Previously, the builder of a fixed-output derivation could communicate with an
external process via an abstract Unix-domain socket. In particular, it could
send an open file descriptor to the store, granting write access to some of
its output files in the store provided the derivation build fails—the fix for
CVE-2024-27297 did not address this specific case. It could also send an open
file descriptor to a setuid program, which could then be executed using
execveat to gain the privileges of the build user.
With this change, fixed-output derivations other than “builtin:download”
and “builtin:git-download” always run in a separate network namespace
and have network access provided by a TAP device backed by slirp4netns,
thereby closing the abstract Unix-domain socket channel.
* nix/libstore/globals.hh (Settings)[useHostLoopback, slirp4netns]: new
fields.
* config-daemon.ac (SLIRP4NETNS): new C preprocessor definition.
* nix/libstore/globals.cc (Settings::Settings): initialize them to defaults.
* nix/nix-daemon/guix-daemon.cc (options): add --isolate-host-loopback option.
* doc/guix.texi: document it.
* nix/libstore/build.cc (DerivationGoal)[slirp]: New field.
(setupTap, setupTapAction, waitForSlirpReadyAction, enableRouteLocalnetAction,
prepareSlirpChrootAction, spawnSlirp4netns, haveGlobalIPv6Address,
remapIdsTo0Action): New functions.
(initializeUserNamespace): allow the guest UID and GID to be specified.
(DerivationGoal::killChild): When ‘slirp’ is not -1, call ‘kill’.
(DerivationGoal::startBuilder): Unconditionally add CLONE_NEWNET to FLAGS.
When ‘fixedOutput’ is true, spawn ‘slirp4netns’.
When ‘fixedOutput’ and ‘useChroot’ are true, add setupTapAction,
waitForSlirpReadyAction, and enableRouteLocalnetAction to builder setup
phases.
Create a /etc/resolv.conf for fixed-output derivations that directs them to
slirp4netns's dns address.
When settings.useHostLoopback is true, supply fixed-output derivations with a
/etc/hosts that resolves "localhost" to slirp4netns's address for accessing
the host loopback.
* nix/libutil/util.cc (keepOnExec, decodeOctalEscaped, sendFD, receiveFD,
findProgram): New functions.
* nix/libutil/util.hh (keepOnExec, decodeOctalEscaped, sendFD, receiveFD,
findProgram): New declarations.
* gnu/packages/package-management.scm (guix): add slirp4netns input for linux
targets.
* tests/derivations.scm (builder-network-isolated?): new variable.
("fixed-output derivation, network access, localhost", "fixed-output
derivation, network access, external host"):
skip test case if fixed output derivations are isolated from the network.
Change-Id: Ia3fea2ab7add56df66800071cf15cdafe7bfab96
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
* doc/contributing.texi (Submitting Patches): Describe the two options,
Codeberg and Debbugs.
(Sending a Patch Series): Add deprecation warning.
(The Issue Tracker): Mention Codeberg.
(Managing Patches and Branches): Remove initial reference to
guix-patches.
(Debbugs User Interfaces): Add deprecation warning.
(Reviewing the Work of Others): Mention pull request approval.
Change-Id: Ibf21e8923e555db1e14107ad87a65bf45f9f3fc3
* gnu/services/networking.scm (iwd-shepherd-service): Fix name and
mention “iwd” in ‘description’.
* doc/guix.texi (Networking Setup): Correct iwd’s name and add link.
Change-Id: I7605488f2018b8ac60664c6617a82f05ddadf6ec
* gnu/services/networking.scm (wpa-supplicant-configuration):
[requirement]: Deprecate, [shepherd-requirement]: New field,
[shepherd-provision]: Extract to a field. Add 'wireless-daemon to it.
* doc/guix.texi (Networking Setup): Document it.
Change-Id: Icc6fdd695e6e96ef168a085524989da639f77cd3
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is a followup to commit 7bbc00ccf0315a68509cacd6a85e1ae8ae7f5e5d of
guix/artwork.git.
* doc/build.scm (%manual-css-url): New variable.
(%makeinfo-html-options): Use it instead of www.gnu.org/…/manual.css.
(stylized-html): Likewise for the default #:manual-css-url.
Change-Id: I20bd3866383f8cbb4984993c15dbab483a17f6c9
This allows running `make info` without having to run `make` first.
* doc/local.mk (%C%_guix_TEXINFOS): Add os-config-*.texi.
Change-Id: I1998bccc6fb13a74e992a3f23311ed0de4799e89
Signed-off-by: Ekaitz Zarraga <ekaitz@elenq.tech>
* doc/guix.texi (mpv Media Player): Use the more common usage [0].
[0] https://english.stackexchange.com/a/35433
Change-Id: I5c10d281441c2995849df880dbaf62a790d2ff78
* gnu/services.scm (vte-integration-service-type): New service type.
* doc/guix.texi (Service Reference): Document it.
Change-Id: I7e4bc1b913b50a5a061894f9ddef27f1877b62a2
This factorizes out the remaining bashrc bits from /etc/skel/.bashrc to a the
template used for both /etc/bashrc on Guix System and ~/.bashrc for
home-bash-service-type.
Rationale: The use of /etc/skel introduce state: the file is only copied
originally when the user account is created, and never (automatically)
refreshed again.
* gnu/system.scm (operating-system-etc-service):
<profile>: Guard against souring /etc/bashrc in non-interactive, SSH case.
<bashrc>: Use %default-bashrc, having migrated the remaining definitions to...
* gnu/system/shadow.scm (%default-bashrc): ... here. Factorize aliases to...
* gnu/services.scm (%default-bash-aliases): ... here.
(%default-bashrc-d-aliases): New variable.
(%default-etc-bashrc-d-files): Include it in the default configuration.
* gnu/services/base.scm (%base-services): Register etc-bashrc-d-service-type.
* gnu/home/services/shells.scm (add-bash-configuration): Do not set PS1, now
part of %default-bashrc.
(home-bash-configuration) [guix-defaults?]: Update doc.
[aliases]: Set %default-bash-aliases as the default value. Update doc.
* doc/guix.texi (Shells Home Services): Update documentation.
(Service Reference): Update example.
Change-Id: I340c614983a78fd20a9c4a9705e7fc542ae9b513
* gnu/services.scm (files->bashrc-d-directory) New procedure.
(etc-bashrc-d-service-type): New service type.
* doc/guix.texi (Service Reference): Document it.
* gnu/tests/base.scm (test-basic-os): Test it.
Change-Id: Ibbb0f684de7aee296adedbce5b1192786d661af2
* gnu/services.scm (make-files->etc-directory)
(files->profile-d-entries): New procedures.
(etc-profile-d-service-type): New service type.
* doc/guix.texi (Service Reference): Document it.
* gnu/tests/base.scm (run-basic-test): Test it.
Change-Id: I45dde43a1b9603c3384b933ebd1d6e45dba146b9
* guix/scripts/refresh.scm (update-specification->update-spec): Flag the
update-spec as partial when it is prefixed with '~'.
* tests/guix-refresh.sh: Test it. Remove extraneous 'guix refresh'
invocation.
* doc/guix.texi (Invoking guix refresh): Document it.
Change-Id: Iab4482d9367105f6ffcd2d6a49148736c93d53e4
Reviewed-by: Florian Pelz <pelzflorian@pelzflorian.de>
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
* gnu/home/services/upnp.scm: New file.
* gnu/local.mk: Register it.
* gnu/services/upnp.scm: Export readymedia-activation and
readymedia-shepherd-service.
(<readymedia-configuration>)[home-service?]: New field.
[cache-directory]: Adjust value depending on 'for-home?'.
[log-directory]: Ditto.
(readymedia-shepherd-service): Adjust 'requirement' and 'start' according to
'home-service?'.
(readymedia-activation): Adjust creating 'media-directories' with permissions
according to 'home-service?'.
* gnu/tests/upnp.scm (%readymedia-configuration-test): Configure port with
%readymedia-default-port.
* doc/guix.texi (Miscellaneous Home Services): Document Readymedia Service.
(Miscellaneous Services): Add cross-reference.
Change-Id: I5c48595d84a815d98e03c7f68a716f048903720c
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/backup.scm: Drop mcron obsolete export.
(restic-backup-job-program): Generalize to restic-program.
(lower-restic-backup-job): New procedure implementing a standard way to
lower restic-backup-job records into lists.
(restic-program): Implement general way to run restic commands, for
example to initialize repositories.
(restic-backup-configuration): Reimplement
with (guix records).
(restic-backup-job-{logfile,command,requirement,modules}): Add new
procedures and add support for Guix Home environments.
(restic-backup-job->shepherd-service): Add support for Guix Home
environments.
(restic-backup-service-activation): Drop procedure as now the Shepherd
takes care of creating timers log file directories.
(restic-backup-service-type): Drop profile and activation services extensions.
* gnu/home/services/backup.scm: New file.
* gnu/local.mk: Add this.
* doc/guix.texi: Document this.
Change-Id: Ied1c0a5756b715fba176a0e42ea154246089e6be
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/dns.scm (dnsmasq-service-reload-action): New function.
Implements SIGHUP handling for reloading configurations.
(dnsmasq-service-stats-action): New function. Implements SIGUSR1
handling for dumping statistics.
(dnsmasq-shepherd-service): Use new actions.
* doc/guix.texi: Document new actions with examples.
* gnu/tests/networking.scm (%test-dnsmasq): Add tests to verify the
functionality of new actions.
Change-Id: I31f0eb4b26a582e95f7bfdb240110c139f0e16cc
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/dns.scm (<dnsmasq-configuration>) [pid-file]: New field
to specify alternate path for dnsmasq PID.
[conf-file]: New field to specify one or more configuration files.
[conf-dir]: New field to read configuration files from a directory.
[extra-options]: Move to the end of the definition as a last resort option.
(dnsmasq-shepherd-service): Use new fields instead of hardcoded values.
* gnu/services/dns.scm: Export all record accessors.
* doc/guix.texi: Document new configuration options.
Change-Id: Iaec361e7d8bfd60af04f023f57d422b55b0c1eea
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/dns.scm (<dnsmasq-configuration>)[provision]: Mark
filed as deprecated with a warning. Set default to #f.
[shepherd-provision]: Add new field for consistency with other services.
[shepherd-requirement]: Add new field.
(dnsmasq-shepherd-service): Use them.
* doc/guix.texi: Document these changes.
* doc/guix-cookbook.texi (Custom NAT-based network for libvirt): Update
example to use 'shepherd-provision' instead of 'provision'.
Change-Id: Icad4d9c4be5bf58368e8c416f1fdde1f9065557d
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This commit adds a new service type to generate configuration file for the mpv
media player.
Originally I attempted to use Guix Records (via define-configuration) for
this, but ran into the bug #74748, so I had to switch to procedures instead.
The usage is (hopefully) sufficiently described in the documentation. When
the bug is resolved, I will update it to use define-configuration instead.
The full list of supported options is documented, however I decided to *not*
document types and purpose for each individual fields. While I had mostly
working prototype to extract the documentation from mpv, once I realized it
would be few 10k of lines added, I decided it is not worth it. It would bloat
the .texi file (by more than 50%), be hard to maintain and, in my opinion,
would not provide enough value to justify that. The current version seems
like sane middle ground.
* gnu/home/services/mpv.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Register it.
* doc/guix.texi (mpv Media Player): Document it.
Change-Id: I2deb44799a28047cb5d67da97dc6007a9df873af
Since this seems to be the case when the devel manual is being built on
bayfront.
* doc/build.scm: Use the current working directory as a fallback
if (current-source-directory) is #f, and log the value of root.
Change-Id: Ic43fd05a4a0822d9efb935069850f0a8cadd80aa
* gnu/services/messaging.scm (<mosquitto-configuration>): New record type.
(mosquitto-accounts): New procedure.
(mosquitto-shepherd-service): New procedure.
(mosquitto-service-type): New variable.
* doc/guix.texi (Messaging Services): Document it.
Change-Id: I3500c5b6b69084c1f4a6da66ea45bfd42c871f3f
Signed-off-by: Danny Milosavljevic <dannym@friendly-machines.com>
This reverts 4df6eda30f ("gnu: Rename
`texlive-updmap.cfg' into `texlive-local-tree'.") just for doc/build.scm.
As the build farm uses 'guix' as provided by the guix-daemon; an updated to the
guix package and reconfiguration of Berlin would be required to fix building
the latest development manual. Use the deprecated texlive-updmap.cfg binding
for now.
* doc/build.scm (pdf-manual): Revert to use texlive-updmap.cfg for now.
Change-Id: I133deaa7a345e711a99ea469ec6fecfde9c729de
This is an incompatible change where the root file system in
‘guix shell -C’ is now read-only by default.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add ‘--writable-root’.
* guix/scripts/environment.scm (setup-fhs): Invoke /sbin/ldconfig; moved
from…
(launch-environment): … here.
(launch-environment/container): Add #:writable-root? and pass it to
‘call-with-container’. Move root file system setup to #:populate-file-system.
(guix-environment*): Honor ‘--writable-root’.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document ‘--writable-root’.
(Debugging Build Failures): Mention it before “rm /bin/sh”.
Change-Id: I2e8517d6f01eb8093160bffc0f9f56071ad6fee6
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
