From 3e866e24f05e7e60cbd56a6240cdd2efede6eb4c Mon Sep 17 00:00:00 2001
From: Arun Isaac <arunisaac@systemreboot.net>
Date: Tue, 23 Aug 2022 22:53:41 +0530
Subject: shepherd: Set #o640 permissions for log file of service in container.

* gnu/build/shepherd.scm (make-forkexec-constructor/container): Set #o640
permissions for log file.
---
 gnu/build/shepherd.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gnu/build')

diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm
index f4caefce3c..9d9bfcfbc0 100644
--- a/gnu/build/shepherd.scm
+++ b/gnu/build/shepherd.scm
@@ -2,6 +2,7 @@
 ;;; Copyright © 2017, 2018, 2019, 2020, 2022 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2020 Mathieu Othacehe <othacehe@gnu.org>
 ;;; Copyright © 2022 Leo Nikkilä <hello@lnikki.la>
+;;; Copyright © 2022 Arun Isaac <arunisaac@systemreboot.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -186,7 +187,7 @@ namespace, in addition to essential bind-mounts such /proc."
     (when log-file
       ;; Create LOG-FILE so we can map it in the container.
       (unless (file-exists? log-file)
-        (call-with-output-file log-file (const #t))
+        (close (open log-file (logior O_CREAT O_APPEND O_CLOEXEC) #o640))
         (when user
           (let ((pw (getpwnam user)))
             (chown log-file (passwd:uid pw) (passwd:gid pw))))))
-- 
cgit v1.2.3


From ec16f88522041dc285a35705ff9ee95672b78143 Mon Sep 17 00:00:00 2001
From: Jack Hill <jackhill@jackhill.us>
Date: Thu, 8 Jul 2021 22:48:53 -0400
Subject: linux-boot: Resume from hibernation after pre-boot.

* gnu/build/linux-boot.scm (boot-system): Call resume-if-hibernated
after pre-mount.

Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
---
 gnu/build/linux-boot.scm | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'gnu/build')

diff --git a/gnu/build/linux-boot.scm b/gnu/build/linux-boot.scm
index 7d41537652..84726363c0 100644
--- a/gnu/build/linux-boot.scm
+++ b/gnu/build/linux-boot.scm
@@ -589,15 +589,6 @@ upon error."
         (load-linux-modules-from-directory linux-modules
                                            linux-module-directory)
 
-        (unless (or (member "hibernate=noresume" args)
-                    ;; Also handle the equivalent old-style argument.
-                    ;; See Documentation/admin-guide/kernel-parameters.txt.
-                    (member "noresume" args))
-          ;; Try to resume immediately after loading (storage) modules
-          ;; but before any on-disk file systems have been mounted.
-          (false-if-exception           ; failure is not fatal
-           (resume-if-hibernated (find-long-option "resume" args))))
-
         (when keymap-file
           (let ((status (system* "loadkeys" keymap-file)))
             (unless (zero? status)
@@ -631,6 +622,15 @@ the root file system...\n" root-delay)
           (unless (pre-mount)
             (error "pre-mount actions failed")))
 
+        (unless (or (member "hibernate=noresume" args)
+                    ;; Also handle the equivalent old-style argument.
+                    ;; See Documentation/admin-guide/kernel-parameters.txt.
+                    (member "noresume" args))
+          ;; Try to resume immediately after loading (storage) modules
+          ;; but before any on-disk file systems have been mounted.
+          (false-if-exception           ; failure is not fatal
+           (resume-if-hibernated (find-long-option "resume" args))))
+
         (setenv "EXT2FS_NO_MTAB_OK" "1")
 
         ;; Mount the root file system.
-- 
cgit v1.2.3