all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Oleg Pykhalov <go.wigust@gmail.com>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 28772@debbugs.gnu.org
Subject: bug#28772: guix system reconfigure after kernel panic user or group not created
Date: Sun, 22 Oct 2017 17:41:34 +0300	[thread overview]
Message-ID: <87a80jjlcx.fsf@gmail.com> (raw)
In-Reply-To: <87a80lvmdb.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Fri, 20 Oct 2017 18:02:08 +0200")

[-- Attachment #1: Type: text/plain, Size: 525 bytes --]

Hello Ludovic,

Apologies for the late reply.

ludo@gnu.org (Ludovic Courtès) writes:

[...]

> Did you eventually gather more info?

Yes, I got an undefined %iptables-rst variable in reconfigure output
at first run.

But at second run substitutions didn't work.  GuixSD rebuilds the world.
I didn't wait for this.

I also didn't make guix pull.

/tmp/guixsd
├── bootstrap.sh
├── iptables
│   └── iptables.scm
├── panic.sh
└── vm-image.scm

1 directory, 4 files


[-- Attachment #2: bootstrap.sh --]
[-- Type: application/x-sh, Size: 873 bytes --]

[-- Attachment #3: panic.sh --]
[-- Type: application/x-sh, Size: 242 bytes --]

[-- Attachment #4: vm-image.scm --]
[-- Type: application/octet-stream, Size: 1657 bytes --]

(use-modules (gnu)
             (iptables))

(use-service-modules shepherd)
(use-package-modules linux)

(define start-firewall
  #~(let ((iptables
           (lambda (str)
             (zero? (system (string-join `(,#$(file-append iptables
                                                           "/sbin/iptables")
                                           ,str) " "))))))
      (format #t "Install iptables rules.~%")
      (and
       (iptables %iptables-rst))))

(define firewall-service
  (simple-service 'firewall shepherd-root-service-type
                  (list
                   (shepherd-service
                    (provision '(firewall))
                    (requirement '())
                    (start #~(lambda _
                               #$start-firewall))
                    (respawn? #f)
                    (stop #~(lambda _
                              (zero?
                               (system* #$(file-append iptables
                                                       "/sbin/iptables")
                                        "-F"))))))))

(operating-system
  (host-name "gnu")
  (timezone "Etc/UTC")
  (locale "en_US.utf8")
  (bootloader (grub-configuration (device "/dev/sda")
                                  (terminal-outputs '(console))))
  (file-systems (cons (file-system
                        (device "my-root")
                        (title 'label)
                        (mount-point "/")
                        (type "ext4"))
                      %base-file-systems))
  (users %base-user-accounts)
  (packages %base-packages)
  (services (cons firewall-service
                  %base-services)))

[-- Attachment #5: iptables.scm --]
[-- Type: application/octet-stream, Size: 378 bytes --]

(define-module (iptables)
  #:use-module (guix packages)
  #:use-module (guix gexp)
  #:use-module (guix monads)
  #:use-module (guix store)
  #:use-module (gnu packages)
  #:use-module (gnu packages linux)
  #:use-module (guix utils)
  #:use-module (srfi srfi-1)
  #:use-module (ice-9 match))

(define %iptables-rst
  "-A INPUT -p tcp --sport 443 --tcp-flags RST RST -j DROP")

  reply	other threads:[~2017-10-22 14:42 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-10  5:51 bug#28772: guix system reconfigure after kernel panic user or group not created Oleg Pykhalov
2017-10-10 14:55 ` Oleg Pykhalov
2017-10-11 13:27   ` Ludovic Courtès
2017-10-10 15:37 ` Ludovic Courtès
2017-10-11 17:19   ` Oleg Pykhalov
2017-10-12  7:57     ` Ludovic Courtès
2017-10-12  8:15       ` Oleg Pykhalov
2017-10-13  8:25         ` Ludovic Courtès
2017-10-20 16:02         ` Ludovic Courtès
2017-10-22 14:41           ` Oleg Pykhalov [this message]
2017-10-22 23:01             ` Ludovic Courtès
2017-10-22 20:39           ` Oleg Pykhalov
2021-11-26  1:19 ` zimoun

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87a80jjlcx.fsf@gmail.com \
    --to=go.wigust@gmail.com \
    --cc=28772@debbugs.gnu.org \
    --cc=ludo@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.