The current version of `mkfs.btrfs` has a regression when combined with
`fakeroot` where it does not detect the faked root uid/gid of files when
building the filesystem. This produces partition images with `/` owned by
the guixbuild user when it should be owned by root.
Using `unshare` rather than `fakeroot` resolves this by doing the uid
mapping at the kernel level rather than overloading the `stat` function.
An equivalent issue was [reported and patched in
NixOS](https://github.com/NixOS/nixpkgs/pull/434122)
* gnu/build/image.scm (system-disk-image): Import `util-linux` instead of
`fakeroot`.
* gnu/system/image.scm (make-btrfs-image): Use `unshare --map-root-user`
Change-Id: Id4eeaf510f3ec5f4a23b4d700a73e2cf46da40b1
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #5536
To calculate the UUID in `root-uuid`, the operating-system has to have a root
file system, because it's typically used in the
operating-system-boot-parameters.
Followup of efc32c6684 that it partially reverts.
* gnu/system/image.scm (operating-system-for-image): Re-introduce root file
system to operating-system used to calculate the UUID.
Fixes: #5131
Reported-By: Yelninei <yelninei@tutamail.com>
Change-Id: Ica2c3d3715cd90fccf3a7484f390b36de3cdfe7f
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Merges: #5141
Prefer parameterization of current-guix in release artifacts
generation.
* gnu/system/install.scm (%installation-service): Use (current-guix)
directly in guix service configuration.
Change-Id: Ifa363465e6a4f6936d0e51eaf1b33872519e2b0a
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
This simplifies things thanks to the release artifacts now, they have been
rewritten to Guile and can now supply current-guix-package as a parameter, as
was intended. That way the checkout is not leaked for the release artifacts.
* gnu/system/examples/vm-image.tmpl
(guix-package-commit): Remove variable.
(operating-system): Use (current-guix) directly.
* gnu/system/examples/vm-image-efi.tmpl: Likewise.
Change-Id: Iabf1bb5bbb86b9984bfb87ba0543782a6dce3192
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
* gnu/system/image.scm (system-iso9660-image): Use name from image-name
instead of hardcoded image.iso.
Change-Id: I3cea3857729c2eb7d6728f650db7fb33cf4c8c8a
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Adds mmio and scsi modules for virtio. scsi one is needed for using
virtio-scsi-pci, that can be a common option on aarch64, where only two
options pop up for mounting disks:
- virtio-scsi-pci
- virtio-blk
While virtio-blk should generally be preferred, sometimes virtio-scsi-pci pops
up first on the internet, so people can use it.
virtio-mmio is a necessity on Aarch64 for virtio-blk to work.
* gnu/system/linux-initrd.scm (default-initrd-modules): Add virtio_mmio and
virito_scsi.
Change-Id: Ia8fabb5594893ef1712359d27d482d9f44dc89c0
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
This is a copy of vm-image.tmpl, but with
efi bootloader. Since user ends up with this
config in their /run/current-user/configuration.scm
and the regular way to continue is to copy
that file and reconfigure off of it, it seems
better to just keep distinct configuration.
Moreover xf86-video-intel is removed,
because it doesn't compile on aarch64.
* gnu/system/examples/vm-image-efi.tmpl
Change-Id: I0f72ac5a775339ee84cb1a4046ca5a8deca0e2ea
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Aarch64 doesn't support grub-pc, so we cannot
use the regular grub-bootloader, grub-efi-bootloader
has to be used.
Since neither packages nor bootloader are thunked,
there seems to be no other choice than using something
from the outside environment, such as an environment
variable to decide what bootloader to use.
For convenience, a procedure is made to be used from
other Guile code, instead of relying on environment
variables.
* gnu/system/install.scm
(make-installation-os): New variable; Use grub-efi-bootloader when
efi-only? is #t; Use bootloader package in packages instead of grub-pc.
(installation-os): Replace with call of make-installation-os with default
arguments.
Change-Id: I34ec8da6079617f39805b3e1168bad4a42d84cab
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Instead of forgetting about the /boot/efi system completely, re-add it
with proper label. This way lightweight.tmpl, desktop.tmpl still
boot when supplied to guix system image. That was the reason for
removing /boot/efi file-system in the first place. Removing it however
means the target system cannot be reconfigured by default, as the
esp is not mounted.
* gnu/system/image.scm
(partition-has-flag?): New variable.
(root-partition?): Use it.
(find-partition-with-flag): New variable.
(find-root-partition): Use it.
(find-esp-partition): New variable.
(operating-system-for-image): Add /boot/efi file-system with proper
label instead of removing it completely.
Change-Id: I3ef2120059d8bbf76170d10ae718cb0de637f453
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
qcow2 is a mbr-hybrid image. But on aarch64, we
have to use grub-efi bootloader. For that bootloader,
gpt should be used and Guix errors if it isn't (due to
failed check in Guix code). So it's impossible to generate
qcow2 type aarch64 image without using customized bootloader.
One would have to define their own image instead of using
the ones pre-defined.
* gnu/system/system.scm (qcow2-gpt-image-type): New variable.
* doc/guix.texi: Document qcow2-gpt and its use.
Change-Id: I93f0880c7ca2d3f934067c12dd1143ad20828333
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
Let the user decide for grub/grub-efi in cases where
grub-hybrid is unsupported. This is the case on
aarch64, where grub-pc is not supported, so only
grub-efi can be used.
* gnu/system/image.scm (operating-system-for-image):
Do not replace bootloader with grub-mkrescue-bootloader
for iso9660 when grub-hybrid is not supported.
Change-Id: Icd2b68155935b1d9599c1b0df22f0c80a2e36d6a
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
The underlying problem for system containers still hasn't been
solved, the part of issue 78356 that has been solved is only
home containers.
This reverts commit cbc35fd9aa.
This is a work around for #4788 (previously https://issues.guix.gnu.org/78356).
* gnu/system/linux-container.scm (container-script): Disable lock-mounts?
Change-Id: Ib8eacfc1f1f1a858acf19beb6c14e12c4648b8d9
Follow up of: ca0ed91b40 where the root argument has been omitted.
This leads to an error, because initialize-efi32-partition expects
`root` as first argument, while `#:grub-efi32` was given.
Fixes: #4634.
* gnu/system/image.scm (esp32-partition/grub): Pass 'root' as first argument
to initialize-efi32-partition.
Change-Id: Ia839f40444304c229aef33e996c66c8209e42dda
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
* gnu/system/image.scm (bootloader-uses-grub-efi?):
Check by symbol names, not by bounded symbols.
Change-Id: Ia50b07a160ca9c081c9e4cb5e3d6ebdabc89ad4c
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
Instead of passing down grub-efi in system-disk-image,
pass it down only where it's necessary - in esp partitions.
Since the esp partitions are only for grub, I renamed them
so that it's more clear to future users of them. They
do not check the bootloader of os at all, they always
initialize grub.
Followup of 1dfe1ebdf6,
fixing regression for mbr-hybrid images.
Fixes: #4538.
* guix/system/image.scm
(esp-partition/grub): Rename from esp-partition; Pass grub-efi to
initialize-efi-partition.
(esp32-partition/grub): Rename from esp32-partition; Pass grub32-efi to
initialize-efi-partition.
(esp-partition, (esp32-partition): Deprecate.
(system-disk-image): Do not supply grub-efi arguments.
Change-Id: I336c3144e8efc3ce872031e631d64d3708546ff8
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
* gnu/system/image.scm (system-disk-image)[partition-image]: In the
initializer don't unconditionally refer to grub-efi and grub-efi32
unless they might be needed.
Change-Id: I6eca21e162c233cd57e840a525788af831ad6b6b
* gnu/system/image.scm (system-disk-image)[partition-image]: When
testing if a partition needs to be GPT formatted, factor out the test
for an grub-efi based bootloader.
(bootloader-uses-grub-efi?): New variable.
Change-Id: I62de5962b1246dcec15f0851e58234497d1426d9
* gnu/system/linux-container.scm (container-script): Accept pid-file command
line option to write out the container's process ID.
* doc/guix.texi (Invoking guix system): Document new option.
Change-Id: I93e8a99b39c1dd831f116104bf92c723d96c9965
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This allows remounting file systems which are already mounted by
the initrd with custom mount options (e.g. /proc with hidepid=2).
* gnu/build/file-systems.scm (mount-flags->bit-mask): Map 'remount
to MS_REMOUNT.
* gnu/system/file-systems.scm (invalid-file-system-flags): Add
'remount to the list of KNOWN-FLAGS.
* doc/guix.texi (File Systems): Document it.
Fixes: guix/guix#3849
Change-Id: I0ab116a5b4f7bd201e955ecf022e260c63828dc4
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This issue should now be resolved, with a test guarding it from re-appearing.
* gnu/system/linux-container.scm (container-script) [#:lock-mounts]: Delete
argument.
Change-Id: I93e94a0ee349c53967275b82e1a9a5bcc8e8f65c
This provides more appropriate defaults for today. This change affects
/etc/bashrc, /etc/skel/.bashrc, along with ~/.bashrc for Home users.
* gnu/system/shadow.scm (%default-bashrc): Set ‘HISTSIZE’.
Change-Id: I4ffa7ad75c6f39f3f36d5a15ce420eae52e241e5
The /dev/vda1 partition points to an EFI partition.
The /run/current-system/configuration.scm will then point to an incorrect
partition - to the EFI partition instead of root partition. Fix that by
pointing it to the default root-label "Guix_image".
This allows users to reconfigure out of the /run/current-system/configuration.scm.
* gnu/system/examples/vm-image.tmpl: Switch root filesystem device
to /dev/vda2.
Change-Id: I983892fb3c860dc5bbb2a1654d28db83e88d8c1a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Follow up of 94c9e53fa4 that made similar change, but in
gnu/system/install.scm.
Change local checkout url for the default channel url to ensure release images
will not leak local checkout url.
* gnu/system/examples/vm-image.tmpl: Change channel of
‘guix’ package to inherit from ‘%default-guix-channel’.
Change-Id: I1c633b44cfa067cae1d2948e7e7ef6922995c27d
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This reverts commits 437bb9ece5 and
a57ed987ff, which were reported in
guix/guix#1169 to occasionally cause errors like:
guix shell: error: unshare : 268566528: Invalid argument
Allow passing extra options to the 'cryptsetup open' command.
* gnu/system/mapped-devices.scm (luks-device-mapping-with-options):
[#:extra-options]: New argument.
(open-luks-device): Use it.
(check-luks-device): Validate it.
* doc/guix.texi (Mapped Devices): Document it.
* gnu/tests/install.scm (%test-encrypted-root-extra-options-os): New
test for it, as well as the previously untested #:allow-discards?
option.
(%encrypted-root-extra-options-os): New os declaration for the test.
Change-Id: I265a431efb0c81ed7cfc984344c6b8a4cc2f1624
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixesguix/guix#1926.
‘guix system vm’ would so far produce a system without the
‘file-system-/gnu/store’ Shepherd service, which is normally provided by
‘%immutable-store’. This would lead to an error for OS configs that
explicitly require ‘file-system-/gnu/store’, such as those that use
‘qemu-binfmt-service-type’.
* gnu/system/vm.scm (virtualized-operating-system)[user-file-systems]: Remove
filtering of TARGET = (%store-prefix).
Reported-by: Ashvith Shetty <ashvithshetty0010@zohomail.in>
Change-Id: I656df6c3f067e47cd7acd03af437fe757db286d5
The linux kernel has renamed the crc32_generic module to
crc32_cryptoapi. This fixes the f2fs-root-os system test.
* gnu/system/linux-initrd.scm (file-system-type-modules): update module
name
Change-Id: I73a135e453434e726ea9d3ff99ab1a83b4810a10
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
This reverts changes from d72eef9c91 that
were inadvertently committed.
* gnu/system/examples/bare-bones.tmpl: Remove Cuirass.
Change-Id: I29253dce841479bbddef00756a0f6bd57694dfae
This reverts commit a7db92d9b3, this time with
the more careful command, to avoid a world rebuild:
grep -rl --exclude-dir=build --exclude-dir=patches --exclude=ld-wrapper.in \
--exclude=sitecustomize.py --exclude=guix-emacs.el maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
Change-Id: I0871f5cf9ace79e34e78e24154d0da6ea95a3a91
The change was automated via:
git grep -l maxim.cournoyer@gmail.com |
xargs sed -i 's/maxim.cournoyer@gmail.com/maxim@guixotic.coop/g'
* .mailmap: New entry.
Change-Id: Iaa88b1e51c94159c49138fb43910badb990eb169
This is made so that the source can be shared without introducing module
circular dependencies.
* gnu/packages/certs.scm (nss-certs)
(nss-certs-for-test): Move to...
* gnu/packages/nss.scm: ... here.
Adjust the module imports via:
git grep -l '(gnu packages certs)' |
xargs sed 's/(gnu packages certs)/(gnu packages nss)/' -i
Change-Id: I56d7bc52ddcdffbced8a162e8db8ea5071b0cb0f
