HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
system: Add wget to %base-packages-networking.
[jackhill/guix/guix.git] / gnu / system.scm
CommitLineData
033adfe7 1;;; GNU Guix --- Functional package management for GNU
211a5035 2;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
5e738ac2 3;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
5dccaffe 4;;; Copyright © 2015, 2016 Alex Kost <alezost@gmail.com>
1ef8b72a 5;;; Copyright © 2016 Chris Marusich <cmmarusich@gmail.com>
c76b3046 6;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
5144df2c 7;;; Copyright © 2019 Meiyo Peng <meiyo.peng@gmail.com>
f00e68ac 8;;; Copyright © 2019, 2020 Miguel Ángel Arruga Vivas <rosen644835@gmail.com>
5c79f238 9;;; Copyright © 2020 Danny Milosavljevic <dannym@scratchpost.org>
93664fee 10;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
e06664da 11;;; Copyright © 2020 Florian Pelz <pelzflorian@pelzflorian.de>
b460ba79 12;;; Copyright © 2020 Maxim Cournoyer <maxim.cournoyer@gmail.com>
45b2cb43 13;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <jannek@gnu.org>
e6e07628 14;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
95f72dcd 15;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
033adfe7
LC		 16;;;
17;;; This file is part of GNU Guix.
18;;;
19;;; GNU Guix is free software; you can redistribute it and/or modify it
20;;; under the terms of the GNU General Public License as published by
21;;; the Free Software Foundation; either version 3 of the License, or (at
22;;; your option) any later version.
23;;;
24;;; GNU Guix is distributed in the hope that it will be useful, but
25;;; WITHOUT ANY WARRANTY; without even the implied warranty of
26;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27;;; GNU General Public License for more details.
28;;;
29;;; You should have received a copy of the GNU General Public License
30;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
31
32(define-module (gnu system)
bdc61ff9 33 #:use-module (guix inferior)
033adfe7
LC		 34 #:use-module (guix store)
35 #:use-module (guix monads)
02100028 36 #:use-module (guix gexp)
033adfe7
LC		 37 #:use-module (guix records)
38 #:use-module (guix packages)
39 #:use-module (guix derivations)
29fce8b6 40 #:use-module (guix profiles)
a5e2fc73
LC		 41 #:use-module ((guix utils) #:select (substitute-keyword-arguments))
42 #:use-module (guix i18n)
43 #:use-module (guix diagnostics)
e6e07628 44 #:use-module (gnu packages admin)
033adfe7
LC		 45 #:use-module (gnu packages base)
46 #:use-module (gnu packages bash)
e6e07628 47 #:use-module (gnu packages compression)
912b857e 48 #:use-module (gnu packages cross-base)
e6e07628
EF		 49 #:use-module (gnu packages cryptsetup)
50 #:use-module (gnu packages disk)
51 #:use-module (gnu packages file-systems)
52 #:use-module (gnu packages firmware)
53 #:use-module (gnu packages gawk)
bdb36958 54 #:use-module (gnu packages guile)
01ac0e6b 55 #:use-module (gnu packages guile-xyz)
912b857e 56 #:use-module (gnu packages hurd)
6f436c54 57 #:use-module (gnu packages less)
e6e07628 58 #:use-module (gnu packages linux)
18316d86 59 #:use-module (gnu packages man)
e6e07628 60 #:use-module (gnu packages nano)
4170af49 61 #:use-module (gnu packages nvi)
e6e07628
EF		 62 #:use-module (gnu packages package-management)
63 #:use-module (gnu packages pciutils)
939c5c31 64 #:use-module (gnu packages texinfo)
7a65beff 65 #:use-module (gnu packages wget)
e6e07628 66 #:use-module (gnu packages zile)
db4fdc04 67 #:use-module (gnu services)
0190c1c0 68 #:use-module (gnu services shepherd)
db4fdc04 69 #:use-module (gnu services base)
b09a8da4 70 #:use-module (gnu bootloader)
033adfe7 71 #:use-module (gnu system shadow)
996ed739 72 #:use-module (gnu system nss)
598e19dc 73 #:use-module (gnu system locale)
6e828634 74 #:use-module (gnu system pam)
735c6dd7 75 #:use-module (gnu system linux-initrd)
9b336338 76 #:use-module (gnu system uuid)
c5df1839 77 #:use-module (gnu system file-systems)
060d62a7 78 #:use-module (gnu system mapped-devices)
033adfe7
LC		 79 #:use-module (ice-9 match)
80 #:use-module (srfi srfi-1)
81 #:use-module (srfi srfi-26)
598e19dc
LC		 82 #:use-module (srfi srfi-34)
83 #:use-module (srfi srfi-35)
3382bfe9 84 #:use-module (rnrs bytevectors)
033adfe7
LC		 85 #:export (operating-system
86 operating-system?
d8bead6c 87 this-operating-system
d5b429ab
LC		 88
89 operating-system-bootloader
033adfe7 90 operating-system-services
69cae3d3 91 operating-system-essential-services
f8885eca 92 operating-system-default-essential-services
217a5b85 93 operating-system-user-services
033adfe7 94 operating-system-packages
fd3bfc44 95 operating-system-host-name
c65e1834 96 operating-system-hosts-file
2018fb2a 97 operating-system-hurd
fd3bfc44 98 operating-system-kernel
44d5f54e 99 operating-system-kernel-file
33f0aa88 100 operating-system-kernel-arguments
3f03a198
LC		 101 operating-system-label
102 operating-system-default-label
bc499b11 103 operating-system-initrd-modules
fd3bfc44
LC		 104 operating-system-initrd
105 operating-system-users
106 operating-system-groups
548d4c13 107 operating-system-issue
fd3bfc44
LC		 108 operating-system-timezone
109 operating-system-locale
598e19dc 110 operating-system-locale-definitions
34760ae7 111 operating-system-locale-libcs
5dae0186 112 operating-system-mapped-devices
83bcd0b8 113 operating-system-file-systems
6b779207 114 operating-system-store-file-system
2bdd7ac1
LC		 115 operating-system-user-mapped-devices
116 operating-system-boot-mapped-devices
f00e68ac 117 operating-system-bootloader-crypto-devices
b25937e3 118 operating-system-activation-script
b2fef041
LC		 119 operating-system-user-accounts
120 operating-system-shepherd-service-names
20abb8c4 121 operating-system-user-kernel-arguments
9ef37e81
BW		 122 operating-system-firmware
123 operating-system-keyboard-layout
124 operating-system-name-service-switch
125 operating-system-pam-services
126 operating-system-setuid-programs
127 operating-system-skeletons
128 operating-system-sudoers-file
129 operating-system-swap-devices
a9f2c210 130 operating-system-kernel-loadable-modules
9e12da31 131 operating-system-location
033adfe7 132
1aa0033b 133 operating-system-derivation
83bcd0b8 134 operating-system-profile
c76b3046 135 operating-system-bootcfg
239db054
DT		 136 operating-system-etc-directory
137 operating-system-locale-directory
138 operating-system-boot-script
78fbf2bd 139 operating-system-uuid
239db054 140
43fe431c 141 system-linux-image-file-name
9fcfe30d 142 operating-system-with-gc-roots
33b7cb7a 143 operating-system-with-provenance
43fe431c 144
45b2cb43
JN		 145 hurd-default-essential-services
146
b8300494
AK		 147 boot-parameters
148 boot-parameters?
149 boot-parameters-label
150 boot-parameters-root-device
f96752e3 151 boot-parameters-bootloader-name
a28cfee8 152 boot-parameters-bootloader-menu-entries
f00e68ac 153 boot-parameters-store-crypto-devices
1ef8b72a 154 boot-parameters-store-device
582cf925 155 boot-parameters-store-directory-prefix
1ef8b72a 156 boot-parameters-store-mount-point
9d449b94 157 boot-parameters-locale
b8300494
AK		 158 boot-parameters-kernel
159 boot-parameters-kernel-arguments
d7b342d8 160 boot-parameters-initrd
912b857e 161 boot-parameters-multiboot-modules
4e4e0185 162 read-boot-parameters
9530e73b 163 read-boot-parameters-file
1975c754 164 boot-parameters->menu-entry
b8300494 165
568841d4 166 local-host-aliases
d0f3a672 167 %root-account
df5ce088 168 %setuid-programs
f6b95031 169 %sudoers-specification
5dae0186 170 %base-packages
93664fee
BW		 171 %base-packages-interactive
172 %base-packages-linux
173 %base-packages-networking
e6e07628 174 %base-packages-disk-utilities
93664fee 175 %base-packages-utils
e06664da
FP		 176 %base-firmware
177 %default-kernel-arguments))
033adfe7
LC		 178
179;;; Commentary:
180;;;
181;;; This module supports whole-system configuration.
182;;;
183;;; Code:
184
a7ef45d9
LC		 185(define (bootable-kernel-arguments system root-device)
186 "Return a list of kernel arguments (gexps) to boot SYSTEM from ROOT-DEVICE."
187 (list (string-append "--root="
99e676db
MC		 188 ;; Note: Always use the DCE format because that's what
189 ;; (gnu build linux-boot) expects for the '--root'
190 ;; kernel command-line option.
191 (file-system-device->string root-device
192 #:uuid-type 'dce))
a7ef45d9
LC		 193 #~(string-append "--system=" #$system)
194 #~(string-append "--load=" #$system "/boot")))
33f0aa88 195
033adfe7
LC		 196;; System-wide configuration.
197;; TODO: Add per-field docstrings/stexi.
198(define-record-type* <operating-system> operating-system
199 make-operating-system
200 operating-system?
d8bead6c
LC		 201 this-operating-system
202
033adfe7 203 (kernel operating-system-kernel ; package
57082417 204 (default linux-libre))
5c79f238
DM		 205 (kernel-loadable-modules operating-system-kernel-loadable-modules
206 (default '())) ; list of packages
af98d25a 207 (kernel-arguments operating-system-user-kernel-arguments
e06664da 208 (default %default-kernel-arguments)) ; list of gexps/strings
2018fb2a
JN		 209 (hurd operating-system-hurd
210 (default #f)) ; package
b09a8da4 211 (bootloader operating-system-bootloader) ; <bootloader-configuration>
3f03a198
LC		 212 (label operating-system-label ; string
213 (thunked)
214 (default (operating-system-default-label this-operating-system)))
d5b429ab 215
ae7a316b
LC		 216 (keyboard-layout operating-system-keyboard-layout ;#f | <keyboard-layout>
217 (default #f))
e34ae75d 218 (initrd operating-system-initrd ; (list fs) -> file-like
060238ae 219 (default base-initrd))
bc499b11
LC		 220 (initrd-modules operating-system-initrd-modules ; list of strings
221 (thunked) ; it's system-dependent
222 (default %base-initrd-modules))
223
f34c56be
LC		 224 (firmware operating-system-firmware ; list of packages
225 (default %base-firmware))
033adfe7
LC		 226
227 (host-name operating-system-host-name) ; string
24e02c28 228 (hosts-file operating-system-hosts-file ; file-like | #f
c65e1834 229 (default #f))
033adfe7 230
5dae0186
LC		 231 (mapped-devices operating-system-mapped-devices ; list of <mapped-device>
232 (default '()))
8a6d2731 233 (file-systems operating-system-file-systems) ; list of fs
2a13d05e
LC		 234 (swap-devices operating-system-swap-devices ; list of strings
235 (default '()))
033adfe7
LC		 236
237 (users operating-system-users ; list of user accounts
bf87f38a 238 (default %base-user-accounts))
033adfe7 239 (groups operating-system-groups ; list of user groups
773e956d 240 (default %base-groups))
033adfe7 241
ac3c14fb 242 (skeletons operating-system-skeletons ; list of name/file-like value
40281c54 243 (default (default-skeletons)))
548d4c13
LC		 244 (issue operating-system-issue ; string
245 (default %default-issue))
40281c54 246
033adfe7 247 (packages operating-system-packages ; list of (PACKAGE OUTPUT...)
6f436c54 248 (default %base-packages)) ; or just PACKAGE
033adfe7
LC		 249
250 (timezone operating-system-timezone) ; string
8a6d2731 251 (locale operating-system-locale ; string
598e19dc
LC		 252 (default "en_US.utf8"))
253 (locale-definitions operating-system-locale-definitions ; list of <locale-definition>
254 (default %default-locale-definitions))
34760ae7
LC		 255 (locale-libcs operating-system-locale-libcs ; list of <packages>
256 (default %default-locale-libcs))
996ed739
LC		 257 (name-service-switch operating-system-name-service-switch ; <name-service-switch>
258 (default %default-nss))
033adfe7 259
69cae3d3
LC		 260 (essential-services operating-system-essential-services ; list of services
261 (thunked)
f8885eca
LC		 262 (default (operating-system-default-essential-services
263 this-operating-system)))
ac3c14fb 264 (services operating-system-user-services ; list of services
09e028f4
LC		 265 (default %base-services))
266
267 (pam-services operating-system-pam-services ; list of PAM services
268 (default (base-pam-services)))
269 (setuid-programs operating-system-setuid-programs
69689380 270 (default %setuid-programs)) ; list of string-valued gexps
033adfe7 271
f5a9ffa0 272 (sudoers-file operating-system-sudoers-file ; file-like
9e12da31
LC		 273 (default %sudoers-specification))
274
275 (location operating-system-location ; <location>
276 (default (and=> (current-source-location)
277 source-properties->location))
278 (innate)))
033adfe7 279
a7ef45d9 280(define (operating-system-kernel-arguments os root-device)
33f0aa88
DM		 281 "Return all the kernel arguments, including the ones not specified
282directly by the user."
a7ef45d9
LC		 283 (append (bootable-kernel-arguments os root-device)
284 (operating-system-user-kernel-arguments os)))
33f0aa88 285
2717a89a 286\f
8e815c5b
LC		 287;;;
288;;; Boot parameters
289;;;
290
291(define-record-type* <boot-parameters>
292 boot-parameters make-boot-parameters boot-parameters?
293 (label boot-parameters-label)
294 ;; Because we will use the 'store-device' to create the GRUB search command,
295 ;; the 'store-device' has slightly different semantics than 'root-device'.
296 ;; The 'store-device' can be a file system uuid, a file system label, or #f,
2df44e93
MÁAV		 297 ;; but it cannot be a device file name such as "/dev/sda3", since GRUB would
298 ;; not understand that. The 'root-device', on the other hand, corresponds
8e815c5b 299 ;; exactly to the device field of the <file-system> object representing the
2df44e93
MÁAV		 300 ;; OS's root file system, so it might be a device file name like
301 ;; "/dev/sda3". The 'store-directory-prefix' field contains #f or the store
302 ;; file name inside the 'store-device' as it is seen by GRUB, e.g. it would
303 ;; contain "/storefs" if the store is located in that subvolume of a btrfs
582cf925 304 ;; partition.
8e815c5b 305 (root-device boot-parameters-root-device)
f96752e3 306 (bootloader-name boot-parameters-bootloader-name)
a28cfee8
LC		 307 (bootloader-menu-entries ;list of <menu-entry>
308 boot-parameters-bootloader-menu-entries)
8e815c5b
LC		 309 (store-device boot-parameters-store-device)
310 (store-mount-point boot-parameters-store-mount-point)
582cf925 311 (store-directory-prefix boot-parameters-store-directory-prefix)
f00e68ac
MÁAV		 312 (store-crypto-devices boot-parameters-store-crypto-devices
313 (default '()))
9d449b94 314 (locale boot-parameters-locale)
8e815c5b
LC		 315 (kernel boot-parameters-kernel)
316 (kernel-arguments boot-parameters-kernel-arguments)
912b857e
JN		 317 (initrd boot-parameters-initrd)
318 (multiboot-modules boot-parameters-multiboot-modules))
8e815c5b 319
90d23ed9
LC		 320(define (ensure-not-/dev device)
321 "If DEVICE starts with a slash, return #f. This is meant to filter out
322Linux device names such as /dev/sda, and to preserve GRUB device names and
323file system labels."
324 (if (and (string? device) (string-prefix? "/" device))
325 #f
326 device))
327
8e815c5b
LC		 328(define (read-boot-parameters port)
329 "Read boot parameters from PORT and return the corresponding
330<boot-parameters> object or #f if the format is unrecognized."
075681d3
LC		 331 (define device-sexp->device
332 (match-lambda
333 (('uuid (? symbol? type) (? bytevector? bv))
334 (bytevector->uuid bv type))
a5acc17a
LC		 335 (('file-system-label (? string? label))
336 (file-system-label label))
075681d3
LC		 337 ((? bytevector? bv) ;old format
338 (bytevector->uuid bv 'dce))
339 ((? string? device)
1c3b709e
S		 340 (if (string-contains device ":/")
341 device ; nfs-root
342 ;; It used to be that we would not distinguish between labels and
343 ;; device names. Try to infer the right thing here.
344 (if (string-prefix? "/" device)
345 device
346 (file-system-label device))))))
f00e68ac
MÁAV		 347 (define uuid-sexp->uuid
348 (match-lambda
349 (('uuid (? symbol? type) (? bytevector? bv))
350 (bytevector->uuid bv type))
351 (x
352 (warning (G_ "unrecognized uuid ~a at '~a'~%") x (port-filename port))
353 #f)))
075681d3 354
8e815c5b
LC		 355 (match (read port)
356 (('boot-parameters ('version 0)
357 ('label label) ('root-device root)
912b857e 358 ('kernel kernel)
8e815c5b
LC		 359 rest ...)
360 (boot-parameters
361 (label label)
7940188e 362 (root-device (device-sexp->device root))
8e815c5b 363
f96752e3
MO		 364 (bootloader-name
365 (match (assq 'bootloader-name rest)
bcaf67c4
MO		 366 ((_ args) args)
367 (#f 'grub))) ; for compatibility reasons.
368
a28cfee8
LC		 369 (bootloader-menu-entries
370 (match (assq 'bootloader-menu-entries rest)
371 ((_ entries) (map sexp->menu-entry entries))
372 (#f '())))
373
912b857e
JN		 374 ;; In the past, we would store the directory name of linux instead of
375 ;; the absolute file name of its image. Detect that and correct it.
376 (kernel (if (string=? kernel (direct-store-path kernel))
377 (string-append kernel "/"
8e815c5b 378 (system-linux-image-file-name))
912b857e 379 kernel))
8e815c5b
LC		 380
381 (kernel-arguments
382 (match (assq 'kernel-arguments rest)
383 ((_ args) args)
384 (#f '()))) ;the old format
385
386 (initrd
387 (match (assq 'initrd rest)
388 (('initrd ('string-append directory file)) ;the old format
389 (string-append directory file))
390 (('initrd (? string? file))
12906d3e
JN		 391 file)
392 (#f #f)))
8e815c5b 393
aa864ebd
JN		 394 (multiboot-modules
395 (match (assq 'multiboot-modules rest)
396 ((_ args) args)
397 (#f '())))
912b857e 398
9d449b94
MÁAV		 399 (locale
400 (match (assq 'locale rest)
401 ((_ locale) locale)
402 (#f #f)))
403
8e815c5b 404 (store-device
db4e8fd5
LC		 405 ;; Linux device names like "/dev/sda1" are not suitable GRUB device
406 ;; identifiers, so we just filter them out.
407 (ensure-not-/dev
408 (match (assq 'store rest)
409 (('store ('device #f) _ ...)
410 root-device)
411 (('store ('device device) _ ...)
412 (device-sexp->device device))
413 (_ ;the old format
414 root-device))))
8e815c5b 415
582cf925
MÁAV		 416 (store-directory-prefix
417 (match (assq 'store rest)
418 (('store . store-data)
419 (match (assq 'directory-prefix store-data)
420 (('directory-prefix prefix) prefix)
421 ;; No directory-prefix found.
422 (_ #f)))
423 (_
424 ;; No store found, old format.
425 #f)))
426
f00e68ac
MÁAV		 427 (store-crypto-devices
428 (match (assq 'store rest)
429 (('store . store-data)
430 (match (assq 'crypto-devices store-data)
431 (('crypto-devices (devices ...))
432 (map uuid-sexp->uuid devices))
433 (('crypto-devices dev)
434 (warning (G_ "unrecognized crypto-devices ~S at '~a'~%")
435 dev (port-filename port))
436 '())
437 (_
438 ;; No crypto-devices found.
439 '())))
440 (_
441 ;; No store found, old format.
442 '())))
443
8e815c5b
LC		 444 (store-mount-point
445 (match (assq 'store rest)
446 (('store ('device _) ('mount-point mount-point) _ ...)
447 mount-point)
448 (_ ;the old format
449 "/")))))
450 (x ;unsupported format
b1059b38
LC		 451 (warning (G_ "unrecognized boot parameters at '~a'~%")
452 (port-filename port))
8e815c5b
LC		 453 #f)))
454
455(define (read-boot-parameters-file system)
456 "Read boot parameters from SYSTEM's (system or generation) \"parameters\"
457file and returns the corresponding <boot-parameters> object or #f if the
458format is unrecognized.
459The object has its kernel-arguments extended in order to make it bootable."
460 (let* ((file (string-append system "/parameters"))
461 (params (call-with-input-file file read-boot-parameters))
a7ef45d9
LC		 462 (root (boot-parameters-root-device params)))
463 (boot-parameters
464 (inherit params)
465 (kernel-arguments (append (bootable-kernel-arguments system root)
466 (boot-parameters-kernel-arguments params))))))
8b22107e 467
1975c754 468(define (boot-parameters->menu-entry conf)
912b857e
JN		 469 (let* ((kernel (boot-parameters-kernel conf))
470 (multiboot-modules (boot-parameters-multiboot-modules conf))
471 (multiboot? (pair? multiboot-modules)))
472 (menu-entry
473 (label (boot-parameters-label conf))
474 (device (boot-parameters-store-device conf))
475 (device-mount-point (boot-parameters-store-mount-point conf))
476 (linux (and (not multiboot?) kernel))
535a6be2 477 (linux-arguments (if (not multiboot?)
912b857e
JN		 478 (boot-parameters-kernel-arguments conf)
479 '()))
480 (initrd (boot-parameters-initrd conf))
481 (multiboot-kernel (and multiboot? kernel))
482 (multiboot-arguments (if multiboot?
483 (boot-parameters-kernel-arguments conf)
484 '()))
485 (multiboot-modules (if multiboot?
486 (boot-parameters-multiboot-modules conf)
487 '())))))
8b22107e 488
8e815c5b 489\f
40281c54
LC		 490;;;
491;;; Services.
492;;;
493
aa1145df
LC		 494(define (non-boot-file-system-service os)
495 "Return the file system service for the file systems of OS that are not
496marked as 'needed-for-boot'."
023f391c 497 (define file-systems
4d6b879c 498 (remove file-system-needed-for-boot?
023f391c
LC		 499 (operating-system-file-systems os)))
500
68a58775
LC		 501 (define mapped-devices-for-boot
502 (operating-system-boot-mapped-devices os))
503
5dae0186 504 (define (device-mappings fs)
ab64483f 505 (let ((device (file-system-device fs)))
29824d80 506 (if (string? device) ;title is 'device
ab64483f 507 (filter (lambda (md)
788df2ec
MT		 508 (any (cut string=? device <>)
509 (map (cut string-append "/dev/mapper" <>)
510 (mapped-device-targets md))))
ab64483f
LC		 511 (operating-system-mapped-devices os))
512 '())))
5dae0186 513
e502bf89
LC		 514 (define (add-dependencies fs)
515 ;; Add the dependencies due to device mappings to FS.
516 (file-system
517 (inherit fs)
518 (dependencies
68a58775
LC		 519 (delete-duplicates
520 (remove (cut member <> mapped-devices-for-boot)
521 (append (device-mappings fs)
522 (file-system-dependencies fs)))
523 eq?))))
e502bf89 524
aa1145df
LC		 525 (service file-system-service-type
526 (map add-dependencies file-systems)))
023f391c 527
68a58775
LC		 528(define (mapped-device-users device file-systems)
529 "Return the subset of FILE-SYSTEMS that use DEVICE."
788df2ec
MT		 530 (let ((targets (map (cut string-append "/dev/mapper/" <>)
531 (mapped-device-targets device))))
68a58775
LC		 532 (filter (lambda (fs)
533 (or (member device (file-system-dependencies fs))
534 (and (string? (file-system-device fs))
788df2ec 535 (any (cut string=? (file-system-device fs) <>) targets))))
68a58775 536 file-systems)))
de1c158f
LC		 537
538(define (operating-system-user-mapped-devices os)
539 "Return the subset of mapped devices that can be installed in
540user-land--i.e., those not needed during boot."
9cb426b8
LC		 541 (let ((devices (operating-system-mapped-devices os))
542 (file-systems (operating-system-file-systems os)))
543 (filter (lambda (md)
68a58775
LC		 544 (let ((users (mapped-device-users md file-systems)))
545 (not (any file-system-needed-for-boot? users))))
9cb426b8 546 devices)))
de1c158f
LC		 547
548(define (operating-system-boot-mapped-devices os)
549 "Return the subset of mapped devices that must be installed during boot,
550from the initrd."
9cb426b8
LC		 551 (let ((devices (operating-system-mapped-devices os))
552 (file-systems (operating-system-file-systems os)))
553 (filter (lambda (md)
68a58775
LC		 554 (let ((users (mapped-device-users md file-systems)))
555 (any file-system-needed-for-boot? users)))
9cb426b8 556 devices)))
de1c158f 557
f00e68ac
MÁAV		 558(define (operating-system-bootloader-crypto-devices os)
559 "Return the subset of mapped devices that the bootloader must open.
560Only devices specified by uuid are supported."
561 (define (valid-crypto-device? dev)
562 (or (uuid? dev)
563 (begin
564 (warning (G_ "\
565mapped-device '~a' may not be mounted by the bootloader.~%")
566 dev)
567 #f)))
568 (filter-map (match-lambda
569 ((and (= mapped-device-type type)
570 (= mapped-device-source source))
571 (and (eq? luks-device-mapping type)
572 (valid-crypto-device? source)
573 source))
574 (_ #f))
575 ;; XXX: Ordering is important, we trust the returned one.
576 (operating-system-boot-mapped-devices os)))
577
5dae0186 578(define (device-mapping-services os)
be1c2c54 579 "Return the list of device-mapping services for OS as a list."
4da8c19e 580 (map device-mapping-service
be1c2c54 581 (operating-system-user-mapped-devices os)))
5dae0186 582
2a13d05e 583(define (swap-services os)
be1c2c54
LC		 584 "Return the list of swap services for OS."
585 (map swap-service (operating-system-swap-devices os)))
2a13d05e 586
0c053a39
LC		 587(define* (system-linux-image-file-name #:optional
588 (target (or (%current-target-system)
589 (%current-system))))
590 "Return the basename of the kernel image file for TARGET."
591 (cond
592 ((string-prefix? "arm" target) "zImage")
593 ((string-prefix? "mips" target) "vmlinuz")
594 ((string-prefix? "aarch64" target) "Image")
595 (else "bzImage")))
44d5f54e
LC		 596
597(define (operating-system-kernel-file os)
598 "Return an object representing the absolute file name of the kernel image of
599OS."
912b857e
JN		 600 (if (operating-system-hurd os)
601 (file-append (operating-system-kernel os) "/boot/gnumach")
602 (file-append (operating-system-kernel os)
603 "/" (system-linux-image-file-name))))
44d5f54e 604
f91ad0b1
DM		 605(define (package-for-kernel target-kernel module-package)
606 "Return a package like MODULE-PACKAGE, adapted for TARGET-KERNEL, if
607possible (that is if there's a LINUX keyword argument in the build system)."
608 (package
609 (inherit module-package)
610 (arguments
611 (substitute-keyword-arguments (package-arguments module-package)
612 ((#:linux kernel #f)
613 target-kernel)))))
614
e06664da
FP		 615(define %default-modprobe-blacklist
616 ;; List of kernel modules to blacklist by default.
fd31731b
FP		 617 '("usbmouse" ;races with bcm5974, see <https://bugs.gnu.org/35574>
618 "usbkbd")) ;races with usbhid, see <https://issues.guix.gnu.org/35574#18>
e06664da
FP		 619
620(define %default-kernel-arguments
621 ;; Default arguments passed to the kernel.
622 (list (string-append "modprobe.blacklist="
623 (string-join %default-modprobe-blacklist ","))
624 "quiet"))
625
69cae3d3 626(define* (operating-system-directory-base-entries os)
d62e201c
LC		 627 "Return the basic entries of the 'system' directory of OS for use as the
628value of the SYSTEM-SERVICE-TYPE service."
cda75110
LC		 629 (let* ((locale (operating-system-locale-directory os))
630 (kernel (operating-system-kernel os))
2b76179e 631 (hurd (operating-system-hurd os))
cda75110 632 (modules (operating-system-kernel-loadable-modules os))
2b76179e
JN		 633 (kernel (if hurd
634 kernel
635 (profile
636 (content (packages->manifest
637 (cons kernel
638 (map (lambda (module)
639 (if (package? module)
640 (package-for-kernel kernel
641 module)
642 module))
643 modules))))
644 (hooks (list linux-module-database)))))
645 (initrd (and (not hurd) (operating-system-initrd-file os)))
cda75110 646 (params (operating-system-boot-parameters-file os)))
0e5c2d5e 647 `(("kernel" ,kernel)
2b76179e 648 ,@(if hurd `(("hurd" ,hurd)) '())
0e5c2d5e 649 ("parameters" ,params)
2b76179e 650 ,@(if initrd `(("initrd" ,initrd)) '())
0e5c2d5e 651 ("locale" ,locale)))) ;used by libc
69cae3d3 652
f8885eca 653(define (operating-system-default-essential-services os)
217a5b85
LC		 654 "Return the list of essential services for OS. These are special services
655that implement part of what's declared in OS are responsible for low-level
69cae3d3 656bookkeeping."
d6e2a622
LC		 657 (define known-fs
658 (map file-system-mount-point (operating-system-file-systems os)))
659
be1c2c54
LC		 660 (let* ((mappings (device-mapping-services os))
661 (root-fs (root-file-system-service))
aa1145df 662 (other-fs (non-boot-file-system-service os))
be1c2c54 663 (swaps (swap-services os))
206a28d8 664 (procs (service user-processes-service-type))
d62e201c 665 (host-name (host-name-service (operating-system-host-name os)))
69cae3d3 666 (entries (operating-system-directory-base-entries os)))
d62e201c
LC		 667 (cons* (service system-service-type entries)
668 %boot-service
0adfe95a 669
661c237b 670 ;; %SHEPHERD-ROOT-SERVICE must come last so that the gexp that
d4053c71 671 ;; execs shepherd comes last in the boot script (XXX). Likewise,
661c237b 672 ;; the cleanup service must come first so that its gexp runs before
d4053c71 673 ;; activation code.
be7be9e8 674 (service cleanup-service-type #f)
661c237b
LC		 675 %activation-service
676 %shepherd-root-service
0adfe95a
LC		 677
678 (pam-root-service (operating-system-pam-services os))
679 (account-service (append (operating-system-accounts os)
680 (operating-system-groups os))
681 (operating-system-skeletons os))
682 (operating-system-etc-service os)
aea1a42e
LC		 683 (service fstab-service-type
684 (filter file-system-needed-for-boot?
685 (operating-system-file-systems os)))
6bad7524
SB		 686 (session-environment-service
687 (operating-system-environment-variables os))
6c445817 688 host-name procs root-fs
0adfe95a
LC		 689 (service setuid-program-service-type
690 (operating-system-setuid-programs os))
af4c3fd5
LC		 691 (service profile-service-type
692 (operating-system-packages os))
aa1145df
LC		 693 other-fs
694 (append mappings swaps
0adfe95a 695
69cae3d3
LC		 696 ;; Add the firmware service.
697 (list %linux-bare-metal-service
698 (service firmware-service-type
699 (operating-system-firmware os)))))))
700
45b2cb43 701(define (hurd-default-essential-services os)
2b76179e
JN		 702 (let ((entries (operating-system-directory-base-entries os)))
703 (list (service system-service-type entries)
704 %boot-service
705 %hurd-startup-service
706 %activation-service
707 %shepherd-root-service
708 (service user-processes-service-type)
709 (account-service (append (operating-system-accounts os)
710 (operating-system-groups os))
711 (operating-system-skeletons os))
712 (root-file-system-service)
713 (service file-system-service-type '())
714 (service fstab-service-type
715 (filter file-system-needed-for-boot?
716 (operating-system-file-systems os)))
717 (pam-root-service (operating-system-pam-services os))
718 (operating-system-etc-service os)
16f8ea06
JN		 719 (service setuid-program-service-type
720 (operating-system-setuid-programs os))
2b76179e 721 (service profile-service-type (operating-system-packages os)))))
45b2cb43 722
69cae3d3
LC		 723(define* (operating-system-services os)
724 "Return all the services of OS, including \"essential\" services."
d466b1fc
LC		 725 (instantiate-missing-services
726 (append (operating-system-user-services os)
69cae3d3 727 (operating-system-essential-services os))))
217a5b85 728
9fcfe30d
LC		 729(define (operating-system-with-gc-roots os roots)
730 "Return a variant of OS where ROOTS are registered as GC roots."
731 (operating-system
732 (inherit os)
733
734 ;; We use this procedure for the installation OS, which already defines GC
735 ;; roots. Add ROOTS to those.
736 (services (cons (simple-service 'extra-root
737 gc-root-service-type roots)
738 (operating-system-user-services os)))))
739
12a3d7d6
LC		 740(define (operating-system-configuration-file os)
741 "Return the configuration file of OS, based on its 'location' field, or #f
742if it could not be determined."
743 (let ((file (and=> (operating-system-location os)
744 location-file)))
745 (and file
746 (or (and (string-prefix? "/" file) file)
747 (search-path %load-path file)))))
748
749(define* (operating-system-with-provenance os
750 #:optional
751 (config-file
752 (operating-system-configuration-file
753 os)))
33b7cb7a
LC		 754 "Return a variant of OS that stores its own provenance information,
755including CONFIG-FILE, if available. This is achieved by adding an instance
756of PROVENANCE-SERVICE-TYPE to its services."
757 (operating-system
758 (inherit os)
759 (services (cons (service provenance-service-type config-file)
760 (operating-system-user-services os)))))
761
40281c54
LC		 762\f
763;;;
764;;; /etc.
765;;;
766
f34c56be
LC		 767(define %base-firmware
768 ;; Firmware usable by default.
52db41af
EB		 769 (list ath9k-htc-firmware
770 openfwwf-firmware))
f34c56be 771
93664fee
BW		 772(define %base-packages-utils
773 ;; Default set of utilities packages.
774 (cons* procps psmisc which
775 (@ (gnu packages admin) shadow) ;for 'passwd'
776
275b37e8 777 guile-3.0-latest
93664fee
BW		 778
779 ;; The packages below are also in %FINAL-INPUTS, so take them from
780 ;; there to avoid duplication.
030f6f48
MB		 781 (list bash coreutils findutils grep sed
782 diffutils patch gawk tar gzip bzip2 xz lzip)))
93664fee
BW		 783
784(define %base-packages-linux
785 ;; Default set of linux specific packages.
786 (list pciutils usbutils
787 util-linux+udev
788 ;; Get 'insmod' & co. from kmod, not module-init-tools, since udev
789 ;; already depends on it anyway.
790 kmod eudev))
791
792(define %base-packages-interactive
793 ;; Default set of common interactive packages.
794 (list less zile nano
4170af49 795 nvi
93664fee
BW		 796 man-db
797 info-reader ;the standalone Info reader (no Perl)
798 bash-completion
799 kbd
800 ;; The 'sudo' command is already in %SETUID-PROGRAMS, but we also
801 ;; want the other commands and the man pages (notably because
802 ;; auto-completion in Emacs shell relies on man pages.)
803 sudo
804 guile-readline guile-colorized))
805
806(define %base-packages-networking
807 ;; Default set of networking packages.
808 (list inetutils isc-dhcp
809 iproute
7a65beff 810 wget
93664fee
BW		 811 ;; wireless-tools is deprecated in favor of iw, but it's still what
812 ;; many people are familiar with, so keep it around.
813 iw wireless-tools))
814
e6e07628
EF		 815(define %base-packages-disk-utilities
816 ;; A well-rounded set of packages for interacting with disks, partitions
817 ;; and filesystems.
818 (list parted gptfdisk ddrescue
819 ;; We used to provide fdisk from GNU fdisk, but as of version 2.0.0a
820 ;; it pulls Guile 1.8, which takes unreasonable space; furthermore
821 ;; util-linux's fdisk is already available, in %base-packages-linux.
822 cryptsetup mdadm
823 dosfstools
824 btrfs-progs
825 f2fs-tools
826 jfsutils))
827
6f436c54
LC		 828(define %base-packages
829 ;; Default set of packages globally visible. It should include anything
830 ;; required for basic administrator tasks.
93664fee
BW		 831 (append (list e2fsprogs)
832 %base-packages-interactive
833 %base-packages-linux
834 %base-packages-networking
835 %base-packages-utils))
6f436c54 836
548d4c13
LC		 837(define %default-issue
838 ;; Default contents for /etc/issue.
839 "
840This is the GNU system. Welcome.\n")
841
568841d4
LC		 842(define (local-host-aliases host-name)
843 "Return aliases for HOST-NAME, to be used in /etc/hosts."
844 (string-append "127.0.0.1 localhost " host-name "\n"
845 "::1 localhost " host-name "\n"))
846
c65e1834
LC		 847(define (default-/etc/hosts host-name)
848 "Return the default /etc/hosts file."
24e02c28 849 (plain-file "hosts" (local-host-aliases host-name)))
c65e1834 850
38437763
LC		 851(define (validated-sudoers-file file)
852 "Return a copy of FILE, a sudoers file, after checking that it is
853syntactically correct."
854 (computed-file "sudoers"
855 (with-imported-modules '((guix build utils))
856 #~(begin
857 (use-modules (guix build utils))
858
859 (invoke #+(file-append sudo "/sbin/visudo")
860 "--check" "--file" #$file)
861 (copy-file #$file #$output)))))
862
0adfe95a 863(define* (operating-system-etc-service os)
211a5035
LC		 864 "Return a <service> that builds a directory containing the static part of
865the /etc directory."
f5ca79d2 866 (let* ((login.defs
e453da13
LF		 867 (plain-file "login.defs"
868 (string-append
869 "# Default paths for non-login shells started by su(1).\n"
870 "ENV_PATH /run/setuid-programs:"
871 "/run/current-system/profile/bin:"
872 "/run/current-system/profile/sbin\n"
873 "ENV_SUPATH /run/setuid-programs:"
874 "/run/current-system/profile/bin:"
875 "/run/current-system/profile/sbin\n")))
0adfe95a 876
f5ca79d2
JN		 877 (hurd (operating-system-hurd os))
878 (issue (plain-file "issue" (operating-system-issue os)))
879 (nsswitch (operating-system-name-service-switch os))
880 (nsswitch (and nsswitch
881 (plain-file "nsswitch.conf"
882 (name-service-switch->string nsswitch))))
883 (sudoers (operating-system-sudoers-file os))
0adfe95a
LC		 884
885 ;; Startup file for POSIX-compliant login shells, which set system-wide
886 ;; environment variables.
887 (profile (mixed-text-file "profile" "\
c05c4321 888# Crucial variables that could be missing in the profiles' 'etc/profile'
d9959421
LC		 889# because they would require combining both profiles.
890# FIXME: See <http://bugs.gnu.org/20255>.
97ab2c0f 891export MANPATH=$HOME/.guix-profile/share/man:/run/current-system/profile/share/man
8d09bfe2 892export INFOPATH=$HOME/.guix-profile/share/info:/run/current-system/profile/share/info
00239d05
SB		 893export XDG_DATA_DIRS=$HOME/.guix-profile/share:/run/current-system/profile/share
894export XDG_CONFIG_DIRS=$HOME/.guix-profile/etc/xdg:/run/current-system/profile/etc/xdg
895
ce380150
TD		 896# Make sure libXcursor finds cursors installed into user or system profiles. See <http://bugs.gnu.org/24445>
897export XCURSOR_PATH=$HOME/.icons:$HOME/.guix-profile/share/icons:/run/current-system/profile/share/icons
898
d9959421
LC		 899# Ignore the default value of 'PATH'.
900unset PATH
901
902# Load the system profile's settings.
bd7e136d 903GUIX_PROFILE=/run/current-system/profile ; \\
669786da 904. /run/current-system/profile/etc/profile
d9959421 905
cad7e6ab
CSLL		 906# Since 'lshd' does not use pam_env, /etc/environment must be explicitly
907# loaded when someone logs in via SSH. See <http://bugs.gnu.org/22175>.
908# We need 'PATH' to be defined here, for 'cat' and 'cut'. Do this before
909# reading the user's 'etc/profile' to allow variables to be overridden.
910if [ -f /etc/environment -a -n \"$SSH_CLIENT\" \\
911 -a -z \"$LINUX_MODULE_DIRECTORY\" ]
912then
913 . /etc/environment
914 export `cat /etc/environment | cut -d= -f1`
915fi
916
8d09bfe2
LC		 917# Arrange so that ~/.config/guix/current comes first.
918for profile in \"$HOME/.guix-profile\" \"$HOME/.config/guix/current\"
cdc5b932
LC		 919do
920 if [ -f \"$profile/etc/profile\" ]
921 then
922 # Load the user profile's settings.
923 GUIX_PROFILE=\"$profile\" ; \\
924 . \"$profile/etc/profile\"
925 else
926 # At least define this one so that basic things just work
927 # when the user installs their first package.
928 export PATH=\"$profile/bin:$PATH\"
929 fi
930done
d9959421 931
a854525a
LC		 932# Prepend setuid programs.
933export PATH=/run/setuid-programs:$PATH
934
8d09bfe2
LC		 935# Arrange so that ~/.config/guix/current/share/info comes first.
936export INFOPATH=\"$HOME/.config/guix/current/share/info:$INFOPATH\"
937
11202482
LC		 938# Set the umask, notably for users logging in via 'lsh'.
939# See <http://bugs.gnu.org/22650>.
940umask 022
2a5f0db4 941
c08da2ee
LC		 942# Allow Hunspell-based applications (IceCat, LibreOffice, etc.) to
943# find dictionaries.
944export DICPATH=\"$HOME/.guix-profile/share/hunspell:/run/current-system/profile/share/hunspell\"
945
4af7c83b
LC		 946# Allow GStreamer-based applications to find plugins.
947export GST_PLUGIN_PATH=\"$HOME/.guix-profile/lib/gstreamer-1.0\"
948
1d167b6e
LC		 949if [ -n \"$BASH_VERSION\" -a -f /etc/bashrc ]
950then
951 # Load Bash-specific initialization code.
669786da 952 . /etc/bashrc
1d167b6e 953fi
40281c54 954"))
1d167b6e 955
0adfe95a 956 (bashrc (plain-file "bashrc" "\
1d167b6e
LC		 957# Bash-specific initialization.
958
959# The 'bash-completion' package.
960if [ -f /run/current-system/profile/etc/profile.d/bash_completion.sh ]
961then
962 # Bash-completion sources ~/.bash_completion. It installs a dynamic
963 # completion loader that searches its own completion files as well
964 # as those in ~/.guix-profile and /run/current-system/profile.
965 source /run/current-system/profile/etc/profile.d/bash_completion.sh
0adfe95a
LC		 966fi\n")))
967 (etc-service
9e41130b
LC		 968 `(("services" ,(file-append net-base "/etc/services"))
969 ("protocols" ,(file-append net-base "/etc/protocols"))
970 ("rpc" ,(file-append net-base "/etc/rpc"))
0adfe95a
LC		 971 ("login.defs" ,#~#$login.defs)
972 ("issue" ,#~#$issue)
f5ca79d2 973 ,@(if nsswitch `(("nsswitch.conf" ,#~#$nsswitch)) '())
0adfe95a
LC		 974 ("profile" ,#~#$profile)
975 ("bashrc" ,#~#$bashrc)
976 ("hosts" ,#~#$(or (operating-system-hosts-file os)
977 (default-/etc/hosts (operating-system-host-name os))))
c694520b
TD		 978 ;; Write the operating-system-host-name to /etc/hostname to prevent
979 ;; NetworkManager from changing the system's hostname when connecting
980 ;; to certain networks. Some discussion at
981 ;; https://lists.gnu.org/archive/html/help-guix/2017-09/msg00037.html
982 ("hostname" ,(plain-file "hostname" (operating-system-host-name os)))
2a80d9e5
TS		 983 ;; Some programs (e.g., GLib) look at /etc/timezone to find the
984 ;; name of the current timezone. For details, see
985 ;; https://lists.gnu.org/archive/html/guix-devel/2019-07/msg00166.html
986 ("timezone" ,(plain-file "timezone" (operating-system-timezone os)))
9e41130b
LC		 987 ("localtime" ,(file-append tzdata "/share/zoneinfo/"
988 (operating-system-timezone os)))
38437763
LC		 989 ,@(if sudoers
990 `(("sudoers" ,(validated-sudoers-file sudoers)))
991 '())
f5ca79d2
JN		 992 ,@(if hurd
993 `(("login" ,(file-append hurd "/etc/login"))
5681ce50
JN		 994 ("motd" ,(file-append hurd "/etc/motd"))
995 ("ttys" ,(file-append hurd "/etc/ttys")))
f5ca79d2 996 '())))))
033adfe7 997
ab6a279a
LC		 998(define %root-account
999 ;; Default root account.
1000 (user-account
1001 (name "root")
1002 (password "")
1003 (uid 0) (group "root")
1004 (comment "System administrator")
1005 (home-directory "/root")))
1006
0b6f49ef 1007(define (operating-system-accounts os)
0adfe95a
LC		 1008 "Return the user accounts for OS, including an obligatory 'root' account,
1009and excluding accounts requested by services."
1010 ;; Make sure there's a root account.
1011 (if (find (lambda (user)
1012 (and=> (user-account-uid user) zero?))
1013 (operating-system-users os))
1014 (operating-system-users os)
1015 (cons %root-account (operating-system-users os))))
0b6f49ef 1016
84765839
LC		 1017(define (maybe-string->file file-name thing)
1018 "If THING is a string, return a <plain-file> with THING as its content.
1019Otherwise just return THING.
1020
1021This is for backward-compatibility of fields that used to be strings and are
1022now file-like objects.."
1023 (match thing
1024 ((? string?)
69daee23 1025 (warning (G_ "using a string for file '~a' is deprecated; \
84765839
LC		 1026use 'plain-file' instead~%")
1027 file-name)
1028 (plain-file file-name thing))
1029 (x
1030 x)))
1031
24e02c28
LC		 1032(define (maybe-file->monadic file-name thing)
1033 "If THING is a value in %STORE-MONAD, return it as is; otherwise return
1034THING in the %STORE-MONAD.
1035
1036This is for backward-compatibility of fields that used to be monadic values
1037and are now file-like objects."
1038 (with-monad %store-monad
1039 (match thing
1040 ((? procedure?)
69daee23 1041 (warning (G_ "using a monadic value for '~a' is deprecated; \
24e02c28
LC		 1042use 'plain-file' instead~%")
1043 file-name)
1044 thing)
1045 (x
1046 (return x)))))
1047
0b6f49ef
LC		 1048(define (operating-system-etc-directory os)
1049 "Return that static part of the /etc directory of OS."
0adfe95a
LC		 1050 (etc-directory
1051 (fold-services (operating-system-services os)
1052 #:target-type etc-service-type)))
033adfe7 1053
6bad7524
SB		 1054(define (operating-system-environment-variables os)
1055 "Return the environment variables of OS for
1056@var{session-environment-service-type}, to be used in @file{/etc/environment}."
1057 `(("LANG" . ,(operating-system-locale os))
54757499
LC		 1058 ;; Note: No need to set 'TZ' since (1) we provide /etc/localtime, and (2)
1059 ;; it doesn't work for setuid binaries. See <https://bugs.gnu.org/29212>.
9e41130b 1060 ("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
6bad7524
SB		 1061 ;; Tell 'modprobe' & co. where to look for modules.
1062 ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
1063 ;; These variables are honored by OpenSSL (libssl) and Git.
1064 ("SSL_CERT_DIR" . "/etc/ssl/certs")
1065 ("SSL_CERT_FILE" . "/etc/ssl/certs/ca-certificates.crt")
1066 ("GIT_SSL_CAINFO" . "/etc/ssl/certs/ca-certificates.crt")
ae05e366
LC		 1067
1068 ;; 'GTK_DATA_PREFIX' must name one directory where GTK+ themes are
1069 ;; searched for.
1070 ("GTK_DATA_PREFIX" . "/run/current-system/profile")
1071
6bad7524
SB		 1072 ;; By default, applications that use D-Bus, such as Emacs, abort at startup
1073 ;; when /etc/machine-id is missing. Make sure these warnings are non-fatal.
946465bb
LC		 1074 ("DBUS_FATAL_WARNINGS" . "0")
1075
1076 ;; XXX: Normally we wouldn't need to do this, but our glibc@2.23 package
1077 ;; used to look things up in 'PREFIX/lib/locale' instead of
1078 ;; '/run/current-system/locale' as was intended. Keep this hack around so
1079 ;; that people who still have glibc@2.23-using packages in their profiles
1080 ;; can use them correctly.
1081 ;; TODO: Remove when glibc@2.23 is long gone.
1082 ("GUIX_LOCPATH" . "/run/current-system/locale")))
6bad7524 1083
09e028f4
LC		 1084(define %setuid-programs
1085 ;; Default set of setuid-root programs.
3b65abac 1086 (let ((shadow (@ (gnu packages admin) shadow)))
9e41130b 1087 (list (file-append shadow "/bin/passwd")
f6c6970e 1088 (file-append shadow "/bin/sg")
9e41130b 1089 (file-append shadow "/bin/su")
f6c6970e 1090 (file-append shadow "/bin/newgrp")
852241eb
SB		 1091 (file-append shadow "/bin/newuidmap")
1092 (file-append shadow "/bin/newgidmap")
9e41130b
LC		 1093 (file-append inetutils "/bin/ping")
1094 (file-append inetutils "/bin/ping6")
1095 (file-append sudo "/bin/sudo")
5144df2c 1096 (file-append sudo "/bin/sudoedit")
19944227
LC		 1097 (file-append fuse "/bin/fusermount")
1098
1099 ;; To allow mounts with the "user" option, "mount" and "umount" must
1100 ;; be setuid-root.
1101 (file-append util-linux "/bin/mount")
1102 (file-append util-linux "/bin/umount"))))
69689380
LC		 1103
1104(define %sudoers-specification
1105 ;; Default /etc/sudoers contents: 'root' and all members of the 'wheel'
1106 ;; group can do anything. See
1107 ;; <http://www.sudo.ws/sudo/man/1.8.10/sudoers.man.html>.
1108 ;; TODO: Add a declarative API.
84765839
LC		 1109 (plain-file "sudoers" "\
1110root ALL=(ALL) ALL
1111%wheel ALL=(ALL) ALL\n"))
09e028f4 1112
69cae3d3 1113(define* (operating-system-activation-script os)
484a2b3a
LC		 1114 "Return the activation script for OS---i.e., the code that \"activates\" the
1115stateful part of OS, including user accounts and groups, special directories,
1116etc."
69cae3d3 1117 (let* ((services (operating-system-services os))
0adfe95a
LC		 1118 (activation (fold-services services
1119 #:target-type activation-service-type)))
1120 (activation-service->script activation)))
484a2b3a 1121
69cae3d3 1122(define* (operating-system-boot-script os)
484a2b3a 1123 "Return the boot script for OS---i.e., the code started by the initrd once
69cae3d3
LC		 1124we're running in the final root."
1125 (let* ((services (operating-system-services os))
d62e201c 1126 (boot (fold-services services #:target-type boot-service-type)))
efe7d19a 1127 (service-value boot)))
2106d3fc 1128
b2fef041
LC		 1129(define (operating-system-user-accounts os)
1130 "Return the list of user accounts of OS."
1131 (let* ((services (operating-system-services os))
1132 (account (fold-services services
1133 #:target-type account-service-type)))
1134 (filter user-account?
efe7d19a 1135 (service-value account))))
b2fef041
LC		 1136
1137(define (operating-system-shepherd-service-names os)
1138 "Return the list of Shepherd service names for OS."
1139 (append-map shepherd-service-provision
95f72dcd
MD		 1140 (shepherd-configuration-services
1141 (service-value
1142 (fold-services (operating-system-services os)
1143 #:target-type
1144 shepherd-root-service-type)))))
b2fef041 1145
69cae3d3 1146(define* (operating-system-derivation os)
d62e201c 1147 "Return a derivation that builds OS."
69cae3d3 1148 (let* ((services (operating-system-services os))
d62e201c
LC		 1149 (system (fold-services services)))
1150 ;; SYSTEM contains the derivation as a monadic value.
efe7d19a 1151 (service-value system)))
d62e201c 1152
69cae3d3 1153(define* (operating-system-profile os)
af4c3fd5
LC		 1154 "Return a derivation that builds the system profile of OS."
1155 (mlet* %store-monad
69cae3d3 1156 ((services -> (operating-system-services os))
af4c3fd5
LC		 1157 (profile (fold-services services
1158 #:target-type profile-service-type)))
1159 (match profile
1160 (("profile" profile)
1161 (return profile)))))
1162
83bcd0b8
LC		 1163(define (operating-system-root-file-system os)
1164 "Return the root file system of OS."
d7e9e0bb
LC		 1165 (or (find (lambda (fs)
1166 (string=? "/" (file-system-mount-point fs)))
1167 (operating-system-file-systems os))
1168 (raise (condition
1169 (&message (message "missing root file system"))
1170 (&error-location
1171 (location (operating-system-location os)))))))
83bcd0b8 1172
b4140694
LC		 1173(define (operating-system-initrd-file os)
1174 "Return a gexp denoting the initrd file of OS."
83bcd0b8 1175 (define boot-file-systems
4d6b879c 1176 (filter file-system-needed-for-boot?
83bcd0b8
LC		 1177 (operating-system-file-systems os)))
1178
de1c158f
LC		 1179 (define mapped-devices
1180 (operating-system-boot-mapped-devices os))
1181
1182 (define make-initrd
1183 (operating-system-initrd os))
1184
d422cbb3
LC		 1185 (make-initrd boot-file-systems
1186 #:linux (operating-system-kernel os)
1187 #:linux-modules
1188 (operating-system-initrd-modules os)
ae7a316b
LC		 1189 #:mapped-devices mapped-devices
1190 #:keyboard-layout (operating-system-keyboard-layout os)))
b4140694 1191
78fbf2bd
MO		 1192(define* (operating-system-uuid os #:optional (type 'dce))
1193 "Compute UUID object with a deterministic \"UUID\" for OS, of the given
1194TYPE (one of 'iso9660 or 'dce). Return a UUID object."
1195 ;; Note: For this to be deterministic, we must not hash things that contains
1196 ;; (directly or indirectly) procedures, for example. That rules out
1197 ;; anything that contains gexps, thunk or delayed record fields, etc.
1198
1199 (define service-name
1200 (compose service-type-name service-kind))
1201
1202 (define (file-system-digest fs)
1203 ;; Return a hashable digest that does not contain 'dependencies' since
1204 ;; this field can contain procedures.
1205 (let ((device (file-system-device fs)))
1206 (list (file-system-mount-point fs)
1207 (file-system-type fs)
1208 (file-system-device->string device)
1209 (file-system-options fs))))
1210
1211 (if (eq? type 'iso9660)
1212 (let ((pad (compose (cut string-pad <> 2 #\0)
1213 number->string))
1214 (h (hash (map service-name (operating-system-services os))
1215 3600)))
1216 (bytevector->uuid
1217 (string->iso9660-uuid
1218 (string-append "1970-01-01-"
1219 (pad (hash (operating-system-host-name os) 24)) "-"
1220 (pad (quotient h 60)) "-"
1221 (pad (modulo h 60)) "-"
1222 (pad (hash (map file-system-digest
1223 (operating-system-file-systems os))
1224 100))))
1225 'iso9660))
1226 (bytevector->uuid
1227 (uint-list->bytevector
1228 (list (hash (map file-system-digest
1229 (operating-system-file-systems os))
1230 (- (expt 2 32) 1))
1231 (hash (operating-system-host-name os)
1232 (- (expt 2 32) 1))
1233 (hash (map service-name (operating-system-services os))
1234 (- (expt 2 32) 1))
1235 (hash (map file-system-digest (operating-system-file-systems os))
1236 (- (expt 2 32) 1)))
1237 (endianness little)
1238 4)
1239 type)))
1240
f5582b2c
LC		 1241(define (locale-name->definition* name)
1242 "Variant of 'locale-name->definition' that raises an error upon failure."
1243 (match (locale-name->definition name)
1244 (#f
d51bfe24 1245 (raise (formatted-message (G_ "~a: invalid locale name") name)))
f5582b2c
LC		 1246 (def def)))
1247
598e19dc
LC		 1248(define (operating-system-locale-directory os)
1249 "Return the directory containing the locales compiled for the definitions
1250listed in OS. The C library expects to find it under
1251/run/current-system/locale."
f5582b2c
LC		 1252 (define name
1253 (operating-system-locale os))
1254
1255 (define definitions
1256 ;; While we're at it, check whether NAME is defined and add it if needed.
1257 (if (member name (map locale-definition-name
1258 (operating-system-locale-definitions os)))
1259 (operating-system-locale-definitions os)
1260 (cons (locale-name->definition* name)
1261 (operating-system-locale-definitions os))))
1262
1263 (locale-directory definitions
34760ae7 1264 #:libcs (operating-system-locale-libcs os)))
598e19dc 1265
e6cd8581 1266(define* (kernel->boot-label kernel #:key hurd)
c2e9942b 1267 "Return a label for the bootloader menu entry that boots KERNEL."
e6cd8581
JN		 1268 (cond ((package? hurd)
1269 (string-append "GNU with the "
1270 (string-titlecase (package-name hurd)) " "
1271 (package-version hurd)))
1272 ((package? kernel)
bdc61ff9
P		 1273 (string-append "GNU with "
1274 (string-titlecase (package-name kernel)) " "
4ce3a326 1275 (package-version kernel)))
bdc61ff9
P		 1276 ((inferior-package? kernel)
1277 (string-append "GNU with "
b12f8720 1278 (string-titlecase (inferior-package-name kernel)) " "
4ce3a326 1279 (inferior-package-version kernel)))
bdc61ff9 1280 (else "GNU")))
2d23e6f0 1281
3f03a198
LC		 1282(define (operating-system-default-label os)
1283 "Return the default label for OS, as it will appear in the bootloader menu
1284entry."
e6cd8581
JN		 1285 (kernel->boot-label (operating-system-kernel os)
1286 #:hurd (operating-system-hurd os)))
3f03a198 1287
6b779207
LC		 1288(define (store-file-system file-systems)
1289 "Return the file system object among FILE-SYSTEMS that contains the store."
1290 (match (filter (lambda (fs)
1291 (and (file-system-mount? fs)
1292 (not (memq 'bind-mount (file-system-flags fs)))
1293 (string-prefix? (file-system-mount-point fs)
1294 (%store-prefix))))
1295 file-systems)
1296 ((and candidates (head . tail))
1297 (reduce (lambda (fs1 fs2)
1298 (if (> (string-length (file-system-mount-point fs1))
1299 (string-length (file-system-mount-point fs2)))
1300 fs1
1301 fs2))
1302 head
1303 candidates))))
1304
1305(define (operating-system-store-file-system os)
1306 "Return the file system that contains the store of OS."
1307 (store-file-system (operating-system-file-systems os)))
1308
c76b3046 1309(define* (operating-system-bootcfg os #:optional (old-entries '()))
5ece56dc
LC		 1310 "Return the bootloader configuration file for OS. Use OLD-ENTRIES,
1311a list of <menu-entry>, to populate the \"old entries\" menu."
b460ba79
MC		 1312 (let* ((file-systems (operating-system-file-systems os))
1313 (root-fs (operating-system-root-file-system os))
9782c822 1314 (root-device (file-system-device root-fs))
eaf09639 1315 (locale (operating-system-locale os))
f00e68ac 1316 (crypto-devices (operating-system-bootloader-crypto-devices os))
9782c822
LC		 1317 (params (operating-system-boot-parameters
1318 os root-device
1319 #:system-kernel-arguments? #t))
1320 (entry (boot-parameters->menu-entry params))
1321 (bootloader-conf (operating-system-bootloader os)))
b460ba79 1322
46c296dc
LC		 1323 (define generate-config-file
1324 (bootloader-configuration-file-generator
1325 (bootloader-configuration-bootloader bootloader-conf)))
1326
9782c822 1327 (generate-config-file bootloader-conf (list entry)
b460ba79 1328 #:old-entries old-entries
eaf09639 1329 #:locale locale
f00e68ac 1330 #:store-crypto-devices crypto-devices
e7b86a0d 1331 #:store-directory-prefix
b460ba79 1332 (btrfs-store-subvolume-file-name file-systems))))
b4140694 1333
912b857e
JN		 1334(define (operating-system-multiboot-modules os)
1335 (if (operating-system-hurd os) (hurd-multiboot-modules os) '()))
1336
1337(define (hurd-multiboot-modules os)
1338 (let* ((hurd (operating-system-hurd os))
1339 (root-file-system-command
1340 (list (file-append hurd "/hurd/ext2fs.static")
1341 "ext2fs"
1342 "--multiboot-command-line='${kernel-command-line}'"
1343 "--host-priv-port='${host-port}'"
1344 "--device-master-port='${device-port}'"
1345 "--exec-server-task='${exec-task}'"
1346 "--store-type=typed"
f25e8f76 1347 "--x-xattr-translator-records"
912b857e
JN		 1348 "'${root}'" "'$(task-create)'" "'$(task-resume)'"))
1349 (target (%current-target-system))
1350 (libc (if target
1351 (with-parameters ((%current-target-system #f))
1352 ;; TODO: cross-libc has extra patches for the Hurd;
1353 ;; remove in next rebuild cycle
1354 (cross-libc target))
1355 glibc))
1356 (exec-server-command
1357 (list (file-append libc "/lib/ld.so.1") "exec"
1358 (file-append hurd "/hurd/exec") "'$(exec-task=task-create)'")))
1359 (list root-file-system-command exec-server-command)))
1360
a7ef45d9
LC		 1361(define* (operating-system-boot-parameters os root-device
1362 #:key system-kernel-arguments?)
1363 "Return a monadic <boot-parameters> record that describes the boot
1364parameters of OS. When SYSTEM-KERNEL-ARGUMENTS? is true, add kernel arguments
1365such as '--root' and '--load' to <boot-parameters>."
395782f2 1366 (let* ((initrd (and (not (operating-system-hurd os))
912b857e 1367 (operating-system-initrd-file os)))
35b44681 1368 (store (operating-system-store-file-system os))
582cf925 1369 (file-systems (operating-system-file-systems os))
f00e68ac 1370 (crypto-devices (operating-system-bootloader-crypto-devices os))
9d449b94 1371 (locale (operating-system-locale os))
35b44681
LC		 1372 (bootloader (bootloader-configuration-bootloader
1373 (operating-system-bootloader os)))
1374 (bootloader-name (bootloader-name bootloader))
912b857e
JN		 1375 (label (operating-system-label os))
1376 (multiboot-modules (operating-system-multiboot-modules os)))
35b44681
LC		 1377 (boot-parameters
1378 (label label)
1379 (root-device root-device)
1380 (kernel (operating-system-kernel-file os))
1381 (kernel-arguments
1382 (if system-kernel-arguments?
1383 (operating-system-kernel-arguments os root-device)
1384 (operating-system-user-kernel-arguments os)))
1385 (initrd initrd)
912b857e 1386 (multiboot-modules multiboot-modules)
35b44681 1387 (bootloader-name bootloader-name)
a28cfee8
LC		 1388 (bootloader-menu-entries
1389 (bootloader-configuration-menu-entries (operating-system-bootloader os)))
9d449b94 1390 (locale locale)
35b44681 1391 (store-device (ensure-not-/dev (file-system-device store)))
582cf925 1392 (store-directory-prefix (btrfs-store-subvolume-file-name file-systems))
f00e68ac 1393 (store-crypto-devices crypto-devices)
35b44681 1394 (store-mount-point (file-system-mount-point store)))))
40fad1c2 1395
9b336338
LC		 1396(define (device->sexp device)
1397 "Serialize DEVICE as an sexp (really, as an object with a read syntax.)"
1398 (match device
1399 ((? uuid? uuid)
075681d3 1400 `(uuid ,(uuid-type uuid) ,(uuid-bytevector uuid)))
a5acc17a
LC		 1401 ((? file-system-label? label)
1402 `(file-system-label ,(file-system-label->string label)))
9b336338
LC		 1403 (_
1404 device)))
1405
a7ef45d9
LC		 1406(define* (operating-system-boot-parameters-file os
1407 #:key system-kernel-arguments?)
40fad1c2
DM		 1408 "Return a file that describes the boot parameters of OS. The primary use of
1409this file is the reconstruction of GRUB menu entries for old configurations.
a7ef45d9
LC		 1410
1411When SYSTEM-KERNEL-ARGUMENTS? is true, add kernel arguments such as '--root'
1412and '--load' to the returned file (since the returned file is then usually
1413stored into the content-addressed \"system\" directory, it's usually not a
1414good idea to give it because the content hash would change by the content hash
40fad1c2 1415being stored into the \"parameters\" file)."
35b44681
LC		 1416 (let* ((root (operating-system-root-file-system os))
1417 (device (file-system-device root))
1418 (params (operating-system-boot-parameters
1419 os device
1420 #:system-kernel-arguments?
1421 system-kernel-arguments?)))
2e37d158
LC		 1422 (scheme-file "parameters"
1423 #~(boot-parameters
1424 (version 0)
1425 (label #$(boot-parameters-label params))
1426 (root-device
1427 #$(device->sexp
1428 (boot-parameters-root-device params)))
1429 (kernel #$(boot-parameters-kernel params))
1430 (kernel-arguments
1431 #$(boot-parameters-kernel-arguments params))
2b76179e
JN		 1432 #$@(if (boot-parameters-initrd params)
1433 #~((initrd #$(boot-parameters-initrd params)))
1434 #~())
1435 #$@(if (pair? (boot-parameters-multiboot-modules params))
1436 #~((multiboot-modules
1437 #$(boot-parameters-multiboot-modules params)))
1438 #~())
2e37d158
LC		 1439 (bootloader-name #$(boot-parameters-bootloader-name params))
1440 (bootloader-menu-entries
1441 #$(map menu-entry->sexp
1442 (or (and=> (operating-system-bootloader os)
1443 bootloader-configuration-menu-entries)
1444 '())))
9d449b94 1445 (locale #$(boot-parameters-locale params))
2e37d158
LC		 1446 (store
1447 (device
1448 #$(device->sexp (boot-parameters-store-device params)))
1449 (mount-point #$(boot-parameters-store-mount-point
582cf925
MÁAV		 1450 params))
1451 (directory-prefix
f00e68ac
MÁAV		 1452 #$(boot-parameters-store-directory-prefix params))
1453 (crypto-devices
1454 #$(map device->sexp
1455 (boot-parameters-store-crypto-devices params)))))
2e37d158 1456 #:set-load-path? #f)))
64e40dbb 1457
96da5d62
LC		 1458(define-gexp-compiler (operating-system-compiler (os <operating-system>)
1459 system target)
1460 ((store-lift
1461 (lambda (store)
1462 ;; XXX: This is not super elegant but we can't pass SYSTEM and TARGET to
1463 ;; 'operating-system-derivation'.
1464 (run-with-store store (operating-system-derivation os)
1465 #:system system
1466 #:target target)))))
1467
033adfe7 1468;;; system.scm ends here
jackhill's copy of GNU Guix: https://guix.gnu.org/