unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#49578] [PATCH] Add bolt
@ 2021-07-15 16:46 phodina via Guix-patches via
  2021-07-22  1:50 ` Sarah Morgensen
                   ` (3 more replies)
  0 siblings, 4 replies; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-07-15 16:46 UTC (permalink / raw)
  To: 49578

---
index 4b57bc1f24..d07ee33a7e 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -123,6 +123,7 @@
   #:use-module (gnu packages pulseaudio)
   #:use-module (gnu packages python)
   #:use-module (gnu packages python-xyz)
+  #:use-module (gnu packages polkit)
   #:use-module (gnu packages readline)
   #:use-module (gnu packages rrdtool)
   #:use-module (gnu packages samba)
@@ -2479,6 +2480,52 @@ IPv6 packet filter.
 Both commands are targeted at system administrators.")
     (license license:gpl2+)))

+(define-public bolt
+  (package
+    (name "bolt")
+    (version "0.9.1")
+    (source (origin
+              (method git-fetch)
+              (uri
+               (git-reference
+                (url "https://gitlab.freedesktop.org/bolt/bolt")
+                (commit version)))
+              (sha256
+               (base32
+                "1phgp8fs0dlj74kbkqlvfniwc32daz47b3pvsxlfxqzyrp77xrfm"))))
+    (build-system meson-build-system)
+    (arguments
+     `(#:configure-flags (list (string-append "--localstatedir=" (assoc-ref %outputs "out") "/var"))
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'fix-udev-rules-directory
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((out (assoc-ref outputs "out")))
+               (mkdir-p (string-append out "/lib/udev/rules.d"))
+               (substitute* "meson.build"
+                 (("udev.get_pkgconfig_variable..udevdir..")
+                  (string-append "'" out "/lib'")))#t)))
+         (add-before 'install 'no-polkit-magic
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; Meson ‘magically’ invokes pkexec, which fails (not setuid).
+             (setenv "PKEXEC_UID" "something")
+             #t)))))
+    (native-inputs `(("pkg-config" ,pkg-config) ("dbus" ,dbus) ("asciidoc" ,asciidoc) ("umockdev" ,umockdev)))
+    (inputs `(("glib:bin" ,glib "bin") ("eudev" ,eudev) ("polkit" ,polkit)))
+    (synopsis "Userspace system daemon to enable security levels for Thunderbolt™
+on GNU/Linux®.")
+    (description "Thunderbolt™ is the brand name of a hardware interface developed by
+Intel® that allows the connection of external peripherals to a
+computer.
+Devices connected via Thunderbolt can be DMA masters and thus read
+system memory without interference of the operating system (or even
+the CPU). Version 3 of the interface introduced 5 different security
+levels, in order to mitigate the aforementioned security risk that
+connected devices pose to the system. The security level is set by the
+system firmware.")
+    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
+    (license license:gpl2+)))
+
 (define-public jitterentropy-rngd
   (package
     (name "jitterentropy-rngd")
--
2.31.1




^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2021-07-15 16:46 [bug#49578] [PATCH] Add bolt phodina via Guix-patches via
@ 2021-07-22  1:50 ` Sarah Morgensen
  2021-07-22 11:32   ` phodina via Guix-patches via
  2021-09-18 11:20 ` [bug#49578] [PATCH v3 1/2] gnu: " phodina via Guix-patches via
                   ` (2 subsequent siblings)
  3 siblings, 1 reply; 15+ messages in thread
From: Sarah Morgensen @ 2021-07-22  1:50 UTC (permalink / raw)
  To: phodina; +Cc: 49578

Hello,

Thanks for the patch. It's always good to see new contributors around
here! I have a few suggestions for your patch.

phodina <phodina@protonmail.com> writes:

> ---
> index 4b57bc1f24..d07ee33a7e 100644
> --- a/gnu/packages/linux.scm
> +++ b/gnu/packages/linux.scm
> @@ -123,6 +123,7 @@
>    #:use-module (gnu packages pulseaudio)
>    #:use-module (gnu packages python)
>    #:use-module (gnu packages python-xyz)
> +  #:use-module (gnu packages polkit)
>    #:use-module (gnu packages readline)
>    #:use-module (gnu packages rrdtool)
>    #:use-module (gnu packages samba)
> @@ -2479,6 +2480,52 @@ IPv6 packet filter.
>  Both commands are targeted at system administrators.")
>      (license license:gpl2+)))
>
> +(define-public bolt
> +  (package
> +    (name "bolt")
> +    (version "0.9.1")
> +    (source (origin
> +              (method git-fetch)
> +              (uri
> +               (git-reference
> +                (url "https://gitlab.freedesktop.org/bolt/bolt")
> +                (commit version)))
> +              (sha256
> +               (base32
> +                "1phgp8fs0dlj74kbkqlvfniwc32daz47b3pvsxlfxqzyrp77xrfm"))))
> +    (build-system meson-build-system)
> +    (arguments
> +     `(#:configure-flags (list (string-append "--localstatedir=" (assoc-ref %outputs "out") "/var"))

Are you sure this shouldn't be "--localstatedir=/var"? As it is, it
refers to the read-only directory /gnu/store/...-bolt-0.9.1/var.

> +       #:phases
> +       (modify-phases %standard-phases
> +         (add-after 'unpack 'fix-udev-rules-directory
> +           (lambda* (#:key outputs #:allow-other-keys)
> +             (let ((out (assoc-ref outputs "out")))
> +               (mkdir-p (string-append out "/lib/udev/rules.d"))
                   ^ I think this is not necessary...

> +               (substitute* "meson.build"
> +                 (("udev.get_pkgconfig_variable..udevdir..")
> +                  (string-append "'" out "/lib'")))#t)))
                   ...with this change:      ^ /lib/udev

> +         (add-before 'install 'no-polkit-magic
> +           (lambda* (#:key outputs #:allow-other-keys)
> +             ;; Meson ‘magically’ invokes pkexec, which fails (not setuid).
> +             (setenv "PKEXEC_UID" "something")
> +             #t)))))
                ^ Phases no longer need to end with #t, so you can omit this.

> +    (native-inputs `(("pkg-config" ,pkg-config) ("dbus" ,dbus) ("asciidoc" ,asciidoc) ("umockdev" ,umockdev)))

Please wrap lines at 80 characters, and in the special case of package
inputs like here, each input should get its own line, like:

  (native-inputs
   `(("pkg-config" ,pkg-config)
     ("dbus" ,dbus)
     ("asciidoc" ,asciidoc)
     ("umockdev" ,umockdev)))

> +    (inputs `(("glib:bin" ,glib "bin") ("eudev" ,eudev) ("polkit" ,polkit)))
> +    (synopsis "Userspace system daemon to enable security levels for Thunderbolt™
> +on GNU/Linux®.")
> +    (description "Thunderbolt™ is the brand name of a hardware interface developed by
> +Intel® that allows the connection of external peripherals to a
> +computer.
> +Devices connected via Thunderbolt can be DMA masters and thus read
> +system memory without interference of the operating system (or even
> +the CPU). Version 3 of the interface introduced 5 different security
> +levels, in order to mitigate the aforementioned security risk that
> +connected devices pose to the system. The security level is set by the
> +system firmware.")
> +    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
> +    (license license:gpl2+)))
> +
>  (define-public jitterentropy-rngd
>    (package
>      (name "jitterentropy-rngd")
> --
> 2.31.1

--
Sarah




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2021-07-22  1:50 ` Sarah Morgensen
@ 2021-07-22 11:32   ` phodina via Guix-patches via
  2021-07-22 11:36     ` phodina via Guix-patches via
  0 siblings, 1 reply; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-07-22 11:32 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

Hi Sarah,

Thanks for the suggestions. Fixes:

- polkit in alphabethical order
- line wraping
- /var dir location
- removed #t in phases
- simplified udev rules install
- more useful synopsis

---
index 41902e7785..6050871264 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -119,6 +119,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pciutils)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages polkit)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages pulseaudio)
   #:use-module (gnu packages python)
@@ -2479,6 +2480,59 @@ IPv6 packet filter.
 Both commands are targeted at system administrators.")
     (license license:gpl2+)))

+(define-public bolt
+  (package
+    (name "bolt")
+    (version "0.9.1")
+    (source (origin
+              (method git-fetch)
+              (uri
+               (git-reference
+                (url "https://gitlab.freedesktop.org/bolt/bolt")
+                (commit version)))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "1phgp8fs0dlj74kbkqlvfniwc32daz47b3pvsxlfxqzyrp77xrfm"))))
+    (build-system meson-build-system)
+    (arguments
+     `(#:configure-flags (list "--localstatedir=/var")
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'replace-directories
+           (lambda* (#:key outputs #:allow-other-keys)
+             (substitute* "meson.build"
+               (("udev.get_pkgconfig_variable..udevdir..")
+                (string-append "'" (assoc-ref %outputs "out") "/lib/udev'")))
+	     (substitute* "meson.build"
+               ((".*scripts/meson-install.sh.*") ""))
+	       ))
+         (add-before 'install 'no-polkit-magic
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; Meson ‘magically’ invokes pkexec, which fails (not setuid).
+             (setenv "PKEXEC_UID" "something")
+             )))))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)
+       ("dbus" ,dbus)
+       ("asciidoc" ,asciidoc)
+       ("umockdev" ,umockdev)))
+    (inputs
+     `(("glib:bin" ,glib "bin")
+      ("eudev" ,eudev)
+      ("polkit" ,polkit)))
+    (synopsis "Userspace system daemon to enable security levels
+for Thunderbolt™ on GNU/Linux®.")
+    (description "Userspace daemon 'boltd' exposes devices via D-Bus to clients.
+It stores database of previously authorized devices and depending
+on the policy set for the individual devices, auomatically authorize newly
+connected devices without user interaction. It also adapts its behaivour when
+iommu support is detected.
+Command line utility 'boltctl' can be used to manage thundebolt devices. It can
+list devices, monitor changes and initiate authorization of device.")
+    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
+    (license license:gpl2+)))
+
 (define-public jitterentropy-rngd
   (package
     (name "jitterentropy-rngd")
--
2.31.1




^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2021-07-22 11:32   ` phodina via Guix-patches via
@ 2021-07-22 11:36     ` phodina via Guix-patches via
  2021-07-22 20:02       ` Sarah Morgensen
  0 siblings, 1 reply; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-07-22 11:36 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

Also would you have recommendation on how to create a service for the daemon boltd?

Currently it's a good step to have it packaged, but without a running service it's little bit pointless.

There is probably something similar that I can check, learn how the services work and modify it for the thunderbolt case.








^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2021-07-22 11:36     ` phodina via Guix-patches via
@ 2021-07-22 20:02       ` Sarah Morgensen
  0 siblings, 0 replies; 15+ messages in thread
From: Sarah Morgensen @ 2021-07-22 20:02 UTC (permalink / raw)
  To: phodina; +Cc: 49578

Hi,

phodina <phodina@protonmail.com> writes:

> Also would you have recommendation on how to create a service for the daemon boltd?
>
> Currently it's a good step to have it packaged, but without a running service it's little bit pointless.
>
> There is probably something similar that I can check, learn how the services work and modify it for the thunderbolt case.

I'm assuming you mean a service to run on Guix System, yes?

There is a section in the manual on this

  https://guix.gnu.org/manual/en/html_node/Defining-Services.html

which has a couple examples. You'll probably want to make a shepherd
service (shepherd is Guix System's services manager). You can also read
the code for existing services in gnu/services/*.scm. I'm not very
familiar with services so unfortunately I can't point you at any similar
ones. Best of luck!

--
Sarah




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH v3 1/2] gnu: Add bolt.
  2021-07-15 16:46 [bug#49578] [PATCH] Add bolt phodina via Guix-patches via
  2021-07-22  1:50 ` Sarah Morgensen
@ 2021-09-18 11:20 ` phodina via Guix-patches via
  2021-09-23  1:11   ` Sarah Morgensen
  2021-09-18 11:21 ` [bug#49578] [PATCH v3 2/2] services: Add a service for bolt phodina via Guix-patches via
  2022-01-22  6:55 ` [bug#49578] [PATCH] Add bolt David Conner
  3 siblings, 1 reply; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-09-18 11:20 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

* gnu/packages/linux.scm: (bolt): New variable.

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 46c9f817a8..3ec896bba6 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -121,6 +121,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pciutils)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages polkit)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages pulseaudio)
   #:use-module (gnu packages python)
@@ -2655,6 +2656,56 @@ IPv6 packet filter.
 Both commands are targeted at system administrators.")
     (license license:gpl2+)))

+(define-public bolt
+  (package
+    (name "bolt")
+    (version "0.9.1")
+    (source (origin
+              (method git-fetch)
+              (uri
+               (git-reference
+                (url "https://gitlab.freedesktop.org/bolt/bolt")
+                (commit version)))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "1phgp8fs0dlj74kbkqlvfniwc32daz47b3pvsxlfxqzyrp77xrfm"))))
+    (build-system meson-build-system)
+    (arguments
+     `(#:configure-flags (list "--localstatedir=/var")
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'replace-directories
+           (lambda* (#:key outputs #:allow-other-keys)
+             (substitute* "meson.build"
+               (("udev.get_pkgconfig_variable..udevdir..")
+                (string-append "'" (assoc-ref %outputs "out") "/lib/udev'")))
+             (substitute* "meson.build"
+               ((".*scripts/meson-install.sh.*") ""))))
+         (add-before 'install 'no-polkit-magic
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; Meson ‘magically’ invokes pkexec, which fails (not setuid).
+             (setenv "PKEXEC_UID" "something"))))))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)
+       ("glib:bin" ,glib "bin")
+       ("asciidoc" ,asciidoc)
+       ("umockdev" ,umockdev)))
+    (inputs
+     `(("eudev" ,eudev)
+       ("dbus" ,dbus)
+       ("polkit" ,polkit)))
+    (synopsis "Userspace system daemon for Thunderbolt")
+    (description "Userspace daemon @code{boltd} exposes devices via D-Bus to clients.
+It stores database of previously authorized devices and depending
+on the policy set for the individual devices, automatically authorize newly
+connected devices without user interaction.  It also adapts its behaivour when
+iommu support is detected.
+Command line utility 'boltctl' can be used to manage thundebolt devices.
+It can list devices, monitor changes and initiate authorization of device.")
+    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
+    (license license:gpl2+)))
+
 (define-public jitterentropy-rngd
   (package
     (name "jitterentropy-rngd")
--
2.32.0




^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH v3 2/2] services: Add a service for bolt.
  2021-07-15 16:46 [bug#49578] [PATCH] Add bolt phodina via Guix-patches via
  2021-07-22  1:50 ` Sarah Morgensen
  2021-09-18 11:20 ` [bug#49578] [PATCH v3 1/2] gnu: " phodina via Guix-patches via
@ 2021-09-18 11:21 ` phodina via Guix-patches via
  2022-01-22  6:55 ` [bug#49578] [PATCH] Add bolt David Conner
  3 siblings, 0 replies; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-09-18 11:21 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

    * gnu/services/linux.scm (bolt-service-type)
    (bolt-shepherd-service, bolt-dbus-service)
    (bolt-configuration, bolt-configuration?): New procedures.

diff --git a/gnu/services/linux.scm b/gnu/services/linux.scm
index 2eb02ac5a3..dc26f285bf 100644
--- a/gnu/services/linux.scm
+++ b/gnu/services/linux.scm
@@ -4,6 +4,7 @@
 ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 raid5atemyhomework <raid5atemyhomework@protonmail.com>
 ;;; Copyright © 2021 B. Wilson <elaexuotee@wilsonb.com>
+;;; Copyright © 2021 Petr Hodina <phodina@protonmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -24,7 +25,9 @@
   #:use-module (guix gexp)
   #:use-module (guix records)
   #:use-module (guix modules)
+  #:use-module (gnu system shadow)
   #:use-module (gnu services)
+  #:use-module (gnu services dbus)
   #:use-module (gnu services base)
   #:use-module (gnu services shepherd)
   #:use-module (gnu packages linux)
@@ -33,7 +36,11 @@
   #:use-module (srfi srfi-34)
   #:use-module (srfi srfi-35)
   #:use-module (ice-9 match)
-  #:export (earlyoom-configuration
+  #:export (bolt-configuration
+            bolt-configuration?
+            bolt-service-type
+
+            earlyoom-configuration
             earlyoom-configuration?
             earlyoom-configuration-earlyoom
             earlyoom-configuration-minimum-available-memory
@@ -61,6 +68,76 @@
             zram-device-configuration-priority
             zram-device-service-type))

+

+;;;
+;;; Thunderbolt daemon.
+;;;
+
+(define-record-type* <bolt-configuration>
+  bolt-configuration make-bolt-configuration bolt-configuration?
+  (package bolt-configuration-package ; package
+           (default bolt)))
+
+(define bolt-shepherd-service
+  (match-lambda
+    (($ <bolt-configuration> package)
+     (with-imported-modules (source-module-closure
+                             '((gnu build shepherd)))
+       (shepherd-service
+        (documentation "Thunderbolt daemon")
+        (provision '(thunderbolt))
+        (requirement '(networking))
+        (modules '((gnu build shepherd)))
+        (start #~(make-forkexec-constructor/container
+                  (list #$(file-append package "/libexec/boltd"))
+		  ))
+        (stop #~(make-kill-destructor)))))))
+
+(define %bolt-activation
+  #~(begin
+      (use-modules (guix build utils))
+      (mkdir-p "/var/lib/boltd")))
+
+(define (bolt-dbus-service config)
+  (list (wrapped-dbus-service (bolt-configuration-bolt config)
+			      "libexec/boltd"
+			      `(("BOLT_CONF_FILE_NAME"
+				 '("share/dbus-1/interfaces/org.freedesktop.bolt.xml"))))))
+
+(define %bolt-accounts
+ (list (user-group (name "boltd") (system? #t))
+       (user-account
+	 (name "boltd")
+	 (group "boltd")
+	 (system? #t)
+	 (comment "Boltd daemon user")
+	 (home-directory "/var/empty")
+	 (shell "/run/current-system/profile/sbin/nologin"))))
+
+(define bolt-udev-rule
+  (match-lambda
+    (($ <bolt-configuration> package)
+  (file->udev-rule "90-bolt.rules" (file-append package "/lib/udev/rules.d/90-bolt.rules")))))
+
+(define bolt-service-type
+  (service-type
+   (name 'boltd)
+   (description
+    "Thunderbolt daemon")
+   (extensions
+    (list (service-extension udev-service-type
+			     (compose list bolt-udev-rule))
+	  (service-extension activation-service-type
+			     (const %bolt-activation))
+	  (service-extension dbus-root-service-type
+	  (compose list bolt-configuration-package))
+	;		     bolt-dbus-service)
+	  (service-extension account-service-type
+			     (const %bolt-accounts))
+          (service-extension shepherd-root-service-type
+                             (compose list bolt-shepherd-service))))
+   (default-value (bolt-configuration))))
+


 ;;;
 ;;; Early OOM daemon.
--
2.32.0




^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH v3 1/2] gnu: Add bolt.
  2021-09-18 11:20 ` [bug#49578] [PATCH v3 1/2] gnu: " phodina via Guix-patches via
@ 2021-09-23  1:11   ` Sarah Morgensen
  2021-11-05  8:39     ` phodina via Guix-patches via
  0 siblings, 1 reply; 15+ messages in thread
From: Sarah Morgensen @ 2021-09-23  1:11 UTC (permalink / raw)
  To: phodina; +Cc: 49578

Hello Petr,

Thanks for the updated patch :)

I don't have any experiences with services, so I can't comment on the
second patch in this series, and I don't have a Thunderbolt controller
or devices, so I can't test the actual program, but other than the
commit message/synopsis/description this package LGTM.

phodina <phodina@protonmail.com> writes:

> * gnu/packages/linux.scm: (bolt): New variable.
                          ^ no ":"

> +    (synopsis "Userspace system daemon for Thunderbolt")

Consider this instead (taken from their repository tagline, more
understandable to more users):

       (synopsis "Thunderbolt 3 device manager")

> +    (description "Userspace daemon @code{boltd} exposes devices via D-Bus to clients.
> +It stores database of previously authorized devices and depending
> +on the policy set for the individual devices, automatically authorize newly
> +connected devices without user interaction.  It also adapts its behaivour when
> +iommu support is detected.
> +Command line utility 'boltctl' can be used to manage thundebolt devices.
> +It can list devices, monitor changes and initiate authorization of device.")

Consider this instead:

    (description "This package provides @command{boltd}, a userspace daemon
for Thunderbolt devices, and @command{boltctl}, a command-line utility for
managing those devices.

The daemon @command{boltd} exposes devices via D-Bus to clients.  It also
stores a database of previously authorized devices and will, depending on the
policy set for the individual devices, automatically authorize newly connected
devices without user interaction.

The command-line utility @command{boltctl} manages Thunderbolt devices via
@command{boltd}.  It can list devices, monitor changes, and initiate
authorization of devices.")


> +    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
> +    (license license:gpl2+)))
> +
>  (define-public jitterentropy-rngd
>    (package
>      (name "jitterentropy-rngd")
> --
> 2.32.0

With those changes, or similar:

* Package review checklist (WIP)
Lack of a check is not proof of noncompliance.

1. [X] Package builds (guix build package)
     [X] x86_64  [ ] aarch64  [ ] armhf     [ ] powerpc64le
     [ ] i686    [ ] i586     [ ] mips64le
2. [X] Build is reproducible (guix build --rounds=n package)
3. [X] Tests enabled (if available) or disabled with in-source comment
4. [X] No extraneous dependencies (guix size package)
5. [X] No unnecessary pre-built binaries/blobs
6. [X] Dependencies unvendored when available in Guix
7. [X] Cross-compile friendly (cc-for-target, patches with inputs)
8. [X] License matches source
9. [X] No problematic lints (guix lint package)
10. [X] Formatting follows guidelines
    - [X] Lines wrap at 80 characters
    - [X] Indentation passes etc/indent-code.el
    - [X] Two spaces used between sentences

For new packages:
1. [X] Source url is robust
   * mirror:// used with url-fetch when possible
   * No auto-generated archives from source repo (prefer cloning)
2. [X] Synopsis is short, descriptive, and meaningful to a wide audience
3. [X] Description is objective, takes 5-10 lines, uses full sentences,
   and provides the information users need to decide whether the
   software fits their needs.

There are lints for CVEs, but they are for the Bolt CMS, not this
project.

--
Sarah




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH v3 1/2] gnu: Add bolt.
  2021-09-23  1:11   ` Sarah Morgensen
@ 2021-11-05  8:39     ` phodina via Guix-patches via
  2022-08-14 22:00       ` [bug#49578] [PATCH v4] " phodina via Guix-patches via
  0 siblings, 1 reply; 15+ messages in thread
From: phodina via Guix-patches via @ 2021-11-05  8:39 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

Hi,

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On Thursday, September 23rd, 2021 at 3:11 AM, Sarah Morgensen <iskarian@mgsn.dev> wrote:

> Hello Petr,
>
> Thanks for the updated patch :)
>
> I don't have any experiences with services, so I can't comment on the
>
> second patch in this series, and I don't have a Thunderbolt controller
>
> or devices, so I can't test the actual program, but other than the
>
> commit message/synopsis/description this package LGTM.

Thanks Sarah for the review and tips on packaging.
>
> phodina phodina@protonmail.com writes:
>
> > -   gnu/packages/linux.scm: (bolt): New variable.
>
>                           ^ no ":"
>
>
> > -   (synopsis "Userspace system daemon for Thunderbolt")
>
> Consider this instead (taken from their repository tagline, more
>
> understandable to more users):
>
> (synopsis "Thunderbolt 3 device manager")
>
> > -   (description "Userspace daemon @code{boltd} exposes devices via D-Bus to clients.
> >
> >     +It stores database of previously authorized devices and depending
> >
> >     +on the policy set for the individual devices, automatically authorize newly
> >
> >     +connected devices without user interaction. It also adapts its behaivour when
> >
> >     +iommu support is detected.
> >
> >     +Command line utility 'boltctl' can be used to manage thundebolt devices.
> >
> >     +It can list devices, monitor changes and initiate authorization of device.")
>
> Consider this instead:
>
> (description "This package provides @command{boltd}, a userspace daemon
>
> for Thunderbolt devices, and @command{boltctl}, a command-line utility for
>
> managing those devices.
>
> The daemon @command{boltd} exposes devices via D-Bus to clients. It also
>
> stores a database of previously authorized devices and will, depending on the
>
> policy set for the individual devices, automatically authorize newly connected
>
> devices without user interaction.
>
> The command-line utility @command{boltctl} manages Thunderbolt devices via
>
> @command{boltd}. It can list devices, monitor changes, and initiate
>
> authorization of devices.")
>
> > -   (home-page "https://gitlab.freedesktop.org/bolt/bolt")
> > -   (license license:gpl2+)))
> >
> > (define-public jitterentropy-rngd
> >
> > (package
> >
> > (name "jitterentropy-rngd")
> > ------------------------------------------------------------------------
> >
> > 2.32.0
>
> With those changes, or similar:
>
> -   Package review checklist (WIP)
>
>     Lack of a check is not proof of noncompliance.
>
> 1.  [X] Package builds (guix build package)
>
>     [X] x86_64 [ ] aarch64 [ ] armhf [ ] powerpc64le
>
>     [ ] i686 [ ] i586 [ ] mips64le
> 2.  [X] Build is reproducible (guix build --rounds=n package)
> 3.  [X] Tests enabled (if available) or disabled with in-source comment
> 4.  [X] No extraneous dependencies (guix size package)
> 5.  [X] No unnecessary pre-built binaries/blobs
> 6.  [X] Dependencies unvendored when available in Guix
> 7.  [X] Cross-compile friendly (cc-for-target, patches with inputs)
> 8.  [X] License matches source
> 9.  [X] No problematic lints (guix lint package)
> 10.  [X] Formatting follows guidelines
>     -   [X] Lines wrap at 80 characters
>     -   [X] Indentation passes etc/indent-code.el
>     -   [X] Two spaces used between sentences
>
>         For new packages:
> 11.  [X] Source url is robust
>     -   mirror:// used with url-fetch when possible
>     -   No auto-generated archives from source repo (prefer cloning)
> 12.  [X] Synopsis is short, descriptive, and meaningful to a wide audience
> 13.  [X] Description is objective, takes 5-10 lines, uses full sentences,
>
>     and provides the information users need to decide whether the
>
>     software fits their needs.
>
>     There are lints for CVEs, but they are for the Bolt CMS, not this
>
>     project.
>
>     --
>
>     Sarah

Is there somebody who has Thunderbolt on their machine and could test this patch?

Petr




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2021-07-15 16:46 [bug#49578] [PATCH] Add bolt phodina via Guix-patches via
                   ` (2 preceding siblings ...)
  2021-09-18 11:21 ` [bug#49578] [PATCH v3 2/2] services: Add a service for bolt phodina via Guix-patches via
@ 2022-01-22  6:55 ` David Conner
  2022-02-02 16:19   ` David Conner
  3 siblings, 1 reply; 15+ messages in thread
From: David Conner @ 2022-01-22  6:55 UTC (permalink / raw)
  To: 49578

[-- Attachment #1: Type: text/plain, Size: 650 bytes --]

I have a late 2013 Macbook Pro with two Thunderbolt 2 ports.

They work if the TB device is inserted on boot, but after you disconnect a
device, it no longer functions when you reconnect it. It show that the
kernel recognizes the device in `dmesg` and  that the PCIe port is
registered in `lspci -k` But the device is not found in `nmcli dev status`.
The device I'm testing is an Apple Ethernet adapter.

I am still in the learning phase where I'm trying to reconfigure my
machine, but I have the guix repo cloned and I'm planning on contributing
patches to packages on other channels. I will hopefully be in the position
where I can test this soon.

[-- Attachment #2: Type: text/html, Size: 701 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2022-01-22  6:55 ` [bug#49578] [PATCH] Add bolt David Conner
@ 2022-02-02 16:19   ` David Conner
  0 siblings, 0 replies; 15+ messages in thread
From: David Conner @ 2022-02-02 16:19 UTC (permalink / raw)
  To: 49578

[-- Attachment #1: Type: text/plain, Size: 1403 bytes --]

I am ready to test this. I finally reconfigured my system last night, but I
have some questions about patching guix and testing.

The guix I would reconfigure in order to test this would be ‘master’ with
the patch applied. I think I should be alright applying the patch (I am
noob). If it doesn’t apply right, I can figure it out, but then I’ll need
to update the patch right?

Is git capable of doing this?

Or should I use a tool like ediff/patchwork?

I have the guix checked out with Google repo via
https://github.com/ectorepo/guix. This pulls down the latest copy of
everything on savannah under the guix project.

2022年1月22日(土) 午前1:55 David Conner <aionfork@gmail.com>:

> I have a late 2013 Macbook Pro with two Thunderbolt 2 ports.
>
> They work if the TB device is inserted on boot, but after you disconnect a
> device, it no longer functions when you reconnect it. It show that the
> kernel recognizes the device in `dmesg` and  that the PCIe port is
> registered in `lspci -k` But the device is not found in `nmcli dev status`.
> The device I'm testing is an Apple Ethernet adapter.
>
> I am still in the learning phase where I'm trying to reconfigure my
> machine, but I have the guix repo cloned and I'm planning on contributing
> patches to packages on other channels. I will hopefully be in the position
> where I can test this soon.
>

[-- Attachment #2: Type: text/html, Size: 1970 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH v4] gnu: Add bolt.
  2021-11-05  8:39     ` phodina via Guix-patches via
@ 2022-08-14 22:00       ` phodina via Guix-patches via
  2022-12-14 11:22         ` [bug#49578] [PATCH] " Ludovic Courtès
  2023-01-05 21:28         ` Ludovic Courtès
  0 siblings, 2 replies; 15+ messages in thread
From: phodina via Guix-patches via @ 2022-08-14 22:00 UTC (permalink / raw)
  To: Sarah Morgensen; +Cc: 49578

[-- Attachment #1: Type: text/plain, Size: 357 bytes --]

Hi Sarah,

here's updated patch with your tips.

David, the way I test new packages is either by running:
[1]
guix shell --check --pure -D guix

or 
[2]
guix build -L <load_path>


[1] https://guix.gnu.org/manual/en/html_node/Invoking-guix-environment.html
[2] https://guix.gnu.org/manual/en/html_node/Common-Build-Options.html

----
Petr

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: v4-0001-gnu-Add-bolt.patch --]
[-- Type: text/x-patch; name=v4-0001-gnu-Add-bolt.patch, Size: 3307 bytes --]

From 538eeedf7ee64f98b17507ea11d38512525ef29f Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Sun, 18 Jul 2021 12:11:55 +0200
Subject: [PATCH v4 1/2] gnu: Add bolt.

* gnu/packages/linux.scm (bolt): New variable.

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index d7d373a92f..c1f4c99cbf 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -136,6 +136,7 @@ (define-module (gnu packages linux)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pciutils)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages polkit)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages pulseaudio)
   #:use-module (gnu packages python)
@@ -2702,6 +2703,56 @@ (define-public iptables
 Both commands are targeted at system administrators.")
     (license license:gpl2+)))
 
+(define-public bolt
+  (package
+    (name "bolt")
+    (version "0.9.2")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://gitlab.freedesktop.org/bolt/bolt")
+                    (commit version)))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "1h48qmqxhjq9gxv5gf78cqm5wadmnhvc9bkd02zya77rh3pf6y3r"))))
+    (build-system meson-build-system)
+    (arguments
+     (list #:configure-flags '(list "--localstatedir=/var")
+           #:glib-or-gtk? #t ;To wrap binaries and/or compile schemas
+           #:phases #~(modify-phases %standard-phases
+                        (add-after 'unpack 'replace-directories
+                          (lambda* (#:key outputs #:allow-other-keys)
+                            (substitute* "meson.build"
+                              (("udev.get_pkgconfig_variable..udevdir..")
+                               (string-append "'"
+                                              #$output "/lib/udev'")))
+                            (substitute* "scripts/meson-install.sh"
+                              (("mkdir.*")
+                               ""))))
+                        (add-before 'install 'no-polkit-magic
+                          (lambda* (#:key outputs #:allow-other-keys)
+                            (setenv "PKEXEC_UID" "something"))))))
+    (native-inputs (list pkg-config
+                         `(,glib "bin") python asciidoc umockdev))
+    (inputs (list eudev dbus polkit))
+    (synopsis "Thunderbolt 3 device manager")
+    (description
+     "This package provides @command{boltd}, a userspace daemon
+for Thunderbolt devices, and @command{boltctl}, a command-line utility for
+managing those devices.
+
+The daemon @command{boltd} exposes devices via D-Bus to clients.  It also
+stores a database of previously authorized devices and will, depending on the
+policy set for the individual devices, automatically authorize newly connected
+devices without user interaction.
+
+The command-line utility @command{boltctl} manages Thunderbolt devices via
+@command{boltd}.  It can list devices, monitor changes, and initiate
+authorization of devices.")
+    (home-page "https://gitlab.freedesktop.org/bolt/bolt")
+    (license license:gpl2+)))
+
 (define-public jitterentropy-rngd
   (package
     (name "jitterentropy-rngd")
-- 
2.37.0


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: v4-0002-services-Add-a-service-for-bolt.patch --]
[-- Type: text/x-patch; name=v4-0002-services-Add-a-service-for-bolt.patch, Size: 4061 bytes --]

From e054c89f9964686670e7716c820ca9ebb9f41543 Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Sat, 18 Sep 2021 13:11:18 +0200
Subject: [PATCH v4 2/2] services: Add a service for bolt.

* gnu/services/linux.scm (bolt-service-type)
(bolt-shepherd-service, bolt-dbus-service)
(bolt-configuration, bolt-configuration?): New procedures.

diff --git a/gnu/services/linux.scm b/gnu/services/linux.scm
index 60e2093e1d..37dcd14f97 100644
--- a/gnu/services/linux.scm
+++ b/gnu/services/linux.scm
@@ -5,6 +5,7 @@
 ;;; Copyright © 2021 raid5atemyhomework <raid5atemyhomework@protonmail.com>
 ;;; Copyright © 2021 B. Wilson <elaexuotee@wilsonb.com>
 ;;; Copyright © 2022 Josselin Poiret <dev@jpoiret.xyz>
+;;; Copyright © 2021-2022 Petr Hodina <phodina@protonmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -29,15 +30,21 @@ (define-module (gnu services linux)
   #:use-module (guix i18n)
   #:use-module (guix ui)
   #:use-module (gnu services)
+  #:use-module (gnu services dbus)
   #:use-module (gnu services base)
   #:use-module (gnu services shepherd)
+  #:use-module (gnu system shadow)
   #:use-module (gnu packages linux)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (srfi srfi-34)
   #:use-module (srfi srfi-35)
   #:use-module (ice-9 match)
-  #:export (earlyoom-configuration
+  #:export (bolt-configuration
+            bolt-configuration?
+            bolt-service-type
+
+            earlyoom-configuration
             earlyoom-configuration?
             earlyoom-configuration-earlyoom
             earlyoom-configuration-minimum-available-memory
@@ -65,6 +72,76 @@ (define-module (gnu services linux)
             zram-device-configuration-priority
             zram-device-service-type))
 
+\f
+;;;
+;;; Thunderbolt daemon.
+;;;
+
+(define-record-type* <bolt-configuration>
+  bolt-configuration make-bolt-configuration bolt-configuration?
+  (package bolt-configuration-package ; package
+           (default bolt)))
+
+(define bolt-shepherd-service
+  (match-lambda
+    (($ <bolt-configuration> package)
+     (with-imported-modules (source-module-closure
+                             '((gnu build shepherd)))
+       (shepherd-service
+        (documentation "Thunderbolt daemon")
+        (provision '(thunderbolt))
+        (requirement '(networking))
+        (modules '((gnu build shepherd)))
+        (start #~(make-forkexec-constructor/container
+                  (list #$(file-append package "/libexec/boltd"))
+		  ))
+        (stop #~(make-kill-destructor)))))))
+
+(define %bolt-activation
+  #~(begin
+      (use-modules (guix build utils))
+      (mkdir-p "/var/lib/boltd")))
+
+(define (bolt-dbus-service config)
+  (list (wrapped-dbus-service (bolt-configuration-bolt config)
+			      "libexec/boltd"
+			      `(("BOLT_CONF_FILE_NAME"
+				 '("share/dbus-1/interfaces/org.freedesktop.bolt.xml"))))))
+
+(define %bolt-accounts
+ (list (user-group (name "boltd") (system? #t))
+       (user-account
+	 (name "boltd")
+	 (group "boltd")
+	 (system? #t)
+	 (comment "Boltd daemon user")
+	 (home-directory "/var/empty")
+	 (shell "/run/current-system/profile/sbin/nologin"))))
+
+(define bolt-udev-rule
+  (match-lambda
+    (($ <bolt-configuration> package)
+  (file->udev-rule "90-bolt.rules" (file-append package "/lib/udev/rules.d/90-bolt.rules")))))
+
+(define bolt-service-type
+  (service-type
+   (name 'boltd)
+   (description
+    "Thunderbolt daemon")
+   (extensions
+    (list (service-extension udev-service-type
+			     (compose list bolt-udev-rule))
+	  (service-extension activation-service-type
+			     (const %bolt-activation))
+	  (service-extension dbus-root-service-type
+	  (compose list bolt-configuration-package))
+	;		     bolt-dbus-service)
+	  (service-extension account-service-type
+			     (const %bolt-accounts))
+          (service-extension shepherd-root-service-type
+                             (compose list bolt-shepherd-service))))
+   (default-value (bolt-configuration))))
+
 \f
 ;;;
 ;;; Early OOM daemon.
-- 
2.37.0


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2022-08-14 22:00       ` [bug#49578] [PATCH v4] " phodina via Guix-patches via
@ 2022-12-14 11:22         ` Ludovic Courtès
  2023-01-05 21:28         ` Ludovic Courtès
  1 sibling, 0 replies; 15+ messages in thread
From: Ludovic Courtès @ 2022-12-14 11:22 UTC (permalink / raw)
  To: phodina; +Cc: Sarah Morgensen, 49578

Hi,

Thanks a lot, Sarah, for the review work.  Somehow it eventually fell
through the cracks but it’s never too late.  :-)

phodina <phodina@protonmail.com> skribis:

> From 538eeedf7ee64f98b17507ea11d38512525ef29f Mon Sep 17 00:00:00 2001
> From: Petr Hodina <phodina@protonmail.com>
> Date: Sun, 18 Jul 2021 12:11:55 +0200
> Subject: [PATCH v4 1/2] gnu: Add bolt.
>
> * gnu/packages/linux.scm (bolt): New variable.

LGTM!  I went ahead and applied it.

> From e054c89f9964686670e7716c820ca9ebb9f41543 Mon Sep 17 00:00:00 2001
> From: Petr Hodina <phodina@protonmail.com>
> Date: Sat, 18 Sep 2021 13:11:18 +0200
> Subject: [PATCH v4 2/2] services: Add a service for bolt.
>
> * gnu/services/linux.scm (bolt-service-type)
> (bolt-shepherd-service, bolt-dbus-service)
> (bolt-configuration, bolt-configuration?): New procedures.

[...]

> +(define-record-type* <bolt-configuration>
> +  bolt-configuration make-bolt-configuration bolt-configuration?
> +  (package bolt-configuration-package ; package
> +           (default bolt)))
> +
> +(define bolt-shepherd-service
> +  (match-lambda
> +    (($ <bolt-configuration> package)

Just call ‘bolt-configuration-package’ instead of using ‘match’ here.

> +     (with-imported-modules (source-module-closure
> +                             '((gnu build shepherd)))
> +       (shepherd-service
> +        (documentation "Thunderbolt daemon")
> +        (provision '(thunderbolt))
> +        (requirement '(networking))
> +        (modules '((gnu build shepherd)))
> +        (start #~(make-forkexec-constructor/container
> +                  (list #$(file-append package "/libexec/boltd"))
> +		  ))

Please move the parens to the previous line.  :-)

> +        (stop #~(make-kill-destructor)))))))
> +
> +(define %bolt-activation
> +  #~(begin
> +      (use-modules (guix build utils))
> +      (mkdir-p "/var/lib/boltd")))
> +
> +(define (bolt-dbus-service config)
> +  (list (wrapped-dbus-service (bolt-configuration-bolt config)
> +			      "libexec/boltd"
> +			      `(("BOLT_CONF_FILE_NAME"
> +				 '("share/dbus-1/interfaces/org.freedesktop.bolt.xml"))))))
> +
> +(define %bolt-accounts
> + (list (user-group (name "boltd") (system? #t))
> +       (user-account
> +	 (name "boltd")
> +	 (group "boltd")
> +	 (system? #t)
> +	 (comment "Boltd daemon user")
> +	 (home-directory "/var/empty")
> +	 (shell "/run/current-system/profile/sbin/nologin"))))

This is creating accounts, but ‘boltd’ is started as root.  Is that
expected?  Does ‘boltd’ setuids by itself?  If so, please add a comment
above the ‘make-forkexec-constructor’ call.

> +(define bolt-udev-rule
> +  (match-lambda
> +    (($ <bolt-configuration> package)

Same comment as above.

> +(define bolt-service-type
> +  (service-type
> +   (name 'boltd)
> +   (description
> +    "Thunderbolt daemon")

Please write full sentences here, giving enough context to make ‘guix
system search’ useful.

> +   (extensions
> +    (list (service-extension udev-service-type
> +			     (compose list bolt-udev-rule))
> +	  (service-extension activation-service-type
> +			     (const %bolt-activation))
> +	  (service-extension dbus-root-service-type
> +	  (compose list bolt-configuration-package))
> +	;		     bolt-dbus-service)

Maybe remove this line?

One last thing: please document it in ‘doc/guix.texi’.  In particular,
make sure to add a paragraph that gives a bit of context andq a
configuration example.

Could you send an updated patch?

Thanks,
Ludo’.




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2022-08-14 22:00       ` [bug#49578] [PATCH v4] " phodina via Guix-patches via
  2022-12-14 11:22         ` [bug#49578] [PATCH] " Ludovic Courtès
@ 2023-01-05 21:28         ` Ludovic Courtès
  2023-01-10  2:49           ` phodina via Guix-patches via
  1 sibling, 1 reply; 15+ messages in thread
From: Ludovic Courtès @ 2023-01-05 21:28 UTC (permalink / raw)
  To: phodina; +Cc: Sarah Morgensen, 49578

Hi,

Just noticed an issue:

phodina <phodina@protonmail.com> skribis:

> +    (($ <bolt-configuration> package)
> +     (with-imported-modules (source-module-closure
> +                             '((gnu build shepherd)))
> +       (shepherd-service
> +        (documentation "Thunderbolt daemon")
> +        (provision '(thunderbolt))
> +        (requirement '(networking))
> +        (modules '((gnu build shepherd)))
> +        (start #~(make-forkexec-constructor/container
> +                  (list #$(file-append package "/libexec/boltd"))

‘make-forkexec-constructor/container’ is deprecated in favor of the
facilities in (guix least-authority).

However, running boltd in a container might prevent it from accessing
useful files or devices under /dev, /sys, or whatever.  I recommend
checking whether boltd can actually run in a container; you can strace
it to get an idea of the files it needs to access.  It needs to run as
root anyway so perhaps running it in a container is not that important.

Ludo’.




^ permalink raw reply	[flat|nested] 15+ messages in thread

* [bug#49578] [PATCH] Add bolt
  2023-01-05 21:28         ` Ludovic Courtès
@ 2023-01-10  2:49           ` phodina via Guix-patches via
  0 siblings, 0 replies; 15+ messages in thread
From: phodina via Guix-patches via @ 2023-01-10  2:49 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: Sarah Morgensen, 49578

[-- Attachment #1: Type: text/plain, Size: 203 bytes --]

Hi Ludo’,


removed the deprecated contruct make-forkexec-constructor/container and changed bolt into boltd.

Also added plasma-thunderbolt package and documentation for the service.

----
Petr

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: v5-0003-gnu-Add-plasma-thunderbolt.patch --]
[-- Type: text/x-patch; name=v5-0003-gnu-Add-plasma-thunderbolt.patch, Size: 1933 bytes --]

From 7b87d90d8bf6d6b8188f90f2308a1d96a7a2095c Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Sun, 14 Aug 2022 22:13:48 +0200
Subject: [PATCH v5 3/4] gnu: Add plasma-thunderbolt.

* gnu/packages/kde-plasma.scm (plasma-thunderbolt): New variable.

diff --git a/gnu/packages/kde-plasma.scm b/gnu/packages/kde-plasma.scm
index 2a3d86f801..3a392bedc9 100644
--- a/gnu/packages/kde-plasma.scm
+++ b/gnu/packages/kde-plasma.scm
@@ -1477,6 +1477,40 @@ (define-public plasma-bigscreen
 is controllable via voice or TV remote.")
     (license license:gpl2+)))
 
+(define-public plasma-thunderbolt
+  (package
+    (name "plasma-thunderbolt")
+    (version "5.25.4")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://kde/stable/plasma/"
+                                  version
+                                  "/"
+                                  name
+                                  "-"
+                                  version
+                                  ".tar.xz"))
+              (sha256
+               (base32
+                "0hjvkss0qfmwhrsba83wfxwxhikvzf56faan325ic0iv7fdaj3ns"))))
+    (build-system qt-build-system)
+    (native-inputs (list dbus extra-cmake-modules))
+    (arguments
+     (list #:tests? #f))
+    (inputs (list bolt
+                  kcmutils
+                  kcoreaddons
+                  kdbusaddons
+                  kdeclarative
+                  ki18n
+                  knotifications
+                  qtdeclarative-5))
+    (home-page "https://invent.kde.org/plasma/plasma-thunderbolt")
+    (synopsis "Plasma integration for controlling Thunderbolt devices")
+    (description "This package provides Plasma integration for controlling
+Thunderbolt devices.")
+    (license (list license:bsd-3 license:gpl2 license:gpl3))))
+
 (define-public plasmatube
   (package
     (name "plasmatube")
-- 
2.38.1


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: v5-0004-gnu-kinfocenter-Add-plasma-thunderbolt.patch --]
[-- Type: text/x-patch; name=v5-0004-gnu-kinfocenter-Add-plasma-thunderbolt.patch, Size: 917 bytes --]

From 0bea70cd8e565b6e03b756ca380ffc16274822c4 Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Thu, 15 Dec 2022 10:26:08 +0100
Subject: [PATCH v5 4/4] gnu: kinfocenter: Add plasma-thunderbolt.

* gnu/packages/kde-plasma.scm (plasma-thunderbolt): New variable.

diff --git a/gnu/packages/kde-plasma.scm b/gnu/packages/kde-plasma.scm
index 3a392bedc9..5904eba391 100644
--- a/gnu/packages/kde-plasma.scm
+++ b/gnu/packages/kde-plasma.scm
@@ -1416,7 +1416,7 @@ (define-public plasma
                              plasma-nm
                              plasma-pa
                              plasma-systemmonitor
-                             ;; plasma-thunderbolt ;; waiting for bolt
+                             plasma-thunderbolt
                              plasma-vault
                              plasma-workspace
                              plasma-workspace-wallpapers
-- 
2.38.1


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #4: v5-0001-gnu-Add-bolt-service-type.patch --]
[-- Type: text/x-patch; name=v5-0001-gnu-Add-bolt-service-type.patch, Size: 3511 bytes --]

From 64d4fe982b19440925895cf18e4be0385bcaaeeb Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Wed, 14 Dec 2022 23:23:48 +0100
Subject: [PATCH v5 1/4] gnu: Add bolt-service-type.

* gnu/services/linux.scm (bolt-service-type): New variable.

diff --git a/gnu/services/linux.scm b/gnu/services/linux.scm
index 60e2093e1d..3d0cb80b8b 100644
--- a/gnu/services/linux.scm
+++ b/gnu/services/linux.scm
@@ -5,6 +5,7 @@
 ;;; Copyright © 2021 raid5atemyhomework <raid5atemyhomework@protonmail.com>
 ;;; Copyright © 2021 B. Wilson <elaexuotee@wilsonb.com>
 ;;; Copyright © 2022 Josselin Poiret <dev@jpoiret.xyz>
+;;; Copyright © 2021-2022 Petr Hodina <phodina@protonmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -29,15 +30,21 @@ (define-module (gnu services linux)
   #:use-module (guix i18n)
   #:use-module (guix ui)
   #:use-module (gnu services)
+  #:use-module (gnu services dbus)
   #:use-module (gnu services base)
   #:use-module (gnu services shepherd)
+  #:use-module (gnu system shadow)
   #:use-module (gnu packages linux)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (srfi srfi-34)
   #:use-module (srfi srfi-35)
   #:use-module (ice-9 match)
-  #:export (earlyoom-configuration
+  #:export (boltd-configuration
+            boltd-configuration?
+            boltd-service-type
+
+            earlyoom-configuration
             earlyoom-configuration?
             earlyoom-configuration-earlyoom
             earlyoom-configuration-minimum-available-memory
@@ -65,6 +72,52 @@ (define-module (gnu services linux)
             zram-device-configuration-priority
             zram-device-service-type))
 
+\f
+;;;
+;;; Thunderbolt daemon.
+;;;
+
+(define-record-type* <boltd-configuration>
+  boltd-configuration make-boltd-configuration boltd-configuration?
+  (package boltd-configuration-package ; package
+           (default bolt)))
+
+(define boltd-activation-service
+  #~(begin
+      (use-modules (guix build utils))
+      (mkdir-p "/var/lib/boltd")))
+
+(define (boltd-shepherd-service config)
+  (shepherd-service (documentation "Run the boltd daemon.")
+                    (provision '(boltd))
+                    (requirement '(dbus-system udev))
+                    (start #~(make-forkexec-constructor (list (string-append #$bolt
+                                                               "/libexec/boltd"))))
+                    (stop #~(make-kill-destructor))))
+
+(define (boltd-udev-rule config)
+  (let ((package (boltd-configuration-package config)))
+  (file->udev-rule "90-bolt.rules" (file-append package
+  "/lib/udev/rules.d/90-bolt.rules"))))
+
+
+(define boltd-service-type
+  (service-type (name 'boltd)
+                (default-value (boltd-configuration))
+   (extensions
+    (list (service-extension udev-service-type
+			     (compose list boltd-udev-rule))
+	  (service-extension dbus-root-service-type
+	  (compose list boltd-configuration-package))
+                (service-extension activation-service-type
+                                                     (const
+                                                      boltd-activation-service))
+                                  (service-extension
+                                   shepherd-root-service-type
+                                   (compose list boltd-shepherd-service))))
+                (description
+                 "Run @command{boltd}, the Thunderbolt daemon.")))
+
 \f
 ;;;
 ;;; Early OOM daemon.
-- 
2.38.1


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #5: v5-0002-gnu-linux-Add-boltd-service-type.patch --]
[-- Type: text/x-patch; name=v5-0002-gnu-linux-Add-boltd-service-type.patch, Size: 1717 bytes --]

From 51112a1d2a5a1fadeafce288270aa5ea17cc23b7 Mon Sep 17 00:00:00 2001
From: Petr Hodina <phodina@protonmail.com>
Date: Tue, 10 Jan 2023 03:15:27 +0100
Subject: [PATCH v5 2/4] gnu: linux: Add boltd-service-type.

* doc/guix.texi ("Linux Services")[boltd-service-type]: Document them.

diff --git a/doc/guix.texi b/doc/guix.texi
index aef3890298..fbd006f120 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -36940,6 +36940,38 @@ The database location is hard-coded to @file{/var/lib/rasdaemon/ras-mc_event.db}
 @end table
 @end deftp
 
+@cindex boltd
+@cindex thunderbolt daemon
+@cindex Thunderbolt daemon
+@subsubheading Thunderbolt daemon Service
+
+The Thunderbolt daemon service provides a managment for the Thunderbolt 3
+interface bus found on newer machines.  The daemon configures
+the Thunderbolt security levels:
+@itemize
+@item No security - device works without requesting authorization
+@item User authorization - user must approve the device first
+@item Secure Connect - uses pre-shared keys to approve specific devices
+@item Display Port Only - port functions only as a video output
+@end itemize
+
+@deffn {Scheme Variable} boltd-device-service-type
+This service starts the @code{boltd} daemon that manages the connected device
+on the Thunderbolt bus.  The service's value is a
+@code{boltd-device-configuration} record.
+
+@deftp {Data Type} boltd-device-configuration
+This is the data type representing the configuration for the boltd-device
+service.
+
+@table @asis
+@item @code{bolt} (default @code{bolt})
+This is the default package that will be used.
+@end table
+
+@end deftp
+@end deffn
+
 @cindex zram
 @cindex compressed swap
 @cindex Compressed RAM-based block devices
-- 
2.38.1


^ permalink raw reply related	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2023-01-10  2:50 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-15 16:46 [bug#49578] [PATCH] Add bolt phodina via Guix-patches via
2021-07-22  1:50 ` Sarah Morgensen
2021-07-22 11:32   ` phodina via Guix-patches via
2021-07-22 11:36     ` phodina via Guix-patches via
2021-07-22 20:02       ` Sarah Morgensen
2021-09-18 11:20 ` [bug#49578] [PATCH v3 1/2] gnu: " phodina via Guix-patches via
2021-09-23  1:11   ` Sarah Morgensen
2021-11-05  8:39     ` phodina via Guix-patches via
2022-08-14 22:00       ` [bug#49578] [PATCH v4] " phodina via Guix-patches via
2022-12-14 11:22         ` [bug#49578] [PATCH] " Ludovic Courtès
2023-01-05 21:28         ` Ludovic Courtès
2023-01-10  2:49           ` phodina via Guix-patches via
2021-09-18 11:21 ` [bug#49578] [PATCH v3 2/2] services: Add a service for bolt phodina via Guix-patches via
2022-01-22  6:55 ` [bug#49578] [PATCH] Add bolt David Conner
2022-02-02 16:19   ` David Conner

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).