diff --git a/Makefile.am b/Makefile.am index cda49bd9ec..2443f6891f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -139,6 +139,7 @@ MODULES = \ guix/scripts/package.scm \ guix/scripts/gc.scm \ guix/scripts/hash.scm \ + guix/scripts/pack.scm \ guix/scripts/pull.scm \ guix/scripts/substitute.scm \ guix/scripts/authenticate.scm \ @@ -398,7 +399,6 @@ EXTRA_DIST = \ build-aux/check-available-binaries.scm \ build-aux/check-final-inputs-self-contained.scm \ build-aux/download.scm \ - build-aux/make-binary-tarball.scm \ build-aux/generate-authors.scm \ build-aux/test-driver.scm \ build-aux/run-system-tests.scm \ @@ -487,9 +487,10 @@ AM_DISTCHECK_CONFIGURE_FLAGS = \ # The self-contained tarball. guix-binary.%.tar.xz: - $(AM_V_GEN)GUIX_PACKAGE_PATH= \ - $(top_builddir)/pre-inst-env "$(GUILE)" \ - "$(top_srcdir)/build-aux/make-binary-tarball.scm" "$*" "$@" + $(AM_V_GEN)GUIX_PACKAGE_PATH= \ + tarball=`$(top_builddir)/pre-inst-env guix pack -C xz \ + -s "$*" guix` ; \ + cp "$$tarball" "$@.tmp" ; mv "$@.tmp" "$@" dist-hook: sync-descriptions gen-ChangeLog gen-AUTHORS diff --git a/build-aux/hydra/gnu-system.scm b/build-aux/hydra/gnu-system.scm index a4893f198c..775c0eb5d6 100644 --- a/build-aux/hydra/gnu-system.scm +++ b/build-aux/hydra/gnu-system.scm @@ -39,12 +39,15 @@ (use-modules (guix config) (guix store) (guix grafts) + (guix profiles) (guix packages) (guix derivations) (guix monads) ((guix licenses) #:select (gpl3+)) ((guix utils) #:select (%current-system)) ((guix scripts system) #:select (read-operating-system)) + ((guix scripts pack) + #:select (lookup-compressor self-contained-tarball)) (gnu packages) (gnu packages gcc) (gnu packages base) @@ -215,7 +218,11 @@ all its dependencies, and ready to be installed on non-GuixSD distributions.") (run-with-store store (mbegin %store-monad (set-guile-for-build (default-guile)) - (self-contained-tarball)) + (>>= (profile-derivation (packages->manifest (list guix))) + (lambda (profile) + (self-contained-tarball "guix-binary" profile + #:compressor + (lookup-compressor "xz"))))) #:system system)))) (define job-name diff --git a/build-aux/make-binary-tarball.scm b/build-aux/make-binary-tarball.scm deleted file mode 100644 index e12bec476c..0000000000 --- a/build-aux/make-binary-tarball.scm +++ /dev/null @@ -1,47 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015 Ludovic Courtès -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - - -;;; -;;; Build a self-contained tarball containing binaries for Guix and its -;;; dependencies. -;;; - -(use-modules (guix) - (guix ui) - (gnu system install) - (ice-9 match)) - -(define copy-file* - (lift2 copy-file %store-monad)) - -(define rename-file* - (lift2 rename-file %store-monad)) - -(match (command-line) - ((_ system file) - (with-store store - (run-with-store store - (mlet %store-monad ((tarball (self-contained-tarball))) - (mbegin %store-monad - (show-what-to-build* (list tarball)) - (built-derivations (list tarball)) - (copy-file* (derivation->output-path tarball) - (string-append file ".part")) - (rename-file* (string-append file ".part") file))) - #:system system)))) diff --git a/configure.ac b/configure.ac index 06b0618b43..e5daadb121 100644 --- a/configure.ac +++ b/configure.ac @@ -91,7 +91,14 @@ dnl Installation directory for .scm and .go files. guilemoduledir="${datarootdir}/guile/site/$GUILE_EFFECTIVE_VERSION" AC_SUBST([guilemoduledir]) -dnl guile-json is used for the PyPI package importer +dnl The GnuTLS bindings are necessary for substitutes over HTTPS and for 'guix +dnl pull', among other things. +GUILE_MODULE_AVAILABLE([have_gnutls], [(gnutls)]) +if test "x$have_gnutls" != "xyes"; then + AC_MSG_ERROR([The Guile bindings of GnuTLS are missing; please install them.]) +fi + +dnl Guile-JSON is used in various places. GUILE_MODULE_AVAILABLE([have_guile_json], [(json)]) AM_CONDITIONAL([HAVE_GUILE_JSON], [test "x$have_guile_json" = "xyes"]) diff --git a/doc/guix.texi b/doc/guix.texi index a537433bf6..aba207c856 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -32,7 +32,8 @@ Copyright @copyright{} 2016 Julien Lepiller@* Copyright @copyright{} 2016 Alex ter Weele@* Copyright @copyright{} 2017 Clément Lassieur@* Copyright @copyright{} 2017 Mathieu Othacehe@* -Copyright @copyright{} 2017 Federico Beffa +Copyright @copyright{} 2017 Federico Beffa@* +Copyright @copyright{} 2017 Carlo Zancanaro Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -118,6 +119,7 @@ Package Management * Packages with Multiple Outputs:: Single source package, multiple outputs. * Invoking guix gc:: Running the garbage collector. * Invoking guix pull:: Fetching the latest Guix and distribution. +* Invoking guix pack:: Creating software bundles. * Invoking guix archive:: Exporting and importing store files. Programming Interface @@ -529,6 +531,14 @@ by running the following command in the Guix source tree: make guix-binary.@var{system}.tar.xz @end example +@noindent +... which, in turn, runs: + +@example +guix pack -s @var{system} guix +@end example + +@xref{Invoking guix pack}, for more info on this handy tool. @node Requirements @section Requirements @@ -543,21 +553,16 @@ GNU Guix depends on the following packages: @itemize @item @url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.7 or later; @item @url{http://gnupg.org/, GNU libgcrypt}; +@item +@uref{http://gnutls.org/, GnuTLS}, specifically its Guile bindings +(@pxref{Guile Preparations, how to install the GnuTLS bindings for +Guile,, gnutls-guile, GnuTLS-Guile}); @item @url{http://www.gnu.org/software/make/, GNU Make}. @end itemize The following dependencies are optional: @itemize -@item -Installing @uref{http://gnutls.org/, GnuTLS-Guile} will allow you to -access @code{https} URLs for substitutes, which is highly recommended -(@pxref{Substitutes}). It also allows you to access HTTPS URLs with the -@command{guix download} command (@pxref{Invoking guix download}), the -@command{guix import pypi} command, and the @command{guix import cpan} -command. @xref{Guile Preparations, how to install the GnuTLS bindings -for Guile,, gnutls-guile, GnuTLS-Guile}. - @item Installing @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will @@ -1426,6 +1431,7 @@ guix package -i emacs-guix * Packages with Multiple Outputs:: Single source package, multiple outputs. * Invoking guix gc:: Running the garbage collector. * Invoking guix pull:: Fetching the latest Guix and distribution. +* Invoking guix pack:: Creating software bundles. * Invoking guix archive:: Exporting and importing store files. @end menu @@ -2002,8 +2008,7 @@ or to client tools such as @command{guix package} (@pxref{client-substitute-urls,, client @option{--substitute-urls} option}). -Substitute URLs can be either HTTP or HTTPS@footnote{For HTTPS access, -the Guile bindings of GnuTLS must be installed. @xref{Requirements}.} +Substitute URLs can be either HTTP or HTTPS. HTTPS is recommended because communications are encrypted; conversely, using HTTP makes all communications visible to an eavesdropper, who could use the information gathered to determine, for instance, whether @@ -2382,6 +2387,60 @@ useful to Guix developers. @end table +@node Invoking guix pack +@section Invoking @command{guix pack} + +Occasionally you want to pass software to people who are not (yet!) +lucky enough to be using Guix. You'd tell them to run @command{guix +package -i @var{something}}, but that's not possible in this case. This +is where @command{guix pack} comes in. + +@cindex pack +@cindex bundle +@cindex application bundle +@cindex software bundle +The @command{guix pack} command creates a shrink-wrapped @dfn{pack} or +@dfn{software bundle}: it creates a tarball or some other archive +containing the binaries of the software you're interested in, and all +its dependencies. The resulting archive can be used on any machine that +does not have Guix, and people can run the exact same binaries as those +you have with Guix. + +For example, to create a bundle containing Guile, Emacs, Geiser, and all +their dependencies, you can run: + +@example +$ guix pack guile emacs geiser +@dots{} +/gnu/store/@dots{}-pack.tar.gz +@end example + +The result here is a tarball containing a @file{/gnu/store} directory +with all the relevant packages. The resulting tarball contains a +@dfn{profile} with the three packages of interest; the profile is the +same as would be created by @command{guix package -i}. It is this +mechanism that is used to create Guix's own standalone binary tarball +(@pxref{Binary Installation}). + +Several command-line options allow you to customize your pack: + +@table @code +@item --system=@var{system} +@itemx -s @var{system} +Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of +the system type of the build host. + +@item --compression=@var{tool} +@itemx -C @var{tool} +Compress the resulting tarball using @var{tool}---one of @code{gzip}, +@code{bzip2}, @code{xz}, or @code{lzip}. +@end table + +In addition, @command{guix pack} supports all the common build options +(@pxref{Common Build Options}) and all the package transformation +options (@pxref{Package Transformation Options}). + + @node Invoking guix archive @section Invoking @command{guix archive} @@ -6812,7 +6871,7 @@ Few system services are currently supported out-of-the-box (@pxref{Services}). @item -More than 4,000 packages are available, but you may +More than 5,000 packages are available, but you may occasionally find that a useful package is missing. @item @@ -9336,18 +9395,30 @@ false, users have to use other authentication method. Authorized public keys are stored in @file{~/.ssh/authorized_keys}. This is used only by protocol version 2. -@item @code{rsa-authentication?} (default: @code{#t}) -When true, users may log in using pure RSA authentication. When false, -users have to use other means of authentication. This is used only by -protocol 1. - @item @code{x11-forwarding?} (default: @code{#f}) When true, forwarding of X11 graphical client connections is enabled---in other words, @command{ssh} options @option{-X} and @option{-Y} will work. -@item @code{protocol-number} (default: @code{2}) -The SSH protocol number to use. +@item @code{challenge-response-authentication?} (default: @code{#f}) +Specifies whether challenge response authentication is allowed (e.g. via +PAM). + +@item @code{use-pam?} (default: @code{#t}) +Enables the Pluggable Authentication Module interface. If set to +@code{#t}, this will enable PAM authentication using +@code{challenge-response-authentication?} and +@code{password-authentication?}, in addition to PAM account and session +module processing for all authentication types. + +Because PAM challenge response authentication usually serves an +equivalent role to password authentication, you should disable either +@code{challenge-response-authentication?} or +@code{password-authentication?}. + +@item @code{print-last-log?} (default: @code{#t}) +Specifies whether @command{sshd} should print the date and time of the +last user login when a user logs in interactively. @end table @end deftp @@ -10928,8 +10999,9 @@ Defaults to @samp{()}. Available @code{unix-listener-configuration} fields are: -@deftypevr {@code{unix-listener-configuration} parameter} file-name path -The file name on which to listen. +@deftypevr {@code{unix-listener-configuration} parameter} string path +Path to the file, relative to @code{base-dir} field. This is also used as +the section name. @end deftypevr @deftypevr {@code{unix-listener-configuration} parameter} string mode @@ -10950,8 +11022,9 @@ Defaults to @samp{""}. Available @code{fifo-listener-configuration} fields are: -@deftypevr {@code{fifo-listener-configuration} parameter} file-name path -The file name on which to listen. +@deftypevr {@code{fifo-listener-configuration} parameter} string path +Path to the file, relative to @code{base-dir} field. This is also used as +the section name. @end deftypevr @deftypevr {@code{fifo-listener-configuration} parameter} string mode @@ -12211,6 +12284,45 @@ remote servers. Run @command{man smtpd.conf} for more information. @end table @end deftp +@subsubheading Exim Service + +@deffn {Scheme Variable} exim-service-type +This is the type of the @uref{https://exim.org, Exim} service, whose value +should be an @code{exim-configuration} object as in this example: + +@example +(service exim-service-type + (exim-configuration + (config-file (local-file "./my-exim.conf")) + (aliases '(("postmaster" "bob") + ("bob" "bob@@example.com" "bob@@example2.com"))))) +@end example +@end deffn + +@deftp {Data Type} exim-configuration +Data type representing the configuration of exim. + +@table @asis +@item @code{package} (default: @var{exim}) +Package object of the Exim server. + +@item @code{config-file} (default: @code{#f}) +File-like object of the Exim configuration file to use. If its value is +@code{#f} then use the default configuration file from the package +provided in @code{package}. The resulting configuration file is loaded +after setting the @code{exim_user} and @code{exim_group} configuration +variables. + +@item @code{aliases} (default: @code{'()}) +List of aliases to use when delivering mail on this system. The +@code{car} of each list is used to match incoming mail, with the +@code{cdr} of each list designating how to deliver it. There may be many +delivery methods provided, in which case the mail is delivered to them +all. + +@end table +@end deftp + @node Messaging Services @subsubsection Messaging Services @@ -13840,9 +13952,9 @@ kernel modules that may be needed to achieve that. The @code{initrd} field of an @code{operating-system} declaration allows you to specify which initrd you would like to use. The @code{(gnu -system linux-initrd)} module provides two ways to build an initrd: the -high-level @code{base-initrd} procedure, and the low-level -@code{expression->initrd} procedure. +system linux-initrd)} module provides three ways to build an initrd: the +high-level @code{base-initrd} procedure and the low-level +@code{raw-initrd} and @code{expression->initrd} procedures. The @code{base-initrd} procedure is intended to cover most common uses. For example, if you want to add a bunch of kernel modules to be loaded @@ -13863,9 +13975,16 @@ The @code{base-initrd} procedure also handles common use cases that involves using the system as a QEMU guest, or as a ``live'' system with volatile root file system. -The initial RAM disk produced by @code{base-initrd} honors several -options passed on the Linux kernel command line (that is, arguments -passed @i{via} the @code{linux} command of GRUB, or the +The @code{base-initrd} procedure is built from @code{raw-initrd} procedure. +Unlike @code{base-initrd}, @code{raw-initrd} doesn't do anything high-level, +such as trying to guess which kernel modules and packages should be included +to the initrd. An example use of @code{raw-initrd} is when a user has +a custom Linux kernel configuration and default kernel modules included by +@code{base-initrd} are not available. + +The initial RAM disk produced by @code{base-initrd} or @code{raw-initrd} +honors several options passed on the Linux kernel command line +(that is, arguments passed @i{via} the @code{linux} command of GRUB, or the @code{-append} option of QEMU), notably: @table @code @@ -13904,19 +14023,23 @@ Manual}, for more information on Guile's REPL. @end table Now that you know all the features that initial RAM disks produced by -@code{base-initrd} provide, here is how to use it and customize it -further. +@code{base-initrd} and @code{raw-initrd} provide, +here is how to use it and customize it further. @cindex initrd @cindex initial RAM disk -@deffn {Monadic Procedure} base-initrd @var{file-systems} @ - [#:qemu-networking? #f] [#:virtio? #t] [#:volatile-root? #f] @ - [#:extra-modules '()] [#:mapped-devices '()] -Return a monadic derivation that builds a generic initrd. @var{file-systems} is +@deffn {Monadic Procedure} raw-initrd @var{file-systems} @ + [#:linux-modules '()] [#:mapped-devices '()] @ + [#:helper-packages '()] [#:qemu-networking? #f] [#:volatile-root? #f] +Return a monadic derivation that builds a raw initrd. @var{file-systems} is a list of file systems to be mounted by the initrd, possibly in addition to the root file system specified on the kernel command line via @code{--root}. +@var{linux-modules} is a list of kernel modules to be loaded at boot time. @var{mapped-devices} is a list of device mappings to realize before @var{file-systems} are mounted (@pxref{Mapped Devices}). +@var{helper-packages} is a list of packages to be copied in the initrd. It may +include @code{e2fsck/static} or other packages needed by the initrd to check +root partition. When @var{qemu-networking?} is true, set up networking with the standard QEMU parameters. When @var{virtio?} is true, load additional modules so that the @@ -13924,6 +14047,18 @@ initrd can be used as a QEMU guest with para-virtualized I/O drivers. When @var{volatile-root?} is true, the root file system is writable but any changes to it are lost. +@end deffn + +@deffn {Monadic Procedure} base-initrd @var{file-systems} @ + [#:mapped-devices '()] [#:qemu-networking? #f] [#:volatile-root? #f]@ + [#:virtio? #t] [#:extra-modules '()] +Return a monadic derivation that builds a generic initrd. @var{file-systems} is +a list of file systems to be mounted by the initrd like for @code{raw-initrd}. +@var{mapped-devices}, @var{qemu-networking?} and @var{volatile-root?} +also behaves as in @code{raw-initrd}. + +When @var{virtio?} is true, load additional modules so that the +initrd can be used as a QEMU guest with para-virtualized I/O drivers. The initrd is automatically populated with all the kernel modules necessary for @var{file-systems} and for the given options. However, additional kernel diff --git a/gnu/local.mk b/gnu/local.mk index c74418d0dc..f4d3ec1529 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -969,6 +969,7 @@ dist_patch_DATA = \ %D%/packages/patches/vte-CVE-2012-2738-pt1.patch \ %D%/packages/patches/vte-CVE-2012-2738-pt2.patch \ %D%/packages/patches/weechat-python.patch \ + %D%/packages/patches/wget-CVE-2017-6508.patch \ %D%/packages/patches/wicd-bitrate-none-fix.patch \ %D%/packages/patches/wicd-get-selected-profile-fix.patch \ %D%/packages/patches/wicd-urwid-1.3.patch \ diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 3d9226299b..34f6c222ce 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -257,7 +257,10 @@ re-executing them as necessary.") "05n65k4ixl85dc6rxc51b1b732gnmm8xnqi424dy9f1nz7ppb3xy")))) (build-system gnu-build-system) (arguments - '(#:configure-flags '("--localstatedir=/var"))) + '(#:configure-flags '("--localstatedir=/var") + ;; On some systems, 'libls.sh' may fail with an error such as: + ;; "Failed to tell switch -a apart from -A". + #:parallel-tests? #f)) (inputs `(("ncurses" ,ncurses) ("readline" ,readline))) ;for 'ftp' (native-inputs `(("netstat" ,net-tools))) ;for tests diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index 923b0ba9ed..9e20b9f033 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2015, 2016 Leo Famulari ;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; Copyright © 2017 Thomas Danckaert +;;; Copyright © 2017 Arun Isaac ;;; ;;; This file is part of GNU Guix. ;;; @@ -622,3 +623,35 @@ NTFS volumes using @code{ntfs-3g}, preserving NTFS-specific attributes.") (license (list license:gpl3+ license:lgpl3+ license:cc0)))) + +(define-public obnam + (package + (name "obnam") + (version "1.21") + (source + (origin + (method url-fetch) + (uri (string-append + "http://code.liw.fi/debian/pool/main/o/obnam/obnam_" + version ".orig.tar.xz")) + (sha256 + (base32 + "0qlipsq50hca71zc0dp1mg9zs12qm0sbblw7qfzl0hj6mk2rv1by")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2)) + (inputs + `(("python2-cliapp" ,python2-cliapp) + ("python2-larch" ,python2-larch) + ("python2-paramiko" ,python2-paramiko) + ("python2-pyaml" ,python2-pyaml) + ("python2-tracing" ,python2-tracing) + ("python2-ttystatus" ,python2-ttystatus))) + (home-page "https://obnam.org/") + (synopsis "Easy and secure backup program") + (description "Obnam is an easy, secure backup program. Features +include snapshot backups, data de-duplication and encrypted backups +using GnuPG. Backups can be stored on local hard disks, or online via +the SSH SFTP protocol. The backup server, if used, does not require +any special software, on top of SSH.") + (license license:gpl3+))) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 7bf39c6b03..770bea7e32 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -63,6 +63,7 @@ #:use-module (gnu packages image) #:use-module (gnu packages imagemagick) #:use-module (gnu packages java) + #:use-module (gnu packages ldc) #:use-module (gnu packages linux) #:use-module (gnu packages logging) #:use-module (gnu packages machine-learning) @@ -95,6 +96,28 @@ #:use-module (gnu packages zip) #:use-module (srfi srfi-1)) +(define-public r-ape + (package + (name "r-ape") + (version "4.1") + (source + (origin + (method url-fetch) + (uri (cran-uri "ape" version)) + (sha256 + (base32 + "0959fiiy11rzfzrzaknmgrx64bhszj02l0ycz79k5a6bmpfzanlk")))) + (build-system r-build-system) + (home-page "http://ape-package.ird.fr/") + (synopsis "Analyses of phylogenetics and evolution") + (description + "This package provides functions for reading, writing, plotting, and +manipulating phylogenetic trees, analyses of comparative data in a +phylogenetic framework, ancestral character analyses, analyses of +diversification and macroevolution, computing distances from DNA sequences, +and several other tools.") + (license license:gpl2+))) + (define-public aragorn (package (name "aragorn") @@ -2838,15 +2861,17 @@ indexing scheme is called a @dfn{Hierarchical Graph FM index} (HGFM).") (package (name "hmmer") (version "3.1b2") - (source (origin - (method url-fetch) - (uri (string-append - "http://eddylab.org/software/hmmer" - (version-prefix version 1) "/" - version "/hmmer-" version ".tar.gz")) - (sha256 - (base32 - "0djmgc0pfli0jilfx8hql1axhwhqxqb8rxg2r5rg07aw73sfs5nx")))) + (source + (origin + (method url-fetch) + (uri (string-append + "http://eddylab.org/software/hmmer" + (version-prefix version 1) "/" + version "/hmmer-" version ".tar.gz")) + (sha256 + (base32 + "0djmgc0pfli0jilfx8hql1axhwhqxqb8rxg2r5rg07aw73sfs5nx")) + (patches (search-patches "hmmer-remove-cpu-specificity.patch")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) (home-page "http://hmmer.org/") @@ -5741,7 +5766,7 @@ track. The database is exposed as a @code{TxDb} object.") (define-public vsearch (package (name "vsearch") - (version "2.4.0") + (version "2.4.2") (source (origin (method url-fetch) @@ -5751,7 +5776,7 @@ track. The database is exposed as a @code{TxDb} object.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "007q9a50hdw4vs2iajabvbw7qccml4r8cbqzyi5ipkkf42jk3vnr")) + "15zy2d9xvgbgdjlxvrhj8s5ga42p13k7a3xv015ingn0bi1p3n6w")) (patches (search-patches "vsearch-unbundle-cityhash.patch")) (snippet '(begin @@ -8574,3 +8599,99 @@ identifications while not exceeding a specified false discovery rate. It also contains a number of utilities to explore the MS/MS results and assess missed and irregular enzymatic cleavages, mass measurement accuracy, etc.") (license license:artistic2.0))) + +(define htslib-for-sambamba + (let ((commit "2f3c3ea7b301f9b45737a793c0b2dcf0240e5ee5")) + (package + (inherit htslib) + (name "htslib-for-sambamba") + (version (string-append "1.3.1-1." (string-take commit 9))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/lomereiter/htslib.git") + (commit commit))) + (file-name (string-append "htslib-" version "-checkout")) + (sha256 + (base32 + "0g38g8s3npr0gjm9fahlbhiskyfws9l5i0x1ml3rakzj7az5l9c9")))) + (arguments + (substitute-keyword-arguments (package-arguments htslib) + ((#:phases phases) + `(modify-phases ,phases + (add-before 'configure 'bootstrap + (lambda _ + (zero? (system* "autoreconf" "-vif")))))))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ,@(package-native-inputs htslib)))))) + +(define-public sambamba + (package + (name "sambamba") + (version "0.6.5") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/lomereiter/sambamba/" + "archive/v" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "17076gijd65a3f07zns2gvbgahiz5lriwsa6dq353ss3jl85d8vy")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; there is no test target + #:make-flags + '("D_COMPILER=ldc2" + ;; Override "--compiler" flag only. + "D_FLAGS=--compiler=ldc2 -IBioD -g -d" + "sambamba-ldmd2-64") + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-after 'unpack 'place-biod + (lambda* (#:key inputs #:allow-other-keys) + (copy-recursively (assoc-ref inputs "biod") "BioD") + #t)) + (add-after 'unpack 'unbundle-prerequisites + (lambda _ + (substitute* "Makefile" + ((" htslib-static lz4-static") "")) + #t)) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin"))) + (mkdir-p bin) + (install-file "build/sambamba" bin) + #t)))))) + (native-inputs + `(("ldc" ,ldc) + ("rdmd" ,rdmd) + ("biod" + ,(let ((commit "1248586b54af4bd4dfb28ebfebfc6bf012e7a587")) + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/biod/BioD.git") + (commit commit))) + (file-name (string-append "biod-" + (string-take commit 9) + "-checkout")) + (sha256 + (base32 + "1m8hi1n7x0ri4l6s9i0x6jg4z4v94xrfdzp7mbizdipfag0m17g3"))))))) + (inputs + `(("lz4" ,lz4) + ("htslib" ,htslib-for-sambamba))) + (home-page "http://lomereiter.github.io/sambamba") + (synopsis "Tools for working with SAM/BAM data") + (description "Sambamba is a high performance modern robust and +fast tool (and library), written in the D programming language, for +working with SAM and BAM files. Current parallelised functionality is +an important subset of samtools functionality, including view, index, +sort, markdup, and depth.") + (license license:gpl2+))) diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index 246e5ca14a..7f5c5b793f 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2015 Andreas Enge ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Ludovic Courtès +;;; Copyright © 2017 Leo Famulari ;;; ;;; This file is part of GNU Guix. ;;; @@ -73,7 +74,7 @@ (define-public nss-certs (package (name "nss-certs") - (version "3.29.2") + (version "3.29.3") (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -84,7 +85,7 @@ "nss-" version ".tar.gz"))) (sha256 (base32 - "149807rmzb76hnh48rw4m9jw83iw0168njzchz0hmbsgc8mk0i5w")))) + "1sz1r2iml9bhd4iqiqz75gii855a25895vpy9scjky0y4lqwrp9m")))) (build-system gnu-build-system) (outputs '("out")) (native-inputs @@ -139,3 +140,60 @@ taken from the NSS package and thus ultimately from the Mozilla project.") (home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS") (license license:mpl2.0))) + +(define-public le-certs + (package + (name "le-certs") + (version "0") + (source #f) + (build-system trivial-build-system) + (arguments + '(#:modules ((guix build utils)) + #:builder + (begin + (use-modules (guix build utils)) + (let ((root (assoc-ref %build-inputs "isrgrootx1.pem")) + (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem")) + (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem")) + (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))) + (mkdir-p out) + (for-each + (lambda (cert) + (copy-file cert (string-append out "/" + (strip-store-file-name cert)))) + (list root intermediate backup)))))) + (inputs + `(; The Let's Encrypt root certificate, "ISRG Root X1". + ("isrgrootx1.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/isrgrootx1.pem") + (sha256 + (base32 + "0zhd1ps7sz4w1x52xk3v7ng6d0rcyi7y7rcrplwkmilnq5hzjv1y")))) + ;; "Let’s Encrypt Authority X3", the active Let's Encrypt intermediate + ;; certificate. + ("letsencryptauthorityx3.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/letsencryptauthorityx3.pem") + (sha256 + (base32 + "0zbamj6c7zqw1j9mbqygc8k1ykgj6xiisp9svmlif5lkbnyjhnkk")))) + ;; "Let’s Encrypt Authority X4", the backup Let's Encrypt intermediate + ;; certificate. This will be used for disaster recovery and will only be + ;; used should Let's Encrypt lose the ability to issue with "Let’s + ;; Encrypt Authority X3". + ("letsencryptauthorityx4.pem" + ,(origin + (method url-fetch) + (uri "https://letsencrypt.org/certs/letsencryptauthorityx4.pem") + (sha256 + (base32 + "003dc94c8qwj634h0dq743x7hqv9rdcfaisdksprkmi2jd107xq4")))))) + (home-page "https://letsencrypt.org/certificates/") + (synopsis "Let's Encrypt root and intermediate certificates") + (description "This package provides a certificate store containing only the +Let's Encrypt root and intermediate certificates. It is intended to be used +within Guix.") + (license license:public-domain))) diff --git a/gnu/packages/ci.scm b/gnu/packages/ci.scm index c25bc389c0..ae91464a18 100644 --- a/gnu/packages/ci.scm +++ b/gnu/packages/ci.scm @@ -187,8 +187,8 @@ their dependencies.") (license l:gpl3+)))) (define-public cuirass - (let ((commit "f695c79eb3b93a0432901844c8ede16de39b8d07") - (revision "4")) + (let ((commit "8c811abb3174b44601b8996a1fe1718f37d7bd14") + (revision "5")) (package (name "cuirass") (version (string-append "0.0.1-" revision "." (string-take commit 7))) @@ -200,7 +200,7 @@ their dependencies.") (file-name (string-append name "-" version)) (sha256 (base32 - "1zsj3l85d8jq7h9a0zfb2w5pyvlwkirgvis4bv60syhbpblfvmri")))) + "0kz2ys01xlmxagsfr9qf3p212vm31wfl76rvxa7ii5804aidlz5n")))) (build-system gnu-build-system) (arguments '(#:phases diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index 4e6a248e8e..dbc4795d02 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -97,6 +97,33 @@ independent of the input data and can be reduced, if necessary, at some cost in compression.") (license license:zlib))) +(define-public minizip + (package + (name "minizip") + (version (package-version zlib)) + (source (package-source zlib)) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'enter-source + (lambda _ (chdir "contrib/minizip") #t)) + (add-before 'configure 'autoreconf + (lambda _ + (zero? (system* "autoreconf" "-vif"))))))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (propagated-inputs `(("zlib" ,zlib))) + (home-page (package-home-page zlib)) + (synopsis "Zip Compression library") + (description + "Minizip is a minimalistic library that supports compressing, +extracting and viewing ZIP archives. This version is extracted from +the @code{zlib} source.") + (license (package-license zlib)))) + (define-public fastjar (package (name "fastjar") diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 1daf8e4e68..3db5527e60 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -16,7 +16,7 @@ ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2016, 2017 Nicolas Goaziou ;;; Copyright © 2016 Alex Vong -;;; Copyright © 2016 Arun Isaac +;;; Copyright © 2016, 2017 Arun Isaac ;;; Copyright © 2017 Christopher Baines ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2017 Clément Lassieur @@ -366,7 +366,7 @@ when typing parentheses directly or commenting out code line by line.") (define-public git-modes (package (name "git-modes") - (version "1.2.2") + (version "1.2.4") (source (origin (method url-fetch) (uri (string-append @@ -375,7 +375,7 @@ when typing parentheses directly or commenting out code line by line.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0gb9c18jib8rpm14vig9774104lwmd8353ps0259m861syf6664d")))) + "0xxrmf0jnyljxvllc22qa0v8lgi4k1ldnayjm5hf68m25jsr378l")))) (build-system gnu-build-system) (arguments `(#:modules ((guix build gnu-build-system) @@ -436,7 +436,7 @@ on stdout instead of using a socket as the Emacsclient does.") (define-public magit (package (name "magit") - (version "2.10.2") + (version "2.10.3") (source (origin (method url-fetch) (uri (string-append @@ -444,7 +444,7 @@ on stdout instead of using a socket as the Emacsclient does.") version "/" name "-" version ".tar.gz")) (sha256 (base32 - "09qcc3a61irxi89x7q82hdy8dk0liiwyz66632wzcd881mhrhx18")))) + "03ln65ss420gc3h4pi56dayd1p163xfxrxrd9fkb9xnkl8mjglqk")))) (build-system gnu-build-system) (native-inputs `(("texinfo" ,texinfo) ("emacs" ,emacs-minimal))) @@ -3852,3 +3852,32 @@ mode-line.") "YASnippet is a template system for Emacs. It allows you to type an abbreviation and automatically expand it into function templates.") (license license:gpl3+))) + +(define-public emacs-memoize + (package + (name "emacs-memoize") + (version "20130421.b55eab0") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/skeeto/emacs-memoize") + (commit "b55eab0cb6ab05d941e07b8c01f1655c0cf1dd75"))) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0fjwlrdm270qcrqffvarw5yhijk656q4lam79ybhaznzj0dq3xpw")))) + (build-system emacs-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-before 'install 'check + (lambda _ + (zero? (system* "emacs" "-batch" "-l" "memoize.el" + "-l" "memoize-test.el" + "-f" "ert-run-tests-batch-and-exit"))))))) + (home-page "https://github.com/skeeto/emacs-memoize") + (synopsis "Emacs lisp memoization library") + (description "@code{emacs-memoize} is an Emacs library for +memoizing functions.") + (license license:unlicense))) diff --git a/gnu/packages/fonts.scm b/gnu/packages/fonts.scm index ce07accbf2..1f01ad6ad0 100644 --- a/gnu/packages/fonts.scm +++ b/gnu/packages/fonts.scm @@ -1035,6 +1035,70 @@ designed to work well in user interface environments.") vector graphics.") (license license:silofl1.1))) +(define-public font-tamzen + (package + (name "font-tamzen") + (version "1.11.4") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/sunaku/tamzen-font/archive/" + "Tamzen-" version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1ryd7gp6qiwaqw73jqbmh4kwlriyd8xykh4j7z90z8xp9fm7lrys")))) + (build-system trivial-build-system) + (arguments + `(#:modules ((guix build utils)) + #:builder + (begin + (use-modules (guix build utils)) + + (let ((tar (string-append (assoc-ref %build-inputs "tar") + "/bin/tar")) + (PATH (string-append (assoc-ref %build-inputs "gzip") + "/bin")) + (font-dir (string-append %output "/share/fonts/misc")) + (psf-dir (string-append %output "/share/kbd/consolefonts")) + (src-pcf-dir (string-append "tamzen-font-Tamzen-" + ,version "/pcf"))) + (setenv "PATH" PATH) + (system* tar "xvf" (assoc-ref %build-inputs "source")) + (mkdir-p font-dir) + (mkdir-p psf-dir) + (chdir src-pcf-dir) + (for-each (lambda (pcf) + (install-file pcf font-dir)) + (find-files "." "\\.pcf$")) + (chdir "../psf") + (for-each (lambda (psf) + (install-file psf psf-dir)) + (find-files "." "\\.psf$")) + #t)))) + (native-inputs + `(("tar" ,tar) + ("gzip" ,gzip))) + (home-page "https://github.com/sunaku/tamzen-font") + (synopsis "Monospaced bitmap font for console and X11") + (description + "Tamzen is a fork of the @code{Tamsyn} font. It is programatically forked +from @code{Tamsyn} version 1.11, backporting glyphs from older versions while +deleting deliberately empty glyphs (which are marked as unimplemented) to +allow secondary/fallback fonts to provide real glyphs at those codepoints. + +The @code{TamzenForPowerline} fonts provide additional @code{Powerline} symbols, +which are programatically injected with @code{bitmap-font-patcher} and +later hand-tweaked with the gbdfed(1) editor: + +@enumerate +@item all icons are expanded to occupy the maximum available space +@item the branch of the fork icon ( U+E0A0) was made larger than the trunk +@item for the newline icon ( U+E0A1), the @emph{N} was made larger at the bottom +@item the keyhole in the padlock icon ( U+E0A2) was replaced with @emph{//} lines. +@end enumerate\n") + (license (license:non-copyleft "file://LICENSE")))) + (define-public font-comic-neue (package (name "font-comic-neue") diff --git a/gnu/packages/fpga.scm b/gnu/packages/fpga.scm index f65eae8673..0b98e2db0d 100644 --- a/gnu/packages/fpga.scm +++ b/gnu/packages/fpga.scm @@ -231,6 +231,11 @@ For synthesis, the compiler generates netlists in the desired format.") (("-I/usr/local/include") "") (("-L/usr/local/lib") "")) #t)) + (add-after 'remove-usr-local 'fix-usr-local + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "icebox/icebox_vlog.py" + (("/usr/local/share") (string-append (assoc-ref outputs "out") "/share"))) + #t)) (delete 'configure)))) (inputs `(("libftdi" ,libftdi))) diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 550652eefd..1ce18658d0 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -1349,7 +1349,7 @@ is programmed in Haskell.") (define-public manaplus (package (name "manaplus") - (version "1.7.1.21") + (version "1.7.3.4") (source (origin (method url-fetch) (uri (string-append @@ -1357,7 +1357,7 @@ is programmed in Haskell.") version "/manaplus-" version ".tar.xz")) (sha256 (base32 - "0q9hk9jgz5jja1mmba5iafxwavk6991kjpmdxdkgbam0hk15pqmz")))) + "0mbxzsgjg16pqa3jnxkd7wwvw1lrx455r7fvwjfhzp0yv7acrn10")))) (build-system gnu-build-system) (arguments '(#:configure-flags @@ -2880,8 +2880,8 @@ the GNU GPL.") (version "2.01.2") (source (origin (method url-fetch) - (uri (string-append "https://sourceforge.net/projects/tintin" - "/files/TinTin++ Source Code/" version + (uri (string-append "mirror://sourceforge/tintin" + "/TinTin++ Source Code/" version "/tintin" "-" version ".tar.gz")) (sha256 (base32 diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 1b59cf7ecf..532dbf88f7 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -519,7 +519,7 @@ and signature functionality from Python programs.") (define-public pius (package (name "pius") - (version "2.2.3") + (version "2.2.4") (source (origin (method url-fetch) (uri (string-append @@ -527,7 +527,7 @@ and signature functionality from Python programs.") version "/pius-" version ".tar.bz2")) (sha256 (base32 - "0iy0gnms6lv9hpvk29313kc495a2f7pq2mg6ljxhy233vxsmjsk6")))) + "0lgc0ipwdfqbq16zax8kn17wbv8xyw4ygc09fawl2yp459z0ql4n")))) (build-system python-build-system) (inputs `(("perl" ,perl) ;for 'pius-party-worksheet' ("gpg" ,gnupg))) diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index e6e24f6650..55dfda4948 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -186,7 +186,7 @@ in the Mozilla clients.") (define-public nss (package (name "nss") - (version "3.29.2") + (version "3.29.3") (source (origin (method url-fetch) (uri (let ((version-with-underscores @@ -197,7 +197,7 @@ in the Mozilla clients.") "nss-" version ".tar.gz"))) (sha256 (base32 - "149807rmzb76hnh48rw4m9jw83iw0168njzchz0hmbsgc8mk0i5w")) + "1sz1r2iml9bhd4iqiqz75gii855a25895vpy9scjky0y4lqwrp9m")) ;; Create nss.pc and nss-config. (patches (search-patches "nss-pkgconfig.patch")))) (build-system gnu-build-system) @@ -221,55 +221,52 @@ in the Mozilla clients.") (ice-9 match) (srfi srfi-26)) #:phases - (alist-replace - 'configure - (lambda* (#:key system inputs #:allow-other-keys) - (setenv "CC" "gcc") - ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. - (when (string-prefix? "x86_64" system) - (setenv "USE_64" "1")) - #t) - (alist-replace - 'check - (lambda _ - ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. - ;; The later requires a working DNS or /etc/hosts. - (setenv "DOMSUF" "(none)") - (setenv "USE_IP" "TRUE") - (setenv "IP_ADDRESS" "127.0.0.1") - (zero? (system* "./nss/tests/all.sh"))) - (alist-replace - 'install - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append (assoc-ref outputs "bin") "/bin")) - (inc (string-append out "/include/nss")) - (lib (string-append out "/lib/nss")) - (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) - ((obj) (string-append "dist/" obj))))) - ;; Install nss-config to $out/bin. - (install-file (string-append obj "/bin/nss-config") - (string-append out "/bin")) - (delete-file (string-append obj "/bin/nss-config")) - ;; Install nss.pc to $out/lib/pkgconfig. - (install-file (string-append obj "/lib/pkgconfig/nss.pc") - (string-append out "/lib/pkgconfig")) - (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) - (rmdir (string-append obj "/lib/pkgconfig")) - ;; Install other files. - (copy-recursively "dist/public/nss" inc) - (copy-recursively (string-append obj "/bin") bin) - (copy-recursively (string-append obj "/lib") lib) + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key system inputs #:allow-other-keys) + (setenv "CC" "gcc") + ;; Tells NSS to build for the 64-bit ABI if we are 64-bit system. + (when (string-prefix? "x86_64" system) + (setenv "USE_64" "1")) + #t)) + (replace 'check + (lambda _ + ;; Use 127.0.0.1 instead of $HOST.$DOMSUF as HOSTADDR for testing. + ;; The later requires a working DNS or /etc/hosts. + (setenv "DOMSUF" "(none)") + (setenv "USE_IP" "TRUE") + (setenv "IP_ADDRESS" "127.0.0.1") + (zero? (system* "./nss/tests/all.sh")))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append (assoc-ref outputs "bin") "/bin")) + (inc (string-append out "/include/nss")) + (lib (string-append out "/lib/nss")) + (obj (match (scandir "dist" (cut string-suffix? "OBJ" <>)) + ((obj) (string-append "dist/" obj))))) + ;; Install nss-config to $out/bin. + (install-file (string-append obj "/bin/nss-config") + (string-append out "/bin")) + (delete-file (string-append obj "/bin/nss-config")) + ;; Install nss.pc to $out/lib/pkgconfig. + (install-file (string-append obj "/lib/pkgconfig/nss.pc") + (string-append out "/lib/pkgconfig")) + (delete-file (string-append obj "/lib/pkgconfig/nss.pc")) + (rmdir (string-append obj "/lib/pkgconfig")) + ;; Install other files. + (copy-recursively "dist/public/nss" inc) + (copy-recursively (string-append obj "/bin") bin) + (copy-recursively (string-append obj "/lib") lib) - ;; FIXME: libgtest1.so is installed in the above step, and it's - ;; (unnecessarily) linked with several NSS libraries, but - ;; without the needed rpaths, causing the 'validate-runpath' - ;; phase to fail. Here we simply delete libgtest1.so, since it - ;; seems to be used only during the tests. - (delete-file (string-append lib "/libgtest1.so")) + ;; FIXME: libgtest1.so is installed in the above step, and it's + ;; (unnecessarily) linked with several NSS libraries, but + ;; without the needed rpaths, causing the 'validate-runpath' + ;; phase to fail. Here we simply delete libgtest1.so, since it + ;; seems to be used only during the tests. + (delete-file (string-append lib "/libgtest1.so")) - #t)) - %standard-phases))))) + #t)))))) (inputs `(("sqlite" ,sqlite) ("zlib" ,zlib))) diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 8fdd85add9..13ff0e069a 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -220,7 +220,7 @@ without requiring the source code to be rewritten.") (define-public guile-next (package (inherit guile-2.0) (name "guile-next") - (version "2.1.7") + (version "2.1.8") (replacement #f) (source (origin (method url-fetch) @@ -228,7 +228,7 @@ without requiring the source code to be rewritten.") version ".tar.xz")) (sha256 (base32 - "0qf2664bglv5rrj4c99cc7gry7v9x0sqdyzgfg8zi8gm5wbcmqda")) + "0rh9vahqqwbyj79p1lc9pljkgxg8rczczf074dr8wl13j5h0y27m")) (modules '((guix build utils))) ;; Remove the pre-built object files. Instead, build everything @@ -238,6 +238,7 @@ without requiring the source code to be rewritten.") (find-files "prebuilt" "\\.go$"))))) (synopsis "Snapshot of what will become version 2.2 of GNU Guile") (properties '((timeout . 72000) ;20 hours + (max-silent-time . 10800) ;3 hours (needed on ARM) (upstream-name . "guile") (ftp-server . "alpha.gnu.org") (ftp-directory . "/gnu/guile"))) diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm index d0f659f6e3..2415881e8e 100644 --- a/gnu/packages/haskell.scm +++ b/gnu/packages/haskell.scm @@ -8194,4 +8194,22 @@ or filter messages based on the priority and source. It also has a syslog handler built in.") (license license:bsd-3))) +(define-public ghc-unexceptionalio + (package + (name "ghc-unexceptionalio") + (version "0.3.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://hackage.haskell.org/package/" + "unexceptionalio-" version "/" "unexceptionalio-" + version ".tar.gz")) + (sha256 (base32 "1f7h7zwky4scdcyjspg4ksfh7x6yra0wjybxq70p7vcwpgk2nzlj")))) + (build-system haskell-build-system) + (home-page "https://github.com/singpolyma/unexceptionalio") + (synopsis "IO without any non-error, synchronous exceptions") + (description "When you've caught all the exceptions that can be +handled safely, this is what you're left with.") + (license license:isc))) + ;;; haskell.scm ends here diff --git a/gnu/packages/ibus.scm b/gnu/packages/ibus.scm index d441485296..6c5537579e 100644 --- a/gnu/packages/ibus.scm +++ b/gnu/packages/ibus.scm @@ -42,7 +42,7 @@ (define-public ibus (package (name "ibus") - (version "1.5.14") + (version "1.5.15") (source (origin (method url-fetch) (uri (string-append "https://github.com/ibus/ibus/" @@ -50,7 +50,7 @@ version "/ibus-" version ".tar.gz")) (sha256 (base32 - "0g4x02d7j5w1lfn4zvmzsq93h17lajgn9d7hlvr6pws28vz40ax4")))) + "11g3jf6dgvmszvpgpva0y587kr0sffl79xmymvghrb1sdynvmxs1")))) (build-system glib-or-gtk-build-system) (arguments `(#:tests? #f ; tests fail because there's no connection to dbus @@ -237,7 +237,7 @@ Chinese pinyin input methods.") (define-public ibus-anthy (package (name "ibus-anthy") - (version "1.5.8") + (version "1.5.9") (source (origin (method url-fetch) (uri (string-append @@ -245,7 +245,7 @@ Chinese pinyin input methods.") version "/ibus-anthy-" version ".tar.gz")) (sha256 (base32 - "1aj7vnfky7izl23xyjky78z3qas3q72l3kr8dnql2lnivsrb8q1y")))) + "1y8sf837rmp662bv6zakny0xcm7c9c5qda7f9kq9riv9ywpcbw6x")))) (build-system gnu-build-system) (arguments '(#:configure-flags diff --git a/gnu/packages/imagemagick.scm b/gnu/packages/imagemagick.scm index 74483965dd..73496ccfc0 100644 --- a/gnu/packages/imagemagick.scm +++ b/gnu/packages/imagemagick.scm @@ -46,14 +46,14 @@ ;; The 7 release series has an incompatible API, while the 6 series is still ;; maintained. Don't update to 7 until we've made sure that the ImageMagick ;; users are ready for the 7-series API. - (version "6.9.7-9") + (version "6.9.7-10") (source (origin (method url-fetch) (uri (string-append "mirror://imagemagick/ImageMagick-" version ".tar.xz")) (sha256 (base32 - "1fqvi6h96mfbyw292awiwsqs449sjmw6i9ib53c66nnq1zchw7l3")))) + "02gvxz1xap5nm1vrgjxhkx13q6ja06vf23n28nc6cfdpb4s2xyqb")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch") @@ -187,6 +187,8 @@ script.") (list "--with-frozenpaths" "--enable-shared=yes" "--with-x=yes" + "--with-quantum-depth=16" ; required by Octave + "--enable-quantum-library-names" (string-append "--with-gs-font-dir=" (assoc-ref %build-inputs "gs-fonts") "/share/fonts/type1/ghostscript")))) diff --git a/gnu/packages/irc.scm b/gnu/packages/irc.scm index 6ba950763b..3d06df9ed8 100644 --- a/gnu/packages/irc.scm +++ b/gnu/packages/irc.scm @@ -101,7 +101,7 @@ irssi, but graphical.") (define-public irssi (package (name "irssi") - (version "1.0.1") + (version "1.0.2") (source (origin (method url-fetch) (uri (string-append "https://github.com/irssi/irssi/" @@ -109,7 +109,7 @@ irssi, but graphical.") version ".tar.xz")) (sha256 (base32 - "1krw71n24mj4p3f5nhzj6kdi1kq9ssl53hrqyjpgz61m7wdcaa4l")))) + "1sgvfprgrncbxcyg99rkd10kpjzqw00b1ppsfg8al0zirb13q72w")))) (build-system gnu-build-system) (arguments `(#:phases diff --git a/gnu/packages/kde-frameworks.scm b/gnu/packages/kde-frameworks.scm index 8bb05453da..7b90c1436b 100644 --- a/gnu/packages/kde-frameworks.scm +++ b/gnu/packages/kde-frameworks.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2016 Efraim Flashner ;;; Copyright © 2016 Hartmut Goebel ;;; Copyright © 2016 David Craven +;;; Copyright © 2017 Thomas Danckaert ;;; ;;; This file is part of GNU Guix. ;;; @@ -42,6 +43,7 @@ #:use-module (gnu packages glib) #:use-module (gnu packages gnome) #:use-module (gnu packages gnupg) + #:use-module (gnu packages gstreamer) #:use-module (gnu packages linux) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) @@ -119,12 +121,58 @@ common build settings used in software produced by the KDE community.") (arguments `(#:configure-flags '("-DCMAKE_CXX_FLAGS=-fPIC" - "-DPHONON_BUILD_PHONON4QT5=ON"))) + "-DPHONON_BUILD_PHONON4QT5=ON" + "-DPHONON_INSTALL_QT_EXTENSIONS_INTO_SYSTEM_QT=ON") + #:phases + (modify-phases %standard-phases + (add-before 'install 'patch-installdir + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((regex (string-append "(INSTALL DESTINATION \")" + (assoc-ref inputs "qtbase")))) + (substitute* "cmake_install.cmake" + ((regex all dest) + (string-append dest (assoc-ref outputs "out"))))) + #t))))) (home-page "https://phonon.kde.org") (synopsis "KDE's multimedia library") (description "KDE's multimedia library.") (license license:lgpl2.1+))) +(define-public phonon-backend-gstreamer + (package + (name "phonon-backend-gstreamer") + (version "4.9.0") + (source (origin + (method url-fetch) + (uri (string-append + "mirror://kde/stable/phonon/" + name "/" version "/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "1wc5p1rqglf0n1avp55s50k7fjdzdrhg0gind15k8796w7nfbhyf")))) + (build-system cmake-build-system) + (native-inputs + `(("extra-cmake-modules" ,extra-cmake-modules) + ("pkg-config" ,pkg-config))) + (inputs + `(("qtbase" ,qtbase) + ("phonon" ,phonon) + ("qtbase" ,qtbase) + ("qtx11extras" ,qtx11extras) + ("gstreamer" ,gstreamer) + ("gst-plugins-base" ,gst-plugins-base) + ("libxml2" ,libxml2))) + (arguments + `(#:configure-flags + '( "-DPHONON_BUILD_PHONON4QT5=ON"))) + (home-page "https://phonon.kde.org") + (synopsis "Phonon backend which uses GStreamer") + (description "Phonon makes use of backend libraries to provide sound. +Phonon-GStreamer is a backend based on the GStreamer multimedia library.") + ;; license: source files mention "either version 2.1 or 3" + (license (list license:lgpl2.1 license:lgpl3)))) + (define-public gpgmepp (package (name "gpgmepp") diff --git a/gnu/packages/ldc.scm b/gnu/packages/ldc.scm index 614e2d6d0c..fd4d60e8b8 100644 --- a/gnu/packages/ldc.scm +++ b/gnu/packages/ldc.scm @@ -276,7 +276,7 @@ latest DMD frontend and uses LLVM as backend.") (define-public dub (package (name "dub") - (version "1.2.0") + (version "1.2.2") (source (origin (method url-fetch) (uri (string-append "https://github.com/dlang/dub/archive/" @@ -284,7 +284,7 @@ latest DMD frontend and uses LLVM as backend.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1sd8i1rvxc7y7kk0y6km5zyvaladc5zh56r6afj74ndd63dssv43")))) + "02k11x34nck0lbv13ww103niiswnwnslbnswj3b5faszzadbi1v4")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; it would have tested itself by installing some packages (vibe etc) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 53b0f2a678..cd6d32f0fd 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -348,8 +348,8 @@ It has been modified to remove all non-free binary blobs.") (define %intel-compatible-systems '("x86_64-linux" "i686-linux")) -(define %linux-libre-version "4.10.1") -(define %linux-libre-hash "0mvwrjny1bjqyjqjxff9m97j48ybfdw8qpdazr5rwk12234v4k3d") +(define %linux-libre-version "4.10.2") +(define %linux-libre-hash "01kinnv40lqsk6fyz1k7hkx2diyg4mgp28bwraar5sii1gqmcw7k") (define-public linux-libre (make-linux-libre %linux-libre-version @@ -358,14 +358,14 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.9 - (make-linux-libre "4.9.13" - "16miggwcwfpm7kx0yz256x887rky9wgmp1grg850lf8sdkiz0a1p" + (make-linux-libre "4.9.14" + "104715z772if18qi61jbyhvidfh6qnwkiy0m9aa8irxgzs1pk9mn" %intel-compatible-systems #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.52" - "1fzcq9bbsxiij2fh6kgwrp417sy2j5gnbzs0wwlmznj7mvysl7qg" + (make-linux-libre "4.4.53" + "07sfg4i506f3hmd9k4iimnq1w3x0980qxnh649d1sldqxbmhdgjs" %intel-compatible-systems #:configuration-file kernel-config)) @@ -2764,7 +2764,7 @@ and copy/paste text in the console and in xterm.") (define-public btrfs-progs (package (name "btrfs-progs") - (version "4.9.1") + (version "4.10") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/kernel/" @@ -2772,7 +2772,7 @@ and copy/paste text in the console and in xterm.") "btrfs-progs-v" version ".tar.xz")) (sha256 (base32 - "1ppy2y9vypxw9awchari21yd3s2d7w2a9q3f4jq7dnjy5gyrnjj6")))) + "1njw2nrm51380d8arvqfmspa3app9353yd7hiddas3gpkaiwrjs4")))) (build-system gnu-build-system) (outputs '("out" "static")) ; static versions of binaries in "out" (~16MiB!) @@ -2839,9 +2839,9 @@ easy administration.") (remove-store-references target) (chmod target #o555))))) (home-page (package-home-page btrfs-progs)) - (synopsis "Statically-linked btrfs command from btrfsprogs") - (description "This package provides statically-linked command of btrfs taken -from the btrfsprogs package. It is meant to be used in initrds.") + (synopsis "Statically-linked btrfs command from btrfs-progs") + (description "This package provides the statically-linked @command{btrfs} +from the btrfs-progs package. It is meant to be used in initrds.") (license (package-license btrfs-progs)))) (define-public freefall diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm index 647c64dcc7..425c273e0d 100644 --- a/gnu/packages/lisp.scm +++ b/gnu/packages/lisp.scm @@ -129,7 +129,7 @@ interface to the Tk widget system.") (define-public ecl (package (name "ecl") - (version "16.1.2") + (version "16.1.3") (source (origin (method url-fetch) @@ -137,7 +137,7 @@ interface to the Tk widget system.") "https://common-lisp.net/project/ecl/static/files/release/" name "-" version ".tgz")) (sha256 - (base32 "16ab8qs3awvdxy8xs8jy82v8r04x4wr70l9l2j45vgag18d2nj1d")) + (base32 "0m0j24w5d5a9dwwqyrg0d35c0nys16ijb4r0nyk87yp82v38b9bn")) (modules '((guix build utils))) (snippet ;; Add ecl-bundle-systems to 'default-system-source-registry'. @@ -152,9 +152,6 @@ interface to the Tk widget system.") ("libffi" ,libffi))) (arguments '(#:tests? #t - #:make-flags `(,(string-append "ECL=" - (assoc-ref %outputs "out") - "/bin/ecl")) #:parallel-tests? #f #:phases (modify-phases %standard-phases @@ -182,7 +179,12 @@ interface to the Tk widget system.") `("kernel-headers" ,@libraries))) `("LIBRARY_PATH" suffix ,library-directories) `("LD_LIBRARY_PATH" suffix ,library-directories))))) - (add-after 'wrap 'check (assoc-ref %standard-phases 'check))))) + (add-after 'wrap 'check (assoc-ref %standard-phases 'check)) + (add-before 'check 'fix-path-to-ecl + (lambda _ + (substitute* "build/tests/Makefile" + (("\\$\\{exec_prefix\\}/") "")) + #t))))) (native-search-paths (list (search-path-specification (variable "XDG_DATA_DIRS") diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index b70597b84d..070d9ba093 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -254,7 +254,7 @@ operating systems.") (package (inherit mutt) (name "neomutt") - (version "20170225") + (version "20170306") (source (origin (method url-fetch) @@ -263,20 +263,20 @@ operating systems.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "00ll35g9pcanzrxsjp09vrmq6flml249dipcznrq2z4jy2zd386p")))) + "0qwcbjm9j1hgzmybw15w53pvfbqcdf47d4sw21s6r2yaj8kx1hag")))) (inputs `(("cyrus-sasl" ,cyrus-sasl) ("gdbm" ,gdbm) - ("lmdb" ,lmdb) - ("tokyocabinet" ,tokyocabinet) ("gpgme" ,gpgme) ("ncurses" ,ncurses) ("gnutls" ,gnutls) ("openssl" ,openssl) ;For smime ("perl" ,perl) + ("kyotocabinet" ,kyotocabinet) ("libxslt" ,libxslt) ("libidn" ,libidn) ("libxml2" ,libxml2) + ("lmdb" ,lmdb) ("docbook-xsl" ,docbook-xsl) ("notmuch" ,notmuch))) (native-inputs @@ -291,11 +291,12 @@ operating systems.") "--enable-gpgme" ;; database, implies header caching - ;; neomutt supports building multiple backends - "--with-tokyocabinet" + "--without-tokyocabinet" "--without-qdbm" "--without-bdb" "--with-lmdb" + (string-append "--with-kyotocabinet=" + (assoc-ref %build-inputs "kyotocabinet")) "--with-gdbm" "--with-gnutls" @@ -410,7 +411,7 @@ and corrections. It is based on a Bayesian filter.") (define-public offlineimap (package (name "offlineimap") - (version "7.0.13") + (version "7.0.14") (source (origin (method url-fetch) (uri (string-append "https://github.com/OfflineIMAP/offlineimap/" @@ -418,7 +419,7 @@ and corrections. It is based on a Bayesian filter.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1kl72wcxnxb4y5lm2f7ymwjsisnnpwb4w971ajkxlsiwjhzq8i7p")))) + "0i5dvygps1ai2qwgamab8kngrp0c5m3bgaw0jk34l8ypsk54wj8r")))) (build-system python-build-system) (native-inputs `(("asciidoc" ,asciidoc) @@ -662,14 +663,14 @@ invoking @command{notifymuch} from the post-new hook.") (define-public notmuch (package (name "notmuch") - (version "0.23.7") + (version "0.24") (source (origin (method url-fetch) (uri (string-append "https://notmuchmail.org/releases/notmuch-" version ".tar.gz")) (sha256 (base32 - "04w90c43zk23pys6prkqb14al408qypifcfj2qznqpwlf46v26zi")))) + "1z3m9knsdmchvfjzjhjf2cmdc9yahmvbvzn46wsrsrihfvv4rr7p")))) (build-system gnu-build-system) (arguments '(#:make-flags (list "V=1") ; Verbose test output. diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 9533f5f0a8..d274d50bbc 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -72,6 +72,7 @@ #:use-module (gnu packages guile) #:use-module (gnu packages xorg) #:use-module (gnu packages gl) + #:use-module (gnu packages imagemagick) #:use-module (gnu packages m4) #:use-module (gnu packages mpi) #:use-module (gnu packages multiprecision) @@ -949,7 +950,9 @@ can solve two kinds of problems: ("libxft" ,libxft) ("mesa" ,mesa) ("glu" ,glu) - ("zlib" ,zlib))) + ("zlib" ,zlib) + ("curl" ,curl) + ("graphicsmagick" ,graphicsmagick))) (native-inputs `(("lzip" ,lzip) ("gfortran" ,gfortran) diff --git a/gnu/packages/messaging.scm b/gnu/packages/messaging.scm index 0ffc031c85..f2f36ad876 100644 --- a/gnu/packages/messaging.scm +++ b/gnu/packages/messaging.scm @@ -265,7 +265,7 @@ supports IPv6, SSL-protected connections as well as PAM for authentication.") (define-public pidgin (package (name "pidgin") - (version "2.11.0") + (version "2.12.0") (source (origin (method url-fetch) @@ -273,7 +273,7 @@ supports IPv6, SSL-protected connections as well as PAM for authentication.") version "/" name "-" version ".tar.bz2")) (sha256 (base32 - "0crkggjj6y07v1kdwil9vw532b0vrs6p33nmlvdkpnl60m2169pp")) + "1y5p2mq3bfw35b66jsafmbva0w5gg1k99y9z8fyp3jfksqv3agcc")) (patches (search-patches "pidgin-add-search-path.patch")))) (build-system glib-or-gtk-build-system) (native-inputs diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index c608f397dc..685636e8ba 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -445,13 +445,13 @@ transactions from C or Python.") (define-public diffoscope (package (name "diffoscope") - (version "77") + (version "78") (source (origin (method url-fetch) (uri (pypi-uri name version)) (sha256 (base32 - "0wrb6pl88611frxj19kq3vikhbld40fy1ncrskb1iayxsmbfcbn9")))) + "1bx8i6sx2mcvm166nhw0i5442ld6wigkwav8dsnv22y7gnsl9d7n")))) (build-system python-build-system) (arguments `(#:phases (modify-phases %standard-phases diff --git a/gnu/packages/patches/hmmer-remove-cpu-specificity.patch b/gnu/packages/patches/hmmer-remove-cpu-specificity.patch new file mode 100644 index 0000000000..ba98db4d0e --- /dev/null +++ b/gnu/packages/patches/hmmer-remove-cpu-specificity.patch @@ -0,0 +1,22 @@ +This patch removes compilation flags which make the build for the machine +where compilation takes place, rendering the build not reproducible. + +diff --git a/configure b/configure +index 8b6aaef..49a6afc 100755 +--- a/configure ++++ b/configure +@@ -6125,14 +6125,6 @@ fi # guess arch + + if test "x$ax_gcc_arch" != x -a "x$ax_gcc_arch" != xno; then + for arch in $ax_gcc_arch; do +- if test "x$acx_maxopt_portable" = xyes; then # if we require portable code +- flags="-mtune=$arch" +- # -mcpu=$arch and m$arch generate nonportable code on every arch except +- # x86. And some other arches (e.g. Alpha) don't accept -mtune. Grrr. +- case $host_cpu in i*86|x86_64*) flags="$flags -mcpu=$arch -m$arch";; esac +- else +- flags="-march=$arch -mcpu=$arch -m$arch" +- fi + for flag in $flags; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 diff --git a/gnu/packages/patches/python-pandas-skip-failing-tests.patch b/gnu/packages/patches/python-pandas-skip-failing-tests.patch index 31fc912d00..8ac330c18f 100644 --- a/gnu/packages/patches/python-pandas-skip-failing-tests.patch +++ b/gnu/packages/patches/python-pandas-skip-failing-tests.patch @@ -2,39 +2,29 @@ These tests fail on 32bit architectures. Upstream bug URL: https://github.com/pandas-dev/pandas/issues/14866 ---- a/pandas/tests/test_base.py 2017-03-08 17:49:44.422282717 +0100 -+++ b/pandas/tests/test_base.py 2017-03-08 17:50:59.476701799 +0100 -@@ -363,30 +363,6 @@ - self.assertFalse(result.iat[0]) - self.assertFalse(result.iat[1]) +--- a/pandas/tests/indexes/common.py 2017-03-09 00:10:26.063996176 +0100 ++++ b/pandas/tests/indexes/common.py 2017-03-09 00:10:53.152844191 +0100 +@@ -119,20 +119,6 @@ + with tm.assertRaisesRegexp(ValueError, 'Invalid fill method'): + idx.get_indexer(idx, method='invalid') - def test_ndarray_compat_properties(self): - -- for o in self.objs: +- idx = self.create_index() +- self.assertTrue(idx.T.equals(idx)) +- self.assertTrue(idx.transpose().equals(idx)) - -- # check that we work -- for p in ['shape', 'dtype', 'flags', 'T', 'strides', 'itemsize', -- 'nbytes']: -- self.assertIsNotNone(getattr(o, p, None)) -- self.assertTrue(hasattr(o, 'base')) +- values = idx.values +- for prop in self._compat_props: +- self.assertEqual(getattr(idx, prop), getattr(values, prop)) - -- # if we have a datetimelike dtype then needs a view to work -- # but the user is responsible for that -- try: -- self.assertIsNotNone(o.data) -- except ValueError: -- pass +- # test for validity +- idx.nbytes +- idx.values.nbytes - -- self.assertRaises(ValueError, o.item) # len > 1 -- self.assertEqual(o.ndim, 1) -- self.assertEqual(o.size, len(o)) -- -- self.assertEqual(Index([1]).item(), 1) -- self.assertEqual(Series([1]).item(), 1) -- - def test_ops(self): - for op in ['max', 'min']: - for o in self.objs: + def test_repr_roundtrip(self): + + idx = self.create_index() --- a/pandas/tools/tests/test_tile.py 2017-03-08 17:47:39.762261841 +0100 +++ b/pandas/tools/tests/test_tile.py 2017-03-08 17:48:26.831780495 +0100 @@ -271,19 +271,6 @@ diff --git a/gnu/packages/patches/wget-CVE-2017-6508.patch b/gnu/packages/patches/wget-CVE-2017-6508.patch new file mode 100644 index 0000000000..0218fceaad --- /dev/null +++ b/gnu/packages/patches/wget-CVE-2017-6508.patch @@ -0,0 +1,45 @@ +Fix CVE-2017-6508: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6508 + +Patch copied from upstream source repository: + +https://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4 + +From 4d729e322fae359a1aefaafec1144764a54e8ad4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tim=20R=C3=BChsen?= +Date: Mon, 6 Mar 2017 10:04:22 +0100 +Subject: [PATCH] Fix CRLF injection in Wget host part + +* src/url.c (url_parse): Reject control characters in host part of URL + +Reported-by: Orange Tsai +--- + src/url.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/src/url.c b/src/url.c +index 8f8ff0b8..7d36b27d 100644 +--- a/src/url.c ++++ b/src/url.c +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode) + url_unescape (u->host); + host_modified = true; + ++ /* check for invalid control characters in host name */ ++ for (p = u->host; *p; p++) ++ { ++ if (c_iscntrl(*p)) ++ { ++ url_free(u); ++ error_code = PE_INVALID_HOST_NAME; ++ goto error; ++ } ++ } ++ + /* Apply IDNA regardless of iri->utf8_encode status */ + if (opt.enable_iri && iri) + { +-- +2.12.0 + diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 60f0594453..5baf329995 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -30,12 +30,13 @@ ;;; Copyright © 2016 Stefan Reichoer ;;; Copyright © 2016 Dylan Jeffers ;;; Copyright © 2016 Alex Vong -;;; Copyright © 2016 Arun Isaac +;;; Copyright © 2016, 2017 Arun Isaac ;;; Copyright © 2016, 2017 Julien Lepiller ;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice ;;; Copyright © 2016, 2017 Thomas Danckaert ;;; Copyright © 2017 Carlo Zancanaro ;;; Copyright © 2017 Frederick M. Muriithi +;;; Copyright © 2017 humanitiesNerd ;;; ;;; This file is part of GNU Guix. ;;; @@ -3433,8 +3434,6 @@ producing implementations of dynamic languages, emphasizing a clean separation between language specification and implementation aspects.") (license license:expat))) -;; This version of numpy is missing the documentation and is only used to -;; build matplotlib which is required to build numpy's documentation. (define-public python-numpy (package (name "python-numpy") @@ -3581,10 +3580,10 @@ association studies (GWAS) on extremely large data sets.") (method git-fetch) (uri (git-reference (url "https://github.com/scipy/scipy-sphinx-theme.git") - (commit "c466764e22"))) + (commit "c466764e2231ba132c09826b5b138fffa1cfcec3"))) (sha256 (base32 - "0q2y87clwlsgc7wvlsn9pzyssybcq10plwhq2w1ydykfsyyqbmkl")))) + "0q2y87clwlsgc7wvlsn9pzyssybcq10plwhq2w1ydykfsyyqbmkl")))) ,@(package-native-inputs python-numpy))) (arguments `(#:tests? #f ; we're only generating the documentation @@ -13479,3 +13478,188 @@ specified to apply on the key before comparison (e.g. @code{string.lower})).") Python. It is based on Parsing Expression Grammars, PEG. With pyPEG you can parse many formal languages.") (license license:gpl2))) + +(define-public python2-cliapp + (package + (name "python2-cliapp") + (version "1.20160724") + (source + (origin + (method url-fetch) + (uri (string-append + "http://git.liw.fi/cgi-bin/cgit/cgit.cgi/cliapp/snapshot/cliapp-" + version ".tar.gz")) + (sha256 + (base32 + "025cyi75vxyghbm4hav8dz4fzwksshddavy9g9fwr440awcvw74f")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2)) + (propagated-inputs + `(("python2-pyaml" ,python2-pyaml))) + (home-page "https://liw.fi/cliapp/") + (synopsis "Python framework for command line programs") + (description "@code{python2-cliapp} is a python framework for +command line programs. It contains the typical stuff such programs +need to do, such as parsing the command line for options, and +iterating over input files.") + (license license:gpl2+))) + +(define-public python2-ttystatus + (package + (name "python2-ttystatus") + (version "0.32") + (source + (origin + (method url-fetch) + (uri (string-append + "http://git.liw.fi/cgi-bin/cgit/cgit.cgi/ttystatus/snapshot/ttystatus-" + version ".tar.gz")) + (sha256 + (base32 + "0b5g889jj23r2w1hi300cdldx6jvspanp0ybf5n1qvdvl150aamf")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2)) + (home-page "https://liw.fi/ttystatus/") + (synopsis "Python library for showing progress reporting and +status updates on terminals") + (description "@code{python2-ttystatus} is a python library for +showing progress reporting and status updates on terminals, for +command line programs. Output is automatically adapted to the width +of the terminal: truncated if it does not fit, and resized if the +terminal size changes.") + (license license:gpl3+))) + +(define-public python2-tracing + (package + (name "python2-tracing") + (version "0.10") + (source + (origin + (method url-fetch) + (uri (string-append + "http://git.liw.fi/cgi-bin/cgit/cgit.cgi/python-tracing/snapshot/tracing-" + version ".tar.gz")) + (sha256 + (base32 + "06cw4zg42fsvqy372vi2whj26w56vzg5axhzwdjc2bgwf03garbw")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2)) + (home-page "https://liw.fi/tracing/") + (synopsis "Python debug logging helper") + (description "@code{python2-tracing} is a python library for +logging debug messages. It provides a way to turn debugging messages +on and off, based on the filename they occur in. It is much faster +than using @code{logging.Filter} to accomplish the same thing, which +matters when code is run in production mode. The actual logging still +happens using the @code{logging} library.") + (license license:gpl3+))) + +(define-public python2-larch + (package + (name "python2-larch") + (version "1.20151025") + (source + (origin + (method url-fetch) + (uri (string-append + "http://git.liw.fi/cgi-bin/cgit/cgit.cgi/larch/snapshot/larch-" + version ".tar.gz")) + (sha256 + (base32 + "1p4knkkavlqymgciz2wbcnfrdgdbafhg14maplnk4vbw0q8xs663")))) + (build-system python-build-system) + (arguments + `(#:python ,python-2)) + (propagated-inputs + `(("python2-tracing" ,python2-tracing))) + (home-page "https://liw.fi/larch/") + (synopsis "Python copy-on-write B-tree library") + (description "@code{python2-larch} is an implementation of +particular kind of B-tree, based on research by Ohad Rodeh. See +@url{http://liw.fi/larch/ohad-btrees-shadowing-clones.pdf} for details +on the data structure. + +The distinctive feature of this B-tree is that a node is never +(conceptually) modified. Instead, all updates are done by +copy-on-write. This makes it easy to clone a tree, and modify only the +clone, while other processes access the original tree.") + (license license:gpl3+))) + +(define-public python-htmlmin + (package + (name "python-htmlmin") + (version "0.1.10") + (source + (origin + (method url-fetch) + (uri (pypi-uri "htmlmin" version)) + (sha256 + (base32 + "0qxa93j3p1ak32qh8d9kshqv8v3z0hkc13dwbhp5cn7sn3xmsp6a")))) + (arguments + `(#:tests? #f)) ;htmlmin has no tests + (build-system python-build-system) + (home-page "https://htmlmin.readthedocs.org/en/latest/") + (synopsis "HTML minifier") + (description "@code{htmlmin} is an HTML minifier that just works. +It comes with safe defaults and easily configurable options.") + (license license:bsd-3))) + +(define-public python2-htmlmin + (package-with-python2 python-htmlmin)) + +(define-public python-flask-htmlmin + (package + (name "python-flask-htmlmin") + (version "1.2") + (source + (origin + (method url-fetch) + (uri (pypi-uri "Flask-HTMLmin" version)) + (sha256 + (base32 + "1n6zlq72kakkw0z2jpq6nh74lfsmxybm4g053pwhc14fbr809348")))) + (propagated-inputs + `(("python-flask" ,python-flask) + ("python-htmlmin" ,python-htmlmin))) + (build-system python-build-system) + (home-page "https://github.com/hamidfzm/Flask-HTMLmin") + (synopsis "HTML response minifier for Flask") + (description + "Minify @code{text/html} MIME type responses when using @code{Flask}.") + (license license:bsd-3))) + +(define-public python2-flask-htmlmin + (package-with-python2 python-flask-htmlmin)) + +(define-public python-flask-login + (package + (name "python-flask-login") + (version "0.4.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/maxcountryman/flask-login/archive/" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "1pdqp7a2gyb7k06xda004x0fi2w66s6kn2i0ndkqndmg12d83f9w")))) + (arguments + ;; Tests fail PEP8 compliance. See: + ;; https://github.com/maxcountryman/flask-login/issues/340 + `(#:tests? #f)) + (build-system python-build-system) + (home-page "https://github.com/maxcountryman/flask-login") + (synopsis "User session management for Flask") + (description + "@code{Flask-Login} provides user session management for Flask. It +handles the common tasks of logging in, logging out, and remembering your +users' sessions over extended periods of time.") + (license license:expat))) + +(define-public python2-flask-login + (package-with-python2 python-flask-login)) diff --git a/gnu/packages/regex.scm b/gnu/packages/regex.scm index 11f4716033..f55faaf042 100644 --- a/gnu/packages/regex.scm +++ b/gnu/packages/regex.scm @@ -22,7 +22,8 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) - #:use-module (guix build-system gnu)) + #:use-module (guix build-system gnu) + #:use-module (guix utils)) (define-public re2 (package @@ -42,7 +43,16 @@ (arguments `(#:test-target "test" ;; There is no configure step, but the Makefile respects a prefix. - #:make-flags (list (string-append "prefix=" %output)) + ;; As ./configure does not know anything about the target CXX + ;; we need to specify TARGET-g++ explicitly. + #:make-flags (list (string-append "prefix=" %output) + (string-append + "CXX=" ,(string-append + (if (%current-target-system) + (string-append + (%current-target-system) "-") + "") + "g++"))) #:phases (modify-phases %standard-phases (delete 'configure) diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm index 64b0b0e940..49bb24e594 100644 --- a/gnu/packages/statistics.scm +++ b/gnu/packages/statistics.scm @@ -3227,14 +3227,17 @@ and tidyr provides no margins or aggregation.") (define-public r-hexbin (package (name "r-hexbin") - (version "1.27.1") + ;; The package tarball was updated in place, resulting in a change in the + ;; hash value. We decided to bump the version to 1.27.1-1 instead of + ;; keeping the version at upstream's 1.27.1. + (version "1.27.1-1") (source (origin (method url-fetch) - (uri (cran-uri "hexbin" version)) + (uri (cran-uri "hexbin" "1.27.1")) (sha256 (base32 - "0xi6fbf1fvyn2gffr052n3viibqzpr3603sgi4xaminbzja4syjh")))) + "025d609z1nyy684hwvp34b9mjzkgvild7fvfr95f941dmsikan87")))) (build-system r-build-system) (propagated-inputs `(("r-lattice" ,r-lattice))) @@ -4170,3 +4173,671 @@ perform @dfn{independent component analysis} (ICA) and projection pursuit.") "This package provides the Breiman and Cutler's random forests algorithm, based on a forest of trees using random inputs, for classification and regression.") (license license:gpl2+))) + +(define-public r-diptest + (package + (name "r-diptest") + (version "0.75-7") + (source + (origin + (method url-fetch) + (uri (cran-uri "diptest" version)) + (sha256 + (base32 + "06xnc5gv1284ll0addxnxb6ljz6fn8dbyrp5vchyz6551h800aa6")))) + (build-system r-build-system) + (home-page "http://cran.r-project.org/web/packages/diptest") + (synopsis "Hartigan's dip test statistic for unimodality") + (description + "This package computes Hartigan's dip test statistic for unimodality, +multimodality and provides a test with simulation based p-values, where the +original public code has been corrected.") + (license license:gpl2+))) + +(define-public r-modeltools + (package + (name "r-modeltools") + (version "0.2-21") + (source + (origin + (method url-fetch) + (uri (cran-uri "modeltools" version)) + (sha256 + (base32 + "0ynds453xprxv0jqqzi3blnv5w6vrdww9pvd1sq4lrr5ar3k3cq7")))) + (build-system r-build-system) + (home-page "http://cran.r-project.org/web/packages/modeltools") + (synopsis "Tools and classes for statistical models") + (description + "This package provides a collection of tools to deal with statistical +models. The functionality is experimental and the user interface is likely +to change in the future.") + (license license:gpl2))) + +(define-public r-flexmix + (package + (name "r-flexmix") + (version "2.3-13") + (source + (origin + (method url-fetch) + (uri (cran-uri "flexmix" version)) + (sha256 + (base32 + "1i205yw3kkxs27gqcs6zx0c2mh16p332a2p06wq6fdzb20bazg3z")))) + (build-system r-build-system) + (propagated-inputs + `(("r-modeltools" ,r-modeltools))) + (home-page "http://cran.r-project.org/web/packages/flexmix") + (synopsis "Flexible mixture modeling") + (description + "This package implements a general framework for finite mixtures of +regression models using the EM algorithm. FlexMix provides the E-step and +all data handling, while the M-step can be supplied by the user to easily +define new models. Existing drivers implement mixtures of standard linear +models, generalized linear models and model-based clustering.") + (license license:gpl2+))) + +(define-public r-mclust + (package + (name "r-mclust") + (version "5.2.2") + (source + (origin + (method url-fetch) + (uri (cran-uri "mclust" version)) + (sha256 + (base32 + "19cbg7p5h2b6h9mvcx9rjppyd3awma18ymaljakbnclpvhwbqpwd")))) + (build-system r-build-system) + (native-inputs + `(("gfortran" ,gfortran))) + (home-page "http://www.stat.washington.edu/mclust/") + (synopsis "Gaussian mixture modelling for model-based clustering etc.") + (description + "This package provides Gaussian finite mixture models fitted via EM +algorithm for model-based clustering, classification, and density estimation, +including Bayesian regularization, dimension reduction for visualisation, +and resampling-based inference.") + (license license:gpl2+))) + +(define-public r-prabclus + (package + (name "r-prabclus") + (version "2.2-6") + (source + (origin + (method url-fetch) + (uri (cran-uri "prabclus" version)) + (sha256 + (base32 + "0qjsxrx6yv338bxm4ki0w9h8hind1l98abdrz828588bwj02jya1")))) + (build-system r-build-system) + (propagated-inputs + `(("r-mclust" ,r-mclust))) + (home-page "https://cran.r-project.org/web/packages/prabclus") + (synopsis "Parametric bootstrap tests for spatial neighborhood clustering") + (description + "This package provides a distance-based parametric bootstrap tests +for clustering with spatial neighborhood information. Some distance measures, +clustering of presence-absence, abundance and multilocus genetical data for +species delimitation, nearest neighbor based noise detection.") + (license license:gpl2+))) + +(define-public r-deoptimr + (package + (name "r-deoptimr") + (version "1.0-8") + (source + (origin + (method url-fetch) + (uri (cran-uri "DEoptimR" version)) + (sha256 + (base32 + "1vz546hyjyhly70z62h5n3mn62b8llhhmim8ffp9y6jnnb0i2sc4")))) + (properties `((upstream-name . "DEoptimR"))) + (build-system r-build-system) + (home-page "http://cran.r-project.org/web/packages/DEoptimR") + (synopsis "Differential evolution optimization in pure R") + (description + "This package provides a differential evolution (DE) stochastic +algorithms for global optimization of problems with and without constraints. +The aim is to curate a collection of its state-of-the-art variants that (1) do +not sacrifice simplicity of design, (2) are essentially tuning-free, and (3) +can be efficiently implemented directly in the R language.") + (license license:gpl2+))) + +(define-public r-robustbase + (package + (name "r-robustbase") + (version "0.92-7") + (source + (origin + (method url-fetch) + (uri (cran-uri "robustbase" version)) + (sha256 + (base32 + "13xz4am7y0s0kl5bmbcw3dlhl7ji8h9sjx56wsgmj6r9n35nrggw")))) + (build-system r-build-system) + (inputs + `(("gfortran" ,gfortran))) + (propagated-inputs + `(("r-deoptimr" ,r-deoptimr))) + (home-page "http://robustbase.r-forge.r-project.org/") + (synopsis "Basic robust statistics") + (description + "This packages allows to analyze data with robust methods such as +regression methodology including model selections and multivariate statistics.") + (license license:gpl2+))) + +(define-public r-trimcluster + (package + (name "r-trimcluster") + (version "0.1-2") + (source + (origin + (method url-fetch) + (uri (cran-uri "trimcluster" version)) + (sha256 + (base32 + "0lsgbg93hm0w1rdb813ry0ks2l0jfpyqzqkf3h3bj6fch0avcbv2")))) + (build-system r-build-system) + (home-page "http://cran.r-project.org/web/packages/trimcluster") + (synopsis "Cluster analysis with trimming") + (description + "The trimmed k-means clustering method by Cuesta-Albertos, Gordaliza and +Matran (1997). This optimizes the k-means criterion under trimming a portion +of the points.") + (license license:gpl2+))) + +(define-public r-fpc + (package + (name "r-fpc") + (version "2.1-10") + (source + (origin + (method url-fetch) + (uri (cran-uri "fpc" version)) + (sha256 + (base32 + "15m0p9l9w2v7sl0cnzyg81i2fmx3hrhvr3371544mwn3fpsca5sx")))) + (build-system r-build-system) + (propagated-inputs + `(("r-diptest" ,r-diptest) + ("r-flexmix" ,r-flexmix) + ("r-kernlab" ,r-kernlab) + ("r-mclust" ,r-mclust) + ("r-mvtnorm" ,r-mvtnorm) + ("r-prabclus" ,r-prabclus) + ("r-robustbase" ,r-robustbase) + ("r-trimcluster" ,r-trimcluster))) + (home-page "http://cran.r-project.org/web/packages/fpc") + (synopsis "Flexible procedures for clustering") + (description + "This package provides various methods for clustering and cluster validation. +For example, it provides fixed point clustering, linear regression clustering, +clustering by merging Gaussian mixture components, as well as symmetric and +asymmetric discriminant projections for visualisation of the separation of +groupings.") + (license license:gpl2+))) + +(define-public r-vgam + (package + (name "r-vgam") + (version "1.0-3") + (source + (origin + (method url-fetch) + (uri (cran-uri "VGAM" version)) + (sha256 + (base32 + "0wr6szcpj8r4a1rlzgd6iym7khin69fmvxcf37iyvs8mms86dfr3")))) + (properties `((upstream-name . "VGAM"))) + (build-system r-build-system) + (inputs + `(("gfortran" ,gfortran))) + (home-page "https://www.stat.auckland.ac.nz/~yee/VGAM") + (synopsis "Vector generalized linear and additive models") + (description + "This package is an implementation of about 6 major classes of statistical +regression models. Currently only fixed-effects models are implemented, i.e., +no random-effects models. Many (150+) models and distributions are estimated +by maximum likelihood estimation (MLE) or penalized MLE, using Fisher scoring. +VGLMs can be loosely thought of as multivariate generalised linear models.") + (license license:gpl2+))) + +(define-public r-pbapply + (package + (name "r-pbapply") + (version "1.3-2") + (source + (origin + (method url-fetch) + (uri (cran-uri "pbapply" version)) + (sha256 + (base32 + "1sdmjlnwxb99f95g5v8k8mirrkzw99yig377v0qi9lzwjgd6fqqr")))) + (build-system r-build-system) + (home-page "https://github.com/psolymos/pbapply") + (synopsis "Adding progress bar to apply functions") + (description + "This lightweight package that adds progress bar to vectorized R +functions apply. The implementation can easily be added to functions where +showing the progress is useful e.g. bootstrap.") + (license license:gpl2))) + +(define-public r-fnn + (package + (name "r-fnn") + (version "1.1") + (source + (origin + (method url-fetch) + (uri (cran-uri "FNN" version)) + (sha256 + (base32 + "1kncmiaraq1mrykb9fj3fsxswabk3l71fnp1vks0x9aay5xfk8mj")))) + (properties `((upstream-name . "FNN"))) + (build-system r-build-system) + (home-page "http://cran.r-project.org/web/packages/FNN") + (synopsis "Fast nearest neighbor search algorithms and applications") + (description + "This package provides cover-tree and kd-tree fast k-nearest neighbor +search algorithms and related applications including KNN classification, +regression and information measures.") + (license license:gpl2+))) + +(define-public r-minqa + (package + (name "r-minqa") + (version "1.2.4") + (source + (origin + (method url-fetch) + (uri (cran-uri "minqa" version)) + (sha256 + (base32 + "036drja6xz7awja9iwb76x91415p26fb0jmg7y7v0p65m6j978fg")))) + (build-system r-build-system) + (propagated-inputs + `(("r-rcpp" ,r-rcpp))) + (inputs + `(("gfortran" ,gfortran))) + (home-page "http://optimizer.r-forge.r-project.org") + (synopsis "Derivative-free optimization algorithms by quadratic approximation") + (description + "This package provides a derivative-free optimization by quadratic approximation +based on an interface to Fortran implementations by M. J. D. Powell.") + (license license:gpl2))) + +(define-public r-rcppeigen + (package + (name "r-rcppeigen") + (version "0.3.2.9.0") + (source + (origin + (method url-fetch) + (uri (cran-uri "RcppEigen" version)) + (sha256 + (base32 + "0fy9kr03160f1ywzff3p380s8a59jz7d2d0rggb14g2y0slzpbr5")))) + (properties `((upstream-name . "RcppEigen"))) + (build-system r-build-system) + (propagated-inputs + `(("r-rcpp" ,r-rcpp))) + (home-page "http://eigen.tuxfamily.org") + (synopsis "Rcpp integration for the Eigen templated linear algebra library") + (description + "This package provides an integration of Eigen in R using a C++ template +library for linear algebra: matrices, vectors, numerical solvers and related algorithms. +It supports dense and sparse matrices on integer, floating point and complex numbers, +decompositions of such matrices, and solutions of linear systems.") + (license license:gpl2+))) + +(define-public r-modelmetrics + (package + (name "r-modelmetrics") + (version "1.1.0") + (source + (origin + (method url-fetch) + (uri (cran-uri "ModelMetrics" version)) + (sha256 + (base32 + "119xxmzb5biq7k1yxqsf0jmmarmfn6lds9x9hfgv593xlpym6za8")))) + (properties `((upstream-name . "ModelMetrics"))) + (build-system r-build-system) + (propagated-inputs + `(("r-rcpp" ,r-rcpp))) + (home-page "http://cran.r-project.org/web/packages/ModelMetrics") + (synopsis "Rapid calculation of model metrics") + (description + "Written in C++ using @code{Rcpp}, this package provides a collection of +metrics for evaluating models.") + (license license:gpl2+))) + +(define-public r-matrixmodels + (package + (name "r-matrixmodels") + (version "0.4-1") + (source + (origin + (method url-fetch) + (uri (cran-uri "MatrixModels" version)) + (sha256 + (base32 + "0cyfvhci2p1vr2x52ymkyqqs63x1qchn856dh2j94yb93r08x1zy")))) + (properties `((upstream-name . "MatrixModels"))) + (build-system r-build-system) + (home-page "https://cran.r-project.org/web/packages/MatrixModels") + (synopsis "Modelling with sparse and dense matrices") + (description + "This package models with sparse and dense matrix matrices, +using modular prediction and response module classes.") + (license license:gpl2+))) + +(define-public r-quantreg + (package + (name "r-quantreg") + (version "5.29") + (source + (origin + (method url-fetch) + (uri (cran-uri "quantreg" version)) + (sha256 + (base32 + "098gy8xv9kcl5y0cm93b8chr5sm6crrdxi20bkx9lmwmybl3himv")))) + (build-system r-build-system) + (native-inputs + `(("gfortran" ,gfortran))) + (propagated-inputs + `(("r-matrixmodels" ,r-matrixmodels) + ("r-sparsem" ,r-sparsem))) + (home-page "http://www.r-project.org") + (synopsis "Quantile regression") + (description + "This package provides an estimation and inference methods for models +of conditional quantiles: linear and nonlinear parametric and non-parametric +models for conditional quantiles of a univariate response and several methods +for handling censored survival data. Portfolio selection methods based on +expected shortfall risk are also included.") + (license license:gpl2+))) + +(define-public r-nloptr + (package + (name "r-nloptr") + (version "1.0.4") + (source + (origin + (method url-fetch) + (uri (cran-uri "nloptr" version)) + (sha256 + (base32 + "1cypz91z28vhvwq2rzqjrbdc6a2lvfr2g16vid2sax618q6ai089")))) + (build-system r-build-system) + (native-inputs + `(("pkg-config" ,pkg-config))) + (inputs + `(("nlopt" ,nlopt))) + (home-page "http://cran.r-project.org/web/packages/nloptr") + (synopsis "R interface to NLopt") + (description + "This package is interface to NLopt, a library for nonlinear +optimization. NLopt is a library for nonlinear optimization, providing a +common interface for a number of different free optimization routines +available online as well as original implementations of various other +algorithms.") + (license license:lgpl3))) + +(define-public r-lme4 + (package + (name "r-lme4") + (version "1.1-12") + (source + (origin + (method url-fetch) + (uri (cran-uri "lme4" version)) + (sha256 + (base32 + "0j60l5kgx1wvw2wm3jwfqwi63hammaq8gfcxzwa4h552likvaxi9")))) + (build-system r-build-system) + (native-inputs + `(("r-rcpp" ,r-rcpp) + ("r-rcppeigen" ,r-rcppeigen))) + (propagated-inputs + `(("r-minqa" ,r-minqa) + ("r-nloptr" ,r-nloptr))) + (home-page "http://cran.r-project.org/web/packages/lme4") + (synopsis "Linear mixed-effects models using eigen and S4") + (description + "This package provides fit linear and generalized linear mixed-effects +models. The models and their components are represented using S4 classes and +methods. The core computational algorithms are implemented using the Eigen +C++ library for numerical linear algebra and RcppEigen glue.") + (license license:gpl2+))) + +(define-public r-pbkrtest + (package + (name "r-pbkrtest") + (version "0.4-6") + (source + (origin + (method url-fetch) + (uri (cran-uri "pbkrtest" version)) + (sha256 + (base32 + "00cw18q7wvddzjrbxz917wkix6r7672vi2wmsp4gwgzady8vha4x")))) + (build-system r-build-system) + (propagated-inputs + `(("r-lme4" ,r-lme4))) + (home-page "http://people.math.aau.dk/~sorenh/software/pbkrtest/") + (synopsis "Methods for linear mixed model comparison") + (description + "This package implements a parametric bootstrap test and a Kenward Roger +modification of F-tests for linear mixed effects models and a parametric +bootstrap test for generalized linear mixed models.") + (license license:gpl2+))) + +(define-public r-car + (package + (name "r-car") + (version "2.1-4") + (source + (origin + (method url-fetch) + (uri (cran-uri "car" version)) + (sha256 + (base32 + "0a6v7rsd1xsdyapnfqy37m7c4kx9wslkzsizc9k0lmnba0bwyfgx")))) + (build-system r-build-system) + (propagated-inputs + `(("r-pbkrtest" ,r-pbkrtest) + ("r-quantreg" ,r-quantreg))) + (home-page "https://r-forge.r-project.org/projects/car/") + (synopsis "Companion to applied regression") + (description + "This package provides functions and datasets from book Companion +to Applied regression, Second Edition, Sage, 2011.") + (license license:gpl2+))) + +(define-public r-caret + (package + (name "r-caret") + (version "6.0-73") + (source + (origin + (method url-fetch) + (uri (cran-uri "caret" version)) + (sha256 + (base32 + "1jzaqwv4glyqqnfbpalgajd0ag866247vvdh5i83ffqs1yhs984h")))) + (build-system r-build-system) + (propagated-inputs + `(("r-car" ,r-car) + ("r-foreach" ,r-foreach) + ("r-ggplot2" ,r-ggplot2) + ("r-modelmetrics" ,r-modelmetrics) + ("r-plyr" ,r-plyr) + ("r-reshape2" ,r-reshape2))) + (home-page "https://github.com/topepo/caret") + (synopsis "Classification and regression training") + (description + "This package provides misc functions for training and plotting +classification and regression models.") + (license license:gpl2+))) + +(define-public r-rcppprogress + (package + (name "r-rcppprogress") + (version "0.3") + (source + (origin + (method url-fetch) + (uri (cran-uri "RcppProgress" version)) + (sha256 + (base32 + "0796g11w7iv3ix1wfm3fh09qq7jki4r4cp1mjagq77igri3xrr9x")))) + (properties `((upstream-name . "RcppProgress"))) + (build-system r-build-system) + (propagated-inputs + `(("r-rcpp" ,r-rcpp))) + (home-page "https://github.com/kforner/rcpp_progress") + (synopsis "Interruptible progress bar for C++ in R packages") + (description + "This package allows to display a progress bar in the R console for long running +computations taking place in C++ code, and support for interrupting those computations +even in multithreaded code, typically using OpenMP.") + (license license:gpl3+))) + +(define-public r-mnormt + (package + (name "r-mnormt") + (version "1.5-5") + (source + (origin + (method url-fetch) + (uri (cran-uri "mnormt" version)) + (sha256 + (base32 + "1b34xxrnf35khsx82mhvmk96sgfr2flyasaah7qkb2976pwxay7z")))) + (build-system r-build-system) + (native-inputs + `(("gfortran" ,gfortran))) + (home-page "http://azzalini.stat.unipd.it/SW/Pkg-mnormt") + (synopsis "Multivariate normal and \"t\" distributions") + (description + "This package provides functions for computing the density and the +distribution function of multivariate normal and \"t\" random variables, and +for generating random vectors sampled from these distributions. Probabilities +are computed via non-Monte Carlo methods.") + (license license:gpl2+))) + +(define-public r-numderiv + (package + (name "r-numderiv") + (version "2016.8-1") + (source + (origin + (method url-fetch) + (uri (cran-uri "numDeriv" version)) + (sha256 + (base32 + "07ni52rwiap4wilfz94w5mrqaxr59axxmgn57857ip4p6qkiss0v")))) + (properties `((upstream-name . "numDeriv"))) + (build-system r-build-system) + (home-page "https://cran.r-project.org/web/packages/numDeriv") + (synopsis "Accurate numerical derivatives") + (description + "This package provides methods for calculating accurate numerical +first and second order derivatives.") + (license license:gpl2))) + +(define-public r-sn + (package + (name "r-sn") + (version "1.5-0") + (source + (origin + (method url-fetch) + (uri (cran-uri "sn" version)) + (sha256 + (base32 + "0fh7xjsfd2x8d9lbnss7raldh24b72b3pvcv7zqa1qprzg7zfr01")))) + (build-system r-build-system) + (propagated-inputs + `(("r-mnormt" ,r-mnormt) + ("r-numderiv" ,r-numderiv))) + (home-page "http://azzalini.stat.unipd.it/SN") + (synopsis "The skew-normal and skew-t distributions") + (description + "This packages provides functionalities to build and manipulate +probability distributions of the skew-normal family and some related +ones, notably the skew-t family, and provides related statistical +methods for data fitting and diagnostics, in the univariate and the +multivariate case.") + (license license:gpl2+))) + +(define-public r-tclust + (package + (name "r-tclust") + (version "1.2-3") + (source + (origin + (method url-fetch) + (uri (cran-uri "tclust" version)) + (sha256 + (base32 + "0a1b7yp4l9wf6ic5czizyl2cnxrc1virj0icr8i6m1vv23jd8jfp")))) + (build-system r-build-system) + (propagated-inputs + `(("r-mclust" ,r-mclust) + ("r-mvtnorm" ,r-mvtnorm) + ("r-sn" ,r-sn))) + (home-page "http://cran.r-project.org/web/packages/tclust") + (synopsis "Robust trimmed clustering") + (description + "This package implements different robust clustering +algorithms (@code{tclust}) based on trimming and including some graphical +diagnostic tools (@code{ctlcurves} and @code{DiscrFact}).") + (license license:gpl3))) + +(define-public r-ranger + (package + (name "r-ranger") + (version "0.6.0") + (source + (origin + (method url-fetch) + (uri (cran-uri "ranger" version)) + (sha256 + (base32 + "1fwqwbi0dnla16x6zj14rf95qr5gmilfmlrwnv7s960h4yiw4n97")))) + (build-system r-build-system) + (propagated-inputs + `(("r-rcpp" ,r-rcpp))) + (home-page "https://github.com/imbs-hl/ranger") + (synopsis "Fast implementation of random forests") + (description + "This package provides a fast implementation of Random Forests, +particularly suited for high dimensional data. Ensembles of classification, +regression, survival and probability prediction trees are supported. Data from +genome-wide association studies can be analyzed efficiently.") + (license license:gpl3))) + +(define-public r-tsne + (package + (name "r-tsne") + (version "0.1-3") + (source + (origin + (method url-fetch) + (uri (cran-uri "tsne" version)) + (sha256 + (base32 + "0s8cv2pndkddq62rzlgzgfdjp1vjv5hz5i5957sllnb97vbzbzb6")))) + (build-system r-build-system) + (home-page "https://github.com/jdonaldson/rtsne/") + (synopsis "t-Distributed Stochastic Neighbor Embedding for R") + (description + "This package provides a pure R implementation of the t-SNE algorithm.") + (license license:gpl2+))) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 9f73a7ad59..34ffabb483 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -980,7 +980,7 @@ access to mpv's powerful playback capabilities.") (define-public youtube-dl (package (name "youtube-dl") - (version "2017.03.02") + (version "2017.03.07") (source (origin (method url-fetch) (uri (string-append "https://yt-dl.org/downloads/" @@ -988,7 +988,7 @@ access to mpv's powerful playback capabilities.") version ".tar.gz")) (sha256 (base32 - "0f86qnppxnbh2c8bmpf0c1xhwk5vqjdzz7pqh9sydhscv8r0209g")))) + "19acz9m3gazd1ims4l9a9ni1p7jw8z4y0ncqn99xlx9kna8ryjnv")))) (build-system python-build-system) (arguments ;; The problem here is that the directory for the man page and completion diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index dab30df13d..a0e76d52c4 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -4459,10 +4459,9 @@ functions of Tidy.") (home-page "https://www.hiawatha-webserver.org") (synopsis "Webserver with focus on security") (description - "Hiawatha has been written with security in mind. This resulted in a -highly secure webserver in both code and features. Hiawatha can stop SQL -injections, XSS and CSRF attacks and exploit attempts. Via a specially -crafted monitoring tool, you can keep track of all your webservers.") + "Hiawatha has been written with security in mind. +Features include the ability to stop SQL injections, XSS and CSRF attacks and +exploit attempts.") (license l:gpl2))) (define-public qutebrowser diff --git a/gnu/packages/wget.scm b/gnu/packages/wget.scm index 9ac21b4db1..1c56e14a66 100644 --- a/gnu/packages/wget.scm +++ b/gnu/packages/wget.scm @@ -20,6 +20,7 @@ (define-module (gnu packages wget) #:use-module (guix licenses) + #:use-module (gnu packages) #:use-module (gnu packages libidn) #:use-module (gnu packages python) #:use-module (gnu packages perl) @@ -39,6 +40,7 @@ (method url-fetch) (uri (string-append "mirror://gnu/wget/wget-" version ".tar.xz")) + (patches (search-patches "wget-CVE-2017-6508.patch")) (sha256 (base32 "1ljcfhbkdsd0zjfm520rbl1ai62fc34i7c45sfj244l8f6b0p58c")))) diff --git a/gnu/packages/wine.scm b/gnu/packages/wine.scm index d28e2dd4e4..40e1dd5cfc 100644 --- a/gnu/packages/wine.scm +++ b/gnu/packages/wine.scm @@ -54,15 +54,14 @@ (define-public wine (package (name "wine") - (version "2.0") + (version "2.3") (source (origin (method url-fetch) - (uri (string-append "https://dl.winehq.org/wine/source/" - (version-major+minor version) - "/wine-" version ".tar.bz2")) + (uri (string-append "https://dl.winehq.org/wine/source/2.x" + "/wine-" version ".tar.xz")) (sha256 (base32 - "1ik6q0h3ph3jizmp7bxhf6kcm1pzrdrn2m0yf2x86slv2aigamlp")))) + "0zh6kvs4d6d99x5qgxbb5jq2wilwzifhmib2nhq0g3ychxx5rjdg")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) ("gettext" ,gettext-minimal) diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index 18354271ee..191dc7dd19 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -2392,7 +2392,7 @@ including most mice, keyboards, tablets and touchscreens.") (define-public xf86-input-libinput (package (name "xf86-input-libinput") - (version "0.24.0") + (version "0.25.0") (source (origin (method url-fetch) (uri (string-append @@ -2400,7 +2400,7 @@ including most mice, keyboards, tablets and touchscreens.") name "-" version ".tar.bz2")) (sha256 (base32 - "0a1nn65qq71bbfhxq39zdb4b1h6ickzv98cjdacv4ngd18shgjyx")))) + "0vsmijamfzf6vcljrr0am2qcz33zl2l0lj2mzmbwgrm7ixjx2zxv")))) (build-system gnu-build-system) (arguments '(#:configure-flags @@ -2811,10 +2811,10 @@ X server.") (define-public xf86-video-intel - (let ((commit "e4fe79cf0d9a05ee3f3a027148ef0aeb2b1b34e1")) + (let ((commit "7e9e92c86b0fc4c848d164fe571798add5e1e36e")) (package (name "xf86-video-intel") - (version (string-append "2.99.917-3-" (string-take commit 7))) + (version (string-append "2.99.917-4-" (string-take commit 7))) (source (origin ;; there's no current tarball @@ -2824,7 +2824,7 @@ X server.") (commit commit))) (sha256 (base32 - "0hf3fxv5jchyh820h449c1ld9x19gc8081w1yk98mab6zr89zswp")) + "0igfw8vpz1q0a2526j81fl65z6avfh6lzzrijcs72gwihqqhb1sv")) (file-name (string-append name "-" version)))) (build-system gnu-build-system) (inputs `(("mesa" ,mesa) @@ -2994,7 +2994,7 @@ supported, and the RENDER extension is not accelerated by this driver.") (define-public xf86-video-nouveau (package (name "xf86-video-nouveau") - (version "1.0.13") + (version "1.0.14") (source (origin (method url-fetch) @@ -3004,7 +3004,7 @@ supported, and the RENDER extension is not accelerated by this driver.") ".tar.bz2")) (sha256 (base32 - "1js7vak68g2800f1cy5r41wl5x2j7dbmbd7zxypzfgcw2fx454kd")))) + "1h9izq510m2pvg77d0y9krc0cvvbhp2y3xlrrz6id7y47jdzkpsd")))) (build-system gnu-build-system) (inputs `(("xorg-server" ,xorg-server))) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/services.scm b/gnu/services.scm index 6ac4f1322d..6c88f2621b 100644 --- a/gnu/services.scm +++ b/gnu/services.scm @@ -334,9 +334,11 @@ ACTIVATION-SCRIPT-TYPE." (mlet* %store-monad ((actions (service-activations))) (gexp->file "activate" (with-imported-modules (source-module-closure - '((gnu build activation))) + '((gnu build activation) + (guix build utils))) #~(begin - (use-modules (gnu build activation)) + (use-modules (gnu build activation) + (guix build utils)) ;; Make sure the user accounting database exists. If it ;; does not exist, 'setutxent' does not create it and @@ -345,6 +347,7 @@ ACTIVATION-SCRIPT-TYPE." ;; Same for 'wtmp', which is populated by mingetty et ;; al. + (mkdir-p "/var/log") (close-port (open-file "/var/log/wtmp" "a0")) ;; Set up /run/current-system. Among other things this diff --git a/gnu/services/configuration.scm b/gnu/services/configuration.scm index a98db64fa5..2ad3a637a4 100644 --- a/gnu/services/configuration.scm +++ b/gnu/services/configuration.scm @@ -39,14 +39,6 @@ define-configuration validate-configuration generate-documentation - serialize-field - serialize-string - serialize-name - serialize-space-separated-string-list - space-separated-string-list? - serialize-file-name - file-name? - serialize-boolean serialize-package)) ;;; Commentary: @@ -140,41 +132,9 @@ #,(id #'stem #'stem #'-fields)) conf)))))))) -(define (uglify-field-name field-name) - (let ((str (symbol->string field-name))) - (string-concatenate - (map string-titlecase - (string-split (if (string-suffix? "?" str) - (substring str 0 (1- (string-length str))) - str) - #\-))))) - -(define (serialize-field field-name val) - (format #t "~a ~a\n" (uglify-field-name field-name) val)) - (define (serialize-package field-name val) #f) -(define (serialize-string field-name val) - (serialize-field field-name val)) - -(define (space-separated-string-list? val) - (and (list? val) - (and-map (lambda (x) - (and (string? x) (not (string-index x #\space)))) - val))) -(define (serialize-space-separated-string-list field-name val) - (serialize-field field-name (string-join val " "))) - -(define (file-name? val) - (and (string? val) - (string-prefix? "/" val))) -(define (serialize-file-name field-name val) - (serialize-string field-name val)) - -(define (serialize-boolean field-name val) - (serialize-string field-name (if val "yes" "no"))) - ;; A little helper to make it easier to document all those fields. (define (generate-documentation documentation documentation-name) (define (str x) (object->string x)) diff --git a/gnu/services/cups.scm b/gnu/services/cups.scm index 70b858479a..70a71eff0a 100644 --- a/gnu/services/cups.scm +++ b/gnu/services/cups.scm @@ -57,6 +57,21 @@ (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) +(define (uglify-field-name field-name) + (let ((str (symbol->string field-name))) + (string-concatenate + (map string-titlecase + (string-split (if (string-suffix? "?" str) + (substring str 0 (1- (string-length str))) + str) + #\-))))) + +(define (serialize-field field-name val) + (format #t "~a ~a\n" (uglify-field-name field-name) val)) + +(define (serialize-string field-name val) + (serialize-field field-name val)) + (define (multiline-string-list? val) (and (list? val) (and-map (lambda (x) @@ -65,11 +80,28 @@ (define (serialize-multiline-string-list field-name val) (for-each (lambda (str) (serialize-field field-name str)) val)) +(define (space-separated-string-list? val) + (and (list? val) + (and-map (lambda (x) + (and (string? x) (not (string-index x #\space)))) + val))) +(define (serialize-space-separated-string-list field-name val) + (serialize-field field-name (string-join val " "))) + (define (space-separated-symbol-list? val) (and (list? val) (and-map symbol? val))) (define (serialize-space-separated-symbol-list field-name val) (serialize-field field-name (string-join (map symbol->string val) " "))) +(define (file-name? val) + (and (string? val) + (string-prefix? "/" val))) +(define (serialize-file-name field-name val) + (serialize-string field-name val)) + +(define (serialize-boolean field-name val) + (serialize-string field-name (if val "yes" "no"))) + (define (non-negative-integer? val) (and (exact-integer? val) (not (negative? val)))) (define (serialize-non-negative-integer field-name val) diff --git a/gnu/services/kerberos.scm b/gnu/services/kerberos.scm index cb33a7c53d..f09f47893c 100644 --- a/gnu/services/kerberos.scm +++ b/gnu/services/kerberos.scm @@ -96,6 +96,12 @@ trailing '?' removed." (unless (eq? val unset-field) (serialize-field* field-name (string-join val " ")))) +(define (space-separated-string-list? val) + (and (list? val) + (and-map (lambda (x) + (and (string? x) (not (string-index x #\space)))) + val))) + (define space-separated-string-list/unset? (predicate/unset space-separated-string-list?)) @@ -118,10 +124,19 @@ trailing '?' removed." (lambda (val) (string-prefix? "/" val)))) +(define (serialize-field field-name val) + (format #t "~a ~a\n" (uglify-field-name field-name) val)) + +(define (serialize-string field-name val) + (serialize-field field-name val)) + (define (serialize-file-name field-name val) (unless (eq? val unset-field) (serialize-string field-name val))) +(define (serialize-space-separated-string-list field-name val) + (serialize-field field-name (string-join val " "))) + (define (non-negative-integer? val) (and (exact-integer? val) (not (negative? val)))) diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index 30b1672d33..05978e0068 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 Andy Wingo ;;; Copyright © 2017 Clément Lassieur +;;; Copyright © 2017 Carlo Zancanaro ;;; ;;; This file is part of GNU Guix. ;;; @@ -33,6 +34,7 @@ #:use-module (guix packages) #:use-module (guix gexp) #:use-module (ice-9 match) + #:use-module (ice-9 format) #:export (dovecot-service dovecot-service-type dovecot-configuration @@ -53,7 +55,12 @@ opensmtpd-configuration opensmtpd-configuration? opensmtpd-service-type - %default-opensmtpd-config-file)) + %default-opensmtpd-config-file + + exim-configuration + exim-configuration? + exim-service-type + %default-exim-config-file)) ;;; Commentary: ;;; @@ -62,6 +69,27 @@ ;;; ;;; Code: +(define (uglify-field-name field-name) + (let ((str (symbol->string field-name))) + (string-join (string-split (if (string-suffix? "?" str) + (substring str 0 (1- (string-length str))) + str) + #\-) + "_"))) + +(define (serialize-field field-name val) + (format #t "~a=~a\n" (uglify-field-name field-name) val)) + +(define (serialize-string field-name val) + (serialize-field field-name val)) + +(define (space-separated-string-list? val) + (and (list? val) + (and-map (lambda (x) + (and (string? x) (not (string-index x #\space)))) + val))) +(define (serialize-space-separated-string-list field-name val) + (serialize-field field-name (string-join val " "))) (define (comma-separated-string-list? val) (and (list? val) @@ -71,6 +99,12 @@ (define (serialize-comma-separated-string-list field-name val) (serialize-field field-name (string-join val ","))) +(define (file-name? val) + (and (string? val) + (string-prefix? "/" val))) +(define (serialize-file-name field-name val) + (serialize-string field-name val)) + (define (colon-separated-file-name-list? val) (and (list? val) ;; Trailing slashes not needed and not @@ -78,6 +112,9 @@ (define (serialize-colon-separated-file-name-list field-name val) (serialize-field field-name (string-join val ":"))) +(define (serialize-boolean field-name val) + (serialize-string field-name (if val "yes" "no"))) + (define (non-negative-integer? val) (and (exact-integer? val) (not (negative? val)))) (define (serialize-non-negative-integer field-name val) @@ -158,8 +195,9 @@ (define-configuration unix-listener-configuration (path - (file-name (configuration-missing-field 'unix-listener 'path)) - "The file name on which to listen.") + (string (configuration-missing-field 'unix-listener 'path)) + "Path to the file, relative to @code{base-dir} field. This is also used as +the section name.") (mode (string "0600") "The access mode for the socket.") @@ -177,8 +215,9 @@ (define-configuration fifo-listener-configuration (path - (file-name (configuration-missing-field 'fifo-listener 'path)) - "The file name on which to listen.") + (string (configuration-missing-field 'fifo-listener 'path)) + "Path to the file, relative to @code{base-dir} field. This is also used as +the section name.") (mode (string "0600") "The access mode for the socket.") @@ -1620,3 +1659,96 @@ accept from local for any relay (compose list opensmtpd-configuration-package)) (service-extension shepherd-root-service-type opensmtpd-shepherd-service))))) + + +;;; +;;; Exim. +;;; + +(define-record-type* exim-configuration + make-exim-configuration + exim-configuration? + (package exim-configuration-package ; + (default exim)) + (config-file exim-configuration-config-file ;file-like + (default #f)) + (aliases exim-configuration-aliases ;; list of lists + (default '()))) + +(define %exim-accounts + (list (user-group + (name "exim") + (system? #t)) + (user-account + (name "exim") + (group "exim") + (system? #t) + (comment "Exim Daemon") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (exim-computed-config-file package config-file) + (computed-file "exim.conf" + #~(call-with-output-file #$output + (lambda (port) + (format port " +exim_user = exim +exim_group = exim +.include ~a" + #$(or config-file + (file-append package "/etc/exim.conf"))))))) + +(define exim-shepherd-service + (match-lambda + (($ package config-file aliases) + (list (shepherd-service + (provision '(exim mta)) + (documentation "Run the exim daemon.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + '(#$(file-append package "/bin/exim") + "-bd" "-v" "-C" + #$(exim-computed-config-file package config-file)))) + (stop #~(make-kill-destructor))))))) + +(define exim-activation + (match-lambda + (($ package config-file aliases) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + (let ((uid (passwd:uid (getpw "exim"))) + (gid (group:gid (getgr "exim")))) + (mkdir-p "/var/spool/exim") + (chown "/var/spool/exim" uid gid)) + + (zero? (system* #$(file-append package "/bin/exim") + "-bV" "-C" #$(exim-computed-config-file package config-file)))))))) + +(define exim-etc + (match-lambda + (($ package config-file aliases) + `(("aliases" ,(plain-file "aliases" + ;; Ideally we'd use a format string like + ;; "~:{~a: ~{~a~^,~}\n~}", but it gives a + ;; warning that I can't figure out how to fix, + ;; so we'll just use string-join below instead. + (format #f "~:{~a: ~a\n~}" + (map (lambda (entry) + (list (car entry) + (string-join (cdr entry) ","))) + aliases)))))))) + +(define exim-profile + (compose list exim-configuration-package)) + +(define exim-service-type + (service-type + (name 'exim) + (extensions + (list (service-extension shepherd-root-service-type exim-shepherd-service) + (service-extension account-service-type (const %exim-accounts)) + (service-extension activation-service-type exim-activation) + (service-extension profile-service-type exim-profile) + (service-extension etc-service-type exim-etc))))) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index c1d42e70ce..d8a3ad35ad 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -274,12 +274,14 @@ The other options should be self-descriptive." (default #t)) (public-key-authentication? openssh-configuration-public-key-authentication? (default #t)) ;Boolean - (rsa-authentication? openssh-configuration-rsa-authentication? ;Boolean - (default #t)) (x11-forwarding? openssh-configuration-x11-forwarding? ;Boolean (default #f)) - (protocol-number openssh-configuration-protocol-number ;integer - (default 2))) + (challenge-response-authentication? openssh-challenge-response-authentication? + (default #f)) ;Boolean + (use-pam? openssh-configuration-use-pam? + (default #t)) ;Boolean + (print-last-log? openssh-configuration-print-last-log? + (default #t))) ;Boolean (define %openssh-accounts (list (user-group (name "sshd") (system? #t)) @@ -298,6 +300,14 @@ The other options should be self-descriptive." (mkdir-p "/etc/ssh") (mkdir-p (dirname #$(openssh-configuration-pid-file config))) + (define (touch file-name) + (call-with-output-file file-name (const #t))) + + (let ((lastlog "/var/log/lastlog")) + (when #$(openssh-configuration-print-last-log? config) + (unless (file-exists? lastlog) + (touch lastlog)))) + ;; Generate missing host keys. (system* (string-append #$(openssh-configuration-openssh config) "/bin/ssh-keygen") "-A"))) @@ -309,9 +319,6 @@ The other options should be self-descriptive." #~(call-with-output-file #$output (lambda (port) (display "# Generated by 'openssh-service'.\n" port) - (format port "Protocol ~a\n" - #$(if (eq? (openssh-configuration-protocol-number config) 1) - "1" "2")) (format port "Port ~a\n" #$(number->string (openssh-configuration-port-number config))) (format port "PermitRootLogin ~a\n" @@ -328,14 +335,20 @@ The other options should be self-descriptive." (format port "PubkeyAuthentication ~a\n" #$(if (openssh-configuration-public-key-authentication? config) "yes" "no")) - (format port "RSAAuthentication ~a\n" - #$(if (openssh-configuration-rsa-authentication? config) - "yes" "no")) (format port "X11Forwarding ~a\n" #$(if (openssh-configuration-x11-forwarding? config) "yes" "no")) (format port "PidFile ~a\n" #$(openssh-configuration-pid-file config)) + (format port "ChallengeResponseAuthentication ~a\n" + #$(if (openssh-challenge-response-authentication? config) + "yes" "no")) + (format port "UsePAM ~a\n" + #$(if (openssh-configuration-use-pam? config) + "yes" "no")) + (format port "PrintLastLog ~a\n" + #$(if (openssh-configuration-print-last-log? config) + "yes" "no")) #t)))) (define (openssh-shepherd-service config) @@ -356,11 +369,20 @@ The other options should be self-descriptive." #:pid-file #$pid-file)) (stop #~(make-kill-destructor))))) +(define (openssh-pam-services config) + "Return a list of for sshd with CONFIG." + (list (unix-pam-service + "sshd" + #:allow-empty-passwords? + (openssh-configuration-allow-empty-passwords? config)))) + (define openssh-service-type (service-type (name 'openssh) (extensions (list (service-extension shepherd-root-service-type openssh-shepherd-service) + (service-extension pam-root-service-type + openssh-pam-services) (service-extension activation-service-type openssh-activation) (service-extension account-service-type diff --git a/gnu/system.scm b/gnu/system.scm index c8d4d014ed..0f52351cf0 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -652,8 +652,8 @@ hardware-related operations as necessary when booting a Linux container." (define (operating-system-root-file-system os) "Return the root file system of OS." (find (match-lambda - (($ _ _ "/") #t) - (_ #f)) + (($ device title "/") #t) + (x #f)) (operating-system-file-systems os))) (define (operating-system-initrd-file os) diff --git a/gnu/system/install.scm b/gnu/system/install.scm index 3ec343570a..191ccf1680 100644 --- a/gnu/system/install.scm +++ b/gnu/system/install.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016 Ludovic Courtès +;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Andreas Enge ;;; @@ -24,7 +24,6 @@ #:use-module (guix store) #:use-module (guix monads) #:use-module ((guix store) #:select (%store-prefix)) - #:use-module (guix profiles) #:use-module (gnu services shepherd) #:use-module (gnu packages admin) #:use-module (gnu packages bash) @@ -38,8 +37,7 @@ #:use-module (gnu packages nvi) #:use-module (ice-9 match) #:use-module (srfi srfi-26) - #:export (self-contained-tarball - installation-os)) + #:export (installation-os)) ;;; Commentary: ;;; @@ -48,63 +46,6 @@ ;;; ;;; Code: - -(define* (self-contained-tarball #:key (guix guix)) - "Return a self-contained tarball containing a store initialized with the -closure of GUIX. The tarball contains /gnu/store, /var/guix, and a profile -under /root/.guix-profile where GUIX is installed." - (mlet %store-monad ((profile (profile-derivation - (manifest - (list (package->manifest-entry guix)))))) - (define build - (with-imported-modules '((guix build utils) - (guix build store-copy) - (gnu build install)) - #~(begin - (use-modules (guix build utils) - (gnu build install)) - - (define %root "root") - - (setenv "PATH" - (string-append #$guix "/sbin:" #$tar "/bin:" #$xz "/bin")) - - ;; Note: there is not much to gain here with deduplication and - ;; there is the overhead of the '.links' directory, so turn it - ;; off. - (populate-single-profile-directory %root - #:profile #$profile - #:closure "profile" - #:deduplicate? #f) - - ;; Create the tarball. Use GNU format so there's no file name - ;; length limitation. - (with-directory-excursion %root - (zero? (system* "tar" "--xz" "--format=gnu" - - ;; Avoid non-determinism in the archive. Use - ;; mtime = 1, not zero, because that is what the - ;; daemon does for files in the store (see the - ;; 'mtimeStore' constant in local-store.cc.) - "--sort=name" - "--mtime=@1" ;for files in /var/guix - "--owner=root:0" - "--group=root:0" - - "--check-links" - "-cvf" #$output - ;; Avoid adding / and /var to the tarball, so - ;; that the ownership and permissions of those - ;; directories will not be overwritten when - ;; extracting the archive. Do not include /root - ;; because the root account might have a - ;; different home directory. - "./var/guix" - (string-append "." (%store-directory)))))))) - - (gexp->derivation "guix-tarball.tar.xz" build - #:references-graphs `(("profile" ,profile))))) - (define (log-to-info) "Return a script that spawns the Info reader on the right section of the diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm index 4a753cdadb..81c1278c0c 100644 --- a/gnu/system/linux-initrd.scm +++ b/gnu/system/linux-initrd.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès ;;; Copyright © 2016 Mark H Weaver ;;; Copyright © 2016 Jan Nieuwenhuizen +;;; Copyright © 2017 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -41,6 +42,7 @@ #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:export (expression->initrd + raw-initrd base-initrd)) @@ -131,13 +133,79 @@ MODULES and taken from LINUX." (gexp->derivation "linux-modules" build-exp)) +(define* (raw-initrd file-systems + #:key + (linux linux-libre) + (linux-modules '()) + (mapped-devices '()) + (helper-packages '()) + qemu-networking? + volatile-root?) + "Return a monadic derivation that builds a raw initrd, with kernel +modules taken from LINUX. FILE-SYSTEMS is a list of file-systems to be +mounted by the initrd, possibly in addition to the root file system specified +on the kernel command line via '--root'. LINUX-MODULES is a list of kernel +modules to be loaded at boot time. MAPPED-DEVICES is a list of device +mappings to realize before FILE-SYSTEMS are mounted. +HELPER-PACKAGES is a list of packages to be copied in the initrd. It may include +e2fsck/static or other packages needed by the initrd to check root partition. + +When QEMU-NETWORKING? is true, set up networking with the standard QEMU +parameters. +When VOLATILE-ROOT? is true, the root file system is writable but any changes +to it are lost." + (define device-mapping-commands + ;; List of gexps to open the mapped devices. + (map (lambda (md) + (let* ((source (mapped-device-source md)) + (target (mapped-device-target md)) + (type (mapped-device-type md)) + (open (mapped-device-kind-open type))) + (open source target))) + mapped-devices)) + + (mlet %store-monad ((kodir (flat-linux-module-directory linux + linux-modules))) + (expression->initrd + (with-imported-modules (source-module-closure + '((gnu build linux-boot) + (guix build utils) + (guix build bournish) + (gnu build file-systems))) + #~(begin + (use-modules (gnu build linux-boot) + (guix build utils) + (guix build bournish) ;add the 'bournish' meta-command + (srfi srfi-26) + + ;; FIXME: The following modules are for + ;; LUKS-DEVICE-MAPPING. We should instead propagate + ;; this info via gexps. + ((gnu build file-systems) + #:select (find-partition-by-luks-uuid)) + (rnrs bytevectors)) + + (with-output-to-port (%make-void-port "w") + (lambda () + (set-path-environment-variable "PATH" '("bin" "sbin") + '#$helper-packages))) + + (boot-system #:mounts '#$(map file-system->spec file-systems) + #:pre-mount (lambda () + (and #$@device-mapping-commands)) + #:linux-modules '#$linux-modules + #:linux-module-directory '#$kodir + #:qemu-guest-networking? #$qemu-networking? + #:volatile-root? '#$volatile-root?))) + #:name "raw-initrd"))) + (define* (base-initrd file-systems #:key (linux linux-libre) (mapped-devices '()) qemu-networking? - (virtio? #t) volatile-root? + (virtio? #t) (extra-modules '())) "Return a monadic derivation that builds a generic initrd, with kernel modules taken from LINUX. FILE-SYSTEMS is a list of file-systems to be @@ -145,14 +213,12 @@ mounted by the initrd, possibly in addition to the root file system specified on the kernel command line via '--root'. MAPPED-DEVICES is a list of device mappings to realize before FILE-SYSTEMS are mounted. -When QEMU-NETWORKING? is true, set up networking with the standard QEMU -parameters. When VIRTIO? is true, load additional modules so the initrd can +QEMU-NETWORKING? and VOLATILE-ROOT? behaves as in raw-initrd. + +When VIRTIO? is true, load additional modules so the initrd can be used as a QEMU guest with the root file system on a para-virtualized block device. -When VOLATILE-ROOT? is true, the root file system is writable but any changes -to it are lost. - The initrd is automatically populated with all the kernel modules necessary for FILE-SYSTEMS and for the given options. However, additional kernel modules can be listed in EXTRA-MODULES. They will be added to the initrd, and @@ -224,49 +290,12 @@ loaded at boot time in the order in which they appear." (list unionfs-fuse/static) '()))) - (define device-mapping-commands - ;; List of gexps to open the mapped devices. - (map (lambda (md) - (let* ((source (mapped-device-source md)) - (target (mapped-device-target md)) - (type (mapped-device-type md)) - (open (mapped-device-kind-open type))) - (open source target))) - mapped-devices)) - - (mlet %store-monad ((kodir (flat-linux-module-directory linux - linux-modules))) - (expression->initrd - (with-imported-modules (source-module-closure - '((gnu build linux-boot) - (guix build utils) - (guix build bournish) - (gnu build file-systems))) - #~(begin - (use-modules (gnu build linux-boot) - (guix build utils) - (guix build bournish) ;add the 'bournish' meta-command - (srfi srfi-26) - - ;; FIXME: The following modules are for - ;; LUKS-DEVICE-MAPPING. We should instead propagate - ;; this info via gexps. - ((gnu build file-systems) - #:select (find-partition-by-luks-uuid)) - (rnrs bytevectors)) - - (with-output-to-port (%make-void-port "w") - (lambda () - (set-path-environment-variable "PATH" '("bin" "sbin") - '#$helper-packages))) - - (boot-system #:mounts '#$(map file-system->spec file-systems) - #:pre-mount (lambda () - (and #$@device-mapping-commands)) - #:linux-modules '#$linux-modules - #:linux-module-directory '#$kodir - #:qemu-guest-networking? #$qemu-networking? - #:volatile-root? '#$volatile-root?))) - #:name "base-initrd"))) + (raw-initrd file-systems + #:linux linux + #:linux-modules linux-modules + #:mapped-devices mapped-devices + #:helper-packages helper-packages + #:qemu-networking? qemu-networking? + #:volatile-root? volatile-root?)) ;;; linux-initrd.scm ends here diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index b68c48a05a..58c23f2844 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -1346,12 +1346,12 @@ given an integer, returns the list of names of the constants that are or'd." (begin (define-syntax constructor (syntax-rules (names ...) + ((_) 0) ((_ names) values) ... - ((_ several (... ...)) - (logior (constructor several) (... ...))))) + ((_ first rest (... ...)) + (logior (constructor first) rest (... ...))))) (define (bits->symbols bits) - (bits->symbols-body bits (names ...) (values ...))) - (define names values) ...)))) + (bits->symbols-body bits (names ...) (values ...))))))) ;; 'local-flags' bits from (define-bits local-flags diff --git a/guix/scripts/pack.scm b/guix/scripts/pack.scm new file mode 100644 index 0000000000..e8f3d800a8 --- /dev/null +++ b/guix/scripts/pack.scm @@ -0,0 +1,229 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2015, 2017 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (guix scripts pack) + #:use-module (guix scripts) + #:use-module (guix ui) + #:use-module (guix gexp) + #:use-module (guix utils) + #:use-module (guix store) + #:use-module (guix grafts) + #:use-module (guix monads) + #:use-module (guix packages) + #:use-module (guix profiles) + #:use-module (guix derivations) + #:use-module (guix scripts build) + #:use-module (gnu packages) + #:use-module (gnu packages compression) + #:autoload (gnu packages base) (tar) + #:autoload (gnu packages package-management) (guix) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-9) + #:use-module (srfi srfi-37) + #:use-module (ice-9 match) + #:export (compressor? + lookup-compressor + self-contained-tarball + guix-pack)) + +;; Type of a compression tool. +(define-record-type + (compressor name package extension tar-option) + compressor? + (name compressor-name) ;string (e.g., "gzip") + (package compressor-package) ;package + (extension compressor-extension) ;string (e.g., "lz") + (tar-option compressor-tar-option)) ;string (e.g., "--lzip") + +(define %compressors + ;; Available compression tools. + ;; FIXME: Use '--no-name' for gzip. + (list (compressor "gzip" gzip "gz" "--gzip") + (compressor "lzip" lzip "lz" "--lzip") + (compressor "xz" xz "xz" "--xz") + (compressor "bzip2" bzip2 "bz2" "--bzip2"))) + +(define (lookup-compressor name) + "Return the compressor object called NAME. Error out if it could not be +found." + (or (find (match-lambda + (($ name*) + (string=? name* name))) + %compressors) + (leave (_ "~a: compressor not found~%") name))) + +(define* (self-contained-tarball name profile + #:key deduplicate? + (compressor (first %compressors))) + "Return a self-contained tarball containing a store initialized with the +closure of PROFILE, a derivation. The tarball contains /gnu/store, /var/guix, +and PROFILE is available as /root/.guix-profile." + (define build + (with-imported-modules '((guix build utils) + (guix build store-copy) + (gnu build install)) + #~(begin + (use-modules (guix build utils) + (gnu build install)) + + (define %root "root") + + ;; We need Guix here for 'guix-register'. + (setenv "PATH" + (string-append #$guix "/sbin:" #$tar "/bin:" + #$(compressor-package compressor) "/bin")) + + ;; Note: there is not much to gain here with deduplication and + ;; there is the overhead of the '.links' directory, so turn it + ;; off. + (populate-single-profile-directory %root + #:profile #$profile + #:closure "profile" + #:deduplicate? #f) + + ;; Create the tarball. Use GNU format so there's no file name + ;; length limitation. + (with-directory-excursion %root + (zero? (system* "tar" #$(compressor-tar-option compressor) + "--format=gnu" + + ;; Avoid non-determinism in the archive. Use + ;; mtime = 1, not zero, because that is what the + ;; daemon does for files in the store (see the + ;; 'mtimeStore' constant in local-store.cc.) + "--sort=name" + "--mtime=@1" ;for files in /var/guix + "--owner=root:0" + "--group=root:0" + + "--check-links" + "-cvf" #$output + ;; Avoid adding / and /var to the tarball, so + ;; that the ownership and permissions of those + ;; directories will not be overwritten when + ;; extracting the archive. Do not include /root + ;; because the root account might have a + ;; different home directory. + "./var/guix" + (string-append "." (%store-directory)))))))) + + (gexp->derivation (string-append name ".tar." + (compressor-extension compressor)) + build + #:references-graphs `(("profile" ,profile)))) + + + +;;; +;;; Command-line options. +;;; + +(define %default-options + ;; Alist of default option values. + `((system . ,(%current-system)) + (substitutes? . #t) + (graft? . #t) + (max-silent-time . 3600) + (verbosity . 0) + (compressor . ,(first %compressors)))) + +(define %options + ;; Specifications of the command-line options. + (cons* (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix pack"))) + + (option '(#\n "dry-run") #f #f + (lambda (opt name arg result) + (alist-cons 'dry-run? #t (alist-cons 'graft? #f result)))) + (option '(#\s "system") #t #f + (lambda (opt name arg result) + (alist-cons 'system arg + (alist-delete 'system result eq?)))) + (option '(#\C "compression") #t #f + (lambda (opt name arg result) + (alist-cons 'compressor (lookup-compressor arg) + result))) + + (append %transformation-options + %standard-build-options))) + +(define (show-help) + (display (_ "Usage: guix pack [OPTION]... PACKAGE... +Create a bundle of PACKAGE.\n")) + (show-build-options-help) + (newline) + (show-transformation-options-help) + (newline) + (display (_ " + -s, --system=SYSTEM attempt to build for SYSTEM--e.g., \"i686-linux\"")) + (display (_ " + -C, --compression=TOOL compress using TOOL--e.g., \"lzip\"")) + (newline) + (display (_ " + -h, --help display this help and exit")) + (display (_ " + -V, --version display version information and exit")) + (newline) + (show-bug-report-information)) + + +;;; +;;; Entry point. +;;; + +(define (guix-pack . args) + (define opts + (parse-command-line args %options (list %default-options))) + + (with-error-handling + (parameterize ((%graft? (assoc-ref opts 'graft?))) + (let* ((dry-run? (assoc-ref opts 'dry-run?)) + (specs (filter-map (match-lambda + (('argument . name) + name) + (x #f)) + opts)) + (packages (map (lambda (spec) + (call-with-values + (lambda () + (specification->package+output spec)) + list)) + specs)) + (compressor (assoc-ref opts 'compressor))) + (with-store store + (run-with-store store + (mlet* %store-monad ((profile (profile-derivation + (packages->manifest packages))) + (drv (self-contained-tarball "pack" profile + #:compressor + compressor))) + (mbegin %store-monad + (show-what-to-build* (list drv) + #:use-substitutes? + (assoc-ref opts 'substitutes?) + #:dry-run? dry-run?) + (munless dry-run? + (built-derivations (list drv)) + (return (format #t "~a~%" + (derivation->output-path drv)))))) + #:system (assoc-ref opts 'system))))))) diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index a4824e4fd7..8e31ad620c 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès +;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -29,10 +30,13 @@ #:use-module (guix monads) #:use-module ((guix build utils) #:select (with-directory-excursion delete-file-recursively)) + #:use-module ((guix build download) + #:select (%x509-certificate-directory)) #:use-module (gnu packages base) #:use-module (gnu packages guile) #:use-module ((gnu packages bootstrap) #:select (%bootstrap-guile)) + #:use-module ((gnu packages certs) #:select (le-certs)) #:use-module (gnu packages compression) #:use-module (gnu packages gnupg) #:use-module (srfi srfi-1) @@ -45,7 +49,7 @@ (define %snapshot-url ;; "http://hydra.gnu.org/job/guix/master/tarball/latest/download" - "http://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz" + "https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz" ) (define-syntax-rule (with-environment-variable variable value body ...) @@ -221,11 +225,25 @@ contained therein." (leave (_ "~A: unexpected argument~%") arg)) %default-options)) + (define (use-le-certs? url) + (string-prefix? "https://git.savannah.gnu.org/" url)) + + (define (fetch-tarball store url) + (download-to-store store url "guix-latest.tar.gz")) + (with-error-handling (let* ((opts (parse-options)) (store (open-connection)) (url (assoc-ref opts 'tarball-url))) - (let ((tarball (download-to-store store url "guix-latest.tar.gz"))) + (let ((tarball + (if (use-le-certs? url) + (let* ((drv (package-derivation store le-certs)) + (certs (string-append (derivation->output-path drv) + "/etc/ssl/certs"))) + (build-derivations store (list drv)) + (parameterize ((%x509-certificate-directory certs)) + (fetch-tarball store url))) + (fetch-tarball store url)))) (unless tarball (leave (_ "failed to download up-to-date source, exiting\n"))) (parameterize ((%guile-for-build