* gnu/build/linux-container.scm (unprivileged-user-namespace-supported?): Only
read and check the first character, to cope with a possible newline in the
(pseudo-)file.
* gnu/build/file-systems.scm (canonicalize-device-spec)[canonical-title]:
Use 'string->uuid' to check whether SPEC is a UUID.
When SPEC is a string and CANONICAL-TITLE is 'uuid, call 'string->uuid'.
* gnu/system.scm (operating-system-grub.cfg): Add 'root-device'
variable and use it for the "--root=" argument.
* gnu/build/linux-container.scm (namespaces->bit-mask): Remove
CLONE_CHILD_CLEARTID and CLONE_CHILD_SETTID, which are unneeded.
Discussed at <http://bugs.gnu.org/21694>.
Reported by David Thompson <dthompson2@worcester.edu>
at <https://lists.gnu.org/archive/html/guix-devel/2015-10/msg00284.html>.
* gnu/build/file-systems.scm (mount-file-system): When SOURCE matches
'regular-file?', do not create MOUNT-POINT if it already exists. This
fixes a bug whereby we would be truncating MOUNT-POINT if it already
existed.
Before, call-with-clean-exit would *always* return an exit code of 1.
* gnu/build/linux-container.scm (call-with-clean-exit): Exit with status
code of 0 if thunk does not throw an exception.
* tests/containers.scm: Add test.
Suggested by Petter <petter@mykolab.ch>
and Mark H Weaver <mhw@netris.org>.
Reported by Duncan Keall <duncan@duncankeall.com>.
Partly fixes <http://bugs.gnu.org/19190> by populating /dev/mapper
early enough.
* gnu/build/linux-boot.scm (mount-essential-file-systems): Mount /dev as
a devtmpfs.
(move-essential-file-systems): Add /dev.
(mount-root-file-system): Mount /rw-root/dev as a devtmpfs instead of
calling 'make-essential-device-nodes'.
(boot-system): Remove call to 'make-essential-device-nodes'.
* gnu/system/file-systems.scm (%devtmpfs-file-system): Remove.
* doc/guix.texi (File Systems): Adjust accordingly.
The intent is to make 'clone' behave a lot more like 'primitive-fork', which
calls clone(2) with SIGCHLD, CLONE_CHILD_CLEARTID, and CLONE_CHILD_SETTID
flags. Notably, running 'clone' at the REPL without these flags would break
the REPL beyond repair.
* guix/build/syscalls.scm (CLONE_CHILD_CLEARTID, CLONE_CHILD_SETTID): New
variables.
* gnu/build/linux-container.scm (namespaces->bit-mask): Add
CLONE_CHILD_CLEARTID and CLONE_CHILD_SETTID to bit mask.
It's not always possible to map 65536 uids when creating a container as the
root user within another user namespace. This is true when building Guix
within the build daemon's container. By using a uid range of 1 by default,
even as the root user, the tests now pass.
* gnu/build/linux-container.scm (initialize-user-namespace, run-container):
Add 'host-uids' argument.
(call-with-container): Add #:host-uids keyword argument.
* tests/containers.scm ("container-excursion"): Update 'run-container' call.
* gnu/build/file-systems.scm (regular-file?): New procedure.
(mount-file-system): Create a regular file instead of a directory when bind
mounting a regular file.
* gnu/build/vm.scm (<partition>): New record type.
(fold2): New procedure.
(initialize-partition-table): Remove #:bootable? and
'partition-size' parameters. Add 'partitions' parameter. Invoke 'parted'
with '--script'.
(initialize-root-partition): Remove.
(initialize-partition, root-partition-initializer): New procedures.
(initialize-hard-disk): Remove #:system-directory, #:disk-image-size,
#:file-system-type, #:file-system-label, #:closures, #:copy-closures?,
#:bootable?, and #:register-closures? parameters. Add #:partitions.
Rewrite to use 'initialize-partition' for each item of PARTITIONS.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Add (guix records)
to #:modules default value.
(qemu-image): Adjust accordingly.
* gnu/build/vm.scm (initialize-root-partition, initialize-hard-disk): Use the
'umount' procedure instead of invoking the 'umount' command.
* gnu/system/vm.scm (qemu-image): Remove UTIL-LINUX from INPUTS.
* gnu/build/file-systems.scm (read-ext2-superblock*, partition-predicate): New
procedures.
(partition-label-predicate): Rewrite in terms of 'partition-predicate'.
(partition-uuid-predicate, find-partition-by-uuid, uuid->string): New
procedures.
(%network-byte-order): New macro.
(canonicalize-device-spec)[canonical-title]: Check whether SPEC is a string.
[resolve]: New procedure.
Add 'uuid' case and use it.
* gnu/build/linux-container.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* .dir-locals.el: Add Scheme indent rules for 'call-with-container', and
'container-excursion'.
* tests/containers.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
* gnu/build/file-systems.scm: Import (guix build syscalls) when 'mount' is not
defined.
* gnu/system.scm (operating-system-activation-script): Include (guix build
syscalls) module in derivation.
* gnu/build/linux-initrd.scm (write-cpio-archive): Remove 'open-pipe*' and
related calls. Compute list of files in 'files' variable. Use
'cpio:write-cpio-archive'. Remove #:cpio parameter.
(build-initrd): Remove #:cpio parameter.
* gnu/system/linux-initrd.scm (expression->initrd): Likewise, and adjust
BUILDER accordingly. Add (guix cpio) to #:modules.
Rather than expecting a pointer, the version of 'mount' in
guile-static-stripped now takes a string for the 'options' argument, just like
the 'mount' procedure in (guix build syscalls).
* gnu/packages/patches/guile-linux-syscalls.patch (mount): Expect a string or
#f for 'options' argument.
* gnu/build/file-systems.scm (mount-file-system): Use new 'mount' interface.
* gnu/build/install.scm (populate-root-file-system): Delete system-1-link
under TARGET, not under /. Use 'catch' and check for EEXIST instead of
(false-if-exception (delete-file ...)).
* gnu/build/file-systems.scm (MS_REMOUNT): New constant.
(mount-file-system): Add 'flags' local variable. When FLAGS has
MS_BIND & MS_RDONLY, call 'mount' with MS_REMOUNT.
* gnu/services/base.scm (file-system-service) <start>: Likewise.
Suggested by Pjotr Prins <pjotr.public12@thebird.nl>
at <http://lists.gnu.org/archive/html/guix-devel/2015-04/msg00229.html>.
* gnu/build/install.scm (populate-single-profile-directory): New procedure.
* gnu/system/install.scm (self-contained-tarball): New procedure.
* Makefile.am (guix-binary.%.tar.xz): New target.
Fixes <http://bugs.gnu.org/19795>.
Reported by David Thompson <dthompson2@worcester.edu>.
* gnu/build/activation.scm (enumerate, current-users, current-groups,
delete-user, delete-group): New procedures.
(activate-users+groups): Add calls to 'delete-user' and
'delete-group'.
* doc/guix.texi (User Accounts): Add a paragraph about statelessness.
Explain that passwords are preserved.
Reported Joshua Grant.
Patch suggested by Mark H Weaver.
* gnu/build/linux-boot.scm (mount-root-file-system): Use
'false-if-exception' instead of 'when (file-exists? ...)' to account
for dangling symlinks.
* gnu/build/activation.scm (%skeleton-directory): New variable.
(dot-or-dot-dot?, copy-account-skeletons): New procedure.
(add-user): Use 'copy-account-skeletons'.
(activate-etc): Use 'dot-or-dot-dot?'.
This would not work when /boot is a separate partition, as reported by
Nikita Karetnikov <nikita@karetnikov.org> in <http://bugs.gnu.org/19220>.
This fixes a regression introduced in 39d1f82.
* gnu/build/install.scm (install-grub): Copy GRUB.CFG instead of
symlinking it, as was the case before 39d1f82.
* gnu/build/vm.scm (register-grub.cfg-root): Add 'grub.cfg' parameter.
Make it a permanent GC root instead of an indirect GC root.
(initialize-hard-disk): Adjust accordingly.
* guix/scripts/system.scm (install-grub*): Replace use of
'add-indirect-root' by the addition of a permanent GC root in
%GC-ROOTS-DIRECTORY.
Fixes <http://bugs.gnu.org/19160>.
* guix/scripts/system.scm (install-grub*): Make /boot/grub/grub.cfg an
indirect GC root.
* gnu/build/install.scm (install-grub): Make TARGET a symlink.
* gnu/build/vm.scm (register-grub.cfg-root): New procedure.
(initialize-hard-disk): Use it.
* gnu/packages/patches/guile-linux-syscalls.patch (scm_load_linux_module):
Leave 'errno' unchanged when ERR != 0.
* gnu/build/linux-modules.scm (load-linux-module*): Check for the errno
value of ARGS to determine whether the module was already loaded.
* gnu/build/linux-boot.scm (mount-root-file-system): Remove 'catch #t'
around body. This was unneeded and even inconvenient because this
procedure is called from within 'call-with-error-handling' already.