HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
utils: Move '&fix-hint' to (guix diagnostics).
[jackhill/guix/guix.git] / gnu / system / file-systems.scm
CommitLineData
c5df1839 1;;; GNU Guix --- Functional package management for GNU
b41c7beb 2;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
2ef4d273 3;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
fa35fb58 4;;; Copyright © 2020 Maxim Cournoyer <maxim.cournoyer@gmail.com>
c5df1839
LC		 5;;;
6;;; This file is part of GNU Guix.
7;;;
8;;; GNU Guix is free software; you can redistribute it and/or modify it
9;;; under the terms of the GNU General Public License as published by
10;;; the Free Software Foundation; either version 3 of the License, or (at
11;;; your option) any later version.
12;;;
13;;; GNU Guix is distributed in the hope that it will be useful, but
14;;; WITHOUT ANY WARRANTY; without even the implied warranty of
15;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16;;; GNU General Public License for more details.
17;;;
18;;; You should have received a copy of the GNU General Public License
19;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
20
21(define-module (gnu system file-systems)
575b4b09 22 #:use-module (ice-9 match)
9976c76a 23 #:use-module (rnrs bytevectors)
7597478e 24 #:use-module (srfi srfi-1)
b460ba79 25 #:use-module (srfi srfi-2)
a5acc17a 26 #:use-module (srfi srfi-9)
b460ba79
MC		 27 #:use-module (srfi srfi-26)
28 #:use-module (srfi srfi-35)
a5acc17a 29 #:use-module (srfi srfi-9 gnu)
c5df1839 30 #:use-module (guix records)
9b336338 31 #:use-module (gnu system uuid)
47cef4ec
LC		 32 #:re-export (uuid ;backward compatibility
33 string->uuid
f8865db6 34 uuid->string)
a48d3450 35 #:export (file-system
c5df1839
LC		 36 file-system?
37 file-system-device
99e676db 38 file-system-device->string
a5acc17a 39 file-system-title ;deprecated
c5df1839
LC		 40 file-system-mount-point
41 file-system-type
42 file-system-needed-for-boot?
43 file-system-flags
44 file-system-options
fa35fb58
MC		 45 file-system-options->alist
46 alist->file-system-options
47
be21979d 48 file-system-mount?
4e469051
LC		 49 file-system-check?
50 file-system-create-mount-point?
e51710d1 51 file-system-dependencies
dd41a7f8 52 file-system-location
c5df1839 53
278d486b 54 file-system-type-predicate
b460ba79
MC		 55 btrfs-subvolume?
56 btrfs-store-subvolume-file-name
278d486b 57
a5acc17a
LC		 58 file-system-label
59 file-system-label?
60 file-system-label->string
61
575b4b09 62 file-system->spec
5970e8e2 63 spec->file-system
d77a0bd6 64 specification->file-system-mapping
575b4b09 65
6ddb5960 66 %pseudo-file-system-types
c5df1839 67 %fuse-control-file-system
a69576ea 68 %binary-format-file-system
705f8b68
MW		 69 %shared-memory-file-system
70 %pseudo-terminal-file-system
3c185b24 71 %tty-gid
3392ce5d 72 %immutable-store
727636aa 73 %control-groups
14454f0b 74 %elogind-file-systems
a69576ea 75
5dae0186 76 %base-file-systems
c829bc80 77 %container-file-systems
5dae0186 78
9110c2e9
DT		 79 <file-system-mapping>
80 file-system-mapping
81 file-system-mapping?
82 file-system-mapping-source
83 file-system-mapping-target
84 file-system-mapping-writable?
85
d2a5e698
LC		 86 file-system-mapping->bind-mount
87
7597478e
LC		 88 %store-mapping
89 %network-configuration-files
90 %network-file-mappings))
c5df1839
LC		 91
92;;; Commentary:
93;;;
94;;; Declaring file systems to be mounted.
95;;;
278d486b
LC		 96;;; Note: this file system is used both in the Shepherd and on the "host
97;;; side", so it must not include (gnu packages …) modules.
98;;;
c5df1839
LC		 99;;; Code:
100
101;; File system declaration.
a5acc17a 102(define-record-type* <file-system> %file-system
c5df1839
LC		 103 make-file-system
104 file-system?
a5acc17a 105 (device file-system-device) ; string | <uuid> | <file-system-label>
c5df1839
LC		 106 (mount-point file-system-mount-point) ; string
107 (type file-system-type) ; string
108 (flags file-system-flags ; list of symbols
109 (default '()))
110 (options file-system-options ; string or #f
111 (default #f))
be21979d
LC		 112 (mount? file-system-mount? ; Boolean
113 (default #t))
4d6b879c 114 (needed-for-boot? %file-system-needed-for-boot? ; Boolean
c5df1839
LC		 115 (default #f))
116 (check? file-system-check? ; Boolean
4e469051
LC		 117 (default #t))
118 (create-mount-point? file-system-create-mount-point? ; Boolean
e51710d1 119 (default #f))
e502bf89 120 (dependencies file-system-dependencies ; list of <file-system>
dd41a7f8
LC		 121 (default '())) ; or <mapped-device>
122 (location file-system-location
123 (default (current-source-location))
124 (innate)))
c5df1839 125
a5acc17a
LC		 126;; A file system label for use in the 'device' field.
127(define-record-type <file-system-label>
128 (file-system-label label)
129 file-system-label?
130 (label file-system-label->string))
131
132(set-record-type-printer! <file-system-label>
133 (lambda (obj port)
134 (format port "#<file-system-label ~s>"
135 (file-system-label->string obj))))
136
137(define-syntax report-deprecation
138 (lambda (s)
139 "Report the use of the now-deprecated 'title' field."
140 (syntax-case s ()
141 ((_ field)
142 (let* ((source (syntax-source #'field))
143 (file (and source (assq-ref source 'filename)))
144 (line (and source
145 (and=> (assq-ref source 'line) 1+)))
146 (column (and source (assq-ref source 'column))))
147 (format (current-error-port)
148 "~a:~a:~a: warning: 'title' field is deprecated~%"
149 file line column)
150 #t)))))
151
152;; Helper for 'process-file-system-declaration'.
153(define-syntax device-expression
154 (syntax-rules (quote label uuid device)
155 ((_ (quote label) dev)
156 (file-system-label dev))
157 ((_ (quote uuid) dev)
158 (if (uuid? dev) dev (uuid dev)))
159 ((_ (quote device) dev)
160 dev)
161 ((_ title dev)
162 (case title
163 ((label) (file-system-label dev))
164 ((uuid) (uuid dev))
165 (else dev)))))
166
167;; Helper to interpret the now-deprecated 'title' field. Detect forms like
168;; (title 'label), remove them, and adjust the 'device' field accordingly.
169;; TODO: Remove this once 'title' has been deprecated long enough.
170(define-syntax process-file-system-declaration
171 (syntax-rules (device title)
172 ((_ () (rest ...) #f #f) ;no 'title' and no 'device' field
173 (%file-system rest ...))
174 ((_ () (rest ...) dev #f) ;no 'title' field
175 (%file-system rest ... (device dev)))
176 ((_ () (rest ...) dev titl) ;got a 'title' field
177 (%file-system rest ...
178 (device (device-expression titl dev))))
179 ((_ ((title titl) rest ...) (previous ...) dev _)
180 (begin
181 (report-deprecation (title titl))
182 (process-file-system-declaration (rest ...)
183 (previous ...)
184 dev titl)))
185 ((_ ((device dev) rest ...) (previous ...) _ titl)
186 (process-file-system-declaration (rest ...)
187 (previous ...)
188 dev titl))
189 ((_ (field rest ...) (previous ...) dev titl)
190 (process-file-system-declaration (rest ...)
191 (previous ... field)
192 dev titl))))
193
194(define-syntax-rule (file-system fields ...)
195 (process-file-system-declaration (fields ...) () #f #f))
196
197(define (file-system-title fs) ;deprecated
198 (match (file-system-device fs)
199 ((? file-system-label?) 'label)
200 ((? uuid?) 'uuid)
201 ((? string?) 'device)))
202
ad167d02
LC		 203;; Note: This module is used both on the build side and on the host side.
204;; Arrange not to pull (guix store) and (guix config) because the latter
205;; differs from user to user.
206(define (%store-prefix)
207 "Return the store prefix."
c45477d2
LC		 208 ;; Note: If we have (guix store database) in the search path and we do *not*
209 ;; have (guix store) proper, 'resolve-module' returns an empty (guix store)
210 ;; with one sub-module.
211 (cond ((and=> (resolve-module '(guix store) #:ensure #f)
212 (lambda (store)
213 (module-variable store '%store-prefix)))
ad167d02 214 =>
c45477d2
LC		 215 (lambda (variable)
216 ((variable-ref variable))))
ad167d02
LC		 217 ((getenv "NIX_STORE")
218 => identity)
219 (else
220 "/gnu/store")))
221
38434419
LC		 222(define %not-slash
223 (char-set-complement (char-set #\/)))
224
225(define (file-prefix? file1 file2)
226 "Return #t if FILE1 denotes the name of a file that is a parent of FILE2,
227where both FILE1 and FILE2 are absolute file name. For example:
228
229 (file-prefix? \"/gnu\" \"/gnu/store\")
230 => #t
231
232 (file-prefix? \"/gn\" \"/gnu/store\")
233 => #f
234"
235 (and (string-prefix? "/" file1)
236 (string-prefix? "/" file2)
237 (let loop ((file1 (string-tokenize file1 %not-slash))
238 (file2 (string-tokenize file2 %not-slash)))
239 (match file1
240 (()
241 #t)
242 ((head1 tail1 ...)
243 (match file2
244 ((head2 tail2 ...)
245 (and (string=? head1 head2) (loop tail1 tail2)))
246 (()
247 #f)))))))
248
99e676db
MC		 249(define* (file-system-device->string device #:key uuid-type)
250 "Return the string representations of the DEVICE field of a <file-system>
251record. When the device is a UUID, its representation is chosen depending on
252UUID-TYPE, a symbol such as 'dce or 'iso9660."
253 (match device
254 ((? file-system-label?)
255 (file-system-label->string device))
256 ((? uuid?)
257 (if uuid-type
258 (uuid->string (uuid-bytevector device) uuid-type)
259 (uuid->string device)))
260 ((? string?)
261 device)))
262
fa35fb58
MC		 263(define (file-system-options->alist string)
264 "Translate the option string format of a <file-system> record into an
265association list of options or option/value pairs."
266 (if string
267 (let ((options (string-split string #\,)))
268 (map (lambda (param)
269 (let ((=index (string-index param #\=)))
270 (if =index
271 (cons (string-take param =index)
272 (string-drop param (1+ =index)))
273 param)))
274 options))
275 '()))
276
277(define (alist->file-system-options options)
278 "Return the string representation of OPTIONS, an association list. The
279string obtained can be used as the option field of a <file-system> record."
280 (if (null? options)
281 #f
282 (string-join (map (match-lambda
283 ((key . value)
284 (string-append key "=" value))
285 (key
286 key))
287 options)
288 ",")))
289
38434419
LC		 290(define (file-system-needed-for-boot? fs)
291 "Return true if FS has the 'needed-for-boot?' flag set, or if it holds the
292store--e.g., if FS is the root file system."
4d6b879c 293 (or (%file-system-needed-for-boot? fs)
38434419
LC		 294 (and (file-prefix? (file-system-mount-point fs) (%store-prefix))
295 (not (memq 'bind-mount (file-system-flags fs))))))
4d6b879c 296
575b4b09
DT		 297(define (file-system->spec fs)
298 "Return a list corresponding to file-system FS that can be passed to the
299initrd code."
300 (match fs
a5acc17a
LC		 301 (($ <file-system> device mount-point type flags options _ _ check?)
302 (list (cond ((uuid? device)
303 `(uuid ,(uuid-type device) ,(uuid-bytevector device)))
304 ((file-system-label? device)
305 `(file-system-label ,(file-system-label->string device)))
306 (else device))
307 mount-point type flags options check?))))
575b4b09 308
5970e8e2
LC		 309(define (spec->file-system sexp)
310 "Deserialize SEXP, a list, to the corresponding <file-system> object."
311 (match sexp
a5acc17a 312 ((device mount-point type flags options check?)
5970e8e2 313 (file-system
9976c76a
LC		 314 (device (match device
315 (('uuid (? symbol? type) (? bytevector? bv))
316 (bytevector->uuid bv type))
a5acc17a
LC		 317 (('file-system-label (? string? label))
318 (file-system-label label))
9976c76a
LC		 319 (_
320 device)))
5970e8e2
LC		 321 (mount-point mount-point) (type type)
322 (flags flags) (options options)
323 (check? check?)))))
324
d77a0bd6
LC		 325(define (specification->file-system-mapping spec writable?)
326 "Read the SPEC and return the corresponding <file-system-mapping>. SPEC is
327a string of the form \"SOURCE\" or \"SOURCE=TARGET\". The former specifies
328that SOURCE from the host should be mounted at SOURCE in the other system.
329The latter format specifies that SOURCE from the host should be mounted at
330TARGET in the other system."
331 (let ((index (string-index spec #\=)))
332 (if index
333 (file-system-mapping
334 (source (substring spec 0 index))
335 (target (substring spec (+ 1 index)))
336 (writable? writable?))
337 (file-system-mapping
338 (source spec)
339 (target spec)
340 (writable? writable?)))))
341
661a1d79
LC		 342\f
343;;;
344;;; Common file systems.
345;;;
346
6ddb5960
LC		 347(define %pseudo-file-system-types
348 ;; List of know pseudo file system types. This is used when validating file
349 ;; system definitions.
df1eaffc
LC		 350 '("binfmt_misc" "cgroup" "debugfs" "devpts" "devtmpfs" "efivarfs" "fusectl"
351 "hugetlbfs" "overlay" "proc" "securityfs" "sysfs" "tmpfs"))
6ddb5960 352
c5df1839
LC		 353(define %fuse-control-file-system
354 ;; Control file system for Linux' file systems in user-space (FUSE).
355 (file-system
356 (device "fusectl")
357 (mount-point "/sys/fs/fuse/connections")
358 (type "fusectl")
359 (check? #f)))
360
361(define %binary-format-file-system
362 ;; Support for arbitrary executable binary format.
363 (file-system
364 (device "binfmt_misc")
365 (mount-point "/proc/sys/fs/binfmt_misc")
366 (type "binfmt_misc")
367 (check? #f)))
368
7f239fd3
LC		 369(define %tty-gid
370 ;; ID of the 'tty' group. Allocate it statically to make it easy to refer
371 ;; to it from here and from the 'tty' group definitions.
c8fa3426 372 996)
7f239fd3
LC		 373
374(define %pseudo-terminal-file-system
375 ;; The pseudo-terminal file system. It needs to be mounted so that
376 ;; statfs(2) returns DEVPTS_SUPER_MAGIC like libc's getpt(3) expects (and
377 ;; thus openpty(3) and its users, such as xterm.)
378 (file-system
379 (device "none")
380 (mount-point "/dev/pts")
381 (type "devpts")
382 (check? #f)
383 (needed-for-boot? #f)
384 (create-mount-point? #t)
385 (options (string-append "gid=" (number->string %tty-gid) ",mode=620"))))
a69576ea 386
db17ae5c
LC		 387(define %shared-memory-file-system
388 ;; Shared memory.
389 (file-system
390 (device "tmpfs")
391 (mount-point "/dev/shm")
392 (type "tmpfs")
393 (check? #f)
394 (flags '(no-suid no-dev))
395 (options "size=50%") ;TODO: make size configurable
396 (create-mount-point? #t)))
397
3392ce5d
LC		 398(define %immutable-store
399 ;; Read-only store to avoid users or daemons accidentally modifying it.
400 ;; 'guix-daemon' has provisions to remount it read-write in its own name
401 ;; space.
402 (file-system
403 (device (%store-prefix))
404 (mount-point (%store-prefix))
405 (type "none")
406 (check? #f)
b41c7beb 407 (flags '(read-only bind-mount no-atime))))
3392ce5d 408
727636aa 409(define %control-groups
b78cad85
LC		 410 (let ((parent (file-system
411 (device "cgroup")
412 (mount-point "/sys/fs/cgroup")
413 (type "tmpfs")
414 (check? #f))))
415 (cons parent
416 (map (lambda (subsystem)
417 (file-system
418 (device "cgroup")
419 (mount-point (string-append "/sys/fs/cgroup/" subsystem))
420 (type "cgroup")
421 (check? #f)
422 (options subsystem)
423 (create-mount-point? #t)
424
425 ;; This must be mounted after, and unmounted before the
426 ;; parent directory.
427 (dependencies (list parent))))
428 '("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
2ef4d273 429 "blkio" "perf_event" "pids")))))
727636aa 430
14454f0b
MW		 431(define %elogind-file-systems
432 ;; We don't use systemd, but these file systems are needed for elogind,
433 ;; which was extracted from systemd.
2cf5f4c1
MO		 434 (append
435 (list (file-system
436 (device "none")
437 (mount-point "/run/systemd")
438 (type "tmpfs")
439 (check? #f)
440 (flags '(no-suid no-dev no-exec))
441 (options "mode=0755")
442 (create-mount-point? #t))
443 (file-system
444 (device "none")
445 (mount-point "/run/user")
446 (type "tmpfs")
447 (check? #f)
448 (flags '(no-suid no-dev no-exec))
449 (options "mode=0755")
450 (create-mount-point? #t))
451 ;; Elogind uses cgroups to organize processes, allowing it to map PIDs
452 ;; to sessions. Elogind's cgroup hierarchy isn't associated with any
453 ;; resource controller ("subsystem").
454 (file-system
455 (device "cgroup")
456 (mount-point "/sys/fs/cgroup/elogind")
457 (type "cgroup")
458 (check? #f)
459 (options "none,name=elogind")
460 (create-mount-point? #t)
461 (dependencies (list (car %control-groups)))))
462 %control-groups))
14454f0b 463
a69576ea
LC		 464(define %base-file-systems
465 ;; List of basic file systems to be mounted. Note that /proc and /sys are
466 ;; currently mounted by the initrd.
2cf5f4c1
MO		 467 (list %pseudo-terminal-file-system
468 %shared-memory-file-system
469 %immutable-store))
a69576ea 470
c829bc80
DT		 471;; File systems for Linux containers differ from %base-file-systems in that
472;; they impose additional restrictions such as no-exec or need different
473;; options to function properly.
474;;
475;; The file system flags and options conform to the libcontainer
476;; specification:
477;; https://github.com/docker/libcontainer/blob/master/SPEC.md#filesystem
478(define %container-file-systems
479 (list
b57ec5f6 480 ;; Pseudo-terminal file system.
c829bc80
DT		 481 (file-system
482 (device "none")
483 (mount-point "/dev/pts")
484 (type "devpts")
485 (flags '(no-exec no-suid))
486 (needed-for-boot? #t)
487 (create-mount-point? #t)
488 (check? #f)
489 (options "newinstance,ptmxmode=0666,mode=620"))
490 ;; Shared memory file system.
491 (file-system
492 (device "tmpfs")
493 (mount-point "/dev/shm")
494 (type "tmpfs")
495 (flags '(no-exec no-suid no-dev))
496 (options "mode=1777,size=65536k")
497 (needed-for-boot? #t)
498 (create-mount-point? #t)
499 (check? #f))
500 ;; Message queue file system.
501 (file-system
502 (device "mqueue")
503 (mount-point "/dev/mqueue")
504 (type "mqueue")
505 (flags '(no-exec no-suid no-dev))
506 (needed-for-boot? #t)
507 (create-mount-point? #t)
508 (check? #f))))
509
9110c2e9
DT		 510\f
511;;;
512;;; Shared file systems, for VMs/containers.
513;;;
514
515;; Mapping of host file system SOURCE to mount point TARGET in the guest.
516(define-record-type* <file-system-mapping> file-system-mapping
517 make-file-system-mapping
518 file-system-mapping?
519 (source file-system-mapping-source) ;string
520 (target file-system-mapping-target) ;string
521 (writable? file-system-mapping-writable? ;Boolean
522 (default #f)))
523
d2a5e698
LC		 524(define (file-system-mapping->bind-mount mapping)
525 "Return a file system that realizes MAPPING, a <file-system-mapping>, using
526a bind mount."
527 (match mapping
528 (($ <file-system-mapping> source target writable?)
529 (file-system
530 (mount-point target)
531 (device source)
532 (type "none")
533 (flags (if writable?
534 '(bind-mount)
535 '(bind-mount read-only)))
536 (check? #f)
537 (create-mount-point? #t)))))
538
9110c2e9
DT		 539(define %store-mapping
540 ;; Mapping of the host's store into the guest.
541 (file-system-mapping
542 (source (%store-prefix))
543 (target (%store-prefix))
544 (writable? #f)))
545
7597478e
LC		 546(define %network-configuration-files
547 ;; List of essential network configuration files.
548 '("/etc/resolv.conf"
549 "/etc/nsswitch.conf"
550 "/etc/services"
551 "/etc/hosts"))
552
553(define %network-file-mappings
554 ;; List of file mappings for essential network files.
555 (filter-map (lambda (file)
556 (file-system-mapping
557 (source file)
558 (target file)
559 ;; XXX: On some GNU/Linux systems, /etc/resolv.conf is a
560 ;; symlink to a file in a tmpfs which, for an unknown reason,
561 ;; cannot be bind mounted read-only within the container.
625bdf09
LC		 562 ;; The same goes with /var/run/nscd, as discussed in
563 ;; <https://bugs.gnu.org/37967>.
564 (writable? (or (string=? file "/etc/resolv.conf")
565 (string=? file "/var/run/nscd")))))
5ccec771 566 (cons "/var/run/nscd" %network-configuration-files)))
7597478e 567
72089954 568(define (file-system-type-predicate type)
7dbd75b3
LC		 569 "Return a predicate that, when passed a file system, returns #t if that file
570system has the given TYPE."
72089954
DM		 571 (lambda (fs)
572 (string=? (file-system-type fs) type)))
573
b460ba79
MC		 574\f
575;;;
576;;; Btrfs specific helpers.
577;;;
578
579(define (btrfs-subvolume? fs)
580 "Predicate to check if FS, a file-system object, is a Btrfs subvolume."
581 (and-let* ((btrfs-file-system? (string= "btrfs" (file-system-type fs)))
582 (option-keys (map (match-lambda
583 ((key . value) key)
584 (key key))
585 (file-system-options->alist
586 (file-system-options fs)))))
587 (find (cut string-prefix? "subvol" <>) option-keys)))
588
589(define (btrfs-store-subvolume-file-name file-systems)
590 "Return the subvolume file name within the Btrfs top level onto which the
591store is located, else #f."
592
593 (define (prepend-slash/maybe s)
594 (if (string=? "/" (string-take s 1))
595 s
596 (string-append "/" s)))
597
598 (define (file-name-depth file-name)
599 (length (string-tokenize file-name %not-slash)))
600
601 (and-let* ((btrfs-subvolume-fs (filter btrfs-subvolume? file-systems))
602 (btrfs-subvolume-fs*
603 (sort btrfs-subvolume-fs
604 (lambda (fs1 fs2)
605 (> (file-name-depth (file-system-mount-point fs1))
606 (file-name-depth (file-system-mount-point fs2))))))
607 (store-subvolume-fs
608 (find (lambda (fs) (file-prefix? (file-system-mount-point fs)
609 (%store-prefix)))
610 btrfs-subvolume-fs*))
611 (options (file-system-options->alist
612 (file-system-options store-subvolume-fs))))
613 ;; XXX: Deriving the subvolume name based from a subvolume ID is not
614 ;; supported, as we'd need to query the actual file system.
615 (or (and=> (assoc-ref options "subvol") prepend-slash/maybe)
616 ;; FIXME: Use &fix-hint once it no longer pulls in (guix utils).
617 (raise (condition
618 (&message
619 (message "The store is on a Btrfs subvolume, but the \
620subvolume name is unknown.
621Hint: Use the \"subvol\" Btrfs file system option.")))))))
622
623
c5df1839 624;;; file-systems.scm ends here
jackhill's copy of GNU Guix: https://guix.gnu.org/