +Defaults to @samp{50}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-message-length +Number of commit message characters to display in "log" view. + +Defaults to @samp{80}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-repo-count +Specifies the number of entries to list per page on the repository index +page. + +Defaults to @samp{50}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-repodesc-length +Specifies the maximum number of repo description characters to display on +the repository index page. + +Defaults to @samp{80}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer max-blob-size +Specifies the maximum size of a blob to display HTML for in KBytes. + +Defaults to @samp{0}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string max-stats +Maximum statistics period. Valid values are @samp{week},@samp{month}, +@samp{quarter} and @samp{year}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} mimetype-alist mimetype +Mimetype for the specified filename extension. + +Defaults to @samp{((gif "image/gif") (html "text/html") (jpg "image/jpeg") +(jpeg "image/jpeg") (pdf "application/pdf") (png "image/png") (svg +"image/svg+xml"))}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object mimetype-file +Specifies the file to use for automatic mimetype lookup. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string module-link +Text which will be used as the formatstring for a hyperlink when a submodule +is printed in a directory listing. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean nocache? +If set to the value @samp{#t} caching will be disabled. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean noplainemail? +If set to @samp{#t} showing full author email addresses will be disabled. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean noheader? +Flag which, when set to @samp{#t}, will make cgit omit the standard header +on all pages. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} list project-list +A list of subdirectories inside of @code{repository-directory}, relative to +it, that should loaded as Git repositories. An empty list means that all +subdirectories will be loaded. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object readme +Text which will be used as default value for @code{cgit-repo-readme}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean remove-suffix? +If set to @code{#t} and @code{repository-directory} is enabled, if any +repositories are found with a suffix of @code{.git}, this suffix will be +removed for the URL and name. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer renamelimit +Maximum number of files to consider when detecting renames. + +Defaults to @samp{-1}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string repository-sort +The way in which repositories in each section are sorted. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} robots-list robots +Text used as content for the @code{robots} meta-tag. + +Defaults to @samp{("noindex" "nofollow")}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string root-desc +Text printed below the heading on the repository index page. + +Defaults to @samp{"a fast webinterface for the git dscm"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string root-readme +The content of the file specified with this option will be included verbatim +below thef "about" link on the repository index page. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string root-title +Text printed as heading on the repository index page. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean scan-hidden-path +If set to @samp{#t} and repository-directory is enabled, +repository-directory will recurse into directories whose name starts with a +period. Otherwise, repository-directory will stay away from such +directories, considered as "hidden". Note that this does not apply to the +".git" directory in non-bare repos. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} list snapshots +Text which specifies the default set of snapshot formats that cgit generates +links for. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} repository-directory repository-directory +Name of the directory to scan for repositories (represents +@code{scan-path}). + +Defaults to @samp{"/srv/git"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string section +The name of the current repository section - all repositories defined after +this option will inherit the current section name. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string section-sort +Flag which, when set to @samp{1}, will sort the sections on the repository +listing by name. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer section-from-path +A number which, if defined prior to repository-directory, specifies how many +path elements from each repo path to use as a default section name. + +Defaults to @samp{0}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} boolean side-by-side-diffs? +If set to @samp{#t} shows side-by-side diffs instead of unidiffs per +default. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} file-object source-filter +Specifies a command which will be invoked to format plaintext blobs in the +tree view. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer summary-branches +Specifies the number of branches to display in the repository "summary" +view. + +Defaults to @samp{10}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer summary-log +Specifies the number of log entries to display in the repository "summary" +view. + +Defaults to @samp{10}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} integer summary-tags +Specifies the number of tags to display in the repository "summary" view. + +Defaults to @samp{10}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string strict-export +Filename which, if specified, needs to be present within the repository for +cgit to allow access to that repository. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} string virtual-root +URL which, if specified, will be used as root for all cgit links. + +Defaults to @samp{"/"}. + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} repository-cgit-configuration-list repositories +A list of @dfn{cgit-repo} records to use with config. + +Defaults to @samp{()}. + +Available @code{repository-cgit-configuration} fields are: + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-list snapshots +A mask of snapshot formats for this repo that cgit generates links for, +restricted by the global @code{snapshots} setting. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object source-filter +Override the default @code{source-filter}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string url +The relative URL used to access the repository. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object about-filter +Override the default @code{about-filter}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string branch-sort +Flag which, when set to @samp{age}, enables date ordering in the branch ref +list, and when set to @samp{name} enables ordering by branch name. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-list clone-url +A list of URLs which can be used to clone repo. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object commit-filter +Override the default @code{commit-filter}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string commit-sort +Flag which, when set to @samp{date}, enables strict date ordering in the +commit log, and when set to @samp{topo} enables strict topological ordering. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string defbranch +The name of the default branch for this repository. If no such branch +exists in the repository, the first branch name (when sorted) is used as +default instead. By default branch pointed to by HEAD, or "master" if there +is no suitable HEAD. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string desc +The value to show as repository description. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string homepage +The value to show as repository homepage. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object email-filter +Override the default @code{email-filter}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-commit-graph? +A flag which can be used to disable the global setting +@code{enable-commit-graph?}. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-log-filecount? +A flag which can be used to disable the global setting +@code{enable-log-filecount?}. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-log-linecount? +A flag which can be used to disable the global setting +@code{enable-log-linecount?}. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-remote-branches? +Flag which, when set to @code{#t}, will make cgit display remote branches in +the summary and refs views. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-subject-links? +A flag which can be used to override the global setting +@code{enable-subject-links?}. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean enable-html-serving? +A flag which can be used to override the global setting +@code{enable-html-serving?}. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean hide? +Flag which, when set to @code{#t}, hides the repository from the repository +index. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-boolean ignore? +Flag which, when set to @samp{#t}, ignores the repository. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object logo +URL which specifies the source of an image which will be used as a logo on +this repo’s pages. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string logo-link +URL loaded when clicking on the cgit logo image. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-file-object owner-filter +Override the default @code{owner-filter}. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string module-link +Text which will be used as the formatstring for a hyperlink when a submodule +is printed in a directory listing. The arguments for the formatstring are +the path and SHA1 of the submodule commit. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} module-link-path module-link-path +Text which will be used as the formatstring for a hyperlink when a submodule +with the specified subdirectory path is printed in a directory listing. + +Defaults to @samp{()}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string max-stats +Override the default maximum statistics period. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string name +The value to show as repository name. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string owner +A value used to identify the owner of the repository. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string path +An absolute path to the repository directory. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string readme +A path (relative to repo) which specifies a file to include verbatim as the +"About" page for this repo. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-string section +The name of the current repository section - all repositories defined after +this option will inherit the current section name. + +Defaults to @samp{""}. + +@end deftypevr + +@deftypevr {@code{repository-cgit-configuration} parameter} repo-list extra-options +Extra options will be appended to cgitrc file. + +Defaults to @samp{()}. + +@end deftypevr + +@end deftypevr + +@deftypevr {@code{cgit-configuration} parameter} list extra-options +Extra options will be appended to cgitrc file. + +Defaults to @samp{()}. + +@end deftypevr + + +@c %end of fragment + +However, it could be that you just want to get a @code{cgitrc} up and +running. In that case, you can pass an @code{opaque-cgit-configuration} as +a record to @code{cgit-service-type}. As its name indicates, an opaque +configuration does not have easy reflective capabilities. + +Available @code{opaque-cgit-configuration} fields are: + +@deftypevr {@code{opaque-cgit-configuration} parameter} package cgit +The cgit package. +@end deftypevr + +@deftypevr {@code{opaque-cgit-configuration} parameter} string string +The contents of the @code{cgitrc}, as a string. +@end deftypevr + +For example, if your @code{cgitrc} is just the empty string, you could +instantiate a cgit service like this: + +@example +(service cgit-service-type + (opaque-cgit-configuration + (cgitrc ""))) +@end example + + +@node Game Services +@subsubsection Game Services + +@subsubheading The Battle for Wesnoth Service +@cindex wesnothd +@uref{https://wesnoth.org, The Battle for Wesnoth} is a fantasy, turn based +tactical strategy game, with several single player campaigns, and +multiplayer games (both networked and local). + +@defvar {Scheme Variable} wesnothd-service-type +Service type for the wesnothd service. Its value must be a +@code{wesnothd-configuration} object. To run wesnothd in the default +configuration, instantiate it as: + +@example +(service wesnothd-service-type) +@end example +@end defvar + +@deftp {Data Type} wesnothd-configuration +Data type representing the configuration of @command{wesnothd}. + +@table @asis +@item @code{package} (default: @code{wesnoth-server}) +The wesnoth server package to use. + +@item @code{port} (default: @code{15000}) +The port to bind the server to. +@end table +@end deftp + +@node Miscellaneous Services +@subsubsection Miscellaneous Services + +@cindex sysctl +@subsubheading System Control Service + +The @code{(gnu services sysctl)} provides a service to configure kernel +parameters at boot. + +@defvr {Scheme Variable} sysctl-service-type +The service type for @command{sysctl}, which modifies kernel parameters +under @file{/proc/sys/}. To enable IPv4 forwarding, it can be instantiated +as: + +@example +(service sysctl-service-type + (sysctl-configuration + (settings '(("net.ipv4.ip_forward" . "1"))))) +@end example +@end defvr + +@deftp {Data Type} sysctl-configuration +The data type representing the configuration of @command{sysctl}. + +@table @asis +@item @code{sysctl} (default: @code{(file-append procps "/sbin/sysctl"}) +The @command{sysctl} executable to use. + +@item @code{settings} (default: @code{'()}) +An association list specifies kernel parameters and their values. +@end table +@end deftp + +@cindex lirc +@subsubheading Lirc Service + +The @code{(gnu services lirc)} module provides the following service. + +@deffn {Scheme Procedure} lirc-service [#:lirc lirc] @ + [#:device #f] [#:driver #f] [#:config-file #f] @ [#:extra-options '()] +Return a service that runs @url{http://www.lirc.org,LIRC}, a daemon that +decodes infrared signals from remote controls. + +Optionally, @var{device}, @var{driver} and @var{config-file} (configuration +file name) may be specified. See @command{lircd} manual for details. + +Finally, @var{extra-options} is a list of additional command-line options +passed to @command{lircd}. +@end deffn + +@cindex spice +@subsubheading Spice Service + +The @code{(gnu services spice)} module provides the following service. + +@deffn {Scheme Procedure} spice-vdagent-service [#:spice-vdagent] +Returns a service that runs @url{http://www.spice-space.org,VDAGENT}, a +daemon that enables sharing the clipboard with a vm and setting the guest +display resolution when the graphical console window resizes. +@end deffn + +@subsubsection Dictionary Services +@cindex dictionary +The @code{(gnu services dict)} module provides the following service: + +@deffn {Scheme Procedure} dicod-service [#:config (dicod-configuration)] +Return a service that runs the @command{dicod} daemon, an implementation of +DICT server (@pxref{Dicod,,, dico, GNU Dico Manual}). + +The optional @var{config} argument specifies the configuration for +@command{dicod}, which should be a @code{} object, by +default it serves the GNU Collaborative International Dictonary of English. + +You can add @command{open localhost} to your @file{~/.dico} file to make +@code{localhost} the default server for @command{dico} client +(@pxref{Initialization File,,, dico, GNU Dico Manual}). +@end deffn + +@deftp {Data Type} dicod-configuration +Data type representing the configuration of dicod. + +@table @asis +@item @code{dico} (default: @var{dico}) +Package object of the GNU Dico dictionary server. + +@item @code{interfaces} (default: @var{'("localhost")}) +This is the list of IP addresses and ports and possibly socket file names to +listen to (@pxref{Server Settings, @code{listen} directive,, dico, GNU Dico +Manual}). + +@item @code{handlers} (default: @var{'()}) +List of @code{} objects denoting handlers (module instances). + +@item @code{databases} (default: @var{(list %dicod-database:gcide)}) +List of @code{} objects denoting dictionaries to be served. +@end table +@end deftp + +@deftp {Data Type} dicod-handler +Data type representing a dictionary handler (module instance). + +@table @asis +@item @code{name} +Name of the handler (module instance). + +@item @code{module} (default: @var{#f}) +Name of the dicod module of the handler (instance). If it is @code{#f}, the +module has the same name as the handler. (@pxref{Modules,,, dico, GNU Dico +Manual}). + +@item @code{options} +List of strings or gexps representing the arguments for the module handler +@end table +@end deftp + +@deftp {Data Type} dicod-database +Data type representing a dictionary database. + +@table @asis +@item @code{name} +Name of the database, will be used in DICT commands. + +@item @code{handler} +Name of the dicod handler (module instance) used by this database +(@pxref{Handlers,,, dico, GNU Dico Manual}). + +@item @code{complex?} (default: @var{#f}) +Whether the database configuration complex. The complex configuration will +need a corresponding @code{} object, otherwise not. + +@item @code{options} +List of strings or gexps representing the arguments for the database +(@pxref{Databases,,, dico, GNU Dico Manual}). +@end table +@end deftp + +@defvr {Scheme Variable} %dicod-database:gcide +A @code{} object serving the GNU Collaborative International +Dictionary of English using the @code{gcide} package. +@end defvr + +The following is an example @code{dicod-service} configuration. + +@example +(dicod-service #:config + (dicod-configuration + (handlers (list (dicod-handler + (name "wordnet") + (module "dictorg") + (options + (list #~(string-append "dbdir=" #$wordnet)))))) + (databases (list (dicod-database + (name "wordnet") + (complex? #t) + (handler "wordnet") + (options '("database=wn"))) + %dicod-database:gcide)))) +@end example + +@node Programmes setuid +@subsection Programmes setuid + +@cindex setuid programs +Some programs need to run with ``root'' privileges, even when they are +launched by unprivileged users. A notorious example is the @command{passwd} +program, which users can run to change their password, and which needs to +access the @file{/etc/passwd} and @file{/etc/shadow} files---something +normally restricted to root, for obvious security reasons. To address that, +these executables are @dfn{setuid-root}, meaning that they always run with +root privileges (@pxref{How Change Persona,,, libc, The GNU C Library +Reference Manual}, for more info about the setuid mechanism.) + +The store itself @emph{cannot} contain setuid programs: that would be a +security issue since any user on the system can write derivations that +populate the store (@pxref{Le dépôt}). Thus, a different mechanism is +used: instead of changing the setuid bit directly on files that are in the +store, we let the system administrator @emph{declare} which programs should +be setuid root. + +The @code{setuid-programs} field of an @code{operating-system} declaration +contains a list of G-expressions denoting the names of programs to be +setuid-root (@pxref{Utiliser le système de configuration}). For instance, the +@command{passwd} program, which is part of the Shadow package, can be +designated by this G-expression (@pxref{G-Expressions}): + +@example +#~(string-append #$shadow "/bin/passwd") +@end example + +A default set of setuid programs is defined by the @code{%setuid-programs} +variable of the @code{(gnu system)} module. + +@defvr {Scheme Variable} %setuid-programs +A list of G-expressions denoting common programs that are setuid-root. + +The list includes commands such as @command{passwd}, @command{ping}, +@command{su}, and @command{sudo}. +@end defvr + +Under the hood, the actual setuid programs are created in the +@file{/run/setuid-programs} directory at system activation time. The files +in this directory refer to the ``real'' binaries, which are in the store. + +@node Certificats X.509 +@subsection Certificats X.509 + +@cindex HTTPS, certificates +@cindex X.509 certificates +@cindex TLS +Web servers available over HTTPS (that is, HTTP over the transport-layer +security mechanism, TLS) send client programs an @dfn{X.509 certificate} +that the client can then use to @emph{authenticate} the server. To do that, +clients verify that the server's certificate is signed by a so-called +@dfn{certificate authority} (CA). But to verify the CA's signature, clients +must have first acquired the CA's certificate. + +Web browsers such as GNU@tie{}IceCat include their own set of CA +certificates, such that they are able to verify CA signatures +out-of-the-box. + +However, most other programs that can talk HTTPS---@command{wget}, +@command{git}, @command{w3m}, etc.---need to be told where CA certificates +can be found. + +@cindex @code{nss-certs} +In GuixSD, this is done by adding a package that provides certificates to +the @code{packages} field of the @code{operating-system} declaration +(@pxref{Référence de système d'exploitation}). GuixSD includes one such package, +@code{nss-certs}, which is a set of CA certificates provided as part of +Mozilla's Network Security Services. + +Note that it is @emph{not} part of @var{%base-packages}, so you need to +explicitly add it. The @file{/etc/ssl/certs} directory, which is where most +applications and libraries look for certificates by default, points to the +certificates installed globally. + +Unprivileged users, including users of Guix on a foreign distro, can also +install their own certificate package in their profile. A number of +environment variables need to be defined so that applications and libraries +know where to find them. Namely, the OpenSSL library honors the +@code{SSL_CERT_DIR} and @code{SSL_CERT_FILE} variables. Some applications +add their own environment variables; for instance, the Git version control +system honors the certificate bundle pointed to by the @code{GIT_SSL_CAINFO} +environment variable. Thus, you would typically run something like: + +@example +$ guix package -i nss-certs +$ export SSL_CERT_DIR="$HOME/.guix-profile/etc/ssl/certs" +$ export SSL_CERT_FILE="$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt" +$ export GIT_SSL_CAINFO="$SSL_CERT_FILE" +@end example + +As another example, R requires the @code{CURL_CA_BUNDLE} environment +variable to point to a certificate bundle, so you would have to run +something like this: + +@example +$ guix package -i nss-certs +$ export CURL_CA_BUNDLE="$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt" +@end example + +For other applications you may want to look up the required environment +variable in the relevant documentation. + + +@node Name Service Switch +@subsection Name Service Switch + +@cindex name service switch +@cindex NSS +The @code{(gnu system nss)} module provides bindings to the configuration +file of the libc @dfn{name service switch} or @dfn{NSS} (@pxref{NSS +Configuration File,,, libc, The GNU C Library Reference Manual}). In a +nutshell, the NSS is a mechanism that allows libc to be extended with new +``name'' lookup methods for system databases, which includes host names, +service names, user accounts, and more (@pxref{Name Service Switch, System +Databases and Name Service Switch,, libc, The GNU C Library Reference +Manual}). + +The NSS configuration specifies, for each system database, which lookup +method is to be used, and how the various methods are chained together---for +instance, under which circumstances NSS should try the next method in the +list. The NSS configuration is given in the @code{name-service-switch} +field of @code{operating-system} declarations (@pxref{Référence de système d'exploitation, @code{name-service-switch}}). + +@cindex nss-mdns +@cindex .local, host name lookup +As an example, the declaration below configures the NSS to use the +@uref{http://0pointer.de/lennart/projects/nss-mdns/, @code{nss-mdns} +back-end}, which supports host name lookups over multicast DNS (mDNS) for +host names ending in @code{.local}: + +@example +(name-service-switch + (hosts (list %files ;first, check /etc/hosts + + ;; If the above did not succeed, try + ;; with 'mdns_minimal'. + (name-service + (name "mdns_minimal") + + ;; 'mdns_minimal' is authoritative for + ;; '.local'. When it returns "not found", + ;; no need to try the next methods. + (reaction (lookup-specification + (not-found => return)))) + + ;; Then fall back to DNS. + (name-service + (name "dns")) + + ;; Finally, try with the "full" 'mdns'. + (name-service + (name "mdns"))))) +@end example + +Do not worry: the @code{%mdns-host-lookup-nss} variable (see below) +contains this configuration, so you will not have to type it if all you want +is to have @code{.local} host lookup working. + +Note that, in this case, in addition to setting the +@code{name-service-switch} of the @code{operating-system} declaration, you +also need to use @code{avahi-service} (@pxref{Networking Services, +@code{avahi-service}}), or @var{%desktop-services}, which includes it +(@pxref{Desktop Services}). Doing this makes @code{nss-mdns} accessible to +the name service cache daemon (@pxref{Services de base, @code{nscd-service}}). + +For convenience, the following variables provide typical NSS configurations. + +@defvr {Scheme Variable} %default-nss +This is the default name service switch configuration, a +@code{name-service-switch} object. +@end defvr + +@defvr {Scheme Variable} %mdns-host-lookup-nss +This is the name service switch configuration with support for host name +lookup over multicast DNS (mDNS) for host names ending in @code{.local}. +@end defvr + +The reference for name service switch configuration is given below. It is a +direct mapping of the configuration file format of the C library , so please +refer to the C library manual for more information (@pxref{NSS Configuration +File,,, libc, The GNU C Library Reference Manual}). Compared to the +configuration file format of libc NSS, it has the advantage not only of +adding this warm parenthetic feel that we like, but also static checks: you +will know about syntax errors and typos as soon as you run @command{guix +system}. + +@deftp {Data Type} name-service-switch + +This is the data type representation the configuration of libc's name +service switch (NSS). Each field below represents one of the supported +system databases. + +@table @code +@item aliases +@itemx ethers +@itemx group +@itemx gshadow +@itemx hosts +@itemx initgroups +@itemx netgroup +@itemx networks +@itemx password +@itemx public-key +@itemx rpc +@itemx services +@itemx shadow +The system databases handled by the NSS. Each of these fields must be a +list of @code{} objects (see below). +@end table +@end deftp + +@deftp {Data Type} name-service + +This is the data type representing an actual name service and the associated +lookup action. + +@table @code +@item name +A string denoting the name service (@pxref{Services in the NSS +configuration,,, libc, The GNU C Library Reference Manual}). + +Note that name services listed here must be visible to nscd. This is +achieved by passing the @code{#:name-services} argument to +@code{nscd-service} the list of packages providing the needed name services +(@pxref{Services de base, @code{nscd-service}}). + +@item reaction +An action specified using the @code{lookup-specification} macro +(@pxref{Actions in the NSS configuration,,, libc, The GNU C Library +Reference Manual}). For example: + +@example +(lookup-specification (unavailable => continue) + (success => return)) +@end example +@end table +@end deftp + +@node Disque de RAM initial +@subsection Disque de RAM initial + +@cindex initrd +@cindex initial RAM disk +For bootstrapping purposes, the Linux-Libre kernel is passed an @dfn{initial +RAM disk}, or @dfn{initrd}. An initrd contains a temporary root file system +as well as an initialization script. The latter is responsible for mounting +the real root file system, and for loading any kernel modules that may be +needed to achieve that. + +The @code{initrd-modules} field of an @code{operating-system} declaration +allows you to specify Linux-libre kernel modules that must be available in +the initrd. In particular, this is where you would list modules needed to +actually drive the hard disk where your root partition is---although the +default value of @code{initrd-modules} should cover most use cases. For +example, assuming you need the @code{megaraid_sas} module in addition to the +default modules to be able to access your root file system, you would write: + +@example +(operating-system + ;; @dots{} + (initrd-modules (cons "megaraid_sas" %base-initrd-modules))) +@end example + +@defvr {Scheme Variable} %base-initrd-modules +This is the list of kernel modules included in the initrd by default. +@end defvr + +Furthermore, if you need lower-level customization, the @code{initrd} field +of an @code{operating-system} declaration allows you to specify which initrd +you would like to use. The @code{(gnu system linux-initrd)} module provides +three ways to build an initrd: the high-level @code{base-initrd} procedure +and the low-level @code{raw-initrd} and @code{expression->initrd} +procedures. + +The @code{base-initrd} procedure is intended to cover most common uses. For +example, if you want to add a bunch of kernel modules to be loaded at boot +time, you can define the @code{initrd} field of the operating system +declaration like this: + +@example +(initrd (lambda (file-systems . rest) + ;; Create a standard initrd but set up networking + ;; with the parameters QEMU expects by default. + (apply base-initrd file-systems + #:qemu-networking? #t + rest))) +@end example + +The @code{base-initrd} procedure also handles common use cases that involves +using the system as a QEMU guest, or as a ``live'' system with volatile root +file system. + +The @code{base-initrd} procedure is built from @code{raw-initrd} procedure. +Unlike @code{base-initrd}, @code{raw-initrd} doesn't do anything high-level, +such as trying to guess which kernel modules and packages should be included +to the initrd. An example use of @code{raw-initrd} is when a user has a +custom Linux kernel configuration and default kernel modules included by +@code{base-initrd} are not available. + +The initial RAM disk produced by @code{base-initrd} or @code{raw-initrd} +honors several options passed on the Linux kernel command line (that is, +arguments passed @i{via} the @code{linux} command of GRUB, or the +@code{-append} option of QEMU), notably: + +@table @code +@item --load=@var{boot} +Tell the initial RAM disk to load @var{boot}, a file containing a Scheme +program, once it has mounted the root file system. + +GuixSD uses this option to yield control to a boot program that runs the +service activation programs and then spawns the GNU@tie{}Shepherd, the +initialization system. + +@item --root=@var{root} +Mount @var{root} as the root file system. @var{root} can be a device name +like @code{/dev/sda1}, a file system label, or a file system UUID. + +@item --system=@var{system} +Have @file{/run/booted-system} and @file{/run/current-system} point to +@var{system}. + +@item modprobe.blacklist=@var{modules}@dots{} +@cindex module, black-listing +@cindex black list, of kernel modules +Instruct the initial RAM disk as well as the @command{modprobe} command +(from the kmod package) to refuse to load @var{modules}. @var{modules} must +be a comma-separated list of module names---e.g., @code{usbkbd,9pnet}. + +@item --repl +Start a read-eval-print loop (REPL) from the initial RAM disk before it +tries to load kernel modules and to mount the root file system. Our +marketing team calls it @dfn{boot-to-Guile}. The Schemer in you will love +it. @xref{Using Guile Interactively,,, guile, GNU Guile Reference Manual}, +for more information on Guile's REPL. + +@end table + +Now that you know all the features that initial RAM disks produced by +@code{base-initrd} and @code{raw-initrd} provide, here is how to use it and +customize it further. + +@cindex initrd +@cindex initial RAM disk +@deffn {Monadic Procedure} raw-initrd @var{file-systems} @ + [#:linux-modules '()] [#:mapped-devices '()] @ [#:helper-packages '()] +[#:qemu-networking? #f] [#:volatile-root? #f] Return a monadic derivation +that builds a raw initrd. @var{file-systems} is a list of file systems to +be mounted by the initrd, possibly in addition to the root file system +specified on the kernel command line via @code{--root}. @var{linux-modules} +is a list of kernel modules to be loaded at boot time. @var{mapped-devices} +is a list of device mappings to realize before @var{file-systems} are +mounted (@pxref{Périphériques mappés}). @var{helper-packages} is a list of +packages to be copied in the initrd. It may include @code{e2fsck/static} or +other packages needed by the initrd to check the root file system. + +When @var{qemu-networking?} is true, set up networking with the standard +QEMU parameters. When @var{virtio?} is true, load additional modules so +that the initrd can be used as a QEMU guest with para-virtualized I/O +drivers. + +When @var{volatile-root?} is true, the root file system is writable but any +changes to it are lost. +@end deffn + +@deffn {Monadic Procedure} base-initrd @var{file-systems} @ + [#:mapped-devices '()] [#:qemu-networking? #f] [#:volatile-root? #f]@ +[#:linux-modules '()] Return a monadic derivation that builds a generic +initrd, with kernel modules taken from @var{linux}. @var{file-systems} is a +list of file-systems to be mounted by the initrd, possibly in addition to +the root file system specified on the kernel command line via +@code{--root}. @var{mapped-devices} is a list of device mappings to realize +before @var{file-systems} are mounted. + +@var{qemu-networking?} and @var{volatile-root?} behaves as in +@code{raw-initrd}. + +The initrd is automatically populated with all the kernel modules necessary +for @var{file-systems} and for the given options. Additional kernel modules +can be listed in @var{linux-modules}. They will be added to the initrd, and +loaded at boot time in the order in which they appear. +@end deffn + +Needless to say, the initrds we produce and use embed a statically-linked +Guile, and the initialization program is a Guile program. That gives a lot +of flexibility. The @code{expression->initrd} procedure builds such an +initrd, given the program to run in that initrd. + +@deffn {Monadic Procedure} expression->initrd @var{exp} @ + [#:guile %guile-static-stripped] [#:name "guile-initrd"] Return a derivation +that builds a Linux initrd (a gzipped cpio archive) containing @var{guile} +and that evaluates @var{exp}, a G-expression, upon booting. All the +derivations referenced by @var{exp} are automatically copied to the initrd. +@end deffn + +@node Configuration du chargeur d'amorçage +@subsection Configuration du chargeur d'amorçage + +@cindex bootloader +@cindex boot loader + +The operating system supports multiple bootloaders. The bootloader is +configured using @code{bootloader-configuration} declaration. All the +fields of this structure are bootloader agnostic except for one field, +@code{bootloader} that indicates the bootloader to be configured and +installed. + +Some of the bootloaders do not honor every field of +@code{bootloader-configuration}. For instance, the extlinux bootloader does +not support themes and thus ignores the @code{theme} field. + +@deftp {Data Type} bootloader-configuration +The type of a bootloader configuration declaration. + +@table @asis + +@item @code{bootloader} +@cindex EFI, bootloader +@cindex UEFI, bootloader +@cindex BIOS, bootloader +The bootloader to use, as a @code{bootloader} object. For now +@code{grub-bootloader}, @code{grub-efi-bootloader}, +@code{extlinux-bootloader} and @code{u-boot-bootloader} are supported. +@code{grub-efi-bootloader} allows to boot on modern systems using the +@dfn{Unified Extensible Firmware Interface} (UEFI). + +Available bootloaders are described in @code{(gnu bootloader @dots{})} +modules. + +@item @code{target} +This is a string denoting the target onto which to install the bootloader. +The exact interpretation depends on the bootloader in question; for +@code{grub-bootloader}, for example, it should be a device name understood +by the bootloader @command{installer} command, such as @code{/dev/sda} or +@code{(hd0)} (for GRUB, @pxref{Invoking grub-install,,, grub, GNU GRUB +Manual}). For @code{grub-efi-bootloader}, it should be the path to a +mounted EFI file system. + +@item @code{menu-entries} (default: @code{()}) +A possibly empty list of @code{menu-entry} objects (see below), denoting +entries to appear in the bootloader menu, in addition to the current system +entry and the entry pointing to previous system generations. + +@item @code{default-entry} (default: @code{0}) +The index of the default boot menu entry. Index 0 is for the entry of the +current system. + +@item @code{timeout} (default: @code{5}) +The number of seconds to wait for keyboard input before booting. Set to 0 +to boot immediately, and to -1 to wait indefinitely. + +@item @code{theme} (default: @var{#f}) +The bootloader theme object describing the theme to use. If no theme is +provided, some bootloaders might use a default theme, that's true for GRUB. + +@item @code{terminal-outputs} (default: @code{'gfxterm}) +The output terminals used for the bootloader boot menu, as a list of +symbols. GRUB accepts the values: @code{console}, @code{serial}, +@code{serial_@{0-3@}}, @code{gfxterm}, @code{vga_text}, @code{mda_text}, +@code{morse}, and @code{pkmodem}. This field corresponds to the GRUB +variable GRUB_TERMINAL_OUTPUT (@pxref{Simple configuration,,, grub,GNU GRUB +manual}). + +@item @code{terminal-inputs} (default: @code{'()}) +The input terminals used for the bootloader boot menu, as a list of +symbols. For GRUB, the default is the native platform terminal as +determined at run-time. GRUB accepts the values: @code{console}, +@code{serial}, @code{serial_@{0-3@}}, @code{at_keyboard}, and +@code{usb_keyboard}. This field corresponds to the GRUB variable +GRUB_TERMINAL_INPUT (@pxref{Simple configuration,,, grub,GNU GRUB manual}). + +@item @code{serial-unit} (default: @code{#f}) +The serial unit used by the bootloader, as an integer from 0 to 3. For +GRUB, it is chosen at run-time; currently GRUB chooses 0, which corresponds +to COM1 (@pxref{Serial terminal,,, grub,GNU GRUB manual}). + +@item @code{serial-speed} (default: @code{#f}) +The speed of the serial interface, as an integer. For GRUB, the default +value is chosen at run-time; currently GRUB chooses 9600@tie{}bps +(@pxref{Serial terminal,,, grub,GNU GRUB manual}). +@end table + +@end deftp + +@cindex dual boot +@cindex boot menu +Should you want to list additional boot menu entries @i{via} the +@code{menu-entries} field above, you will need to create them with the +@code{menu-entry} form. For example, imagine you want to be able to boot +another distro (hard to imagine!), you can define a menu entry along these +lines: + +@example +(menu-entry + (label "The Other Distro") + (linux "/boot/old/vmlinux-2.6.32") + (linux-arguments '("root=/dev/sda2")) + (initrd "/boot/old/initrd")) +@end example + +Details below. + +@deftp {Data Type} menu-entry +The type of an entry in the bootloader menu. + +@table @asis + +@item @code{label} +The label to show in the menu---e.g., @code{"GNU"}. + +@item @code{linux} +The Linux kernel image to boot, for example: + +@example +(file-append linux-libre "/bzImage") +@end example + +For GRUB, it is also possible to specify a device explicitly in the file +path using GRUB's device naming convention (@pxref{Naming convention,,, +grub, GNU GRUB manual}), for example: + +@example +"(hd0,msdos1)/boot/vmlinuz" +@end example + +If the device is specified explicitly as above, then the @code{device} field +is ignored entirely. + +@item @code{linux-arguments} (default: @code{()}) +The list of extra Linux kernel command-line arguments---e.g., +@code{("console=ttyS0")}. + +@item @code{initrd} +A G-Expression or string denoting the file name of the initial RAM disk to +use (@pxref{G-Expressions}). +@item @code{device} (default: @code{#f}) +The device where the kernel and initrd are to be found---i.e., for GRUB, +@dfn{root} for this menu entry (@pxref{root,,, grub, GNU GRUB manual}). + +This may be a file system label (a string), a file system UUID (a +bytevector, @pxref{Systèmes de fichiers}), or @code{#f}, in which case the +bootloader will search the device containing the file specified by the +@code{linux} field (@pxref{search,,, grub, GNU GRUB manual}). It must +@emph{not} be an OS device name such as @file{/dev/sda1}. + +@end table +@end deftp + +@c FIXME: Write documentation once it's stable. +Fow now only GRUB has theme support. GRUB themes are created using the +@code{grub-theme} form, which is not documented yet. + +@defvr {Scheme Variable} %default-theme +This is the default GRUB theme used by the operating system if no +@code{theme} field is specified in @code{bootloader-configuration} record. + +It comes with a fancy background image displaying the GNU and Guix logos. +@end defvr + + +@node Invoquer guix system +@subsection Invoking @code{guix system} + +Once you have written an operating system declaration as seen in the +previous section, it can be @dfn{instantiated} using the @command{guix +system} command. The synopsis is: + +@example +guix system @var{options}@dots{} @var{action} @var{file} +@end example + +@var{file} must be the name of a file containing an @code{operating-system} +declaration. @var{action} specifies how the operating system is +instantiated. Currently the following values are supported: + +@table @code +@item search +Display available service type definitions that match the given regular +expressions, sorted by relevance: + +@example +$ guix system search console font +name: console-fonts +location: gnu/services/base.scm:729:2 +extends: shepherd-root +description: Install the given fonts on the specified ttys (fonts are ++ per virtual console on GNU/Linux). The value of this service is a list ++ of tty/font pairs like: ++ ++ '(("tty1" . "LatGrkCyr-8x16")) +relevance: 20 + +name: mingetty +location: gnu/services/base.scm:1048:2 +extends: shepherd-root +description: Provide console login using the `mingetty' program. +relevance: 2 + +name: login +location: gnu/services/base.scm:775:2 +extends: pam +description: Provide a console log-in service as specified by its ++ configuration value, a `login-configuration' object. +relevance: 2 + +@dots{} +@end example + +As for @command{guix package --search}, the result is written in +@code{recutils} format, which makes it easy to filter the output +(@pxref{Top, GNU recutils databases,, recutils, GNU recutils manual}). + +@item reconfigure +Build the operating system described in @var{file}, activate it, and switch +to it@footnote{This action (and the related actions @code{switch-generation} +and @code{roll-back}) are usable only on systems already running GuixSD.}. + +This effects all the configuration specified in @var{file}: user accounts, +system services, global package list, setuid programs, etc. The command +starts system services specified in @var{file} that are not currently +running; if a service is currently running, it does not attempt to upgrade +it since this would not be possible without stopping it first. + +This command creates a new generation whose number is one greater than the +current generation (as reported by @command{guix system list-generations}). +If that generation already exists, it will be overwritten. This behavior +mirrors that of @command{guix package} (@pxref{Invoquer guix package}). + +It also adds a bootloader menu entry for the new OS configuration, ---unless +@option{--no-bootloader} is passed. For GRUB, it moves entries for older +configurations to a submenu, allowing you to choose an older system +generation at boot time should you need it. + +@quotation Note +@c The paragraph below refers to the problem discussed at +@c . +It is highly recommended to run @command{guix pull} once before you run +@command{guix system reconfigure} for the first time (@pxref{Invoquer guix pull}). Failing to do that you would see an older version of Guix once +@command{reconfigure} has completed. +@end quotation + +@item switch-generation +@cindex generations +Switch to an existing system generation. This action atomically switches +the system profile to the specified system generation. It also rearranges +the system's existing bootloader menu entries. It makes the menu entry for +the specified system generation the default, and it moves the entries for +the other generatiors to a submenu, if supported by the bootloader being +used. The next time the system boots, it will use the specified system +generation. + +The bootloader itself is not being reinstalled when using this command. +Thus, the installed bootloader is used with an updated configuration file. + +The target generation can be specified explicitly by its generation number. +For example, the following invocation would switch to system generation 7: + +@example +guix system switch-generation 7 +@end example + +The target generation can also be specified relative to the current +generation with the form @code{+N} or @code{-N}, where @code{+3} means ``3 +generations ahead of the current generation,'' and @code{-1} means ``1 +generation prior to the current generation.'' When specifying a negative +value such as @code{-1}, you must precede it with @code{--} to prevent it +from being parsed as an option. For example: + +@example +guix system switch-generation -- -1 +@end example + +Currently, the effect of invoking this action is @emph{only} to switch the +system profile to an existing generation and rearrange the bootloader menu +entries. To actually start using the target system generation, you must +reboot after running this action. In the future, it will be updated to do +the same things as @command{reconfigure}, like activating and deactivating +services. + +This action will fail if the specified generation does not exist. + +@item roll-back +@cindex rolling back +Switch to the preceding system generation. The next time the system boots, +it will use the preceding system generation. This is the inverse of +@command{reconfigure}, and it is exactly the same as invoking +@command{switch-generation} with an argument of @code{-1}. + +Currently, as with @command{switch-generation}, you must reboot after +running this action to actually start using the preceding system generation. + +@item build +Build the derivation of the operating system, which includes all the +configuration files and programs needed to boot and run the system. This +action does not actually install anything. + +@item init +Populate the given directory with all the files necessary to run the +operating system specified in @var{file}. This is useful for first-time +installations of GuixSD. For instance: + +@example +guix system init my-os-config.scm /mnt +@end example + +copies to @file{/mnt} all the store items required by the configuration +specified in @file{my-os-config.scm}. This includes configuration files, +packages, and so on. It also creates other essential files needed for the +system to operate correctly---e.g., the @file{/etc}, @file{/var}, and +@file{/run} directories, and the @file{/bin/sh} file. + +This command also installs bootloader on the target specified in +@file{my-os-config}, unless the @option{--no-bootloader} option was passed. + +@item vm +@cindex virtual machine +@cindex VM +@anchor{guix system vm} +Build a virtual machine that contains the operating system declared in +@var{file}, and return a script to run that virtual machine (VM). Arguments +given to the script are passed to QEMU as in the example below, which +enables networking and requests 1@tie{}GiB of RAM for the emulated machine: + +@example +$ /gnu/store/@dots{}-run-vm.sh -m 1024 -net user +@end example + +The VM shares its store with the host system. + +Additional file systems can be shared between the host and the VM using the +@code{--share} and @code{--expose} command-line options: the former +specifies a directory to be shared with write access, while the latter +provides read-only access to the shared directory. + +The example below creates a VM in which the user's home directory is +accessible read-only, and where the @file{/exchange} directory is a +read-write mapping of @file{$HOME/tmp} on the host: + +@example +guix system vm my-config.scm \ + --expose=$HOME --share=$HOME/tmp=/exchange +@end example + +On GNU/Linux, the default is to boot directly to the kernel; this has the +advantage of requiring only a very tiny root disk image since the store of +the host can then be mounted. + +The @code{--full-boot} option forces a complete boot sequence, starting with +the bootloader. This requires more disk space since a root image containing +at least the kernel, initrd, and bootloader data files must be created. The +@code{--image-size} option can be used to specify the size of the image. + +@cindex System images, creation in various formats +@cindex Creating system images in various formats +@item vm-image +@itemx disk-image +@itemx docker-image +Return a virtual machine, disk image, or Docker image of the operating +system declared in @var{file} that stands alone. By default, @command{guix +system} estimates the size of the image needed to store the system, but you +can use the @option{--image-size} option to specify a value. Docker images +are built to contain exactly what they need, so the @option{--image-size} +option is ignored in the case of @code{docker-image}. + +You can specify the root file system type by using the +@option{--file-system-type} option. It defaults to @code{ext4}. + +When using @code{vm-image}, the returned image is in qcow2 format, which the +QEMU emulator can efficiently use. @xref{Lancer GuixSD dans une VM}, for more +information on how to run the image in a virtual machine. + +When using @code{disk-image}, a raw disk image is produced; it can be copied +as is to a USB stick, for instance. Assuming @code{/dev/sdc} is the device +corresponding to a USB stick, one can copy the image to it using the +following command: + +@example +# dd if=$(guix system disk-image my-os.scm) of=/dev/sdc +@end example + +When using @code{docker-image}, a Docker image is produced. Guix builds the +image from scratch, not from a pre-existing Docker base image. As a result, +it contains @emph{exactly} what you define in the operating system +configuration file. You can then load the image and launch a Docker +container using commands like the following: + +@example +image_id="$(docker load < guixsd-docker-image.tar.gz)" +docker run -e GUIX_NEW_SYSTEM=/var/guix/profiles/system \\ + --entrypoint /var/guix/profiles/system/profile/bin/guile \\ + $image_id /var/guix/profiles/system/boot +@end example + +This command starts a new Docker container from the specified image. It +will boot the GuixSD system in the usual manner, which means it will start +any services you have defined in the operating system configuration. +Depending on what you run in the Docker container, it may be necessary to +give the container additional permissions. For example, if you intend to +build software using Guix inside of the Docker container, you may need to +pass the @option{--privileged} option to @code{docker run}. + +@item container +Return a script to run the operating system declared in @var{file} within a +container. Containers are a set of lightweight isolation mechanisms +provided by the kernel Linux-libre. Containers are substantially less +resource-demanding than full virtual machines since the kernel, shared +objects, and other resources can be shared with the host system; this also +means they provide thinner isolation. + +Currently, the script must be run as root in order to support more than a +single user and group. The container shares its store with the host system. + +As with the @code{vm} action (@pxref{guix system vm}), additional file +systems to be shared between the host and container can be specified using +the @option{--share} and @option{--expose} options: + +@example +guix system container my-config.scm \ + --expose=$HOME --share=$HOME/tmp=/exchange +@end example + +@quotation Note +This option requires Linux-libre 3.19 or newer. +@end quotation + +@end table + +@var{options} can contain any of the common build options (@pxref{Options de construction communes}). In addition, @var{options} can contain one of the +following: + +@table @option +@item --expression=@var{expr} +@itemx -e @var{expr} +Consider the operating-system @var{expr} evaluates to. This is an +alternative to specifying a file which evaluates to an operating system. +This is used to generate the GuixSD installer @pxref{Construire l'image d'installation}). + +@item --system=@var{system} +@itemx -s @var{system} +Attempt to build for @var{system} instead of the host system type. This +works as per @command{guix build} (@pxref{Invoquer guix build}). + +@item --derivation +@itemx -d +Return the derivation file name of the given operating system without +building anything. + +@item --file-system-type=@var{type} +@itemx -t @var{type} +For the @code{disk-image} action, create a file system of the given +@var{type} on the image. + +When this option is omitted, @command{guix system} uses @code{ext4}. + +@cindex ISO-9660 format +@cindex CD image format +@cindex DVD image format +@code{--file-system-type=iso9660} produces an ISO-9660 image, suitable for +burning on CDs and DVDs. + +@item --image-size=@var{size} +For the @code{vm-image} and @code{disk-image} actions, create an image of +the given @var{size}. @var{size} may be a number of bytes, or it may +include a unit as a suffix (@pxref{Block size, size specifications,, +coreutils, GNU Coreutils}). + +When this option is omitted, @command{guix system} computes an estimate of +the image size as a function of the size of the system declared in +@var{file}. + +@item --root=@var{file} +@itemx -r @var{file} +Make @var{file} a symlink to the result, and register it as a garbage +collector root. + +@item --skip-checks +Skip pre-installation safety checks. + +By default, @command{guix system init} and @command{guix system reconfigure} +perform safety checks: they make sure the file systems that appear in the +@code{operating-system} declaration actually exist (@pxref{Systèmes de fichiers}), +and that any Linux kernel modules that may be needed at boot time are listed +in @code{initrd-modules} (@pxref{Disque de RAM initial}). Passing this option +skips these tests altogether. + +@item --on-error=@var{strategy} +Apply @var{strategy} when an error occurs when reading @var{file}. +@var{strategy} may be one of the following: + +@table @code +@item nothing-special +Report the error concisely and exit. This is the default strategy. + +@item backtrace +Likewise, but also display a backtrace. + +@item debug +Report the error and enter Guile's debugger. From there, you can run +commands such as @code{,bt} to get a backtrace, @code{,locals} to display +local variable values, and more generally inspect the state of the program. +@xref{Debug Commands,,, guile, GNU Guile Reference Manual}, for a list of +available debugging commands. +@end table +@end table + +@quotation Note +All the actions above, except @code{build} and @code{init}, can use KVM +support in the Linux-libre kernel. Specifically, if the machine has +hardware virtualization support, the corresponding KVM kernel module should +be loaded, and the @file{/dev/kvm} device node must exist and be readable +and writable by the user and by the build users of the daemon (@pxref{Réglages de l'environnement de construction}). +@end quotation + +Once you have built, configured, re-configured, and re-re-configured your +GuixSD installation, you may find it useful to list the operating system +generations available on disk---and that you can choose from the bootloader +boot menu: + +@table @code + +@item list-generations +List a summary of each generation of the operating system available on disk, +in a human-readable way. This is similar to the @option{--list-generations} +option of @command{guix package} (@pxref{Invoquer guix package}). + +Optionally, one can specify a pattern, with the same syntax that is used in +@command{guix package --list-generations}, to restrict the list of +generations displayed. For instance, the following command displays +generations that are up to 10 days old: + +@example +$ guix system list-generations 10d +@end example + +@end table + +The @command{guix system} command has even more to offer! The following +sub-commands allow you to visualize how your system services relate to each +other: + +@anchor{system-extension-graph} +@table @code + +@item extension-graph +Emit in Dot/Graphviz format to standard output the @dfn{service extension +graph} of the operating system defined in @var{file} (@pxref{Composition de services}, for more information on service extensions.) + +The command: + +@example +$ guix system extension-graph @var{file} | dot -Tpdf > services.pdf +@end example + +produces a PDF file showing the extension relations among services. + +@anchor{system-shepherd-graph} +@item shepherd-graph +Emit in Dot/Graphviz format to standard output the @dfn{dependency graph} of +shepherd services of the operating system defined in @var{file}. +@xref{Services Shepherd}, for more information and for an example graph. + +@end table + +@node Lancer GuixSD dans une VM +@subsection Running GuixSD in a Virtual Machine + +@cindex virtual machine +To run GuixSD in a virtual machine (VM), one can either use the pre-built +GuixSD VM image distributed at +@indicateurl{ftp://alpha.gnu.org/guix/guixsd-vm-image-@value{VERSION}.@var{system}.tar.xz} +, or build their own virtual machine image using @command{guix system +vm-image} (@pxref{Invoquer guix system}). The returned image is in qcow2 +format, which the @uref{http://qemu.org/, QEMU emulator} can efficiently +use. + +@cindex QEMU +If you built your own image, you must copy it out of the store (@pxref{Le dépôt}) and give yourself permission to write to the copy before you can use +it. When invoking QEMU, you must choose a system emulator that is suitable +for your hardware platform. Here is a minimal QEMU invocation that will +boot the result of @command{guix system vm-image} on x86_64 hardware: + +@example +$ qemu-system-x86_64 \ + -net user -net nic,model=virtio \ + -enable-kvm -m 256 /tmp/qemu-image +@end example + +Here is what each of these options means: + +@table @code +@item qemu-system-x86_64 +This specifies the hardware platform to emulate. This should match the +host. + +@item -net user +Enable the unprivileged user-mode network stack. The guest OS can access +the host but not vice versa. This is the simplest way to get the guest OS +online. + +@item -net nic,model=virtio +You must create a network interface of a given model. If you do not create +a NIC, the boot will fail. Assuming your hardware platform is x86_64, you +can get a list of available NIC models by running +@command{qemu-system-x86_64 -net nic,model=help}. + +@item -enable-kvm +If your system has hardware virtualization extensions, enabling the virtual +machine support (KVM) of the Linux kernel will make things run faster. + +@item -m 256 +RAM available to the guest OS, in mebibytes. Defaults to 128@tie{}MiB, +which may be insufficient for some operations. + +@item /tmp/qemu-image +The file name of the qcow2 image. +@end table + +The default @command{run-vm.sh} script that is returned by an invocation of +@command{guix system vm} does not add a @command{-net user} flag by +default. To get network access from within the vm add the +@code{(dhcp-client-service)} to your system definition and start the VM +using @command{`guix system vm config.scm` -net user}. An important caveat +of using @command{-net user} for networking is that @command{ping} will not +work, because it uses the ICMP protocol. You'll have to use a different +command to check for network connectivity, for example @command{guix +download}. + +@subsubsection Connecting Through SSH + +@cindex SSH +@cindex SSH server +To enable SSH inside a VM you need to add a SSH server like +@code{(dropbear-service)} or @code{(lsh-service)} to your VM. The +@code{(lsh-service}) doesn't currently boot unsupervised. It requires you +to type some characters to initialize the randomness generator. In addition +you need to forward the SSH port, 22 by default, to the host. You can do +this with + +@example +`guix system vm config.scm` -net user,hostfwd=tcp::10022-:22 +@end example + +To connect to the VM you can run + +@example +ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 10022 +@end example + +The @command{-p} tells @command{ssh} the port you want to connect to. +@command{-o UserKnownHostsFile=/dev/null} prevents @command{ssh} from +complaining every time you modify your @command{config.scm} file and the +@command{-o StrictHostKeyChecking=no} prevents you from having to allow a +connection to an unknown host every time you connect. + +@subsubsection Using @command{virt-viewer} with Spice + +As an alternative to the default @command{qemu} graphical client you can use +the @command{remote-viewer} from the @command{virt-viewer} package. To +connect pass the @command{-spice port=5930,disable-ticketing} flag to +@command{qemu}. See previous section for further information on how to do +this. + +Spice also allows you to do some nice stuff like share your clipboard with +your VM. To enable that you'll also have to pass the following flags to +@command{qemu}: + +@example +-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 +-chardev spicevmc,name=vdagent,id=vdagent +-device virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent, +name=com.redhat.spice.0 +@end example + +You'll also need to add the @pxref{Miscellaneous Services, Spice service}. + +@node Définir des services +@subsection Définir des services + +The previous sections show the available services and how one can combine +them in an @code{operating-system} declaration. But how do we define them +in the first place? And what is a service anyway? + +@menu +* Composition de services:: Le modèle de composition des services. +* Types service et services:: Types et services. +* Référence de service:: Référence de l'API. +* Services Shepherd:: Un type de service particulier. +@end menu + +@node Composition de services +@subsubsection Composition de services + +@cindex services +@cindex daemons +Here we define a @dfn{service} as, broadly, something that extends the +functionality of the operating system. Often a service is a process---a +@dfn{daemon}---started when the system boots: a secure shell server, a Web +server, the Guix build daemon, etc. Sometimes a service is a daemon whose +execution can be triggered by another daemon---e.g., an FTP server started +by @command{inetd} or a D-Bus service activated by @command{dbus-daemon}. +Occasionally, a service does not map to a daemon. For instance, the +``account'' service collects user accounts and makes sure they exist when +the system runs; the ``udev'' service collects device management rules and +makes them available to the eudev daemon; the @file{/etc} service populates +the @file{/etc} directory of the system. + +@cindex service extensions +GuixSD services are connected by @dfn{extensions}. For instance, the secure +shell service @emph{extends} the Shepherd---the GuixSD initialization +system, running as PID@tie{}1---by giving it the command lines to start and +stop the secure shell daemon (@pxref{Networking Services, +@code{lsh-service}}); the UPower service extends the D-Bus service by +passing it its @file{.service} specification, and extends the udev service +by passing it device management rules (@pxref{Desktop Services, +@code{upower-service}}); the Guix daemon service extends the Shepherd by +passing it the command lines to start and stop the daemon, and extends the +account service by passing it a list of required build user accounts +(@pxref{Services de base}). + +All in all, services and their ``extends'' relations form a directed acyclic +graph (DAG). If we represent services as boxes and extensions as arrows, a +typical system might provide something like this: + +@image{images/service-graph,,5in,Typical service extension graph.} + +@cindex system service +At the bottom, we see the @dfn{system service}, which produces the directory +containing everything to run and boot the system, as returned by the +@command{guix system build} command. @xref{Référence de service}, to learn +about the other service types shown here. @xref{system-extension-graph, the +@command{guix system extension-graph} command}, for information on how to +generate this representation for a particular operating system definition. + +@cindex service types +Technically, developers can define @dfn{service types} to express these +relations. There can be any number of services of a given type on the +system---for instance, a system running two instances of the GNU secure +shell server (lsh) has two instances of @var{lsh-service-type}, with +different parameters. + +The following section describes the programming interface for service types +and services. + +@node Types service et services +@subsubsection Types service et services + +A @dfn{service type} is a node in the DAG described above. Let us start +with a simple example, the service type for the Guix build daemon +(@pxref{Invoquer guix-daemon}): + +@example +(define guix-service-type + (service-type + (name 'guix) + (extensions + (list (service-extension shepherd-root-service-type guix-shepherd-service) + (service-extension account-service-type guix-accounts) + (service-extension activation-service-type guix-activation))) + (default-value (guix-configuration)))) +@end example + +@noindent +It defines three things: + +@enumerate +@item +A name, whose sole purpose is to make inspection and debugging easier. + +@item +A list of @dfn{service extensions}, where each extension designates the +target service type and a procedure that, given the parameters of the +service, returns a list of objects to extend the service of that type. + +Every service type has at least one service extension. The only exception +is the @dfn{boot service type}, which is the ultimate service. + +@item +Optionally, a default value for instances of this type. +@end enumerate + +In this example, @var{guix-service-type} extends three services: + +@table @var +@item shepherd-root-service-type +The @var{guix-shepherd-service} procedure defines how the Shepherd service +is extended. Namely, it returns a @code{} object that +defines how @command{guix-daemon} is started and stopped (@pxref{Services Shepherd}). + +@item account-service-type +This extension for this service is computed by @var{guix-accounts}, which +returns a list of @code{user-group} and @code{user-account} objects +representing the build user accounts (@pxref{Invoquer guix-daemon}). + +@item activation-service-type +Here @var{guix-activation} is a procedure that returns a gexp, which is a +code snippet to run at ``activation time''---e.g., when the service is +booted. +@end table + +A service of this type is instantiated like this: + +@example +(service guix-service-type + (guix-configuration + (build-accounts 5) + (use-substitutes? #f))) +@end example + +The second argument to the @code{service} form is a value representing the +parameters of this specific service instance. +@xref{guix-configuration-type, @code{guix-configuration}}, for information +about the @code{guix-configuration} data type. When the value is omitted, +the default value specified by @code{guix-service-type} is used: + +@example +(service guix-service-type) +@end example + +@var{guix-service-type} is quite simple because it extends other services +but is not extensible itself. + +@c @subsubsubsection Extensible Service Types + +The service type for an @emph{extensible} service looks like this: + +@example +(define udev-service-type + (service-type (name 'udev) + (extensions + (list (service-extension shepherd-root-service-type + udev-shepherd-service))) + + (compose concatenate) ;concatenate the list of rules + (extend (lambda (config rules) + (match config + (($ udev initial-rules) + (udev-configuration + (udev udev) ;the udev package to use + (rules (append initial-rules rules))))))))) +@end example + +This is the service type for the +@uref{https://wiki.gentoo.org/wiki/Project:Eudev, eudev device management +daemon}. Compared to the previous example, in addition to an extension of +@var{shepherd-root-service-type}, we see two new fields: + +@table @code +@item compose +This is the procedure to @dfn{compose} the list of extensions to services of +this type. + +Services can extend the udev service by passing it lists of rules; we +compose those extensions simply by concatenating them. + +@item extend +This procedure defines how the value of the service is @dfn{extended} with +the composition of the extensions. + +Udev extensions are composed into a list of rules, but the udev service +value is itself a @code{} record. So here, we extend +that record by appending the list of rules it contains to the list of +contributed rules. + +@item description +This is a string giving an overview of the service type. The string can +contain Texinfo markup (@pxref{Overview,,, texinfo, GNU Texinfo}). The +@command{guix system search} command searches these strings and displays +them (@pxref{Invoquer guix system}). +@end table + +There can be only one instance of an extensible service type such as +@var{udev-service-type}. If there were more, the @code{service-extension} +specifications would be ambiguous. + +Still here? The next section provides a reference of the programming +interface for services. + +@node Référence de service +@subsubsection Référence de service + +We have seen an overview of service types (@pxref{Types service et services}). This section provides a reference on how to manipulate services +and service types. This interface is provided by the @code{(gnu services)} +module. + +@deffn {Scheme Procedure} service @var{type} [@var{value}] +Return a new service of @var{type}, a @code{} object (see +below.) @var{value} can be any object; it represents the parameters of this +particular service instance. + +When @var{value} is omitted, the default value specified by @var{type} is +used; if @var{type} does not specify a default value, an error is raised. + +For instance, this: + +@example +(service openssh-service-type) +@end example + +@noindent +is equivalent to this: + +@example +(service openssh-service-type + (openssh-configuration)) +@end example + +In both cases the result is an instance of @code{openssh-service-type} with +the default configuration. +@end deffn + +@deffn {Scheme Procedure} service? @var{obj} +Return true if @var{obj} is a service. +@end deffn + +@deffn {Scheme Procedure} service-kind @var{service} +Return the type of @var{service}---i.e., a @code{} object. +@end deffn + +@deffn {Scheme Procedure} service-value @var{service} +Return the value associated with @var{service}. It represents its +parameters. +@end deffn + +Here is an example of how a service is created and manipulated: + +@example +(define s + (service nginx-service-type + (nginx-configuration + (nginx nginx) + (log-directory log-directory) + (run-directory run-directory) + (file config-file)))) + +(service? s) +@result{} #t + +(eq? (service-kind s) nginx-service-type) +@result{} #t +@end example + +The @code{modify-services} form provides a handy way to change the +parameters of some of the services of a list such as @var{%base-services} +(@pxref{Services de base, @code{%base-services}}). It evaluates to a list of +services. Of course, you could always use standard list combinators such as +@code{map} and @code{fold} to do that (@pxref{SRFI-1, List Library,, guile, +GNU Guile Reference Manual}); @code{modify-services} simply provides a more +concise form for this common pattern. + +@deffn {Scheme Syntax} modify-services @var{services} @ + (@var{type} @var{variable} => @var{body}) @dots{} + +Modify the services listed in @var{services} according to the given +clauses. Each clause has the form: + +@example +(@var{type} @var{variable} => @var{body}) +@end example + +where @var{type} is a service type---e.g., @code{guix-service-type}---and +@var{variable} is an identifier that is bound within the @var{body} to the +service parameters---e.g., a @code{guix-configuration} instance---of the +original service of that @var{type}. + +The @var{body} should evaluate to the new service parameters, which will be +used to configure the new service. This new service will replace the +original in the resulting list. Because a service's service parameters are +created using @code{define-record-type*}, you can write a succinct +@var{body} that evaluates to the new service parameters by using the +@code{inherit} feature that @code{define-record-type*} provides. + +@xref{Utiliser le système de configuration}, for example usage. + +@end deffn + +Next comes the programming interface for service types. This is something +you want to know when writing new service definitions, but not necessarily +when simply looking for ways to customize your @code{operating-system} +declaration. + +@deftp {Data Type} service-type +@cindex service type +This is the representation of a @dfn{service type} (@pxref{Types service et services}). + +@table @asis +@item @code{name} +This is a symbol, used only to simplify inspection and debugging. + +@item @code{extensions} +A non-empty list of @code{} objects (see below). + +@item @code{compose} (default: @code{#f}) +If this is @code{#f}, then the service type denotes services that cannot be +extended---i.e., services that do not receive ``values'' from other +services. + +Otherwise, it must be a one-argument procedure. The procedure is called by +@code{fold-services} and is passed a list of values collected from +extensions. It may return any single value. + +@item @code{extend} (default: @code{#f}) +If this is @code{#f}, services of this type cannot be extended. + +Otherwise, it must be a two-argument procedure: @code{fold-services} calls +it, passing it the initial value of the service as the first argument and +the result of applying @code{compose} to the extension values as the second +argument. It must return a value that is a valid parameter value for the +service instance. +@end table + +@xref{Types service et services}, for examples. +@end deftp + +@deffn {Scheme Procedure} service-extension @var{target-type} @ + @var{compute} Return a new extension for services of type +@var{target-type}. @var{compute} must be a one-argument procedure: +@code{fold-services} calls it, passing it the value associated with the +service that provides the extension; it must return a valid value for the +target service. +@end deffn + +@deffn {Scheme Procedure} service-extension? @var{obj} +Return true if @var{obj} is a service extension. +@end deffn + +Occasionally, you might want to simply extend an existing service. This +involves creating a new service type and specifying the extension of +interest, which can be verbose; the @code{simple-service} procedure provides +a shorthand for this. + +@deffn {Scheme Procedure} simple-service @var{name} @var{target} @var{value} +Return a service that extends @var{target} with @var{value}. This works by +creating a singleton service type @var{name}, of which the returned service +is an instance. + +For example, this extends mcron (@pxref{Scheduled Job Execution}) with an +additional job: + +@example +(simple-service 'my-mcron-job mcron-service-type + #~(job '(next-hour (3)) "guix gc -F 2G")) +@end example +@end deffn + +At the core of the service abstraction lies the @code{fold-services} +procedure, which is responsible for ``compiling'' a list of services down to +a single directory that contains everything needed to boot and run the +system---the directory shown by the @command{guix system build} command +(@pxref{Invoquer guix system}). In essence, it propagates service +extensions down the service graph, updating each node parameters on the way, +until it reaches the root node. + +@deffn {Scheme Procedure} fold-services @var{services} @ + [#:target-type @var{system-service-type}] Fold @var{services} by propagating +their extensions down to the root of type @var{target-type}; return the root +service adjusted accordingly. +@end deffn + +Lastly, the @code{(gnu services)} module also defines several essential +service types, some of which are listed below. + +@defvr {Scheme Variable} system-service-type +This is the root of the service graph. It produces the system directory as +returned by the @command{guix system build} command. +@end defvr + +@defvr {Scheme Variable} boot-service-type +The type of the ``boot service'', which produces the @dfn{boot script}. The +boot script is what the initial RAM disk runs when booting. +@end defvr + +@defvr {Scheme Variable} etc-service-type +The type of the @file{/etc} service. This service is used to create files +under @file{/etc} and can be extended by passing it name/file tuples such +as: + +@example +(list `("issue" ,(plain-file "issue" "Welcome!\n"))) +@end example + +In this example, the effect would be to add an @file{/etc/issue} file +pointing to the given file. +@end defvr + +@defvr {Scheme Variable} setuid-program-service-type +Type for the ``setuid-program service''. This service collects lists of +executable file names, passed as gexps, and adds them to the set of +setuid-root programs on the system (@pxref{Programmes setuid}). +@end defvr + +@defvr {Scheme Variable} profile-service-type +Type of the service that populates the @dfn{system profile}---i.e., the +programs under @file{/run/current-system/profile}. Other services can +extend it by passing it lists of packages to add to the system profile. +@end defvr + + +@node Services Shepherd +@subsubsection Services Shepherd + +@cindex shepherd services +@cindex PID 1 +@cindex init system +The @code{(gnu services shepherd)} module provides a way to define services +managed by the GNU@tie{}Shepherd, which is the GuixSD initialization +system---the first process that is started when the system boots, also known +as PID@tie{}1 (@pxref{Introduction,,, shepherd, The GNU Shepherd Manual}). + +Services in the Shepherd can depend on each other. For instance, the SSH +daemon may need to be started after the syslog daemon has been started, +which in turn can only happen once all the file systems have been mounted. +The simple operating system defined earlier (@pxref{Utiliser le système de configuration}) results in a service graph like this: + +@image{images/shepherd-graph,,5in,Typical shepherd service graph.} + +You can actually generate such a graph for any operating system definition +using the @command{guix system shepherd-graph} command +(@pxref{system-shepherd-graph, @command{guix system shepherd-graph}}). + +The @var{%shepherd-root-service} is a service object representing +PID@tie{}1, of type @var{shepherd-root-service-type}; it can be extended by +passing it lists of @code{} objects. + +@deftp {Data Type} shepherd-service +The data type representing a service managed by the Shepherd. + +@table @asis +@item @code{provision} +This is a list of symbols denoting what the service provides. + +These are the names that may be passed to @command{herd start}, +@command{herd status}, and similar commands (@pxref{Invoking herd,,, +shepherd, The GNU Shepherd Manual}). @xref{Slots of services, the +@code{provides} slot,, shepherd, The GNU Shepherd Manual}, for details. + +@item @code{requirements} (default: @code{'()}) +List of symbols denoting the Shepherd services this one depends on. + +@item @code{respawn?} (default: @code{#t}) +Whether to restart the service when it stops, for instance when the +underlying process dies. + +@item @code{start} +@itemx @code{stop} (default: @code{#~(const #f)}) +The @code{start} and @code{stop} fields refer to the Shepherd's facilities +to start and stop processes (@pxref{Service De- and Constructors,,, +shepherd, The GNU Shepherd Manual}). They are given as G-expressions that +get expanded in the Shepherd configuration file (@pxref{G-Expressions}). + +@item @code{documentation} +A documentation string, as shown when running: + +@example +herd doc @var{service-name} +@end example + +where @var{service-name} is one of the symbols in @var{provision} +(@pxref{Invoking herd,,, shepherd, The GNU Shepherd Manual}). + +@item @code{modules} (default: @var{%default-modules}) +This is the list of modules that must be in scope when @code{start} and +@code{stop} are evaluated. + +@end table +@end deftp + +@defvr {Scheme Variable} shepherd-root-service-type +The service type for the Shepherd ``root service''---i.e., PID@tie{}1. + +This is the service type that extensions target when they want to create +shepherd services (@pxref{Types service et services}, for an example). +Each extension must pass a list of @code{}. +@end defvr + +@defvr {Scheme Variable} %shepherd-root-service +This service represents PID@tie{}1. +@end defvr + + +@node Documentation +@section Documentation + +@cindex documentation, searching for +@cindex searching for documentation +@cindex Info, documentation format +@cindex man pages +@cindex manual pages +In most cases packages installed with Guix come with documentation. There +are two main documentation formats: ``Info'', a browseable hypertext format +used for GNU software, and ``manual pages'' (or ``man pages''), the linear +documentation format traditionally found on Unix. Info manuals are accessed +with the @command{info} command or with Emacs, and man pages are accessed +using @command{man}. + +You can look for documentation of software installed on your system by +keyword. For example, the following command searches for information about +``TLS'' in Info manuals: + +@example +$ info -k TLS +"(emacs)Network Security" -- STARTTLS +"(emacs)Network Security" -- TLS +"(gnutls)Core TLS API" -- gnutls_certificate_set_verify_flags +"(gnutls)Core TLS API" -- gnutls_certificate_set_verify_function +@dots{} +@end example + +@noindent +The command below searches for the same keyword in man pages: + +@example +$ man -k TLS +SSL (7) - OpenSSL SSL/TLS library +certtool (1) - GnuTLS certificate tool +@dots {} +@end example + +These searches are purely local to your computer so you have the guarantee +that documentation you find corresponds to what you have actually installed, +you can access it off-line, and your privacy is respected. + +Once you have these results, you can view the relevant documentation by +running, say: + +@example +$ info "(gnutls)Core TLS API" +@end example + +@noindent +or: + +@example +$ man certtool +@end example + +Info manuals contain sections and indices as well as hyperlinks like those +found in Web pages. The @command{info} reader (@pxref{Top, Info reader,, +info-stnd, Stand-alone GNU Info}) and its Emacs counterpart (@pxref{Misc +Help,,, emacs, The GNU Emacs Manual}) provide intuitive key bindings to +navigate manuals. @xref{Getting Started,,, info, Info: An Introduction}, +for an introduction to Info navigation. + +@node Installer les fichiers de débogage +@section Installer les fichiers de débogage + +@cindex debugging files +Program binaries, as produced by the GCC compilers for instance, are +typically written in the ELF format, with a section containing +@dfn{debugging information}. Debugging information is what allows the +debugger, GDB, to map binary code to source code; it is required to debug a +compiled program in good conditions. + +Le problème avec les informations de débogage est qu'elles prennent pas mal +de place sur le disque. Par exemple, les informations de débogage de la +bibliothèque C de GNU prend plus de 60 Mo. Ainsi, en tant qu'utilisateur, +garder toutes les informations de débogage de tous les programmes installés +n'est souvent pas une possibilité. Cependant, l'économie d'espace ne devrait +pas empêcher le débogage — en particulier, dans le système GNU, qui devrait +faciliter pour ses utilisateurs l'exercice de leurs libertés +(@pxref{Distribution GNU}). + +Thankfully, the GNU Binary Utilities (Binutils) and GDB provide a mechanism +that allows users to get the best of both worlds: debugging information can +be stripped from the binaries and stored in separate files. GDB is then +able to load debugging information from those files, when they are available +(@pxref{Separate Debug Files,,, gdb, Debugging with GDB}). + +The GNU distribution takes advantage of this by storing debugging +information in the @code{lib/debug} sub-directory of a separate package +output unimaginatively called @code{debug} (@pxref{Des paquets avec plusieurs résultats}). Users can choose to install the @code{debug} output of a package +when they need it. For instance, the following command installs the +debugging information for the GNU C Library and for GNU Guile: + +@example +guix package -i glibc:debug guile:debug +@end example + +GDB must then be told to look for debug files in the user's profile, by +setting the @code{debug-file-directory} variable (consider setting it from +the @file{~/.gdbinit} file, @pxref{Startup,,, gdb, Debugging with GDB}): + +@example +(gdb) set debug-file-directory ~/.guix-profile/lib/debug +@end example + +From there on, GDB will pick up debugging information from the @code{.debug} +files under @file{~/.guix-profile/lib/debug}. + +In addition, you will most likely want GDB to be able to show the source +code being debugged. To do that, you will have to unpack the source code of +the package of interest (obtained with @code{guix build --source}, +@pxref{Invoquer guix build}), and to point GDB to that source directory +using the @code{directory} command (@pxref{Source Path, @code{directory},, +gdb, Debugging with GDB}). + +@c XXX: keep me up-to-date +The @code{debug} output mechanism in Guix is implemented by the +@code{gnu-build-system} (@pxref{Systèmes de construction}). Currently, it is +opt-in---debugging information is available only for the packages with +definitions explicitly declaring a @code{debug} output. This may be changed +to opt-out in the future if our build farm servers can handle the load. To +check whether a package has a @code{debug} output, use @command{guix package +--list-available} (@pxref{Invoquer guix package}). + + +@node Mises à jour de sécurité +@section Mises à jour de sécurité + +@cindex security updates +@cindex security vulnerabilities +Occasionally, important security vulnerabilities are discovered in software +packages and must be patched. Guix developers try hard to keep track of +known vulnerabilities and to apply fixes as soon as possible in the +@code{master} branch of Guix (we do not yet provide a ``stable'' branch +containing only security updates.) The @command{guix lint} tool helps +developers find out about vulnerable versions of software packages in the +distribution: + +@smallexample +$ guix lint -c cve +gnu/packages/base.scm:652:2: glibc@@2.21: probably vulnerable to CVE-2015-1781, CVE-2015-7547 +gnu/packages/gcc.scm:334:2: gcc@@4.9.3: probably vulnerable to CVE-2015-5276 +gnu/packages/image.scm:312:2: openjpeg@@2.1.0: probably vulnerable to CVE-2016-1923, CVE-2016-1924 +@dots{} +@end smallexample + +@xref{Invoquer guix lint}, for more information. + +@quotation Note +As of version @value{VERSION}, the feature described below is considered +``beta''. +@end quotation + +Guix suit une discipline de gestion de paquets fonctionnelle +(@pxref{Introduction}), ce qui implique que lorsqu'un paquet change, +@emph{tous les paquets qui en dépendent} doivent être reconstruits. Cela +peut grandement ralentir le déploiement de corrections dans les paquets du +cœur comme libc ou bash comme presque toute la distribution aurait besoin +d'être reconstruite. Cela aide d'utiliser des binaires pré-construits +(@pxref{Substituts}), mais le déploiement peut toujours prendre plus de +temps de souhaité. + +@cindex grafts +To address this, Guix implements @dfn{grafts}, a mechanism that allows for +fast deployment of critical updates without the costs associated with a +whole-distribution rebuild. The idea is to rebuild only the package that +needs to be patched, and then to ``graft'' it onto packages explicitly +installed by the user and that were previously referring to the original +package. The cost of grafting is typically very low, and order of +magnitudes lower than a full rebuild of the dependency chain. + +@cindex replacements of packages, for grafts +For instance, suppose a security update needs to be applied to Bash. Guix +developers will provide a package definition for the ``fixed'' Bash, say +@var{bash-fixed}, in the usual way (@pxref{Définition des paquets}). Then, the +original package definition is augmented with a @code{replacement} field +pointing to the package containing the bug fix: + +@example +(define bash + (package + (name "bash") + ;; @dots{} + (replacement bash-fixed))) +@end example + +From there on, any package depending directly or indirectly on Bash---as +reported by @command{guix gc --requisites} (@pxref{Invoquer guix gc})---that +is installed is automatically ``rewritten'' to refer to @var{bash-fixed} +instead of @var{bash}. This grafting process takes time proportional to the +size of the package, usually less than a minute for an ``average'' package +on a recent machine. Grafting is recursive: when an indirect dependency +requires grafting, then grafting ``propagates'' up to the package that the +user is installing. + +Currently, the length of the name and version of the graft and that of the +package it replaces (@var{bash-fixed} and @var{bash} in the example above) +must be equal. This restriction mostly comes from the fact that grafting +works by patching files, including binary files, directly. Other +restrictions may apply: for instance, when adding a graft to a package +providing a shared library, the original shared library and its replacement +must have the same @code{SONAME} and be binary-compatible. + +The @option{--no-grafts} command-line option allows you to forcefully avoid +grafting (@pxref{Options de construction communes, @option{--no-grafts}}). Thus, the +command: + +@example +guix build bash --no-grafts +@end example + +@noindent +returns the store file name of the original Bash, whereas: + +@example +guix build bash +@end example + +@noindent +returns the store file name of the ``fixed'', replacement Bash. This allows +you to distinguish between the two variants of Bash. + +To verify which Bash your whole profile refers to, you can run +(@pxref{Invoquer guix gc}): + +@example +guix gc -R `readlink -f ~/.guix-profile` | grep bash +@end example + +@noindent +@dots{} and compare the store file names that you get with those above. +Likewise for a complete GuixSD system generation: + +@example +guix gc -R `guix system build my-config.scm` | grep bash +@end example + +Lastly, to check which Bash running processes are using, you can use the +@command{lsof} command: + +@example +lsof | grep /gnu/store/.*bash +@end example + + +@node Modules de paquets +@section Modules de paquets + +From a programming viewpoint, the package definitions of the GNU +distribution are provided by Guile modules in the @code{(gnu packages +@dots{})} name space@footnote{Note that packages under the @code{(gnu +packages @dots{})} module name space are not necessarily ``GNU packages''. +This module naming scheme follows the usual Guile module naming convention: +@code{gnu} means that these modules are distributed as part of the GNU +system, and @code{packages} identifies modules that define packages.} +(@pxref{Modules, Guile modules,, guile, GNU Guile Reference Manual}). For +instance, the @code{(gnu packages emacs)} module exports a variable named +@code{emacs}, which is bound to a @code{} object (@pxref{Définition des paquets}). + +The @code{(gnu packages @dots{})} module name space is automatically scanned +for packages by the command-line tools. For instance, when running +@code{guix package -i emacs}, all the @code{(gnu packages @dots{})} modules +are scanned until one that exports a package object whose name is +@code{emacs} is found. This package search facility is implemented in the +@code{(gnu packages)} module. + +@cindex personnalisation, des paquets +@cindex package module search path +Users can store package definitions in modules with different names---e.g., +@code{(my-packages emacs)}@footnote{Note that the file name and module name +must match. For instance, the @code{(my-packages emacs)} module must be +stored in a @file{my-packages/emacs.scm} file relative to the load path +specified with @option{--load-path} or @code{GUIX_PACKAGE_PATH}. +@xref{Modules and the File System,,, guile, GNU Guile Reference Manual}, for +details.}. These package definitions will not be visible by default. Users +can invoke commands such as @command{guix package} and @command{guix build} +with the @code{-e} option so that they know where to find the package. +Better yet, they can use the @code{-L} option of these commands to make +those modules visible (@pxref{Invoquer guix build, @code{--load-path}}), or +define the @code{GUIX_PACKAGE_PATH} environment variable. This environment +variable makes it easy to extend or customize the distribution and is +honored by all the user interfaces. + +@defvr {Environment Variable} GUIX_PACKAGE_PATH +This is a colon-separated list of directories to search for additional +package modules. Directories listed in this variable take precedence over +the own modules of the distribution. +@end defvr + +The distribution is fully @dfn{bootstrapped} and @dfn{self-contained}: each +package is built based solely on other packages in the distribution. The +root of this dependency graph is a small set of @dfn{bootstrap binaries}, +provided by the @code{(gnu packages bootstrap)} module. For more +information on bootstrapping, @pxref{Bootstrapping}. + +@node Consignes d'empaquetage +@section Consignes d'empaquetage + +@cindex packages, creating +The GNU distribution is nascent and may well lack some of your favorite +packages. This section describes how you can help make the distribution +grow. @xref{Contribuer}, for additional information on how you can help. + +Free software packages are usually distributed in the form of @dfn{source +code tarballs}---typically @file{tar.gz} files that contain all the source +files. Adding a package to the distribution means essentially two things: +adding a @dfn{recipe} that describes how to build the package, including a +list of other packages required to build it, and adding @dfn{package +metadata} along with that recipe, such as a description and licensing +information. + +In Guix all this information is embodied in @dfn{package definitions}. +Package definitions provide a high-level view of the package. They are +written using the syntax of the Scheme programming language; in fact, for +each package we define a variable bound to the package definition, and +export that variable from a module (@pxref{Modules de paquets}). However, +in-depth Scheme knowledge is @emph{not} a prerequisite for creating +packages. For more information on package definitions, @pxref{Définition des paquets}. + +Once a package definition is in place, stored in a file in the Guix source +tree, it can be tested using the @command{guix build} command +(@pxref{Invoquer guix build}). For example, assuming the new package is +called @code{gnew}, you may run this command from the Guix build tree +(@pxref{Lancer Guix avant qu'il ne soit installé}): + +@example +./pre-inst-env guix build gnew --keep-failed +@end example + +Using @code{--keep-failed} makes it easier to debug build failures since it +provides access to the failed build tree. Another useful command-line +option when debugging is @code{--log-file}, to access the build log. + +If the package is unknown to the @command{guix} command, it may be that the +source file contains a syntax error, or lacks a @code{define-public} clause +to export the package variable. To figure it out, you may load the module +from Guile to get more information about the actual error: + +@example +./pre-inst-env guile -c '(use-modules (gnu packages gnew))' +@end example + +Once your package builds correctly, please send us a patch +(@pxref{Contribuer}). Well, if you need help, we will be happy to help +you too. Once the patch is committed in the Guix repository, the new +package automatically gets built on the supported platforms by +@url{http://hydra.gnu.org/jobset/gnu/master, our continuous integration +system}. + +@cindex substituter +On peut obtenir la nouvelle définition du paquet simplement en lançant +@command{guix pull} (@pxref{Invoquer guix pull}). Lorsque +@code{hydra.gnu.org} a fini de construire le paquet, l'installation du +paquet y télécharge automatiquement les binaires (@pxref{Substituts}). La +seule intervention humaine requise est pendant la revue et l'application du +correctif. + + +@menu +* Liberté logiciel:: Ce que la distribution peut contenir. +* Conventions de nommage:: Qu'est-ce qu'un bon nom ? +* Numéros de version:: Lorsque le nom n'est pas suffisant. +* Synopsis et descriptions:: Aider les utilisateurs à trouver le bon + paquet. +* Modules python:: Un peu de comédie anglaise. +* Modules perl:: Petites perles. +* Paquets java:: Pause café. +* Polices de caractères:: Fond of fonts. +@end menu + +@node Liberté logiciel +@subsection Liberté logiciel + +@c Adapted from http://www.gnu.org/philosophy/philosophy.html. +@cindex free software +The GNU operating system has been developed so that users can have freedom +in their computing. GNU is @dfn{free software}, meaning that users have the +@url{http://www.gnu.org/philosophy/free-sw.html,four essential freedoms}: to +run the program, to study and change the program in source code form, to +redistribute exact copies, and to distribute modified versions. Packages +found in the GNU distribution provide only software that conveys these four +freedoms. + +In addition, the GNU distribution follow the +@url{http://www.gnu.org/distros/free-system-distribution-guidelines.html,free +software distribution guidelines}. Among other things, these guidelines +reject non-free firmware, recommendations of non-free software, and discuss +ways to deal with trademarks and patents. + +Some otherwise free upstream package sources contain a small and optional +subset that violates the above guidelines, for instance because this subset +is itself non-free code. When that happens, the offending items are removed +with appropriate patches or code snippets in the @code{origin} form of the +package (@pxref{Définition des paquets}). This way, @code{guix build --source} +returns the ``freed'' source rather than the unmodified upstream source. + + +@node Conventions de nommage +@subsection Conventions de nommage + +@cindex package name +A package has actually two names associated with it: First, there is the +name of the @emph{Scheme variable}, the one following @code{define-public}. +By this name, the package can be made known in the Scheme code, for instance +as input to another package. Second, there is the string in the @code{name} +field of a package definition. This name is used by package management +commands such as @command{guix package} and @command{guix build}. + +Both are usually the same and correspond to the lowercase conversion of the +project name chosen upstream, with underscores replaced with hyphens. For +instance, GNUnet is available as @code{gnunet}, and SDL_net as +@code{sdl-net}. + +We do not add @code{lib} prefixes for library packages, unless these are +already part of the official project name. But @pxref{Modules python} and +@ref{Modules perl} for special rules concerning modules for the Python and +Perl languages. + +Font package names are handled differently, @pxref{Polices de caractères}. + + +@node Numéros de version +@subsection Numéros de version + +@cindex package version +We usually package only the latest version of a given free software +project. But sometimes, for instance for incompatible library versions, two +(or more) versions of the same package are needed. These require different +Scheme variable names. We use the name as defined in @ref{Conventions de nommage} +for the most recent version; previous versions use the same name, suffixed +by @code{-} and the smallest prefix of the version number that may +distinguish the two versions. + +The name inside the package definition is the same for all versions of a +package and does not contain any version number. + +For instance, the versions 2.24.20 and 3.9.12 of GTK+ may be packaged as +follows: + +@example +(define-public gtk+ + (package + (name "gtk+") + (version "3.9.12") + ...)) +(define-public gtk+-2 + (package + (name "gtk+") + (version "2.24.20") + ...)) +@end example +If we also wanted GTK+ 3.8.2, this would be packaged as +@example +(define-public gtk+-3.8 + (package + (name "gtk+") + (version "3.8.2") + ...)) +@end example + +@c See , +@c for a discussion of what follows. +@cindex version number, for VCS snapshots +Occasionally, we package snapshots of upstream's version control system +(VCS) instead of formal releases. This should remain exceptional, because +it is up to upstream developers to clarify what the stable release is. Yet, +it is sometimes necessary. So, what should we put in the @code{version} +field? + +Clearly, we need to make the commit identifier of the VCS snapshot visible +in the version string, but we also need to make sure that the version string +is monotonically increasing so that @command{guix package --upgrade} can +determine which version is newer. Since commit identifiers, notably with +Git, are not monotonically increasing, we add a revision number that we +increase each time we upgrade to a newer snapshot. The resulting version +string looks like this: + +@example +2.0.11-3.cabba9e + ^ ^ ^ + | | `-- upstream commit ID + | | + | `--- Guix package revision + | +latest upstream version +@end example + +It is a good idea to strip commit identifiers in the @code{version} field +to, say, 7 digits. It avoids an aesthetic annoyance (assuming aesthetics +have a role to play here) as well as problems related to OS limits such as +the maximum shebang length (127 bytes for the Linux kernel.) It is best to +use the full commit identifiers in @code{origin}s, though, to avoid +ambiguities. A typical package definition may look like this: + +@example +(define my-package + (let ((commit "c3f29bc928d5900971f65965feaae59e1272a3f7") + (revision "1")) ;Guix package revision + (package + (version (git-version "0.9" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "git://example.org/my-package.git") + (commit commit))) + (sha256 (base32 "1mbikn@dots{}")) + (file-name (git-file-name name version)))) + ;; @dots{} + ))) +@end example + +@node Synopsis et descriptions +@subsection Synopsis et descriptions + +@cindex package description +@cindex package synopsis +As we have seen before, each package in GNU@tie{}Guix includes a synopsis +and a description (@pxref{Définition des paquets}). Synopses and descriptions +are important: They are what @command{guix package --search} searches, and a +crucial piece of information to help users determine whether a given package +suits their needs. Consequently, packagers should pay attention to what +goes into them. + +Synopses must start with a capital letter and must not end with a period. +They must not start with ``a'' or ``the'', which usually does not bring +anything; for instance, prefer ``File-frobbing tool'' over ``A tool that +frobs files''. The synopsis should say what the package is---e.g., ``Core +GNU utilities (file, text, shell)''---or what it is used for---e.g., the +synopsis for GNU@tie{}grep is ``Print lines matching a pattern''. + +Keep in mind that the synopsis must be meaningful for a very wide audience. +For example, ``Manipulate alignments in the SAM format'' might make sense +for a seasoned bioinformatics researcher, but might be fairly unhelpful or +even misleading to a non-specialized audience. It is a good idea to come up +with a synopsis that gives an idea of the application domain of the +package. In this example, this might give something like ``Manipulate +nucleotide sequence alignments'', which hopefully gives the user a better +idea of whether this is what they are looking for. + +Descriptions should take between five and ten lines. Use full sentences, +and avoid using acronyms without first introducing them. Please avoid +marketing phrases such as ``world-leading'', ``industrial-strength'', and +``next-generation'', and avoid superlatives like ``the most +advanced''---they are not helpful to users looking for a package and may +even sound suspicious. Instead, try to be factual, mentioning use cases and +features. + +@cindex Texinfo markup, in package descriptions +Descriptions can include Texinfo markup, which is useful to introduce +ornaments such as @code{@@code} or @code{@@dfn}, bullet lists, or hyperlinks +(@pxref{Overview,,, texinfo, GNU Texinfo}). However you should be careful +when using some characters for example @samp{@@} and curly braces which are +the basic special characters in Texinfo (@pxref{Special Characters,,, +texinfo, GNU Texinfo}). User interfaces such as @command{guix package +--show} take care of rendering it appropriately. + +Synopses and descriptions are translated by volunteers +@uref{http://translationproject.org/domain/guix-packages.html, at the +Translation Project} so that as many users as possible can read them in +their native language. User interfaces search them and display them in the +language specified by the current locale. + +To allow @command{xgettext} to extract them as translatable strings, +synopses and descriptions @emph{must be literal strings}. This means that +you cannot use @code{string-append} or @code{format} to construct these +strings: + +@lisp +(package + ;; @dots{} + (synopsis "This is translatable") + (description (string-append "This is " "*not*" " translatable."))) +@end lisp + +Translation is a lot of work so, as a packager, please pay even more +attention to your synopses and descriptions as every change may entail +additional work for translators. In order to help them, it is possible to +make recommendations or instructions visible to them by inserting special +comments like this (@pxref{xgettext Invocation,,, gettext, GNU Gettext}): + +@example +;; TRANSLATORS: "X11 resize-and-rotate" should not be translated. +(description "ARandR is designed to provide a simple visual front end +for the X11 resize-and-rotate (RandR) extension. @dots{}") +@end example + + +@node Modules python +@subsection Modules python + +@cindex python +We currently package Python 2 and Python 3, under the Scheme variable names +@code{python-2} and @code{python} as explained in @ref{Numéros de version}. To +avoid confusion and naming clashes with other programming languages, it +seems desirable that the name of a package for a Python module contains the +word @code{python}. + +Some modules are compatible with only one version of Python, others with +both. If the package Foo compiles only with Python 3, we name it +@code{python-foo}; if it compiles only with Python 2, we name it +@code{python2-foo}. If it is compatible with both versions, we create two +packages with the corresponding names. + +If a project already contains the word @code{python}, we drop this; for +instance, the module python-dateutil is packaged under the names +@code{python-dateutil} and @code{python2-dateutil}. If the project name +starts with @code{py} (e.g. @code{pytz}), we keep it and prefix it as +described above. + +@subsubsection Specifying Dependencies +@cindex inputs, for Python packages + +Dependency information for Python packages is usually available in the +package source tree, with varying degrees of accuracy: in the +@file{setup.py} file, in @file{requirements.txt}, or in @file{tox.ini}. + +Your mission, when writing a recipe for a Python package, is to map these +dependencies to the appropriate type of ``input'' (@pxref{Référence de paquet, +inputs}). Although the @code{pypi} importer normally does a good job +(@pxref{Invoquer guix import}), you may want to check the following check +list to determine which dependency goes where. + +@itemize + +@item +We currently package Python 2 with @code{setuptools} and @code{pip} +installed like Python 3.4 has per default. Thus you don't need to specify +either of these as an input. @command{guix lint} will warn you if you do. + +@item +Python dependencies required at run time go into @code{propagated-inputs}. +They are typically defined with the @code{install_requires} keyword in +@file{setup.py}, or in the @file{requirements.txt} file. + +@item +Python packages required only at build time---e.g., those listed with the +@code{setup_requires} keyword in @file{setup.py}---or only for +testing---e.g., those in @code{tests_require}---go into +@code{native-inputs}. The rationale is that (1) they do not need to be +propagated because they are not needed at run time, and (2) in a +cross-compilation context, it's the ``native'' input that we'd want. + +Examples are the @code{pytest}, @code{mock}, and @code{nose} test +frameworks. Of course if any of these packages is also required at +run-time, it needs to go to @code{propagated-inputs}. + +@item +Anything that does not fall in the previous categories goes to +@code{inputs}, for example programs or C libraries required for building +Python packages containing C extensions. + +@item +If a Python package has optional dependencies (@code{extras_require}), it is +up to you to decide whether to add them or not, based on their +usefulness/overhead ratio (@pxref{Envoyer des correctifs, @command{guix size}}). + +@end itemize + + +@node Modules perl +@subsection Modules perl + +@cindex perl +Perl programs standing for themselves are named as any other package, using +the lowercase upstream name. For Perl packages containing a single class, +we use the lowercase class name, replace all occurrences of @code{::} by +dashes and prepend the prefix @code{perl-}. So the class @code{XML::Parser} +becomes @code{perl-xml-parser}. Modules containing several classes keep +their lowercase upstream name and are also prepended by @code{perl-}. Such +modules tend to have the word @code{perl} somewhere in their name, which +gets dropped in favor of the prefix. For instance, @code{libwww-perl} +becomes @code{perl-libwww}. + + +@node Paquets java +@subsection Paquets java + +@cindex java +Java programs standing for themselves are named as any other package, using +the lowercase upstream name. + +To avoid confusion and naming clashes with other programming languages, it +is desirable that the name of a package for a Java package is prefixed with +@code{java-}. If a project already contains the word @code{java}, we drop +this; for instance, the package @code{ngsjava} is packaged under the name +@code{java-ngs}. + +For Java packages containing a single class or a small class hierarchy, we +use the lowercase class name, replace all occurrences of @code{.} by dashes +and prepend the prefix @code{java-}. So the class @code{apache.commons.cli} +becomes package @code{java-apache-commons-cli}. + + +@node Polices de caractères +@subsection Polices de caractères + +@cindex fonts +For fonts that are in general not installed by a user for typesetting +purposes, or that are distributed as part of a larger software package, we +rely on the general packaging rules for software; for instance, this applies +to the fonts delivered as part of the X.Org system or fonts that are part of +TeX Live. + +To make it easier for a user to search for fonts, names for other packages +containing only fonts are constructed as follows, independently of the +upstream package name. + +The name of a package containing only one font family starts with +@code{font-}; it is followed by the foundry name and a dash @code{-} if the +foundry is known, and the font family name, in which spaces are replaced by +dashes (and as usual, all upper case letters are transformed to lower +case). For example, the Gentium font family by SIL is packaged under the +name @code{font-sil-gentium}. + +For a package containing several font families, the name of the collection +is used in the place of the font family name. For instance, the Liberation +fonts consist of three families, Liberation Sans, Liberation Serif and +Liberation Mono. These could be packaged separately under the names +@code{font-liberation-sans} and so on; but as they are distributed together +under a common name, we prefer to package them together as +@code{font-liberation}. + +In the case where several formats of the same font family or font collection +are packaged separately, a short form of the format, prepended by a dash, is +added to the package name. We use @code{-ttf} for TrueType fonts, +@code{-otf} for OpenType fonts and @code{-type1} for PostScript Type 1 +fonts. + + + +@node Bootstrapping +@section Bootstrapping + +@c Adapted from the ELS 2013 paper. + +@cindex bootstrapping + +Bootstrapping in our context refers to how the distribution gets built +``from nothing''. Remember that the build environment of a derivation +contains nothing but its declared inputs (@pxref{Introduction}). So there's +an obvious chicken-and-egg problem: how does the first package get built? +How does the first compiler get compiled? Note that this is a question of +interest only to the curious hacker, not to the regular user, so you can +shamelessly skip this section if you consider yourself a ``regular user''. + +@cindex bootstrap binaries +The GNU system is primarily made of C code, with libc at its core. The GNU +build system itself assumes the availability of a Bourne shell and +command-line tools provided by GNU Coreutils, Awk, Findutils, `sed', and +`grep'. Furthermore, build programs---programs that run @code{./configure}, +@code{make}, etc.---are written in Guile Scheme (@pxref{Dérivations}). +Consequently, to be able to build anything at all, from scratch, Guix relies +on pre-built binaries of Guile, GCC, Binutils, libc, and the other packages +mentioned above---the @dfn{bootstrap binaries}. + +These bootstrap binaries are ``taken for granted'', though we can also +re-create them if needed (more on that later). + +@unnumberedsubsec Preparing to Use the Bootstrap Binaries + +@c As of Emacs 24.3, Info-mode displays the image, but since it's a +@c large image, it's hard to scroll. Oh well. +@image{images/bootstrap-graph,6in,,Dependency graph of the early bootstrap +derivations} + +The figure above shows the very beginning of the dependency graph of the +distribution, corresponding to the package definitions of the @code{(gnu +packages bootstrap)} module. A similar figure can be generated with +@command{guix graph} (@pxref{Invoquer guix graph}), along the lines of: + +@example +guix graph -t derivation \ + -e '(@@@@ (gnu packages bootstrap) %bootstrap-gcc)' \ + | dot -Tps > t.ps +@end example + +At this level of detail, things are slightly complex. First, Guile itself +consists of an ELF executable, along with many source and compiled Scheme +files that are dynamically loaded when it runs. This gets stored in the +@file{guile-2.0.7.tar.xz} tarball shown in this graph. This tarball is part +of Guix's ``source'' distribution, and gets inserted into the store with +@code{add-to-store} (@pxref{Le dépôt}). + +But how do we write a derivation that unpacks this tarball and adds it to +the store? To solve this problem, the @code{guile-bootstrap-2.0.drv} +derivation---the first one that gets built---uses @code{bash} as its +builder, which runs @code{build-bootstrap-guile.sh}, which in turn calls +@code{tar} to unpack the tarball. Thus, @file{bash}, @file{tar}, @file{xz}, +and @file{mkdir} are statically-linked binaries, also part of the Guix +source distribution, whose sole purpose is to allow the Guile tarball to be +unpacked. + +Once @code{guile-bootstrap-2.0.drv} is built, we have a functioning Guile +that can be used to run subsequent build programs. Its first task is to +download tarballs containing the other pre-built binaries---this is what the +@code{.tar.xz.drv} derivations do. Guix modules such as +@code{ftp-client.scm} are used for this purpose. The +@code{module-import.drv} derivations import those modules in a directory in +the store, using the original layout. The @code{module-import-compiled.drv} +derivations compile those modules, and write them in an output directory +with the right layout. This corresponds to the @code{#:modules} argument of +@code{build-expression->derivation} (@pxref{Dérivations}). + +Finally, the various tarballs are unpacked by the derivations +@code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, etc., at which +point we have a working C tool chain. + + +@unnumberedsubsec Building the Build Tools + +Bootstrapping is complete when we have a full tool chain that does not +depend on the pre-built bootstrap tools discussed above. This no-dependency +requirement is verified by checking whether the files of the final tool +chain contain references to the @file{/gnu/store} directories of the +bootstrap inputs. The process that leads to this ``final'' tool chain is +described by the package definitions found in the @code{(gnu packages +commencement)} module. + +The @command{guix graph} command allows us to ``zoom out'' compared to the +graph above, by looking at the level of package objects instead of +individual derivations---remember that a package may translate to several +derivations, typically one derivation to download its source, one to build +the Guile modules it needs, and one to actually build the package from +source. The command: + +@example +guix graph -t bag \ + -e '(@@@@ (gnu packages commencement) + glibc-final-with-bootstrap-bash)' | dot -Tps > t.ps +@end example + +@noindent +produces the dependency graph leading to the ``final'' C +library@footnote{You may notice the @code{glibc-intermediate} label, +suggesting that it is not @emph{quite} final, but as a good approximation, +we will consider it final.}, depicted below. + +@image{images/bootstrap-packages,6in,,Dependency graph of the early +packages} + +@c See . +The first tool that gets built with the bootstrap binaries is +GNU@tie{}Make---noted @code{make-boot0} above---which is a prerequisite for +all the following packages. From there Findutils and Diffutils get built. + +Then come the first-stage Binutils and GCC, built as pseudo cross +tools---i.e., with @code{--target} equal to @code{--host}. They are used to +build libc. Thanks to this cross-build trick, this libc is guaranteed not +to hold any reference to the initial tool chain. + +From there the final Binutils and GCC (not shown above) are built. GCC uses +@code{ld} from the final Binutils, and links programs against the just-built +libc. This tool chain is used to build the other packages used by Guix and +by the GNU Build System: Guile, Bash, Coreutils, etc. + +And voilà! At this point we have the complete set of build tools that the +GNU Build System expects. These are in the @code{%final-inputs} variable of +the @code{(gnu packages commencement)} module, and are implicitly used by +any package that uses @code{gnu-build-system} (@pxref{Systèmes de construction, +@code{gnu-build-system}}). + + +@unnumberedsubsec Building the Bootstrap Binaries + +@cindex bootstrap binaries +Because the final tool chain does not depend on the bootstrap binaries, +those rarely need to be updated. Nevertheless, it is useful to have an +automated way to produce them, should an update occur, and this is what the +@code{(gnu packages make-bootstrap)} module provides. + +The following command builds the tarballs containing the bootstrap binaries +(Guile, Binutils, GCC, libc, and a tarball containing a mixture of Coreutils +and other basic command-line tools): + +@example +guix build bootstrap-tarballs +@end example + +The generated tarballs are those that should be referred to in the +@code{(gnu packages bootstrap)} module mentioned at the beginning of this +section. + +Still here? Then perhaps by now you've started to wonder: when do we reach a +fixed point? That is an interesting question! The answer is unknown, but if +you would like to investigate further (and have significant computational +and storage resources to do so), then let us know. + +@unnumberedsubsec Reducing the Set of Bootstrap Binaries + +Our bootstrap binaries currently include GCC, Guile, etc. That's a lot of +binary code! Why is that a problem? It's a problem because these big chunks +of binary code are practically non-auditable, which makes it hard to +establish what source code produced them. Every unauditable binary also +leaves us vulnerable to compiler backdoors as described by Ken Thompson in +the 1984 paper @emph{Reflections on Trusting Trust}. + +This is mitigated by the fact that our bootstrap binaries were generated +from an earlier Guix revision. Nevertheless it lacks the level of +transparency that we get in the rest of the package dependency graph, where +Guix always gives us a source-to-binary mapping. Thus, our goal is to +reduce the set of bootstrap binaries to the bare minimum. + +The @uref{http://bootstrappable.org, Bootstrappable.org web site} lists +on-going projects to do that. One of these is about replacing the bootstrap +GCC with a sequence of assemblers, interpreters, and compilers of increasing +complexity, which could be built from source starting from a simple and +auditable assembler. Your help is welcome! + + +@node Porter +@section Porting to a New Platform + +As discussed above, the GNU distribution is self-contained, and +self-containment is achieved by relying on pre-built ``bootstrap binaries'' +(@pxref{Bootstrapping}). These binaries are specific to an operating system +kernel, CPU architecture, and application binary interface (ABI). Thus, to +port the distribution to a platform that is not yet supported, one must +build those bootstrap binaries, and update the @code{(gnu packages +bootstrap)} module to use them on that platform. + +Fortunately, Guix can @emph{cross compile} those bootstrap binaries. When +everything goes well, and assuming the GNU tool chain supports the target +platform, this can be as simple as running a command like this one: + +@example +guix build --target=armv5tel-linux-gnueabi bootstrap-tarballs +@end example + +For this to work, the @code{glibc-dynamic-linker} procedure in @code{(gnu +packages bootstrap)} must be augmented to return the right file name for +libc's dynamic linker on that platform; likewise, +@code{system->linux-architecture} in @code{(gnu packages linux)} must be +taught about the new platform. + +Once these are built, the @code{(gnu packages bootstrap)} module needs to be +updated to refer to these binaries on the target platform. That is, the +hashes and URLs of the bootstrap tarballs for the new platform must be added +alongside those of the currently supported platforms. The bootstrap Guile +tarball is treated specially: it is expected to be available locally, and +@file{gnu/local.mk} has rules do download it for the supported +architectures; a rule for the new platform must be added as well. + +In practice, there may be some complications. First, it may be that the +extended GNU triplet that specifies an ABI (like the @code{eabi} suffix +above) is not recognized by all the GNU tools. Typically, glibc recognizes +some of these, whereas GCC uses an extra @code{--with-abi} configure flag +(see @code{gcc.scm} for examples of how to handle this). Second, some of +the required packages could fail to build for that platform. Lastly, the +generated binaries could be broken for some reason. + +@c ********************************************************************* +@include contributing.fr.texi + +@c ********************************************************************* +@node Remerciements +@chapter Remerciements + +Guix is based on the @uref{http://nixos.org/nix/, Nix package manager}, +which was designed and implemented by Eelco Dolstra, with contributions from +other people (see the @file{nix/AUTHORS} file in Guix.) Nix pioneered +functional package management, and promoted unprecedented features, such as +transactional package upgrades and rollbacks, per-user profiles, and +referentially transparent build processes. Without this work, Guix would +not exist. + +The Nix-based software distributions, Nixpkgs and NixOS, have also been an +inspiration for Guix. + +GNU@tie{}Guix itself is a collective work with contributions from a number +of people. See the @file{AUTHORS} file in Guix for more information on +these fine people. The @file{THANKS} file lists people who have helped by +reporting bugs, taking care of the infrastructure, providing artwork and +themes, making suggestions, and more---thank you! + + +@c ********************************************************************* +@node La licence GNU Free Documentation +@appendix La licence GNU Free Documentation +@cindex license, GNU Free Documentation License +@include fdl-1.3.texi + +@c ********************************************************************* +@node Index des concepts +@unnumbered Index des concepts +@printindex cp + +@node Index de programmation +@unnumbered Index de programmation +@syncodeindex tp fn +@syncodeindex vr fn +@printindex fn + +@bye + +@c Local Variables: +@c ispell-local-dictionary: "american"; +@c End: diff --git a/doc/local.mk b/doc/local.mk index 79dd7e22dc..64d18e121a 100644 --- a/doc/local.mk +++ b/doc/local.mk @@ -21,7 +21,8 @@ # You should have received a copy of the GNU General Public License # along with GNU Guix. If not, see . -info_TEXINFOS = %D%/guix.texi +info_TEXINFOS = %D%/guix.texi \ + %D%/guix.fr.texi %C%_guix_TEXINFOS = \ %D%/contributing.texi \ @@ -52,7 +53,9 @@ OS_CONFIG_EXAMPLES_TEXI = \ %D%/os-config-desktop.texi \ %D%/os-config-lightweight-desktop.texi -TRANSLATED_INFO = +TRANSLATED_INFO = \ + %D%/guix.fr.texi \ + %D%/contributing.fr.texi # Bundle this file so that makeinfo finds it in out-of-source-tree builds. BUILT_SOURCES += $(OS_CONFIG_EXAMPLES_TEXI) $(TRANSLATED_INFO) diff --git a/po/doc/contributing.fr.po b/po/doc/contributing.fr.po new file mode 100644 index 0000000000..610013ed5c --- /dev/null +++ b/po/doc/contributing.fr.po @@ -0,0 +1,1220 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Free Software Foundation, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: \n" +"POT-Creation-Date: 2018-04-10 21:34+0200\n" +"PO-Revision-Date: 2018-04-19 18:50+0200\n" +"Last-Translator: Julien Lepiller \n" +"Language-Team: \n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 2.0.6\n" + +#. type: chapter +#: doc/contributing.texi:1 doc/contributing.texi:2 +#, no-wrap +msgid "Contributing" +msgstr "Contribuer" + +#. type: Plain text +#: doc/contributing.texi:9 +msgid "" +"This project is a cooperative effort, and we need your help to make it grow! " +"Please get in touch with us on @email{guix-devel@@gnu.org} and @code{#guix} on " +"the Freenode IRC network. We welcome ideas, bug reports, patches, and " +"anything that may be helpful to the project. We particularly welcome help on " +"packaging (@pxref{Packaging Guidelines})." +msgstr "" +"Ce projet est un effort coopératif et nous avons besoin de votre aide pour le " +"faire grandir ! Contactez-nous sur @email{guix-devel@@gnu.org} et @code{#guix} " +"sur le réseau IRC Freenode. Nous accueillons les idées, les rapports de " +"bogues, les correctifs et tout ce qui pourrait aider le projet. Nous " +"apprécions particulièrement toute aide sur la création de paquets " +"(@pxref{Consignes d'empaquetage})." + +#. type: cindex +#: doc/contributing.texi:10 +#, no-wrap +msgid "code of conduct, of contributors" +msgstr "code de conduite, des contributeurs" + +#. type: cindex +#: doc/contributing.texi:11 +#, no-wrap +msgid "contributor covenant" +msgstr "convention de contribution" + +#. type: Plain text +#: doc/contributing.texi:17 +msgid "" +"We want to provide a warm, friendly, and harassment-free environment, so that " +"anyone can contribute to the best of their abilities. To this end our project " +"uses a ``Contributor Covenant'', which was adapted from @url{http://" +"contributor-covenant.org/}. You can find a local version in the @file{CODE-OF-" +"CONDUCT} file in the source tree." +msgstr "" +"Nous souhaitons fournir un environnement chaleureux, amical et sans " +"harcèlement pour que tout le monde puisse contribuer au mieux de ses " +"capacités. Pour cela notre projet a une « Convention de contribution » adaptée " +"de @url{http://contributor-covenant.org/}. Vous pouvez trouver une version " +"locale dans le fichier @file{CODE-OF-CONDUCT} dans l'arborescence des sources." + +#. type: Plain text +#: doc/contributing.texi:21 +msgid "" +"Contributors are not required to use their legal name in patches and on-line " +"communication; they can use any name or pseudonym of their choice." +msgstr "" +"Les contributeurs n'ont pas besoin d'utiliser leur nom légal dans leurs " +"correctifs et leurs communications en ligne ; ils peuvent utiliser n'importe " +"quel nom ou pseudonyme de leur choix." + +#. type: section +#: doc/contributing.texi:28 doc/contributing.texi:30 doc/contributing.texi:31 +#, no-wrap +msgid "Building from Git" +msgstr "Construire depuis Git" + +#. type: menuentry +#: doc/contributing.texi:28 +msgid "The latest and greatest." +msgstr "" + +#. type: section +#: doc/contributing.texi:28 doc/contributing.texi:102 doc/contributing.texi:103 +#, no-wrap +msgid "Running Guix Before It Is Installed" +msgstr "Lancer Guix avant qu'il ne soit installé" + +#. type: menuentry +#: doc/contributing.texi:28 +msgid "Hacker tricks." +msgstr "Astuces pour les hackers." + +#. type: section +#: doc/contributing.texi:28 doc/contributing.texi:169 doc/contributing.texi:170 +#, no-wrap +msgid "The Perfect Setup" +msgstr "La configuration parfaite" + +#. type: menuentry +#: doc/contributing.texi:28 +msgid "The right tools." +msgstr "Les bons outils." + +#. type: section +#: doc/contributing.texi:28 doc/contributing.texi:228 doc/contributing.texi:229 +#, no-wrap +msgid "Coding Style" +msgstr "Style de code" + +#. type: menuentry +#: doc/contributing.texi:28 +msgid "Hygiene of the contributor." +msgstr "Hygiène du contributeur." + +#. type: section +#: doc/contributing.texi:28 doc/contributing.texi:319 doc/contributing.texi:320 +#, no-wrap +msgid "Submitting Patches" +msgstr "Envoyer des correctifs" + +#. type: menuentry +#: doc/contributing.texi:28 +msgid "Share your work." +msgstr "Partager votre travail." + +#. type: Plain text +#: doc/contributing.texi:35 +msgid "" +"If you want to hack Guix itself, it is recommended to use the latest version " +"from the Git repository:" +msgstr "" +"Si vous souhaitez travailler sur Guix lui-même, il est recommandé d'utiliser " +"la dernière version du dépôt Git :" + +#. type: example +#: doc/contributing.texi:38 +#, no-wrap +msgid "git clone https://git.savannah.gnu.org/git/guix.git\n" +msgstr "git clone https://git.savannah.gnu.org/git/guix.git\n" + +#. type: Plain text +#: doc/contributing.texi:43 +msgid "" +"When building Guix from a checkout, the following packages are required in " +"addition to those mentioned in the installation instructions " +"(@pxref{Requirements})." +msgstr "" +"Lors de la construction de Guix depuis un extrait, les paquets suivants sont " +"requis en plus de ceux mentionnés dans les instructions d'installation " +"(@pxref{Prérequis})." + +#. type: item +#: doc/contributing.texi:45 +#, no-wrap +msgid "@url{http://gnu.org/software/autoconf/, GNU Autoconf};" +msgstr "@url{http://gnu.org/software/autoconf/, GNU Autoconf};" + +#. type: item +#: doc/contributing.texi:46 +#, no-wrap +msgid "@url{http://gnu.org/software/automake/, GNU Automake};" +msgstr "@url{http://gnu.org/software/automake/, GNU Automake};" + +#. type: item +#: doc/contributing.texi:47 +#, no-wrap +msgid "@url{http://gnu.org/software/gettext/, GNU Gettext};" +msgstr "@url{http://gnu.org/software/gettext/, GNU Gettext};" + +#. type: item +#: doc/contributing.texi:48 +#, no-wrap +msgid "@url{http://gnu.org/software/texinfo/, GNU Texinfo};" +msgstr "@url{http://gnu.org/software/texinfo/, GNU Texinfo};" + +#. type: item +#: doc/contributing.texi:49 +#, no-wrap +msgid "@url{http://www.graphviz.org/, Graphviz};" +msgstr "@url{http://www.graphviz.org/, Graphviz};" + +#. type: item +#: doc/contributing.texi:50 +#, no-wrap +msgid "@url{http://www.gnu.org/software/help2man/, GNU Help2man (optional)}." +msgstr "@url{http://www.gnu.org/software/help2man/, GNU Help2man (facultatif)}." + +#. type: Plain text +#: doc/contributing.texi:57 +msgid "" +"The easiest way to set up a development environment for Guix is, of course, by " +"using Guix! The following command starts a new shell where all the " +"dependencies and appropriate environment variables are set up to hack on Guix:" +msgstr "" +"La manière la plus simple de configurer un environnement de développement pour " +"Guix est, bien sûr, d'utiliser Guix ! La commande suivante démarre un nouveau " +"shell où toutes les dépendances et les variables d'environnements appropriées " +"sont configurés pour travailler sur Guix :" + +#. type: example +#: doc/contributing.texi:60 +#, no-wrap +msgid "guix environment guix\n" +msgstr "guix environment guix\n" + +#. type: Plain text +#: doc/contributing.texi:64 +msgid "" +"@xref{Invoking guix environment}, for more information on that command. Extra " +"dependencies can be added with @option{--ad-hoc}:" +msgstr "" +"@xref{Invoquer guix environment}, pour plus d'information sur cette commande. " +"On peut ajouter des dépendances supplémentaires avec @option{--ad-hoc} :" + +#. type: example +#: doc/contributing.texi:67 +#, no-wrap +msgid "guix environment guix --ad-hoc help2man git strace\n" +msgstr "guix environment guix --ad-hoc help2man git strace\n" + +#. type: Plain text +#: doc/contributing.texi:71 +msgid "" +"Run @command{./bootstrap} to generate the build system infrastructure using " +"Autoconf and Automake. If you get an error like this one:" +msgstr "" +"Lancez @command{./bootstrap} pour générer l'infrastructure du système de " +"construction avec Autoconf et Automake. Si vous avez une erreur comme :" + +#. type: example +#: doc/contributing.texi:74 +#, no-wrap +msgid "configure.ac:46: error: possibly undefined macro: PKG_CHECK_MODULES\n" +msgstr "configure.ac:46: error: possibly undefined macro: PKG_CHECK_MODULES\n" + +#. type: Plain text +#: doc/contributing.texi:83 +msgid "" +"it probably means that Autoconf couldn’t find @file{pkg.m4}, which is provided " +"by pkg-config. Make sure that @file{pkg.m4} is available. The same holds for " +"the @file{guile.m4} set of macros provided by Guile. For instance, if you " +"installed Automake in @file{/usr/local}, it wouldn’t look for @file{.m4} files " +"in @file{/usr/share}. In that case, you have to invoke the following command:" +msgstr "" +"cela signifie probablement qu'Autoconf n'a pas pu trouver @file{pkg.m4} qui " +"est fournit par pkg-config. Assurez-vous que @file{pkg.m4} est disponible. " +"C'est aussi vrai pour l'ensemble de macros de @file{guile.m4} fournies par " +"Guile. Par exemple, si vous avez installé Automake dans @file{/usr/local}, il " +"ne cherchera pas les fichiers @file{.m4} dans @file{/usr/share}. Dans ce case " +"vous devez invoquer la commande suivante :" + +#. type: example +#: doc/contributing.texi:86 +#, no-wrap +msgid "export ACLOCAL_PATH=/usr/share/aclocal\n" +msgstr "export ACLOCAL_PATH=/usr/share/aclocal\n" + +#. type: Plain text +#: doc/contributing.texi:90 +msgid "" +"@xref{Macro Search Path,,, automake, The GNU Automake Manual}, for more " +"information." +msgstr "" +"@xref{Macro Search Path,,, automake, The GNU Automake Manual}, pour plus " +"d'information." + +#. type: Plain text +#: doc/contributing.texi:95 +msgid "" +"Then, run @command{./configure} as usual. Make sure to pass @code{--" +"localstatedir=@var{directory}} where @var{directory} is the " +"@code{localstatedir} value used by your current installation (@pxref{The " +"Store}, for information about this)." +msgstr "" +"Ensuite, lancez @command{./configure} comme d'habitude. Assurez-vous de passer " +"@code{--localstatedir=@var{directory}} où @var{directory} est la valeur " +"@code{localstatedir} utilisée par votre installation actuelle (@pxref{Le " +"dépôt} pour plus d'informations à ce propos)." + +#. type: Plain text +#: doc/contributing.texi:100 +msgid "" +"Finally, you have to invoke @code{make check} to run tests (@pxref{Running the " +"Test Suite}). If anything fails, take a look at installation instructions " +"(@pxref{Installation}) or send a message to the @email{guix-devel@@gnu.org, " +"mailing list}." +msgstr "" +"Finalement, vous devez invoquer @code{make check} pour lancer les tests " +"(@pxref{Lancer la suite de tests}). Si quelque chose échoue, jetez un œil aux " +"instructions d'installation (@pxref{Installation}) ou envoyez un message à la " +"list @email{guix-devel@@gnu.org}." + +#. type: Plain text +#: doc/contributing.texi:109 +msgid "" +"In order to keep a sane working environment, you will find it useful to test " +"the changes made in your local source tree checkout without actually " +"installing them. So that you can distinguish between your ``end-user'' hat " +"and your ``motley'' costume." +msgstr "" +"Pour garder un environnement de travail sain, il est utile de tester les " +"changement localement sans les installer pour de vrai. Pour pouvoir distinguer " +"votre rôle « d'utilisateur final » de celui parfois haut en couleur de « " +"développeur »." + +#. type: Plain text +#: doc/contributing.texi:117 +msgid "" +"To that end, all the command-line tools can be used even if you have not run " +"@code{make install}. To do that, prefix each command with @command{./pre-inst-" +"env} (the @file{pre-inst-env} script lives in the top build tree of Guix), as " +"in@footnote{The @option{-E} flag to @command{sudo} guarantees that " +"@code{GUILE_LOAD_PATH} is correctly set such that @command{guix-daemon} and " +"the tools it uses can find the Guile modules they need.}:" +msgstr "" +"Pour cela, tous les outils en ligne de commande sont utilisables même sans " +"avoir lancé @code{make install}. Vous devez pour cela préfixer chaque commande " +"par @command{./pre-inst-env} (le script @file{pre-inst-env} se trouve dans le " +"répertoire de plus haut niveau de l'arborescence des sources de Guix) comme " +"cela@footnote{L'option @option{-E} de @command{sudo} garantie que " +"@code{GUILE_LOAD_PATH} est bien paramétré pour @command{guix-daemon} et les " +"outils qu'il utilise puissent trouver les modules Guile dont ils ont besoin.} :" + +#. type: example +#: doc/contributing.texi:121 +#, no-wrap +msgid "" +"$ sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild\n" +"$ ./pre-inst-env guix build hello\n" +msgstr "" +"$ sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild\n" +"$ ./pre-inst-env guix build hello\n" + +#. type: Plain text +#: doc/contributing.texi:125 +msgid "Similarly, for a Guile session using the Guix modules:" +msgstr "De même, pour une session Guile qui utilise les modules Guix :" + +#. type: example +#: doc/contributing.texi:128 +#, no-wrap +msgid "" +"$ ./pre-inst-env guile -c '(use-modules (guix utils)) (pk (%current-system))'\n" +"\n" +msgstr "" +"$ ./pre-inst-env guile -c '(use-modules (guix utils)) (pk (%current-system))'\n" +"\n" + +#. type: example +#: doc/contributing.texi:130 +#, no-wrap +msgid ";;; (\"x86_64-linux\")\n" +msgstr ";;; (\"x86_64-linux\")\n" + +#. type: cindex +#: doc/contributing.texi:133 +#, no-wrap +msgid "REPL" +msgstr "REPL" + +#. type: cindex +#: doc/contributing.texi:134 +#, no-wrap +msgid "read-eval-print loop" +msgstr "read-eval-print loop" + +#. type: Plain text +#: doc/contributing.texi:137 +msgid "" +"@dots{} and for a REPL (@pxref{Using Guile Interactively,,, guile, Guile " +"Reference Manual}):" +msgstr "" +"@dots{} et pour un REPL (@pxref{Using Guile Interactively,,, guile, Guile " +"Reference Manual})" + +#. type: example +#: doc/contributing.texi:152 +#, no-wrap +msgid "" +"$ ./pre-inst-env guile\n" +"scheme@@(guile-user)> ,use(guix)\n" +"scheme@@(guile-user)> ,use(gnu)\n" +"scheme@@(guile-user)> (define snakes\n" +" (fold-packages\n" +" (lambda (package lst)\n" +" (if (string-prefix? \"python\"\n" +" (package-name package))\n" +" (cons package lst)\n" +" lst))\n" +" '()))\n" +"scheme@@(guile-user)> (length snakes)\n" +"$1 = 361\n" +msgstr "" +"$ ./pre-inst-env guile\n" +"scheme@@(guile-user)> ,use(guix)\n" +"scheme@@(guile-user)> ,use(gnu)\n" +"scheme@@(guile-user)> (define snakes\n" +" (fold-packages\n" +" (lambda (package lst)\n" +" (if (string-prefix? \"python\"\n" +" (package-name package))\n" +" (cons package lst)\n" +" lst))\n" +" '()))\n" +"scheme@@(guile-user)> (length snakes)\n" +"$1 = 361\n" + +#. type: Plain text +#: doc/contributing.texi:156 +msgid "" +"The @command{pre-inst-env} script sets up all the environment variables " +"necessary to support this, including @env{PATH} and @env{GUILE_LOAD_PATH}." +msgstr "" +"Le script @command{pre-inst-env} paramètre toutes les variables " +"d'environnement nécessaires, dont @env{PATH} et @env{GUILE_LOAD_PATH}." + +#. type: Plain text +#: doc/contributing.texi:167 +msgid "" +"Note that @command{./pre-inst-env guix pull} does @emph{not} upgrade the local " +"source tree; it simply updates the @file{~/.config/guix/latest} symlink " +"(@pxref{Invoking guix pull}). Run @command{git pull} instead if you want to " +"upgrade your local source tree.@footnote{If you would like to set up " +"@command{guix} to use your Git checkout, you can point the @file{~/.config/" +"guix/latest} symlink to your Git checkout directory. If you are the sole user " +"of your system, you may also consider pointing the @file{/root/.config/guix/" +"latest} symlink to point to @file{~/.config/guix/latest}; this way it will " +"always use the same @command{guix} as your user does.}" +msgstr "" +"Remarquez que @command{./pre-inst-env guix pull} ne met @emph{pas} à jour " +"l'arborescence des sources locale ; il met seulement à jour le lien symbolique " +"@file{~/.config/guix/latest} (@pxref{Invoquer guix pull}). Lancez @command{git " +"pull} à la place si vous voulez mettre à jour votre arborescence des sources " +"locale@footnote{Si vous voulez paramétrer @command{guix} pour qu'il utilise " +"votre dépôt Git, vous pouvez faire pointer le lien symbolique @file{~/.config/" +"guix/latest} vers le répertoire contenant ce dépôt. Si vous le seul " +"utilisateur du système, vous pouvez aussi considérer faire pointer le lien " +"symbolique @file{/root/.config/guix/latest} vers @file{~/.config/guix/" +"latest} ; comme ça root aura toujours la même commande @command{guix} que " +"votre utilisateur}." + +#. type: Plain text +#: doc/contributing.texi:177 +msgid "" +"The Perfect Setup to hack on Guix is basically the perfect setup used for " +"Guile hacking (@pxref{Using Guile in Emacs,,, guile, Guile Reference " +"Manual}). First, you need more than an editor, you need @url{http://www.gnu." +"org/software/emacs, Emacs}, empowered by the wonderful @url{http://nongnu.org/" +"geiser/, Geiser}." +msgstr "" +"La configuration parfaite pour travailler sur Guix est simplement la " +"configuration parfaite pour travailler en Guile (@pxref{Using Guile in " +"Emacs,,, guile, Guile Reference Manual}). Tout d'abord, vous avez besoin de " +"mieux qu'un éditeur de texte, vous avez besoin de @url{http://www.gnu.org/" +"software/emacs, Emacs}, amélioré par le superbe @url{http://nongnu.org/" +"geiser/, Geiser}." + +#. type: Plain text +#: doc/contributing.texi:185 +msgid "" +"Geiser allows for interactive and incremental development from within Emacs: " +"code compilation and evaluation from within buffers, access to on-line " +"documentation (docstrings), context-sensitive completion, @kbd{M-.} to jump to " +"an object definition, a REPL to try out your code, and more " +"(@pxref{Introduction,,, geiser, Geiser User Manual}). For convenient Guix " +"development, make sure to augment Guile’s load path so that it finds source " +"files from your checkout:" +msgstr "" +"Geiser permet le développement interactif et incrémental depuis Emacs : la " +"compilation du code et son évaluation depuis les buffers, l'accès à la " +"documentation en ligne (docstrings), la complétion sensible au contexte, " +"@kbd{M-.} pour sauter à la définition d'un objet, un REPL pour tester votre " +"code, et bien plus (@pxref{Introduction,,, geiser, Geiser User Manual}). Pour " +"travailler confortablement sur Guix, assurez-vous de modifier le chemin de " +"chargement de Guile pour qu'il trouve les fichiers source de votre dépôt :" + +#. type: lisp +#: doc/contributing.texi:190 +#, no-wrap +msgid "" +";; @r{Assuming the Guix checkout is in ~/src/guix.}\n" +"(with-eval-after-load 'geiser-guile\n" +" (add-to-list 'geiser-guile-load-path \"~/src/guix\"))\n" +msgstr "" +";; @r{Si l'extrait est dans ~/src/guix.}\n" +"(with-eval-after-load 'geiser-guile\n" +" (add-to-list 'geiser-guile-load-path \"~/src/guix\"))\n" + +#. type: Plain text +#: doc/contributing.texi:198 +msgid "" +"To actually edit the code, Emacs already has a neat Scheme mode. But in " +"addition to that, you must not miss @url{http://www.emacswiki.org/emacs/" +"ParEdit, Paredit}. It provides facilities to directly operate on the syntax " +"tree, such as raising an s-expression or wrapping it, swallowing or rejecting " +"the following s-expression, etc." +msgstr "" + +#. type: cindex +#: doc/contributing.texi:199 +#, no-wrap +msgid "code snippets" +msgstr "extraits de code" + +#. type: cindex +#: doc/contributing.texi:200 +#, no-wrap +msgid "templates" +msgstr "modèles" + +#. type: cindex +#: doc/contributing.texi:201 +#, no-wrap +msgid "reducing boilerplate" +msgstr "réduire la quantité de code commun" + +#. type: Plain text +#: doc/contributing.texi:208 +msgid "" +"We also provide templates for common git commit messages and package " +"definitions in the @file{etc/snippets} directory. These templates can be used " +"with @url{http://joaotavora.github.io/yasnippet/, YASnippet} to expand short " +"trigger strings to interactive text snippets. You may want to add the " +"snippets directory to the @var{yas-snippet-dirs} variable in Emacs." +msgstr "" +"Nous fournissons aussi des modèles pour les messages de commit git communs et " +"les définitions de paquets dans le répertoire @file{etc/snippets}. Ces modèles " +"s'utilisent avec @url{http://joaotavora.github.io/yasnippet/, YASnippet} pour " +"développer des chaînes courtes de déclenchement en extraits de texte " +"interactifs. Vous pouvez ajouter le répertoire des modèles dans la variables " +"@var{yas-snippet-dirs} d'Emacs." + +#. type: lisp +#: doc/contributing.texi:213 +#, no-wrap +msgid "" +";; @r{Assuming the Guix checkout is in ~/src/guix.}\n" +"(with-eval-after-load 'yasnippet\n" +" (add-to-list 'yas-snippet-dirs \"~/src/guix/etc/snippets\"))\n" +msgstr "" +";; @r{Si l'extrait est dans ~/src/guix.}\n" +"(with-eval-after-load 'yasnippet\n" +" (add-to-list 'yas-snippet-dirs \"~/src/guix/etc/snippets\"))\n" + +#. type: Plain text +#: doc/contributing.texi:220 +msgid "" +"The commit message snippets depend on @url{https://magit.vc/, Magit} to " +"display staged files. When editing a commit message type @code{add} followed " +"by @kbd{TAB} to insert a commit message template for adding a package; type " +"@code{update} followed by @kbd{TAB} to insert a template for updating a " +"package." +msgstr "" +"Les extraits de messages de commit dépendent de @url{https://magit.vc/, Magit} " +"pour afficher les fichiers sélectionnés. Lors de la modification d'un message " +"de commit, tapez @code{add} suivi de @kbd{TAB} pour insérer un modèle de " +"message de commit pour ajouter un paquet ; tapez @code{update} suivi de " +"@kbd{TAB} pour insérer un modèle pour la mise à jour d'un paquet." + +#. type: Plain text +#: doc/contributing.texi:226 +msgid "" +"The main snippet for @code{scheme-mode} is triggered by typing " +"@code{package...} followed by @kbd{TAB}. This snippet also inserts the " +"trigger string @code{origin...}, which can be expanded further. The " +"@code{origin} snippet in turn may insert other trigger strings ending on " +"@code{...}, which also can be expanded further." +msgstr "" +"L'extrait principal pour @code{scheme-mode} est lancé en tapant " +"@code{package…} suivi par @kbd{TAB}. Cet extrait insère aussi la chaîne de " +"déclenchement @code{origin…}, qui peut aussi être étendue. L'extrait " +"@code{origin} lui-même peut aussi insérer des chaînes de déclenchement qui " +"finissent sur @code{…}, qui peuvent aussi être étendues." + +#. type: Plain text +#: doc/contributing.texi:234 +msgid "" +"In general our code follows the GNU Coding Standards (@pxref{Top,,, standards, " +"GNU Coding Standards}). However, they do not say much about Scheme, so here " +"are some additional rules." +msgstr "" +"En général notre code suit le Standard de Code GNU (@pxref{Top,,, standards, " +"GNU Coding Standards}). Cependant, il ne parle pas beaucoup de Scheme, donc " +"voici quelques règles supplémentaires." + +#. type: subsection +#: doc/contributing.texi:240 doc/contributing.texi:242 doc/contributing.texi:243 +#, no-wrap +msgid "Programming Paradigm" +msgstr "Paradigme de programmation" + +#. type: menuentry +#: doc/contributing.texi:240 +msgid "How to compose your elements." +msgstr "Comment composer vos éléments." + +#. type: subsection +#: doc/contributing.texi:240 doc/contributing.texi:249 doc/contributing.texi:250 +#, no-wrap +msgid "Modules" +msgstr "Modules" + +#. type: menuentry +#: doc/contributing.texi:240 +msgid "Where to store your code?" +msgstr "Où stocker votre code ?" + +#. type: subsection +#: doc/contributing.texi:240 doc/contributing.texi:260 doc/contributing.texi:261 +#, no-wrap +msgid "Data Types and Pattern Matching" +msgstr "Types de données et reconnaissance de motif" + +#. type: menuentry +#: doc/contributing.texi:240 +msgid "Implementing data structures." +msgstr "Implémenter des structures de données." + +#. type: subsection +#: doc/contributing.texi:240 doc/contributing.texi:274 doc/contributing.texi:275 +#, no-wrap +msgid "Formatting Code" +msgstr "Formatage du code" + +#. type: menuentry +#: doc/contributing.texi:240 +msgid "Writing conventions." +msgstr "Conventions d'écriture." + +#. type: Plain text +#: doc/contributing.texi:248 +msgid "" +"Scheme code in Guix is written in a purely functional style. One exception is " +"code that involves input/output, and procedures that implement low-level " +"concepts, such as the @code{memoize} procedure." +msgstr "" +"Le code Scheme dans Guix est écrit dans un style purement fonctionnel. Le code " +"qui s'occupe des entrées-sorties est une exception ainsi que les procédures " +"qui implémentent des concepts bas-niveau comme la procédure @code{memoize}." + +#. type: Plain text +#: doc/contributing.texi:256 +msgid "" +"Guile modules that are meant to be used on the builder side must live in the " +"@code{(guix build @dots{})} name space. They must not refer to other Guix or " +"GNU modules. However, it is OK for a ``host-side'' module to use a build-side " +"module." +msgstr "" +"Les modules Guile qui sont sensés être utilisés du côté de la construction " +"doivent se trouver dans l'espace de nom @code{(guix build @dots{})}. Ils ne " +"doivent pas se référer à d'autres modules Guix ou GNU. Cependant il est " +"correct pour un module « côté hôte » de dépendre d'un module coté construction." + +#. type: Plain text +#: doc/contributing.texi:259 +msgid "" +"Modules that deal with the broader GNU system should be in the @code{(gnu " +"@dots{})} name space rather than @code{(guix @dots{})}." +msgstr "" +"Les modules qui s'occupent du système GNU général devraient se trouver dans " +"l'espace de nom @code{(gnu @dots{})} plutôt que @code{(guix @dots{})}." + +#. type: Plain text +#: doc/contributing.texi:268 +msgid "" +"The tendency in classical Lisp is to use lists to represent everything, and " +"then to browse them ``by hand'' using @code{car}, @code{cdr}, @code{cadr}, and " +"co. There are several problems with that style, notably the fact that it is " +"hard to read, error-prone, and a hindrance to proper type error reports." +msgstr "" +"La tendance en Lisp classique est d'utiliser des listes pour tout représenter " +"et de naviguer dedans « à la main ( avec @code{car}, @code{cdr}, @code{cadr} " +"et compagnie. Il y a plusieurs problèmes avec ce style, notamment le fait " +"qu'il soit dur à lire, source d'erreur et un obstacle aux rapports d'erreur " +"bien typés." + +#. type: Plain text +#: doc/contributing.texi:273 +msgid "" +"Guix code should define appropriate data types (for instance, using " +"@code{define-record-type*}) rather than abuse lists. In addition, it should " +"use pattern matching, via Guile’s @code{(ice-9 match)} module, especially when " +"matching lists." +msgstr "" +"Le code de Guix devrait définir des types de données appropriées (par exemple, " +"avec @code{define-record-type*}) plutôt que d'abuser des listes. En plus, il " +"devrait utiliser la recherche de motifs, via le module Guile @code{(ice-9 " +"match)}, surtout pour rechercher dans des listes." + +#. type: cindex +#: doc/contributing.texi:277 +#, no-wrap +msgid "formatting code" +msgstr "formater le code" + +#. type: cindex +#: doc/contributing.texi:278 +#, no-wrap +msgid "coding style" +msgstr "style de code" + +#. type: Plain text +#: doc/contributing.texi:285 +msgid "" +"When writing Scheme code, we follow common wisdom among Scheme programmers. " +"In general, we follow the @url{http://mumble.net/~campbell/scheme/style.txt, " +"Riastradh's Lisp Style Rules}. This document happens to describe the " +"conventions mostly used in Guile’s code too. It is very thoughtful and well " +"written, so please do read it." +msgstr "" +"Lorsque nous écrivons du code Scheme, nous suivons la sagesse commune aux " +"programmeurs Scheme. En général, nous suivons les @url{http://mumble.net/" +"~campbell/scheme/style.txt, règles de style de Riastradh}. Ce document décrit " +"aussi les conventions utilisées dans le code de Guile. Il est bien pensé et " +"bien écrit, alors n'hésitez pas à le lire." + +#. type: Plain text +#: doc/contributing.texi:292 +msgid "" +"Some special forms introduced in Guix, such as the @code{substitute*} macro, " +"have special indentation rules. These are defined in the @file{.dir-locals." +"el} file, which Emacs automatically uses. Also note that Emacs-Guix provides " +"@code{guix-devel-mode} mode that indents and highlights Guix code properly " +"(@pxref{Development,,, emacs-guix, The Emacs-Guix Reference Manual})." +msgstr "" +"Certaines formes spéciales introduites dans Guix comme la macro " +"@code{substitute*} ont des règles d'indentation spécifiques. Elles sont " +"définies dans le fichier @file{.dir-locals.el} qu'Emacs utilise " +"automatiquement. Remarquez aussi qu'Emacs-Guix fournit le mode @code{guix-" +"devel-mode} qui indente et colore le code Guix correctement " +"(@pxref{Development,,, emacs-guix, The Emacs-Guix Reference Manual})." + +#. type: cindex +#: doc/contributing.texi:293 +#, no-wrap +msgid "indentation, of code" +msgstr "indentation, du code" + +#. type: cindex +#: doc/contributing.texi:294 +#, no-wrap +msgid "formatting, of code" +msgstr "formatage, du code" + +#. type: Plain text +#: doc/contributing.texi:297 +msgid "" +"If you do not use Emacs, please make sure to let your editor knows these " +"rules. To automatically indent a package definition, you can also run:" +msgstr "" +"Si vous n'utilisez pas Emacs, assurez-vous que votre éditeur connaisse ces " +"règles. Pour indenter automatiquement une définition de paquet, vous pouvez " +"aussi lancer :" + +#. type: example +#: doc/contributing.texi:300 +#, no-wrap +msgid "./etc/indent-code.el gnu/packages/@var{file}.scm @var{package}\n" +msgstr "./etc/indent-code.el gnu/packages/@var{file}.scm @var{package}\n" + +#. type: Plain text +#: doc/contributing.texi:306 +msgid "" +"This automatically indents the definition of @var{package} in @file{gnu/" +"packages/@var{file}.scm} by running Emacs in batch mode. To indent a whole " +"file, omit the second argument:" +msgstr "" +"Cela indente automatiquement la définition de @var{package} dans @file{gnu/" +"packages/@var{file}.scm} en lançant Emacs en mode commande. Pour indenter un " +"fichier complet, n'indiquez pas de second argument :" + +#. type: example +#: doc/contributing.texi:309 +#, no-wrap +msgid "./etc/indent-code.el gnu/services/@var{file}.scm\n" +msgstr "./etc/indent-code.el gnu/services/@var{file}.scm\n" + +#. type: Plain text +#: doc/contributing.texi:314 +msgid "" +"We require all top-level procedures to carry a docstring. This requirement " +"can be relaxed for simple private procedures in the @code{(guix build " +"@dots{})} name space, though." +msgstr "" +"Nous demandons que toutes les procédure de premier niveau contiennent une " +"chaîne de documentation. Ce pré-requis peut être relâché pour les procédures " +"privées simples dans l'espace de nom @code{(guix build @dots{})} cependant." + +#. type: Plain text +#: doc/contributing.texi:317 +msgid "" +"Procedures should not have more than four positional parameters. Use keyword " +"parameters for procedures that take more than four parameters." +msgstr "" +"Les procédures ne devraient pas avoir plus de quatre paramètres positionnés. " +"Utilisez des paramètres par mot-clefs pour les procédures qui prennent plus de " +"quatre paramètres." + +#. type: Plain text +#: doc/contributing.texi:326 +msgid "" +"Development is done using the Git distributed version control system. Thus, " +"access to the repository is not strictly necessary. We welcome contributions " +"in the form of patches as produced by @code{git format-patch} sent to the " +"@email{guix-patches@@gnu.org} mailing list." +msgstr "" +"Le développement se fait avec le système de contrôle de version Git. Ainsi, " +"l'accès au dépôt n'est pas strictement nécessaire. Nous accueillons les " +"contributions sous forme de correctifs produits par @code{git format-patch} " +"envoyés sur la liste de diffusion @email{guix-patches@@gnu.org}." + +#. type: Plain text +#: doc/contributing.texi:333 +msgid "" +"This mailing list is backed by a Debbugs instance accessible at @uref{https://" +"bugs.gnu.org/guix-patches}, which allows us to keep track of submissions. " +"Each message sent to that mailing list gets a new tracking number assigned; " +"people can then follow up on the submission by sending email to @code{@var{NNN}" +"@@debbugs.gnu.org}, where @var{NNN} is the tracking number (@pxref{Sending a " +"Patch Series})." +msgstr "" +"Cette liste de diffusion est gérée par une instance Debbugs accessible à " +"l'adresse @uref{https://bugs.gnu.org/guix-patches}, qui nous permet de suivre " +"les soumissions. Chaque message envoyé à cette liste se voit attribuer un " +"numéro de suivi ; les gens peuvent ensuite répondre à cette soumission en " +"envoyant un courriel à @code{@var{NNN}@@debbugs.gnu.org}, où @var{NNN} est le " +"numéro de suivi (@pxref{Envoyer une série de correctifs})." + +#. type: Plain text +#: doc/contributing.texi:337 +msgid "" +"Please write commit logs in the ChangeLog format (@pxref{Change Logs,,, " +"standards, GNU Coding Standards}); you can check the commit history for " +"examples." +msgstr "" +"Veuillez écrire les messages de commit dans le format ChangeLog (@pxref{Change " +"Logs,,, standards, GNU Coding Standards}) ; vous pouvez regarder l'historique " +"des commits pour trouver des exemples." + +#. type: Plain text +#: doc/contributing.texi:340 +msgid "" +"Before submitting a patch that adds or modifies a package definition, please " +"run through this check list:" +msgstr "" +"Avant de soumettre un correctif qui ajoute ou modifie la définition d'un " +"paquet, veuillez vérifier cette check-list :" + +#. type: enumerate +#: doc/contributing.texi:347 +msgid "" +"If the authors of the packaged software provide a cryptographic signature for " +"the release tarball, make an effort to verify the authenticity of the " +"archive. For a detached GPG signature file this would be done with the " +"@code{gpg --verify} command." +msgstr "" +"Si les auteurs du paquet logiciel fournissent une signature cryptographique " +"pour l'archive, faîtes un effort pour vérifier l'authenticité de l'archive. " +"Pour un fichier de signature GPG détaché, cela se fait avec la commande " +"@code{gpg --verify}." + +#. type: enumerate +#: doc/contributing.texi:351 +msgid "" +"Take some time to provide an adequate synopsis and description for the " +"package. @xref{Synopses and Descriptions}, for some guidelines." +msgstr "" +"Prenez un peu de temps pour fournir un synopsis et une description adéquats " +"pour le paquet. Voir @xref{Synopsis et descriptions} pour quelques lignes " +"directrices." + +#. type: enumerate +#: doc/contributing.texi:356 +msgid "" +"Run @code{guix lint @var{package}}, where @var{package} is the name of the new " +"or modified package, and fix any errors it reports (@pxref{Invoking guix " +"lint})." +msgstr "" +"Lancez @code{guix lint @var{paquet}}, où @var{paquet} est le nom du nouveau " +"paquet ou du paquet modifié, et corrigez les erreurs qu'il rapporte " +"(@pxref{Invoquer guix lint})." + +#. type: enumerate +#: doc/contributing.texi:360 +msgid "" +"Make sure the package builds on your platform, using @code{guix build " +"@var{package}}." +msgstr "" +"Assurez-vous que le paquet se construise sur votre plate-forme avec @code{guix " +"build @var{paquet}}." + +#. type: cindex +#: doc/contributing.texi:362 +#, no-wrap +msgid "bundling" +msgstr "construction groupée" + +#. type: enumerate +#: doc/contributing.texi:365 +msgid "" +"Make sure the package does not use bundled copies of software already " +"available as separate packages." +msgstr "" +"Assurez-vous que le paquet n'utilise pas de copie groupée d'un logiciel déjà " +"disponible dans un paquet séparé." + +#. type: enumerate +#: doc/contributing.texi:374 +msgid "" +"Sometimes, packages include copies of the source code of their dependencies as " +"a convenience for users. However, as a distribution, we want to make sure " +"that such packages end up using the copy we already have in the distribution, " +"if there is one. This improves resource usage (the dependency is built and " +"stored only once), and allows the distribution to make transverse changes such " +"as applying security updates for a given software package in a single place " +"and have them affect the whole system---something that bundled copies prevent." +msgstr "" +"Parfois, les paquets incluent des copie du code source de leurs dépendances " +"pour le confort de leurs utilisateurs. Cependant, en tant que distribution, " +"nous voulons nous assurer que ces paquets utilisent bien les copient que nous " +"avons déjà dans la distribution si elles existent. Cela améliore l'utilisation " +"des ressources (la dépendance n'est construite et stockée qu'une seule fois) " +"et permet à la distribution de faire des changements transversaux comme " +"appliquer des correctifs de sécurité pour un paquet donné depuis un unique " +"emplacement et qu'ils affectent tout le système, ce qu'empêchent les copies " +"groupées." + +#. type: enumerate +#: doc/contributing.texi:381 +msgid "" +"Take a look at the profile reported by @command{guix size} (@pxref{Invoking " +"guix size}). This will allow you to notice references to other packages " +"unwillingly retained. It may also help determine whether to split the package " +"(@pxref{Packages with Multiple Outputs}), and which optional dependencies " +"should be used." +msgstr "" +"Regardez le profile rapporté par @command{guix size} (@pxref{Invoking guix " +"size}). Cela vous permettra de remarquer des références à d'autres paquets qui " +"ont été retenus. Il peut aussi aider à déterminer s'il faut découper le paquet " +"(@pxref{Des paquets avec plusieurs résultats}) et quelle dépendance facultative " +"utiliser." + +#. type: enumerate +#: doc/contributing.texi:386 +msgid "" +"For important changes, check that dependent package (if applicable) are not " +"affected by the change; @code{guix refresh --list-dependent @var{package}} " +"will help you do that (@pxref{Invoking guix refresh})." +msgstr "" +"Pour les changements important, vérifiez que les paquets qui en dépendent " +"(s'ils existent) ne sont pas affectés par le changement ; @code{guix refresh --" +"list-dependant @var{paquet}} vous aidera (@pxref{Invoquer guix refresh})." + +#. type: cindex +#: doc/contributing.texi:388 +#, no-wrap +msgid "branching strategy" +msgstr "stratégie de branche" + +#. type: cindex +#: doc/contributing.texi:389 +#, no-wrap +msgid "rebuild scheduling strategy" +msgstr "stratégie de planification des reconstructions" + +#. type: enumerate +#: doc/contributing.texi:392 +msgid "" +"Depending on the number of dependent packages and thus the amount of " +"rebuilding induced, commits go to different branches, along these lines:" +msgstr "" +"Suivant le nombre de paquets dépendants et donc le nombre de reconstruction " +"induites, les commits vont vers des branches différentes, suivant ces " +"principes :" + +#. type: item +#: doc/contributing.texi:394 +#, no-wrap +msgid "300 dependent packages or less" +msgstr "300 paquets dépendants ou moins" + +#. type: table +#: doc/contributing.texi:396 +msgid "@code{master} branch (non-disruptive changes)." +msgstr "branche @code{master} (changements non-disruptifs)." + +#. type: item +#: doc/contributing.texi:397 +#, no-wrap +msgid "between 300 and 1,200 dependent packages" +msgstr "entre 300 et 1 200 paquets dépendants" + +#. type: table +#: doc/contributing.texi:402 +msgid "" +"@code{staging} branch (non-disruptive changes). This branch is intended to be " +"merged in @code{master} every 3 weeks or so. Topical changes (e.g., an update " +"of the GNOME stack) can instead go to a specific branch (say, @code{gnome-" +"updates})." +msgstr "" +"branche @code{staging} (changemets non-disruptifs). Cette branche devrait être " +"fusionnées dans @code{master} tous les 3 semaines. Les changements par thèmes " +"(par exemple une mise à jour de la pile GNOME) peuvent aller dans une branche " +"spécifique (disons, @code{gnome-updates})." + +#. type: item +#: doc/contributing.texi:403 +#, no-wrap +msgid "more than 1,200 dependent packages" +msgstr "plus de 1 200 paquets dépendants" + +#. type: table +#: doc/contributing.texi:407 +msgid "" +"@code{core-updates} branch (may include major and potentially disruptive " +"changes). This branch is intended to be merged in @code{master} every 2.5 " +"months or so." +msgstr "" +"branche @code{core-updates} (peut inclure des changements majeurs et " +"potentiellement disruptifs). Cette branche devrait être fusionnée dans " +"@code{master} tous les 2,5 mois environ." + +#. type: enumerate +#: doc/contributing.texi:414 +msgid "" +"All these branches are tracked by our build farm and merged into @code{master} " +"once everything has been successfully built. This allows us to fix issues " +"before they hit users, and to reduce the window during which pre-built " +"binaries are not available." +msgstr "" +"Toutes ces branches sont gérées par notre ferme de construction et fusionnées " +"dans @code{master} une fois que tout a été construit correctement. Cela nous " +"permet de corriger des problèmes avant qu'ils n'atteignent les utilisateurs et " +"réduit la fenêtre pendant laquelle les binaires pré-construits ne sont pas " +"disponibles." + +#. type: cindex +#: doc/contributing.texi:416 +#, no-wrap +msgid "determinism, of build processes" +msgstr "déterminisme, du processus de construction" + +#. type: cindex +#: doc/contributing.texi:417 +#, no-wrap +msgid "reproducible builds, checking" +msgstr "construction reproductibles, vérification" + +#. type: enumerate +#: doc/contributing.texi:421 +msgid "" +"Check whether the package's build process is deterministic. This typically " +"means checking whether an independent build of the package yields the exact " +"same result that you obtained, bit for bit." +msgstr "" +"Vérifiez si le processus de construction du paquet est déterministe. Cela " +"signifie typiquement vérifier qu'une construction indépendante du paquet " +"renvoie exactement le même résultat que vous avez obtenu, bit à bit." + +#. type: enumerate +#: doc/contributing.texi:424 +msgid "" +"A simple way to do that is by building the same package several times in a row " +"on your machine (@pxref{Invoking guix build}):" +msgstr "" +"Une manière simple de le faire est de reconstruire le paquet plusieurs fois à " +"la suite sur votre machine (@pxref{Invoquer guix build}) :" + +#. type: example +#: doc/contributing.texi:427 +#, no-wrap +msgid "guix build --rounds=2 my-package\n" +msgstr "guix build --rounds=2 mon-paquet\n" + +#. type: enumerate +#: doc/contributing.texi:431 +msgid "" +"This is enough to catch a class of common non-determinism issues, such as " +"timestamps or randomly-generated output in the build result." +msgstr "" +"Cela est suffisant pour trouver une classe de non-déterminisme commune, comme " +"l'horodatage ou des sorties générées aléatoirement dans le résultat de la " +"construction." + +#. type: enumerate +#: doc/contributing.texi:441 +msgid "" +"Another option is to use @command{guix challenge} (@pxref{Invoking guix " +"challenge}). You may run it once the package has been committed and built by " +"@code{hydra.gnu.org} to check whether it obtains the same result as you did. " +"Better yet: Find another machine that can build it and run @command{guix " +"publish}. Since the remote build machine is likely different from yours, this " +"can catch non-determinism issues related to the hardware---e.g., use of " +"different instruction set extensions---or to the operating system kernel---e." +"g., reliance on @code{uname} or @file{/proc} files." +msgstr "" +"Une autre option consiste à utiliser @command{guix challenge} (@pxref{Invoquer " +"guix challenge}). Vous pouvez lancer la commande une fois que les paquets ont " +"été commités et construits par @code{hydra.gnu.org} pour vérifier s'il obtient " +"le même résultat que vous. Mieux encore : trouvez une autre machine qui peut " +"le construire et lancez @command{guix publish}. Puis la machine distante est " +"sûrement différente de la vôtre, cela peut trouver des problèmes de non-" +"déterminisme liés au matériel — par exemple utiliser une extension du jeu " +"d'instruction — ou du noyau du système d'exploitation — par exemple se reposer " +"sur @code{uname} ou les fichiers de @file{/proc}." + +#. type: enumerate +#: doc/contributing.texi:447 +msgid "" +"When writing documentation, please use gender-neutral wording when referring " +"to people, such as @uref{https://en.wikipedia.org/wiki/Singular_they, singular " +"``they''@comma{} ``their''@comma{} ``them''}, and so forth." +msgstr "" +"Lorsque vous écrivez de la documentation, utilisez une formulation au genre " +"neutre lorsque vous vous référez à des personnes, comme le @uref{https://fr." +"wikipedia.org/wiki/They_singulier, ``they''@comma{} ``their''@comma{} ``them'' " +"singulier} (en anglais)." + +#. type: enumerate +#: doc/contributing.texi:451 +msgid "" +"Verify that your patch contains only one set of related changes. Bundling " +"unrelated changes together makes reviewing harder and slower." +msgstr "" +"Vérifiez que votre correctif contienne seulement un ensemble de changements " +"liés. Grouper des changements non liés ensemble rend la revue plus difficile " +"et plus lente." + +#. type: enumerate +#: doc/contributing.texi:454 +msgid "" +"Examples of unrelated changes include the addition of several packages, or a " +"package update along with fixes to that package." +msgstr "" +"Ajouter plusieurs paquet ou une mise à jour d'un paquet avec des corrections " +"dans ce paquet sont des exemples de changements sans rapport." + +#. type: enumerate +#: doc/contributing.texi:459 +msgid "" +"Please follow our code formatting rules, possibly running the @command{etc/" +"indent-code.el} script to do that automatically for you (@pxref{Formatting " +"Code})." +msgstr "" +"Suivez nos règles de formatage de code, éventuellement en lançant le script " +"@command{et/indent-code.el} pour le faire automatiquement (@pxref{Formatage du " +"code})." + +#. type: Plain text +#: doc/contributing.texi:469 +msgid "" +"When posting a patch to the mailing list, use @samp{[PATCH] @dots{}} as a " +"subject. You may use your email client or the @command{git send-email} " +"command (@pxref{Sending a Patch Series}). We prefer to get patches in plain " +"text messages, either inline or as MIME attachments. You are advised to pay " +"attention if your email client changes anything like line breaks or " +"indentation which could potentially break the patches." +msgstr "" +"Lorsque vous envoyez un correctif à la liste de diffusion, utilisez " +"@samp{[PATCH] @dots{}} comme sujet. Vous pouvez utiliser votre client de " +"courriel ou la commande @command{git send-email} (@pxref{Envoyer une série de " +"correctifs}). Nous préférons recevoir des correctifs en texte brut, soit en " +"ligne, soit en pièce-jointe MIME. Nous vous conseillons de faire attention si " +"votre client de courriel change par exemple les retours à la ligne ou " +"l'indentation, ce qui peut casser les correctifs." + +#. type: Plain text +#: doc/contributing.texi:472 +msgid "" +"When a bug is resolved, please close the thread by sending an email to " +"@email{@var{NNN}-done@@debbugs.gnu.org}." +msgstr "" +"Lorsqu'un bogue est résolu, veuillez fermer le fil en envoyant un courriel à " +"@email{@var{NNN}-done@@debbugs.gnu.org}." + +#. type: anchor{#1} +#: doc/contributing.texi:473 doc/contributing.texi:475 +#, no-wrap +msgid "Sending a Patch Series" +msgstr "Envoyer une série de correctifs" + +#. type: cindex +#: doc/contributing.texi:475 +#, no-wrap +msgid "patch series" +msgstr "série de correctifs" + +#. type: code{#1} +#: doc/contributing.texi:476 +#, no-wrap +msgid "git send-email" +msgstr "git send-email" + +#. type: code{#1} +#: doc/contributing.texi:477 +#, no-wrap +msgid "git-send-email" +msgstr "git-send-email" + +#. type: Plain text +#: doc/contributing.texi:485 +msgid "" +"When sending a patch series (e.g., using @code{git send-email}), please first " +"send one message to @email{guix-patches@@gnu.org}, and then send subsequent " +"patches to @email{@var{NNN}@@debbugs.gnu.org} to make sure they are kept " +"together. See @uref{https://debbugs.gnu.org/Advanced.html, the Debbugs " +"documentation} for more information." +msgstr "" +"Lorsque vous envoyez une série de correctifs (p.e. avec @code{git send-" +"email}), envoyez d'abord une premier message à @email{guix-patches@@gnu.org} " +"puis envoyez le reste des correctifs à @email{@var{NNN}@@debbugs.gnu.org} pour " +"vous assurer qu'ils seront groupés ensemble. Voyez @uref{https://debbugs.gnu." +"org/Advanced.html, la documentation de Debbugs} pour plus d'informations." diff --git a/po/doc/guix.fr.po b/po/doc/guix.fr.po new file mode 100644 index 0000000000..c6795833c2 --- /dev/null +++ b/po/doc/guix.fr.po @@ -0,0 +1,42145 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Free Software Foundation, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: \n" +"POT-Creation-Date: 2018-04-10 21:34+0200\n" +"PO-Revision-Date: 2018-04-13 22:46+0200\n" +"Last-Translator: Julien Lepiller \n" +"Language-Team: \n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 2.0.6\n" + +#. type: Plain text +#: doc/guix.texi:7 +msgid "@documentencoding UTF-8" +msgstr "" +"@documentencoding UTF-8\n" +"@documentlanguage fr" + +#. type: title +#: doc/guix.texi:7 doc/guix.texi:77 +#, no-wrap +msgid "GNU Guix Reference Manual" +msgstr "Manuel de référence de GNU Guix" + +#. type: include +#: doc/guix.texi:10 +#, no-wrap +msgid "version.texi" +msgstr "version-fr.texi" + +#. type: copying +#: doc/guix.texi:51 +msgid "" +"Copyright @copyright{} 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès@* Copyright @copyright{} 2013, 2014, 2016 Andreas " +"Enge@* Copyright @copyright{} 2013 Nikita Karetnikov@* Copyright @copyright{} 2014, 2015, 2016 Alex Kost@* Copyright @copyright{} " +"2015, 2016 Mathieu Lirzin@* Copyright @copyright{} 2014 Pierre-Antoine Rault@* Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/" +"Kammer@* Copyright @copyright{} 2015, 2016, 2017 Leo Famulari@* Copyright @copyright{} 2015, 2016, 2017, 2018 Ricardo Wurmus@* " +"Copyright @copyright{} 2016 Ben Woodcroft@* Copyright @copyright{} 2016, 2017, 2018 Chris Marusich@* Copyright @copyright{} 2016, " +"2017, 2018 Efraim Flashner@* Copyright @copyright{} 2016 John Darrington@* Copyright @copyright{} 2016, 2017 Nils Gillmann@* " +"Copyright @copyright{} 2016, 2017 Jan Nieuwenhuizen@* Copyright @copyright{} 2016 Julien Lepiller@* Copyright @copyright{} 2016 Alex " +"ter Weele@* Copyright @copyright{} 2017, 2018 Clément Lassieur@* Copyright @copyright{} 2017 Mathieu Othacehe@* Copyright " +"@copyright{} 2017 Federico Beffa@* Copyright @copyright{} 2017 Carlo Zancanaro@* Copyright @copyright{} 2017 Thomas Danckaert@* " +"Copyright @copyright{} 2017 humanitiesNerd@* Copyright @copyright{} 2017 Christopher Allan Webber@* Copyright @copyright{} 2017 " +"Marius Bakke@* Copyright @copyright{} 2017 Hartmut Goebel@* Copyright @copyright{} 2017 Maxim Cournoyer@* Copyright @copyright{} " +"2017, 2018 Tobias Geerinckx-Rice@* Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 Andy Wingo@* Copyright " +"@copyright{} 2017, 2018 Arun Isaac@* Copyright @copyright{} 2017 nee@* Copyright @copyright{} 2018 Rutger Helling@* Copyright " +"@copyright{} 2018 Oleg Pykhalov@* Copyright @copyright{} 2018 Mike Gerwitz" +msgstr "" +"Copyright @copyright{} 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès@* Copyright @copyright{} 2013, 2014, 2016 Andreas " +"Enge@* Copyright @copyright{} 2013 Nikita Karetnikov@* Copyright @copyright{} 2014, 2015, 2016 Alex Kost@* Copyright @copyright{} " +"2015, 2016 Mathieu Lirzin@* Copyright @copyright{} 2014 Pierre-Antoine Rault@* Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/" +"Kammer@* Copyright @copyright{} 2015, 2016, 2017 Leo Famulari@* Copyright @copyright{} 2015, 2016, 2017, 2018 Ricardo Wurmus@* " +"Copyright @copyright{} 2016 Ben Woodcroft@* Copyright @copyright{} 2016, 2017, 2018 Chris Marusich@* Copyright @copyright{} 2016, " +"2017, 2018 Efraim Flashner@* Copyright @copyright{} 2016 John Darrington@* Copyright @copyright{} 2016, 2017 Nils Gillmann@* " +"Copyright @copyright{} 2016, 2017 Jan Nieuwenhuizen@* Copyright @copyright{} 2016 Julien Lepiller@* Copyright @copyright{} 2016 Alex " +"ter Weele@* Copyright @copyright{} 2017, 2018 Clément Lassieur@* Copyright @copyright{} 2017 Mathieu Othacehe@* Copyright " +"@copyright{} 2017 Federico Beffa@* Copyright @copyright{} 2017 Carlo Zancanaro@* Copyright @copyright{} 2017 Thomas Danckaert@* " +"Copyright @copyright{} 2017 humanitiesNerd@* Copyright @copyright{} 2017 Christopher Allan Webber@* Copyright @copyright{} 2017 " +"Marius Bakke@* Copyright @copyright{} 2017 Hartmut Goebel@* Copyright @copyright{} 2017 Maxim Cournoyer@* Copyright @copyright{} " +"2017, 2018 Tobias Geerinckx-Rice@* Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 Andy Wingo@* Copyright " +"@copyright{} 2017, 2018 Arun Isaac@* Copyright @copyright{} 2017 nee@* Copyright @copyright{} 2018 Rutger Helling@* Copyright " +"@copyright{} 2018 Oleg Pykhalov@* Copyright @copyright{} 2018 Mike Gerwitz" + +#. type: copying +#: doc/guix.texi:58 +msgid "" +"Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version " +"1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-" +"Cover Texts. A copy of the license is included in the section entitled ``GNU Free Documentation License''." +msgstr "" +"Vous avez la permission de copier, distribuer ou modifier ce document sous les termes de la Licence GNU Free Documentation, version " +"1.3 ou toute version ultérieure publiée par la Free Software Foundation ; sans section invariante, texte de couverture et sans texte " +"de quatrième de couverture. Une copie de la licence est incluse dans la section intitulée « GNU Free Documentation License »." + +#. type: dircategory +#: doc/guix.texi:60 +#, no-wrap +msgid "System administration" +msgstr "Administration système" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Guix: (guix)" +msgstr "Guix: (guix)" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Manage installed software and system configuration." +msgstr "Gérer les logiciels installés et la configuration du système." + +#. type: menuentry +#: doc/guix.texi:67 +msgid "guix package: (guix)Invoking guix package" +msgstr "guix package : (guix)Invoquer guix package" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Installing, removing, and upgrading packages." +msgstr "Intaller, supprimer et mettre à jour des paquets." + +#. type: menuentry +#: doc/guix.texi:67 +msgid "guix gc: (guix)Invoking guix gc" +msgstr "guix gc : (guix)Invoquer guix gc" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Reclaiming unused disk space." +msgstr "Récupérer de l'espace disque inutilisé." + +#. type: menuentry +#: doc/guix.texi:67 +msgid "guix pull: (guix)Invoking guix pull" +msgstr "guix pull : (guix)Invoquer guix pull" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Update the list of available packages." +msgstr "Mettre à jour la liste des paquets disponibles." + +#. type: menuentry +#: doc/guix.texi:67 +msgid "guix system: (guix)Invoking guix system" +msgstr "guix system : (guix)Invoquer guix system" + +#. type: menuentry +#: doc/guix.texi:67 +msgid "Manage the operating system configuration." +msgstr "Gérer la configuration du système d'exploitation." + +#. type: dircategory +#: doc/guix.texi:69 +#, no-wrap +msgid "Software development" +msgstr "Développement logiciel" + +#. type: menuentry +#: doc/guix.texi:74 +msgid "guix environment: (guix)Invoking guix environment" +msgstr "guix environment : (guix)Invoquer guix environment" + +#. type: menuentry +#: doc/guix.texi:74 +msgid "Building development environments with Guix." +msgstr "Construire des environnements de construction avec Guix." + +#. type: menuentry +#: doc/guix.texi:74 +msgid "guix build: (guix)Invoking guix build" +msgstr "guix build : (guix)Invoquer guix build" + +#. type: menuentry +#: doc/guix.texi:74 +msgid "Building packages." +msgstr "Construire des paquets." + +#. type: menuentry +#: doc/guix.texi:74 +msgid "guix pack: (guix)Invoking guix pack" +msgstr "guix pack : (guix) Invoquer guix pack" + +#. type: menuentry +#: doc/guix.texi:74 +msgid "Creating binary bundles." +msgstr "Créer des lots binaires." + +#. type: subtitle +#: doc/guix.texi:78 +#, no-wrap +msgid "Using the GNU Guix Functional Package Manager" +msgstr "Utiliser le gestionnaire de paquet fonctionnel GNU Guix" + +#. type: author +#: doc/guix.texi:79 +#, no-wrap +msgid "The GNU Guix Developers" +msgstr "Les développeurs de GNU Guix" + +#. type: titlepage +#: doc/guix.texi:85 +msgid "Edition @value{EDITION} @* @value{UPDATED} @*" +msgstr "Édition @value{EDITION} @* @value{UPDATED} @*" + +#. type: node +#: doc/guix.texi:92 +#, no-wrap +msgid "Top" +msgstr "Top" + +#. type: top +#: doc/guix.texi:93 +#, no-wrap +msgid "GNU Guix" +msgstr "GNU Guix" + +#. type: Plain text +#: doc/guix.texi:97 +msgid "This document describes GNU Guix version @value{VERSION}, a functional package management tool written for the GNU system." +msgstr "" +"Cette documentation décrit GNU Guix version @value{VERSION}, un outils de gestion de paquets fonctionnel écrit pour le système GNU." + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:294 doc/guix.texi:295 +#, no-wrap +msgid "Introduction" +msgstr "Introduction" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "What is Guix about?" +msgstr "Qu'est-ce que Guix ?" + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:116 doc/guix.texi:367 doc/guix.texi:368 +#, no-wrap +msgid "Installation" +msgstr "Installation" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Installing Guix." +msgstr "Installer Guix." + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:131 doc/guix.texi:1652 doc/guix.texi:1653 +#, no-wrap +msgid "Package Management" +msgstr "Gestion de paquets" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Package installation, upgrade, etc." +msgstr "Installation des paquets, mises à jour, etc." + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:151 doc/guix.texi:3106 doc/guix.texi:3107 +#, no-wrap +msgid "Programming Interface" +msgstr "Interface de programmation" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Using Guix in Scheme." +msgstr "Utiliser Guix en Scheme." + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:165 doc/guix.texi:5358 doc/guix.texi:5359 +#, no-wrap +msgid "Utilities" +msgstr "Utilitaires" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Package management commands." +msgstr "Commandes de gestion de paquets." + +#. type: chapter +#: doc/guix.texi:106 doc/guix.texi:190 doc/guix.texi:7977 doc/guix.texi:7978 +#, no-wrap +msgid "GNU Distribution" +msgstr "Distribution GNU" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Software for your friendly GNU system." +msgstr "Des logiciels pour un système GNU convivial." + +#. type: menuentry +#: doc/guix.texi:106 doc/guix.texi:276 +msgid "Contributing" +msgstr "Contribuer" + +#. type: menuentry +#: doc/guix.texi:106 +msgid "Your help needed!" +msgstr "Nous avons besoin de votre aide !" + +#. type: chapter +#: doc/guix.texi:111 doc/guix.texi:22276 doc/guix.texi:22277 +#, no-wrap +msgid "Acknowledgments" +msgstr "Remerciements" + +#. type: menuentry +#: doc/guix.texi:111 +msgid "Thanks!" +msgstr "Merci !" + +#. type: appendix +#: doc/guix.texi:111 doc/guix.texi:22298 doc/guix.texi:22299 +#, no-wrap +msgid "GNU Free Documentation License" +msgstr "La licence GNU Free Documentation" + +#. type: menuentry +#: doc/guix.texi:111 +msgid "The license of this manual." +msgstr "La licence de ce manuel." + +#. type: unnumbered +#: doc/guix.texi:111 doc/guix.texi:22304 doc/guix.texi:22305 +#, no-wrap +msgid "Concept Index" +msgstr "Index des concepts" + +#. type: menuentry +#: doc/guix.texi:111 +msgid "Concepts." +msgstr "Les concepts." + +#. type: unnumbered +#: doc/guix.texi:111 doc/guix.texi:22308 doc/guix.texi:22309 +#, no-wrap +msgid "Programming Index" +msgstr "Index de programmation" + +#. type: menuentry +#: doc/guix.texi:111 +msgid "Data types, functions, and variables." +msgstr "Types de données, fonctions et variables." + +#. type: menuentry +#: doc/guix.texi:114 +msgid "--- The Detailed Node Listing ---" +msgstr "--- Liste détaillée des nœuds ---" + +#. type: section +#: doc/guix.texi:123 doc/guix.texi:398 doc/guix.texi:400 doc/guix.texi:401 +#, no-wrap +msgid "Binary Installation" +msgstr "Installation binaire" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Getting Guix running in no time!" +msgstr "Commencer à utiliser Guix en un rien de temps !" + +#. type: section +#: doc/guix.texi:123 doc/guix.texi:398 doc/guix.texi:596 doc/guix.texi:597 +#, no-wrap +msgid "Requirements" +msgstr "Prérequis" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Software needed to build and run Guix." +msgstr "Logiciels requis pour construire et lancer Guix." + +#. type: section +#: doc/guix.texi:123 doc/guix.texi:398 doc/guix.texi:678 doc/guix.texi:679 +#, no-wrap +msgid "Running the Test Suite" +msgstr "Lancer la suite de tests" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Testing Guix." +msgstr "Tester Guix." + +#. type: section +#: doc/guix.texi:123 doc/guix.texi:125 doc/guix.texi:398 doc/guix.texi:743 doc/guix.texi:744 +#, no-wrap +msgid "Setting Up the Daemon" +msgstr "Paramétrer le démon" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Preparing the build daemon's environment." +msgstr "Préparer l'environnement du démon de construction." + +#. type: node +#: doc/guix.texi:123 doc/guix.texi:398 doc/guix.texi:1176 +#, no-wrap +msgid "Invoking guix-daemon" +msgstr "Invoquer guix-daemon" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Running the build daemon." +msgstr "Lancer le démon de construction." + +#. type: section +#: doc/guix.texi:123 doc/guix.texi:398 doc/guix.texi:1441 doc/guix.texi:1442 +#, no-wrap +msgid "Application Setup" +msgstr "Réglages applicatifs" + +#. type: menuentry +#: doc/guix.texi:123 doc/guix.texi:398 +msgid "Application-specific setup." +msgstr "Réglages spécifiques pour les application." + +#. type: subsection +#: doc/guix.texi:129 doc/guix.texi:763 doc/guix.texi:765 doc/guix.texi:766 +#, no-wrap +msgid "Build Environment Setup" +msgstr "Réglages de l'environnement de construction" + +#. type: menuentry +#: doc/guix.texi:129 doc/guix.texi:763 +msgid "Preparing the isolated build environment." +msgstr "Préparer l'environnement de construction isolé." + +#. type: node +#: doc/guix.texi:129 doc/guix.texi:763 doc/guix.texi:882 +#, no-wrap +msgid "Daemon Offload Setup" +msgstr "Réglages du délestage du démon" + +#. type: menuentry +#: doc/guix.texi:129 doc/guix.texi:763 +msgid "Offloading builds to remote machines." +msgstr "Envoyer des constructions à des machines distantes." + +#. type: subsection +#: doc/guix.texi:129 doc/guix.texi:763 doc/guix.texi:1090 doc/guix.texi:1091 +#, no-wrap +msgid "SELinux Support" +msgstr "Support de SELinux" + +#. type: menuentry +#: doc/guix.texi:129 doc/guix.texi:763 +msgid "Using an SELinux policy for the daemon." +msgstr "Utiliser une politique SELinux pour le démon." + +#. type: section +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:1684 doc/guix.texi:1685 +#, no-wrap +msgid "Features" +msgstr "Fonctionnalités" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "How Guix will make your life brighter." +msgstr "Comment Guix va rendre votre vie plus heureuse." + +#. type: node +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:1761 +#, no-wrap +msgid "Invoking guix package" +msgstr "Invoquer guix package" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Package installation, removal, etc." +msgstr "Installation, suppression, etc. de paquets." + +#. type: section +#: doc/guix.texi:140 doc/guix.texi:142 doc/guix.texi:1682 doc/guix.texi:2245 doc/guix.texi:2246 +#, no-wrap +msgid "Substitutes" +msgstr "Substituts" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Downloading pre-built binaries." +msgstr "Télécharger des binaire déjà construits." + +#. type: section +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:2478 doc/guix.texi:2479 +#, no-wrap +msgid "Packages with Multiple Outputs" +msgstr "Des paquets avec plusieurs résultats" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Single source package, multiple outputs." +msgstr "Un seul paquet source, plusieurs résultats." + +#. type: node +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:2532 +#, no-wrap +msgid "Invoking guix gc" +msgstr "Invoquer guix gc" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Running the garbage collector." +msgstr "Lancer le ramasse-miettes." + +#. type: node +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:2720 +#, no-wrap +msgid "Invoking guix pull" +msgstr "Invoquer guix pull" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Fetching the latest Guix and distribution." +msgstr "Récupérer la dernière version de Guix et de la distribution." + +#. type: node +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:2781 +#, no-wrap +msgid "Invoking guix pack" +msgstr "Invoquer guix pack" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Creating software bundles." +msgstr "Créer des lots de logiciels." + +#. type: node +#: doc/guix.texi:140 doc/guix.texi:1682 doc/guix.texi:2941 +#, no-wrap +msgid "Invoking guix archive" +msgstr "Invoquer guix archive" + +#. type: menuentry +#: doc/guix.texi:140 doc/guix.texi:1682 +msgid "Exporting and importing store files." +msgstr "Exporter et importer des fichiers du dépôt." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2270 doc/guix.texi:2271 +#, no-wrap +msgid "Official Substitute Server" +msgstr "Serveur de substituts officiel" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "One particular source of substitutes." +msgstr "Une source particulière de substituts." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2300 doc/guix.texi:2301 +#, no-wrap +msgid "Substitute Server Authorization" +msgstr "Autoriser un serveur de substituts" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "How to enable or disable substitutes." +msgstr "Comment activer ou désactiver les substituts." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2373 doc/guix.texi:2374 +#, no-wrap +msgid "Substitute Authentication" +msgstr "Authentification des substituts" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "How Guix verifies substitutes." +msgstr "Coment Guix vérifie les substituts." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2408 doc/guix.texi:2409 +#, no-wrap +msgid "Proxy Settings" +msgstr "Paramètres de serveur mandataire" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "How to get substitutes via proxy." +msgstr "Comment récupérer des substituts à travers un serveur mandataire." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2420 doc/guix.texi:2421 +#, no-wrap +msgid "Substitution Failure" +msgstr "Échec de substitution" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "What happens when substitution fails." +msgstr "Qu'arrive-t-il quand la substitution échoue." + +#. type: subsection +#: doc/guix.texi:149 doc/guix.texi:2268 doc/guix.texi:2448 doc/guix.texi:2449 +#, no-wrap +msgid "On Trusting Binaries" +msgstr "De la confiance en des binaires" + +#. type: menuentry +#: doc/guix.texi:149 doc/guix.texi:2268 +msgid "How can you trust that binary blob?" +msgstr "Comment pouvez-vous avoir confiance en un paquet binaire ?" + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:160 doc/guix.texi:3141 doc/guix.texi:3143 doc/guix.texi:3144 +#, no-wrap +msgid "Defining Packages" +msgstr "Définition des paquets" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Defining new packages." +msgstr "Définir de nouveaux paquets." + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:3141 doc/guix.texi:3607 doc/guix.texi:3608 +#, no-wrap +msgid "Build Systems" +msgstr "Systèmes de construction" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Specifying how packages are built." +msgstr "Spécifier comment construire les paquets." + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:3141 doc/guix.texi:4183 doc/guix.texi:4184 +#, no-wrap +msgid "The Store" +msgstr "Le dépôt" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Manipulating the package store." +msgstr "Manipuler le dépôt de paquets." + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:3141 doc/guix.texi:4333 doc/guix.texi:4334 +#, no-wrap +msgid "Derivations" +msgstr "Dérivations" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Low-level interface to package derivations." +msgstr "Interface de bas-niveau avec les dérivations de paquets." + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:3141 doc/guix.texi:4511 doc/guix.texi:4512 +#, no-wrap +msgid "The Store Monad" +msgstr "La monad du dépôt" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Purely functional interface to the store." +msgstr "Interface purement fonctionnelle avec le dépôt." + +#. type: section +#: doc/guix.texi:158 doc/guix.texi:3141 doc/guix.texi:4820 doc/guix.texi:4821 +#, no-wrap +msgid "G-Expressions" +msgstr "G-Expressions" + +#. type: menuentry +#: doc/guix.texi:158 doc/guix.texi:3141 +msgid "Manipulating build expressions." +msgstr "Manipuler les expressions de construction." + +#. type: node +#: doc/guix.texi:163 doc/guix.texi:3389 doc/guix.texi:3392 +#, no-wrap +msgid "package Reference" +msgstr "Référence de paquet" + +#. type: menuentry +#: doc/guix.texi:163 doc/guix.texi:3389 +msgid "The package data type." +msgstr "Le type de donnée des paquets." + +#. type: node +#: doc/guix.texi:163 doc/guix.texi:3389 doc/guix.texi:3519 +#, no-wrap +msgid "origin Reference" +msgstr "Référence d'origine" + +#. type: menuentry +#: doc/guix.texi:163 doc/guix.texi:3389 +msgid "The origin data type." +msgstr "Le type de données d'origine." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:5384 +#, no-wrap +msgid "Invoking guix build" +msgstr "Invoquer guix build" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Building packages from the command line." +msgstr "Construire des paquets depuis la ligne de commande." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:5964 +#, no-wrap +msgid "Invoking guix edit" +msgstr "Invoquer guix edit" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Editing package definitions." +msgstr "Modifier les définitions de paquets." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:5990 +#, no-wrap +msgid "Invoking guix download" +msgstr "Invoquer guix download" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Downloading a file and printing its hash." +msgstr "Télécharger un fichier et afficher son hash." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6043 +#, no-wrap +msgid "Invoking guix hash" +msgstr "Invoquer guix hash" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Computing the cryptographic hash of a file." +msgstr "Calculer le hash cryptographique d'un fichier." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6105 +#, no-wrap +msgid "Invoking guix import" +msgstr "Invoquer guix import" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Importing package definitions." +msgstr "Importer des définitions de paquets." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6472 +#, no-wrap +msgid "Invoking guix refresh" +msgstr "Invoquer guix refresh" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Updating package definitions." +msgstr "Mettre à jour les définitions de paquets." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6719 +#, no-wrap +msgid "Invoking guix lint" +msgstr "Invoquer guix lint" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Finding errors in package definitions." +msgstr "Trouver des erreurs dans les définitions de paquets." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6810 +#, no-wrap +msgid "Invoking guix size" +msgstr "Invoquer guix size" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Profiling disk usage." +msgstr "Profiler l'utilisation du disque." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:6926 +#, no-wrap +msgid "Invoking guix graph" +msgstr "Invoquer guix graph" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Visualizing the graph of packages." +msgstr "Visualiser le graphe des paquets." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7105 +#, no-wrap +msgid "Invoking guix environment" +msgstr "Invoquer guix environment" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Setting up development environments." +msgstr "Mettre en place des environnements de développement." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7424 +#, no-wrap +msgid "Invoking guix publish" +msgstr "Invoquer guix publish" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Sharing substitutes." +msgstr "Partager des substituts." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7641 +#, no-wrap +msgid "Invoking guix challenge" +msgstr "Invoquer guix challenge" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Challenging substitute servers." +msgstr "Défier les serveurs de substituts." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7780 +#, no-wrap +msgid "Invoking guix copy" +msgstr "Invoquer guix copy" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Copying to and from a remote store." +msgstr "Copier vers et depuis un dépôt distant." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7843 +#, no-wrap +msgid "Invoking guix container" +msgstr "Invoquer guix container" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Process isolation." +msgstr "Isolation de processus." + +#. type: node +#: doc/guix.texi:181 doc/guix.texi:5382 doc/guix.texi:7897 +#, no-wrap +msgid "Invoking guix weather" +msgstr "Invoquer guix weather" + +#. type: menuentry +#: doc/guix.texi:181 doc/guix.texi:5382 +msgid "Assessing substitute availability." +msgstr "Mesurer la disponibilité des substituts." + +#. type: section +#: doc/guix.texi:183 doc/guix.texi:5385 +#, no-wrap +msgid "Invoking @command{guix build}" +msgstr "Invoquer @command{guix build}" + +#. type: subsection +#: doc/guix.texi:188 doc/guix.texi:5436 doc/guix.texi:5438 doc/guix.texi:5439 +#, no-wrap +msgid "Common Build Options" +msgstr "Options de construction communes" + +#. type: menuentry +#: doc/guix.texi:188 doc/guix.texi:5436 +msgid "Build options for most commands." +msgstr "Options de construction pour la plupart des commandes." + +#. type: subsection +#: doc/guix.texi:188 doc/guix.texi:5436 doc/guix.texi:5580 doc/guix.texi:5581 +#, no-wrap +msgid "Package Transformation Options" +msgstr "Options de transformation de paquets" + +#. type: menuentry +#: doc/guix.texi:188 doc/guix.texi:5436 +msgid "Creating variants of packages." +msgstr "Créer des variantes de paquets." + +#. type: subsection +#: doc/guix.texi:188 doc/guix.texi:5436 doc/guix.texi:5680 doc/guix.texi:5681 +#, no-wrap +msgid "Additional Build Options" +msgstr "Options de construction supplémentaires" + +#. type: menuentry +#: doc/guix.texi:188 doc/guix.texi:5436 +msgid "Options specific to 'guix build'." +msgstr "Options spécifiques à « guix build »." + +#. type: subsection +#: doc/guix.texi:188 doc/guix.texi:5436 doc/guix.texi:5884 doc/guix.texi:5885 +#, no-wrap +msgid "Debugging Build Failures" +msgstr "Débogage des échecs de construction" + +#. type: menuentry +#: doc/guix.texi:188 doc/guix.texi:5436 +msgid "Real life packaging experience." +msgstr "La vie d'un empaqueteur." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:202 doc/guix.texi:8049 doc/guix.texi:8054 doc/guix.texi:8055 +#, no-wrap +msgid "System Installation" +msgstr "Installation du système" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Installing the whole operating system." +msgstr "Installer le système d'exploitation complet." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:212 doc/guix.texi:8049 doc/guix.texi:8670 doc/guix.texi:8671 +#, no-wrap +msgid "System Configuration" +msgstr "Configuration système" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Configuring the operating system." +msgstr "Configurer le système d'exploitation." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:21289 doc/guix.texi:21290 +#, no-wrap +msgid "Documentation" +msgstr "Documentation" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Browsing software user manuals." +msgstr "Visualiser les manuels d'utilisateur des logiciels." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:21353 doc/guix.texi:21354 +#, no-wrap +msgid "Installing Debugging Files" +msgstr "Installer les fichiers de débogage" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Feeding the debugger." +msgstr "Nourrir le débogueur." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:21419 doc/guix.texi:21420 +#, no-wrap +msgid "Security Updates" +msgstr "Mises à jour de sécurité" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Deploying security fixes quickly." +msgstr "Déployer des correctifs de sécurité rapidement." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:21539 doc/guix.texi:21540 +#, no-wrap +msgid "Package Modules" +msgstr "Modules de paquets" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Packages from the programmer's viewpoint." +msgstr "Les paquets du point de vu du programmeur." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:265 doc/guix.texi:8049 doc/guix.texi:21593 doc/guix.texi:21594 +#, no-wrap +msgid "Packaging Guidelines" +msgstr "Consignes d'empaquetage" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Growing the distribution." +msgstr "Faire grandir la distribution." + +#. type: section +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:22044 doc/guix.texi:22045 +#, no-wrap +msgid "Bootstrapping" +msgstr "Bootstrapping" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "GNU/Linux built from scratch." +msgstr "GNU/Linux depuis zéro." + +#. type: node +#: doc/guix.texi:200 doc/guix.texi:8049 doc/guix.texi:22228 +#, no-wrap +msgid "Porting" +msgstr "Porter" + +#. type: menuentry +#: doc/guix.texi:200 doc/guix.texi:8049 +msgid "Targeting another platform or kernel." +msgstr "Cibler une autre plateforme ou un autre noyau." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:1126 doc/guix.texi:8086 doc/guix.texi:8088 doc/guix.texi:8089 +#, no-wrap +msgid "Limitations" +msgstr "Limitations" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "What you can expect." +msgstr "Ce à quoi vous attendre." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8132 doc/guix.texi:8133 +#, no-wrap +msgid "Hardware Considerations" +msgstr "Considérations matérielles" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "Supported hardware." +msgstr "Matériel supporté." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8167 doc/guix.texi:8168 +#, no-wrap +msgid "USB Stick and DVD Installation" +msgstr "Installation depuis une clef USB ou un DVD" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "Preparing the installation medium." +msgstr "Préparer le média d'installation." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8265 doc/guix.texi:8266 +#, no-wrap +msgid "Preparing for Installation" +msgstr "Préparer l'installation" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "Networking, partitioning, etc." +msgstr "Réseau, partitionnement, etc." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8504 doc/guix.texi:8505 +#, no-wrap +msgid "Proceeding with the Installation" +msgstr "Effectuer l'installation" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "The real thing." +msgstr "Pour de vrai." + +#. type: node +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8601 +#, no-wrap +msgid "Installing GuixSD in a VM" +msgstr "Installer GuixSD dans une VM" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "GuixSD playground." +msgstr "Jouer avec GuixSD." + +#. type: subsection +#: doc/guix.texi:210 doc/guix.texi:8086 doc/guix.texi:8655 doc/guix.texi:8656 +#, no-wrap +msgid "Building the Installation Image" +msgstr "Construire l'image d'installation" + +#. type: menuentry +#: doc/guix.texi:210 doc/guix.texi:8086 +msgid "How this comes to be." +msgstr "D'où vient tout cela." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:8713 doc/guix.texi:8714 +#, no-wrap +msgid "Using the Configuration System" +msgstr "Utiliser le système de configuration" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Customizing your GNU system." +msgstr "Personnaliser votre système GNU." + +#. type: node +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:8929 +#, no-wrap +msgid "operating-system Reference" +msgstr "Référence de système d'exploitation" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Detail of operating-system declarations." +msgstr "Détail sur la déclaration de système d'exploitation." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:9083 doc/guix.texi:9084 +#, no-wrap +msgid "File Systems" +msgstr "Systèmes de fichiers" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Configuring file system mounts." +msgstr "Configurer les montages de systèmes de fichiers." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:9246 doc/guix.texi:9247 +#, no-wrap +msgid "Mapped Devices" +msgstr "Périphériques mappés" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Block device extra processing." +msgstr "Gestion des périphériques de bloc." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:9367 doc/guix.texi:9368 +#, no-wrap +msgid "User Accounts" +msgstr "Comptes utilisateurs" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Specifying user accounts." +msgstr "Spécifier des comptes utilisateurs." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:1449 doc/guix.texi:8711 doc/guix.texi:9502 doc/guix.texi:9503 +#, no-wrap +msgid "Locales" +msgstr "Régionalisation" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Language and cultural convention settings." +msgstr "Paramétrer la langue et les conventions culturelles." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:230 doc/guix.texi:8711 doc/guix.texi:9642 doc/guix.texi:9643 +#, no-wrap +msgid "Services" +msgstr "Services" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Specifying system services." +msgstr "Spécifier les services du système." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:19658 doc/guix.texi:19659 +#, no-wrap +msgid "Setuid Programs" +msgstr "Programmes setuid" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Programs running with root privileges." +msgstr "Programmes tournant avec les privilèges root." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:1594 doc/guix.texi:8711 doc/guix.texi:19704 doc/guix.texi:19705 +#, no-wrap +msgid "X.509 Certificates" +msgstr "Certificats X.509" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Authenticating HTTPS servers." +msgstr "Authentifier les serveurs HTTPS." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:1492 doc/guix.texi:8711 doc/guix.texi:19767 doc/guix.texi:19768 +#, no-wrap +msgid "Name Service Switch" +msgstr "Name Service Switch" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Configuring libc's name service switch." +msgstr "Configurer le « name service switch » de la libc." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:19905 doc/guix.texi:19906 +#, no-wrap +msgid "Initial RAM Disk" +msgstr "Disque de RAM initial" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Linux-Libre bootstrapping." +msgstr "Démarrage de Linux-Libre." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:20065 doc/guix.texi:20066 +#, no-wrap +msgid "Bootloader Configuration" +msgstr "Configuration du chargeur d'amorçage" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Configuring the boot loader." +msgstr "Configurer le chargeur d'amorçage." + +#. type: node +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:20236 +#, no-wrap +msgid "Invoking guix system" +msgstr "Invoquer guix system" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Instantiating a system configuration." +msgstr "Instantier une configuration du système." + +#. type: node +#: doc/guix.texi:228 doc/guix.texi:8711 doc/guix.texi:20661 +#, no-wrap +msgid "Running GuixSD in a VM" +msgstr "Lancer GuixSD dans une VM" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "How to run GuixSD in a virtual machine." +msgstr "Comment lancer GuixSD dans une machine virtuelle." + +#. type: subsection +#: doc/guix.texi:228 doc/guix.texi:258 doc/guix.texi:8711 doc/guix.texi:20772 doc/guix.texi:20773 +#, no-wrap +msgid "Defining Services" +msgstr "Définir des services" + +#. type: menuentry +#: doc/guix.texi:228 doc/guix.texi:8711 +msgid "Adding new service definitions." +msgstr "Ajouter de nouvelles définitions de services." + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:9716 doc/guix.texi:9717 +#, no-wrap +msgid "Base Services" +msgstr "Services de base" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Essential system services." +msgstr "Services systèmes essentiels." + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:10484 doc/guix.texi:10485 +#, no-wrap +msgid "Scheduled Job Execution" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "The mcron service." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:10579 doc/guix.texi:10580 +#, no-wrap +msgid "Log Rotation" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "The rottlog service." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:10681 doc/guix.texi:10682 +#, no-wrap +msgid "Networking Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Network setup, SSH daemon, etc." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:11382 doc/guix.texi:11383 +#, no-wrap +msgid "X Window" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Graphical display." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:11628 doc/guix.texi:11629 +#, no-wrap +msgid "Printing Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Local and remote printer support." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:12465 doc/guix.texi:12466 +#, no-wrap +msgid "Desktop Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "D-Bus and desktop services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:12758 doc/guix.texi:12759 +#, no-wrap +msgid "Database Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "SQL databases, key-value stores, etc." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:12882 doc/guix.texi:12883 +#, no-wrap +msgid "Mail Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "IMAP, POP3, SMTP, and all that." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:14334 doc/guix.texi:14335 +#, no-wrap +msgid "Messaging Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Messaging services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:14802 doc/guix.texi:14803 +#, no-wrap +msgid "Telephony Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Telephony services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:15007 doc/guix.texi:15008 +#, no-wrap +msgid "Monitoring Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Monitoring services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:15160 doc/guix.texi:15161 +#, no-wrap +msgid "Kerberos Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Kerberos services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:15286 doc/guix.texi:15287 +#, no-wrap +msgid "Web Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Web servers." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:15895 doc/guix.texi:15896 +#, no-wrap +msgid "Certificate Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "TLS certificates via Let's Encrypt." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:16041 doc/guix.texi:16042 +#, no-wrap +msgid "DNS Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "DNS daemons." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:16445 doc/guix.texi:16446 +#, no-wrap +msgid "VPN Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "VPN daemons." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:16803 doc/guix.texi:16804 +#, no-wrap +msgid "Network File System" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "NFS related services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:16918 doc/guix.texi:16919 +#, no-wrap +msgid "Continuous Integration" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "The Cuirass service." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:17014 doc/guix.texi:17015 +#, no-wrap +msgid "Power management Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "The TLP tool." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:17542 doc/guix.texi:17543 +#, no-wrap +msgid "Audio Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "The MPD." +msgstr "" + +#. type: node +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:17592 +#, no-wrap +msgid "Virtualization Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Virtualization services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:18385 doc/guix.texi:18386 +#, no-wrap +msgid "Version Control Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Providing remote access to Git repositories." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:19466 doc/guix.texi:19467 +#, no-wrap +msgid "Game Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Game servers." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:256 doc/guix.texi:9714 doc/guix.texi:19497 doc/guix.texi:19498 +#, no-wrap +msgid "Miscellaneous Services" +msgstr "" + +#. type: menuentry +#: doc/guix.texi:256 doc/guix.texi:9714 +msgid "Other services." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:263 doc/guix.texi:20784 doc/guix.texi:20786 doc/guix.texi:20787 +#, no-wrap +msgid "Service Composition" +msgstr "Composition de services" + +#. type: menuentry +#: doc/guix.texi:263 doc/guix.texi:20784 +msgid "The model for composing services." +msgstr "Le modèle de composition des services." + +#. type: subsubsection +#: doc/guix.texi:263 doc/guix.texi:20784 doc/guix.texi:20842 doc/guix.texi:20843 +#, no-wrap +msgid "Service Types and Services" +msgstr "Types service et services" + +#. type: menuentry +#: doc/guix.texi:263 doc/guix.texi:20784 +msgid "Types and services." +msgstr "Types et services." + +#. type: subsubsection +#: doc/guix.texi:263 doc/guix.texi:20784 doc/guix.texi:20979 doc/guix.texi:20980 +#, no-wrap +msgid "Service Reference" +msgstr "Référence de service" + +#. type: menuentry +#: doc/guix.texi:263 doc/guix.texi:20784 +msgid "API reference." +msgstr "Référence de l'API." + +#. type: subsubsection +#: doc/guix.texi:263 doc/guix.texi:20784 doc/guix.texi:21204 doc/guix.texi:21205 +#, no-wrap +msgid "Shepherd Services" +msgstr "Services Shepherd" + +#. type: menuentry +#: doc/guix.texi:263 doc/guix.texi:20784 +msgid "A particular type of service." +msgstr "Un type de service particulier." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21670 doc/guix.texi:21671 +#, no-wrap +msgid "Software Freedom" +msgstr "Liberté logiciel" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "What may go into the distribution." +msgstr "Ce que la distribution peut contenir." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21698 doc/guix.texi:21699 +#, no-wrap +msgid "Package Naming" +msgstr "Conventions de nommage" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "What's in a name?" +msgstr "Qu'est-ce qu'un bon nom ?" + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21723 doc/guix.texi:21724 +#, no-wrap +msgid "Version Numbers" +msgstr "Numéros de version" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "When the name is not enough." +msgstr "Lorsque le nom n'est pas suffisant." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21814 doc/guix.texi:21815 +#, no-wrap +msgid "Synopses and Descriptions" +msgstr "Synopsis et descriptions" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "Helping users find the right package." +msgstr "Aider les utilisateurs à trouver le bon paquet." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21894 doc/guix.texi:21895 +#, no-wrap +msgid "Python Modules" +msgstr "Modules python" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "A touch of British comedy." +msgstr "Un peu de comédie anglaise." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21969 doc/guix.texi:21970 +#, no-wrap +msgid "Perl Modules" +msgstr "Modules perl" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "Little pearls." +msgstr "Petites perles." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:21985 doc/guix.texi:21986 +#, no-wrap +msgid "Java Packages" +msgstr "Paquets java" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "Coffee break." +msgstr "Pause café." + +#. type: subsection +#: doc/guix.texi:274 doc/guix.texi:21668 doc/guix.texi:22005 doc/guix.texi:22006 +#, no-wrap +msgid "Fonts" +msgstr "Polices de caractères" + +#. type: menuentry +#: doc/guix.texi:274 doc/guix.texi:21668 +msgid "Fond of fonts." +msgstr "" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Building from Git" +msgstr "Construire depuis Git" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "The latest and greatest." +msgstr "" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Running Guix Before It Is Installed" +msgstr "Lancer Guix avant qu'il ne soit installé" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Hacker tricks." +msgstr "Astuces pour les hackers." + +#. type: menuentry +#: doc/guix.texi:282 +msgid "The Perfect Setup" +msgstr "La configuration parfaite" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "The right tools." +msgstr "Les bons outils." + +#. type: menuentry +#: doc/guix.texi:282 doc/guix.texi:284 +msgid "Coding Style" +msgstr "Style de code" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Hygiene of the contributor." +msgstr "Hygiène du contributeur." + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Submitting Patches" +msgstr "Envoyer des correctifs" + +#. type: menuentry +#: doc/guix.texi:282 +msgid "Share your work." +msgstr "Partager votre travail." + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Programming Paradigm" +msgstr "Paradigme de programmation" + +#. type: menuentry +#: doc/guix.texi:289 +msgid "How to compose your elements." +msgstr "Comment composer vos éléments." + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Modules" +msgstr "Modules" + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Where to store your code?" +msgstr "Où stocker votre code ?" + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Data Types and Pattern Matching" +msgstr "Types de données et reconnaissance de motif" + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Implementing data structures." +msgstr "Implémenter des structures de données." + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Formatting Code" +msgstr "Formatage du code" + +#. type: menuentry +#: doc/guix.texi:289 +msgid "Writing conventions." +msgstr "Conventions d'écriture." + +#. type: cindex +#: doc/guix.texi:297 +#, no-wrap +msgid "purpose" +msgstr "but" + +#. type: Plain text +#: doc/guix.texi:304 +msgid "" +"GNU Guix@footnote{``Guix'' is pronounced like ``geeks'', or ``ɡiːks'' using the international phonetic alphabet (IPA).} is a package " +"management tool for the GNU system. Guix makes it easy for unprivileged users to install, upgrade, or remove packages, to roll back " +"to a previous package set, to build packages from source, and generally assists with the creation and maintenance of software " +"environments." +msgstr "" +"GNU Guix@footnote{« Guix » se prononce comme « geeks » (en prononçant le « s »), ou « ɡiːks » dans l'alphabet phonétique " +"international (API).} est un outil de gestion de paquets pour le système GNU. Guix facilite pour les utilisateurs non privilégiés " +"l'installation, la mise à jour et la suppression de paquets, la restauration à un ensemble de paquets précédent, la construction de " +"paquets depuis les sources et plus généralement aide à la création et à la maintenance d'environnements logiciels." + +#. type: cindex +#: doc/guix.texi:305 +#, no-wrap +msgid "user interfaces" +msgstr "interfaces utilisateurs" + +#. type: Plain text +#: doc/guix.texi:310 +msgid "" +"Guix provides a command-line package management interface (@pxref{Invoking guix package}), a set of command-line utilities " +"(@pxref{Utilities}), as well as Scheme programming interfaces (@pxref{Programming Interface})." +msgstr "" +"Guix fournit une interface de gestion des paquets par la ligne de commande (@pxref{Invoquer guix package}), un ensemble " +"d'utilitaires en ligne de commande (@pxref{Utilitaires}) ainsi que des interfaces de programmation Scheme (@pxref{Interface de " +"programmation})." + +#. type: cindex +#: doc/guix.texi:310 +#, no-wrap +msgid "build daemon" +msgstr "démon de construction" + +#. type: Plain text +#: doc/guix.texi:314 +msgid "" +"Its @dfn{build daemon} is responsible for building packages on behalf of users (@pxref{Setting Up the Daemon}) and for downloading " +"pre-built binaries from authorized sources (@pxref{Substitutes})." +msgstr "" +"Son @dfn{démon de construction} est responsable de la construction des paquets pour les utilisateurs (@pxref{Paramétrer le démon}) " +"et du téléchargement des binaires pré-construits depuis les sources autorisées (@pxref{Substituts})." + +#. type: cindex +#: doc/guix.texi:315 +#, no-wrap +msgid "extensibility of the distribution" +msgstr "extensibilité de la distribution" + +#. type: cindex +#: doc/guix.texi:316 doc/guix.texi:21561 +#, no-wrap +msgid "customization, of packages" +msgstr "personnalisation, des paquets" + +#. type: Plain text +#: doc/guix.texi:325 +msgid "" +"Guix includes package definitions for many GNU and non-GNU packages, all of which @uref{https://www.gnu.org/philosophy/free-sw.html, " +"respect the user's computing freedom}. It is @emph{extensible}: users can write their own package definitions (@pxref{Defining " +"Packages}) and make them available as independent package modules (@pxref{Package Modules}). It is also @emph{customizable}: users " +"can @emph{derive} specialized package definitions from existing ones, including from the command line (@pxref{Package Transformation " +"Options})." +msgstr "" +"Guix contient de nombreuses définitions de paquet GNU et non-GNU qui respectent tous les @uref{https://www.gnu.org/philosophy/free-" +"sw.fr.html, libertés de l'utilisateur}. Il est @emph{extensible} : les utilisateurs peuvent écrire leurs propres définitions de " +"paquets (@pxref{Defining Packages}) et les rendre disponibles dans des modules de paquets indépendants (@pxref{Package Modules}). Il " +"est aussi @emph{personnalisable} : les utilisateurs peuvent @emph{dériver} des définitions de paquets spécialisées à partir de " +"définitions existantes, même depuis la ligne de commande (@pxref{Package Transformation Options})." + +#. type: cindex +#: doc/guix.texi:326 doc/guix.texi:7980 doc/guix.texi:8058 +#, no-wrap +msgid "Guix System Distribution" +msgstr "Distribution Système Guix" + +#. type: cindex +#: doc/guix.texi:327 doc/guix.texi:7981 +#, no-wrap +msgid "GuixSD" +msgstr "GuixSD" + +#. type: Plain text +#: doc/guix.texi:336 +msgid "" +"You can install GNU@tie{}Guix on top of an existing GNU/Linux system where it complements the available tools without interference " +"(@pxref{Installation}), or you can use it as part of the standalone @dfn{Guix System Distribution} or GuixSD (@pxref{GNU " +"Distribution}). With GNU@tie{}GuixSD, you @emph{declare} all aspects of the operating system configuration and Guix takes care of " +"instantiating the configuration in a transactional, reproducible, and stateless fashion (@pxref{System Configuration})." +msgstr "" +"Vous pouvez installer GNU@tie{}Guix sur un système GNU/Linux existant pour compléter les outils disponibles sans interférence " +"(@pxref{Installation}) ou vous pouvez l'utiliser à travers la @dfn{Distribution Système Guix} ou GuixSD (@pxref{Distribution GNU}) " +"distincte. Avec GNU@tie{}GuixSD, vous @emph{déclarez} tous les aspects de la configuration du système d'exploitation et Guix " +"s'occupe de créer la configuration d'une manière transactionnelle, reproductible et sans état (@pxref{Configuration système})." + +#. type: cindex +#: doc/guix.texi:337 +#, no-wrap +msgid "functional package management" +msgstr "gestion de paquet fonctionnelle" + +#. type: Plain text +#: doc/guix.texi:352 +msgid "" +"Under the hood, Guix implements the @dfn{functional package management} discipline pioneered by Nix (@pxref{Acknowledgments}). In " +"Guix, the package build and installation process is seen as a @emph{function}, in the mathematical sense. That function takes " +"inputs, such as build scripts, a compiler, and libraries, and returns an installed package. As a pure function, its result depends " +"solely on its inputs---for instance, it cannot refer to software or scripts that were not explicitly passed as inputs. A build " +"function always produces the same result when passed a given set of inputs. It cannot alter the environment of the running system " +"in any way; for instance, it cannot create, modify, or delete files outside of its build and installation directories. This is " +"achieved by running build processes in isolated environments (or @dfn{containers}), where only their explicit inputs are visible." +msgstr "" +"Sous le capot, Guix implémente la discipline de @dfn{gestion de paquet fonctionnel} inventé par Nix (@pxref{Remerciements}). Dans " +"Guix le processus de construction et d'installation des paquets est vu comme une @emph{fonction} dans le sens mathématique du terme. " +"Cette fonction a des entrées (comme des scripts de construction, un compilateur et des bibliothèques) et renvoie un paquet installé. " +"En tant que fonction pure, son résultat ne dépend que de ses entrées. Par exemple, il ne peut pas faire référence à des logiciels ou " +"des scripts qui n'ont pas été explicitement passés en entrée. Une fonction de construction produit toujours le même résultat quand " +"on lui donne le même ensemble d'entrée. Elle ne peut pas modifier l'environnement du système en cours d'exécution d'aucune manière ; " +"par exemple elle ne peut pas créer, modifier ou supprimer des fichiers en dehors de ses répertoires de construction et " +"d'installation. Ce résultat s'obtient en lançant les processus de construction dans des environnements isolés (ou des " +"@dfn{conteneurs}) où seules les entrées explicites sont visibles." + +#. type: cindex +#: doc/guix.texi:353 doc/guix.texi:4186 +#, no-wrap +msgid "store" +msgstr "dépôt" + +#. type: Plain text +#: doc/guix.texi:360 +msgid "" +"The result of package build functions is @dfn{cached} in the file system, in a special directory called @dfn{the store} (@pxref{The " +"Store}). Each package is installed in a directory of its own in the store---by default under @file{/gnu/store}. The directory name " +"contains a hash of all the inputs used to build that package; thus, changing an input yields a different directory name." +msgstr "" +"Le résultat des fonctions de construction de paquets est mis en @dfn{cache} dans le système de fichier, dans répertoire spécial " +"appelé le @dfn{dépôt} (@pxref{The Store}). Chaque paquet est installé dans son répertoire propre dans le dépôt — par défaut dans " +"@file{/gnu/store}. Le nom du répertoire contient un hash de toutes les entrées utilisées pour construire le paquet ; ainsi, changer " +"une entrée donnera un nom de répertoire différent." + +#. type: Plain text +#: doc/guix.texi:364 +msgid "" +"This approach is the foundation for the salient features of Guix: support for transactional package upgrade and rollback, per-user " +"installation, and garbage collection of packages (@pxref{Features})." +msgstr "" +"Cette approche est le fondement des fonctionnalités les plus importante de Guix : le support des mises à jour des paquets et des " +"retours en arrière transactionnels, l'installation différenciée par utilisateur et le ramassage de miettes pour les paquets " +"(@pxref{Fonctionnalités})." + +#. type: cindex +#: doc/guix.texi:370 +#, no-wrap +msgid "installing Guix" +msgstr "installer Guix" + +#. type: Plain text +#: doc/guix.texi:375 +msgid "" +"GNU Guix is available for download from its website at @url{http://www.gnu.org/software/guix/}. This section describes the software " +"requirements of Guix, as well as how to install it and get ready to use it." +msgstr "" +"GNU Guix est disponible au téléchargement depuis son site web sur @url{http://www.gnu.org/software/guix/}. Cette section décrit les " +"pré-requis logiciels de Guix ainsi que la manière de l'installer et de se préparer à l'utiliser." + +#. type: Plain text +#: doc/guix.texi:380 +msgid "" +"Note that this section is concerned with the installation of the package manager, which can be done on top of a running GNU/Linux " +"system. If, instead, you want to install the complete GNU operating system, @pxref{System Installation}." +msgstr "" +"Remarquez que cette section concerne l'installation du gestionnaire de paquet, ce qui se fait sur un système GNU/Linux en cours " +"d'exécution. Si vous souhaitez plutôt installer le système d'exploitation GNU complet, @pxref{System Installation}." + +#. type: cindex +#: doc/guix.texi:381 doc/guix.texi:1444 +#, no-wrap +msgid "foreign distro" +msgstr "distro extérieure" + +#. type: Plain text +#: doc/guix.texi:387 +msgid "" +"When installed on a running GNU/Linux system---thereafter called a @dfn{foreign distro}---GNU@tie{}Guix complements the available " +"tools without interference. Its data lives exclusively in two directories, usually @file{/gnu/store} and @file{/var/guix}; other " +"files on your system, such as @file{/etc}, are left untouched." +msgstr "" +"Lorsqu'il est installé sur an système GNU/Linux existant — ci-après nommé @dfn{distro extérieure} — GNU@tie{}Guix complète les " +"outils disponibles sans interférence. Ses données se trouvent exclusivement dans deux répertoires, typiquement @file{/gnu/store} et " +"@file{/var/guix} ; les autres fichiers de votre système comme @file{/etc} sont laissés intacts." + +#. type: Plain text +#: doc/guix.texi:390 +msgid "Once installed, Guix can be updated by running @command{guix pull} (@pxref{Invoking guix pull})." +msgstr "Une fois installé, Guix peut être mis à jour en lançant @command{guix pull} (@pxref{Invoking guix pull})." + +#. type: cindex +#: doc/guix.texi:403 +#, no-wrap +msgid "installing Guix from binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:409 +msgid "" +"This section describes how to install Guix on an arbitrary system from a self-contained tarball providing binaries for Guix and for " +"all its dependencies. This is often quicker than installing from source, which is described in the next sections. The only " +"requirement is to have GNU@tie{}tar and Xz." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:414 +msgid "" +"We provide a @uref{https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh, shell installer script}, which automates " +"the download, installation, and initial configuration of Guix. It should be run as the root user." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:416 +msgid "Installing goes along these lines:" +msgstr "" + +#. type: cindex +#: doc/guix.texi:419 +#, no-wrap +msgid "downloading Guix binary" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:424 +msgid "" +"Download the binary tarball from @indicateurl{ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz}, where " +"@var{system} is @code{x86_64-linux} for an @code{x86_64} machine already running the kernel Linux, and so on." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:428 +msgid "" +"Make sure to download the associated @file{.sig} file and to verify the authenticity of the tarball against it, along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:432 +#, no-wrap +msgid "" +"$ wget ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz.sig\n" +"$ gpg --verify guix-binary-@value{VERSION}.@var{system}.tar.xz.sig\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:436 doc/guix.texi:8194 +msgid "If that command fails because you do not have the required public key, then run this command to import it:" +msgstr "" + +#. type: example +#: doc/guix.texi:439 doc/guix.texi:8197 +#, no-wrap +msgid "$ gpg --keyserver pgp.mit.edu --recv-keys @value{OPENPGP-SIGNING-KEY-ID}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:444 doc/guix.texi:8202 +msgid "and rerun the @code{gpg --verify} command." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:448 +msgid "" +"Now, you need to become the @code{root} user. Depending on your distribution, you may have to run @code{su -} or @code{sudo -i}. " +"As @code{root}, run:" +msgstr "" + +#. type: example +#: doc/guix.texi:454 +#, no-wrap +msgid "" +"# cd /tmp\n" +"# tar --warning=no-timestamp -xf \\\n" +" guix-binary-@value{VERSION}.@var{system}.tar.xz\n" +"# mv var/guix /var/ && mv gnu /\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:459 +msgid "" +"This creates @file{/gnu/store} (@pxref{The Store}) and @file{/var/guix}. The latter contains a ready-to-use profile for @code{root} " +"(see next step.)" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:462 +msgid "Do @emph{not} unpack the tarball on a working Guix system since that would overwrite its own essential files." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:472 +msgid "" +"The @code{--warning=no-timestamp} option makes sure GNU@tie{}tar does not emit warnings about ``implausibly old time stamps'' (such " +"warnings were triggered by GNU@tie{}tar 1.26 and older; recent versions are fine.) They stem from the fact that all the files in " +"the archive have their modification time set to zero (which means January 1st, 1970.) This is done on purpose to make sure the " +"archive content is independent of its creation time, thus making it reproducible." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:475 +msgid "Make @code{root}'s profile available under @file{~root/.guix-profile}:" +msgstr "" + +#. type: example +#: doc/guix.texi:479 +#, no-wrap +msgid "" +"# ln -sf /var/guix/profiles/per-user/root/guix-profile \\\n" +" ~root/.guix-profile\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:483 +msgid "Source @file{etc/profile} to augment @code{PATH} and other relevant environment variables:" +msgstr "" + +#. type: example +#: doc/guix.texi:487 +#, no-wrap +msgid "" +"# GUIX_PROFILE=\"`echo ~root`/.guix-profile\" ; \\\n" +" source $GUIX_PROFILE/etc/profile\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:492 +msgid "Create the group and user accounts for build users as explained below (@pxref{Build Environment Setup})." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:495 +msgid "Run the daemon, and set it to automatically start on boot." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:498 +msgid "If your host distro uses the systemd init system, this can be achieved with these commands:" +msgstr "" + +#. type: example +#: doc/guix.texi:510 +#, no-wrap +msgid "" +"# cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \\\n" +" /etc/systemd/system/\n" +"# systemctl start guix-daemon && systemctl enable guix-daemon\n" +msgstr "" + +#. type: itemize +#: doc/guix.texi:513 doc/guix.texi:7631 +msgid "If your host distro uses the Upstart init system:" +msgstr "" + +#. type: example +#: doc/guix.texi:518 +#, no-wrap +msgid "" +"# initctl reload-configuration\n" +"# cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf /etc/init/\n" +"# start guix-daemon\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:521 +msgid "Otherwise, you can still start the daemon manually with:" +msgstr "" + +#. type: example +#: doc/guix.texi:524 +#, no-wrap +msgid "# ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:529 +msgid "Make the @command{guix} command available to other users on the machine, for instance with:" +msgstr "" + +#. type: example +#: doc/guix.texi:534 +#, no-wrap +msgid "" +"# mkdir -p /usr/local/bin\n" +"# cd /usr/local/bin\n" +"# ln -s /var/guix/profiles/per-user/root/guix-profile/bin/guix\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:538 +msgid "It is also a good idea to make the Info version of this manual available there:" +msgstr "" + +#. type: example +#: doc/guix.texi:544 +#, no-wrap +msgid "" +"# mkdir -p /usr/local/share/info\n" +"# cd /usr/local/share/info\n" +"# for i in /var/guix/profiles/per-user/root/guix-profile/share/info/* ;\n" +" do ln -s $i ; done\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:550 +msgid "" +"That way, assuming @file{/usr/local/share/info} is in the search path, running @command{info guix} will open this manual " +"(@pxref{Other Info Directories,,, texinfo, GNU Texinfo}, for more details on changing the Info search path.)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:552 doc/guix.texi:2304 doc/guix.texi:10190 +#, no-wrap +msgid "substitutes, authorization thereof" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:555 +msgid "To use substitutes from @code{hydra.gnu.org} or one of its mirrors (@pxref{Substitutes}), authorize them:" +msgstr "Pour utiliser les substituts de @code{hydra.gnu.org} ou l'un de ses mirroirs (@pxref{Substituts}), autorisez-les :" + +#. type: example +#: doc/guix.texi:558 +#, no-wrap +msgid "# guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:563 +msgid "Each user may need to perform a few additional steps to make their Guix environment ready for use, @pxref{Application Setup}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:566 +msgid "Voilà, the installation is complete!" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:569 +msgid "You can confirm that Guix is working by installing a sample package into the root profile:" +msgstr "" + +#. type: example +#: doc/guix.texi:572 +#, no-wrap +msgid "# guix package -i hello\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:579 +msgid "" +"The @code{guix} package must remain available in @code{root}'s profile, or it would become subject to garbage collection---in which " +"case you would find yourself badly handicapped by the lack of the @command{guix} command. In other words, do not remove @code{guix} " +"by running @code{guix package -r guix}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:582 +msgid "" +"The binary installation tarball can be (re)produced and verified simply by running the following command in the Guix source tree:" +msgstr "" + +#. type: example +#: doc/guix.texi:585 +#, no-wrap +msgid "make guix-binary.@var{system}.tar.xz\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:589 +msgid "... which, in turn, runs:" +msgstr "" + +#. type: example +#: doc/guix.texi:592 +#, no-wrap +msgid "guix pack -s @var{system} --localstatedir guix\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:595 +msgid "@xref{Invoking guix pack}, for more info on this handy tool." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:603 +msgid "" +"This section lists requirements when building Guix from source. The build procedure for Guix is the same as for other GNU software, " +"and is not covered here. Please see the files @file{README} and @file{INSTALL} in the Guix source tree for additional details." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:605 +msgid "GNU Guix depends on the following packages:" +msgstr "" + +#. type: item +#: doc/guix.texi:607 +#, no-wrap +msgid "@url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.13 or" +msgstr "" + +#. type: itemize +#: doc/guix.texi:609 +msgid "later, including 2.2.x;" +msgstr "" + +#. type: item +#: doc/guix.texi:609 +#, no-wrap +msgid "@url{http://gnupg.org/, GNU libgcrypt};" +msgstr "" + +#. type: itemize +#: doc/guix.texi:614 +msgid "" +"@uref{http://gnutls.org/, GnuTLS}, specifically its Guile bindings (@pxref{Guile Preparations, how to install the GnuTLS bindings " +"for Guile,, gnutls-guile, GnuTLS-Guile});" +msgstr "" + +#. type: itemize +#: doc/guix.texi:618 +msgid "@uref{https://gitlab.com/guile-git/guile-git, Guile-Git}, from August 2017 or later;" +msgstr "" + +#. type: item +#: doc/guix.texi:618 +#, no-wrap +msgid "@url{http://zlib.net, zlib};" +msgstr "" + +#. type: item +#: doc/guix.texi:619 +#, no-wrap +msgid "@url{http://www.gnu.org/software/make/, GNU Make}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:623 +msgid "The following dependencies are optional:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:631 +msgid "" +"Installing @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will allow you to use the @command{guix import pypi} " +"command (@pxref{Invoking guix import}). It is of interest primarily for developers and not for casual users." +msgstr "" + +#. type: itemize +#: doc/guix.texi:638 +msgid "" +"Support for build offloading (@pxref{Daemon Offload Setup}) and @command{guix copy} (@pxref{Invoking guix copy}) depends on " +"@uref{https://github.com/artyom-poptsov/guile-ssh, Guile-SSH}, version 0.10.2 or later." +msgstr "" + +#. type: itemize +#: doc/guix.texi:642 +msgid "When @url{http://www.bzip.org, libbz2} is available, @command{guix-daemon} can use it to compress build logs." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:646 +msgid "Unless @code{--disable-daemon} was passed to @command{configure}, the following packages are also needed:" +msgstr "" + +#. type: item +#: doc/guix.texi:648 +#, no-wrap +msgid "@url{http://sqlite.org, SQLite 3};" +msgstr "" + +#. type: item +#: doc/guix.texi:649 +#, no-wrap +msgid "@url{http://gcc.gnu.org, GCC's g++}, with support for the" +msgstr "" + +#. type: itemize +#: doc/guix.texi:651 +msgid "C++11 standard." +msgstr "" + +#. type: cindex +#: doc/guix.texi:653 +#, no-wrap +msgid "state directory" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:661 +msgid "" +"When configuring Guix on a system that already has a Guix installation, be sure to specify the same state directory as the existing " +"installation using the @code{--localstatedir} option of the @command{configure} script (@pxref{Directory Variables, " +"@code{localstatedir},, standards, GNU Coding Standards}). The @command{configure} script protects against unintended " +"misconfiguration of @var{localstatedir} so you do not inadvertently corrupt your store (@pxref{The Store})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:662 +#, no-wrap +msgid "Nix, compatibility" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:667 +msgid "" +"When a working installation of @url{http://nixos.org/nix/, the Nix package manager} is available, you can instead configure Guix " +"with @code{--disable-daemon}. In that case, Nix replaces the three dependencies above." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:677 +msgid "" +"Guix is compatible with Nix, so it is possible to share the same store between both. To do so, you must pass @command{configure} " +"not only the same @code{--with-store-dir} value, but also the same @code{--localstatedir} value. The latter is essential because it " +"specifies where the database that stores metadata about the store is located, among other things. The default values for Nix are " +"@code{--with-store-dir=/nix/store} and @code{--localstatedir=/nix/var}. Note that @code{--disable-daemon} is not required if your " +"goal is to share the store with Nix." +msgstr "" + +#. type: cindex +#: doc/guix.texi:681 +#, no-wrap +msgid "test suite" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:687 +msgid "" +"After a successful @command{configure} and @code{make} run, it is a good idea to run the test suite. It can help catch issues with " +"the setup or environment, or bugs in Guix itself---and really, reporting test failures is a good way to help improve the software. " +"To run the test suite, type:" +msgstr "" + +#. type: example +#: doc/guix.texi:690 +#, no-wrap +msgid "make check\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:697 +msgid "" +"Test cases can run in parallel: you can use the @code{-j} option of GNU@tie{}make to speed things up. The first run may take a few " +"minutes on a recent machine; subsequent runs will be faster because the store that is created for test purposes will already have " +"various things in cache." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:700 +msgid "It is also possible to run a subset of the tests by defining the @code{TESTS} makefile variable as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:703 +#, no-wrap +msgid "make check TESTS=\"tests/store.scm tests/cpio.scm\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:708 +msgid "" +"By default, tests results are displayed at a file level. In order to see the details of every individual test cases, it is possible " +"to define the @code{SCM_LOG_DRIVER_FLAGS} makefile variable as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:711 +#, no-wrap +msgid "make check TESTS=\"tests/base64.scm\" SCM_LOG_DRIVER_FLAGS=\"--brief=no\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:717 +msgid "" +"Upon failure, please email @email{bug-guix@@gnu.org} and attach the @file{test-suite.log} file. Please specify the Guix version " +"being used as well as version numbers of the dependencies (@pxref{Requirements}) in your message." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:721 +msgid "" +"Guix also comes with a whole-system test suite that tests complete GuixSD operating system instances. It can only run on systems " +"where Guix is already installed, using:" +msgstr "" + +#. type: example +#: doc/guix.texi:724 +#, no-wrap +msgid "make check-system\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:728 +msgid "or, again, by defining @code{TESTS} to select a subset of tests to run:" +msgstr "" + +#. type: example +#: doc/guix.texi:731 +#, no-wrap +msgid "make check-system TESTS=\"basic mcron\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:739 +msgid "" +"These system tests are defined in the @code{(gnu tests @dots{})} modules. They work by running the operating systems under test " +"with lightweight instrumentation in a virtual machine (VM). They can be computationally intensive or rather cheap, depending on " +"whether substitutes are available for their dependencies (@pxref{Substitutes}). Some of them require a lot of storage space to hold " +"VM images." +msgstr "" +"Ces tests systèmes sont définis dans les modules @code{(gnu tests @dots{})}. Ils fonctionnent en lançant les systèmes d'exploitation " +"sous test avec une instrumentation légère dans une machine virtuelle (VM). Ils peuvent être intenses en terme de calculs ou plutôt " +"rapides en fonction de la disponibilité des substituts de leurs dépendances (@pxref{Substituts}). Certains requièrent beaucoup " +"d'espace disque pour contenir les images des VM." + +#. type: Plain text +#: doc/guix.texi:742 +msgid "Again in case of test failures, please send @email{bug-guix@@gnu.org} all the details." +msgstr "" + +#. type: cindex +#: doc/guix.texi:746 +#, no-wrap +msgid "daemon" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:754 +msgid "" +"Operations such as building a package or running the garbage collector are all performed by a specialized process, the @dfn{build " +"daemon}, on behalf of clients. Only the daemon may access the store and its associated database. Thus, any operation that " +"manipulates the store goes through the daemon. For instance, command-line tools such as @command{guix package} and @command{guix " +"build} communicate with the daemon (@i{via} remote procedure calls) to instruct it what to do." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:758 +msgid "" +"The following sections explain how to prepare the build daemon's environment. See also @ref{Substitutes}, for information on how to " +"allow the daemon to download pre-built binaries." +msgstr "" +"Les sections suivantes expliquent comment préparer l'environnement du démon de construction. Voir aussi @ref{Substituts} pour " +"apprendre comment permettre le téléchargement de binaires pré-construits." + +#. type: cindex +#: doc/guix.texi:768 doc/guix.texi:1193 +#, no-wrap +msgid "build environment" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:776 +msgid "" +"In a standard multi-user setup, Guix and its daemon---the @command{guix-daemon} program---are installed by the system administrator; " +"@file{/gnu/store} is owned by @code{root} and @command{guix-daemon} runs as @code{root}. Unprivileged users may use Guix tools to " +"build packages or otherwise access the store, and the daemon will do it on their behalf, ensuring that the store is kept in a " +"consistent state, and allowing built packages to be shared among users." +msgstr "" + +#. type: cindex +#: doc/guix.texi:777 +#, no-wrap +msgid "build users" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:788 +msgid "" +"When @command{guix-daemon} runs as @code{root}, you may not want package build processes themselves to run as @code{root} too, for " +"obvious security reasons. To avoid that, a special pool of @dfn{build users} should be created for use by build processes started " +"by the daemon. These build users need not have a shell and a home directory: they will just be used when the daemon drops " +"@code{root} privileges in build processes. Having several such users allows the daemon to launch distinct build processes under " +"separate UIDs, which guarantees that they do not interfere with each other---an essential feature since builds are regarded as pure " +"functions (@pxref{Introduction})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:791 +msgid "On a GNU/Linux system, a build user pool may be created like this (using Bash syntax and the @code{shadow} commands):" +msgstr "" + +#. type: example +#: doc/guix.texi:803 +#, no-wrap +msgid "" +"# groupadd --system guixbuild\n" +"# for i in `seq -w 1 10`;\n" +" do\n" +" useradd -g guixbuild -G guixbuild \\\n" +" -d /var/empty -s `which nologin` \\\n" +" -c \"Guix build user $i\" --system \\\n" +" guixbuilder$i;\n" +" done\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:813 +msgid "" +"The number of build users determines how many build jobs may run in parallel, as specified by the @option{--max-jobs} option " +"(@pxref{Invoking guix-daemon, @option{--max-jobs}}). To use @command{guix system vm} and related commands, you may need to add the " +"build users to the @code{kvm} group so they can access @file{/dev/kvm}, using @code{-G guixbuild,kvm} instead of @code{-G guixbuild} " +"(@pxref{Invoking guix system})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:822 +msgid "" +"The @code{guix-daemon} program may then be run as @code{root} with the following command@footnote{If your machine uses the systemd " +"init system, dropping the @file{@var{prefix}/lib/systemd/system/guix-daemon.service} file in @file{/etc/systemd/system} will ensure " +"that @command{guix-daemon} is automatically started. Similarly, if your machine uses the Upstart init system, drop the " +"@file{@var{prefix}/lib/upstart/system/guix-daemon.conf} file in @file{/etc/init}.}:" +msgstr "" + +#. type: example +#: doc/guix.texi:825 doc/guix.texi:1186 +#, no-wrap +msgid "# guix-daemon --build-users-group=guixbuild\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:827 doc/guix.texi:1191 +#, no-wrap +msgid "chroot" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:832 +msgid "" +"This way, the daemon starts build processes in a chroot, under one of the @code{guixbuilder} users. On GNU/Linux, by default, the " +"chroot environment contains nothing but:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:840 +msgid "" +"a minimal @code{/dev} directory, created mostly independently from the host @code{/dev}@footnote{``Mostly'', because while the set " +"of files that appear in the chroot's @code{/dev} is fixed, most of these files can only be created if the host has them.};" +msgstr "" + +#. type: itemize +#: doc/guix.texi:844 +msgid "the @code{/proc} directory; it only shows the processes of the container since a separate PID name space is used;" +msgstr "" + +#. type: itemize +#: doc/guix.texi:848 +msgid "@file{/etc/passwd} with an entry for the current user and an entry for user @file{nobody};" +msgstr "" + +#. type: itemize +#: doc/guix.texi:851 +msgid "@file{/etc/group} with an entry for the user's group;" +msgstr "" + +#. type: itemize +#: doc/guix.texi:855 +msgid "@file{/etc/hosts} with an entry that maps @code{localhost} to @code{127.0.0.1};" +msgstr "" + +#. type: itemize +#: doc/guix.texi:858 +msgid "a writable @file{/tmp} directory." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:867 +msgid "" +"You can influence the directory where the daemon stores build trees @i{via} the @code{TMPDIR} environment variable. However, the " +"build tree within the chroot is always called @file{/tmp/guix-build-@var{name}.drv-0}, where @var{name} is the derivation name---e." +"g., @code{coreutils-8.24}. This way, the value of @code{TMPDIR} does not leak inside build environments, which avoids discrepancies " +"in cases where build processes capture the name of their build tree." +msgstr "" + +#. type: vindex +#: doc/guix.texi:868 doc/guix.texi:2411 +#, no-wrap +msgid "http_proxy" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:872 +msgid "" +"The daemon also honors the @code{http_proxy} environment variable for HTTP downloads it performs, be it for fixed-output derivations " +"(@pxref{Derivations}) or for substitutes (@pxref{Substitutes})." +msgstr "" +"Le démon tient aussi compte de la variable d'environnement @code{http_proxy} pour ses téléchargements HTTP, que ce soit pour les " +"dérivations à sortie fixes (@pxref{Derivations}) ou pour les substituts (@pxref{Substituts})." + +#. type: Plain text +#: doc/guix.texi:880 +msgid "" +"If you are installing Guix as an unprivileged user, it is still possible to run @command{guix-daemon} provided you pass @code{--" +"disable-chroot}. However, build processes will not be isolated from one another, and not from the rest of the system. Thus, build " +"processes may interfere with each other, and may access programs, libraries, and other files available on the system---making it " +"much harder to view them as @emph{pure} functions." +msgstr "" + +#. type: subsection +#: doc/guix.texi:883 +#, no-wrap +msgid "Using the Offload Facility" +msgstr "" + +#. type: cindex +#: doc/guix.texi:885 +#, no-wrap +msgid "offloading" +msgstr "" + +#. type: cindex +#: doc/guix.texi:886 doc/guix.texi:1247 +#, no-wrap +msgid "build hook" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:900 +msgid "" +"When desired, the build daemon can @dfn{offload} derivation builds to other machines running Guix, using the @code{offload} " +"@dfn{build hook}@footnote{This feature is available only when @uref{https://github.com/artyom-poptsov/guile-ssh, Guile-SSH} is " +"present.}. When that feature is enabled, a list of user-specified build machines is read from @file{/etc/guix/machines.scm}; every " +"time a build is requested, for instance via @code{guix build}, the daemon attempts to offload it to one of the machines that satisfy " +"the constraints of the derivation, in particular its system type---e.g., @file{x86_64-linux}. Missing prerequisites for the build " +"are copied over SSH to the target machine, which then proceeds with the build; upon success the output(s) of the build are copied " +"back to the initial machine." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:902 +msgid "The @file{/etc/guix/machines.scm} file typically looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:910 +#, no-wrap +msgid "" +"(list (build-machine\n" +" (name \"eightysix.example.org\")\n" +" (system \"x86_64-linux\")\n" +" (host-key \"ssh-ed25519 AAAAC3Nza@dots{}\")\n" +" (user \"bob\")\n" +" (speed 2.)) ;incredibly fast!\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:919 +#, no-wrap +msgid "" +" (build-machine\n" +" (name \"meeps.example.org\")\n" +" (system \"mips64el-linux\")\n" +" (host-key \"ssh-rsa AAAAB3Nza@dots{}\")\n" +" (user \"alice\")\n" +" (private-key\n" +" (string-append (getenv \"HOME\")\n" +" \"/.ssh/identity-for-guix\"))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:925 +msgid "" +"In the example above we specify a list of two build machines, one for the @code{x86_64} architecture and one for the @code{mips64el} " +"architecture." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:934 +msgid "" +"In fact, this file is---not surprisingly!---a Scheme file that is evaluated when the @code{offload} hook is started. Its return " +"value must be a list of @code{build-machine} objects. While this example shows a fixed list of build machines, one could imagine, " +"say, using DNS-SD to return a list of potential build machines discovered in the local network (@pxref{Introduction, Guile-Avahi,, " +"guile-avahi, Using Avahi in Guile Scheme Programs}). The @code{build-machine} data type is detailed below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:935 +#, no-wrap +msgid "{Data Type} build-machine" +msgstr "" + +#. type: deftp +#: doc/guix.texi:938 +msgid "This data type represents build machines to which the daemon may offload builds. The important fields are:" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:941 doc/guix.texi:3402 doc/guix.texi:9402 doc/guix.texi:9466 doc/guix.texi:9561 doc/guix.texi:10951 +#: doc/guix.texi:14988 doc/guix.texi:15221 doc/guix.texi:15354 doc/guix.texi:15628 doc/guix.texi:15669 doc/guix.texi:19601 +#: doc/guix.texi:19618 doc/guix.texi:19884 doc/guix.texi:21092 +#, no-wrap +msgid "name" +msgstr "" + +#. type: table +#: doc/guix.texi:943 +msgid "The host name of the remote machine." +msgstr "" + +#. type: item +#: doc/guix.texi:944 +#, no-wrap +msgid "system" +msgstr "" + +#. type: table +#: doc/guix.texi:946 +msgid "The system type of the remote machine---e.g., @code{\"x86_64-linux\"}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:947 doc/guix.texi:10961 +#, no-wrap +msgid "user" +msgstr "" + +#. type: table +#: doc/guix.texi:951 +msgid "" +"The user account to use when connecting to the remote machine over SSH. Note that the SSH key pair must @emph{not} be passphrase-" +"protected, to allow non-interactive logins." +msgstr "" + +#. type: item +#: doc/guix.texi:952 +#, no-wrap +msgid "host-key" +msgstr "" + +#. type: table +#: doc/guix.texi:956 +msgid "" +"This must be the machine's SSH @dfn{public host key} in OpenSSH format. This is used to authenticate the machine when we connect to " +"it. It is a long string that looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:959 +#, no-wrap +msgid "ssh-ed25519 AAAAC3NzaC@dots{}mde+UhL hint@@example.org\n" +msgstr "" + +#. type: table +#: doc/guix.texi:964 +msgid "" +"If the machine is running the OpenSSH daemon, @command{sshd}, the host key can be found in a file such as @file{/etc/ssh/" +"ssh_host_ed25519_key.pub}." +msgstr "" + +#. type: table +#: doc/guix.texi:969 +msgid "" +"If the machine is running the SSH daemon of GNU@tie{}lsh, @command{lshd}, the host key is in @file{/etc/lsh/host-key.pub} or a " +"similar file. It can be converted to the OpenSSH format using @command{lsh-export-key} (@pxref{Converting keys,,, lsh, LSH Manual}):" +msgstr "" + +#. type: example +#: doc/guix.texi:973 +#, no-wrap +msgid "" +"$ lsh-export-key --openssh < /etc/lsh/host-key.pub \n" +"ssh-rsa AAAAB3NzaC1yc2EAAAAEOp8FoQAAAQEAs1eB46LV@dots{}\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:978 +msgid "A number of optional fields may be specified:" +msgstr "" + +#. type: item +#: doc/guix.texi:981 +#, no-wrap +msgid "@code{port} (default: @code{22})" +msgstr "" + +#. type: table +#: doc/guix.texi:983 +msgid "Port number of SSH server on the machine." +msgstr "" + +#. type: item +#: doc/guix.texi:984 +#, no-wrap +msgid "@code{private-key} (default: @file{~root/.ssh/id_rsa})" +msgstr "" + +#. type: table +#: doc/guix.texi:987 +msgid "The SSH private key file to use when connecting to the machine, in OpenSSH format." +msgstr "" + +#. type: table +#: doc/guix.texi:990 +msgid "Note that the default value is the private key @emph{of the root account}. Make sure it exists if you use the default." +msgstr "" + +#. type: item +#: doc/guix.texi:991 +#, no-wrap +msgid "@code{compression} (default: @code{\"zlib@@openssh.com,zlib\"})" +msgstr "" + +#. type: item +#: doc/guix.texi:992 doc/guix.texi:10418 +#, no-wrap +msgid "@code{compression-level} (default: @code{3})" +msgstr "" + +#. type: table +#: doc/guix.texi:994 +msgid "The SSH-level compression methods and compression level requested." +msgstr "" + +#. type: table +#: doc/guix.texi:997 +msgid "Note that offloading relies on SSH compression to reduce bandwidth usage when transferring files to and from build machines." +msgstr "" + +#. type: item +#: doc/guix.texi:998 +#, no-wrap +msgid "@code{daemon-socket} (default: @code{\"/var/guix/daemon-socket/socket\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:1001 +msgid "File name of the Unix-domain socket @command{guix-daemon} is listening to on that machine." +msgstr "" + +#. type: item +#: doc/guix.texi:1002 +#, no-wrap +msgid "@code{parallel-builds} (default: @code{1})" +msgstr "" + +#. type: table +#: doc/guix.texi:1004 +msgid "The number of builds that may run in parallel on the machine." +msgstr "" + +#. type: item +#: doc/guix.texi:1005 +#, no-wrap +msgid "@code{speed} (default: @code{1.0})" +msgstr "" + +#. type: table +#: doc/guix.texi:1008 +msgid "A ``relative speed factor''. The offload scheduler will tend to prefer machines with a higher speed factor." +msgstr "" + +#. type: item +#: doc/guix.texi:1009 +#, no-wrap +msgid "@code{features} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:1014 +msgid "" +"A list of strings denoting specific features supported by the machine. An example is @code{\"kvm\"} for machines that have the KVM " +"Linux modules and corresponding hardware support. Derivations can request features by name, and they will be scheduled on matching " +"build machines." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1022 +msgid "" +"The @code{guile} command must be in the search path on the build machines. In addition, the Guix modules must be in " +"@code{$GUILE_LOAD_PATH} on the build machine---you can check whether this is the case by running:" +msgstr "" + +#. type: example +#: doc/guix.texi:1025 +#, no-wrap +msgid "ssh build-machine guile -c \"'(use-modules (guix config))'\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1032 +msgid "" +"There is one last thing to do once @file{machines.scm} is in place. As explained above, when offloading, files are transferred back " +"and forth between the machine stores. For this to work, you first need to generate a key pair on each machine to allow the daemon " +"to export signed archives of files from the store (@pxref{Invoking guix archive}):" +msgstr "" + +#. type: example +#: doc/guix.texi:1035 +#, no-wrap +msgid "# guix archive --generate-key\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1040 +msgid "Each build machine must authorize the key of the master machine so that it accepts store items it receives from the master:" +msgstr "" + +#. type: example +#: doc/guix.texi:1043 +#, no-wrap +msgid "# guix archive --authorize < master-public-key.txt\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1047 +msgid "Likewise, the master machine must authorize the key of each build machine." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1053 +msgid "" +"All the fuss with keys is here to express pairwise mutual trust relations between the master and the build machines. Concretely, " +"when the master receives files from a build machine (and @i{vice versa}), its build daemon can make sure they are genuine, have not " +"been tampered with, and that they are signed by an authorized key." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1054 +#, no-wrap +msgid "offload test" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1057 +msgid "To test whether your setup is operational, run this command on the master node:" +msgstr "" + +#. type: example +#: doc/guix.texi:1060 +#, no-wrap +msgid "# guix offload test\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1066 +msgid "" +"This will attempt to connect to each of the build machines specified in @file{/etc/guix/machines.scm}, make sure Guile and the Guix " +"modules are available on each machine, attempt to export to the machine and import from it, and report any error in the process." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1069 +msgid "If you want to test a different machine file, just specify it on the command line:" +msgstr "" + +#. type: example +#: doc/guix.texi:1072 +#, no-wrap +msgid "# guix offload test machines-qualif.scm\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1076 +msgid "Last, you can test the subset of the machines whose name matches a regular expression like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:1079 +#, no-wrap +msgid "# guix offload test machines.scm '\\.gnu\\.org$'\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1081 +#, no-wrap +msgid "offload status" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1084 +msgid "To display the current load of all build hosts, run this command on the main node:" +msgstr "" + +#. type: example +#: doc/guix.texi:1087 +#, no-wrap +msgid "# guix offload status\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1093 +#, no-wrap +msgid "SELinux, daemon policy" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1094 +#, no-wrap +msgid "mandatory access control, SELinux" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1095 +#, no-wrap +msgid "security, guix-daemon" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1101 +msgid "" +"Guix includes an SELinux policy file at @file{etc/guix-daemon.cil} that can be installed on a system where SELinux is enabled, in " +"order to label Guix files and to specify the expected behavior of the daemon. Since GuixSD does not provide an SELinux base policy, " +"the daemon policy cannot be used on GuixSD." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:1102 +#, no-wrap +msgid "Installing the SELinux policy" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1103 +#, no-wrap +msgid "SELinux, policy installation" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1105 +msgid "To install the policy run this command as root:" +msgstr "" + +#. type: example +#: doc/guix.texi:1108 +#, no-wrap +msgid "semodule -i etc/guix-daemon.cil\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1112 +msgid "Then relabel the file system with @code{restorecon} or by a different mechanism provided by your system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1117 +msgid "" +"Once the policy is installed, the file system has been relabeled, and the daemon has been restarted, it should be running in the " +"@code{guix_daemon_t} context. You can confirm this with the following command:" +msgstr "" + +#. type: example +#: doc/guix.texi:1120 +#, no-wrap +msgid "ps -Zax | grep guix-daemon\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1125 +msgid "" +"Monitor the SELinux log files as you run a command like @code{guix build hello} to convince yourself that SELinux permits all " +"necessary operations." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1127 +#, no-wrap +msgid "SELinux, limitations" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1132 +msgid "" +"This policy is not perfect. Here is a list of limitations or quirks that should be considered when deploying the provided SELinux " +"policy for the Guix daemon." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1139 +msgid "" +"@code{guix_daemon_socket_t} isn’t actually used. None of the socket operations involve contexts that have anything to do with " +"@code{guix_daemon_socket_t}. It doesn’t hurt to have this unused label, but it would be preferrable to define socket rules for only " +"this label." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1150 +msgid "" +"@code{guix gc} cannot access arbitrary links to profiles. By design, the file label of the destination of a symlink is independent " +"of the file label of the link itself. Although all profiles under $localstatedir are labelled, the links to these profiles inherit " +"the label of the directory they are in. For links in the user’s home directory this will be @code{user_home_t}. But for links from " +"the root user’s home directory, or @file{/tmp}, or the HTTP server’s working directory, etc, this won’t work. @code{guix gc} would " +"be prevented from reading and following these links." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1155 +msgid "" +"The daemon’s feature to listen for TCP connections might no longer work. This might require extra rules, because SELinux treats " +"network sockets differently from files." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1166 +msgid "" +"Currently all files with a name matching the regular expression @code{/gnu/store/.+-(guix-.+|profile)/bin/guix-daemon} are assigned " +"the label @code{guix_daemon_exec_t}; this means that @emph{any} file with that name in any profile would be permitted to run in the " +"@code{guix_daemon_t} domain. This is not ideal. An attacker could build a package that provides this executable and convince a " +"user to install and run it, which lifts it into the @code{guix_daemon_t} domain. At that point SELinux could not prevent it from " +"accessing files that are allowed for processes in that domain." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1174 +msgid "" +"We could generate a much more restrictive policy at installation time, so that only the @emph{exact} file name of the currently " +"installed @code{guix-daemon} executable would be labelled with @code{guix_daemon_exec_t}, instead of using a broad regular " +"expression. The downside is that root would have to install or upgrade the policy at installation time whenever the Guix package " +"that provides the effectively running @code{guix-daemon} executable is upgraded." +msgstr "" + +#. type: section +#: doc/guix.texi:1177 +#, no-wrap +msgid "Invoking @command{guix-daemon}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1183 +msgid "" +"The @command{guix-daemon} program implements all the functionality to access the store. This includes launching build processes, " +"running the garbage collector, querying the availability of a build result, etc. It is normally run as @code{root} like this:" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1190 +msgid "For details on how to set it up, @pxref{Setting Up the Daemon}." +msgstr "Pour des détails sur son paramétrage, @pxref{Paramétrer le démon}." + +#. type: cindex +#: doc/guix.texi:1192 +#, no-wrap +msgid "container, build environment" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1194 doc/guix.texi:1732 doc/guix.texi:2392 doc/guix.texi:7644 +#, no-wrap +msgid "reproducible builds" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1206 +msgid "" +"By default, @command{guix-daemon} launches build processes under different UIDs, taken from the build group specified with @code{--" +"build-users-group}. In addition, each build process is run in a chroot environment that only contains the subset of the store that " +"the build process depends on, as specified by its derivation (@pxref{Programming Interface, derivation}), plus a set of specific " +"system directories. By default, the latter contains @file{/dev} and @file{/dev/pts}. Furthermore, on GNU/Linux, the build " +"environment is a @dfn{container}: in addition to having its own file system tree, it has a separate mount name space, its own PID " +"name space, network name space, etc. This helps achieve reproducible builds (@pxref{Features})." +msgstr "" +"Par défaut, @command{guix-daemon} lance les processus de construction sous différents UID récupérés depuis le groupe de construction " +"spécifié avec @code{--build-users-group}. En plus, chaque processus de construction est lancé dans un environnement chroot qui ne " +"contient que le sous-ensemble du dépôt dont le processus de construction dépend, tel que spécifié par sa dérivation " +"(@pxref{Interface de programmation, dérivation}), plus un ensemble de répertoires systèmes spécifiques. Par défaut ce dernier " +"contient @file{/dev} et @file{/dev/pts}. De plus, sous GNU/Linux, l'environnement de construction est un @dfn{conteneur} : en plus " +"d'avoir sa propre arborescence du système de fichier, elle a un espace de montage séparé, son propre espace de PID, son espace de " +"réseau, etc. Cela aide à obtenir des constructions reproductibles (@pxref{Fonctionnalités})." + +#. type: Plain text +#: doc/guix.texi:1215 +msgid "" +"When the daemon performs a build on behalf of the user, it creates a build directory under @file{/tmp} or under the directory " +"specified by its @code{TMPDIR} environment variable; this directory is shared with the container for the duration of the build. Be " +"aware that using a directory other than @file{/tmp} can affect build results---for example, with a longer directory name, a build " +"process that uses Unix-domain sockets might hit the name length limitation for @code{sun_path}, which it would otherwise not hit." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1219 +msgid "" +"The build directory is automatically deleted upon completion, unless the build failed and the client specified @option{--keep-" +"failed} (@pxref{Invoking guix build, @option{--keep-failed}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1221 +msgid "The following command-line options are supported:" +msgstr "" + +#. type: item +#: doc/guix.texi:1223 +#, no-wrap +msgid "--build-users-group=@var{group}" +msgstr "" + +#. type: table +#: doc/guix.texi:1226 +msgid "Take users from @var{group} to run build processes (@pxref{Setting Up the Daemon, build users})." +msgstr "" +"Prend les utilisateurs de @var{group} pour lancer les processus de construction (@pxref{Paramétrer le démon, utilisateurs de " +"construction})." + +#. type: item +#: doc/guix.texi:1227 doc/guix.texi:5494 +#, no-wrap +msgid "--no-substitutes" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1228 doc/guix.texi:1744 doc/guix.texi:2248 +#, no-wrap +msgid "substitutes" +msgstr "" + +#. type: table +#: doc/guix.texi:1232 doc/guix.texi:5498 +msgid "" +"Do not use substitutes for build products. That is, always build things locally instead of allowing downloads of pre-built binaries " +"(@pxref{Substitutes})." +msgstr "" +"Ne pas utiliser de substitut pour les résultats de la construction. C'est-à-dire, toujours construire localement plutôt que de " +"permettre le téléchargement de binaires pré-construits (@pxref{Substituts})." + +#. type: table +#: doc/guix.texi:1236 +msgid "" +"When the daemon runs with @code{--no-substitutes}, clients can still explicitly enable substitution @i{via} the @code{set-build-" +"options} remote procedure call (@pxref{The Store})." +msgstr "" + +#. type: item +#: doc/guix.texi:1237 doc/guix.texi:5481 doc/guix.texi:6893 doc/guix.texi:7769 doc/guix.texi:7957 +#, no-wrap +msgid "--substitute-urls=@var{urls}" +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:1243 +msgid "daemon-substitute-urls" +msgstr "" + +#. type: table +#: doc/guix.texi:1243 +msgid "" +"Consider @var{urls} the default whitespace-separated list of substitute source URLs. When this option is omitted, " +"@indicateurl{https://mirror.hydra.gnu.org https://hydra.gnu.org} is used (@code{mirror.hydra.gnu.org} is a mirror of @code{hydra.gnu." +"org})." +msgstr "" + +#. type: table +#: doc/guix.texi:1246 +msgid "" +"This means that substitutes may be downloaded from @var{urls}, as long as they are signed by a trusted signature " +"(@pxref{Substitutes})." +msgstr "" +"Cela signifie que les substituts sont téléchargés depuis les @var{urls}, tant qu'ils sont signés par une signature de confiance " +"(@pxref{Substituts})." + +#. type: item +#: doc/guix.texi:1248 doc/guix.texi:5519 +#, no-wrap +msgid "--no-build-hook" +msgstr "" + +#. type: table +#: doc/guix.texi:1250 +msgid "Do not use the @dfn{build hook}." +msgstr "" + +#. type: table +#: doc/guix.texi:1254 +msgid "" +"The build hook is a helper program that the daemon can start and to which it submits build requests. This mechanism is used to " +"offload builds to other machines (@pxref{Daemon Offload Setup})." +msgstr "" + +#. type: item +#: doc/guix.texi:1255 +#, no-wrap +msgid "--cache-failures" +msgstr "" + +#. type: table +#: doc/guix.texi:1257 +msgid "Cache build failures. By default, only successful builds are cached." +msgstr "" + +#. type: table +#: doc/guix.texi:1262 +msgid "" +"When this option is used, @command{guix gc --list-failures} can be used to query the set of store items marked as failed; " +"@command{guix gc --clear-failures} removes store items from the set of cached failures. @xref{Invoking guix gc}." +msgstr "" + +#. type: item +#: doc/guix.texi:1263 doc/guix.texi:5543 +#, no-wrap +msgid "--cores=@var{n}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1264 doc/guix.texi:5544 +#, no-wrap +msgid "-c @var{n}" +msgstr "" + +#. type: table +#: doc/guix.texi:1267 +msgid "Use @var{n} CPU cores to build each derivation; @code{0} means as many as available." +msgstr "" + +#. type: table +#: doc/guix.texi:1271 +msgid "" +"The default value is @code{0}, but it may be overridden by clients, such as the @code{--cores} option of @command{guix build} " +"(@pxref{Invoking guix build})." +msgstr "" + +#. type: table +#: doc/guix.texi:1275 +msgid "" +"The effect is to define the @code{NIX_BUILD_CORES} environment variable in the build process, which can then use it to exploit " +"internal parallelism---for instance, by running @code{make -j$NIX_BUILD_CORES}." +msgstr "" + +#. type: item +#: doc/guix.texi:1276 doc/guix.texi:5548 +#, no-wrap +msgid "--max-jobs=@var{n}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1277 doc/guix.texi:5549 +#, no-wrap +msgid "-M @var{n}" +msgstr "" + +#. type: table +#: doc/guix.texi:1282 +msgid "" +"Allow at most @var{n} build jobs in parallel. The default value is @code{1}. Setting it to @code{0} means that no builds will be " +"performed locally; instead, the daemon will offload builds (@pxref{Daemon Offload Setup}), or simply fail." +msgstr "" + +#. type: item +#: doc/guix.texi:1283 doc/guix.texi:5524 +#, no-wrap +msgid "--max-silent-time=@var{seconds}" +msgstr "" + +#. type: table +#: doc/guix.texi:1286 doc/guix.texi:5527 +msgid "When the build or substitution process remains silent for more than @var{seconds}, terminate it and report a build failure." +msgstr "" + +#. type: table +#: doc/guix.texi:1288 doc/guix.texi:1297 +msgid "The default value is @code{0}, which disables the timeout." +msgstr "" + +#. type: table +#: doc/guix.texi:1291 +msgid "The value specified here can be overridden by clients (@pxref{Common Build Options, @code{--max-silent-time}})." +msgstr "" + +#. type: item +#: doc/guix.texi:1292 doc/guix.texi:5531 +#, no-wrap +msgid "--timeout=@var{seconds}" +msgstr "" + +#. type: table +#: doc/guix.texi:1295 doc/guix.texi:5534 +msgid "Likewise, when the build or substitution process lasts for more than @var{seconds}, terminate it and report a build failure." +msgstr "" + +#. type: table +#: doc/guix.texi:1300 +msgid "The value specified here can be overridden by clients (@pxref{Common Build Options, @code{--timeout}})." +msgstr "" + +#. type: item +#: doc/guix.texi:1301 +#, no-wrap +msgid "--rounds=@var{N}" +msgstr "" + +#. type: table +#: doc/guix.texi:1306 +msgid "" +"Build each derivation @var{n} times in a row, and raise an error if consecutive build results are not bit-for-bit identical. Note " +"that this setting can be overridden by clients such as @command{guix build} (@pxref{Invoking guix build})." +msgstr "" + +#. type: table +#: doc/guix.texi:1310 doc/guix.texi:5826 +msgid "" +"When used in conjunction with @option{--keep-failed}, the differing output is kept in the store, under @file{/gnu/store/@dots{}-" +"check}. This makes it easy to look for differences between the two results." +msgstr "" + +#. type: item +#: doc/guix.texi:1311 +#, no-wrap +msgid "--debug" +msgstr "" + +#. type: table +#: doc/guix.texi:1313 +msgid "Produce debugging output." +msgstr "" + +#. type: table +#: doc/guix.texi:1317 +msgid "" +"This is useful to debug daemon start-up issues, but then it may be overridden by clients, for example the @code{--verbosity} option " +"of @command{guix build} (@pxref{Invoking guix build})." +msgstr "" + +#. type: item +#: doc/guix.texi:1318 +#, no-wrap +msgid "--chroot-directory=@var{dir}" +msgstr "" + +#. type: table +#: doc/guix.texi:1320 +msgid "Add @var{dir} to the build chroot." +msgstr "" + +#. type: table +#: doc/guix.texi:1326 +msgid "" +"Doing this may change the result of build processes---for instance if they use optional dependencies found in @var{dir} when it is " +"available, and not otherwise. For that reason, it is not recommended to do so. Instead, make sure that each derivation declares " +"all the inputs that it needs." +msgstr "" + +#. type: item +#: doc/guix.texi:1327 +#, no-wrap +msgid "--disable-chroot" +msgstr "" + +#. type: table +#: doc/guix.texi:1329 +msgid "Disable chroot builds." +msgstr "" + +#. type: table +#: doc/guix.texi:1334 +msgid "" +"Using this option is not recommended since, again, it would allow build processes to gain access to undeclared dependencies. It is " +"necessary, though, when @command{guix-daemon} is running under an unprivileged user account." +msgstr "" + +#. type: item +#: doc/guix.texi:1335 +#, no-wrap +msgid "--log-compression=@var{type}" +msgstr "" + +#. type: table +#: doc/guix.texi:1338 +msgid "Compress build logs according to @var{type}, one of @code{gzip}, @code{bzip2}, or @code{none}." +msgstr "" + +#. type: table +#: doc/guix.texi:1342 +msgid "" +"Unless @code{--lose-logs} is used, all the build logs are kept in the @var{localstatedir}. To save space, the daemon automatically " +"compresses them with bzip2 by default." +msgstr "" + +#. type: item +#: doc/guix.texi:1343 +#, no-wrap +msgid "--disable-deduplication" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1344 doc/guix.texi:2708 +#, no-wrap +msgid "deduplication" +msgstr "" + +#. type: table +#: doc/guix.texi:1346 +msgid "Disable automatic file ``deduplication'' in the store." +msgstr "" + +#. type: table +#: doc/guix.texi:1353 +msgid "" +"By default, files added to the store are automatically ``deduplicated'': if a newly added file is identical to another one found in " +"the store, the daemon makes the new file a hard link to the other file. This can noticeably reduce disk usage, at the expense of " +"slightly increased input/output load at the end of a build process. This option disables this optimization." +msgstr "" + +#. type: item +#: doc/guix.texi:1354 +#, no-wrap +msgid "--gc-keep-outputs[=yes|no]" +msgstr "" + +#. type: table +#: doc/guix.texi:1357 +msgid "Tell whether the garbage collector (GC) must keep outputs of live derivations." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1358 doc/guix.texi:2543 +#, no-wrap +msgid "GC roots" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1359 doc/guix.texi:2544 +#, no-wrap +msgid "garbage collector roots" +msgstr "" + +#. type: table +#: doc/guix.texi:1364 +msgid "" +"When set to ``yes'', the GC will keep the outputs of any live derivation available in the store---the @code{.drv} files. The " +"default is ``no'', meaning that derivation outputs are kept only if they are GC roots. @xref{Invoking guix gc}, for more on GC " +"roots." +msgstr "" + +#. type: item +#: doc/guix.texi:1365 +#, no-wrap +msgid "--gc-keep-derivations[=yes|no]" +msgstr "" + +#. type: table +#: doc/guix.texi:1368 +msgid "Tell whether the garbage collector (GC) must keep derivations corresponding to live outputs." +msgstr "" + +#. type: table +#: doc/guix.texi:1373 +msgid "" +"When set to ``yes'', as is the case by default, the GC keeps derivations---i.e., @code{.drv} files---as long as at least one of " +"their outputs is live. This allows users to keep track of the origins of items in their store. Setting it to ``no'' saves a bit of " +"disk space." +msgstr "" + +#. type: table +#: doc/guix.texi:1380 +msgid "" +"Note that when both @code{--gc-keep-derivations} and @code{--gc-keep-outputs} are used, the effect is to keep all the build " +"prerequisites (the sources, compiler, libraries, and other build-time tools) of live objects in the store, regardless of whether " +"these prerequisites are live. This is convenient for developers since it saves rebuilds or downloads." +msgstr "" + +#. type: item +#: doc/guix.texi:1381 +#, no-wrap +msgid "--impersonate-linux-2.6" +msgstr "" + +#. type: table +#: doc/guix.texi:1384 +msgid "" +"On Linux-based systems, impersonate Linux 2.6. This means that the kernel's @code{uname} system call will report 2.6 as the release " +"number." +msgstr "" + +#. type: table +#: doc/guix.texi:1387 +msgid "This might be helpful to build programs that (usually wrongfully) depend on the kernel version number." +msgstr "" + +#. type: item +#: doc/guix.texi:1388 +#, no-wrap +msgid "--lose-logs" +msgstr "" + +#. type: table +#: doc/guix.texi:1391 +msgid "Do not keep build logs. By default they are kept under @code{@var{localstatedir}/guix/log}." +msgstr "" + +#. type: item +#: doc/guix.texi:1392 doc/guix.texi:2890 doc/guix.texi:5779 doc/guix.texi:6920 doc/guix.texi:7328 doc/guix.texi:7962 +#: doc/guix.texi:19986 doc/guix.texi:20530 +#, no-wrap +msgid "--system=@var{system}" +msgstr "" + +#. type: table +#: doc/guix.texi:1396 +msgid "" +"Assume @var{system} as the current system type. By default it is the architecture/kernel pair found at configure time, such as " +"@code{x86_64-linux}." +msgstr "" + +#. type: item +#: doc/guix.texi:1397 +#, no-wrap +msgid "--listen=@var{endpoint}" +msgstr "" + +#. type: table +#: doc/guix.texi:1402 +msgid "" +"Listen for connections on @var{endpoint}. @var{endpoint} is interpreted as the file name of a Unix-domain socket if it starts with " +"@code{/} (slash sign). Otherwise, @var{endpoint} is interpreted as a host name or host name and port to listen to. Here are a few " +"examples:" +msgstr "" + +#. type: item +#: doc/guix.texi:1404 +#, no-wrap +msgid "--listen=/gnu/var/daemon" +msgstr "" + +#. type: table +#: doc/guix.texi:1407 +msgid "Listen for connections on the @file{/gnu/var/daemon} Unix-domain socket, creating it if needed." +msgstr "" + +#. type: item +#: doc/guix.texi:1408 +#, no-wrap +msgid "--listen=localhost" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1409 doc/guix.texi:4235 +#, no-wrap +msgid "daemon, remote access" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1410 doc/guix.texi:4236 +#, no-wrap +msgid "remote access to the daemon" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1411 doc/guix.texi:4237 +#, no-wrap +msgid "daemon, cluster setup" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1412 doc/guix.texi:4238 +#, no-wrap +msgid "clusters, daemon setup" +msgstr "" + +#. type: table +#: doc/guix.texi:1415 +msgid "Listen for TCP connections on the network interface corresponding to @code{localhost}, on port 44146." +msgstr "" + +#. type: item +#: doc/guix.texi:1416 +#, no-wrap +msgid "--listen=128.0.0.42:1234" +msgstr "" + +#. type: table +#: doc/guix.texi:1419 +msgid "Listen for TCP connections on the network interface corresponding to @code{128.0.0.42}, on port 1234." +msgstr "" + +#. type: table +#: doc/guix.texi:1426 +msgid "" +"This option can be repeated multiple times, in which case @command{guix-daemon} accepts connections on all the specified endpoints. " +"Users can tell client commands what endpoint to connect to by setting the @code{GUIX_DAEMON_SOCKET} environment variable (@pxref{The " +"Store, @code{GUIX_DAEMON_SOCKET}})." +msgstr "" + +#. type: quotation +#: doc/guix.texi:1427 doc/guix.texi:2325 doc/guix.texi:2789 doc/guix.texi:2952 doc/guix.texi:4205 doc/guix.texi:4273 doc/guix.texi:5784 +#: doc/guix.texi:7220 doc/guix.texi:7847 doc/guix.texi:8065 doc/guix.texi:8276 doc/guix.texi:11442 doc/guix.texi:20313 +#: doc/guix.texi:20511 doc/guix.texi:20598 doc/guix.texi:21442 +#, no-wrap +msgid "Note" +msgstr "" + +#. type: quotation +#: doc/guix.texi:1433 +msgid "" +"The daemon protocol is @emph{unauthenticated and unencrypted}. Using @code{--listen=@var{host}} is suitable on local networks, such " +"as clusters, where only trusted nodes may connect to the build daemon. In other cases where remote access to the daemon is needed, " +"we recommend using Unix-domain sockets along with SSH." +msgstr "" + +#. type: table +#: doc/guix.texi:1438 +msgid "" +"When @code{--listen} is omitted, @command{guix-daemon} listens for connections on the Unix-domain socket located at " +"@file{@var{localstatedir}/guix/daemon-socket/socket}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1448 +msgid "" +"When using Guix on top of GNU/Linux distribution other than GuixSD---a so-called @dfn{foreign distro}---a few additional steps are " +"needed to get everything in place. Here are some of them." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:1452 +msgid "locales-and-locpath" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1452 +#, no-wrap +msgid "locales, when not on GuixSD" +msgstr "" + +#. type: vindex +#: doc/guix.texi:1453 doc/guix.texi:9545 +#, no-wrap +msgid "LOCPATH" +msgstr "" + +#. type: vindex +#: doc/guix.texi:1454 +#, no-wrap +msgid "GUIX_LOCPATH" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1459 +msgid "" +"Packages installed @i{via} Guix will not use the locale data of the host system. Instead, you must first install one of the locale " +"packages available with Guix and then define the @code{GUIX_LOCPATH} environment variable:" +msgstr "" + +#. type: example +#: doc/guix.texi:1463 +#, no-wrap +msgid "" +"$ guix package -i glibc-locales\n" +"$ export GUIX_LOCPATH=$HOME/.guix-profile/lib/locale\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1469 +msgid "" +"Note that the @code{glibc-locales} package contains data for all the locales supported by the GNU@tie{}libc and weighs in at around " +"110@tie{}MiB. Alternatively, the @code{glibc-utf8-locales} is smaller but limited to a few UTF-8 locales." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1473 +msgid "" +"The @code{GUIX_LOCPATH} variable plays a role similar to @code{LOCPATH} (@pxref{Locale Names, @code{LOCPATH},, libc, The GNU C " +"Library Reference Manual}). There are two important differences though:" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1480 +msgid "" +"@code{GUIX_LOCPATH} is honored only by the libc in Guix, and not by the libc provided by foreign distros. Thus, using " +"@code{GUIX_LOCPATH} allows you to make sure the programs of the foreign distro will not end up loading incompatible locale data." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:1487 +msgid "" +"libc suffixes each entry of @code{GUIX_LOCPATH} with @code{/X.Y}, where @code{X.Y} is the libc version---e.g., @code{2.22}. This " +"means that, should your Guix profile contain a mixture of programs linked against different libc version, each libc version will " +"only try to load locale data in the right format." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1491 +msgid "This is important because the locale data format used by different libc versions may be incompatible." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1494 +#, no-wrap +msgid "name service switch, glibc" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1495 +#, no-wrap +msgid "NSS (name service switch), glibc" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1496 +#, no-wrap +msgid "nscd (name service caching daemon)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1497 +#, no-wrap +msgid "name service caching daemon (nscd)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1504 +msgid "" +"When using Guix on a foreign distro, we @emph{strongly recommend} that the system run the GNU C library's @dfn{name service cache " +"daemon}, @command{nscd}, which should be listening on the @file{/var/run/nscd/socket} socket. Failing to do that, applications " +"installed with Guix may fail to look up host names or user accounts, or may even crash. The next paragraphs explain why." +msgstr "" + +#. type: file{#1} +#: doc/guix.texi:1505 +#, no-wrap +msgid "nsswitch.conf" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1510 +msgid "" +"The GNU C library implements a @dfn{name service switch} (NSS), which is an extensible mechanism for ``name lookups'' in general: " +"host name resolution, user accounts, and more (@pxref{Name Service Switch,,, libc, The GNU C Library Reference Manual})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1511 +#, no-wrap +msgid "Network information service (NIS)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1512 +#, no-wrap +msgid "NIS (Network information service)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1521 +msgid "" +"Being extensible, the NSS supports @dfn{plugins}, which provide new name lookup implementations: for example, the @code{nss-mdns} " +"plugin allow resolution of @code{.local} host names, the @code{nis} plugin allows user account lookup using the Network information " +"service (NIS), and so on. These extra ``lookup services'' are configured system-wide in @file{/etc/nsswitch.conf}, and all the " +"programs running on the system honor those settings (@pxref{NSS Configuration File,,, libc, The GNU C Reference Manual})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1531 +msgid "" +"When they perform a name lookup---for instance by calling the @code{getaddrinfo} function in C---applications first try to connect " +"to the nscd; on success, nscd performs name lookups on their behalf. If the nscd is not running, then they perform the name lookup " +"by themselves, by loading the name lookup services into their own address space and running it. These name lookup services---the " +"@file{libnss_*.so} files---are @code{dlopen}'d, but they may come from the host system's C library, rather than from the C library " +"the application is linked against (the C library coming from Guix)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1536 +msgid "" +"And this is where the problem is: if your application is linked against Guix's C library (say, glibc 2.24) and tries to load NSS " +"plugins from another C library (say, @code{libnss_mdns.so} for glibc 2.22), it will likely crash or have its name lookups fail " +"unexpectedly." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1541 +msgid "" +"Running @command{nscd} on the system, among other advantages, eliminates this binary incompatibility problem because those " +"@code{libnss_*.so} files are loaded in the @command{nscd} process, not in applications themselves." +msgstr "" + +#. type: subsection +#: doc/guix.texi:1542 +#, no-wrap +msgid "X11 Fonts" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1544 doc/guix.texi:22008 +#, no-wrap +msgid "fonts" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1552 +msgid "" +"The majority of graphical applications use Fontconfig to locate and load fonts and perform X11-client-side rendering. The " +"@code{fontconfig} package in Guix looks for fonts in @file{$HOME/.guix-profile} by default. Thus, to allow graphical applications " +"installed with Guix to display fonts, you have to install fonts with Guix as well. Essential font packages include @code{gs-fonts}, " +"@code{font-dejavu}, and @code{font-gnu-freefont-ttf}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1559 +msgid "" +"To display text written in Chinese languages, Japanese, or Korean in graphical applications, consider installing @code{font-adobe-" +"source-han-sans} or @code{font-wqy-zenhei}. The former has multiple outputs, one per language family (@pxref{Packages with Multiple " +"Outputs}). For instance, the following command installs fonts for Chinese languages:" +msgstr "" + +#. type: example +#: doc/guix.texi:1562 +#, no-wrap +msgid "guix package -i font-adobe-source-han-sans:cn\n" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:1564 +#, no-wrap +msgid "xterm" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1568 +msgid "" +"Older programs such as @command{xterm} do not use Fontconfig and instead rely on server-side font rendering. Such programs require " +"to specify a full name of a font using XLFD (X Logical Font Description), like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:1571 +#, no-wrap +msgid "-*-dejavu sans-medium-r-normal-*-*-100-*-*-*-*-*-1\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1575 +msgid "" +"To be able to use such full names for the TrueType fonts installed in your Guix profile, you need to extend the font path of the X " +"server:" +msgstr "" + +#. type: example +#: doc/guix.texi:1580 +#, no-wrap +msgid "xset +fp $(dirname $(readlink -f ~/.guix-profile/share/fonts/truetype/fonts.dir))\n" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:1582 +#, no-wrap +msgid "xlsfonts" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1585 +msgid "After that, you can run @code{xlsfonts} (from @code{xlsfonts} package) to make sure your TrueType fonts are listed there." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:1586 +#, no-wrap +msgid "fc-cache" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1587 +#, no-wrap +msgid "font cache" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1593 +msgid "" +"After installing fonts you may have to refresh the font cache to use them in applications. The same applies when applications " +"installed via Guix do not seem to find fonts. To force rebuilding of the font cache run @code{fc-cache -f}. The @code{fc-cache} " +"command is provided by the @code{fontconfig} package." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:1596 doc/guix.texi:19725 +#, no-wrap +msgid "nss-certs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1599 +msgid "The @code{nss-certs} package provides X.509 certificates, which allow programs to authenticate Web servers accessed over HTTPS." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1604 +msgid "" +"When using Guix on a foreign distro, you can install this package and define the relevant environment variables so that packages " +"know where to look for certificates. @xref{X.509 Certificates}, for detailed information." +msgstr "" + +#. type: subsection +#: doc/guix.texi:1605 +#, no-wrap +msgid "Emacs Packages" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:1607 +#, no-wrap +msgid "emacs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1618 +msgid "" +"When you install Emacs packages with Guix, the elisp files may be placed either in @file{$HOME/.guix-profile/share/emacs/site-lisp/} " +"or in sub-directories of @file{$HOME/.guix-profile/share/emacs/site-lisp/guix.d/}. The latter directory exists because potentially " +"there may exist thousands of Emacs packages and storing all their files in a single directory may not be reliable (because of name " +"conflicts). So we think using a separate directory for each package is a good idea. It is very similar to how the Emacs package " +"system organizes the file structure (@pxref{Package Files,,, emacs, The GNU Emacs Manual})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1624 +msgid "" +"By default, Emacs (installed with Guix) ``knows'' where these packages are placed, so you do not need to perform any configuration. " +"If, for some reason, you want to avoid auto-loading Emacs packages installed with Guix, you can do so by running Emacs with @code{--" +"no-site-file} option (@pxref{Init File,,, emacs, The GNU Emacs Manual})." +msgstr "" + +#. type: subsection +#: doc/guix.texi:1625 +#, no-wrap +msgid "The GCC toolchain" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1627 +#, no-wrap +msgid "GCC" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1628 +#, no-wrap +msgid "ld-wrapper" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1637 +msgid "" +"Guix offers individual compiler packages such as @code{gcc} but if you are in need of a complete toolchain for compiling and linking " +"source code what you really want is the @code{gcc-toolchain} package. This package provides a complete GCC toolchain for C/C++ " +"development, including GCC itself, the GNU C Library (headers and binaries, plus debugging symbols in the @code{debug} output), " +"Binutils, and a linker wrapper." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1638 +#, no-wrap +msgid "attempt to use impure library, error message" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1648 +msgid "" +"The wrapper's purpose is to inspect the @code{-L} and @code{-l} switches passed to the linker, add corresponding @code{-rpath} " +"arguments, and invoke the actual linker with this new set of arguments. By default, the linker wrapper refuses to link to libraries " +"outside the store to ensure ``purity''. This can be annoying when using the toolchain to link with local libraries. To allow " +"references to libraries outside the store you need to define the environment variable @code{GUIX_LD_WRAPPER_ALLOW_IMPURITIES}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1655 +#, no-wrap +msgid "packages" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1660 +msgid "" +"The purpose of GNU Guix is to allow users to easily install, upgrade, and remove software packages, without having to know about " +"their build procedures or dependencies. Guix also goes beyond this obvious set of features." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1668 +msgid "" +"This chapter describes the main features of Guix, as well as the package management tools it provides. Along with the command-line " +"interface described below (@pxref{Invoking guix package, @code{guix package}}), you may also use the Emacs-Guix interface " +"(@pxref{Top,,, emacs-guix, The Emacs-Guix Reference Manual}), after installing @code{emacs-guix} package (run @kbd{M-x guix-help} " +"command to start with it):" +msgstr "" +"Ce chapitre décrit les principales fonctionnalités de Guix, ainsi que des outils de gestion des paquets qu'il fournit. En plus de " +"l'interface en ligne de commande décrite en dessous de (@pxref{Invoquer guix package, @code{guix package}}), vous pouvez aussi " +"utiliser l'interface Emacs-Guix (@pxref{Top,,, emacs-guix, Le manuel de référence de emacs-guix}), après avoir installé le paquet " +"@code{emacs-guix} (lancez la commande @kbd{M-x guix-help} pour le démarrer) :" + +#. type: example +#: doc/guix.texi:1671 +#, no-wrap +msgid "guix package -i emacs-guix\n" +msgstr "guix package -i emacs-guix\n" + +#. type: Plain text +#: doc/guix.texi:1690 +msgid "" +"When using Guix, each package ends up in the @dfn{package store}, in its own directory---something that resembles @file{/gnu/store/" +"xxx-package-1.2}, where @code{xxx} is a base32 string." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1695 +msgid "" +"Instead of referring to these directories, users have their own @dfn{profile}, which points to the packages that they actually want " +"to use. These profiles are stored within each user's home directory, at @code{$HOME/.guix-profile}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1703 +msgid "" +"For example, @code{alice} installs GCC 4.7.2. As a result, @file{/home/alice/.guix-profile/bin/gcc} points to @file{/gnu/store/" +"@dots{}-gcc-4.7.2/bin/gcc}. Now, on the same machine, @code{bob} had already installed GCC 4.8.0. The profile of @code{bob} simply " +"continues to point to @file{/gnu/store/@dots{}-gcc-4.8.0/bin/gcc}---i.e., both versions of GCC coexist on the same system without " +"any interference." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1707 +msgid "" +"The @command{guix package} command is the central tool to manage packages (@pxref{Invoking guix package}). It operates on the per-" +"user profiles, and can be used @emph{with normal user privileges}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1708 doc/guix.texi:1777 +#, no-wrap +msgid "transactions" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1715 +msgid "" +"The command provides the obvious install, remove, and upgrade operations. Each invocation is actually a @emph{transaction}: either " +"the specified operation succeeds, or nothing happens. Thus, if the @command{guix package} process is terminated during the " +"transaction, or if a power outage occurs during the transaction, then the user's profile remains in its previous state, and remains " +"usable." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1723 +msgid "" +"In addition, any package transaction may be @emph{rolled back}. So, if, for example, an upgrade installs a new version of a package " +"that turns out to have a serious bug, users may roll back to the previous instance of their profile, which was known to work well. " +"Similarly, the global system configuration on GuixSD is subject to transactional upgrades and roll-back (@pxref{Using the " +"Configuration System})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1730 +msgid "" +"All packages in the package store may be @emph{garbage-collected}. Guix can determine which packages are still referenced by user " +"profiles, and remove those that are provably no longer referenced (@pxref{Invoking guix gc}). Users may also explicitly remove old " +"generations of their profile so that the packages they refer to can be collected." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1731 +#, no-wrap +msgid "reproducibility" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1743 +msgid "" +"Finally, Guix takes a @dfn{purely functional} approach to package management, as described in the introduction " +"(@pxref{Introduction}). Each @file{/gnu/store} package directory name contains a hash of all the inputs that were used to build " +"that package---compiler, libraries, build scripts, etc. This direct correspondence allows users to make sure a given package " +"installation matches the current state of their distribution. It also helps maximize @dfn{build reproducibility}: thanks to the " +"isolated build environments that are used, a given build is likely to yield bit-identical files when performed on different machines " +"(@pxref{Invoking guix-daemon, container})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1754 +msgid "" +"This foundation allows Guix to support @dfn{transparent binary/source deployment}. When a pre-built binary for a @file{/gnu/store} " +"item is available from an external source---a @dfn{substitute}, Guix just downloads it and unpacks it; otherwise, it builds the " +"package from source, locally (@pxref{Substitutes}). Because build results are usually bit-for-bit reproducible, users do not have " +"to trust servers that provide substitutes: they can force a local build and @emph{challenge} providers (@pxref{Invoking guix " +"challenge})." +msgstr "" +"Ce fondement permet à Guix de supporter le @dfn{déploiement transparent de binaire ou source}. Lorsqu'une binaire pré-construit pour " +"une entrée de @file{/gnu/store} est disponible depuis une source externe (un @dfn{substitut}), Guix le télécharge simplement et le " +"décompresse ; sinon, il construit le paquet depuis les sources localement (@pxref{Substituts}). Comme les résultats des " +"constructions sont généralement reproductibles au bit près, si vous n'avez pas besoin de faire confiance aux serveurs qui " +"fournissent les substituts : vous pouvez forcer une construction locale et @emph{défier} les fournisseurs (@pxref{Invoking guix " +"challenge})." + +#. type: Plain text +#: doc/guix.texi:1760 +msgid "" +"Control over the build environment is a feature that is also useful for developers. The @command{guix environment} command allows " +"developers of a package to quickly set up the right development environment for their package, without having to manually install " +"the dependencies of the package into their profile (@pxref{Invoking guix environment})." +msgstr "" + +#. type: section +#: doc/guix.texi:1762 +#, no-wrap +msgid "Invoking @command{guix package}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1764 +#, no-wrap +msgid "installing packages" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1765 +#, no-wrap +msgid "removing packages" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1766 +#, no-wrap +msgid "package installation" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1767 +#, no-wrap +msgid "package removal" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1773 +msgid "" +"The @command{guix package} command is the tool that allows users to install, upgrade, and remove packages, as well as rolling back " +"to previous configurations. It operates only on the user's own profile, and works with normal user privileges (@pxref{Features}). " +"Its syntax is:" +msgstr "" +"La commande @command{guix package} est l'outil qui permet d'installer, mettre à jour et supprimer les paquets ainsi que de revenir à " +"une configuration précédente. Elle n'opère que dans le profil de l'utilisateur et fonctionne avec les privilèges utilisateurs " +"normaux (@pxref{Fonctionnalités}). Sa syntaxe est :" + +#. type: example +#: doc/guix.texi:1776 +#, no-wrap +msgid "guix package @var{options}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1782 +msgid "" +"Primarily, @var{options} specifies the operations to be performed during the transaction. Upon completion, a new profile is " +"created, but previous @dfn{generations} of the profile remain available, should the user want to roll back." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1785 +msgid "For example, to remove @code{lua} and install @code{guile} and @code{guile-cairo} in a single transaction:" +msgstr "" + +#. type: example +#: doc/guix.texi:1788 +#, no-wrap +msgid "guix package -r lua -i guile guile-cairo\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1794 +msgid "" +"@command{guix package} also supports a @dfn{declarative approach} whereby the user specifies the exact set of packages to be " +"available and passes it @i{via} the @option{--manifest} option (@pxref{profile-manifest, @option{--manifest}})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1795 +#, no-wrap +msgid "profile" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1801 +msgid "" +"For each user, a symlink to the user's default profile is automatically created in @file{$HOME/.guix-profile}. This symlink always " +"points to the current generation of the user's default profile. Thus, users can add @file{$HOME/.guix-profile/bin} to their " +"@code{PATH} environment variable, and so on." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1801 doc/guix.texi:1998 +#, no-wrap +msgid "search paths" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1806 +msgid "" +"If you are not using the Guix System Distribution, consider adding the following lines to your @file{~/.bash_profile} (@pxref{Bash " +"Startup Files,,, bash, The GNU Bash Reference Manual}) so that newly-spawned shells get all the right environment variable " +"definitions:" +msgstr "" + +#. type: example +#: doc/guix.texi:1810 +#, no-wrap +msgid "" +"GUIX_PROFILE=\"$HOME/.guix-profile\" ; \\\n" +"source \"$HOME/.guix-profile/etc/profile\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1821 +msgid "" +"In a multi-user setup, user profiles are stored in a place registered as a @dfn{garbage-collector root}, which @file{$HOME/.guix-" +"profile} points to (@pxref{Invoking guix gc}). That directory is normally @code{@var{localstatedir}/guix/profiles/per-user/" +"@var{user}}, where @var{localstatedir} is the value passed to @code{configure} as @code{--localstatedir}, and @var{user} is the user " +"name. The @file{per-user} directory is created when @command{guix-daemon} is started, and the @var{user} sub-directory is created " +"by @command{guix package}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:1823 +msgid "The @var{options} can be among the following:" +msgstr "" + +#. type: item +#: doc/guix.texi:1826 +#, no-wrap +msgid "--install=@var{package} @dots{}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1827 +#, no-wrap +msgid "-i @var{package} @dots{}" +msgstr "" + +#. type: table +#: doc/guix.texi:1829 +msgid "Install the specified @var{package}s." +msgstr "" + +#. type: table +#: doc/guix.texi:1834 +msgid "" +"Each @var{package} may specify either a simple package name, such as @code{guile}, or a package name followed by an at-sign and " +"version number, such as @code{guile@@1.8.8} or simply @code{guile@@1.8} (in the latter case, the newest version prefixed by " +"@code{1.8} is selected.)" +msgstr "" + +#. type: table +#: doc/guix.texi:1842 +msgid "" +"If no version number is specified, the newest available version will be selected. In addition, @var{package} may contain a colon, " +"followed by the name of one of the outputs of the package, as in @code{gcc:doc} or @code{binutils@@2.22:lib} (@pxref{Packages with " +"Multiple Outputs}). Packages with a corresponding name (and optionally version) are searched for among the GNU distribution modules " +"(@pxref{Package Modules})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:1843 +#, no-wrap +msgid "propagated inputs" +msgstr "" + +#. type: table +#: doc/guix.texi:1849 +msgid "" +"Sometimes packages have @dfn{propagated inputs}: these are dependencies that automatically get installed along with the required " +"package (@pxref{package-propagated-inputs, @code{propagated-inputs} in @code{package} objects}, for information about propagated " +"inputs in package definitions)." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:1856 +msgid "package-cmd-propagated-inputs" +msgstr "" + +#. type: table +#: doc/guix.texi:1856 +msgid "" +"An example is the GNU MPC library: its C header files refer to those of the GNU MPFR library, which in turn refer to those of the " +"GMP library. Thus, when installing MPC, the MPFR and GMP libraries also get installed in the profile; removing MPC also removes " +"MPFR and GMP---unless they had also been explicitly installed by the user." +msgstr "" + +#. type: table +#: doc/guix.texi:1861 +msgid "" +"Besides, packages sometimes rely on the definition of environment variables for their search paths (see explanation of @code{--" +"search-paths} below). Any missing or possibly incorrect environment variable definitions are reported here." +msgstr "" + +#. type: item +#: doc/guix.texi:1862 +#, no-wrap +msgid "--install-from-expression=@var{exp}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1863 +#, no-wrap +msgid "-e @var{exp}" +msgstr "" + +#. type: table +#: doc/guix.texi:1865 +msgid "Install the package @var{exp} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:1870 +msgid "" +"@var{exp} must be a Scheme expression that evaluates to a @code{} object. This option is notably useful to disambiguate " +"between same-named variants of a package, with expressions such as @code{(@@ (gnu packages base) guile-final)}." +msgstr "" + +#. type: table +#: doc/guix.texi:1874 +msgid "" +"Note that this option installs the first output of the specified package, which may be insufficient when needing a specific output " +"of a multiple-output package." +msgstr "" + +#. type: item +#: doc/guix.texi:1875 +#, no-wrap +msgid "--install-from-file=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1876 doc/guix.texi:5695 +#, no-wrap +msgid "-f @var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:1878 +msgid "Install the package that the code within @var{file} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:1881 doc/guix.texi:7279 +msgid "As an example, @var{file} might contain a definition like this (@pxref{Defining Packages}):" +msgstr "" + +#. type: example +#: doc/guix.texi:1884 doc/guix.texi:5705 +#, no-wrap +msgid "@verbatiminclude package-hello.scm\n" +msgstr "" + +#. type: table +#: doc/guix.texi:1890 +msgid "" +"Developers may find it useful to include such a @file{guix.scm} file in the root of their project source tree that can be used to " +"test development snapshots and create reproducible development environments (@pxref{Invoking guix environment})." +msgstr "" + +#. type: item +#: doc/guix.texi:1891 +#, no-wrap +msgid "--remove=@var{package} @dots{}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1892 +#, no-wrap +msgid "-r @var{package} @dots{}" +msgstr "" + +#. type: table +#: doc/guix.texi:1894 +msgid "Remove the specified @var{package}s." +msgstr "" + +#. type: table +#: doc/guix.texi:1899 +msgid "" +"As for @code{--install}, each @var{package} may specify a version number and/or output name in addition to the package name. For " +"instance, @code{-r glibc:debug} would remove the @code{debug} output of @code{glibc}." +msgstr "" + +#. type: item +#: doc/guix.texi:1900 +#, no-wrap +msgid "--upgrade[=@var{regexp} @dots{}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1901 +#, no-wrap +msgid "-u [@var{regexp} @dots{}]" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1902 +#, no-wrap +msgid "upgrading packages" +msgstr "" + +#. type: table +#: doc/guix.texi:1906 +msgid "" +"Upgrade all the installed packages. If one or more @var{regexp}s are specified, upgrade only installed packages whose name matches " +"a @var{regexp}. Also see the @code{--do-not-upgrade} option below." +msgstr "" + +#. type: table +#: doc/guix.texi:1911 +msgid "" +"Note that this upgrades package to the latest version of packages found in the distribution currently installed. To update your " +"distribution, you should regularly run @command{guix pull} (@pxref{Invoking guix pull})." +msgstr "" + +#. type: item +#: doc/guix.texi:1912 +#, no-wrap +msgid "--do-not-upgrade[=@var{regexp} @dots{}]" +msgstr "" + +#. type: table +#: doc/guix.texi:1917 +msgid "" +"When used together with the @code{--upgrade} option, do @emph{not} upgrade any packages whose name matches a @var{regexp}. For " +"example, to upgrade all packages in the current profile except those containing the substring ``emacs'':" +msgstr "" + +#. type: example +#: doc/guix.texi:1920 +#, no-wrap +msgid "$ guix package --upgrade . --do-not-upgrade emacs\n" +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:1922 +#, no-wrap +msgid "profile-manifest" +msgstr "" + +#. type: item +#: doc/guix.texi:1922 doc/guix.texi:2877 doc/guix.texi:6573 doc/guix.texi:7284 doc/guix.texi:7968 +#, no-wrap +msgid "--manifest=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1923 doc/guix.texi:2878 doc/guix.texi:6574 doc/guix.texi:7285 +#, no-wrap +msgid "-m @var{file}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1924 +#, no-wrap +msgid "profile declaration" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1925 +#, no-wrap +msgid "profile manifest" +msgstr "" + +#. type: table +#: doc/guix.texi:1928 +msgid "Create a new generation of the profile from the manifest object returned by the Scheme code in @var{file}." +msgstr "" + +#. type: table +#: doc/guix.texi:1934 +msgid "" +"This allows you to @emph{declare} the profile's contents rather than constructing it through a sequence of @code{--install} and " +"similar commands. The advantage is that @var{file} can be put under version control, copied to different machines to reproduce the " +"same profile, and so on." +msgstr "" + +#. type: table +#: doc/guix.texi:1938 +msgid "@var{file} must return a @dfn{manifest} object, which is roughly a list of packages:" +msgstr "" + +#. type: findex +#: doc/guix.texi:1939 +#, no-wrap +msgid "packages->manifest" +msgstr "" + +#. type: example +#: doc/guix.texi:1942 +#, no-wrap +msgid "" +"(use-package-modules guile emacs)\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:1948 +#, no-wrap +msgid "" +"(packages->manifest\n" +" (list emacs\n" +" guile-2.0\n" +" ;; Use a specific package output.\n" +" (list guile-2.0 \"debug\")))\n" +msgstr "" + +#. type: findex +#: doc/guix.texi:1950 +#, no-wrap +msgid "specifications->manifest" +msgstr "" + +#. type: table +#: doc/guix.texi:1957 +msgid "" +"In this example we have to know which modules define the @code{emacs} and @code{guile-2.0} variables to provide the right @code{use-" +"package-modules} line, which can be cumbersome. We can instead provide regular package specifications and let @code{specifications-" +">manifest} look up the corresponding package objects, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:1961 +#, no-wrap +msgid "" +"(specifications->manifest\n" +" '(\"emacs\" \"guile@@2.2\" \"guile@@2.2:debug\"))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:1963 +#, no-wrap +msgid "--roll-back" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1964 doc/guix.texi:20365 +#, no-wrap +msgid "rolling back" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1965 +#, no-wrap +msgid "undoing transactions" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1966 +#, no-wrap +msgid "transactions, undoing" +msgstr "" + +#. type: table +#: doc/guix.texi:1969 +msgid "Roll back to the previous @dfn{generation} of the profile---i.e., undo the last transaction." +msgstr "" + +#. type: table +#: doc/guix.texi:1972 +msgid "When combined with options such as @code{--install}, roll back occurs before any other actions." +msgstr "" + +#. type: table +#: doc/guix.texi:1976 +msgid "" +"When rolling back from the first generation that actually contains installed packages, the profile is made to point to the " +"@dfn{zeroth generation}, which contains no files apart from its own metadata." +msgstr "" + +#. type: table +#: doc/guix.texi:1980 +msgid "" +"After having rolled back, installing, removing, or upgrading packages overwrites previous future generations. Thus, the history of " +"the generations in a profile is always linear." +msgstr "" + +#. type: item +#: doc/guix.texi:1981 +#, no-wrap +msgid "--switch-generation=@var{pattern}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:1982 +#, no-wrap +msgid "-S @var{pattern}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:1983 doc/guix.texi:2181 doc/guix.texi:20323 +#, no-wrap +msgid "generations" +msgstr "" + +#. type: table +#: doc/guix.texi:1985 +msgid "Switch to a particular generation defined by @var{pattern}." +msgstr "" + +#. type: table +#: doc/guix.texi:1991 +msgid "" +"@var{pattern} may be either a generation number or a number prefixed with ``+'' or ``-''. The latter means: move forward/backward " +"by a specified number of generations. For example, if you want to return to the latest generation after @code{--roll-back}, use " +"@code{--switch-generation=+1}." +msgstr "" + +#. type: table +#: doc/guix.texi:1996 +msgid "" +"The difference between @code{--roll-back} and @code{--switch-generation=-1} is that @code{--switch-generation} will not make a " +"zeroth generation, so if a specified generation does not exist, the current generation will not be changed." +msgstr "" + +#. type: item +#: doc/guix.texi:1997 +#, no-wrap +msgid "--search-paths[=@var{kind}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2003 +msgid "" +"Report environment variable definitions, in Bash syntax, that may be needed in order to use the set of installed packages. These " +"environment variables are used to specify @dfn{search paths} for files used by some of the installed packages." +msgstr "" + +#. type: table +#: doc/guix.texi:2011 +msgid "" +"For example, GCC needs the @code{CPATH} and @code{LIBRARY_PATH} environment variables to be defined so it can look for headers and " +"libraries in the user's profile (@pxref{Environment Variables,,, gcc, Using the GNU Compiler Collection (GCC)}). If GCC and, say, " +"the C library are installed in the profile, then @code{--search-paths} will suggest setting these variables to @code{@var{profile}/" +"include} and @code{@var{profile}/lib}, respectively." +msgstr "" + +#. type: table +#: doc/guix.texi:2014 +msgid "The typical use case is to define these environment variables in the shell:" +msgstr "" + +#. type: example +#: doc/guix.texi:2017 +#, no-wrap +msgid "$ eval `guix package --search-paths`\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2023 +msgid "" +"@var{kind} may be one of @code{exact}, @code{prefix}, or @code{suffix}, meaning that the returned environment variable definitions " +"will either be exact settings, or prefixes or suffixes of the current value of these variables. When omitted, @var{kind} defaults " +"to @code{exact}." +msgstr "" + +#. type: table +#: doc/guix.texi:2026 +msgid "This option can also be used to compute the @emph{combined} search paths of several profiles. Consider this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:2031 +#, no-wrap +msgid "" +"$ guix package -p foo -i guile\n" +"$ guix package -p bar -i guile-json\n" +"$ guix package -p foo -p bar --search-paths\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2036 +msgid "" +"The last command above reports about the @code{GUILE_LOAD_PATH} variable, even though, taken individually, neither @file{foo} nor " +"@file{bar} would lead to that recommendation." +msgstr "" + +#. type: item +#: doc/guix.texi:2038 +#, no-wrap +msgid "--profile=@var{profile}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2039 +#, no-wrap +msgid "-p @var{profile}" +msgstr "" + +#. type: table +#: doc/guix.texi:2041 +msgid "Use @var{profile} instead of the user's default profile." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2042 +#, no-wrap +msgid "collisions, in a profile" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2043 +#, no-wrap +msgid "colliding packages in profiles" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2044 +#, no-wrap +msgid "profile collisions" +msgstr "" + +#. type: item +#: doc/guix.texi:2045 +#, no-wrap +msgid "--allow-collisions" +msgstr "" + +#. type: table +#: doc/guix.texi:2047 +msgid "Allow colliding packages in the new profile. Use at your own risk!" +msgstr "" + +#. type: table +#: doc/guix.texi:2051 +msgid "" +"By default, @command{guix package} reports as an error @dfn{collisions} in the profile. Collisions happen when two or more " +"different versions or variants of a given package end up in the profile." +msgstr "" + +#. type: item +#: doc/guix.texi:2052 doc/guix.texi:2754 doc/guix.texi:7773 +#, no-wrap +msgid "--verbose" +msgstr "" + +#. type: table +#: doc/guix.texi:2055 +msgid "Produce verbose output. In particular, emit the build log of the environment on the standard error port." +msgstr "" + +#. type: item +#: doc/guix.texi:2056 doc/guix.texi:2773 doc/guix.texi:2931 +#, no-wrap +msgid "--bootstrap" +msgstr "" + +#. type: table +#: doc/guix.texi:2059 +msgid "Use the bootstrap Guile to build the profile. This option is only useful to distribution developers." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2065 +msgid "" +"In addition to these actions, @command{guix package} supports the following options to query the current state of a profile, or the " +"availability of packages:" +msgstr "" + +#. type: item +#: doc/guix.texi:2068 +#, no-wrap +msgid "--search=@var{regexp}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2069 +#, no-wrap +msgid "-s @var{regexp}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2070 +#, no-wrap +msgid "searching for packages" +msgstr "" + +#. type: table +#: doc/guix.texi:2075 +msgid "" +"List the available packages whose name, synopsis, or description matches @var{regexp}, sorted by relevance. Print all the metadata " +"of matching packages in @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, GNU recutils manual})." +msgstr "" + +#. type: table +#: doc/guix.texi:2078 +msgid "This allows specific fields to be extracted using the @command{recsel} command, for instance:" +msgstr "" + +#. type: example +#: doc/guix.texi:2084 +#, no-wrap +msgid "" +"$ guix package -s malloc | recsel -p name,version,relevance\n" +"name: jemalloc\n" +"version: 4.5.0\n" +"relevance: 6\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:2088 +#, no-wrap +msgid "" +"name: glibc\n" +"version: 2.25\n" +"relevance: 1\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:2092 +#, no-wrap +msgid "" +"name: libgc\n" +"version: 7.6.0\n" +"relevance: 1\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2096 +msgid "Similarly, to show the name of all the packages available under the terms of the GNU@tie{}LGPL version 3:" +msgstr "" + +#. type: example +#: doc/guix.texi:2100 +#, no-wrap +msgid "" +"$ guix package -s \"\" | recsel -p name -e 'license ~ \"LGPL 3\"'\n" +"name: elfutils\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:2103 +#, no-wrap +msgid "" +"name: gmp\n" +"@dots{}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2108 +msgid "" +"It is also possible to refine search results using several @code{-s} flags. For example, the following command returns a list of " +"board games:" +msgstr "" + +#. type: example +#: doc/guix.texi:2113 +#, no-wrap +msgid "" +"$ guix package -s '\\' -s game | recsel -p name\n" +"name: gnubg\n" +"@dots{}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2119 +msgid "" +"If we were to omit @code{-s game}, we would also get software packages that deal with printed circuit boards; removing the angle " +"brackets around @code{board} would further add packages that have to do with keyboards." +msgstr "" + +#. type: table +#: doc/guix.texi:2123 +msgid "" +"And now for a more elaborate example. The following command searches for cryptographic libraries, filters out Haskell, Perl, " +"Python, and Ruby libraries, and prints the name and synopsis of the matching packages:" +msgstr "" + +#. type: example +#: doc/guix.texi:2127 +#, no-wrap +msgid "" +"$ guix package -s crypto -s library | \\\n" +" recsel -e '! (name ~ \"^(ghc|perl|python|ruby)\")' -p name,synopsis\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2132 +msgid "" +"@xref{Selection Expressions,,, recutils, GNU recutils manual}, for more information on @dfn{selection expressions} for @code{recsel -" +"e}." +msgstr "" + +#. type: item +#: doc/guix.texi:2133 +#, no-wrap +msgid "--show=@var{package}" +msgstr "" + +#. type: table +#: doc/guix.texi:2137 +msgid "" +"Show details about @var{package}, taken from the list of available packages, in @code{recutils} format (@pxref{Top, GNU recutils " +"databases,, recutils, GNU recutils manual})." +msgstr "" + +#. type: example +#: doc/guix.texi:2142 +#, no-wrap +msgid "" +"$ guix package --show=python | recsel -p name,version\n" +"name: python\n" +"version: 2.7.6\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:2145 +#, no-wrap +msgid "" +"name: python\n" +"version: 3.3.5\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2149 +msgid "You may also specify the full name of a package to only get details about a specific version of it:" +msgstr "" + +#. type: example +#: doc/guix.texi:2153 +#, no-wrap +msgid "" +"$ guix package --show=python@@3.4 | recsel -p name,version\n" +"name: python\n" +"version: 3.4.3\n" +msgstr "" + +#. type: item +#: doc/guix.texi:2157 +#, no-wrap +msgid "--list-installed[=@var{regexp}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2158 +#, no-wrap +msgid "-I [@var{regexp}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2162 +msgid "" +"List the currently installed packages in the specified profile, with the most recently installed packages shown last. When " +"@var{regexp} is specified, list only installed packages whose name matches @var{regexp}." +msgstr "" + +#. type: table +#: doc/guix.texi:2168 +msgid "" +"For each installed package, print the following items, separated by tabs: the package name, its version string, the part of the " +"package that is installed (for instance, @code{out} for the default output, @code{include} for its headers, etc.), and the path of " +"this package in the store." +msgstr "" + +#. type: item +#: doc/guix.texi:2169 +#, no-wrap +msgid "--list-available[=@var{regexp}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2170 +#, no-wrap +msgid "-A [@var{regexp}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2174 +msgid "" +"List packages currently available in the distribution for this system (@pxref{GNU Distribution}). When @var{regexp} is specified, " +"list only installed packages whose name matches @var{regexp}." +msgstr "" +"Liste les paquets actuellement disponibles dans la distribution pour ce système (@pxref{Distribution GNU}). Lorsque @var{regexp} est " +"spécifié, liste uniquement les paquets dont le nom correspond à @var{regexp}." + +#. type: table +#: doc/guix.texi:2178 +msgid "" +"For each package, print the following items separated by tabs: its name, its version string, the parts of the package " +"(@pxref{Packages with Multiple Outputs}), and the source location of its definition." +msgstr "" + +#. type: item +#: doc/guix.texi:2179 +#, no-wrap +msgid "--list-generations[=@var{pattern}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2180 +#, no-wrap +msgid "-l [@var{pattern}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2186 +msgid "" +"Return a list of generations along with their creation dates; for each generation, show the installed packages, with the most " +"recently installed packages shown last. Note that the zeroth generation is never shown." +msgstr "" + +#. type: table +#: doc/guix.texi:2191 +msgid "" +"For each installed package, print the following items, separated by tabs: the name of a package, its version string, the part of the " +"package that is installed (@pxref{Packages with Multiple Outputs}), and the location of this package in the store." +msgstr "" + +#. type: table +#: doc/guix.texi:2194 +msgid "When @var{pattern} is used, the command returns only matching generations. Valid patterns include:" +msgstr "" + +#. type: item +#: doc/guix.texi:2196 +#, no-wrap +msgid "@emph{Integers and comma-separated integers}. Both patterns denote" +msgstr "" + +#. type: itemize +#: doc/guix.texi:2199 +msgid "generation numbers. For instance, @code{--list-generations=1} returns the first one." +msgstr "" + +#. type: itemize +#: doc/guix.texi:2202 +msgid "" +"And @code{--list-generations=1,8,2} outputs three generations in the specified order. Neither spaces nor trailing commas are " +"allowed." +msgstr "" + +#. type: item +#: doc/guix.texi:2203 +#, no-wrap +msgid "@emph{Ranges}. @code{--list-generations=2..9} prints the" +msgstr "" + +#. type: itemize +#: doc/guix.texi:2206 +msgid "specified generations and everything in between. Note that the start of a range must be smaller than its end." +msgstr "" + +#. type: itemize +#: doc/guix.texi:2210 +msgid "" +"It is also possible to omit the endpoint. For example, @code{--list-generations=2..}, returns all generations starting from the " +"second one." +msgstr "" + +#. type: item +#: doc/guix.texi:2211 +#, no-wrap +msgid "@emph{Durations}. You can also get the last @emph{N}@tie{}days, weeks," +msgstr "" + +#. type: itemize +#: doc/guix.texi:2215 +msgid "" +"or months by passing an integer along with the first letter of the duration. For example, @code{--list-generations=20d} lists " +"generations that are up to 20 days old." +msgstr "" + +#. type: item +#: doc/guix.texi:2217 +#, no-wrap +msgid "--delete-generations[=@var{pattern}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2218 +#, no-wrap +msgid "-d [@var{pattern}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2221 +msgid "When @var{pattern} is omitted, delete all generations except the current one." +msgstr "" + +#. type: table +#: doc/guix.texi:2227 +msgid "" +"This command accepts the same patterns as @option{--list-generations}. When @var{pattern} is specified, delete the matching " +"generations. When @var{pattern} specifies a duration, generations @emph{older} than the specified duration match. For instance, " +"@code{--delete-generations=1m} deletes generations that are more than one month old." +msgstr "" + +#. type: table +#: doc/guix.texi:2230 +msgid "If the current generation matches, it is @emph{not} deleted. Also, the zeroth generation is never deleted." +msgstr "" + +#. type: table +#: doc/guix.texi:2233 +msgid "Note that deleting generations prevents rolling back to them. Consequently, this command must be used with care." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2244 +msgid "" +"Finally, since @command{guix package} may actually start build processes, it supports all the common build options (@pxref{Common " +"Build Options}). It also supports package transformation options, such as @option{--with-source} (@pxref{Package Transformation " +"Options}). However, note that package transformations are lost when upgrading; to preserve transformations across upgrades, you " +"should define your own package variant in a Guile module and add it to @code{GUIX_PACKAGE_PATH} (@pxref{Defining Packages})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2249 +#, no-wrap +msgid "pre-built binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2255 +msgid "" +"Guix supports transparent source/binary deployment, which means that it can either build things locally, or download pre-built items " +"from a server, or both. We call these pre-built items @dfn{substitutes}---they are substitutes for local build results. In many " +"cases, downloading a substitute is much faster than building things locally." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2260 +msgid "" +"Substitutes can be anything resulting from a derivation build (@pxref{Derivations}). Of course, in the common case, they are pre-" +"built package binaries, but source tarballs, for instance, which also result from derivation builds, can be available as substitutes." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2273 +#, no-wrap +msgid "hydra" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2274 +#, no-wrap +msgid "build farm" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2284 +msgid "" +"The @code{mirror.hydra.gnu.org} server is a front-end to an official build farm that builds packages from Guix continuously for some " +"architectures, and makes them available as substitutes. This is the default source of substitutes; it can be overridden by passing " +"the @option{--substitute-urls} option either to @command{guix-daemon} (@pxref{daemon-substitute-urls,, @code{guix-daemon --" +"substitute-urls}}) or to client tools such as @command{guix package} (@pxref{client-substitute-urls,, client @option{--substitute-" +"urls} option})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2290 +msgid "" +"Substitute URLs can be either HTTP or HTTPS. HTTPS is recommended because communications are encrypted; conversely, using HTTP " +"makes all communications visible to an eavesdropper, who could use the information gathered to determine, for instance, whether your " +"system has unpatched security vulnerabilities." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2299 +msgid "" +"Substitutes from the official build farm are enabled by default when using the Guix System Distribution (@pxref{GNU Distribution}). " +"However, they are disabled by default when using Guix on a foreign distribution, unless you have explicitly enabled them via one of " +"the recommended installation steps (@pxref{Installation}). The following paragraphs describe how to enable or disable substitutes " +"for the official build farm; the same procedure can also be used to enable substitutes for any other substitute server." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2303 +#, no-wrap +msgid "security" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2305 +#, no-wrap +msgid "access control list (ACL), for substitutes" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2306 +#, no-wrap +msgid "ACL (access control list), for substitutes" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2313 +msgid "" +"To allow Guix to download substitutes from @code{hydra.gnu.org} or a mirror thereof, you must add its public key to the access " +"control list (ACL) of archive imports, using the @command{guix archive} command (@pxref{Invoking guix archive}). Doing so implies " +"that you trust @code{hydra.gnu.org} to not be compromised and to serve genuine substitutes." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2320 +msgid "" +"The public key for @code{hydra.gnu.org} is installed along with Guix, in @code{@var{prefix}/share/guix/hydra.gnu.org.pub}, where " +"@var{prefix} is the installation prefix of Guix. If you installed Guix from source, make sure you checked the GPG signature of " +"@file{guix-@value{VERSION}.tar.gz}, which contains this public key file. Then, you can run something like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:2323 +#, no-wrap +msgid "# guix archive --authorize < @var{prefix}/share/guix/hydra.gnu.org.pub\n" +msgstr "" + +#. type: quotation +#: doc/guix.texi:2329 +msgid "" +"Similarly, the @file{berlin.guixsd.org.pub} file contains the public key for the project's new build farm, reachable at " +"@indicateurl{https://berlin.guixsd.org}." +msgstr "" + +#. type: quotation +#: doc/guix.texi:2334 +msgid "" +"As of this writing @code{berlin.guixsd.org} is being upgraded so it can better scale up, but you might want to give it a try. It is " +"backed by 20 x86_64/i686 build nodes and may be able to provide substitutes more quickly than @code{mirror.hydra.gnu.org}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2338 +msgid "Once this is in place, the output of a command like @code{guix build} should change from something like:" +msgstr "" + +#. type: example +#: doc/guix.texi:2347 +#, no-wrap +msgid "" +"$ guix build emacs --dry-run\n" +"The following derivations would be built:\n" +" /gnu/store/yr7bnx8xwcayd6j95r2clmkdl1qh688w-emacs-24.3.drv\n" +" /gnu/store/x8qsh1hlhgjx6cwsjyvybnfv2i37z23w-dbus-1.6.4.tar.gz.drv\n" +" /gnu/store/1ixwp12fl950d15h2cj11c73733jay0z-alsa-lib-1.0.27.1.tar.bz2.drv\n" +" /gnu/store/nlma1pw0p603fpfiqy7kn4zm105r5dmw-util-linux-2.21.drv\n" +"@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2351 +msgid "to something like:" +msgstr "" + +#. type: example +#: doc/guix.texi:2360 +#, no-wrap +msgid "" +"$ guix build emacs --dry-run\n" +"112.3 MB would be downloaded:\n" +" /gnu/store/pk3n22lbq6ydamyymqkkz7i69wiwjiwi-emacs-24.3\n" +" /gnu/store/2ygn4ncnhrpr61rssa6z0d9x22si0va3-libjpeg-8d\n" +" /gnu/store/71yz6lgx4dazma9dwn2mcjxaah9w77jq-cairo-1.12.16\n" +" /gnu/store/7zdhgp0n1518lvfn8mb96sxqfmvqrl7v-libxrender-0.9.7\n" +"@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2365 +msgid "This indicates that substitutes from @code{hydra.gnu.org} are usable and will be downloaded, when possible, for future builds." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2366 +#, no-wrap +msgid "substitutes, how to disable" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2372 +msgid "" +"The substitute mechanism can be disabled globally by running @code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoking guix-" +"daemon}). It can also be disabled temporarily by passing the @code{--no-substitutes} option to @command{guix package}, " +"@command{guix build}, and other command-line tools." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2376 +#, no-wrap +msgid "digital signatures" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2380 +msgid "" +"Guix detects and raises an error when attempting to use a substitute that has been tampered with. Likewise, it ignores substitutes " +"that are not signed, or that are not signed by one of the keys listed in the ACL." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2386 +msgid "" +"There is one exception though: if an unauthorized server provides substitutes that are @emph{bit-for-bit identical} to those " +"provided by an authorized server, then the unauthorized server becomes eligible for downloads. For example, assume we have chosen " +"two substitute servers with this option:" +msgstr "" + +#. type: example +#: doc/guix.texi:2389 +#, no-wrap +msgid "--substitute-urls=\"https://a.example.org https://b.example.org\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2400 +msgid "" +"If the ACL contains only the key for @code{b.example.org}, and if @code{a.example.org} happens to serve the @emph{exact same} " +"substitutes, then Guix will download substitutes from @code{a.example.org} because it comes first in the list and can be considered " +"a mirror of @code{b.example.org}. In practice, independent build machines usually produce the same binaries, thanks to bit-" +"reproducible builds (see below)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2407 +msgid "" +"When using HTTPS, the server's X.509 certificate is @emph{not} validated (in other words, the server is not authenticated), contrary " +"to what HTTPS clients such as Web browsers usually do. This is because Guix authenticates substitute information itself, as " +"explained above, which is what we care about (whereas X.509 certificates are about authenticating bindings between domain names and " +"public keys.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2419 +msgid "" +"Substitutes are downloaded over HTTP or HTTPS. The @code{http_proxy} environment variable can be set in the environment of " +"@command{guix-daemon} and is honored for downloads of substitutes. Note that the value of @code{http_proxy} in the environment " +"where @command{guix build}, @command{guix package}, and other client commands are run has @emph{absolutely no effect}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2428 +msgid "" +"Even when a substitute for a derivation is available, sometimes the substitution attempt will fail. This can happen for a variety " +"of reasons: the substitute server might be offline, the substitute may recently have been deleted, the connection might have been " +"interrupted, etc." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2442 +msgid "" +"When substitutes are enabled and a substitute for a derivation is available, but the substitution attempt fails, Guix will attempt " +"to build the derivation locally depending on whether or not @code{--fallback} was given (@pxref{fallback-option,, common build " +"option @code{--fallback}}). Specifically, if @code{--fallback} was omitted, then no local build will be performed, and the " +"derivation is considered to have failed. However, if @code{--fallback} was given, then Guix will attempt to build the derivation " +"locally, and the success or failure of the derivation depends on the success or failure of the local build. Note that when " +"substitutes are disabled or no substitute is available for the derivation in question, a local build will @emph{always} be " +"performed, regardless of whether or not @code{--fallback} was given." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2447 +msgid "" +"To get an idea of how many substitutes are available right now, you can try running the @command{guix weather} command " +"(@pxref{Invoking guix weather}). This command provides statistics on the substitutes provided by a server." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2451 +#, no-wrap +msgid "trust, of pre-built binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2461 +msgid "" +"Today, each individual's control over their own computing is at the mercy of institutions, corporations, and groups with enough " +"power and determination to subvert the computing infrastructure and exploit its weaknesses. While using @code{hydra.gnu.org} " +"substitutes can be convenient, we encourage users to also build on their own, or even run their own build farm, such that " +"@code{hydra.gnu.org} is less of an interesting target. One way to help is by publishing the software you build using @command{guix " +"publish} so that others have one more choice of server to download substitutes from (@pxref{Invoking guix publish})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2473 +msgid "" +"Guix has the foundations to maximize build reproducibility (@pxref{Features}). In most cases, independent builds of a given package " +"or derivation should yield bit-identical results. Thus, through a diverse set of independent package builds, we can strengthen the " +"integrity of our systems. The @command{guix challenge} command aims to help users assess substitute servers, and to assist " +"developers in finding out about non-deterministic package builds (@pxref{Invoking guix challenge}). Similarly, the @option{--check} " +"option of @command{guix build} allows users to check whether previously-installed substitutes are genuine by rebuilding them locally " +"(@pxref{build-check, @command{guix build --check}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2477 +msgid "" +"In the future, we want Guix to have support to publish and retrieve binaries to/from other users, in a peer-to-peer fashion. If you " +"would like to discuss this project, join us on @email{guix-devel@@gnu.org}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2481 +#, no-wrap +msgid "multiple-output packages" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2482 +#, no-wrap +msgid "package outputs" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2483 +#, no-wrap +msgid "outputs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2493 +msgid "" +"Often, packages defined in Guix have a single @dfn{output}---i.e., the source package leads to exactly one directory in the store. " +"When running @command{guix package -i glibc}, one installs the default output of the GNU libc package; the default output is called " +"@code{out}, but its name can be omitted as shown in this command. In this particular case, the default output of @code{glibc} " +"contains all the C header files, shared libraries, static libraries, Info documentation, and other supporting files." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2501 +msgid "" +"Sometimes it is more appropriate to separate the various types of files produced from a single source package into separate " +"outputs. For instance, the GLib C library (used by GTK+ and related packages) installs more than 20 MiB of reference documentation " +"as HTML pages. To save space for users who do not need it, the documentation goes to a separate output, called @code{doc}. To " +"install the main GLib output, which contains everything but the documentation, one would run:" +msgstr "" + +#. type: example +#: doc/guix.texi:2504 +#, no-wrap +msgid "guix package -i glib\n" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:2506 doc/guix.texi:21259 +#, no-wrap +msgid "documentation" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2508 +msgid "The command to install its documentation is:" +msgstr "" + +#. type: example +#: doc/guix.texi:2511 +#, no-wrap +msgid "guix package -i glib:doc\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2522 +msgid "" +"Some packages install programs with different ``dependency footprints''. For instance, the WordNet package installs both command-" +"line tools and graphical user interfaces (GUIs). The former depend solely on the C library, whereas the latter depend on Tcl/Tk and " +"the underlying X libraries. In this case, we leave the command-line tools in the default output, whereas the GUIs are in a separate " +"output. This allows users who do not need the GUIs to save space. The @command{guix size} command can help find out about such " +"situations (@pxref{Invoking guix size}). @command{guix graph} can also be helpful (@pxref{Invoking guix graph})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2530 +msgid "" +"There are several such multiple-output packages in the GNU distribution. Other conventional output names include @code{lib} for " +"libraries and possibly header files, @code{bin} for stand-alone programs, and @code{debug} for debugging information " +"(@pxref{Installing Debugging Files}). The outputs of a packages are listed in the third column of the output of @command{guix " +"package --list-available} (@pxref{Invoking guix package})." +msgstr "" + +#. type: section +#: doc/guix.texi:2533 +#, no-wrap +msgid "Invoking @command{guix gc}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2535 +#, no-wrap +msgid "garbage collector" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2536 +#, no-wrap +msgid "disk space" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2542 +msgid "" +"Packages that are installed, but not used, may be @dfn{garbage-collected}. The @command{guix gc} command allows users to explicitly " +"run the garbage collector to reclaim space from the @file{/gnu/store} directory. It is the @emph{only} way to remove files from " +"@file{/gnu/store}---removing files or directories manually may break it beyond repair!" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2553 +msgid "" +"The garbage collector has a set of known @dfn{roots}: any file under @file{/gnu/store} reachable from a root is considered " +"@dfn{live} and cannot be deleted; any other file is considered @dfn{dead} and may be deleted. The set of garbage collector roots " +"(``GC roots'' for short) includes default user profiles; by default, the symlinks under @file{/var/guix/gcroots} represent these GC " +"roots. New GC roots can be added with @command{guix build --root}, for example (@pxref{Invoking guix build})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2559 +msgid "" +"Prior to running @code{guix gc --collect-garbage} to make space, it is often useful to remove old generations from user profiles; " +"that way, old package builds referenced by those generations can be reclaimed. This is achieved by running @code{guix package --" +"delete-generations} (@pxref{Invoking guix package})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2563 +msgid "" +"Our recommendation is to run a garbage collection periodically, or when you are short on disk space. For instance, to guarantee " +"that at least 5@tie{}GB are available on your disk, simply run:" +msgstr "" + +#. type: example +#: doc/guix.texi:2566 +#, no-wrap +msgid "guix gc -F 5G\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2575 +msgid "" +"It is perfectly safe to run as a non-interactive periodic job (@pxref{Scheduled Job Execution}, for how to set up such a job on " +"GuixSD). Running @command{guix gc} with no arguments will collect as much garbage as it can, but that is often inconvenient: you " +"may find yourself having to rebuild or re-download software that is ``dead'' from the GC viewpoint but that is necessary to build " +"other pieces of software---e.g., the compiler tool chain." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2581 +msgid "" +"The @command{guix gc} command has three modes of operation: it can be used to garbage-collect any dead files (the default), to " +"delete specific files (the @code{--delete} option), to print garbage-collector information, or for more advanced queries. The " +"garbage collection options are as follows:" +msgstr "" + +#. type: item +#: doc/guix.texi:2583 +#, no-wrap +msgid "--collect-garbage[=@var{min}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2584 +#, no-wrap +msgid "-C [@var{min}]" +msgstr "" + +#. type: table +#: doc/guix.texi:2588 +msgid "" +"Collect garbage---i.e., unreachable @file{/gnu/store} files and sub-directories. This is the default operation when no option is " +"specified." +msgstr "" + +#. type: table +#: doc/guix.texi:2593 +msgid "" +"When @var{min} is given, stop once @var{min} bytes have been collected. @var{min} may be a number of bytes, or it may include a " +"unit as a suffix, such as @code{MiB} for mebibytes and @code{GB} for gigabytes (@pxref{Block size, size specifications,, coreutils, " +"GNU Coreutils})." +msgstr "" + +#. type: table +#: doc/guix.texi:2595 +msgid "When @var{min} is omitted, collect all the garbage." +msgstr "" + +#. type: item +#: doc/guix.texi:2596 +#, no-wrap +msgid "--free-space=@var{free}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2597 +#, no-wrap +msgid "-F @var{free}" +msgstr "" + +#. type: table +#: doc/guix.texi:2601 +msgid "" +"Collect garbage until @var{free} space is available under @file{/gnu/store}, if possible; @var{free} denotes storage space, such as " +"@code{500MiB}, as described above." +msgstr "" + +#. type: table +#: doc/guix.texi:2604 +msgid "When @var{free} or more is already available in @file{/gnu/store}, do nothing and exit immediately." +msgstr "" + +#. type: item +#: doc/guix.texi:2605 +#, no-wrap +msgid "--delete" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2606 doc/guix.texi:5836 doc/guix.texi:20536 +#, no-wrap +msgid "-d" +msgstr "" + +#. type: table +#: doc/guix.texi:2610 +msgid "" +"Attempt to delete all the store files and directories specified as arguments. This fails if some of the files are not in the store, " +"or if they are still live." +msgstr "" + +#. type: item +#: doc/guix.texi:2611 +#, no-wrap +msgid "--list-failures" +msgstr "" + +#. type: table +#: doc/guix.texi:2613 +msgid "List store items corresponding to cached build failures." +msgstr "" + +#. type: table +#: doc/guix.texi:2617 +msgid "" +"This prints nothing unless the daemon was started with @option{--cache-failures} (@pxref{Invoking guix-daemon, @option{--cache-" +"failures}})." +msgstr "" + +#. type: item +#: doc/guix.texi:2618 +#, no-wrap +msgid "--clear-failures" +msgstr "" + +#. type: table +#: doc/guix.texi:2620 +msgid "Remove the specified store items from the failed-build cache." +msgstr "" + +#. type: table +#: doc/guix.texi:2623 +msgid "Again, this option only makes sense when the daemon is started with @option{--cache-failures}. Otherwise, it does nothing." +msgstr "" + +#. type: item +#: doc/guix.texi:2624 +#, no-wrap +msgid "--list-dead" +msgstr "" + +#. type: table +#: doc/guix.texi:2627 +msgid "" +"Show the list of dead files and directories still present in the store---i.e., files and directories no longer reachable from any " +"root." +msgstr "" + +#. type: item +#: doc/guix.texi:2628 +#, no-wrap +msgid "--list-live" +msgstr "" + +#. type: table +#: doc/guix.texi:2630 +msgid "Show the list of live store files and directories." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2634 +msgid "In addition, the references among existing store files can be queried:" +msgstr "" + +#. type: item +#: doc/guix.texi:2637 +#, no-wrap +msgid "--references" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2638 +#, no-wrap +msgid "--referrers" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2639 doc/guix.texi:6931 +#, no-wrap +msgid "package dependencies" +msgstr "" + +#. type: table +#: doc/guix.texi:2642 +msgid "List the references (respectively, the referrers) of store files given as arguments." +msgstr "" + +#. type: item +#: doc/guix.texi:2643 +#, no-wrap +msgid "--requisites" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2644 +#, no-wrap +msgid "-R" +msgstr "" + +#. type: item +#: doc/guix.texi:2645 doc/guix.texi:6815 doc/guix.texi:6839 doc/guix.texi:6903 +#, no-wrap +msgid "closure" +msgstr "" + +#. type: table +#: doc/guix.texi:2650 +msgid "" +"List the requisites of the store files passed as arguments. Requisites include the store files themselves, their references, and " +"the references of these, recursively. In other words, the returned list is the @dfn{transitive closure} of the store files." +msgstr "" + +#. type: table +#: doc/guix.texi:2654 +msgid "" +"@xref{Invoking guix size}, for a tool to profile the size of the closure of an element. @xref{Invoking guix graph}, for a tool to " +"visualize the graph of references." +msgstr "" + +#. type: item +#: doc/guix.texi:2655 +#, no-wrap +msgid "--derivers" +msgstr "" + +#. type: item +#: doc/guix.texi:2656 doc/guix.texi:3122 doc/guix.texi:7016 +#, no-wrap +msgid "derivation" +msgstr "" + +#. type: table +#: doc/guix.texi:2659 +msgid "Return the derivation(s) leading to the given store items (@pxref{Derivations})." +msgstr "" + +#. type: table +#: doc/guix.texi:2661 +msgid "For example, this command:" +msgstr "" + +#. type: example +#: doc/guix.texi:2664 +#, no-wrap +msgid "guix gc --derivers `guix package -I ^emacs$ | cut -f4`\n" +msgstr "" + +#. type: table +#: doc/guix.texi:2669 +msgid "returns the @file{.drv} file(s) leading to the @code{emacs} package installed in your profile." +msgstr "" + +#. type: table +#: doc/guix.texi:2673 +msgid "" +"Note that there may be zero matching @file{.drv} files, for instance because these files have been garbage-collected. There can " +"also be more than one matching @file{.drv} due to fixed-output derivations." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2677 +msgid "Lastly, the following options allow you to check the integrity of the store and to control disk usage." +msgstr "" + +#. type: item +#: doc/guix.texi:2680 +#, no-wrap +msgid "--verify[=@var{options}]" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2681 +#, no-wrap +msgid "integrity, of the store" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2682 +#, no-wrap +msgid "integrity checking" +msgstr "" + +#. type: table +#: doc/guix.texi:2684 +msgid "Verify the integrity of the store." +msgstr "" + +#. type: table +#: doc/guix.texi:2687 +msgid "" +"By default, make sure that all the store items marked as valid in the database of the daemon actually exist in @file{/gnu/store}." +msgstr "" + +#. type: table +#: doc/guix.texi:2690 +msgid "When provided, @var{options} must be a comma-separated list containing one or more of @code{contents} and @code{repair}." +msgstr "" + +#. type: table +#: doc/guix.texi:2696 +msgid "" +"When passing @option{--verify=contents}, the daemon computes the content hash of each store item and compares it against its hash in " +"the database. Hash mismatches are reported as data corruptions. Because it traverses @emph{all the files in the store}, this " +"command can take a long time, especially on systems with a slow disk drive." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2697 +#, no-wrap +msgid "repairing the store" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2698 doc/guix.texi:5829 +#, no-wrap +msgid "corruption, recovering from" +msgstr "" + +#. type: table +#: doc/guix.texi:2706 +msgid "" +"Using @option{--verify=repair} or @option{--verify=contents,repair} causes the daemon to try to repair corrupt store items by " +"fetching substitutes for them (@pxref{Substitutes}). Because repairing is not atomic, and thus potentially dangerous, it is " +"available only to the system administrator. A lightweight alternative, when you know exactly which items in the store are corrupt, " +"is @command{guix build --repair} (@pxref{Invoking guix build})." +msgstr "" +"Utiliser @option{--verify=repair} ou @option{--verify=contents,repair} fait que le démon essaie de réparer les objets du dépôt " +"corrompus en récupérant leurs substituts (@pxref{Substituts}). Comme la réparation n'est pas atomique et donc potentiellement " +"dangereuse, elle n'est disponible que pour l'administrateur système. Une alternative plus légère lorsque vous connaissez exactement " +"quelle entrée est corrompue consiste à lancer @command{guix build --repair} (@pxref{Invoking guix build})." + +#. type: item +#: doc/guix.texi:2707 +#, no-wrap +msgid "--optimize" +msgstr "" + +#. type: table +#: doc/guix.texi:2711 +msgid "Optimize the store by hard-linking identical files---this is @dfn{deduplication}." +msgstr "" + +#. type: table +#: doc/guix.texi:2717 +msgid "" +"The daemon performs deduplication after each successful build or archive import, unless it was started with @code{--disable-" +"deduplication} (@pxref{Invoking guix-daemon, @code{--disable-deduplication}}). Thus, this option is primarily useful when the " +"daemon was running with @code{--disable-deduplication}." +msgstr "" + +#. type: section +#: doc/guix.texi:2721 +#, no-wrap +msgid "Invoking @command{guix pull}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2723 +#, no-wrap +msgid "upgrading Guix" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2724 +#, no-wrap +msgid "updating Guix" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:2725 +#, no-wrap +msgid "guix pull" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2726 +#, no-wrap +msgid "pull" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2733 +msgid "" +"Packages are installed or upgraded to the latest version available in the distribution currently available on your local machine. " +"To update that distribution, along with the Guix tools, you must run @command{guix pull}: the command downloads the latest Guix " +"source code and package descriptions, and deploys it. Source code is downloaded from a @uref{https://git-scm.com, Git} repository." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2739 +msgid "" +"On completion, @command{guix package} will use packages and package versions from this just-retrieved copy of Guix. Not only that, " +"but all the Guix commands and Scheme modules will also be taken from that latest version. New @command{guix} sub-commands added by " +"the update also become available." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2749 +msgid "" +"Any user can update their Guix copy using @command{guix pull}, and the effect is limited to the user who run @command{guix pull}. " +"For instance, when user @code{root} runs @command{guix pull}, this has no effect on the version of Guix that user @code{alice} sees, " +"and vice versa@footnote{Under the hood, @command{guix pull} updates the @file{~/.config/guix/latest} symbolic link to point to the " +"latest Guix, and the @command{guix} command loads code from there. Currently, the only way to roll back an invocation of " +"@command{guix pull} is to manually update this symlink to point to the previous Guix.}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2752 +msgid "The @command{guix pull} command is usually invoked with no arguments, but it supports the following options:" +msgstr "" + +#. type: table +#: doc/guix.texi:2756 +msgid "Produce verbose output, writing build logs to the standard error output." +msgstr "" + +#. type: item +#: doc/guix.texi:2757 +#, no-wrap +msgid "--url=@var{url}" +msgstr "" + +#. type: table +#: doc/guix.texi:2759 +msgid "Download Guix from the Git repository at @var{url}." +msgstr "" + +#. type: vindex +#: doc/guix.texi:2760 +#, no-wrap +msgid "GUIX_PULL_URL" +msgstr "" + +#. type: table +#: doc/guix.texi:2764 +msgid "" +"By default, the source is taken from its canonical Git repository at @code{gnu.org}, for the stable branch of Guix. To use a " +"different source, set the @code{GUIX_PULL_URL} environment variable." +msgstr "" + +#. type: item +#: doc/guix.texi:2765 +#, no-wrap +msgid "--commit=@var{commit}" +msgstr "" + +#. type: table +#: doc/guix.texi:2768 +msgid "Deploy @var{commit}, a valid Git commit ID represented as a hexadecimal string." +msgstr "" + +#. type: item +#: doc/guix.texi:2769 +#, no-wrap +msgid "--branch=@var{branch}" +msgstr "" + +#. type: table +#: doc/guix.texi:2772 +msgid "Deploy the tip of @var{branch}, the name of a Git branch available on the repository at @var{url}." +msgstr "" + +#. type: table +#: doc/guix.texi:2776 +msgid "Use the bootstrap Guile to build the latest Guix. This option is only useful to Guix developers." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2780 +msgid "In addition, @command{guix pull} supports all the common build options (@pxref{Common Build Options})." +msgstr "" + +#. type: section +#: doc/guix.texi:2782 +#, no-wrap +msgid "Invoking @command{guix pack}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2788 +msgid "" +"Occasionally you want to pass software to people who are not (yet!) lucky enough to be using Guix. You'd tell them to run " +"@command{guix package -i @var{something}}, but that's not possible in this case. This is where @command{guix pack} comes in." +msgstr "" + +#. type: quotation +#: doc/guix.texi:2793 +msgid "" +"If you are looking for ways to exchange binaries among machines that already run Guix, @pxref{Invoking guix copy}, @ref{Invoking " +"guix publish}, and @ref{Invoking guix archive}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2795 +#, no-wrap +msgid "pack" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2796 +#, no-wrap +msgid "bundle" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2797 +#, no-wrap +msgid "application bundle" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2798 +#, no-wrap +msgid "software bundle" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2807 +msgid "" +"The @command{guix pack} command creates a shrink-wrapped @dfn{pack} or @dfn{software bundle}: it creates a tarball or some other " +"archive containing the binaries of the software you're interested in, and all its dependencies. The resulting archive can be used " +"on any machine that does not have Guix, and people can run the exact same binaries as those you have with Guix. The pack itself is " +"created in a bit-reproducible fashion, so anyone can verify that it really contains the build results that you pretend to be " +"shipping." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2810 +msgid "For example, to create a bundle containing Guile, Emacs, Geiser, and all their dependencies, you can run:" +msgstr "" + +#. type: example +#: doc/guix.texi:2815 +#, no-wrap +msgid "" +"$ guix pack guile emacs geiser\n" +"@dots{}\n" +"/gnu/store/@dots{}-pack.tar.gz\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2823 +msgid "" +"The result here is a tarball containing a @file{/gnu/store} directory with all the relevant packages. The resulting tarball " +"contains a @dfn{profile} with the three packages of interest; the profile is the same as would be created by @command{guix package -" +"i}. It is this mechanism that is used to create Guix's own standalone binary tarball (@pxref{Binary Installation})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2828 +msgid "" +"Users of this pack would have to run @file{/gnu/store/@dots{}-profile/bin/guile} to run Guile, which you may find inconvenient. To " +"work around it, you can create, say, a @file{/opt/gnu/bin} symlink to the profile:" +msgstr "" + +#. type: example +#: doc/guix.texi:2831 +#, no-wrap +msgid "guix pack -S /opt/gnu/bin=bin guile emacs geiser\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2835 +msgid "That way, users can happily type @file{/opt/gnu/bin/guile} and enjoy." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2838 +msgid "Alternatively, you can produce a pack in the Docker image format using the following command:" +msgstr "" + +#. type: example +#: doc/guix.texi:2841 +#, no-wrap +msgid "guix pack -f docker guile emacs geiser\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2848 +msgid "" +"The result is a tarball that can be passed to the @command{docker load} command. See the @uref{https://docs.docker.com/engine/" +"reference/commandline/load/, Docker documentation} for more information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2850 +msgid "Several command-line options allow you to customize your pack:" +msgstr "" + +#. type: item +#: doc/guix.texi:2852 +#, no-wrap +msgid "--format=@var{format}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2853 +#, no-wrap +msgid "-f @var{format}" +msgstr "" + +#. type: table +#: doc/guix.texi:2855 +msgid "Produce a pack in the given @var{format}." +msgstr "" + +#. type: table +#: doc/guix.texi:2857 +msgid "The available formats are:" +msgstr "" + +#. type: item +#: doc/guix.texi:2859 +#, no-wrap +msgid "tarball" +msgstr "" + +#. type: table +#: doc/guix.texi:2862 +msgid "This is the default format. It produces a tarball containing all the specified binaries and symlinks." +msgstr "" + +#. type: item +#: doc/guix.texi:2863 +#, no-wrap +msgid "docker" +msgstr "" + +#. type: table +#: doc/guix.texi:2867 +msgid "" +"This produces a tarball that follows the @uref{https://github.com/docker/docker/blob/master/image/spec/v1.2.md, Docker Image " +"Specification}." +msgstr "" + +#. type: item +#: doc/guix.texi:2869 doc/guix.texi:5707 doc/guix.texi:6532 doc/guix.texi:7093 doc/guix.texi:7243 doc/guix.texi:20522 +#, no-wrap +msgid "--expression=@var{expr}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2870 doc/guix.texi:5708 doc/guix.texi:6533 doc/guix.texi:7094 doc/guix.texi:7244 doc/guix.texi:20523 +#, no-wrap +msgid "-e @var{expr}" +msgstr "" + +#. type: table +#: doc/guix.texi:2872 doc/guix.texi:6535 doc/guix.texi:7096 +msgid "Consider the package @var{expr} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:2876 +msgid "" +"This has the same purpose as the same-named option in @command{guix build} (@pxref{Additional Build Options, @code{--expression} in " +"@command{guix build}})." +msgstr "" + +#. type: table +#: doc/guix.texi:2881 +msgid "Use the packages contained in the manifest object returned by the Scheme code in @var{file}." +msgstr "" + +#. type: table +#: doc/guix.texi:2889 +msgid "" +"This has a similar purpose as the same-named option in @command{guix package} (@pxref{profile-manifest, @option{--manifest}}) and " +"uses the same manifest files. It allows you to define a collection of packages once and use it both for creating profiles and for " +"creating archives for use on machines that do not have Guix installed. Note that you can specify @emph{either} a manifest file " +"@emph{or} a list of packages, but not both." +msgstr "" + +#. type: itemx +#: doc/guix.texi:2891 doc/guix.texi:5780 doc/guix.texi:6921 doc/guix.texi:7329 doc/guix.texi:7963 doc/guix.texi:20531 +#, no-wrap +msgid "-s @var{system}" +msgstr "" + +#. type: table +#: doc/guix.texi:2894 doc/guix.texi:5783 +msgid "Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of the system type of the build host." +msgstr "" + +#. type: item +#: doc/guix.texi:2895 doc/guix.texi:5804 +#, no-wrap +msgid "--target=@var{triplet}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2896 doc/guix.texi:3322 doc/guix.texi:5805 +#, no-wrap +msgid "cross-compilation" +msgstr "" + +#. type: table +#: doc/guix.texi:2900 doc/guix.texi:5809 +msgid "" +"Cross-build for @var{triplet}, which must be a valid GNU triplet, such as @code{\"mips64el-linux-gnu\"} (@pxref{Specifying target " +"triplets, GNU configuration triplets,, autoconf, Autoconf})." +msgstr "" + +#. type: item +#: doc/guix.texi:2901 +#, no-wrap +msgid "--compression=@var{tool}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2902 +#, no-wrap +msgid "-C @var{tool}" +msgstr "" + +#. type: table +#: doc/guix.texi:2905 +msgid "" +"Compress the resulting tarball using @var{tool}---one of @code{gzip}, @code{bzip2}, @code{xz}, @code{lzip}, or @code{none} for no " +"compression." +msgstr "" + +#. type: item +#: doc/guix.texi:2906 +#, no-wrap +msgid "--symlink=@var{spec}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:2907 +#, no-wrap +msgid "-S @var{spec}" +msgstr "" + +#. type: table +#: doc/guix.texi:2910 +msgid "Add the symlinks specified by @var{spec} to the pack. This option can appear several times." +msgstr "" + +#. type: table +#: doc/guix.texi:2914 +msgid "" +"@var{spec} has the form @code{@var{source}=@var{target}}, where @var{source} is the symlink that will be created and @var{target} is " +"the symlink target." +msgstr "" + +#. type: table +#: doc/guix.texi:2917 +msgid "" +"For instance, @code{-S /opt/gnu/bin=bin} creates a @file{/opt/gnu/bin} symlink pointing to the @file{bin} sub-directory of the " +"profile." +msgstr "" + +#. type: item +#: doc/guix.texi:2918 +#, no-wrap +msgid "--localstatedir" +msgstr "" + +#. type: table +#: doc/guix.texi:2921 +msgid "Include the ``local state directory'', @file{/var/guix}, in the resulting pack." +msgstr "" + +#. type: table +#: doc/guix.texi:2927 +msgid "" +"@file{/var/guix} contains the store database (@pxref{The Store}) as well as garbage-collector roots (@pxref{Invoking guix gc}). " +"Providing it in the pack means that the store is ``complete'' and manageable by Guix; not providing it pack means that the store is " +"``dead'': items cannot be added to it or removed from it after extraction of the pack." +msgstr "" + +#. type: table +#: doc/guix.texi:2930 +msgid "One use case for this is the Guix self-contained binary tarball (@pxref{Binary Installation})." +msgstr "" + +#. type: table +#: doc/guix.texi:2934 +msgid "Use the bootstrap binaries to build the pack. This option is only useful to Guix developers." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2939 +msgid "" +"In addition, @command{guix pack} supports all the common build options (@pxref{Common Build Options}) and all the package " +"transformation options (@pxref{Package Transformation Options})." +msgstr "" + +#. type: section +#: doc/guix.texi:2942 +#, no-wrap +msgid "Invoking @command{guix archive}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:2944 +#, no-wrap +msgid "guix archive" +msgstr "" + +#. type: cindex +#: doc/guix.texi:2945 +#, no-wrap +msgid "archive" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2951 +msgid "" +"The @command{guix archive} command allows users to @dfn{export} files from the store into a single archive, and to later " +"@dfn{import} them on a machine that runs Guix. In particular, it allows store files to be transferred from one machine to the store " +"on another machine." +msgstr "" + +#. type: quotation +#: doc/guix.texi:2955 +msgid "If you're looking for a way to produce archives in a format suitable for tools other than Guix, @pxref{Invoking guix pack}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:2957 +#, no-wrap +msgid "exporting store items" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2959 +msgid "To export store files as an archive to standard output, run:" +msgstr "" + +#. type: example +#: doc/guix.texi:2962 +#, no-wrap +msgid "guix archive --export @var{options} @var{specifications}...\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2969 +msgid "" +"@var{specifications} may be either store file names or package specifications, as for @command{guix package} (@pxref{Invoking guix " +"package}). For instance, the following command creates an archive containing the @code{gui} output of the @code{git} package and " +"the main output of @code{emacs}:" +msgstr "" + +#. type: example +#: doc/guix.texi:2972 +#, no-wrap +msgid "guix archive --export git:gui /gnu/store/...-emacs-24.3 > great.nar\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2977 +msgid "" +"If the specified packages are not built yet, @command{guix archive} automatically builds them. The build process may be controlled " +"with the common build options (@pxref{Common Build Options})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2980 +msgid "To transfer the @code{emacs} package to a machine connected over SSH, one would run:" +msgstr "" + +#. type: example +#: doc/guix.texi:2983 +#, no-wrap +msgid "guix archive --export -r emacs | ssh the-machine guix archive --import\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:2988 +msgid "Similarly, a complete user profile may be transferred from one machine to another like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:2992 +#, no-wrap +msgid "" +"guix archive --export -r $(readlink -f ~/.guix-profile) | \\\n" +" ssh the-machine guix-archive --import\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3002 +msgid "" +"However, note that, in both examples, all of @code{emacs} and the profile as well as all of their dependencies are transferred (due " +"to @code{-r}), regardless of what is already available in the store on the target machine. The @code{--missing} option can help " +"figure out which items are missing from the target store. The @command{guix copy} command simplifies and optimizes this whole " +"process, so this is probably what you should use in this case (@pxref{Invoking guix copy})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3003 +#, no-wrap +msgid "nar, archive format" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3004 +#, no-wrap +msgid "normalized archive (nar)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3014 +msgid "" +"Archives are stored in the ``normalized archive'' or ``nar'' format, which is comparable in spirit to `tar', but with differences " +"that make it more appropriate for our purposes. First, rather than recording all Unix metadata for each file, the nar format only " +"mentions the file type (regular, directory, or symbolic link); Unix permissions and owner/group are dismissed. Second, the order in " +"which directory entries are stored always follows the order of file names according to the C locale collation order. This makes " +"archive production fully deterministic." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3020 +msgid "" +"When exporting, the daemon digitally signs the contents of the archive, and that digital signature is appended. When importing, the " +"daemon verifies the signature and rejects the import in case of an invalid signature or if the signing key is not authorized." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3022 +msgid "The main options are:" +msgstr "" + +#. type: item +#: doc/guix.texi:3024 +#, no-wrap +msgid "--export" +msgstr "" + +#. type: table +#: doc/guix.texi:3027 +msgid "Export the specified store files or packages (see below.) Write the resulting archive to the standard output." +msgstr "" + +#. type: table +#: doc/guix.texi:3030 +msgid "Dependencies are @emph{not} included in the output, unless @code{--recursive} is passed." +msgstr "" + +#. type: itemx +#: doc/guix.texi:3031 doc/guix.texi:6076 +#, no-wrap +msgid "-r" +msgstr "" + +#. type: item +#: doc/guix.texi:3032 doc/guix.texi:6075 +#, no-wrap +msgid "--recursive" +msgstr "" + +#. type: table +#: doc/guix.texi:3037 +msgid "" +"When combined with @code{--export}, this instructs @command{guix archive} to include dependencies of the given items in the " +"archive. Thus, the resulting archive is self-contained: it contains the closure of the exported store items." +msgstr "" + +#. type: item +#: doc/guix.texi:3038 +#, no-wrap +msgid "--import" +msgstr "" + +#. type: table +#: doc/guix.texi:3043 +msgid "" +"Read an archive from the standard input, and import the files listed therein into the store. Abort if the archive has an invalid " +"digital signature, or if it is signed by a public key not among the authorized keys (see @code{--authorize} below.)" +msgstr "" + +#. type: item +#: doc/guix.texi:3044 +#, no-wrap +msgid "--missing" +msgstr "" + +#. type: table +#: doc/guix.texi:3048 +msgid "" +"Read a list of store file names from the standard input, one per line, and write on the standard output the subset of these files " +"missing from the store." +msgstr "" + +#. type: item +#: doc/guix.texi:3049 +#, no-wrap +msgid "--generate-key[=@var{parameters}]" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3050 +#, no-wrap +msgid "signing, archives" +msgstr "" + +#. type: table +#: doc/guix.texi:3055 +msgid "" +"Generate a new key pair for the daemon. This is a prerequisite before archives can be exported with @code{--export}. Note that " +"this operation usually takes time, because it needs to gather enough entropy to generate the key pair." +msgstr "" + +#. type: table +#: doc/guix.texi:3065 +msgid "" +"The generated key pair is typically stored under @file{/etc/guix}, in @file{signing-key.pub} (public key) and @file{signing-key.sec} " +"(private key, which must be kept secret.) When @var{parameters} is omitted, an ECDSA key using the Ed25519 curve is generated, or, " +"for Libgcrypt versions before 1.6.0, it is a 4096-bit RSA key. Alternatively, @var{parameters} can specify @code{genkey} parameters " +"suitable for Libgcrypt (@pxref{General public-key related Functions, @code{gcry_pk_genkey},, gcrypt, The Libgcrypt Reference " +"Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:3066 +#, no-wrap +msgid "--authorize" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3067 +#, no-wrap +msgid "authorizing, archives" +msgstr "" + +#. type: table +#: doc/guix.texi:3071 +msgid "" +"Authorize imports signed by the public key passed on standard input. The public key must be in ``s-expression advanced format''---i." +"e., the same format as the @file{signing-key.pub} file." +msgstr "" + +#. type: table +#: doc/guix.texi:3078 +msgid "" +"The list of authorized keys is kept in the human-editable file @file{/etc/guix/acl}. The file contains @url{http://people.csail.mit." +"edu/rivest/Sexp.txt, ``advanced-format s-expressions''} and is structured as an access-control list in the @url{http://theworld.com/" +"~cme/spki.txt, Simple Public-Key Infrastructure (SPKI)}." +msgstr "" + +#. type: item +#: doc/guix.texi:3079 +#, no-wrap +msgid "--extract=@var{directory}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:3080 +#, no-wrap +msgid "-x @var{directory}" +msgstr "" + +#. type: table +#: doc/guix.texi:3084 +msgid "" +"Read a single-item archive as served by substitute servers (@pxref{Substitutes}) and extract it to @var{directory}. This is a low-" +"level operation needed in only very narrow use cases; see below." +msgstr "" +"Lit une archive à un seul élément telle que servie par un serveur de substituts (@pxref{Substituts}) et l'extrait dans " +"@var{directory}. C'est une opération de bas niveau requise seulement dans de rares cas d'usage ; voir plus loin." + +#. type: table +#: doc/guix.texi:3087 +msgid "For example, the following command extracts the substitute for Emacs served by @code{hydra.gnu.org} to @file{/tmp/emacs}:" +msgstr "" + +#. type: example +#: doc/guix.texi:3092 +#, no-wrap +msgid "" +"$ wget -O - \\\n" +" https://hydra.gnu.org/nar/@dots{}-emacs-24.5 \\\n" +" | bunzip2 | guix archive -x /tmp/emacs\n" +msgstr "" + +#. type: table +#: doc/guix.texi:3099 +msgid "" +"Single-item archives are different from multiple-item archives produced by @command{guix archive --export}; they contain a single " +"store item, and they do @emph{not} embed a signature. Thus this operation does @emph{no} signature verification and its output " +"should be considered unsafe." +msgstr "" + +#. type: table +#: doc/guix.texi:3102 +msgid "" +"The primary purpose of this operation is to facilitate inspection of archive contents coming from possibly untrusted substitute " +"servers." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3115 +msgid "" +"GNU Guix provides several Scheme programming interfaces (APIs) to define, build, and query packages. The first interface allows " +"users to write high-level package definitions. These definitions refer to familiar packaging concepts, such as the name and version " +"of a package, its build system, and its dependencies. These definitions can then be turned into concrete build actions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3121 +msgid "" +"Build actions are performed by the Guix daemon, on behalf of users. In a standard setup, the daemon has write access to the store---" +"the @file{/gnu/store} directory---whereas users do not. The recommended setup also has the daemon perform builds in chroots, under " +"a specific build users, to minimize interference with the rest of the system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3130 +msgid "" +"Lower-level APIs are available to interact with the daemon and the store. To instruct the daemon to perform a build action, users " +"actually provide it with a @dfn{derivation}. A derivation is a low-level representation of the build actions to be taken, and the " +"environment in which they should occur---derivations are to package definitions what assembly is to C programs. The term " +"``derivation'' comes from the fact that build results @emph{derive} from them." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3133 +msgid "This chapter describes all these APIs in turn, starting from high-level package definitions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3150 +msgid "" +"The high-level interface to package definitions is implemented in the @code{(guix packages)} and @code{(guix build-system)} " +"modules. As an example, the package definition, or @dfn{recipe}, for the GNU Hello package looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:3158 +#, no-wrap +msgid "" +"(define-module (gnu packages hello)\n" +" #:use-module (guix packages)\n" +" #:use-module (guix download)\n" +" #:use-module (guix build-system gnu)\n" +" #:use-module (guix licenses)\n" +" #:use-module (gnu packages gawk))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:3177 +#, no-wrap +msgid "" +"(define-public hello\n" +" (package\n" +" (name \"hello\")\n" +" (version \"2.10\")\n" +" (source (origin\n" +" (method url-fetch)\n" +" (uri (string-append \"mirror://gnu/hello/hello-\" version\n" +" \".tar.gz\"))\n" +" (sha256\n" +" (base32\n" +" \"0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i\"))))\n" +" (build-system gnu-build-system)\n" +" (arguments '(#:configure-flags '(\"--enable-silent-rules\")))\n" +" (inputs `((\"gawk\" ,gawk)))\n" +" (synopsis \"Hello, GNU world: An example GNU package\")\n" +" (description \"Guess what GNU Hello prints!\")\n" +" (home-page \"http://www.gnu.org/software/hello/\")\n" +" (license gpl3+)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3187 +msgid "" +"Without being a Scheme expert, the reader may have guessed the meaning of the various fields here. This expression binds the " +"variable @code{hello} to a @code{} object, which is essentially a record (@pxref{SRFI-9, Scheme records,, guile, GNU Guile " +"Reference Manual}). This package object can be inspected using procedures found in the @code{(guix packages)} module; for instance, " +"@code{(package-name hello)} returns---surprise!---@code{\"hello\"}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3191 +msgid "" +"With luck, you may be able to import part or all of the definition of the package you are interested in from another repository, " +"using the @code{guix import} command (@pxref{Invoking guix import})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3197 +msgid "" +"In the example above, @var{hello} is defined in a module of its own, @code{(gnu packages hello)}. Technically, this is not strictly " +"necessary, but it is convenient to do so: all the packages defined in modules under @code{(gnu packages @dots{})} are automatically " +"known to the command-line tools (@pxref{Package Modules})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3199 +msgid "There are a few points worth noting in the above package definition:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:3206 +msgid "" +"The @code{source} field of the package is an @code{} object (@pxref{origin Reference}, for the complete reference). Here, " +"the @code{url-fetch} method from @code{(guix download)} is used, meaning that the source is a file to be downloaded over FTP or HTTP." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3209 +msgid "The @code{mirror://gnu} prefix instructs @code{url-fetch} to use one of the GNU mirrors defined in @code{(guix download)}." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3216 +msgid "" +"The @code{sha256} field specifies the expected SHA256 hash of the file being downloaded. It is mandatory, and allows Guix to check " +"the integrity of the file. The @code{(base32 @dots{})} form introduces the base32 representation of the hash. You can obtain this " +"information with @code{guix download} (@pxref{Invoking guix download}) and @code{guix hash} (@pxref{Invoking guix hash})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3217 +#, no-wrap +msgid "patches" +msgstr "" + +#. type: itemize +#: doc/guix.texi:3221 +msgid "" +"When needed, the @code{origin} form can also have a @code{patches} field listing patches to be applied, and a @code{snippet} field " +"giving a Scheme expression to modify the source code." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3223 +#, no-wrap +msgid "GNU Build System" +msgstr "" + +#. type: itemize +#: doc/guix.texi:3229 +msgid "" +"The @code{build-system} field specifies the procedure to build the package (@pxref{Build Systems}). Here, @var{gnu-build-system} " +"represents the familiar GNU Build System, where packages may be configured, built, and installed with the usual @code{./configure && " +"make && make check && make install} command sequence." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3235 +msgid "" +"The @code{arguments} field specifies options for the build system (@pxref{Build Systems}). Here it is interpreted by @var{gnu-build-" +"system} as a request run @file{configure} with the @code{--enable-silent-rules} flag." +msgstr "" + +#. type: findex +#: doc/guix.texi:3236 doc/guix.texi:3239 +#, no-wrap +msgid "quote" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3237 +#, no-wrap +msgid "quoting" +msgstr "" + +#. type: findex +#: doc/guix.texi:3238 +#, no-wrap +msgid "'" +msgstr "" + +#. type: itemize +#: doc/guix.texi:3247 +msgid "" +"What about these quote (@code{'}) characters? They are Scheme syntax to introduce a literal list; @code{'} is synonymous with " +"@code{quote}. @xref{Expression Syntax, quoting,, guile, GNU Guile Reference Manual}, for details. Here the value of the " +"@code{arguments} field is a list of arguments passed to the build system down the road, as with @code{apply} (@pxref{Fly Evaluation, " +"@code{apply},, guile, GNU Guile Reference Manual})." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3253 +msgid "" +"The hash-colon (@code{#:}) sequence defines a Scheme @dfn{keyword} (@pxref{Keywords,,, guile, GNU Guile Reference Manual}), and " +"@code{#:configure-flags} is a keyword used to pass a keyword argument to the build system (@pxref{Coding With Keywords,,, guile, GNU " +"Guile Reference Manual})." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3259 +msgid "" +"The @code{inputs} field specifies inputs to the build process---i.e., build-time or run-time dependencies of the package. Here, we " +"define an input called @code{\"gawk\"} whose value is that of the @var{gawk} variable; @var{gawk} is itself bound to a " +"@code{} object." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3260 +#, no-wrap +msgid "backquote (quasiquote)" +msgstr "" + +#. type: findex +#: doc/guix.texi:3261 +#, no-wrap +msgid "`" +msgstr "" + +#. type: findex +#: doc/guix.texi:3262 +#, no-wrap +msgid "quasiquote" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3263 +#, no-wrap +msgid "comma (unquote)" +msgstr "" + +#. type: findex +#: doc/guix.texi:3264 +#, no-wrap +msgid "," +msgstr "" + +#. type: findex +#: doc/guix.texi:3265 +#, no-wrap +msgid "unquote" +msgstr "" + +#. type: findex +#: doc/guix.texi:3266 +#, no-wrap +msgid ",@@" +msgstr "" + +#. type: findex +#: doc/guix.texi:3267 +#, no-wrap +msgid "unquote-splicing" +msgstr "" + +#. type: itemize +#: doc/guix.texi:3273 +msgid "" +"Again, @code{`} (a backquote, synonymous with @code{quasiquote}) allows us to introduce a literal list in the @code{inputs} field, " +"while @code{,} (a comma, synonymous with @code{unquote}) allows us to insert a value in that list (@pxref{Expression Syntax, " +"unquote,, guile, GNU Guile Reference Manual})." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3277 +msgid "" +"Note that GCC, Coreutils, Bash, and other essential tools do not need to be specified as inputs here. Instead, @var{gnu-build-" +"system} takes care of ensuring that they are present (@pxref{Build Systems})." +msgstr "" + +#. type: itemize +#: doc/guix.texi:3281 +msgid "" +"However, any other dependencies need to be specified in the @code{inputs} field. Any dependency not specified here will simply be " +"unavailable to the build process, possibly leading to a build failure." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3284 +msgid "@xref{package Reference}, for a full description of possible fields." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3295 +msgid "" +"Once a package definition is in place, the package may actually be built using the @code{guix build} command-line tool " +"(@pxref{Invoking guix build}), troubleshooting any build failures you encounter (@pxref{Debugging Build Failures}). You can easily " +"jump back to the package definition using the @command{guix edit} command (@pxref{Invoking guix edit}). @xref{Packaging " +"Guidelines}, for more information on how to test package definitions, and @ref{Invoking guix lint}, for information on how to check " +"a definition for style conformance." +msgstr "" + +#. type: vindex +#: doc/guix.texi:3295 +#, no-wrap +msgid "GUIX_PACKAGE_PATH" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3299 +msgid "" +"Lastly, @pxref{Package Modules}, for information on how to extend the distribution by adding your own package definitions to " +"@code{GUIX_PACKAGE_PATH}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3303 +msgid "" +"Finally, updating the package definition to a new upstream version can be partly automated by the @command{guix refresh} command " +"(@pxref{Invoking guix refresh})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3309 +msgid "" +"Behind the scenes, a derivation corresponding to the @code{} object is first computed by the @code{package-derivation} " +"procedure. That derivation is stored in a @code{.drv} file under @file{/gnu/store}. The build actions it prescribes may then be " +"realized by using the @code{build-derivations} procedure (@pxref{The Store})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:3310 +#, no-wrap +msgid "{Scheme Procedure} package-derivation @var{store} @var{package} [@var{system}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3313 +msgid "Return the @code{} object of @var{package} for @var{system} (@pxref{Derivations})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:3319 +msgid "" +"@var{package} must be a valid @code{} object, and @var{system} must be a string denoting the target system type---e.g., " +"@code{\"x86_64-linux\"} for an x86_64 Linux-based GNU system. @var{store} must be a connection to the daemon, which operates on the " +"store (@pxref{The Store})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3325 +msgid "Similarly, it is possible to compute a derivation that cross-builds a package for some other system:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3326 +#, no-wrap +msgid "{Scheme Procedure} package-cross-derivation @var{store} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3330 +msgid "" +"@var{package} @var{target} [@var{system}] Return the @code{} object of @var{package} cross-built from @var{system} to " +"@var{target}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:3335 +msgid "" +"@var{target} must be a valid GNU triplet denoting the target hardware and operating system, such as @code{\"mips64el-linux-gnu\"} " +"(@pxref{Configuration Names, GNU configuration triplets,, configure, GNU Configure and Build System})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3337 +#, no-wrap +msgid "package transformations" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3338 +#, no-wrap +msgid "input rewriting" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3339 +#, no-wrap +msgid "dependency tree rewriting" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3343 +msgid "" +"Packages can be manipulated in arbitrary ways. An example of a useful transformation is @dfn{input rewriting}, whereby the " +"dependency tree of a package is rewritten by replacing specific inputs by others:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3344 +#, no-wrap +msgid "{Scheme Procedure} package-input-rewriting @var{replacements} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3351 +msgid "" +"[@var{rewrite-name}] Return a procedure that, when passed a package, replaces its direct and indirect dependencies (but not its " +"implicit inputs) according to @var{replacements}. @var{replacements} is a list of package pairs; the first element of each pair is " +"the package to replace, and the second one is the replacement." +msgstr "" + +#. type: deffn +#: doc/guix.texi:3354 +msgid "" +"Optionally, @var{rewrite-name} is a one-argument procedure that takes the name of a package and returns its new name after rewrite." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3358 +msgid "Consider this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:3364 +#, no-wrap +msgid "" +"(define libressl-instead-of-openssl\n" +" ;; This is a procedure to replace OPENSSL by LIBRESSL,\n" +" ;; recursively.\n" +" (package-input-rewriting `((,openssl . ,libressl))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:3367 +#, no-wrap +msgid "" +"(define git-with-libressl\n" +" (libressl-instead-of-openssl git))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3375 +msgid "" +"Here we first define a rewriting procedure that replaces @var{openssl} with @var{libressl}. Then we use it to define a " +"@dfn{variant} of the @var{git} package that uses @var{libressl} instead of @var{openssl}. This is exactly what the @option{--with-" +"input} command-line option does (@pxref{Package Transformation Options, @option{--with-input}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3379 +msgid "" +"A more generic procedure to rewrite a package dependency graph is @code{package-mapping}: it supports arbitrary changes to nodes in " +"the graph." +msgstr "" + +#. type: deffn +#: doc/guix.texi:3380 +#, no-wrap +msgid "{Scheme Procedure} package-mapping @var{proc} [@var{cut?}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:3384 +msgid "" +"Return a procedure that, given a package, applies @var{proc} to all the packages depended on and returns the resulting package. The " +"procedure stops recursion when @var{cut?} returns true for a given package." +msgstr "" + +#. type: subsection +#: doc/guix.texi:3393 +#, no-wrap +msgid "@code{package} Reference" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3397 +msgid "This section summarizes all the options available in @code{package} declarations (@pxref{Defining Packages})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:3398 +#, no-wrap +msgid "{Data Type} package" +msgstr "" + +#. type: deftp +#: doc/guix.texi:3400 +msgid "This is the data type representing a package recipe." +msgstr "" + +#. type: table +#: doc/guix.texi:3404 +msgid "The name of the package, as a string." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3405 +#, no-wrap +msgid "version" +msgstr "" + +#. type: table +#: doc/guix.texi:3407 +msgid "The version of the package, as a string." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3408 doc/guix.texi:6739 doc/guix.texi:9277 doc/guix.texi:9565 +#, no-wrap +msgid "source" +msgstr "" + +#. type: table +#: doc/guix.texi:3415 +msgid "" +"An object telling how the source code for the package should be acquired. Most of the time, this is an @code{origin} object, which " +"denotes a file fetched from the Internet (@pxref{origin Reference}). It can also be any other ``file-like'' object such as a " +"@code{local-file}, which denotes a file from the local file system (@pxref{G-Expressions, @code{local-file}})." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3416 +#, no-wrap +msgid "build-system" +msgstr "" + +#. type: table +#: doc/guix.texi:3419 +msgid "The build system that should be used to build the package (@pxref{Build Systems})." +msgstr "" + +#. type: item +#: doc/guix.texi:3420 doc/guix.texi:10969 +#, no-wrap +msgid "@code{arguments} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:3423 +msgid "The arguments that should be passed to the build system. This is a list, typically containing sequential keyword-value pairs." +msgstr "" + +#. type: item +#: doc/guix.texi:3424 +#, no-wrap +msgid "@code{inputs} (default: @code{'()})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:3425 +#, no-wrap +msgid "@code{native-inputs} (default: @code{'()})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:3426 +#, no-wrap +msgid "@code{propagated-inputs} (default: @code{'()})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3427 +#, no-wrap +msgid "inputs, of packages" +msgstr "" + +#. type: table +#: doc/guix.texi:3435 +msgid "" +"These fields list dependencies of the package. Each one is a list of tuples, where each tuple has a label for the input (a string) " +"as its first element, a package, origin, or derivation as its second element, and optionally the name of the output thereof that " +"should be used, which defaults to @code{\"out\"} (@pxref{Packages with Multiple Outputs}, for more on package outputs). For " +"example, the list below specifies three inputs:" +msgstr "" + +#. type: example +#: doc/guix.texi:3440 +#, no-wrap +msgid "" +"`((\"libffi\" ,libffi)\n" +" (\"libunistring\" ,libunistring)\n" +" (\"glib:bin\" ,glib \"bin\")) ;the \"bin\" output of Glib\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3442 +#, no-wrap +msgid "cross compilation, package dependencies" +msgstr "" + +#. type: table +#: doc/guix.texi:3448 +msgid "" +"The distinction between @code{native-inputs} and @code{inputs} is necessary when considering cross-compilation. When cross-" +"compiling, dependencies listed in @code{inputs} are built for the @emph{target} architecture; conversely, dependencies listed in " +"@code{native-inputs} are built for the architecture of the @emph{build} machine." +msgstr "" + +#. type: table +#: doc/guix.texi:3453 +msgid "" +"@code{native-inputs} is typically used to list tools needed at build time, but not at run time, such as Autoconf, Automake, pkg-" +"config, Gettext, or Bison. @command{guix lint} can report likely mistakes in this area (@pxref{Invoking guix lint})." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:3460 +msgid "package-propagated-inputs" +msgstr "" + +#. type: table +#: doc/guix.texi:3460 +msgid "" +"Lastly, @code{propagated-inputs} is similar to @code{inputs}, but the specified packages will be automatically installed alongside " +"the package they belong to (@pxref{package-cmd-propagated-inputs, @command{guix package}}, for information on how @command{guix " +"package} deals with propagated inputs.)" +msgstr "" + +#. type: table +#: doc/guix.texi:3464 +msgid "" +"For example this is necessary when a C/C++ library needs headers of another library to compile, or when a pkg-config file refers to " +"another one @i{via} its @code{Requires} field." +msgstr "" + +#. type: table +#: doc/guix.texi:3471 +msgid "" +"Another example where @code{propagated-inputs} is useful is for languages that lack a facility to record the run-time search path " +"akin to the @code{RUNPATH} of ELF files; this includes Guile, Python, Perl, and more. To ensure that libraries written in those " +"languages can find library code they depend on at run time, run-time dependencies must be listed in @code{propagated-inputs} rather " +"than @code{inputs}." +msgstr "" + +#. type: item +#: doc/guix.texi:3472 +#, no-wrap +msgid "@code{self-native-input?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3475 +msgid "This is a Boolean field telling whether the package should use itself as a native input when cross-compiling." +msgstr "" + +#. type: item +#: doc/guix.texi:3476 +#, no-wrap +msgid "@code{outputs} (default: @code{'(\"out\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:3479 +msgid "The list of output names of the package. @xref{Packages with Multiple Outputs}, for typical uses of additional outputs." +msgstr "" + +#. type: item +#: doc/guix.texi:3480 +#, no-wrap +msgid "@code{native-search-paths} (default: @code{'()})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:3481 +#, no-wrap +msgid "@code{search-paths} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:3484 +msgid "A list of @code{search-path-specification} objects describing search-path environment variables honored by the package." +msgstr "" + +#. type: item +#: doc/guix.texi:3485 +#, no-wrap +msgid "@code{replacement} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3489 +msgid "" +"This must be either @code{#f} or a package object that will be used as a @dfn{replacement} for this package. @xref{Security " +"Updates, grafts}, for details." +msgstr "" + +#. type: item +#: doc/guix.texi:3490 doc/guix.texi:6731 +#, no-wrap +msgid "synopsis" +msgstr "" + +#. type: table +#: doc/guix.texi:3492 +msgid "A one-line description of the package." +msgstr "" + +#. type: item +#: doc/guix.texi:3493 doc/guix.texi:6732 doc/guix.texi:20965 +#, no-wrap +msgid "description" +msgstr "" + +#. type: table +#: doc/guix.texi:3495 +msgid "A more elaborate description of the package." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3496 +#, no-wrap +msgid "license" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3497 +#, no-wrap +msgid "license, of packages" +msgstr "" + +#. type: table +#: doc/guix.texi:3500 +msgid "The license of the package; a value from @code{(guix licenses)}, or a list of such values." +msgstr "" + +#. type: itemx +#: doc/guix.texi:3501 doc/guix.texi:6740 +#, no-wrap +msgid "home-page" +msgstr "" + +#. type: table +#: doc/guix.texi:3503 +msgid "The URL to the home-page of the package, as a string." +msgstr "" + +#. type: item +#: doc/guix.texi:3504 +#, no-wrap +msgid "@code{supported-systems} (default: @var{%supported-systems})" +msgstr "" + +#. type: table +#: doc/guix.texi:3507 +msgid "" +"The list of systems supported by the package, as strings of the form @code{architecture-kernel}, for example @code{\"x86_64-linux\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:3508 +#, no-wrap +msgid "@code{maintainers} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:3510 +msgid "The list of maintainers of the package, as @code{maintainer} objects." +msgstr "" + +#. type: item +#: doc/guix.texi:3511 +#, no-wrap +msgid "@code{location} (default: source location of the @code{package} form)" +msgstr "" + +#. type: table +#: doc/guix.texi:3515 +msgid "" +"The source location of the package. It is useful to override this when inheriting from another package, in which case this field is " +"not automatically corrected." +msgstr "" + +#. type: subsection +#: doc/guix.texi:3520 +#, no-wrap +msgid "@code{origin} Reference" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3524 +msgid "This section summarizes all the options available in @code{origin} declarations (@pxref{Defining Packages})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:3525 +#, no-wrap +msgid "{Data Type} origin" +msgstr "" + +#. type: deftp +#: doc/guix.texi:3527 +msgid "This is the data type representing a source code origin." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3529 doc/guix.texi:15647 +#, no-wrap +msgid "uri" +msgstr "" + +#. type: table +#: doc/guix.texi:3534 +msgid "" +"An object containing the URI of the source. The object type depends on the @code{method} (see below). For example, when using the " +"@var{url-fetch} method of @code{(guix download)}, the valid @code{uri} values are: a URL represented as a string, or a list thereof." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3535 +#, no-wrap +msgid "method" +msgstr "" + +#. type: table +#: doc/guix.texi:3537 +msgid "A procedure that handles the URI." +msgstr "" + +#. type: table +#: doc/guix.texi:3539 +msgid "Examples include:" +msgstr "" + +#. type: item +#: doc/guix.texi:3541 +#, no-wrap +msgid "@var{url-fetch} from @code{(guix download)}" +msgstr "" + +#. type: table +#: doc/guix.texi:3544 +msgid "download a file from the HTTP, HTTPS, or FTP URL specified in the @code{uri} field;" +msgstr "" + +#. type: vindex +#: doc/guix.texi:3545 doc/guix.texi:6093 +#, no-wrap +msgid "git-fetch" +msgstr "" + +#. type: item +#: doc/guix.texi:3546 +#, no-wrap +msgid "@var{git-fetch} from @code{(guix git-download)}" +msgstr "" + +#. type: table +#: doc/guix.texi:3550 +msgid "" +"clone the Git version control repository, and check out the revision specified in the @code{uri} field as a @code{git-reference} " +"object; a @code{git-reference} looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:3555 +#, no-wrap +msgid "" +"(git-reference\n" +" (url \"git://git.debian.org/git/pkg-shadow/shadow\")\n" +" (commit \"v4.1.5.1\"))\n" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:3558 +#, no-wrap +msgid "sha256" +msgstr "" + +#. type: table +#: doc/guix.texi:3562 +msgid "" +"A bytevector containing the SHA-256 hash of the source. Typically the @code{base32} form is used here to generate the bytevector " +"from a base-32 string." +msgstr "" + +#. type: table +#: doc/guix.texi:3566 +msgid "" +"You can obtain this information using @code{guix download} (@pxref{Invoking guix download}) or @code{guix hash} (@pxref{Invoking " +"guix hash})." +msgstr "" + +#. type: item +#: doc/guix.texi:3567 +#, no-wrap +msgid "@code{file-name} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3573 +msgid "" +"The file name under which the source code should be saved. When this is @code{#f}, a sensible default value will be used in most " +"cases. In case the source is fetched from a URL, the file name from the URL will be used. For version control checkouts, it is " +"recommended to provide the file name explicitly because the default is not very descriptive." +msgstr "" + +#. type: item +#: doc/guix.texi:3574 +#, no-wrap +msgid "@code{patches} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:3577 +msgid "" +"A list of file names, origins, or file-like objects (@pxref{G-Expressions, file-like objects}) pointing to patches to be applied to " +"the source." +msgstr "" + +#. type: table +#: doc/guix.texi:3581 +msgid "" +"This list of patches must be unconditional. In particular, it cannot depend on the value of @code{%current-system} or " +"@code{%current-target-system}." +msgstr "" + +#. type: item +#: doc/guix.texi:3582 +#, no-wrap +msgid "@code{snippet} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3586 +msgid "" +"A G-expression (@pxref{G-Expressions}) or S-expression that will be run in the source directory. This is a convenient way to modify " +"the source, sometimes more convenient than a patch." +msgstr "" + +#. type: item +#: doc/guix.texi:3587 +#, no-wrap +msgid "@code{patch-flags} (default: @code{'(\"-p1\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:3590 +msgid "A list of command-line flags that should be passed to the @code{patch} command." +msgstr "" + +#. type: item +#: doc/guix.texi:3591 +#, no-wrap +msgid "@code{patch-inputs} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3595 +msgid "" +"Input packages or derivations to the patching process. When this is @code{#f}, the usual set of inputs necessary for patching are " +"provided, such as GNU@tie{}Patch." +msgstr "" + +#. type: item +#: doc/guix.texi:3596 +#, no-wrap +msgid "@code{modules} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:3599 +msgid "" +"A list of Guile modules that should be loaded during the patching process and while running the code in the @code{snippet} field." +msgstr "" + +#. type: item +#: doc/guix.texi:3600 +#, no-wrap +msgid "@code{patch-guile} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:3603 +msgid "The Guile package that should be used in the patching process. When this is @code{#f}, a sensible default is used." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3610 +#, no-wrap +msgid "build system" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3615 +msgid "" +"Each package definition specifies a @dfn{build system} and arguments for that build system (@pxref{Defining Packages}). This " +"@code{build-system} field represents the build procedure of the package, as well as implicit dependencies of that build procedure." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3619 +msgid "" +"Build systems are @code{} objects. The interface to create and manipulate them is provided by the @code{(guix build-" +"system)} module, and actual build systems are exported by specific modules." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3620 +#, no-wrap +msgid "bag (low-level package representation)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3627 +msgid "" +"Under the hood, build systems first compile package objects to @dfn{bags}. A @dfn{bag} is like a package, but with less " +"ornamentation---in other words, a bag is a lower-level representation of a package, which includes all the inputs of that package, " +"including some that were implicitly added by the build system. This intermediate representation is then compiled to a derivation " +"(@pxref{Derivations})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3635 +msgid "" +"Build systems accept an optional list of @dfn{arguments}. In package definitions, these are passed @i{via} the @code{arguments} " +"field (@pxref{Defining Packages}). They are typically keyword arguments (@pxref{Optional Arguments, keyword arguments in Guile,, " +"guile, GNU Guile Reference Manual}). The value of these arguments is usually evaluated in the @dfn{build stratum}---i.e., by a " +"Guile process launched by the daemon (@pxref{Derivations})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3639 +msgid "" +"The main build system is @var{gnu-build-system}, which implements the standard build procedure for GNU and many other packages. It " +"is provided by the @code{(guix build-system gnu)} module." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3640 +#, no-wrap +msgid "{Scheme Variable} gnu-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3644 +msgid "" +"@var{gnu-build-system} represents the GNU Build System, and variants thereof (@pxref{Configuration, configuration and makefile " +"conventions,, standards, GNU Coding Standards})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:3645 +#, no-wrap +msgid "build phases" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3652 +msgid "" +"In a nutshell, packages using it are configured, built, and installed with the usual @code{./configure && make && make check && make " +"install} command sequence. In practice, a few additional steps are often needed. All these steps are split up in separate " +"@dfn{phases}, notably@footnote{Please see the @code{(guix build gnu-build-system)} modules for more details about the build phases.}:" +msgstr "" + +#. type: item +#: doc/guix.texi:3654 +#, no-wrap +msgid "unpack" +msgstr "" + +#. type: table +#: doc/guix.texi:3658 +msgid "" +"Unpack the source tarball, and change the current directory to the extracted source tree. If the source is actually a directory, " +"copy it to the build tree, and enter that directory." +msgstr "" + +#. type: item +#: doc/guix.texi:3659 +#, no-wrap +msgid "patch-source-shebangs" +msgstr "" + +#. type: table +#: doc/guix.texi:3663 +msgid "" +"Patch shebangs encountered in source files so they refer to the right store file names. For instance, this changes @code{#!/bin/sh} " +"to @code{#!/gnu/store/@dots{}-bash-4.3/bin/sh}." +msgstr "" + +#. type: item +#: doc/guix.texi:3664 doc/guix.texi:4130 +#, no-wrap +msgid "configure" +msgstr "" + +#. type: table +#: doc/guix.texi:3668 +msgid "" +"Run the @file{configure} script with a number of default options, such as @code{--prefix=/gnu/store/@dots{}}, as well as the options " +"specified by the @code{#:configure-flags} argument." +msgstr "" + +#. type: item +#: doc/guix.texi:3669 doc/guix.texi:4135 doc/guix.texi:20375 +#, no-wrap +msgid "build" +msgstr "" + +#. type: table +#: doc/guix.texi:3673 +msgid "" +"Run @code{make} with the list of flags specified with @code{#:make-flags}. If the @code{#:parallel-build?} argument is true (the " +"default), build with @code{make -j}." +msgstr "" + +#. type: item +#: doc/guix.texi:3674 doc/guix.texi:4139 +#, no-wrap +msgid "check" +msgstr "" + +#. type: table +#: doc/guix.texi:3679 +msgid "" +"Run @code{make check}, or some other target specified with @code{#:test-target}, unless @code{#:tests? #f} is passed. If the " +"@code{#:parallel-tests?} argument is true (the default), run @code{make check -j}." +msgstr "" + +#. type: item +#: doc/guix.texi:3680 doc/guix.texi:4143 +#, no-wrap +msgid "install" +msgstr "" + +#. type: table +#: doc/guix.texi:3682 +msgid "Run @code{make install} with the flags listed in @code{#:make-flags}." +msgstr "" + +#. type: item +#: doc/guix.texi:3683 +#, no-wrap +msgid "patch-shebangs" +msgstr "" + +#. type: table +#: doc/guix.texi:3685 +msgid "Patch shebangs on the installed executable files." +msgstr "" + +#. type: item +#: doc/guix.texi:3686 +#, no-wrap +msgid "strip" +msgstr "" + +#. type: table +#: doc/guix.texi:3690 +msgid "" +"Strip debugging symbols from ELF files (unless @code{#:strip-binaries?} is false), copying them to the @code{debug} output when " +"available (@pxref{Installing Debugging Files})." +msgstr "" + +#. type: vindex +#: doc/guix.texi:3692 +#, no-wrap +msgid "%standard-phases" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3697 +msgid "" +"The build-side module @code{(guix build gnu-build-system)} defines @var{%standard-phases} as the default list of build phases. " +"@var{%standard-phases} is a list of symbol/procedure pairs, where the procedure implements the actual phase." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3700 +msgid "The list of phases used for a particular package can be changed with the @code{#:phases} parameter. For instance, passing:" +msgstr "" + +#. type: example +#: doc/guix.texi:3703 +#, no-wrap +msgid "#:phases (modify-phases %standard-phases (delete 'configure))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3707 +msgid "means that all the phases described above will be used, except the @code{configure} phase." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3714 +msgid "" +"In addition, this build system ensures that the ``standard'' environment for GNU packages is available. This includes tools such as " +"GCC, libc, Coreutils, Bash, Make, Diffutils, grep, and sed (see the @code{(guix build-system gnu)} module for a complete list). We " +"call these the @dfn{implicit inputs} of a package, because package definitions do not have to mention them." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:3721 +msgid "" +"Other @code{} objects are defined to support other conventions and tools used by free software packages. They inherit " +"most of @var{gnu-build-system}, and differ mainly in the set of inputs implicitly added to the build process, and in the list of " +"phases executed. Some of these build systems are listed below." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3722 +#, no-wrap +msgid "{Scheme Variable} ant-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3726 +msgid "" +"This variable is exported by @code{(guix build-system ant)}. It implements the build procedure for Java packages that can be built " +"with @url{http://ant.apache.org/, Ant build tool}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3731 +msgid "" +"It adds both @code{ant} and the @dfn{Java Development Kit} (JDK) as provided by the @code{icedtea} package to the set of inputs. " +"Different packages can be specified with the @code{#:ant} and @code{#:jdk} parameters, respectively." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3737 +msgid "" +"When the original package does not provide a suitable Ant build file, the parameter @code{#:jar-name} can be used to generate a " +"minimal Ant build file @file{build.xml} with tasks to build the specified jar archive. In this case the parameter @code{#:source-" +"dir} can be used to specify the source sub-directory, defaulting to ``src''." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3745 +msgid "" +"The @code{#:main-class} parameter can be used with the minimal ant buildfile to specify the main class of the resulting jar. This " +"makes the jar file executable. The @code{#:test-include} parameter can be used to specify the list of junit tests to run. It " +"defaults to @code{(list \"**/*Test.java\")}. The @code{#:test-exclude} can be used to disable some tests. It defaults to " +"@code{(list \"**/Abstract*.java\")}, because abstract classes cannot be run as tests." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3749 +msgid "" +"The parameter @code{#:build-target} can be used to specify the Ant task that should be run during the @code{build} phase. By " +"default the ``jar'' task will be run." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3752 +#, no-wrap +msgid "{Scheme Variable} asdf-build-system/source" +msgstr "" + +#. type: defvrx +#: doc/guix.texi:3753 +#, no-wrap +msgid "{Scheme Variable} asdf-build-system/sbcl" +msgstr "" + +#. type: defvrx +#: doc/guix.texi:3754 +#, no-wrap +msgid "{Scheme Variable} asdf-build-system/ecl" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3760 +msgid "" +"These variables, exported by @code{(guix build-system asdf)}, implement build procedures for Common Lisp packages using @url{https://" +"common-lisp.net/project/asdf/, ``ASDF''}. ASDF is a system definition facility for Common Lisp programs and libraries." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3767 +msgid "" +"The @code{asdf-build-system/source} system installs the packages in source form, and can be loaded using any common lisp " +"implementation, via ASDF. The others, such as @code{asdf-build-system/sbcl}, install binary systems in the format which a " +"particular implementation understands. These build systems can also be used to produce executable programs, or lisp images which " +"contain a set of packages pre-loaded." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3771 +msgid "" +"The build system uses naming conventions. For binary packages, the package name should be prefixed with the lisp implementation, " +"such as @code{sbcl-} for @code{asdf-build-system/sbcl}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3775 +msgid "" +"Additionally, the corresponding source package should be labeled using the same convention as python packages (see @ref{Python " +"Modules}), using the @code{cl-} prefix." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3780 +msgid "" +"For binary packages, each system should be defined as a Guix package. If one package @code{origin} contains several systems, " +"package variants can be created in order to build all the systems. Source packages, which use @code{asdf-build-system/source}, may " +"contain several systems." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3787 +msgid "" +"In order to create executable programs and images, the build-side procedures @code{build-program} and @code{build-image} can be " +"used. They should be called in a build phase after the @code{create-symlinks} phase, so that the system which was just built can be " +"used within the resulting image. @code{build-program} requires a list of Common Lisp expressions to be passed as the @code{#:entry-" +"program} argument." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3796 +msgid "" +"If the system is not defined within its own @code{.asd} file of the same name, then the @code{#:asd-file} parameter should be used " +"to specify which file the system is defined in. Furthermore, if the package defines a system for its tests in a separate file, it " +"will be loaded before the tests are run if it is specified by the @code{#:test-asd-file} parameter. If it is not set, the files " +"@code{-tests.asd}, @code{-test.asd}, @code{tests.asd}, and @code{test.asd} will be tried if they exist." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3800 +msgid "" +"If for some reason the package must be named in a different way than the naming conventions suggest, the @code{#:asd-system-name} " +"parameter can be used to specify the name of the system." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3803 +#, no-wrap +msgid "{Scheme Variable} cargo-build-system" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3804 +#, no-wrap +msgid "Rust programming language" +msgstr "" + +#. type: cindex +#: doc/guix.texi:3805 +#, no-wrap +msgid "Cargo (Rust build system)" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3809 +msgid "" +"This variable is exported by @code{(guix build-system cargo)}. It supports builds of packages using Cargo, the build tool of the " +"@uref{https://www.rust-lang.org, Rust programming language}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3814 +msgid "" +"In its @code{configure} phase, this build system replaces dependencies specified in the @file{Carto.toml} file with inputs to the " +"Guix package. The @code{install} phase installs the binaries, and it also installs the source code and @file{Cargo.toml} file." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3816 +#, no-wrap +msgid "{Scheme Variable} cmake-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3820 +msgid "" +"This variable is exported by @code{(guix build-system cmake)}. It implements the build procedure for packages using the @url{http://" +"www.cmake.org, CMake build tool}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3824 +msgid "" +"It automatically adds the @code{cmake} package to the set of inputs. Which package is used can be specified with the @code{#:cmake} " +"parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3831 +msgid "" +"The @code{#:configure-flags} parameter is taken as a list of flags passed to the @command{cmake} command. The @code{#:build-type} " +"parameter specifies in abstract terms the flags passed to the compiler; it defaults to @code{\"RelWithDebInfo\"} (short for " +"``release mode with debugging information''), which roughly means that code is compiled with @code{-O2 -g}, as is the case for " +"Autoconf-based packages by default." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3833 +#, no-wrap +msgid "{Scheme Variable} go-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3838 +msgid "" +"This variable is exported by @code{(guix build-system go)}. It implements a build procedure for Go packages using the standard " +"@url{https://golang.org/cmd/go/#hdr-Compile_packages_and_dependencies, Go build mechanisms}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3849 +msgid "" +"The user is expected to provide a value for the key @code{#:import-path} and, in some cases, @code{#:unpack-path}. The @url{https://" +"golang.org/doc/code.html#ImportPaths, import path} corresponds to the file system path expected by the package's build scripts and " +"any referring packages, and provides a unique way to refer to a Go package. It is typically based on a combination of the package " +"source code's remote URI and file system hierarchy structure. In some cases, you will need to unpack the package's source code to a " +"different directory structure than the one indicated by the import path, and @code{#:unpack-path} should be used in such cases." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3854 +msgid "" +"Packages that provide Go libraries should be installed along with their source code. The key @code{#:install-source?}, which " +"defaults to @code{#t}, controls whether or not the source code is installed. It can be set to @code{#f} for packages that only " +"provide executable files." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3856 +#, no-wrap +msgid "{Scheme Variable} glib-or-gtk-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3859 +msgid "" +"This variable is exported by @code{(guix build-system glib-or-gtk)}. It is intended for use with packages making use of GLib or GTK" +"+." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3862 +msgid "This build system adds the following two phases to the ones defined by @var{gnu-build-system}:" +msgstr "" + +#. type: item +#: doc/guix.texi:3864 doc/guix.texi:4159 +#, no-wrap +msgid "glib-or-gtk-wrap" +msgstr "" + +#. type: table +#: doc/guix.texi:3871 +msgid "" +"The phase @code{glib-or-gtk-wrap} ensures that programs in @file{bin/} are able to find GLib ``schemas'' and @uref{https://developer." +"gnome.org/gtk3/stable/gtk-running.html, GTK+ modules}. This is achieved by wrapping the programs in launch scripts that " +"appropriately set the @code{XDG_DATA_DIRS} and @code{GTK_PATH} environment variables." +msgstr "" + +#. type: table +#: doc/guix.texi:3878 +msgid "" +"It is possible to exclude specific package outputs from that wrapping process by listing their names in the @code{#:glib-or-gtk-wrap-" +"excluded-outputs} parameter. This is useful when an output is known not to contain any GLib or GTK+ binaries, and where wrapping " +"would gratuitously add a dependency of that output on GLib and GTK+." +msgstr "" + +#. type: item +#: doc/guix.texi:3879 doc/guix.texi:4163 +#, no-wrap +msgid "glib-or-gtk-compile-schemas" +msgstr "" + +#. type: table +#: doc/guix.texi:3887 +msgid "" +"The phase @code{glib-or-gtk-compile-schemas} makes sure that all @uref{https://developer.gnome.org/gio/stable/glib-compile-schemas." +"html, GSettings schemas} of GLib are compiled. Compilation is performed by the @command{glib-compile-schemas} program. It is " +"provided by the package @code{glib:bin} which is automatically imported by the build system. The @code{glib} package providing " +"@command{glib-compile-schemas} can be specified with the @code{#:glib} parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3890 +msgid "Both phases are executed after the @code{install} phase." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3892 +#, no-wrap +msgid "{Scheme Variable} minify-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3895 +msgid "" +"This variable is exported by @code{(guix build-system minify)}. It implements a minification procedure for simple JavaScript " +"packages." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3901 +msgid "" +"It adds @code{uglify-js} to the set of inputs and uses it to compress all JavaScript files in the @file{src} directory. A different " +"minifier package can be specified with the @code{#:uglify-js} parameter, but it is expected that the package writes the minified " +"code to the standard output." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3905 +msgid "" +"When the input JavaScript files are not all located in the @file{src} directory, the parameter @code{#:javascript-files} can be used " +"to specify a list of file names to feed to the minifier." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3907 +#, no-wrap +msgid "{Scheme Variable} ocaml-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3913 +msgid "" +"This variable is exported by @code{(guix build-system ocaml)}. It implements a build procedure for @uref{https://ocaml.org, OCaml} " +"packages, which consists of choosing the correct set of commands to run for each package. OCaml packages can expect many different " +"commands to be run. This build system will try some of them." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3923 +msgid "" +"When the package has a @file{setup.ml} file present at the top-level, it will run @code{ocaml setup.ml -configure}, @code{ocaml " +"setup.ml -build} and @code{ocaml setup.ml -install}. The build system will assume that this file was generated by @uref{http://" +"oasis.forge.ocamlcore.org/, OASIS} and will take care of setting the prefix and enabling tests if they are not disabled. You can " +"pass configure and build flags with the @code{#:configure-flags} and @code{#:build-flags}. The @code{#:test-flags} key can be " +"passed to change the set of flags used to enable tests. The @code{#:use-make?} key can be used to bypass this system in the build " +"and install phases." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3928 +msgid "" +"When the package has a @file{configure} file, it is assumed that it is a hand-made configure script that requires a different " +"argument format than in the @code{gnu-build-system}. You can add more flags with the @code{#:configure-flags} key." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3932 +msgid "" +"When the package has a @file{Makefile} file (or @code{#:use-make?} is @code{#t}), it will be used and more flags can be passed to " +"the build and install phases with the @code{#:make-flags} key." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3940 +msgid "" +"Finally, some packages do not have these files and use a somewhat standard location for its build system. In that case, the build " +"system will run @code{ocaml pkg/pkg.ml} or @code{ocaml pkg/build.ml} and take care of providing the path to the required findlib " +"module. Additional flags can be passed via the @code{#:build-flags} key. Install is taken care of by @command{opam-installer}. In " +"this case, the @code{opam} package must be added to the @code{native-inputs} field of the package definition." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3948 +msgid "" +"Note that most OCaml packages assume they will be installed in the same directory as OCaml, which is not what we want in guix. In " +"particular, they will install @file{.so} files in their module's directory, which is usually fine because it is in the OCaml " +"compiler directory. In guix though, these libraries cannot be found and we use @code{CAML_LD_LIBRARY_PATH}. This variable points " +"to @file{lib/ocaml/site-lib/stubslibs} and this is where @file{.so} libraries should be installed." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3950 +#, no-wrap +msgid "{Scheme Variable} python-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3955 +msgid "" +"This variable is exported by @code{(guix build-system python)}. It implements the more or less standard build procedure used by " +"Python packages, which consists in running @code{python setup.py build} and then @code{python setup.py install --prefix=/gnu/store/" +"@dots{}}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3959 +msgid "" +"For packages that install stand-alone Python programs under @code{bin/}, it takes care of wrapping these programs so that their " +"@code{PYTHONPATH} environment variable points to all the Python libraries they depend on." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3965 +msgid "" +"Which Python package is used to perform the build can be specified with the @code{#:python} parameter. This is a useful way to " +"force a package to be built for a specific version of the Python interpreter, which might be necessary if the package is only " +"compatible with a single interpreter version." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3970 +msgid "" +"By default guix calls @code{setup.py} under control of @code{setuptools}, much like @command{pip} does. Some packages are not " +"compatible with setuptools (and pip), thus you can disable this by setting the @code{#:use-setuptools} parameter to @code{#f}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3972 +#, no-wrap +msgid "{Scheme Variable} perl-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:3984 +msgid "" +"This variable is exported by @code{(guix build-system perl)}. It implements the standard build procedure for Perl packages, which " +"either consists in running @code{perl Build.PL --prefix=/gnu/store/@dots{}}, followed by @code{Build} and @code{Build install}; or " +"in running @code{perl Makefile.PL PREFIX=/gnu/store/@dots{}}, followed by @code{make} and @code{make install}, depending on which of " +"@code{Build.PL} or @code{Makefile.PL} is present in the package distribution. Preference is given to the former if both @code{Build." +"PL} and @code{Makefile.PL} exist in the package distribution. This preference can be reversed by specifying @code{#t} for the " +"@code{#:make-maker?} parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3988 +msgid "" +"The initial @code{perl Makefile.PL} or @code{perl Build.PL} invocation passes flags specified by the @code{#:make-maker-flags} or " +"@code{#:module-build-flags} parameter, respectively." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3990 +msgid "Which Perl package is used can be specified with @code{#:perl}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:3992 +#, no-wrap +msgid "{Scheme Variable} r-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4000 +msgid "" +"This variable is exported by @code{(guix build-system r)}. It implements the build procedure used by @uref{http://r-project.org, R} " +"packages, which essentially is little more than running @code{R CMD INSTALL --library=/gnu/store/@dots{}} in an environment where " +"@code{R_LIBS_SITE} contains the paths to all R package inputs. Tests are run after installation using the R function @code{tools::" +"testInstalledPackage}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4002 +#, no-wrap +msgid "{Scheme Variable} texlive-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4007 +msgid "" +"This variable is exported by @code{(guix build-system texlive)}. It is used to build TeX packages in batch mode with a specified " +"engine. The build system sets the @code{TEXINPUTS} variable to find all TeX source files in the inputs." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4016 +msgid "" +"By default it runs @code{luatex} on all files ending on @code{ins}. A different engine and format can be specified with the @code{#:" +"tex-format} argument. Different build targets can be specified with the @code{#:build-targets} argument, which expects a list of " +"file names. The build system adds only @code{texlive-bin} and @code{texlive-latex-base} (both from @code{(gnu packages tex}) to the " +"inputs. Both can be overridden with the arguments @code{#:texlive-bin} and @code{#:texlive-latex-base}, respectively." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4019 +msgid "The @code{#:tex-directory} parameter tells the build system where to install the built files under the texmf tree." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4021 +#, no-wrap +msgid "{Scheme Variable} ruby-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4025 +msgid "" +"This variable is exported by @code{(guix build-system ruby)}. It implements the RubyGems build procedure used by Ruby packages, " +"which involves running @code{gem build} followed by @code{gem install}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4033 +msgid "" +"The @code{source} field of a package that uses this build system typically references a gem archive, since this is the format that " +"Ruby developers use when releasing their software. The build system unpacks the gem archive, potentially patches the source, runs " +"the test suite, repackages the gem, and installs it. Additionally, directories and tarballs may be referenced to allow building " +"unreleased gems from Git or a traditional source release tarball." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4037 +msgid "" +"Which Ruby package is used can be specified with the @code{#:ruby} parameter. A list of additional flags to be passed to the " +"@command{gem} command can be specified with the @code{#:gem-flags} parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4039 +#, no-wrap +msgid "{Scheme Variable} waf-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4045 +msgid "" +"This variable is exported by @code{(guix build-system waf)}. It implements a build procedure around the @code{waf} script. The " +"common phases---@code{configure}, @code{build}, and @code{install}---are implemented by passing their names as arguments to the " +"@code{waf} script." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4049 +msgid "" +"The @code{waf} script is executed by the Python interpreter. Which Python package is used to run the script can be specified with " +"the @code{#:python} parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4051 +#, no-wrap +msgid "{Scheme Variable} scons-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4057 +msgid "" +"This variable is exported by @code{(guix build-system scons)}. It implements the build procedure used by the SCons software " +"construction tool. This build system runs @code{scons} to build the package, @code{scons test} to run tests, and then @code{scons " +"install} to install the package." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4062 +msgid "" +"Additional flags to be passed to @code{scons} can be specified with the @code{#:scons-flags} parameter. The version of Python used " +"to run SCons can be specified by selecting the appropriate SCons package with the @code{#:scons} parameter." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4064 +#, no-wrap +msgid "{Scheme Variable} haskell-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4078 +msgid "" +"This variable is exported by @code{(guix build-system haskell)}. It implements the Cabal build procedure used by Haskell packages, " +"which involves running @code{runhaskell Setup.hs configure --prefix=/gnu/store/@dots{}} and @code{runhaskell Setup.hs build}. " +"Instead of installing the package by running @code{runhaskell Setup.hs install}, to avoid trying to register libraries in the read-" +"only compiler store directory, the build system uses @code{runhaskell Setup.hs copy}, followed by @code{runhaskell Setup.hs " +"register}. In addition, the build system generates the package documentation by running @code{runhaskell Setup.hs haddock}, unless " +"@code{#:haddock? #f} is passed. Optional Haddock parameters can be passed with the help of the @code{#:haddock-flags} parameter. " +"If the file @code{Setup.hs} is not found, the build system looks for @code{Setup.lhs} instead." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4081 +msgid "Which Haskell compiler is used can be specified with the @code{#:haskell} parameter which defaults to @code{ghc}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4083 +#, no-wrap +msgid "{Scheme Variable} dub-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4088 +msgid "" +"This variable is exported by @code{(guix build-system dub)}. It implements the Dub build procedure used by D packages, which " +"involves running @code{dub build} and @code{dub run}. Installation is done by copying the files manually." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4091 +msgid "Which D compiler is used can be specified with the @code{#:ldc} parameter which defaults to @code{ldc}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4093 +#, no-wrap +msgid "{Scheme Variable} emacs-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4097 +msgid "" +"This variable is exported by @code{(guix build-system emacs)}. It implements an installation procedure similar to the packaging " +"system of Emacs itself (@pxref{Packages,,, emacs, The GNU Emacs Manual})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4104 +msgid "" +"It first creates the @code{@var{package}-autoloads.el} file, then it byte compiles all Emacs Lisp files. Differently from the Emacs " +"packaging system, the Info documentation files are moved to the standard documentation directory and the @file{dir} file is " +"deleted. Each package is installed in its own directory under @file{share/emacs/site-lisp/guix.d}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4106 +#, no-wrap +msgid "{Scheme Variable} font-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4112 +msgid "" +"This variable is exported by @code{(guix build-system font)}. It implements an installation procedure for font packages where " +"upstream provides pre-compiled TrueType, OpenType, etc. font files that merely need to be copied into place. It copies font files " +"to standard locations in the output directory." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4114 +#, no-wrap +msgid "{Scheme Variable} meson-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4118 +msgid "" +"This variable is exported by @code{(guix build-system meson)}. It implements the build procedure for packages that use @url{http://" +"mesonbuild.com, Meson} as their build system." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4124 +msgid "" +"It adds both Meson and @uref{https://ninja-build.org/, Ninja} to the set of inputs, and they can be changed with the parameters " +"@code{#:meson} and @code{#:ninja} if needed. The default Meson is @code{meson-for-build}, which is special because it doesn't clear " +"the @code{RUNPATH} of binaries and libraries when they are installed." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4127 +msgid "This build system is an extension of @var{gnu-build-system}, but with the following phases changed to some specific for Meson:" +msgstr "" + +#. type: table +#: doc/guix.texi:4134 +msgid "" +"The phase runs @code{meson} with the flags specified in @code{#:configure-flags}. The flag @code{--build-type} is always set to " +"@code{plain} unless something else is specified in @code{#:build-type}." +msgstr "" + +#. type: table +#: doc/guix.texi:4138 +msgid "The phase runs @code{ninja} to build the package in parallel by default, but this can be changed with @code{#:parallel-build?}." +msgstr "" + +#. type: table +#: doc/guix.texi:4142 +msgid "The phase runs @code{ninja} with the target specified in @code{#:test-target}, which is @code{\"test\"} by default." +msgstr "" + +#. type: table +#: doc/guix.texi:4145 +msgid "The phase runs @code{ninja install} and can not be changed." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4148 +msgid "Apart from that, the build system also adds the following phases:" +msgstr "" + +#. type: item +#: doc/guix.texi:4151 +#, no-wrap +msgid "fix-runpath" +msgstr "" + +#. type: table +#: doc/guix.texi:4158 +msgid "" +"This phase ensures that all binaries can find the libraries they need. It searches for required libraries in subdirectories of the " +"package being built, and adds those to @code{RUNPATH} where needed. It also removes references to libraries left over from the " +"build phase by @code{meson-for-build}, such as test dependencies, that aren't actually required for the program to run." +msgstr "" + +#. type: table +#: doc/guix.texi:4162 doc/guix.texi:4166 +msgid "" +"This phase is the phase provided by @code{glib-or-gtk-build-system}, and it is not enabled by default. It can be enabled with " +"@code{#:glib-or-gtk?}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4173 +msgid "" +"Lastly, for packages that do not need anything as sophisticated, a ``trivial'' build system is provided. It is trivial in the sense " +"that it provides basically no support: it does not pull any implicit inputs, and does not have a notion of build phases." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4174 +#, no-wrap +msgid "{Scheme Variable} trivial-build-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4176 +msgid "This variable is exported by @code{(guix build-system trivial)}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4181 +msgid "" +"This build system requires a @code{#:builder} argument. This argument must be a Scheme expression that builds the package " +"output(s)---as with @code{build-expression->derivation} (@pxref{Derivations, @code{build-expression->derivation}})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4187 +#, no-wrap +msgid "store items" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4188 +#, no-wrap +msgid "store paths" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4199 +msgid "" +"Conceptually, the @dfn{store} is the place where derivations that have been built successfully are stored---by default, @file{/gnu/" +"store}. Sub-directories in the store are referred to as @dfn{store items} or sometimes @dfn{store paths}. The store has an " +"associated database that contains information such as the store paths referred to by each store path, and the list of @emph{valid} " +"store items---results of successful builds. This database resides in @file{@var{localstatedir}/guix/db}, where @var{localstatedir} " +"is the state directory specified @i{via} @option{--localstatedir} at configure time, usually @file{/var}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4204 +msgid "" +"The store is @emph{always} accessed by the daemon on behalf of its clients (@pxref{Invoking guix-daemon}). To manipulate the store, " +"clients connect to the daemon over a Unix-domain socket, send requests to it, and read the result---these are remote procedure " +"calls, or RPCs." +msgstr "" + +#. type: quotation +#: doc/guix.texi:4209 +msgid "" +"Users must @emph{never} modify files under @file{/gnu/store} directly. This would lead to inconsistencies and break the " +"immutability assumptions of Guix's functional model (@pxref{Introduction})." +msgstr "" + +#. type: quotation +#: doc/guix.texi:4213 +msgid "" +"@xref{Invoking guix gc, @command{guix gc --verify}}, for information on how to check the integrity of the store and attempt recovery " +"from accidental modifications." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4220 +msgid "" +"The @code{(guix store)} module provides procedures to connect to the daemon, and to perform RPCs. These are described below. By " +"default, @code{open-connection}, and thus all the @command{guix} commands, connect to the local daemon or to the URI specified by " +"the @code{GUIX_DAEMON_SOCKET} environment variable." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4221 +#, no-wrap +msgid "{Environment Variable} GUIX_DAEMON_SOCKET" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4226 +msgid "" +"When set, the value of this variable should be a file name or a URI designating the daemon endpoint. When it is a file name, it " +"denotes a Unix-domain socket to connect to. In addition to file names, the supported URI schemes are:" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:4228 doc/guix.texi:15357 +#, no-wrap +msgid "file" +msgstr "" + +#. type: itemx +#: doc/guix.texi:4229 +#, no-wrap +msgid "unix" +msgstr "" + +#. type: table +#: doc/guix.texi:4233 +msgid "" +"These are for Unix-domain sockets. @code{file:///var/guix/daemon-socket/socket} is equivalent to @file{/var/guix/daemon-socket/" +"socket}." +msgstr "" + +#. type: item +#: doc/guix.texi:4234 +#, no-wrap +msgid "guix" +msgstr "" + +#. type: table +#: doc/guix.texi:4242 +msgid "" +"These URIs denote connections over TCP/IP, without encryption nor authentication of the remote host. The URI must specify the host " +"name and optionally a port number (by default port 44146 is used):" +msgstr "" + +#. type: example +#: doc/guix.texi:4245 +#, no-wrap +msgid "guix://master.guix.example.org:1234\n" +msgstr "" + +#. type: table +#: doc/guix.texi:4250 +msgid "" +"This setup is suitable on local networks, such as clusters, where only trusted nodes may connect to the build daemon at @code{master." +"guix.example.org}." +msgstr "" + +#. type: table +#: doc/guix.texi:4254 +msgid "" +"The @code{--listen} option of @command{guix-daemon} can be used to instruct it to listen for TCP connections (@pxref{Invoking guix-" +"daemon, @code{--listen}})." +msgstr "" + +#. type: item +#: doc/guix.texi:4255 +#, no-wrap +msgid "ssh" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4256 +#, no-wrap +msgid "SSH access to build daemons" +msgstr "" + +#. type: table +#: doc/guix.texi:4260 +msgid "" +"These URIs allow you to connect to a remote daemon over SSH@footnote{This feature requires Guile-SSH (@pxref{Requirements}).}. A " +"typical URL might look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:4263 +#, no-wrap +msgid "ssh://charlie@@guix.example.org:22\n" +msgstr "" + +#. type: table +#: doc/guix.texi:4267 +msgid "As for @command{guix copy}, the usual OpenSSH client configuration files are honored (@pxref{Invoking guix copy})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4270 +msgid "Additional URI schemes may be supported in the future." +msgstr "" + +#. type: quotation +#: doc/guix.texi:4277 +msgid "" +"The ability to connect to remote build daemons is considered experimental as of @value{VERSION}. Please get in touch with us to " +"share any problems or suggestions you may have (@pxref{Contributing})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4280 +#, no-wrap +msgid "{Scheme Procedure} open-connection [@var{uri}] [#:reserve-space? #t]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4285 +msgid "" +"Connect to the daemon over the Unix-domain socket at @var{uri} (a string). When @var{reserve-space?} is true, instruct it to " +"reserve a little bit of extra space on the file system so that the garbage collector can still operate should the disk become full. " +"Return a server object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4288 +msgid "" +"@var{file} defaults to @var{%default-socket-path}, which is the normal location given the options that were passed to " +"@command{configure}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4290 +#, no-wrap +msgid "{Scheme Procedure} close-connection @var{server}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4292 +msgid "Close the connection to @var{server}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4294 +#, no-wrap +msgid "{Scheme Variable} current-build-output-port" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4297 +msgid "" +"This variable is bound to a SRFI-39 parameter, which refers to the port where build and error logs sent by the daemon should be " +"written." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4301 +msgid "Procedures that make RPCs all take a server object as their first argument." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4302 +#, no-wrap +msgid "{Scheme Procedure} valid-path? @var{server} @var{path}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4303 +#, no-wrap +msgid "invalid store items" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4308 +msgid "" +"Return @code{#t} when @var{path} designates a valid store item and @code{#f} otherwise (an invalid item may exist on disk but still " +"be invalid, for instance because it is the result of an aborted or failed build.)" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4311 +msgid "A @code{&nix-protocol-error} condition is raised if @var{path} is not prefixed by the store directory (@file{/gnu/store})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4313 +#, no-wrap +msgid "{Scheme Procedure} add-text-to-store @var{server} @var{name} @var{text} [@var{references}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4317 +msgid "" +"Add @var{text} under file @var{name} in the store, and return its store path. @var{references} is the list of store paths referred " +"to by the resulting store path." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4319 +#, no-wrap +msgid "{Scheme Procedure} build-derivations @var{server} @var{derivations}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4323 +msgid "" +"Build @var{derivations} (a list of @code{} objects or derivation paths), and return when the worker is done building " +"them. Return @code{#t} on success." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4329 +msgid "" +"Note that the @code{(guix monads)} module provides a monad as well as monadic versions of the above procedures, with the goal of " +"making it more convenient to work with code that accesses the store (@pxref{The Store Monad})." +msgstr "" + +#. type: i{#1} +#: doc/guix.texi:4332 +msgid "This section is currently incomplete." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4336 +#, no-wrap +msgid "derivations" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4340 +msgid "" +"Low-level build actions and the environment in which they are performed are represented by @dfn{derivations}. A derivation contains " +"the following pieces of information:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:4345 +msgid "The outputs of the derivation---derivations produce at least one file or directory in the store, but may produce more." +msgstr "" + +#. type: itemize +#: doc/guix.texi:4349 +msgid "The inputs of the derivations, which may be other derivations or plain files in the store (patches, build scripts, etc.)" +msgstr "" + +#. type: itemize +#: doc/guix.texi:4352 +msgid "The system type targeted by the derivation---e.g., @code{x86_64-linux}." +msgstr "" + +#. type: itemize +#: doc/guix.texi:4356 +msgid "The file name of a build script in the store, along with the arguments to be passed." +msgstr "" + +#. type: itemize +#: doc/guix.texi:4359 +msgid "A list of environment variables to be defined." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4362 +#, no-wrap +msgid "derivation path" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4370 +msgid "" +"Derivations allow clients of the daemon to communicate build actions to the store. They exist in two forms: as an in-memory " +"representation, both on the client- and daemon-side, and as files in the store whose name end in @code{.drv}---these files are " +"referred to as @dfn{derivation paths}. Derivations paths can be passed to the @code{build-derivations} procedure to perform the " +"build actions they prescribe (@pxref{The Store})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4371 +#, no-wrap +msgid "fixed-output derivations" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4378 +msgid "" +"Operations such as file downloads and version-control checkouts for which the expected content hash is known in advance are modeled " +"as @dfn{fixed-output derivations}. Unlike regular derivations, the outputs of a fixed-output derivation are independent of its " +"inputs---e.g., a source code download produces the same result regardless of the download method and tools being used." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4383 +msgid "" +"The @code{(guix derivations)} module provides a representation of derivations as Scheme objects, along with procedures to create and " +"otherwise manipulate derivations. The lowest-level primitive to create a derivation is the @code{derivation} procedure:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4384 +#, no-wrap +msgid "{Scheme Procedure} derivation @var{store} @var{name} @var{builder} @" +msgstr "{Scheme Procedure} derivation @var{store} @var{name} @var{builder} @" + +#. type: deffn +#: doc/guix.texi:4393 +msgid "" +"@var{args} [#:outputs '(\"out\")] [#:hash #f] [#:hash-algo #f] @ [#:recursive? #f] [#:inputs '()] [#:env-vars '()] @ [#:system " +"(%current-system)] [#:references-graphs #f] @ [#:allowed-references #f] [#:disallowed-references #f] @ [#:leaked-env-vars #f] [#:" +"local-build? #f] @ [#:substitutable? #t] Build a derivation with the given arguments, and return the resulting @code{} " +"object." +msgstr "" +"@var{args} [#:outputs '(\"out\")] [#:hash #f] [#:hash-algo #f] @ [#:recursive? #f] [#:inputs '()] [#:env-vars '()] @ [#:system " +"(%current-system)] [#:references-graphs #f] @ [#:allowed-references #f] [#:disallowed-references #f] @ [#:leaked-env-vars #f] [#:" +"local-build? #f] @ [#:substitutable? #t] Construit une dérivation avec les arguments donnés et renvie l'objet @code{} " +"obtenu." + +#. type: deffn +#: doc/guix.texi:4400 +msgid "" +"When @var{hash} and @var{hash-algo} are given, a @dfn{fixed-output derivation} is created---i.e., one whose result is known in " +"advance, such as a file download. If, in addition, @var{recursive?} is true, then that fixed output may be an executable file or a " +"directory and @var{hash} must be the hash of an archive containing this output." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4405 +msgid "" +"When @var{references-graphs} is true, it must be a list of file name/store path pairs. In that case, the reference graph of each " +"store path is exported in the build environment in the corresponding file, in a simple text format." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4410 +msgid "" +"When @var{allowed-references} is true, it must be a list of store items or outputs that the derivation's output may refer to. " +"Likewise, @var{disallowed-references}, if true, must be a list of things the outputs may @emph{not} refer to." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4417 +msgid "" +"When @var{leaked-env-vars} is true, it must be a list of strings denoting environment variables that are allowed to ``leak'' from " +"the daemon's environment to the build environment. This is only applicable to fixed-output derivations---i.e., when @var{hash} is " +"true. The main use is to allow variables such as @code{http_proxy} to be passed to derivations that download files." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4422 +msgid "" +"When @var{local-build?} is true, declare that the derivation is not a good candidate for offloading and should rather be built " +"locally (@pxref{Daemon Offload Setup}). This is the case for small derivations where the costs of data transfers would outweigh the " +"benefits." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4427 +msgid "" +"When @var{substitutable?} is false, declare that substitutes of the derivation's output should not be used (@pxref{Substitutes}). " +"This is useful, for instance, when building packages that capture details of the host CPU instruction set." +msgstr "" +"Lorsque que @var{substitutable?} est faux, déclare que les substituts de la sortie de la dérivation ne devraient pas être utilisés " +"(@pxref{Substituts}). Cela est utile par exemple pour construire des paquets qui utilisent des détails du jeu d'instruction du CPU " +"hôte." + +#. type: Plain text +#: doc/guix.texi:4433 +msgid "" +"Here's an example with a shell script as its builder, assuming @var{store} is an open connection to the daemon, and @var{bash} " +"points to a Bash executable in the store:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:4438 +#, no-wrap +msgid "" +"(use-modules (guix utils)\n" +" (guix store)\n" +" (guix derivations))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:4447 +#, no-wrap +msgid "" +"(let ((builder ; add the Bash script to the store\n" +" (add-text-to-store store \"my-builder.sh\"\n" +" \"echo hello world > $out\\n\" '())))\n" +" (derivation store \"foo\"\n" +" bash `(\"-e\" ,builder)\n" +" #:inputs `((,bash) (,builder))\n" +" #:env-vars '((\"HOME\" . \"/homeless\"))))\n" +"@result{} # /gnu/store/@dots{}-foo>\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4454 +msgid "" +"As can be guessed, this primitive is cumbersome to use directly. A better approach is to write build scripts in Scheme, of course! " +"The best course of action for that is to write the build code as a ``G-expression'', and to pass it to @code{gexp->derivation}. For " +"more information, @pxref{G-Expressions}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4459 +msgid "" +"Once upon a time, @code{gexp->derivation} did not exist and constructing derivations with build code written in Scheme was achieved " +"with @code{build-expression->derivation}, documented below. This procedure is now deprecated in favor of the much nicer @code{gexp-" +">derivation}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4460 +#, no-wrap +msgid "{Scheme Procedure} build-expression->derivation @var{store} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4476 +msgid "" +"@var{name} @var{exp} @ [#:system (%current-system)] [#:inputs '()] @ [#:outputs '(\"out\")] [#:hash #f] [#:hash-algo #f] @ [#:" +"recursive? #f] [#:env-vars '()] [#:modules '()] @ [#:references-graphs #f] [#:allowed-references #f] @ [#:disallowed-references #f] " +"@ [#:local-build? #f] [#:substitutable? #t] [#:guile-for-build #f] Return a derivation that executes Scheme expression @var{exp} as " +"a builder for derivation @var{name}. @var{inputs} must be a list of @code{(name drv-path sub-drv)} tuples; when @var{sub-drv} is " +"omitted, @code{\"out\"} is assumed. @var{modules} is a list of names of Guile modules from the current search path to be copied in " +"the store, compiled, and made available in the load path during the execution of @var{exp}---e.g., @code{((guix build utils) (guix " +"build gnu-build-system))}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4484 +msgid "" +"@var{exp} is evaluated in an environment where @code{%outputs} is bound to a list of output/path pairs, and where @code{%build-" +"inputs} is bound to a list of string/output-path pairs made from @var{inputs}. Optionally, @var{env-vars} is a list of string pairs " +"specifying the name and value of environment variables visible to the builder. The builder terminates by passing the result of " +"@var{exp} to @code{exit}; thus, when @var{exp} returns @code{#f}, the build is considered to have failed." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4488 +msgid "" +"@var{exp} is built using @var{guile-for-build} (a derivation). When @var{guile-for-build} is omitted or is @code{#f}, the value of " +"the @code{%guile-for-build} fluid is used instead." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4493 +msgid "" +"See the @code{derivation} procedure for the meaning of @var{references-graphs}, @var{allowed-references}, @var{disallowed-" +"references}, @var{local-build?}, and @var{substitutable?}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4498 +msgid "Here's an example of a single-output derivation that creates a directory containing one file:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:4506 +#, no-wrap +msgid "" +"(let ((builder '(let ((out (assoc-ref %outputs \"out\")))\n" +" (mkdir out) ; create /gnu/store/@dots{}-goo\n" +" (call-with-output-file (string-append out \"/test\")\n" +" (lambda (p)\n" +" (display '(hello guix) p))))))\n" +" (build-expression->derivation store \"goo\" builder))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:4508 +#, no-wrap +msgid "@result{} # @dots{}>\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4514 +#, no-wrap +msgid "monad" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4520 +msgid "" +"The procedures that operate on the store described in the previous sections all take an open connection to the build daemon as their " +"first argument. Although the underlying model is functional, they either have side effects or depend on the current state of the " +"store." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4526 +msgid "" +"The former is inconvenient: the connection to the build daemon has to be carried around in all those functions, making it impossible " +"to compose functions that do not take that parameter with functions that do. The latter can be problematic: since store operations " +"have side effects and/or depend on external state, they have to be properly sequenced." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4527 +#, no-wrap +msgid "monadic values" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4528 +#, no-wrap +msgid "monadic functions" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4538 +msgid "" +"This is where the @code{(guix monads)} module comes in. This module provides a framework for working with @dfn{monads}, and a " +"particularly useful monad for our uses, the @dfn{store monad}. Monads are a construct that allows two things: associating " +"``context'' with values (in our case, the context is the store), and building sequences of computations (here computations include " +"accesses to the store). Values in a monad---values that carry this additional context---are called @dfn{monadic values}; procedures " +"that return such values are called @dfn{monadic procedures}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4540 +msgid "Consider this ``normal'' procedure:" +msgstr "" + +#. type: example +#: doc/guix.texi:4549 +#, no-wrap +msgid "" +"(define (sh-symlink store)\n" +" ;; Return a derivation that symlinks the 'bash' executable.\n" +" (let* ((drv (package-derivation store bash))\n" +" (out (derivation->output-path drv))\n" +" (sh (string-append out \"/bin/bash\")))\n" +" (build-expression->derivation store \"sh\"\n" +" `(symlink ,sh %output))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4553 +msgid "Using @code{(guix monads)} and @code{(guix gexp)}, it may be rewritten as a monadic function:" +msgstr "" + +#. type: example +#: doc/guix.texi:4561 +#, no-wrap +msgid "" +"(define (sh-symlink)\n" +" ;; Same, but return a monadic value.\n" +" (mlet %store-monad ((drv (package->derivation bash)))\n" +" (gexp->derivation \"sh\"\n" +" #~(symlink (string-append #$drv \"/bin/bash\")\n" +" #$output))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4568 +msgid "" +"There are several things to note in the second version: the @code{store} parameter is now implicit and is ``threaded'' in the calls " +"to the @code{package->derivation} and @code{gexp->derivation} monadic procedures, and the monadic value returned by @code{package-" +">derivation} is @dfn{bound} using @code{mlet} instead of plain @code{let}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4572 +msgid "" +"As it turns out, the call to @code{package->derivation} can even be omitted since it will take place implicitly, as we will see " +"later (@pxref{G-Expressions}):" +msgstr "" + +#. type: example +#: doc/guix.texi:4578 +#, no-wrap +msgid "" +"(define (sh-symlink)\n" +" (gexp->derivation \"sh\"\n" +" #~(symlink (string-append #$bash \"/bin/bash\")\n" +" #$output)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4587 +msgid "" +"Calling the monadic @code{sh-symlink} has no effect. As someone once said, ``you exit a monad like you exit a building on fire: by " +"running''. So, to exit the monad and get the desired effect, one must use @code{run-with-store}:" +msgstr "" + +#. type: example +#: doc/guix.texi:4591 +#, no-wrap +msgid "" +"(run-with-store (open-connection) (sh-symlink))\n" +"@result{} /gnu/store/...-sh-symlink\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4597 +msgid "" +"Note that the @code{(guix monad-repl)} module extends the Guile REPL with new ``meta-commands'' to make it easier to deal with " +"monadic procedures: @code{run-in-store}, and @code{enter-store-monad}. The former is used to ``run'' a single monadic value through " +"the store:" +msgstr "" + +#. type: example +#: doc/guix.texi:4601 +#, no-wrap +msgid "" +"scheme@@(guile-user)> ,run-in-store (package->derivation hello)\n" +"$1 = # @dots{}>\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4605 +msgid "The latter enters a recursive REPL, where all the return values are automatically run through the store:" +msgstr "" + +#. type: example +#: doc/guix.texi:4614 +#, no-wrap +msgid "" +"scheme@@(guile-user)> ,enter-store-monad\n" +"store-monad@@(guile-user) [1]> (package->derivation hello)\n" +"$2 = # @dots{}>\n" +"store-monad@@(guile-user) [1]> (text-file \"foo\" \"Hello!\")\n" +"$3 = \"/gnu/store/@dots{}-foo\"\n" +"store-monad@@(guile-user) [1]> ,q\n" +"scheme@@(guile-user)>\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4619 +msgid "Note that non-monadic values cannot be returned in the @code{store-monad} REPL." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4622 +msgid "" +"The main syntactic forms to deal with monads in general are provided by the @code{(guix monads)} module and are described below." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4623 +#, no-wrap +msgid "{Scheme Syntax} with-monad @var{monad} @var{body} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4626 +msgid "Evaluate any @code{>>=} or @code{return} forms in @var{body} as being in @var{monad}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4628 +#, no-wrap +msgid "{Scheme Syntax} return @var{val}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4630 +msgid "Return a monadic value that encapsulates @var{val}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4632 +#, no-wrap +msgid "{Scheme Syntax} >>= @var{mval} @var{mproc} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4639 +msgid "" +"@dfn{Bind} monadic value @var{mval}, passing its ``contents'' to monadic procedures @var{mproc}@dots{}@footnote{This operation is " +"commonly referred to as ``bind'', but that name denotes an unrelated procedure in Guile. Thus we use this somewhat cryptic symbol " +"inherited from the Haskell language.}. There can be one @var{mproc} or several of them, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:4647 +#, no-wrap +msgid "" +"(run-with-state\n" +" (with-monad %state-monad\n" +" (>>= (return 1)\n" +" (lambda (x) (return (+ 1 x)))\n" +" (lambda (x) (return (* 2 x)))))\n" +" 'some-state)\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:4650 +#, no-wrap +msgid "" +"@result{} 4\n" +"@result{} some-state\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4653 +#, no-wrap +msgid "{Scheme Syntax} mlet @var{monad} ((@var{var} @var{mval}) ...) @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4655 +msgid "@var{body} ..." +msgstr "" + +#. type: deffnx +#: doc/guix.texi:4655 +#, no-wrap +msgid "{Scheme Syntax} mlet* @var{monad} ((@var{var} @var{mval}) ...) @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4667 +msgid "" +"@var{body} ... Bind the variables @var{var} to the monadic values @var{mval} in @var{body}, which is a sequence of expressions. As " +"with the bind operator, this can be thought of as ``unpacking'' the raw, non-monadic value ``contained'' in @var{mval} and making " +"@var{var} refer to that raw, non-monadic value within the scope of the @var{body}. The form (@var{var} -> @var{val}) binds " +"@var{var} to the ``normal'' value @var{val}, as per @code{let}. The binding operations occur in sequence from left to right. The " +"last expression of @var{body} must be a monadic expression, and its result will become the result of the @code{mlet} or @code{mlet*} " +"when run in the @var{monad}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4670 +msgid "@code{mlet*} is to @code{mlet} what @code{let*} is to @code{let} (@pxref{Local Bindings,,, guile, GNU Guile Reference Manual})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4672 +#, no-wrap +msgid "{Scheme System} mbegin @var{monad} @var{mexp} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4676 +msgid "" +"Bind @var{mexp} and the following monadic expressions in sequence, returning the result of the last expression. Every expression in " +"the sequence must be a monadic expression." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4680 +msgid "" +"This is akin to @code{mlet}, except that the return values of the monadic expressions are ignored. In that sense, it is analogous " +"to @code{begin}, but applied to monadic expressions." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4682 +#, no-wrap +msgid "{Scheme System} mwhen @var{condition} @var{mexp0} @var{mexp*} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4687 +msgid "" +"When @var{condition} is true, evaluate the sequence of monadic expressions @var{mexp0}..@var{mexp*} as in an @code{mbegin}. When " +"@var{condition} is false, return @code{*unspecified*} in the current monad. Every expression in the sequence must be a monadic " +"expression." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4689 +#, no-wrap +msgid "{Scheme System} munless @var{condition} @var{mexp0} @var{mexp*} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4694 +msgid "" +"When @var{condition} is false, evaluate the sequence of monadic expressions @var{mexp0}..@var{mexp*} as in an @code{mbegin}. When " +"@var{condition} is true, return @code{*unspecified*} in the current monad. Every expression in the sequence must be a monadic " +"expression." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4696 +#, no-wrap +msgid "state monad" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4700 +msgid "" +"The @code{(guix monads)} module provides the @dfn{state monad}, which allows an additional value---the state---to be @emph{threaded} " +"through monadic procedure calls." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4701 +#, no-wrap +msgid "{Scheme Variable} %state-monad" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4704 +msgid "The state monad. Procedures in the state monad can access and change the state that is threaded." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4708 +msgid "" +"Consider the example below. The @code{square} procedure returns a value in the state monad. It returns the square of its argument, " +"but also increments the current state value:" +msgstr "" + +#. type: example +#: doc/guix.texi:4715 +#, no-wrap +msgid "" +"(define (square x)\n" +" (mlet %state-monad ((count (current-state)))\n" +" (mbegin %state-monad\n" +" (set-current-state (+ 1 count))\n" +" (return (* x x)))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:4719 +#, no-wrap +msgid "" +"(run-with-state (sequence %state-monad (map square (iota 3))) 0)\n" +"@result{} (0 1 4)\n" +"@result{} 3\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4723 +msgid "When ``run'' through @var{%state-monad}, we obtain that additional state value, which is the number of @code{square} calls." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4725 +#, no-wrap +msgid "{Monadic Procedure} current-state" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4727 +msgid "Return the current state as a monadic value." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4729 +#, no-wrap +msgid "{Monadic Procedure} set-current-state @var{value}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4732 +msgid "Set the current state to @var{value} and return the previous state as a monadic value." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4734 +#, no-wrap +msgid "{Monadic Procedure} state-push @var{value}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4737 +msgid "Push @var{value} to the current state, which is assumed to be a list, and return the previous state as a monadic value." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4739 +#, no-wrap +msgid "{Monadic Procedure} state-pop" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4742 +msgid "Pop a value from the current state and return it as a monadic value. The state is assumed to be a list." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4744 +#, no-wrap +msgid "{Scheme Procedure} run-with-state @var{mval} [@var{state}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4747 +msgid "" +"Run monadic value @var{mval} starting with @var{state} as the initial state. Return two values: the resulting value, and the " +"resulting state." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4751 +msgid "The main interface to the store monad, provided by the @code{(guix store)} module, is as follows." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4752 +#, no-wrap +msgid "{Scheme Variable} %store-monad" +msgstr "" + +#. type: defvr +#: doc/guix.texi:4754 +msgid "The store monad---an alias for @var{%state-monad}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:4758 +msgid "" +"Values in the store monad encapsulate accesses to the store. When its effect is needed, a value of the store monad must be " +"``evaluated'' by passing it to the @code{run-with-store} procedure (see below.)" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4760 +#, no-wrap +msgid "{Scheme Procedure} run-with-store @var{store} @var{mval} [#:guile-for-build] [#:system (%current-system)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4763 +msgid "Run @var{mval}, a monadic value in the store monad, in @var{store}, an open store connection." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4765 +#, no-wrap +msgid "{Monadic Procedure} text-file @var{name} @var{text} [@var{references}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4769 +msgid "" +"Return as a monadic value the absolute file name in the store of the file containing @var{text}, a string. @var{references} is a " +"list of store items that the resulting text file refers to; it defaults to the empty list." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4771 +#, no-wrap +msgid "{Monadic Procedure} interned-file @var{file} [@var{name}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4776 +msgid "" +"[#:recursive? #t] [#:select? (const #t)] Return the name of @var{file} once interned in the store. Use @var{name} as its store " +"name, or the basename of @var{file} if @var{name} is omitted." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4780 doc/guix.texi:5159 +msgid "" +"When @var{recursive?} is true, the contents of @var{file} are added recursively; if @var{file} designates a flat file and " +"@var{recursive?} is true, its contents are added, and its permission bits are kept." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4785 doc/guix.texi:5164 +msgid "" +"When @var{recursive?} is true, call @code{(@var{select?} @var{file} @var{stat})} for each directory entry, where @var{file} is the " +"entry's absolute file name and @var{stat} is the result of @code{lstat}; exclude entries for which @var{select?} does not return " +"true." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4787 +msgid "The example below adds a file to the store, under two different names:" +msgstr "" + +#. type: example +#: doc/guix.texi:4793 +#, no-wrap +msgid "" +"(run-with-store (open-connection)\n" +" (mlet %store-monad ((a (interned-file \"README\"))\n" +" (b (interned-file \"README\" \"LEGU-MIN\")))\n" +" (return (list a b))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:4795 +#, no-wrap +msgid "@result{} (\"/gnu/store/rwm@dots{}-README\" \"/gnu/store/44i@dots{}-LEGU-MIN\")\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4801 +msgid "The @code{(guix packages)} module exports the following package-related monadic procedures:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4802 +#, no-wrap +msgid "{Monadic Procedure} package-file @var{package} [@var{file}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4810 +msgid "" +"[#:system (%current-system)] [#:target #f] @ [#:output \"out\"] Return as a monadic value in the absolute file name of @var{file} " +"within the @var{output} directory of @var{package}. When @var{file} is omitted, return the name of the @var{output} directory of " +"@var{package}. When @var{target} is true, use it as a cross-compilation target triplet." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4812 +#, no-wrap +msgid "{Monadic Procedure} package->derivation @var{package} [@var{system}]" +msgstr "" + +#. type: deffnx +#: doc/guix.texi:4813 +#, no-wrap +msgid "{Monadic Procedure} package->cross-derivation @var{package} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4817 +msgid "" +"@var{target} [@var{system}] Monadic version of @code{package-derivation} and @code{package-cross-derivation} (@pxref{Defining " +"Packages})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4823 +#, no-wrap +msgid "G-expression" +msgstr "" + +#. type: cindex +#: doc/guix.texi:4824 +#, no-wrap +msgid "build code quoting" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4830 +msgid "" +"So we have ``derivations'', which represent a sequence of build actions to be performed to produce an item in the store " +"(@pxref{Derivations}). These build actions are performed when asking the daemon to actually build the derivations; they are run by " +"the daemon in a container (@pxref{Invoking guix-daemon})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4831 +#, no-wrap +msgid "strata of code" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4843 +msgid "" +"It should come as no surprise that we like to write these build actions in Scheme. When we do that, we end up with two @dfn{strata} " +"of Scheme code@footnote{The term @dfn{stratum} in this context was coined by Manuel Serrano et al.@: in the context of their work on " +"Hop. Oleg Kiselyov, who has written insightful @url{http://okmij.org/ftp/meta-programming/#meta-scheme, essays and code on this " +"topic}, refers to this kind of code generation as @dfn{staging}.}: the ``host code''---code that defines packages, talks to the " +"daemon, etc.---and the ``build code''---code that actually performs build actions, such as making directories, invoking " +"@command{make}, etc." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4850 +msgid "" +"To describe a derivation and its build actions, one typically needs to embed build code inside host code. It boils down to " +"manipulating build code as data, and the homoiconicity of Scheme---code has a direct representation as data---comes in handy for " +"that. But we need more than the normal @code{quasiquote} mechanism in Scheme to construct build expressions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4859 +msgid "" +"The @code{(guix gexp)} module implements @dfn{G-expressions}, a form of S-expressions adapted to build expressions. G-expressions, " +"or @dfn{gexps}, consist essentially of three syntactic forms: @code{gexp}, @code{ungexp}, and @code{ungexp-splicing} (or simply: " +"@code{#~}, @code{#$}, and @code{#$@@}), which are comparable to @code{quasiquote}, @code{unquote}, and @code{unquote-splicing}, " +"respectively (@pxref{Expression Syntax, @code{quasiquote},, guile, GNU Guile Reference Manual}). However, there are major " +"differences:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:4864 +msgid "Gexps are meant to be written to a file and run or manipulated by other processes." +msgstr "" + +#. type: itemize +#: doc/guix.texi:4869 +msgid "" +"When a high-level object such as a package or derivation is unquoted inside a gexp, the result is as if its output file name had " +"been introduced." +msgstr "" + +#. type: itemize +#: doc/guix.texi:4874 +msgid "" +"Gexps carry information about the packages or derivations they refer to, and these dependencies are automatically added as inputs to " +"the build processes that use them." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4876 doc/guix.texi:5342 +#, no-wrap +msgid "lowering, of high-level objects in gexps" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4886 +msgid "" +"This mechanism is not limited to package and derivation objects: @dfn{compilers} able to ``lower'' other high-level objects to " +"derivations or files in the store can be defined, such that these objects can also be inserted into gexps. For example, a useful " +"type of high-level objects that can be inserted in a gexp is ``file-like objects'', which make it easy to add files to the store and " +"to refer to them in derivations and such (see @code{local-file} and @code{plain-file} below.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4888 +msgid "To illustrate the idea, here is an example of a gexp:" +msgstr "" + +#. type: example +#: doc/guix.texi:4896 +#, no-wrap +msgid "" +"(define build-exp\n" +" #~(begin\n" +" (mkdir #$output)\n" +" (chdir #$output)\n" +" (symlink (string-append #$coreutils \"/bin/ls\")\n" +" \"list-files\")))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4901 +msgid "" +"This gexp can be passed to @code{gexp->derivation}; we obtain a derivation that builds a directory containing exactly one symlink to " +"@file{/gnu/store/@dots{}-coreutils-8.22/bin/ls}:" +msgstr "" + +#. type: example +#: doc/guix.texi:4904 +#, no-wrap +msgid "(gexp->derivation \"the-thing\" build-exp)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4912 +msgid "" +"As one would expect, the @code{\"/gnu/store/@dots{}-coreutils-8.22\"} string is substituted to the reference to the @var{coreutils} " +"package in the actual build code, and @var{coreutils} is automatically made an input to the derivation. Likewise, @code{#$output} " +"(equivalent to @code{(ungexp output)}) is replaced by a string containing the directory name of the output of the derivation." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4913 +#, no-wrap +msgid "cross compilation" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4919 +msgid "" +"In a cross-compilation context, it is useful to distinguish between references to the @emph{native} build of a package---that can " +"run on the host---versus references to cross builds of a package. To that end, the @code{#+} plays the same role as @code{#$}, but " +"is a reference to a native package build:" +msgstr "" + +#. type: example +#: doc/guix.texi:4929 +#, no-wrap +msgid "" +"(gexp->derivation \"vi\"\n" +" #~(begin\n" +" (mkdir #$output)\n" +" (system* (string-append #+coreutils \"/bin/ln\")\n" +" \"-s\"\n" +" (string-append #$emacs \"/bin/emacs\")\n" +" (string-append #$output \"/bin/vi\")))\n" +" #:target \"mips64el-linux-gnu\")\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4935 +msgid "" +"In the example above, the native build of @var{coreutils} is used, so that @command{ln} can actually run on the host; but then the " +"cross-compiled build of @var{emacs} is referenced." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4936 +#, no-wrap +msgid "imported modules, for gexps" +msgstr "" + +#. type: findex +#: doc/guix.texi:4937 +#, no-wrap +msgid "with-imported-modules" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4942 +msgid "" +"Another gexp feature is @dfn{imported modules}: sometimes you want to be able to use certain Guile modules from the ``host " +"environment'' in the gexp, so those modules should be imported in the ``build environment''. The @code{with-imported-modules} form " +"allows you to express that:" +msgstr "" + +#. type: example +#: doc/guix.texi:4953 +#, no-wrap +msgid "" +"(let ((build (with-imported-modules '((guix build utils))\n" +" #~(begin\n" +" (use-modules (guix build utils))\n" +" (mkdir-p (string-append #$output \"/bin\"))))))\n" +" (gexp->derivation \"empty-dir\"\n" +" #~(begin\n" +" #$build\n" +" (display \"success!\\n\")\n" +" #t)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4959 +msgid "" +"In this example, the @code{(guix build utils)} module is automatically pulled into the isolated build environment of our gexp, such " +"that @code{(use-modules (guix build utils))} works as expected." +msgstr "" + +#. type: cindex +#: doc/guix.texi:4960 +#, no-wrap +msgid "module closure" +msgstr "" + +#. type: findex +#: doc/guix.texi:4961 +#, no-wrap +msgid "source-module-closure" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4968 +msgid "" +"Usually you want the @emph{closure} of the module to be imported---i.e., the module itself and all the modules it depends on---" +"rather than just the module; failing to do that, attempts to use the module will fail because of missing dependent modules. The " +"@code{source-module-closure} procedure computes the closure of a module by looking at its source file headers, which comes in handy " +"in this case:" +msgstr "" + +#. type: example +#: doc/guix.texi:4971 +#, no-wrap +msgid "" +"(use-modules (guix modules)) ;for 'source-module-closure'\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:4980 +#, no-wrap +msgid "" +"(with-imported-modules (source-module-closure\n" +" '((guix build utils)\n" +" (gnu build vm)))\n" +" (gexp->derivation \"something-with-vms\"\n" +" #~(begin\n" +" (use-modules (guix build utils)\n" +" (gnu build vm))\n" +" @dots{})))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:4983 +msgid "The syntactic form to construct gexps is summarized below." +msgstr "" + +#. type: deffn +#: doc/guix.texi:4984 +#, no-wrap +msgid "{Scheme Syntax} #~@var{exp}" +msgstr "" + +#. type: deffnx +#: doc/guix.texi:4985 +#, no-wrap +msgid "{Scheme Syntax} (gexp @var{exp})" +msgstr "" + +#. type: deffn +#: doc/guix.texi:4988 +msgid "Return a G-expression containing @var{exp}. @var{exp} may contain one or more of the following forms:" +msgstr "" + +#. type: item +#: doc/guix.texi:4990 +#, no-wrap +msgid "#$@var{obj}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:4991 +#, no-wrap +msgid "(ungexp @var{obj})" +msgstr "" + +#. type: table +#: doc/guix.texi:4996 +msgid "" +"Introduce a reference to @var{obj}. @var{obj} may have one of the supported types, for example a package or a derivation, in which " +"case the @code{ungexp} form is replaced by its output file name---e.g., @code{\"/gnu/store/@dots{}-coreutils-8.22}." +msgstr "" + +#. type: table +#: doc/guix.texi:4999 +msgid "If @var{obj} is a list, it is traversed and references to supported objects are substituted similarly." +msgstr "" + +#. type: table +#: doc/guix.texi:5002 +msgid "If @var{obj} is another gexp, its contents are inserted and its dependencies are added to those of the containing gexp." +msgstr "" + +#. type: table +#: doc/guix.texi:5004 +msgid "If @var{obj} is another kind of object, it is inserted as is." +msgstr "" + +#. type: item +#: doc/guix.texi:5005 +#, no-wrap +msgid "#$@var{obj}:@var{output}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5006 +#, no-wrap +msgid "(ungexp @var{obj} @var{output})" +msgstr "" + +#. type: table +#: doc/guix.texi:5010 +msgid "" +"This is like the form above, but referring explicitly to the @var{output} of @var{obj}---this is useful when @var{obj} produces " +"multiple outputs (@pxref{Packages with Multiple Outputs})." +msgstr "" + +#. type: item +#: doc/guix.texi:5011 +#, no-wrap +msgid "#+@var{obj}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5012 +#, no-wrap +msgid "#+@var{obj}:output" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5013 +#, no-wrap +msgid "(ungexp-native @var{obj})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5014 +#, no-wrap +msgid "(ungexp-native @var{obj} @var{output})" +msgstr "" + +#. type: table +#: doc/guix.texi:5017 +msgid "" +"Same as @code{ungexp}, but produces a reference to the @emph{native} build of @var{obj} when used in a cross compilation context." +msgstr "" + +#. type: item +#: doc/guix.texi:5018 +#, no-wrap +msgid "#$output[:@var{output}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5019 +#, no-wrap +msgid "(ungexp output [@var{output}])" +msgstr "" + +#. type: table +#: doc/guix.texi:5022 +msgid "Insert a reference to derivation output @var{output}, or to the main output when @var{output} is omitted." +msgstr "" + +#. type: table +#: doc/guix.texi:5024 +msgid "This only makes sense for gexps passed to @code{gexp->derivation}." +msgstr "" + +#. type: item +#: doc/guix.texi:5025 +#, no-wrap +msgid "#$@@@var{lst}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5026 +#, no-wrap +msgid "(ungexp-splicing @var{lst})" +msgstr "" + +#. type: table +#: doc/guix.texi:5029 +msgid "Like the above, but splices the contents of @var{lst} inside the containing list." +msgstr "" + +#. type: item +#: doc/guix.texi:5030 +#, no-wrap +msgid "#+@@@var{lst}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5031 +#, no-wrap +msgid "(ungexp-native-splicing @var{lst})" +msgstr "" + +#. type: table +#: doc/guix.texi:5034 +msgid "Like the above, but refers to native builds of the objects listed in @var{lst}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5039 +msgid "G-expressions created by @code{gexp} or @code{#~} are run-time objects of the @code{gexp?} type (see below.)" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5041 +#, no-wrap +msgid "{Scheme Syntax} with-imported-modules @var{modules} @var{body}@dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5044 +msgid "Mark the gexps defined in @var{body}@dots{} as requiring @var{modules} in their execution environment." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5048 +msgid "" +"Each item in @var{modules} can be the name of a module, such as @code{(guix build utils)}, or it can be a module name, followed by " +"an arrow, followed by a file-like object:" +msgstr "" + +#. type: example +#: doc/guix.texi:5054 +#, no-wrap +msgid "" +"`((guix build utils)\n" +" (guix gcrypt)\n" +" ((guix config) => ,(scheme-file \"config.scm\"\n" +" #~(define-module @dots{}))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5059 +msgid "" +"In the example above, the first two modules are taken from the search path, and the last one is created from the given file-like " +"object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5063 +msgid "" +"This form has @emph{lexical} scope: it has an effect on the gexps directly defined in @var{body}@dots{}, but not on those defined, " +"say, in procedures called from @var{body}@dots{}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5065 +#, no-wrap +msgid "{Scheme Procedure} gexp? @var{obj}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5067 +msgid "Return @code{#t} if @var{obj} is a G-expression." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5073 +msgid "" +"G-expressions are meant to be written to disk, either as code building some derivation, or as plain files in the store. The monadic " +"procedures below allow you to do that (@pxref{The Store Monad}, for more information about monads.)" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5074 +#, no-wrap +msgid "{Monadic Procedure} gexp->derivation @var{name} @var{exp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5090 +msgid "" +"[#:system (%current-system)] [#:target #f] [#:graft? #t] @ [#:hash #f] [#:hash-algo #f] @ [#:recursive? #f] [#:env-vars '()] [#:" +"modules '()] @ [#:module-path @var{%load-path}] @ [#:references-graphs #f] [#:allowed-references #f] @ [#:disallowed-references #f] " +"@ [#:leaked-env-vars #f] @ [#:script-name (string-append @var{name} \"-builder\")] @ [#:deprecation-warnings #f] @ [#:local-build? " +"#f] [#:substitutable? #t] [#:guile-for-build #f] Return a derivation @var{name} that runs @var{exp} (a gexp) with @var{guile-for-" +"build} (a derivation) on @var{system}; @var{exp} is stored in a file called @var{script-name}. When @var{target} is true, it is " +"used as the cross-compilation target triplet for packages referred to by @var{exp}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5098 +msgid "" +"@var{modules} is deprecated in favor of @code{with-imported-modules}. Its meaning is to make @var{modules} available in the " +"evaluation context of @var{exp}; @var{modules} is a list of names of Guile modules searched in @var{module-path} to be copied in the " +"store, compiled, and made available in the load path during the execution of @var{exp}---e.g., @code{((guix build utils) (guix build " +"gnu-build-system))}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5101 +msgid "@var{graft?} determines whether packages referred to by @var{exp} should be grafted when applicable." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5104 +msgid "When @var{references-graphs} is true, it must be a list of tuples of one of the following forms:" +msgstr "" + +#. type: example +#: doc/guix.texi:5111 +#, no-wrap +msgid "" +"(@var{file-name} @var{package})\n" +"(@var{file-name} @var{package} @var{output})\n" +"(@var{file-name} @var{derivation})\n" +"(@var{file-name} @var{derivation} @var{output})\n" +"(@var{file-name} @var{store-item})\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5117 +msgid "" +"The right-hand-side of each element of @var{references-graphs} is automatically made an input of the build process of @var{exp}. In " +"the build environment, each @var{file-name} contains the reference graph of the corresponding item, in a simple text format." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5123 +msgid "" +"@var{allowed-references} must be either @code{#f} or a list of output names and packages. In the latter case, the list denotes " +"store items that the result is allowed to refer to. Any reference to another store item will lead to a build error. Similarly for " +"@var{disallowed-references}, which can list items that must not be referenced by the outputs." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5126 +msgid "" +"@var{deprecation-warnings} determines whether to show deprecation warnings while compiling modules. It can be @code{#f}, @code{#t}, " +"or @code{'detailed}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5128 +msgid "The other arguments are as for @code{derivation} (@pxref{Derivations})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:5130 +#, no-wrap +msgid "file-like objects" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5135 +msgid "" +"The @code{local-file}, @code{plain-file}, @code{computed-file}, @code{program-file}, and @code{scheme-file} procedures below return " +"@dfn{file-like objects}. That is, when unquoted in a G-expression, these objects lead to a file in the store. Consider this G-" +"expression:" +msgstr "" + +#. type: example +#: doc/guix.texi:5139 +#, no-wrap +msgid "" +"#~(system* #$(file-append glibc \"/sbin/nscd\") \"-f\"\n" +" #$(local-file \"/tmp/my-nscd.conf\"))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5148 +msgid "" +"The effect here is to ``intern'' @file{/tmp/my-nscd.conf} by copying it to the store. Once expanded, for instance @i{via} " +"@code{gexp->derivation}, the G-expression refers to that copy under @file{/gnu/store}; thus, modifying or removing the file in " +"@file{/tmp} does not have any effect on what the G-expression does. @code{plain-file} can be used similarly; it differs in that the " +"file content is directly passed as a string." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5149 +#, no-wrap +msgid "{Scheme Procedure} local-file @var{file} [@var{name}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5155 +msgid "" +"[#:recursive? #f] [#:select? (const #t)] Return an object representing local file @var{file} to add to the store; this object can be " +"used in a gexp. If @var{file} is a relative file name, it is looked up relative to the source file where this form appears. " +"@var{file} will be added to the store under @var{name}--by default the base name of @var{file}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5167 +msgid "" +"This is the declarative counterpart of the @code{interned-file} monadic procedure (@pxref{The Store Monad, @code{interned-file}})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5169 +#, no-wrap +msgid "{Scheme Procedure} plain-file @var{name} @var{content}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5172 +msgid "Return an object representing a text file called @var{name} with the given @var{content} (a string) to be added to the store." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5174 +msgid "This is the declarative counterpart of @code{text-file}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5176 +#, no-wrap +msgid "{Scheme Procedure} computed-file @var{name} @var{gexp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5181 +msgid "" +"[#:options '(#:local-build? #t)] Return an object representing the store item @var{name}, a file or directory computed by " +"@var{gexp}. @var{options} is a list of additional arguments to pass to @code{gexp->derivation}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5183 +msgid "This is the declarative counterpart of @code{gexp->derivation}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5185 +#, no-wrap +msgid "{Monadic Procedure} gexp->script @var{name} @var{exp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5190 +msgid "" +"[#:guile (default-guile)] [#:module-path %load-path] Return an executable script @var{name} that runs @var{exp} using @var{guile}, " +"with @var{exp}'s imported modules in its search path. Look up @var{exp}'s modules in @var{module-path}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5193 +msgid "The example below builds a script that simply invokes the @command{ls} command:" +msgstr "" + +#. type: example +#: doc/guix.texi:5196 +#, no-wrap +msgid "" +"(use-modules (guix gexp) (gnu packages base))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:5200 +#, no-wrap +msgid "" +"(gexp->script \"list-files\"\n" +" #~(execl #$(file-append coreutils \"/bin/ls\")\n" +" \"ls\"))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5205 +msgid "" +"When ``running'' it through the store (@pxref{The Store Monad, @code{run-with-store}}), we obtain a derivation that produces an " +"executable file @file{/gnu/store/@dots{}-list-files} along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:5210 +#, no-wrap +msgid "" +"#!/gnu/store/@dots{}-guile-2.0.11/bin/guile -ds\n" +"!#\n" +"(execl \"/gnu/store/@dots{}-coreutils-8.22\"/bin/ls\" \"ls\")\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5213 +#, no-wrap +msgid "{Scheme Procedure} program-file @var{name} @var{exp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5218 +msgid "" +"[#:guile #f] [#:module-path %load-path] Return an object representing the executable store item @var{name} that runs @var{gexp}. " +"@var{guile} is the Guile package used to execute that script. Imported modules of @var{gexp} are looked up in @var{module-path}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5220 +msgid "This is the declarative counterpart of @code{gexp->script}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5222 +#, no-wrap +msgid "{Monadic Procedure} gexp->file @var{name} @var{exp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5230 +msgid "" +"[#:set-load-path? #t] [#:module-path %load-path] @ [#:guile (default-guile)] Return a derivation that builds a file @var{name} " +"containing @var{exp}. When @var{set-load-path?} is true, emit code in the resulting file to set @code{%load-path} and @code{%load-" +"compiled-path} to honor @var{exp}'s imported modules. Look up @var{exp}'s modules in @var{module-path}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5233 +msgid "The resulting file holds references to all the dependencies of @var{exp} or a subset thereof." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5235 +#, no-wrap +msgid "{Scheme Procedure} scheme-file @var{name} @var{exp}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5238 +msgid "Return an object representing the Scheme file @var{name} that contains @var{exp}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5240 +msgid "This is the declarative counterpart of @code{gexp->file}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5242 +#, no-wrap +msgid "{Monadic Procedure} text-file* @var{name} @var{text} @dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5248 +msgid "" +"Return as a monadic value a derivation that builds a text file containing all of @var{text}. @var{text} may list, in addition to " +"strings, objects of any type that can be used in a gexp: packages, derivations, local file objects, etc. The resulting store file " +"holds references to all these." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5253 +msgid "" +"This variant should be preferred over @code{text-file} anytime the file to create will reference items from the store. This is " +"typically the case when building a configuration file that embeds store file names, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:5261 +#, no-wrap +msgid "" +"(define (profile.sh)\n" +" ;; Return the name of a shell script in the store that\n" +" ;; initializes the 'PATH' environment variable.\n" +" (text-file* \"profile.sh\"\n" +" \"export PATH=\" coreutils \"/bin:\"\n" +" grep \"/bin:\" sed \"/bin\\n\"))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5266 +msgid "" +"In this example, the resulting @file{/gnu/store/@dots{}-profile.sh} file will reference @var{coreutils}, @var{grep}, and @var{sed}, " +"thereby preventing them from being garbage-collected during its lifetime." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5268 +#, no-wrap +msgid "{Scheme Procedure} mixed-text-file @var{name} @var{text} @dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5272 +msgid "" +"Return an object representing store file @var{name} containing @var{text}. @var{text} is a sequence of strings and file-like " +"objects, as in:" +msgstr "" + +#. type: example +#: doc/guix.texi:5276 +#, no-wrap +msgid "" +"(mixed-text-file \"profile\"\n" +" \"export PATH=\" coreutils \"/bin:\" grep \"/bin\")\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5279 +msgid "This is the declarative counterpart of @code{text-file*}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5281 +#, no-wrap +msgid "{Scheme Procedure} file-union @var{name} @var{files}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5286 +msgid "" +"Return a @code{} that builds a directory containing all of @var{files}. Each item in @var{files} must be a two-" +"element list where the first element is the file name to use in the new directory, and the second element is a gexp denoting the " +"target file. Here's an example:" +msgstr "" + +#. type: example +#: doc/guix.texi:5293 +#, no-wrap +msgid "" +"(file-union \"etc\"\n" +" `((\"hosts\" ,(plain-file \"hosts\"\n" +" \"127.0.0.1 localhost\"))\n" +" (\"bashrc\" ,(plain-file \"bashrc\"\n" +" \"alias ls='ls --color'\"))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5296 +msgid "This yields an @code{etc} directory containing these two files." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5298 +#, no-wrap +msgid "{Scheme Procedure} directory-union @var{name} @var{things}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5301 +msgid "" +"Return a directory that is the union of @var{things}, where @var{things} is a list of file-like objects denoting directories. For " +"example:" +msgstr "" + +#. type: example +#: doc/guix.texi:5304 +#, no-wrap +msgid "(directory-union \"guile+emacs\" (list guile emacs))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5307 +msgid "yields a directory that is the union of the @code{guile} and @code{emacs} packages." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5309 +#, no-wrap +msgid "{Scheme Procedure} file-append @var{obj} @var{suffix} @dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5313 +msgid "" +"Return a file-like object that expands to the concatenation of @var{obj} and @var{suffix}, where @var{obj} is a lowerable object and " +"each @var{suffix} is a string." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5315 +msgid "As an example, consider this gexp:" +msgstr "" + +#. type: example +#: doc/guix.texi:5320 +#, no-wrap +msgid "" +"(gexp->script \"run-uname\"\n" +" #~(system* #$(file-append coreutils\n" +" \"/bin/uname\")))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5323 +msgid "The same effect could be achieved with:" +msgstr "" + +#. type: example +#: doc/guix.texi:5328 +#, no-wrap +msgid "" +"(gexp->script \"run-uname\"\n" +" #~(system* (string-append #$coreutils\n" +" \"/bin/uname\")))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5334 +msgid "" +"There is one difference though: in the @code{file-append} case, the resulting script contains the absolute file name as a string, " +"whereas in the second case, the resulting script contains a @code{(string-append @dots{})} expression to construct the file name " +"@emph{at run time}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5341 +msgid "" +"Of course, in addition to gexps embedded in ``host'' code, there are also modules containing build tools. To make it clear that " +"they are meant to be used in the build stratum, these modules are kept in the @code{(guix build @dots{})} name space." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5347 +msgid "" +"Internally, high-level objects are @dfn{lowered}, using their compiler, to either derivations or store items. For instance, " +"lowering a package yields a derivation, and lowering a @code{plain-file} yields a store item. This is achieved using the " +"@code{lower-object} monadic procedure." +msgstr "" + +#. type: deffn +#: doc/guix.texi:5348 +#, no-wrap +msgid "{Monadic Procedure} lower-object @var{obj} [@var{system}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:5354 +msgid "" +"[#:target #f] Return as a value in @var{%store-monad} the derivation or store item corresponding to @var{obj} for @var{system}, " +"cross-compiling for @var{target} if @var{target} is true. @var{obj} must be an object that has an associated gexp compiler, such as " +"a @code{}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5365 +msgid "" +"This section describes Guix command-line utilities. Some of them are primarily targeted at developers and users who write new " +"package definitions, while others are more generally useful. They complement the Scheme programming interface of Guix in a " +"convenient way." +msgstr "" + +#. type: cindex +#: doc/guix.texi:5387 +#, no-wrap +msgid "package building" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:5388 +#, no-wrap +msgid "guix build" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5394 +msgid "" +"The @command{guix build} command builds packages or derivations and their dependencies, and prints the resulting store paths. Note " +"that it does not modify the user's profile---this is the job of the @command{guix package} command (@pxref{Invoking guix package}). " +"Thus, it is mainly useful for distribution developers." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5396 doc/guix.texi:6053 doc/guix.texi:6120 doc/guix.texi:6789 doc/guix.texi:7119 doc/guix.texi:7449 doc/guix.texi:7754 +#: doc/guix.texi:7820 doc/guix.texi:7859 +msgid "The general syntax is:" +msgstr "" + +#. type: example +#: doc/guix.texi:5399 +#, no-wrap +msgid "guix build @var{options} @var{package-or-derivation}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5404 +msgid "" +"As an example, the following command builds the latest versions of Emacs and of Guile, displays their build logs, and finally " +"displays the resulting directories:" +msgstr "" + +#. type: example +#: doc/guix.texi:5407 +#, no-wrap +msgid "guix build emacs guile\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5410 +msgid "Similarly, the following command builds all the available packages:" +msgstr "" + +#. type: example +#: doc/guix.texi:5414 +#, no-wrap +msgid "" +"guix build --quiet --keep-going \\\n" +" `guix package -A | cut -f1,2 --output-delimiter=@@`\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5422 +msgid "" +"@var{package-or-derivation} may be either the name of a package found in the software distribution such as @code{coreutils} or " +"@code{coreutils@@8.20}, or a derivation such as @file{/gnu/store/@dots{}-coreutils-8.19.drv}. In the former case, a package with " +"the corresponding name (and optionally version) is searched for among the GNU distribution modules (@pxref{Package Modules})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5427 +msgid "" +"Alternatively, the @code{--expression} option may be used to specify a Scheme expression that evaluates to a package; this is useful " +"when disambiguating among several same-named packages or package variants is needed." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5430 +msgid "There may be zero or more @var{options}. The available options are described in the subsections below." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5445 +msgid "" +"A number of options that control the build process are common to @command{guix build} and other commands that can spawn builds, such " +"as @command{guix package} or @command{guix archive}. These are the following:" +msgstr "" + +#. type: item +#: doc/guix.texi:5448 +#, no-wrap +msgid "--load-path=@var{directory}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5449 +#, no-wrap +msgid "-L @var{directory}" +msgstr "" + +#. type: table +#: doc/guix.texi:5452 +msgid "Add @var{directory} to the front of the package module search path (@pxref{Package Modules})." +msgstr "" + +#. type: table +#: doc/guix.texi:5455 +msgid "This allows users to define their own packages and make them visible to the command-line tools." +msgstr "" + +#. type: item +#: doc/guix.texi:5456 +#, no-wrap +msgid "--keep-failed" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5457 +#, no-wrap +msgid "-K" +msgstr "" + +#. type: table +#: doc/guix.texi:5463 +msgid "" +"Keep the build tree of failed builds. Thus, if a build fails, its build tree is kept under @file{/tmp}, in a directory whose name " +"is shown at the end of the build log. This is useful when debugging build issues. @xref{Debugging Build Failures}, for tips and " +"tricks on how to debug build issues." +msgstr "" + +#. type: item +#: doc/guix.texi:5464 +#, no-wrap +msgid "--keep-going" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5465 +#, no-wrap +msgid "-k" +msgstr "" + +#. type: table +#: doc/guix.texi:5468 +msgid "Keep going when some of the derivations fail to build; return only once all the builds have either completed or failed." +msgstr "" + +#. type: table +#: doc/guix.texi:5471 +msgid "The default behavior is to stop as soon as one of the specified derivations has failed." +msgstr "" + +#. type: item +#: doc/guix.texi:5472 +#, no-wrap +msgid "--dry-run" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5473 +#, no-wrap +msgid "-n" +msgstr "" + +#. type: table +#: doc/guix.texi:5475 +msgid "Do not build the derivations." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:5477 +msgid "fallback-option" +msgstr "" + +#. type: item +#: doc/guix.texi:5477 +#, no-wrap +msgid "--fallback" +msgstr "" + +#. type: table +#: doc/guix.texi:5480 +msgid "When substituting a pre-built binary fails, fall back to building packages locally (@pxref{Substitution Failure})." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:5486 +msgid "client-substitute-urls" +msgstr "" + +#. type: table +#: doc/guix.texi:5486 +msgid "" +"Consider @var{urls} the whitespace-separated list of substitute source URLs, overriding the default list of URLs of @command{guix-" +"daemon} (@pxref{daemon-substitute-urls,, @command{guix-daemon} URLs})." +msgstr "" + +#. type: table +#: doc/guix.texi:5490 +msgid "" +"This means that substitutes may be downloaded from @var{urls}, provided they are signed by a key authorized by the system " +"administrator (@pxref{Substitutes})." +msgstr "" +"Cela signifie que les substituts peuvent être téléchargés depuis @var{urls}, tant qu'ils sont signés par une clef autorisée par " +"l'administrateur système (@pxref{Substituts})." + +#. type: table +#: doc/guix.texi:5493 +msgid "When @var{urls} is the empty string, substitutes are effectively disabled." +msgstr "" + +#. type: item +#: doc/guix.texi:5499 +#, no-wrap +msgid "--no-grafts" +msgstr "" + +#. type: table +#: doc/guix.texi:5503 +msgid "" +"Do not ``graft'' packages. In practice, this means that package updates available as grafts are not applied. @xref{Security " +"Updates}, for more information on grafts." +msgstr "" + +#. type: item +#: doc/guix.texi:5504 +#, no-wrap +msgid "--rounds=@var{n}" +msgstr "" + +#. type: table +#: doc/guix.texi:5507 +msgid "Build each derivation @var{n} times in a row, and raise an error if consecutive build results are not bit-for-bit identical." +msgstr "" + +#. type: table +#: doc/guix.texi:5512 +msgid "" +"This is a useful way to detect non-deterministic builds processes. Non-deterministic build processes are a problem because they " +"make it practically impossible for users to @emph{verify} whether third-party binaries are genuine. @xref{Invoking guix challenge}, " +"for more." +msgstr "" + +#. type: table +#: doc/guix.texi:5518 +msgid "" +"Note that, currently, the differing build results are not kept around, so you will have to manually investigate in case of an " +"error---e.g., by stashing one of the build results with @code{guix archive --export} (@pxref{Invoking guix archive}), then " +"rebuilding, and finally comparing the two results." +msgstr "" + +#. type: table +#: doc/guix.texi:5523 +msgid "" +"Do not attempt to offload builds @i{via} the ``build hook'' of the daemon (@pxref{Daemon Offload Setup}). That is, always build " +"things locally instead of offloading builds to remote machines." +msgstr "" + +#. type: table +#: doc/guix.texi:5530 +msgid "By default, the daemon's setting is honored (@pxref{Invoking guix-daemon, @code{--max-silent-time}})." +msgstr "" + +#. type: table +#: doc/guix.texi:5537 +msgid "By default, the daemon's setting is honored (@pxref{Invoking guix-daemon, @code{--timeout}})." +msgstr "" + +#. type: item +#: doc/guix.texi:5538 +#, no-wrap +msgid "--verbosity=@var{level}" +msgstr "" + +#. type: table +#: doc/guix.texi:5542 +msgid "" +"Use the given verbosity level. @var{level} must be an integer between 0 and 5; higher means more verbose output. Setting a level " +"of 4 or more may be helpful when debugging setup issues with the build daemon." +msgstr "" + +#. type: table +#: doc/guix.texi:5547 +msgid "" +"Allow the use of up to @var{n} CPU cores for the build. The special value @code{0} means to use as many CPU cores as available." +msgstr "" + +#. type: table +#: doc/guix.texi:5553 +msgid "" +"Allow at most @var{n} build jobs in parallel. @xref{Invoking guix-daemon, @code{--max-jobs}}, for details about this option and the " +"equivalent @command{guix-daemon} option." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5560 +msgid "" +"Behind the scenes, @command{guix build} is essentially an interface to the @code{package-derivation} procedure of the @code{(guix " +"packages)} module, and to the @code{build-derivations} procedure of the @code{(guix derivations)} module." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5564 +msgid "" +"In addition to options explicitly passed on the command line, @command{guix build} and other @command{guix} commands that support " +"building honor the @code{GUIX_BUILD_OPTIONS} environment variable." +msgstr "" + +#. type: defvr +#: doc/guix.texi:5565 +#, no-wrap +msgid "{Environment Variable} GUIX_BUILD_OPTIONS" +msgstr "" + +#. type: defvr +#: doc/guix.texi:5570 +msgid "" +"Users can define this variable to a list of command line options that will automatically be used by @command{guix build} and other " +"@command{guix} commands that can perform builds, as in the example below:" +msgstr "" + +#. type: example +#: doc/guix.texi:5573 +#, no-wrap +msgid "$ export GUIX_BUILD_OPTIONS=\"--no-substitutes -c 2 -L /foo/bar\"\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:5577 +msgid "These options are parsed independently, and the result is appended to the parsed command-line options." +msgstr "" + +#. type: cindex +#: doc/guix.texi:5583 +#, no-wrap +msgid "package variants" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5591 +msgid "" +"Another set of command-line options supported by @command{guix build} and also @command{guix package} are @dfn{package " +"transformation options}. These are options that make it possible to define @dfn{package variants}---for instance, packages built " +"from different source code. This is a convenient way to create customized packages on the fly without having to type in the " +"definitions of package variants (@pxref{Defining Packages})." +msgstr "" + +#. type: item +#: doc/guix.texi:5594 +#, no-wrap +msgid "--with-source=@var{source}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5595 +#, no-wrap +msgid "--with-source=@var{package}=@var{source}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5596 +#, no-wrap +msgid "--with-source=@var{package}@@@var{version}=@var{source}" +msgstr "" + +#. type: table +#: doc/guix.texi:5601 +msgid "" +"Use @var{source} as the source of @var{package}, and @var{version} as its version number. @var{source} must be a file name or a " +"URL, as for @command{guix download} (@pxref{Invoking guix download})." +msgstr "" + +#. type: table +#: doc/guix.texi:5607 +msgid "" +"When @var{package} is omitted, it is taken to be the package name specified on the command line that matches the base of " +"@var{source}---e.g., if @var{source} is @code{/src/guile-2.0.10.tar.gz}, the corresponding package is @code{guile}." +msgstr "" + +#. type: table +#: doc/guix.texi:5610 +msgid "" +"Likewise, when @var{version} is omitted, the version string is inferred from @var{source}; in the previous example, it is " +"@code{2.0.10}." +msgstr "" + +#. type: table +#: doc/guix.texi:5615 +msgid "" +"This option allows users to try out versions of packages other than the one provided by the distribution. The example below " +"downloads @file{ed-1.7.tar.gz} from a GNU mirror and uses that as the source for the @code{ed} package:" +msgstr "" + +#. type: example +#: doc/guix.texi:5618 +#, no-wrap +msgid "guix build ed --with-source=mirror://gnu/ed/ed-1.7.tar.gz\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5622 +msgid "As a developer, @code{--with-source} makes it easy to test release candidates:" +msgstr "" + +#. type: example +#: doc/guix.texi:5625 +#, no-wrap +msgid "guix build guile --with-source=../guile-2.0.9.219-e1bb7.tar.xz\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5628 +msgid "@dots{} or to build from a checkout in a pristine environment:" +msgstr "" + +#. type: example +#: doc/guix.texi:5632 +#, no-wrap +msgid "" +"$ git clone git://git.sv.gnu.org/guix.git\n" +"$ guix build guix --with-source=guix@@1.0=./guix\n" +msgstr "" + +#. type: item +#: doc/guix.texi:5634 +#, no-wrap +msgid "--with-input=@var{package}=@var{replacement}" +msgstr "" + +#. type: table +#: doc/guix.texi:5639 +msgid "" +"Replace dependency on @var{package} by a dependency on @var{replacement}. @var{package} must be a package name, and " +"@var{replacement} must be a package specification such as @code{guile} or @code{guile@@1.8}." +msgstr "" + +#. type: table +#: doc/guix.texi:5643 +msgid "" +"For instance, the following command builds Guix, but replaces its dependency on the current stable version of Guile with a " +"dependency on the legacy version of Guile, @code{guile@@2.0}:" +msgstr "" + +#. type: example +#: doc/guix.texi:5646 +#, no-wrap +msgid "guix build --with-input=guile=guile@@2.0 guix\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5651 +msgid "" +"This is a recursive, deep replacement. So in this example, both @code{guix} and its dependency @code{guile-json} (which also " +"depends on @code{guile}) get rebuilt against @code{guile@@2.0}." +msgstr "" + +#. type: table +#: doc/guix.texi:5654 +msgid "" +"This is implemented using the @code{package-input-rewriting} Scheme procedure (@pxref{Defining Packages, @code{package-input-" +"rewriting}})." +msgstr "" + +#. type: item +#: doc/guix.texi:5655 +#, no-wrap +msgid "--with-graft=@var{package}=@var{replacement}" +msgstr "" + +#. type: table +#: doc/guix.texi:5661 +msgid "" +"This is similar to @code{--with-input} but with an important difference: instead of rebuilding the whole dependency chain, " +"@var{replacement} is built and then @dfn{grafted} onto the binaries that were initially referring to @var{package}. @xref{Security " +"Updates}, for more information on grafts." +msgstr "" + +#. type: table +#: doc/guix.texi:5665 +msgid "" +"For example, the command below grafts version 3.5.4 of GnuTLS onto Wget and all its dependencies, replacing references to the " +"version of GnuTLS they currently refer to:" +msgstr "" + +#. type: example +#: doc/guix.texi:5668 +#, no-wrap +msgid "guix build --with-graft=gnutls=gnutls@@3.5.4 wget\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5677 +msgid "" +"This has the advantage of being much faster than rebuilding everything. But there is a caveat: it works if and only if " +"@var{package} and @var{replacement} are strictly compatible---for example, if they provide a library, the application binary " +"interface (ABI) of those libraries must be compatible. If @var{replacement} is somehow incompatible with @var{package}, then the " +"resulting package may be unusable. Use with care!" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5685 +msgid "The command-line options presented below are specific to @command{guix build}." +msgstr "" + +#. type: item +#: doc/guix.texi:5688 +#, no-wrap +msgid "--quiet" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5689 +#, no-wrap +msgid "-q" +msgstr "" + +#. type: table +#: doc/guix.texi:5693 +msgid "" +"Build quietly, without displaying the build log. Upon completion, the build log is kept in @file{/var} (or similar) and can always " +"be retrieved using the @option{--log-file} option." +msgstr "" + +#. type: item +#: doc/guix.texi:5694 +#, no-wrap +msgid "--file=@var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:5699 +msgid "Build the package or derivation that the code within @var{file} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:5702 +msgid "As an example, @var{file} might contain a package definition like this (@pxref{Defining Packages}):" +msgstr "" + +#. type: table +#: doc/guix.texi:5710 +msgid "Build the package or derivation @var{expr} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:5714 +msgid "" +"For example, @var{expr} may be @code{(@@ (gnu packages guile) guile-1.8)}, which unambiguously designates this specific variant of " +"version 1.8 of Guile." +msgstr "" + +#. type: table +#: doc/guix.texi:5718 +msgid "" +"Alternatively, @var{expr} may be a G-expression, in which case it is used as a build program passed to @code{gexp->derivation} " +"(@pxref{G-Expressions})." +msgstr "" + +#. type: table +#: doc/guix.texi:5722 +msgid "" +"Lastly, @var{expr} may refer to a zero-argument monadic procedure (@pxref{The Store Monad}). The procedure must return a derivation " +"as a monadic value, which is then passed through @code{run-with-store}." +msgstr "" + +#. type: item +#: doc/guix.texi:5723 +#, no-wrap +msgid "--source" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5724 +#, no-wrap +msgid "-S" +msgstr "" + +#. type: table +#: doc/guix.texi:5727 +msgid "Build the source derivations of the packages, rather than the packages themselves." +msgstr "" + +#. type: table +#: doc/guix.texi:5731 +msgid "" +"For instance, @code{guix build -S gcc} returns something like @file{/gnu/store/@dots{}-gcc-4.7.2.tar.bz2}, which is the GCC source " +"tarball." +msgstr "" + +#. type: table +#: doc/guix.texi:5735 +msgid "" +"The returned source tarball is the result of applying any patches and code snippets specified in the package @code{origin} " +"(@pxref{Defining Packages})." +msgstr "" + +#. type: item +#: doc/guix.texi:5736 +#, no-wrap +msgid "--sources" +msgstr "" + +#. type: table +#: doc/guix.texi:5743 +msgid "" +"Fetch and return the source of @var{package-or-derivation} and all their dependencies, recursively. This is a handy way to obtain a " +"local copy of all the source code needed to build @var{packages}, allowing you to eventually build them even without network " +"access. It is an extension of the @code{--source} option and can accept one of the following optional argument values:" +msgstr "" + +#. type: item +#: doc/guix.texi:5745 doc/guix.texi:6970 +#, no-wrap +msgid "package" +msgstr "" + +#. type: table +#: doc/guix.texi:5748 +msgid "This value causes the @code{--sources} option to behave in the same way as the @code{--source} option." +msgstr "" + +#. type: item +#: doc/guix.texi:5749 doc/guix.texi:11749 +#, no-wrap +msgid "all" +msgstr "" + +#. type: table +#: doc/guix.texi:5752 +msgid "" +"Build the source derivations of all packages, including any source that might be listed as @code{inputs}. This is the default value." +msgstr "" + +#. type: example +#: doc/guix.texi:5758 +#, no-wrap +msgid "" +"$ guix build --sources tzdata\n" +"The following derivations will be built:\n" +" /gnu/store/@dots{}-tzdata2015b.tar.gz.drv\n" +" /gnu/store/@dots{}-tzcode2015b.tar.gz.drv\n" +msgstr "" + +#. type: item +#: doc/guix.texi:5760 +#, no-wrap +msgid "transitive" +msgstr "" + +#. type: table +#: doc/guix.texi:5764 +msgid "" +"Build the source derivations of all packages, as well of all transitive inputs to the packages. This can be used e.g. to prefetch " +"package source for later offline building." +msgstr "" + +#. type: example +#: doc/guix.texi:5775 +#, no-wrap +msgid "" +"$ guix build --sources=transitive tzdata\n" +"The following derivations will be built:\n" +" /gnu/store/@dots{}-tzcode2015b.tar.gz.drv\n" +" /gnu/store/@dots{}-findutils-4.4.2.tar.xz.drv\n" +" /gnu/store/@dots{}-grep-2.21.tar.xz.drv\n" +" /gnu/store/@dots{}-coreutils-8.23.tar.xz.drv\n" +" /gnu/store/@dots{}-make-4.1.tar.xz.drv\n" +" /gnu/store/@dots{}-bash-4.3.tar.xz.drv\n" +"@dots{}\n" +msgstr "" + +#. type: quotation +#: doc/guix.texi:5788 +msgid "" +"The @code{--system} flag is for @emph{native} compilation and must not be confused with cross-compilation. See @code{--target} " +"below for information on cross-compilation." +msgstr "" + +#. type: table +#: doc/guix.texi:5794 +msgid "" +"An example use of this is on Linux-based systems, which can emulate different personalities. For instance, passing @code{--" +"system=i686-linux} on an @code{x86_64-linux} system allows you to build packages in a complete 32-bit environment." +msgstr "" + +#. type: table +#: doc/guix.texi:5799 +msgid "" +"Similarly, when transparent emulation with QEMU and @code{binfmt_misc} is enabled (@pxref{Virtualization Services, @code{qemu-binfmt-" +"service-type}}), you can build for any system for which a QEMU @code{binfmt_misc} handler is installed." +msgstr "" + +#. type: table +#: doc/guix.texi:5803 +msgid "" +"Builds for a system other than that of the machine you are using can also be offloaded to a remote machine of the right " +"architecture. @xref{Daemon Offload Setup}, for more information on offloading." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:5811 +msgid "build-check" +msgstr "" + +#. type: item +#: doc/guix.texi:5811 +#, no-wrap +msgid "--check" +msgstr "--check" + +#. type: cindex +#: doc/guix.texi:5812 +#, no-wrap +msgid "determinism, checking" +msgstr "déterminisme, vérification" + +#. type: cindex +#: doc/guix.texi:5813 +#, no-wrap +msgid "reproducibility, checking" +msgstr "reproductibilité, vérification" + +#. type: table +#: doc/guix.texi:5817 +msgid "" +"Rebuild @var{package-or-derivation}, which are already available in the store, and raise an error if the build results are not bit-" +"for-bit identical." +msgstr "" + +#. type: table +#: doc/guix.texi:5822 +msgid "" +"This mechanism allows you to check whether previously installed substitutes are genuine (@pxref{Substitutes}), or whether the build " +"result of a package is deterministic. @xref{Invoking guix challenge}, for more background information and tools." +msgstr "" +"Ce mécanisme vous permet de vérifier si les substituts précédemment installés sont authentiques (@pxref{Substituts}) ou si le " +"résultat de la construction d'un paquet est déterministe. @xref{Invoking guix challenge} pour plus d'informations et pour les outils." + +#. type: item +#: doc/guix.texi:5827 +#, no-wrap +msgid "--repair" +msgstr "--repair" + +#. type: cindex +#: doc/guix.texi:5828 +#, no-wrap +msgid "repairing store items" +msgstr "" + +#. type: table +#: doc/guix.texi:5832 +msgid "Attempt to repair the specified store items, if they are corrupt, by re-downloading or rebuilding them." +msgstr "" + +#. type: table +#: doc/guix.texi:5834 +msgid "This operation is not atomic and thus restricted to @code{root}." +msgstr "" + +#. type: item +#: doc/guix.texi:5835 +#, no-wrap +msgid "--derivations" +msgstr "" + +#. type: table +#: doc/guix.texi:5839 +msgid "Return the derivation paths, not the output paths, of the given packages." +msgstr "" + +#. type: item +#: doc/guix.texi:5840 doc/guix.texi:7227 doc/guix.texi:20563 +#, no-wrap +msgid "--root=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:5841 doc/guix.texi:7228 doc/guix.texi:20564 +#, no-wrap +msgid "-r @var{file}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5842 +#, no-wrap +msgid "GC roots, adding" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5843 +#, no-wrap +msgid "garbage collector roots, adding" +msgstr "" + +#. type: table +#: doc/guix.texi:5846 doc/guix.texi:20567 +msgid "Make @var{file} a symlink to the result, and register it as a garbage collector root." +msgstr "" + +#. type: table +#: doc/guix.texi:5852 +msgid "" +"Consequently, the results of this @command{guix build} invocation are protected from garbage collection until @var{file} is " +"removed. When that option is omitted, build results are eligible for garbage collection as soon as the build completes. " +"@xref{Invoking guix gc}, for more on GC roots." +msgstr "" + +#. type: item +#: doc/guix.texi:5853 +#, no-wrap +msgid "--log-file" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5854 +#, no-wrap +msgid "build logs, access" +msgstr "" + +#. type: table +#: doc/guix.texi:5858 +msgid "Return the build log file names or URLs for the given @var{package-or-derivation}, or raise an error if build logs are missing." +msgstr "" + +#. type: table +#: doc/guix.texi:5861 +msgid "This works regardless of how packages or derivations are specified. For instance, the following invocations are equivalent:" +msgstr "" + +#. type: example +#: doc/guix.texi:5867 +#, no-wrap +msgid "" +"guix build --log-file `guix build -d guile`\n" +"guix build --log-file `guix build guile`\n" +"guix build --log-file guile\n" +"guix build --log-file -e '(@@ (gnu packages guile) guile-2.0)'\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5872 +msgid "" +"If a log is unavailable locally, and unless @code{--no-substitutes} is passed, the command looks for a corresponding log on one of " +"the substitute servers (as specified with @code{--substitute-urls}.)" +msgstr "" + +#. type: table +#: doc/guix.texi:5875 +msgid "So for instance, imagine you want to see the build log of GDB on MIPS, but you are actually on an @code{x86_64} machine:" +msgstr "" + +#. type: example +#: doc/guix.texi:5879 +#, no-wrap +msgid "" +"$ guix build --log-file gdb -s mips64el-linux\n" +"https://hydra.gnu.org/log/@dots{}-gdb-7.10\n" +msgstr "" + +#. type: table +#: doc/guix.texi:5882 +msgid "You can freely access a huge library of build logs!" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5887 +#, no-wrap +msgid "build failures, debugging" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5893 +msgid "" +"When defining a new package (@pxref{Defining Packages}), you will probably find yourself spending some time debugging and tweaking " +"the build until it succeeds. To do that, you need to operate the build commands yourself in an environment as close as possible to " +"the one the build daemon uses." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5898 +msgid "" +"To that end, the first thing to do is to use the @option{--keep-failed} or @option{-K} option of @command{guix build}, which will " +"keep the failed build tree in @file{/tmp} or whatever directory you specified as @code{TMPDIR} (@pxref{Invoking guix build, @code{--" +"keep-failed}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5904 +msgid "" +"From there on, you can @command{cd} to the failed build tree and source the @file{environment-variables} file, which contains all " +"the environment variable definitions that were in place when the build failed. So let's say you're debugging a build failure in " +"package @code{foo}; a typical session would look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:5911 +#, no-wrap +msgid "" +"$ guix build foo -K\n" +"@dots{} @i{build fails}\n" +"$ cd /tmp/guix-build-foo.drv-0\n" +"$ source ./environment-variables\n" +"$ cd foo-1.2\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5915 +msgid "Now, you can invoke commands as if you were the daemon (almost) and troubleshoot your build process." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5921 +msgid "" +"Sometimes it happens that, for example, a package's tests pass when you run them manually but they fail when the daemon runs them. " +"This can happen because the daemon runs builds in containers where, unlike in our environment above, network access is missing, " +"@file{/bin/sh} does not exist, etc. (@pxref{Build Environment Setup})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5924 +msgid "" +"In such cases, you may need to run inspect the build process from within a container similar to the one the build daemon creates:" +msgstr "" + +#. type: example +#: doc/guix.texi:5932 +#, no-wrap +msgid "" +"$ guix build -K foo\n" +"@dots{}\n" +"$ cd /tmp/guix-build-foo.drv-0\n" +"$ guix environment --no-grafts -C foo --ad-hoc strace gdb\n" +"[env]# source ./environment-variables\n" +"[env]# cd foo-1.2\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5941 +msgid "" +"Here, @command{guix environment -C} creates a container and spawns a new shell in it (@pxref{Invoking guix environment}). The " +"@command{--ad-hoc strace gdb} part adds the @command{strace} and @command{gdb} commands to the container, which would may find handy " +"while debugging. The @option{--no-grafts} option makes sure we get the exact same environment, with ungrafted packages " +"(@pxref{Security Updates}, for more info on grafts)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5944 +msgid "To get closer to a container like that used by the build daemon, we can remove @file{/bin/sh}:" +msgstr "" + +#. type: example +#: doc/guix.texi:5947 +#, no-wrap +msgid "[env]# rm /bin/sh\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5951 +msgid "(Don't worry, this is harmless: this is all happening in the throw-away container created by @command{guix environment}.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5954 +msgid "The @command{strace} command is probably not in the search path, but we can run:" +msgstr "" + +#. type: example +#: doc/guix.texi:5957 +#, no-wrap +msgid "[env]# $GUIX_ENVIRONMENT/bin/strace -f -o log make check\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5962 +msgid "" +"In this way, not only you will have reproduced the environment variables the daemon uses, you will also be running the build process " +"in a container similar to the one the daemon uses." +msgstr "" + +#. type: section +#: doc/guix.texi:5965 +#, no-wrap +msgid "Invoking @command{guix edit}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:5967 +#, no-wrap +msgid "guix edit" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5968 +#, no-wrap +msgid "package definition, editing" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5973 +msgid "" +"So many packages, so many source files! The @command{guix edit} command facilitates the life of users and packagers by pointing " +"their editor at the source file containing the definition of the specified packages. For instance:" +msgstr "" + +#. type: example +#: doc/guix.texi:5976 +#, no-wrap +msgid "guix edit gcc@@4.9 vim\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5982 +msgid "" +"launches the program specified in the @code{VISUAL} or in the @code{EDITOR} environment variable to view the recipe of GCC@tie{}" +"4.9.3 and that of Vim." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:5988 +msgid "" +"If you are using a Guix Git checkout (@pxref{Building from Git}), or have created your own packages on @code{GUIX_PACKAGE_PATH} " +"(@pxref{Defining Packages}), you will be able to edit the package recipes. Otherwise, you will be able to examine the read-only " +"recipes for packages currently in the store." +msgstr "" + +#. type: section +#: doc/guix.texi:5991 +#, no-wrap +msgid "Invoking @command{guix download}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:5993 +#, no-wrap +msgid "guix download" +msgstr "" + +#. type: cindex +#: doc/guix.texi:5994 +#, no-wrap +msgid "downloading package sources" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6001 +msgid "" +"When writing a package definition, developers typically need to download a source tarball, compute its SHA256 hash, and write that " +"hash in the package definition (@pxref{Defining Packages}). The @command{guix download} tool helps with this task: it downloads a " +"file from the given URI, adds it to the store, and prints both its file name in the store and its SHA256 hash." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6008 +msgid "" +"The fact that the downloaded file is added to the store saves bandwidth: when the developer eventually tries to build the newly " +"defined package with @command{guix build}, the source tarball will not have to be downloaded again because it is already in the " +"store. It is also a convenient way to temporarily stash files, which may be deleted eventually (@pxref{Invoking guix gc})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6016 +msgid "" +"The @command{guix download} command supports the same URIs as used in package definitions. In particular, it supports " +"@code{mirror://} URIs. @code{https} URIs (HTTP over TLS) are supported @emph{provided} the Guile bindings for GnuTLS are available " +"in the user's environment; when they are not available, an error is raised. @xref{Guile Preparations, how to install the GnuTLS " +"bindings for Guile,, gnutls-guile, GnuTLS-Guile}, for more information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6021 +msgid "" +"@command{guix download} verifies HTTPS server certificates by loading the certificates of X.509 authorities from the directory " +"pointed to by the @code{SSL_CERT_DIR} environment variable (@pxref{X.509 Certificates}), unless @option{--no-check-certificate} is " +"used." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6023 doc/guix.texi:7507 +msgid "The following options are available:" +msgstr "" + +#. type: item +#: doc/guix.texi:6025 doc/guix.texi:6064 +#, no-wrap +msgid "--format=@var{fmt}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6026 doc/guix.texi:6065 +#, no-wrap +msgid "-f @var{fmt}" +msgstr "" + +#. type: table +#: doc/guix.texi:6029 +msgid "" +"Write the hash in the format specified by @var{fmt}. For more information on the valid values for @var{fmt}, @pxref{Invoking guix " +"hash}." +msgstr "" + +#. type: item +#: doc/guix.texi:6030 +#, no-wrap +msgid "--no-check-certificate" +msgstr "" + +#. type: table +#: doc/guix.texi:6032 +msgid "Do not validate the X.509 certificates of HTTPS servers." +msgstr "" + +#. type: table +#: doc/guix.texi:6036 +msgid "" +"When using this option, you have @emph{absolutely no guarantee} that you are communicating with the authentic server responsible for " +"the given URL, which makes you vulnerable to ``man-in-the-middle'' attacks." +msgstr "" + +#. type: item +#: doc/guix.texi:6037 +#, no-wrap +msgid "--output=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6038 +#, no-wrap +msgid "-o @var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:6041 +msgid "Save the downloaded file to @var{file} instead of adding it to the store." +msgstr "" + +#. type: section +#: doc/guix.texi:6044 +#, no-wrap +msgid "Invoking @command{guix hash}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:6046 +#, no-wrap +msgid "guix hash" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6051 +msgid "" +"The @command{guix hash} command computes the SHA256 hash of a file. It is primarily a convenience tool for anyone contributing to " +"the distribution: it computes the cryptographic hash of a file, which can be used in the definition of a package (@pxref{Defining " +"Packages})." +msgstr "" + +#. type: example +#: doc/guix.texi:6056 +#, no-wrap +msgid "guix hash @var{option} @var{file}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6061 +msgid "" +"When @var{file} is @code{-} (a hyphen), @command{guix hash} computes the hash of data read from standard input. @command{guix hash} " +"has the following options:" +msgstr "" + +#. type: table +#: doc/guix.texi:6067 +msgid "Write the hash in the format specified by @var{fmt}." +msgstr "" + +#. type: table +#: doc/guix.texi:6070 +msgid "Supported formats: @code{nix-base32}, @code{base32}, @code{base16} (@code{hex} and @code{hexadecimal} can be used as well)." +msgstr "" + +#. type: table +#: doc/guix.texi:6074 +msgid "" +"If the @option{--format} option is not specified, @command{guix hash} will output the hash in @code{nix-base32}. This " +"representation is used in the definitions of packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6078 +msgid "Compute the hash on @var{file} recursively." +msgstr "" + +#. type: table +#: doc/guix.texi:6087 +msgid "" +"In this case, the hash is computed on an archive containing @var{file}, including its children if it is a directory. Some of the " +"metadata of @var{file} is part of the archive; for instance, when @var{file} is a regular file, the hash is different depending on " +"whether @var{file} is executable or not. Metadata such as time stamps has no impact on the hash (@pxref{Invoking guix archive})." +msgstr "" + +#. type: item +#: doc/guix.texi:6088 +#, no-wrap +msgid "--exclude-vcs" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6089 +#, no-wrap +msgid "-x" +msgstr "" + +#. type: table +#: doc/guix.texi:6092 +msgid "" +"When combined with @option{--recursive}, exclude version control system directories (@file{.bzr}, @file{.git}, @file{.hg}, etc.)" +msgstr "" + +#. type: table +#: doc/guix.texi:6097 +msgid "" +"As an example, here is how you would compute the hash of a Git checkout, which is useful when using the @code{git-fetch} method " +"(@pxref{origin Reference}):" +msgstr "" + +#. type: example +#: doc/guix.texi:6102 +#, no-wrap +msgid "" +"$ git clone http://example.org/foo.git\n" +"$ cd foo\n" +"$ guix hash -rx .\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6106 doc/guix.texi:6111 +#, no-wrap +msgid "Invoking @command{guix import}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6108 +#, no-wrap +msgid "importing packages" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6109 +#, no-wrap +msgid "package import" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6110 +#, no-wrap +msgid "package conversion" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6118 +msgid "" +"The @command{guix import} command is useful for people who would like to add a package to the distribution with as little work as " +"possible---a legitimate demand. The command knows of a few repositories from which it can ``import'' package metadata. The result " +"is a package definition, or a template thereof, in the format we know (@pxref{Defining Packages})." +msgstr "" + +#. type: example +#: doc/guix.texi:6123 +#, no-wrap +msgid "guix import @var{importer} @var{options}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6129 +msgid "" +"@var{importer} specifies the source from which to import package metadata, and @var{options} specifies a package identifier and " +"other options specific to @var{importer}. Currently, the available ``importers'' are:" +msgstr "" + +#. type: item +#: doc/guix.texi:6131 doc/guix.texi:6584 +#, no-wrap +msgid "gnu" +msgstr "" + +#. type: table +#: doc/guix.texi:6135 +msgid "" +"Import metadata for the given GNU package. This provides a template for the latest version of that GNU package, including the hash " +"of its source tarball, and its canonical synopsis and description." +msgstr "" + +#. type: table +#: doc/guix.texi:6138 +msgid "Additional information such as the package dependencies and its license needs to be figured out manually." +msgstr "" + +#. type: table +#: doc/guix.texi:6141 +msgid "For example, the following command returns a package definition for GNU@tie{}Hello:" +msgstr "" + +#. type: example +#: doc/guix.texi:6144 +#, no-wrap +msgid "guix import gnu hello\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6147 doc/guix.texi:6365 doc/guix.texi:6410 doc/guix.texi:6434 +msgid "Specific command-line options are:" +msgstr "" + +#. type: item +#: doc/guix.texi:6149 doc/guix.texi:6685 +#, no-wrap +msgid "--key-download=@var{policy}" +msgstr "" + +#. type: table +#: doc/guix.texi:6153 +msgid "" +"As for @code{guix refresh}, specify the policy to handle missing OpenPGP keys when verifying the package signature. @xref{Invoking " +"guix refresh, @code{--key-download}}." +msgstr "" + +#. type: item +#: doc/guix.texi:6155 doc/guix.texi:6156 doc/guix.texi:6602 +#, no-wrap +msgid "pypi" +msgstr "" + +#. type: table +#: doc/guix.texi:6164 +msgid "" +"Import metadata from the @uref{https://pypi.python.org/, Python Package Index}@footnote{This functionality requires Guile-JSON to be " +"installed. @xref{Requirements}.}. Information is taken from the JSON-formatted description available at @code{pypi.python.org} and " +"usually includes all the relevant information, including package dependencies. For maximum efficiency, it is recommended to install " +"the @command{unzip} utility, so that the importer can unzip Python wheels and gather data from them." +msgstr "" + +#. type: table +#: doc/guix.texi:6167 +msgid "The command below imports metadata for the @code{itsdangerous} Python package:" +msgstr "" + +#. type: example +#: doc/guix.texi:6170 +#, no-wrap +msgid "guix import pypi itsdangerous\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6172 doc/guix.texi:6173 doc/guix.texi:6604 +#, no-wrap +msgid "gem" +msgstr "" + +#. type: table +#: doc/guix.texi:6184 +msgid "" +"Import metadata from @uref{https://rubygems.org/, RubyGems}@footnote{This functionality requires Guile-JSON to be installed. " +"@xref{Requirements}.}. Information is taken from the JSON-formatted description available at @code{rubygems.org} and includes most " +"relevant information, including runtime dependencies. There are some caveats, however. The metadata doesn't distinguish between " +"synopses and descriptions, so the same string is used for both fields. Additionally, the details of non-Ruby dependencies required " +"to build native extensions is unavailable and left as an exercise to the packager." +msgstr "" + +#. type: table +#: doc/guix.texi:6186 +msgid "The command below imports metadata for the @code{rails} Ruby package:" +msgstr "" + +#. type: example +#: doc/guix.texi:6189 +#, no-wrap +msgid "guix import gem rails\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6191 doc/guix.texi:6600 +#, no-wrap +msgid "cpan" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6192 +#, no-wrap +msgid "CPAN" +msgstr "" + +#. type: table +#: doc/guix.texi:6202 +msgid "" +"Import metadata from @uref{https://www.metacpan.org/, MetaCPAN}@footnote{This functionality requires Guile-JSON to be installed. " +"@xref{Requirements}.}. Information is taken from the JSON-formatted metadata provided through @uref{https://fastapi.metacpan.org/, " +"MetaCPAN's API} and includes most relevant information, such as module dependencies. License information should be checked " +"closely. If Perl is available in the store, then the @code{corelist} utility will be used to filter core modules out of the list of " +"dependencies." +msgstr "" + +#. type: table +#: doc/guix.texi:6205 +msgid "The command command below imports metadata for the @code{Acme::Boolean} Perl module:" +msgstr "" + +#. type: example +#: doc/guix.texi:6208 +#, no-wrap +msgid "guix import cpan Acme::Boolean\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6210 doc/guix.texi:6596 +#, no-wrap +msgid "cran" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6211 +#, no-wrap +msgid "CRAN" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6212 +#, no-wrap +msgid "Bioconductor" +msgstr "" + +#. type: table +#: doc/guix.texi:6216 +msgid "" +"Import metadata from @uref{https://cran.r-project.org/, CRAN}, the central repository for the @uref{http://r-project.org, GNU@tie{}R " +"statistical and graphical environment}." +msgstr "" + +#. type: table +#: doc/guix.texi:6218 +msgid "Information is extracted from the @code{DESCRIPTION} file of the package." +msgstr "" + +#. type: table +#: doc/guix.texi:6221 +msgid "The command command below imports metadata for the @code{Cairo} R package:" +msgstr "" + +#. type: example +#: doc/guix.texi:6224 +#, no-wrap +msgid "guix import cran Cairo\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6229 +msgid "" +"When @code{--recursive} is added, the importer will traverse the dependency graph of the given upstream package recursively and " +"generate package expressions for all those packages that are not yet in Guix." +msgstr "" + +#. type: table +#: doc/guix.texi:6234 +msgid "" +"When @code{--archive=bioconductor} is added, metadata is imported from @uref{https://www.bioconductor.org/, Bioconductor}, a " +"repository of R packages for for the analysis and comprehension of high-throughput genomic data in bioinformatics." +msgstr "" + +#. type: table +#: doc/guix.texi:6237 +msgid "" +"Information is extracted from the @code{DESCRIPTION} file of a package published on the web interface of the Bioconductor SVN " +"repository." +msgstr "" + +#. type: table +#: doc/guix.texi:6240 +msgid "The command below imports metadata for the @code{GenomicRanges} R package:" +msgstr "" + +#. type: example +#: doc/guix.texi:6243 +#, no-wrap +msgid "guix import cran --archive=bioconductor GenomicRanges\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6245 +#, no-wrap +msgid "texlive" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6246 +#, no-wrap +msgid "TeX Live" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6247 +#, no-wrap +msgid "CTAN" +msgstr "" + +#. type: table +#: doc/guix.texi:6251 +msgid "" +"Import metadata from @uref{http://www.ctan.org/, CTAN}, the comprehensive TeX archive network for TeX packages that are part of the " +"@uref{https://www.tug.org/texlive/, TeX Live distribution}." +msgstr "" + +#. type: table +#: doc/guix.texi:6256 +msgid "" +"Information about the package is obtained through the XML API provided by CTAN, while the source code is downloaded from the SVN " +"repository of the Tex Live project. This is done because the CTAN does not keep versioned archives." +msgstr "" + +#. type: table +#: doc/guix.texi:6259 +msgid "The command command below imports metadata for the @code{fontspec} TeX package:" +msgstr "" + +#. type: example +#: doc/guix.texi:6262 +#, no-wrap +msgid "guix import texlive fontspec\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6268 +msgid "" +"When @code{--archive=DIRECTORY} is added, the source code is downloaded not from the @file{latex} sub-directory of the @file{texmf-" +"dist/source} tree in the TeX Live SVN repository, but from the specified sibling directory under the same root." +msgstr "" + +#. type: table +#: doc/guix.texi:6272 +msgid "" +"The command below imports metadata for the @code{ifxetex} package from CTAN while fetching the sources from the directory " +"@file{texmf/source/generic}:" +msgstr "" + +#. type: example +#: doc/guix.texi:6275 +#, no-wrap +msgid "guix import texlive --archive=generic ifxetex\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6277 +#, no-wrap +msgid "json" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6278 +#, no-wrap +msgid "JSON, import" +msgstr "" + +#. type: table +#: doc/guix.texi:6283 +msgid "" +"Import package metadata from a local JSON file@footnote{This functionality requires Guile-JSON to be installed. " +"@xref{Requirements}.}. Consider the following example package definition in JSON format:" +msgstr "" + +#. type: example +#: doc/guix.texi:6296 +#, no-wrap +msgid "" +"@{\n" +" \"name\": \"hello\",\n" +" \"version\": \"2.10\",\n" +" \"source\": \"mirror://gnu/hello/hello-2.10.tar.gz\",\n" +" \"build-system\": \"gnu\",\n" +" \"home-page\": \"https://www.gnu.org/software/hello/\",\n" +" \"synopsis\": \"Hello, GNU world: An example GNU package\",\n" +" \"description\": \"GNU Hello prints a greeting.\",\n" +" \"license\": \"GPL-3.0+\",\n" +" \"native-inputs\": [\"gcc@@6\"]\n" +"@}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6302 +msgid "" +"The field names are the same as for the @code{} record (@xref{Defining Packages}). References to other packages are " +"provided as JSON lists of quoted package specification strings such as @code{guile} or @code{guile@@2.0}." +msgstr "" + +#. type: table +#: doc/guix.texi:6305 +msgid "The importer also supports a more explicit source definition using the common fields for @code{} records:" +msgstr "" + +#. type: example +#: doc/guix.texi:6318 +#, no-wrap +msgid "" +"@{\n" +" @dots{}\n" +" \"source\": @{\n" +" \"method\": \"url-fetch\",\n" +" \"uri\": \"mirror://gnu/hello/hello-2.10.tar.gz\",\n" +" \"sha256\": @{\n" +" \"base32\": \"0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i\"\n" +" @}\n" +" @}\n" +" @dots{}\n" +"@}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6322 +msgid "The command below reads metadata from the JSON file @code{hello.json} and outputs a package expression:" +msgstr "" + +#. type: example +#: doc/guix.texi:6325 +#, no-wrap +msgid "guix import json hello.json\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6327 +#, no-wrap +msgid "nix" +msgstr "" + +#. type: table +#: doc/guix.texi:6336 +msgid "" +"Import metadata from a local copy of the source of the @uref{http://nixos.org/nixpkgs/, Nixpkgs distribution}@footnote{This relies " +"on the @command{nix-instantiate} command of @uref{http://nixos.org/nix/, Nix}.}. Package definitions in Nixpkgs are typically " +"written in a mixture of Nix-language and Bash code. This command only imports the high-level package structure that is written in " +"the Nix language. It normally includes all the basic fields of a package definition." +msgstr "" + +#. type: table +#: doc/guix.texi:6339 +msgid "When importing a GNU package, the synopsis and descriptions are replaced by their canonical upstream variant." +msgstr "" + +#. type: table +#: doc/guix.texi:6341 +msgid "Usually, you will first need to do:" +msgstr "" + +#. type: example +#: doc/guix.texi:6344 +#, no-wrap +msgid "export NIX_REMOTE=daemon\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6348 +msgid "so that @command{nix-instantiate} does not try to open the Nix database." +msgstr "" + +#. type: table +#: doc/guix.texi:6352 +msgid "" +"As an example, the command below imports the package definition of LibreOffice (more precisely, it imports the definition of the " +"package bound to the @code{libreoffice} top-level attribute):" +msgstr "" + +#. type: example +#: doc/guix.texi:6355 +#, no-wrap +msgid "guix import nix ~/path/to/nixpkgs libreoffice\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6357 doc/guix.texi:6358 doc/guix.texi:6608 +#, no-wrap +msgid "hackage" +msgstr "" + +#. type: table +#: doc/guix.texi:6363 +msgid "" +"Import metadata from the Haskell community's central package archive @uref{https://hackage.haskell.org/, Hackage}. Information is " +"taken from Cabal files and includes all the relevant information, including package dependencies." +msgstr "" + +#. type: item +#: doc/guix.texi:6367 +#, no-wrap +msgid "--stdin" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6368 +#, no-wrap +msgid "-s" +msgstr "" + +#. type: table +#: doc/guix.texi:6370 +msgid "Read a Cabal file from standard input." +msgstr "" + +#. type: item +#: doc/guix.texi:6370 doc/guix.texi:6412 +#, no-wrap +msgid "--no-test-dependencies" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6371 doc/guix.texi:6413 +#, no-wrap +msgid "-t" +msgstr "" + +#. type: table +#: doc/guix.texi:6373 doc/guix.texi:6415 +msgid "Do not include dependencies required only by the test suites." +msgstr "" + +#. type: item +#: doc/guix.texi:6373 +#, no-wrap +msgid "--cabal-environment=@var{alist}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6374 +#, no-wrap +msgid "-e @var{alist}" +msgstr "" + +#. type: table +#: doc/guix.texi:6383 +msgid "" +"@var{alist} is a Scheme alist defining the environment in which the Cabal conditionals are evaluated. The accepted keys are: " +"@code{os}, @code{arch}, @code{impl} and a string representing the name of a flag. The value associated with a flag has to be either " +"the symbol @code{true} or @code{false}. The value associated with other keys has to conform to the Cabal file format definition. " +"The default value associated with the keys @code{os}, @code{arch} and @code{impl} is @samp{linux}, @samp{x86_64} and @samp{ghc}, " +"respectively." +msgstr "" + +#. type: table +#: doc/guix.texi:6388 +msgid "" +"The command below imports metadata for the latest version of the @code{HTTP} Haskell package without including test dependencies and " +"specifying the value of the flag @samp{network-uri} as @code{false}:" +msgstr "" + +#. type: example +#: doc/guix.texi:6391 +#, no-wrap +msgid "guix import hackage -t -e \"'((\\\"network-uri\\\" . false))\" HTTP\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6395 +msgid "" +"A specific package version may optionally be specified by following the package name by an at-sign and a version number as in the " +"following example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6398 +#, no-wrap +msgid "guix import hackage mtl@@2.1.3.1\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6400 doc/guix.texi:6401 doc/guix.texi:6610 +#, no-wrap +msgid "stackage" +msgstr "" + +#. type: table +#: doc/guix.texi:6408 +msgid "" +"The @code{stackage} importer is a wrapper around the @code{hackage} one. It takes a package name, looks up the package version " +"included in a long-term support (LTS) @uref{https://www.stackage.org, Stackage} release and uses the @code{hackage} importer to " +"retrieve its metadata. Note that it is up to you to select an LTS release compatible with the GHC compiler used by Guix." +msgstr "" + +#. type: item +#: doc/guix.texi:6415 +#, no-wrap +msgid "--lts-version=@var{version}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6416 +#, no-wrap +msgid "-r @var{version}" +msgstr "" + +#. type: table +#: doc/guix.texi:6419 +msgid "@var{version} is the desired LTS release version. If omitted the latest release is used." +msgstr "" + +#. type: table +#: doc/guix.texi:6423 +msgid "The command below imports metadata for the @code{HTTP} Haskell package included in the LTS Stackage release version 7.18:" +msgstr "" + +#. type: example +#: doc/guix.texi:6426 +#, no-wrap +msgid "guix import stackage --lts-version=7.18 HTTP\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6428 doc/guix.texi:6429 doc/guix.texi:6594 +#, no-wrap +msgid "elpa" +msgstr "" + +#. type: table +#: doc/guix.texi:6432 +msgid "Import metadata from an Emacs Lisp Package Archive (ELPA) package repository (@pxref{Packages,,, emacs, The GNU Emacs Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:6436 +#, no-wrap +msgid "--archive=@var{repo}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6437 +#, no-wrap +msgid "-a @var{repo}" +msgstr "" + +#. type: table +#: doc/guix.texi:6441 +msgid "" +"@var{repo} identifies the archive repository from which to retrieve the information. Currently the supported repositories and their " +"identifiers are:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:6445 +msgid "@uref{http://elpa.gnu.org/packages, GNU}, selected by the @code{gnu} identifier. This is the default." +msgstr "" + +#. type: itemize +#: doc/guix.texi:6451 +msgid "" +"Packages from @code{elpa.gnu.org} are signed with one of the keys contained in the GnuPG keyring at @file{share/emacs/25.1/etc/" +"package-keyring.gpg} (or similar) in the @code{emacs} package (@pxref{Package Installation, ELPA package signatures,, emacs, The GNU " +"Emacs Manual})." +msgstr "" + +#. type: itemize +#: doc/guix.texi:6455 +msgid "@uref{http://stable.melpa.org/packages, MELPA-Stable}, selected by the @code{melpa-stable} identifier." +msgstr "" + +#. type: itemize +#: doc/guix.texi:6459 +msgid "@uref{http://melpa.org/packages, MELPA}, selected by the @code{melpa} identifier." +msgstr "" + +#. type: item +#: doc/guix.texi:6462 doc/guix.texi:6463 doc/guix.texi:6612 +#, no-wrap +msgid "crate" +msgstr "" + +#. type: table +#: doc/guix.texi:6466 +msgid "Import metadata from the crates.io Rust package repository @uref{https://crates.io, crates.io}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6471 +msgid "" +"The structure of the @command{guix import} code is modular. It would be useful to have more importers for other package formats, " +"and your help is welcome here (@pxref{Contributing})." +msgstr "" + +#. type: section +#: doc/guix.texi:6473 +#, no-wrap +msgid "Invoking @command{guix refresh}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:6475 +#, no-wrap +msgid "guix refresh" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6480 +msgid "" +"The primary audience of the @command{guix refresh} command is developers of the GNU software distribution. By default, it reports " +"any packages provided by the distribution that are outdated compared to the latest upstream version, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:6485 +#, no-wrap +msgid "" +"$ guix refresh\n" +"gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1\n" +"gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6489 +msgid "Alternately, one can specify packages to consider, in which case a warning is emitted for packages that lack an updater:" +msgstr "" + +#. type: example +#: doc/guix.texi:6494 +#, no-wrap +msgid "" +"$ guix refresh coreutils guile guile-ssh\n" +"gnu/packages/ssh.scm:205:2: warning: no updater for guile-ssh\n" +"gnu/packages/guile.scm:136:12: guile would be upgraded from 2.0.12 to 2.0.13\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6503 +msgid "" +"@command{guix refresh} browses the upstream repository of each package and determines the highest version number of the releases " +"therein. The command knows how to update specific types of packages: GNU packages, ELPA packages, etc.---see the documentation for " +"@option{--type} below. There are many packages, though, for which it lacks a method to determine whether a new upstream release is " +"available. However, the mechanism is extensible, so feel free to get in touch with us to add a new method!" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6508 +msgid "" +"Sometimes the upstream name differs from the package name used in Guix, and @command{guix refresh} needs a little help. Most " +"updaters honor the @code{upstream-name} property in package definitions, which can be used to that effect:" +msgstr "" + +#. type: example +#: doc/guix.texi:6515 +#, no-wrap +msgid "" +"(define-public network-manager\n" +" (package\n" +" (name \"network-manager\")\n" +" ;; @dots{}\n" +" (properties '((upstream-name . \"NetworkManager\")))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6527 +msgid "" +"When passed @code{--update}, it modifies distribution source files to update the version numbers and source tarball hashes of those " +"package recipes (@pxref{Defining Packages}). This is achieved by downloading each package's latest source tarball and its " +"associated OpenPGP signature, authenticating the downloaded tarball against its signature using @command{gpg}, and finally computing " +"its hash. When the public key used to sign the tarball is missing from the user's keyring, an attempt is made to automatically " +"retrieve it from a public key server; when this is successful, the key is added to the user's keyring; otherwise, @command{guix " +"refresh} reports an error." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6529 +msgid "The following options are supported:" +msgstr "" + +#. type: table +#: doc/guix.texi:6537 doc/guix.texi:7098 +msgid "This is useful to precisely refer to a package, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6540 +#, no-wrap +msgid "guix refresh -l -e '(@@@@ (gnu packages commencement) glibc-final)'\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6544 +msgid "This command lists the dependents of the ``final'' libc (essentially all the packages.)" +msgstr "" + +#. type: item +#: doc/guix.texi:6545 +#, no-wrap +msgid "--update" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6546 +#, no-wrap +msgid "-u" +msgstr "" + +#. type: table +#: doc/guix.texi:6550 +msgid "" +"Update distribution source files (package recipes) in place. This is usually run from a checkout of the Guix source tree " +"(@pxref{Running Guix Before It Is Installed}):" +msgstr "" + +#. type: example +#: doc/guix.texi:6553 +#, no-wrap +msgid "$ ./pre-inst-env guix refresh -s non-core -u\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6556 +msgid "@xref{Defining Packages}, for more information on package definitions." +msgstr "" + +#. type: item +#: doc/guix.texi:6557 +#, no-wrap +msgid "--select=[@var{subset}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6558 +#, no-wrap +msgid "-s @var{subset}" +msgstr "" + +#. type: table +#: doc/guix.texi:6561 +msgid "Select all the packages in @var{subset}, one of @code{core} or @code{non-core}." +msgstr "" + +#. type: table +#: doc/guix.texi:6568 +msgid "" +"The @code{core} subset refers to all the packages at the core of the distribution---i.e., packages that are used to build " +"``everything else''. This includes GCC, libc, Binutils, Bash, etc. Usually, changing one of these packages in the distribution " +"entails a rebuild of all the others. Thus, such updates are an inconvenience to users in terms of build time or bandwidth used to " +"achieve the upgrade." +msgstr "" + +#. type: table +#: doc/guix.texi:6572 +msgid "" +"The @code{non-core} subset refers to the remaining packages. It is typically useful in cases where an update of the core packages " +"would be inconvenient." +msgstr "" + +#. type: table +#: doc/guix.texi:6577 +msgid "" +"Select all the packages from the manifest in @var{file}. This is useful to check if any packages of the user manifest can be updated." +msgstr "" + +#. type: item +#: doc/guix.texi:6578 +#, no-wrap +msgid "--type=@var{updater}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6579 +#, no-wrap +msgid "-t @var{updater}" +msgstr "" + +#. type: table +#: doc/guix.texi:6582 +msgid "" +"Select only packages handled by @var{updater} (may be a comma-separated list of updaters). Currently, @var{updater} may be one of:" +msgstr "" + +#. type: table +#: doc/guix.texi:6586 +msgid "the updater for GNU packages;" +msgstr "" + +#. type: item +#: doc/guix.texi:6586 +#, no-wrap +msgid "gnome" +msgstr "" + +#. type: table +#: doc/guix.texi:6588 +msgid "the updater for GNOME packages;" +msgstr "" + +#. type: item +#: doc/guix.texi:6588 +#, no-wrap +msgid "kde" +msgstr "" + +#. type: table +#: doc/guix.texi:6590 +msgid "the updater for KDE packages;" +msgstr "" + +#. type: item +#: doc/guix.texi:6590 +#, no-wrap +msgid "xorg" +msgstr "" + +#. type: table +#: doc/guix.texi:6592 +msgid "the updater for X.org packages;" +msgstr "" + +#. type: item +#: doc/guix.texi:6592 +#, no-wrap +msgid "kernel.org" +msgstr "" + +#. type: table +#: doc/guix.texi:6594 +msgid "the updater for packages hosted on kernel.org;" +msgstr "" + +#. type: table +#: doc/guix.texi:6596 +msgid "the updater for @uref{http://elpa.gnu.org/, ELPA} packages;" +msgstr "" + +#. type: table +#: doc/guix.texi:6598 +msgid "the updater for @uref{https://cran.r-project.org/, CRAN} packages;" +msgstr "" + +#. type: item +#: doc/guix.texi:6598 +#, no-wrap +msgid "bioconductor" +msgstr "" + +#. type: table +#: doc/guix.texi:6600 +msgid "the updater for @uref{https://www.bioconductor.org/, Bioconductor} R packages;" +msgstr "" + +#. type: table +#: doc/guix.texi:6602 +msgid "the updater for @uref{http://www.cpan.org/, CPAN} packages;" +msgstr "" + +#. type: table +#: doc/guix.texi:6604 +msgid "the updater for @uref{https://pypi.python.org, PyPI} packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6606 +msgid "the updater for @uref{https://rubygems.org, RubyGems} packages." +msgstr "" + +#. type: item +#: doc/guix.texi:6606 +#, no-wrap +msgid "github" +msgstr "" + +#. type: table +#: doc/guix.texi:6608 +msgid "the updater for @uref{https://github.com, GitHub} packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6610 +msgid "the updater for @uref{https://hackage.haskell.org, Hackage} packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6612 +msgid "the updater for @uref{https://www.stackage.org, Stackage} packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6614 +msgid "the updater for @uref{https://crates.io, Crates} packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6618 +msgid "" +"For instance, the following command only checks for updates of Emacs packages hosted at @code{elpa.gnu.org} and for updates of CRAN " +"packages:" +msgstr "" + +#. type: example +#: doc/guix.texi:6623 +#, no-wrap +msgid "" +"$ guix refresh --type=elpa,cran\n" +"gnu/packages/statistics.scm:819:13: r-testthat would be upgraded from 0.10.0 to 0.11.0\n" +"gnu/packages/emacs.scm:856:13: emacs-auctex would be upgraded from 11.88.6 to 11.88.9\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6629 +msgid "In addition, @command{guix refresh} can be passed one or more package names, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6632 +#, no-wrap +msgid "$ ./pre-inst-env guix refresh -u emacs idutils gcc@@4.8\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6638 +msgid "" +"The command above specifically updates the @code{emacs} and @code{idutils} packages. The @code{--select} option would have no " +"effect in this case." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6643 +msgid "" +"When considering whether to upgrade a package, it is sometimes convenient to know which packages would be affected by the upgrade " +"and should be checked for compatibility. For this the following option may be used when passing @command{guix refresh} one or more " +"package names:" +msgstr "" + +#. type: item +#: doc/guix.texi:6646 +#, no-wrap +msgid "--list-updaters" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6647 +#, no-wrap +msgid "-L" +msgstr "" + +#. type: table +#: doc/guix.texi:6649 +msgid "List available updaters and exit (see @option{--type} above.)" +msgstr "" + +#. type: table +#: doc/guix.texi:6652 +msgid "" +"For each updater, display the fraction of packages it covers; at the end, display the fraction of packages covered by all these " +"updaters." +msgstr "" + +#. type: item +#: doc/guix.texi:6653 +#, no-wrap +msgid "--list-dependent" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6654 doc/guix.texi:6799 +#, no-wrap +msgid "-l" +msgstr "" + +#. type: table +#: doc/guix.texi:6657 +msgid "List top-level dependent packages that would need to be rebuilt as a result of upgrading one or more packages." +msgstr "" + +#. type: table +#: doc/guix.texi:6661 +msgid "" +"@xref{Invoking guix graph, the @code{reverse-package} type of @command{guix graph}}, for information on how to visualize the list of " +"dependents of a package." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6667 +msgid "" +"Be aware that the @code{--list-dependent} option only @emph{approximates} the rebuilds that would be required as a result of an " +"upgrade. More rebuilds might be required under some circumstances." +msgstr "" + +#. type: example +#: doc/guix.texi:6672 +#, no-wrap +msgid "" +"$ guix refresh --list-dependent flex\n" +"Building the following 120 packages would ensure 213 dependent packages are rebuilt:\n" +"hop@@2.4.0 geiser@@0.4 notmuch@@0.18 mu@@0.9.9.5 cflow@@1.4 idutils@@4.6 @dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6676 +msgid "The command above lists a set of packages that could be built to check for compatibility with an upgraded @code{flex} package." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6678 +msgid "The following options can be used to customize GnuPG operation:" +msgstr "" + +#. type: item +#: doc/guix.texi:6681 +#, no-wrap +msgid "--gpg=@var{command}" +msgstr "" + +#. type: table +#: doc/guix.texi:6684 +msgid "Use @var{command} as the GnuPG 2.x command. @var{command} is searched for in @code{$PATH}." +msgstr "" + +#. type: table +#: doc/guix.texi:6688 +msgid "Handle missing OpenPGP keys according to @var{policy}, which may be one of:" +msgstr "" + +#. type: item +#: doc/guix.texi:6690 doc/guix.texi:13666 +#, no-wrap +msgid "always" +msgstr "" + +#. type: table +#: doc/guix.texi:6693 +msgid "Always download missing OpenPGP keys from the key server, and add them to the user's GnuPG keyring." +msgstr "" + +#. type: item +#: doc/guix.texi:6694 doc/guix.texi:13668 +#, no-wrap +msgid "never" +msgstr "" + +#. type: table +#: doc/guix.texi:6696 +msgid "Never try to download missing OpenPGP keys. Instead just bail out." +msgstr "" + +#. type: item +#: doc/guix.texi:6697 +#, no-wrap +msgid "interactive" +msgstr "" + +#. type: table +#: doc/guix.texi:6700 +msgid "" +"When a package signed with an unknown OpenPGP key is encountered, ask the user whether to download it or not. This is the default " +"behavior." +msgstr "" + +#. type: item +#: doc/guix.texi:6702 +#, no-wrap +msgid "--key-server=@var{host}" +msgstr "" + +#. type: table +#: doc/guix.texi:6704 +msgid "Use @var{host} as the OpenPGP key server when importing a public key." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6717 +msgid "" +"The @code{github} updater uses the @uref{https://developer.github.com/v3/, GitHub API} to query for new releases. When used " +"repeatedly e.g. when refreshing all packages, GitHub will eventually refuse to answer any further API requests. By default 60 API " +"requests per hour are allowed, and a full refresh on all GitHub packages in Guix requires more than this. Authentication with " +"GitHub through the use of an API token alleviates these limits. To use an API token, set the environment variable " +"@code{GUIX_GITHUB_TOKEN} to a token procured from @uref{https://github.com/settings/tokens} or otherwise." +msgstr "" + +#. type: section +#: doc/guix.texi:6720 +#, no-wrap +msgid "Invoking @command{guix lint}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:6722 +#, no-wrap +msgid "guix lint" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6723 +#, no-wrap +msgid "package, checking for errors" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6729 +msgid "" +"The @command{guix lint} command is meant to help package developers avoid common errors and use a consistent style. It runs a " +"number of checks on a given set of packages in order to find common mistakes in their definitions. Available @dfn{checkers} include " +"(see @code{--list-checkers} for a complete list):" +msgstr "" + +#. type: table +#: doc/guix.texi:6735 +msgid "Validate certain typographical and stylistic rules about package descriptions and synopses." +msgstr "" + +#. type: item +#: doc/guix.texi:6736 +#, no-wrap +msgid "inputs-should-be-native" +msgstr "" + +#. type: table +#: doc/guix.texi:6738 +msgid "Identify inputs that should most likely be native inputs." +msgstr "" + +#. type: itemx +#: doc/guix.texi:6741 +#, no-wrap +msgid "mirror-url" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6742 +#, no-wrap +msgid "source-file-name" +msgstr "" + +#. type: table +#: doc/guix.texi:6748 +msgid "" +"Probe @code{home-page} and @code{source} URLs and report those that are invalid. Suggest a @code{mirror://} URL when applicable. " +"Check that the source file name is meaningful, e.g. is not just a version number or ``git-checkout'', without a declared @code{file-" +"name} (@pxref{origin Reference})." +msgstr "" + +#. type: item +#: doc/guix.texi:6749 +#, no-wrap +msgid "cve" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6750 doc/guix.texi:21423 +#, no-wrap +msgid "security vulnerabilities" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6751 +#, no-wrap +msgid "CVE, Common Vulnerabilities and Exposures" +msgstr "" + +#. type: table +#: doc/guix.texi:6756 +msgid "" +"Report known vulnerabilities found in the Common Vulnerabilities and Exposures (CVE) databases of the current and past year " +"@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US NIST}." +msgstr "" + +#. type: table +#: doc/guix.texi:6758 +msgid "To view information about a particular vulnerability, visit pages such as:" +msgstr "" + +#. type: indicateurl{#1} +#: doc/guix.texi:6762 +msgid "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-YYYY-ABCD" +msgstr "" + +#. type: indicateurl{#1} +#: doc/guix.texi:6764 +msgid "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-YYYY-ABCD" +msgstr "" + +#. type: table +#: doc/guix.texi:6769 +msgid "where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g., @code{CVE-2015-7554}." +msgstr "" + +#. type: table +#: doc/guix.texi:6774 +msgid "" +"Package developers can specify in package recipes the @uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)} name and " +"version of the package when they differ from the name that Guix uses, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6781 +#, no-wrap +msgid "" +"(package\n" +" (name \"grub\")\n" +" ;; @dots{}\n" +" ;; CPE calls this package \"grub2\".\n" +" (properties '((cpe-name . \"grub2\"))))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:6783 +#, no-wrap +msgid "formatting" +msgstr "" + +#. type: table +#: doc/guix.texi:6786 +msgid "Warn about obvious source code formatting issues: trailing white space, use of tabulations, etc." +msgstr "" + +#. type: example +#: doc/guix.texi:6792 +#, no-wrap +msgid "guix lint @var{options} @var{package}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6796 +msgid "" +"If no package is given on the command line, then all packages are checked. The @var{options} may be zero or more of the following:" +msgstr "" + +#. type: item +#: doc/guix.texi:6798 +#, no-wrap +msgid "--list-checkers" +msgstr "" + +#. type: table +#: doc/guix.texi:6802 +msgid "List and describe all the available checkers that will be run on packages and exit." +msgstr "" + +#. type: item +#: doc/guix.texi:6803 +#, no-wrap +msgid "--checkers" +msgstr "" + +#. type: itemx +#: doc/guix.texi:6804 +#, no-wrap +msgid "-c" +msgstr "" + +#. type: table +#: doc/guix.texi:6807 +msgid "Only enable the checkers specified in a comma-separated list using the names returned by @code{--list-checkers}." +msgstr "" + +#. type: section +#: doc/guix.texi:6811 +#, no-wrap +msgid "Invoking @command{guix size}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6813 +#, no-wrap +msgid "size" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6814 +#, no-wrap +msgid "package size" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:6816 +#, no-wrap +msgid "guix size" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6823 +msgid "" +"The @command{guix size} command helps package developers profile the disk usage of packages. It is easy to overlook the impact of " +"an additional dependency added to a package, or the impact of using a single output for a package that could easily be split " +"(@pxref{Packages with Multiple Outputs}). Such are the typical issues that @command{guix size} can highlight." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6827 +msgid "" +"The command can be passed a package specification such as @code{gcc@@4.8} or @code{guile:debug}, or a file name in the store. " +"Consider this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6837 +#, no-wrap +msgid "" +"$ guix size coreutils\n" +"store item total self\n" +"/gnu/store/@dots{}-coreutils-8.23 70.0 13.9 19.8%\n" +"/gnu/store/@dots{}-gmp-6.0.0a 55.3 2.5 3.6%\n" +"/gnu/store/@dots{}-acl-2.2.52 53.7 0.5 0.7%\n" +"/gnu/store/@dots{}-attr-2.4.46 53.2 0.3 0.5%\n" +"/gnu/store/@dots{}-gcc-4.8.4-lib 52.9 15.7 22.4%\n" +"/gnu/store/@dots{}-glibc-2.21 37.2 37.2 53.1%\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6843 +msgid "" +"The store items listed here constitute the @dfn{transitive closure} of Coreutils---i.e., Coreutils and all its dependencies, " +"recursively---as would be returned by:" +msgstr "" + +#. type: example +#: doc/guix.texi:6846 +#, no-wrap +msgid "$ guix gc -R /gnu/store/@dots{}-coreutils-8.23\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6854 +msgid "" +"Here the output shows three columns next to store items. The first column, labeled ``total'', shows the size in mebibytes (MiB) of " +"the closure of the store item---that is, its own size plus the size of all its dependencies. The next column, labeled ``self'', " +"shows the size of the item itself. The last column shows the ratio of the size of the item itself to the space occupied by all the " +"items listed here." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6859 +msgid "" +"In this example, we see that the closure of Coreutils weighs in at 70@tie{}MiB, half of which is taken by libc. (That libc " +"represents a large fraction of the closure is not a problem @i{per se} because it is always available on the system anyway.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6865 +msgid "" +"When the package passed to @command{guix size} is available in the store, @command{guix size} queries the daemon to determine its " +"dependencies, and measures its size in the store, similar to @command{du -ms --apparent-size} (@pxref{du invocation,,, coreutils, " +"GNU Coreutils})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6870 +msgid "" +"When the given package is @emph{not} in the store, @command{guix size} reports information based on the available substitutes " +"(@pxref{Substitutes}). This makes it possible it to profile disk usage of store items that are not even on disk, only available " +"remotely." +msgstr "" +"Lorsque le paquet donné n'est @emph{pas} dans le dépôt, @command{guix size} rapporte les informations en se basant sur les " +"substituts disponibles (@pxref{Substituts}). Cela permet de profiler l'utilisation du disque des éléments du dépôt qui ne sont pas " +"sur le disque, mais seulement disponibles à distance." + +#. type: Plain text +#: doc/guix.texi:6872 +msgid "You can also specify several package names:" +msgstr "" + +#. type: example +#: doc/guix.texi:6882 +#, no-wrap +msgid "" +"$ guix size coreutils grep sed bash\n" +"store item total self\n" +"/gnu/store/@dots{}-coreutils-8.24 77.8 13.8 13.4%\n" +"/gnu/store/@dots{}-grep-2.22 73.1 0.8 0.8%\n" +"/gnu/store/@dots{}-bash-4.3.42 72.3 4.7 4.6%\n" +"/gnu/store/@dots{}-readline-6.3 67.6 1.2 1.2%\n" +"@dots{}\n" +"total: 102.3 MiB\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6888 +msgid "" +"In this example we see that the combination of the four packages takes 102.3@tie{}MiB in total, which is much less than the sum of " +"each closure since they have a lot of dependencies in common." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6890 +msgid "The available options are:" +msgstr "" + +#. type: table +#: doc/guix.texi:6896 +msgid "Use substitute information from @var{urls}. @xref{client-substitute-urls, the same option for @code{guix build}}." +msgstr "" + +#. type: item +#: doc/guix.texi:6897 +#, no-wrap +msgid "--sort=@var{key}" +msgstr "" + +#. type: table +#: doc/guix.texi:6899 +msgid "Sort lines according to @var{key}, one of the following options:" +msgstr "" + +#. type: item +#: doc/guix.texi:6901 +#, no-wrap +msgid "self" +msgstr "" + +#. type: table +#: doc/guix.texi:6903 +msgid "the size of each item (the default);" +msgstr "" + +#. type: table +#: doc/guix.texi:6905 +msgid "the total size of the item's closure." +msgstr "" + +#. type: item +#: doc/guix.texi:6907 +#, no-wrap +msgid "--map-file=@var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:6909 +msgid "Write a graphical map of disk usage in PNG format to @var{file}." +msgstr "" + +#. type: table +#: doc/guix.texi:6911 +msgid "For the example above, the map looks like this:" +msgstr "" + +#. type: table +#: doc/guix.texi:6914 +msgid "@image{images/coreutils-size-map,5in,, map of Coreutils disk usage produced by @command{guix size}}" +msgstr "" + +#. type: table +#: doc/guix.texi:6919 +msgid "" +"This option requires that @uref{http://wingolog.org/software/guile-charting/, Guile-Charting} be installed and visible in Guile's " +"module search path. When that is not the case, @command{guix size} fails as it tries to load it." +msgstr "" + +#. type: table +#: doc/guix.texi:6923 +msgid "Consider packages for @var{system}---e.g., @code{x86_64-linux}." +msgstr "" + +#. type: section +#: doc/guix.texi:6927 +#, no-wrap +msgid "Invoking @command{guix graph}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:6929 +#, no-wrap +msgid "DAG" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:6930 +#, no-wrap +msgid "guix graph" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6944 +msgid "" +"Packages and their dependencies form a @dfn{graph}, specifically a directed acyclic graph (DAG). It can quickly become difficult to " +"have a mental model of the package DAG, so the @command{guix graph} command provides a visual representation of the DAG. By " +"default, @command{guix graph} emits a DAG representation in the input format of @uref{http://www.graphviz.org/, Graphviz}, so its " +"output can be passed directly to the @command{dot} command of Graphviz. It can also emit an HTML page with embedded JavaScript code " +"to display a ``chord diagram'' in a Web browser, using the @uref{https://d3js.org/, d3.js} library, or emit Cypher queries to " +"construct a graph in a graph database supporting the @uref{http://www.opencypher.org/, openCypher} query language. The general " +"syntax is:" +msgstr "" + +#. type: example +#: doc/guix.texi:6947 +#, no-wrap +msgid "guix graph @var{options} @var{package}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6952 +msgid "" +"For example, the following command generates a PDF file representing the package DAG for the GNU@tie{}Core Utilities, showing its " +"build-time dependencies:" +msgstr "" + +#. type: example +#: doc/guix.texi:6955 +#, no-wrap +msgid "guix graph coreutils | dot -Tpdf > dag.pdf\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6958 +msgid "The output looks like this:" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6960 +msgid "@image{images/coreutils-graph,2in,,Dependency graph of the GNU Coreutils}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6962 +msgid "Nice little graph, no?" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:6968 +msgid "" +"But there is more than one graph! The one above is concise: it is the graph of package objects, omitting implicit inputs such as " +"GCC, libc, grep, etc. It is often useful to have such a concise graph, but sometimes one may want to see more details. " +"@command{guix graph} supports several types of graphs, allowing you to choose the level of detail:" +msgstr "" + +#. type: table +#: doc/guix.texi:6974 +msgid "" +"This is the default type used in the example above. It shows the DAG of package objects, excluding implicit dependencies. It is " +"concise, but filters out many details." +msgstr "" + +#. type: item +#: doc/guix.texi:6975 +#, no-wrap +msgid "reverse-package" +msgstr "" + +#. type: table +#: doc/guix.texi:6977 +msgid "This shows the @emph{reverse} DAG of packages. For example:" +msgstr "" + +#. type: example +#: doc/guix.texi:6980 +#, no-wrap +msgid "guix graph --type=reverse-package ocaml\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6983 +msgid "... yields the graph of packages that depend on OCaml." +msgstr "" + +#. type: table +#: doc/guix.texi:6988 +msgid "" +"Note that for core packages this can yield huge graphs. If all you want is to know the number of packages that depend on a given " +"package, use @command{guix refresh --list-dependent} (@pxref{Invoking guix refresh, @option{--list-dependent}})." +msgstr "" + +#. type: item +#: doc/guix.texi:6989 +#, no-wrap +msgid "bag-emerged" +msgstr "" + +#. type: table +#: doc/guix.texi:6991 +msgid "This is the package DAG, @emph{including} implicit inputs." +msgstr "" + +#. type: table +#: doc/guix.texi:6993 +msgid "For instance, the following command:" +msgstr "" + +#. type: example +#: doc/guix.texi:6996 +#, no-wrap +msgid "guix graph --type=bag-emerged coreutils | dot -Tpdf > dag.pdf\n" +msgstr "" + +#. type: table +#: doc/guix.texi:6999 +msgid "... yields this bigger graph:" +msgstr "" + +#. type: table +#: doc/guix.texi:7001 +msgid "@image{images/coreutils-bag-graph,,5in,Detailed dependency graph of the GNU Coreutils}" +msgstr "" + +#. type: table +#: doc/guix.texi:7004 +msgid "" +"At the bottom of the graph, we see all the implicit inputs of @var{gnu-build-system} (@pxref{Build Systems, @code{gnu-build-" +"system}})." +msgstr "" + +#. type: table +#: doc/guix.texi:7008 +msgid "" +"Now, note that the dependencies of these implicit inputs---that is, the @dfn{bootstrap dependencies} (@pxref{Bootstrapping})---are " +"not shown here, for conciseness." +msgstr "" + +#. type: item +#: doc/guix.texi:7009 +#, no-wrap +msgid "bag" +msgstr "" + +#. type: table +#: doc/guix.texi:7012 +msgid "Similar to @code{bag-emerged}, but this time including all the bootstrap dependencies." +msgstr "" + +#. type: item +#: doc/guix.texi:7013 +#, no-wrap +msgid "bag-with-origins" +msgstr "" + +#. type: table +#: doc/guix.texi:7015 +msgid "Similar to @code{bag}, but also showing origins and their dependencies." +msgstr "" + +#. type: table +#: doc/guix.texi:7021 +msgid "" +"This is the most detailed representation: It shows the DAG of derivations (@pxref{Derivations}) and plain store items. Compared to " +"the above representation, many additional nodes are visible, including build scripts, patches, Guile modules, etc." +msgstr "" + +#. type: table +#: doc/guix.texi:7024 +msgid "For this type of graph, it is also possible to pass a @file{.drv} file name instead of a package name, as in:" +msgstr "" + +#. type: example +#: doc/guix.texi:7027 +#, no-wrap +msgid "guix graph -t derivation `guix system build -d my-config.scm`\n" +msgstr "" + +#. type: item +#: doc/guix.texi:7029 +#, no-wrap +msgid "module" +msgstr "module" + +#. type: table +#: doc/guix.texi:7033 +msgid "" +"This is the graph of @dfn{package modules} (@pxref{Package Modules}). For example, the following command shows the graph for the " +"package module that defines the @code{guile} package:" +msgstr "" + +#. type: example +#: doc/guix.texi:7036 +#, no-wrap +msgid "guix graph -t module guile | dot -Tpdf > module-graph.pdf\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7041 +msgid "" +"All the types above correspond to @emph{build-time dependencies}. The following graph type represents the @emph{run-time " +"dependencies}:" +msgstr "" + +#. type: item +#: doc/guix.texi:7043 +#, no-wrap +msgid "references" +msgstr "" + +#. type: table +#: doc/guix.texi:7046 +msgid "" +"This is the graph of @dfn{references} of a package output, as returned by @command{guix gc --references} (@pxref{Invoking guix gc})." +msgstr "" + +#. type: table +#: doc/guix.texi:7049 +msgid "" +"If the given package output is not available in the store, @command{guix graph} attempts to obtain dependency information from " +"substitutes." +msgstr "" + +#. type: table +#: doc/guix.texi:7053 +msgid "" +"Here you can also pass a store file name instead of a package name. For example, the command below produces the reference graph of " +"your profile (which can be big!):" +msgstr "" + +#. type: example +#: doc/guix.texi:7056 +#, no-wrap +msgid "guix graph -t references `readlink -f ~/.guix-profile`\n" +msgstr "" + +#. type: item +#: doc/guix.texi:7058 +#, no-wrap +msgid "referrers" +msgstr "" + +#. type: table +#: doc/guix.texi:7061 +msgid "" +"This is the graph of the @dfn{referrers} of a store item, as returned by @command{guix gc --referrers} (@pxref{Invoking guix gc})." +msgstr "" + +#. type: table +#: doc/guix.texi:7067 +msgid "" +"This relies exclusively on local information from your store. For instance, let us suppose that the current Inkscape is available " +"in 10 profiles on your machine; @command{guix graph -t referrers inkscape} will show a graph rooted at Inkscape and with those 10 " +"profiles linked to it." +msgstr "" + +#. type: table +#: doc/guix.texi:7070 +msgid "It can help determine what is preventing a store item from being garbage collected." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7074 +msgid "The available options are the following:" +msgstr "" + +#. type: item +#: doc/guix.texi:7076 +#, no-wrap +msgid "--type=@var{type}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7077 doc/guix.texi:20541 +#, no-wrap +msgid "-t @var{type}" +msgstr "" + +#. type: table +#: doc/guix.texi:7080 +msgid "Produce a graph output of @var{type}, where @var{type} must be one of the values listed above." +msgstr "" + +#. type: item +#: doc/guix.texi:7081 +#, no-wrap +msgid "--list-types" +msgstr "" + +#. type: table +#: doc/guix.texi:7083 +msgid "List the supported graph types." +msgstr "" + +#. type: item +#: doc/guix.texi:7084 +#, no-wrap +msgid "--backend=@var{backend}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7085 +#, no-wrap +msgid "-b @var{backend}" +msgstr "" + +#. type: table +#: doc/guix.texi:7087 +msgid "Produce a graph using the selected @var{backend}." +msgstr "" + +#. type: item +#: doc/guix.texi:7088 +#, no-wrap +msgid "--list-backends" +msgstr "" + +#. type: table +#: doc/guix.texi:7090 +msgid "List the supported graph backends." +msgstr "" + +#. type: table +#: doc/guix.texi:7092 +msgid "Currently, the available backends are Graphviz and d3.js." +msgstr "" + +#. type: example +#: doc/guix.texi:7101 +#, no-wrap +msgid "guix graph -e '(@@@@ (gnu packages commencement) gnu-make-final)'\n" +msgstr "" + +#. type: section +#: doc/guix.texi:7106 +#, no-wrap +msgid "Invoking @command{guix environment}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7108 +#, no-wrap +msgid "reproducible build environments" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7109 +#, no-wrap +msgid "development environments" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:7110 +#, no-wrap +msgid "guix environment" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7111 +#, no-wrap +msgid "environment, package build environment" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7117 +msgid "" +"The purpose of @command{guix environment} is to assist hackers in creating reproducible development environments without polluting " +"their package profile. The @command{guix environment} tool takes one or more packages, builds all of their inputs, and creates a " +"shell environment to use them." +msgstr "" + +#. type: example +#: doc/guix.texi:7122 +#, no-wrap +msgid "guix environment @var{options} @var{package}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7126 +msgid "The following example spawns a new shell set up for the development of GNU@tie{}Guile:" +msgstr "" + +#. type: example +#: doc/guix.texi:7129 +#, no-wrap +msgid "guix environment guile\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7146 +msgid "" +"If the needed dependencies are not built yet, @command{guix environment} automatically builds them. The environment of the new " +"shell is an augmented version of the environment that @command{guix environment} was run in. It contains the necessary search paths " +"for building the given package added to the existing environment variables. To create a ``pure'' environment, in which the original " +"environment variables have been unset, use the @code{--pure} option@footnote{Users sometimes wrongfully augment environment " +"variables such as @code{PATH} in their @file{~/.bashrc} file. As a consequence, when @code{guix environment} launches it, Bash may " +"read @file{~/.bashrc}, thereby introducing ``impurities'' in these environment variables. It is an error to define such environment " +"variables in @file{.bashrc}; instead, they should be defined in @file{.bash_profile}, which is sourced only by log-in shells. " +"@xref{Bash Startup Files,,, bash, The GNU Bash Reference Manual}, for details on Bash start-up files.}." +msgstr "" + +#. type: vindex +#: doc/guix.texi:7147 +#, no-wrap +msgid "GUIX_ENVIRONMENT" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7153 +msgid "" +"@command{guix environment} defines the @code{GUIX_ENVIRONMENT} variable in the shell it spawns; its value is the file name of the " +"profile of this environment. This allows users to, say, define a specific prompt for development environments in their @file{." +"bashrc} (@pxref{Bash Startup Files,,, bash, The GNU Bash Reference Manual}):" +msgstr "" + +#. type: example +#: doc/guix.texi:7159 +#, no-wrap +msgid "" +"if [ -n \"$GUIX_ENVIRONMENT\" ]\n" +"then\n" +" export PS1=\"\\u@@\\h \\w [dev]\\$ \"\n" +"fi\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7163 +msgid "... or to browse the profile:" +msgstr "" + +#. type: example +#: doc/guix.texi:7166 +#, no-wrap +msgid "$ ls \"$GUIX_ENVIRONMENT/bin\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7172 +msgid "" +"Additionally, more than one package may be specified, in which case the union of the inputs for the given packages are used. For " +"example, the command below spawns a shell where all of the dependencies of both Guile and Emacs are available:" +msgstr "" + +#. type: example +#: doc/guix.texi:7175 +#, no-wrap +msgid "guix environment guile emacs\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7180 +msgid "" +"Sometimes an interactive shell session is not desired. An arbitrary command may be invoked by placing the @code{--} token to " +"separate the command from the rest of the arguments:" +msgstr "" + +#. type: example +#: doc/guix.texi:7183 +#, no-wrap +msgid "guix environment guile -- make -j4\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7189 +msgid "" +"In other situations, it is more convenient to specify the list of packages needed in the environment. For example, the following " +"command runs @command{python} from an environment containing Python@tie{}2.7 and NumPy:" +msgstr "" + +#. type: example +#: doc/guix.texi:7192 +#, no-wrap +msgid "guix environment --ad-hoc python2-numpy python-2.7 -- python\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7203 +msgid "" +"Furthermore, one might want the dependencies of a package and also some additional packages that are not build-time or runtime " +"dependencies, but are useful when developing nonetheless. Because of this, the @code{--ad-hoc} flag is positional. Packages " +"appearing before @code{--ad-hoc} are interpreted as packages whose dependencies will be added to the environment. Packages " +"appearing after are interpreted as packages that will be added to the environment directly. For example, the following command " +"creates a Guix development environment that additionally includes Git and strace:" +msgstr "" + +#. type: example +#: doc/guix.texi:7206 +#, no-wrap +msgid "guix environment guix --ad-hoc git strace\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7215 +msgid "" +"Sometimes it is desirable to isolate the environment as much as possible, for maximal purity and reproducibility. In particular, " +"when using Guix on a host distro that is not GuixSD, it is desirable to prevent access to @file{/usr/bin} and other system-wide " +"resources from the development environment. For example, the following command spawns a Guile REPL in a ``container'' where only " +"the store and the current working directory are mounted:" +msgstr "" + +#. type: example +#: doc/guix.texi:7218 +#, no-wrap +msgid "guix environment --ad-hoc --container guile -- guile\n" +msgstr "" + +#. type: quotation +#: doc/guix.texi:7222 +msgid "The @code{--container} option requires Linux-libre 3.19 or newer." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7225 +msgid "The available options are summarized below." +msgstr "" + +#. type: cindex +#: doc/guix.texi:7229 +#, no-wrap +msgid "persistent environment" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7230 +#, no-wrap +msgid "garbage collector root, for environments" +msgstr "" + +#. type: table +#: doc/guix.texi:7233 +msgid "Make @var{file} a symlink to the profile for this environment, and register it as a garbage collector root." +msgstr "" + +#. type: table +#: doc/guix.texi:7236 +msgid "This is useful if you want to protect your environment from garbage collection, to make it ``persistent''." +msgstr "" + +#. type: table +#: doc/guix.texi:7242 +msgid "" +"When this option is omitted, the environment is protected from garbage collection only for the duration of the @command{guix " +"environment} session. This means that next time you recreate the same environment, you could have to rebuild or re-download " +"packages. @xref{Invoking guix gc}, for more on GC roots." +msgstr "" + +#. type: table +#: doc/guix.texi:7247 +msgid "Create an environment for the package or list of packages that @var{expr} evaluates to." +msgstr "" + +#. type: table +#: doc/guix.texi:7249 +msgid "For example, running:" +msgstr "" + +#. type: example +#: doc/guix.texi:7252 +#, no-wrap +msgid "guix environment -e '(@@ (gnu packages maths) petsc-openmpi)'\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7256 +msgid "starts a shell with the environment for this specific variant of the PETSc package." +msgstr "" + +#. type: table +#: doc/guix.texi:7258 +msgid "Running:" +msgstr "" + +#. type: example +#: doc/guix.texi:7261 +#, no-wrap +msgid "guix environment --ad-hoc -e '(@@ (gnu) %base-packages)'\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7264 +msgid "starts a shell with all the GuixSD base packages available." +msgstr "" + +#. type: table +#: doc/guix.texi:7267 +msgid "" +"The above commands only use the default output of the given packages. To select other outputs, two element tuples can be specified:" +msgstr "" + +#. type: example +#: doc/guix.texi:7270 +#, no-wrap +msgid "guix environment --ad-hoc -e '(list (@@ (gnu packages bash) bash) \"include\")'\n" +msgstr "" + +#. type: item +#: doc/guix.texi:7272 +#, no-wrap +msgid "--load=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7273 +#, no-wrap +msgid "-l @var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:7276 +msgid "Create an environment for the package or list of packages that the code within @var{file} evaluates to." +msgstr "" + +#. type: example +#: doc/guix.texi:7282 +#, no-wrap +msgid "@verbatiminclude environment-gdb.scm\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7288 +msgid "Create an environment for the packages contained in the manifest object returned by the Scheme code in @var{file}." +msgstr "" + +#. type: table +#: doc/guix.texi:7292 +msgid "" +"This is similar to the same-named option in @command{guix package} (@pxref{profile-manifest, @option{--manifest}}) and uses the same " +"manifest files." +msgstr "" + +#. type: item +#: doc/guix.texi:7293 +#, no-wrap +msgid "--ad-hoc" +msgstr "" + +#. type: table +#: doc/guix.texi:7298 +msgid "" +"Include all specified packages in the resulting environment, as if an @i{ad hoc} package were defined with them as inputs. This " +"option is useful for quickly creating an environment without having to write a package expression to contain the desired inputs." +msgstr "" + +#. type: table +#: doc/guix.texi:7300 +msgid "For instance, the command:" +msgstr "" + +#. type: example +#: doc/guix.texi:7303 +#, no-wrap +msgid "guix environment --ad-hoc guile guile-sdl -- guile\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7307 +msgid "runs @command{guile} in an environment where Guile and Guile-SDL are available." +msgstr "" + +#. type: table +#: doc/guix.texi:7312 +msgid "" +"Note that this example implicitly asks for the default output of @code{guile} and @code{guile-sdl}, but it is possible to ask for a " +"specific output---e.g., @code{glib:bin} asks for the @code{bin} output of @code{glib} (@pxref{Packages with Multiple Outputs})." +msgstr "" + +#. type: table +#: doc/guix.texi:7318 +msgid "" +"This option may be composed with the default behavior of @command{guix environment}. Packages appearing before @code{--ad-hoc} are " +"interpreted as packages whose dependencies will be added to the environment, the default behavior. Packages appearing after are " +"interpreted as packages that will be added to the environment directly." +msgstr "" + +#. type: item +#: doc/guix.texi:7319 +#, no-wrap +msgid "--pure" +msgstr "" + +#. type: table +#: doc/guix.texi:7323 +msgid "" +"Unset existing environment variables when building the new environment. This has the effect of creating an environment in which " +"search paths only contain package inputs." +msgstr "" + +#. type: item +#: doc/guix.texi:7324 +#, no-wrap +msgid "--search-paths" +msgstr "" + +#. type: table +#: doc/guix.texi:7327 +msgid "Display the environment variable definitions that make up the environment." +msgstr "" + +#. type: table +#: doc/guix.texi:7331 +msgid "Attempt to build for @var{system}---e.g., @code{i686-linux}." +msgstr "" + +#. type: item +#: doc/guix.texi:7332 +#, no-wrap +msgid "--container" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7333 +#, no-wrap +msgid "-C" +msgstr "" + +#. type: item +#: doc/guix.texi:7334 doc/guix.texi:7845 doc/guix.texi:20490 +#, no-wrap +msgid "container" +msgstr "" + +#. type: table +#: doc/guix.texi:7342 +msgid "" +"Run @var{command} within an isolated container. The current working directory outside the container is mapped inside the " +"container. Additionally, unless overridden with @code{--user}, a dummy home directory is created that matches the current user's " +"home directory, and @file{/etc/passwd} is configured accordingly. The spawned process runs as the current user outside the " +"container, but has root privileges in the context of the container." +msgstr "" + +#. type: item +#: doc/guix.texi:7343 +#, no-wrap +msgid "--network" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7344 +#, no-wrap +msgid "-N" +msgstr "" + +#. type: table +#: doc/guix.texi:7348 +msgid "" +"For containers, share the network namespace with the host system. Containers created without this flag only have access to the " +"loopback device." +msgstr "" + +#. type: item +#: doc/guix.texi:7349 +#, no-wrap +msgid "--link-profile" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7350 +#, no-wrap +msgid "-P" +msgstr "" + +#. type: table +#: doc/guix.texi:7357 +msgid "" +"For containers, link the environment profile to @file{~/.guix-profile} within the container. This is equivalent to running the " +"command @command{ln -s $GUIX_ENVIRONMENT ~/.guix-profile} within the container. Linking will fail and abort the environment if the " +"directory already exists, which will certainly be the case if @command{guix environment} was invoked in the user's home directory." +msgstr "" + +#. type: table +#: doc/guix.texi:7364 +msgid "" +"Certain packages are configured to look in @code{~/.guix-profile} for configuration files and data;@footnote{For example, the " +"@code{fontconfig} package inspects @file{~/.guix-profile/share/fonts} for additional fonts.} @code{--link-profile} allows these " +"programs to behave as expected within the environment." +msgstr "" + +#. type: item +#: doc/guix.texi:7365 doc/guix.texi:7517 +#, no-wrap +msgid "--user=@var{user}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7366 doc/guix.texi:7518 +#, no-wrap +msgid "-u @var{user}" +msgstr "" + +#. type: table +#: doc/guix.texi:7372 +msgid "" +"For containers, use the username @var{user} in place of the current user. The generated @file{/etc/passwd} entry within the " +"container will contain the name @var{user}; the home directory will be @file{/home/USER}; and no user GECOS data will be copied. " +"@var{user} need not exist on the system." +msgstr "" + +#. type: table +#: doc/guix.texi:7377 +msgid "" +"Additionally, any shared or exposed path (see @code{--share} and @code{--expose} respectively) whose target is within the current " +"user's home directory will be remapped relative to @file{/home/USER}; this includes the automatic mapping of the current working " +"directory." +msgstr "" + +#. type: example +#: doc/guix.texi:7384 +#, no-wrap +msgid "" +"# will expose paths as /home/foo/wd, /home/foo/test, and /home/foo/target\n" +"cd $HOME/wd\n" +"guix environment --container --user=foo \\\n" +" --expose=$HOME/test \\\n" +" --expose=/tmp/target=$HOME/target\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7389 +msgid "" +"While this will limit the leaking of user identity through home paths and each of the user fields, this is only one useful component " +"of a broader privacy/anonymity solution---not one in and of itself." +msgstr "" + +#. type: item +#: doc/guix.texi:7390 +#, no-wrap +msgid "--expose=@var{source}[=@var{target}]" +msgstr "" + +#. type: table +#: doc/guix.texi:7395 +msgid "" +"For containers, expose the file system @var{source} from the host system as the read-only file system @var{target} within the " +"container. If @var{target} is not specified, @var{source} is used as the target mount point in the container." +msgstr "" + +#. type: table +#: doc/guix.texi:7399 +msgid "" +"The example below spawns a Guile REPL in a container in which the user's home directory is accessible read-only via the @file{/" +"exchange} directory:" +msgstr "" + +#. type: example +#: doc/guix.texi:7402 +#, no-wrap +msgid "guix environment --container --expose=$HOME=/exchange --ad-hoc guile -- guile\n" +msgstr "" + +#. type: item +#: doc/guix.texi:7404 +#, no-wrap +msgid "--share=@var{source}[=@var{target}]" +msgstr "" + +#. type: table +#: doc/guix.texi:7409 +msgid "" +"For containers, share the file system @var{source} from the host system as the writable file system @var{target} within the " +"container. If @var{target} is not specified, @var{source} is used as the target mount point in the container." +msgstr "" + +#. type: table +#: doc/guix.texi:7413 +msgid "" +"The example below spawns a Guile REPL in a container in which the user's home directory is accessible for both reading and writing " +"via the @file{/exchange} directory:" +msgstr "" + +#. type: example +#: doc/guix.texi:7416 +#, no-wrap +msgid "guix environment --container --share=$HOME=/exchange --ad-hoc guile -- guile\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7422 +msgid "" +"@command{guix environment} also supports all of the common build options that @command{guix build} supports (@pxref{Common Build " +"Options})." +msgstr "" + +#. type: section +#: doc/guix.texi:7425 +#, no-wrap +msgid "Invoking @command{guix publish}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:7427 +#, no-wrap +msgid "guix publish" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7431 +msgid "" +"The purpose of @command{guix publish} is to enable users to easily share their store with others, who can then use it as a " +"substitute server (@pxref{Substitutes})." +msgstr "" +"Le but de @command{guix publish} est de vous permettre de partager facilement votre dépôt avec d'autres personnes qui peuvent " +"ensuite l'utiliser comme serveur de substituts (@pxref{Substituts})." + +#. type: Plain text +#: doc/guix.texi:7437 +msgid "" +"When @command{guix publish} runs, it spawns an HTTP server which allows anyone with network access to obtain substitutes from it. " +"This means that any machine running Guix can also act as if it were a build farm, since the HTTP interface is compatible with Hydra, " +"the software behind the @code{hydra.gnu.org} build farm." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7443 +msgid "" +"For security, each substitute is signed, allowing recipients to check their authenticity and integrity (@pxref{Substitutes}). " +"Because @command{guix publish} uses the signing key of the system, which is only readable by the system administrator, it must be " +"started as root; the @code{--user} option makes it drop root privileges early on." +msgstr "" +"Pour des raisons de sécurité, chaque substitut est signé, ce qui permet aux destinataires de vérifier leur authenticité et leur " +"intégrité (@pxref{Substituts}). Comme @command{guix publish} utilise la clef de signature du système, qui n'est lisible que par " +"l'administrateur système, il doit être lancé en root ; l'option @code{--user} lui fait baisser ses privilèges le plus tôt possible." + +#. type: Plain text +#: doc/guix.texi:7447 +msgid "" +"The signing key pair must be generated before @command{guix publish} is launched, using @command{guix archive --generate-key} " +"(@pxref{Invoking guix archive})." +msgstr "" + +#. type: example +#: doc/guix.texi:7452 +#, no-wrap +msgid "guix publish @var{options}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7456 +msgid "Running @command{guix publish} without any additional arguments will spawn an HTTP server on port 8080:" +msgstr "" + +#. type: example +#: doc/guix.texi:7459 +#, no-wrap +msgid "guix publish\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7463 +msgid "Once a publishing server has been authorized (@pxref{Invoking guix archive}), the daemon may download substitutes from it:" +msgstr "" + +#. type: example +#: doc/guix.texi:7466 +#, no-wrap +msgid "guix-daemon --substitute-urls=http://example.org:8080\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7475 +msgid "" +"By default, @command{guix publish} compresses archives on the fly as it serves them. This ``on-the-fly'' mode is convenient in that " +"it requires no setup and is immediately available. However, when serving lots of clients, we recommend using the @option{--cache} " +"option, which enables caching of the archives before they are sent to clients---see below for details. The @command{guix weather} " +"command provides a handy way to check what a server provides (@pxref{Invoking guix weather})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7482 +msgid "" +"As a bonus, @command{guix publish} also serves as a content-addressed mirror for source files referenced in @code{origin} records " +"(@pxref{origin Reference}). For instance, assuming @command{guix publish} is running on @code{example.org}, the following URL " +"returns the raw @file{hello-2.10.tar.gz} file with the given SHA256 hash (represented in @code{nix-base32} format, @pxref{Invoking " +"guix hash}):" +msgstr "" + +#. type: example +#: doc/guix.texi:7485 +#, no-wrap +msgid "http://example.org/file/hello-2.10.tar.gz/sha256/0ssi1@dots{}ndq1i\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7489 +msgid "Obviously, these URLs only work for files that are in the store; in other cases, they return 404 (``Not Found'')." +msgstr "" + +#. type: cindex +#: doc/guix.texi:7490 +#, no-wrap +msgid "build logs, publication" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7492 +msgid "Build logs are available from @code{/log} URLs like:" +msgstr "" + +#. type: example +#: doc/guix.texi:7495 +#, no-wrap +msgid "http://example.org/log/gwspk@dots{}-guile-2.2.3\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7505 +msgid "" +"When @command{guix-daemon} is configured to save compressed build logs, as is the case by default (@pxref{Invoking guix-daemon}), " +"@code{/log} URLs return the compressed log as-is, with an appropriate @code{Content-Type} and/or @code{Content-Encoding} header. We " +"recommend running @command{guix-daemon} with @code{--log-compression=gzip} since Web browsers can automatically decompress it, which " +"is not the case with bzip2 compression." +msgstr "" + +#. type: item +#: doc/guix.texi:7509 +#, no-wrap +msgid "--port=@var{port}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7510 +#, no-wrap +msgid "-p @var{port}" +msgstr "" + +#. type: table +#: doc/guix.texi:7512 +msgid "Listen for HTTP requests on @var{port}." +msgstr "" + +#. type: item +#: doc/guix.texi:7513 doc/guix.texi:16983 +#, no-wrap +msgid "--listen=@var{host}" +msgstr "" + +#. type: table +#: doc/guix.texi:7516 +msgid "Listen on the network interface for @var{host}. The default is to accept connections from any interface." +msgstr "" + +#. type: table +#: doc/guix.texi:7521 +msgid "Change privileges to @var{user} as soon as possible---i.e., once the server socket is open and the signing key has been read." +msgstr "" + +#. type: item +#: doc/guix.texi:7522 +#, no-wrap +msgid "--compression[=@var{level}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7523 +#, no-wrap +msgid "-C [@var{level}]" +msgstr "" + +#. type: table +#: doc/guix.texi:7528 +msgid "" +"Compress data using the given @var{level}. When @var{level} is zero, disable compression. The range 1 to 9 corresponds to " +"different gzip compression levels: 1 is the fastest, and 9 is the best (CPU-intensive). The default is 3." +msgstr "" + +#. type: table +#: doc/guix.texi:7537 +msgid "" +"Unless @option{--cache} is used, compression occurs on the fly and the compressed streams are not cached. Thus, to reduce load on " +"the machine that runs @command{guix publish}, it may be a good idea to choose a low compression level, to run @command{guix publish} " +"behind a caching proxy, or to use @option{--cache}. Using @option{--cache} has the advantage that it allows @command{guix publish} " +"to add @code{Content-Length} HTTP header to its responses." +msgstr "" + +#. type: item +#: doc/guix.texi:7538 +#, no-wrap +msgid "--cache=@var{directory}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7539 +#, no-wrap +msgid "-c @var{directory}" +msgstr "" + +#. type: table +#: doc/guix.texi:7542 +msgid "Cache archives and meta-data (@code{.narinfo} URLs) to @var{directory} and only serve archives that are in cache." +msgstr "" + +#. type: table +#: doc/guix.texi:7550 +msgid "" +"When this option is omitted, archives and meta-data are created on-the-fly. This can reduce the available bandwidth, especially " +"when compression is enabled, since this may become CPU-bound. Another drawback of the default mode is that the length of archives " +"is not known in advance, so @command{guix publish} does not add a @code{Content-Length} HTTP header to its responses, which in turn " +"prevents clients from knowing the amount of data being downloaded." +msgstr "" + +#. type: table +#: doc/guix.texi:7558 +msgid "" +"Conversely, when @option{--cache} is used, the first request for a store item (@i{via} a @code{.narinfo} URL) returns 404 and " +"triggers a background process to @dfn{bake} the archive---computing its @code{.narinfo} and compressing the archive, if needed. " +"Once the archive is cached in @var{directory}, subsequent requests succeed and are served directly from the cache, which guarantees " +"that clients get the best possible bandwidth." +msgstr "" + +#. type: table +#: doc/guix.texi:7562 +msgid "" +"The ``baking'' process is performed by worker threads. By default, one thread per CPU core is created, but this can be customized. " +"See @option{--workers} below." +msgstr "" + +#. type: table +#: doc/guix.texi:7565 +msgid "When @option{--ttl} is used, cached entries are automatically deleted when they have expired." +msgstr "" + +#. type: item +#: doc/guix.texi:7566 +#, no-wrap +msgid "--workers=@var{N}" +msgstr "" + +#. type: table +#: doc/guix.texi:7569 +msgid "When @option{--cache} is used, request the allocation of @var{N} worker threads to ``bake'' archives." +msgstr "" + +#. type: item +#: doc/guix.texi:7570 +#, no-wrap +msgid "--ttl=@var{ttl}" +msgstr "" + +#. type: table +#: doc/guix.texi:7574 +msgid "" +"Produce @code{Cache-Control} HTTP headers that advertise a time-to-live (TTL) of @var{ttl}. @var{ttl} must denote a duration: " +"@code{5d} means 5 days, @code{1m} means 1 month, and so on." +msgstr "" + +#. type: table +#: doc/guix.texi:7579 +msgid "" +"This allows the user's Guix to keep substitute information in cache for @var{ttl}. However, note that @code{guix publish} does not " +"itself guarantee that the store items it provides will indeed remain available for as long as @var{ttl}." +msgstr "" + +#. type: table +#: doc/guix.texi:7583 +msgid "" +"Additionally, when @option{--cache} is used, cached entries that have not been accessed for @var{ttl} and that no longer have a " +"corresponding item in the store, may be deleted." +msgstr "" + +#. type: item +#: doc/guix.texi:7584 +#, no-wrap +msgid "--nar-path=@var{path}" +msgstr "" + +#. type: table +#: doc/guix.texi:7587 +msgid "Use @var{path} as the prefix for the URLs of ``nar'' files (@pxref{Invoking guix archive, normalized archives})." +msgstr "" + +#. type: table +#: doc/guix.texi:7591 +msgid "" +"By default, nars are served at a URL such as @code{/nar/gzip/@dots{}-coreutils-8.25}. This option allows you to change the @code{/" +"nar} part to @var{path}." +msgstr "" + +#. type: item +#: doc/guix.texi:7592 +#, no-wrap +msgid "--public-key=@var{file}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7593 +#, no-wrap +msgid "--private-key=@var{file}" +msgstr "" + +#. type: table +#: doc/guix.texi:7596 +msgid "Use the specific @var{file}s as the public/private key pair used to sign the store items being published." +msgstr "" + +#. type: table +#: doc/guix.texi:7603 +msgid "" +"The files must correspond to the same key pair (the private key is used for signing and the public key is merely advertised in the " +"signature metadata). They must contain keys in the canonical s-expression format as produced by @command{guix archive --generate-" +"key} (@pxref{Invoking guix archive}). By default, @file{/etc/guix/signing-key.pub} and @file{/etc/guix/signing-key.sec} are used." +msgstr "" + +#. type: item +#: doc/guix.texi:7604 +#, no-wrap +msgid "--repl[=@var{port}]" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7605 +#, no-wrap +msgid "-r [@var{port}]" +msgstr "" + +#. type: table +#: doc/guix.texi:7609 +msgid "" +"Spawn a Guile REPL server (@pxref{REPL Servers,,, guile, GNU Guile Reference Manual}) on @var{port} (37146 by default). This is " +"used primarily for debugging a running @command{guix publish} server." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7615 +msgid "" +"Enabling @command{guix publish} on a GuixSD system is a one-liner: just instantiate a @code{guix-publish-service-type} service in " +"the @code{services} field of the @code{operating-system} declaration (@pxref{guix-publish-service-type, @code{guix-publish-service-" +"type}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7618 +msgid "If you are instead running Guix on a ``foreign distro'', follow these instructions:”" +msgstr "" + +#. type: itemize +#: doc/guix.texi:7622 +msgid "If your host distro uses the systemd init system:" +msgstr "" + +#. type: example +#: doc/guix.texi:7627 +#, no-wrap +msgid "" +"# ln -s ~root/.guix-profile/lib/systemd/system/guix-publish.service \\\n" +" /etc/systemd/system/\n" +"# systemctl start guix-publish && systemctl enable guix-publish\n" +msgstr "" + +#. type: example +#: doc/guix.texi:7635 +#, no-wrap +msgid "" +"# ln -s ~root/.guix-profile/lib/upstart/system/guix-publish.conf /etc/init/\n" +"# start guix-publish\n" +msgstr "" + +#. type: itemize +#: doc/guix.texi:7639 +msgid "Otherwise, proceed similarly with your distro's init system." +msgstr "" + +#. type: section +#: doc/guix.texi:7642 +#, no-wrap +msgid "Invoking @command{guix challenge}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7645 +#, no-wrap +msgid "verifiable builds" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:7646 +#, no-wrap +msgid "guix challenge" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7647 +#, no-wrap +msgid "challenge" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7652 +msgid "" +"Do the binaries provided by this server really correspond to the source code it claims to build? Is a package build process " +"deterministic? These are the questions the @command{guix challenge} command attempts to answer." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7660 +msgid "" +"The former is obviously an important question: Before using a substitute server (@pxref{Substitutes}), one had better @emph{verify} " +"that it provides the right binaries, and thus @emph{challenge} it. The latter is what enables the former: If package builds are " +"deterministic, then independent builds of the package should yield the exact same result, bit for bit; if a server provides a binary " +"different from the one obtained locally, it may be either corrupt or malicious." +msgstr "" +"La première question est évidemment importante : avant d'utiliser un serveur de substituts (@pxref{Substituts}), il vaut mieux " +"@emph{vérifier} qu'il fournit les bons binaires et donc le @emph{défier}. La deuxième est ce qui permet la première : si les " +"constructions des paquets sont déterministes alors des constructions indépendantes du paquet devraient donner le même résultat, bit " +"à bit ; si un serveur fournit un binaire différent de celui obtenu localement, il peut être soit corrompu, soit malveillant." + +#. type: Plain text +#: doc/guix.texi:7669 +msgid "" +"We know that the hash that shows up in @file{/gnu/store} file names is the hash of all the inputs of the process that built the file " +"or directory---compilers, libraries, build scripts, etc. (@pxref{Introduction}). Assuming deterministic build processes, one store " +"file name should map to exactly one build output. @command{guix challenge} checks whether there is, indeed, a single mapping by " +"comparing the build outputs of several independent builds of any given store item." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7671 +msgid "The command output looks like this:" +msgstr "" + +#. type: smallexample +#: doc/guix.texi:7688 +#, no-wrap +msgid "" +"$ guix challenge --substitute-urls=\"https://hydra.gnu.org https://guix.example.org\"\n" +"updating list of substitutes from 'https://hydra.gnu.org'... 100.0%\n" +"updating list of substitutes from 'https://guix.example.org'... 100.0%\n" +"/gnu/store/@dots{}-openssl-1.0.2d contents differ:\n" +" local hash: 0725l22r5jnzazaacncwsvp9kgf42266ayyp814v7djxs7nk963q\n" +" https://hydra.gnu.org/nar/@dots{}-openssl-1.0.2d: 0725l22r5jnzazaacncwsvp9kgf42266ayyp814v7djxs7nk963q\n" +" https://guix.example.org/nar/@dots{}-openssl-1.0.2d: 1zy4fmaaqcnjrzzajkdn3f5gmjk754b43qkq47llbyak9z0qjyim\n" +"/gnu/store/@dots{}-git-2.5.0 contents differ:\n" +" local hash: 00p3bmryhjxrhpn2gxs2fy0a15lnip05l97205pgbk5ra395hyha\n" +" https://hydra.gnu.org/nar/@dots{}-git-2.5.0: 069nb85bv4d4a6slrwjdy8v1cn4cwspm3kdbmyb81d6zckj3nq9f\n" +" https://guix.example.org/nar/@dots{}-git-2.5.0: 0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73\n" +"/gnu/store/@dots{}-pius-2.1.1 contents differ:\n" +" local hash: 0k4v3m9z1zp8xzzizb7d8kjj72f9172xv078sq4wl73vnq9ig3ax\n" +" https://hydra.gnu.org/nar/@dots{}-pius-2.1.1: 0k4v3m9z1zp8xzzizb7d8kjj72f9172xv078sq4wl73vnq9ig3ax\n" +" https://guix.example.org/nar/@dots{}-pius-2.1.1: 1cy25x1a4fzq5rk0pmvc8xhwyffnqz95h2bpvqsz2mpvlbccy0gs\n" +"\n" +msgstr "" + +#. type: smallexample +#: doc/guix.texi:7690 +#, no-wrap +msgid "" +"@dots{}\n" +"\n" +msgstr "" + +#. type: smallexample +#: doc/guix.texi:7695 +#, no-wrap +msgid "" +"6,406 store items were analyzed:\n" +" - 4,749 (74.1%) were identical\n" +" - 525 (8.2%) differed\n" +" - 1,132 (17.7%) were inconclusive\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7703 +msgid "" +"In this example, @command{guix challenge} first scans the store to determine the set of locally-built derivations---as opposed to " +"store items that were downloaded from a substitute server---and then queries all the substitute servers. It then reports those " +"store items for which the servers obtained a result different from the local build." +msgstr "" + +#. type: cindex +#: doc/guix.texi:7704 +#, no-wrap +msgid "non-determinism, in package builds" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7715 +msgid "" +"As an example, @code{guix.example.org} always gets a different answer. Conversely, @code{hydra.gnu.org} agrees with local builds, " +"except in the case of Git. This might indicate that the build process of Git is non-deterministic, meaning that its output varies " +"as a function of various things that Guix does not fully control, in spite of building packages in isolated environments " +"(@pxref{Features}). Most common sources of non-determinism include the addition of timestamps in build results, the inclusion of " +"random numbers, and directory listings sorted by inode number. See @uref{https://reproducible-builds.org/docs/}, for more " +"information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7718 +msgid "To find out what is wrong with this Git binary, we can do something along these lines (@pxref{Invoking guix archive}):" +msgstr "" + +#. type: example +#: doc/guix.texi:7723 +#, no-wrap +msgid "" +"$ wget -q -O - https://hydra.gnu.org/nar/@dots{}-git-2.5.0 \\\n" +" | guix archive -x /tmp/git\n" +"$ diff -ur --no-dereference /gnu/store/@dots{}-git.2.5.0 /tmp/git\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7732 +msgid "" +"This command shows the difference between the files resulting from the local build, and the files resulting from the build on " +"@code{hydra.gnu.org} (@pxref{Overview, Comparing and Merging Files,, diffutils, Comparing and Merging Files}). The @command{diff} " +"command works great for text files. When binary files differ, a better option is @uref{https://diffoscope.org/, Diffoscope}, a tool " +"that helps visualize differences for all kinds of files." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7740 +msgid "" +"Once you have done that work, you can tell whether the differences are due to a non-deterministic build process or to a malicious " +"server. We try hard to remove sources of non-determinism in packages to make it easier to verify substitutes, but of course, this " +"is a process that involves not just Guix, but a large part of the free software community. In the meantime, @command{guix " +"challenge} is one tool to help address the problem." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7744 +msgid "" +"If you are writing packages for Guix, you are encouraged to check whether @code{hydra.gnu.org} and other substitute servers obtain " +"the same build result as you did with:" +msgstr "" + +#. type: example +#: doc/guix.texi:7747 +#, no-wrap +msgid "$ guix challenge @var{package}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7752 +msgid "where @var{package} is a package specification such as @code{guile@@2.0} or @code{glibc:debug}." +msgstr "" + +#. type: example +#: doc/guix.texi:7757 +#, no-wrap +msgid "guix challenge @var{options} [@var{packages}@dots{}]\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7764 +msgid "" +"When a difference is found between the hash of a locally-built item and that of a server-provided substitute, or among substitutes " +"provided by different servers, the command displays it as in the example above and its exit code is 2 (other non-zero exit codes " +"denote other kinds of errors.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7766 +msgid "The one option that matters is:" +msgstr "" + +#. type: table +#: doc/guix.texi:7772 +msgid "Consider @var{urls} the whitespace-separated list of substitute source URLs to compare to." +msgstr "" + +#. type: itemx +#: doc/guix.texi:7774 +#, no-wrap +msgid "-v" +msgstr "" + +#. type: table +#: doc/guix.texi:7777 +msgid "Show details about matches (identical contents) in addition to information about mismatches." +msgstr "" + +#. type: section +#: doc/guix.texi:7781 +#, no-wrap +msgid "Invoking @command{guix copy}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7783 +#, no-wrap +msgid "copy, of store items, over SSH" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7784 +#, no-wrap +msgid "SSH, copy of store items" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7785 +#, no-wrap +msgid "sharing store items across machines" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7786 +#, no-wrap +msgid "transferring store items across machines" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7793 +msgid "" +"The @command{guix copy} command copies items from the store of one machine to that of another machine over a secure shell (SSH) " +"connection@footnote{This command is available only when Guile-SSH was found. @xref{Requirements}, for details.}. For example, the " +"following command copies the @code{coreutils} package, the user's profile, and all their dependencies over to @var{host}, logged in " +"as @var{user}:" +msgstr "" + +#. type: example +#: doc/guix.texi:7797 +#, no-wrap +msgid "" +"guix copy --to=@var{user}@@@var{host} \\\n" +" coreutils `readlink -f ~/.guix-profile`\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7801 +msgid "If some of the items to be copied are already present on @var{host}, they are not actually sent." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7804 +msgid "The command below retrieves @code{libreoffice} and @code{gimp} from @var{host}, assuming they are available there:" +msgstr "" + +#. type: example +#: doc/guix.texi:7807 +#, no-wrap +msgid "guix copy --from=@var{host} libreoffice gimp\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7812 +msgid "" +"The SSH connection is established using the Guile-SSH client, which is compatible with OpenSSH: it honors @file{~/.ssh/known_hosts} " +"and @file{~/.ssh/config}, and uses the SSH agent for authentication." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7818 +msgid "" +"The key used to sign items that are sent must be accepted by the remote machine. Likewise, the key used by the remote machine to " +"sign items you are retrieving must be in @file{/etc/guix/acl} so it is accepted by your own daemon. @xref{Invoking guix archive}, " +"for more information about store item authentication." +msgstr "" + +#. type: example +#: doc/guix.texi:7823 +#, no-wrap +msgid "guix copy [--to=@var{spec}|--from=@var{spec}] @var{items}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7826 +msgid "You must always specify one of the following options:" +msgstr "" + +#. type: item +#: doc/guix.texi:7828 +#, no-wrap +msgid "--to=@var{spec}" +msgstr "" + +#. type: itemx +#: doc/guix.texi:7829 +#, no-wrap +msgid "--from=@var{spec}" +msgstr "" + +#. type: table +#: doc/guix.texi:7833 +msgid "" +"Specify the host to send to or receive from. @var{spec} must be an SSH spec such as @code{example.org}, @code{charlie@@example." +"org}, or @code{charlie@@example.org:2222}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7837 +msgid "" +"The @var{items} can be either package names, such as @code{gimp}, or store items, such as @file{/gnu/store/@dots{}-idutils-4.6}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7841 +msgid "" +"When specifying the name of a package to send, it is first built if needed, unless @option{--dry-run} was specified. Common build " +"options are supported (@pxref{Common Build Options})." +msgstr "" + +#. type: section +#: doc/guix.texi:7844 +#, no-wrap +msgid "Invoking @command{guix container}" +msgstr "" + +#. type: command{#1} +#: doc/guix.texi:7846 +#, no-wrap +msgid "guix container" +msgstr "" + +#. type: quotation +#: doc/guix.texi:7850 +msgid "As of version @value{VERSION}, this tool is experimental. The interface is subject to radical change in the future." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7857 +msgid "" +"The purpose of @command{guix container} is to manipulate processes running within an isolated environment, commonly known as a " +"``container'', typically created by the @command{guix environment} (@pxref{Invoking guix environment}) and @command{guix system " +"container} (@pxref{Invoking guix system}) commands." +msgstr "" + +#. type: example +#: doc/guix.texi:7862 +#, no-wrap +msgid "guix container @var{action} @var{options}@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7866 +msgid "" +"@var{action} specifies the operation to perform with a container, and @var{options} specifies the context-specific arguments for the " +"action." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7868 +msgid "The following actions are available:" +msgstr "" + +#. type: item +#: doc/guix.texi:7870 +#, no-wrap +msgid "exec" +msgstr "" + +#. type: table +#: doc/guix.texi:7872 +msgid "Execute a command within the context of a running container." +msgstr "" + +#. type: table +#: doc/guix.texi:7874 +msgid "The syntax is:" +msgstr "" + +#. type: example +#: doc/guix.texi:7877 +#, no-wrap +msgid "guix container exec @var{pid} @var{program} @var{arguments}@dots{}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7883 +msgid "" +"@var{pid} specifies the process ID of the running container. @var{program} specifies an executable file name within the root file " +"system of the container. @var{arguments} are the additional options that will be passed to @var{program}." +msgstr "" + +#. type: table +#: doc/guix.texi:7887 +msgid "" +"The following command launches an interactive login shell inside a GuixSD container, started by @command{guix system container}, and " +"whose process ID is 9001:" +msgstr "" + +#. type: example +#: doc/guix.texi:7890 +#, no-wrap +msgid "guix container exec 9001 /run/current-system/profile/bin/bash --login\n" +msgstr "" + +#. type: table +#: doc/guix.texi:7894 +msgid "" +"Note that the @var{pid} cannot be the parent process of a container. It must be PID 1 of the container or one of its child " +"processes." +msgstr "" + +#. type: section +#: doc/guix.texi:7898 +#, no-wrap +msgid "Invoking @command{guix weather}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7907 +msgid "" +"Occasionally you're grumpy because substitutes are lacking and you end up building packages by yourself (@pxref{Substitutes}). The " +"@command{guix weather} command reports on substitute availability on the specified servers so you can have an idea of whether you'll " +"be grumpy today. It can sometimes be useful info as a user, but it is primarily useful to people running @command{guix publish} " +"(@pxref{Invoking guix publish})." +msgstr "" +"Vous pouvez parfois grogner lorsque les substituts ne sont pas disponibles et que vous devez construire les paquets vous-même " +"(@pxref{Substituts}). La commande @command{guix weather} rapporte la disponibilité des substituts sur les serveurs spécifiés pour " +"que vous sachiez si vous allez raller aujourd'hui. Cela peut parfois être une information utile pour les utilisateurs, mais elle est " +"surtout utile pour les personnes qui font tourner @command{guix publish} (@pxref{Invoking guix publish})." + +#. type: cindex +#: doc/guix.texi:7908 +#, no-wrap +msgid "statistics, for substitutes" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7909 +#, no-wrap +msgid "availability of substitutes" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7910 +#, no-wrap +msgid "substitute availability" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7911 +#, no-wrap +msgid "weather, substitute availability" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7913 +msgid "Here's a sample run:" +msgstr "" + +#. type: example +#: doc/guix.texi:7925 +#, no-wrap +msgid "" +"$ guix weather --substitute-urls=https://guix.example.org\n" +"computing 5,872 package derivations for x86_64-linux...\n" +"looking for 6,128 store items on https://guix.example.org..\n" +"updating list of substitutes from 'https://guix.example.org'... 100.0%\n" +"https://guix.example.org\n" +" 43.4% substitutes available (2,658 out of 6,128)\n" +" 7,032.5 MiB of nars (compressed)\n" +" 19,824.2 MiB on disk (uncompressed)\n" +" 0.030 seconds per request (182.9 seconds in total)\n" +" 33.5 requests per second\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:7935 +#, no-wrap +msgid "" +" 9.8% (342 out of 3,470) of the missing items are queued\n" +" 867 queued builds\n" +" x86_64-linux: 518 (59.7%)\n" +" i686-linux: 221 (25.5%)\n" +" aarch64-linux: 128 (14.8%)\n" +" build rate: 23.41 builds per hour\n" +" x86_64-linux: 11.16 builds per hour\n" +" i686-linux: 6.03 builds per hour\n" +" aarch64-linux: 6.41 builds per hour\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:7937 +#, no-wrap +msgid "continuous integration, statistics" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7946 +msgid "" +"As you can see, it reports the fraction of all the packages for which substitutes are available on the server---regardless of " +"whether substitutes are enabled, and regardless of whether this server's signing key is authorized. It also reports the size of the " +"compressed archives (``nars'') provided by the server, the size the corresponding store items occupy in the store (assuming " +"deduplication is turned off), and the server's throughput. The second part gives continuous integration (CI) statistics, if the " +"server supports it." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7952 +msgid "" +"To achieve that, @command{guix weather} queries over HTTP(S) meta-data (@dfn{narinfos}) for all the relevant store items. Like " +"@command{guix challenge}, it ignores signatures on those substitutes, which is innocuous since the command only gathers statistics " +"and cannot install those substitutes." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7955 +msgid "" +"Among other things, it is possible to query specific system types and specific package sets. The available options are listed below." +msgstr "" + +#. type: table +#: doc/guix.texi:7961 +msgid "" +"@var{urls} is the space-separated list of substitute server URLs to query. When this option is omitted, the default set of " +"substitute servers is queried." +msgstr "" + +#. type: table +#: doc/guix.texi:7967 +msgid "" +"Query substitutes for @var{system}---e.g., @code{aarch64-linux}. This option can be repeated, in which case @command{guix weather} " +"will query substitutes for several system types." +msgstr "" + +#. type: table +#: doc/guix.texi:7973 +msgid "" +"Instead of querying substitutes for all the packages, only ask for those specified in @var{file}. @var{file} must contain a " +"@dfn{manifest}, as with the @code{-m} option of @command{guix package} (@pxref{Invoking guix package})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7991 +msgid "" +"Guix comes with a distribution of the GNU system consisting entirely of free software@footnote{The term ``free'' here refers to the " +"@url{http://www.gnu.org/philosophy/free-sw.html,freedom provided to users of that software}.}. The distribution can be installed on " +"its own (@pxref{System Installation}), but it is also possible to install Guix as a package manager on top of an installed GNU/Linux " +"system (@pxref{Installation}). To distinguish between the two, we refer to the standalone distribution as the Guix System " +"Distribution, or GuixSD." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:7997 +msgid "" +"The distribution provides core GNU packages such as GNU libc, GCC, and Binutils, as well as many GNU and non-GNU applications. The " +"complete list of available packages can be browsed @url{http://www.gnu.org/software/guix/packages,on-line} or by running " +"@command{guix package} (@pxref{Invoking guix package}):" +msgstr "" + +#. type: example +#: doc/guix.texi:8000 +#, no-wrap +msgid "guix package --list-available\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8006 +msgid "" +"Our goal is to provide a practical 100% free software distribution of Linux-based and other variants of GNU, with a focus on the " +"promotion and tight integration of GNU components, and an emphasis on programs and tools that help users exert that freedom." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8008 +msgid "Packages are currently available on the following platforms:" +msgstr "" + +#. type: item +#: doc/guix.texi:8011 doc/guix.texi:8176 +#, no-wrap +msgid "x86_64-linux" +msgstr "" + +#. type: table +#: doc/guix.texi:8013 +msgid "Intel/AMD @code{x86_64} architecture, Linux-Libre kernel;" +msgstr "" + +#. type: item +#: doc/guix.texi:8014 doc/guix.texi:8179 +#, no-wrap +msgid "i686-linux" +msgstr "" + +#. type: table +#: doc/guix.texi:8016 +msgid "Intel 32-bit architecture (IA32), Linux-Libre kernel;" +msgstr "" + +#. type: item +#: doc/guix.texi:8017 +#, no-wrap +msgid "armhf-linux" +msgstr "" + +#. type: table +#: doc/guix.texi:8021 +msgid "" +"ARMv7-A architecture with hard float, Thumb-2 and NEON, using the EABI hard-float application binary interface (ABI), and Linux-" +"Libre kernel." +msgstr "" + +#. type: item +#: doc/guix.texi:8022 +#, no-wrap +msgid "aarch64-linux" +msgstr "" + +#. type: table +#: doc/guix.texi:8026 +msgid "" +"little-endian 64-bit ARMv8-A processors, Linux-Libre kernel. This is currently in an experimental stage, with limited support. " +"@xref{Contributing}, for how to help!" +msgstr "" + +#. type: item +#: doc/guix.texi:8027 +#, no-wrap +msgid "mips64el-linux" +msgstr "" + +#. type: table +#: doc/guix.texi:8030 +msgid "little-endian 64-bit MIPS processors, specifically the Loongson series, n32 ABI, and Linux-Libre kernel." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8034 +msgid "GuixSD itself is currently only available on @code{i686} and @code{x86_64}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8038 +msgid "For information on porting to other architectures or kernels, @pxref{Porting}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8053 +msgid "" +"Building this distribution is a cooperative effort, and you are invited to join! @xref{Contributing}, for information about how you " +"can help." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8057 +#, no-wrap +msgid "installing GuixSD" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8063 +msgid "" +"This section explains how to install the Guix System Distribution (GuixSD) on a machine. The Guix package manager can also be " +"installed on top of a running GNU/Linux system, @pxref{Installation}." +msgstr "" + +#. type: quotation +#: doc/guix.texi:8072 +msgid "" +"You are reading this documentation with an Info reader. For details on how to use it, hit the @key{RET} key (``return'' or " +"``enter'') on the link that follows: @pxref{Top, Info reader,, info-stnd, Stand-alone GNU Info}. Hit @kbd{l} afterwards to come " +"back here." +msgstr "" + +#. type: quotation +#: doc/guix.texi:8075 +msgid "Alternately, run @command{info info} in another tty to keep the manual available." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8100 +msgid "" +"As of version @value{VERSION}, the Guix System Distribution (GuixSD) is not production-ready. It may contain bugs and lack " +"important features. Thus, if you are looking for a stable production system that respects your freedom as a computer user, a good " +"solution at this point is to consider @url{http://www.gnu.org/distros/free-distros.html, one of the more established GNU/Linux " +"distributions}. We hope you can soon switch to the GuixSD without fear, of course. In the meantime, you can also keep using your " +"distribution and try out the package manager on top of it (@pxref{Installation})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8103 +msgid "" +"Before you proceed with the installation, be aware of the following noteworthy limitations applicable to version @value{VERSION}:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:8109 +msgid "" +"The installation process does not include a graphical user interface and requires familiarity with GNU/Linux (see the following " +"subsections to get a feel of what that means.)" +msgstr "" + +#. type: itemize +#: doc/guix.texi:8112 +msgid "Support for the Logical Volume Manager (LVM) is missing." +msgstr "" + +#. type: itemize +#: doc/guix.texi:8116 +msgid "More and more system services are provided (@pxref{Services}), but some may be missing." +msgstr "" + +#. type: itemize +#: doc/guix.texi:8120 +msgid "More than 6,500 packages are available, but you might occasionally find that a useful package is missing." +msgstr "" + +#. type: itemize +#: doc/guix.texi:8125 +msgid "" +"GNOME, Xfce, LXDE, and Enlightenment are available (@pxref{Desktop Services}), as well as a number of X11 window managers. However, " +"some graphical applications may be missing, as well as KDE." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8130 +msgid "" +"You have been warned! But more than a disclaimer, this is an invitation to report issues (and success stories!), and to join us in " +"improving it. @xref{Contributing}, for more info." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8135 +#, no-wrap +msgid "hardware support on GuixSD" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8144 +msgid "" +"GNU@tie{}GuixSD focuses on respecting the user's computing freedom. It builds around the kernel Linux-libre, which means that only " +"hardware for which free software drivers and firmware exist is supported. Nowadays, a wide range of off-the-shelf hardware is " +"supported on GNU/Linux-libre---from keyboards to graphics cards to scanners and Ethernet controllers. Unfortunately, there are " +"still areas where hardware vendors deny users control over their own computing, and such hardware is not supported on GuixSD." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8145 +#, no-wrap +msgid "WiFi, hardware support" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8154 +msgid "" +"One of the main areas where free drivers or firmware are lacking is WiFi devices. WiFi devices known to work include those using " +"Atheros chips (AR9271 and AR7010), which corresponds to the @code{ath9k} Linux-libre driver, and those using Broadcom/AirForce chips " +"(BCM43xx with Wireless-Core Revision 5), which corresponds to the @code{b43-open} Linux-libre driver. Free firmware exists for both " +"and is available out-of-the-box on GuixSD, as part of @var{%base-firmware} (@pxref{operating-system Reference, @code{firmware}})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8155 +#, no-wrap +msgid "RYF, Respects Your Freedom" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8161 +msgid "" +"The @uref{https://www.fsf.org/, Free Software Foundation} runs @uref{https://www.fsf.org/ryf, @dfn{Respects Your Freedom}} (RYF), a " +"certification program for hardware products that respect your freedom and your privacy and ensure that you have control over your " +"device. We encourage you to check the list of RYF-certified devices." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8165 +msgid "" +"Another useful resource is the @uref{https://www.h-node.org/, H-Node} web site. It contains a catalog of hardware devices with " +"information about their support in GNU/Linux." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8174 +msgid "" +"An ISO-9660 installation image that can be written to a USB stick or burnt to a DVD can be downloaded from @indicateurl{ftp://alpha." +"gnu.org/gnu/guix/guixsd-install-@value{VERSION}.@var{system}.iso.xz}, where @var{system} is one of:" +msgstr "" + +#. type: table +#: doc/guix.texi:8178 +msgid "for a GNU/Linux system on Intel/AMD-compatible 64-bit CPUs;" +msgstr "" + +#. type: table +#: doc/guix.texi:8181 +msgid "for a 32-bit GNU/Linux system on Intel-compatible CPUs." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8186 +msgid "" +"Make sure to download the associated @file{.sig} file and to verify the authenticity of the image against it, along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:8190 +#, no-wrap +msgid "" +"$ wget ftp://alpha.gnu.org/gnu/guix/guixsd-install-@value{VERSION}.@var{system}.iso.xz.sig\n" +"$ gpg --verify guixsd-install-@value{VERSION}.@var{system}.iso.xz.sig\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8205 +msgid "" +"This image contains the tools necessary for an installation. It is meant to be copied @emph{as is} to a large-enough USB stick or " +"DVD." +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8206 +#, no-wrap +msgid "Copying to a USB Stick" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8209 +msgid "To copy the image to a USB stick, follow these steps:" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8213 doc/guix.texi:8238 +msgid "Decompress the image using the @command{xz} command:" +msgstr "" + +#. type: example +#: doc/guix.texi:8216 doc/guix.texi:8241 +#, no-wrap +msgid "xz -d guixsd-install-@value{VERSION}.@var{system}.iso.xz\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8222 +msgid "" +"Insert a USB stick of 1@tie{}GiB or more into your machine, and determine its device name. Assuming that the USB stick is known as " +"@file{/dev/sdX}, copy the image with:" +msgstr "" + +#. type: example +#: doc/guix.texi:8226 +#, no-wrap +msgid "" +"dd if=guixsd-install-@value{VERSION}.x86_64-linux.iso of=/dev/sdX\n" +"sync\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8229 +msgid "Access to @file{/dev/sdX} usually requires root privileges." +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8231 +#, no-wrap +msgid "Burning on a DVD" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8234 +msgid "To copy the image to a DVD, follow these steps:" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8247 +msgid "" +"Insert a blank DVD into your machine, and determine its device name. Assuming that the DVD drive is known as @file{/dev/srX}, copy " +"the image with:" +msgstr "" + +#. type: example +#: doc/guix.texi:8250 +#, no-wrap +msgid "growisofs -dvd-compat -Z /dev/srX=guixsd-install-@value{VERSION}.x86_64.iso\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8253 +msgid "Access to @file{/dev/srX} usually requires root privileges." +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8255 +#, no-wrap +msgid "Booting" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8260 +msgid "" +"Once this is done, you should be able to reboot the system and boot from the USB stick or DVD. The latter usually requires you to " +"get in the BIOS or UEFI boot menu, where you can choose to boot from the USB stick." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8263 +msgid "@xref{Installing GuixSD in a VM}, if, instead, you would like to install GuixSD in a virtual machine (VM)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8275 +msgid "" +"Once you have successfully booted your computer using the installation medium, you should end up with a root prompt. Several " +"console TTYs are configured and can be used to run commands as root. TTY2 shows this documentation, browsable using the Info reader " +"commands (@pxref{Top,,, info-stnd, Stand-alone GNU Info}). The installation system runs the GPM mouse daemon, which allows you to " +"select text with the left mouse button and to paste it with the middle button." +msgstr "" + +#. type: quotation +#: doc/guix.texi:8280 +msgid "" +"Installation requires access to the Internet so that any missing dependencies of your system configuration can be downloaded. See " +"the ``Networking'' section below." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8286 +msgid "" +"The installation system includes many common tools needed for this task. But it is also a full-blown GuixSD system, which means " +"that you can install additional packages, should you need it, using @command{guix package} (@pxref{Invoking guix package})." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:8287 +#, no-wrap +msgid "Keyboard Layout" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8289 doc/guix.texi:10360 +#, no-wrap +msgid "keyboard layout" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8293 +msgid "" +"The installation image uses the US qwerty keyboard layout. If you want to change it, you can use the @command{loadkeys} command. " +"For example, the following command selects the Dvorak keyboard layout:" +msgstr "" + +#. type: example +#: doc/guix.texi:8296 +#, no-wrap +msgid "loadkeys dvorak\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8301 +msgid "" +"See the files under @file{/run/current-system/profile/share/keymaps} for a list of available keyboard layouts. Run @command{man " +"loadkeys} for more information." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:8302 +#, no-wrap +msgid "Networking" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8305 +msgid "Run the following command see what your network interfaces are called:" +msgstr "" + +#. type: example +#: doc/guix.texi:8308 +#, no-wrap +msgid "ifconfig -a\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8312 +msgid "@dots{} or, using the GNU/Linux-specific @command{ip} command:" +msgstr "" + +#. type: example +#: doc/guix.texi:8315 +#, no-wrap +msgid "ip a\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8322 +msgid "" +"Wired interfaces have a name starting with @samp{e}; for example, the interface corresponding to the first on-board Ethernet " +"controller is called @samp{eno1}. Wireless interfaces have a name starting with @samp{w}, like @samp{w1p2s0}." +msgstr "" + +#. type: item +#: doc/guix.texi:8324 +#, no-wrap +msgid "Wired connection" +msgstr "" + +#. type: table +#: doc/guix.texi:8327 +msgid "" +"To configure a wired network run the following command, substituting @var{interface} with the name of the wired interface you want " +"to use." +msgstr "" + +#. type: example +#: doc/guix.texi:8330 +#, no-wrap +msgid "ifconfig @var{interface} up\n" +msgstr "" + +#. type: item +#: doc/guix.texi:8332 +#, no-wrap +msgid "Wireless connection" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8333 doc/guix.texi:10714 +#, no-wrap +msgid "wireless" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8334 doc/guix.texi:10715 +#, no-wrap +msgid "WiFi" +msgstr "" + +#. type: table +#: doc/guix.texi:8339 +msgid "" +"To configure wireless networking, you can create a configuration file for the @command{wpa_supplicant} configuration tool (its " +"location is not important) using one of the available text editors such as @command{nano}:" +msgstr "" + +#. type: example +#: doc/guix.texi:8342 +#, no-wrap +msgid "nano wpa_supplicant.conf\n" +msgstr "" + +#. type: table +#: doc/guix.texi:8347 +msgid "" +"As an example, the following stanza can go to this file and will work for many wireless networks, provided you give the actual SSID " +"and passphrase for the network you are connecting to:" +msgstr "" + +#. type: example +#: doc/guix.texi:8354 +#, no-wrap +msgid "" +"network=@{\n" +" ssid=\"@var{my-ssid}\"\n" +" key_mgmt=WPA-PSK\n" +" psk=\"the network's secret passphrase\"\n" +"@}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:8359 +msgid "" +"Start the wireless service and run it in the background with the following command (substitute @var{interface} with the name of the " +"network interface you want to use):" +msgstr "" + +#. type: example +#: doc/guix.texi:8362 +#, no-wrap +msgid "wpa_supplicant -c wpa_supplicant.conf -i @var{interface} -B\n" +msgstr "" + +#. type: table +#: doc/guix.texi:8365 +msgid "Run @command{man wpa_supplicant} for more information." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8367 +#, no-wrap +msgid "DHCP" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8370 +msgid "" +"At this point, you need to acquire an IP address. On a network where IP addresses are automatically assigned @i{via} DHCP, you can " +"run:" +msgstr "" + +#. type: example +#: doc/guix.texi:8373 +#, no-wrap +msgid "dhclient -v @var{interface}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8376 +msgid "Try to ping a server to see if networking is up and running:" +msgstr "" + +#. type: example +#: doc/guix.texi:8379 +#, no-wrap +msgid "ping -c 3 gnu.org\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8383 +msgid "" +"Setting up network access is almost always a requirement because the image does not contain all the software and tools that may be " +"needed." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8384 +#, no-wrap +msgid "installing over SSH" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8387 +msgid "If you want to, you can continue the installation remotely by starting an SSH server:" +msgstr "" + +#. type: example +#: doc/guix.texi:8390 +#, no-wrap +msgid "herd start ssh-daemon\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8394 +msgid "Make sure to either set a password with @command{passwd}, or configure OpenSSH public key authentication before logging in." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:8395 +#, no-wrap +msgid "Disk Partitioning" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8399 +msgid "Unless this has already been done, the next step is to partition, and then format the target partition(s)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8404 +msgid "" +"The installation image includes several partitioning tools, including Parted (@pxref{Overview,,, parted, GNU Parted User Manual}), " +"@command{fdisk}, and @command{cfdisk}. Run it and set up your disk with the partition layout you want:" +msgstr "" + +#. type: example +#: doc/guix.texi:8407 +#, no-wrap +msgid "cfdisk\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8413 +msgid "" +"If your disk uses the GUID Partition Table (GPT) format and you plan to install BIOS-based GRUB (which is the default), make sure a " +"BIOS Boot Partition is available (@pxref{BIOS installation,,, grub, GNU GRUB manual})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8414 +#, no-wrap +msgid "EFI, installation" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8415 +#, no-wrap +msgid "UEFI, installation" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8416 +#, no-wrap +msgid "ESP, EFI system partition" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8420 +msgid "" +"If you instead wish to use EFI-based GRUB, a FAT32 @dfn{EFI System Partition} (ESP) is required. This partition should be mounted " +"at @file{/boot/efi} and must have the @code{esp} flag set. E.g., for @command{parted}:" +msgstr "" + +#. type: example +#: doc/guix.texi:8423 +#, no-wrap +msgid "parted /dev/sda set 1 esp on\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8431 +msgid "" +"Once you are done partitioning the target hard disk drive, you have to create a file system on the relevant " +"partition(s)@footnote{Currently GuixSD only supports ext4 and btrfs file systems. In particular, code that reads file system UUIDs " +"and labels only works for these file system types.}. For the ESP, if you have one and assuming it is @file{/dev/sda2}, run:" +msgstr "" + +#. type: example +#: doc/guix.texi:8434 +#, no-wrap +msgid "mkfs.fat -F32 /dev/sda2\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8442 +msgid "" +"Preferably, assign file systems a label so that you can easily and reliably refer to them in @code{file-system} declarations " +"(@pxref{File Systems}). This is typically done using the @code{-L} option of @command{mkfs.ext4} and related commands. So, " +"assuming the target root partition lives at @file{/dev/sda1}, a file system with the label @code{my-root} can be created with:" +msgstr "" + +#. type: example +#: doc/guix.texi:8445 +#, no-wrap +msgid "mkfs.ext4 -L my-root /dev/sda1\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8447 doc/guix.texi:8836 +#, no-wrap +msgid "encrypted disk" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8454 +msgid "" +"If you are instead planning to encrypt the root partition, you can use the Cryptsetup/LUKS utilities to do that (see " +"@inlinefmtifelse{html, @uref{https://linux.die.net/man/8/cryptsetup, @code{man cryptsetup}}, @code{man cryptsetup}} for more " +"information.) Assuming you want to store the root partition on @file{/dev/sda1}, the command sequence would be along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:8459 +#, no-wrap +msgid "" +"cryptsetup luksFormat /dev/sda1\n" +"cryptsetup open --type luks /dev/sda1 my-partition\n" +"mkfs.ext4 -L my-root /dev/mapper/my-partition\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8464 +msgid "" +"Once that is done, mount the target file system under @file{/mnt} with a command like (again, assuming @code{my-root} is the label " +"of the root file system):" +msgstr "" + +#. type: example +#: doc/guix.texi:8467 +#, no-wrap +msgid "mount LABEL=my-root /mnt\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8473 +msgid "" +"Also mount any other file systems you would like to use on the target system relative to this path. If you have @file{/boot} on a " +"separate partition for example, mount it at @file{/mnt/boot} now so it is found by @code{guix system init} afterwards." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8478 +msgid "" +"Finally, if you plan to use one or more swap partitions (@pxref{Memory Concepts, swap space,, libc, The GNU C Library Reference " +"Manual}), make sure to initialize them with @command{mkswap}. Assuming you have one swap partition on @file{/dev/sda2}, you would " +"run:" +msgstr "" + +#. type: example +#: doc/guix.texi:8482 +#, no-wrap +msgid "" +"mkswap /dev/sda2\n" +"swapon /dev/sda2\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8490 +msgid "" +"Alternatively, you may use a swap file. For example, assuming that in the new system you want to use the file @file{/swapfile} as a " +"swap file, you would run@footnote{This example will work for many types of file systems (e.g., ext4). However, for copy-on-write " +"file systems (e.g., btrfs), the required steps may be different. For details, see the manual pages for @command{mkswap} and " +"@command{swapon}.}:" +msgstr "" + +#. type: example +#: doc/guix.texi:8498 +#, no-wrap +msgid "" +"# This is 10 GiB of swap space. Adjust \"count\" to change the size.\n" +"dd if=/dev/zero of=/mnt/swapfile bs=1MiB count=10240\n" +"# For security, make the file readable and writable only by root.\n" +"chmod 600 /mnt/swapfile\n" +"mkswap /mnt/swapfile\n" +"swapon /mnt/swapfile\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8503 +msgid "" +"Note that if you have encrypted the root partition and created a swap file in its file system as described above, then the " +"encryption also protects the swap file, just like any other file in that file system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8509 +msgid "With the target partitions ready and the target root mounted on @file{/mnt}, we're ready to go. First, run:" +msgstr "" + +#. type: example +#: doc/guix.texi:8512 +#, no-wrap +msgid "herd start cow-store /mnt\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8519 +msgid "" +"This makes @file{/gnu/store} copy-on-write, such that packages added to it during the installation phase are written to the target " +"disk on @file{/mnt} rather than kept in memory. This is necessary because the first phase of the @command{guix system init} command " +"(see below) entails downloads or builds to @file{/gnu/store} which, initially, is an in-memory file system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8530 +msgid "" +"Next, you have to edit a file and provide the declaration of the operating system to be installed. To that end, the installation " +"system comes with three text editors. We recommend GNU nano (@pxref{Top,,, nano, GNU nano Manual}), which supports syntax " +"highlighting and parentheses matching; other editors include GNU Zile (an Emacs clone), and nvi (a clone of the original BSD " +"@command{vi} editor). We strongly recommend storing that file on the target root file system, say, as @file{/mnt/etc/config.scm}. " +"Failing to do that, you will have lost your configuration file once you have rebooted into the newly-installed system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8537 +msgid "" +"@xref{Using the Configuration System}, for an overview of the configuration file. The example configurations discussed in that " +"section are available under @file{/etc/configuration} in the installation image. Thus, to get started with a system configuration " +"providing a graphical display server (a ``desktop'' system), you can run something along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:8542 +#, no-wrap +msgid "" +"# mkdir /mnt/etc\n" +"# cp /etc/configuration/desktop.scm /mnt/etc/config.scm\n" +"# nano /mnt/etc/config.scm\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8546 +msgid "You should pay attention to what your configuration file contains, and in particular:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:8556 +msgid "" +"Make sure the @code{bootloader-configuration} form refers to the target you want to install GRUB on. It should mention @code{grub-" +"bootloader} if you are installing GRUB in the legacy way, or @code{grub-efi-bootloader} for newer UEFI systems. For legacy systems, " +"the @code{target} field names a device, like @code{/dev/sda}; for UEFI systems it names a path to a mounted EFI partition, like " +"@code{/boot/efi}, and do make sure the path is actually mounted." +msgstr "" + +#. type: itemize +#: doc/guix.texi:8562 +msgid "" +"Be sure that your file system labels match the value of their respective @code{device} fields in your @code{file-system} " +"configuration, assuming your @code{file-system} configuration sets the value of @code{title} to @code{'label}." +msgstr "" + +#. type: itemize +#: doc/guix.texi:8566 +msgid "" +"If there are encrypted or RAID partitions, make sure to add a @code{mapped-devices} field to describe them (@pxref{Mapped Devices})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8571 +msgid "" +"Once you are done preparing the configuration file, the new system must be initialized (remember that the target root file system is " +"mounted under @file{/mnt}):" +msgstr "" + +#. type: example +#: doc/guix.texi:8574 +#, no-wrap +msgid "guix system init /mnt/etc/config.scm /mnt\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8581 +msgid "" +"This copies all the necessary files and installs GRUB on @file{/dev/sdX}, unless you pass the @option{--no-bootloader} option. For " +"more information, @pxref{Invoking guix system}. This command may trigger downloads or builds of missing packages, which can take " +"some time." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8588 +msgid "" +"Once that command has completed---and hopefully succeeded!---you can run @command{reboot} and boot into the new system. The " +"@code{root} password in the new system is initially empty; other users' passwords need to be initialized by running the " +"@command{passwd} command as @code{root}, unless your configuration specifies otherwise (@pxref{user-account-password, user account " +"passwords})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8589 +#, no-wrap +msgid "upgrading GuixSD" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8596 +msgid "" +"From then on, you can update GuixSD whenever you want by running @command{guix pull} as @code{root} (@pxref{Invoking guix pull}), " +"and then running @command{guix system reconfigure} to build a new system generation with the latest packages and services " +"(@pxref{Invoking guix system}). We recommend doing that regularly so that your system includes the latest security updates " +"(@pxref{Security Updates})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8600 +msgid "" +"Join us on @code{#guix} on the Freenode IRC network or on @file{guix-devel@@gnu.org} to share your experience---good or not so good." +msgstr "" + +#. type: subsection +#: doc/guix.texi:8602 +#, no-wrap +msgid "Installing GuixSD in a Virtual Machine" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8604 +#, no-wrap +msgid "virtual machine, GuixSD installation" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8605 +#, no-wrap +msgid "virtual private server (VPS)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8606 +#, no-wrap +msgid "VPS (virtual private server)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8610 +msgid "" +"If you'd like to install GuixSD in a virtual machine (VM) or on a virtual private server (VPS) rather than on your beloved machine, " +"this section is for you." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8613 +msgid "To boot a @uref{http://qemu.org/,QEMU} VM for installing GuixSD in a disk image, follow these steps:" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8618 +msgid "First, retrieve and decompress the GuixSD installation image as described previously (@pxref{USB Stick and DVD Installation})." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8622 +msgid "" +"Create a disk image that will hold the installed system. To make a qcow2-formatted disk image, use the @command{qemu-img} command:" +msgstr "" + +#. type: example +#: doc/guix.texi:8625 +#, no-wrap +msgid "qemu-img create -f qcow2 guixsd.img 50G\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8629 +msgid "" +"The resulting file will be much smaller than 50 GB (typically less than 1 MB), but it will grow as the virtualized storage device is " +"filled up." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8632 +msgid "Boot the USB installation image in an VM:" +msgstr "" + +#. type: example +#: doc/guix.texi:8638 +#, no-wrap +msgid "" +"qemu-system-x86_64 -m 1024 -smp 1 \\\n" +" -net user -net nic,model=virtio -boot menu=on \\\n" +" -drive file=guixsd-install-@value{VERSION}.@var{system}.iso \\\n" +" -drive file=guixsd.img\n" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8641 +msgid "The ordering of the drives matters." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8645 +msgid "" +"In the VM console, quickly press the @kbd{F12} key to enter the boot menu. Then press the @kbd{2} key and the @kbd{RET} key to " +"validate your selection." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:8649 +msgid "" +"You're now root in the VM, proceed with the installation process. @xref{Preparing for Installation}, and follow the instructions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8654 +msgid "" +"Once installation is complete, you can boot the system that's on your @file{guixsd.img} image. @xref{Running GuixSD in a VM}, for " +"how to do that." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8658 +#, no-wrap +msgid "installation image" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8661 +msgid "The installation image described above was built using the @command{guix system} command, specifically:" +msgstr "" + +#. type: example +#: doc/guix.texi:8664 +#, no-wrap +msgid "guix system disk-image gnu/system/install.scm\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8669 +msgid "" +"Have a look at @file{gnu/system/install.scm} in the source tree, and see also @ref{Invoking guix system} for more information about " +"the installation image." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8673 +#, no-wrap +msgid "system configuration" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8679 +msgid "" +"The Guix System Distribution supports a consistent whole-system configuration mechanism. By that we mean that all aspects of the " +"global system configuration---such as the available system services, timezone and locale settings, user accounts---are declared in a " +"single place. Such a @dfn{system configuration} can be @dfn{instantiated}---i.e., effected." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8689 +msgid "" +"One of the advantages of putting all the system configuration under the control of Guix is that it supports transactional system " +"upgrades, and makes it possible to roll back to a previous system instantiation, should something go wrong with the new one " +"(@pxref{Features}). Another advantage is that it makes it easy to replicate the exact same configuration across different machines, " +"or at different points in time, without having to resort to additional administration tools layered on top of the own tools of the " +"system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8694 +msgid "" +"This section describes this mechanism. First we focus on the system administrator's viewpoint---explaining how the system is " +"configured and instantiated. Then we show how this mechanism can be extended, for instance to support new system services." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8721 +msgid "" +"The operating system is configured by providing an @code{operating-system} declaration in a file that can then be passed to the " +"@command{guix system} command (@pxref{Invoking guix system}). A simple setup, with the default system services, the default Linux-" +"Libre kernel, initial RAM disk, and boot loader looks like this:" +msgstr "" + +#. type: findex +#: doc/guix.texi:8722 +#, no-wrap +msgid "operating-system" +msgstr "" + +#. type: include +#: doc/guix.texi:8724 +#, no-wrap +msgid "os-config-bare-bones.texi" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8731 +msgid "" +"This example should be self-describing. Some of the fields defined above, such as @code{host-name} and @code{bootloader}, are " +"mandatory. Others, such as @code{packages} and @code{services}, can be omitted, in which case they get a default value." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8736 +msgid "" +"Below we discuss the effect of some of the most important fields (@pxref{operating-system Reference}, for details about all the " +"available fields), and how to @dfn{instantiate} the operating system using @command{guix system}." +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8737 +#, no-wrap +msgid "Globally-Visible Packages" +msgstr "" + +#. type: vindex +#: doc/guix.texi:8739 +#, no-wrap +msgid "%base-packages" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8752 +msgid "" +"The @code{packages} field lists packages that will be globally visible on the system, for all user accounts---i.e., in every user's " +"@code{PATH} environment variable---in addition to the per-user profiles (@pxref{Invoking guix package}). The @var{%base-packages} " +"variable provides all the tools one would expect for basic user and administrator tasks---including the GNU Core Utilities, the GNU " +"Networking Utilities, the GNU Zile lightweight text editor, @command{find}, @command{grep}, etc. The example above adds GNU@tie{}" +"Screen and OpenSSH to those, taken from the @code{(gnu packages screen)} and @code{(gnu packages ssh)} modules (@pxref{Package " +"Modules}). The @code{(list package output)} syntax can be used to add a specific output of a package:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8756 +#, no-wrap +msgid "" +"(use-modules (gnu packages))\n" +"(use-modules (gnu packages dns))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8761 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; ...\n" +" (packages (cons (list bind \"utils\")\n" +" %base-packages)))\n" +msgstr "" + +#. type: findex +#: doc/guix.texi:8763 +#, no-wrap +msgid "specification->package" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8772 +msgid "" +"Referring to packages by variable name, like @code{bind} above, has the advantage of being unambiguous; it also allows typos and " +"such to be diagnosed right away as ``unbound variables''. The downside is that one needs to know which module defines which " +"package, and to augment the @code{use-package-modules} line accordingly. To avoid that, one can use the @code{specification-" +">package} procedure of the @code{(gnu packages)} module, which returns the best package for a given name or name and version:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8775 +#, no-wrap +msgid "" +"(use-modules (gnu packages))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8781 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; ...\n" +" (packages (append (map specification->package\n" +" '(\"tcpdump\" \"htop\" \"gnupg@@2.0\"))\n" +" %base-packages)))\n" +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8783 +#, no-wrap +msgid "System Services" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8785 doc/guix.texi:19871 doc/guix.texi:20789 +#, no-wrap +msgid "services" +msgstr "" + +#. type: vindex +#: doc/guix.texi:8786 +#, no-wrap +msgid "%base-services" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8796 +msgid "" +"The @code{services} field lists @dfn{system services} to be made available when the system starts (@pxref{Services}). The " +"@code{operating-system} declaration above specifies that, in addition to the basic services, we want the @command{lshd} secure shell " +"daemon listening on port 2222 (@pxref{Networking Services, @code{lsh-service}}). Under the hood, @code{lsh-service} arranges so " +"that @code{lshd} is started with the right command-line options, possibly with supporting configuration files generated as needed " +"(@pxref{Defining Services})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8797 +#, no-wrap +msgid "customization, of services" +msgstr "" + +#. type: findex +#: doc/guix.texi:8798 +#, no-wrap +msgid "modify-services" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8802 +msgid "" +"Occasionally, instead of using the base services as is, you will want to customize them. To do this, use @code{modify-services} " +"(@pxref{Service Reference, @code{modify-services}}) to modify the list." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8807 +msgid "" +"For example, suppose you want to modify @code{guix-daemon} and Mingetty (the console log-in) in the @var{%base-services} list " +"(@pxref{Base Services, @code{%base-services}}). To do that, you can write the following in your operating system declaration:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8820 +#, no-wrap +msgid "" +"(define %my-services\n" +" ;; My very own list of services.\n" +" (modify-services %base-services\n" +" (guix-service-type config =>\n" +" (guix-configuration\n" +" (inherit config)\n" +" (use-substitutes? #f)\n" +" (extra-options '(\"--gc-keep-derivations\"))))\n" +" (mingetty-service-type config =>\n" +" (mingetty-configuration\n" +" (inherit config)))))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:8824 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (services %my-services))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8835 +msgid "" +"This changes the configuration---i.e., the service parameters---of the @code{guix-service-type} instance, and that of all the " +"@code{mingetty-service-type} instances in the @var{%base-services} list. Observe how this is accomplished: first, we arrange for " +"the original configuration to be bound to the identifier @code{config} in the @var{body}, and then we write the @var{body} so that " +"it evaluates to the desired configuration. In particular, notice how we use @code{inherit} to create a new configuration which has " +"the same values as the old configuration, but with a few modifications." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8842 +msgid "" +"The configuration for a typical ``desktop'' usage, with an encrypted root partition, the X11 display server, GNOME and Xfce (users " +"can choose which of these desktop environments to use at the log-in screen by pressing @kbd{F1}), network management, power " +"management, and more, would look like this:" +msgstr "" + +#. type: include +#: doc/guix.texi:8844 +#, no-wrap +msgid "os-config-desktop.texi" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8847 +#, no-wrap +msgid "UEFI" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8850 +msgid "" +"A graphical UEFI system with a choice of lightweight window managers instead of full-blown desktop environments would look like this:" +msgstr "" + +#. type: include +#: doc/guix.texi:8852 +#, no-wrap +msgid "os-config-lightweight-desktop.texi" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8858 +msgid "" +"This example refers to the @file{/boot/efi} file system by its UUID, @code{1234-ABCD}. Replace this UUID with the right UUID on " +"your system, as returned by the @command{blkid} command." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8862 +msgid "" +"@xref{Desktop Services}, for the exact list of services provided by @var{%desktop-services}. @xref{X.509 Certificates}, for " +"background information about the @code{nss-certs} package that is used here." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8869 +msgid "" +"Again, @var{%desktop-services} is just a list of service objects. If you want to remove services from there, you can do so using " +"the procedures for list filtering (@pxref{SRFI-1 Filtering and Partitioning,,, guile, GNU Guile Reference Manual}). For instance, " +"the following expression returns a list that contains all the services in @var{%desktop-services} minus the Avahi service:" +msgstr "" + +#. type: example +#: doc/guix.texi:8874 +#, no-wrap +msgid "" +"(remove (lambda (service)\n" +" (eq? (service-kind service) avahi-service-type))\n" +" %desktop-services)\n" +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8876 +#, no-wrap +msgid "Instantiating the System" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8883 +msgid "" +"Assuming the @code{operating-system} declaration is stored in the @file{my-system-config.scm} file, the @command{guix system " +"reconfigure my-system-config.scm} command instantiates that configuration, and makes it the default GRUB boot entry (@pxref{Invoking " +"guix system})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8891 +msgid "" +"The normal way to change the system configuration is by updating this file and re-running @command{guix system reconfigure}. One " +"should never have to touch files in @file{/etc} or to run commands that modify the system state such as @command{useradd} or " +"@command{grub-install}. In fact, you must avoid that since that would not only void your warranty but also prevent you from rolling " +"back to previous versions of your system, should you ever need to." +msgstr "" + +#. type: cindex +#: doc/guix.texi:8892 +#, no-wrap +msgid "roll-back, of the operating system" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8902 +msgid "" +"Speaking of roll-back, each time you run @command{guix system reconfigure}, a new @dfn{generation} of the system is created---" +"without modifying or deleting previous generations. Old system generations get an entry in the bootloader boot menu, allowing you " +"to boot them in case something went wrong with the latest generation. Reassuring, no? The @command{guix system list-generations} " +"command lists the system generations available on disk. It is also possible to roll back the system via the commands @command{guix " +"system roll-back} and @command{guix system switch-generation}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8908 +msgid "" +"Although the command @command{guix system reconfigure} will not modify previous generations, must take care when the current " +"generation is not the latest (e.g., after invoking @command{guix system roll-back}), since the operation might overwrite a later " +"generation (@pxref{Invoking guix system})." +msgstr "" + +#. type: unnumberedsubsubsec +#: doc/guix.texi:8909 +#, no-wrap +msgid "The Programming Interface" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8914 +msgid "" +"At the Scheme level, the bulk of an @code{operating-system} declaration is instantiated with the following monadic procedure " +"(@pxref{The Store Monad}):" +msgstr "" + +#. type: deffn +#: doc/guix.texi:8915 +#, no-wrap +msgid "{Monadic Procedure} operating-system-derivation os" +msgstr "" + +#. type: deffn +#: doc/guix.texi:8918 +msgid "Return a derivation that builds @var{os}, an @code{operating-system} object (@pxref{Derivations})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:8922 +msgid "" +"The output of the derivation is a single directory that refers to all the packages, configuration files, and other supporting files " +"needed to instantiate @var{os}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8927 +msgid "" +"This procedure is provided by the @code{(gnu system)} module. Along with @code{(gnu services)} (@pxref{Services}), this module " +"contains the guts of GuixSD. Make sure to visit it!" +msgstr "" + +#. type: subsection +#: doc/guix.texi:8930 +#, no-wrap +msgid "@code{operating-system} Reference" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:8935 +msgid "" +"This section summarizes all the options available in @code{operating-system} declarations (@pxref{Using the Configuration System})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:8936 +#, no-wrap +msgid "{Data Type} operating-system" +msgstr "" + +#. type: deftp +#: doc/guix.texi:8940 +msgid "" +"This is the data type representing an operating system configuration. By that, we mean all the global system configuration, not per-" +"user configuration (@pxref{Using the Configuration System})." +msgstr "" + +#. type: item +#: doc/guix.texi:8942 +#, no-wrap +msgid "@code{kernel} (default: @var{linux-libre})" +msgstr "" + +#. type: table +#: doc/guix.texi:8946 +msgid "" +"The package object of the operating system kernel to use@footnote{Currently only the Linux-libre kernel is supported. In the " +"future, it will be possible to use the GNU@tie{}Hurd.}." +msgstr "" + +#. type: item +#: doc/guix.texi:8947 +#, no-wrap +msgid "@code{kernel-arguments} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:8950 +msgid "" +"List of strings or gexps representing additional arguments to pass on the command-line of the kernel---e.g., " +"@code{(\"console=ttyS0\")}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:8951 doc/guix.texi:20068 doc/guix.texi:20087 +#, no-wrap +msgid "bootloader" +msgstr "" + +#. type: table +#: doc/guix.texi:8953 +msgid "The system bootloader configuration object. @xref{Bootloader Configuration}." +msgstr "" + +#. type: item +#: doc/guix.texi:8954 +#, no-wrap +msgid "@code{initrd-modules} (default: @code{%base-initrd-modules})" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:8955 doc/guix.texi:19908 doc/guix.texi:20011 doc/guix.texi:20206 +#, no-wrap +msgid "initrd" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8956 doc/guix.texi:19909 doc/guix.texi:20012 +#, no-wrap +msgid "initial RAM disk" +msgstr "" + +#. type: table +#: doc/guix.texi:8959 +msgid "The list of Linux kernel modules that need to be available in the initial RAM disk. @xref{Initial RAM Disk}." +msgstr "" + +#. type: item +#: doc/guix.texi:8960 +#, no-wrap +msgid "@code{initrd} (default: @code{base-initrd})" +msgstr "" + +#. type: table +#: doc/guix.texi:8964 +msgid "" +"A monadic procedure that returns an initial RAM disk for the Linux kernel. This field is provided to support low-level " +"customization and should rarely be needed for casual use. @xref{Initial RAM Disk}." +msgstr "" + +#. type: item +#: doc/guix.texi:8965 +#, no-wrap +msgid "@code{firmware} (default: @var{%base-firmware})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8966 +#, no-wrap +msgid "firmware" +msgstr "" + +#. type: table +#: doc/guix.texi:8968 +msgid "List of firmware packages loadable by the operating system kernel." +msgstr "" + +#. type: table +#: doc/guix.texi:8973 +msgid "" +"The default includes firmware needed for Atheros- and Broadcom-based WiFi devices (Linux-libre modules @code{ath9k} and @code{b43-" +"open}, respectively). @xref{Hardware Considerations}, for more info on supported hardware." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:8974 +#, no-wrap +msgid "host-name" +msgstr "" + +#. type: table +#: doc/guix.texi:8976 +msgid "The host name." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:8977 +#, no-wrap +msgid "hosts-file" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8978 +#, no-wrap +msgid "hosts file" +msgstr "" + +#. type: table +#: doc/guix.texi:8983 +msgid "" +"A file-like object (@pxref{G-Expressions, file-like objects}) for use as @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C " +"Library Reference Manual}). The default is a file with entries for @code{localhost} and @var{host-name}." +msgstr "" + +#. type: item +#: doc/guix.texi:8984 +#, no-wrap +msgid "@code{mapped-devices} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:8986 +msgid "A list of mapped devices. @xref{Mapped Devices}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:8987 +#, no-wrap +msgid "file-systems" +msgstr "" + +#. type: table +#: doc/guix.texi:8989 +msgid "A list of file systems. @xref{File Systems}." +msgstr "" + +#. type: item +#: doc/guix.texi:8990 +#, no-wrap +msgid "@code{swap-devices} (default: @code{'()})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:8991 +#, no-wrap +msgid "swap devices" +msgstr "" + +#. type: table +#: doc/guix.texi:8998 +msgid "" +"A list of strings identifying devices or files to be used for ``swap space'' (@pxref{Memory Concepts,,, libc, The GNU C Library " +"Reference Manual}). For example, @code{'(\"/dev/sda3\")} or @code{'(\"/swapfile\")}. It is possible to specify a swap file in a " +"file system on a mapped device, provided that the necessary device mapping and file system are also specified. @xref{Mapped " +"Devices} and @ref{File Systems}." +msgstr "" + +#. type: item +#: doc/guix.texi:8999 +#, no-wrap +msgid "@code{users} (default: @code{%base-user-accounts})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:9000 +#, no-wrap +msgid "@code{groups} (default: @var{%base-groups})" +msgstr "" + +#. type: table +#: doc/guix.texi:9002 +msgid "List of user accounts and groups. @xref{User Accounts}." +msgstr "" + +#. type: table +#: doc/guix.texi:9005 +msgid "If the @code{users} list lacks a user account with UID@tie{}0, a ``root'' account with UID@tie{}0 is automatically added." +msgstr "" + +#. type: item +#: doc/guix.texi:9006 +#, no-wrap +msgid "@code{skeletons} (default: @code{(default-skeletons)})" +msgstr "" + +#. type: table +#: doc/guix.texi:9010 +msgid "" +"A list target file name/file-like object tuples (@pxref{G-Expressions, file-like objects}). These are the skeleton files that will " +"be added to the home directory of newly-created user accounts." +msgstr "" + +#. type: table +#: doc/guix.texi:9012 +msgid "For instance, a valid value may look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:9018 +#, no-wrap +msgid "" +"`((\".bashrc\" ,(plain-file \"bashrc\" \"echo Hello\\n\"))\n" +" (\".guile\" ,(plain-file \"guile\"\n" +" \"(use-modules (ice-9 readline))\n" +" (activate-readline)\")))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:9020 +#, no-wrap +msgid "@code{issue} (default: @var{%default-issue})" +msgstr "" + +#. type: table +#: doc/guix.texi:9023 +msgid "A string denoting the contents of the @file{/etc/issue} file, which is displayed when users log in on a text console." +msgstr "" + +#. type: item +#: doc/guix.texi:9024 +#, no-wrap +msgid "@code{packages} (default: @var{%base-packages})" +msgstr "" + +#. type: table +#: doc/guix.texi:9027 +msgid "The set of packages installed in the global profile, which is accessible at @file{/run/current-system/profile}." +msgstr "" + +#. type: table +#: doc/guix.texi:9031 +msgid "" +"The default set includes core utilities and it is good practice to install non-core utilities in user profiles (@pxref{Invoking guix " +"package})." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9032 +#, no-wrap +msgid "timezone" +msgstr "" + +#. type: table +#: doc/guix.texi:9034 +msgid "A timezone identifying string---e.g., @code{\"Europe/Paris\"}." +msgstr "" + +#. type: table +#: doc/guix.texi:9038 +msgid "" +"You can run the @command{tzselect} command to find out which timezone string corresponds to your region. Choosing an invalid " +"timezone name causes @command{guix system} to fail." +msgstr "" + +#. type: item +#: doc/guix.texi:9039 +#, no-wrap +msgid "@code{locale} (default: @code{\"en_US.utf8\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:9042 +msgid "" +"The name of the default locale (@pxref{Locale Names,,, libc, The GNU C Library Reference Manual}). @xref{Locales}, for more " +"information." +msgstr "" + +#. type: item +#: doc/guix.texi:9043 +#, no-wrap +msgid "@code{locale-definitions} (default: @var{%default-locale-definitions})" +msgstr "" + +#. type: table +#: doc/guix.texi:9046 +msgid "The list of locale definitions to be compiled and that may be used at run time. @xref{Locales}." +msgstr "" + +#. type: item +#: doc/guix.texi:9047 +#, no-wrap +msgid "@code{locale-libcs} (default: @code{(list @var{glibc})})" +msgstr "" + +#. type: table +#: doc/guix.texi:9051 +msgid "" +"The list of GNU@tie{}libc packages whose locale data and tools are used to build the locale definitions. @xref{Locales}, for " +"compatibility considerations that justify this option." +msgstr "" + +#. type: item +#: doc/guix.texi:9052 +#, no-wrap +msgid "@code{name-service-switch} (default: @var{%default-nss})" +msgstr "" + +#. type: table +#: doc/guix.texi:9056 +msgid "" +"Configuration of the libc name service switch (NSS)---a @code{} object. @xref{Name Service Switch}, for " +"details." +msgstr "" + +#. type: item +#: doc/guix.texi:9057 +#, no-wrap +msgid "@code{services} (default: @var{%base-services})" +msgstr "" + +#. type: table +#: doc/guix.texi:9059 +msgid "A list of service objects denoting system services. @xref{Services}." +msgstr "" + +#. type: item +#: doc/guix.texi:9060 +#, no-wrap +msgid "@code{pam-services} (default: @code{(base-pam-services)})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9061 +#, no-wrap +msgid "PAM" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9062 +#, no-wrap +msgid "pluggable authentication modules" +msgstr "" + +#. type: table +#: doc/guix.texi:9065 +msgid "Linux @dfn{pluggable authentication module} (PAM) services." +msgstr "" + +#. type: item +#: doc/guix.texi:9066 +#, no-wrap +msgid "@code{setuid-programs} (default: @var{%setuid-programs})" +msgstr "" + +#. type: table +#: doc/guix.texi:9069 +msgid "List of string-valued G-expressions denoting setuid programs. @xref{Setuid Programs}." +msgstr "" + +#. type: item +#: doc/guix.texi:9070 +#, no-wrap +msgid "@code{sudoers-file} (default: @var{%sudoers-specification})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9071 +#, no-wrap +msgid "sudoers file" +msgstr "" + +#. type: table +#: doc/guix.texi:9074 +msgid "" +"The contents of the @file{/etc/sudoers} file as a file-like object (@pxref{G-Expressions, @code{local-file} and @code{plain-file}})." +msgstr "" + +#. type: table +#: doc/guix.texi:9079 +msgid "" +"This file specifies which users can use the @command{sudo} command, what they are allowed to do, and what privileges they may gain. " +"The default is that only @code{root} and members of the @code{wheel} group may use @code{sudo}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9090 +msgid "" +"The list of file systems to be mounted is specified in the @code{file-systems} field of the operating system declaration " +"(@pxref{Using the Configuration System}). Each file system is declared using the @code{file-system} form, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:9096 +#, no-wrap +msgid "" +"(file-system\n" +" (mount-point \"/home\")\n" +" (device \"/dev/sda3\")\n" +" (type \"ext4\"))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9100 +msgid "" +"As usual, some of the fields are mandatory---those shown in the example above---while others can be omitted. These are described " +"below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9101 +#, no-wrap +msgid "{Data Type} file-system" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9104 +msgid "Objects of this type represent file systems to be mounted. They contain the following members:" +msgstr "" + +#. type: item +#: doc/guix.texi:9106 doc/guix.texi:9290 +#, no-wrap +msgid "type" +msgstr "" + +#. type: table +#: doc/guix.texi:9109 +msgid "This is a string specifying the type of the file system---e.g., @code{\"ext4\"}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9110 +#, no-wrap +msgid "mount-point" +msgstr "" + +#. type: table +#: doc/guix.texi:9112 +msgid "This designates the place where the file system is to be mounted." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9113 +#, no-wrap +msgid "device" +msgstr "" + +#. type: table +#: doc/guix.texi:9117 +msgid "" +"This names the ``source'' of the file system. By default it is the name of a node under @file{/dev}, but its meaning depends on the " +"@code{title} field described below." +msgstr "" + +#. type: item +#: doc/guix.texi:9118 +#, no-wrap +msgid "@code{title} (default: @code{'device})" +msgstr "" + +#. type: table +#: doc/guix.texi:9121 +msgid "This is a symbol that specifies how the @code{device} field is to be interpreted." +msgstr "" + +#. type: table +#: doc/guix.texi:9126 +msgid "" +"When it is the symbol @code{device}, then the @code{device} field is interpreted as a file name; when it is @code{label}, then " +"@code{device} is interpreted as a file system label name; when it is @code{uuid}, @code{device} is interpreted as a file system " +"unique identifier (UUID)." +msgstr "" + +#. type: table +#: doc/guix.texi:9134 +msgid "" +"UUIDs may be converted from their string representation (as shown by the @command{tune2fs -l} command) using the @code{uuid} " +"form@footnote{The @code{uuid} form expects 16-byte UUIDs as defined in @uref{https://tools.ietf.org/html/rfc4122, RFC@tie{}4122}. " +"This is the form of UUID used by the ext2 family of file systems and others, but it is different from ``UUIDs'' found in FAT file " +"systems, for instance.}, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:9141 +#, no-wrap +msgid "" +"(file-system\n" +" (mount-point \"/home\")\n" +" (type \"ext4\")\n" +" (title 'uuid)\n" +" (device (uuid \"4dab5feb-d176-45de-b287-9b0a6e4c01cb\")))\n" +msgstr "" + +#. type: table +#: doc/guix.texi:9150 +msgid "" +"The @code{label} and @code{uuid} options offer a way to refer to file systems without having to hard-code their actual device " +"name@footnote{Note that, while it is tempting to use @file{/dev/disk/by-uuid} and similar device names to achieve the same result, " +"this is not recommended: These special device nodes are created by the udev daemon and may be unavailable at the time the device is " +"mounted.}." +msgstr "" + +#. type: table +#: doc/guix.texi:9157 +msgid "" +"However, when the source of a file system is a mapped device (@pxref{Mapped Devices}), its @code{device} field @emph{must} refer to " +"the mapped device name---e.g., @file{/dev/mapper/root-partition}---and consequently @code{title} must be set to @code{'device}. " +"This is required so that the system knows that mounting the file system depends on having the corresponding device mapping " +"established." +msgstr "" + +#. type: item +#: doc/guix.texi:9158 +#, no-wrap +msgid "@code{flags} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:9163 +msgid "" +"This is a list of symbols denoting mount flags. Recognized flags include @code{read-only}, @code{bind-mount}, @code{no-dev} " +"(disallow access to special files), @code{no-suid} (ignore setuid and setgid bits), and @code{no-exec} (disallow program execution.)" +msgstr "" + +#. type: item +#: doc/guix.texi:9164 +#, no-wrap +msgid "@code{options} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9166 +msgid "This is either @code{#f}, or a string denoting mount options." +msgstr "" + +#. type: item +#: doc/guix.texi:9167 +#, no-wrap +msgid "@code{mount?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:9172 +msgid "" +"This value indicates whether to automatically mount the file system when the system is brought up. When set to @code{#f}, the file " +"system gets an entry in @file{/etc/fstab} (read by the @command{mount} command) but is not automatically mounted." +msgstr "" + +#. type: item +#: doc/guix.texi:9173 +#, no-wrap +msgid "@code{needed-for-boot?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9178 +msgid "" +"This Boolean value indicates whether the file system is needed when booting. If that is true, then the file system is mounted when " +"the initial RAM disk (initrd) is loaded. This is always the case, for instance, for the root file system." +msgstr "" + +#. type: item +#: doc/guix.texi:9179 +#, no-wrap +msgid "@code{check?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:9182 +msgid "This Boolean indicates whether the file system needs to be checked for errors before being mounted." +msgstr "" + +#. type: item +#: doc/guix.texi:9183 +#, no-wrap +msgid "@code{create-mount-point?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9185 +msgid "When true, the mount point is created if it does not exist yet." +msgstr "" + +#. type: item +#: doc/guix.texi:9186 +#, no-wrap +msgid "@code{dependencies} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:9190 +msgid "" +"This is a list of @code{} or @code{} objects representing file systems that must be mounted or mapped " +"devices that must be opened before (and unmounted or closed after) this one." +msgstr "" + +#. type: table +#: doc/guix.texi:9194 +msgid "" +"As an example, consider a hierarchy of mounts: @file{/sys/fs/cgroup} is a dependency of @file{/sys/fs/cgroup/cpu} and @file{/sys/fs/" +"cgroup/memory}." +msgstr "" + +#. type: table +#: doc/guix.texi:9197 +msgid "" +"Another example is a file system that depends on a mapped device, for example for an encrypted partition (@pxref{Mapped Devices})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9202 +msgid "The @code{(gnu system file-systems)} exports the following useful variables." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9203 +#, no-wrap +msgid "{Scheme Variable} %base-file-systems" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9208 +msgid "" +"These are essential file systems that are required on normal systems, such as @var{%pseudo-terminal-file-system} and @var{%immutable-" +"store} (see below.) Operating system declarations should always contain at least these." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9210 +#, no-wrap +msgid "{Scheme Variable} %pseudo-terminal-file-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9216 +msgid "" +"This is the file system to be mounted as @file{/dev/pts}. It supports @dfn{pseudo-terminals} created @i{via} @code{openpty} and " +"similar functions (@pxref{Pseudo-Terminals,,, libc, The GNU C Library Reference Manual}). Pseudo-terminals are used by terminal " +"emulators such as @command{xterm}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9218 +#, no-wrap +msgid "{Scheme Variable} %shared-memory-file-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9222 +msgid "" +"This file system is mounted as @file{/dev/shm} and is used to support memory sharing across processes (@pxref{Memory-mapped I/O, " +"@code{shm_open},, libc, The GNU C Library Reference Manual})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9224 +#, no-wrap +msgid "{Scheme Variable} %immutable-store" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9229 +msgid "" +"This file system performs a read-only ``bind mount'' of @file{/gnu/store}, making it read-only for all the users including " +"@code{root}. This prevents against accidental modification by software running as @code{root} or by system administrators." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9232 +msgid "The daemon itself is still able to write to the store: it remounts it read-write in its own ``name space.''" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9234 +#, no-wrap +msgid "{Scheme Variable} %binary-format-file-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9238 +msgid "" +"The @code{binfmt_misc} file system, which allows handling of arbitrary executable file types to be delegated to user space. This " +"requires the @code{binfmt.ko} kernel module to be loaded." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9240 +#, no-wrap +msgid "{Scheme Variable} %fuse-control-file-system" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9244 +msgid "" +"The @code{fusectl} file system, which allows unprivileged users to mount and unmount user-space FUSE file systems. This requires " +"the @code{fuse.ko} kernel module to be loaded." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9249 +#, no-wrap +msgid "device mapping" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9250 +#, no-wrap +msgid "mapped devices" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9268 +msgid "" +"The Linux kernel has a notion of @dfn{device mapping}: a block device, such as a hard disk partition, can be @dfn{mapped} into " +"another device, usually in @code{/dev/mapper/}, with additional processing over the data that flows through it@footnote{Note that " +"the GNU@tie{}Hurd makes no difference between the concept of a ``mapped device'' and that of a file system: both boil down to " +"@emph{translating} input/output operations made on a file to operations on its backing store. Thus, the Hurd implements mapped " +"devices, like file systems, using the generic @dfn{translator} mechanism (@pxref{Translators,,, hurd, The GNU Hurd Reference " +"Manual}).}. A typical example is encryption device mapping: all writes to the mapped device are encrypted, and all reads are " +"deciphered, transparently. Guix extends this notion by considering any device or set of devices that are @dfn{transformed} in some " +"way to create a new device; for instance, RAID devices are obtained by @dfn{assembling} several other devices, such as hard disks or " +"partitions, into a new one that behaves as one partition. Other examples, not yet implemented, are LVM logical volumes." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9271 +msgid "Mapped devices are declared using the @code{mapped-device} form, defined as follows; for examples, see below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9272 +#, no-wrap +msgid "{Data Type} mapped-device" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9275 +msgid "Objects of this type represent device mappings that will be made when the system boots up." +msgstr "" + +#. type: table +#: doc/guix.texi:9281 +msgid "" +"This is either a string specifying the name of the block device to be mapped, such as @code{\"/dev/sda3\"}, or a list of such " +"strings when several devices need to be assembled for creating a new one." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9282 doc/guix.texi:20100 +#, no-wrap +msgid "target" +msgstr "" + +#. type: table +#: doc/guix.texi:9289 +msgid "" +"This string specifies the name of the resulting mapped device. For kernel mappers such as encrypted devices of type @code{luks-" +"device-mapping}, specifying @code{\"my-partition\"} leads to the creation of the @code{\"/dev/mapper/my-partition\"} device. For " +"RAID devices of type @code{raid-device-mapping}, the full device name such as @code{\"/dev/md0\"} needs to be given." +msgstr "" + +#. type: table +#: doc/guix.texi:9293 +msgid "This must be a @code{mapped-device-kind} object, which specifies how @var{source} is mapped to @var{target}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9296 +#, no-wrap +msgid "{Scheme Variable} luks-device-mapping" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9300 +msgid "" +"This defines LUKS block device encryption using the @command{cryptsetup} command from the package with the same name. It relies on " +"the @code{dm-crypt} Linux kernel module." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9302 +#, no-wrap +msgid "{Scheme Variable} raid-device-mapping" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9307 +msgid "" +"This defines a RAID device, which is assembled using the @code{mdadm} command from the package with the same name. It requires a " +"Linux kernel module for the appropriate RAID level to be loaded, such as @code{raid456} for RAID-4, RAID-5 or RAID-6, or " +"@code{raid10} for RAID-10." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9309 +#, no-wrap +msgid "disk encryption" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9310 +#, no-wrap +msgid "LUKS" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9318 +msgid "" +"The following example specifies a mapping from @file{/dev/sda3} to @file{/dev/mapper/home} using LUKS---the @url{https://gitlab.com/" +"cryptsetup/cryptsetup,Linux Unified Key Setup}, a standard mechanism for disk encryption. The @file{/dev/mapper/home} device can " +"then be used as the @code{device} of a @code{file-system} declaration (@pxref{File Systems})." +msgstr "" + +#. type: example +#: doc/guix.texi:9324 +#, no-wrap +msgid "" +"(mapped-device\n" +" (source \"/dev/sda3\")\n" +" (target \"home\")\n" +" (type luks-device-mapping))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9329 +msgid "" +"Alternatively, to become independent of device numbering, one may obtain the LUKS UUID (@dfn{unique identifier}) of the source " +"device by a command like:" +msgstr "" + +#. type: example +#: doc/guix.texi:9332 +#, no-wrap +msgid "cryptsetup luksUUID /dev/sda3\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9335 +msgid "and use it as follows:" +msgstr "" + +#. type: example +#: doc/guix.texi:9341 +#, no-wrap +msgid "" +"(mapped-device\n" +" (source (uuid \"cb67fc72-0d54-4c88-9d4b-b225f30b0f44\"))\n" +" (target \"home\")\n" +" (type luks-device-mapping))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9343 +#, no-wrap +msgid "swap encryption" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9349 +msgid "" +"It is also desirable to encrypt swap space, since swap space may contain sensitive data. One way to accomplish that is to use a " +"swap file in a file system on a device mapped via LUKS encryption. In this way, the swap file is encrypted because the entire " +"device is encrypted. @xref{Preparing for Installation,,Disk Partitioning}, for an example." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9352 +msgid "A RAID device formed of the partitions @file{/dev/sda1} and @file{/dev/sdb1} may be declared as follows:" +msgstr "" + +#. type: example +#: doc/guix.texi:9358 +#, no-wrap +msgid "" +"(mapped-device\n" +" (source (list \"/dev/sda1\" \"/dev/sdb1\"))\n" +" (target \"/dev/md0\")\n" +" (type raid-device-mapping))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9365 +msgid "" +"The @file{/dev/md0} device can then be used as the @code{device} of a @code{file-system} declaration (@pxref{File Systems}). Note " +"that the RAID level need not be given; it is chosen during the initial creation and formatting of the RAID device and is determined " +"automatically later." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9370 +#, no-wrap +msgid "users" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9371 +#, no-wrap +msgid "accounts" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9372 +#, no-wrap +msgid "user accounts" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9376 +msgid "" +"User accounts and groups are entirely managed through the @code{operating-system} declaration. They are specified with the " +"@code{user-account} and @code{user-group} forms:" +msgstr "" + +#. type: example +#: doc/guix.texi:9387 +#, no-wrap +msgid "" +"(user-account\n" +" (name \"alice\")\n" +" (group \"users\")\n" +" (supplementary-groups '(\"wheel\" ;allow use of sudo, etc.\n" +" \"audio\" ;sound card\n" +" \"video\" ;video devices such as webcams\n" +" \"cdrom\")) ;the good ol' CD-ROM\n" +" (comment \"Bob's sister\")\n" +" (home-directory \"/home/alice\"))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9396 +msgid "" +"When booting or upon completion of @command{guix system reconfigure}, the system ensures that only the user accounts and groups " +"specified in the @code{operating-system} declaration exist, and with the specified properties. Thus, account or group creations or " +"modifications made by directly invoking commands such as @command{useradd} are lost upon reconfiguration or reboot. This ensures " +"that the system remains exactly as declared." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9397 +#, no-wrap +msgid "{Data Type} user-account" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9400 +msgid "Objects of this type represent user accounts. The following members may be specified:" +msgstr "" + +#. type: table +#: doc/guix.texi:9404 +msgid "The name of the user account." +msgstr "" + +#. type: itemx +#: doc/guix.texi:9405 doc/guix.texi:19862 +#, no-wrap +msgid "group" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9406 doc/guix.texi:9455 +#, no-wrap +msgid "groups" +msgstr "" + +#. type: table +#: doc/guix.texi:9409 +msgid "This is the name (a string) or identifier (a number) of the user group this account belongs to." +msgstr "" + +#. type: item +#: doc/guix.texi:9410 +#, no-wrap +msgid "@code{supplementary-groups} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:9413 +msgid "Optionally, this can be defined as a list of group names that this account belongs to." +msgstr "" + +#. type: item +#: doc/guix.texi:9414 +#, no-wrap +msgid "@code{uid} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9418 +msgid "" +"This is the user ID for this account (a number), or @code{#f}. In the latter case, a number is automatically chosen by the system " +"when the account is created." +msgstr "" + +#. type: item +#: doc/guix.texi:9419 +#, no-wrap +msgid "@code{comment} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:9421 +msgid "A comment about the account, such as the account owner's full name." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9422 +#, no-wrap +msgid "home-directory" +msgstr "" + +#. type: table +#: doc/guix.texi:9424 +msgid "This is the name of the home directory for the account." +msgstr "" + +#. type: item +#: doc/guix.texi:9425 +#, no-wrap +msgid "@code{create-home-directory?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:9428 +msgid "Indicates whether the home directory of this account should be created if it does not exist yet." +msgstr "" + +#. type: item +#: doc/guix.texi:9429 +#, no-wrap +msgid "@code{shell} (default: Bash)" +msgstr "" + +#. type: table +#: doc/guix.texi:9432 +msgid "This is a G-expression denoting the file name of a program to be used as the shell (@pxref{G-Expressions})." +msgstr "" + +#. type: item +#: doc/guix.texi:9433 doc/guix.texi:9473 +#, no-wrap +msgid "@code{system?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9437 +msgid "" +"This Boolean value indicates whether the account is a ``system'' account. System accounts are sometimes treated specially; for " +"instance, graphical login managers do not list them." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:9439 +msgid "user-account-password" +msgstr "" + +#. type: item +#: doc/guix.texi:9439 doc/guix.texi:9477 +#, no-wrap +msgid "@code{password} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9445 +msgid "" +"You would normally leave this field to @code{#f}, initialize user passwords as @code{root} with the @command{passwd} command, and " +"then let users change it with @command{passwd}. Passwords set with @command{passwd} are of course preserved across reboot and " +"reconfiguration." +msgstr "" + +#. type: table +#: doc/guix.texi:9451 +msgid "" +"If you @emph{do} want to have a preset password for an account, then this field must contain the encrypted password, as a string. " +"@xref{crypt,,, libc, The GNU C Library Reference Manual}, for more information on password encryption, and @ref{Encryption,,, guile, " +"GNU Guile Reference Manual}, for information on Guile's @code{crypt} procedure." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9457 +msgid "User group declarations are even simpler:" +msgstr "" + +#. type: example +#: doc/guix.texi:9460 +#, no-wrap +msgid "(user-group (name \"students\"))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9462 +#, no-wrap +msgid "{Data Type} user-group" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9464 +msgid "This type is for, well, user groups. There are just a few fields:" +msgstr "" + +#. type: table +#: doc/guix.texi:9468 +msgid "The name of the group." +msgstr "" + +#. type: item +#: doc/guix.texi:9469 +#, no-wrap +msgid "@code{id} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9472 +msgid "The group identifier (a number). If @code{#f}, a new number is automatically allocated when the group is created." +msgstr "" + +#. type: table +#: doc/guix.texi:9476 +msgid "This Boolean value indicates whether the group is a ``system'' group. System groups have low numerical IDs." +msgstr "" + +#. type: table +#: doc/guix.texi:9480 +msgid "What, user groups can have a password? Well, apparently yes. Unless @code{#f}, this field specifies the password of the group." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9486 +msgid "For convenience, a variable lists all the basic user groups one may expect:" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9487 +#, no-wrap +msgid "{Scheme Variable} %base-groups" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9492 +msgid "" +"This is the list of basic user groups that users and/or packages expect to be present on the system. This includes groups such as " +"``root'', ``wheel'', and ``users'', as well as groups used to control access to specific devices such as ``audio'', ``disk'', and " +"``cdrom''." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9494 +#, no-wrap +msgid "{Scheme Variable} %base-user-accounts" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9497 +msgid "" +"This is the list of basic system accounts that programs may expect to find on a GNU/Linux system, such as the ``nobody'' account." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9500 +msgid "" +"Note that the ``root'' account is not included here. It is a special-case and is automatically added whether or not it is specified." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9505 +#, no-wrap +msgid "locale" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9512 +msgid "" +"A @dfn{locale} defines cultural conventions for a particular language and region of the world (@pxref{Locales,,, libc, The GNU C " +"Library Reference Manual}). Each locale has a name that typically has the form @code{@var{language}_@var{territory}." +"@var{codeset}}---e.g., @code{fr_LU.utf8} designates the locale for the French language, with cultural conventions from Luxembourg, " +"and using the UTF-8 encoding." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9513 +#, no-wrap +msgid "locale definition" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9517 +msgid "" +"Usually, you will want to specify the default locale for the machine using the @code{locale} field of the @code{operating-system} " +"declaration (@pxref{operating-system Reference, @code{locale}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9526 +msgid "" +"The selected locale is automatically added to the @dfn{locale definitions} known to the system if needed, with its codeset inferred " +"from its name---e.g., @code{bo_CN.utf8} will be assumed to use the @code{UTF-8} codeset. Additional locale definitions can be " +"specified in the @code{locale-definitions} slot of @code{operating-system}---this is useful, for instance, if the codeset could not " +"be inferred from the locale name. The default set of locale definitions includes some widely used locales, but not all the " +"available locales, in order to save space." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9529 +msgid "For instance, to add the North Frisian locale for Germany, the value of that field may be:" +msgstr "" + +#. type: example +#: doc/guix.texi:9534 +#, no-wrap +msgid "" +"(cons (locale-definition\n" +" (name \"fy_DE.utf8\") (source \"fy_DE\"))\n" +" %default-locale-definitions)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9538 +msgid "Likewise, to save space, one might want @code{locale-definitions} to list only the locales that are actually used, as in:" +msgstr "" + +#. type: example +#: doc/guix.texi:9543 +#, no-wrap +msgid "" +"(list (locale-definition\n" +" (name \"ja_JP.eucjp\") (source \"ja_JP\")\n" +" (charset \"EUC-JP\")))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9552 +msgid "" +"The compiled locale definitions are available at @file{/run/current-system/locale/X.Y}, where @code{X.Y} is the libc version, which " +"is the default location where the GNU@tie{}libc provided by Guix looks for locale data. This can be overridden using the " +"@code{LOCPATH} environment variable (@pxref{locales-and-locpath, @code{LOCPATH} and locale packages})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9555 +msgid "The @code{locale-definition} form is provided by the @code{(gnu system locale)} module. Details are given below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9556 +#, no-wrap +msgid "{Data Type} locale-definition" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9558 +msgid "This is the data type of a locale definition." +msgstr "" + +#. type: table +#: doc/guix.texi:9564 +msgid "The name of the locale. @xref{Locale Names,,, libc, The GNU C Library Reference Manual}, for more information on locale names." +msgstr "" + +#. type: table +#: doc/guix.texi:9568 +msgid "The name of the source for that locale. This is typically the @code{@var{language}_@var{territory}} part of the locale name." +msgstr "" + +#. type: item +#: doc/guix.texi:9569 +#, no-wrap +msgid "@code{charset} (default: @code{\"UTF-8\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:9573 +msgid "" +"The ``character set'' or ``code set'' for that locale, @uref{http://www.iana.org/assignments/character-sets, as defined by IANA}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9577 +#, no-wrap +msgid "{Scheme Variable} %default-locale-definitions" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9581 +msgid "" +"A list of commonly used UTF-8 locales, used as the default value of the @code{locale-definitions} field of @code{operating-system} " +"declarations." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9582 +#, no-wrap +msgid "locale name" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9583 +#, no-wrap +msgid "normalized codeset in locale names" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9589 +msgid "" +"These locale definitions use the @dfn{normalized codeset} for the part that follows the dot in the name (@pxref{Using gettextized " +"software, normalized codeset,, libc, The GNU C Library Reference Manual}). So for instance it has @code{uk_UA.utf8} but @emph{not}, " +"say, @code{uk_UA.UTF-8}." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:9591 +#, no-wrap +msgid "Locale Data Compatibility Considerations" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9593 +#, no-wrap +msgid "incompatibility, of locale data" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9600 +msgid "" +"@code{operating-system} declarations provide a @code{locale-libcs} field to specify the GNU@tie{}libc packages that are used to " +"compile locale declarations (@pxref{operating-system Reference}). ``Why would I care?'', you may ask. Well, it turns out that the " +"binary format of locale data is occasionally incompatible from one libc version to another." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9612 +msgid "" +"For instance, a program linked against libc version 2.21 is unable to read locale data produced with libc 2.22; worse, that program " +"@emph{aborts} instead of simply ignoring the incompatible locale data@footnote{Versions 2.23 and later of GNU@tie{}libc will simply " +"skip the incompatible locale data, which is already an improvement.}. Similarly, a program linked against libc 2.22 can read most, " +"but not all, of the locale data from libc 2.21 (specifically, @code{LC_COLLATE} data is incompatible); thus calls to " +"@code{setlocale} may fail, but programs will not abort." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9617 +msgid "" +"The ``problem'' in GuixSD is that users have a lot of freedom: They can choose whether and when to upgrade software in their " +"profiles, and might be using a libc version different from the one the system administrator used to build the system-wide locale " +"data." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9621 +msgid "" +"Fortunately, unprivileged users can also install their own locale data and define @var{GUIX_LOCPATH} accordingly (@pxref{locales-and-" +"locpath, @code{GUIX_LOCPATH} and locale packages})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9628 +msgid "" +"Still, it is best if the system-wide locale data at @file{/run/current-system/locale} is built for all the libc versions actually in " +"use on the system, so that all the programs can access it---this is especially crucial on a multi-user system. To do that, the " +"administrator can specify several libc packages in the @code{locale-libcs} field of @code{operating-system}:" +msgstr "" + +#. type: example +#: doc/guix.texi:9631 +#, no-wrap +msgid "" +"(use-package-modules base)\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:9635 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (locale-libcs (list glibc-2.21 (canonical-package glibc))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9640 +msgid "" +"This example would lead to a system containing locale definitions for both libc 2.21 and the current version of libc in @file{/run/" +"current-system/locale}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:9645 +#, no-wrap +msgid "system services" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9651 +msgid "" +"An important part of preparing an @code{operating-system} declaration is listing @dfn{system services} and their configuration " +"(@pxref{Using the Configuration System}). System services are typically daemons launched when the system boots, or other actions " +"needed at that time---e.g., configuring network access." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9658 +msgid "" +"GuixSD has a broad definition of ``service'' (@pxref{Service Composition}), but many services are managed by the GNU@tie{}Shepherd " +"(@pxref{Shepherd Services}). On a running system, the @command{herd} command allows you to list the available services, show their " +"status, start and stop them, or do other specific operations (@pxref{Jump Start,,, shepherd, The GNU Shepherd Manual}). For example:" +msgstr "" + +#. type: example +#: doc/guix.texi:9661 +#, no-wrap +msgid "# herd status\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9666 +msgid "" +"The above command, run as @code{root}, lists the currently defined services. The @command{herd doc} command shows a synopsis of the " +"given service:" +msgstr "" + +#. type: example +#: doc/guix.texi:9670 +#, no-wrap +msgid "" +"# herd doc nscd\n" +"Run libc's name service cache daemon (nscd).\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9675 +msgid "" +"The @command{start}, @command{stop}, and @command{restart} sub-commands have the effect you would expect. For instance, the " +"commands below stop the nscd service and restart the Xorg display server:" +msgstr "" + +#. type: example +#: doc/guix.texi:9682 +#, no-wrap +msgid "" +"# herd stop nscd\n" +"Service nscd has been stopped.\n" +"# herd restart xorg-server\n" +"Service xorg-server has been stopped.\n" +"Service xorg-server has been started.\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9687 +msgid "" +"The following sections document the available services, starting with the core services, that may be used in an @code{operating-" +"system} declaration." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:9722 +msgid "" +"The @code{(gnu services base)} module provides definitions for the basic services that one expects from the system. The services " +"exported by this module are listed below." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9723 +#, no-wrap +msgid "{Scheme Variable} %base-services" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9729 +msgid "" +"This variable contains a list of basic services (@pxref{Service Types and Services}, for more information on service objects) one " +"would expect from the system: a login service (mingetty) on each tty, syslogd, the libc name service cache daemon (nscd), the udev " +"device manager, and more." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9734 +msgid "" +"This is the default value of the @code{services} field of @code{operating-system} declarations. Usually, when customizing a system, " +"you will want to append services to @var{%base-services}, like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:9737 +#, no-wrap +msgid "(cons* (avahi-service) (lsh-service) %base-services)\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9740 +#, no-wrap +msgid "{Scheme Variable} special-files-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9743 +msgid "This is the service that sets up ``special files'' such as @file{/bin/sh}; an instance of it is part of @code{%base-services}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:9747 +msgid "" +"The value associated with @code{special-files-service-type} services must be a list of tuples where the first element is the " +"``special file'' and the second element is its target. By default it is:" +msgstr "" + +#. type: file{#1} +#: doc/guix.texi:9748 +#, no-wrap +msgid "/bin/sh" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9749 +#, no-wrap +msgid "@file{sh}, in @file{/bin}" +msgstr "" + +#. type: example +#: doc/guix.texi:9752 +#, no-wrap +msgid "`((\"/bin/sh\" ,(file-append @var{bash} \"/bin/sh\")))\n" +msgstr "" + +#. type: file{#1} +#: doc/guix.texi:9754 +#, no-wrap +msgid "/usr/bin/env" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9755 +#, no-wrap +msgid "@file{env}, in @file{/usr/bin}" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9758 +msgid "If you want to add, say, @code{/usr/bin/env} to your system, you can change it to:" +msgstr "" + +#. type: example +#: doc/guix.texi:9762 +#, no-wrap +msgid "" +"`((\"/bin/sh\" ,(file-append @var{bash} \"/bin/sh\"))\n" +" (\"/usr/bin/env\" ,(file-append @var{coreutils} \"/bin/env\")))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:9769 +msgid "" +"Since this is part of @code{%base-services}, you can use @code{modify-services} to customize the set of special files " +"(@pxref{Service Reference, @code{modify-services}}). But the simple way to add a special file is @i{via} the @code{extra-special-" +"file} procedure (see below.)" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9771 +#, no-wrap +msgid "{Scheme Procedure} extra-special-file @var{file} @var{target}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9773 +msgid "Use @var{target} as the ``special file'' @var{file}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:9777 +msgid "" +"For example, adding the following lines to the @code{services} field of your operating system declaration leads to a @file{/usr/bin/" +"env} symlink:" +msgstr "" + +#. type: example +#: doc/guix.texi:9781 +#, no-wrap +msgid "" +"(extra-special-file \"/usr/bin/env\"\n" +" (file-append coreutils \"/bin/env\"))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9784 +#, no-wrap +msgid "{Scheme Procedure} host-name-service @var{name}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9786 +msgid "Return a service that sets the host name to @var{name}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:9788 +#, no-wrap +msgid "{Scheme Procedure} login-service @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9792 +msgid "" +"Return a service to run login according to @var{config}, a @code{} object, which specifies the message of the " +"day, among other things." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9794 +#, no-wrap +msgid "{Data Type} login-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9796 +msgid "This is the data type representing the configuration of login." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9799 +#, no-wrap +msgid "motd" +msgstr "" + +#. type: cindex +#: doc/guix.texi:9800 +#, no-wrap +msgid "message of the day" +msgstr "" + +#. type: table +#: doc/guix.texi:9802 +msgid "A file-like object containing the ``message of the day''." +msgstr "" + +#. type: item +#: doc/guix.texi:9803 doc/guix.texi:11420 +#, no-wrap +msgid "@code{allow-empty-passwords?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:9806 +msgid "Allow empty passwords by default so that first-time users can log in when the 'root' account has just been created." +msgstr "" + +#. type: deffn +#: doc/guix.texi:9810 +#, no-wrap +msgid "{Scheme Procedure} mingetty-service @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9814 +msgid "" +"Return a service to run mingetty according to @var{config}, a @code{} object, which specifies the tty to " +"run, among other things." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9816 +#, no-wrap +msgid "{Data Type} mingetty-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9819 +msgid "" +"This is the data type representing the configuration of Mingetty, which provides the default implementation of virtual console log-" +"in." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:9822 doc/guix.texi:9858 +#, no-wrap +msgid "tty" +msgstr "" + +#. type: table +#: doc/guix.texi:9824 +msgid "The name of the console this Mingetty runs on---e.g., @code{\"tty1\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:9825 doc/guix.texi:9887 +#, no-wrap +msgid "@code{auto-login} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9829 +msgid "" +"When true, this field must be a string denoting the user name under which the system automatically logs in. When it is @code{#f}, a " +"user name and password must be entered to log in." +msgstr "" + +#. type: item +#: doc/guix.texi:9830 +#, no-wrap +msgid "@code{login-program} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9834 +msgid "" +"This must be either @code{#f}, in which case the default log-in program is used (@command{login} from the Shadow tool suite), or a " +"gexp denoting the name of the log-in program." +msgstr "" + +#. type: item +#: doc/guix.texi:9835 +#, no-wrap +msgid "@code{login-pause?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9838 +msgid "" +"When set to @code{#t} in conjunction with @var{auto-login}, the user will have to press a key before the log-in shell is launched." +msgstr "" + +#. type: item +#: doc/guix.texi:9839 +#, no-wrap +msgid "@code{mingetty} (default: @var{mingetty})" +msgstr "" + +#. type: table +#: doc/guix.texi:9841 +msgid "The Mingetty package to use." +msgstr "" + +#. type: deffn +#: doc/guix.texi:9845 +#, no-wrap +msgid "{Scheme Procedure} agetty-service @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:9849 +msgid "" +"Return a service to run agetty according to @var{config}, an @code{} object, which specifies the tty to run, " +"among other things." +msgstr "" + +#. type: deftp +#: doc/guix.texi:9851 +#, no-wrap +msgid "{Data Type} agetty-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:9855 +msgid "" +"This is the data type representing the configuration of agetty, which implements virtual and serial console log-in. See the " +"@code{agetty(8)} man page for more information." +msgstr "" + +#. type: table +#: doc/guix.texi:9862 +msgid "" +"The name of the console this agetty runs on, as a string---e.g., @code{\"ttyS0\"}. This argument is optional, it will default to a " +"reasonable default serial port used by the kernel Linux." +msgstr "" + +#. type: table +#: doc/guix.texi:9866 +msgid "" +"For this, if there is a value for an option @code{agetty.tty} in the kernel command line, agetty will extract the device name of the " +"serial port from it and use that." +msgstr "" + +#. type: table +#: doc/guix.texi:9870 +msgid "" +"If not and if there is a value for an option @code{console} with a tty in the Linux command line, agetty will extract the device " +"name of the serial port from it and use that." +msgstr "" + +#. type: table +#: doc/guix.texi:9874 +msgid "" +"In both cases, agetty will leave the other serial device settings (baud rate etc.) alone---in the hope that Linux pinned them to the " +"correct values." +msgstr "" + +#. type: item +#: doc/guix.texi:9875 +#, no-wrap +msgid "@code{baud-rate} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9878 +msgid "A string containing a comma-separated list of one or more baud rates, in descending order." +msgstr "" + +#. type: item +#: doc/guix.texi:9879 +#, no-wrap +msgid "@code{term} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9882 +msgid "A string containing the value used for the @code{TERM} environment variable." +msgstr "" + +#. type: item +#: doc/guix.texi:9883 +#, no-wrap +msgid "@code{eight-bits?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9886 +msgid "When @code{#t}, the tty is assumed to be 8-bit clean, and parity detection is disabled." +msgstr "" + +#. type: table +#: doc/guix.texi:9890 +msgid "" +"When passed a login name, as a string, the specified user will be logged in automatically without prompting for their login name or " +"password." +msgstr "" + +#. type: item +#: doc/guix.texi:9891 +#, no-wrap +msgid "@code{no-reset?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9893 +msgid "When @code{#t}, don't reset terminal cflags (control modes)." +msgstr "" + +#. type: item +#: doc/guix.texi:9894 +#, no-wrap +msgid "@code{host} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9897 +msgid "This accepts a string containing the \"login_host\", which will be written into the @file{/var/run/utmpx} file." +msgstr "" + +#. type: item +#: doc/guix.texi:9898 +#, no-wrap +msgid "@code{remote?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9902 +msgid "" +"When set to @code{#t} in conjunction with @var{host}, this will add an @code{-r} fakehost option to the command line of the login " +"program specified in @var{login-program}." +msgstr "" + +#. type: item +#: doc/guix.texi:9903 +#, no-wrap +msgid "@code{flow-control?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9905 +msgid "When set to @code{#t}, enable hardware (RTS/CTS) flow control." +msgstr "" + +#. type: item +#: doc/guix.texi:9906 +#, no-wrap +msgid "@code{no-issue?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9909 +msgid "When set to @code{#t}, the contents of the @file{/etc/issue} file will not be displayed before presenting the login prompt." +msgstr "" + +#. type: item +#: doc/guix.texi:9910 +#, no-wrap +msgid "@code{init-string} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9913 +msgid "" +"This accepts a string that will be sent to the tty or modem before sending anything else. It can be used to initialize a modem." +msgstr "" + +#. type: item +#: doc/guix.texi:9914 +#, no-wrap +msgid "@code{no-clear?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9917 +msgid "When set to @code{#t}, agetty will not clear the screen before showing the login prompt." +msgstr "" + +#. type: item +#: doc/guix.texi:9918 +#, no-wrap +msgid "@code{login-program} (default: (file-append shadow \"/bin/login\"))" +msgstr "" + +#. type: table +#: doc/guix.texi:9922 +msgid "" +"This must be either a gexp denoting the name of a log-in program, or unset, in which case the default value is the @command{login} " +"from the Shadow tool suite." +msgstr "" + +#. type: item +#: doc/guix.texi:9923 +#, no-wrap +msgid "@code{local-line} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9927 +msgid "" +"Control the CLOCAL line flag. This accepts one of three symbols as arguments, @code{'auto}, @code{'always}, or @code{'never}. If " +"@code{#f}, the default value chosen by agetty is @code{'auto}." +msgstr "" + +#. type: item +#: doc/guix.texi:9928 +#, no-wrap +msgid "@code{extract-baud?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9931 +msgid "" +"When set to @code{#t}, instruct agetty to try to extract the baud rate from the status messages produced by certain types of modems." +msgstr "" + +#. type: item +#: doc/guix.texi:9932 +#, no-wrap +msgid "@code{skip-login?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9936 +msgid "" +"When set to @code{#t}, do not prompt the user for a login name. This can be used with @var{login-program} field to use non-standard " +"login systems." +msgstr "" + +#. type: item +#: doc/guix.texi:9937 +#, no-wrap +msgid "@code{no-newline?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9940 +msgid "When set to @code{#t}, do not print a newline before printing the @file{/etc/issue} file." +msgstr "" + +#. type: item +#: doc/guix.texi:9942 +#, no-wrap +msgid "@code{login-options} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9947 +msgid "" +"This option accepts a string containing options that are passed to the login program. When used with the @var{login-program}, be " +"aware that a malicious user could try to enter a login name containing embedded options that could be parsed by the login program." +msgstr "" + +#. type: item +#: doc/guix.texi:9948 +#, no-wrap +msgid "@code{login-pause} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9952 +msgid "" +"When set to @code{#t}, wait for any key before showing the login prompt. This can be used in conjunction with @var{auto-login} to " +"save memory by lazily spawning shells." +msgstr "" + +#. type: item +#: doc/guix.texi:9953 +#, no-wrap +msgid "@code{chroot} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9956 +msgid "Change root to the specified directory. This option accepts a directory path as a string." +msgstr "" + +#. type: item +#: doc/guix.texi:9957 +#, no-wrap +msgid "@code{hangup?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9960 +msgid "Use the Linux system call @code{vhangup} to do a virtual hangup of the specified terminal." +msgstr "" + +#. type: item +#: doc/guix.texi:9961 +#, no-wrap +msgid "@code{keep-baud?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9965 +msgid "" +"When set to @code{#t}, try to keep the existing baud rate. The baud rates from @var{baud-rate} are used when agetty receives a " +"@key{BREAK} character." +msgstr "" + +#. type: item +#: doc/guix.texi:9966 +#, no-wrap +msgid "@code{timeout} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9969 +msgid "When set to an integer value, terminate if no user name could be read within @var{timeout} seconds." +msgstr "" + +#. type: item +#: doc/guix.texi:9970 +#, no-wrap +msgid "@code{detect-case?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9976 +msgid "" +"When set to @code{#t}, turn on support for detecting an uppercase-only terminal. This setting will detect a login name containing " +"only uppercase letters as indicating an uppercase-only terminal and turn on some upper-to-lower case conversions. Note that this " +"will not support Unicode characters." +msgstr "" + +#. type: item +#: doc/guix.texi:9977 +#, no-wrap +msgid "@code{wait-cr?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9982 +msgid "" +"When set to @code{#t}, wait for the user or modem to send a carriage-return or linefeed character before displaying @file{/etc/" +"issue} or login prompt. This is typically used with the @var{init-string} option." +msgstr "" + +#. type: item +#: doc/guix.texi:9983 +#, no-wrap +msgid "@code{no-hints?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9986 +msgid "When set to @code{#t}, do not print hints about Num, Caps, and Scroll locks." +msgstr "" + +#. type: item +#: doc/guix.texi:9987 +#, no-wrap +msgid "@code{no-hostname?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9990 +msgid "By default, the hostname is printed. When this option is set to @code{#t}, no hostname will be shown at all." +msgstr "" + +#. type: item +#: doc/guix.texi:9991 +#, no-wrap +msgid "@code{long-hostname?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9995 +msgid "" +"By default, the hostname is only printed until the first dot. When this option is set to @code{#t}, the fully qualified hostname by " +"@code{gethostname} or @code{getaddrinfo} is shown." +msgstr "" + +#. type: item +#: doc/guix.texi:9996 +#, no-wrap +msgid "@code{erase-characters} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:9999 +msgid "" +"This option accepts a string of additional characters that should be interpreted as backspace when the user types their login name." +msgstr "" + +#. type: item +#: doc/guix.texi:10000 +#, no-wrap +msgid "@code{kill-characters} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10004 +msgid "" +"This option accepts a string that should be interpreted to mean \"ignore all previous characters\" (also called a \"kill\" " +"character) when the types their login name." +msgstr "" + +#. type: item +#: doc/guix.texi:10005 +#, no-wrap +msgid "@code{chdir} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10008 +msgid "This option accepts, as a string, a directory path that will be changed to before login." +msgstr "" + +#. type: item +#: doc/guix.texi:10009 +#, no-wrap +msgid "@code{delay} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10012 +msgid "This options accepts, as an integer, the number of seconds to sleep before opening the tty and displaying the login prompt." +msgstr "" + +#. type: item +#: doc/guix.texi:10013 +#, no-wrap +msgid "@code{nice} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10016 +msgid "This option accepts, as an integer, the nice value with which to run the @command{login} program." +msgstr "" + +#. type: item +#: doc/guix.texi:10017 doc/guix.texi:10217 +#, no-wrap +msgid "@code{extra-options} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10020 +msgid "" +"This option provides an \"escape hatch\" for the user to provide arbitrary command-line arguments to @command{agetty} as a list of " +"strings." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10024 +#, no-wrap +msgid "{Scheme Procedure} kmscon-service-type @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10028 +msgid "" +"Return a service to run @uref{https://www.freedesktop.org/wiki/Software/kmscon,kmscon} according to @var{config}, a @code{} object, which specifies the tty to run, among other things." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10030 +#, no-wrap +msgid "{Data Type} kmscon-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10033 +msgid "This is the data type representing the configuration of Kmscon, which implements virtual console log-in." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10036 +#, no-wrap +msgid "virtual-terminal" +msgstr "" + +#. type: table +#: doc/guix.texi:10038 +msgid "The name of the console this Kmscon runs on---e.g., @code{\"tty1\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:10039 +#, no-wrap +msgid "@code{login-program} (default: @code{#~(string-append #$shadow \"/bin/login\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10042 +msgid "A gexp denoting the name of the log-in program. The default log-in program is @command{login} from the Shadow tool suite." +msgstr "" + +#. type: item +#: doc/guix.texi:10043 +#, no-wrap +msgid "@code{login-arguments} (default: @code{'(\"-p\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10045 +msgid "A list of arguments to pass to @command{login}." +msgstr "" + +#. type: item +#: doc/guix.texi:10046 +#, no-wrap +msgid "@code{hardware-acceleration?} (default: #f)" +msgstr "" + +#. type: table +#: doc/guix.texi:10048 +msgid "Whether to use hardware acceleration." +msgstr "" + +#. type: item +#: doc/guix.texi:10049 +#, no-wrap +msgid "@code{kmscon} (default: @var{kmscon})" +msgstr "" + +#. type: table +#: doc/guix.texi:10051 +msgid "The Kmscon package to use." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10055 +#, no-wrap +msgid "name service cache daemon" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10056 +#, no-wrap +msgid "nscd" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10057 +#, no-wrap +msgid "{Scheme Procedure} nscd-service [@var{config}] [#:glibc glibc] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10062 +msgid "" +"[#:name-services '()] Return a service that runs the libc name service cache daemon (nscd) with the given @var{config}---an " +"@code{} object. @xref{Name Service Switch}, for an example." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10064 +#, no-wrap +msgid "{Scheme Variable} %nscd-default-configuration" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10068 +msgid "" +"This is the default @code{} value (see below) used by @code{nscd-service}. It uses the caches defined by " +"@var{%nscd-default-caches}; see below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10070 +#, no-wrap +msgid "{Data Type} nscd-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10073 +msgid "This is the data type representing the name service cache daemon (nscd) configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:10076 +#, no-wrap +msgid "@code{name-services} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10079 +msgid "List of packages denoting @dfn{name services} that must be visible to the nscd---e.g., @code{(list @var{nss-mdns})}." +msgstr "" + +#. type: item +#: doc/guix.texi:10080 +#, no-wrap +msgid "@code{glibc} (default: @var{glibc})" +msgstr "" + +#. type: table +#: doc/guix.texi:10083 +msgid "Package object denoting the GNU C Library providing the @command{nscd} command." +msgstr "" + +#. type: item +#: doc/guix.texi:10084 +#, no-wrap +msgid "@code{log-file} (default: @code{\"/var/log/nscd.log\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10087 +msgid "Name of the nscd log file. This is where debugging output goes when @code{debug-level} is strictly positive." +msgstr "" + +#. type: item +#: doc/guix.texi:10088 +#, no-wrap +msgid "@code{debug-level} (default: @code{0})" +msgstr "" + +#. type: table +#: doc/guix.texi:10091 +msgid "Integer denoting the debugging levels. Higher numbers mean that more debugging output is logged." +msgstr "" + +#. type: item +#: doc/guix.texi:10092 +#, no-wrap +msgid "@code{caches} (default: @var{%nscd-default-caches})" +msgstr "" + +#. type: table +#: doc/guix.texi:10095 +msgid "List of @code{} objects denoting things to be cached; see below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10099 +#, no-wrap +msgid "{Data Type} nscd-cache" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10101 +msgid "Data type representing a cache database of nscd and its parameters." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10104 doc/guix.texi:12761 +#, no-wrap +msgid "database" +msgstr "" + +#. type: table +#: doc/guix.texi:10109 +msgid "" +"This is a symbol representing the name of the database to be cached. Valid values are @code{passwd}, @code{group}, @code{hosts}, " +"and @code{services}, which designate the corresponding NSS database (@pxref{NSS Basics,,, libc, The GNU C Library Reference Manual})." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10110 +#, no-wrap +msgid "positive-time-to-live" +msgstr "" + +#. type: itemx +#: doc/guix.texi:10111 +#, no-wrap +msgid "@code{negative-time-to-live} (default: @code{20})" +msgstr "" + +#. type: table +#: doc/guix.texi:10114 +msgid "A number representing the number of seconds during which a positive or negative lookup result remains in cache." +msgstr "" + +#. type: item +#: doc/guix.texi:10115 +#, no-wrap +msgid "@code{check-files?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10118 +msgid "Whether to check for updates of the files corresponding to @var{database}." +msgstr "" + +#. type: table +#: doc/guix.texi:10122 +msgid "" +"For instance, when @var{database} is @code{hosts}, setting this flag instructs nscd to check for updates in @file{/etc/hosts} and to " +"take them into account." +msgstr "" + +#. type: item +#: doc/guix.texi:10123 +#, no-wrap +msgid "@code{persistent?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10125 +msgid "Whether the cache should be stored persistently on disk." +msgstr "" + +#. type: item +#: doc/guix.texi:10126 +#, no-wrap +msgid "@code{shared?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10128 +msgid "Whether the cache should be shared among users." +msgstr "" + +#. type: item +#: doc/guix.texi:10129 +#, no-wrap +msgid "@code{max-database-size} (default: 32@tie{}MiB)" +msgstr "" + +#. type: table +#: doc/guix.texi:10131 +msgid "Maximum size in bytes of the database cache." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10138 +#, no-wrap +msgid "{Scheme Variable} %nscd-default-caches" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10141 +msgid "List of @code{} objects used by default by @code{nscd-configuration} (see above)." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10147 +msgid "" +"It enables persistent and aggressive caching of service and host name lookups. The latter provides better host name lookup " +"performance, resilience in the face of unreliable name servers, and also better privacy---often the result of host name lookups is " +"in local cache, so external name servers do not even need to be queried." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10150 +msgid "syslog-configuration-type" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10150 doc/guix.texi:10166 +#, no-wrap +msgid "syslog" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10151 doc/guix.texi:10584 +#, no-wrap +msgid "logging" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10152 +#, no-wrap +msgid "{Data Type} syslog-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10154 +msgid "This data type represents the configuration of the syslog daemon." +msgstr "" + +#. type: item +#: doc/guix.texi:10156 +#, no-wrap +msgid "@code{syslogd} (default: @code{#~(string-append #$inetutils \"/libexec/syslogd\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10158 +msgid "The syslog daemon to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10159 +#, no-wrap +msgid "@code{config-file} (default: @code{%default-syslog.conf})" +msgstr "" + +#. type: table +#: doc/guix.texi:10161 +msgid "The syslog configuration file to use." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10166 +msgid "syslog-service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10167 +#, no-wrap +msgid "{Scheme Procedure} syslog-service @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10169 +msgid "Return a service that runs a syslog daemon according to @var{config}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10172 +msgid "@xref{syslogd invocation,,, inetutils, GNU Inetutils}, for more information on the configuration file syntax." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10175 +msgid "guix-configuration-type" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10175 +#, no-wrap +msgid "{Data Type} guix-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10178 +msgid "This data type represents the configuration of the Guix build daemon. @xref{Invoking guix-daemon}, for more information." +msgstr "" + +#. type: item +#: doc/guix.texi:10180 +#, no-wrap +msgid "@code{guix} (default: @var{guix})" +msgstr "" + +#. type: table +#: doc/guix.texi:10182 doc/guix.texi:10410 +msgid "The Guix package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10183 +#, no-wrap +msgid "@code{build-group} (default: @code{\"guixbuild\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10185 +msgid "Name of the group for build user accounts." +msgstr "" + +#. type: item +#: doc/guix.texi:10186 +#, no-wrap +msgid "@code{build-accounts} (default: @code{10})" +msgstr "" + +#. type: table +#: doc/guix.texi:10188 +msgid "Number of build user accounts to create." +msgstr "" + +#. type: item +#: doc/guix.texi:10189 +#, no-wrap +msgid "@code{authorize-key?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10194 +msgid "" +"Whether to authorize the substitute keys listed in @code{authorized-keys}---by default that of @code{hydra.gnu.org} " +"(@pxref{Substitutes})." +msgstr "" +"Autoriser ou non les clefs de substituts listées dans @code{authorize-keys} — par défaut celle de @code{hydra.gny.org} " +"(@pxref{Substituts})." + +#. type: vindex +#: doc/guix.texi:10195 +#, no-wrap +msgid "%default-authorized-guix-keys" +msgstr "" + +#. type: item +#: doc/guix.texi:10196 +#, no-wrap +msgid "@code{authorized-keys} (default: @var{%default-authorized-guix-keys})" +msgstr "" + +#. type: table +#: doc/guix.texi:10200 +msgid "" +"The list of authorized key files for archive imports, as a list of string-valued gexps (@pxref{Invoking guix archive}). By default, " +"it contains that of @code{hydra.gnu.org} (@pxref{Substitutes})." +msgstr "" +"La liste des fichiers de clefs autorisées pour les imports d'archives, en tant que liste de gexps sous forme de chaînes " +"(@pxref{Invoking guix archive}). Par défaut, elle contient celle de @code{hydra.gnu.org} (@pxref{Substituts})." + +#. type: item +#: doc/guix.texi:10201 +#, no-wrap +msgid "@code{use-substitutes?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10203 +msgid "Whether to use substitutes." +msgstr "" + +#. type: item +#: doc/guix.texi:10204 +#, no-wrap +msgid "@code{substitute-urls} (default: @var{%default-substitute-urls})" +msgstr "" + +#. type: table +#: doc/guix.texi:10206 +msgid "The list of URLs where to look for substitutes by default." +msgstr "" + +#. type: item +#: doc/guix.texi:10207 +#, no-wrap +msgid "@code{max-silent-time} (default: @code{0})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:10208 +#, no-wrap +msgid "@code{timeout} (default: @code{0})" +msgstr "" + +#. type: table +#: doc/guix.texi:10212 +msgid "" +"The number of seconds of silence and the number of seconds of activity, respectively, after which a build process times out. A " +"value of zero disables the timeout." +msgstr "" + +#. type: item +#: doc/guix.texi:10213 +#, no-wrap +msgid "@code{log-compression} (default: @code{'bzip2})" +msgstr "" + +#. type: table +#: doc/guix.texi:10216 +msgid "The type of compression used for build logs---one of @code{gzip}, @code{bzip2}, or @code{none}." +msgstr "" + +#. type: table +#: doc/guix.texi:10219 +msgid "List of extra command-line options for @command{guix-daemon}." +msgstr "" + +#. type: item +#: doc/guix.texi:10220 +#, no-wrap +msgid "@code{log-file} (default: @code{\"/var/log/guix-daemon.log\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10223 +msgid "File where @command{guix-daemon}'s standard output and standard error are written." +msgstr "" + +#. type: item +#: doc/guix.texi:10224 +#, no-wrap +msgid "@code{http-proxy} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10227 +msgid "The HTTP proxy used for downloading fixed-output derivations and substitutes." +msgstr "" + +#. type: item +#: doc/guix.texi:10228 +#, no-wrap +msgid "@code{tmpdir} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10230 +msgid "A directory path where the @command{guix-daemon} will perform builds." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10234 +#, no-wrap +msgid "{Scheme Procedure} guix-service @var{config}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10237 +msgid "Return a service that runs the Guix build daemon according to @var{config}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10239 +#, no-wrap +msgid "{Scheme Procedure} udev-service [#:udev @var{eudev} #:rules @code{'()}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10244 +msgid "" +"Run @var{udev}, which populates the @file{/dev} directory dynamically. udev rules can be provided as a list of files through the " +"@var{rules} variable. The procedures @var{udev-rule} and @var{file->udev-rule} from @code{(gnu services base)} simplify the " +"creation of such rule files." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10245 +#, no-wrap +msgid "{Scheme Procedure} udev-rule [@var{file-name} @var{contents}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10248 +msgid "Return a udev-rule file named @var{file-name} containing the rules defined by the @var{contents} literal." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10252 +msgid "" +"In the following example, a rule for a USB device is defined to be stored in the file @file{90-usb-thing.rules}. The rule runs a " +"script upon detecting a USB device with a given product identifier." +msgstr "" + +#. type: example +#: doc/guix.texi:10260 +#, no-wrap +msgid "" +"(define %example-udev-rule\n" +" (udev-rule\n" +" \"90-usb-thing.rules\"\n" +" (string-append \"ACTION==\\\"add\\\", SUBSYSTEM==\\\"usb\\\", \"\n" +" \"ATTR@{product@}==\\\"Example\\\", \"\n" +" \"RUN+=\\\"/path/to/script\\\"\")))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10264 +msgid "Here we show how the default @var{udev-service} can be extended with it." +msgstr "" + +#. type: example +#: doc/guix.texi:10274 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (services\n" +" (modify-services %desktop-services\n" +" (udev-service-type config =>\n" +" (udev-configuration (inherit config)\n" +" (rules (append (udev-configuration-rules config)\n" +" (list %example-udev-rule))))))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10276 +#, no-wrap +msgid "{Scheme Procedure} file->udev-rule [@var{file-name} @var{file}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10279 +msgid "Return a udev file named @var{file-name} containing the rules defined within @var{file}, a file-like object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10281 +msgid "The following example showcases how we can use an existing rule file." +msgstr "" + +#. type: example +#: doc/guix.texi:10286 +#, no-wrap +msgid "" +"(use-modules (guix download) ;for url-fetch\n" +" (guix packages) ;for origin\n" +" ;; @dots{})\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:10297 +#, no-wrap +msgid "" +"(define %android-udev-rules\n" +" (file->udev-rule\n" +" \"51-android-udev.rules\"\n" +" (let ((version \"20170910\"))\n" +" (origin\n" +" (method url-fetch)\n" +" (uri (string-append \"https://raw.githubusercontent.com/M0Rf30/\"\n" +" \"android-udev-rules/\" version \"/51-android.rules\"))\n" +" (sha256\n" +" (base32 \"0lmmagpyb6xsq6zcr2w1cyx9qmjqmajkvrdbhjx32gqf1d9is003\"))))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10306 +msgid "" +"Additionally, Guix package definitions can be included in @var{rules} in order to extend the udev rules with the definitions found " +"under their @file{lib/udev/rules.d} sub-directory. In lieu of the previous @var{file->udev-rule} example, we could have used the " +"@var{android-udev-rules} package which exists in Guix in the @code{(gnu packages android)} module." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10315 +msgid "" +"The following example shows how to use the @var{android-udev-rules} package so that the Android tool @command{adb} can detect " +"devices without root privileges. It also details how to create the @code{adbusers} group, which is required for the proper " +"functioning of the rules defined within the @var{android-udev-rules} package. To create such a group, we must define it both as " +"part of the @var{supplementary-groups} of our @var{user-account} declaration, as well as in the @var{groups} field of the " +"@var{operating-system} record." +msgstr "" + +#. type: example +#: doc/guix.texi:10320 +#, no-wrap +msgid "" +"(use-modules (gnu packages android) ;for android-udev-rules\n" +" (gnu system shadow) ;for user-group\n" +" ;; @dots{})\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:10329 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (users (cons (user-acount\n" +" ;; @dots{}\n" +" (supplementary-groups\n" +" '(\"adbusers\" ;for adb\n" +" \"wheel\" \"netdev\" \"audio\" \"video\"))\n" +" ;; @dots{})))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:10332 +#, no-wrap +msgid "" +" (groups (cons (user-group (system? #t) (name \"adbusers\"))\n" +" %base-groups))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:10334 +#, no-wrap +msgid "" +" ;; @dots{}\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:10341 +#, no-wrap +msgid "" +" (services\n" +" (modify-services %desktop-services\n" +" (udev-service-type config =>\n" +" (udev-configuration (inherit config)\n" +" (rules (cons* android-udev-rules\n" +" (udev-configuration-rules config))))))))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10344 +#, no-wrap +msgid "{Scheme Variable} urandom-seed-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10349 +msgid "" +"Save some entropy in @var{%random-seed-file} to seed @file{/dev/urandom} when rebooting. It also tries to seed @file{/dev/urandom} " +"from @file{/dev/hwrng} while booting, if @file{/dev/hwrng} exists and is readable." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10351 +#, no-wrap +msgid "{Scheme Variable} %random-seed-file" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10355 +msgid "" +"This is the name of the file where some random bytes are saved by @var{urandom-seed-service} to seed @file{/dev/urandom} when " +"rebooting. It defaults to @file{/var/lib/random-seed}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10357 +#, no-wrap +msgid "keymap" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10358 +#, no-wrap +msgid "keyboard" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10359 +#, no-wrap +msgid "{Scheme Procedure} console-keymap-service @var{files} ..." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10364 +msgid "" +"Return a service to load console keymaps from @var{files} using @command{loadkeys} command. Most likely, you want to load some " +"default keymap, which can be done like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:10367 +#, no-wrap +msgid "(console-keymap-service \"dvorak\")\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10371 +msgid "Or, for example, for a Swedish keyboard, you may need to combine the following keymaps:" +msgstr "" + +#. type: example +#: doc/guix.texi:10373 +#, no-wrap +msgid "(console-keymap-service \"se-lat6\" \"se-fi-lat6\")\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10377 +msgid "Also you can specify a full file name (or file names) of your keymap(s). See @code{man loadkeys} for details." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10380 +#, no-wrap +msgid "mouse" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10381 +#, no-wrap +msgid "gpm" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10382 +#, no-wrap +msgid "{Scheme Procedure} gpm-service [#:gpm @var{gpm}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10388 +msgid "" +"[#:options] Run @var{gpm}, the general-purpose mouse daemon, with the given command-line @var{options}. GPM allows users to use the " +"mouse in the console, notably to select, copy, and paste text. The default value of @var{options} uses the @code{ps2} protocol, " +"which works for both USB and PS/2 mice." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10390 +msgid "This service is not part of @var{%base-services}." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10393 +msgid "guix-publish-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10393 +#, no-wrap +msgid "{Scheme Variable} guix-publish-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10397 +msgid "" +"This is the service type for @command{guix publish} (@pxref{Invoking guix publish}). Its value must be a @code{guix-configuration} " +"object, as described below." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10401 +msgid "" +"This assumes that @file{/etc/guix} already contains a signing key pair as created by @command{guix archive --generate-key} " +"(@pxref{Invoking guix archive}). If that is not the case, the service will fail to start." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10403 +#, no-wrap +msgid "{Data Type} guix-publish-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10406 +msgid "Data type representing the configuration of the @code{guix publish} service." +msgstr "" + +#. type: item +#: doc/guix.texi:10408 +#, no-wrap +msgid "@code{guix} (default: @code{guix})" +msgstr "" + +#. type: item +#: doc/guix.texi:10411 +#, no-wrap +msgid "@code{port} (default: @code{80})" +msgstr "" + +#. type: table +#: doc/guix.texi:10413 +msgid "The TCP port to listen for connections." +msgstr "" + +#. type: item +#: doc/guix.texi:10414 +#, no-wrap +msgid "@code{host} (default: @code{\"localhost\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10417 +msgid "The host (and thus, network interface) to listen to. Use @code{\"0.0.0.0\"} to listen on all the network interfaces." +msgstr "" + +#. type: table +#: doc/guix.texi:10422 +msgid "" +"The gzip compression level at which substitutes are compressed. Use @code{0} to disable compression altogether, and @code{9} to get " +"the best compression ratio at the expense of increased CPU usage." +msgstr "" + +#. type: item +#: doc/guix.texi:10423 +#, no-wrap +msgid "@code{nar-path} (default: @code{\"nar\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10426 +msgid "The URL path at which ``nars'' can be fetched. @xref{Invoking guix publish, @code{--nar-path}}, for details." +msgstr "" + +#. type: item +#: doc/guix.texi:10427 +#, no-wrap +msgid "@code{cache} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10433 +msgid "" +"When it is @code{#f}, disable caching and instead generate archives on demand. Otherwise, this should be the name of a directory---" +"e.g., @code{\"/var/cache/guix/publish\"}---where @command{guix publish} caches archives and meta-data ready to be sent. " +"@xref{Invoking guix publish, @option{--cache}}, for more information on the tradeoffs involved." +msgstr "" + +#. type: item +#: doc/guix.texi:10434 +#, no-wrap +msgid "@code{workers} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10438 +msgid "" +"When it is an integer, this is the number of worker threads used for caching; when @code{#f}, the number of processors is used. " +"@xref{Invoking guix publish, @option{--workers}}, for more information." +msgstr "" + +#. type: item +#: doc/guix.texi:10439 +#, no-wrap +msgid "@code{ttl} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10443 +msgid "" +"When it is an integer, this denotes the @dfn{time-to-live} in seconds of the published archives. @xref{Invoking guix publish, " +"@option{--ttl}}, for more information." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10447 +msgid "rngd-service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10447 +#, no-wrap +msgid "{Scheme Procedure} rngd-service [#:rng-tools @var{rng-tools}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10452 +msgid "" +"[#:device \"/dev/hwrng\"] Return a service that runs the @command{rngd} program from @var{rng-tools} to add @var{device} to the " +"kernel's entropy pool. The service will fail if @var{device} does not exist." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:10455 +msgid "pam-limits-service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10455 +#, no-wrap +msgid "session limits" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10456 +#, no-wrap +msgid "ulimit" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10457 +#, no-wrap +msgid "priority" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10458 +#, no-wrap +msgid "realtime" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10459 +#, no-wrap +msgid "jackd" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10460 +#, no-wrap +msgid "{Scheme Procedure} pam-limits-service [#:limits @code{'()}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10467 +msgid "" +"Return a service that installs a configuration file for the @uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html, " +"@code{pam_limits} module}. The procedure optionally takes a list of @code{pam-limits-entry} values, which can be used to specify " +"@code{ulimit} limits and nice priority limits to user sessions." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10470 +msgid "The following limits definition sets two hard and soft limits for all login sessions of users in the @code{realtime} group:" +msgstr "" + +#. type: example +#: doc/guix.texi:10476 +#, no-wrap +msgid "" +"(pam-limits-service\n" +" (list\n" +" (pam-limits-entry \"@@realtime\" 'both 'rtprio 99)\n" +" (pam-limits-entry \"@@realtime\" 'both 'memlock 'unlimited)))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10482 +msgid "" +"The first entry increases the maximum realtime priority for non-privileged processes; the second entry lifts any restriction of the " +"maximum address space that can be locked in memory. These settings are commonly used for real-time audio systems." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10487 +#, no-wrap +msgid "cron" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10488 +#, no-wrap +msgid "mcron" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10489 +#, no-wrap +msgid "scheduling jobs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10496 +msgid "" +"The @code{(gnu services mcron)} module provides an interface to GNU@tie{}mcron, a daemon to run jobs at scheduled times " +"(@pxref{Top,,, mcron, GNU@tie{}mcron}). GNU@tie{}mcron is similar to the traditional Unix @command{cron} daemon; the main " +"difference is that it is implemented in Guile Scheme, which provides a lot of flexibility when specifying the scheduling of jobs and " +"their actions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10504 +msgid "" +"The example below defines an operating system that runs the @command{updatedb} (@pxref{Invoking updatedb,,, find, Finding Files}) " +"and the @command{guix gc} commands (@pxref{Invoking guix gc}) daily, as well as the @command{mkid} command on behalf of an " +"unprivileged user (@pxref{mkid invocation,,, idutils, ID Database Utilities}). It uses gexps to introduce job definitions that are " +"passed to mcron (@pxref{G-Expressions})." +msgstr "" + +#. type: lisp +#: doc/guix.texi:10508 +#, no-wrap +msgid "" +"(use-modules (guix) (gnu) (gnu services mcron))\n" +"(use-package-modules base idutils)\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10517 +#, no-wrap +msgid "" +"(define updatedb-job\n" +" ;; Run 'updatedb' at 3AM every day. Here we write the\n" +" ;; job's action as a Scheme procedure.\n" +" #~(job '(next-hour '(3))\n" +" (lambda ()\n" +" (execl (string-append #$findutils \"/bin/updatedb\")\n" +" \"updatedb\"\n" +" \"--prunepaths=/tmp /var/tmp /gnu/store\"))))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10523 +#, no-wrap +msgid "" +"(define garbage-collector-job\n" +" ;; Collect garbage 5 minutes after midnight every day.\n" +" ;; The job's action is a shell command.\n" +" #~(job \"5 0 * * *\" ;Vixie cron syntax\n" +" \"guix gc -F 1G\"))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10530 +#, no-wrap +msgid "" +"(define idutils-job\n" +" ;; Update the index database as user \"charlie\" at 12:15PM\n" +" ;; and 19:15PM. This runs from the user's home directory.\n" +" #~(job '(next-minute-from (next-hour '(12 19)) '(15))\n" +" (string-append #$idutils \"/bin/mkid src\")\n" +" #:user \"charlie\"))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10537 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (services (cons (mcron-service (list garbage-collector-job\n" +" updatedb-job\n" +" idutils-job))\n" +" %base-services)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10542 +msgid "" +"@xref{Guile Syntax, mcron job specifications,, mcron, GNU@tie{}mcron}, for more information on mcron job specifications. Below is " +"the reference of the mcron service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10543 +#, no-wrap +msgid "{Scheme Procedure} mcron-service @var{jobs} [#:mcron @var{mcron}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10546 +msgid "Return an mcron service running @var{mcron} that schedules @var{jobs}, a list of gexps denoting mcron job specifications." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10548 +msgid "This is a shorthand for:" +msgstr "" + +#. type: example +#: doc/guix.texi:10551 +#, no-wrap +msgid "" +"(service mcron-service-type\n" +" (mcron-configuration (mcron mcron) (jobs jobs)))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10554 +#, no-wrap +msgid "{Scheme Variable} mcron-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10557 +msgid "This is the type of the @code{mcron} service, whose value is an @code{mcron-configuration} object." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10562 +msgid "" +"This service type can be the target of a service extension that provides it additional job specifications (@pxref{Service " +"Composition}). In other words, it is possible to define services that provide additional mcron jobs to run." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10564 +#, no-wrap +msgid "{Data Type} mcron-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10566 +msgid "Data type representing the configuration of mcron." +msgstr "" + +#. type: item +#: doc/guix.texi:10568 +#, no-wrap +msgid "@code{mcron} (default: @var{mcron})" +msgstr "" + +#. type: table +#: doc/guix.texi:10570 +msgid "The mcron package to use." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10571 doc/guix.texi:10630 +#, no-wrap +msgid "jobs" +msgstr "" + +#. type: table +#: doc/guix.texi:10575 +msgid "" +"This is a list of gexps (@pxref{G-Expressions}), where each gexp corresponds to an mcron job specification (@pxref{Syntax, mcron job " +"specifications,, mcron, GNU@tie{}mcron})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10582 +#, no-wrap +msgid "rottlog" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10583 +#, no-wrap +msgid "log rotation" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10590 +msgid "" +"Log files such as those found in @file{/var/log} tend to grow endlessly, so it's a good idea to @dfn{rotate} them once in a while---" +"i.e., archive their contents in separate files, possibly compressed. The @code{(gnu services admin)} module provides an interface " +"to GNU@tie{}Rot[t]log, a log rotation tool (@pxref{Top,,, rottlog, GNU Rot[t]log Manual})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10593 +msgid "" +"The example below defines an operating system that provides log rotation with the default settings, for commonly encountered log " +"files." +msgstr "" + +#. type: lisp +#: doc/guix.texi:10598 +#, no-wrap +msgid "" +"(use-modules (guix) (gnu))\n" +"(use-service-modules admin mcron)\n" +"(use-package-modules base idutils)\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10603 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (services (cons (service rottlog-service-type)\n" +" %base-services)))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10605 +#, no-wrap +msgid "{Scheme Variable} rottlog-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10608 +msgid "This is the type of the Rottlog service, whose value is a @code{rottlog-configuration} object." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10611 +msgid "" +"Other services can extend this one with new @code{log-rotation} objects (see below), thereby augmenting the set of files to be " +"rotated." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10614 +msgid "This service type can define mcron jobs (@pxref{Scheduled Job Execution}) to run the rottlog service." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10616 +#, no-wrap +msgid "{Data Type} rottlog-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10618 +msgid "Data type representing the configuration of rottlog." +msgstr "" + +#. type: item +#: doc/guix.texi:10620 +#, no-wrap +msgid "@code{rottlog} (default: @code{rottlog})" +msgstr "" + +#. type: table +#: doc/guix.texi:10622 +msgid "The Rottlog package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10623 +#, no-wrap +msgid "@code{rc-file} (default: @code{(file-append rottlog \"/etc/rc\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10626 +msgid "The Rottlog configuration file to use (@pxref{Mandatory RC Variables,,, rottlog, GNU Rot[t]log Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:10627 +#, no-wrap +msgid "@code{rotations} (default: @code{%default-rotations})" +msgstr "" + +#. type: table +#: doc/guix.texi:10629 +msgid "A list of @code{log-rotation} objects as defined below." +msgstr "" + +#. type: table +#: doc/guix.texi:10633 +msgid "This is a list of gexps where each gexp corresponds to an mcron job specification (@pxref{Scheduled Job Execution})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10636 +#, no-wrap +msgid "{Data Type} log-rotation" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10638 +msgid "Data type representing the rotation of a group of log files." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10642 +msgid "" +"Taking an example from the Rottlog manual (@pxref{Period Related File Examples,,, rottlog, GNU Rot[t]log Manual}), a log rotation " +"might be defined like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:10651 +#, no-wrap +msgid "" +"(log-rotation\n" +" (frequency 'daily)\n" +" (files '(\"/var/log/apache/*\"))\n" +" (options '(\"storedir apache-archives\"\n" +" \"rotate 6\"\n" +" \"notifempty\"\n" +" \"nocompress\")))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10654 +msgid "The list of fields is as follows:" +msgstr "" + +#. type: item +#: doc/guix.texi:10656 +#, no-wrap +msgid "@code{frequency} (default: @code{'weekly})" +msgstr "" + +#. type: table +#: doc/guix.texi:10658 +msgid "The log rotation frequency, a symbol." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10659 +#, no-wrap +msgid "files" +msgstr "" + +#. type: table +#: doc/guix.texi:10661 +msgid "The list of files or file glob patterns to rotate." +msgstr "" + +#. type: item +#: doc/guix.texi:10662 +#, no-wrap +msgid "@code{options} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10665 +msgid "The list of rottlog options for this rotation (@pxref{Configuration parameters,,, rottlog, GNU Rot[t]lg Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:10666 +#, no-wrap +msgid "@code{post-rotate} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10668 +msgid "Either @code{#f} or a gexp to execute once the rotation has completed." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10671 +#, no-wrap +msgid "{Scheme Variable} %default-rotations" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10674 +msgid "Specifies weekly rotation of @var{%rotated-files} and a couple of other files." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10676 +#, no-wrap +msgid "{Scheme Variable} %rotated-files" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10679 +msgid "The list of syslog-controlled files to be rotated. By default it is: @code{'(\"/var/log/messages\" \"/var/log/secure\")}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:10686 +msgid "The @code{(gnu services networking)} module provides services to configure the network interface." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10687 +#, no-wrap +msgid "DHCP, networking service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10688 +#, no-wrap +msgid "{Scheme Procedure} dhcp-client-service [#:dhcp @var{isc-dhcp}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10691 +msgid "" +"Return a service that runs @var{dhcp}, a Dynamic Host Configuration Protocol (DHCP) client, on all the non-loopback network " +"interfaces." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10693 +#, no-wrap +msgid "{Scheme Variable} static-networking-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10696 +msgid "This is the type for statically-configured network interfaces." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10698 +#, no-wrap +msgid "{Scheme Procedure} static-networking-service @var{interface} @var{ip} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10706 +msgid "" +"[#:netmask #f] [#:gateway #f] [#:name-servers @code{'()}] [#:requirement @code{'(udev)}] Return a service that starts " +"@var{interface} with address @var{ip}. If @var{netmask} is true, use it as the network mask. If @var{gateway} is true, it must be " +"a string specifying the default network gateway. @var{requirement} can be used to declare a dependency on another service before " +"configuring the interface." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10711 +msgid "" +"This procedure can be called several times, one for each network interface of interest. Behind the scenes what it does is extend " +"@code{static-networking-service-type} with additional network interfaces to handle." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10713 +#, no-wrap +msgid "wicd" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10716 +#, no-wrap +msgid "network management" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10717 +#, no-wrap +msgid "{Scheme Procedure} wicd-service [#:wicd @var{wicd}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10720 +msgid "" +"Return a service that runs @url{https://launchpad.net/wicd,Wicd}, a network management daemon that aims to simplify wired and " +"wireless networking." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10725 +msgid "" +"This service adds the @var{wicd} package to the global profile, providing several commands to interact with the daemon and configure " +"networking: @command{wicd-client}, a graphical user interface, and the @command{wicd-cli} and @command{wicd-curses} user interfaces." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10727 +#, no-wrap +msgid "NetworkManager" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10729 +#, no-wrap +msgid "{Scheme Variable} network-manager-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10734 +msgid "" +"This is the service type for the @uref{https://wiki.gnome.org/Projects/NetworkManager, NetworkManager} service. The value for this " +"service type is a @code{network-manager-configuration} record." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10737 +msgid "This service is part of @code{%desktop-services} (@pxref{Desktop Services})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10739 +#, no-wrap +msgid "{Data Type} network-manager-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10741 +msgid "Data type representing the configuration of NetworkManager." +msgstr "" + +#. type: item +#: doc/guix.texi:10743 +#, no-wrap +msgid "@code{network-manager} (default: @code{network-manager})" +msgstr "" + +#. type: table +#: doc/guix.texi:10745 +msgid "The NetworkManager package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10746 +#, no-wrap +msgid "@code{dns} (default: @code{\"default\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10749 +msgid "Processing mode for DNS, which affects how NetworkManager uses the @code{resolv.conf} configuration file." +msgstr "" + +#. type: item +#: doc/guix.texi:10751 +#, no-wrap +msgid "default" +msgstr "" + +#. type: table +#: doc/guix.texi:10754 +msgid "NetworkManager will update @code{resolv.conf} to reflect the nameservers provided by currently active connections." +msgstr "" + +#. type: item +#: doc/guix.texi:10755 +#, no-wrap +msgid "dnsmasq" +msgstr "" + +#. type: table +#: doc/guix.texi:10759 +msgid "" +"NetworkManager will run @code{dnsmasq} as a local caching nameserver, using a \"split DNS\" configuration if you are connected to a " +"VPN, and then update @code{resolv.conf} to point to the local nameserver." +msgstr "" + +#. type: item +#: doc/guix.texi:10760 doc/guix.texi:11746 +#, no-wrap +msgid "none" +msgstr "" + +#. type: table +#: doc/guix.texi:10762 +msgid "NetworkManager will not modify @code{resolv.conf}." +msgstr "" + +#. type: item +#: doc/guix.texi:10764 +#, no-wrap +msgid "@code{vpn-plugins} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10768 +msgid "" +"This is the list of available plugins for virtual private networks (VPNs). An example of this is the @code{network-manager-openvpn} " +"package, which allows NetworkManager to manage VPNs @i{via} OpenVPN." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10772 +#, no-wrap +msgid "Connman" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10773 +#, no-wrap +msgid "{Scheme Variable} connman-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10776 +msgid "This is the service type to run @url{https://01.org/connman,Connman}, a network connection manager." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10779 +msgid "Its value must be an @code{connman-configuration} record as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:10784 +#, no-wrap +msgid "" +"(service connman-service-type\n" +" (connman-configuration\n" +" (disable-vpn? #t)))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10787 +msgid "See below for details about @code{connman-configuration}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10789 +#, no-wrap +msgid "{Data Type} connman-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10791 +msgid "Data Type representing the configuration of connman." +msgstr "" + +#. type: item +#: doc/guix.texi:10793 +#, no-wrap +msgid "@code{connman} (default: @var{connman})" +msgstr "" + +#. type: table +#: doc/guix.texi:10795 +msgid "The connman package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10796 +#, no-wrap +msgid "@code{disable-vpn?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10798 +msgid "When true, enable connman's vpn plugin." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10801 +#, no-wrap +msgid "WPA Supplicant" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10802 +#, no-wrap +msgid "{Scheme Variable} wpa-supplicant-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10807 +msgid "" +"This is the service type to run @url{https://w1.fi/wpa_supplicant/,WPA supplicant}, an authentication daemon required to " +"authenticate against encrypted WiFi or ethernet networks. It is configured to listen for requests on D-Bus." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10810 +msgid "The value of this service is the @code{wpa-supplicant} package to use. Thus, it can be instantiated like this:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10813 +#, no-wrap +msgid "" +"(use-modules (gnu services networking))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:10815 +#, no-wrap +msgid "(service wpa-supplicant-service-type)\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10818 +#, no-wrap +msgid "NTP" +msgstr "" + +#. type: cindex +#: doc/guix.texi:10819 +#, no-wrap +msgid "real time clock" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10820 +#, no-wrap +msgid "{Scheme Procedure} ntp-service [#:ntp @var{ntp}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10828 +msgid "" +"[#:servers @var{%ntp-servers}] @ [#:allow-large-adjustment? #f] Return a service that runs the daemon from @var{ntp}, the " +"@uref{http://www.ntp.org, Network Time Protocol package}. The daemon will keep the system clock synchronized with that of " +"@var{servers}. @var{allow-large-adjustment?} determines whether @command{ntpd} is allowed to make an initial adjustment of more " +"than 1,000 seconds." +msgstr "" + +#. type: defvr +#: doc/guix.texi:10830 +#, no-wrap +msgid "{Scheme Variable} %ntp-servers" +msgstr "" + +#. type: defvr +#: doc/guix.texi:10832 +msgid "List of host names used as the default NTP servers." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10834 +#, no-wrap +msgid "OpenNTPD" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10835 +#, no-wrap +msgid "{Scheme Procedure} openntpd-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10839 +msgid "" +"Run the @command{ntpd}, the Network Time Protocol (NTP) daemon, as implemented by @uref{http://www.openntpd.org, OpenNTPD}. The " +"daemon will keep the system clock synchronized with that of the given servers." +msgstr "" + +#. type: example +#: doc/guix.texi:10849 +#, no-wrap +msgid "" +"(service\n" +" openntpd-service-type\n" +" (openntpd-configuration\n" +" (listen-on '(\"127.0.0.1\" \"::1\"))\n" +" (sensor '(\"udcf0 correction 70000\"))\n" +" (constraint-from '(\"www.gnu.org\"))\n" +" (constraints-from '(\"https://www.google.com/\"))\n" +" (allow-large-adjustment? #t)))\n" +"\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10853 +#, no-wrap +msgid "{Data Type} openntpd-configuration" +msgstr "" + +#. type: item +#: doc/guix.texi:10855 +#, no-wrap +msgid "@code{openntpd} (default: @code{(file-append openntpd \"/sbin/ntpd\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10857 +msgid "The openntpd executable to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10857 +#, no-wrap +msgid "@code{listen-on} (default: @code{'(\"127.0.0.1\" \"::1\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10859 +msgid "A list of local IP addresses or hostnames the ntpd daemon should listen on." +msgstr "" + +#. type: item +#: doc/guix.texi:10859 +#, no-wrap +msgid "@code{query-from} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10861 +msgid "A list of local IP address the ntpd daemon should use for outgoing queries." +msgstr "" + +#. type: item +#: doc/guix.texi:10861 +#, no-wrap +msgid "@code{sensor} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10866 +msgid "" +"Specify a list of timedelta sensor devices ntpd should use. @code{ntpd} will listen to each sensor that acutally exists and ignore " +"non-existant ones. See @uref{https://man.openbsd.org/ntpd.conf, upstream documentation} for more information." +msgstr "" + +#. type: item +#: doc/guix.texi:10866 +#, no-wrap +msgid "@code{server} (default: @var{%ntp-servers})" +msgstr "" + +#. type: table +#: doc/guix.texi:10868 +msgid "Specify a list of IP addresses or hostnames of NTP servers to synchronize to." +msgstr "" + +#. type: item +#: doc/guix.texi:10868 +#, no-wrap +msgid "@code{servers} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10870 +msgid "Specify a list of IP addresses or hostnames of NTP pools to synchronize to." +msgstr "" + +#. type: item +#: doc/guix.texi:10870 +#, no-wrap +msgid "@code{constraint-from} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10877 +msgid "" +"@code{ntpd} can be configured to query the ‘Date’ from trusted HTTPS servers via TLS. This time information is not used for " +"precision but acts as an authenticated constraint, thereby reducing the impact of unauthenticated NTP man-in-the-middle attacks. " +"Specify a list of URLs, IP addresses or hostnames of HTTPS servers to provide a constraint." +msgstr "" + +#. type: item +#: doc/guix.texi:10877 +#, no-wrap +msgid "@code{constraints-from} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10881 +msgid "" +"As with constraint from, specify a list of URLs, IP addresses or hostnames of HTTPS servers to provide a constraint. Should the " +"hostname resolve to multiple IP addresses, @code{ntpd} will calculate a median constraint from all of them." +msgstr "" + +#. type: item +#: doc/guix.texi:10881 +#, no-wrap +msgid "@code{allow-large-adjustment?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10884 +msgid "Determines if @code{ntpd} is allowed to make an initial adjustment of more than 180 seconds." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10887 +#, no-wrap +msgid "inetd" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10888 +#, no-wrap +msgid "{Scheme variable} inetd-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10893 +msgid "" +"This service runs the @command{inetd} (@pxref{inetd invocation,,, inetutils, GNU Inetutils}) daemon. @command{inetd} listens for " +"connections on internet sockets, and lazily starts the specified server program when a connection is made on one of these sockets." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10899 +msgid "" +"The value of this service is an @code{inetd-configuration} object. The following example configures the @command{inetd} daemon to " +"provide the built-in @command{echo} service, as well as an smtp service which forwards smtp traffic over ssh to a server @code{smtp-" +"server} behind a gateway @code{hostname}:" +msgstr "" + +#. type: example +#: doc/guix.texi:10922 +#, no-wrap +msgid "" +"(service\n" +" inetd-service-type\n" +" (inetd-configuration\n" +" (entries (list\n" +" (inetd-entry\n" +" (name \"echo\")\n" +" (socket-type 'stream)\n" +" (protocol \"tcp\")\n" +" (wait? #f)\n" +" (user \"root\"))\n" +" (inetd-entry\n" +" (node \"127.0.0.1\")\n" +" (name \"smtp\")\n" +" (socket-type 'stream)\n" +" (protocol \"tcp\")\n" +" (wait? #f)\n" +" (user \"root\")\n" +" (program (file-append openssh \"/bin/ssh\"))\n" +" (arguments\n" +" '(\"ssh\" \"-qT\" \"-i\" \"/path/to/ssh_key\"\n" +" \"-W\" \"smtp-server:25\" \"user@@hostname\")))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10925 +msgid "See below for more details about @code{inetd-configuration}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10927 +#, no-wrap +msgid "{Data Type} inetd-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10929 +msgid "Data type representing the configuration of @command{inetd}." +msgstr "" + +#. type: item +#: doc/guix.texi:10931 +#, no-wrap +msgid "@code{program} (default: @code{(file-append inetutils \"/libexec/inetd\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:10933 +msgid "The @command{inetd} executable to use." +msgstr "" + +#. type: item +#: doc/guix.texi:10934 doc/guix.texi:16191 +#, no-wrap +msgid "@code{entries} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:10937 +msgid "A list of @command{inetd} service entries. Each entry should be created by the @code{inetd-entry} constructor." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10940 +#, no-wrap +msgid "{Data Type} inetd-entry" +msgstr "" + +#. type: deftp +#: doc/guix.texi:10944 +msgid "" +"Data type representing an entry in the @command{inetd} configuration. Each entry corresponds to a socket where @command{inetd} will " +"listen for requests." +msgstr "" + +#. type: item +#: doc/guix.texi:10946 +#, no-wrap +msgid "@code{node} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:10951 +msgid "" +"Optional string, a comma-separated list of local addresses @command{inetd} should use when listening for this service. " +"@xref{Configuration file,,, inetutils, GNU Inetutils} for a complete description of all options." +msgstr "" + +#. type: table +#: doc/guix.texi:10953 +msgid "A string, the name must correspond to an entry in @code{/etc/services}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10953 +#, no-wrap +msgid "socket-type" +msgstr "" + +#. type: table +#: doc/guix.texi:10956 +msgid "One of @code{'stream}, @code{'dgram}, @code{'raw}, @code{'rdm} or @code{'seqpacket}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:10956 +#, no-wrap +msgid "protocol" +msgstr "" + +#. type: table +#: doc/guix.texi:10958 +msgid "A string, must correspond to an entry in @code{/etc/protocols}." +msgstr "" + +#. type: item +#: doc/guix.texi:10958 +#, no-wrap +msgid "@code{wait?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:10961 +msgid "Whether @command{inetd} should wait for the server to exit before listening to new service requests." +msgstr "" + +#. type: table +#: doc/guix.texi:10966 +msgid "" +"A string containing the user (and, optionally, group) name of the user as whom the server should run. The group name can be " +"specified in a suffix, separated by a colon or period, i.e. @code{\"user\"}, @code{\"user:group\"} or @code{\"user.group\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:10966 +#, no-wrap +msgid "@code{program} (default: @code{\"internal\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:10969 +msgid "The server program which will serve the requests, or @code{\"internal\"} if @command{inetd} should use a built-in service." +msgstr "" + +#. type: table +#: doc/guix.texi:10974 +msgid "" +"A list strings or file-like objects, which are the server program's arguments, starting with the zeroth argument, i.e. the name of " +"the program itself. For @command{inetd}'s internal services, this entry must be @code{'()} or @code{'(\"internal\")}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:10978 +msgid "@xref{Configuration file,,, inetutils, GNU Inetutils} for a more detailed discussion of each configuration field." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10980 +#, no-wrap +msgid "Tor" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10981 +#, no-wrap +msgid "{Scheme Procedure} tor-service [@var{config-file}] [#:tor @var{tor}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10984 +msgid "Return a service to run the @uref{https://torproject.org, Tor} anonymous networking daemon." +msgstr "" + +#. type: deffn +#: doc/guix.texi:10989 +msgid "" +"The daemon runs as the @code{tor} unprivileged user. It is passed @var{config-file}, a file-like object, with an additional " +"@code{User tor} line and lines for hidden services added via @code{tor-hidden-service}. Run @command{man tor} for information about " +"the configuration file." +msgstr "" + +#. type: cindex +#: doc/guix.texi:10991 +#, no-wrap +msgid "hidden service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10992 +#, no-wrap +msgid "{Scheme Procedure} tor-hidden-service @var{name} @var{mapping}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:10995 +msgid "" +"Define a new Tor @dfn{hidden service} called @var{name} and implementing @var{mapping}. @var{mapping} is a list of port/host " +"tuples, such as:" +msgstr "" + +#. type: example +#: doc/guix.texi:10999 +#, no-wrap +msgid "" +" '((22 \"127.0.0.1:22\")\n" +" (80 \"127.0.0.1:8080\"))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11003 +msgid "In this example, port 22 of the hidden service is mapped to local port 22, and port 80 is mapped to local port 8080." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11007 +msgid "" +"This creates a @file{/var/lib/tor/hidden-services/@var{name}} directory, where the @file{hostname} file contains the @code{.onion} " +"host name for the hidden service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11010 +msgid "See @uref{https://www.torproject.org/docs/tor-hidden-service.html.en, the Tor project's documentation} for more information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11013 +msgid "The @code{(gnu services rsync)} module provides the following services:" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11017 +msgid "" +"You might want an rsync daemon if you have files that you want available so anyone (or just yourself) can download existing files or " +"upload new files." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11018 +#, no-wrap +msgid "{Scheme Variable} rsync-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11021 +msgid "" +"This is the type for the @uref{https://rsync.samba.org, rsync} rsync daemon, @command{rsync-configuration} record as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:11024 +#, no-wrap +msgid "(service rsync-service-type)\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11027 +msgid "See below for details about @code{rsync-configuration}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:11029 +#, no-wrap +msgid "{Data Type} rsync-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11031 +msgid "Data type representing the configuration for @code{rsync-service}." +msgstr "" + +#. type: item +#: doc/guix.texi:11033 +#, no-wrap +msgid "@code{package} (default: @var{rsync})" +msgstr "" + +#. type: table +#: doc/guix.texi:11035 +msgid "@code{rsync} package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:11036 +#, no-wrap +msgid "@code{port-number} (default: @code{873})" +msgstr "" + +#. type: table +#: doc/guix.texi:11040 +msgid "" +"TCP port on which @command{rsync} listens for incoming connections. If port is less than @code{1024} @command{rsync} needs to be " +"started as the @code{root} user and group." +msgstr "" + +#. type: item +#: doc/guix.texi:11041 +#, no-wrap +msgid "@code{pid-file} (default: @code{\"/var/run/rsyncd/rsyncd.pid\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11043 +msgid "Name of the file where @command{rsync} writes its PID." +msgstr "" + +#. type: item +#: doc/guix.texi:11044 +#, no-wrap +msgid "@code{lock-file} (default: @code{\"/var/run/rsyncd/rsyncd.lock\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11046 +msgid "Name of the file where @command{rsync} writes its lock file." +msgstr "" + +#. type: item +#: doc/guix.texi:11047 +#, no-wrap +msgid "@code{log-file} (default: @code{\"/var/log/rsyncd.log\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11049 +msgid "Name of the file where @command{rsync} writes its log file." +msgstr "" + +#. type: item +#: doc/guix.texi:11050 +#, no-wrap +msgid "@code{use-chroot?} (default: @var{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11052 +msgid "Whether to use chroot for @command{rsync} shared directory." +msgstr "" + +#. type: item +#: doc/guix.texi:11053 +#, no-wrap +msgid "@code{share-path} (default: @file{/srv/rsync})" +msgstr "" + +#. type: table +#: doc/guix.texi:11055 +msgid "Location of the @command{rsync} shared directory." +msgstr "" + +#. type: item +#: doc/guix.texi:11056 +#, no-wrap +msgid "@code{share-comment} (default: @code{\"Rsync share\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11058 +msgid "Comment of the @command{rsync} shared directory." +msgstr "" + +#. type: item +#: doc/guix.texi:11059 +#, no-wrap +msgid "@code{read-only?} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11061 +msgid "Read-write permissions to shared directory." +msgstr "" + +#. type: item +#: doc/guix.texi:11062 +#, no-wrap +msgid "@code{timeout} (default: @code{300})" +msgstr "" + +#. type: table +#: doc/guix.texi:11064 +msgid "I/O timeout in seconds." +msgstr "" + +#. type: item +#: doc/guix.texi:11065 +#, no-wrap +msgid "@code{user} (default: @var{\"root\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11067 +msgid "Owner of the @code{rsync} process." +msgstr "" + +#. type: item +#: doc/guix.texi:11068 +#, no-wrap +msgid "@code{group} (default: @var{\"root\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11070 +msgid "Group of the @code{rsync} process." +msgstr "" + +#. type: item +#: doc/guix.texi:11071 +#, no-wrap +msgid "@code{uid} (default: @var{\"rsyncd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11074 +msgid "User name or user ID that file transfers to and from that module should take place as when the daemon was run as @code{root}." +msgstr "" + +#. type: item +#: doc/guix.texi:11075 +#, no-wrap +msgid "@code{gid} (default: @var{\"rsyncd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11077 +msgid "Group name or group ID that will be used when accessing the module." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11082 +msgid "Furthermore, @code{(gnu services ssh)} provides the following services." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11082 doc/guix.texi:11121 doc/guix.texi:20729 +#, no-wrap +msgid "SSH" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11083 doc/guix.texi:11122 doc/guix.texi:20730 +#, no-wrap +msgid "SSH server" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11085 +#, no-wrap +msgid "{Scheme Procedure} lsh-service [#:host-key \"/etc/lsh/host-key\"] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11094 +msgid "" +"[#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @ [#:allow-empty-passwords? #f] [#:root-login? #f] @ [#:syslog-output? #t] [#:" +"x11-forwarding? #t] @ [#:tcp/ip-forwarding? #t] [#:password-authentication? #t] @ [#:public-key-authentication? #t] [#:initialize? " +"#t] Run the @command{lshd} program from @var{lsh} to listen on port @var{port-number}. @var{host-key} must designate a file " +"containing the host key, and readable only by root." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11100 +msgid "" +"When @var{daemonic?} is true, @command{lshd} will detach from the controlling terminal and log its output to syslogd, unless one " +"sets @var{syslog-output?} to false. Obviously, it also makes lsh-service depend on existence of syslogd service. When @var{pid-" +"file?} is true, @command{lshd} writes its PID to the file called @var{pid-file}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11104 +msgid "" +"When @var{initialize?} is true, automatically create the seed and host key upon service activation if they do not exist yet. This " +"may take long and require interaction." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11109 +msgid "" +"When @var{initialize?} is false, it is up to the user to initialize the randomness generator (@pxref{lsh-make-seed,,, lsh, LSH " +"Manual}), and to create a key pair with the private key stored in file @var{host-key} (@pxref{lshd basics,,, lsh, LSH Manual})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11113 +msgid "" +"When @var{interfaces} is empty, lshd listens for connections on all the network interfaces; otherwise, @var{interfaces} must be a " +"list of host names or addresses." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11117 +msgid "" +"@var{allow-empty-passwords?} specifies whether to accept log-ins with empty passwords, and @var{root-login?} specifies whether to " +"accept log-ins as root." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11119 +msgid "The other options should be self-descriptive." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11123 +#, no-wrap +msgid "{Scheme Variable} openssh-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11127 +msgid "" +"This is the type for the @uref{http://www.openssh.org, OpenSSH} secure shell daemon, @command{sshd}. Its value must be an " +"@code{openssh-configuration} record as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:11136 +#, no-wrap +msgid "" +"(service openssh-service-type\n" +" (openssh-configuration\n" +" (x11-forwarding? #t)\n" +" (permit-root-login 'without-password)\n" +" (authorized-keys\n" +" `((\"alice\" ,(local-file \"alice.pub\"))\n" +" (\"bob\" ,(local-file \"bob.pub\"))))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11139 +msgid "See below for details about @code{openssh-configuration}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11142 +msgid "This service can be extended with extra authorized keys, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:11147 +#, no-wrap +msgid "" +"(service-extension openssh-service-type\n" +" (const `((\"charlie\"\n" +" ,(local-file \"charlie.pub\")))))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11150 +#, no-wrap +msgid "{Data Type} openssh-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11152 +msgid "This is the configuration record for OpenSSH's @command{sshd}." +msgstr "" + +#. type: item +#: doc/guix.texi:11154 +#, no-wrap +msgid "@code{pid-file} (default: @code{\"/var/run/sshd.pid\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11156 +msgid "Name of the file where @command{sshd} writes its PID." +msgstr "" + +#. type: item +#: doc/guix.texi:11157 +#, no-wrap +msgid "@code{port-number} (default: @code{22})" +msgstr "" + +#. type: table +#: doc/guix.texi:11159 +msgid "TCP port on which @command{sshd} listens for incoming connections." +msgstr "" + +#. type: item +#: doc/guix.texi:11160 +#, no-wrap +msgid "@code{permit-root-login} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11165 +msgid "" +"This field determines whether and when to allow logins as root. If @code{#f}, root logins are disallowed; if @code{#t}, they are " +"allowed. If it's the symbol @code{'without-password}, then root logins are permitted but not with password-based authentication." +msgstr "" + +#. type: item +#: doc/guix.texi:11166 doc/guix.texi:11299 +#, no-wrap +msgid "@code{allow-empty-passwords?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11169 +msgid "When true, users with empty passwords may log in. When false, they may not." +msgstr "" + +#. type: item +#: doc/guix.texi:11170 doc/guix.texi:11302 +#, no-wrap +msgid "@code{password-authentication?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11173 +msgid "When true, users may log in with their password. When false, they have other authentication methods." +msgstr "" + +#. type: item +#: doc/guix.texi:11174 +#, no-wrap +msgid "@code{public-key-authentication?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11177 +msgid "When true, users may log in using public key authentication. When false, users have to use other authentication method." +msgstr "" + +#. type: table +#: doc/guix.texi:11180 +msgid "Authorized public keys are stored in @file{~/.ssh/authorized_keys}. This is used only by protocol version 2." +msgstr "" + +#. type: item +#: doc/guix.texi:11181 +#, no-wrap +msgid "@code{x11-forwarding?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11185 +msgid "" +"When true, forwarding of X11 graphical client connections is enabled---in other words, @command{ssh} options @option{-X} and " +"@option{-Y} will work." +msgstr "" + +#. type: item +#: doc/guix.texi:11186 +#, no-wrap +msgid "@code{challenge-response-authentication?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11189 +msgid "Specifies whether challenge response authentication is allowed (e.g. via PAM)." +msgstr "" + +#. type: item +#: doc/guix.texi:11190 +#, no-wrap +msgid "@code{use-pam?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11196 +msgid "" +"Enables the Pluggable Authentication Module interface. If set to @code{#t}, this will enable PAM authentication using " +"@code{challenge-response-authentication?} and @code{password-authentication?}, in addition to PAM account and session module " +"processing for all authentication types." +msgstr "" + +#. type: table +#: doc/guix.texi:11201 +msgid "" +"Because PAM challenge response authentication usually serves an equivalent role to password authentication, you should disable " +"either @code{challenge-response-authentication?} or @code{password-authentication?}." +msgstr "" + +#. type: item +#: doc/guix.texi:11202 +#, no-wrap +msgid "@code{print-last-log?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11205 +msgid "Specifies whether @command{sshd} should print the date and time of the last user login when a user logs in interactively." +msgstr "" + +#. type: item +#: doc/guix.texi:11206 +#, no-wrap +msgid "@code{subsystems} (default: @code{'((\"sftp\" \"internal-sftp\"))})" +msgstr "" + +#. type: table +#: doc/guix.texi:11208 +msgid "Configures external subsystems (e.g. file transfer daemon)." +msgstr "" + +#. type: table +#: doc/guix.texi:11212 +msgid "" +"This is a list of two-element lists, each of which containing the subsystem name and a command (with optional arguments) to execute " +"upon subsystem request." +msgstr "" + +#. type: table +#: doc/guix.texi:11215 +msgid "" +"The command @command{internal-sftp} implements an in-process SFTP server. Alternately, one can specify the @command{sftp-server} " +"command:" +msgstr "" + +#. type: example +#: doc/guix.texi:11220 +#, no-wrap +msgid "" +"(service openssh-service-type\n" +" (openssh-configuration\n" +" (subsystems\n" +" `((\"sftp\" ,(file-append openssh \"/libexec/sftp-server\"))))))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:11222 +#, no-wrap +msgid "@code{accepted-environment} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:11224 +msgid "List of strings describing which environment variables may be exported." +msgstr "" + +#. type: table +#: doc/guix.texi:11227 +msgid "Each string gets on its own line. See the @code{AcceptEnv} option in @code{man sshd_config}." +msgstr "" + +#. type: table +#: doc/guix.texi:11232 +msgid "" +"This example allows ssh-clients to export the @code{COLORTERM} variable. It is set by terminal emulators, which support colors. " +"You can use it in your shell's ressource file to enable colors for the prompt and commands if this variable is set." +msgstr "" + +#. type: example +#: doc/guix.texi:11237 +#, no-wrap +msgid "" +"(service openssh-service-type\n" +" (openssh-configuration\n" +" (accepted-environment '(\"COLORTERM\"))))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:11239 +#, no-wrap +msgid "@code{authorized-keys} (default: @code{'()})" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11240 +#, no-wrap +msgid "authorized keys, SSH" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11241 +#, no-wrap +msgid "SSH authorized keys" +msgstr "" + +#. type: table +#: doc/guix.texi:11245 +msgid "" +"This is the list of authorized keys. Each element of the list is a user name followed by one or more file-like objects that " +"represent SSH public keys. For example:" +msgstr "" + +#. type: example +#: doc/guix.texi:11252 +#, no-wrap +msgid "" +"(openssh-configuration\n" +" (authorized-keys\n" +" `((\"rekado\" ,(local-file \"rekado.pub\"))\n" +" (\"chris\" ,(local-file \"chris.pub\"))\n" +" (\"root\" ,(local-file \"rekado.pub\") ,(local-file \"chris.pub\")))))\n" +msgstr "" + +#. type: table +#: doc/guix.texi:11257 +msgid "registers the specified public keys for user accounts @code{rekado}, @code{chris}, and @code{root}." +msgstr "" + +#. type: table +#: doc/guix.texi:11260 +msgid "Additional authorized keys can be specified @i{via} @code{service-extension}." +msgstr "" + +#. type: table +#: doc/guix.texi:11263 +msgid "Note that this does @emph{not} interfere with the use of @file{~/.ssh/authorized_keys}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11266 +#, no-wrap +msgid "{Scheme Procedure} dropbear-service [@var{config}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11270 +msgid "" +"Run the @uref{https://matt.ucc.asn.au/dropbear/dropbear.html,Dropbear SSH daemon} with the given @var{config}, a @code{} object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11273 +msgid "" +"For example, to specify a Dropbear service listening on port 1234, add this call to the operating system's @code{services} field:" +msgstr "" + +#. type: example +#: doc/guix.texi:11277 +#, no-wrap +msgid "" +"(dropbear-service (dropbear-configuration\n" +" (port-number 1234)))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11280 +#, no-wrap +msgid "{Data Type} dropbear-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11282 +msgid "This data type represents the configuration of a Dropbear SSH daemon." +msgstr "" + +#. type: item +#: doc/guix.texi:11284 +#, no-wrap +msgid "@code{dropbear} (default: @var{dropbear})" +msgstr "" + +#. type: table +#: doc/guix.texi:11286 +msgid "The Dropbear package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:11287 +#, no-wrap +msgid "@code{port-number} (default: 22)" +msgstr "" + +#. type: table +#: doc/guix.texi:11289 +msgid "The TCP port where the daemon waits for incoming connections." +msgstr "" + +#. type: item +#: doc/guix.texi:11290 +#, no-wrap +msgid "@code{syslog-output?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:11292 +msgid "Whether to enable syslog output." +msgstr "" + +#. type: item +#: doc/guix.texi:11293 +#, no-wrap +msgid "@code{pid-file} (default: @code{\"/var/run/dropbear.pid\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11295 +msgid "File name of the daemon's PID file." +msgstr "" + +#. type: item +#: doc/guix.texi:11296 +#, no-wrap +msgid "@code{root-login?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11298 +msgid "Whether to allow @code{root} logins." +msgstr "" + +#. type: table +#: doc/guix.texi:11301 +msgid "Whether to allow empty passwords." +msgstr "" + +#. type: table +#: doc/guix.texi:11304 +msgid "Whether to enable password-based authentication." +msgstr "" + +#. type: defvr +#: doc/guix.texi:11307 +#, no-wrap +msgid "{Scheme Variable} %facebook-host-aliases" +msgstr "" + +#. type: defvr +#: doc/guix.texi:11313 +msgid "" +"This variable contains a string for use in @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each " +"line contains a entry that maps a known server name of the Facebook on-line service---e.g., @code{www.facebook.com}---to the local " +"host---@code{127.0.0.1} or its IPv6 equivalent, @code{::1}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:11317 +msgid "" +"This variable is typically used in the @code{hosts-file} field of an @code{operating-system} declaration (@pxref{operating-system " +"Reference, @file{/etc/hosts}}):" +msgstr "" + +#. type: example +#: doc/guix.texi:11320 +#, no-wrap +msgid "" +"(use-modules (gnu) (guix))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:11330 +#, no-wrap +msgid "" +"(operating-system\n" +" (host-name \"mymachine\")\n" +" ;; ...\n" +" (hosts-file\n" +" ;; Create a /etc/hosts file with aliases for \"localhost\"\n" +" ;; and \"mymachine\", as well as for Facebook servers.\n" +" (plain-file \"hosts\"\n" +" (string-append (local-host-aliases host-name)\n" +" %facebook-host-aliases))))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:11334 +msgid "This mechanism can prevent programs running locally, such as Web browsers, from accessing Facebook." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11337 +msgid "The @code{(gnu services avahi)} provides the following definition." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11338 +#, no-wrap +msgid "{Scheme Procedure} avahi-service [#:avahi @var{avahi}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11350 +msgid "" +"[#:host-name #f] [#:publish? #t] [#:ipv4? #t] @ [#:ipv6? #t] [#:wide-area? #f] @ [#:domains-to-browse '()] [#:debug? #f] Return a " +"service that runs @command{avahi-daemon}, a system-wide mDNS/DNS-SD responder that allows for service discovery and \"zero-" +"configuration\" host name lookups (see @uref{http://avahi.org/}), and extends the name service cache daemon (nscd) so that it can " +"resolve @code{.local} host names using @uref{http://0pointer.de/lennart/projects/nss-mdns/, nss-mdns}. Additionally, add the " +"@var{avahi} package to the system profile so that commands such as @command{avahi-browse} are directly usable." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11353 +msgid "" +"If @var{host-name} is different from @code{#f}, use that as the host name to publish for this machine; otherwise, use the machine's " +"actual host name." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11357 +msgid "" +"When @var{publish?} is true, publishing of host names and services is allowed; in particular, avahi-daemon will publish the " +"machine's host name and IP address via mDNS on the local network." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11359 +msgid "When @var{wide-area?} is true, DNS-SD over unicast DNS is enabled." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11362 +msgid "Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use IPv4/IPv6 sockets." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11364 +#, no-wrap +msgid "{Scheme Variable} openvswitch-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11368 +msgid "" +"This is the type of the @uref{http://www.openvswitch.org, Open vSwitch} service, whose value should be an @code{openvswitch-" +"configuration} object." +msgstr "" + +#. type: deftp +#: doc/guix.texi:11370 +#, no-wrap +msgid "{Data Type} openvswitch-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11374 +msgid "" +"Data type representing the configuration of Open vSwitch, a multilayer virtual switch which is designed to enable massive network " +"automation through programmatic extension." +msgstr "" + +#. type: item +#: doc/guix.texi:11376 +#, no-wrap +msgid "@code{package} (default: @var{openvswitch})" +msgstr "" + +#. type: table +#: doc/guix.texi:11378 +msgid "Package object of the Open vSwitch." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11385 +#, no-wrap +msgid "X11" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11386 +#, no-wrap +msgid "X Window System" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11387 doc/guix.texi:11564 +#, no-wrap +msgid "login manager" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11392 +msgid "" +"Support for the X Window graphical display system---specifically Xorg---is provided by the @code{(gnu services xorg)} module. Note " +"that there is no @code{xorg-service} procedure. Instead, the X server is started by the @dfn{login manager}, by default SLiM." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11393 +#, no-wrap +msgid "window manager" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11398 +msgid "" +"To use X11, you must install at least one @dfn{window manager}---for example the @code{windowmaker} or @code{openbox} packages---" +"preferably by adding it to the @code{packages} field of your operating system definition (@pxref{operating-system Reference, system-" +"wide packages})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:11399 +#, no-wrap +msgid "{Scheme Variable} slim-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:11401 +msgid "This is the type for the SLiM graphical login manager for X11." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11402 +#, no-wrap +msgid "session types (X11)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:11403 +#, no-wrap +msgid "X11 session types" +msgstr "" + +#. type: defvr +#: doc/guix.texi:11410 +msgid "" +"SLiM looks for @dfn{session types} described by the @file{.desktop} files in @file{/run/current-system/profile/share/xsessions} and " +"allows users to choose a session from the log-in screen using @kbd{F1}. Packages such as @code{xfce}, @code{sawfish}, and " +"@code{ratpoison} provide @file{.desktop} files; adding them to the system-wide set of packages automatically makes them available at " +"the log-in screen." +msgstr "" + +#. type: defvr +#: doc/guix.texi:11414 +msgid "" +"In addition, @file{~/.xsession} files are honored. When available, @file{~/.xsession} must be an executable that starts a window " +"manager and/or other X clients." +msgstr "" + +#. type: deftp +#: doc/guix.texi:11416 +#, no-wrap +msgid "{Data Type} slim-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11418 +msgid "Data type representing the configuration of @code{slim-service-type}." +msgstr "" + +#. type: table +#: doc/guix.texi:11422 +msgid "Whether to allow logins with empty passwords." +msgstr "" + +#. type: item +#: doc/guix.texi:11423 +#, no-wrap +msgid "@code{auto-login?} (default: @code{#f})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:11424 +#, no-wrap +msgid "@code{default-user} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:11426 +msgid "When @code{auto-login?} is false, SLiM presents a log-in screen." +msgstr "" + +#. type: table +#: doc/guix.texi:11429 +msgid "When @code{auto-login?} is true, SLiM logs in directly as @code{default-user}." +msgstr "" + +#. type: item +#: doc/guix.texi:11430 +#, no-wrap +msgid "@code{theme} (default: @code{%default-slim-theme})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:11431 +#, no-wrap +msgid "@code{theme-name} (default: @code{%default-slim-theme-name})" +msgstr "" + +#. type: table +#: doc/guix.texi:11433 +msgid "The graphical theme to use and its name." +msgstr "" + +#. type: item +#: doc/guix.texi:11434 +#, no-wrap +msgid "@code{auto-login-session} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:11437 +msgid "" +"If true, this must be the name of the executable to start as the default session---e.g., @code{(file-append windowmaker \"/bin/" +"windowmaker\")}." +msgstr "" + +#. type: table +#: doc/guix.texi:11441 +msgid "" +"If false, a session described by one of the available @file{.desktop} files in @code{/run/current-system/profile} and @code{~/.guix-" +"profile} will be used." +msgstr "" + +#. type: quotation +#: doc/guix.texi:11446 +msgid "" +"You must install at least one window manager in the system profile or in your user profile. Failing to do that, if @code{auto-login-" +"session} is false, you will be unable to log in." +msgstr "" + +#. type: item +#: doc/guix.texi:11448 +#, no-wrap +msgid "@code{startx} (default: @code{(xorg-start-command)})" +msgstr "" + +#. type: table +#: doc/guix.texi:11450 +msgid "The command used to start the X11 graphical server." +msgstr "" + +#. type: item +#: doc/guix.texi:11451 +#, no-wrap +msgid "@code{xauth} (default: @code{xauth})" +msgstr "" + +#. type: table +#: doc/guix.texi:11453 +msgid "The XAuth package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:11454 +#, no-wrap +msgid "@code{shepherd} (default: @code{shepherd})" +msgstr "" + +#. type: table +#: doc/guix.texi:11457 +msgid "The Shepherd package used when invoking @command{halt} and @command{reboot}." +msgstr "" + +#. type: item +#: doc/guix.texi:11458 +#, no-wrap +msgid "@code{sessreg} (default: @code{sessreg})" +msgstr "" + +#. type: table +#: doc/guix.texi:11460 +msgid "The sessreg package used in order to register the session." +msgstr "" + +#. type: item +#: doc/guix.texi:11461 +#, no-wrap +msgid "@code{slim} (default: @code{slim})" +msgstr "" + +#. type: table +#: doc/guix.texi:11463 +msgid "The SLiM package to use." +msgstr "" + +#. type: defvr +#: doc/guix.texi:11466 doc/guix.texi:20226 +#, no-wrap +msgid "{Scheme Variable} %default-theme" +msgstr "" + +#. type: defvrx +#: doc/guix.texi:11467 +#, no-wrap +msgid "{Scheme Variable} %default-theme-name" +msgstr "" + +#. type: defvr +#: doc/guix.texi:11469 +msgid "The default SLiM theme and its name." +msgstr "" + +#. type: deftp +#: doc/guix.texi:11472 +#, no-wrap +msgid "{Data Type} sddm-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:11474 +msgid "This is the data type representing the sddm service configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:11476 +#, no-wrap +msgid "@code{display-server} (default: \"x11\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11479 +msgid "Select display server to use for the greeter. Valid values are \"x11\" or \"wayland\"." +msgstr "" + +#. type: item +#: doc/guix.texi:11480 +#, no-wrap +msgid "@code{numlock} (default: \"on\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11482 +msgid "Valid values are \"on\", \"off\" or \"none\"." +msgstr "" + +#. type: item +#: doc/guix.texi:11483 +#, no-wrap +msgid "@code{halt-command} (default @code{#~(string-apppend #$shepherd \"/sbin/halt\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11485 +msgid "Command to run when halting." +msgstr "" + +#. type: item +#: doc/guix.texi:11486 +#, no-wrap +msgid "@code{reboot-command} (default @code{#~(string-append #$shepherd \"/sbin/reboot\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11488 +msgid "Command to run when rebooting." +msgstr "" + +#. type: item +#: doc/guix.texi:11489 +#, no-wrap +msgid "@code{theme} (default \"maldives\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11491 +msgid "Theme to use. Default themes provided by SDDM are \"elarun\" or \"maldives\"." +msgstr "" + +#. type: item +#: doc/guix.texi:11492 +#, no-wrap +msgid "@code{themes-directory} (default \"/run/current-system/profile/share/sddm/themes\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11494 +msgid "Directory to look for themes." +msgstr "" + +#. type: item +#: doc/guix.texi:11495 +#, no-wrap +msgid "@code{faces-directory} (default \"/run/current-system/profile/share/sddm/faces\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11497 +msgid "Directory to look for faces." +msgstr "" + +#. type: item +#: doc/guix.texi:11498 +#, no-wrap +msgid "@code{default-path} (default \"/run/current-system/profile/bin\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11500 +msgid "Default PATH to use." +msgstr "" + +#. type: item +#: doc/guix.texi:11501 +#, no-wrap +msgid "@code{minimum-uid} (default 1000)" +msgstr "" + +#. type: table +#: doc/guix.texi:11503 +msgid "Minimum UID to display in SDDM." +msgstr "" + +#. type: item +#: doc/guix.texi:11504 +#, no-wrap +msgid "@code{maximum-uid} (default 2000)" +msgstr "" + +#. type: table +#: doc/guix.texi:11506 +msgid "Maximum UID to display in SDDM" +msgstr "" + +#. type: item +#: doc/guix.texi:11507 +#, no-wrap +msgid "@code{remember-last-user?} (default #t)" +msgstr "" + +#. type: table +#: doc/guix.texi:11509 +msgid "Remember last user." +msgstr "" + +#. type: item +#: doc/guix.texi:11510 +#, no-wrap +msgid "@code{remember-last-session?} (default #t)" +msgstr "" + +#. type: table +#: doc/guix.texi:11512 +msgid "Remember last session." +msgstr "" + +#. type: item +#: doc/guix.texi:11513 +#, no-wrap +msgid "@code{hide-users} (default \"\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11515 +msgid "Usernames to hide from SDDM greeter." +msgstr "" + +#. type: item +#: doc/guix.texi:11516 +#, no-wrap +msgid "@code{hide-shells} (default @code{#~(string-append #$shadow \"/sbin/nologin\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11518 +msgid "Users with shells listed will be hidden from the SDDM greeter." +msgstr "" + +#. type: item +#: doc/guix.texi:11519 +#, no-wrap +msgid "@code{session-command} (default @code{#~(string-append #$sddm \"/share/sddm/scripts/wayland-session\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11521 +msgid "Script to run before starting a wayland session." +msgstr "" + +#. type: item +#: doc/guix.texi:11522 +#, no-wrap +msgid "@code{sessions-directory} (default \"/run/current-system/profile/share/wayland-sessions\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11524 +msgid "Directory to look for desktop files starting wayland sessions." +msgstr "" + +#. type: item +#: doc/guix.texi:11525 +#, no-wrap +msgid "@code{xorg-server-path} (default @code{xorg-start-command})" +msgstr "" + +#. type: table +#: doc/guix.texi:11527 +msgid "Path to xorg-server." +msgstr "" + +#. type: item +#: doc/guix.texi:11528 +#, no-wrap +msgid "@code{xauth-path} (default @code{#~(string-append #$xauth \"/bin/xauth\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11530 +msgid "Path to xauth." +msgstr "" + +#. type: item +#: doc/guix.texi:11531 +#, no-wrap +msgid "@code{xephyr-path} (default @code{#~(string-append #$xorg-server \"/bin/Xephyr\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11533 +msgid "Path to Xephyr." +msgstr "" + +#. type: item +#: doc/guix.texi:11534 +#, no-wrap +msgid "@code{xdisplay-start} (default @code{#~(string-append #$sddm \"/share/sddm/scripts/Xsetup\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11536 +msgid "Script to run after starting xorg-server." +msgstr "" + +#. type: item +#: doc/guix.texi:11537 +#, no-wrap +msgid "@code{xdisplay-stop} (default @code{#~(string-append #$sddm \"/share/sddm/scripts/Xstop\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:11539 +msgid "Script to run before stopping xorg-server." +msgstr "" + +#. type: item +#: doc/guix.texi:11540 +#, no-wrap +msgid "@code{xsession-command} (default: @code{xinitr })" +msgstr "" + +#. type: table +#: doc/guix.texi:11542 +msgid "Script to run before starting a X session." +msgstr "" + +#. type: item +#: doc/guix.texi:11543 +#, no-wrap +msgid "@code{xsessions-directory} (default: \"/run/current-system/profile/share/xsessions\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11545 +msgid "Directory to look for desktop files starting X sessions." +msgstr "" + +#. type: item +#: doc/guix.texi:11546 +#, no-wrap +msgid "@code{minimum-vt} (default: 7)" +msgstr "" + +#. type: table +#: doc/guix.texi:11548 +msgid "Minimum VT to use." +msgstr "" + +#. type: item +#: doc/guix.texi:11549 +#, no-wrap +msgid "@code{xserver-arguments} (default \"-nolisten tcp\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11551 +msgid "Arguments to pass to xorg-server." +msgstr "" + +#. type: item +#: doc/guix.texi:11552 +#, no-wrap +msgid "@code{auto-login-user} (default \"\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11554 +msgid "User to use for auto-login." +msgstr "" + +#. type: item +#: doc/guix.texi:11555 +#, no-wrap +msgid "@code{auto-login-session} (default \"\")" +msgstr "" + +#. type: table +#: doc/guix.texi:11557 +msgid "Desktop file to use for auto-login." +msgstr "" + +#. type: item +#: doc/guix.texi:11558 +#, no-wrap +msgid "@code{relogin?} (default #f)" +msgstr "" + +#. type: table +#: doc/guix.texi:11560 +msgid "Relogin after logout." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11565 +#, no-wrap +msgid "X11 login" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11566 +#, no-wrap +msgid "{Scheme Procedure} sddm-service config" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11569 +msgid "Return a service that spawns the SDDM graphical login manager for config of type @code{}." +msgstr "" + +#. type: example +#: doc/guix.texi:11574 +#, no-wrap +msgid "" +" (sddm-service (sddm-configuration\n" +" (auto-login-user \"Alice\")\n" +" (auto-login-session \"xfce.desktop\")))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11577 +#, no-wrap +msgid "{Scheme Procedure} xorg-start-command [#:guile] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11586 +msgid "" +"[#:modules %default-xorg-modules] @ [#:fonts %default-xorg-fonts] @ [#:configuration-file (xorg-configuration-file @dots{})] @ [#:" +"xorg-server @var{xorg-server}] Return a @code{startx} script in which @var{modules}, a list of X module packages, and @var{fonts}, a " +"list of X font directories, are available. See @code{xorg-wrapper} for more details on the arguments. The result should be used in " +"place of @code{startx}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11588 +msgid "Usually the X server is started by a login manager." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11590 +#, no-wrap +msgid "{Scheme Procedure} xorg-configuration-file @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11596 +msgid "" +"[#:modules %default-xorg-modules] @ [#:fonts %default-xorg-fonts] @ [#:drivers '()] [#:resolutions '()] [#:extra-config '()] Return " +"a configuration file for the Xorg server containing search paths for all the common drivers." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11601 +msgid "" +"@var{modules} must be a list of @dfn{module packages} loaded by the Xorg server---e.g., @code{xf86-video-vesa}, @code{xf86-input-" +"keyboard}, and so on. @var{fonts} must be a list of font directories to add to the server's @dfn{font path}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11605 +msgid "" +"@var{drivers} must be either the empty list, in which case Xorg chooses a graphics driver automatically, or a list of driver names " +"that will be tried in this order---e.g., @code{(\"modesetting\" \"vesa\")}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11609 +msgid "" +"Likewise, when @var{resolutions} is the empty list, Xorg chooses an appropriate screen resolution; otherwise, it must be a list of " +"resolutions---e.g., @code{((1024 768) (640 480))}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11613 +msgid "" +"Last, @var{extra-config} is a list of strings or objects appended to the configuration file. It is used to pass extra text to be " +"added verbatim to the configuration file." +msgstr "" + +#. type: deffn +#: doc/guix.texi:11615 +#, no-wrap +msgid "{Scheme Procedure} screen-locker-service @var{package} [@var{program}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11619 +msgid "" +"Add @var{package}, a package for a screen locker or screen saver whose command is @var{program}, to the set of setuid programs and " +"add a PAM entry for it. For example:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:11622 +#, no-wrap +msgid "(screen-locker-service xlockmore \"xlock\")\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11625 +msgid "makes the good ol' XlockMore usable." +msgstr "" + +#. type: cindex +#: doc/guix.texi:11631 +#, no-wrap +msgid "printer support with CUPS" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11635 +msgid "" +"The @code{(gnu services cups)} module provides a Guix service definition for the CUPS printing service. To add printer support to a " +"GuixSD system, add a @code{cups-service} to the operating system definition:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11636 +#, no-wrap +msgid "{Scheme Variable} cups-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:11640 +msgid "" +"The service type for the CUPS print server. Its value should be a valid CUPS configuration (see below). To use the default " +"settings, simply write:" +msgstr "" + +#. type: example +#: doc/guix.texi:11642 +#, no-wrap +msgid "(service cups-service-type)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11652 +msgid "" +"The CUPS configuration controls the basic things about your CUPS installation: what interfaces it listens on, what to do if a print " +"job fails, how much logging to do, and so on. To actually add a printer, you have to visit the @url{http://localhost:631} URL, or " +"use a tool such as GNOME's printer configuration services. By default, configuring a CUPS service will generate a self-signed " +"certificate if needed, for secure connections to the print server." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11657 +msgid "" +"Suppose you want to enable the Web interface of CUPS and also add support for Epson printers @i{via} the @code{escpr} package and " +"for HP printers @i{via} the @code{hplip} package. You can do that directly, like this (you need to use the @code{(gnu packages " +"cups)} module):" +msgstr "" + +#. type: example +#: doc/guix.texi:11664 +#, no-wrap +msgid "" +"(service cups-service-type\n" +" (cups-configuration\n" +" (web-interface? #t)\n" +" (extensions\n" +" (list cups-filters escpr hplip))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11672 +msgid "" +"The available configuration parameters follow. Each parameter definition is preceded by its type; for example, @samp{string-list " +"foo} indicates that the @code{foo} parameter should be specified as a list of strings. There is also a way to specify the " +"configuration as a string, if you have an old @code{cupsd.conf} file that you want to port over from some other system; see the end " +"for more details." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:11683 +msgid "Available @code{cups-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11684 +#, no-wrap +msgid "{@code{cups-configuration} parameter} package cups" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11686 doc/guix.texi:12443 +msgid "The CUPS package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11688 +#, no-wrap +msgid "{@code{cups-configuration} parameter} package-list extensions" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11690 +msgid "Drivers and other extensions to the CUPS package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11692 +#, no-wrap +msgid "{@code{cups-configuration} parameter} files-configuration files-configuration" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11695 +msgid "" +"Configuration of where to write logs, what directories to use for print spools, and related privileged configuration parameters." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11697 +msgid "Available @code{files-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11698 +#, no-wrap +msgid "{@code{files-configuration} parameter} log-location access-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11706 +msgid "" +"Defines the access log filename. Specifying a blank filename disables access log generation. The value @code{stderr} causes log " +"entries to be sent to the standard error file when the scheduler is running in the foreground, or to the system log daemon when run " +"in the background. The value @code{syslog} causes log entries to be sent to the system log daemon. The server name may be included " +"in filenames using the string @code{%s}, as in @code{/var/log/cups/%s-access_log}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11708 +msgid "Defaults to @samp{\"/var/log/cups/access_log\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11710 +#, no-wrap +msgid "{@code{files-configuration} parameter} file-name cache-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11712 +msgid "Where CUPS should cache data." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11714 +msgid "Defaults to @samp{\"/var/cache/cups\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11716 +#, no-wrap +msgid "{@code{files-configuration} parameter} string config-file-perm" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11719 +msgid "Specifies the permissions for all configuration files that the scheduler writes." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11725 +msgid "" +"Note that the permissions for the printers.conf file are currently masked to only allow access from the scheduler user (typically " +"root). This is done because printer device URIs sometimes contain sensitive authentication information that should not be generally " +"known on the system. There is no way to disable this security feature." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11727 +msgid "Defaults to @samp{\"0640\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11729 +#, no-wrap +msgid "{@code{files-configuration} parameter} log-location error-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11737 +msgid "" +"Defines the error log filename. Specifying a blank filename disables access log generation. The value @code{stderr} causes log " +"entries to be sent to the standard error file when the scheduler is running in the foreground, or to the system log daemon when run " +"in the background. The value @code{syslog} causes log entries to be sent to the system log daemon. The server name may be included " +"in filenames using the string @code{%s}, as in @code{/var/log/cups/%s-error_log}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11739 +msgid "Defaults to @samp{\"/var/log/cups/error_log\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11741 +#, no-wrap +msgid "{@code{files-configuration} parameter} string fatal-errors" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11744 +msgid "Specifies which errors are fatal, causing the scheduler to exit. The kind strings are:" +msgstr "" + +#. type: table +#: doc/guix.texi:11748 +msgid "No errors are fatal." +msgstr "" + +#. type: table +#: doc/guix.texi:11751 +msgid "All of the errors below are fatal." +msgstr "" + +#. type: item +#: doc/guix.texi:11752 +#, no-wrap +msgid "browse" +msgstr "" + +#. type: table +#: doc/guix.texi:11755 +msgid "Browsing initialization errors are fatal, for example failed connections to the DNS-SD daemon." +msgstr "" + +#. type: item +#: doc/guix.texi:11756 +#, no-wrap +msgid "config" +msgstr "" + +#. type: table +#: doc/guix.texi:11758 +msgid "Configuration file syntax errors are fatal." +msgstr "" + +#. type: item +#: doc/guix.texi:11759 +#, no-wrap +msgid "listen" +msgstr "" + +#. type: table +#: doc/guix.texi:11762 +msgid "Listen or Port errors are fatal, except for IPv6 failures on the loopback or @code{any} addresses." +msgstr "" + +#. type: item +#: doc/guix.texi:11763 +#, no-wrap +msgid "log" +msgstr "" + +#. type: table +#: doc/guix.texi:11765 +msgid "Log file creation or write errors are fatal." +msgstr "" + +#. type: item +#: doc/guix.texi:11766 +#, no-wrap +msgid "permissions" +msgstr "" + +#. type: table +#: doc/guix.texi:11769 +msgid "Bad startup file permissions are fatal, for example shared TLS certificate and key files with world-read permissions." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11772 +msgid "Defaults to @samp{\"all -browse\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11774 +#, no-wrap +msgid "{@code{files-configuration} parameter} boolean file-device?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11777 +msgid "" +"Specifies whether the file pseudo-device can be used for new printer queues. The URI @uref{file:///dev/null} is always allowed." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11779 doc/guix.texi:11849 doc/guix.texi:11885 doc/guix.texi:11897 doc/guix.texi:11903 doc/guix.texi:11919 +#: doc/guix.texi:12007 doc/guix.texi:12101 doc/guix.texi:12417 doc/guix.texi:12430 doc/guix.texi:16557 doc/guix.texi:16571 +#: doc/guix.texi:16693 doc/guix.texi:16714 doc/guix.texi:16735 doc/guix.texi:16742 doc/guix.texi:16787 doc/guix.texi:16794 +#: doc/guix.texi:17197 doc/guix.texi:17211 doc/guix.texi:17383 doc/guix.texi:17428 doc/guix.texi:17515 doc/guix.texi:17644 +#: doc/guix.texi:17677 doc/guix.texi:17817 doc/guix.texi:17828 doc/guix.texi:18078 doc/guix.texi:18717 doc/guix.texi:18726 +#: doc/guix.texi:18734 doc/guix.texi:18742 doc/guix.texi:18758 doc/guix.texi:18774 doc/guix.texi:18782 doc/guix.texi:18790 +#: doc/guix.texi:18799 doc/guix.texi:18808 doc/guix.texi:18824 doc/guix.texi:18888 doc/guix.texi:18994 doc/guix.texi:19002 +#: doc/guix.texi:19010 doc/guix.texi:19026 doc/guix.texi:19080 doc/guix.texi:19128 doc/guix.texi:19281 doc/guix.texi:19289 +#: doc/guix.texi:19297 doc/guix.texi:19305 doc/guix.texi:19313 doc/guix.texi:19321 doc/guix.texi:19329 doc/guix.texi:19336 +msgid "Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11781 +#, no-wrap +msgid "{@code{files-configuration} parameter} string group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11784 +msgid "Specifies the group name or ID that will be used when executing external programs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11786 doc/guix.texi:11866 +msgid "Defaults to @samp{\"lp\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11788 +#, no-wrap +msgid "{@code{files-configuration} parameter} string log-file-perm" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11790 +msgid "Specifies the permissions for all log files that the scheduler writes." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11792 +msgid "Defaults to @samp{\"0644\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11794 +#, no-wrap +msgid "{@code{files-configuration} parameter} log-location page-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11802 +msgid "" +"Defines the page log filename. Specifying a blank filename disables access log generation. The value @code{stderr} causes log " +"entries to be sent to the standard error file when the scheduler is running in the foreground, or to the system log daemon when run " +"in the background. The value @code{syslog} causes log entries to be sent to the system log daemon. The server name may be included " +"in filenames using the string @code{%s}, as in @code{/var/log/cups/%s-page_log}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11804 +msgid "Defaults to @samp{\"/var/log/cups/page_log\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11806 +#, no-wrap +msgid "{@code{files-configuration} parameter} string remote-root" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11809 +msgid "" +"Specifies the username that is associated with unauthenticated accesses by clients claiming to be the root user. The default is " +"@code{remroot}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11811 +msgid "Defaults to @samp{\"remroot\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11813 +#, no-wrap +msgid "{@code{files-configuration} parameter} file-name request-root" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11816 +msgid "Specifies the directory that contains print jobs and other HTTP request data." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11818 +msgid "Defaults to @samp{\"/var/spool/cups\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11820 +#, no-wrap +msgid "{@code{files-configuration} parameter} sandboxing sandboxing" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11825 +msgid "" +"Specifies the level of security sandboxing that is applied to print filters, backends, and other child processes of the scheduler; " +"either @code{relaxed} or @code{strict}. This directive is currently only used/supported on macOS." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11827 +msgid "Defaults to @samp{strict}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11829 +#, no-wrap +msgid "{@code{files-configuration} parameter} file-name server-keychain" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11834 +msgid "" +"Specifies the location of TLS certificates and private keys. CUPS will look for public and private keys in this directory: a @code{." +"crt} files for PEM-encoded certificates and corresponding @code{.key} files for PEM-encoded private keys." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11836 +msgid "Defaults to @samp{\"/etc/cups/ssl\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11838 +#, no-wrap +msgid "{@code{files-configuration} parameter} file-name server-root" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11840 +msgid "Specifies the directory containing the server configuration files." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11842 +msgid "Defaults to @samp{\"/etc/cups\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11844 +#, no-wrap +msgid "{@code{files-configuration} parameter} boolean sync-on-close?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11847 +msgid "Specifies whether the scheduler calls fsync(2) after writing configuration or state files." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11851 +#, no-wrap +msgid "{@code{files-configuration} parameter} space-separated-string-list system-group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11853 +msgid "Specifies the group(s) to use for @code{@@SYSTEM} group authentication." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11855 +#, no-wrap +msgid "{@code{files-configuration} parameter} file-name temp-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11857 +msgid "Specifies the directory where temporary files are stored." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11859 +msgid "Defaults to @samp{\"/var/spool/cups/tmp\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11861 +#, no-wrap +msgid "{@code{files-configuration} parameter} string user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11864 +msgid "Specifies the user name or ID that is used when running external programs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11869 +#, no-wrap +msgid "{@code{cups-configuration} parameter} access-log-level access-log-level" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11876 +msgid "" +"Specifies the logging level for the AccessLog file. The @code{config} level logs when printers and classes are added, deleted, or " +"modified and when configuration files are accessed or updated. The @code{actions} level logs when print jobs are submitted, held, " +"released, modified, or canceled, and any of the conditions for @code{config}. The @code{all} level logs all requests." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11878 +msgid "Defaults to @samp{actions}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11880 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean auto-purge-jobs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11883 +msgid "Specifies whether to purge job history data automatically when it is no longer required for quotas." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11887 +#, no-wrap +msgid "{@code{cups-configuration} parameter} browse-local-protocols browse-local-protocols" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11889 +msgid "Specifies which protocols to use for local printer sharing." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11891 +msgid "Defaults to @samp{dnssd}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11893 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean browse-web-if?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11895 +msgid "Specifies whether the CUPS web interface is advertised." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11899 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean browsing?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11901 +msgid "Specifies whether shared printers are advertised." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11905 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string classification" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11910 +msgid "" +"Specifies the security classification of the server. Any valid banner name can be used, including \"classified\", \"confidential\", " +"\"secret\", \"topsecret\", and \"unclassified\", or the banner can be omitted to disable secure printing functions." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11912 doc/guix.texi:12249 doc/guix.texi:13608 doc/guix.texi:13620 doc/guix.texi:17783 doc/guix.texi:17791 +#: doc/guix.texi:17799 doc/guix.texi:17807 doc/guix.texi:18085 doc/guix.texi:18560 doc/guix.texi:18568 doc/guix.texi:18576 +#: doc/guix.texi:18684 doc/guix.texi:18709 doc/guix.texi:18840 doc/guix.texi:18848 doc/guix.texi:18856 doc/guix.texi:18864 +#: doc/guix.texi:18872 doc/guix.texi:18880 doc/guix.texi:18903 doc/guix.texi:18911 doc/guix.texi:18963 doc/guix.texi:18979 +#: doc/guix.texi:18987 doc/guix.texi:19017 doc/guix.texi:19040 doc/guix.texi:19062 doc/guix.texi:19069 doc/guix.texi:19104 +#: doc/guix.texi:19112 doc/guix.texi:19136 doc/guix.texi:19168 doc/guix.texi:19197 doc/guix.texi:19204 doc/guix.texi:19211 +#: doc/guix.texi:19219 doc/guix.texi:19233 doc/guix.texi:19242 doc/guix.texi:19252 doc/guix.texi:19259 doc/guix.texi:19266 +#: doc/guix.texi:19273 doc/guix.texi:19344 doc/guix.texi:19351 doc/guix.texi:19358 doc/guix.texi:19367 doc/guix.texi:19383 +#: doc/guix.texi:19390 doc/guix.texi:19397 doc/guix.texi:19404 doc/guix.texi:19412 doc/guix.texi:19420 +msgid "Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11914 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean classify-override?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11917 +msgid "" +"Specifies whether users may override the classification (cover page) of individual print jobs using the @code{job-sheets} option." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11921 +#, no-wrap +msgid "{@code{cups-configuration} parameter} default-auth-type default-auth-type" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11923 +msgid "Specifies the default type of authentication to use." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11925 +msgid "Defaults to @samp{Basic}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11927 +#, no-wrap +msgid "{@code{cups-configuration} parameter} default-encryption default-encryption" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11929 +msgid "Specifies whether encryption will be used for authenticated requests." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11931 +msgid "Defaults to @samp{Required}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11933 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string default-language" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11935 +msgid "Specifies the default language to use for text and web content." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11937 +msgid "Defaults to @samp{\"en\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11939 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string default-paper-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11944 +msgid "" +"Specifies the default paper size for new print queues. @samp{\"Auto\"} uses a locale-specific default, while @samp{\"None\"} " +"specifies there is no default paper size. Specific size names are typically @samp{\"Letter\"} or @samp{\"A4\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11946 +msgid "Defaults to @samp{\"Auto\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11948 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string default-policy" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11950 +msgid "Specifies the default access policy to use." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11952 +msgid "Defaults to @samp{\"default\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11954 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean default-shared?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11956 +msgid "Specifies whether local printers are shared by default." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11958 doc/guix.texi:12038 doc/guix.texi:12334 doc/guix.texi:16527 doc/guix.texi:16534 doc/guix.texi:16542 +#: doc/guix.texi:16564 doc/guix.texi:16578 doc/guix.texi:16663 doc/guix.texi:16670 doc/guix.texi:16678 doc/guix.texi:17064 +#: doc/guix.texi:17204 doc/guix.texi:17390 doc/guix.texi:17397 doc/guix.texi:17419 doc/guix.texi:17458 doc/guix.texi:17478 +#: doc/guix.texi:17492 doc/guix.texi:17632 doc/guix.texi:18662 doc/guix.texi:18750 doc/guix.texi:18766 doc/guix.texi:18816 +msgid "Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11960 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer dirty-clean-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11964 +msgid "" +"Specifies the delay for updating of configuration and state files, in seconds. A value of 0 causes the update to happen as soon as " +"possible, typically within a few milliseconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11966 doc/guix.texi:12014 doc/guix.texi:12023 doc/guix.texi:12044 doc/guix.texi:12341 +msgid "Defaults to @samp{30}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11968 +#, no-wrap +msgid "{@code{cups-configuration} parameter} error-policy error-policy" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11974 +msgid "" +"Specifies what to do when an error occurs. Possible values are @code{abort-job}, which will discard the failed print job; " +"@code{retry-job}, which will retry the job at a later time; @code{retry-this-job}, which retries the failed job immediately; and " +"@code{stop-printer}, which stops the printer." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11976 +msgid "Defaults to @samp{stop-printer}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11978 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer filter-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11986 +msgid "" +"Specifies the maximum cost of filters that are run concurrently, which can be used to minimize disk, memory, and CPU resource " +"problems. A limit of 0 disables filter limiting. An average print to a non-PostScript printer needs a filter limit of about 200. " +"A PostScript printer needs about half that (100). Setting the limit below these thresholds will effectively limit the scheduler to " +"printing a single job at any time." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11988 doc/guix.texi:11996 doc/guix.texi:12051 doc/guix.texi:12167 doc/guix.texi:12181 doc/guix.texi:12188 +#: doc/guix.texi:13712 doc/guix.texi:13724 doc/guix.texi:17080 doc/guix.texi:17405 doc/guix.texi:18655 doc/guix.texi:18955 +#: doc/guix.texi:19120 +msgid "Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11990 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer filter-nice" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11994 +msgid "" +"Specifies the scheduling priority of filters that are run to print a job. The nice value ranges from 0, the highest priority, to " +"19, the lowest priority." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:11998 +#, no-wrap +msgid "{@code{cups-configuration} parameter} host-name-lookups host-name-lookups" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12005 +msgid "" +"Specifies whether to do reverse lookups on connecting clients. The @code{double} setting causes @code{cupsd} to verify that the " +"hostname resolved from the address matches one of the addresses returned for that hostname. Double lookups also prevent clients " +"with unregistered addresses from connecting to your server. Only set this option to @code{#t} or @code{double} if absolutely " +"required." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12009 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer job-kill-delay" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12012 +msgid "Specifies the number of seconds to wait before killing the filters and backend associated with a canceled or held job." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12016 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer job-retry-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12021 +msgid "" +"Specifies the interval between retries of jobs in seconds. This is typically used for fax queues but can also be used with normal " +"print queues whose error policy is @code{retry-job} or @code{retry-current-job}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12025 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer job-retry-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12030 +msgid "" +"Specifies the number of retries that are done for jobs. This is typically used for fax queues but can also be used with normal " +"print queues whose error policy is @code{retry-job} or @code{retry-current-job}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12032 doc/guix.texi:17884 doc/guix.texi:17904 doc/guix.texi:17920 doc/guix.texi:17934 doc/guix.texi:17941 +#: doc/guix.texi:17948 doc/guix.texi:17955 doc/guix.texi:18114 doc/guix.texi:18130 doc/guix.texi:18137 doc/guix.texi:18144 +#: doc/guix.texi:18155 doc/guix.texi:18607 doc/guix.texi:18615 doc/guix.texi:18623 doc/guix.texi:18647 +msgid "Defaults to @samp{5}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12034 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean keep-alive?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12036 +msgid "Specifies whether to support HTTP keep-alive connections." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12040 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer keep-alive-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12042 +msgid "Specifies how long an idle client connection remains open, in seconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12046 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer limit-request-body" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12049 +msgid "Specifies the maximum size of print files, IPP requests, and HTML form data. A limit of 0 disables the limit check." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12053 +#, no-wrap +msgid "{@code{cups-configuration} parameter} multiline-string-list listen" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12060 +msgid "" +"Listens on the specified interfaces for connections. Valid values are of the form @var{address}:@var{port}, where @var{address} is " +"either an IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to indicate all addresses. Values can also be file names " +"of local UNIX domain sockets. The Listen directive is similar to the Port directive but allows you to restrict access to specific " +"interfaces or networks." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12062 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer listen-back-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12069 +msgid "" +"Specifies the number of pending connections that will be allowed. This normally only affects very busy servers that have reached " +"the MaxClients limit, but can also be triggered by large numbers of simultaneous connections. When the limit is reached, the " +"operating system will refuse additional connections until the scheduler can accept the pending ones." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12071 +msgid "Defaults to @samp{128}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12073 +#, no-wrap +msgid "{@code{cups-configuration} parameter} location-access-control-list location-access-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12075 +msgid "Specifies a set of additional access controls." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12077 +msgid "Available @code{location-access-controls} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12078 +#, no-wrap +msgid "{@code{location-access-controls} parameter} file-name path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12080 +msgid "Specifies the URI path to which the access control applies." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12082 +#, no-wrap +msgid "{@code{location-access-controls} parameter} access-control-list access-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12085 +msgid "" +"Access controls for all access to this path, in the same format as the @code{access-controls} of @code{operation-access-control}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12087 doc/guix.texi:12093 doc/guix.texi:12107 doc/guix.texi:12114 doc/guix.texi:12256 doc/guix.texi:12315 +#: doc/guix.texi:12399 doc/guix.texi:12410 doc/guix.texi:14198 doc/guix.texi:16585 doc/guix.texi:16773 doc/guix.texi:17775 +#: doc/guix.texi:17835 doc/guix.texi:17843 doc/guix.texi:18670 doc/guix.texi:18677 doc/guix.texi:19088 doc/guix.texi:19182 +#: doc/guix.texi:19190 doc/guix.texi:19226 doc/guix.texi:19376 doc/guix.texi:19427 doc/guix.texi:19436 +msgid "Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12089 +#, no-wrap +msgid "{@code{location-access-controls} parameter} method-access-control-list method-access-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12091 +msgid "Access controls for method-specific access to this path." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12095 +msgid "Available @code{method-access-controls} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12096 +#, no-wrap +msgid "{@code{method-access-controls} parameter} boolean reverse?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12099 +msgid "If @code{#t}, apply access controls to all methods except the listed methods. Otherwise apply to only the listed methods." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12103 +#, no-wrap +msgid "{@code{method-access-controls} parameter} method-list methods" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12105 +msgid "Methods to which this access control applies." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12109 +#, no-wrap +msgid "{@code{method-access-controls} parameter} access-control-list access-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12112 +msgid "Access control directives, as a list of strings. Each string should be one directive, such as \"Order allow,deny\"." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12118 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer log-debug-history" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12122 +msgid "" +"Specifies the number of debugging messages that are retained for logging if an error occurs in a print job. Debug messages are " +"logged regardless of the LogLevel setting." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12124 doc/guix.texi:12145 doc/guix.texi:12152 doc/guix.texi:13958 doc/guix.texi:16758 +msgid "Defaults to @samp{100}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12126 +#, no-wrap +msgid "{@code{cups-configuration} parameter} log-level log-level" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12129 +msgid "" +"Specifies the level of logging for the ErrorLog file. The value @code{none} stops all logging while @code{debug2} logs everything." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12131 +msgid "Defaults to @samp{info}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12133 +#, no-wrap +msgid "{@code{cups-configuration} parameter} log-time-format log-time-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12136 +msgid "" +"Specifies the format of the date and time in the log files. The value @code{standard} logs whole seconds while @code{usecs} logs " +"microseconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12138 +msgid "Defaults to @samp{standard}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12140 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12143 +msgid "Specifies the maximum number of simultaneous clients that are allowed by the scheduler." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12147 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-clients-per-host" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12150 +msgid "Specifies the maximum number of simultaneous clients that are allowed from a single address." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12154 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-copies" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12157 +msgid "Specifies the maximum number of copies that a user can print of each job." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12159 +msgid "Defaults to @samp{9999}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12161 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-hold-time" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12165 +msgid "" +"Specifies the maximum time a job may remain in the @code{indefinite} hold state before it is canceled. A value of 0 disables " +"cancellation of held jobs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12169 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-jobs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12172 +msgid "Specifies the maximum number of simultaneous jobs that are allowed. Set to 0 to allow an unlimited number of jobs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12174 +msgid "Defaults to @samp{500}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12176 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-jobs-per-printer" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12179 +msgid "" +"Specifies the maximum number of simultaneous jobs that are allowed per printer. A value of 0 allows up to MaxJobs jobs per printer." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12183 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-jobs-per-user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12186 +msgid "Specifies the maximum number of simultaneous jobs that are allowed per user. A value of 0 allows up to MaxJobs jobs per user." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12190 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-job-time" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12193 +msgid "" +"Specifies the maximum time a job may take to print before it is canceled, in seconds. Set to 0 to disable cancellation of \"stuck\" " +"jobs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12195 +msgid "Defaults to @samp{10800}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12197 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer max-log-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12200 +msgid "Specifies the maximum size of the log files before they are rotated, in bytes. The value 0 disables log rotation." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12202 +msgid "Defaults to @samp{1048576}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12204 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer multiple-operation-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12207 +msgid "Specifies the maximum amount of time to allow between files in a multiple file print job, in seconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12209 doc/guix.texi:12423 +msgid "Defaults to @samp{300}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12211 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string page-log-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12216 +msgid "" +"Specifies the format of PageLog lines. Sequences beginning with percent (@samp{%}) characters are replaced with the corresponding " +"information, while all other characters are copied literally. The following percent sequences are recognized:" +msgstr "" + +#. type: item +#: doc/guix.texi:12218 +#, no-wrap +msgid "%%" +msgstr "" + +#. type: table +#: doc/guix.texi:12220 +msgid "insert a single percent character" +msgstr "" + +#. type: item +#: doc/guix.texi:12221 +#, no-wrap +msgid "%@{name@}" +msgstr "" + +#. type: table +#: doc/guix.texi:12223 +msgid "insert the value of the specified IPP attribute" +msgstr "" + +#. type: item +#: doc/guix.texi:12224 +#, no-wrap +msgid "%C" +msgstr "" + +#. type: table +#: doc/guix.texi:12226 +msgid "insert the number of copies for the current page" +msgstr "" + +#. type: item +#: doc/guix.texi:12227 +#, no-wrap +msgid "%P" +msgstr "" + +#. type: table +#: doc/guix.texi:12229 +msgid "insert the current page number" +msgstr "" + +#. type: item +#: doc/guix.texi:12230 +#, no-wrap +msgid "%T" +msgstr "" + +#. type: table +#: doc/guix.texi:12232 +msgid "insert the current date and time in common log format" +msgstr "" + +#. type: item +#: doc/guix.texi:12233 +#, no-wrap +msgid "%j" +msgstr "" + +#. type: table +#: doc/guix.texi:12235 +msgid "insert the job ID" +msgstr "" + +#. type: item +#: doc/guix.texi:12236 doc/guix.texi:13568 +#, no-wrap +msgid "%p" +msgstr "" + +#. type: table +#: doc/guix.texi:12238 +msgid "insert the printer name" +msgstr "" + +#. type: item +#: doc/guix.texi:12239 doc/guix.texi:13591 +#, no-wrap +msgid "%u" +msgstr "" + +#. type: table +#: doc/guix.texi:12241 +msgid "insert the username" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12247 +msgid "" +"A value of the empty string disables page logging. The string @code{%p %u %j %T %P %C %@{job-billing@} %@{job-originating-host-" +"name@} %@{job-name@} %@{media@} %@{sides@}} creates a page log with the standard items." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12251 +#, no-wrap +msgid "{@code{cups-configuration} parameter} environment-variables environment-variables" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12254 +msgid "Passes the specified environment variable(s) to child processes; a list of strings." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12258 +#, no-wrap +msgid "{@code{cups-configuration} parameter} policy-configuration-list policies" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12260 +msgid "Specifies named access control policies." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12262 +msgid "Available @code{policy-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12263 +#, no-wrap +msgid "{@code{policy-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12265 +msgid "Name of the policy." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12267 +#, no-wrap +msgid "{@code{policy-configuration} parameter} string job-private-access" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12277 +msgid "" +"Specifies an access list for a job's private values. @code{@@ACL} maps to the printer's requesting-user-name-allowed or requesting-" +"user-name-denied values. @code{@@OWNER} maps to the job's owner. @code{@@SYSTEM} maps to the groups listed for the @code{system-" +"group} field of the @code{files-config} configuration, which is reified into the @code{cups-files.conf(5)} file. Other possible " +"elements of the access list include specific user names, and @code{@@@var{group}} to indicate members of a specific group. The " +"access list may also be simply @code{all} or @code{default}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12279 doc/guix.texi:12301 +msgid "Defaults to @samp{\"@@OWNER @@SYSTEM\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12281 +#, no-wrap +msgid "{@code{policy-configuration} parameter} string job-private-values" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12284 doc/guix.texi:12306 +msgid "Specifies the list of job values to make private, or @code{all}, @code{default}, or @code{none}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12287 +msgid "Defaults to @samp{\"job-name job-originating-host-name job-originating-user-name phone\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12289 +#, no-wrap +msgid "{@code{policy-configuration} parameter} string subscription-private-access" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12299 +msgid "" +"Specifies an access list for a subscription's private values. @code{@@ACL} maps to the printer's requesting-user-name-allowed or " +"requesting-user-name-denied values. @code{@@OWNER} maps to the job's owner. @code{@@SYSTEM} maps to the groups listed for the " +"@code{system-group} field of the @code{files-config} configuration, which is reified into the @code{cups-files.conf(5)} file. Other " +"possible elements of the access list include specific user names, and @code{@@@var{group}} to indicate members of a specific group. " +"The access list may also be simply @code{all} or @code{default}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12303 +#, no-wrap +msgid "{@code{policy-configuration} parameter} string subscription-private-values" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12309 +msgid "Defaults to @samp{\"notify-events notify-pull-method notify-recipient-uri notify-subscriber-user-name notify-user-data\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12311 +#, no-wrap +msgid "{@code{policy-configuration} parameter} operation-access-control-list access-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12313 +msgid "Access control by IPP operation." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12318 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-files" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12323 +msgid "" +"Specifies whether job files (documents) are preserved after a job is printed. If a numeric value is specified, job files are " +"preserved for the indicated number of seconds after printing. Otherwise a boolean value applies indefinitely." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12325 +msgid "Defaults to @samp{86400}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12327 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean-or-non-negative-integer preserve-job-history" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12332 +msgid "" +"Specifies whether the job history is preserved after a job is printed. If a numeric value is specified, the job history is " +"preserved for the indicated number of seconds after printing. If @code{#t}, the job history is preserved until the MaxJobs limit is " +"reached." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12336 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer reload-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12339 +msgid "Specifies the amount of time to wait for job completion before restarting the scheduler." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12343 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string rip-cache" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12346 +msgid "Specifies the maximum amount of memory to use when converting documents into bitmaps for a printer." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12348 +msgid "Defaults to @samp{\"128m\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12350 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string server-admin" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12352 +msgid "Specifies the email address of the server administrator." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12354 +msgid "Defaults to @samp{\"root@@localhost.localdomain\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12356 +#, no-wrap +msgid "{@code{cups-configuration} parameter} host-name-list-or-* server-alias" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12364 +msgid "" +"The ServerAlias directive is used for HTTP Host header validation when clients connect to the scheduler from external interfaces. " +"Using the special name @code{*} can expose your system to known browser-based DNS rebinding attacks, even when accessing sites " +"through a firewall. If the auto-discovery of alternate names does not work, we recommend listing each alternate name with a " +"ServerAlias directive instead of using @code{*}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12366 +msgid "Defaults to @samp{*}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12368 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string server-name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12370 +msgid "Specifies the fully-qualified host name of the server." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12372 +msgid "Defaults to @samp{\"localhost\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12374 +#, no-wrap +msgid "{@code{cups-configuration} parameter} server-tokens server-tokens" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12382 +msgid "" +"Specifies what information is included in the Server header of HTTP responses. @code{None} disables the Server header. " +"@code{ProductOnly} reports @code{CUPS}. @code{Major} reports @code{CUPS 2}. @code{Minor} reports @code{CUPS 2.0}. @code{Minimal} " +"reports @code{CUPS 2.0.0}. @code{OS} reports @code{CUPS 2.0.0 (@var{uname})} where @var{uname} is the output of the @code{uname} " +"command. @code{Full} reports @code{CUPS 2.0.0 (@var{uname}) IPP/2.0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12384 +msgid "Defaults to @samp{Minimal}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12386 +#, no-wrap +msgid "{@code{cups-configuration} parameter} string set-env" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12388 +msgid "Set the specified environment variable to be passed to child processes." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12390 +msgid "Defaults to @samp{\"variable value\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12392 +#, no-wrap +msgid "{@code{cups-configuration} parameter} multiline-string-list ssl-listen" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12397 +msgid "" +"Listens on the specified interfaces for encrypted connections. Valid values are of the form @var{address}:@var{port}, where " +"@var{address} is either an IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to indicate all addresses." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12401 +#, no-wrap +msgid "{@code{cups-configuration} parameter} ssl-options ssl-options" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12408 +msgid "" +"Sets encryption options. By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites. The " +"@code{AllowRC4} option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer " +"ones. The @code{AllowSSL3} option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12412 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean strict-conformance?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12415 +msgid "Specifies whether the scheduler requires clients to strictly adhere to the IPP specifications." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12419 +#, no-wrap +msgid "{@code{cups-configuration} parameter} non-negative-integer timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12421 +msgid "Specifies the HTTP request timeout, in seconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12426 +#, no-wrap +msgid "{@code{cups-configuration} parameter} boolean web-interface?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12428 +msgid "Specifies whether the web interface is enabled." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12438 +msgid "" +"At this point you're probably thinking ``oh dear, Guix manual, I like you but you can stop already with the configuration " +"options''. Indeed. However, one more point: it could be that you have an existing @code{cupsd.conf} that you want to use. In that " +"case, you can pass an @code{opaque-cups-configuration} as the configuration of a @code{cups-service-type}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12440 +msgid "Available @code{opaque-cups-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12441 +#, no-wrap +msgid "{@code{opaque-cups-configuration} parameter} package cups" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12445 +#, no-wrap +msgid "{@code{opaque-cups-configuration} parameter} string cupsd.conf" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12447 +msgid "The contents of the @code{cupsd.conf}, as a string." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12449 +#, no-wrap +msgid "{@code{opaque-cups-configuration} parameter} string cups-files.conf" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12451 +msgid "The contents of the @code{cups-files.conf} file, as a string." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12456 +msgid "" +"For example, if your @code{cupsd.conf} and @code{cups-files.conf} are in strings of the same name, you could instantiate a CUPS " +"service like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:12462 +#, no-wrap +msgid "" +"(service cups-service-type\n" +" (opaque-cups-configuration\n" +" (cupsd.conf cupsd.conf)\n" +" (cups-files.conf cups-files.conf)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12473 +msgid "" +"The @code{(gnu services desktop)} module provides services that are usually useful in the context of a ``desktop'' setup---that is, " +"on a machine running a graphical display server, possibly with graphical user interfaces, etc. It also defines services that " +"provide specific desktop environments like GNOME, XFCE or MATE." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12477 +msgid "" +"To simplify things, the module defines a variable containing the set of services that users typically expect on a machine with a " +"graphical environment and networking:" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12478 +#, no-wrap +msgid "{Scheme Variable} %desktop-services" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12481 +msgid "This is a list of services that builds upon @var{%base-services} and adds or adjusts services for a typical ``desktop'' setup." +msgstr "" + +#. type: defvr +#: doc/guix.texi:12491 +msgid "" +"In particular, it adds a graphical login manager (@pxref{X Window, @code{slim-service}}), screen lockers, a network management tool " +"(@pxref{Networking Services, @code{network-manager-service-type}}), energy and color management services, the @code{elogind} login " +"and seat manager, the Polkit privilege service, the GeoClue location service, the AccountsService daemon that allows authorized " +"users change system passwords, an NTP client (@pxref{Networking Services}), the Avahi daemon, and has the name service switch " +"service configured to be able to use @code{nss-mdns} (@pxref{Name Service Switch, mDNS})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12496 +msgid "" +"The @var{%desktop-services} variable can be used as the @code{services} field of an @code{operating-system} declaration " +"(@pxref{operating-system Reference, @code{services}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12516 +msgid "" +"Additionally, the @code{gnome-desktop-service}, @code{xfce-desktop-service} and @code{mate-desktop-service} procedures can add " +"GNOME, XFCE and/or MATE to a system. To ``add GNOME'' means that system-level services like the backlight adjustment helpers and " +"the power management utilities are added to the system, extending @code{polkit} and @code{dbus} appropriately, allowing GNOME to " +"operate with elevated privileges on a limited number of special-purpose system interfaces. Additionally, adding a service made by " +"@code{gnome-desktop-service} adds the GNOME metapackage to the system profile. Likewise, adding the XFCE service not only adds the " +"@code{xfce} metapackage to the system profile, but it also gives the Thunar file manager the ability to open a ``root-mode'' file " +"management window, if the user authenticates using the administrator's password via the standard polkit graphical interface. To " +"``add MATE'' means that @code{polkit} and @code{dbus} are extended appropriately, allowing MATE to operate with elevated privileges " +"on a limited number of special-purpose system interfaces. Additionally, adding a service made by @code{mate-desktop-service} adds " +"the MATE metapackage to the system profile." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12525 +msgid "" +"The desktop environments in Guix use the Xorg display server by default. If you'd like to use the newer display server protocol " +"called Wayland, you need to use the @code{sddm-service} instead of the @code{slim-service} for the graphical login manager. You " +"should then select the ``GNOME (Wayland)'' session in SDDM. Alternatively you can also try starting GNOME on Wayland manually from " +"a TTY with the command ``XDG_SESSION_TYPE=wayland exec dbus-run-session gnome-session``. Currently only GNOME has support for " +"Wayland." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12526 +#, no-wrap +msgid "{Scheme Procedure} gnome-desktop-service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12530 +msgid "" +"Return a service that adds the @code{gnome} package to the system profile, and extends polkit with the actions from @code{gnome-" +"settings-daemon}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12532 +#, no-wrap +msgid "{Scheme Procedure} xfce-desktop-service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12537 +msgid "" +"Return a service that adds the @code{xfce} package to the system profile, and extends polkit with the ability for @code{thunar} to " +"manipulate the file system as root from within a user session, after the user has authenticated with the administrator's password." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12539 +#, no-wrap +msgid "{Scheme Procedure} mate-desktop-service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12543 +msgid "" +"Return a service that adds the @code{mate} package to the system profile, and extends polkit with the actions from @code{mate-" +"settings-daemon}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12550 +msgid "" +"Because the GNOME, XFCE and MATE desktop services pull in so many packages, the default @code{%desktop-services} variable doesn't " +"include either of them by default. To add GNOME, XFCE or MATE, just @code{cons} them onto @code{%desktop-services} in the " +"@code{services} field of your @code{operating-system}:" +msgstr "" + +#. type: example +#: doc/guix.texi:12561 +#, no-wrap +msgid "" +"(use-modules (gnu))\n" +"(use-service-modules desktop)\n" +"(operating-system\n" +" ...\n" +" ;; cons* adds items to the list given as its last argument.\n" +" (services (cons* (gnome-desktop-service)\n" +" (xfce-desktop-service)\n" +" %desktop-services))\n" +" ...)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12565 +msgid "These desktop environments will then be available as options in the graphical login window." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12569 +msgid "" +"The actual service definitions included in @code{%desktop-services} and provided by @code{(gnu services dbus)} and @code{(gnu " +"services desktop)} are described below." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12570 +#, no-wrap +msgid "{Scheme Procedure} dbus-service [#:dbus @var{dbus}] [#:services '()]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12573 +msgid "Return a service that runs the ``system bus'', using @var{dbus}, with support for @var{services}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12577 +msgid "" +"@uref{http://dbus.freedesktop.org/, D-Bus} is an inter-process communication facility. Its system bus is used to allow system " +"services to communicate and to be notified of system-wide events." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12582 +msgid "" +"@var{services} must be a list of packages that provide an @file{etc/dbus-1/system.d} directory containing additional D-Bus " +"configuration and policy files. For example, to allow avahi-daemon to use the system bus, @var{services} must be equal to " +"@code{(list avahi)}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12584 +#, no-wrap +msgid "{Scheme Procedure} elogind-service [#:config @var{config}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12590 +msgid "" +"Return a service that runs the @code{elogind} login and seat management daemon. @uref{https://github.com/elogind/elogind, Elogind} " +"exposes a D-Bus interface that can be used to know which users are logged in, know what kind of sessions they have open, suspend the " +"system, inhibit system suspend, reboot the system, and other tasks." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12594 +msgid "" +"Elogind handles most system-level power events for a computer, for example suspending the system when a lid is closed, or shutting " +"it down when the power button is pressed." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12599 +msgid "" +"The @var{config} keyword argument specifies the configuration for elogind, and should be the result of an @code{(elogind-" +"configuration (@var{parameter} @var{value})...)} invocation. Available parameters and their default values are:" +msgstr "" + +#. type: item +#: doc/guix.texi:12601 +#, no-wrap +msgid "kill-user-processes?" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12603 doc/guix.texi:12621 doc/guix.texi:12623 doc/guix.texi:12625 doc/guix.texi:12637 +msgid "#f" +msgstr "" + +#. type: item +#: doc/guix.texi:12603 +#, no-wrap +msgid "kill-only-users" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12605 doc/guix.texi:12643 +msgid "()" +msgstr "" + +#. type: item +#: doc/guix.texi:12605 +#, no-wrap +msgid "kill-exclude-users" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12607 +msgid "(\"root\")" +msgstr "" + +#. type: item +#: doc/guix.texi:12607 +#, no-wrap +msgid "inhibit-delay-max-seconds" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12609 +msgid "5" +msgstr "" + +#. type: item +#: doc/guix.texi:12609 +#, no-wrap +msgid "handle-power-key" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12611 +msgid "poweroff" +msgstr "" + +#. type: item +#: doc/guix.texi:12611 +#, no-wrap +msgid "handle-suspend-key" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12613 doc/guix.texi:12617 +msgid "suspend" +msgstr "" + +#. type: item +#: doc/guix.texi:12613 +#, no-wrap +msgid "handle-hibernate-key" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12615 +msgid "hibernate" +msgstr "" + +#. type: item +#: doc/guix.texi:12615 +#, no-wrap +msgid "handle-lid-switch" +msgstr "" + +#. type: item +#: doc/guix.texi:12617 +#, no-wrap +msgid "handle-lid-switch-docked" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12619 doc/guix.texi:12631 +msgid "ignore" +msgstr "" + +#. type: item +#: doc/guix.texi:12619 +#, no-wrap +msgid "power-key-ignore-inhibited?" +msgstr "" + +#. type: item +#: doc/guix.texi:12621 +#, no-wrap +msgid "suspend-key-ignore-inhibited?" +msgstr "" + +#. type: item +#: doc/guix.texi:12623 +#, no-wrap +msgid "hibernate-key-ignore-inhibited?" +msgstr "" + +#. type: item +#: doc/guix.texi:12625 +#, no-wrap +msgid "lid-switch-ignore-inhibited?" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12627 doc/guix.texi:12639 +msgid "#t" +msgstr "" + +#. type: item +#: doc/guix.texi:12627 +#, no-wrap +msgid "holdoff-timeout-seconds" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12629 +msgid "30" +msgstr "" + +#. type: item +#: doc/guix.texi:12629 +#, no-wrap +msgid "idle-action" +msgstr "" + +#. type: item +#: doc/guix.texi:12631 +#, no-wrap +msgid "idle-action-seconds" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12633 +msgid "(* 30 60)" +msgstr "" + +#. type: item +#: doc/guix.texi:12633 +#, no-wrap +msgid "runtime-directory-size-percent" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12635 +msgid "10" +msgstr "" + +#. type: item +#: doc/guix.texi:12635 +#, no-wrap +msgid "runtime-directory-size" +msgstr "" + +#. type: item +#: doc/guix.texi:12637 +#, no-wrap +msgid "remove-ipc?" +msgstr "" + +#. type: item +#: doc/guix.texi:12639 +#, no-wrap +msgid "suspend-state" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12641 +msgid "(\"mem\" \"standby\" \"freeze\")" +msgstr "" + +#. type: item +#: doc/guix.texi:12641 +#, no-wrap +msgid "suspend-mode" +msgstr "" + +#. type: item +#: doc/guix.texi:12643 +#, no-wrap +msgid "hibernate-state" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12645 doc/guix.texi:12649 +msgid "(\"disk\")" +msgstr "" + +#. type: item +#: doc/guix.texi:12645 +#, no-wrap +msgid "hibernate-mode" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12647 +msgid "(\"platform\" \"shutdown\")" +msgstr "" + +#. type: item +#: doc/guix.texi:12647 +#, no-wrap +msgid "hybrid-sleep-state" +msgstr "" + +#. type: item +#: doc/guix.texi:12649 +#, no-wrap +msgid "hybrid-sleep-mode" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12651 +msgid "(\"suspend\" \"platform\" \"shutdown\")" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12654 +#, no-wrap +msgid "{Scheme Procedure} accountsservice-service @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12662 +msgid "" +"[#:accountsservice @var{accountsservice}] Return a service that runs AccountsService, a system service that can list available " +"accounts, change their passwords, and so on. AccountsService integrates with PolicyKit to enable unprivileged users to acquire the " +"capability to modify their system configuration. @uref{https://www.freedesktop.org/wiki/Software/AccountsService/, the " +"accountsservice web site} for more information." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12665 +msgid "The @var{accountsservice} keyword argument is the @code{accountsservice} package to expose as a service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12667 +#, no-wrap +msgid "{Scheme Procedure} polkit-service @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12676 +msgid "" +"[#:polkit @var{polkit}] Return a service that runs the @uref{http://www.freedesktop.org/wiki/Software/polkit/, Polkit privilege " +"management service}, which allows system administrators to grant access to privileged operations in a structured way. By querying " +"the Polkit service, a privileged system component can know when it should grant additional capabilities to ordinary users. For " +"example, an ordinary user can be granted the capability to suspend the system if the user is logged in locally." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12678 +#, no-wrap +msgid "{Scheme Procedure} upower-service [#:upower @var{upower}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12695 +msgid "" +"[#:watts-up-pro? #f] @ [#:poll-batteries? #t] @ [#:ignore-lid? #f] @ [#:use-percentage-for-policy? #f] @ [#:percentage-low 10] @ [#:" +"percentage-critical 3] @ [#:percentage-action 2] @ [#:time-low 1200] @ [#:time-critical 300] @ [#:time-action 120] @ [#:critical-" +"power-action 'hybrid-sleep] Return a service that runs @uref{http://upower.freedesktop.org/, @command{upowerd}}, a system-wide " +"monitor for power consumption and battery levels, with the given configuration settings. It implements the @code{org.freedesktop." +"UPower} D-Bus interface, and is notably used by GNOME." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12697 +#, no-wrap +msgid "{Scheme Procedure} udisks-service [#:udisks @var{udisks}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12702 +msgid "" +"Return a service for @uref{http://udisks.freedesktop.org/docs/latest/, UDisks}, a @dfn{disk management} daemon that provides user " +"interfaces with notifications and ways to mount/unmount disks. Programs that talk to UDisks include the @command{udisksctl} " +"command, part of UDisks, and GNOME Disks." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12704 +#, no-wrap +msgid "{Scheme Procedure} colord-service [#:colord @var{colord}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12710 +msgid "" +"Return a service that runs @command{colord}, a system service with a D-Bus interface to manage the color profiles of input and " +"output devices such as screens and scanners. It is notably used by the GNOME Color Manager graphical tool. See @uref{http://www." +"freedesktop.org/software/colord/, the colord web site} for more information." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12712 +#, no-wrap +msgid "{Scheme Procedure} geoclue-application name [#:allowed? #t] [#:system? #f] [#:users '()]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12721 +msgid "" +"Return a configuration allowing an application to access GeoClue location data. @var{name} is the Desktop ID of the application, " +"without the @code{.desktop} part. If @var{allowed?} is true, the application will have access to location information by default. " +"The boolean @var{system?} value indicates whether an application is a system component or not. Finally @var{users} is a list of " +"UIDs of all users for which this application is allowed location info access. An empty users list means that all users are allowed." +msgstr "" + +#. type: defvr +#: doc/guix.texi:12723 +#, no-wrap +msgid "{Scheme Variable} %standard-geoclue-applications" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12730 +msgid "" +"The standard list of well-known GeoClue application configurations, granting authority to the GNOME date-and-time utility to ask for " +"the current location in order to set the time zone, and allowing the IceCat and Epiphany web browsers to request location " +"information. IceCat and Epiphany both query the user before allowing a web page to know the user's location." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12732 +#, no-wrap +msgid "{Scheme Procedure} geoclue-service [#:colord @var{colord}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12745 +msgid "" +"[#:whitelist '()] @ [#:wifi-geolocation-url \"https://location.services.mozilla.com/v1/geolocate?key=geoclue\"] @ [#:submit-data? " +"#f] [#:wifi-submission-url \"https://location.services.mozilla.com/v1/submit?key=geoclue\"] @ [#:submission-nick \"geoclue\"] @ [#:" +"applications %standard-geoclue-applications] Return a service that runs the GeoClue location service. This service provides a D-Bus " +"interface to allow applications to request access to a user's physical location, and optionally to add information to online " +"location databases. See @uref{https://wiki.freedesktop.org/www/Software/GeoClue/, the GeoClue web site} for more information." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12747 +#, no-wrap +msgid "{Scheme Procedure} bluetooth-service [#:bluez @var{bluez}] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12754 +msgid "" +"[@w{#:auto-enable? #f}] Return a service that runs the @command{bluetoothd} daemon, which manages all the Bluetooth devices and " +"provides a number of D-Bus interfaces. When AUTO-ENABLE? is true, the bluetooth controller is powered automatically at boot, which " +"can be useful when using a bluetooth keyboard or mouse." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12756 +msgid "Users need to be in the @code{lp} group to access the D-Bus service." +msgstr "" + +#. type: cindex +#: doc/guix.texi:12762 +#, no-wrap +msgid "SQL" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12764 +msgid "The @code{(gnu services databases)} module provides the following services." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12765 +#, no-wrap +msgid "{Scheme Procedure} postgresql-service [#:postgresql postgresql] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12770 +msgid "" +"[#:config-file] [#:data-directory ``/var/lib/postgresql/data''] @ [#:port 5432] [#:locale ``en_US.utf8''] Return a service that runs " +"@var{postgresql}, the PostgreSQL database server." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12774 +msgid "" +"The PostgreSQL daemon loads its runtime configuration from @var{config-file}, creates a database cluster with @var{locale} as the " +"default locale, stored in @var{data-directory}. It then listens on @var{port}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12776 +#, no-wrap +msgid "{Scheme Procedure} mysql-service [#:config (mysql-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12779 +msgid "Return a service that runs @command{mysqld}, the MySQL or MariaDB database server." +msgstr "" + +#. type: deffn +#: doc/guix.texi:12782 +msgid "" +"The optional @var{config} argument specifies the configuration for @command{mysqld}, which should be a @code{} " +"object." +msgstr "" + +#. type: deftp +#: doc/guix.texi:12784 +#, no-wrap +msgid "{Data Type} mysql-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12786 +msgid "Data type representing the configuration of @var{mysql-service}." +msgstr "" + +#. type: item +#: doc/guix.texi:12788 +#, no-wrap +msgid "@code{mysql} (default: @var{mariadb})" +msgstr "" + +#. type: table +#: doc/guix.texi:12791 +msgid "Package object of the MySQL database server, can be either @var{mariadb} or @var{mysql}." +msgstr "" + +#. type: table +#: doc/guix.texi:12794 +msgid "For MySQL, a temporary root password will be displayed at activation time. For MariaDB, the root password is empty." +msgstr "" + +#. type: item +#: doc/guix.texi:12795 +#, no-wrap +msgid "@code{port} (default: @code{3306})" +msgstr "" + +#. type: table +#: doc/guix.texi:12797 +msgid "TCP port on which the database server listens for incoming connections." +msgstr "" + +#. type: defvr +#: doc/guix.texi:12800 +#, no-wrap +msgid "{Scheme Variable} memcached-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12804 +msgid "" +"This is the service type for the @uref{https://memcached.org/, Memcached} service, which provides a distributed in memory cache. " +"The value for the service type is a @code{memcached-configuration} object." +msgstr "" + +#. type: example +#: doc/guix.texi:12808 +#, no-wrap +msgid "(service memcached-service-type)\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12810 +#, no-wrap +msgid "{Data Type} memcached-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12812 +msgid "Data type representing the configuration of memcached." +msgstr "" + +#. type: item +#: doc/guix.texi:12814 +#, no-wrap +msgid "@code{memcached} (default: @code{memcached})" +msgstr "" + +#. type: table +#: doc/guix.texi:12816 +msgid "The Memcached package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:12817 +#, no-wrap +msgid "@code{interfaces} (default: @code{'(\"0.0.0.0\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:12819 +msgid "Network interfaces on which to listen." +msgstr "" + +#. type: item +#: doc/guix.texi:12820 +#, no-wrap +msgid "@code{tcp-port} (default: @code{11211})" +msgstr "" + +#. type: table +#: doc/guix.texi:12822 +msgid "Port on which to accept connections on," +msgstr "" + +#. type: item +#: doc/guix.texi:12823 +#, no-wrap +msgid "@code{udp-port} (default: @code{11211})" +msgstr "" + +#. type: table +#: doc/guix.texi:12826 +msgid "Port on which to accept UDP connections on, a value of 0 will disable listening on a UDP socket." +msgstr "" + +#. type: item +#: doc/guix.texi:12827 +#, no-wrap +msgid "@code{additional-options} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:12829 +msgid "Additional command line options to pass to @code{memcached}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:12832 +#, no-wrap +msgid "{Scheme Variable} mongodb-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12835 +msgid "" +"This is the service type for @uref{https://www.mongodb.com/, MongoDB}. The value for the service type is a @code{mongodb-" +"configuration} object." +msgstr "" + +#. type: example +#: doc/guix.texi:12839 +#, no-wrap +msgid "(service mongodb-service-type)\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12841 +#, no-wrap +msgid "{Data Type} mongodb-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12843 +msgid "Data type representing the configuration of mongodb." +msgstr "" + +#. type: item +#: doc/guix.texi:12845 +#, no-wrap +msgid "@code{mongodb} (default: @code{mongodb})" +msgstr "" + +#. type: table +#: doc/guix.texi:12847 +msgid "The MongoDB package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:12848 +#, no-wrap +msgid "@code{config-file} (default: @code{%default-mongodb-configuration-file})" +msgstr "" + +#. type: table +#: doc/guix.texi:12850 +msgid "The configuration file for MongoDB." +msgstr "" + +#. type: item +#: doc/guix.texi:12851 +#, no-wrap +msgid "@code{data-directory} (default: @code{\"/var/lib/mongodb\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:12855 +msgid "" +"This value is used to create the directory, so that it exists and is owned by the mongodb user. It should match the data-directory " +"which MongoDB is configured to use through the configuration file." +msgstr "" + +#. type: defvr +#: doc/guix.texi:12858 +#, no-wrap +msgid "{Scheme Variable} redis-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:12861 +msgid "" +"This is the service type for the @uref{https://redis.io/, Redis} key/value store, whose value is a @code{redis-configuration} object." +msgstr "" + +#. type: deftp +#: doc/guix.texi:12863 +#, no-wrap +msgid "{Data Type} redis-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:12865 +msgid "Data type representing the configuration of redis." +msgstr "" + +#. type: item +#: doc/guix.texi:12867 +#, no-wrap +msgid "@code{redis} (default: @code{redis})" +msgstr "" + +#. type: table +#: doc/guix.texi:12869 +msgid "The Redis package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:12870 +#, no-wrap +msgid "@code{bind} (default: @code{\"127.0.0.1\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:12872 +msgid "Network interface on which to listen." +msgstr "" + +#. type: item +#: doc/guix.texi:12873 +#, no-wrap +msgid "@code{port} (default: @code{6379})" +msgstr "" + +#. type: table +#: doc/guix.texi:12876 +msgid "Port on which to accept connections on, a value of 0 will disable listening on a TCP socket." +msgstr "" + +#. type: item +#: doc/guix.texi:12877 +#, no-wrap +msgid "@code{working-directory} (default: @code{\"/var/lib/redis\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:12879 +msgid "Directory in which to store the database and related files." +msgstr "" + +#. type: cindex +#: doc/guix.texi:12885 +#, no-wrap +msgid "mail" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:12886 doc/guix.texi:15981 +#, no-wrap +msgid "email" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12891 +msgid "" +"The @code{(gnu services mail)} module provides Guix service definitions for email services: IMAP, POP3, and LMTP servers, as well as " +"mail transport agents (MTAs). Lots of acronyms! These services are detailed in the subsections below." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:12892 +#, no-wrap +msgid "Dovecot Service" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12894 +#, no-wrap +msgid "{Scheme Procedure} dovecot-service [#:config (dovecot-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:12896 +msgid "Return a service that runs the Dovecot IMAP/POP3/LMTP mail server." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12906 +msgid "" +"By default, Dovecot does not need much configuration; the default configuration object created by @code{(dovecot-configuration)} " +"will suffice if your mail is delivered to @code{~/Maildir}. A self-signed certificate will be generated for TLS-protected " +"connections, though Dovecot will also listen on cleartext ports by default. There are a number of options, though, which mail " +"administrators might need to change, and as is the case with other services, Guix allows the system administrator to specify these " +"parameters via a uniform Scheme interface." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12909 +msgid "For example, to specify that mail is located at @code{maildir~/.mail}, one would instantiate the Dovecot service like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:12914 +#, no-wrap +msgid "" +"(dovecot-service #:config\n" +" (dovecot-configuration\n" +" (mail-location \"maildir:~/.mail\")))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12922 +msgid "" +"The available configuration parameters follow. Each parameter definition is preceded by its type; for example, @samp{string-list " +"foo} indicates that the @code{foo} parameter should be specified as a list of strings. There is also a way to specify the " +"configuration as a string, if you have an old @code{dovecot.conf} file that you want to port over from some other system; see the " +"end for more details." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:12932 +msgid "Available @code{dovecot-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12933 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} package dovecot" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12935 doc/guix.texi:14222 +msgid "The dovecot package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12937 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} comma-separated-string-list listen" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12943 +msgid "" +"A list of IPs or hosts where to listen for connections. @samp{*} listens on all IPv4 interfaces, @samp{::} listens on all IPv6 " +"interfaces. If you want to specify non-default ports or anything more complex, customize the address and port fields of the " +"@samp{inet-listener} of the specific services you are interested in." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12945 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} protocol-configuration-list protocols" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12948 +msgid "List of protocols we want to serve. Available protocols include @samp{imap}, @samp{pop3}, and @samp{lmtp}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12950 +msgid "Available @code{protocol-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12951 +#, no-wrap +msgid "{@code{protocol-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12953 +msgid "The name of the protocol." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12955 +#, no-wrap +msgid "{@code{protocol-configuration} parameter} string auth-socket-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12959 +msgid "" +"UNIX socket path to the master authentication server to find users. This is used by imap (for shared users) and lda. It defaults " +"to @samp{\"/var/run/dovecot/auth-userdb\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12961 +#, no-wrap +msgid "{@code{protocol-configuration} parameter} space-separated-string-list mail-plugins" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12963 +msgid "Space separated list of plugins to load." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12965 +#, no-wrap +msgid "{@code{protocol-configuration} parameter} non-negative-integer mail-max-userip-connections" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12969 +msgid "" +"Maximum number of IMAP connections allowed for a user from each IP address. NOTE: The username is compared case-sensitively. " +"Defaults to @samp{10}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12973 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} service-configuration-list services" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12977 +msgid "" +"List of services to enable. Available services include @samp{imap}, @samp{imap-login}, @samp{pop3}, @samp{pop3-login}, @samp{auth}, " +"and @samp{lmtp}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12979 +msgid "Available @code{service-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12980 +#, no-wrap +msgid "{@code{service-configuration} parameter} string kind" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12985 +msgid "" +"The service kind. Valid values include @code{director}, @code{imap-login}, @code{pop3-login}, @code{lmtp}, @code{imap}, " +"@code{pop3}, @code{auth}, @code{auth-worker}, @code{dict}, @code{tcpwrap}, @code{quota-warning}, or anything else." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12987 +#, no-wrap +msgid "{@code{service-configuration} parameter} listener-configuration-list listeners" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12992 +msgid "" +"Listeners for the service. A listener is either a @code{unix-listener-configuration}, a @code{fifo-listener-configuration}, or an " +"@code{inet-listener-configuration}. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12994 +msgid "Available @code{unix-listener-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12995 +#, no-wrap +msgid "{@code{unix-listener-configuration} parameter} string path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:12998 doc/guix.texi:13021 +msgid "Path to the file, relative to @code{base-dir} field. This is also used as the section name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13000 +#, no-wrap +msgid "{@code{unix-listener-configuration} parameter} string mode" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13003 doc/guix.texi:13026 +msgid "The access mode for the socket. Defaults to @samp{\"0600\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13005 +#, no-wrap +msgid "{@code{unix-listener-configuration} parameter} string user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13008 doc/guix.texi:13031 +msgid "The user to own the socket. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13010 +#, no-wrap +msgid "{@code{unix-listener-configuration} parameter} string group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13013 doc/guix.texi:13036 +msgid "The group to own the socket. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13017 +msgid "Available @code{fifo-listener-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13018 +#, no-wrap +msgid "{@code{fifo-listener-configuration} parameter} string path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13023 +#, no-wrap +msgid "{@code{fifo-listener-configuration} parameter} string mode" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13028 +#, no-wrap +msgid "{@code{fifo-listener-configuration} parameter} string user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13033 +#, no-wrap +msgid "{@code{fifo-listener-configuration} parameter} string group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13040 +msgid "Available @code{inet-listener-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13041 +#, no-wrap +msgid "{@code{inet-listener-configuration} parameter} string protocol" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13043 +msgid "The protocol to listen for." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13045 +#, no-wrap +msgid "{@code{inet-listener-configuration} parameter} string address" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13048 +msgid "The address on which to listen, or empty for all addresses. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13050 +#, no-wrap +msgid "{@code{inet-listener-configuration} parameter} non-negative-integer port" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13052 +msgid "The port on which to listen." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13054 +#, no-wrap +msgid "{@code{inet-listener-configuration} parameter} boolean ssl?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13058 +msgid "Whether to use SSL for this service; @samp{yes}, @samp{no}, or @samp{required}. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13062 +#, no-wrap +msgid "{@code{service-configuration} parameter} non-negative-integer service-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13067 +msgid "" +"Number of connections to handle before starting a new process. Typically the only useful values are 0 (unlimited) or 1. 1 is more " +"secure, but 0 is faster. . Defaults to @samp{1}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13069 +#, no-wrap +msgid "{@code{service-configuration} parameter} non-negative-integer process-min-avail" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13072 +msgid "Number of processes to always keep waiting for more connections. Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13074 +#, no-wrap +msgid "{@code{service-configuration} parameter} non-negative-integer vsz-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13078 +msgid "If you set @samp{service-count 0}, you probably need to grow this. Defaults to @samp{256000000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13082 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} dict-configuration dict" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13085 +msgid "Dict configuration, as created by the @code{dict-configuration} constructor." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13087 +msgid "Available @code{dict-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13088 +#, no-wrap +msgid "{@code{dict-configuration} parameter} free-form-fields entries" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13091 +msgid "A list of key-value pairs that this dict should hold. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13095 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} passdb-configuration-list passdbs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13098 +msgid "A list of passdb configurations, each one created by the @code{passdb-configuration} constructor." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13100 +msgid "Available @code{passdb-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13101 +#, no-wrap +msgid "{@code{passdb-configuration} parameter} string driver" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13106 +msgid "" +"The driver that the passdb should use. Valid values include @samp{pam}, @samp{passwd}, @samp{shadow}, @samp{bsdauth}, and " +"@samp{static}. Defaults to @samp{\"pam\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13108 +#, no-wrap +msgid "{@code{passdb-configuration} parameter} space-separated-string-list args" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13111 +msgid "Space separated list of arguments to the passdb driver. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13115 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} userdb-configuration-list userdbs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13118 +msgid "List of userdb configurations, each one created by the @code{userdb-configuration} constructor." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13120 +msgid "Available @code{userdb-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13121 +#, no-wrap +msgid "{@code{userdb-configuration} parameter} string driver" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13125 +msgid "The driver that the userdb should use. Valid values include @samp{passwd} and @samp{static}. Defaults to @samp{\"passwd\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13127 +#, no-wrap +msgid "{@code{userdb-configuration} parameter} space-separated-string-list args" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13130 +msgid "Space separated list of arguments to the userdb driver. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13132 +#, no-wrap +msgid "{@code{userdb-configuration} parameter} free-form-args override-fields" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13135 +msgid "Override fields from passwd. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13139 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} plugin-configuration plugin-configuration" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13142 +msgid "Plug-in configuration, created by the @code{plugin-configuration} constructor." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13144 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} list-of-namespace-configuration namespaces" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13147 +msgid "List of namespaces. Each item in the list is created by the @code{namespace-configuration} constructor." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13149 +msgid "Available @code{namespace-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13150 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13152 +msgid "Name for this namespace." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13154 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} string type" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13157 +msgid "Namespace type: @samp{private}, @samp{shared} or @samp{public}. Defaults to @samp{\"private\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13159 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} string separator" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13165 +msgid "" +"Hierarchy separator to use. You should use the same separator for all namespaces or some clients get confused. @samp{/} is usually " +"a good one. The default however depends on the underlying mail storage format. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13167 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} string prefix" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13171 +msgid "" +"Prefix required to access this namespace. This needs to be different for all namespaces. For example @samp{Public/}. Defaults to " +"@samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13173 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} string location" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13177 +msgid "" +"Physical location of the mailbox. This is in the same format as mail_location, which is also the default for it. Defaults to " +"@samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13179 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} boolean inbox?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13183 +msgid "There can be only one INBOX, and this setting defines which namespace has it. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13185 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} boolean hidden?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13193 +msgid "" +"If namespace is hidden, it's not advertised to clients via NAMESPACE extension. You'll most likely also want to set @samp{list? " +"#f}. This is mostly useful when converting from another server with different namespaces which you want to deprecate but still keep " +"working. For example you can create hidden namespaces with prefixes @samp{~/mail/}, @samp{~%u/mail/} and @samp{mail/}. Defaults to " +"@samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13195 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} boolean list?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13201 +msgid "" +"Show the mailboxes under this namespace with the LIST command. This makes the namespace visible for clients that do not support the " +"NAMESPACE extension. The special @code{children} value lists child mailboxes, but hides the namespace prefix. Defaults to " +"@samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13203 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} boolean subscriptions?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13208 +msgid "" +"Namespace handles its own subscriptions. If set to @code{#f}, the parent namespace handles them. The empty prefix should always " +"have this as @code{#t}). Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13210 +#, no-wrap +msgid "{@code{namespace-configuration} parameter} mailbox-configuration-list mailboxes" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13213 +msgid "List of predefined mailboxes in this namespace. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13215 +msgid "Available @code{mailbox-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13216 +#, no-wrap +msgid "{@code{mailbox-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13218 +msgid "Name for this mailbox." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13220 +#, no-wrap +msgid "{@code{mailbox-configuration} parameter} string auto" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13224 +msgid "" +"@samp{create} will automatically create this mailbox. @samp{subscribe} will both create and subscribe to the mailbox. Defaults to " +"@samp{\"no\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13226 +#, no-wrap +msgid "{@code{mailbox-configuration} parameter} space-separated-string-list special-use" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13231 +msgid "" +"List of IMAP @code{SPECIAL-USE} attributes as specified by RFC 6154. Valid values are @code{\\All}, @code{\\Archive}, " +"@code{\\Drafts}, @code{\\Flagged}, @code{\\Junk}, @code{\\Sent}, and @code{\\Trash}. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13237 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} file-name base-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13240 +msgid "Base directory where to store runtime data. Defaults to @samp{\"/var/run/dovecot/\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13242 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string login-greeting" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13245 +msgid "Greeting message for clients. Defaults to @samp{\"Dovecot ready.\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13247 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list login-trusted-networks" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13254 +msgid "" +"List of trusted network ranges. Connections from these IPs are allowed to override their IP addresses and ports (for logging and " +"for authentication checks). @samp{disable-plaintext-auth} is also ignored for these networks. Typically you would specify your " +"IMAP proxy servers here. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13256 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list login-access-sockets" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13259 +msgid "List of login access check sockets (e.g. tcpwrap). Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13261 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean verbose-proctitle?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13267 +msgid "" +"Show more verbose process titles (in ps). Currently shows user name and IP address. Useful for seeing who is actually using the " +"IMAP processes (e.g. shared mailboxes or if the same uid is used for multiple accounts). Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13269 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean shutdown-clients?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13275 +msgid "" +"Should all processes be killed when Dovecot master process shuts down. Setting this to @code{#f} means that Dovecot can be upgraded " +"without forcing existing client connections to close (although that could also be a problem if the upgrade is e.g. due to a security " +"fix). Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13277 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer doveadm-worker-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13281 +msgid "" +"If non-zero, run mail commands via this many connections to doveadm server, instead of running them directly in the same process. " +"Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13283 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string doveadm-socket-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13286 +msgid "UNIX socket or host:port used for connecting to doveadm server. Defaults to @samp{\"doveadm-server\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13288 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list import-environment" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13292 +msgid "" +"List of environment variables that are preserved on Dovecot startup and passed down to all of its child processes. You can also " +"give key=value pairs to always set specific settings." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13294 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean disable-plaintext-auth?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13301 +msgid "" +"Disable LOGIN command and all other plaintext authentications unless SSL/TLS is used (LOGINDISABLED capability). Note that if the " +"remote IP matches the local IP (i.e. you're connecting from the same computer), the connection is considered secure and plaintext " +"authentication is allowed. See also ssl=required setting. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13303 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer auth-cache-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13308 +msgid "" +"Authentication cache size (e.g. @samp{#e10e6}). 0 means it's disabled. Note that bsdauth, PAM and vpopmail require @samp{cache-" +"key} to be set for caching to be used. Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13310 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-cache-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13318 +msgid "" +"Time to live for cached data. After TTL expires the cached record is no longer used, *except* if the main database lookup returns " +"internal failure. We also try to handle password changes automatically: If user's previous authentication was successful, but this " +"one wasn't, the cache isn't used. For now this works only with plaintext authentication. Defaults to @samp{\"1 hour\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13320 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-cache-negative-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13324 +msgid "TTL for negative hits (user not found, password mismatch). 0 disables caching them completely. Defaults to @samp{\"1 hour\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13326 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list auth-realms" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13332 +msgid "" +"List of realms for SASL authentication mechanisms that need them. You can leave it empty if you don't want to support multiple " +"realms. Many clients simply use the first one listed here, so keep the default realm first. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13334 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-default-realm" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13339 +msgid "" +"Default realm/domain to use if none was specified. This is used for both SASL realms and appending @@domain to username in " +"plaintext logins. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13341 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-username-chars" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13348 +msgid "" +"List of allowed characters in username. If the user-given username contains a character not listed in here, the login automatically " +"fails. This is just an extra check to make sure user can't exploit any potential quote escaping vulnerabilities with SQL/LDAP " +"databases. If you want to allow all characters, set this value to empty. Defaults to " +"@samp{\"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@@\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13350 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-username-translation" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13356 +msgid "" +"Username character translations before it's looked up from databases. The value contains series of from -> to characters. For " +"example @samp{#@@/@@} means that @samp{#} and @samp{/} characters are translated to @samp{@@}. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13358 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-username-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13365 +msgid "" +"Username formatting before it's looked up from databases. You can use the standard variables here, e.g. %Lu would lowercase the " +"username, %n would drop away the domain if it was given, or @samp{%n-AT-%d} would change the @samp{@@} into @samp{-AT-}. This " +"translation is done after @samp{auth-username-translation} changes. Defaults to @samp{\"%Lu\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13367 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-master-user-separator" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13375 +msgid "" +"If you want to allow master users to log in by specifying the master username within the normal username string (i.e. not using SASL " +"mechanism's support for it), you can specify the separator character here. The format is then . UW-IMAP uses @samp{*} as the separator, so that could be a good choice. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13377 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-anonymous-username" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13381 +msgid "Username to use for users logging in with ANONYMOUS SASL mechanism. Defaults to @samp{\"anonymous\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13383 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer auth-worker-max-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13388 +msgid "" +"Maximum number of dovecot-auth worker processes. They're used to execute blocking passdb and userdb queries (e.g. MySQL and PAM). " +"They're automatically created and destroyed as needed. Defaults to @samp{30}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13390 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-gssapi-hostname" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13395 +msgid "" +"Host name to use in GSSAPI principal names. The default is to use the name returned by gethostname(). Use @samp{$ALL} (with " +"quotes) to allow all keytab entries. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13397 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-krb5-keytab" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13403 +msgid "" +"Kerberos keytab to use for the GSSAPI mechanism. Will use the system default (usually @file{/etc/krb5.keytab}) if not specified. " +"You may need to change the auth service to run as root to be able to read this file. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13405 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-use-winbind?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13410 +msgid "" +"Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and @samp{ntlm-auth} helper. . Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13412 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} file-name auth-winbind-helper-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13415 +msgid "Path for Samba's @samp{ntlm-auth} helper binary. Defaults to @samp{\"/usr/bin/ntlm_auth\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13417 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string auth-failure-delay" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13420 +msgid "Time to delay before replying to failed authentications. Defaults to @samp{\"2 secs\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13422 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-ssl-require-client-cert?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13426 +msgid "Require a valid SSL client certificate or the authentication fails. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13428 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-ssl-username-from-cert?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13433 +msgid "" +"Take the username from client's SSL certificate, using @code{X509_NAME_get_text_by_NID()} which returns the subject's DN's " +"CommonName. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13435 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list auth-mechanisms" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13441 +msgid "" +"List of wanted authentication mechanisms. Supported mechanisms are: @samp{plain}, @samp{login}, @samp{digest-md5}, @samp{cram-md5}, " +"@samp{ntlm}, @samp{rpa}, @samp{apop}, @samp{anonymous}, @samp{gssapi}, @samp{otp}, @samp{skey}, and @samp{gss-spnego}. NOTE: See " +"also @samp{disable-plaintext-auth} setting." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13443 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list director-servers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13448 +msgid "" +"List of IPs or hostnames to all director servers, including ourself. Ports can be specified as ip:port. The default port is the " +"same as what director service's @samp{inet-listener} is using. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13450 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list director-mail-servers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13454 +msgid "" +"List of IPs or hostnames to all backend mail servers. Ranges are allowed too, like 10.0.0.10-10.0.0.30. Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13456 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string director-user-expire" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13460 +msgid "How long to redirect users to a specific server after it no longer has any connections. Defaults to @samp{\"15 min\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13462 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string director-username-hash" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13467 +msgid "" +"How the username is translated before being hashed. Useful values include %Ln if user can log in with or without @@domain, %Ld if " +"mailboxes are shared within domain. Defaults to @samp{\"%Lu\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13469 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string log-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13473 +msgid "" +"Log file to use for error messages. @samp{syslog} logs to syslog, @samp{/dev/stderr} logs to stderr. Defaults to @samp{\"syslog\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13475 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string info-log-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13479 +msgid "Log file to use for informational messages. Defaults to @samp{log-path}. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13481 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string debug-log-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13485 +msgid "Log file to use for debug messages. Defaults to @samp{info-log-path}. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13487 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string syslog-facility" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13492 +msgid "" +"Syslog facility to use if you're logging to syslog. Usually if you don't want to use @samp{mail}, you'll use local0..local7. Also " +"other standard facilities are supported. Defaults to @samp{\"mail\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13494 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-verbose?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13498 +msgid "Log unsuccessful authentication attempts and the reasons why they failed. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13500 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-verbose-passwords?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13507 +msgid "" +"In case of password mismatches, log the attempted password. Valid values are no, plain and sha1. sha1 can be useful for detecting " +"brute force password attempts vs. user simply trying the same password over and over again. You can also truncate the value to n " +"chars by appending \":n\" (e.g. sha1:6). Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13509 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-debug?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13513 +msgid "Even more verbose logging for debugging purposes. Shows for example SQL queries. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13515 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean auth-debug-passwords?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13520 +msgid "" +"In case of password mismatches, log the passwords and used scheme so the problem can be debugged. Enabling this also enables " +"@samp{auth-debug}. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13522 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mail-debug?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13526 +msgid "Enable mail process debugging. This can help you figure out why Dovecot isn't finding your mails. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13528 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean verbose-ssl?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13531 +msgid "Show protocol level SSL errors. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13533 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string log-timestamp" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13537 +msgid "Prefix for each line written to log file. % codes are in strftime(3) format. Defaults to @samp{\"\\\"%b %d %H:%M:%S \\\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13539 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list login-log-format-elements" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13543 +msgid "" +"List of elements we want to log. The elements which have a non-empty variable value are joined together to form a comma-separated " +"string." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13545 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string login-log-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13549 +msgid "" +"Login log format. %s contains @samp{login-log-format-elements} string, %$ contains the data we want to log. Defaults to @samp{\"%" +"$: %s\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13551 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-log-prefix" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13555 +msgid "" +"Log prefix for mail processes. See doc/wiki/Variables.txt for list of possible variables you can use. Defaults to @samp{\"\\" +"\"%s(%u)<%@{pid@}><%@{session@}>: \\\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13557 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string deliver-log-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13559 +msgid "Format to use for logging mail deliveries. You can use variables:" +msgstr "" + +#. type: item +#: doc/guix.texi:13560 +#, no-wrap +msgid "%$" +msgstr "" + +#. type: table +#: doc/guix.texi:13562 +msgid "Delivery status message (e.g. @samp{saved to INBOX})" +msgstr "" + +#. type: item +#: doc/guix.texi:13562 +#, no-wrap +msgid "%m" +msgstr "" + +#. type: table +#: doc/guix.texi:13564 +msgid "Message-ID" +msgstr "" + +#. type: item +#: doc/guix.texi:13564 doc/guix.texi:14096 +#, no-wrap +msgid "%s" +msgstr "" + +#. type: table +#: doc/guix.texi:13566 +msgid "Subject" +msgstr "" + +#. type: item +#: doc/guix.texi:13566 +#, no-wrap +msgid "%f" +msgstr "" + +#. type: table +#: doc/guix.texi:13568 +msgid "From address" +msgstr "" + +#. type: table +#: doc/guix.texi:13570 +msgid "Physical size" +msgstr "" + +#. type: item +#: doc/guix.texi:13570 +#, no-wrap +msgid "%w" +msgstr "" + +#. type: table +#: doc/guix.texi:13572 +msgid "Virtual size." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13574 +msgid "Defaults to @samp{\"msgid=%m: %$\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13576 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-location" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13581 +msgid "" +"Location for users' mailboxes. The default is empty, which means that Dovecot tries to find the mailboxes automatically. This " +"won't work if the user doesn't yet have any mail, so you should explicitly tell Dovecot the full location." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13587 +msgid "" +"If you're using mbox, giving a path to the INBOX file (e.g. /var/mail/%u) isn't enough. You'll also need to tell Dovecot where the " +"other mailboxes are kept. This is called the \"root mail directory\", and it must be the first path given in the @samp{mail-" +"location} setting." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13589 +msgid "There are a few special variables you can use, eg.:" +msgstr "" + +#. type: table +#: doc/guix.texi:13593 +msgid "username" +msgstr "" + +#. type: item +#: doc/guix.texi:13593 doc/guix.texi:14092 +#, no-wrap +msgid "%n" +msgstr "" + +#. type: table +#: doc/guix.texi:13595 +msgid "user part in user@@domain, same as %u if there's no domain" +msgstr "" + +#. type: item +#: doc/guix.texi:13595 +#, no-wrap +msgid "%d" +msgstr "" + +#. type: table +#: doc/guix.texi:13597 +msgid "domain part in user@@domain, empty if there's no domain" +msgstr "" + +#. type: item +#: doc/guix.texi:13597 +#, no-wrap +msgid "%h" +msgstr "" + +#. type: table +#: doc/guix.texi:13599 +msgid "home director" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13602 +msgid "See doc/wiki/Variables.txt for full list. Some examples:" +msgstr "" + +#. type: item +#: doc/guix.texi:13603 +#, no-wrap +msgid "maildir:~/Maildir" +msgstr "" + +#. type: item +#: doc/guix.texi:13604 +#, no-wrap +msgid "mbox:~/mail:INBOX=/var/mail/%u" +msgstr "" + +#. type: item +#: doc/guix.texi:13605 +#, no-wrap +msgid "mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13610 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-uid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13615 +msgid "" +"System user and group used to access mails. If you use multiple, userdb can override these by returning uid or gid fields. You can " +"use either numbers or names. . Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13617 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-gid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13622 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-privileged-group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13628 +msgid "" +"Group to enable temporarily for privileged operations. Currently this is used only with INBOX when either its initial creation or " +"dotlocking fails. Typically this is set to \"mail\" to give access to /var/mail. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13630 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-access-groups" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13638 +msgid "" +"Grant access to these supplementary groups for mail processes. Typically these are used to set up access to shared mailboxes. Note " +"that it may be dangerous to set these if users can create symlinks (e.g. if \"mail\" group is set here, ln -s /var/mail ~/mail/var " +"could allow a user to delete others' mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it). Defaults to " +"@samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13640 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mail-full-filesystem-access?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13646 +msgid "" +"Allow full file system access to clients. There's no access checks other than what the operating system does for the active UID/" +"GID. It works with both maildir and mboxes, allowing you to prefix mailboxes names with e.g. /path/ or ~user/. Defaults to " +"@samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13648 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mmap-disable?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13652 +msgid "" +"Don't use mmap() at all. This is required if you store indexes to shared file systems (NFS or clustered file system). Defaults to " +"@samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13654 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean dotlock-use-excl?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13659 +msgid "" +"Rely on @samp{O_EXCL} to work when creating dotlock files. NFS supports @samp{O_EXCL} since version 3, so this should be safe to " +"use nowadays by default. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13661 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-fsync" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13663 +msgid "When to use fsync() or fdatasync() calls:" +msgstr "" + +#. type: item +#: doc/guix.texi:13664 +#, no-wrap +msgid "optimized" +msgstr "" + +#. type: table +#: doc/guix.texi:13666 +msgid "Whenever necessary to avoid losing important data" +msgstr "" + +#. type: table +#: doc/guix.texi:13668 +msgid "Useful with e.g. NFS when write()s are delayed" +msgstr "" + +#. type: table +#: doc/guix.texi:13670 +msgid "Never use it (best performance, but crashes can lose data)." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13672 +msgid "Defaults to @samp{\"optimized\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13674 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mail-nfs-storage?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13679 +msgid "" +"Mail storage exists in NFS. Set this to yes to make Dovecot flush NFS caches whenever needed. If you're using only a single mail " +"server this isn't needed. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13681 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mail-nfs-index?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13685 +msgid "" +"Mail index files also exist in NFS. Setting this to yes requires @samp{mmap-disable? #t} and @samp{fsync-disable? #f}. Defaults to " +"@samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13687 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string lock-method" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13693 +msgid "" +"Locking method for index files. Alternatives are fcntl, flock and dotlock. Dotlocking uses some tricks which may create more disk " +"I/O than other locking methods. NFS users: flock doesn't work, remember to change @samp{mmap-disable}. Defaults to @samp{\"fcntl" +"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13695 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} file-name mail-temp-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13699 +msgid "Directory in which LDA/LMTP temporarily stores incoming mails >128 kB. Defaults to @samp{\"/tmp\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13701 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer first-valid-uid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13707 +msgid "" +"Valid UID range for users. This is mostly to make sure that users can't log in as daemons or other system users. Note that denying " +"root logins is hardcoded to dovecot binary and can't be done even if @samp{first-valid-uid} is set to 0. Defaults to @samp{500}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13709 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer last-valid-uid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13714 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer first-valid-gid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13719 +msgid "" +"Valid GID range for users. Users having non-valid GID as primary group ID aren't allowed to log in. If user belongs to " +"supplementary groups with non-valid GIDs, those groups are not set. Defaults to @samp{1}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13721 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer last-valid-gid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13726 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer mail-max-keyword-length" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13730 +msgid "Maximum allowed length for mail keyword name. It's only forced when trying to create new keywords. Defaults to @samp{50}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13732 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} colon-separated-file-name-list valid-chroot-dirs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13742 +msgid "" +"List of directories under which chrooting is allowed for mail processes (i.e. /var/mail will allow chrooting to /var/mail/foo/bar " +"too). This setting doesn't affect @samp{login-chroot} @samp{mail-chroot} or auth chroot settings. If this setting is empty, \"/./" +"\" in home dirs are ignored. WARNING: Never add directories here which local users can modify, that may lead to root exploit. " +"Usually this should be done only if you don't allow shell access for users. . Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13744 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-chroot" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13753 +msgid "" +"Default chroot directory for mail processes. This can be overridden for specific users in user database by giving /./ in user's " +"home directory (e.g. /home/./user chroots into /home). Note that usually there is no real need to do chrooting, Dovecot doesn't " +"allow users to access files outside their mail directory anyway. If your home directories are prefixed with the chroot directory, " +"append \"/.\" to @samp{mail-chroot}. . Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13755 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} file-name auth-socket-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13759 +msgid "" +"UNIX socket path to master authentication server to find users. This is used by imap (for shared users) and lda. Defaults to " +"@samp{\"/var/run/dovecot/auth-userdb\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13761 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} file-name mail-plugin-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13764 +msgid "Directory where to look up mail plugins. Defaults to @samp{\"/usr/lib/dovecot\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13766 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list mail-plugins" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13770 +msgid "" +"List of plugins to load for all services. Plugins specific to IMAP, LDA, etc. are added to this list in their own .conf files. " +"Defaults to @samp{()}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13772 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer mail-cache-min-mail-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13777 +msgid "" +"The minimum number of mails in a mailbox before updates are done to cache file. This allows optimizing Dovecot's behavior to do " +"less disk writes at the cost of more disk reads. Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13779 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mailbox-idle-check-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13786 +msgid "" +"When IDLE command is running, mailbox is checked once in a while to see if there are any new mails or other changes. This setting " +"defines the minimum time to wait between those checks. Dovecot can also use dnotify, inotify and kqueue to find out immediately " +"when changes occur. Defaults to @samp{\"30 secs\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13788 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mail-save-crlf?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13795 +msgid "" +"Save mails with CR+LF instead of plain LF. This makes sending those mails take less CPU, especially with sendfile() syscall with " +"Linux and FreeBSD. But it also creates a bit more disk I/O which may just make it slower. Also note that if other software reads " +"the mboxes/maildirs, they may handle the extra CRs wrong and cause problems. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13797 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean maildir-stat-dirs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13805 +msgid "" +"By default LIST command returns all entries in maildir beginning with a dot. Enabling this option makes Dovecot return only entries " +"which are directories. This is done by stat()ing each entry, so it causes more disk I/O. (For systems setting struct @samp{dirent-" +">d_type} this check is free and it's done always regardless of this setting). Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13807 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean maildir-copy-with-hardlinks?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13812 +msgid "" +"When copying a message, do it with hard links whenever possible. This makes the performance much better, and it's unlikely to have " +"any side effects. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13814 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean maildir-very-dirty-syncs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13819 +msgid "" +"Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only when its mtime changes unexpectedly or when we can't find " +"the mail otherwise. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13821 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list mbox-read-locks" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13824 +msgid "Which locking methods to use for locking mbox. There are four available:" +msgstr "" + +#. type: item +#: doc/guix.texi:13826 +#, no-wrap +msgid "dotlock" +msgstr "" + +#. type: table +#: doc/guix.texi:13830 +msgid "" +"Create .lock file. This is the oldest and most NFS-safe solution. If you want to use /var/mail/ like directory, the users " +"will need write access to that directory." +msgstr "" + +#. type: item +#: doc/guix.texi:13830 +#, no-wrap +msgid "dotlock-try" +msgstr "" + +#. type: table +#: doc/guix.texi:13833 +msgid "Same as dotlock, but if it fails because of permissions or because there isn't enough disk space, just skip it." +msgstr "" + +#. type: item +#: doc/guix.texi:13833 +#, no-wrap +msgid "fcntl" +msgstr "" + +#. type: table +#: doc/guix.texi:13835 +msgid "Use this if possible. Works with NFS too if lockd is used." +msgstr "" + +#. type: item +#: doc/guix.texi:13835 +#, no-wrap +msgid "flock" +msgstr "" + +#. type: table +#: doc/guix.texi:13837 doc/guix.texi:13839 +msgid "May not exist in all systems. Doesn't work with NFS." +msgstr "" + +#. type: item +#: doc/guix.texi:13837 +#, no-wrap +msgid "lockf" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13845 +msgid "" +"You can use multiple locking methods; if you do the order they're declared in is important to avoid deadlocks if other MTAs/MUAs are " +"using multiple locking methods as well. Some operating systems don't allow using some of them simultaneously." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13847 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list mbox-write-locks" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13851 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mbox-lock-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13854 +msgid "Maximum time to wait for lock (all of them) before aborting. Defaults to @samp{\"5 mins\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13856 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mbox-dotlock-change-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13860 +msgid "" +"If dotlock exists but the mailbox isn't modified in any way, override the lock file after this much time. Defaults to @samp{\"2 mins" +"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13862 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mbox-dirty-syncs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13873 +msgid "" +"When mbox changes unexpectedly we have to fully read it to find out what changed. If the mbox is large this can take a long time. " +"Since the change is usually just a newly appended mail, it'd be faster to simply read the new mails. If this setting is enabled, " +"Dovecot does this but still safely fallbacks to re-reading the whole mbox file whenever something in mbox isn't how it's expected to " +"be. The only real downside to this setting is that if some other MUA changes message flags, Dovecot doesn't notice it immediately. " +"Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK commands. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13875 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mbox-very-dirty-syncs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13880 +msgid "" +"Like @samp{mbox-dirty-syncs}, but don't do full syncs even with SELECT, EXAMINE, EXPUNGE or CHECK commands. If this is set, " +"@samp{mbox-dirty-syncs} is ignored. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13882 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mbox-lazy-writes?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13888 +msgid "" +"Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK commands and when closing the mailbox). This is " +"especially useful for POP3 where clients often delete all mails. The downside is that our changes aren't immediately visible to " +"other MUAs. Defaults to @samp{#t}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13890 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer mbox-min-index-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13895 +msgid "" +"If mbox size is smaller than this (e.g. 100k), don't write index files. If an index file already exists it's still read, just not " +"updated. Defaults to @samp{0}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13897 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer mdbox-rotate-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13900 +msgid "Maximum dbox file size until it's rotated. Defaults to @samp{10000000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13902 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mdbox-rotate-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13907 +msgid "" +"Maximum dbox file age until it's rotated. Typically in days. Day begins from midnight, so 1d = today, 2d = yesterday, etc. 0 = " +"check disabled. Defaults to @samp{\"1d\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13909 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean mdbox-preallocate-space?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13914 +msgid "" +"When creating new mdbox files, immediately preallocate their size to @samp{mdbox-rotate-size}. This setting currently works only in " +"Linux with some file systems (ext4, xfs). Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13916 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-attachment-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13920 +msgid "" +"sdbox and mdbox support saving mail attachments to external files, which also allows single instance storage for them. Other " +"backends don't support this for now." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13922 +msgid "WARNING: This feature hasn't been tested much yet. Use at your own risk." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13925 +msgid "Directory root where to store mail attachments. Disabled, if empty. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13927 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer mail-attachment-min-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13932 +msgid "" +"Attachments smaller than this aren't saved externally. It's also possible to write a plugin to disable saving specific attachments " +"externally. Defaults to @samp{128000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13934 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-attachment-fs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13936 +msgid "File system backend to use for saving attachments:" +msgstr "" + +#. type: item +#: doc/guix.texi:13937 +#, no-wrap +msgid "posix" +msgstr "" + +#. type: table +#: doc/guix.texi:13939 +msgid "No SiS done by Dovecot (but this might help FS's own deduplication)" +msgstr "" + +#. type: item +#: doc/guix.texi:13939 +#, no-wrap +msgid "sis posix" +msgstr "" + +#. type: table +#: doc/guix.texi:13941 +msgid "SiS with immediate byte-by-byte comparison during saving" +msgstr "" + +#. type: item +#: doc/guix.texi:13941 +#, no-wrap +msgid "sis-queue posix" +msgstr "" + +#. type: table +#: doc/guix.texi:13943 +msgid "SiS with delayed comparison and deduplication." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13945 +msgid "Defaults to @samp{\"sis posix\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13947 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string mail-attachment-hash" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13953 +msgid "" +"Hash format to use in attachment filenames. You can add any text and variables: @code{%@{md4@}}, @code{%@{md5@}}, @code{%@{sha1@}}, " +"@code{%@{sha256@}}, @code{%@{sha512@}}, @code{%@{size@}}. Variables can be truncated, e.g. @code{%@{sha256:80@}} returns only first " +"80 bits. Defaults to @samp{\"%@{sha1@}\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13955 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer default-process-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13960 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer default-client-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13963 doc/guix.texi:17869 +msgid "Defaults to @samp{1000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13965 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer default-vsz-limit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13970 +msgid "" +"Default VSZ (virtual memory size) limit for service processes. This is mainly intended to catch and kill processes that leak memory " +"before they eat up everything. Defaults to @samp{256000000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13972 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string default-login-user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13977 +msgid "" +"Login user is internally used by login processes. This is the most untrusted user in Dovecot system. It shouldn't have access to " +"anything at all. Defaults to @samp{\"dovenull\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13979 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string default-internal-user" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13984 +msgid "" +"Internal user is used by unprivileged processes. It should be separate from login user, so that login processes can't disturb other " +"processes. Defaults to @samp{\"dovecot\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13986 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string ssl?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13989 +msgid "SSL/TLS support: yes, no, required. . Defaults to @samp{\"required\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13991 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string ssl-cert" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:13994 +msgid "PEM encoded X.509 SSL/TLS certificate (public key). Defaults to @samp{\" was automatically rejected:%n%r\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14104 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string recipient-delimiter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14108 +msgid "Delimiter character between local-part and detail in email address. Defaults to @samp{\"+\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14110 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string lda-original-recipient-header" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14116 +msgid "" +"Header where the original recipient address (SMTP's RCPT TO: address) is taken from if not available elsewhere. With dovecot-lda -a " +"parameter overrides this. A commonly used header for this is X-Original-To. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14118 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean lda-mailbox-autocreate?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14122 +msgid "Should saving a mail to a nonexistent mailbox automatically create it?. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14124 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} boolean lda-mailbox-autosubscribe?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14128 +msgid "Should automatically created mailboxes be also automatically subscribed?. Defaults to @samp{#f}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14130 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} non-negative-integer imap-max-line-length" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14136 +msgid "" +"Maximum IMAP command line length. Some clients generate very long command lines with huge mailboxes, so you may need to raise this " +"if you get \"Too long argument\" or \"IMAP command line too large\" errors often. Defaults to @samp{64000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14138 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string imap-logout-format" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14140 +msgid "IMAP logout format string:" +msgstr "" + +#. type: item +#: doc/guix.texi:14141 +#, no-wrap +msgid "%i" +msgstr "" + +#. type: table +#: doc/guix.texi:14143 +msgid "total number of bytes read from client" +msgstr "" + +#. type: item +#: doc/guix.texi:14143 +#, no-wrap +msgid "%o" +msgstr "" + +#. type: table +#: doc/guix.texi:14145 +msgid "total number of bytes sent to client." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14148 +msgid "" +"See @file{doc/wiki/Variables.txt} for a list of all the variables you can use. Defaults to @samp{\"in=%i out=%o deleted=" +"%@{deleted@} expunged=%@{expunged@} trashed=%@{trashed@} hdr_count=%@{fetch_hdr_count@} hdr_bytes=%@{fetch_hdr_bytes@} body_count=" +"%@{fetch_body_count@} body_bytes=%@{fetch_body_bytes@}\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14150 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string imap-capability" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14154 +msgid "" +"Override the IMAP CAPABILITY response. If the value begins with '+', add the given capabilities on top of the defaults (e.g. +XFOO " +"XBAR). Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14156 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string imap-idle-notify-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14160 +msgid "How long to wait between \"OK Still here\" notifications when client is IDLEing. Defaults to @samp{\"2 mins\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14162 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string imap-id-send" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14168 +msgid "" +"ID field names and values to send to clients. Using * as the value makes Dovecot use the default value. The following fields have " +"default values currently: name, version, os, os-version, support-url, support-email. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14170 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} string imap-id-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14173 +msgid "ID fields sent by client to log. * means everything. Defaults to @samp{\"\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14175 +#, no-wrap +msgid "{@code{dovecot-configuration} parameter} space-separated-string-list imap-client-workarounds" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:14177 +msgid "Workarounds for various client bugs:" +msgstr "" + +#. type: item +#: doc/guix.texi:14179 +#, no-wrap +msgid "delay-newmail" +msgstr "" + +#. type: table +#: doc/guix.texi:14186 +msgid "" +"Send EXISTS/RECENT new mail notifications only when replying to NOOP and CHECK commands. Some clients ignore them otherwise, for " +"example OSX Mail (' before setting it here, to get a feel for which " +"cipher suites you will get. After setting this option, it is recommend that you inspect your Murmur log to ensure that Murmur is " +"using the cipher suites that you expected it to." +msgstr "" + +#. type: table +#: doc/guix.texi:14968 +msgid "" +"Note: Changing this option may impact the backwards compatibility of your Murmur server, and can remove the ability for older Mumble " +"clients to be able to connect to it." +msgstr "" + +#. type: item +#: doc/guix.texi:14969 +#, no-wrap +msgid "@code{public-registration} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:14971 +msgid "Must be a @code{} record or @code{#f}." +msgstr "" + +#. type: table +#: doc/guix.texi:14976 +msgid "" +"You can optionally register your server in the public server list that the @code{mumble} client shows on startup. You cannot " +"register your server if you have set a @code{server-password}, or set @code{allow-ping} to @code{#f}." +msgstr "" + +#. type: table +#: doc/guix.texi:14978 +msgid "It might take a few hours until it shows up in the public list." +msgstr "" + +#. type: item +#: doc/guix.texi:14979 doc/guix.texi:15550 +#, no-wrap +msgid "@code{file} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:14981 +msgid "Optional alternative override for this configuration." +msgstr "" + +#. type: deftp +#: doc/guix.texi:14984 +#, no-wrap +msgid "{Data Type} murmur-public-registration-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:14986 +msgid "Configuration for public registration of a murmur service." +msgstr "" + +#. type: table +#: doc/guix.texi:14990 +msgid "This is a display name for your server. Not to be confused with the hostname." +msgstr "" + +#. type: itemx +#: doc/guix.texi:14991 doc/guix.texi:19868 +#, no-wrap +msgid "password" +msgstr "" + +#. type: table +#: doc/guix.texi:14994 +msgid "A password to identify your registration. Subsequent updates will need the same password. Don't lose your password." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:14995 +#, no-wrap +msgid "url" +msgstr "" + +#. type: table +#: doc/guix.texi:14998 +msgid "This should be a @code{http://} or @code{https://} link to your web site." +msgstr "" + +#. type: item +#: doc/guix.texi:14999 +#, no-wrap +msgid "@code{hostname} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15002 +msgid "By default your server will be listed by its IP address. If it is set your server will be linked by this host name instead." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15010 +#, no-wrap +msgid "Tailon Service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15014 +msgid "@uref{https://tailon.readthedocs.io/, Tailon} is a web application for viewing and searching log files." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15017 +msgid "" +"The following example will configure the service with default values. By default, Tailon can be accessed on port 8080 (@code{http://" +"localhost:8080})." +msgstr "" + +#. type: example +#: doc/guix.texi:15020 +#, no-wrap +msgid "(service tailon-service-type)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15024 +msgid "The following example customises more of the Tailon configuration, adding @command{sed} to the list of allowed commands." +msgstr "" + +#. type: example +#: doc/guix.texi:15031 +#, no-wrap +msgid "" +"(service tailon-service-type\n" +" (tailon-configuration\n" +" (config-file\n" +" (tailon-configuration-file\n" +" (allowed-commands '(\"tail\" \"grep\" \"awk\" \"sed\"))))))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15034 +#, no-wrap +msgid "{Data Type} tailon-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15037 +msgid "Data type representing the configuration of Tailon. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15039 +#, no-wrap +msgid "@code{config-file} (default: @code{(tailon-configuration-file)})" +msgstr "" + +#. type: table +#: doc/guix.texi:15043 +msgid "" +"The configuration file to use for Tailon. This can be set to a @dfn{tailon-configuration-file} record value, or any gexp (@pxref{G-" +"Expressions})." +msgstr "" + +#. type: table +#: doc/guix.texi:15046 +msgid "For example, to instead use a local file, the @code{local-file} function can be used:" +msgstr "" + +#. type: example +#: doc/guix.texi:15051 +#, no-wrap +msgid "" +"(service tailon-service-type\n" +" (tailon-configuration\n" +" (config-file (local-file \"./my-tailon.conf\"))))\n" +msgstr "" + +#. type: item +#: doc/guix.texi:15053 +#, no-wrap +msgid "@code{package} (default: @code{tailon})" +msgstr "" + +#. type: table +#: doc/guix.texi:15055 +msgid "The tailon package to use." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15059 +#, no-wrap +msgid "{Data Type} tailon-configuration-file" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15062 +msgid "Data type representing the configuration options for Tailon. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15064 +#, no-wrap +msgid "@code{files} (default: @code{(list \"/var/log\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15069 +msgid "" +"List of files to display. The list can include strings for a single file or directory, or a list, where the first item is the name " +"of a subsection, and the remaining items are the files or directories in that subsection." +msgstr "" + +#. type: item +#: doc/guix.texi:15070 +#, no-wrap +msgid "@code{bind} (default: @code{\"localhost:8080\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15072 +msgid "Address and port to which Tailon should bind on." +msgstr "" + +#. type: item +#: doc/guix.texi:15073 +#, no-wrap +msgid "@code{relative-root} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15075 +msgid "URL path to use for Tailon, set to @code{#f} to not use a path." +msgstr "" + +#. type: item +#: doc/guix.texi:15076 +#, no-wrap +msgid "@code{allow-transfers?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:15078 +msgid "Allow downloading the log files in the web interface." +msgstr "" + +#. type: item +#: doc/guix.texi:15079 +#, no-wrap +msgid "@code{follow-names?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:15081 +msgid "Allow tailing of not-yet existent files." +msgstr "" + +#. type: item +#: doc/guix.texi:15082 +#, no-wrap +msgid "@code{tail-lines} (default: @code{200})" +msgstr "" + +#. type: table +#: doc/guix.texi:15084 +msgid "Number of lines to read initially from each file." +msgstr "" + +#. type: item +#: doc/guix.texi:15085 +#, no-wrap +msgid "@code{allowed-commands} (default: @code{(list \"tail\" \"grep\" \"awk\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15087 +msgid "Commands to allow running. By default, @code{sed} is disabled." +msgstr "" + +#. type: item +#: doc/guix.texi:15088 +#, no-wrap +msgid "@code{debug?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15090 +msgid "Set @code{debug?} to @code{#t} to show debug messages." +msgstr "" + +#. type: item +#: doc/guix.texi:15091 +#, no-wrap +msgid "@code{wrap-lines} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:15095 +msgid "" +"Initial line wrapping state in the web interface. Set to @code{#t} to initially wrap lines (the default), or to @code{#f} to " +"initially not wrap lines." +msgstr "" + +#. type: item +#: doc/guix.texi:15096 +#, no-wrap +msgid "@code{http-auth} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15100 +msgid "" +"HTTP authentication type to use. Set to @code{#f} to disable authentication (the default). Supported values are @code{\"digest\"} or " +"@code{\"basic\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:15101 +#, no-wrap +msgid "@code{users} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15106 +msgid "" +"If HTTP authentication is enabled (see @code{http-auth}), access will be restricted to the credentials provided here. To configure " +"users, use a list of pairs, where the first element of the pair is the username, and the 2nd element of the pair is the password." +msgstr "" + +#. type: example +#: doc/guix.texi:15112 +#, no-wrap +msgid "" +"(tailon-configuration-file\n" +" (http-auth \"basic\")\n" +" (users '((\"user1\" . \"password1\")\n" +" (\"user2\" . \"password2\"))))\n" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15118 +#, no-wrap +msgid "Darkstat Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15119 +#, no-wrap +msgid "darkstat" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15122 +msgid "Darkstat is a packet sniffer that captures network traffic, calculates statistics about usage, and serves reports over HTTP." +msgstr "" + +#. type: defvar +#: doc/guix.texi:15123 +#, no-wrap +msgid "{Scheme Variable} darkstat-service-type" +msgstr "" + +#. type: defvar +#: doc/guix.texi:15128 +msgid "" +"This is the service type for the @uref{https://unix4lyfe.org/darkstat/, darkstat} service, its value must be a @code{darkstat-" +"configuration} record as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:15133 +#, no-wrap +msgid "" +"(service darkstat-service-type\n" +" (darkstat-configuration\n" +" (interface \"eno1\")))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15136 +#, no-wrap +msgid "{Data Type} darkstat-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15138 +msgid "Data type representing the configuration of @command{darkstat}." +msgstr "" + +#. type: item +#: doc/guix.texi:15140 +#, no-wrap +msgid "@code{package} (default: @code{darkstat})" +msgstr "" + +#. type: table +#: doc/guix.texi:15142 +msgid "The darkstat package to use." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15143 +#, no-wrap +msgid "interface" +msgstr "" + +#. type: table +#: doc/guix.texi:15145 +msgid "Capture traffic on the specified network interface." +msgstr "" + +#. type: item +#: doc/guix.texi:15146 +#, no-wrap +msgid "@code{port} (default: @code{\"667\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15148 +msgid "Bind the web interface to the specified port." +msgstr "" + +#. type: item +#: doc/guix.texi:15149 +#, no-wrap +msgid "@code{bind-address} (default: @code{\"127.0.0.1\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15151 +msgid "Bind the web interface to the specified address." +msgstr "" + +#. type: item +#: doc/guix.texi:15152 +#, no-wrap +msgid "@code{base} (default: @code{\"/\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15155 +msgid "Specify the path of the base URL. This can be useful if @command{darkstat} is accessed via a reverse proxy." +msgstr "" + +#. type: cindex +#: doc/guix.texi:15162 +#, no-wrap +msgid "Kerberos" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15166 +msgid "The @code{(gnu services kerberos)} module provides services relating to the authentication protocol @dfn{Kerberos}." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15167 +#, no-wrap +msgid "Krb5 Service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15174 +msgid "" +"Programs using a Kerberos client library normally expect a configuration file in @file{/etc/krb5.conf}. This service generates such " +"a file from a definition provided in the operating system declaration. It does not cause any daemon to be started." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15178 +msgid "" +"No ``keytab'' files are provided by this service---you must explicitly create them. This service is known to work with the MIT " +"client library, @code{mit-krb5}. Other implementations have not been tested." +msgstr "" + +#. type: defvr +#: doc/guix.texi:15179 +#, no-wrap +msgid "{Scheme Variable} krb5-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15181 +msgid "A service type for Kerberos 5 clients." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15185 +msgid "Here is an example of its use:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:15199 +#, no-wrap +msgid "" +"(service krb5-service-type\n" +" (krb5-configuration\n" +" (default-realm \"EXAMPLE.COM\")\n" +" (allow-weak-crypto? #t)\n" +" (realms (list\n" +" (krb5-realm\n" +" (name \"EXAMPLE.COM\")\n" +" (admin-server \"groucho.example.com\")\n" +" (kdc \"karl.example.com\"))\n" +" (krb5-realm\n" +" (name \"ARGRX.EDU\")\n" +" (admin-server \"kerb-admin.argrx.edu\")\n" +" (kdc \"keys.argrx.edu\"))))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15203 +msgid "This example provides a Kerberos@tie{}5 client configuration which:" +msgstr "" + +#. type: item +#: doc/guix.texi:15204 +#, no-wrap +msgid "Recognizes two realms, @i{viz:} ``EXAMPLE.COM'' and ``ARGRX.EDU'', both" +msgstr "" + +#. type: itemize +#: doc/guix.texi:15206 +msgid "of which have distinct administration servers and key distribution centers;" +msgstr "" + +#. type: item +#: doc/guix.texi:15206 +#, no-wrap +msgid "Will default to the realm ``EXAMPLE.COM'' if the realm is not explicitly" +msgstr "" + +#. type: itemize +#: doc/guix.texi:15208 +msgid "specified by clients;" +msgstr "" + +#. type: item +#: doc/guix.texi:15208 +#, no-wrap +msgid "Accepts services which only support encryption types known to be weak." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15216 +msgid "" +"The @code{krb5-realm} and @code{krb5-configuration} types have many fields. Only the most commonly used ones are described here. " +"For a full list, and more detailed explanation of each, see the MIT @uref{http://web.mit.edu/kerberos/krb5-devel/doc/admin/" +"conf_files/krb5_conf.html,,krb5.conf} documentation." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15218 +#, no-wrap +msgid "{Data Type} krb5-realm" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15219 +#, no-wrap +msgid "realm, kerberos" +msgstr "" + +#. type: table +#: doc/guix.texi:15225 +msgid "" +"This field is a string identifying the name of the realm. A common convention is to use the fully qualified DNS name of your " +"organization, converted to upper case." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15226 +#, no-wrap +msgid "admin-server" +msgstr "" + +#. type: table +#: doc/guix.texi:15229 +msgid "This field is a string identifying the host where the administration server is running." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15230 +#, no-wrap +msgid "kdc" +msgstr "" + +#. type: table +#: doc/guix.texi:15233 +msgid "This field is a string identifying the key distribution center for the realm." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15236 +#, no-wrap +msgid "{Data Type} krb5-configuration" +msgstr "" + +#. type: item +#: doc/guix.texi:15239 +#, no-wrap +msgid "@code{allow-weak-crypto?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15242 +msgid "If this flag is @code{#t} then services which only offer encryption algorithms known to be weak will be accepted." +msgstr "" + +#. type: item +#: doc/guix.texi:15243 +#, no-wrap +msgid "@code{default-realm} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15250 +msgid "" +"This field should be a string identifying the default Kerberos realm for the client. You should set this field to the name of your " +"Kerberos realm. If this value is @code{#f} then a realm must be specified with every Kerberos principal when invoking programs such " +"as @command{kinit}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15251 +#, no-wrap +msgid "realms" +msgstr "" + +#. type: table +#: doc/guix.texi:15256 +msgid "" +"This should be a non-empty list of @code{krb5-realm} objects, which clients may access. Normally, one of them will have a " +"@code{name} field matching the @code{default-realm} field." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15260 +#, no-wrap +msgid "PAM krb5 Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15261 +#, no-wrap +msgid "pam-krb5" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15267 +msgid "" +"The @code{pam-krb5} service allows for login authentication and password management via Kerberos. You will need this service if you " +"want PAM enabled applications to authenticate users using Kerberos." +msgstr "" + +#. type: defvr +#: doc/guix.texi:15268 +#, no-wrap +msgid "{Scheme Variable} pam-krb5-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15270 +msgid "A service type for the Kerberos 5 PAM module." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15272 +#, no-wrap +msgid "{Data Type} pam-krb5-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15275 +msgid "Data type representing the configuration of the Kerberos 5 PAM module This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15276 +#, no-wrap +msgid "@code{pam-krb5} (default: @code{pam-krb5})" +msgstr "" + +#. type: table +#: doc/guix.texi:15278 +msgid "The pam-krb5 package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15279 +#, no-wrap +msgid "@code{minimum-uid} (default: @code{1000})" +msgstr "" + +#. type: table +#: doc/guix.texi:15282 +msgid "" +"The smallest user ID for which Kerberos authentications should be attempted. Local accounts with lower values will silently fail to " +"authenticate." +msgstr "" + +#. type: cindex +#: doc/guix.texi:15289 +#, no-wrap +msgid "web" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15290 +#, no-wrap +msgid "www" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15291 +#, no-wrap +msgid "HTTP" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15294 +msgid "The @code{(gnu services web)} module provides the Apache HTTP Server, the nginx web server, and also a fastcgi wrapper daemon." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15295 +#, no-wrap +msgid "Apache HTTP Server" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15297 +#, no-wrap +msgid "{Scheme Variable} httpd-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15301 +msgid "" +"Service type for the @uref{https://httpd.apache.org/,Apache HTTP} server (@dfn{httpd}). The value for this service type is a " +"@code{https-configuration} record." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15303 doc/guix.texi:15454 +msgid "A simple example configuration is given below." +msgstr "" + +#. type: example +#: doc/guix.texi:15311 +#, no-wrap +msgid "" +"(service httpd-service-type\n" +" (httpd-configuration\n" +" (config\n" +" (httpd-config-file\n" +" (server-name \"www.example.com\")\n" +" (document-root \"/srv/http/www.example.com\")))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15315 +msgid "Other services can also extend the @code{httpd-service-type} to add to the configuration." +msgstr "" + +#. type: example +#: doc/guix.texi:15324 doc/guix.texi:15434 +#, no-wrap +msgid "" +"(simple-service 'my-extra-server httpd-service-type\n" +" (list\n" +" (httpd-virtualhost\n" +" \"*:80\"\n" +" (list (string-append\n" +" \"ServerName \"www.example.com\n" +" DocumentRoot \\\"/srv/http/www.example.com\\\"\")))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15330 +msgid "" +"The details for the @code{httpd-configuration}, @code{httpd-module}, @code{httpd-config-file} and @code{httpd-virtualhost} record " +"types are given below." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15331 +#, no-wrap +msgid "{Data Type} httpd-configuration" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15333 +msgid "This data type represents the configuration for the httpd service." +msgstr "" + +#. type: item +#: doc/guix.texi:15335 +#, no-wrap +msgid "@code{package} (default: @code{httpd})" +msgstr "" + +#. type: table +#: doc/guix.texi:15337 +msgid "The httpd package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15338 doc/guix.texi:15397 +#, no-wrap +msgid "@code{pid-file} (default: @code{\"/var/run/httpd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15340 +msgid "The pid file used by the shepherd-service." +msgstr "" + +#. type: item +#: doc/guix.texi:15341 +#, no-wrap +msgid "@code{config} (default: @code{(httpd-config-file)})" +msgstr "" + +#. type: table +#: doc/guix.texi:15346 +msgid "" +"The configuration file to use with the httpd service. The default value is a @code{httpd-config-file} record, but this can also be a " +"different G-expression that generates a file, for example a @code{plain-file}. A file outside of the store can also be specified " +"through a string." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15350 +#, no-wrap +msgid "{Data Type} httpd-module" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15352 +msgid "This data type represents a module for the httpd service." +msgstr "" + +#. type: table +#: doc/guix.texi:15356 +msgid "The name of the module." +msgstr "" + +#. type: table +#: doc/guix.texi:15362 +msgid "" +"The file for the module. This can be relative to the httpd package being used, the absolute location of a file, or a G-expression " +"for a file within the store, for example @code{(file-append mod-wsgi \"/modules/mod_wsgi.so\")}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15366 +#, no-wrap +msgid "{Data Type} httpd-config-file" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15368 +msgid "This data type represents a configuration file for the httpd service." +msgstr "" + +#. type: item +#: doc/guix.texi:15370 +#, no-wrap +msgid "@code{modules} (default: @code{%default-httpd-modules})" +msgstr "" + +#. type: table +#: doc/guix.texi:15373 +msgid "The modules to load. Additional modules can be added here, or loaded by additional configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:15374 +#, no-wrap +msgid "@code{server-root} (default: @code{httpd})" +msgstr "" + +#. type: table +#: doc/guix.texi:15378 +msgid "" +"The @code{ServerRoot} in the configuration file, defaults to the httpd package. Directives including @code{Include} and " +"@code{LoadModule} are taken as relative to the server root." +msgstr "" + +#. type: item +#: doc/guix.texi:15379 +#, no-wrap +msgid "@code{server-name} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15383 +msgid "" +"The @code{ServerName} in the configuration file, used to specify the request scheme, hostname and port that the server uses to " +"identify itself." +msgstr "" + +#. type: table +#: doc/guix.texi:15387 +msgid "" +"This doesn't need to be set in the server config, and can be specifyed in virtual hosts. The default is @code{#f} to not specify a " +"@code{ServerName}." +msgstr "" + +#. type: item +#: doc/guix.texi:15388 +#, no-wrap +msgid "@code{document-root} (default: @code{\"/srv/http\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15390 +msgid "The @code{DocumentRoot} from which files will be served." +msgstr "" + +#. type: item +#: doc/guix.texi:15391 +#, no-wrap +msgid "@code{listen} (default: @code{'(\"80\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15396 +msgid "" +"The list of values for the @code{Listen} directives in the config file. The value should be a list of strings, when each string can " +"specify the port number to listen on, and optionally the IP address and protocol to use." +msgstr "" + +#. type: table +#: doc/guix.texi:15401 +msgid "" +"The @code{PidFile} to use. This should match the @code{pid-file} set in the @code{httpd-configuration} so that the Shepherd service " +"is configured correctly." +msgstr "" + +#. type: item +#: doc/guix.texi:15402 +#, no-wrap +msgid "@code{error-log} (default: @code{\"/var/log/httpd/error_log\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15404 +msgid "The @code{ErrorLog} to which the server will log errors." +msgstr "" + +#. type: item +#: doc/guix.texi:15405 +#, no-wrap +msgid "@code{user} (default: @code{\"httpd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15407 +msgid "The @code{User} which the server will answer requests as." +msgstr "" + +#. type: item +#: doc/guix.texi:15408 +#, no-wrap +msgid "@code{group} (default: @code{\"httpd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15410 +msgid "The @code{Group} which the server will answer requests as." +msgstr "" + +#. type: item +#: doc/guix.texi:15411 +#, no-wrap +msgid "@code{extra-config} (default: @code{(list \"TypesConfig etc/httpd/mime.types\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15414 +msgid "A flat list of strings and G-expressions which will be added to the end of the configuration file." +msgstr "" + +#. type: table +#: doc/guix.texi:15417 +msgid "Any values which the service is extended with will be appended to this list." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15421 +#, no-wrap +msgid "{Data Type} httpd-virtualhost" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15423 +msgid "This data type represents a virtualhost configuration block for the httpd service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15425 +msgid "These should be added to the extra-config for the httpd-service." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15437 +#, no-wrap +msgid "addresses-and-ports" +msgstr "" + +#. type: table +#: doc/guix.texi:15439 +msgid "The addresses and ports for the @code{VirtualHost} directive." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15440 +#, no-wrap +msgid "contents" +msgstr "" + +#. type: table +#: doc/guix.texi:15443 +msgid "The contents of the @code{VirtualHost} directive, this should be a list of strings and G-expressions." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:15447 +#, no-wrap +msgid "NGINX" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15449 +#, no-wrap +msgid "{Scheme Variable} nginx-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15452 +msgid "" +"Service type for the @uref{https://nginx.org/,NGinx} web server. The value for this service type is a @code{} " +"record." +msgstr "" + +#. type: example +#: doc/guix.texi:15462 doc/guix.texi:15516 +#, no-wrap +msgid "" +"(service nginx-service-type\n" +" (nginx-configuration\n" +" (server-blocks\n" +" (list (nginx-server-configuration\n" +" (server-name '(\"www.example.com\"))\n" +" (root \"/srv/http/www.example.com\"))))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15467 +msgid "" +"In addition to adding server blocks to the service configuration directly, this service can be extended by other services to add " +"server blocks, as in this example:" +msgstr "" + +#. type: example +#: doc/guix.texi:15473 +#, no-wrap +msgid "" +"(simple-service 'my-extra-server nginx-service-type\n" +" (list (nginx-server-configuration\n" +" (root \"/srv/http/extra-website\")\n" +" (try-files (list \"$uri\" \"$uri/index.html\")))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15484 +msgid "" +"At startup, @command{nginx} has not yet read its configuration file, so it uses a default file to log error messages. If it fails " +"to load its configuration file, that is where error messages are logged. After the configuration file is loaded, the default error " +"log file changes as per configuration. In our case, startup error messages can be found in @file{/var/run/nginx/logs/error.log}, " +"and after configuration in @file{/var/log/nginx/error.log}. The second location can be changed with the @var{log-directory} " +"configuration option." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15485 +#, no-wrap +msgid "{Data Type} nginx-configuration" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15489 +msgid "" +"This data type represents the configuration for NGinx. Some configuration can be done through this and the other provided record " +"types, or alternatively, a config file can be provided." +msgstr "" + +#. type: item +#: doc/guix.texi:15491 +#, no-wrap +msgid "@code{nginx} (default: @code{nginx})" +msgstr "" + +#. type: table +#: doc/guix.texi:15493 +msgid "The nginx package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15494 +#, no-wrap +msgid "@code{log-directory} (default: @code{\"/var/log/nginx\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15496 +msgid "The directory to which NGinx will write log files." +msgstr "" + +#. type: item +#: doc/guix.texi:15497 +#, no-wrap +msgid "@code{run-directory} (default: @code{\"/var/run/nginx\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15500 +msgid "The directory in which NGinx will create a pid file, and write temporary files." +msgstr "" + +#. type: item +#: doc/guix.texi:15501 +#, no-wrap +msgid "@code{server-blocks} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15505 +msgid "" +"A list of @dfn{server blocks} to create in the generated configuration file, the elements should be of type @code{}." +msgstr "" + +#. type: table +#: doc/guix.texi:15509 +msgid "" +"The following example would setup NGinx to serve @code{www.example.com} from the @code{/srv/http/www.example.com} directory, without " +"using HTTPS." +msgstr "" + +#. type: item +#: doc/guix.texi:15518 +#, no-wrap +msgid "@code{upstream-blocks} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15522 +msgid "" +"A list of @dfn{upstream blocks} to create in the generated configuration file, the elements should be of type @code{}." +msgstr "" + +#. type: table +#: doc/guix.texi:15529 +msgid "" +"Configuring upstreams through the @code{upstream-blocks} can be useful when combined with @code{locations} in the @code{} records. The following example creates a server configuration with one location configuration, that will " +"proxy requests to a upstream configuration, which will handle requests with two servers." +msgstr "" + +#. type: example +#: doc/guix.texi:15548 +#, no-wrap +msgid "" +"(service\n" +" nginx-service-type\n" +" (nginx-configuration\n" +" (server-blocks\n" +" (list (nginx-server-configuration\n" +" (server-name '(\"www.example.com\"))\n" +" (root \"/srv/http/www.example.com\")\n" +" (locations\n" +" (list\n" +" (nginx-location-configuration\n" +" (uri \"/path1\")\n" +" (body '(\"proxy_pass http://server-proxy;\"))))))))\n" +" (upstream-blocks\n" +" (list (nginx-upstream-configuration\n" +" (name \"server-proxy\")\n" +" (servers (list \"server1.example.com\"\n" +" \"server2.example.com\")))))))\n" +msgstr "" + +#. type: table +#: doc/guix.texi:15556 +msgid "" +"If a configuration @var{file} is provided, this will be used, rather than generating a configuration file from the provided " +"@code{log-directory}, @code{run-directory}, @code{server-blocks} and @code{upstream-blocks}. For proper operation, these arguments " +"should match what is in @var{file} to ensure that the directories are created when the service is activated." +msgstr "" + +#. type: table +#: doc/guix.texi:15560 +msgid "" +"This can be useful if you have an existing configuration file, or it's not possible to do what is required through the other parts " +"of the nginx-configuration record." +msgstr "" + +#. type: item +#: doc/guix.texi:15561 +#, no-wrap +msgid "@code{server-names-hash-bucket-size} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15564 +msgid "Bucket size for the server names hash tables, defaults to @code{#f} to use the size of the processors cache line." +msgstr "" + +#. type: item +#: doc/guix.texi:15565 +#, no-wrap +msgid "@code{server-names-hash-bucket-max-size} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15567 +msgid "Maximum bucket size for the server names hash tables." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15571 +#, no-wrap +msgid "{Data Type} nginx-server-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15574 +msgid "Data type representing the configuration of an nginx server block. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15576 +#, no-wrap +msgid "@code{listen} (default: @code{'(\"80\" \"443 ssl\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15581 +msgid "" +"Each @code{listen} directive sets the address and port for IP, or the path for a UNIX-domain socket on which the server will accept " +"requests. Both address and port, or only address or only port can be specified. An address may also be a hostname, for example:" +msgstr "" + +#. type: example +#: doc/guix.texi:15584 +#, no-wrap +msgid "'(\"127.0.0.1:8000\" \"127.0.0.1\" \"8000\" \"*:8000\" \"localhost:8000\")\n" +msgstr "" + +#. type: item +#: doc/guix.texi:15586 +#, no-wrap +msgid "@code{server-name} (default: @code{(list 'default)})" +msgstr "" + +#. type: table +#: doc/guix.texi:15589 +msgid "" +"A list of server names this server represents. @code{'default} represents the default server for connections matching no other " +"server." +msgstr "" + +#. type: item +#: doc/guix.texi:15590 +#, no-wrap +msgid "@code{root} (default: @code{\"/srv/http\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:15592 +msgid "Root of the website nginx will serve." +msgstr "" + +#. type: item +#: doc/guix.texi:15593 +#, no-wrap +msgid "@code{locations} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15597 +msgid "" +"A list of @dfn{nginx-location-configuration} or @dfn{nginx-named-location-configuration} records to use within this server block." +msgstr "" + +#. type: item +#: doc/guix.texi:15598 +#, no-wrap +msgid "@code{index} (default: @code{(list \"index.html\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15601 +msgid "" +"Index files to look for when clients ask for a directory. If it cannot be found, Nginx will send the list of files in the directory." +msgstr "" + +#. type: item +#: doc/guix.texi:15602 +#, no-wrap +msgid "@code{try-files} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15605 +msgid "" +"A list of files whose existence is checked in the specified order. @code{nginx} will use the first file it finds to process the " +"request." +msgstr "" + +#. type: item +#: doc/guix.texi:15606 +#, no-wrap +msgid "@code{ssl-certificate} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15609 +msgid "" +"Where to find the certificate for secure connections. Set it to @code{#f} if you don't have a certificate or you don't want to use " +"HTTPS." +msgstr "" + +#. type: item +#: doc/guix.texi:15610 +#, no-wrap +msgid "@code{ssl-certificate-key} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15613 +msgid "" +"Where to find the private key for secure connections. Set it to @code{#f} if you don't have a key or you don't want to use HTTPS." +msgstr "" + +#. type: item +#: doc/guix.texi:15614 +#, no-wrap +msgid "@code{server-tokens?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15616 +msgid "Whether the server should add its configuration to response." +msgstr "" + +#. type: item +#: doc/guix.texi:15617 +#, no-wrap +msgid "@code{raw-content} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15619 +msgid "A list of raw lines added to the server block." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15623 +#, no-wrap +msgid "{Data Type} nginx-upstream-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15626 +msgid "Data type representing the configuration of an nginx @code{upstream} block. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:15630 +msgid "Name for this group of servers." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15631 +#, no-wrap +msgid "servers" +msgstr "" + +#. type: table +#: doc/guix.texi:15638 +msgid "" +"Specify the addresses of the servers in the group. The address can be specified as a IP address (e.g. @samp{127.0.0.1}), domain " +"name (e.g. @samp{backend1.example.com}) or a path to a UNIX socket using the prefix @samp{unix:}. For addresses using an IP address " +"or domain name, the default port is 80, and a different port can be specified explicitly." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15642 +#, no-wrap +msgid "{Data Type} nginx-location-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15645 +msgid "Data type representing the configuration of an nginx @code{location} block. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:15649 +msgid "URI which this location block matches." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:15651 +msgid "nginx-location-configuration body" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15651 doc/guix.texi:15672 +#, no-wrap +msgid "body" +msgstr "" + +#. type: table +#: doc/guix.texi:15658 +msgid "" +"Body of the location block, specified as a list of strings. This can contain many configuration directives. For example, to pass " +"requests to a upstream server group defined using an @code{nginx-upstream-configuration} block, the following directive would be " +"specified in the body @samp{(list \"proxy_pass http://upstream-name;\")}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15662 +#, no-wrap +msgid "{Data Type} nginx-named-location-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15667 +msgid "" +"Data type representing the configuration of an nginx named location block. Named location blocks are used for request redirection, " +"and not used for regular request processing. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:15671 +msgid "Name to identify this location block." +msgstr "" + +#. type: table +#: doc/guix.texi:15677 +msgid "" +"@xref{nginx-location-configuration body}, as the body for named location blocks can be used in a similar way to the @code{nginx-" +"location-configuration body}. One restriction is that the body of a named location block cannot contain location blocks." +msgstr "" + +#. type: cindex +#: doc/guix.texi:15681 +#, no-wrap +msgid "fastcgi" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15682 +#, no-wrap +msgid "fcgiwrap" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15689 +msgid "" +"FastCGI is an interface between the front-end and the back-end of a web service. It is a somewhat legacy facility; new web services " +"should generally just talk HTTP between the front-end and the back-end. However there are a number of back-end services such as PHP " +"or the optimized HTTP Git repository access that use FastCGI, so we have support for it in Guix." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15696 +msgid "" +"To use FastCGI, you configure the front-end web server (e.g., nginx) to dispatch some subset of its requests to the fastcgi backend, " +"which listens on a local TCP or UNIX socket. There is an intermediary @code{fcgiwrap} program that sits between the actual backend " +"process and the web server. The front-end indicates which backend program to run, passing that information to the @code{fcgiwrap} " +"process." +msgstr "" + +#. type: defvr +#: doc/guix.texi:15697 +#, no-wrap +msgid "{Scheme Variable} fcgiwrap-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15699 +msgid "A service type for the @code{fcgiwrap} FastCGI proxy." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15701 +#, no-wrap +msgid "{Data Type} fcgiwrap-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15704 +msgid "Data type representing the configuration of the @code{fcgiwrap} serice. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15705 +#, no-wrap +msgid "@code{package} (default: @code{fcgiwrap})" +msgstr "" + +#. type: table +#: doc/guix.texi:15707 +msgid "The fcgiwrap package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15708 +#, no-wrap +msgid "@code{socket} (default: @code{tcp:127.0.0.1:9000})" +msgstr "" + +#. type: table +#: doc/guix.texi:15714 +msgid "" +"The socket on which the @code{fcgiwrap} process should listen, as a string. Valid @var{socket} values include @code{unix:@var{/path/" +"to/unix/socket}}, @code{tcp:@var{dot.ted.qu.ad}:@var{port}} and @code{tcp6:[@var{ipv6_addr}]:port}." +msgstr "" + +#. type: item +#: doc/guix.texi:15715 +#, no-wrap +msgid "@code{user} (default: @code{fcgiwrap})" +msgstr "" + +#. type: itemx +#: doc/guix.texi:15716 +#, no-wrap +msgid "@code{group} (default: @code{fcgiwrap})" +msgstr "" + +#. type: table +#: doc/guix.texi:15721 +msgid "" +"The user and group names, as strings, under which to run the @code{fcgiwrap} process. The @code{fastcgi} service will ensure that " +"if the user asks for the specific user or group names @code{fcgiwrap} that the corresponding user and/or group is present on the " +"system." +msgstr "" + +#. type: table +#: doc/guix.texi:15728 +msgid "" +"It is possible to configure a FastCGI-backed web service to pass HTTP authentication information from the front-end to the back-end, " +"and to allow @code{fcgiwrap} to run the back-end process as a corresponding local user. To enable this capability on the back-end., " +"run @code{fcgiwrap} as the @code{root} user and group. Note that this capability also has to be configured on the front-end as well." +msgstr "" + +#. type: cindex +#: doc/guix.texi:15731 +#, no-wrap +msgid "php-fpm" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15734 +msgid "" +"PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any " +"size." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15736 +msgid "These features include:" +msgstr "" + +#. type: item +#: doc/guix.texi:15737 +#, no-wrap +msgid "Adaptive process spawning" +msgstr "" + +#. type: item +#: doc/guix.texi:15738 +#, no-wrap +msgid "Basic statistics (similar to Apache's mod_status)" +msgstr "" + +#. type: item +#: doc/guix.texi:15739 +#, no-wrap +msgid "Advanced process management with graceful stop/start" +msgstr "" + +#. type: item +#: doc/guix.texi:15740 +#, no-wrap +msgid "Ability to start workers with different uid/gid/chroot/environment" +msgstr "" + +#. type: itemize +#: doc/guix.texi:15742 +msgid "and different php.ini (replaces safe_mode)" +msgstr "" + +#. type: item +#: doc/guix.texi:15742 +#, no-wrap +msgid "Stdout & stderr logging" +msgstr "" + +#. type: item +#: doc/guix.texi:15743 +#, no-wrap +msgid "Emergency restart in case of accidental opcode cache destruction" +msgstr "" + +#. type: item +#: doc/guix.texi:15744 +#, no-wrap +msgid "Accelerated upload support" +msgstr "" + +#. type: item +#: doc/guix.texi:15745 +#, no-wrap +msgid "Support for a \"slowlog\"" +msgstr "" + +#. type: item +#: doc/guix.texi:15746 +#, no-wrap +msgid "Enhancements to FastCGI, such as fastcgi_finish_request() -" +msgstr "" + +#. type: itemize +#: doc/guix.texi:15749 +msgid "" +"a special function to finish request & flush all data while continuing to do something time-consuming (video converting, stats " +"processing, etc.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15751 +msgid "... and much more." +msgstr "" + +#. type: defvr +#: doc/guix.texi:15752 +#, no-wrap +msgid "{Scheme Variable} php-fpm-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15754 +msgid "A Service type for @code{php-fpm}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15756 +#, no-wrap +msgid "{Data Type} php-fpm-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15758 +msgid "Data Type for php-fpm service configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:15759 +#, no-wrap +msgid "@code{php} (default: @code{php})" +msgstr "" + +#. type: table +#: doc/guix.texi:15761 +msgid "The php package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15761 +#, no-wrap +msgid "@code{socket} (default: @code{(string-append \"/var/run/php\" (version-major (package-version php)) \"-fpm.sock\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15763 +msgid "The address on which to accept FastCGI requests. Valid syntaxes are:" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15764 +#, no-wrap +msgid "\"ip.add.re.ss:port\"" +msgstr "" + +#. type: table +#: doc/guix.texi:15766 +msgid "Listen on a TCP socket to a specific address on a specific port." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15766 +#, no-wrap +msgid "\"port\"" +msgstr "" + +#. type: table +#: doc/guix.texi:15768 +msgid "Listen on a TCP socket to all addresses on a specific port." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15768 +#, no-wrap +msgid "\"/path/to/unix/socket\"" +msgstr "" + +#. type: table +#: doc/guix.texi:15770 +msgid "Listen on a unix socket." +msgstr "" + +#. type: item +#: doc/guix.texi:15772 +#, no-wrap +msgid "@code{user} (default: @code{php-fpm})" +msgstr "" + +#. type: table +#: doc/guix.texi:15774 +msgid "User who will own the php worker processes." +msgstr "" + +#. type: item +#: doc/guix.texi:15774 +#, no-wrap +msgid "@code{group} (default: @code{php-fpm})" +msgstr "" + +#. type: table +#: doc/guix.texi:15776 +msgid "Group of the worker processes." +msgstr "" + +#. type: item +#: doc/guix.texi:15776 +#, no-wrap +msgid "@code{socket-user} (default: @code{php-fpm})" +msgstr "" + +#. type: table +#: doc/guix.texi:15778 +msgid "User who can speak to the php-fpm socket." +msgstr "" + +#. type: item +#: doc/guix.texi:15778 +#, no-wrap +msgid "@code{socket-group} (default: @code{php-fpm})" +msgstr "" + +#. type: table +#: doc/guix.texi:15780 +msgid "Group that can speak to the php-fpm socket." +msgstr "" + +#. type: item +#: doc/guix.texi:15780 +#, no-wrap +msgid "@code{pid-file} (default: @code{(string-append \"/var/run/php\" (version-major (package-version php)) \"-fpm.pid\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15783 +msgid "The process id of the php-fpm process is written to this file once the service has started." +msgstr "" + +#. type: item +#: doc/guix.texi:15783 +#, no-wrap +msgid "@code{log-file} (default: @code{(string-append \"/var/log/php\" (version-major (package-version php)) \"-fpm.log\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15785 +msgid "Log for the php-fpm master process." +msgstr "" + +#. type: item +#: doc/guix.texi:15785 +#, no-wrap +msgid "@code{process-manager} (default: @code{(php-fpm-dynamic-process-manager-configuration)})" +msgstr "" + +#. type: table +#: doc/guix.texi:15788 +msgid "Detailed settings for the php-fpm process manager. Must be either:" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15789 +#, no-wrap +msgid "" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15790 +#, no-wrap +msgid "" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:15791 +#, no-wrap +msgid "" +msgstr "" + +#. type: item +#: doc/guix.texi:15793 +#, no-wrap +msgid "@code{display-errors} (default @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15798 +msgid "" +"Determines whether php errors and warning should be sent to clients and displayed in their browsers. This is useful for local php " +"development, but a security risk for public sites, as error messages can reveal passwords and personal data." +msgstr "" + +#. type: item +#: doc/guix.texi:15798 +#, no-wrap +msgid "@code{workers-logfile} (default @code{(string-append \"/var/log/php\" (version-major (package-version php)) \"-fpm.www.log\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:15801 +msgid "This file will log the @code{stderr} outputs of php worker processes. Can be set to @code{#f} to disable logging." +msgstr "" + +#. type: item +#: doc/guix.texi:15801 +#, no-wrap +msgid "@code{file} (default @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:15804 +msgid "" +"An optional override of the whole configuration. You can use the @code{mixed-text-file} function or an absolute filepath for it." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15807 +#, no-wrap +msgid "{Data type} php-fpm-dynamic-process-manager-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15811 +msgid "" +"Data Type for the @code{dynamic} php-fpm process manager. With the @code{dynamic} process manager, spare worker processes are kept " +"around based on it's configured limits." +msgstr "" + +#. type: item +#: doc/guix.texi:15812 doc/guix.texi:15828 doc/guix.texi:15838 +#, no-wrap +msgid "@code{max-children} (default: @code{5})" +msgstr "" + +#. type: table +#: doc/guix.texi:15814 doc/guix.texi:15830 doc/guix.texi:15840 +msgid "Maximum of worker processes." +msgstr "" + +#. type: item +#: doc/guix.texi:15814 +#, no-wrap +msgid "@code{start-servers} (default: @code{2})" +msgstr "" + +#. type: table +#: doc/guix.texi:15816 +msgid "How many worker processes should be started on start-up." +msgstr "" + +#. type: item +#: doc/guix.texi:15816 +#, no-wrap +msgid "@code{min-spare-servers} (default: @code{1})" +msgstr "" + +#. type: table +#: doc/guix.texi:15818 +msgid "How many spare worker processes should be kept around at minimum." +msgstr "" + +#. type: item +#: doc/guix.texi:15818 +#, no-wrap +msgid "@code{max-spare-servers} (default: @code{3})" +msgstr "" + +#. type: table +#: doc/guix.texi:15820 +msgid "How many spare worker processes should be kept around at maximum." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15823 +#, no-wrap +msgid "{Data type} php-fpm-static-process-manager-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15827 +msgid "" +"Data Type for the @code{static} php-fpm process manager. With the @code{static} process manager, an unchanging number of worker " +"processes are created." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15833 +#, no-wrap +msgid "{Data type} php-fpm-on-demand-process-manager-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15837 +msgid "" +"Data Type for the @code{on-demand} php-fpm process manager. With the @code{on-demand} process manager, worker processes are only " +"created as requests arrive." +msgstr "" + +#. type: item +#: doc/guix.texi:15840 +#, no-wrap +msgid "@code{process-idle-timeout} (default: @code{10})" +msgstr "" + +#. type: table +#: doc/guix.texi:15842 +msgid "The time in seconds after which a process with no requests is killed." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15846 +#, no-wrap +msgid "{Scheme Procedure} nginx-php-fpm-location @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15852 +msgid "" +"[#:nginx-package nginx] @ [socket (string-append \"/var/run/php\" @ (version-major (package-version php)) @ \"-fpm.sock\")] A helper " +"function to quickly add php to an @code{nginx-server-configuration}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15855 +msgid "A simple services setup for nginx with php can look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:15868 +#, no-wrap +msgid "" +"(services (cons* (dhcp-client-service)\n" +" (service php-fpm-service-type)\n" +" (service nginx-service-type\n" +" (nginx-server-configuration\n" +" (server-name '(\"example.com\"))\n" +" (root \"/srv/http/\")\n" +" (locations\n" +" (list (nginx-php-location)))\n" +" (https-port #f)\n" +" (ssl-certificate #f)\n" +" (ssl-certificate-key #f)))\n" +" %base-services))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15870 +#, no-wrap +msgid "cat-avatar-generator" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15874 +msgid "" +"The cat avatar generator is a simple service to demonstrate the use of php-fpm in @code{Nginx}. It is used to generate cat avatar " +"from a seed, for instance the hash of a user's email address." +msgstr "" + +#. type: deffn +#: doc/guix.texi:15875 +#, no-wrap +msgid "{Scheme Procedure} cat-avatar-generator-serice @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:15883 +msgid "" +"[#:cache-dir \"/var/cache/cat-avatar-generator\"] @ [#:package cat-avatar-generator] @ [#:configuration (nginx-server-" +"configuration)] Returns an nginx-server-configuration that inherits @code{configuration}. It extends the nginx configuration to add " +"a server block that serves @code{package}, a version of cat-avatar-generator. During execution, cat-avatar-generator will be able " +"to use @code{cache-dir} as its cache directory." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15886 +msgid "A simple setup for cat-avatar-generator can look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:15893 +#, no-wrap +msgid "" +"(services (cons* (cat-avatar-generator-service\n" +" #:configuration\n" +" (nginx-server-configuration\n" +" (server-name '(\"example.com\"))))\n" +" ...\n" +" %base-services))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15898 +#, no-wrap +msgid "Web" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15899 +#, no-wrap +msgid "HTTP, HTTPS" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15900 +#, no-wrap +msgid "Let's Encrypt" +msgstr "" + +#. type: cindex +#: doc/guix.texi:15901 +#, no-wrap +msgid "TLS certificates" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15908 +msgid "" +"The @code{(gnu services certbot)} module provides a service to automatically obtain a valid TLS certificate from the Let's Encrypt " +"certificate authority. These certificates can then be used to serve content securely over HTTPS or other TLS-based protocols, with " +"the knowledge that the client will be able to verify the server's authenticity." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15920 +msgid "" +"@url{https://letsencrypt.org/, Let's Encrypt} provides the @code{certbot} tool to automate the certification process. This tool " +"first securely generates a key on the server. It then makes a request to the Let's Encrypt certificate authority (CA) to sign the " +"key. The CA checks that the request originates from the host in question by using a challenge-response protocol, requiring the " +"server to provide its response over HTTP. If that protocol completes successfully, the CA signs the key, resulting in a " +"certificate. That certificate is valid for a limited period of time, and therefore to continue to provide TLS services, the server " +"needs to periodically ask the CA to renew its signature." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15927 +msgid "" +"The certbot service automates this process: the initial key generation, the initial certification request to the Let's Encrypt " +"service, the web server challenge/response integration, writing the certificate to disk, the automated periodic renewals, and the " +"deployment tasks associated with the renewal (e.g. reloading services, copying keys with different permissions)." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15933 +msgid "" +"Certbot is run twice a day, at a random minute within the hour. It won't do anything until your certificates are due for renewal or " +"revoked, but running it regularly would give your service a chance of staying online in case a Let's Encrypt-initiated revocation " +"happened for some reason." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:15937 +msgid "" +"By using this service, you agree to the ACME Subscriber Agreement, which can be found there: @url{https://acme-v01.api.letsencrypt." +"org/directory}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:15938 +#, no-wrap +msgid "{Scheme Variable} certbot-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15941 +msgid "" +"A service type for the @code{certbot} Let's Encrypt client. Its value must be a @code{certbot-configuration} record as in this " +"example:" +msgstr "" + +#. type: example +#: doc/guix.texi:15948 +#, no-wrap +msgid "" +"(define %nginx-deploy-hook\n" +" (program-file\n" +" \"nginx-deploy-hook\"\n" +" #~(let ((pid (call-with-input-file \"/var/run/nginx/pid\" read)))\n" +" (kill pid SIGHUP))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:15959 +#, no-wrap +msgid "" +"(service certbot-service-type\n" +" (certbot-configuration\n" +" (email \"foo@@example.net\")\n" +" (certificates\n" +" (list\n" +" (certificate-configuration\n" +" (domains '(\"example.net\" \"www.example.net\"))\n" +" (deploy-hook %nginx-deploy-hook))\n" +" (certificate-configuration\n" +" (domains '(\"bar.example.net\")))))))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:15962 +msgid "See below for details about @code{certbot-configuration}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:15964 +#, no-wrap +msgid "{Data Type} certbot-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:15967 +msgid "Data type representing the configuration of the @code{certbot} service. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:15969 +#, no-wrap +msgid "@code{package} (default: @code{certbot})" +msgstr "" + +#. type: table +#: doc/guix.texi:15971 +msgid "The certbot package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:15972 +#, no-wrap +msgid "@code{webroot} (default: @code{/var/www})" +msgstr "" + +#. type: table +#: doc/guix.texi:15975 +msgid "The directory from which to serve the Let's Encrypt challenge/response files." +msgstr "" + +#. type: item +#: doc/guix.texi:15976 +#, no-wrap +msgid "@code{certificates} (default: @code{()})" +msgstr "" + +#. type: table +#: doc/guix.texi:15980 +msgid "" +"A list of @code{certificates-configuration}s for which to generate certificates and request signatures. Each certificate has a " +"@code{name} and several @code{domains}." +msgstr "" + +#. type: table +#: doc/guix.texi:15984 +msgid "Mandatory email used for registration, recovery contact, and important account notifications." +msgstr "" + +#. type: item +#: doc/guix.texi:15985 +#, no-wrap +msgid "@code{rsa-key-size} (default: @code{2048})" +msgstr "" + +#. type: table +#: doc/guix.texi:15987 +msgid "Size of the RSA key." +msgstr "" + +#. type: item +#: doc/guix.texi:15988 +#, no-wrap +msgid "@code{default-location} (default: @i{see below})" +msgstr "" + +#. type: table +#: doc/guix.texi:15997 +msgid "" +"The default @code{nginx-location-configuration}. Because @code{certbot} needs to be able to serve challenges and responses, it " +"needs to be able to run a web server. It does so by extending the @code{nginx} web service with an @code{nginx-server-" +"configuration} listening on the @var{domains} on port 80, and which has a @code{nginx-location-configuration} for the @code{/.well-" +"known/} URI path subspace used by Let's Encrypt. @xref{Web Services}, for more on these nginx configuration data types." +msgstr "" + +#. type: table +#: doc/guix.texi:16001 +msgid "" +"Requests to other URL paths will be matched by the @code{default-location}, which if present is added to all @code{nginx-server-" +"configuration}s." +msgstr "" + +#. type: table +#: doc/guix.texi:16005 +msgid "" +"By default, the @code{default-location} will issue a redirect from @code{http://@var{domain}/...} to @code{https://" +"@var{domain}/...}, leaving you to define what to serve on your site via @code{https}." +msgstr "" + +#. type: table +#: doc/guix.texi:16007 +msgid "Pass @code{#f} to not issue a default location." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16010 +#, no-wrap +msgid "{Data Type} certificate-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16013 +msgid "Data type representing the configuration of a certificate. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16015 +#, no-wrap +msgid "@code{name} (default: @i{see below})" +msgstr "" + +#. type: table +#: doc/guix.texi:16019 +msgid "" +"This name is used by Certbot for housekeeping and in file paths; it doesn't affect the content of the certificate itself. To see " +"certificate names, run @code{certbot certificates}." +msgstr "" + +#. type: table +#: doc/guix.texi:16021 +msgid "Its default is the first provided domain." +msgstr "" + +#. type: item +#: doc/guix.texi:16022 +#, no-wrap +msgid "@code{domains} (default: @code{()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16025 +msgid "" +"The first domain provided will be the subject CN of the certificate, and all domains will be Subject Alternative Names on the " +"certificate." +msgstr "" + +#. type: item +#: doc/guix.texi:16026 +#, no-wrap +msgid "@code{deploy-hook} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16034 +msgid "" +"Command to be run in a shell once for each successfully issued certificate. For this command, the shell variable " +"@code{$RENEWED_LINEAGE} will point to the config live subdirectory (for example, @samp{\"/etc/letsencrypt/live/example.com\"}) " +"containing the new certificates and keys; the shell variable @code{$RENEWED_DOMAINS} will contain a space-delimited list of renewed " +"certificate domains (for example, @samp{\"example.com www.example.com\"}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16041 +msgid "" +"For each @code{certificate-configuration}, the certificate is saved to @code{/etc/letsencrypt/live/@var{name}/fullchain.pem} and the " +"key is saved to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:16043 +#, no-wrap +msgid "DNS (domain name system)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16044 +#, no-wrap +msgid "domain name system (DNS)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16050 +msgid "" +"The @code{(gnu services dns)} module provides services related to the @dfn{domain name system} (DNS). It provides a server service " +"for hosting an @emph{authoritative} DNS server for multiple zones, slave or master. This service uses @uref{https://www.knot-dns." +"cz/, Knot DNS}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16053 +msgid "An example configuration of an authoritative server for two zones, one master and one slave, is:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:16060 +#, no-wrap +msgid "" +"(define-zone-entries example.org.zone\n" +";; Name TTL Class Type Data\n" +" (\"@@\" \"\" \"IN\" \"A\" \"127.0.0.1\")\n" +" (\"@@\" \"\" \"IN\" \"NS\" \"ns\")\n" +" (\"ns\" \"\" \"IN\" \"A\" \"127.0.0.1\"))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:16067 +#, no-wrap +msgid "" +"(define master-zone\n" +" (knot-zone-configuration\n" +" (domain \"example.org\")\n" +" (zone (zone-file\n" +" (origin \"example.org\")\n" +" (entries example.org.zone)))))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:16073 +#, no-wrap +msgid "" +"(define slave-zone\n" +" (knot-zone-configuration\n" +" (domain \"plop.org\")\n" +" (dnssec-policy \"default\")\n" +" (master (list \"plop-master\"))))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:16078 +#, no-wrap +msgid "" +"(define plop-master\n" +" (knot-remote-configuration\n" +" (id \"plop-master\")\n" +" (address (list \"208.76.58.171\"))))\n" +"\n" +msgstr "" + +#. type: lisp +#: doc/guix.texi:16087 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; ...\n" +" (services (cons* (service knot-service-type\n" +" (knot-configuration\n" +" (remotes (list plop-master))\n" +" (zones (list master-zone slave-zone))))\n" +" ;; ...\n" +" %base-services)))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16089 +#, no-wrap +msgid "{Scheme Variable} knot-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16091 +msgid "This is the type for the Knot DNS server." +msgstr "" + +#. type: deffn +#: doc/guix.texi:16099 +msgid "" +"Knot DNS is an authoritative DNS server, meaning that it can serve multiple zones, that is to say domain names you would buy from a " +"registrar. This server is not a resolver, meaning that it can only resolve names for which it is authoritative. This server can be " +"configured to serve zones as a master server or a slave server as a per-zone basis. Slave zones will get their data from masters, " +"and will serve it as an authoritative server. From the point of view of a resolver, there is no difference between master and slave." +msgstr "" + +#. type: deffn +#: doc/guix.texi:16101 +msgid "The following data types are used to configure the Knot DNS server:" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16103 +#, no-wrap +msgid "{Data Type} knot-key-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16106 +msgid "Data type representing a key. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16108 doc/guix.texi:16128 doc/guix.texi:16243 doc/guix.texi:16269 doc/guix.texi:16304 +#, no-wrap +msgid "@code{id} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16111 +msgid "An identifier for other configuration fields to refer to this key. IDs must be unique and must not be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16112 +#, no-wrap +msgid "@code{algorithm} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16116 +msgid "" +"The algorithm to use. Choose between @code{#f}, @code{'hmac-md5}, @code{'hmac-sha1}, @code{'hmac-sha224}, @code{'hmac-sha256}, " +"@code{'hmac-sha384} and @code{'hmac-sha512}." +msgstr "" + +#. type: item +#: doc/guix.texi:16117 +#, no-wrap +msgid "@code{secret} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16119 +msgid "The secret key itself." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16123 +#, no-wrap +msgid "{Data Type} knot-acl-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16126 +msgid "Data type representing an Access Control List (ACL) configuration. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16131 +msgid "An identifier for ether configuration fields to refer to this key. IDs must be unique and must not be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16132 doc/guix.texi:16247 +#, no-wrap +msgid "@code{address} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16136 +msgid "" +"An ordered list of IP addresses, network subnets, or network ranges represented with strings. The query must match one of them. " +"Empty value means that address match is not required." +msgstr "" + +#. type: item +#: doc/guix.texi:16137 +#, no-wrap +msgid "@code{key} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16141 +msgid "" +"An ordered list of references to keys represented with strings. The string must match a key ID defined in a @code{knot-key-" +"configuration}. No key means that a key is not require to match that ACL." +msgstr "" + +#. type: item +#: doc/guix.texi:16142 +#, no-wrap +msgid "@code{action} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16146 +msgid "" +"An ordered list of actions that are permitted or forbidden by this ACL. Possible values are lists of zero or more elements from " +"@code{'transfer}, @code{'notify} and @code{'update}." +msgstr "" + +#. type: item +#: doc/guix.texi:16147 +#, no-wrap +msgid "@code{deny?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16150 +msgid "When true, the ACL defines restrictions. Listed actions are forbidden. When false, listed actions are allowed." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16154 +#, no-wrap +msgid "{Data Type} zone-entry" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16157 +msgid "Data type represnting a record entry in a zone file. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16159 +#, no-wrap +msgid "@code{name} (default: @code{\"@@\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16165 +msgid "" +"The name of the record. @code{\"@@\"} refers to the origin of the zone. Names are relative to the origin of the zone. For " +"example, in the @code{example.org} zone, @code{\"ns.example.org\"} actually refers to @code{ns.example.org.example.org}. Names " +"ending with a dot are absolute, which means that @code{\"ns.example.org.\"} refers to @code{ns.example.org}." +msgstr "" + +#. type: item +#: doc/guix.texi:16166 +#, no-wrap +msgid "@code{ttl} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16168 +msgid "The Time-To-Live (TTL) of this record. If not set, the default TTL is used." +msgstr "" + +#. type: item +#: doc/guix.texi:16169 +#, no-wrap +msgid "@code{class} (default: @code{\"IN\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16172 +msgid "The class of the record. Knot currently supports only @code{\"IN\"} and partially @code{\"CH\"}." +msgstr "" + +#. type: item +#: doc/guix.texi:16173 +#, no-wrap +msgid "@code{type} (default: @code{\"A\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16177 +msgid "" +"The type of the record. Common types include A (IPv4 address), AAAA (IPv6 address), NS (Name Server) and MX (Mail eXchange). Many " +"other types are defined." +msgstr "" + +#. type: item +#: doc/guix.texi:16178 +#, no-wrap +msgid "@code{data} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16182 +msgid "" +"The data contained in the record. For instance an IP address associated with an A record, or a domain name associated with an NS " +"record. Remember that domain names are relative to the origin unless they end with a dot." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16186 +#, no-wrap +msgid "{Data Type} zone-file" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16189 +msgid "Data type representing the content of a zone file. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16198 +msgid "" +"The list of entries. The SOA record is taken care of, so you don't need to put it in the list of entries. This list should " +"probably contain an entry for your primary authoritative DNS server. Other than using a list of entries directly, you can use " +"@code{define-zone-entries} to define a object containing the list of entries more easily, that you can later pass to the " +"@code{entries} field of the @code{zone-file}." +msgstr "" + +#. type: item +#: doc/guix.texi:16199 +#, no-wrap +msgid "@code{origin} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16201 +msgid "The name of your zone. This parameter cannot be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16202 +#, no-wrap +msgid "@code{ns} (default: @code{\"ns\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16207 +msgid "" +"The domain of your primary authoritative DNS server. The name is relative to the origin, unless it ends with a dot. It is " +"mandatory that this primary DNS server corresponds to an NS record in the zone and that it is associated to an IP address in the " +"list of entries." +msgstr "" + +#. type: item +#: doc/guix.texi:16208 +#, no-wrap +msgid "@code{mail} (default: @code{\"hostmaster\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16211 +msgid "An email address people can contact you at, as the owner of the zone. This is translated as @code{@@}." +msgstr "" + +#. type: item +#: doc/guix.texi:16212 +#, no-wrap +msgid "@code{serial} (default: @code{1})" +msgstr "" + +#. type: table +#: doc/guix.texi:16216 +msgid "" +"The serial number of the zone. As this is used to keep track of changes by both slaves and resolvers, it is mandatory that it " +"@emph{never} decreases. Always increment it when you make a change in your zone." +msgstr "" + +#. type: item +#: doc/guix.texi:16217 +#, no-wrap +msgid "@code{refresh} (default: @code{(* 2 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16221 +msgid "" +"The frequency at which slaves will do a zone transfer. This value is a number of seconds. It can be computed by multiplications or " +"with @code{(string->duration)}." +msgstr "" + +#. type: item +#: doc/guix.texi:16222 +#, no-wrap +msgid "@code{retry} (default: @code{(* 15 60)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16225 +msgid "The period after which a slave will retry to contact its master when it fails to do so a first time." +msgstr "" + +#. type: item +#: doc/guix.texi:16226 +#, no-wrap +msgid "@code{expiry} (default: @code{(* 14 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16230 +msgid "" +"Default TTL of records. Existing records are considered correct for at most this amount of time. After this period, resolvers will " +"invalidate their cache and check again that it still exists." +msgstr "" + +#. type: item +#: doc/guix.texi:16231 +#, no-wrap +msgid "@code{nx} (default: @code{3600})" +msgstr "" + +#. type: table +#: doc/guix.texi:16234 +msgid "Default TTL of inexistant records. This delay is usually short because you want your new domains to reach everyone quickly." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16238 +#, no-wrap +msgid "{Data Type} knot-remote-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16241 +msgid "Data type representing a remote configuration. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16246 +msgid "An identifier for other configuration fields to refer to this remote. IDs must be unique and must not be empty." +msgstr "" + +#. type: table +#: doc/guix.texi:16251 +msgid "" +"An ordered list of destination IP addresses. Addresses are tried in sequence. An optional port can be given with the @@ " +"separator. For instance: @code{(list \"1.2.3.4\" \"2.3.4.5@@53\")}. Default port is 53." +msgstr "" + +#. type: item +#: doc/guix.texi:16252 +#, no-wrap +msgid "@code{via} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16256 +msgid "" +"An ordered list of source IP addresses. An empty list will have Knot choose an appropriate source IP. An optional port can be " +"given with the @@ separator. The default is to choose at random." +msgstr "" + +#. type: item +#: doc/guix.texi:16257 +#, no-wrap +msgid "@code{key} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16260 +msgid "A reference to a key, that is a string containing the identifier of a key defined in a @code{knot-key-configuration} field." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16264 +#, no-wrap +msgid "{Data Type} knot-keystore-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16267 +msgid "Data type representing a keystore to hold dnssec keys. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16271 +msgid "The id of the keystore. It must not be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16272 +#, no-wrap +msgid "@code{backend} (default: @code{'pem})" +msgstr "" + +#. type: table +#: doc/guix.texi:16274 +msgid "The backend to store the keys in. Can be @code{'pem} or @code{'pkcs11}." +msgstr "" + +#. type: item +#: doc/guix.texi:16275 +#, no-wrap +msgid "@code{config} (default: @code{\"/var/lib/knot/keys/keys\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16279 +msgid "" +"The configuration string of the backend. An example for the PKCS#11 is: @code{\"pkcs11:token=knot;pin-value=1234 /gnu/store/.../lib/" +"pkcs11/libsofthsm2.so\"}. For the pem backend, the string reprensents a path in the file system." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16283 +#, no-wrap +msgid "{Data Type} knot-policy-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16287 +msgid "" +"Data type representing a dnssec policy. Knot DNS is able to automatically sign your zones. It can either generate and manage your " +"keys automatically or use keys that you generate." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16294 +msgid "" +"Dnssec is usually implemented using two keys: a Key Signing Key (KSK) that is used to sign the second, and a Zone Signing Key (ZSK) " +"that is used to sign the zone. In order to be trusted, the KSK needs to be present in the parent zone (usually a top-level " +"domain). If your registrar supports dnssec, you will have to send them your KSK's hash so they can add a DS record in their zone. " +"This is not automated and need to be done each time you change your KSK." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16300 +msgid "" +"The policy also defines the lifetime of keys. Usually, ZSK can be changed easily and use weaker cryptographic functions (they use " +"lower parameters) in order to sign records quickly, so they are changed often. The KSK however requires manual interaction with the " +"registrar, so they are changed less often and use stronger parameters because they sign only one record." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16302 +msgid "This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16306 +msgid "The id of the policy. It must not be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16307 +#, no-wrap +msgid "@code{keystore} (default: @code{\"default\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16312 +msgid "" +"A reference to a keystore, that is a string containing the identifier of a keystore defined in a @code{knot-keystore-configuration} " +"field. The @code{\"default\"} identifier means the default keystore (a kasp database that was setup by this service)." +msgstr "" + +#. type: item +#: doc/guix.texi:16313 +#, no-wrap +msgid "@code{manual?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16315 +msgid "Whether the key management is manual or automatic." +msgstr "" + +#. type: item +#: doc/guix.texi:16316 +#, no-wrap +msgid "@code{single-type-signing?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16318 +msgid "When @code{#t}, use the Single-Type Signing Scheme." +msgstr "" + +#. type: item +#: doc/guix.texi:16319 +#, no-wrap +msgid "@code{algorithm} (default: @code{\"ecdsap256sha256\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16321 +msgid "An algorithm of signing keys and issued signatures." +msgstr "" + +#. type: item +#: doc/guix.texi:16322 +#, no-wrap +msgid "@code{ksk-size} (default: @code{256})" +msgstr "" + +#. type: table +#: doc/guix.texi:16325 +msgid "The length of the KSK. Note that this value is correct for the default algorithm, but would be unsecure for other algorithms." +msgstr "" + +#. type: item +#: doc/guix.texi:16326 +#, no-wrap +msgid "@code{zsk-size} (default: @code{256})" +msgstr "" + +#. type: table +#: doc/guix.texi:16329 +msgid "The length of the ZSK. Note that this value is correct for the default algorithm, but would be unsecure for other algorithms." +msgstr "" + +#. type: item +#: doc/guix.texi:16330 +#, no-wrap +msgid "@code{dnskey-ttl} (default: @code{'default})" +msgstr "" + +#. type: table +#: doc/guix.texi:16333 +msgid "The TTL value for DNSKEY records added into zone apex. The special @code{'default} value means same as the zone SOA TTL." +msgstr "" + +#. type: item +#: doc/guix.texi:16334 +#, no-wrap +msgid "@code{zsk-lifetime} (default: @code{(* 30 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16336 +msgid "The period between ZSK publication and the next rollover initiation." +msgstr "" + +#. type: item +#: doc/guix.texi:16337 +#, no-wrap +msgid "@code{propagation-delay} (default: @code{(* 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16340 +msgid "" +"An extra delay added for each key rollover step. This value should be high enough to cover propagation of data from the master " +"server to all slaves." +msgstr "" + +#. type: item +#: doc/guix.texi:16341 +#, no-wrap +msgid "@code{rrsig-lifetime} (default: @code{(* 14 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16343 +msgid "A validity period of newly issued signatures." +msgstr "" + +#. type: item +#: doc/guix.texi:16344 +#, no-wrap +msgid "@code{rrsig-refresh} (default: @code{(* 7 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16346 +msgid "A period how long before a signature expiration the signature will be refreshed." +msgstr "" + +#. type: item +#: doc/guix.texi:16347 +#, no-wrap +msgid "@code{nsec3?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16349 +msgid "When @code{#t}, NSEC3 will be used instead of NSEC." +msgstr "" + +#. type: item +#: doc/guix.texi:16350 +#, no-wrap +msgid "@code{nsec3-iterations} (default: @code{5})" +msgstr "" + +#. type: table +#: doc/guix.texi:16352 +msgid "The number of additional times the hashing is performed." +msgstr "" + +#. type: item +#: doc/guix.texi:16353 +#, no-wrap +msgid "@code{nsec3-salt-length} (default: @code{8})" +msgstr "" + +#. type: table +#: doc/guix.texi:16356 +msgid "The length of a salt field in octets, which is appended to the original owner name before hashing." +msgstr "" + +#. type: item +#: doc/guix.texi:16357 +#, no-wrap +msgid "@code{nsec3-salt-lifetime} (default: @code{(* 30 24 3600)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16359 +msgid "The validity period of newly issued salt field." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16363 +#, no-wrap +msgid "{Data Type} knot-zone-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16366 +msgid "Data type representing a zone served by Knot. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16368 +#, no-wrap +msgid "@code{domain} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16370 +msgid "The domain served by this configuration. It must not be empty." +msgstr "" + +#. type: item +#: doc/guix.texi:16371 +#, no-wrap +msgid "@code{file} (default: @code{\"\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16374 +msgid "" +"The file where this zone is saved. This parameter is ignored by master zones. Empty means default location that depends on the " +"domain name." +msgstr "" + +#. type: item +#: doc/guix.texi:16375 +#, no-wrap +msgid "@code{zone} (default: @code{(zone-file)})" +msgstr "" + +#. type: table +#: doc/guix.texi:16378 +msgid "The content of the zone file. This parameter is ignored by slave zones. It must contain a zone-file record." +msgstr "" + +#. type: item +#: doc/guix.texi:16379 +#, no-wrap +msgid "@code{master} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16382 +msgid "" +"A list of master remotes. When empty, this zone is a master. When set, this zone is a slave. This is a list of remotes " +"identifiers." +msgstr "" + +#. type: item +#: doc/guix.texi:16383 +#, no-wrap +msgid "@code{ddns-master} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16386 +msgid "The main master. When empty, it defaults to the first master in the list of masters." +msgstr "" + +#. type: item +#: doc/guix.texi:16387 +#, no-wrap +msgid "@code{notify} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16389 +msgid "A list of slave remote identifiers." +msgstr "" + +#. type: item +#: doc/guix.texi:16390 +#, no-wrap +msgid "@code{acl} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16392 +msgid "A list of acl identifiers." +msgstr "" + +#. type: item +#: doc/guix.texi:16393 +#, no-wrap +msgid "@code{semantic-checks?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16395 +msgid "When set, this adds more semantic checks to the zone." +msgstr "" + +#. type: item +#: doc/guix.texi:16396 +#, no-wrap +msgid "@code{disable-any?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16398 +msgid "When set, this forbids queries of the ANY type." +msgstr "" + +#. type: item +#: doc/guix.texi:16399 +#, no-wrap +msgid "@code{zonefile-sync} (default: @code{0})" +msgstr "" + +#. type: table +#: doc/guix.texi:16402 +msgid "The delay between a modification in memory and on disk. 0 means immediate synchronization." +msgstr "" + +#. type: item +#: doc/guix.texi:16403 +#, no-wrap +msgid "@code{serial-policy} (default: @code{'increment})" +msgstr "" + +#. type: table +#: doc/guix.texi:16405 +msgid "A policy between @code{'increment} and @code{'unixtime}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16409 +#, no-wrap +msgid "{Data Type} knot-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16412 +msgid "Data type representing the Knot configuration. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16414 +#, no-wrap +msgid "@code{knot} (default: @code{knot})" +msgstr "" + +#. type: table +#: doc/guix.texi:16416 +msgid "The Knot package." +msgstr "" + +#. type: item +#: doc/guix.texi:16417 +#, no-wrap +msgid "@code{run-directory} (default: @code{\"/var/run/knot\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16419 +msgid "The run directory. This directory will be used for pid file and sockets." +msgstr "" + +#. type: item +#: doc/guix.texi:16420 +#, no-wrap +msgid "@code{listen-v4} (default: @code{\"0.0.0.0\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16422 doc/guix.texi:16425 +msgid "An ip address on which to listen." +msgstr "" + +#. type: item +#: doc/guix.texi:16423 +#, no-wrap +msgid "@code{listen-v6} (default: @code{\"::\"})" +msgstr "" + +#. type: item +#: doc/guix.texi:16426 +#, no-wrap +msgid "@code{listen-port} (default: @code{53})" +msgstr "" + +#. type: table +#: doc/guix.texi:16428 +msgid "A port on which to listen." +msgstr "" + +#. type: item +#: doc/guix.texi:16429 +#, no-wrap +msgid "@code{keys} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16431 +msgid "The list of knot-key-configuration used by this configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:16432 +#, no-wrap +msgid "@code{acls} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16434 +msgid "The list of knot-acl-configuration used by this configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:16435 +#, no-wrap +msgid "@code{remotes} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16437 +msgid "The list of knot-remote-configuration used by this configuration." +msgstr "" + +#. type: item +#: doc/guix.texi:16438 +#, no-wrap +msgid "@code{zones} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16440 +msgid "The list of knot-zone-configuration used by this configuration." +msgstr "" + +#. type: cindex +#: doc/guix.texi:16447 +#, no-wrap +msgid "VPN (virtual private network)" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16448 +#, no-wrap +msgid "virtual private network (VPN)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16454 +msgid "" +"The @code{(gnu services vpn)} module provides services related to @dfn{virtual private networks} (VPNs). It provides a " +"@emph{client} service for your machine to connect to a VPN, and a @emph{servire} service for your machine to host a VPN. Both " +"services use @uref{https://openvpn.net/, OpenVPN}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:16455 +#, no-wrap +msgid "{Scheme Procedure} openvpn-client-service @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16457 +msgid "[#:config (openvpn-client-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16459 +msgid "Return a service that runs @command{openvpn}, a VPN daemon, as a client." +msgstr "" + +#. type: deffn +#: doc/guix.texi:16461 +#, no-wrap +msgid "{Scheme Procedure} openvpn-server-service @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16463 +msgid "[#:config (openvpn-server-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:16465 +msgid "Return a service that runs @command{openvpn}, a VPN daemon, as a server." +msgstr "" + +#. type: deffn +#: doc/guix.texi:16467 +msgid "Both can be run simultaneously." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16472 +msgid "Available @code{openvpn-client-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16473 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} package openvpn" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16475 doc/guix.texi:16611 +msgid "The OpenVPN package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16478 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} string pid-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16480 doc/guix.texi:16616 +msgid "The OpenVPN pid file." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16482 doc/guix.texi:16618 +msgid "Defaults to @samp{\"/var/run/openvpn/openvpn.pid\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16485 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} proto proto" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16488 doc/guix.texi:16624 +msgid "The protocol (UDP or TCP) used to open a channel between clients and servers." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16490 doc/guix.texi:16626 +msgid "Defaults to @samp{udp}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16493 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} dev dev" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16495 doc/guix.texi:16631 +msgid "The device type used to represent the VPN connection." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16497 doc/guix.texi:16633 +msgid "Defaults to @samp{tun}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16500 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} string ca" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16502 doc/guix.texi:16638 +msgid "The certificate authority to check connections against." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16504 doc/guix.texi:16640 +msgid "Defaults to @samp{\"/etc/openvpn/ca.crt\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16507 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} string cert" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16510 doc/guix.texi:16646 +msgid "The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16512 doc/guix.texi:16648 +msgid "Defaults to @samp{\"/etc/openvpn/client.crt\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16515 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} string key" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16518 doc/guix.texi:16654 +msgid "The key of the machine the daemon is running on. It must be the key whose certificate is @code{cert}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16520 doc/guix.texi:16656 +msgid "Defaults to @samp{\"/etc/openvpn/client.key\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16523 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} boolean comp-lzo?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16525 doc/guix.texi:16661 +msgid "Whether to use the lzo compression algorithm." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16530 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} boolean persist-key?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16532 doc/guix.texi:16668 +msgid "Don't re-read key files across SIGUSR1 or --ping-restart." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16537 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} boolean persist-tun?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16540 doc/guix.texi:16676 +msgid "Don't close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 or --ping-restart restarts." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16545 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} number verbosity" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16547 doc/guix.texi:16683 +msgid "Verbosity level." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16549 doc/guix.texi:16685 doc/guix.texi:17962 doc/guix.texi:18185 +msgid "Defaults to @samp{3}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16552 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} tls-auth-client tls-auth" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16555 doc/guix.texi:16691 +msgid "Add an additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16560 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} key-usage verify-key-usage?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16562 +msgid "Whether to check the server certificate has server usage extension." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16567 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} bind bind?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16569 +msgid "Bind to a specific local port number." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16574 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} resolv-retry resolv-retry?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16576 +msgid "Retry resolving server address." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16581 +#, no-wrap +msgid "{@code{openvpn-client-configuration} parameter} openvpn-remote-list remote" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16583 +msgid "A list of remote servers to connect to." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16587 +msgid "Available @code{openvpn-remote-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16588 +#, no-wrap +msgid "{@code{openvpn-remote-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16590 +msgid "Server name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16592 +msgid "Defaults to @samp{\"my-server\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16595 +#, no-wrap +msgid "{@code{openvpn-remote-configuration} parameter} number port" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16597 +msgid "Port number the server listens to." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16599 doc/guix.texi:16700 +msgid "Defaults to @samp{1194}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16608 +msgid "Available @code{openvpn-server-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16609 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} package openvpn" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16614 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string pid-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16621 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} proto proto" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16629 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} dev dev" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16636 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string ca" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16643 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string cert" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16651 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string key" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16659 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} boolean comp-lzo?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16666 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} boolean persist-key?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16673 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} boolean persist-tun?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16681 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} number verbosity" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16688 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} tls-auth-server tls-auth" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16696 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} number port" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16698 +msgid "Specifies the port number on which the server listens." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16703 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} ip-mask server" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16705 +msgid "An ip and mask specifying the subnet inside the virtual network." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16707 +msgid "Defaults to @samp{\"10.8.0.0 255.255.255.0\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16710 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} cidr6 server-ipv6" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16712 +msgid "A CIDR notation specifying the IPv6 subnet inside the virtual network." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16717 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string dh" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16719 +msgid "The Diffie-Hellman parameters file." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16721 +msgid "Defaults to @samp{\"/etc/openvpn/dh2048.pem\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16724 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string ifconfig-pool-persist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16726 +msgid "The file that records client IPs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16728 +msgid "Defaults to @samp{\"/etc/openvpn/ipp.txt\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16731 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} gateway redirect-gateway?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16733 +msgid "When true, the server will act as a gateway for its clients." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16738 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} boolean client-to-client?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16740 +msgid "When true, clients are allowed to talk to each other inside the VPN." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16745 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} keepalive keepalive" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16751 +msgid "" +"Causes ping-like messages to be sent back and forth over the link so that each side knows when the other side has gone down. " +"@code{keepalive} requires a pair. The first element is the period of the ping sending, and the second element is the timeout before " +"considering the other side down." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16754 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} number max-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16756 +msgid "The maximum number of clients." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16761 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} string status" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16764 +msgid "The status file. This file shows a small report on current connection. It is truncated and rewritten every minute." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16766 +msgid "Defaults to @samp{\"/var/run/openvpn/status\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16769 +#, no-wrap +msgid "{@code{openvpn-server-configuration} parameter} openvpn-ccd-list client-config-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16771 +msgid "The list of configuration for some clients." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16775 +msgid "Available @code{openvpn-ccd-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16776 +#, no-wrap +msgid "{@code{openvpn-ccd-configuration} parameter} string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16778 +msgid "Client name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16780 +msgid "Defaults to @samp{\"client\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16783 +#, no-wrap +msgid "{@code{openvpn-ccd-configuration} parameter} ip-mask iroute" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16785 +msgid "Client own network" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16790 +#, no-wrap +msgid "{@code{openvpn-ccd-configuration} parameter} ip-mask ifconfig-push" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:16792 +msgid "Client VPN IP." +msgstr "" + +#. type: cindex +#: doc/guix.texi:16805 +#, no-wrap +msgid "NFS" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16810 +msgid "" +"The @code{(gnu services nfs)} module provides the following services, which are most commonly used in relation to mounting or " +"exporting directory trees as @dfn{network file systems} (NFS)." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:16811 +#, no-wrap +msgid "RPC Bind Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16812 +#, no-wrap +msgid "rpcbind" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16818 +msgid "" +"The RPC Bind service provides a facility to map program numbers into universal addresses. Many NFS related services use this " +"facility. Hence it is automatically started when a dependent service starts." +msgstr "" + +#. type: defvr +#: doc/guix.texi:16819 +#, no-wrap +msgid "{Scheme Variable} rpcbind-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:16821 +msgid "A service type for the RPC portmapper daemon." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16824 +#, no-wrap +msgid "{Data Type} rpcbind-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16827 +msgid "Data type representing the configuration of the RPC Bind Service. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16828 +#, no-wrap +msgid "@code{rpcbind} (default: @code{rpcbind})" +msgstr "" + +#. type: table +#: doc/guix.texi:16830 +msgid "The rpcbind package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:16831 +#, no-wrap +msgid "@code{warm-start?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:16835 +msgid "" +"If this parameter is @code{#t}, then the daemon will read a state file on startup thus reloading state information saved by a " +"previous instance." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:16839 +#, no-wrap +msgid "Pipefs Pseudo File System" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16840 +#, no-wrap +msgid "pipefs" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16841 +#, no-wrap +msgid "rpc_pipefs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16845 +msgid "The pipefs file system is used to transfer NFS related data between the kernel and user space programs." +msgstr "" + +#. type: defvr +#: doc/guix.texi:16846 +#, no-wrap +msgid "{Scheme Variable} pipefs-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:16848 +msgid "A service type for the pipefs pseudo file system." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16850 +#, no-wrap +msgid "{Data Type} pipefs-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16853 +msgid "Data type representing the configuration of the pipefs pseudo file system service. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16854 +#, no-wrap +msgid "@code{mount-point} (default: @code{\"/var/lib/nfs/rpc_pipefs\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16856 +msgid "The directory to which the file system is to be attached." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:16860 +#, no-wrap +msgid "GSS Daemon Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16861 +#, no-wrap +msgid "GSSD" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16862 +#, no-wrap +msgid "GSS" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16863 +#, no-wrap +msgid "global security system" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16870 +msgid "" +"The @dfn{global security system} (GSS) daemon provides strong security for RPC based protocols. Before exchanging RPC requests an " +"RPC client must establish a security context. Typically this is done using the Kerberos command @command{kinit} or automatically at " +"login time using PAM services (@pxref{Kerberos Services})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:16871 +#, no-wrap +msgid "{Scheme Variable} gss-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:16873 +msgid "A service type for the Global Security System (GSS) daemon." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16875 +#, no-wrap +msgid "{Data Type} gss-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16878 +msgid "Data type representing the configuration of the GSS daemon service. This type has the following parameters:" +msgstr "" + +#. type: item +#: doc/guix.texi:16879 doc/guix.texi:16904 +#, no-wrap +msgid "@code{nfs-utils} (default: @code{nfs-utils})" +msgstr "" + +#. type: table +#: doc/guix.texi:16881 +msgid "The package in which the @command{rpc.gssd} command is to be found." +msgstr "" + +#. type: item +#: doc/guix.texi:16882 doc/guix.texi:16907 +#, no-wrap +msgid "@code{pipefs-directory} (default: @code{\"/var/lib/nfs/rpc_pipefs\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16884 doc/guix.texi:16909 +msgid "The directory where the pipefs file system is mounted." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:16889 +#, no-wrap +msgid "IDMAP Daemon Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16890 +#, no-wrap +msgid "idmapd" +msgstr "" + +#. type: cindex +#: doc/guix.texi:16891 +#, no-wrap +msgid "name mapper" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16895 +msgid "" +"The idmap daemon service provides mapping between user IDs and user names. Typically it is required in order to access file systems " +"mounted via NFSv4." +msgstr "" + +#. type: defvr +#: doc/guix.texi:16896 +#, no-wrap +msgid "{Scheme Variable} idmap-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:16898 +msgid "A service type for the Identity Mapper (IDMAP) daemon." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16900 +#, no-wrap +msgid "{Data Type} idmap-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16903 +msgid "Data type representing the configuration of the IDMAP daemon service. This type has the following parameters:" +msgstr "" + +#. type: table +#: doc/guix.texi:16906 +msgid "The package in which the @command{rpc.idmapd} command is to be found." +msgstr "" + +#. type: item +#: doc/guix.texi:16910 +#, no-wrap +msgid "@code{domain} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16914 +msgid "" +"The local NFSv4 domain name. This must be a string or @code{#f}. If it is @code{#f} then the daemon will use the host's fully " +"qualified domain name." +msgstr "" + +#. type: cindex +#: doc/guix.texi:16921 +#, no-wrap +msgid "continuous integration" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16925 +msgid "" +"@uref{https://notabug.org/mthl/cuirass, Cuirass} is a continuous integration tool for Guix. It can be used both for development and " +"for providing substitutes to others (@pxref{Substitutes})." +msgstr "" +"@uref{https://notabug.org/mthl/cuirass, Cuirass} est un outil d'intégration continue pour Guix. On peut l'utiliser aussi bien pour " +"le développement que pour fournir des substituts à d'autres (@pxref{Substituts})." + +#. type: Plain text +#: doc/guix.texi:16927 +msgid "The @code{(gnu services cuirass)} module provides the following service." +msgstr "" + +#. type: defvr +#: doc/guix.texi:16928 +#, no-wrap +msgid "{Scheme Procedure} cuirass-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:16931 +msgid "The type of the Cuirass service. Its value must be a @code{cuirass-configuration} object, as described below." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16938 +msgid "" +"To add build jobs, you have to set the @code{specifications} field of the configuration. Here is an example of a service defining a " +"build job based on a specification that can be found in Cuirass source tree. This service polls the Guix repository and builds a " +"subset of the Guix packages, as prescribed in the @file{gnu-system.scm} example spec:" +msgstr "" + +#. type: example +#: doc/guix.texi:16950 +#, no-wrap +msgid "" +"(let ((spec #~((#:name . \"guix\")\n" +" (#:url . \"git://git.savannah.gnu.org/guix.git\")\n" +" (#:load-path . \".\")\n" +" (#:file . \"build-aux/cuirass/gnu-system.scm\")\n" +" (#:proc . cuirass-jobs)\n" +" (#:arguments (subset . \"hello\"))\n" +" (#:branch . \"master\"))))\n" +" (service cuirass-service-type\n" +" (cuirass-configuration\n" +" (specifications #~(list '#$spec)))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:16955 +msgid "" +"While information related to build jobs is located directly in the specifications, global settings for the @command{cuirass} process " +"are accessible in other @code{cuirass-configuration} fields." +msgstr "" + +#. type: deftp +#: doc/guix.texi:16956 +#, no-wrap +msgid "{Data Type} cuirass-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:16958 +msgid "Data type representing the configuration of Cuirass." +msgstr "" + +#. type: item +#: doc/guix.texi:16960 +#, no-wrap +msgid "@code{log-file} (default: @code{\"/var/log/cuirass.log\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16962 +msgid "Location of the log file." +msgstr "" + +#. type: item +#: doc/guix.texi:16963 +#, no-wrap +msgid "@code{cache-directory} (default: @code{\"/var/cache/cuirass\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16965 +msgid "Location of the repository cache." +msgstr "" + +#. type: item +#: doc/guix.texi:16966 +#, no-wrap +msgid "@code{user} (default: @code{\"cuirass\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16968 +msgid "Owner of the @code{cuirass} process." +msgstr "" + +#. type: item +#: doc/guix.texi:16969 +#, no-wrap +msgid "@code{group} (default: @code{\"cuirass\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16971 +msgid "Owner's group of the @code{cuirass} process." +msgstr "" + +#. type: item +#: doc/guix.texi:16972 +#, no-wrap +msgid "@code{interval} (default: @code{60})" +msgstr "" + +#. type: table +#: doc/guix.texi:16975 +msgid "Number of seconds between the poll of the repositories followed by the Cuirass jobs." +msgstr "" + +#. type: item +#: doc/guix.texi:16976 +#, no-wrap +msgid "@code{database} (default: @code{\"/var/run/cuirass/cuirass.db\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:16979 +msgid "Location of sqlite database which contains the build results and previously added specifications." +msgstr "" + +#. type: item +#: doc/guix.texi:16980 +#, no-wrap +msgid "@code{port} (default: @code{8081})" +msgstr "" + +#. type: table +#: doc/guix.texi:16982 +msgid "Port number used by the HTTP server." +msgstr "" + +#. type: table +#: doc/guix.texi:16986 +msgid "Listen on the network interface for @var{host}. The default is to accept connections from localhost." +msgstr "" + +#. type: item +#: doc/guix.texi:16987 +#, no-wrap +msgid "@code{specifications} (default: @code{#~'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:16993 +msgid "" +"A gexp (@pxref{G-Expressions}) that evaluates to a list of specifications, where a specification is an association list " +"(@pxref{Associations Lists,,, guile, GNU Guile Reference Manual}) whose keys are keywords (@code{#:keyword-example}) as shown in the " +"example above." +msgstr "" + +#. type: item +#: doc/guix.texi:16994 +#, no-wrap +msgid "@code{use-substitutes?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:16997 +msgid "This allows using substitutes to avoid building every dependencies of a job from source." +msgstr "" + +#. type: item +#: doc/guix.texi:16998 +#, no-wrap +msgid "@code{one-shot?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:17000 +msgid "Only evaluate specifications and build derivations once." +msgstr "" + +#. type: item +#: doc/guix.texi:17001 +#, no-wrap +msgid "@code{fallback?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:17004 +msgid "When substituting a pre-built binary fails, fall back to building packages locally." +msgstr "" + +#. type: item +#: doc/guix.texi:17005 +#, no-wrap +msgid "@code{load-path} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:17008 +msgid "This allows users to define their own packages and make them visible to cuirass as in @command{guix build} command." +msgstr "" + +#. type: item +#: doc/guix.texi:17009 +#, no-wrap +msgid "@code{cuirass} (default: @code{cuirass})" +msgstr "" + +#. type: table +#: doc/guix.texi:17011 +msgid "The Cuirass package to use." +msgstr "" + +#. type: cindex +#: doc/guix.texi:17017 +#, no-wrap +msgid "power management with TLP" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17020 +msgid "The @code{(gnu services pm)} module provides a Guix service definition for the Linux power management tool TLP." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17026 +msgid "" +"TLP enables various powersaving modes in userspace and kernel. Contrary to @code{upower-service}, it is not a passive, monitoring " +"tool, as it will apply custom settings each time a new power source is detected. More information can be found at @uref{http://" +"linrunner.de/en/tlp/tlp.html, TLP home page}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:17027 +#, no-wrap +msgid "{Scheme Variable} tlp-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:17031 +msgid "" +"The service type for the TLP tool. Its value should be a valid TLP configuration (see below). To use the default settings, simply " +"write:" +msgstr "" + +#. type: example +#: doc/guix.texi:17033 +#, no-wrap +msgid "(service tlp-service-type)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17038 +msgid "By default TLP does not need much configuration but most TLP parameters can be tweaked using @code{tlp-configuration}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17044 +msgid "" +"Each parameter definition is preceded by its type; for example, @samp{boolean foo} indicates that the @code{foo} parameter should be " +"specified as a boolean. Types starting with @code{maybe-} denote parameters that won't show up in TLP config file when their value " +"is @code{'disabled}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17054 +msgid "Available @code{tlp-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17055 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} package tlp" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17057 +msgid "The TLP package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17060 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean tlp-enable?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17062 +msgid "Set to true if you wish to enable TLP." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17067 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string tlp-default-mode" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17070 +msgid "Default mode when no power supply can be detected. Alternatives are AC and BAT." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17072 +msgid "Defaults to @samp{\"AC\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17075 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer disk-idle-secs-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17078 +msgid "Number of seconds Linux kernel has to wait after the disk goes idle, before syncing on AC." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17083 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer disk-idle-secs-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17085 +msgid "Same as @code{disk-idle-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17087 +msgid "Defaults to @samp{2}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17090 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer max-lost-work-secs-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17092 +msgid "Dirty pages flushing periodicity, expressed in seconds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17094 doc/guix.texi:17317 doc/guix.texi:18631 doc/guix.texi:18639 +msgid "Defaults to @samp{15}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17097 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer max-lost-work-secs-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17099 +msgid "Same as @code{max-lost-work-secs-on-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17101 +msgid "Defaults to @samp{60}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17104 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list cpu-scaling-governor-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17108 +msgid "" +"CPU frequency scaling governor on AC mode. With intel_pstate driver, alternatives are powersave and performance. With acpi-cpufreq " +"driver, alternatives are ondemand, powersave, performance and conservative." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17110 doc/guix.texi:17117 doc/guix.texi:17124 doc/guix.texi:17131 doc/guix.texi:17138 doc/guix.texi:17145 +#: doc/guix.texi:17153 doc/guix.texi:17161 doc/guix.texi:17168 doc/guix.texi:17175 doc/guix.texi:17182 doc/guix.texi:17189 +#: doc/guix.texi:17219 doc/guix.texi:17257 doc/guix.texi:17264 doc/guix.texi:17273 doc/guix.texi:17295 doc/guix.texi:17303 +#: doc/guix.texi:17310 doc/guix.texi:17465 doc/guix.texi:17485 doc/guix.texi:17500 doc/guix.texi:17507 +msgid "Defaults to @samp{disabled}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17113 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list cpu-scaling-governor-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17115 +msgid "Same as @code{cpu-scaling-governor-on-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17120 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-min-freq-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17122 +msgid "Set the min available frequency for the scaling governor on AC." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17127 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-max-freq-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17129 +msgid "Set the max available frequency for the scaling governor on AC." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17134 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-min-freq-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17136 +msgid "Set the min available frequency for the scaling governor on BAT." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17141 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-scaling-max-freq-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17143 +msgid "Set the max available frequency for the scaling governor on BAT." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17148 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-min-perf-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17151 +msgid "" +"Limit the min P-state to control the power dissipation of the CPU, in AC mode. Values are stated as a percentage of the available " +"performance." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17156 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-max-perf-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17159 +msgid "" +"Limit the max P-state to control the power dissipation of the CPU, in AC mode. Values are stated as a percentage of the available " +"performance." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17164 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-min-perf-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17166 +msgid "Same as @code{cpu-min-perf-on-ac} on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17171 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-non-negative-integer cpu-max-perf-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17173 +msgid "Same as @code{cpu-max-perf-on-ac} on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17178 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-boolean cpu-boost-on-ac?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17180 +msgid "Enable CPU turbo boost feature on AC mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17185 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-boolean cpu-boost-on-bat?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17187 +msgid "Same as @code{cpu-boost-on-ac?} on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17192 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean sched-powersave-on-ac?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17195 +msgid "Allow Linux kernel to minimize the number of CPU cores/hyper-threads used under light load conditions." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17200 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean sched-powersave-on-bat?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17202 +msgid "Same as @code{sched-powersave-on-ac?} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17207 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean nmi-watchdog?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17209 +msgid "Enable Linux kernel NMI watchdog." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17214 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-string phc-controls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17217 +msgid "For Linux kernels with PHC patch applied, change CPU voltages. An example value would be @samp{\"F:V F:V F:V F:V\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17222 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string energy-perf-policy-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17225 +msgid "Set CPU performance versus energy saving policy on AC. Alternatives are performance, normal, powersave." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17227 doc/guix.texi:17325 doc/guix.texi:17355 +msgid "Defaults to @samp{\"performance\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17230 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string energy-perf-policy-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17232 +msgid "Same as @code{energy-perf-policy-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17234 doc/guix.texi:17332 +msgid "Defaults to @samp{\"powersave\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17237 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} space-separated-string-list disks-devices" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17239 +msgid "Hard disk devices." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17242 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} space-separated-string-list disk-apm-level-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17244 +msgid "Hard disk advanced power management level." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17247 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} space-separated-string-list disk-apm-level-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17249 +msgid "Same as @code{disk-apm-bat} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17252 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-spindown-timeout-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17255 +msgid "Hard disk spin down timeout. One value has to be specified for each declared hard disk." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17260 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-spindown-timeout-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17262 +msgid "Same as @code{disk-spindown-timeout-on-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17267 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list disk-iosched" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17271 +msgid "" +"Select IO scheduler for disk devices. One value has to be specified for each declared hard disk. Example alternatives are cfq, " +"deadline and noop." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17276 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string sata-linkpwr-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17279 +msgid "SATA aggressive link power management (ALPM) level. Alternatives are min_power, medium_power, max_performance." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17281 +msgid "Defaults to @samp{\"max_performance\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17284 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string sata-linkpwr-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17286 +msgid "Same as @code{sata-linkpwr-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17288 +msgid "Defaults to @samp{\"min_power\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17291 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-string sata-linkpwr-blacklist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17293 +msgid "Exclude specified SATA host devices for link power management." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17298 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-on-off-boolean ahci-runtime-pm-on-ac?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17301 +msgid "Enable Runtime Power Management for AHCI controller and disks on AC mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17306 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-on-off-boolean ahci-runtime-pm-on-bat?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17308 +msgid "Same as @code{ahci-runtime-pm-on-ac} on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17313 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer ahci-runtime-pm-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17315 +msgid "Seconds of inactivity before disk is suspended." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17320 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string pcie-aspm-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17323 +msgid "PCI Express Active State Power Management level. Alternatives are default, performance, powersave." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17328 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string pcie-aspm-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17330 +msgid "Same as @code{pcie-aspm-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17335 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-power-profile-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17338 +msgid "Radeon graphics clock speed level. Alternatives are low, mid, high, auto, default." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17340 +msgid "Defaults to @samp{\"high\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17343 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-power-profile-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17345 +msgid "Same as @code{radeon-power-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17347 +msgid "Defaults to @samp{\"low\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17350 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-dpm-state-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17353 +msgid "Radeon dynamic power management method (DPM). Alternatives are battery, performance." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17358 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-dpm-state-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17360 +msgid "Same as @code{radeon-dpm-state-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17362 +msgid "Defaults to @samp{\"battery\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17365 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-dpm-perf-level-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17367 +msgid "Radeon DPM performance level. Alternatives are auto, low, high." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17369 doc/guix.texi:17376 doc/guix.texi:17450 +msgid "Defaults to @samp{\"auto\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17372 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string radeon-dpm-perf-level-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17374 +msgid "Same as @code{radeon-dpm-perf-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17379 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} on-off-boolean wifi-pwr-on-ac?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17381 +msgid "Wifi power saving mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17386 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} on-off-boolean wifi-pwr-on-bat?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17388 +msgid "Same as @code{wifi-power-ac?} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17393 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} y-n-boolean wol-disable?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17395 +msgid "Disable wake on LAN." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17400 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer sound-power-save-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17403 +msgid "" +"Timeout duration in seconds before activating audio power saving on Intel HDA and AC97 devices. A value of 0 disables power saving." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17408 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} non-negative-integer sound-power-save-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17410 +msgid "Same as @code{sound-powersave-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17412 doc/guix.texi:17927 doc/guix.texi:18071 +msgid "Defaults to @samp{1}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17415 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} y-n-boolean sound-power-save-controller?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17417 +msgid "Disable controller in powersaving mode on Intel HDA devices." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17422 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean bay-poweroff-on-bat?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17426 +msgid "" +"Enable optical drive in UltraBay/MediaBay on BAT mode. Drive can be powered on again by releasing (and reinserting) the eject lever " +"or by pressing the disc eject button on newer models." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17431 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string bay-device" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17433 +msgid "Name of the optical drive device to power off." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17435 +msgid "Defaults to @samp{\"sr0\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17438 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string runtime-pm-on-ac" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17441 +msgid "Runtime Power Management for PCI(e) bus devices. Alternatives are on and auto." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17443 +msgid "Defaults to @samp{\"on\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17446 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} string runtime-pm-on-bat" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17448 +msgid "Same as @code{runtime-pm-ac} but on BAT mode." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17453 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean runtime-pm-all?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17456 +msgid "Runtime Power Management for all PCI(e) bus devices, except blacklisted ones." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17461 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-space-separated-string-list runtime-pm-blacklist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17463 +msgid "Exclude specified PCI(e) device addresses from Runtime Power Management." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17468 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} space-separated-string-list runtime-pm-driver-blacklist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17471 +msgid "Exclude PCI(e) devices assigned to the specified drivers from Runtime Power Management." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17474 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean usb-autosuspend?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17476 +msgid "Enable USB autosuspend feature." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17481 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-string usb-blacklist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17483 +msgid "Exclude specified devices from USB autosuspend." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17488 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean usb-blacklist-wwan?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17490 +msgid "Exclude WWAN devices from USB autosuspend." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17495 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-string usb-whitelist" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17498 +msgid "" +"Include specified devices into USB autosuspend, even if they are already excluded by the driver or via @code{usb-blacklist-wwan?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17503 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} maybe-boolean usb-autosuspend-disable-on-shutdown?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17505 +msgid "Enable USB autosuspend before shutdown." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17510 +#, no-wrap +msgid "{@code{tlp-configuration} parameter} boolean restore-device-state-on-startup?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17513 +msgid "Restore radio device state (bluetooth, wifi, wwan) from previous shutdown on system startup." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17521 +msgid "" +"The @code{(gnu services pm)} module provides an interface to thermald, a CPU frequency scaling service which helps prevent " +"overheating." +msgstr "" + +#. type: defvr +#: doc/guix.texi:17522 +#, no-wrap +msgid "{Scheme Variable} thermald-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:17527 +msgid "" +"This is the service type for @uref{https://01.org/linux-thermal-daemon/, thermald}, the Linux Thermal Daemon, which is responsible " +"for controlling the thermal state of processors and preventing overheating." +msgstr "" + +#. type: deftp +#: doc/guix.texi:17529 +#, no-wrap +msgid "{Data Type} thermald-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:17531 +msgid "Data type representing the configuration of @code{thermald-service-type}." +msgstr "" + +#. type: item +#: doc/guix.texi:17533 +#, no-wrap +msgid "@code{ignore-cpuid-check?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:17535 +msgid "Ignore cpuid check for supported CPU models." +msgstr "" + +#. type: item +#: doc/guix.texi:17536 +#, no-wrap +msgid "@code{thermald} (default: @var{thermald})" +msgstr "" + +#. type: table +#: doc/guix.texi:17538 +msgid "Package object of thermald." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17547 +msgid "The @code{(gnu services audio)} module provides a service to start MPD (the Music Player Daemon)." +msgstr "" + +#. type: cindex +#: doc/guix.texi:17548 +#, no-wrap +msgid "mpd" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:17549 +#, no-wrap +msgid "Music Player Daemon" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17554 +msgid "" +"The Music Player Daemon (MPD) is a service that can play music while being controlled from the local machine or over the network by " +"a variety of clients." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17557 +msgid "" +"The following example shows how one might run @code{mpd} as user @code{\"bob\"} on port @code{6666}. It uses pulseaudio for output." +msgstr "" + +#. type: example +#: doc/guix.texi:17563 +#, no-wrap +msgid "" +"(service mpd-service-type\n" +" (mpd-configuration\n" +" (user \"bob\")\n" +" (port \"6666\")))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:17565 +#, no-wrap +msgid "{Scheme Variable} mpd-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:17567 +msgid "The service type for @command{mpd}" +msgstr "" + +#. type: deftp +#: doc/guix.texi:17569 +#, no-wrap +msgid "{Data Type} mpd-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:17571 +msgid "Data type representing the configuration of @command{mpd}." +msgstr "" + +#. type: item +#: doc/guix.texi:17573 +#, no-wrap +msgid "@code{user} (default: @code{\"mpd\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:17575 +msgid "The user to run mpd as." +msgstr "" + +#. type: item +#: doc/guix.texi:17576 +#, no-wrap +msgid "@code{music-dir} (default: @code{\"~/Music\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:17578 +msgid "The directory to scan for music files." +msgstr "" + +#. type: item +#: doc/guix.texi:17579 +#, no-wrap +msgid "@code{playlist-dir} (default: @code{\"~/.mpd/playlists\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:17581 +msgid "The directory to store playlists." +msgstr "" + +#. type: item +#: doc/guix.texi:17582 +#, no-wrap +msgid "@code{port} (default: @code{\"6600\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:17584 +msgid "The port to run mpd on." +msgstr "" + +#. type: item +#: doc/guix.texi:17585 +#, no-wrap +msgid "@code{address} (default: @code{\"any\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:17588 +msgid "The address that mpd will bind to. To use a Unix domain socket, an absolute path can be specified here." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:17593 +#, no-wrap +msgid "Virtualization services" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17598 +msgid "" +"The @code{(gnu services virtualization)} module provides services for the libvirt and virtlog daemons, as well as other " +"virtualization-related services." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:17599 +#, no-wrap +msgid "Libvirt daemon" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17603 +msgid "" +"@code{libvirtd} is the server side daemon component of the libvirt virtualization management system. This daemon runs on host " +"servers and performs required management tasks for virtualized guests." +msgstr "" + +#. type: deffn +#: doc/guix.texi:17604 +#, no-wrap +msgid "{Scheme Variable} libvirt-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:17607 +msgid "This is the type of the @uref{https://libvirt.org, libvirt daemon}. Its value must be a @code{libvirt-configuration}." +msgstr "" + +#. type: example +#: doc/guix.texi:17613 +#, no-wrap +msgid "" +"(service libvirt-service-type\n" +" (libvirt-configuration\n" +" (unix-sock-group \"libvirt\")\n" +" (tls-port \"16555\")))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:17618 +msgid "Available @code{libvirt-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17619 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} package libvirt" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17621 +msgid "Libvirt package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17624 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean listen-tls?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17627 +msgid "Flag listening for secure TLS connections on the public TCP/IP port. must set @code{listen} for this to have any effect." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17630 +msgid "It is necessary to setup a CA and issue server certificates before using this capability." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17635 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean listen-tcp?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17638 +msgid "Listen for unencrypted TCP connections on the public TCP/IP port. must set @code{listen} for this to have any effect." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17642 +msgid "" +"Using the TCP socket requires SASL authentication by default. Only SASL mechanisms which support data encryption are allowed. This " +"is DIGEST_MD5 and GSSAPI (Kerberos5)" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17647 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string tls-port" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17650 +msgid "Port for accepting secure TLS connections This can be a port number, or service name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17652 +msgid "Defaults to @samp{\"16514\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17655 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string tcp-port" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17658 +msgid "Port for accepting insecure TCP connections This can be a port number, or service name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17660 +msgid "Defaults to @samp{\"16509\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17663 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string listen-addr" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17665 +msgid "IP address or hostname used for client connections." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17667 +msgid "Defaults to @samp{\"0.0.0.0\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17670 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean mdns-adv?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17672 +msgid "Flag toggling mDNS advertisement of the libvirt service." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17675 +msgid "Alternatively can disable for all services on a host by stopping the Avahi daemon." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17680 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string mdns-name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17683 +msgid "Default mDNS advertisement name. This must be unique on the immediate broadcast network." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17685 +msgid "Defaults to @samp{\"Virtualization Host \"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17688 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string unix-sock-group" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17692 +msgid "" +"UNIX domain socket group ownership. This can be used to allow a 'trusted' set of users access to management capabilities without " +"becoming root." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17694 +msgid "Defaults to @samp{\"root\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17697 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string unix-sock-ro-perms" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17700 +msgid "UNIX socket permissions for the R/O socket. This is used for monitoring VM status only." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17702 doc/guix.texi:17720 +msgid "Defaults to @samp{\"0777\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17705 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string unix-sock-rw-perms" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17709 +msgid "" +"UNIX socket permissions for the R/W socket. Default allows only root. If PolicyKit is enabled on the socket, the default will " +"change to allow everyone (eg, 0777)" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17711 +msgid "Defaults to @samp{\"0770\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17714 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string unix-sock-admin-perms" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17718 +msgid "" +"UNIX socket permissions for the admin socket. Default allows only owner (root), do not change it unless you are sure to whom you " +"are exposing the access to." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17723 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string unix-sock-dir" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17725 +msgid "The directory in which sockets will be found/created." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17727 +msgid "Defaults to @samp{\"/var/run/libvirt\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17730 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string auth-unix-ro" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17733 +msgid "Authentication scheme for UNIX read-only sockets. By default socket permissions allow anyone to connect" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17735 doc/guix.texi:17744 +msgid "Defaults to @samp{\"polkit\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17738 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string auth-unix-rw" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17742 +msgid "" +"Authentication scheme for UNIX read-write sockets. By default socket permissions only allow root. If PolicyKit support was " +"compiled into libvirt, the default will be to use 'polkit' auth." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17747 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string auth-tcp" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17751 +msgid "" +"Authentication scheme for TCP sockets. If you don't enable SASL, then all TCP traffic is cleartext. Don't do this outside of a dev/" +"test scenario." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17753 +msgid "Defaults to @samp{\"sasl\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17756 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string auth-tls" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17760 +msgid "" +"Authentication scheme for TLS sockets. TLS sockets already have encryption provided by the TLS layer, and limited authentication is " +"done by certificates." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17763 +msgid "It is possible to make use of any SASL authentication mechanism as well, by using 'sasl' for this option" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17765 +msgid "Defaults to @samp{\"none\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17768 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} optional-list access-drivers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17770 +msgid "API access control scheme." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17773 +msgid "By default an authenticated user is allowed access to all APIs. Access drivers can place restrictions on this." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17778 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string key-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17781 +msgid "Server key file path. If set to an empty string, then no private key is loaded." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17786 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string cert-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17789 +msgid "Server key file path. If set to an empty string, then no certificate is loaded." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17794 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string ca-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17797 +msgid "Server key file path. If set to an empty string, then no CA certificate is loaded." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17802 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string crl-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17805 +msgid "Certificate revocation list path. If set to an empty string, then no CRL is loaded." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17810 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean tls-no-sanity-cert" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17812 +msgid "Disable verification of our own server certificates." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17815 +msgid "When libvirtd starts it performs some sanity checks against its own certificates." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17820 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean tls-no-verify-cert" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17822 +msgid "Disable verification of client certificates." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17826 +msgid "" +"Client certificate verification is the primary authentication mechanism. Any client which does not present a certificate signed by " +"the CA will be rejected." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17831 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} optional-list tls-allowed-dn-list" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17833 +msgid "Whitelist of allowed x509 Distinguished Name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17838 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} optional-list sasl-allowed-usernames" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17841 +msgid "Whitelist of allowed SASL usernames. The format for username depends on the SASL authentication mechanism." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17846 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string tls-priority" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17850 +msgid "" +"Override the compile time default TLS priority string. The default is usually \"NORMAL\" unless overridden at build time. Only set " +"this is it is desired for libvirt to deviate from the global default settings." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17852 +msgid "Defaults to @samp{\"NORMAL\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17855 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17858 doc/guix.texi:18281 +msgid "Maximum number of concurrent client connections to allow over all sockets combined." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17860 +msgid "Defaults to @samp{5000}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17863 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-queued-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17867 +msgid "" +"Maximum length of queue of connections waiting to be accepted by the daemon. Note, that some protocols supporting retransmission " +"may obey this so that a later reattempt at connection succeeds." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17872 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-anonymous-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17875 +msgid "Maximum length of queue of accepted but not yet authenticated clients. Set this to zero to turn this feature off" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17877 doc/guix.texi:17895 doc/guix.texi:17911 +msgid "Defaults to @samp{20}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17880 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer min-workers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17882 +msgid "Number of workers to start up initially." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17887 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-workers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17889 +msgid "Maximum number of worker threads." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17893 +msgid "" +"If the number of active clients exceeds @code{min-workers}, then more threads are spawned, up to max_workers limit. Typically you'd " +"want max_workers to equal maximum number of clients allowed." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17898 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer prio-workers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17902 +msgid "" +"Number of priority workers. If all workers from above pool are stuck, some calls marked as high priority (notably domainDestroy) " +"can be executed in this pool." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17907 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-requests" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17909 +msgid "Total global limit on concurrent RPC calls." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17914 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer max-client-requests" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17918 +msgid "" +"Limit on concurrent requests from a single client connection. To avoid one client monopolizing the server this should be a small " +"fraction of the global max_requests and max_workers parameter." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17923 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-min-workers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17925 +msgid "Same as @code{min-workers} but for the admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17930 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-max-workers" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17932 +msgid "Same as @code{max-workers} but for the admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17937 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-max-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17939 +msgid "Same as @code{max-clients} but for the admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17944 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-max-queued-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17946 +msgid "Same as @code{max-queued-clients} but for the admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17951 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-max-client-requests" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17953 +msgid "Same as @code{max-client-requests} but for the admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17958 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer log-level" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17960 doc/guix.texi:18183 +msgid "Logging level. 4 errors, 3 warnings, 2 information, 1 debug." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17965 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string log-filters" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17967 doc/guix.texi:18190 +msgid "Logging filters." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17970 doc/guix.texi:18193 +msgid "A filter allows to select a different logging level for a given category of logs The format for a filter is one of:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:17974 doc/guix.texi:18197 +msgid "x:name" +msgstr "" + +#. type: itemize +#: doc/guix.texi:17977 doc/guix.texi:18200 +msgid "x:+name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:17987 doc/guix.texi:18210 +msgid "" +"where @code{name} is a string which is matched against the category given in the @code{VIR_LOG_INIT()} at the top of each libvirt " +"source file, e.g., \"remote\", \"qemu\", or \"util.json\" (the name in the filter can be a substring of the full category name, in " +"order to match multiple similar categories), the optional \"+\" prefix tells libvirt to log stack trace for each message matching " +"name, and @code{x} is the minimal level where matching messages should be logged:" +msgstr "" + +#. type: itemize +#: doc/guix.texi:17991 doc/guix.texi:18036 doc/guix.texi:18214 doc/guix.texi:18259 +msgid "1: DEBUG" +msgstr "" + +#. type: itemize +#: doc/guix.texi:17994 doc/guix.texi:18039 doc/guix.texi:18217 doc/guix.texi:18262 +msgid "2: INFO" +msgstr "" + +#. type: itemize +#: doc/guix.texi:17997 doc/guix.texi:18042 doc/guix.texi:18220 doc/guix.texi:18265 +msgid "3: WARNING" +msgstr "" + +#. type: itemize +#: doc/guix.texi:18000 doc/guix.texi:18045 doc/guix.texi:18223 doc/guix.texi:18268 +msgid "4: ERROR" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18005 doc/guix.texi:18228 +msgid "Multiple filters can be defined in a single filters statement, they just need to be separated by spaces." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18007 doc/guix.texi:18230 +msgid "Defaults to @samp{\"3:remote 4:event\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18010 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string log-outputs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18012 doc/guix.texi:18235 +msgid "Logging outputs." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18015 doc/guix.texi:18238 +msgid "An output is one of the places to save logging information The format for an output can be:" +msgstr "" + +#. type: item +#: doc/guix.texi:18017 doc/guix.texi:18240 +#, no-wrap +msgid "x:stderr" +msgstr "" + +#. type: table +#: doc/guix.texi:18019 doc/guix.texi:18242 +msgid "output goes to stderr" +msgstr "" + +#. type: item +#: doc/guix.texi:18020 doc/guix.texi:18243 +#, no-wrap +msgid "x:syslog:name" +msgstr "" + +#. type: table +#: doc/guix.texi:18022 doc/guix.texi:18245 +msgid "use syslog for the output and use the given name as the ident" +msgstr "" + +#. type: item +#: doc/guix.texi:18023 doc/guix.texi:18246 +#, no-wrap +msgid "x:file:file_path" +msgstr "" + +#. type: table +#: doc/guix.texi:18025 doc/guix.texi:18248 +msgid "output to a file, with the given filepath" +msgstr "" + +#. type: item +#: doc/guix.texi:18026 doc/guix.texi:18249 +#, no-wrap +msgid "x:journald" +msgstr "" + +#. type: table +#: doc/guix.texi:18028 doc/guix.texi:18251 +msgid "output to journald logging system" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18032 doc/guix.texi:18255 +msgid "In all case the x prefix is the minimal level, acting as a filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18050 doc/guix.texi:18273 +msgid "Multiple outputs can be defined, they just need to be separated by spaces." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18052 doc/guix.texi:18275 +msgid "Defaults to @samp{\"3:stderr\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18055 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer audit-level" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18057 +msgid "Allows usage of the auditing subsystem to be altered" +msgstr "" + +#. type: itemize +#: doc/guix.texi:18061 +msgid "0: disable all auditing" +msgstr "" + +#. type: itemize +#: doc/guix.texi:18064 +msgid "1: enable auditing, only if enabled on host" +msgstr "" + +#. type: itemize +#: doc/guix.texi:18067 +msgid "2: enable auditing, and exit if disabled on host." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18074 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} boolean audit-logging" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18076 +msgid "Send audit messages via libvirt logging infrastructure." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18081 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} optional-string host-uuid" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18083 +msgid "Host UUID. UUID must not have all digits be the same." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18088 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} string host-uuid-source" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18090 +msgid "Source to read host UUID." +msgstr "" + +#. type: itemize +#: doc/guix.texi:18094 +msgid "@code{smbios}: fetch the UUID from @code{dmidecode -s system-uuid}" +msgstr "" + +#. type: itemize +#: doc/guix.texi:18097 +msgid "@code{machine-id}: fetch the UUID from @code{/etc/machine-id}" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18102 +msgid "If @code{dmidecode} does not provide a valid UUID a temporary UUID will be generated." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18104 +msgid "Defaults to @samp{\"smbios\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18107 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer keepalive-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18112 +msgid "" +"A keepalive message is sent to a client after @code{keepalive_interval} seconds of inactivity to check if the client is still " +"responding. If set to -1, libvirtd will never send keepalive requests; however clients can still send them and the daemon will send " +"responses." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18117 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer keepalive-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18121 +msgid "" +"Maximum number of keepalive messages that are allowed to be sent to the client without getting any response before the connection is " +"considered broken." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18128 +msgid "" +"In other words, the connection is automatically closed approximately after @code{keepalive_interval * (keepalive_count + 1)} seconds " +"since the last message received from the client. When @code{keepalive-count} is set to 0, connections will be automatically closed " +"after @code{keepalive-interval} seconds of inactivity without sending any keepalive messages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18133 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-keepalive-interval" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18135 doc/guix.texi:18142 +msgid "Same as above but for admin interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18140 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer admin-keepalive-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18147 +#, no-wrap +msgid "{@code{libvirt-configuration} parameter} integer ovs-timeout" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18149 +msgid "Timeout for Open vSwitch calls." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18153 +msgid "" +"The @code{ovs-vsctl} utility is used for the configuration and its timeout option is set by default to 5 seconds to avoid potential " +"infinite waits blocking libvirt." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:18160 +#, no-wrap +msgid "Virtlog daemon" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18163 +msgid "The virtlogd service is a server side daemon component of libvirt that is used to manage logs from virtual machine consoles." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18169 +msgid "" +"This daemon is not used directly by libvirt client applications, rather it is called on their behalf by @code{libvirtd}. By " +"maintaining the logs in a standalone daemon, the main @code{libvirtd} daemon can be restarted without risk of losing logs. The " +"@code{virtlogd} daemon has the ability to re-exec() itself upon receiving @code{SIGUSR1}, to allow live upgrades without downtime." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18170 +#, no-wrap +msgid "{Scheme Variable} virtlog-service-type" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18173 +msgid "This is the type of the virtlog daemon. Its value must be a @code{virtlog-configuration}." +msgstr "" + +#. type: example +#: doc/guix.texi:18178 +#, no-wrap +msgid "" +"(service virtlog-service-type\n" +" (virtlog-configuration\n" +" (max-clients 1000)))\n" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18181 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} integer log-level" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18188 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} string log-filters" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18233 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} string log-outputs" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18278 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} integer max-clients" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18283 +msgid "Defaults to @samp{1024}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18286 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} integer max-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18288 +msgid "Maximum file size before rolling over." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18290 +msgid "Defaults to @samp{2MB}" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18293 +#, no-wrap +msgid "{@code{virtlog-configuration} parameter} integer max-backups" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18295 +msgid "Maximum number of backup files to keep." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18297 +msgid "Defaults to @samp{3}" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:18300 +#, no-wrap +msgid "Transparent Emulation with QEMU" +msgstr "" + +#. type: cindex +#: doc/guix.texi:18302 +#, no-wrap +msgid "emulation" +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:18303 +#, no-wrap +msgid "binfmt_misc" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18309 +msgid "" +"@code{qemu-binfmt-service-type} provides support for transparent emulation of program binaries built for different architectures---e." +"g., it allows you to transparently execute an ARMv7 program on an x86_64 machine. It achieves this by combining the @uref{https://" +"www.qemu.org, QEMU} emulator and the @code{binfmt_misc} feature of the kernel Linux." +msgstr "" + +#. type: defvr +#: doc/guix.texi:18310 +#, no-wrap +msgid "{Scheme Variable} qemu-binfmt-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:18315 +msgid "" +"This is the type of the QEMU/binfmt service for transparent emulation. Its value must be a @code{qemu-binfmt-configuration} object, " +"which specifies the QEMU package to use as well as the architecture we want to emulated:" +msgstr "" + +#. type: example +#: doc/guix.texi:18320 +#, no-wrap +msgid "" +"(service qemu-binfmt-service-type\n" +" (qemu-binfmt-configuration\n" +" (platforms (lookup-qemu-platforms \"arm\" \"aarch64\" \"ppc\"))))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:18326 +msgid "" +"In this example, we enable transparent emulation for the ARM and aarch64 platforms. Running @code{herd stop qemu-binfmt} turns it " +"off, and running @code{herd start qemu-binfmt} turns it back on (@pxref{Invoking herd, the @command{herd} command,, shepherd, The " +"GNU Shepherd Manual})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:18328 +#, no-wrap +msgid "{Data Type} qemu-binfmt-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:18330 +msgid "This is the configuration for the @code{qemu-binfmt} service." +msgstr "" + +#. type: item +#: doc/guix.texi:18332 +#, no-wrap +msgid "@code{platforms} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:18335 +msgid "" +"The list of emulated QEMU platforms. Each item must be a @dfn{platform object} as returned by @code{lookup-qemu-platforms} (see " +"below)." +msgstr "" + +#. type: item +#: doc/guix.texi:18336 +#, no-wrap +msgid "@code{guix-support?} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:18342 +msgid "" +"When it is true, QEMU and all its dependencies are added to the build environment of @command{guix-daemon} (@pxref{Invoking guix-" +"daemon, @code{--chroot-directory} option}). This allows the @code{binfmt_misc} handlers to be used within the build environment, " +"which in turn means that you can transparently build programs for another architecture." +msgstr "" + +#. type: table +#: doc/guix.texi:18345 +msgid "For example, let's suppose you're on an x86_64 machine and you have this service:" +msgstr "" + +#. type: example +#: doc/guix.texi:18351 +#, no-wrap +msgid "" +"(service qemu-binfmt-service-type\n" +" (qemu-binfmt-configuration\n" +" (platforms (lookup-qemu-platforms \"arm\"))\n" +" (guix-support? #t)))\n" +msgstr "" + +#. type: table +#: doc/guix.texi:18354 +msgid "You can run:" +msgstr "" + +#. type: example +#: doc/guix.texi:18357 +#, no-wrap +msgid "guix build -s armhf-linux inkscape\n" +msgstr "" + +#. type: table +#: doc/guix.texi:18364 +msgid "" +"and it will build Inkscape for ARMv7 @emph{as if it were a native build}, transparently using QEMU to emulate the ARMv7 CPU. Pretty " +"handy if you'd like to test a package build for an architecture you don't have access to!" +msgstr "" + +#. type: item +#: doc/guix.texi:18365 +#, no-wrap +msgid "@code{qemu} (default: @code{qemu})" +msgstr "" + +#. type: table +#: doc/guix.texi:18367 +msgid "The QEMU package to use." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18370 +#, no-wrap +msgid "{Scheme Procedure} lookup-qemu-platforms @var{platforms}@dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18375 +msgid "" +"Return the list of QEMU platform objects corresponding to @var{platforms}@dots{}. @var{platforms} must be a list of strings " +"corresponding to platform names, such as @code{\"arm\"}, @code{\"sparc\"}, @code{\"mips64el\"}, and so on." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18377 +#, no-wrap +msgid "{Scheme Procedure} qemu-platform? @var{obj}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18379 +msgid "Return true if @var{obj} is a platform object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18381 +#, no-wrap +msgid "{Scheme Procedure} qemu-platform-name @var{platform}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18383 +msgid "Return the name of @var{platform}---a string such as @code{\"arm\"}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18395 +msgid "" +"The @code{(gnu services version-control)} module provides a service to allow remote access to local Git repositories. There are " +"three options: the @code{git-daemon-service}, which provides access to repositories via the @code{git://} unsecured TCP-based " +"protocol, extending the @code{nginx} web server to proxy some requests to @code{git-http-backend}, or providing a web interface with " +"@code{cgit-service-type}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18396 +#, no-wrap +msgid "{Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18400 +msgid "" +"Return a service that runs @command{git daemon}, a simple TCP server to expose repositories over the Git protocol for anonymous " +"access." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18406 +msgid "" +"The optional @var{config} argument should be a @code{} object, by default it allows read-only access to " +"exported@footnote{By creating the magic file \"git-daemon-export-ok\" in the repository directory.} repositories under @file{/srv/" +"git}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:18409 +#, no-wrap +msgid "{Data Type} git-daemon-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:18411 +msgid "Data type representing the configuration for @code{git-daemon-service}." +msgstr "" + +#. type: item +#: doc/guix.texi:18413 doc/guix.texi:18469 +#, no-wrap +msgid "@code{package} (default: @var{git})" +msgstr "" + +#. type: table +#: doc/guix.texi:18415 doc/guix.texi:18471 +msgid "Package object of the Git distributed version control system." +msgstr "" + +#. type: item +#: doc/guix.texi:18416 doc/guix.texi:18475 +#, no-wrap +msgid "@code{export-all?} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:18419 +msgid "Whether to allow access for all Git repositories, even if they do not have the @file{git-daemon-export-ok} file." +msgstr "" + +#. type: item +#: doc/guix.texi:18420 +#, no-wrap +msgid "@code{base-path} (default: @file{/srv/git})" +msgstr "" + +#. type: table +#: doc/guix.texi:18425 +msgid "" +"Whether to remap all the path requests as relative to the given path. If you run git daemon with @var{(base-path \"/srv/git\")} on " +"example.com, then if you later try to pull @code{git://example.com/hello.git}, git daemon will interpret the path as @code{/srv/git/" +"hello.git}." +msgstr "" + +#. type: item +#: doc/guix.texi:18426 +#, no-wrap +msgid "@code{user-path} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:18433 +msgid "" +"Whether to allow @code{~user} notation to be used in requests. When specified with empty string, requests to @code{git://host/" +"~alice/foo} is taken as a request to access @code{foo} repository in the home directory of user @code{alice}. If @var{(user-path " +"\"path\")} is specified, the same request is taken as a request to access @code{path/foo} repository in the home directory of user " +"@code{alice}." +msgstr "" + +#. type: item +#: doc/guix.texi:18434 +#, no-wrap +msgid "@code{listen} (default: @var{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:18437 +msgid "Whether to listen on specific IP addresses or hostnames, defaults to all." +msgstr "" + +#. type: item +#: doc/guix.texi:18438 +#, no-wrap +msgid "@code{port} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:18440 +msgid "Whether to listen on an alternative port, which defaults to 9418." +msgstr "" + +#. type: item +#: doc/guix.texi:18441 +#, no-wrap +msgid "@code{whitelist} (default: @var{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:18443 +msgid "If not empty, only allow access to this list of directories." +msgstr "" + +#. type: item +#: doc/guix.texi:18444 +#, no-wrap +msgid "@code{extra-options} (default: @var{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:18447 +msgid "Extra options will be passed to @code{git daemon}, please run @command{man git-daemon} for more information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18461 +msgid "" +"The @code{git://} protocol lacks authentication. When you pull from a repository fetched via @code{git://}, you don't know that the " +"data you receive was modified is really coming from the specified host, and you have your connection is subject to eavesdropping. " +"It's better to use an authenticated and encrypted transport, such as @code{https}. Although Git allows you to serve repositories " +"using unsophisticated file-based web servers, there is a faster protocol implemented by the @code{git-http-backend} program. This " +"program is the back-end of a proper Git web service. It is designed to sit behind a FastCGI proxy. @xref{Web Services}, for more " +"on running the necessary @code{fcgiwrap} daemon." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18464 +msgid "Guix has a separate configuration data type for serving Git repositories over HTTP." +msgstr "" + +#. type: deftp +#: doc/guix.texi:18465 +#, no-wrap +msgid "{Data Type} git-http-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:18467 +msgid "Data type representing the configuration for @code{git-http-service}." +msgstr "" + +#. type: item +#: doc/guix.texi:18472 +#, no-wrap +msgid "@code{git-root} (default: @file{/srv/git})" +msgstr "" + +#. type: table +#: doc/guix.texi:18474 +msgid "Directory containing the Git repositories to expose to the world." +msgstr "" + +#. type: table +#: doc/guix.texi:18478 +msgid "" +"Whether to expose access for all Git repositories in @var{git-root}, even if they do not have the @file{git-daemon-export-ok} file." +msgstr "" + +#. type: item +#: doc/guix.texi:18479 +#, no-wrap +msgid "@code{uri-path} (default: @file{/git/})" +msgstr "" + +#. type: table +#: doc/guix.texi:18484 +msgid "" +"Path prefix for Git access. With the default @code{/git/} prefix, this will map @code{http://@var{server}/git/@var{repo}.git} to " +"@code{/srv/git/@var{repo}.git}. Requests whose URI paths do not begin with this prefix are not passed on to this Git instance." +msgstr "" + +#. type: item +#: doc/guix.texi:18485 +#, no-wrap +msgid "@code{fcgiwrap-socket} (default: @code{127.0.0.1:9000})" +msgstr "" + +#. type: table +#: doc/guix.texi:18488 +msgid "The socket on which the @code{fcgiwrap} daemon is listening. @xref{Web Services}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18495 +msgid "" +"There is no @code{git-http-service-type}, currently; instead you can create an @code{nginx-location-configuration} from a @code{git-" +"http-configuration} and then add that location to a web server." +msgstr "" + +#. type: deffn +#: doc/guix.texi:18496 +#, no-wrap +msgid "{Scheme Procedure} git-http-nginx-location-configuration @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18501 +msgid "" +"[config=(git-http-configuration)] Compute an @code{nginx-location-configuration} that corresponds to the given Git http " +"configuration. An example nginx service definition to serve the default @file{/srv/git} over HTTPS might be:" +msgstr "" + +#. type: example +#: doc/guix.texi:18518 +#, no-wrap +msgid "" +"(service nginx-service-type\n" +" (nginx-configuration\n" +" (server-blocks\n" +" (list\n" +" (nginx-server-configuration\n" +" (listen '(\"443 ssl\"))\n" +" (server-name \"git.my-host.org\")\n" +" (ssl-certificate\n" +" \"/etc/letsencrypt/live/git.my-host.org/fullchain.pem\")\n" +" (ssl-certificate-key\n" +" \"/etc/letsencrypt/live/git.my-host.org/privkey.pem\")\n" +" (locations\n" +" (list\n" +" (git-http-nginx-location-configuration\n" +" (git-http-configuration (uri-path \"/\"))))))))))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:18525 +msgid "" +"This example assumes that you are using Let's Encrypt to get your TLS certificate. @xref{Certificate Services}. The default " +"@code{certbot} service will redirect all HTTP traffic on @code{git.my-host.org} to HTTPS. You will also need to add an " +"@code{fcgiwrap} proxy to your system services. @xref{Web Services}." +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:18527 +#, no-wrap +msgid "Cgit Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:18529 +#, no-wrap +msgid "Cgit service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:18530 +#, no-wrap +msgid "Git, web interface" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18533 +msgid "@uref{https://git.zx2c4.com/cgit/, Cgit} is a web frontend for Git repositories written in C." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18536 +msgid "" +"The following example will configure the service with default values. By default, Cgit can be accessed on port 80 (@code{http://" +"localhost:80})." +msgstr "" + +#. type: example +#: doc/guix.texi:18539 +#, no-wrap +msgid "(service cgit-service-type)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:18544 +msgid "Available @code{cgit-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18545 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} package package" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18547 +msgid "The CGIT package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18550 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} nginx-server-configuration-list nginx" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18552 +msgid "NGINX configuration." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18555 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string about-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18558 +msgid "Specifies a command which will be invoked to format the content of about pages (both top-level and for each repository)." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18563 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string agefile" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18566 +msgid "" +"Specifies a path, relative to each repository path, which can be used to specify the date and time of the youngest commit in the " +"repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18571 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string auth-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18574 +msgid "Specifies a command that will be invoked for authenticating repository access." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18579 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string branch-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18582 +msgid "" +"Flag which, when set to @samp{age}, enables date ordering in the branch ref list, and when set @samp{name} enables ordering by " +"branch name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18584 +msgid "Defaults to @samp{\"name\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18587 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string cache-root" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18589 +msgid "Path used to store the cgit cache entries." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18591 +msgid "Defaults to @samp{\"/var/cache/cgit\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18594 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-static-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18597 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of repository pages accessed with a fixed SHA1." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18599 doc/guix.texi:19033 +msgid "Defaults to @samp{-1}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18602 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-dynamic-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18605 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of repository pages accessed without a fixed SHA1." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18610 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-repo-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18613 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of the repository summary page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18618 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-root-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18621 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18626 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-scanrc-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18629 +msgid "Number which specifies the time-to-live, in minutes, for the result of scanning a path for Git repositories." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18634 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-about-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18637 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of the repository about page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18642 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-snapshot-ttl" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18645 +msgid "Number which specifies the time-to-live, in minutes, for the cached version of snapshots." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18650 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer cache-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18653 +msgid "The maximum number of entries in the cgit cache. When set to @samp{0}, caching is disabled." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18658 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean case-sensitive-sort?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18660 +msgid "Sort items in the repo list case sensitively." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18665 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} list clone-prefix" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18668 +msgid "List of common prefixes which, when combined with a repository URL, generates valid clone URLs for the repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18673 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} list clone-url" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18675 +msgid "List of @code{clone-url} templates." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18680 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string commit-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18682 +msgid "Command which will be invoked to format commit messages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18687 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string commit-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18691 doc/guix.texi:19240 +msgid "" +"Flag which, when set to @samp{date}, enables strict date ordering in the commit log, and when set to @samp{topo} enables strict " +"topological ordering." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18693 +msgid "Defaults to @samp{\"git log\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18696 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string css" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18698 +msgid "URL which specifies the css document to include in all cgit pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18700 +msgid "Defaults to @samp{\"/share/cgit/cgit.css\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18703 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string email-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18707 +msgid "" +"Specifies a command which will be invoked to format names and email address of committers, authors, and taggers, as represented in " +"various places throughout the cgit interface." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18712 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean embedded?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18715 +msgid "Flag which, when set to @samp{#t}, will make cgit generate a HTML fragment suitable for embedding in other HTML pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18720 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-commit-graph?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18724 +msgid "" +"Flag which, when set to @samp{#t}, will make cgit print an ASCII-art commit history graph to the left of the commit messages in the " +"repository log page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18729 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-filter-overrides?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18732 +msgid "Flag which, when set to @samp{#t}, allows all filter settings to be overridden in repository-specific cgitrc files." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18737 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-follow-links?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18740 +msgid "Flag which, when set to @samp{#t}, allows users to follow a file in the log view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18745 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-http-clone?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18748 +msgid "If set to @samp{#t}, cgit will act as an dumb HTTP endpoint for Git clones." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18753 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-index-links?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18756 +msgid "" +"Flag which, when set to @samp{#t}, will make cgit generate extra links \"summary\", \"commit\", \"tree\" for each repo in the " +"repository index." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18761 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-index-owner?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18764 +msgid "Flag which, when set to @samp{#t}, will make cgit display the owner of each repo in the repository index." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18769 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-log-filecount?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18772 +msgid "" +"Flag which, when set to @samp{#t}, will make cgit print the number of modified files for each commit on the repository log page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18777 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-log-linecount?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18780 +msgid "" +"Flag which, when set to @samp{#t}, will make cgit print the number of added and removed lines for each commit on the repository log " +"page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18785 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-remote-branches?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18788 doc/guix.texi:19303 +msgid "Flag which, when set to @code{#t}, will make cgit display remote branches in the summary and refs views." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18793 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-subject-links?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18797 +msgid "" +"Flag which, when set to @code{1}, will make cgit use the subject of the parent commit as link text when generating links to parent " +"commits in commit view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18802 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-html-serving?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18806 +msgid "" +"Flag which, when set to @samp{#t}, will make cgit use the subject of the parent commit as link text when generating links to parent " +"commits in commit view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18811 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-tree-linenumbers?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18814 +msgid "Flag which, when set to @samp{#t}, will make cgit generate linenumber links for plaintext blobs printed in the tree view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18819 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean enable-git-config?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18822 +msgid "Flag which, when set to @samp{#f}, will allow cgit to use Git config to set any repo specific settings." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18827 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string favicon" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18829 +msgid "URL used as link to a shortcut icon for cgit." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18831 +msgid "Defaults to @samp{\"/favicon.ico\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18834 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string footer" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18838 +msgid "" +"The content of the file specified with this option will be included verbatim at the bottom of all pages (i.e. it replaces the " +"standard \"generated by...\" message)." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18843 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string head-include" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18846 +msgid "The content of the file specified with this option will be included verbatim in the HTML HEAD section on all pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18851 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string header" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18854 +msgid "The content of the file specified with this option will be included verbatim at the top of all pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18859 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string include" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18862 +msgid "Name of a configfile to include before the rest of the current config- file is parsed." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18867 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string index-header" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18870 +msgid "The content of the file specified with this option will be included verbatim above the repository index." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18875 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string index-info" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18878 +msgid "The content of the file specified with this option will be included verbatim below the heading on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18883 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean local-time?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18886 +msgid "Flag which, if set to @samp{#t}, makes cgit print commit and tag times in the servers timezone." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18891 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string logo" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18894 +msgid "URL which specifies the source of an image which will be used as a logo on all cgit pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18896 +msgid "Defaults to @samp{\"/share/cgit/cgit.png\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18899 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string logo-link" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18901 doc/guix.texi:19349 +msgid "URL loaded when clicking on the cgit logo image." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18906 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string owner-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18909 +msgid "Command which will be invoked to format the Owner column of the main page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18914 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-atom-items" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18916 +msgid "Number of items to display in atom feeds view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18918 doc/guix.texi:19144 doc/guix.texi:19152 doc/guix.texi:19160 +msgid "Defaults to @samp{10}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18921 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-commit-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18923 +msgid "Number of entries to list per page in \"log\" view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18925 doc/guix.texi:18940 +msgid "Defaults to @samp{50}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18928 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-message-length" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18930 +msgid "Number of commit message characters to display in \"log\" view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18932 doc/guix.texi:18948 +msgid "Defaults to @samp{80}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18935 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-repo-count" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18938 +msgid "Specifies the number of entries to list per page on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18943 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-repodesc-length" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18946 +msgid "Specifies the maximum number of repo description characters to display on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18951 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer max-blob-size" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18953 +msgid "Specifies the maximum size of a blob to display HTML for in KBytes." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18958 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string max-stats" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18961 +msgid "Maximum statistics period. Valid values are @samp{week},@samp{month}, @samp{quarter} and @samp{year}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18966 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} mimetype-alist mimetype" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18968 +msgid "Mimetype for the specified filename extension." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18972 +msgid "" +"Defaults to @samp{((gif \"image/gif\") (html \"text/html\") (jpg \"image/jpeg\") (jpeg \"image/jpeg\") (pdf \"application/pdf\") " +"(png \"image/png\") (svg \"image/svg+xml\"))}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18975 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string mimetype-file" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18977 +msgid "Specifies the file to use for automatic mimetype lookup." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18982 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string module-link" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18985 +msgid "Text which will be used as the formatstring for a hyperlink when a submodule is printed in a directory listing." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18990 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean nocache?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18992 +msgid "If set to the value @samp{#t} caching will be disabled." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:18997 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean noplainemail?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19000 +msgid "If set to @samp{#t} showing full author email addresses will be disabled." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19005 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean noheader?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19008 +msgid "Flag which, when set to @samp{#t}, will make cgit omit the standard header on all pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19013 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string readme" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19015 +msgid "Text which will be used as default value for @code{cgit-repo-readme}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19020 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean remove-suffix?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19024 +msgid "" +"If set to @code{#t} and @code{repository-directory} is enabled, if any repositories are found with a suffix of @code{.git}, this " +"suffix will be removed for the URL and name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19029 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer renamelimit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19031 +msgid "Maximum number of files to consider when detecting renames." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19036 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string repository-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19038 +msgid "The way in which repositories in each section are sorted." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19043 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} robots-list robots" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19045 +msgid "Text used as content for the @code{robots} meta-tag." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19047 +msgid "Defaults to @samp{(\"noindex\" \"nofollow\")}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19050 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string root-desc" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19052 +msgid "Text printed below the heading on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19054 +msgid "Defaults to @samp{\"a fast webinterface for the git dscm\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19057 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string root-readme" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19060 +msgid "" +"The content of the file specified with this option will be included verbatim below thef \"about\" link on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19065 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string root-title" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19067 +msgid "Text printed as heading on the repository index page." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19072 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean scan-hidden-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19078 +msgid "" +"If set to @samp{#t} and repository-directory is enabled, repository-directory will recurse into directories whose name starts with a " +"period. Otherwise, repository-directory will stay away from such directories, considered as \"hidden\". Note that this does not " +"apply to the \".git\" directory in non-bare repos." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19083 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} list snapshots" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19086 +msgid "Text which specifies the default set of snapshot formats that cgit generates links for." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19091 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} repository-directory repository-directory" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19094 +msgid "Name of the directory to scan for repositories (represents @code{scan-path})." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19096 +msgid "Defaults to @samp{\"/srv/git\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19099 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string section" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19102 doc/guix.texi:19418 +msgid "The name of the current repository section - all repositories defined after this option will inherit the current section name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19107 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string section-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19110 +msgid "Flag which, when set to @samp{1}, will sort the sections on the repository listing by name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19115 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer section-from-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19118 +msgid "" +"A number which, if defined prior to repository-directory, specifies how many path elements from each repo path to use as a default " +"section name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19123 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} boolean side-by-side-diffs?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19126 +msgid "If set to @samp{#t} shows side-by-side diffs instead of unidiffs per default." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19131 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string source-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19134 +msgid "Specifies a command which will be invoked to format plaintext blobs in the tree view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19139 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer summary-branches" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19142 +msgid "Specifies the number of branches to display in the repository \"summary\" view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19147 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer summary-log" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19150 +msgid "Specifies the number of log entries to display in the repository \"summary\" view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19155 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} integer summary-tags" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19158 +msgid "Specifies the number of tags to display in the repository \"summary\" view." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19163 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string strict-export" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19166 +msgid "Filename which, if specified, needs to be present within the repository for cgit to allow access to that repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19171 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} string virtual-root" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19173 +msgid "URL which, if specified, will be used as root for all cgit links." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19175 +msgid "Defaults to @samp{\"/\"}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19178 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} repository-cgit-configuration-list repositories" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19180 +msgid "A list of @dfn{cgit-repo} records to use with config." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19184 +msgid "Available @code{repository-cgit-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19185 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-list snapshots" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19188 +msgid "A mask of snapshot formats for this repo that cgit generates links for, restricted by the global @code{snapshots} setting." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19193 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string source-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19195 +msgid "Override the default @code{source-filter}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19200 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string url" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19202 +msgid "The relative URL used to access the repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19207 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string about-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19209 +msgid "Override the default @code{about-filter}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19214 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string branch-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19217 +msgid "" +"Flag which, when set to @samp{age}, enables date ordering in the branch ref list, and when set to @samp{name} enables ordering by " +"branch name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19222 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-list clone-url" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19224 +msgid "A list of URLs which can be used to clone repo." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19229 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string commit-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19231 +msgid "Override the default @code{commit-filter}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19236 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string commit-sort" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19245 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string defbranch" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19250 +msgid "" +"The name of the default branch for this repository. If no such branch exists in the repository, the first branch name (when sorted) " +"is used as default instead. By default branch pointed to by HEAD, or \"master\" if there is no suitable HEAD." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19255 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string desc" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19257 +msgid "The value to show as repository description." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19262 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string homepage" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19264 +msgid "The value to show as repository homepage." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19269 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string email-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19271 +msgid "Override the default @code{email-filter}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19276 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-commit-graph?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19279 +msgid "A flag which can be used to disable the global setting @code{enable-commit-graph?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19284 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-log-filecount?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19287 +msgid "A flag which can be used to disable the global setting @code{enable-log-filecount?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19292 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-log-linecount?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19295 +msgid "A flag which can be used to disable the global setting @code{enable-log-linecount?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19300 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-remote-branches?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19308 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-subject-links?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19311 +msgid "A flag which can be used to override the global setting @code{enable-subject-links?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19316 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean enable-html-serving?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19319 +msgid "A flag which can be used to override the global setting @code{enable-html-serving?}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19324 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean hide?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19327 +msgid "Flag which, when set to @code{#t}, hides the repository from the repository index." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19332 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-boolean ignore?" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19334 +msgid "Flag which, when set to @samp{#t}, ignores the repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19339 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string logo" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19342 +msgid "URL which specifies the source of an image which will be used as a logo on this repo’s pages." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19347 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string logo-link" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19354 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string owner-filter" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19356 +msgid "Override the default @code{owner-filter}." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19361 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string module-link" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19365 +msgid "" +"Text which will be used as the formatstring for a hyperlink when a submodule is printed in a directory listing. The arguments for " +"the formatstring are the path and SHA1 of the submodule commit." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19370 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} module-link-path module-link-path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19374 +msgid "" +"Text which will be used as the formatstring for a hyperlink when a submodule with the specified subdirectory path is printed in a " +"directory listing." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19379 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string max-stats" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19381 +msgid "Override the default maximum statistics period." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19386 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string name" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19388 +msgid "The value to show as repository name." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19393 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string owner" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19395 +msgid "A value used to identify the owner of the repository." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19400 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string path" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19402 +msgid "An absolute path to the repository directory." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19407 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string readme" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19410 +msgid "A path (relative to repo) which specifies a file to include verbatim as the \"About\" page for this repo." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19415 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-string section" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19423 +#, no-wrap +msgid "{@code{repository-cgit-configuration} parameter} repo-list extra-options" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19425 doc/guix.texi:19434 +msgid "Extra options will be appended to cgitrc file." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19432 +#, no-wrap +msgid "{@code{cgit-configuration} parameter} list extra-options" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19445 +msgid "" +"However, it could be that you just want to get a @code{cgitrc} up and running. In that case, you can pass an @code{opaque-cgit-" +"configuration} as a record to @code{cgit-service-type}. As its name indicates, an opaque configuration does not have easy " +"reflective capabilities." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19447 +msgid "Available @code{opaque-cgit-configuration} fields are:" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19448 +#, no-wrap +msgid "{@code{opaque-cgit-configuration} parameter} package cgit" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19450 +msgid "The cgit package." +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19452 +#, no-wrap +msgid "{@code{opaque-cgit-configuration} parameter} string string" +msgstr "" + +#. type: deftypevr +#: doc/guix.texi:19454 +msgid "The contents of the @code{cgitrc}, as a string." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19458 +msgid "For example, if your @code{cgitrc} is just the empty string, you could instantiate a cgit service like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:19463 +#, no-wrap +msgid "" +"(service cgit-service-type\n" +" (opaque-cgit-configuration\n" +" (cgitrc \"\")))\n" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:19469 +#, no-wrap +msgid "The Battle for Wesnoth Service" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19470 +#, no-wrap +msgid "wesnothd" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19474 +msgid "" +"@uref{https://wesnoth.org, The Battle for Wesnoth} is a fantasy, turn based tactical strategy game, with several single player " +"campaigns, and multiplayer games (both networked and local)." +msgstr "" + +#. type: defvar +#: doc/guix.texi:19475 +#, no-wrap +msgid "{Scheme Variable} wesnothd-service-type" +msgstr "" + +#. type: defvar +#: doc/guix.texi:19479 +msgid "" +"Service type for the wesnothd service. Its value must be a @code{wesnothd-configuration} object. To run wesnothd in the default " +"configuration, instantiate it as:" +msgstr "" + +#. type: example +#: doc/guix.texi:19482 +#, no-wrap +msgid "(service wesnothd-service-type)\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19485 +#, no-wrap +msgid "{Data Type} wesnothd-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19487 +msgid "Data type representing the configuration of @command{wesnothd}." +msgstr "" + +#. type: item +#: doc/guix.texi:19489 +#, no-wrap +msgid "@code{package} (default: @code{wesnoth-server})" +msgstr "" + +#. type: table +#: doc/guix.texi:19491 +msgid "The wesnoth server package to use." +msgstr "" + +#. type: item +#: doc/guix.texi:19492 +#, no-wrap +msgid "@code{port} (default: @code{15000})" +msgstr "" + +#. type: table +#: doc/guix.texi:19494 +msgid "The port to bind the server to." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19500 +#, no-wrap +msgid "sysctl" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:19501 +#, no-wrap +msgid "System Control Service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19505 +msgid "The @code{(gnu services sysctl)} provides a service to configure kernel parameters at boot." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19506 +#, no-wrap +msgid "{Scheme Variable} sysctl-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19510 +msgid "" +"The service type for @command{sysctl}, which modifies kernel parameters under @file{/proc/sys/}. To enable IPv4 forwarding, it can " +"be instantiated as:" +msgstr "" + +#. type: example +#: doc/guix.texi:19515 +#, no-wrap +msgid "" +"(service sysctl-service-type\n" +" (sysctl-configuration\n" +" (settings '((\"net.ipv4.ip_forward\" . \"1\")))))\n" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19518 +#, no-wrap +msgid "{Data Type} sysctl-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19520 +msgid "The data type representing the configuration of @command{sysctl}." +msgstr "" + +#. type: item +#: doc/guix.texi:19522 +#, no-wrap +msgid "@code{sysctl} (default: @code{(file-append procps \"/sbin/sysctl\"})" +msgstr "" + +#. type: table +#: doc/guix.texi:19524 +msgid "The @command{sysctl} executable to use." +msgstr "" + +#. type: item +#: doc/guix.texi:19525 +#, no-wrap +msgid "@code{settings} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:19527 +msgid "An association list specifies kernel parameters and their values." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19530 +#, no-wrap +msgid "lirc" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:19531 +#, no-wrap +msgid "Lirc Service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19534 +msgid "The @code{(gnu services lirc)} module provides the following service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19535 +#, no-wrap +msgid "{Scheme Procedure} lirc-service [#:lirc lirc] @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:19540 +msgid "" +"[#:device #f] [#:driver #f] [#:config-file #f] @ [#:extra-options '()] Return a service that runs @url{http://www.lirc.org,LIRC}, a " +"daemon that decodes infrared signals from remote controls." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19544 +msgid "" +"Optionally, @var{device}, @var{driver} and @var{config-file} (configuration file name) may be specified. See @command{lircd} manual " +"for details." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19547 +msgid "Finally, @var{extra-options} is a list of additional command-line options passed to @command{lircd}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19549 +#, no-wrap +msgid "spice" +msgstr "" + +#. type: subsubheading +#: doc/guix.texi:19550 +#, no-wrap +msgid "Spice Service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19553 +msgid "The @code{(gnu services spice)} module provides the following service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19554 +#, no-wrap +msgid "{Scheme Procedure} spice-vdagent-service [#:spice-vdagent]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:19558 +msgid "" +"Returns a service that runs @url{http://www.spice-space.org,VDAGENT}, a daemon that enables sharing the clipboard with a vm and " +"setting the guest display resolution when the graphical console window resizes." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:19560 +#, no-wrap +msgid "Dictionary Services" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19561 +#, no-wrap +msgid "dictionary" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19563 +msgid "The @code{(gnu services dict)} module provides the following service:" +msgstr "" + +#. type: deffn +#: doc/guix.texi:19564 +#, no-wrap +msgid "{Scheme Procedure} dicod-service [#:config (dicod-configuration)]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:19567 +msgid "" +"Return a service that runs the @command{dicod} daemon, an implementation of DICT server (@pxref{Dicod,,, dico, GNU Dico Manual})." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19571 +msgid "" +"The optional @var{config} argument specifies the configuration for @command{dicod}, which should be a @code{} " +"object, by default it serves the GNU Collaborative International Dictonary of English." +msgstr "" + +#. type: deffn +#: doc/guix.texi:19575 +msgid "" +"You can add @command{open localhost} to your @file{~/.dico} file to make @code{localhost} the default server for @command{dico} " +"client (@pxref{Initialization File,,, dico, GNU Dico Manual})." +msgstr "" + +#. type: deftp +#: doc/guix.texi:19577 +#, no-wrap +msgid "{Data Type} dicod-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19579 +msgid "Data type representing the configuration of dicod." +msgstr "" + +#. type: item +#: doc/guix.texi:19581 +#, no-wrap +msgid "@code{dico} (default: @var{dico})" +msgstr "" + +#. type: table +#: doc/guix.texi:19583 +msgid "Package object of the GNU Dico dictionary server." +msgstr "" + +#. type: item +#: doc/guix.texi:19584 +#, no-wrap +msgid "@code{interfaces} (default: @var{'(\"localhost\")})" +msgstr "" + +#. type: table +#: doc/guix.texi:19588 +msgid "" +"This is the list of IP addresses and ports and possibly socket file names to listen to (@pxref{Server Settings, @code{listen} " +"directive,, dico, GNU Dico Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:19589 +#, no-wrap +msgid "@code{handlers} (default: @var{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:19591 +msgid "List of @code{} objects denoting handlers (module instances)." +msgstr "" + +#. type: item +#: doc/guix.texi:19592 +#, no-wrap +msgid "@code{databases} (default: @var{(list %dicod-database:gcide)})" +msgstr "" + +#. type: table +#: doc/guix.texi:19594 +msgid "List of @code{} objects denoting dictionaries to be served." +msgstr "" + +#. type: deftp +#: doc/guix.texi:19597 +#, no-wrap +msgid "{Data Type} dicod-handler" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19599 +msgid "Data type representing a dictionary handler (module instance)." +msgstr "" + +#. type: table +#: doc/guix.texi:19603 +msgid "Name of the handler (module instance)." +msgstr "" + +#. type: item +#: doc/guix.texi:19604 +#, no-wrap +msgid "@code{module} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:19608 +msgid "" +"Name of the dicod module of the handler (instance). If it is @code{#f}, the module has the same name as the handler. " +"(@pxref{Modules,,, dico, GNU Dico Manual})." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:19609 doc/guix.texi:19629 +#, no-wrap +msgid "options" +msgstr "" + +#. type: table +#: doc/guix.texi:19611 +msgid "List of strings or gexps representing the arguments for the module handler" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19614 +#, no-wrap +msgid "{Data Type} dicod-database" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19616 +msgid "Data type representing a dictionary database." +msgstr "" + +#. type: table +#: doc/guix.texi:19620 +msgid "Name of the database, will be used in DICT commands." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:19621 +#, no-wrap +msgid "handler" +msgstr "" + +#. type: table +#: doc/guix.texi:19624 +msgid "Name of the dicod handler (module instance) used by this database (@pxref{Handlers,,, dico, GNU Dico Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:19625 +#, no-wrap +msgid "@code{complex?} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:19628 +msgid "" +"Whether the database configuration complex. The complex configuration will need a corresponding @code{} object, " +"otherwise not." +msgstr "" + +#. type: table +#: doc/guix.texi:19632 +msgid "List of strings or gexps representing the arguments for the database (@pxref{Databases,,, dico, GNU Dico Manual})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19635 +#, no-wrap +msgid "{Scheme Variable} %dicod-database:gcide" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19638 +msgid "" +"A @code{} object serving the GNU Collaborative International Dictionary of English using the @code{gcide} package." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19641 +msgid "The following is an example @code{dicod-service} configuration." +msgstr "" + +#. type: example +#: doc/guix.texi:19656 +#, no-wrap +msgid "" +"(dicod-service #:config\n" +" (dicod-configuration\n" +" (handlers (list (dicod-handler\n" +" (name \"wordnet\")\n" +" (module \"dictorg\")\n" +" (options\n" +" (list #~(string-append \"dbdir=\" #$wordnet))))))\n" +" (databases (list (dicod-database\n" +" (name \"wordnet\")\n" +" (complex? #t)\n" +" (handler \"wordnet\")\n" +" (options '(\"database=wn\")))\n" +" %dicod-database:gcide))))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19661 +#, no-wrap +msgid "setuid programs" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19671 +msgid "" +"Some programs need to run with ``root'' privileges, even when they are launched by unprivileged users. A notorious example is the " +"@command{passwd} program, which users can run to change their password, and which needs to access the @file{/etc/passwd} and @file{/" +"etc/shadow} files---something normally restricted to root, for obvious security reasons. To address that, these executables are " +"@dfn{setuid-root}, meaning that they always run with root privileges (@pxref{How Change Persona,,, libc, The GNU C Library Reference " +"Manual}, for more info about the setuid mechanism.)" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19678 +msgid "" +"The store itself @emph{cannot} contain setuid programs: that would be a security issue since any user on the system can write " +"derivations that populate the store (@pxref{The Store}). Thus, a different mechanism is used: instead of changing the setuid bit " +"directly on files that are in the store, we let the system administrator @emph{declare} which programs should be setuid root." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19684 +msgid "" +"The @code{setuid-programs} field of an @code{operating-system} declaration contains a list of G-expressions denoting the names of " +"programs to be setuid-root (@pxref{Using the Configuration System}). For instance, the @command{passwd} program, which is part of " +"the Shadow package, can be designated by this G-expression (@pxref{G-Expressions}):" +msgstr "" + +#. type: example +#: doc/guix.texi:19687 +#, no-wrap +msgid "#~(string-append #$shadow \"/bin/passwd\")\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19691 +msgid "A default set of setuid programs is defined by the @code{%setuid-programs} variable of the @code{(gnu system)} module." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19692 +#, no-wrap +msgid "{Scheme Variable} %setuid-programs" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19694 +msgid "A list of G-expressions denoting common programs that are setuid-root." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19697 +msgid "The list includes commands such as @command{passwd}, @command{ping}, @command{su}, and @command{sudo}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19703 +msgid "" +"Under the hood, the actual setuid programs are created in the @file{/run/setuid-programs} directory at system activation time. The " +"files in this directory refer to the ``real'' binaries, which are in the store." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19707 +#, no-wrap +msgid "HTTPS, certificates" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19708 +#, no-wrap +msgid "X.509 certificates" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19709 +#, no-wrap +msgid "TLS" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19716 +msgid "" +"Web servers available over HTTPS (that is, HTTP over the transport-layer security mechanism, TLS) send client programs an @dfn{X.509 " +"certificate} that the client can then use to @emph{authenticate} the server. To do that, clients verify that the server's " +"certificate is signed by a so-called @dfn{certificate authority} (CA). But to verify the CA's signature, clients must have first " +"acquired the CA's certificate." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19720 +msgid "" +"Web browsers such as GNU@tie{}IceCat include their own set of CA certificates, such that they are able to verify CA signatures out-" +"of-the-box." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19724 +msgid "" +"However, most other programs that can talk HTTPS---@command{wget}, @command{git}, @command{w3m}, etc.---need to be told where CA " +"certificates can be found." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19731 +msgid "" +"In GuixSD, this is done by adding a package that provides certificates to the @code{packages} field of the @code{operating-system} " +"declaration (@pxref{operating-system Reference}). GuixSD includes one such package, @code{nss-certs}, which is a set of CA " +"certificates provided as part of Mozilla's Network Security Services." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19736 +msgid "" +"Note that it is @emph{not} part of @var{%base-packages}, so you need to explicitly add it. The @file{/etc/ssl/certs} directory, " +"which is where most applications and libraries look for certificates by default, points to the certificates installed globally." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19746 +msgid "" +"Unprivileged users, including users of Guix on a foreign distro, can also install their own certificate package in their profile. A " +"number of environment variables need to be defined so that applications and libraries know where to find them. Namely, the OpenSSL " +"library honors the @code{SSL_CERT_DIR} and @code{SSL_CERT_FILE} variables. Some applications add their own environment variables; " +"for instance, the Git version control system honors the certificate bundle pointed to by the @code{GIT_SSL_CAINFO} environment " +"variable. Thus, you would typically run something like:" +msgstr "" + +#. type: example +#: doc/guix.texi:19752 +#, no-wrap +msgid "" +"$ guix package -i nss-certs\n" +"$ export SSL_CERT_DIR=\"$HOME/.guix-profile/etc/ssl/certs\"\n" +"$ export SSL_CERT_FILE=\"$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt\"\n" +"$ export GIT_SSL_CAINFO=\"$SSL_CERT_FILE\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19757 +msgid "" +"As another example, R requires the @code{CURL_CA_BUNDLE} environment variable to point to a certificate bundle, so you would have to " +"run something like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:19761 +#, no-wrap +msgid "" +"$ guix package -i nss-certs\n" +"$ export CURL_CA_BUNDLE=\"$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19765 +msgid "For other applications you may want to look up the required environment variable in the relevant documentation." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19770 +#, no-wrap +msgid "name service switch" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19771 +#, no-wrap +msgid "NSS" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19780 +msgid "" +"The @code{(gnu system nss)} module provides bindings to the configuration file of the libc @dfn{name service switch} or @dfn{NSS} " +"(@pxref{NSS Configuration File,,, libc, The GNU C Library Reference Manual}). In a nutshell, the NSS is a mechanism that allows " +"libc to be extended with new ``name'' lookup methods for system databases, which includes host names, service names, user accounts, " +"and more (@pxref{Name Service Switch, System Databases and Name Service Switch,, libc, The GNU C Library Reference Manual})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19787 +msgid "" +"The NSS configuration specifies, for each system database, which lookup method is to be used, and how the various methods are " +"chained together---for instance, under which circumstances NSS should try the next method in the list. The NSS configuration is " +"given in the @code{name-service-switch} field of @code{operating-system} declarations (@pxref{operating-system Reference, @code{name-" +"service-switch}})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:19788 +#, no-wrap +msgid "nss-mdns" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19789 +#, no-wrap +msgid ".local, host name lookup" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19794 +msgid "" +"As an example, the declaration below configures the NSS to use the @uref{http://0pointer.de/lennart/projects/nss-mdns/, @code{nss-" +"mdns} back-end}, which supports host name lookups over multicast DNS (mDNS) for host names ending in @code{.local}:" +msgstr "" + +#. type: example +#: doc/guix.texi:19798 +#, no-wrap +msgid "" +"(name-service-switch\n" +" (hosts (list %files ;first, check /etc/hosts\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:19803 +#, no-wrap +msgid "" +" ;; If the above did not succeed, try\n" +" ;; with 'mdns_minimal'.\n" +" (name-service\n" +" (name \"mdns_minimal\")\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:19809 +#, no-wrap +msgid "" +" ;; 'mdns_minimal' is authoritative for\n" +" ;; '.local'. When it returns \"not found\",\n" +" ;; no need to try the next methods.\n" +" (reaction (lookup-specification\n" +" (not-found => return))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:19813 +#, no-wrap +msgid "" +" ;; Then fall back to DNS.\n" +" (name-service\n" +" (name \"dns\"))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:19817 +#, no-wrap +msgid "" +" ;; Finally, try with the \"full\" 'mdns'.\n" +" (name-service\n" +" (name \"mdns\")))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19822 +msgid "" +"Do not worry: the @code{%mdns-host-lookup-nss} variable (see below) contains this configuration, so you will not have to type it if " +"all you want is to have @code{.local} host lookup working." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19830 +msgid "" +"Note that, in this case, in addition to setting the @code{name-service-switch} of the @code{operating-system} declaration, you also " +"need to use @code{avahi-service} (@pxref{Networking Services, @code{avahi-service}}), or @var{%desktop-services}, which includes it " +"(@pxref{Desktop Services}). Doing this makes @code{nss-mdns} accessible to the name service cache daemon (@pxref{Base Services, " +"@code{nscd-service}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19833 +msgid "For convenience, the following variables provide typical NSS configurations." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19834 +#, no-wrap +msgid "{Scheme Variable} %default-nss" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19837 +msgid "This is the default name service switch configuration, a @code{name-service-switch} object." +msgstr "" + +#. type: defvr +#: doc/guix.texi:19839 +#, no-wrap +msgid "{Scheme Variable} %mdns-host-lookup-nss" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19842 +msgid "" +"This is the name service switch configuration with support for host name lookup over multicast DNS (mDNS) for host names ending in " +"@code{.local}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19852 +msgid "" +"The reference for name service switch configuration is given below. It is a direct mapping of the configuration file format of the " +"C library , so please refer to the C library manual for more information (@pxref{NSS Configuration File,,, libc, The GNU C Library " +"Reference Manual}). Compared to the configuration file format of libc NSS, it has the advantage not only of adding this warm " +"parenthetic feel that we like, but also static checks: you will know about syntax errors and typos as soon as you run @command{guix " +"system}." +msgstr "" + +#. type: deftp +#: doc/guix.texi:19853 +#, no-wrap +msgid "{Data Type} name-service-switch" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19858 +msgid "" +"This is the data type representation the configuration of libc's name service switch (NSS). Each field below represents one of the " +"supported system databases." +msgstr "" + +#. type: item +#: doc/guix.texi:19860 +#, no-wrap +msgid "aliases" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19861 +#, no-wrap +msgid "ethers" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19863 +#, no-wrap +msgid "gshadow" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19864 +#, no-wrap +msgid "hosts" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19865 +#, no-wrap +msgid "initgroups" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19866 +#, no-wrap +msgid "netgroup" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19867 +#, no-wrap +msgid "networks" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19869 +#, no-wrap +msgid "public-key" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19870 +#, no-wrap +msgid "rpc" +msgstr "" + +#. type: itemx +#: doc/guix.texi:19872 +#, no-wrap +msgid "shadow" +msgstr "" + +#. type: table +#: doc/guix.texi:19875 +msgid "The system databases handled by the NSS. Each of these fields must be a list of @code{} objects (see below)." +msgstr "" + +#. type: deftp +#: doc/guix.texi:19878 +#, no-wrap +msgid "{Data Type} name-service" +msgstr "" + +#. type: deftp +#: doc/guix.texi:19882 +msgid "This is the data type representing an actual name service and the associated lookup action." +msgstr "" + +#. type: table +#: doc/guix.texi:19887 +msgid "A string denoting the name service (@pxref{Services in the NSS configuration,,, libc, The GNU C Library Reference Manual})." +msgstr "" + +#. type: table +#: doc/guix.texi:19892 +msgid "" +"Note that name services listed here must be visible to nscd. This is achieved by passing the @code{#:name-services} argument to " +"@code{nscd-service} the list of packages providing the needed name services (@pxref{Base Services, @code{nscd-service}})." +msgstr "" + +#. type: item +#: doc/guix.texi:19893 +#, no-wrap +msgid "reaction" +msgstr "" + +#. type: table +#: doc/guix.texi:19897 +msgid "" +"An action specified using the @code{lookup-specification} macro (@pxref{Actions in the NSS configuration,,, libc, The GNU C Library " +"Reference Manual}). For example:" +msgstr "" + +#. type: example +#: doc/guix.texi:19901 +#, no-wrap +msgid "" +"(lookup-specification (unavailable => continue)\n" +" (success => return))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19915 +msgid "" +"For bootstrapping purposes, the Linux-Libre kernel is passed an @dfn{initial RAM disk}, or @dfn{initrd}. An initrd contains a " +"temporary root file system as well as an initialization script. The latter is responsible for mounting the real root file system, " +"and for loading any kernel modules that may be needed to achieve that." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19924 +msgid "" +"The @code{initrd-modules} field of an @code{operating-system} declaration allows you to specify Linux-libre kernel modules that must " +"be available in the initrd. In particular, this is where you would list modules needed to actually drive the hard disk where your " +"root partition is---although the default value of @code{initrd-modules} should cover most use cases. For example, assuming you need " +"the @code{megaraid_sas} module in addition to the default modules to be able to access your root file system, you would write:" +msgstr "" + +#. type: example +#: doc/guix.texi:19929 +#, no-wrap +msgid "" +"(operating-system\n" +" ;; @dots{}\n" +" (initrd-modules (cons \"megaraid_sas\" %base-initrd-modules)))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19931 +#, no-wrap +msgid "{Scheme Variable} %base-initrd-modules" +msgstr "" + +#. type: defvr +#: doc/guix.texi:19933 +msgid "This is the list of kernel modules included in the initrd by default." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19941 +msgid "" +"Furthermore, if you need lower-level customization, the @code{initrd} field of an @code{operating-system} declaration allows you to " +"specify which initrd you would like to use. The @code{(gnu system linux-initrd)} module provides three ways to build an initrd: the " +"high-level @code{base-initrd} procedure and the low-level @code{raw-initrd} and @code{expression->initrd} procedures." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19946 +msgid "" +"The @code{base-initrd} procedure is intended to cover most common uses. For example, if you want to add a bunch of kernel modules " +"to be loaded at boot time, you can define the @code{initrd} field of the operating system declaration like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:19954 +#, no-wrap +msgid "" +"(initrd (lambda (file-systems . rest)\n" +" ;; Create a standard initrd but set up networking\n" +" ;; with the parameters QEMU expects by default.\n" +" (apply base-initrd file-systems\n" +" #:qemu-networking? #t\n" +" rest)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19959 +msgid "" +"The @code{base-initrd} procedure also handles common use cases that involves using the system as a QEMU guest, or as a ``live'' " +"system with volatile root file system." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19966 +msgid "" +"The @code{base-initrd} procedure is built from @code{raw-initrd} procedure. Unlike @code{base-initrd}, @code{raw-initrd} doesn't do " +"anything high-level, such as trying to guess which kernel modules and packages should be included to the initrd. An example use of " +"@code{raw-initrd} is when a user has a custom Linux kernel configuration and default kernel modules included by @code{base-initrd} " +"are not available." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:19971 +msgid "" +"The initial RAM disk produced by @code{base-initrd} or @code{raw-initrd} honors several options passed on the Linux kernel command " +"line (that is, arguments passed @i{via} the @code{linux} command of GRUB, or the @code{-append} option of QEMU), notably:" +msgstr "" + +#. type: item +#: doc/guix.texi:19973 +#, no-wrap +msgid "--load=@var{boot}" +msgstr "" + +#. type: table +#: doc/guix.texi:19976 +msgid "Tell the initial RAM disk to load @var{boot}, a file containing a Scheme program, once it has mounted the root file system." +msgstr "" + +#. type: table +#: doc/guix.texi:19980 +msgid "" +"GuixSD uses this option to yield control to a boot program that runs the service activation programs and then spawns the GNU@tie{}" +"Shepherd, the initialization system." +msgstr "" + +#. type: item +#: doc/guix.texi:19981 +#, no-wrap +msgid "--root=@var{root}" +msgstr "" + +#. type: table +#: doc/guix.texi:19985 +msgid "" +"Mount @var{root} as the root file system. @var{root} can be a device name like @code{/dev/sda1}, a file system label, or a file " +"system UUID." +msgstr "" + +#. type: table +#: doc/guix.texi:19989 +msgid "Have @file{/run/booted-system} and @file{/run/current-system} point to @var{system}." +msgstr "" + +#. type: item +#: doc/guix.texi:19990 +#, no-wrap +msgid "modprobe.blacklist=@var{modules}@dots{}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19991 +#, no-wrap +msgid "module, black-listing" +msgstr "" + +#. type: cindex +#: doc/guix.texi:19992 +#, no-wrap +msgid "black list, of kernel modules" +msgstr "" + +#. type: table +#: doc/guix.texi:19997 +msgid "" +"Instruct the initial RAM disk as well as the @command{modprobe} command (from the kmod package) to refuse to load @var{modules}. " +"@var{modules} must be a comma-separated list of module names---e.g., @code{usbkbd,9pnet}." +msgstr "" + +#. type: item +#: doc/guix.texi:19998 +#, no-wrap +msgid "--repl" +msgstr "" + +#. type: table +#: doc/guix.texi:20004 +msgid "" +"Start a read-eval-print loop (REPL) from the initial RAM disk before it tries to load kernel modules and to mount the root file " +"system. Our marketing team calls it @dfn{boot-to-Guile}. The Schemer in you will love it. @xref{Using Guile Interactively,,, " +"guile, GNU Guile Reference Manual}, for more information on Guile's REPL." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20010 +msgid "" +"Now that you know all the features that initial RAM disks produced by @code{base-initrd} and @code{raw-initrd} provide, here is how " +"to use it and customize it further." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20013 +#, no-wrap +msgid "{Monadic Procedure} raw-initrd @var{file-systems} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:20025 +msgid "" +"[#:linux-modules '()] [#:mapped-devices '()] @ [#:helper-packages '()] [#:qemu-networking? #f] [#:volatile-root? #f] Return a " +"monadic derivation that builds a raw initrd. @var{file-systems} is a list of file systems to be mounted by the initrd, possibly in " +"addition to the root file system specified on the kernel command line via @code{--root}. @var{linux-modules} is a list of kernel " +"modules to be loaded at boot time. @var{mapped-devices} is a list of device mappings to realize before @var{file-systems} are " +"mounted (@pxref{Mapped Devices}). @var{helper-packages} is a list of packages to be copied in the initrd. It may include " +"@code{e2fsck/static} or other packages needed by the initrd to check the root file system." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20029 +msgid "" +"When @var{qemu-networking?} is true, set up networking with the standard QEMU parameters. When @var{virtio?} is true, load " +"additional modules so that the initrd can be used as a QEMU guest with para-virtualized I/O drivers." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20032 +msgid "When @var{volatile-root?} is true, the root file system is writable but any changes to it are lost." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20034 +#, no-wrap +msgid "{Monadic Procedure} base-initrd @var{file-systems} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:20042 +msgid "" +"[#:mapped-devices '()] [#:qemu-networking? #f] [#:volatile-root? #f]@ [#:linux-modules '()] Return a monadic derivation that builds " +"a generic initrd, with kernel modules taken from @var{linux}. @var{file-systems} is a list of file-systems to be mounted by the " +"initrd, possibly in addition to the root file system specified on the kernel command line via @code{--root}. @var{mapped-devices} " +"is a list of device mappings to realize before @var{file-systems} are mounted." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20044 +msgid "@var{qemu-networking?} and @var{volatile-root?} behaves as in @code{raw-initrd}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20049 +msgid "" +"The initrd is automatically populated with all the kernel modules necessary for @var{file-systems} and for the given options. " +"Additional kernel modules can be listed in @var{linux-modules}. They will be added to the initrd, and loaded at boot time in the " +"order in which they appear." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20056 +msgid "" +"Needless to say, the initrds we produce and use embed a statically-linked Guile, and the initialization program is a Guile program. " +"That gives a lot of flexibility. The @code{expression->initrd} procedure builds such an initrd, given the program to run in that " +"initrd." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20057 +#, no-wrap +msgid "{Monadic Procedure} expression->initrd @var{exp} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:20063 +msgid "" +"[#:guile %guile-static-stripped] [#:name \"guile-initrd\"] Return a derivation that builds a Linux initrd (a gzipped cpio archive) " +"containing @var{guile} and that evaluates @var{exp}, a G-expression, upon booting. All the derivations referenced by @var{exp} are " +"automatically copied to the initrd." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20069 +#, no-wrap +msgid "boot loader" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20076 +msgid "" +"The operating system supports multiple bootloaders. The bootloader is configured using @code{bootloader-configuration} " +"declaration. All the fields of this structure are bootloader agnostic except for one field, @code{bootloader} that indicates the " +"bootloader to be configured and installed." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20081 +msgid "" +"Some of the bootloaders do not honor every field of @code{bootloader-configuration}. For instance, the extlinux bootloader does not " +"support themes and thus ignores the @code{theme} field." +msgstr "" + +#. type: deftp +#: doc/guix.texi:20082 +#, no-wrap +msgid "{Data Type} bootloader-configuration" +msgstr "" + +#. type: deftp +#: doc/guix.texi:20084 +msgid "The type of a bootloader configuration declaration." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20088 +#, no-wrap +msgid "EFI, bootloader" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20089 +#, no-wrap +msgid "UEFI, bootloader" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20090 +#, no-wrap +msgid "BIOS, bootloader" +msgstr "" + +#. type: table +#: doc/guix.texi:20096 +msgid "" +"The bootloader to use, as a @code{bootloader} object. For now @code{grub-bootloader}, @code{grub-efi-bootloader}, @code{extlinux-" +"bootloader} and @code{u-boot-bootloader} are supported. @code{grub-efi-bootloader} allows to boot on modern systems using the " +"@dfn{Unified Extensible Firmware Interface} (UEFI)." +msgstr "" + +#. type: table +#: doc/guix.texi:20099 +msgid "Available bootloaders are described in @code{(gnu bootloader @dots{})} modules." +msgstr "" + +#. type: table +#: doc/guix.texi:20109 +msgid "" +"This is a string denoting the target onto which to install the bootloader. The exact interpretation depends on the bootloader in " +"question; for @code{grub-bootloader}, for example, it should be a device name understood by the bootloader @command{installer} " +"command, such as @code{/dev/sda} or @code{(hd0)} (for GRUB, @pxref{Invoking grub-install,,, grub, GNU GRUB Manual}). For @code{grub-" +"efi-bootloader}, it should be the path to a mounted EFI file system." +msgstr "" + +#. type: item +#: doc/guix.texi:20110 +#, no-wrap +msgid "@code{menu-entries} (default: @code{()})" +msgstr "" + +#. type: table +#: doc/guix.texi:20114 +msgid "" +"A possibly empty list of @code{menu-entry} objects (see below), denoting entries to appear in the bootloader menu, in addition to " +"the current system entry and the entry pointing to previous system generations." +msgstr "" + +#. type: item +#: doc/guix.texi:20115 +#, no-wrap +msgid "@code{default-entry} (default: @code{0})" +msgstr "" + +#. type: table +#: doc/guix.texi:20118 +msgid "The index of the default boot menu entry. Index 0 is for the entry of the current system." +msgstr "" + +#. type: item +#: doc/guix.texi:20119 +#, no-wrap +msgid "@code{timeout} (default: @code{5})" +msgstr "" + +#. type: table +#: doc/guix.texi:20122 +msgid "The number of seconds to wait for keyboard input before booting. Set to 0 to boot immediately, and to -1 to wait indefinitely." +msgstr "" + +#. type: item +#: doc/guix.texi:20123 +#, no-wrap +msgid "@code{theme} (default: @var{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:20127 +msgid "" +"The bootloader theme object describing the theme to use. If no theme is provided, some bootloaders might use a default theme, " +"that's true for GRUB." +msgstr "" + +#. type: item +#: doc/guix.texi:20128 +#, no-wrap +msgid "@code{terminal-outputs} (default: @code{'gfxterm})" +msgstr "" + +#. type: table +#: doc/guix.texi:20135 +msgid "" +"The output terminals used for the bootloader boot menu, as a list of symbols. GRUB accepts the values: @code{console}, " +"@code{serial}, @code{serial_@{0-3@}}, @code{gfxterm}, @code{vga_text}, @code{mda_text}, @code{morse}, and @code{pkmodem}. This " +"field corresponds to the GRUB variable GRUB_TERMINAL_OUTPUT (@pxref{Simple configuration,,, grub,GNU GRUB manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:20136 +#, no-wrap +msgid "@code{terminal-inputs} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:20144 +msgid "" +"The input terminals used for the bootloader boot menu, as a list of symbols. For GRUB, the default is the native platform terminal " +"as determined at run-time. GRUB accepts the values: @code{console}, @code{serial}, @code{serial_@{0-3@}}, @code{at_keyboard}, and " +"@code{usb_keyboard}. This field corresponds to the GRUB variable GRUB_TERMINAL_INPUT (@pxref{Simple configuration,,, grub,GNU GRUB " +"manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:20145 +#, no-wrap +msgid "@code{serial-unit} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:20149 +msgid "" +"The serial unit used by the bootloader, as an integer from 0 to 3. For GRUB, it is chosen at run-time; currently GRUB chooses 0, " +"which corresponds to COM1 (@pxref{Serial terminal,,, grub,GNU GRUB manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:20150 +#, no-wrap +msgid "@code{serial-speed} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:20154 +msgid "" +"The speed of the serial interface, as an integer. For GRUB, the default value is chosen at run-time; currently GRUB chooses " +"9600@tie{}bps (@pxref{Serial terminal,,, grub,GNU GRUB manual})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20158 +#, no-wrap +msgid "dual boot" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20159 +#, no-wrap +msgid "boot menu" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20165 +msgid "" +"Should you want to list additional boot menu entries @i{via} the @code{menu-entries} field above, you will need to create them with " +"the @code{menu-entry} form. For example, imagine you want to be able to boot another distro (hard to imagine!), you can define a " +"menu entry along these lines:" +msgstr "" + +#. type: example +#: doc/guix.texi:20172 +#, no-wrap +msgid "" +"(menu-entry\n" +" (label \"The Other Distro\")\n" +" (linux \"/boot/old/vmlinux-2.6.32\")\n" +" (linux-arguments '(\"root=/dev/sda2\"))\n" +" (initrd \"/boot/old/initrd\"))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20175 +msgid "Details below." +msgstr "" + +#. type: deftp +#: doc/guix.texi:20176 +#, no-wrap +msgid "{Data Type} menu-entry" +msgstr "" + +#. type: deftp +#: doc/guix.texi:20178 +msgid "The type of an entry in the bootloader menu." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:20181 +#, no-wrap +msgid "label" +msgstr "" + +#. type: table +#: doc/guix.texi:20183 +msgid "The label to show in the menu---e.g., @code{\"GNU\"}." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:20184 +#, no-wrap +msgid "linux" +msgstr "" + +#. type: table +#: doc/guix.texi:20186 +msgid "The Linux kernel image to boot, for example:" +msgstr "" + +#. type: example +#: doc/guix.texi:20189 +#, no-wrap +msgid "(file-append linux-libre \"/bzImage\")\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20194 +msgid "" +"For GRUB, it is also possible to specify a device explicitly in the file path using GRUB's device naming convention (@pxref{Naming " +"convention,,, grub, GNU GRUB manual}), for example:" +msgstr "" + +#. type: example +#: doc/guix.texi:20197 +#, no-wrap +msgid "\"(hd0,msdos1)/boot/vmlinuz\"\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20201 +msgid "If the device is specified explicitly as above, then the @code{device} field is ignored entirely." +msgstr "" + +#. type: item +#: doc/guix.texi:20202 +#, no-wrap +msgid "@code{linux-arguments} (default: @code{()})" +msgstr "" + +#. type: table +#: doc/guix.texi:20205 +msgid "The list of extra Linux kernel command-line arguments---e.g., @code{(\"console=ttyS0\")}." +msgstr "" + +#. type: table +#: doc/guix.texi:20209 +msgid "A G-Expression or string denoting the file name of the initial RAM disk to use (@pxref{G-Expressions})." +msgstr "" + +#. type: item +#: doc/guix.texi:20209 +#, no-wrap +msgid "@code{device} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:20212 +msgid "" +"The device where the kernel and initrd are to be found---i.e., for GRUB, @dfn{root} for this menu entry (@pxref{root,,, grub, GNU " +"GRUB manual})." +msgstr "" + +#. type: table +#: doc/guix.texi:20218 +msgid "" +"This may be a file system label (a string), a file system UUID (a bytevector, @pxref{File Systems}), or @code{#f}, in which case the " +"bootloader will search the device containing the file specified by the @code{linux} field (@pxref{search,,, grub, GNU GRUB " +"manual}). It must @emph{not} be an OS device name such as @file{/dev/sda1}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20225 +msgid "Fow now only GRUB has theme support. GRUB themes are created using the @code{grub-theme} form, which is not documented yet." +msgstr "" + +#. type: defvr +#: doc/guix.texi:20230 +msgid "" +"This is the default GRUB theme used by the operating system if no @code{theme} field is specified in @code{bootloader-configuration} " +"record." +msgstr "" + +#. type: defvr +#: doc/guix.texi:20233 +msgid "It comes with a fancy background image displaying the GNU and Guix logos." +msgstr "" + +#. type: subsection +#: doc/guix.texi:20237 +#, no-wrap +msgid "Invoking @code{guix system}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20242 +msgid "" +"Once you have written an operating system declaration as seen in the previous section, it can be @dfn{instantiated} using the " +"@command{guix system} command. The synopsis is:" +msgstr "" + +#. type: example +#: doc/guix.texi:20245 +#, no-wrap +msgid "guix system @var{options}@dots{} @var{action} @var{file}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20251 +msgid "" +"@var{file} must be the name of a file containing an @code{operating-system} declaration. @var{action} specifies how the operating " +"system is instantiated. Currently the following values are supported:" +msgstr "" + +#. type: item +#: doc/guix.texi:20253 +#, no-wrap +msgid "search" +msgstr "" + +#. type: table +#: doc/guix.texi:20256 +msgid "Display available service type definitions that match the given regular expressions, sorted by relevance:" +msgstr "" + +#. type: example +#: doc/guix.texi:20268 +#, no-wrap +msgid "" +"$ guix system search console font\n" +"name: console-fonts\n" +"location: gnu/services/base.scm:729:2\n" +"extends: shepherd-root\n" +"description: Install the given fonts on the specified ttys (fonts are\n" +"+ per virtual console on GNU/Linux). The value of this service is a list\n" +"+ of tty/font pairs like:\n" +"+ \n" +"+ '((\"tty1\" . \"LatGrkCyr-8x16\"))\n" +"relevance: 20\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:20274 +#, no-wrap +msgid "" +"name: mingetty\n" +"location: gnu/services/base.scm:1048:2\n" +"extends: shepherd-root\n" +"description: Provide console login using the `mingetty' program.\n" +"relevance: 2\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:20281 +#, no-wrap +msgid "" +"name: login\n" +"location: gnu/services/base.scm:775:2\n" +"extends: pam\n" +"description: Provide a console log-in service as specified by its\n" +"+ configuration value, a `login-configuration' object.\n" +"relevance: 2\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:20283 +#, no-wrap +msgid "@dots{}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20288 +msgid "" +"As for @command{guix package --search}, the result is written in @code{recutils} format, which makes it easy to filter the output " +"(@pxref{Top, GNU recutils databases,, recutils, GNU recutils manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:20289 +#, no-wrap +msgid "reconfigure" +msgstr "" + +#. type: table +#: doc/guix.texi:20294 +msgid "" +"Build the operating system described in @var{file}, activate it, and switch to it@footnote{This action (and the related actions " +"@code{switch-generation} and @code{roll-back}) are usable only on systems already running GuixSD.}." +msgstr "" + +#. type: table +#: doc/guix.texi:20301 +msgid "" +"This effects all the configuration specified in @var{file}: user accounts, system services, global package list, setuid programs, " +"etc. The command starts system services specified in @var{file} that are not currently running; if a service is currently running, " +"it does not attempt to upgrade it since this would not be possible without stopping it first." +msgstr "" + +#. type: table +#: doc/guix.texi:20307 +msgid "" +"This command creates a new generation whose number is one greater than the current generation (as reported by @command{guix system " +"list-generations}). If that generation already exists, it will be overwritten. This behavior mirrors that of @command{guix " +"package} (@pxref{Invoking guix package})." +msgstr "" + +#. type: table +#: doc/guix.texi:20312 +msgid "" +"It also adds a bootloader menu entry for the new OS configuration, ---unless @option{--no-bootloader} is passed. For GRUB, it moves " +"entries for older configurations to a submenu, allowing you to choose an older system generation at boot time should you need it." +msgstr "" + +#. type: quotation +#: doc/guix.texi:20320 +msgid "" +"It is highly recommended to run @command{guix pull} once before you run @command{guix system reconfigure} for the first time " +"(@pxref{Invoking guix pull}). Failing to do that you would see an older version of Guix once @command{reconfigure} has completed." +msgstr "" + +#. type: item +#: doc/guix.texi:20322 +#, no-wrap +msgid "switch-generation" +msgstr "" + +#. type: table +#: doc/guix.texi:20331 +msgid "" +"Switch to an existing system generation. This action atomically switches the system profile to the specified system generation. It " +"also rearranges the system's existing bootloader menu entries. It makes the menu entry for the specified system generation the " +"default, and it moves the entries for the other generatiors to a submenu, if supported by the bootloader being used. The next time " +"the system boots, it will use the specified system generation." +msgstr "" + +#. type: table +#: doc/guix.texi:20335 +msgid "" +"The bootloader itself is not being reinstalled when using this command. Thus, the installed bootloader is used with an updated " +"configuration file." +msgstr "" + +#. type: table +#: doc/guix.texi:20339 +msgid "" +"The target generation can be specified explicitly by its generation number. For example, the following invocation would switch to " +"system generation 7:" +msgstr "" + +#. type: example +#: doc/guix.texi:20342 +#, no-wrap +msgid "guix system switch-generation 7\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20350 +msgid "" +"The target generation can also be specified relative to the current generation with the form @code{+N} or @code{-N}, where @code{+3} " +"means ``3 generations ahead of the current generation,'' and @code{-1} means ``1 generation prior to the current generation.'' When " +"specifying a negative value such as @code{-1}, you must precede it with @code{--} to prevent it from being parsed as an option. For " +"example:" +msgstr "" + +#. type: example +#: doc/guix.texi:20353 +#, no-wrap +msgid "guix system switch-generation -- -1\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20361 +msgid "" +"Currently, the effect of invoking this action is @emph{only} to switch the system profile to an existing generation and rearrange " +"the bootloader menu entries. To actually start using the target system generation, you must reboot after running this action. In " +"the future, it will be updated to do the same things as @command{reconfigure}, like activating and deactivating services." +msgstr "" + +#. type: table +#: doc/guix.texi:20363 +msgid "This action will fail if the specified generation does not exist." +msgstr "" + +#. type: item +#: doc/guix.texi:20364 +#, no-wrap +msgid "roll-back" +msgstr "" + +#. type: table +#: doc/guix.texi:20370 +msgid "" +"Switch to the preceding system generation. The next time the system boots, it will use the preceding system generation. This is " +"the inverse of @command{reconfigure}, and it is exactly the same as invoking @command{switch-generation} with an argument of " +"@code{-1}." +msgstr "" + +#. type: table +#: doc/guix.texi:20374 +msgid "" +"Currently, as with @command{switch-generation}, you must reboot after running this action to actually start using the preceding " +"system generation." +msgstr "" + +#. type: table +#: doc/guix.texi:20379 +msgid "" +"Build the derivation of the operating system, which includes all the configuration files and programs needed to boot and run the " +"system. This action does not actually install anything." +msgstr "" + +#. type: item +#: doc/guix.texi:20380 +#, no-wrap +msgid "init" +msgstr "" + +#. type: table +#: doc/guix.texi:20384 +msgid "" +"Populate the given directory with all the files necessary to run the operating system specified in @var{file}. This is useful for " +"first-time installations of GuixSD. For instance:" +msgstr "" + +#. type: example +#: doc/guix.texi:20387 +#, no-wrap +msgid "guix system init my-os-config.scm /mnt\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20394 +msgid "" +"copies to @file{/mnt} all the store items required by the configuration specified in @file{my-os-config.scm}. This includes " +"configuration files, packages, and so on. It also creates other essential files needed for the system to operate correctly---e.g., " +"the @file{/etc}, @file{/var}, and @file{/run} directories, and the @file{/bin/sh} file." +msgstr "" + +#. type: table +#: doc/guix.texi:20398 +msgid "" +"This command also installs bootloader on the target specified in @file{my-os-config}, unless the @option{--no-bootloader} option was " +"passed." +msgstr "" + +#. type: item +#: doc/guix.texi:20399 +#, no-wrap +msgid "vm" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20400 doc/guix.texi:20664 +#, no-wrap +msgid "virtual machine" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20401 +#, no-wrap +msgid "VM" +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:20408 +msgid "guix system vm" +msgstr "" + +#. type: table +#: doc/guix.texi:20408 +msgid "" +"Build a virtual machine that contains the operating system declared in @var{file}, and return a script to run that virtual machine " +"(VM). Arguments given to the script are passed to QEMU as in the example below, which enables networking and requests 1@tie{}GiB of " +"RAM for the emulated machine:" +msgstr "" + +#. type: example +#: doc/guix.texi:20411 +#, no-wrap +msgid "$ /gnu/store/@dots{}-run-vm.sh -m 1024 -net user\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20414 +msgid "The VM shares its store with the host system." +msgstr "" + +#. type: table +#: doc/guix.texi:20419 +msgid "" +"Additional file systems can be shared between the host and the VM using the @code{--share} and @code{--expose} command-line options: " +"the former specifies a directory to be shared with write access, while the latter provides read-only access to the shared directory." +msgstr "" + +#. type: table +#: doc/guix.texi:20423 +msgid "" +"The example below creates a VM in which the user's home directory is accessible read-only, and where the @file{/exchange} directory " +"is a read-write mapping of @file{$HOME/tmp} on the host:" +msgstr "" + +#. type: example +#: doc/guix.texi:20427 +#, no-wrap +msgid "" +"guix system vm my-config.scm \\\n" +" --expose=$HOME --share=$HOME/tmp=/exchange\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20432 +msgid "" +"On GNU/Linux, the default is to boot directly to the kernel; this has the advantage of requiring only a very tiny root disk image " +"since the store of the host can then be mounted." +msgstr "" + +#. type: table +#: doc/guix.texi:20438 +msgid "" +"The @code{--full-boot} option forces a complete boot sequence, starting with the bootloader. This requires more disk space since a " +"root image containing at least the kernel, initrd, and bootloader data files must be created. The @code{--image-size} option can be " +"used to specify the size of the image." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20439 +#, no-wrap +msgid "System images, creation in various formats" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20440 +#, no-wrap +msgid "Creating system images in various formats" +msgstr "" + +#. type: item +#: doc/guix.texi:20441 +#, no-wrap +msgid "vm-image" +msgstr "" + +#. type: itemx +#: doc/guix.texi:20442 +#, no-wrap +msgid "disk-image" +msgstr "" + +#. type: itemx +#: doc/guix.texi:20443 +#, no-wrap +msgid "docker-image" +msgstr "" + +#. type: table +#: doc/guix.texi:20451 +msgid "" +"Return a virtual machine, disk image, or Docker image of the operating system declared in @var{file} that stands alone. By default, " +"@command{guix system} estimates the size of the image needed to store the system, but you can use the @option{--image-size} option " +"to specify a value. Docker images are built to contain exactly what they need, so the @option{--image-size} option is ignored in " +"the case of @code{docker-image}." +msgstr "" + +#. type: table +#: doc/guix.texi:20454 +msgid "You can specify the root file system type by using the @option{--file-system-type} option. It defaults to @code{ext4}." +msgstr "" + +#. type: table +#: doc/guix.texi:20458 +msgid "" +"When using @code{vm-image}, the returned image is in qcow2 format, which the QEMU emulator can efficiently use. @xref{Running GuixSD " +"in a VM}, for more information on how to run the image in a virtual machine." +msgstr "" + +#. type: table +#: doc/guix.texi:20463 +msgid "" +"When using @code{disk-image}, a raw disk image is produced; it can be copied as is to a USB stick, for instance. Assuming @code{/" +"dev/sdc} is the device corresponding to a USB stick, one can copy the image to it using the following command:" +msgstr "" + +#. type: example +#: doc/guix.texi:20466 +#, no-wrap +msgid "# dd if=$(guix system disk-image my-os.scm) of=/dev/sdc\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20473 +msgid "" +"When using @code{docker-image}, a Docker image is produced. Guix builds the image from scratch, not from a pre-existing Docker base " +"image. As a result, it contains @emph{exactly} what you define in the operating system configuration file. You can then load the " +"image and launch a Docker container using commands like the following:" +msgstr "" + +#. type: example +#: doc/guix.texi:20479 +#, no-wrap +msgid "" +"image_id=\"$(docker load < guixsd-docker-image.tar.gz)\"\n" +"docker run -e GUIX_NEW_SYSTEM=/var/guix/profiles/system \\\\\n" +" --entrypoint /var/guix/profiles/system/profile/bin/guile \\\\\n" +" $image_id /var/guix/profiles/system/boot\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20489 +msgid "" +"This command starts a new Docker container from the specified image. It will boot the GuixSD system in the usual manner, which " +"means it will start any services you have defined in the operating system configuration. Depending on what you run in the Docker " +"container, it may be necessary to give the container additional permissions. For example, if you intend to build software using " +"Guix inside of the Docker container, you may need to pass the @option{--privileged} option to @code{docker run}." +msgstr "" + +#. type: table +#: doc/guix.texi:20497 +msgid "" +"Return a script to run the operating system declared in @var{file} within a container. Containers are a set of lightweight " +"isolation mechanisms provided by the kernel Linux-libre. Containers are substantially less resource-demanding than full virtual " +"machines since the kernel, shared objects, and other resources can be shared with the host system; this also means they provide " +"thinner isolation." +msgstr "" + +#. type: table +#: doc/guix.texi:20501 +msgid "" +"Currently, the script must be run as root in order to support more than a single user and group. The container shares its store " +"with the host system." +msgstr "" + +#. type: table +#: doc/guix.texi:20505 +msgid "" +"As with the @code{vm} action (@pxref{guix system vm}), additional file systems to be shared between the host and container can be " +"specified using the @option{--share} and @option{--expose} options:" +msgstr "" + +#. type: example +#: doc/guix.texi:20509 +#, no-wrap +msgid "" +"guix system container my-config.scm \\\n" +" --expose=$HOME --share=$HOME/tmp=/exchange\n" +msgstr "" + +#. type: quotation +#: doc/guix.texi:20513 +msgid "This option requires Linux-libre 3.19 or newer." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20520 +msgid "" +"@var{options} can contain any of the common build options (@pxref{Common Build Options}). In addition, @var{options} can contain " +"one of the following:" +msgstr "" + +#. type: table +#: doc/guix.texi:20529 +msgid "" +"Consider the operating-system @var{expr} evaluates to. This is an alternative to specifying a file which evaluates to an operating " +"system. This is used to generate the GuixSD installer @pxref{Building the Installation Image})." +msgstr "" + +#. type: table +#: doc/guix.texi:20534 +msgid "" +"Attempt to build for @var{system} instead of the host system type. This works as per @command{guix build} (@pxref{Invoking guix " +"build})." +msgstr "" + +#. type: item +#: doc/guix.texi:20535 +#, no-wrap +msgid "--derivation" +msgstr "" + +#. type: table +#: doc/guix.texi:20539 +msgid "Return the derivation file name of the given operating system without building anything." +msgstr "" + +#. type: item +#: doc/guix.texi:20540 +#, no-wrap +msgid "--file-system-type=@var{type}" +msgstr "" + +#. type: table +#: doc/guix.texi:20544 +msgid "For the @code{disk-image} action, create a file system of the given @var{type} on the image." +msgstr "" + +#. type: table +#: doc/guix.texi:20546 +msgid "When this option is omitted, @command{guix system} uses @code{ext4}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20547 +#, no-wrap +msgid "ISO-9660 format" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20548 +#, no-wrap +msgid "CD image format" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20549 +#, no-wrap +msgid "DVD image format" +msgstr "" + +#. type: table +#: doc/guix.texi:20552 +msgid "@code{--file-system-type=iso9660} produces an ISO-9660 image, suitable for burning on CDs and DVDs." +msgstr "" + +#. type: item +#: doc/guix.texi:20553 +#, no-wrap +msgid "--image-size=@var{size}" +msgstr "" + +#. type: table +#: doc/guix.texi:20558 +msgid "" +"For the @code{vm-image} and @code{disk-image} actions, create an image of the given @var{size}. @var{size} may be a number of " +"bytes, or it may include a unit as a suffix (@pxref{Block size, size specifications,, coreutils, GNU Coreutils})." +msgstr "" + +#. type: table +#: doc/guix.texi:20562 +msgid "" +"When this option is omitted, @command{guix system} computes an estimate of the image size as a function of the size of the system " +"declared in @var{file}." +msgstr "" + +#. type: item +#: doc/guix.texi:20568 +#, no-wrap +msgid "--skip-checks" +msgstr "--skip-checks" + +#. type: table +#: doc/guix.texi:20570 +msgid "Skip pre-installation safety checks." +msgstr "" + +#. type: table +#: doc/guix.texi:20577 +msgid "" +"By default, @command{guix system init} and @command{guix system reconfigure} perform safety checks: they make sure the file systems " +"that appear in the @code{operating-system} declaration actually exist (@pxref{File Systems}), and that any Linux kernel modules that " +"may be needed at boot time are listed in @code{initrd-modules} (@pxref{Initial RAM Disk}). Passing this option skips these tests " +"altogether." +msgstr "" + +#. type: item +#: doc/guix.texi:20578 +#, no-wrap +msgid "--on-error=@var{strategy}" +msgstr "" + +#. type: table +#: doc/guix.texi:20581 +msgid "Apply @var{strategy} when an error occurs when reading @var{file}. @var{strategy} may be one of the following:" +msgstr "" + +#. type: item +#: doc/guix.texi:20583 +#, no-wrap +msgid "nothing-special" +msgstr "" + +#. type: table +#: doc/guix.texi:20585 +msgid "Report the error concisely and exit. This is the default strategy." +msgstr "" + +#. type: item +#: doc/guix.texi:20586 +#, no-wrap +msgid "backtrace" +msgstr "" + +#. type: table +#: doc/guix.texi:20588 +msgid "Likewise, but also display a backtrace." +msgstr "" + +#. type: item +#: doc/guix.texi:20589 +#, no-wrap +msgid "debug" +msgstr "" + +#. type: table +#: doc/guix.texi:20595 +msgid "" +"Report the error and enter Guile's debugger. From there, you can run commands such as @code{,bt} to get a backtrace, @code{,locals} " +"to display local variable values, and more generally inspect the state of the program. @xref{Debug Commands,,, guile, GNU Guile " +"Reference Manual}, for a list of available debugging commands." +msgstr "" + +#. type: quotation +#: doc/guix.texi:20605 +msgid "" +"All the actions above, except @code{build} and @code{init}, can use KVM support in the Linux-libre kernel. Specifically, if the " +"machine has hardware virtualization support, the corresponding KVM kernel module should be loaded, and the @file{/dev/kvm} device " +"node must exist and be readable and writable by the user and by the build users of the daemon (@pxref{Build Environment Setup})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20611 +msgid "" +"Once you have built, configured, re-configured, and re-re-configured your GuixSD installation, you may find it useful to list the " +"operating system generations available on disk---and that you can choose from the bootloader boot menu:" +msgstr "" + +#. type: item +#: doc/guix.texi:20614 +#, no-wrap +msgid "list-generations" +msgstr "" + +#. type: table +#: doc/guix.texi:20619 +msgid "" +"List a summary of each generation of the operating system available on disk, in a human-readable way. This is similar to the " +"@option{--list-generations} option of @command{guix package} (@pxref{Invoking guix package})." +msgstr "" + +#. type: table +#: doc/guix.texi:20624 +msgid "" +"Optionally, one can specify a pattern, with the same syntax that is used in @command{guix package --list-generations}, to restrict " +"the list of generations displayed. For instance, the following command displays generations that are up to 10 days old:" +msgstr "" + +#. type: example +#: doc/guix.texi:20627 +#, no-wrap +msgid "$ guix system list-generations 10d\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20634 +msgid "" +"The @command{guix system} command has even more to offer! The following sub-commands allow you to visualize how your system services " +"relate to each other:" +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:20636 +msgid "system-extension-graph" +msgstr "" + +#. type: item +#: doc/guix.texi:20638 +#, no-wrap +msgid "extension-graph" +msgstr "" + +#. type: table +#: doc/guix.texi:20643 +msgid "" +"Emit in Dot/Graphviz format to standard output the @dfn{service extension graph} of the operating system defined in @var{file} " +"(@pxref{Service Composition}, for more information on service extensions.)" +msgstr "" + +#. type: table +#: doc/guix.texi:20645 +msgid "The command:" +msgstr "" + +#. type: example +#: doc/guix.texi:20648 +#, no-wrap +msgid "$ guix system extension-graph @var{file} | dot -Tpdf > services.pdf\n" +msgstr "" + +#. type: table +#: doc/guix.texi:20651 +msgid "produces a PDF file showing the extension relations among services." +msgstr "" + +#. type: anchor{#1} +#: doc/guix.texi:20653 +msgid "system-shepherd-graph" +msgstr "" + +#. type: item +#: doc/guix.texi:20653 +#, no-wrap +msgid "shepherd-graph" +msgstr "" + +#. type: table +#: doc/guix.texi:20658 +msgid "" +"Emit in Dot/Graphviz format to standard output the @dfn{dependency graph} of shepherd services of the operating system defined in " +"@var{file}. @xref{Shepherd Services}, for more information and for an example graph." +msgstr "" + +#. type: subsection +#: doc/guix.texi:20662 +#, no-wrap +msgid "Running GuixSD in a Virtual Machine" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20672 +msgid "" +"To run GuixSD in a virtual machine (VM), one can either use the pre-built GuixSD VM image distributed at @indicateurl{ftp://alpha." +"gnu.org/guix/guixsd-vm-image-@value{VERSION}.@var{system}.tar.xz} , or build their own virtual machine image using @command{guix " +"system vm-image} (@pxref{Invoking guix system}). The returned image is in qcow2 format, which the @uref{http://qemu.org/, QEMU " +"emulator} can efficiently use." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20673 +#, no-wrap +msgid "QEMU" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20680 +msgid "" +"If you built your own image, you must copy it out of the store (@pxref{The Store}) and give yourself permission to write to the copy " +"before you can use it. When invoking QEMU, you must choose a system emulator that is suitable for your hardware platform. Here is " +"a minimal QEMU invocation that will boot the result of @command{guix system vm-image} on x86_64 hardware:" +msgstr "" + +#. type: example +#: doc/guix.texi:20685 +#, no-wrap +msgid "" +"$ qemu-system-x86_64 \\\n" +" -net user -net nic,model=virtio \\\n" +" -enable-kvm -m 256 /tmp/qemu-image\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20688 +msgid "Here is what each of these options means:" +msgstr "" + +#. type: item +#: doc/guix.texi:20690 +#, no-wrap +msgid "qemu-system-x86_64" +msgstr "" + +#. type: table +#: doc/guix.texi:20693 +msgid "This specifies the hardware platform to emulate. This should match the host." +msgstr "" + +#. type: item +#: doc/guix.texi:20694 +#, no-wrap +msgid "-net user" +msgstr "" + +#. type: table +#: doc/guix.texi:20698 +msgid "" +"Enable the unprivileged user-mode network stack. The guest OS can access the host but not vice versa. This is the simplest way to " +"get the guest OS online." +msgstr "" + +#. type: item +#: doc/guix.texi:20699 +#, no-wrap +msgid "-net nic,model=virtio" +msgstr "" + +#. type: table +#: doc/guix.texi:20704 +msgid "" +"You must create a network interface of a given model. If you do not create a NIC, the boot will fail. Assuming your hardware " +"platform is x86_64, you can get a list of available NIC models by running @command{qemu-system-x86_64 -net nic,model=help}." +msgstr "" + +#. type: item +#: doc/guix.texi:20705 +#, no-wrap +msgid "-enable-kvm" +msgstr "" + +#. type: table +#: doc/guix.texi:20709 +msgid "" +"If your system has hardware virtualization extensions, enabling the virtual machine support (KVM) of the Linux kernel will make " +"things run faster." +msgstr "" + +#. type: item +#: doc/guix.texi:20710 +#, no-wrap +msgid "-m 256" +msgstr "" + +#. type: table +#: doc/guix.texi:20713 +msgid "RAM available to the guest OS, in mebibytes. Defaults to 128@tie{}MiB, which may be insufficient for some operations." +msgstr "" + +#. type: item +#: doc/guix.texi:20714 +#, no-wrap +msgid "/tmp/qemu-image" +msgstr "" + +#. type: table +#: doc/guix.texi:20716 +msgid "The file name of the qcow2 image." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20726 +msgid "" +"The default @command{run-vm.sh} script that is returned by an invocation of @command{guix system vm} does not add a @command{-net " +"user} flag by default. To get network access from within the vm add the @code{(dhcp-client-service)} to your system definition and " +"start the VM using @command{`guix system vm config.scm` -net user}. An important caveat of using @command{-net user} for networking " +"is that @command{ping} will not work, because it uses the ICMP protocol. You'll have to use a different command to check for " +"network connectivity, for example @command{guix download}." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:20727 +#, no-wrap +msgid "Connecting Through SSH" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20736 +msgid "" +"To enable SSH inside a VM you need to add a SSH server like @code{(dropbear-service)} or @code{(lsh-service)} to your VM. The " +"@code{(lsh-service}) doesn't currently boot unsupervised. It requires you to type some characters to initialize the randomness " +"generator. In addition you need to forward the SSH port, 22 by default, to the host. You can do this with" +msgstr "" + +#. type: example +#: doc/guix.texi:20739 +#, no-wrap +msgid "`guix system vm config.scm` -net user,hostfwd=tcp::10022-:22\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20742 +msgid "To connect to the VM you can run" +msgstr "" + +#. type: example +#: doc/guix.texi:20745 +#, no-wrap +msgid "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 10022\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20752 +msgid "" +"The @command{-p} tells @command{ssh} the port you want to connect to. @command{-o UserKnownHostsFile=/dev/null} prevents " +"@command{ssh} from complaining every time you modify your @command{config.scm} file and the @command{-o StrictHostKeyChecking=no} " +"prevents you from having to allow a connection to an unknown host every time you connect." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:20753 +#, no-wrap +msgid "Using @command{virt-viewer} with Spice" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20759 +msgid "" +"As an alternative to the default @command{qemu} graphical client you can use the @command{remote-viewer} from the @command{virt-" +"viewer} package. To connect pass the @command{-spice port=5930,disable-ticketing} flag to @command{qemu}. See previous section for " +"further information on how to do this." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20762 +msgid "" +"Spice also allows you to do some nice stuff like share your clipboard with your VM. To enable that you'll also have to pass the " +"following flags to @command{qemu}:" +msgstr "" + +#. type: example +#: doc/guix.texi:20768 +#, no-wrap +msgid "" +"-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5\n" +"-chardev spicevmc,name=vdagent,id=vdagent\n" +"-device virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent,\n" +"name=com.redhat.spice.0\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20771 +msgid "You'll also need to add the @pxref{Miscellaneous Services, Spice service}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20778 +msgid "" +"The previous sections show the available services and how one can combine them in an @code{operating-system} declaration. But how " +"do we define them in the first place? And what is a service anyway?" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20790 +#, no-wrap +msgid "daemons" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20803 +msgid "" +"Here we define a @dfn{service} as, broadly, something that extends the functionality of the operating system. Often a service is a " +"process---a @dfn{daemon}---started when the system boots: a secure shell server, a Web server, the Guix build daemon, etc. " +"Sometimes a service is a daemon whose execution can be triggered by another daemon---e.g., an FTP server started by @command{inetd} " +"or a D-Bus service activated by @command{dbus-daemon}. Occasionally, a service does not map to a daemon. For instance, the " +"``account'' service collects user accounts and makes sure they exist when the system runs; the ``udev'' service collects device " +"management rules and makes them available to the eudev daemon; the @file{/etc} service populates the @file{/etc} directory of the " +"system." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20804 +#, no-wrap +msgid "service extensions" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20816 +msgid "" +"GuixSD services are connected by @dfn{extensions}. For instance, the secure shell service @emph{extends} the Shepherd---the GuixSD " +"initialization system, running as PID@tie{}1---by giving it the command lines to start and stop the secure shell daemon " +"(@pxref{Networking Services, @code{lsh-service}}); the UPower service extends the D-Bus service by passing it its @file{.service} " +"specification, and extends the udev service by passing it device management rules (@pxref{Desktop Services, @code{upower-service}}); " +"the Guix daemon service extends the Shepherd by passing it the command lines to start and stop the daemon, and extends the account " +"service by passing it a list of required build user accounts (@pxref{Base Services})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20820 +msgid "" +"All in all, services and their ``extends'' relations form a directed acyclic graph (DAG). If we represent services as boxes and " +"extensions as arrows, a typical system might provide something like this:" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20822 +msgid "@image{images/service-graph,,5in,Typical service extension graph.}" +msgstr "" + +#. type: cindex +#: doc/guix.texi:20823 +#, no-wrap +msgid "system service" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20831 +msgid "" +"At the bottom, we see the @dfn{system service}, which produces the directory containing everything to run and boot the system, as " +"returned by the @command{guix system build} command. @xref{Service Reference}, to learn about the other service types shown here. " +"@xref{system-extension-graph, the @command{guix system extension-graph} command}, for information on how to generate this " +"representation for a particular operating system definition." +msgstr "" + +#. type: cindex +#: doc/guix.texi:20832 +#, no-wrap +msgid "service types" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20838 +msgid "" +"Technically, developers can define @dfn{service types} to express these relations. There can be any number of services of a given " +"type on the system---for instance, a system running two instances of the GNU secure shell server (lsh) has two instances of @var{lsh-" +"service-type}, with different parameters." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20841 +msgid "The following section describes the programming interface for service types and services." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20848 +msgid "" +"A @dfn{service type} is a node in the DAG described above. Let us start with a simple example, the service type for the Guix build " +"daemon (@pxref{Invoking guix-daemon}):" +msgstr "" + +#. type: example +#: doc/guix.texi:20858 +#, no-wrap +msgid "" +"(define guix-service-type\n" +" (service-type\n" +" (name 'guix)\n" +" (extensions\n" +" (list (service-extension shepherd-root-service-type guix-shepherd-service)\n" +" (service-extension account-service-type guix-accounts)\n" +" (service-extension activation-service-type guix-activation)))\n" +" (default-value (guix-configuration))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20862 +msgid "It defines three things:" +msgstr "" + +#. type: enumerate +#: doc/guix.texi:20866 +msgid "A name, whose sole purpose is to make inspection and debugging easier." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:20871 +msgid "" +"A list of @dfn{service extensions}, where each extension designates the target service type and a procedure that, given the " +"parameters of the service, returns a list of objects to extend the service of that type." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:20874 +msgid "" +"Every service type has at least one service extension. The only exception is the @dfn{boot service type}, which is the ultimate " +"service." +msgstr "" + +#. type: enumerate +#: doc/guix.texi:20877 +msgid "Optionally, a default value for instances of this type." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20880 +msgid "In this example, @var{guix-service-type} extends three services:" +msgstr "" + +#. type: item +#: doc/guix.texi:20882 +#, no-wrap +msgid "shepherd-root-service-type" +msgstr "" + +#. type: table +#: doc/guix.texi:20887 +msgid "" +"The @var{guix-shepherd-service} procedure defines how the Shepherd service is extended. Namely, it returns a @code{} object that defines how @command{guix-daemon} is started and stopped (@pxref{Shepherd Services})." +msgstr "" + +#. type: item +#: doc/guix.texi:20888 +#, no-wrap +msgid "account-service-type" +msgstr "" + +#. type: table +#: doc/guix.texi:20893 +msgid "" +"This extension for this service is computed by @var{guix-accounts}, which returns a list of @code{user-group} and @code{user-" +"account} objects representing the build user accounts (@pxref{Invoking guix-daemon})." +msgstr "" + +#. type: item +#: doc/guix.texi:20894 +#, no-wrap +msgid "activation-service-type" +msgstr "" + +#. type: table +#: doc/guix.texi:20898 +msgid "" +"Here @var{guix-activation} is a procedure that returns a gexp, which is a code snippet to run at ``activation time''---e.g., when " +"the service is booted." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20901 +msgid "A service of this type is instantiated like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:20907 +#, no-wrap +msgid "" +"(service guix-service-type\n" +" (guix-configuration\n" +" (build-accounts 5)\n" +" (use-substitutes? #f)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20915 +msgid "" +"The second argument to the @code{service} form is a value representing the parameters of this specific service instance. @xref{guix-" +"configuration-type, @code{guix-configuration}}, for information about the @code{guix-configuration} data type. When the value is " +"omitted, the default value specified by @code{guix-service-type} is used:" +msgstr "" + +#. type: example +#: doc/guix.texi:20918 +#, no-wrap +msgid "(service guix-service-type)\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20922 +msgid "@var{guix-service-type} is quite simple because it extends other services but is not extensible itself." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20926 +msgid "The service type for an @emph{extensible} service looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:20933 +#, no-wrap +msgid "" +"(define udev-service-type\n" +" (service-type (name 'udev)\n" +" (extensions\n" +" (list (service-extension shepherd-root-service-type\n" +" udev-shepherd-service)))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:20941 +#, no-wrap +msgid "" +" (compose concatenate) ;concatenate the list of rules\n" +" (extend (lambda (config rules)\n" +" (match config\n" +" (($ udev initial-rules)\n" +" (udev-configuration\n" +" (udev udev) ;the udev package to use\n" +" (rules (append initial-rules rules)))))))))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20947 +msgid "" +"This is the service type for the @uref{https://wiki.gentoo.org/wiki/Project:Eudev, eudev device management daemon}. Compared to the " +"previous example, in addition to an extension of @var{shepherd-root-service-type}, we see two new fields:" +msgstr "" + +#. type: item +#: doc/guix.texi:20949 +#, no-wrap +msgid "compose" +msgstr "" + +#. type: table +#: doc/guix.texi:20952 +msgid "This is the procedure to @dfn{compose} the list of extensions to services of this type." +msgstr "" + +#. type: table +#: doc/guix.texi:20955 +msgid "Services can extend the udev service by passing it lists of rules; we compose those extensions simply by concatenating them." +msgstr "" + +#. type: item +#: doc/guix.texi:20956 +#, no-wrap +msgid "extend" +msgstr "" + +#. type: table +#: doc/guix.texi:20959 +msgid "This procedure defines how the value of the service is @dfn{extended} with the composition of the extensions." +msgstr "" + +#. type: table +#: doc/guix.texi:20964 +msgid "" +"Udev extensions are composed into a list of rules, but the udev service value is itself a @code{} record. So " +"here, we extend that record by appending the list of rules it contains to the list of contributed rules." +msgstr "" + +#. type: table +#: doc/guix.texi:20970 +msgid "" +"This is a string giving an overview of the service type. The string can contain Texinfo markup (@pxref{Overview,,, texinfo, GNU " +"Texinfo}). The @command{guix system search} command searches these strings and displays them (@pxref{Invoking guix system})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20975 +msgid "" +"There can be only one instance of an extensible service type such as @var{udev-service-type}. If there were more, the @code{service-" +"extension} specifications would be ambiguous." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20978 +msgid "Still here? The next section provides a reference of the programming interface for services." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:20986 +msgid "" +"We have seen an overview of service types (@pxref{Service Types and Services}). This section provides a reference on how to " +"manipulate services and service types. This interface is provided by the @code{(gnu services)} module." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20987 +#, no-wrap +msgid "{Scheme Procedure} service @var{type} [@var{value}]" +msgstr "" + +#. type: deffn +#: doc/guix.texi:20991 +msgid "" +"Return a new service of @var{type}, a @code{} object (see below.) @var{value} can be any object; it represents the " +"parameters of this particular service instance." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20995 +msgid "" +"When @var{value} is omitted, the default value specified by @var{type} is used; if @var{type} does not specify a default value, an " +"error is raised." +msgstr "" + +#. type: deffn +#: doc/guix.texi:20997 +msgid "For instance, this:" +msgstr "" + +#. type: example +#: doc/guix.texi:21000 +#, no-wrap +msgid "(service openssh-service-type)\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21004 +msgid "is equivalent to this:" +msgstr "" + +#. type: example +#: doc/guix.texi:21008 +#, no-wrap +msgid "" +"(service openssh-service-type\n" +" (openssh-configuration))\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21012 +msgid "In both cases the result is an instance of @code{openssh-service-type} with the default configuration." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21014 +#, no-wrap +msgid "{Scheme Procedure} service? @var{obj}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21016 +msgid "Return true if @var{obj} is a service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21018 +#, no-wrap +msgid "{Scheme Procedure} service-kind @var{service}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21020 +msgid "Return the type of @var{service}---i.e., a @code{} object." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21022 +#, no-wrap +msgid "{Scheme Procedure} service-value @var{service}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21025 +msgid "Return the value associated with @var{service}. It represents its parameters." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21028 +msgid "Here is an example of how a service is created and manipulated:" +msgstr "" + +#. type: example +#: doc/guix.texi:21037 +#, no-wrap +msgid "" +"(define s\n" +" (service nginx-service-type\n" +" (nginx-configuration\n" +" (nginx nginx)\n" +" (log-directory log-directory)\n" +" (run-directory run-directory)\n" +" (file config-file))))\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:21040 +#, no-wrap +msgid "" +"(service? s)\n" +"@result{} #t\n" +"\n" +msgstr "" + +#. type: example +#: doc/guix.texi:21043 +#, no-wrap +msgid "" +"(eq? (service-kind s) nginx-service-type)\n" +"@result{} #t\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21053 +msgid "" +"The @code{modify-services} form provides a handy way to change the parameters of some of the services of a list such as @var{%base-" +"services} (@pxref{Base Services, @code{%base-services}}). It evaluates to a list of services. Of course, you could always use " +"standard list combinators such as @code{map} and @code{fold} to do that (@pxref{SRFI-1, List Library,, guile, GNU Guile Reference " +"Manual}); @code{modify-services} simply provides a more concise form for this common pattern." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21054 +#, no-wrap +msgid "{Scheme Syntax} modify-services @var{services} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21056 +msgid "(@var{type} @var{variable} => @var{body}) @dots{}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21059 +msgid "Modify the services listed in @var{services} according to the given clauses. Each clause has the form:" +msgstr "" + +#. type: example +#: doc/guix.texi:21062 +#, no-wrap +msgid "(@var{type} @var{variable} => @var{body})\n" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21069 +msgid "" +"where @var{type} is a service type---e.g., @code{guix-service-type}---and @var{variable} is an identifier that is bound within the " +"@var{body} to the service parameters---e.g., a @code{guix-configuration} instance---of the original service of that @var{type}." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21076 +msgid "" +"The @var{body} should evaluate to the new service parameters, which will be used to configure the new service. This new service " +"will replace the original in the resulting list. Because a service's service parameters are created using @code{define-record-" +"type*}, you can write a succinct @var{body} that evaluates to the new service parameters by using the @code{inherit} feature that " +"@code{define-record-type*} provides." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21078 +msgid "@xref{Using the Configuration System}, for example usage." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21085 +msgid "" +"Next comes the programming interface for service types. This is something you want to know when writing new service definitions, " +"but not necessarily when simply looking for ways to customize your @code{operating-system} declaration." +msgstr "" + +#. type: deftp +#: doc/guix.texi:21086 +#, no-wrap +msgid "{Data Type} service-type" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21087 +#, no-wrap +msgid "service type" +msgstr "" + +#. type: deftp +#: doc/guix.texi:21090 +msgid "This is the representation of a @dfn{service type} (@pxref{Service Types and Services})." +msgstr "" + +#. type: table +#: doc/guix.texi:21094 +msgid "This is a symbol, used only to simplify inspection and debugging." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:21095 +#, no-wrap +msgid "extensions" +msgstr "" + +#. type: table +#: doc/guix.texi:21097 +msgid "A non-empty list of @code{} objects (see below)." +msgstr "" + +#. type: item +#: doc/guix.texi:21098 +#, no-wrap +msgid "@code{compose} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:21102 +msgid "" +"If this is @code{#f}, then the service type denotes services that cannot be extended---i.e., services that do not receive ``values'' " +"from other services." +msgstr "" + +#. type: table +#: doc/guix.texi:21106 +msgid "" +"Otherwise, it must be a one-argument procedure. The procedure is called by @code{fold-services} and is passed a list of values " +"collected from extensions. It may return any single value." +msgstr "" + +#. type: item +#: doc/guix.texi:21107 +#, no-wrap +msgid "@code{extend} (default: @code{#f})" +msgstr "" + +#. type: table +#: doc/guix.texi:21109 +msgid "If this is @code{#f}, services of this type cannot be extended." +msgstr "" + +#. type: table +#: doc/guix.texi:21115 +msgid "" +"Otherwise, it must be a two-argument procedure: @code{fold-services} calls it, passing it the initial value of the service as the " +"first argument and the result of applying @code{compose} to the extension values as the second argument. It must return a value " +"that is a valid parameter value for the service instance." +msgstr "" + +#. type: deftp +#: doc/guix.texi:21118 +msgid "@xref{Service Types and Services}, for examples." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21120 +#, no-wrap +msgid "{Scheme Procedure} service-extension @var{target-type} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21126 +msgid "" +"@var{compute} Return a new extension for services of type @var{target-type}. @var{compute} must be a one-argument procedure: " +"@code{fold-services} calls it, passing it the value associated with the service that provides the extension; it must return a valid " +"value for the target service." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21128 +#, no-wrap +msgid "{Scheme Procedure} service-extension? @var{obj}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21130 +msgid "Return true if @var{obj} is a service extension." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21136 +msgid "" +"Occasionally, you might want to simply extend an existing service. This involves creating a new service type and specifying the " +"extension of interest, which can be verbose; the @code{simple-service} procedure provides a shorthand for this." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21137 +#, no-wrap +msgid "{Scheme Procedure} simple-service @var{name} @var{target} @var{value}" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21141 +msgid "" +"Return a service that extends @var{target} with @var{value}. This works by creating a singleton service type @var{name}, of which " +"the returned service is an instance." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21144 +msgid "For example, this extends mcron (@pxref{Scheduled Job Execution}) with an additional job:" +msgstr "" + +#. type: example +#: doc/guix.texi:21148 +#, no-wrap +msgid "" +"(simple-service 'my-mcron-job mcron-service-type\n" +" #~(job '(next-hour (3)) \"guix gc -F 2G\"))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21158 +msgid "" +"At the core of the service abstraction lies the @code{fold-services} procedure, which is responsible for ``compiling'' a list of " +"services down to a single directory that contains everything needed to boot and run the system---the directory shown by the " +"@command{guix system build} command (@pxref{Invoking guix system}). In essence, it propagates service extensions down the service " +"graph, updating each node parameters on the way, until it reaches the root node." +msgstr "" + +#. type: deffn +#: doc/guix.texi:21159 +#, no-wrap +msgid "{Scheme Procedure} fold-services @var{services} @" +msgstr "" + +#. type: deffn +#: doc/guix.texi:21163 +msgid "" +"[#:target-type @var{system-service-type}] Fold @var{services} by propagating their extensions down to the root of type @var{target-" +"type}; return the root service adjusted accordingly." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21167 +msgid "Lastly, the @code{(gnu services)} module also defines several essential service types, some of which are listed below." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21168 +#, no-wrap +msgid "{Scheme Variable} system-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21171 +msgid "" +"This is the root of the service graph. It produces the system directory as returned by the @command{guix system build} command." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21173 +#, no-wrap +msgid "{Scheme Variable} boot-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21176 +msgid "" +"The type of the ``boot service'', which produces the @dfn{boot script}. The boot script is what the initial RAM disk runs when " +"booting." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21178 +#, no-wrap +msgid "{Scheme Variable} etc-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21182 +msgid "" +"The type of the @file{/etc} service. This service is used to create files under @file{/etc} and can be extended by passing it name/" +"file tuples such as:" +msgstr "" + +#. type: example +#: doc/guix.texi:21185 +#, no-wrap +msgid "(list `(\"issue\" ,(plain-file \"issue\" \"Welcome!\\n\")))\n" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21189 +msgid "In this example, the effect would be to add an @file{/etc/issue} file pointing to the given file." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21191 +#, no-wrap +msgid "{Scheme Variable} setuid-program-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21195 +msgid "" +"Type for the ``setuid-program service''. This service collects lists of executable file names, passed as gexps, and adds them to " +"the set of setuid-root programs on the system (@pxref{Setuid Programs})." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21197 +#, no-wrap +msgid "{Scheme Variable} profile-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21201 +msgid "" +"Type of the service that populates the @dfn{system profile}---i.e., the programs under @file{/run/current-system/profile}. Other " +"services can extend it by passing it lists of packages to add to the system profile." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21207 +#, no-wrap +msgid "shepherd services" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21208 +#, no-wrap +msgid "PID 1" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21209 +#, no-wrap +msgid "init system" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21215 +msgid "" +"The @code{(gnu services shepherd)} module provides a way to define services managed by the GNU@tie{}Shepherd, which is the GuixSD " +"initialization system---the first process that is started when the system boots, also known as PID@tie{}1 (@pxref{Introduction,,, " +"shepherd, The GNU Shepherd Manual})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21221 +msgid "" +"Services in the Shepherd can depend on each other. For instance, the SSH daemon may need to be started after the syslog daemon has " +"been started, which in turn can only happen once all the file systems have been mounted. The simple operating system defined " +"earlier (@pxref{Using the Configuration System}) results in a service graph like this:" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21223 +msgid "@image{images/shepherd-graph,,5in,Typical shepherd service graph.}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21227 +msgid "" +"You can actually generate such a graph for any operating system definition using the @command{guix system shepherd-graph} command " +"(@pxref{system-shepherd-graph, @command{guix system shepherd-graph}})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21231 +msgid "" +"The @var{%shepherd-root-service} is a service object representing PID@tie{}1, of type @var{shepherd-root-service-type}; it can be " +"extended by passing it lists of @code{} objects." +msgstr "" + +#. type: deftp +#: doc/guix.texi:21232 +#, no-wrap +msgid "{Data Type} shepherd-service" +msgstr "" + +#. type: deftp +#: doc/guix.texi:21234 +msgid "The data type representing a service managed by the Shepherd." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:21236 +#, no-wrap +msgid "provision" +msgstr "" + +#. type: table +#: doc/guix.texi:21238 +msgid "This is a list of symbols denoting what the service provides." +msgstr "" + +#. type: table +#: doc/guix.texi:21243 +msgid "" +"These are the names that may be passed to @command{herd start}, @command{herd status}, and similar commands (@pxref{Invoking herd,,, " +"shepherd, The GNU Shepherd Manual}). @xref{Slots of services, the @code{provides} slot,, shepherd, The GNU Shepherd Manual}, for " +"details." +msgstr "" + +#. type: item +#: doc/guix.texi:21244 +#, no-wrap +msgid "@code{requirements} (default: @code{'()})" +msgstr "" + +#. type: table +#: doc/guix.texi:21246 +msgid "List of symbols denoting the Shepherd services this one depends on." +msgstr "" + +#. type: item +#: doc/guix.texi:21247 +#, no-wrap +msgid "@code{respawn?} (default: @code{#t})" +msgstr "" + +#. type: table +#: doc/guix.texi:21250 +msgid "Whether to restart the service when it stops, for instance when the underlying process dies." +msgstr "" + +#. type: code{#1} +#: doc/guix.texi:21251 +#, no-wrap +msgid "start" +msgstr "" + +#. type: itemx +#: doc/guix.texi:21252 +#, no-wrap +msgid "@code{stop} (default: @code{#~(const #f)})" +msgstr "" + +#. type: table +#: doc/guix.texi:21258 +msgid "" +"The @code{start} and @code{stop} fields refer to the Shepherd's facilities to start and stop processes (@pxref{Service De- and " +"Constructors,,, shepherd, The GNU Shepherd Manual}). They are given as G-expressions that get expanded in the Shepherd " +"configuration file (@pxref{G-Expressions})." +msgstr "" + +#. type: table +#: doc/guix.texi:21261 +msgid "A documentation string, as shown when running:" +msgstr "" + +#. type: example +#: doc/guix.texi:21264 +#, no-wrap +msgid "herd doc @var{service-name}\n" +msgstr "" + +#. type: table +#: doc/guix.texi:21268 +msgid "where @var{service-name} is one of the symbols in @var{provision} (@pxref{Invoking herd,,, shepherd, The GNU Shepherd Manual})." +msgstr "" + +#. type: item +#: doc/guix.texi:21269 +#, no-wrap +msgid "@code{modules} (default: @var{%default-modules})" +msgstr "" + +#. type: table +#: doc/guix.texi:21272 +msgid "This is the list of modules that must be in scope when @code{start} and @code{stop} are evaluated." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21276 +#, no-wrap +msgid "{Scheme Variable} shepherd-root-service-type" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21278 +msgid "The service type for the Shepherd ``root service''---i.e., PID@tie{}1." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21282 +msgid "" +"This is the service type that extensions target when they want to create shepherd services (@pxref{Service Types and Services}, for " +"an example). Each extension must pass a list of @code{}." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21284 +#, no-wrap +msgid "{Scheme Variable} %shepherd-root-service" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21286 +msgid "This service represents PID@tie{}1." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21292 +#, no-wrap +msgid "documentation, searching for" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21293 +#, no-wrap +msgid "searching for documentation" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21294 +#, no-wrap +msgid "Info, documentation format" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21295 +#, no-wrap +msgid "man pages" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21296 +#, no-wrap +msgid "manual pages" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21303 +msgid "" +"In most cases packages installed with Guix come with documentation. There are two main documentation formats: ``Info'', a " +"browseable hypertext format used for GNU software, and ``manual pages'' (or ``man pages''), the linear documentation format " +"traditionally found on Unix. Info manuals are accessed with the @command{info} command or with Emacs, and man pages are accessed " +"using @command{man}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21307 +msgid "" +"You can look for documentation of software installed on your system by keyword. For example, the following command searches for " +"information about ``TLS'' in Info manuals:" +msgstr "" + +#. type: example +#: doc/guix.texi:21315 +#, no-wrap +msgid "" +"$ info -k TLS\n" +"\"(emacs)Network Security\" -- STARTTLS\n" +"\"(emacs)Network Security\" -- TLS\n" +"\"(gnutls)Core TLS API\" -- gnutls_certificate_set_verify_flags\n" +"\"(gnutls)Core TLS API\" -- gnutls_certificate_set_verify_function\n" +"@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21319 +msgid "The command below searches for the same keyword in man pages:" +msgstr "" + +#. type: example +#: doc/guix.texi:21325 +#, no-wrap +msgid "" +"$ man -k TLS\n" +"SSL (7) - OpenSSL SSL/TLS library\n" +"certtool (1) - GnuTLS certificate tool\n" +"@dots {}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21331 +msgid "" +"These searches are purely local to your computer so you have the guarantee that documentation you find corresponds to what you have " +"actually installed, you can access it off-line, and your privacy is respected." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21334 +msgid "Once you have these results, you can view the relevant documentation by running, say:" +msgstr "" + +#. type: example +#: doc/guix.texi:21337 +#, no-wrap +msgid "$ info \"(gnutls)Core TLS API\"\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21341 +msgid "or:" +msgstr "" + +#. type: example +#: doc/guix.texi:21344 +#, no-wrap +msgid "$ man certtool\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21352 +msgid "" +"Info manuals contain sections and indices as well as hyperlinks like those found in Web pages. The @command{info} reader " +"(@pxref{Top, Info reader,, info-stnd, Stand-alone GNU Info}) and its Emacs counterpart (@pxref{Misc Help,,, emacs, The GNU Emacs " +"Manual}) provide intuitive key bindings to navigate manuals. @xref{Getting Started,,, info, Info: An Introduction}, for an " +"introduction to Info navigation." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21356 +#, no-wrap +msgid "debugging files" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21362 +msgid "" +"Program binaries, as produced by the GCC compilers for instance, are typically written in the ELF format, with a section containing " +"@dfn{debugging information}. Debugging information is what allows the debugger, GDB, to map binary code to source code; it is " +"required to debug a compiled program in good conditions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21370 +msgid "" +"The problem with debugging information is that is takes up a fair amount of disk space. For example, debugging information for the " +"GNU C Library weighs in at more than 60 MiB. Thus, as a user, keeping all the debugging info of all the installed programs is " +"usually not an option. Yet, space savings should not come at the cost of an impediment to debugging---especially in the GNU system, " +"which should make it easier for users to exert their computing freedom (@pxref{GNU Distribution})." +msgstr "" +"Le problème avec les informations de débogage est qu'elles prennent pas mal de place sur le disque. Par exemple, les informations de " +"débogage de la bibliothèque C de GNU prend plus de 60 Mo. Ainsi, en tant qu'utilisateur, garder toutes les informations de débogage " +"de tous les programmes installés n'est souvent pas une possibilité. Cependant, l'économie d'espace ne devrait pas empêcher le " +"débogage — en particulier, dans le système GNU, qui devrait faciliter pour ses utilisateurs l'exercice de leurs libertés " +"(@pxref{Distribution GNU})." + +#. type: Plain text +#: doc/guix.texi:21377 +msgid "" +"Thankfully, the GNU Binary Utilities (Binutils) and GDB provide a mechanism that allows users to get the best of both worlds: " +"debugging information can be stripped from the binaries and stored in separate files. GDB is then able to load debugging " +"information from those files, when they are available (@pxref{Separate Debug Files,,, gdb, Debugging with GDB})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21385 +msgid "" +"The GNU distribution takes advantage of this by storing debugging information in the @code{lib/debug} sub-directory of a separate " +"package output unimaginatively called @code{debug} (@pxref{Packages with Multiple Outputs}). Users can choose to install the " +"@code{debug} output of a package when they need it. For instance, the following command installs the debugging information for the " +"GNU C Library and for GNU Guile:" +msgstr "" + +#. type: example +#: doc/guix.texi:21388 +#, no-wrap +msgid "guix package -i glibc:debug guile:debug\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21394 +msgid "" +"GDB must then be told to look for debug files in the user's profile, by setting the @code{debug-file-directory} variable (consider " +"setting it from the @file{~/.gdbinit} file, @pxref{Startup,,, gdb, Debugging with GDB}):" +msgstr "" + +#. type: example +#: doc/guix.texi:21397 +#, no-wrap +msgid "(gdb) set debug-file-directory ~/.guix-profile/lib/debug\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21401 +msgid "From there on, GDB will pick up debugging information from the @code{.debug} files under @file{~/.guix-profile/lib/debug}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21408 +msgid "" +"In addition, you will most likely want GDB to be able to show the source code being debugged. To do that, you will have to unpack " +"the source code of the package of interest (obtained with @code{guix build --source}, @pxref{Invoking guix build}), and to point GDB " +"to that source directory using the @code{directory} command (@pxref{Source Path, @code{directory},, gdb, Debugging with GDB})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21417 +msgid "" +"The @code{debug} output mechanism in Guix is implemented by the @code{gnu-build-system} (@pxref{Build Systems}). Currently, it is " +"opt-in---debugging information is available only for the packages with definitions explicitly declaring a @code{debug} output. This " +"may be changed to opt-out in the future if our build farm servers can handle the load. To check whether a package has a " +"@code{debug} output, use @command{guix package --list-available} (@pxref{Invoking guix package})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21422 +#, no-wrap +msgid "security updates" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21431 +msgid "" +"Occasionally, important security vulnerabilities are discovered in software packages and must be patched. Guix developers try hard " +"to keep track of known vulnerabilities and to apply fixes as soon as possible in the @code{master} branch of Guix (we do not yet " +"provide a ``stable'' branch containing only security updates.) The @command{guix lint} tool helps developers find out about " +"vulnerable versions of software packages in the distribution:" +msgstr "" + +#. type: smallexample +#: doc/guix.texi:21438 +#, no-wrap +msgid "" +"$ guix lint -c cve\n" +"gnu/packages/base.scm:652:2: glibc@@2.21: probably vulnerable to CVE-2015-1781, CVE-2015-7547\n" +"gnu/packages/gcc.scm:334:2: gcc@@4.9.3: probably vulnerable to CVE-2015-5276\n" +"gnu/packages/image.scm:312:2: openjpeg@@2.1.0: probably vulnerable to CVE-2016-1923, CVE-2016-1924\n" +"@dots{}\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21441 +msgid "@xref{Invoking guix lint}, for more information." +msgstr "" + +#. type: quotation +#: doc/guix.texi:21445 +msgid "As of version @value{VERSION}, the feature described below is considered ``beta''." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21455 +msgid "" +"Guix follows a functional package management discipline (@pxref{Introduction}), which implies that, when a package is changed, " +"@emph{every package that depends on it} must be rebuilt. This can significantly slow down the deployment of fixes in core packages " +"such as libc or Bash, since basically the whole distribution would need to be rebuilt. Using pre-built binaries helps " +"(@pxref{Substitutes}), but deployment may still take more time than desired." +msgstr "" +"Guix suit une discipline de gestion de paquets fonctionnelle (@pxref{Introduction}), ce qui implique que lorsqu'un paquet change, " +"@emph{tous les paquets qui en dépendent} doivent être reconstruits. Cela peut grandement ralentir le déploiement de corrections dans " +"les paquets du cœur comme libc ou bash comme presque toute la distribution aurait besoin d'être reconstruite. Cela aide d'utiliser " +"des binaires pré-construits (@pxref{Substituts}), mais le déploiement peut toujours prendre plus de temps de souhaité." + +#. type: cindex +#: doc/guix.texi:21456 +#, no-wrap +msgid "grafts" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21464 +msgid "" +"To address this, Guix implements @dfn{grafts}, a mechanism that allows for fast deployment of critical updates without the costs " +"associated with a whole-distribution rebuild. The idea is to rebuild only the package that needs to be patched, and then to " +"``graft'' it onto packages explicitly installed by the user and that were previously referring to the original package. The cost of " +"grafting is typically very low, and order of magnitudes lower than a full rebuild of the dependency chain." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21465 +#, no-wrap +msgid "replacements of packages, for grafts" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21471 +msgid "" +"For instance, suppose a security update needs to be applied to Bash. Guix developers will provide a package definition for the " +"``fixed'' Bash, say @var{bash-fixed}, in the usual way (@pxref{Defining Packages}). Then, the original package definition is " +"augmented with a @code{replacement} field pointing to the package containing the bug fix:" +msgstr "" + +#. type: example +#: doc/guix.texi:21478 +#, no-wrap +msgid "" +"(define bash\n" +" (package\n" +" (name \"bash\")\n" +" ;; @dots{}\n" +" (replacement bash-fixed)))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21488 +msgid "" +"From there on, any package depending directly or indirectly on Bash---as reported by @command{guix gc --requisites} (@pxref{Invoking " +"guix gc})---that is installed is automatically ``rewritten'' to refer to @var{bash-fixed} instead of @var{bash}. This grafting " +"process takes time proportional to the size of the package, usually less than a minute for an ``average'' package on a recent " +"machine. Grafting is recursive: when an indirect dependency requires grafting, then grafting ``propagates'' up to the package that " +"the user is installing." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21496 +msgid "" +"Currently, the length of the name and version of the graft and that of the package it replaces (@var{bash-fixed} and @var{bash} in " +"the example above) must be equal. This restriction mostly comes from the fact that grafting works by patching files, including " +"binary files, directly. Other restrictions may apply: for instance, when adding a graft to a package providing a shared library, " +"the original shared library and its replacement must have the same @code{SONAME} and be binary-compatible." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21500 +msgid "" +"The @option{--no-grafts} command-line option allows you to forcefully avoid grafting (@pxref{Common Build Options, @option{--no-" +"grafts}}). Thus, the command:" +msgstr "" + +#. type: example +#: doc/guix.texi:21503 +#, no-wrap +msgid "guix build bash --no-grafts\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21507 +msgid "returns the store file name of the original Bash, whereas:" +msgstr "" + +#. type: example +#: doc/guix.texi:21510 +#, no-wrap +msgid "guix build bash\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21515 +msgid "" +"returns the store file name of the ``fixed'', replacement Bash. This allows you to distinguish between the two variants of Bash." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21518 +msgid "To verify which Bash your whole profile refers to, you can run (@pxref{Invoking guix gc}):" +msgstr "" + +#. type: example +#: doc/guix.texi:21521 +#, no-wrap +msgid "guix gc -R `readlink -f ~/.guix-profile` | grep bash\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21526 +msgid "@dots{} and compare the store file names that you get with those above. Likewise for a complete GuixSD system generation:" +msgstr "" + +#. type: example +#: doc/guix.texi:21529 +#, no-wrap +msgid "guix gc -R `guix system build my-config.scm` | grep bash\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21533 +msgid "Lastly, to check which Bash running processes are using, you can use the @command{lsof} command:" +msgstr "" + +#. type: example +#: doc/guix.texi:21536 +#, no-wrap +msgid "lsof | grep /gnu/store/.*bash\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21553 +msgid "" +"From a programming viewpoint, the package definitions of the GNU distribution are provided by Guile modules in the @code{(gnu " +"packages @dots{})} name space@footnote{Note that packages under the @code{(gnu packages @dots{})} module name space are not " +"necessarily ``GNU packages''. This module naming scheme follows the usual Guile module naming convention: @code{gnu} means that " +"these modules are distributed as part of the GNU system, and @code{packages} identifies modules that define packages.} " +"(@pxref{Modules, Guile modules,, guile, GNU Guile Reference Manual}). For instance, the @code{(gnu packages emacs)} module exports " +"a variable named @code{emacs}, which is bound to a @code{} object (@pxref{Defining Packages})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21560 +msgid "" +"The @code{(gnu packages @dots{})} module name space is automatically scanned for packages by the command-line tools. For instance, " +"when running @code{guix package -i emacs}, all the @code{(gnu packages @dots{})} modules are scanned until one that exports a " +"package object whose name is @code{emacs} is found. This package search facility is implemented in the @code{(gnu packages)} module." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21562 +#, no-wrap +msgid "package module search path" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21579 +msgid "" +"Users can store package definitions in modules with different names---e.g., @code{(my-packages emacs)}@footnote{Note that the file " +"name and module name must match. For instance, the @code{(my-packages emacs)} module must be stored in a @file{my-packages/emacs." +"scm} file relative to the load path specified with @option{--load-path} or @code{GUIX_PACKAGE_PATH}. @xref{Modules and the File " +"System,,, guile, GNU Guile Reference Manual}, for details.}. These package definitions will not be visible by default. Users can " +"invoke commands such as @command{guix package} and @command{guix build} with the @code{-e} option so that they know where to find " +"the package. Better yet, they can use the @code{-L} option of these commands to make those modules visible (@pxref{Invoking guix " +"build, @code{--load-path}}), or define the @code{GUIX_PACKAGE_PATH} environment variable. This environment variable makes it easy " +"to extend or customize the distribution and is honored by all the user interfaces." +msgstr "" + +#. type: defvr +#: doc/guix.texi:21580 +#, no-wrap +msgid "{Environment Variable} GUIX_PACKAGE_PATH" +msgstr "" + +#. type: defvr +#: doc/guix.texi:21584 +msgid "" +"This is a colon-separated list of directories to search for additional package modules. Directories listed in this variable take " +"precedence over the own modules of the distribution." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21592 +msgid "" +"The distribution is fully @dfn{bootstrapped} and @dfn{self-contained}: each package is built based solely on other packages in the " +"distribution. The root of this dependency graph is a small set of @dfn{bootstrap binaries}, provided by the @code{(gnu packages " +"bootstrap)} module. For more information on bootstrapping, @pxref{Bootstrapping}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21596 +#, no-wrap +msgid "packages, creating" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21601 +msgid "" +"The GNU distribution is nascent and may well lack some of your favorite packages. This section describes how you can help make the " +"distribution grow. @xref{Contributing}, for additional information on how you can help." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21609 +msgid "" +"Free software packages are usually distributed in the form of @dfn{source code tarballs}---typically @file{tar.gz} files that " +"contain all the source files. Adding a package to the distribution means essentially two things: adding a @dfn{recipe} that " +"describes how to build the package, including a list of other packages required to build it, and adding @dfn{package metadata} along " +"with that recipe, such as a description and licensing information." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21618 +msgid "" +"In Guix all this information is embodied in @dfn{package definitions}. Package definitions provide a high-level view of the " +"package. They are written using the syntax of the Scheme programming language; in fact, for each package we define a variable bound " +"to the package definition, and export that variable from a module (@pxref{Package Modules}). However, in-depth Scheme knowledge is " +"@emph{not} a prerequisite for creating packages. For more information on package definitions, @pxref{Defining Packages}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21624 +msgid "" +"Once a package definition is in place, stored in a file in the Guix source tree, it can be tested using the @command{guix build} " +"command (@pxref{Invoking guix build}). For example, assuming the new package is called @code{gnew}, you may run this command from " +"the Guix build tree (@pxref{Running Guix Before It Is Installed}):" +msgstr "" + +#. type: example +#: doc/guix.texi:21627 +#, no-wrap +msgid "./pre-inst-env guix build gnew --keep-failed\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21633 +msgid "" +"Using @code{--keep-failed} makes it easier to debug build failures since it provides access to the failed build tree. Another " +"useful command-line option when debugging is @code{--log-file}, to access the build log." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21638 +msgid "" +"If the package is unknown to the @command{guix} command, it may be that the source file contains a syntax error, or lacks a " +"@code{define-public} clause to export the package variable. To figure it out, you may load the module from Guile to get more " +"information about the actual error:" +msgstr "" + +#. type: example +#: doc/guix.texi:21641 +#, no-wrap +msgid "./pre-inst-env guile -c '(use-modules (gnu packages gnew))'\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21649 +msgid "" +"Once your package builds correctly, please send us a patch (@pxref{Contributing}). Well, if you need help, we will be happy to help " +"you too. Once the patch is committed in the Guix repository, the new package automatically gets built on the supported platforms by " +"@url{http://hydra.gnu.org/jobset/gnu/master, our continuous integration system}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21650 +#, no-wrap +msgid "substituter" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21657 +msgid "" +"Users can obtain the new package definition simply by running @command{guix pull} (@pxref{Invoking guix pull}). When @code{hydra." +"gnu.org} is done building the package, installing the package automatically downloads binaries from there (@pxref{Substitutes}). " +"The only place where human intervention is needed is to review and apply the patch." +msgstr "" +"On peut obtenir la nouvelle définition du paquet simplement en lançant @command{guix pull} (@pxref{Invoking guix pull}). Lorsque " +"@code{hydra.gnu.org} a fini de construire le paquet, l'installation du paquet y télécharge automatiquement les binaires " +"(@pxref{Substituts}). La seule intervention humaine requise est pendant la revue et l'application du correctif." + +#. type: cindex +#: doc/guix.texi:21674 +#, no-wrap +msgid "free software" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21682 +msgid "" +"The GNU operating system has been developed so that users can have freedom in their computing. GNU is @dfn{free software}, meaning " +"that users have the @url{http://www.gnu.org/philosophy/free-sw.html,four essential freedoms}: to run the program, to study and " +"change the program in source code form, to redistribute exact copies, and to distribute modified versions. Packages found in the " +"GNU distribution provide only software that conveys these four freedoms." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21688 +msgid "" +"In addition, the GNU distribution follow the @url{http://www.gnu.org/distros/free-system-distribution-guidelines.html,free software " +"distribution guidelines}. Among other things, these guidelines reject non-free firmware, recommendations of non-free software, and " +"discuss ways to deal with trademarks and patents." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21696 +msgid "" +"Some otherwise free upstream package sources contain a small and optional subset that violates the above guidelines, for instance " +"because this subset is itself non-free code. When that happens, the offending items are removed with appropriate patches or code " +"snippets in the @code{origin} form of the package (@pxref{Defining Packages}). This way, @code{guix build --source} returns the " +"``freed'' source rather than the unmodified upstream source." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21701 +#, no-wrap +msgid "package name" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21709 +msgid "" +"A package has actually two names associated with it: First, there is the name of the @emph{Scheme variable}, the one following " +"@code{define-public}. By this name, the package can be made known in the Scheme code, for instance as input to another package. " +"Second, there is the string in the @code{name} field of a package definition. This name is used by package management commands such " +"as @command{guix package} and @command{guix build}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21714 +msgid "" +"Both are usually the same and correspond to the lowercase conversion of the project name chosen upstream, with underscores replaced " +"with hyphens. For instance, GNUnet is available as @code{gnunet}, and SDL_net as @code{sdl-net}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21719 +msgid "" +"We do not add @code{lib} prefixes for library packages, unless these are already part of the official project name. But " +"@pxref{Python Modules} and @ref{Perl Modules} for special rules concerning modules for the Python and Perl languages." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21721 +msgid "Font package names are handled differently, @pxref{Fonts}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21726 +#, no-wrap +msgid "package version" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21735 +msgid "" +"We usually package only the latest version of a given free software project. But sometimes, for instance for incompatible library " +"versions, two (or more) versions of the same package are needed. These require different Scheme variable names. We use the name as " +"defined in @ref{Package Naming} for the most recent version; previous versions use the same name, suffixed by @code{-} and the " +"smallest prefix of the version number that may distinguish the two versions." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21738 +msgid "The name inside the package definition is the same for all versions of a package and does not contain any version number." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21740 +msgid "For instance, the versions 2.24.20 and 3.9.12 of GTK+ may be packaged as follows:" +msgstr "" + +#. type: example +#: doc/guix.texi:21752 +#, no-wrap +msgid "" +"(define-public gtk+\n" +" (package\n" +" (name \"gtk+\")\n" +" (version \"3.9.12\")\n" +" ...))\n" +"(define-public gtk+-2\n" +" (package\n" +" (name \"gtk+\")\n" +" (version \"2.24.20\")\n" +" ...))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21754 +msgid "If we also wanted GTK+ 3.8.2, this would be packaged as" +msgstr "" + +#. type: example +#: doc/guix.texi:21760 +#, no-wrap +msgid "" +"(define-public gtk+-3.8\n" +" (package\n" +" (name \"gtk+\")\n" +" (version \"3.8.2\")\n" +" ...))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21764 +#, no-wrap +msgid "version number, for VCS snapshots" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21770 +msgid "" +"Occasionally, we package snapshots of upstream's version control system (VCS) instead of formal releases. This should remain " +"exceptional, because it is up to upstream developers to clarify what the stable release is. Yet, it is sometimes necessary. So, " +"what should we put in the @code{version} field?" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21778 +msgid "" +"Clearly, we need to make the commit identifier of the VCS snapshot visible in the version string, but we also need to make sure that " +"the version string is monotonically increasing so that @command{guix package --upgrade} can determine which version is newer. Since " +"commit identifiers, notably with Git, are not monotonically increasing, we add a revision number that we increase each time we " +"upgrade to a newer snapshot. The resulting version string looks like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:21787 +#, no-wrap +msgid "" +"2.0.11-3.cabba9e\n" +" ^ ^ ^\n" +" | | `-- upstream commit ID\n" +" | |\n" +" | `--- Guix package revision\n" +" |\n" +"latest upstream version\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21796 +msgid "" +"It is a good idea to strip commit identifiers in the @code{version} field to, say, 7 digits. It avoids an aesthetic annoyance " +"(assuming aesthetics have a role to play here) as well as problems related to OS limits such as the maximum shebang length (127 " +"bytes for the Linux kernel.) It is best to use the full commit identifiers in @code{origin}s, though, to avoid ambiguities. A " +"typical package definition may look like this:" +msgstr "" + +#. type: example +#: doc/guix.texi:21812 +#, no-wrap +msgid "" +"(define my-package\n" +" (let ((commit \"c3f29bc928d5900971f65965feaae59e1272a3f7\")\n" +" (revision \"1\")) ;Guix package revision\n" +" (package\n" +" (version (git-version \"0.9\" revision commit))\n" +" (source (origin\n" +" (method git-fetch)\n" +" (uri (git-reference\n" +" (url \"git://example.org/my-package.git\")\n" +" (commit commit)))\n" +" (sha256 (base32 \"1mbikn@dots{}\"))\n" +" (file-name (git-file-name name version))))\n" +" ;; @dots{}\n" +" )))\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21817 +#, no-wrap +msgid "package description" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21818 +#, no-wrap +msgid "package synopsis" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21825 +msgid "" +"As we have seen before, each package in GNU@tie{}Guix includes a synopsis and a description (@pxref{Defining Packages}). Synopses " +"and descriptions are important: They are what @command{guix package --search} searches, and a crucial piece of information to help " +"users determine whether a given package suits their needs. Consequently, packagers should pay attention to what goes into them." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21833 +msgid "" +"Synopses must start with a capital letter and must not end with a period. They must not start with ``a'' or ``the'', which usually " +"does not bring anything; for instance, prefer ``File-frobbing tool'' over ``A tool that frobs files''. The synopsis should say what " +"the package is---e.g., ``Core GNU utilities (file, text, shell)''---or what it is used for---e.g., the synopsis for GNU@tie{}grep is " +"``Print lines matching a pattern''." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21843 +msgid "" +"Keep in mind that the synopsis must be meaningful for a very wide audience. For example, ``Manipulate alignments in the SAM " +"format'' might make sense for a seasoned bioinformatics researcher, but might be fairly unhelpful or even misleading to a non-" +"specialized audience. It is a good idea to come up with a synopsis that gives an idea of the application domain of the package. In " +"this example, this might give something like ``Manipulate nucleotide sequence alignments'', which hopefully gives the user a better " +"idea of whether this is what they are looking for." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21851 +msgid "" +"Descriptions should take between five and ten lines. Use full sentences, and avoid using acronyms without first introducing them. " +"Please avoid marketing phrases such as ``world-leading'', ``industrial-strength'', and ``next-generation'', and avoid superlatives " +"like ``the most advanced''---they are not helpful to users looking for a package and may even sound suspicious. Instead, try to be " +"factual, mentioning use cases and features." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21852 +#, no-wrap +msgid "Texinfo markup, in package descriptions" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21861 +msgid "" +"Descriptions can include Texinfo markup, which is useful to introduce ornaments such as @code{@@code} or @code{@@dfn}, bullet lists, " +"or hyperlinks (@pxref{Overview,,, texinfo, GNU Texinfo}). However you should be careful when using some characters for example " +"@samp{@@} and curly braces which are the basic special characters in Texinfo (@pxref{Special Characters,,, texinfo, GNU Texinfo}). " +"User interfaces such as @command{guix package --show} take care of rendering it appropriately." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21867 +msgid "" +"Synopses and descriptions are translated by volunteers @uref{http://translationproject.org/domain/guix-packages.html, at the " +"Translation Project} so that as many users as possible can read them in their native language. User interfaces search them and " +"display them in the language specified by the current locale." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21872 +msgid "" +"To allow @command{xgettext} to extract them as translatable strings, synopses and descriptions @emph{must be literal strings}. This " +"means that you cannot use @code{string-append} or @code{format} to construct these strings:" +msgstr "" + +#. type: lisp +#: doc/guix.texi:21878 +#, no-wrap +msgid "" +"(package\n" +" ;; @dots{}\n" +" (synopsis \"This is translatable\")\n" +" (description (string-append \"This is \" \"*not*\" \" translatable.\")))\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21886 +msgid "" +"Translation is a lot of work so, as a packager, please pay even more attention to your synopses and descriptions as every change may " +"entail additional work for translators. In order to help them, it is possible to make recommendations or instructions visible to " +"them by inserting special comments like this (@pxref{xgettext Invocation,,, gettext, GNU Gettext}):" +msgstr "" + +#. type: example +#: doc/guix.texi:21891 +#, no-wrap +msgid "" +";; TRANSLATORS: \"X11 resize-and-rotate\" should not be translated.\n" +"(description \"ARandR is designed to provide a simple visual front end\n" +"for the X11 resize-and-rotate (RandR) extension. @dots{}\")\n" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21897 +#, no-wrap +msgid "python" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21903 +msgid "" +"We currently package Python 2 and Python 3, under the Scheme variable names @code{python-2} and @code{python} as explained in " +"@ref{Version Numbers}. To avoid confusion and naming clashes with other programming languages, it seems desirable that the name of " +"a package for a Python module contains the word @code{python}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21909 +msgid "" +"Some modules are compatible with only one version of Python, others with both. If the package Foo compiles only with Python 3, we " +"name it @code{python-foo}; if it compiles only with Python 2, we name it @code{python2-foo}. If it is compatible with both versions, " +"we create two packages with the corresponding names." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21915 +msgid "" +"If a project already contains the word @code{python}, we drop this; for instance, the module python-dateutil is packaged under the " +"names @code{python-dateutil} and @code{python2-dateutil}. If the project name starts with @code{py} (e.g. @code{pytz}), we keep it " +"and prefix it as described above." +msgstr "" + +#. type: subsubsection +#: doc/guix.texi:21916 +#, no-wrap +msgid "Specifying Dependencies" +msgstr "" + +#. type: cindex +#: doc/guix.texi:21917 +#, no-wrap +msgid "inputs, for Python packages" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21922 +msgid "" +"Dependency information for Python packages is usually available in the package source tree, with varying degrees of accuracy: in the " +"@file{setup.py} file, in @file{requirements.txt}, or in @file{tox.ini}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21928 +msgid "" +"Your mission, when writing a recipe for a Python package, is to map these dependencies to the appropriate type of " +"``input'' (@pxref{package Reference, inputs}). Although the @code{pypi} importer normally does a good job (@pxref{Invoking guix " +"import}), you may want to check the following check list to determine which dependency goes where." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21936 +msgid "" +"We currently package Python 2 with @code{setuptools} and @code{pip} installed like Python 3.4 has per default. Thus you don't need " +"to specify either of these as an input. @command{guix lint} will warn you if you do." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21942 +msgid "" +"Python dependencies required at run time go into @code{propagated-inputs}. They are typically defined with the " +"@code{install_requires} keyword in @file{setup.py}, or in the @file{requirements.txt} file." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21950 +msgid "" +"Python packages required only at build time---e.g., those listed with the @code{setup_requires} keyword in @file{setup.py}---or only " +"for testing---e.g., those in @code{tests_require}---go into @code{native-inputs}. The rationale is that (1) they do not need to be " +"propagated because they are not needed at run time, and (2) in a cross-compilation context, it's the ``native'' input that we'd want." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21954 +msgid "" +"Examples are the @code{pytest}, @code{mock}, and @code{nose} test frameworks. Of course if any of these packages is also required " +"at run-time, it needs to go to @code{propagated-inputs}." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21959 +msgid "" +"Anything that does not fall in the previous categories goes to @code{inputs}, for example programs or C libraries required for " +"building Python packages containing C extensions." +msgstr "" + +#. type: itemize +#: doc/guix.texi:21965 +msgid "" +"If a Python package has optional dependencies (@code{extras_require}), it is up to you to decide whether to add them or not, based " +"on their usefulness/overhead ratio (@pxref{Submitting Patches, @command{guix size}})." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21972 +#, no-wrap +msgid "perl" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21983 +msgid "" +"Perl programs standing for themselves are named as any other package, using the lowercase upstream name. For Perl packages " +"containing a single class, we use the lowercase class name, replace all occurrences of @code{::} by dashes and prepend the prefix " +"@code{perl-}. So the class @code{XML::Parser} becomes @code{perl-xml-parser}. Modules containing several classes keep their " +"lowercase upstream name and are also prepended by @code{perl-}. Such modules tend to have the word @code{perl} somewhere in their " +"name, which gets dropped in favor of the prefix. For instance, @code{libwww-perl} becomes @code{perl-libwww}." +msgstr "" + +#. type: cindex +#: doc/guix.texi:21988 +#, no-wrap +msgid "java" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21991 +msgid "Java programs standing for themselves are named as any other package, using the lowercase upstream name." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:21997 +msgid "" +"To avoid confusion and naming clashes with other programming languages, it is desirable that the name of a package for a Java " +"package is prefixed with @code{java-}. If a project already contains the word @code{java}, we drop this; for instance, the package " +"@code{ngsjava} is packaged under the name @code{java-ngs}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22003 +msgid "" +"For Java packages containing a single class or a small class hierarchy, we use the lowercase class name, replace all occurrences of " +"@code{.} by dashes and prepend the prefix @code{java-}. So the class @code{apache.commons.cli} becomes package @code{java-apache-" +"commons-cli}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22014 +msgid "" +"For fonts that are in general not installed by a user for typesetting purposes, or that are distributed as part of a larger software " +"package, we rely on the general packaging rules for software; for instance, this applies to the fonts delivered as part of the X.Org " +"system or fonts that are part of TeX Live." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22018 +msgid "" +"To make it easier for a user to search for fonts, names for other packages containing only fonts are constructed as follows, " +"independently of the upstream package name." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22026 +msgid "" +"The name of a package containing only one font family starts with @code{font-}; it is followed by the foundry name and a dash " +"@code{-} if the foundry is known, and the font family name, in which spaces are replaced by dashes (and as usual, all upper case " +"letters are transformed to lower case). For example, the Gentium font family by SIL is packaged under the name @code{font-sil-" +"gentium}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22035 +msgid "" +"For a package containing several font families, the name of the collection is used in the place of the font family name. For " +"instance, the Liberation fonts consist of three families, Liberation Sans, Liberation Serif and Liberation Mono. These could be " +"packaged separately under the names @code{font-liberation-sans} and so on; but as they are distributed together under a common name, " +"we prefer to package them together as @code{font-liberation}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22041 +msgid "" +"In the case where several formats of the same font family or font collection are packaged separately, a short form of the format, " +"prepended by a dash, is added to the package name. We use @code{-ttf} for TrueType fonts, @code{-otf} for OpenType fonts and @code{-" +"type1} for PostScript Type 1 fonts." +msgstr "" + +#. type: cindex +#: doc/guix.texi:22049 +#, no-wrap +msgid "bootstrapping" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22059 +msgid "" +"Bootstrapping in our context refers to how the distribution gets built ``from nothing''. Remember that the build environment of a " +"derivation contains nothing but its declared inputs (@pxref{Introduction}). So there's an obvious chicken-and-egg problem: how does " +"the first package get built? How does the first compiler get compiled? Note that this is a question of interest only to the curious " +"hacker, not to the regular user, so you can shamelessly skip this section if you consider yourself a ``regular user''." +msgstr "" + +#. type: cindex +#: doc/guix.texi:22060 doc/guix.texi:22182 +#, no-wrap +msgid "bootstrap binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22070 +msgid "" +"The GNU system is primarily made of C code, with libc at its core. The GNU build system itself assumes the availability of a Bourne " +"shell and command-line tools provided by GNU Coreutils, Awk, Findutils, `sed', and `grep'. Furthermore, build programs---programs " +"that run @code{./configure}, @code{make}, etc.---are written in Guile Scheme (@pxref{Derivations}). Consequently, to be able to " +"build anything at all, from scratch, Guix relies on pre-built binaries of Guile, GCC, Binutils, libc, and the other packages " +"mentioned above---the @dfn{bootstrap binaries}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22073 +msgid "These bootstrap binaries are ``taken for granted'', though we can also re-create them if needed (more on that later)." +msgstr "" + +#. type: unnumberedsubsec +#: doc/guix.texi:22074 +#, no-wrap +msgid "Preparing to Use the Bootstrap Binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22079 +msgid "@image{images/bootstrap-graph,6in,,Dependency graph of the early bootstrap derivations}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22084 +msgid "" +"The figure above shows the very beginning of the dependency graph of the distribution, corresponding to the package definitions of " +"the @code{(gnu packages bootstrap)} module. A similar figure can be generated with @command{guix graph} (@pxref{Invoking guix " +"graph}), along the lines of:" +msgstr "" + +#. type: example +#: doc/guix.texi:22089 +#, no-wrap +msgid "" +"guix graph -t derivation \\\n" +" -e '(@@@@ (gnu packages bootstrap) %bootstrap-gcc)' \\\n" +" | dot -Tps > t.ps\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22098 +msgid "" +"At this level of detail, things are slightly complex. First, Guile itself consists of an ELF executable, along with many source and " +"compiled Scheme files that are dynamically loaded when it runs. This gets stored in the @file{guile-2.0.7.tar.xz} tarball shown in " +"this graph. This tarball is part of Guix's ``source'' distribution, and gets inserted into the store with @code{add-to-store} " +"(@pxref{The Store})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22107 +msgid "" +"But how do we write a derivation that unpacks this tarball and adds it to the store? To solve this problem, the @code{guile-" +"bootstrap-2.0.drv} derivation---the first one that gets built---uses @code{bash} as its builder, which runs @code{build-bootstrap-" +"guile.sh}, which in turn calls @code{tar} to unpack the tarball. Thus, @file{bash}, @file{tar}, @file{xz}, and @file{mkdir} are " +"statically-linked binaries, also part of the Guix source distribution, whose sole purpose is to allow the Guile tarball to be " +"unpacked." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22119 +msgid "" +"Once @code{guile-bootstrap-2.0.drv} is built, we have a functioning Guile that can be used to run subsequent build programs. Its " +"first task is to download tarballs containing the other pre-built binaries---this is what the @code{.tar.xz.drv} derivations do. " +"Guix modules such as @code{ftp-client.scm} are used for this purpose. The @code{module-import.drv} derivations import those modules " +"in a directory in the store, using the original layout. The @code{module-import-compiled.drv} derivations compile those modules, " +"and write them in an output directory with the right layout. This corresponds to the @code{#:modules} argument of @code{build-" +"expression->derivation} (@pxref{Derivations})." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22123 +msgid "" +"Finally, the various tarballs are unpacked by the derivations @code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, etc., at " +"which point we have a working C tool chain." +msgstr "" + +#. type: unnumberedsubsec +#: doc/guix.texi:22125 +#, no-wrap +msgid "Building the Build Tools" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22134 +msgid "" +"Bootstrapping is complete when we have a full tool chain that does not depend on the pre-built bootstrap tools discussed above. " +"This no-dependency requirement is verified by checking whether the files of the final tool chain contain references to the @file{/" +"gnu/store} directories of the bootstrap inputs. The process that leads to this ``final'' tool chain is described by the package " +"definitions found in the @code{(gnu packages commencement)} module." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22141 +msgid "" +"The @command{guix graph} command allows us to ``zoom out'' compared to the graph above, by looking at the level of package objects " +"instead of individual derivations---remember that a package may translate to several derivations, typically one derivation to " +"download its source, one to build the Guile modules it needs, and one to actually build the package from source. The command:" +msgstr "" + +#. type: example +#: doc/guix.texi:22146 +#, no-wrap +msgid "" +"guix graph -t bag \\\n" +" -e '(@@@@ (gnu packages commencement)\n" +" glibc-final-with-bootstrap-bash)' | dot -Tps > t.ps\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22153 +msgid "" +"produces the dependency graph leading to the ``final'' C library@footnote{You may notice the @code{glibc-intermediate} label, " +"suggesting that it is not @emph{quite} final, but as a good approximation, we will consider it final.}, depicted below." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22155 +msgid "@image{images/bootstrap-packages,6in,,Dependency graph of the early packages}" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22161 +msgid "" +"The first tool that gets built with the bootstrap binaries is GNU@tie{}Make---noted @code{make-boot0} above---which is a " +"prerequisite for all the following packages. From there Findutils and Diffutils get built." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22166 +msgid "" +"Then come the first-stage Binutils and GCC, built as pseudo cross tools---i.e., with @code{--target} equal to @code{--host}. They " +"are used to build libc. Thanks to this cross-build trick, this libc is guaranteed not to hold any reference to the initial tool " +"chain." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22172 +msgid "" +"From there the final Binutils and GCC (not shown above) are built. GCC uses @code{ld} from the final Binutils, and links programs " +"against the just-built libc. This tool chain is used to build the other packages used by Guix and by the GNU Build System: Guile, " +"Bash, Coreutils, etc." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22178 +msgid "" +"And voilà! At this point we have the complete set of build tools that the GNU Build System expects. These are in the @code{%final-" +"inputs} variable of the @code{(gnu packages commencement)} module, and are implicitly used by any package that uses @code{gnu-build-" +"system} (@pxref{Build Systems, @code{gnu-build-system}})." +msgstr "" + +#. type: unnumberedsubsec +#: doc/guix.texi:22180 +#, no-wrap +msgid "Building the Bootstrap Binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22187 +msgid "" +"Because the final tool chain does not depend on the bootstrap binaries, those rarely need to be updated. Nevertheless, it is useful " +"to have an automated way to produce them, should an update occur, and this is what the @code{(gnu packages make-bootstrap)} module " +"provides." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22191 +msgid "" +"The following command builds the tarballs containing the bootstrap binaries (Guile, Binutils, GCC, libc, and a tarball containing a " +"mixture of Coreutils and other basic command-line tools):" +msgstr "" + +#. type: example +#: doc/guix.texi:22194 +#, no-wrap +msgid "guix build bootstrap-tarballs\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22199 +msgid "" +"The generated tarballs are those that should be referred to in the @code{(gnu packages bootstrap)} module mentioned at the beginning " +"of this section." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22205 +msgid "" +"Still here? Then perhaps by now you've started to wonder: when do we reach a fixed point? That is an interesting question! The " +"answer is unknown, but if you would like to investigate further (and have significant computational and storage resources to do so), " +"then let us know." +msgstr "" + +#. type: unnumberedsubsec +#: doc/guix.texi:22206 +#, no-wrap +msgid "Reducing the Set of Bootstrap Binaries" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22214 +msgid "" +"Our bootstrap binaries currently include GCC, Guile, etc. That's a lot of binary code! Why is that a problem? It's a problem " +"because these big chunks of binary code are practically non-auditable, which makes it hard to establish what source code produced " +"them. Every unauditable binary also leaves us vulnerable to compiler backdoors as described by Ken Thompson in the 1984 paper " +"@emph{Reflections on Trusting Trust}." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22220 +msgid "" +"This is mitigated by the fact that our bootstrap binaries were generated from an earlier Guix revision. Nevertheless it lacks the " +"level of transparency that we get in the rest of the package dependency graph, where Guix always gives us a source-to-binary " +"mapping. Thus, our goal is to reduce the set of bootstrap binaries to the bare minimum." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22226 +msgid "" +"The @uref{http://bootstrappable.org, Bootstrappable.org web site} lists on-going projects to do that. One of these is about " +"replacing the bootstrap GCC with a sequence of assemblers, interpreters, and compilers of increasing complexity, which could be " +"built from source starting from a simple and auditable assembler. Your help is welcome!" +msgstr "" + +#. type: section +#: doc/guix.texi:22229 +#, no-wrap +msgid "Porting to a New Platform" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22238 +msgid "" +"As discussed above, the GNU distribution is self-contained, and self-containment is achieved by relying on pre-built ``bootstrap " +"binaries'' (@pxref{Bootstrapping}). These binaries are specific to an operating system kernel, CPU architecture, and application " +"binary interface (ABI). Thus, to port the distribution to a platform that is not yet supported, one must build those bootstrap " +"binaries, and update the @code{(gnu packages bootstrap)} module to use them on that platform." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22243 +msgid "" +"Fortunately, Guix can @emph{cross compile} those bootstrap binaries. When everything goes well, and assuming the GNU tool chain " +"supports the target platform, this can be as simple as running a command like this one:" +msgstr "" + +#. type: example +#: doc/guix.texi:22246 +#, no-wrap +msgid "guix build --target=armv5tel-linux-gnueabi bootstrap-tarballs\n" +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22253 +msgid "" +"For this to work, the @code{glibc-dynamic-linker} procedure in @code{(gnu packages bootstrap)} must be augmented to return the right " +"file name for libc's dynamic linker on that platform; likewise, @code{system->linux-architecture} in @code{(gnu packages linux)} " +"must be taught about the new platform." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22262 +msgid "" +"Once these are built, the @code{(gnu packages bootstrap)} module needs to be updated to refer to these binaries on the target " +"platform. That is, the hashes and URLs of the bootstrap tarballs for the new platform must be added alongside those of the " +"currently supported platforms. The bootstrap Guile tarball is treated specially: it is expected to be available locally, and " +"@file{gnu/local.mk} has rules do download it for the supported architectures; a rule for the new platform must be added as well." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22271 +msgid "" +"In practice, there may be some complications. First, it may be that the extended GNU triplet that specifies an ABI (like the " +"@code{eabi} suffix above) is not recognized by all the GNU tools. Typically, glibc recognizes some of these, whereas GCC uses an " +"extra @code{--with-abi} configure flag (see @code{gcc.scm} for examples of how to handle this). Second, some of the required " +"packages could fail to build for that platform. Lastly, the generated binaries could be broken for some reason." +msgstr "" + +#. type: include +#: doc/guix.texi:22273 +#, no-wrap +msgid "contributing.texi" +msgstr "contributing.fr.texi" + +#. type: Plain text +#: doc/guix.texi:22286 +msgid "" +"Guix is based on the @uref{http://nixos.org/nix/, Nix package manager}, which was designed and implemented by Eelco Dolstra, with " +"contributions from other people (see the @file{nix/AUTHORS} file in Guix.) Nix pioneered functional package management, and " +"promoted unprecedented features, such as transactional package upgrades and rollbacks, per-user profiles, and referentially " +"transparent build processes. Without this work, Guix would not exist." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22289 +msgid "The Nix-based software distributions, Nixpkgs and NixOS, have also been an inspiration for Guix." +msgstr "" + +#. type: Plain text +#: doc/guix.texi:22295 +msgid "" +"GNU@tie{}Guix itself is a collective work with contributions from a number of people. See the @file{AUTHORS} file in Guix for more " +"information on these fine people. The @file{THANKS} file lists people who have helped by reporting bugs, taking care of the " +"infrastructure, providing artwork and themes, making suggestions, and more---thank you!" +msgstr "" + +#. type: cindex +#: doc/guix.texi:22300 +#, no-wrap +msgid "license, GNU Free Documentation License" +msgstr "license, GNU Free Documentation License" + +#. type: include +#: doc/guix.texi:22301 +#, no-wrap +msgid "fdl-1.3.texi" +msgstr "fdl-1.3.texi" diff --git a/po/doc/local.mk b/po/doc/local.mk index 556dcf1636..4e1c28307b 100644 --- a/po/doc/local.mk +++ b/po/doc/local.mk @@ -16,7 +16,9 @@ # You should have received a copy of the GNU General Public License # along with GNU Guix. If not, see . -EXTRA_DIST = +EXTRA_DIST = \ + %D%/contributing.fr.po \ + %D%/guix.fr.po POT_OPTIONS = --package-name "guix" --package-version "$(VERSION)" \ --copyright-holder "Ludovic Courtès" \