[jackhill/guix/guix.git] / gnu / system / file-systems.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu system file-systems)
  #:use-module (ice-9 match)
  #:use-module (ice-9 regex)
  #:use-module (guix gexp)
  #:use-module (guix records)
  #:use-module (guix store)
  #:use-module (rnrs bytevectors)
  #:use-module ((gnu build file-systems) #:select (uuid->string))
  #:re-export (uuid->string)
  #:export (<file-system>
            file-system
            file-system?
            file-system-device
            file-system-title
            file-system-mount-point
            file-system-type
            file-system-needed-for-boot?
            file-system-flags
            file-system-options
            file-system-check?
            file-system-create-mount-point?

            file-system->spec
            string->uuid
            uuid

            %fuse-control-file-system
            %binary-format-file-system
            %shared-memory-file-system
            %pseudo-terminal-file-system
            %devtmpfs-file-system
            %immutable-store
            %control-groups

            %base-file-systems
            %container-file-systems

            mapped-device
            mapped-device?
            mapped-device-source
            mapped-device-target
            mapped-device-type

            mapped-device-kind
            mapped-device-kind?
            mapped-device-kind-open
            mapped-device-kind-close

            <file-system-mapping>
            file-system-mapping
            file-system-mapping?
            file-system-mapping-source
            file-system-mapping-target
            file-system-mapping-writable?

            %store-mapping))

;;; Commentary:
;;;
;;; Declaring file systems to be mounted.
;;;
;;; Code:

;; File system declaration.
(define-record-type* <file-system> file-system
  make-file-system
  file-system?
  (device           file-system-device)           ; string
  (title            file-system-title             ; 'device | 'label | 'uuid
                    (default 'device))
  (mount-point      file-system-mount-point)      ; string
  (type             file-system-type)             ; string
  (flags            file-system-flags             ; list of symbols
                    (default '()))
  (options          file-system-options           ; string or #f
                    (default #f))
  (needed-for-boot? %file-system-needed-for-boot? ; Boolean
                    (default #f))
  (check?           file-system-check?            ; Boolean
                    (default #t))
  (create-mount-point? file-system-create-mount-point? ; Boolean
                       (default #f)))

(define-inlinable (file-system-needed-for-boot? fs)
  "Return true if FS has the 'needed-for-boot?' flag set, or if it's the root
file system."
  (or (%file-system-needed-for-boot? fs)
      (string=? "/" (file-system-mount-point fs))))

(define (file-system->spec fs)
  "Return a list corresponding to file-system FS that can be passed to the
initrd code."
  (match fs
    (($ <file-system> device title mount-point type flags options _ check?)
     (list device title mount-point type flags options check?))))

(define %uuid-rx
  ;; The regexp of a UUID.
  (make-regexp "^([[:xdigit:]]{8})-([[:xdigit:]]{4})-([[:xdigit:]]{4})-([[:xdigit:]]{4})-([[:xdigit:]]{12})$"))

(define (string->uuid str)
  "Parse STR as a DCE UUID (see <https://tools.ietf.org/html/rfc4122>) and
return its contents as a 16-byte bytevector.  Return #f if STR is not a valid
UUID representation."
  (and=> (regexp-exec %uuid-rx str)
         (lambda (match)
           (letrec-syntax ((hex->number
                            (syntax-rules ()
                              ((_ index)
                               (string->number (match:substring match index)
                                               16))))
                           (put!
                            (syntax-rules ()
                              ((_ bv index (number len) rest ...)
                               (begin
                                 (bytevector-uint-set! bv index number
                                                       (endianness big) len)
                                 (put! bv (+ index len) rest ...)))
                              ((_ bv index)
                               bv))))
             (let ((time-low  (hex->number 1))
                   (time-mid  (hex->number 2))
                   (time-hi   (hex->number 3))
                   (clock-seq (hex->number 4))
                   (node      (hex->number 5))
                   (uuid      (make-bytevector 16)))
               (put! uuid 0
                     (time-low 4) (time-mid 2) (time-hi 2)
                     (clock-seq 2) (node 6)))))))

(define-syntax uuid
  (lambda (s)
    "Return the bytevector corresponding to the given UUID representation."
    (syntax-case s ()
      ((_ str)
       (string? (syntax->datum #'str))
       ;; A literal string: do the conversion at expansion time.
       (let ((bv (string->uuid (syntax->datum #'str))))
         (unless bv
           (syntax-violation 'uuid "invalid UUID" s))
         (datum->syntax #'str bv)))
      ((_ str)
       #'(string->uuid str)))))

\f
;;;
;;; Common file systems.
;;;

(define %fuse-control-file-system
  ;; Control file system for Linux' file systems in user-space (FUSE).
  (file-system
    (device "fusectl")
    (mount-point "/sys/fs/fuse/connections")
    (type "fusectl")
    (check? #f)))

(define %binary-format-file-system
  ;; Support for arbitrary executable binary format.
  (file-system
    (device "binfmt_misc")
    (mount-point "/proc/sys/fs/binfmt_misc")
    (type "binfmt_misc")
    (check? #f)))

(define %devtmpfs-file-system
  ;; /dev as a 'devtmpfs' file system, needed for udev.
  (file-system
    (device "none")
    (mount-point "/dev")
    (type "devtmpfs")
    (check? #f)

    ;; Mount it from the initrd so /dev/pts & co. can then be mounted over it.
    (needed-for-boot? #t)))

(define %tty-gid
  ;; ID of the 'tty' group.  Allocate it statically to make it easy to refer
  ;; to it from here and from the 'tty' group definitions.
  996)

(define %pseudo-terminal-file-system
  ;; The pseudo-terminal file system.  It needs to be mounted so that
  ;; statfs(2) returns DEVPTS_SUPER_MAGIC like libc's getpt(3) expects (and
  ;; thus openpty(3) and its users, such as xterm.)
  (file-system
    (device "none")
    (mount-point "/dev/pts")
    (type "devpts")
    (check? #f)
    (needed-for-boot? #f)
    (create-mount-point? #t)
    (options (string-append "gid=" (number->string %tty-gid) ",mode=620"))))

(define %shared-memory-file-system
  ;; Shared memory.
  (file-system
    (device "tmpfs")
    (mount-point "/dev/shm")
    (type "tmpfs")
    (check? #f)
    (flags '(no-suid no-dev))
    (options "size=50%")                         ;TODO: make size configurable
    (create-mount-point? #t)))

(define %immutable-store
  ;; Read-only store to avoid users or daemons accidentally modifying it.
  ;; 'guix-daemon' has provisions to remount it read-write in its own name
  ;; space.
  (file-system
    (device (%store-prefix))
    (mount-point (%store-prefix))
    (type "none")
    (check? #f)
    (flags '(read-only bind-mount))))

(define %control-groups
  (cons (file-system
          (device "cgroup")
          (mount-point "/sys/fs/cgroup")
          (type "tmpfs")
          (check? #f))
        (map (lambda (subsystem)
               (file-system
                 (device "cgroup")
                 (mount-point (string-append "/sys/fs/cgroup/" subsystem))
                 (type "cgroup")
                 (check? #f)
                 (options subsystem)
                 (create-mount-point? #t)))
             '("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
               "blkio" "perf_event" "hugetlb"))))

(define %base-file-systems
  ;; List of basic file systems to be mounted.  Note that /proc and /sys are
  ;; currently mounted by the initrd.
  (append (list %devtmpfs-file-system
                %pseudo-terminal-file-system
                %shared-memory-file-system
                %immutable-store)
          %control-groups))

;; File systems for Linux containers differ from %base-file-systems in that
;; they impose additional restrictions such as no-exec or need different
;; options to function properly.
;;
;; The file system flags and options conform to the libcontainer
;; specification:
;; https://github.com/docker/libcontainer/blob/master/SPEC.md#filesystem
(define %container-file-systems
  (list
   ;; Pseudo-terminal file system.
   (file-system
     (device "none")
     (mount-point "/dev/pts")
     (type "devpts")
     (flags '(no-exec no-suid))
     (needed-for-boot? #t)
     (create-mount-point? #t)
     (check? #f)
     (options "newinstance,ptmxmode=0666,mode=620"))
   ;; Shared memory file system.
   (file-system
     (device "tmpfs")
     (mount-point "/dev/shm")
     (type "tmpfs")
     (flags '(no-exec no-suid no-dev))
     (options "mode=1777,size=65536k")
     (needed-for-boot? #t)
     (create-mount-point? #t)
     (check? #f))
   ;; Message queue file system.
   (file-system
     (device "mqueue")
     (mount-point "/dev/mqueue")
     (type "mqueue")
     (flags '(no-exec no-suid no-dev))
     (needed-for-boot? #t)
     (create-mount-point? #t)
     (check? #f))))


\f
;;;
;;; Mapped devices, for Linux's device-mapper.
;;;

(define-record-type* <mapped-device> mapped-device
  make-mapped-device
  mapped-device?
  (source    mapped-device-source)                ;string
  (target    mapped-device-target)                ;string
  (type      mapped-device-type))                 ;<mapped-device-kind>

(define-record-type* <mapped-device-type> mapped-device-kind
  make-mapped-device-kind
  mapped-device-kind?
  (open      mapped-device-kind-open)             ;source target -> gexp
  (close     mapped-device-kind-close             ;source target -> gexp
             (default (const #~(const #f)))))

\f
;;;
;;; Shared file systems, for VMs/containers.
;;;

;; Mapping of host file system SOURCE to mount point TARGET in the guest.
(define-record-type* <file-system-mapping> file-system-mapping
  make-file-system-mapping
  file-system-mapping?
  (source    file-system-mapping-source)          ;string
  (target    file-system-mapping-target)          ;string
  (writable? file-system-mapping-writable?        ;Boolean
             (default #f)))

(define %store-mapping
  ;; Mapping of the host's store into the guest.
  (file-system-mapping
   (source (%store-prefix))
   (target (%store-prefix))
   (writable? #f)))

;;; file-systems.scm ends here
Commit	Line	Data
c5df1839	1	;;; GNU Guix --- Functional package management for GNU
3392ce5d	2	;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
c5df1839 LC	3	;;;
	4	;;; This file is part of GNU Guix.
	5	;;;
	6	;;; GNU Guix is free software; you can redistribute it and/or modify it
	7	;;; under the terms of the GNU General Public License as published by
	8	;;; the Free Software Foundation; either version 3 of the License, or (at
	9	;;; your option) any later version.
	10	;;;
	11	;;; GNU Guix is distributed in the hope that it will be useful, but
	12	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	13	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	;;; GNU General Public License for more details.
	15	;;;
	16	;;; You should have received a copy of the GNU General Public License
	17	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	18
	19	(define-module (gnu system file-systems)
575b4b09	20	#:use-module (ice-9 match)
661a1d79	21	#:use-module (ice-9 regex)
722554a3	22	#:use-module (guix gexp)
c5df1839	23	#:use-module (guix records)
3392ce5d	24	#:use-module (guix store)
661a1d79 LC	25	#:use-module (rnrs bytevectors)
	26	#:use-module ((gnu build file-systems) #:select (uuid->string))
	27	#:re-export (uuid->string)
c5df1839 LC	28	#:export (<file-system>
	29	file-system
	30	file-system?
	31	file-system-device
d4c87617	32	file-system-title
c5df1839 LC	33	file-system-mount-point
	34	file-system-type
	35	file-system-needed-for-boot?
	36	file-system-flags
	37	file-system-options
4e469051 LC	38	file-system-check?
4e469051 LC	39	file-system-create-mount-point?
c5df1839	40
575b4b09	41	file-system->spec
661a1d79 LC	42	string->uuid
661a1d79 LC	43	uuid
575b4b09	44
c5df1839	45	%fuse-control-file-system
a69576ea	46	%binary-format-file-system
705f8b68 MW	47	%shared-memory-file-system
705f8b68 MW	48	%pseudo-terminal-file-system
a69576ea	49	%devtmpfs-file-system
3392ce5d	50	%immutable-store
727636aa	51	%control-groups
a69576ea	52
5dae0186	53	%base-file-systems
c829bc80	54	%container-file-systems
5dae0186 LC	55
	56	mapped-device
	57	mapped-device?
	58	mapped-device-source
	59	mapped-device-target
722554a3 LC	60	mapped-device-type
	61
	62	mapped-device-kind
	63	mapped-device-kind?
	64	mapped-device-kind-open
9110c2e9 DT	65	mapped-device-kind-close
	66
	67	<file-system-mapping>
	68	file-system-mapping
	69	file-system-mapping?
	70	file-system-mapping-source
	71	file-system-mapping-target
	72	file-system-mapping-writable?
	73
	74	%store-mapping))
c5df1839 LC	75
	76	;;; Commentary:
	77	;;;
	78	;;; Declaring file systems to be mounted.
	79	;;;
	80	;;; Code:
	81
	82	;; File system declaration.
	83	(define-record-type* <file-system> file-system
	84	make-file-system
	85	file-system?
	86	(device file-system-device) ; string
d4c87617 LC	87	(title file-system-title ; 'device \| 'label \| 'uuid
d4c87617 LC	88	(default 'device))
c5df1839 LC	89	(mount-point file-system-mount-point) ; string
	90	(type file-system-type) ; string
	91	(flags file-system-flags ; list of symbols
	92	(default '()))
	93	(options file-system-options ; string or #f
	94	(default #f))
4d6b879c	95	(needed-for-boot? %file-system-needed-for-boot? ; Boolean
c5df1839 LC	96	(default #f))
c5df1839 LC	97	(check? file-system-check? ; Boolean
4e469051 LC	98	(default #t))
	99	(create-mount-point? file-system-create-mount-point? ; Boolean
	100	(default #f)))
c5df1839	101
4d6b879c LC	102	(define-inlinable (file-system-needed-for-boot? fs)
	103	"Return true if FS has the 'needed-for-boot?' flag set, or if it's the root
	104	file system."
	105	(or (%file-system-needed-for-boot? fs)
	106	(string=? "/" (file-system-mount-point fs))))
	107
575b4b09 DT	108	(define (file-system->spec fs)
	109	"Return a list corresponding to file-system FS that can be passed to the
	110	initrd code."
	111	(match fs
	112	(($ <file-system> device title mount-point type flags options _ check?)
	113	(list device title mount-point type flags options check?))))
	114
661a1d79 LC	115	(define %uuid-rx
	116	;; The regexp of a UUID.
	117	(make-regexp "^([[:xdigit:]]{8})-([[:xdigit:]]{4})-([[:xdigit:]]{4})-([[:xdigit:]]{4})-([[:xdigit:]]{12})$"))
	118
	119	(define (string->uuid str)
	120	"Parse STR as a DCE UUID (see <https://tools.ietf.org/html/rfc4122>) and
	121	return its contents as a 16-byte bytevector. Return #f if STR is not a valid
	122	UUID representation."
	123	(and=> (regexp-exec %uuid-rx str)
	124	(lambda (match)
	125	(letrec-syntax ((hex->number
	126	(syntax-rules ()
	127	((_ index)
	128	(string->number (match:substring match index)
	129	16))))
	130	(put!
	131	(syntax-rules ()
	132	((_ bv index (number len) rest ...)
	133	(begin
	134	(bytevector-uint-set! bv index number
	135	(endianness big) len)
	136	(put! bv (+ index len) rest ...)))
	137	((_ bv index)
	138	bv))))
	139	(let ((time-low (hex->number 1))
	140	(time-mid (hex->number 2))
	141	(time-hi (hex->number 3))
	142	(clock-seq (hex->number 4))
	143	(node (hex->number 5))
	144	(uuid (make-bytevector 16)))
	145	(put! uuid 0
	146	(time-low 4) (time-mid 2) (time-hi 2)
	147	(clock-seq 2) (node 6)))))))
	148
	149	(define-syntax uuid
	150	(lambda (s)
	151	"Return the bytevector corresponding to the given UUID representation."
	152	(syntax-case s ()
	153	((_ str)
	154	(string? (syntax->datum #'str))
	155	;; A literal string: do the conversion at expansion time.
1cab9e81 LC	156	(let ((bv (string->uuid (syntax->datum #'str))))
	157	(unless bv
	158	(syntax-violation 'uuid "invalid UUID" s))
	159	(datum->syntax #'str bv)))
661a1d79 LC	160	((_ str)
	161	#'(string->uuid str)))))
	162
	163	\f
	164	;;;
	165	;;; Common file systems.
	166	;;;
	167
c5df1839 LC	168	(define %fuse-control-file-system
	169	;; Control file system for Linux' file systems in user-space (FUSE).
	170	(file-system
	171	(device "fusectl")
	172	(mount-point "/sys/fs/fuse/connections")
	173	(type "fusectl")
	174	(check? #f)))
	175
	176	(define %binary-format-file-system
	177	;; Support for arbitrary executable binary format.
	178	(file-system
	179	(device "binfmt_misc")
	180	(mount-point "/proc/sys/fs/binfmt_misc")
	181	(type "binfmt_misc")
	182	(check? #f)))
	183
a69576ea LC	184	(define %devtmpfs-file-system
	185	;; /dev as a 'devtmpfs' file system, needed for udev.
	186	(file-system
	187	(device "none")
	188	(mount-point "/dev")
	189	(type "devtmpfs")
7f239fd3 LC	190	(check? #f)
	191
	192	;; Mount it from the initrd so /dev/pts & co. can then be mounted over it.
	193	(needed-for-boot? #t)))
	194
	195	(define %tty-gid
	196	;; ID of the 'tty' group. Allocate it statically to make it easy to refer
	197	;; to it from here and from the 'tty' group definitions.
c8fa3426	198	996)
7f239fd3 LC	199
	200	(define %pseudo-terminal-file-system
	201	;; The pseudo-terminal file system. It needs to be mounted so that
	202	;; statfs(2) returns DEVPTS_SUPER_MAGIC like libc's getpt(3) expects (and
	203	;; thus openpty(3) and its users, such as xterm.)
	204	(file-system
	205	(device "none")
	206	(mount-point "/dev/pts")
	207	(type "devpts")
	208	(check? #f)
	209	(needed-for-boot? #f)
	210	(create-mount-point? #t)
	211	(options (string-append "gid=" (number->string %tty-gid) ",mode=620"))))
a69576ea	212
db17ae5c LC	213	(define %shared-memory-file-system
	214	;; Shared memory.
	215	(file-system
	216	(device "tmpfs")
	217	(mount-point "/dev/shm")
	218	(type "tmpfs")
	219	(check? #f)
	220	(flags '(no-suid no-dev))
	221	(options "size=50%") ;TODO: make size configurable
	222	(create-mount-point? #t)))
	223
3392ce5d LC	224	(define %immutable-store
	225	;; Read-only store to avoid users or daemons accidentally modifying it.
	226	;; 'guix-daemon' has provisions to remount it read-write in its own name
	227	;; space.
	228	(file-system
	229	(device (%store-prefix))
	230	(mount-point (%store-prefix))
	231	(type "none")
	232	(check? #f)
	233	(flags '(read-only bind-mount))))
	234
727636aa DT	235	(define %control-groups
	236	(cons (file-system
	237	(device "cgroup")
	238	(mount-point "/sys/fs/cgroup")
	239	(type "tmpfs")
	240	(check? #f))
	241	(map (lambda (subsystem)
	242	(file-system
	243	(device "cgroup")
	244	(mount-point (string-append "/sys/fs/cgroup/" subsystem))
	245	(type "cgroup")
	246	(check? #f)
	247	(options subsystem)
	248	(create-mount-point? #t)))
	249	'("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
	250	"blkio" "perf_event" "hugetlb"))))
	251
a69576ea LC	252	(define %base-file-systems
	253	;; List of basic file systems to be mounted. Note that /proc and /sys are
	254	;; currently mounted by the initrd.
727636aa DT	255	(append (list %devtmpfs-file-system
	256	%pseudo-terminal-file-system
	257	%shared-memory-file-system
	258	%immutable-store)
	259	%control-groups))
a69576ea	260
c829bc80 DT	261	;; File systems for Linux containers differ from %base-file-systems in that
	262	;; they impose additional restrictions such as no-exec or need different
	263	;; options to function properly.
	264	;;
	265	;; The file system flags and options conform to the libcontainer
	266	;; specification:
	267	;; https://github.com/docker/libcontainer/blob/master/SPEC.md#filesystem
	268	(define %container-file-systems
	269	(list
b57ec5f6	270	;; Pseudo-terminal file system.
c829bc80 DT	271	(file-system
	272	(device "none")
	273	(mount-point "/dev/pts")
	274	(type "devpts")
	275	(flags '(no-exec no-suid))
	276	(needed-for-boot? #t)
	277	(create-mount-point? #t)
	278	(check? #f)
	279	(options "newinstance,ptmxmode=0666,mode=620"))
	280	;; Shared memory file system.
	281	(file-system
	282	(device "tmpfs")
	283	(mount-point "/dev/shm")
	284	(type "tmpfs")
	285	(flags '(no-exec no-suid no-dev))
	286	(options "mode=1777,size=65536k")
	287	(needed-for-boot? #t)
	288	(create-mount-point? #t)
	289	(check? #f))
	290	;; Message queue file system.
	291	(file-system
	292	(device "mqueue")
	293	(mount-point "/dev/mqueue")
	294	(type "mqueue")
	295	(flags '(no-exec no-suid no-dev))
	296	(needed-for-boot? #t)
	297	(create-mount-point? #t)
	298	(check? #f))))
	299
5dae0186 LC	300
	301	\f
	302	;;;
	303	;;; Mapped devices, for Linux's device-mapper.
	304	;;;
	305
	306	(define-record-type* <mapped-device> mapped-device
	307	make-mapped-device
	308	mapped-device?
	309	(source mapped-device-source) ;string
	310	(target mapped-device-target) ;string
9cb426b8	311	(type mapped-device-type)) ;<mapped-device-kind>
722554a3 LC	312
	313	(define-record-type* <mapped-device-type> mapped-device-kind
	314	make-mapped-device-kind
	315	mapped-device-kind?
	316	(open mapped-device-kind-open) ;source target -> gexp
	317	(close mapped-device-kind-close ;source target -> gexp
	318	(default (const #~(const #f)))))
5dae0186	319
9110c2e9 DT	320	\f
	321	;;;
	322	;;; Shared file systems, for VMs/containers.
	323	;;;
	324
	325	;; Mapping of host file system SOURCE to mount point TARGET in the guest.
	326	(define-record-type* <file-system-mapping> file-system-mapping
	327	make-file-system-mapping
	328	file-system-mapping?
	329	(source file-system-mapping-source) ;string
	330	(target file-system-mapping-target) ;string
	331	(writable? file-system-mapping-writable? ;Boolean
	332	(default #f)))
	333
	334	(define %store-mapping
	335	;; Mapping of the host's store into the guest.
	336	(file-system-mapping
	337	(source (%store-prefix))
	338	(target (%store-prefix))
	339	(writable? #f)))
	340
c5df1839	341	;;; file-systems.scm ends here