~ruther/guix-local: etc 001cd00bcd123cd1eab6ebd1b85afd7b0aa994fa

bb226310 — Rutherther 2 months ago

guix-install.sh: Do not set GUILE_LOAD_PATH in zzz-guix.sh.

Channels from the load path will shadow channels used through time-machine or
used through any other guix than the one in ~/.config/guix/current. This is
true for all channels that are in ~/.config/guix/current except guix.  On Guix
System, /run/current-system/profile/share/guile/site/3.0 is usually in
GUILE_LOAD_PATH that typically has only Guix, so no shadowing happens in most
cases.

For using Geiser and other sw, it's possible to configure them to use "guix
repl" that's intended for this use case. This is then makes the guix being
used explicit.

It is expected that this is only a temporary solution. After a proper
solutions is found, it will be reverted.

Workaround #4819.
Reverts: 78390634d76c0c75c6e93742fa7caec965194641.

Change-Id: I36b921a758618f382af9097003415f902b27c44b
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

3dadea4b — Noé Lopez 2 months ago

guix-install.sh: Install AppArmor profile.

* etc/guix-install.sh (sys_maybe_setup_apparmor): New function.
(main_install): Call it.
(sys_delete_apparmor_profiles): New function.
(main_uninstall): Call it.

Fixes #4210.
Fixes <https://issues.guix.gnu.org/71226>.

Change-Id: Ice4bf4d91a1ae438fc5654dec327f53ae9a7b888
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

60782c20 — Noé Lopez 2 months ago

etc: Add AppArmor profile for the guix command.

* etc/apparmor.d/guix: New file.
* Makefile.am (nodist_apparmor_profile_DATA): Add it.

Change-Id: I3d61238203d7663ce582717f8e4eac4c6f679928
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

587fd2da — Noé Lopez 2 months ago

etc: Add AppArmor profile for the daemon.

* .gitignore: Add etc/apparmor.d/tunables/guix.
* Makefile.am (nodist_apparmor_profile_DATA)
(nodist_apparmor_profile_tunables_DATA): Define it.
* configure.ac: Generate etc/apparmor.d/tunables/guix. Add
--with-apparmor-profile-dir option.
* etc/apparmor.d/guix-daemon: New file.
* etc/apparmor.d/tunables/guix.in: New file.
* doc/guix.texi: Document AppArmor profiles.
* gnu/packages/package-management.scm (guix): Add future changes commented.

Change-Id: Iac7df9d642383cc46a2d450c3badef31199ab041
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

9a78e760 — Rutherther 2 months ago

guix-daemon.service.in: Make service restartable.

Currently the service cannot be restarted, because the gnu store mount makes
it read-only. So fix this by removing the mount when starting the service.

"-" to accept failures, in case the command doesn't finish successfully,
chances are, the store can be mounted as RW, so continue.
"+" to run as root

Fixes: #4744

* etc/guix-daemon.service.in
(Service)<ExecStartPre>: Stop gnu-store.mount
(Service)<ExecStartPost>: Start gnu-store.mount

Change-Id: I296f5d8805497f8a7364b68d627eb6d4fc05dbff

7a4de7a9 — Hilton Chain 3 months ago

teams: Update team status for Hilton Chain.

* etc/teams.scm (hako): Remove teams.

Change-Id: Ib563d084e2bc2d603c7968e04bed0d222f547a0d

ae36f472 — jgart 2 months ago

teams: lisp: Add manifest.

* etc/teams/lisp/lisp-manifest.scm: New file.

Change-Id: I9e23464197978bc6236eb13d42bd9bc3069bddeb
Signed-off-by: jgart <jgart@dismail.de>

20263c4a — Lilah Tascheter 2 months ago

etc: Add tinystar to Hare team.

* etc/teams.scm (Lilah Tascheter): New member.

Signed-off-by: jgart <jgart@dismail.de>

09acdd31 — Thiago Jung Bauermann 2 months ago

etc: guix-install.sh: Set XDG_DATA_DIRS.

This allows better integration of packages installed by Guix with the
foreign distro. E.g.:

1. .desktop files from applications installed by Guix can be found by
the user's desktop environment.

2. Fonts installed in ~/.guix-profile/share/fonts can be found by GUI
applications without having to install the fontconfig package, as the
the "Application Setup" section of the manual recommends.

* etc/guix-install.sh (sys_create_init_profile): Add $GUIX_PROFILE/share
to XDG_DATA_DIRS.

Change-Id: Iba74b0782ffbad64d64cc1c5889b04012963a3e0
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

33b0df3b — Danny Milosavljevic 2 months ago

etc: Add daym to python team.

* etc/teams.scm: Make daym a member of the python team.

Change-Id: I4b9e681f4fa0098a9be02bdac37060d1a0256dda

be8bbdd2 — Nguyễn Gia Phong 2 months ago

teams: Add entry for Nguyễn Gia Phong

* etc/teams.scm ("Nguyễn Gia Phong"): New member.

Change-Id: I3492513cb136e500f9798e31bd938feecaaddb48
Reviewed-by: Maxim Cournoyer <maxim@guixotic.coop>
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>

2a59e5d3 — jgart 2 months ago

teams: python: Add manifest.

* etc/teams/python/python-manifest.scm: New file.

Change-Id: I1443ec2f2e5584a47dbe580caa682093e5fa1fe3
Signed-off-by: jgart <jgart@dismail.de>

12dcbe58 — jgart 2 months ago

teams: hare: Fix typo in module header comment.

* etc/teams/hare/hare-manifest.scm: Fix typo in module header comment.

Change-Id: Ic8b9dfeb2ae9f7785bd56c41c7cb5c568e6b7bbb

669a6c8e — npatra 2 months ago

guix-install.sh: Check for gpg keys only if downloading tarball from ftp.

* etc/guix-install.sh (main_install): Call chk_gpg_keyring only if
GUIX_BINARY_FILE_NAME is not set.

Change-Id: Ia0a7449c8798ca7d61a0f1f1e793f2bafd521c5b
Signed-off-by: npatra <nilesh@riseup.net>
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

1fea6b35 — Nilesh Patra 3 months ago

guix-install.sh: Fetch gpg keys from codeberg and public keyservers.

Instead of fetching from no longer responsive gnu.org, fetch from
Codeberg.org, falling back to public keyservers in case codeberg
is down or unresponsive.

* etc/guix-install.sh
(GPG_SIGNING_KEY): Change gnu.org user ids to codeberg usernames.
(PUBLIC_KEYSERVERS): Add variable.
(chk_gpg_keyring): Use codeberg for fetching gpgs and fallback to public
keyservers.

Change-Id: Iddcd31239e2f3460d920194d62443ff00be7c957
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

53808b13 — Thiago Jung Bauermann 2 months ago

etc: SELinux: Add permissions to allow garbage collection.

There may be an improvement to be made to guix-daemon to avoid some
spurious denial audit messages, as described in the FIXME.

* etc/guix-daemon.cil.in: Add missing rules for guix gc.

Change-Id: I3651c4523528649048c7135fabd3000c8e78b1ff
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

1b59b936 — Thiago Jung Bauermann 2 months ago

etc: SELinux: Add missing permissions.

With the changes in this commit, I can use "guix pull" and
"guix install <package>" successfully and without generating SELinux
denial erros in the system log.

* etc/guix-daemon.cil.in: Add missing rules for guix pull/guix install.

Change-Id: I40b5ed2c458b275804bc073fb72286947ecb0283
Signed-off-by: Rutherther <rutherther@ditigal.xyz>

6def6eae — jgart 2 months ago

gnu: Add bonsai.

* gnu/packages/hare-apps.scm (bonsai): New variable.

Change-Id: I4489911b111c48aeb9b084e685aaafa8adfd98e4
Signed-off-by: jgart <jgart@dismail.de>

f82549d9 — Anderson Torres 2 months ago

etc: Translate news to Portuguese.

* etc/news.scm: Translate to Portuguese.

Change-Id: Ieb467278d92d46dc1dde339dec03677d77b2a421
Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de>

43000584 — Florian Pelz 2 months ago

news: Add 'de' translation.

* etc/news.scm: Add German translation of linux-libre 5.4 removal entry.

Change-Id: I541dd12cc2364d36fb77ef3fc11442760b9d191c