nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into core-updates

master
Mark H Weaver 2018-03-17 01:18:37 -04:00
parent 2857e527de 9f375a4c0f
commit 9f388b1ee1
No known key found for this signature in database
GPG Key ID: 7CEF29847562C516
47 changed files with 1390 additions and 285 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/guix.texi
View File

@ -20458,6 +20458,16 @@ of the image size as a function of the size of the system declared in
Make @var{file} a symlink to the result, and register it as a garbage
collector root.
@item --skip-checks
Skip pre-installation safety checks.
By default, @command{guix system init} and @command{guix system
reconfigure} perform safety checks: they make sure the file systems that
appear in the @code{operating-system} declaration actually exist
(@pxref{File Systems}), and that any Linux kernel modules that may be
needed at boot time are listed in @code{initrd-modules} (@pxref{Initial
RAM Disk}). Passing this option skips these tests altogether.
@item --on-error=@var{strategy}
Apply @var{strategy} when an error occurs when reading @var{file}.
@var{strategy} may be one of the following:

103
gnu/build/vm.scm
View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
@ -121,10 +121,8 @@ the #:references-graphs parameter of 'derivation'."
(format #t "creating ~a image of ~,2f MiB...~%"
disk-image-format (/ disk-image-size (expt 2 20)))
(force-output)
(unless (zero? (system* "qemu-img" "create" "-f" disk-image-format
output
(number->string disk-image-size)))
(error "qemu-img failed")))
(invoke "qemu-img" "create" "-f" disk-image-format output
(number->string disk-image-size)))
(mkdir "xchg")
@ -136,31 +134,27 @@ the #:references-graphs parameter of 'derivation'."
graph-files))
(_ #f))
(unless (zero?
(apply system* qemu "-nographic" "-no-reboot"
"-m" (number->string memory-size)
"-object" "rng-random,filename=/dev/urandom,id=guixsd-vm-rng"
"-device" "virtio-rng-pci,rng=guixsd-vm-rng"
"-virtfs"
(string-append "local,id=store_dev,path="
(%store-directory)
",security_model=none,mount_tag=store")
"-virtfs"
(string-append "local,id=xchg_dev,path=xchg"
",security_model=none,mount_tag=xchg")
"-kernel" linux
"-initrd" initrd
"-append" (string-append "console=ttyS0 --load="
builder)
(append
(if make-disk-image?
`("-device" "virtio-blk,drive=myhd"
"-drive" ,(string-append "if=none,file=" output
",format=" disk-image-format
",id=myhd"))
'())
arch-specific-flags)))
(error "qemu failed" qemu))
(apply invoke qemu "-nographic" "-no-reboot"
"-m" (number->string memory-size)
"-object" "rng-random,filename=/dev/urandom,id=guixsd-vm-rng"
"-device" "virtio-rng-pci,rng=guixsd-vm-rng"
"-virtfs"
(string-append "local,id=store_dev,path="
(%store-directory)
",security_model=none,mount_tag=store")
"-virtfs"
(string-append "local,id=xchg_dev,path=xchg"
",security_model=none,mount_tag=xchg")
"-kernel" linux
"-initrd" initrd
(append
(if make-disk-image?
`("-device" "virtio-blk,drive=myhd"
"-drive" ,(string-append "if=none,file=" output
",format=" disk-image-format
",id=myhd"))
'())
arch-specific-flags))
;; When MAKE-DISK-IMAGE? is true, the image is in OUTPUT already.
(unless make-disk-image?
@ -240,10 +234,9 @@ actual /dev name based on DEVICE."
partition-size)
partitions)
", "))
(unless (zero? (apply system* "parted" "--script"
device "mklabel" label-type
(options partitions offset)))
(error "failed to create partition table"))
(apply invoke "parted" "--script"
device "mklabel" label-type
(options partitions offset))
;; Set the 'device' field of each partition.
(reverse
@ -265,15 +258,14 @@ actual /dev name based on DEVICE."
"Create an ext-family file system of TYPE on PARTITION. If LABEL is true,
use that as the volume name. If UUID is true, use it as the partition UUID."
(format #t "creating ~a partition...\n" type)
(unless (zero? (apply system* (string-append "mkfs." type)
"-F" partition
`(,@(if label
`("-L" ,label)
'())
,@(if uuid
`("-U" ,(uuid->string uuid))
'()))))
(error "failed to create partition")))
(apply invoke (string-append "mkfs." type)
"-F" partition
`(,@(if label
`("-L" ,label)
'())
,@(if uuid
`("-U" ,(uuid->string uuid))
'()))))
(define* (create-fat-file-system partition
#:key label uuid)
@ -282,11 +274,8 @@ will be determined based on file system size. If LABEL is true, use that as the
volume name."
;; FIXME: UUID is ignored!
(format #t "creating FAT partition...\n")
(unless (zero? (apply system* "mkfs.fat" partition
(if label
`("-n" ,label)
'())))
(error "failed to create FAT partition")))
(apply invoke "mkfs.fat" partition
(if label `("-n" ,label) '())))
(define* (format-partition partition type
#:key label uuid)
@ -388,12 +377,11 @@ SYSTEM-DIRECTORY is the name of the directory of the 'system' derivation."
(setenv "TMPDIR" esp)
(mkdir-p efi-directory)
(unless (zero? (system* grub-mkstandalone "-O" (car efi-targets)
"-o" (string-append efi-directory "/"
(cdr efi-targets))
;; Graft the configuration file onto the image.
(string-append "boot/grub/grub.cfg=" config-file)))
(error "failed to create GRUB EFI image"))))
(invoke grub-mkstandalone "-O" (car efi-targets)
"-o" (string-append efi-directory "/"
(cdr efi-targets))
;; Graft the configuration file onto the image.
(string-append "boot/grub/grub.cfg=" config-file))))
(define* (make-iso9660-image grub config-file os-drv target
#:key (volume-id "GuixSD_image") (volume-uuid #f)
@ -416,8 +404,8 @@ GRUB configuration and OS-DRV as the stuff in it."
#:deduplicate? #f))
closures))
(unless (zero? (apply system*
`(,grub-mkrescue "-o" ,target
(apply invoke
`(,grub-mkrescue "-o" ,target
,(string-append "boot/grub/grub.cfg=" config-file)
,(string-append "gnu/store=" os-drv "/..")
"etc=/tmp/root/etc"
@ -435,8 +423,7 @@ GRUB configuration and OS-DRV as the stuff in it."
(not (char=? #\- value)))
(iso9660-uuid->string
volume-uuid)))
`()))))
(error "failed to create ISO9660 image"))))
`())))))
(define* (initialize-hard-disk device
#:key

2
gnu/local.mk
View File

@ -1073,6 +1073,7 @@ dist_patch_DATA = \
%D%/packages/patches/scotch-test-threading.patch \
%D%/packages/patches/sdl-libx11-1.6.patch \
%D%/packages/patches/seq24-rename-mutex.patch \
%D%/packages/patches/shadow-CVE-2018-7169.patch \
%D%/packages/patches/shepherd-close-fds.patch \
%D%/packages/patches/shepherd-herd-status-sorted.patch \
%D%/packages/patches/shishi-fix-libgcrypt-detection.patch \
@ -1125,6 +1126,7 @@ dist_patch_DATA = \
%D%/packages/patches/unzip-overflow-long-fsize.patch \
%D%/packages/patches/unzip-remove-build-date.patch \
%D%/packages/patches/ustr-fix-build-with-gcc-5.patch \
%D%/packages/patches/util-linux-CVE-2018-7738.patch \
%D%/packages/patches/util-linux-tests.patch \
%D%/packages/patches/upower-builddir.patch \
%D%/packages/patches/valgrind-enable-arm.patch \

40
gnu/packages/ada.scm
View File

@ -59,3 +59,43 @@ specification in our Python DSL and Langkit will generate for you an
Ada library with bindings for the C and Python programming languages.")
(home-page "https://github.com/AdaCore/langkit/")
(license license:gpl3+)))) ; and gcc runtime library exception
(define-public python2-libadalang
(let ((commit "9b205e9bacdd50a68117727332e16fbef5f6ac49")
(revision "0"))
(package
(name "python2-libadalang")
(version (git-version "0.0.0" revision commit))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/AdaCore/libadalang.git")
(commit commit)))
(sha256
(base32
"06hsnzj2syqpq2yhg1bb0zil7ydbyqkdmkjbf8j9b5sdgkyh5xrp"))
(file-name (string-append name "-" version "-checkout"))))
(build-system python-build-system)
(native-inputs
`(("python2-langkit" ,python2-langkit)
("python2-quex" ,python2-quex-0.67.3)))
(arguments
`(#:python ,python-2
#:phases
(modify-phases %standard-phases
(replace 'build
(lambda _
(invoke "python2" "ada/manage.py" "generate")
(invoke "python2" "ada/manage.py" "build")))
(replace 'check
(lambda _
(invoke "python2" "ada/manage.py" "test")))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out")))
(invoke "python2" "ada/manage.py" "install" out)))))))
(synopsis "Semantic Analysis for Ada in Python")
(description "@code{libadalang} provides a high-performance semantic
engine for the Ada programming language.")
(home-page "https://github.com/AdaCore/libadalang")
(license license:gpl3)))) ; and gcc runtime gcc lib exception

13
gnu/packages/admin.scm
View File

@ -360,6 +360,7 @@ hostname.")
(uri (string-append
"https://github.com/shadow-maint/shadow/releases/"
"download/" version "/shadow-" version ".tar.xz"))
(patches (search-patches "shadow-CVE-2018-7169.patch"))
(sha256
(base32
"0hdpai78n63l3v3fgr3kkiqzhd0awrpfnnzz4mf7lmxdh61qb37w"))))
@ -1209,7 +1210,7 @@ module slots, and the list of I/O ports (e.g. serial, parallel, USB).")
(define-public acpica
(package
(name "acpica")
(version "20180209")
(version "20180313")
(source (origin
(method url-fetch)
(uri (string-append
@ -1217,7 +1218,7 @@ module slots, and the list of I/O ports (e.g. serial, parallel, USB).")
version ".tar.gz"))
(sha256
(base32
"04hyc5s9iiyiznvspx7q73r6ns98d51wrv8zfvqbqv52gqq8hzdh"))))
"16galaadmr37q2pvk2gyxrm8d1xldzk31djfxfq9v1c9yq4i425h"))))
(build-system gnu-build-system)
(native-inputs `(("flex" ,flex)
("bison" ,bison)))
@ -2208,7 +2209,7 @@ buffers.")
(define-public intel-gpu-tools
(package
(name "intel-gpu-tools")
(version "1.21")
(version "1.22")
(source (origin
(method url-fetch)
(uri (string-append "https://cgit.freedesktop.org/xorg/app/"
@ -2216,7 +2217,7 @@ buffers.")
"intel-gpu-tools-" version ".tar.gz"))
(sha256
(base32
"1xfy4cgimyyn5qixlrfkadgnl9qwbk30vw8k80g8vjnrcc4hx986"))))
"1jx5w5fr6jp67rcrlp5v79cn8kp9n0wgd5pbfgzamlah5cx6j3yd"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; many of the tests try to load kernel modules
@ -2228,7 +2229,8 @@ buffers.")
(setenv "NOCONFIGURE" "1")
(invoke "sh" "autogen.sh"))))))
(inputs
`(("util-macros" ,util-macros)
`(("eudev" ,eudev)
("util-macros" ,util-macros)
("libdrm" ,libdrm)
("libpciaccess" ,libpciaccess)
("kmod" ,kmod)
@ -2252,6 +2254,7 @@ changes, and many require complicated build procedures or specific testing
environments to get useful results. Therefore, Intel GPU Tools includes
low-level tools and tests specifically for development and testing of the
Intel DRM Driver.")
(supported-systems '("i686-linux" "x86_64-linux"))
(license license:expat)))
(define-public fabric

4
gnu/packages/autotools.scm
View File

@ -205,7 +205,7 @@ exec ~a --no-auto-compile \"$0\" \"$@\"
(define-public autoconf-archive
(package
(name "autoconf-archive")
(version "2017.09.28")
(version "2018.03.13")
(source
(origin
(method url-fetch)
@ -213,7 +213,7 @@ exec ~a --no-auto-compile \"$0\" \"$@\"
version ".tar.xz"))
(sha256
(base32
"00gsh9hkrgg291my98plkrwlcpxkfrpq64pglf18kciqbf2bb7sw"))))
"0ng1lvpijf3kv7w7nb1shqs23vp0398yicyvkf9lsk56kw6zjxb1"))))
(build-system gnu-build-system)
(home-page "https://www.gnu.org/software/autoconf-archive/")
(synopsis "Collection of freely reusable Autoconf macros")

152
gnu/packages/bioinformatics.scm
View File

@ -9,6 +9,7 @@
;;; Copyright © 2016, 2018 Raoul Bonnal <ilpuccio.febo@gmail.com>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -12685,6 +12686,13 @@ once. This package provides tools to perform Drop-seq analyses.")
`(#:parallel-tests? #f ; not supported
#:phases
(modify-phases %standard-phases
;; "test.sh" runs STAR, which requires excessive amounts of memory.
(add-after 'unpack 'disable-resource-intensive-test
(lambda _
(substitute* "Makefile.in"
(("(^ tests/test_trim_galore/test.sh).*" _ m) m)
(("^ test.sh") ""))
#t))
(add-after 'install 'wrap-executable
;; Make sure the executable finds all R modules.
(lambda* (#:key inputs outputs #:allow-other-keys)
@ -12864,3 +12872,147 @@ data of bisulfite experiments; it produces reports on aggregate methylation
and coverage and can be used to produce information on differential
methylation and segmentation.")
(license license:gpl3+)))
(define-public pigx-scrnaseq
(package
(name "pigx-scrnaseq")
(version "0.0.2")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/BIMSBbioinfo/pigx_scrnaseq/"
"releases/download/v" version
"/pigx_scrnaseq-" version ".tar.gz"))
(sha256
(base32
"03gwp83823ji59y6nvyz89i4yd3faaqpc3791qia71i91470vfsg"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
(list (string-append "PICARDJAR=" (assoc-ref %build-inputs "java-picard")
"/share/java/picard.jar")
(string-append "DROPSEQJAR=" (assoc-ref %build-inputs "dropseq-tools")
"/share/java/dropseq.jar"))
#:phases
(modify-phases %standard-phases
(add-after 'install 'wrap-executable
;; Make sure the executable finds all R modules.
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(wrap-program (string-append out "/bin/pigx-scrnaseq")
`("R_LIBS_SITE" ":" = (,(getenv "R_LIBS_SITE")))
`("PYTHONPATH" ":" = (,(getenv "PYTHONPATH")))))
#t)))))
(inputs
`(("dropseq-tools" ,dropseq-tools)
("fastqc" ,fastqc)
("java-picard" ,java-picard)
("java" ,icedtea-8)
("python-wrapper" ,python-wrapper)
("python-pyyaml" ,python-pyyaml)
("python-pandas" ,python-pandas)
("python-numpy" ,python-numpy)
("python-loompy" ,python-loompy)
("ghc-pandoc" ,ghc-pandoc)
("ghc-pandoc-citeproc" ,ghc-pandoc-citeproc)
("snakemake" ,snakemake)
("star" ,star)
("r-minimal" ,r-minimal)
("r-argparser" ,r-argparser)
("r-cowplot" ,r-cowplot)
("r-data-table" ,r-data-table)
("r-delayedarray" ,r-delayedarray)
("r-delayedmatrixstats" ,r-delayedmatrixstats)
("r-dplyr" ,r-dplyr)
("r-dropbead" ,r-dropbead)
("r-dt" ,r-dt)
("r-genomicalignments" ,r-genomicalignments)
("r-genomicfiles" ,r-genomicfiles)
("r-genomicranges" ,r-genomicranges)
("r-ggplot2" ,r-ggplot2)
("r-hdf5array" ,r-hdf5array)
("r-pheatmap" ,r-pheatmap)
("r-rmarkdown" ,r-rmarkdown)
("r-rsamtools" ,r-rsamtools)
("r-rtracklayer" ,r-rtracklayer)
("r-rtsne" ,r-rtsne)
("r-scater" ,r-scater)
("r-scran" ,r-scran)
("r-singlecellexperiment" ,r-singlecellexperiment)
("r-stringr" ,r-stringr)
("r-yaml" ,r-yaml)))
(home-page "http://bioinformatics.mdc-berlin.de/pigx/")
(synopsis "Analysis pipeline for single-cell RNA sequencing experiments")
(description "PiGX scRNAseq is an analysis pipeline for preprocessing and
quality control for single cell RNA sequencing experiments. The inputs are
read files from the sequencing experiment, and a configuration file which
describes the experiment. It produces processed files for downstream analysis
and interactive quality reports. The pipeline is designed to work with UMI
based methods.")
(license license:gpl3+)))
(define-public pigx
(package
(name "pigx")
(version "0.0.1")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/BIMSBbioinfo/pigx/"
"releases/download/v" version
"/pigx-" version ".tar.gz"))
(sha256
(base32
"1nxb2hbp40yg3j7n56k4dhsd2fl1j8g0wpiiln56prqzljwnlgmf"))))
(build-system gnu-build-system)
(inputs
`(("python" ,python)
("pigx-bsseq" ,pigx-bsseq)
("pigx-chipseq" ,pigx-chipseq)
("pigx-rnaseq" ,pigx-rnaseq)
("pigx-scrnaseq" ,pigx-scrnaseq)))
(home-page "http://bioinformatics.mdc-berlin.de/pigx/")
(synopsis "Analysis pipelines for genomics")
(description "PiGx is a collection of genomics pipelines. It includes the
following pipelines:
@itemize
@item PiGx BSseq for raw fastq read data of bisulfite experiments
@item PiGx RNAseq for RNAseq samples
@item PiGx scRNAseq for single cell dropseq analysis
@item PiGx ChIPseq for reads from ChIPseq experiments
@end itemize
All pipelines are easily configured with a simple sample sheet and a
descriptive settings file. The result is a set of comprehensive, interactive
HTML reports with interesting findings about your samples.")
(license license:gpl3+)))
(define-public r-diversitree
(package
(name "r-diversitree")
(version "0.9-10")
(source
(origin
(method url-fetch)
(uri (cran-uri "diversitree" version))
(sha256
(base32
"0gh4rcrp0an3jh8915i1fsxlgyfk7njywgbd5ln5r2jhr085kpz7"))))
(build-system r-build-system)
(native-inputs
`(("gfortran" ,gfortran)))
(inputs `(("fftw" ,fftw) ("gsl" ,gsl)))
(propagated-inputs
`(("r-ape" ,r-ape)
("r-desolve" ,r-desolve)
("r-rcpp" ,r-rcpp)
("r-suplex" ,r-subplex)))
(home-page "https://www.zoology.ubc.ca/prog/diversitree")
(synopsis "Comparative 'phylogenetic' analyses of diversification")
(description "This package contains a number of comparative \"phylogenetic\"
methods, mostly focusing on analysing diversification and character evolution.
Contains implementations of \"BiSSE\" (Binary State Speciation and Extinction)
and its unresolved tree extensions, \"MuSSE\" (Multiple State Speciation and
Extinction), \"QuaSSE\", \"GeoSSE\", and \"BiSSE-ness\" Other included methods
include Markov models of discrete and continuous trait evolution and constant
rate speciation and extinction.")
(license license:gpl2+)))

14
gnu/packages/cdrom.scm
View File

@ -704,14 +704,14 @@ laid out on the image.")
(define-public libburn
(package
(name "libburn")
(version "1.4.6")
(version "1.4.8")
(source (origin
(method url-fetch)
(uri (string-append "http://files.libburnia-project.org/releases/"
"libburn-" version ".tar.gz"))
(sha256
(base32
"0wbh49s3az3sfpai09z1zdgynq7wnwrk31v5589033274nmzldlx"))))
"19lxnzn8bz70glrrrn2hs43gf5g7gfbcka9rcbckhv1pb7is509y"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
@ -726,14 +726,14 @@ DVD-RW, DVD-R, DVD-R/DL, BD-R, and BD-RE.")
(define-public libisofs
(package
(name "libisofs")
(version "1.4.6")
(version "1.4.8")
(source (origin
(method url-fetch)
(uri (string-append "http://files.libburnia-project.org/releases/"
"libisofs-" version ".tar.gz"))
(sha256
(base32
"02m5g6lbmmkh2xc5xzq5zaf3ma6v31gls66aj886b3cq9qw0paql"))))
"0scvqb72qq24wcg814p1iw1dknldl21hr1hxsc1wy9vc6vgyk7fw"))))
(build-system gnu-build-system)
(inputs
`(("zlib" ,zlib)
@ -743,11 +743,11 @@ DVD-RW, DVD-R, DVD-R/DL, BD-R, and BD-RE.")
(home-page "https://dev.lovelyhq.com/libburnia/libisofs")
(synopsis "Library to create ISO 9660 images")
(description
"Libisofs creates ISO 9660 (also known as ECMA-119) filesystem images
"Libisofs creates ISO 9660 (also known as ECMA-119) file system images
which can either be written to POSIX file objects or handed over to
libburn for being written directly to optical media.
It can read metadata of ISO 9660 filesystems, manipulate them, and use them
to produce new complete filesystem images or add-on images to be appended
to the read filesystem image.
to produce new complete file system images or add-on images to be appended
to the read file system image.
Supported extensions to ISO 9660 are Rock Ridge, Joliet, AAIP, zisofs.")
(license gpl2+)))

44
gnu/packages/compression.scm
View File

@ -21,6 +21,7 @@
;;; Copyright © 2017 Petter <petter@mykolab.ch>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2018 Rutger Helling <rhelling@mykolab.com>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -2112,3 +2113,46 @@ single-member files which can't be decompressed in parallel.")
(description "innoextract allows extracting Inno Setup installers under
non-Windows systems without running the actual installer using wine.")
(license license:zlib)))
(define-public google-brotli
(package
(name "google-brotli")
(version "1.0.2")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/google/brotli/archive/v"
version ".tar.gz"))
(sha256
(base32
"08kl9gww2058p1p7j9xqmcmrabcfihhj3fq984d7fi3bchb2mky2"))))
(build-system cmake-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'install 'rename-static-libraries
;; The build tools put a 'static' suffix on the static libraries, but
;; other applications don't know how to find these.
(lambda* (#:key outputs #:allow-other-keys)
(let ((lib (string-append (assoc-ref %outputs "out") "/lib/")))
(rename-file (string-append lib "libbrotlicommon-static.a")
(string-append lib "libbrotlicommon.a"))
(rename-file (string-append lib "libbrotlidec-static.a")
(string-append lib "libbrotlidec.a"))
(rename-file (string-append lib "libbrotlienc-static.a")
(string-append lib "libbrotlienc.a"))
#t))))
#:configure-flags
(list ;; Defaults to "lib64" on 64-bit archs.
(string-append "-DCMAKE_INSTALL_LIBDIR="
(assoc-ref %outputs "out") "/lib"))))
(home-page "https://github.com/google/brotli")
(synopsis "General-purpose lossless compression")
(description "This package provides the reference implementation of Brotli,
a generic-purpose lossless compression algorithm that compresses data using a
combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd
order context modeling, with a compression ratio comparable to the best
currently available general-purpose compression methods. It is similar in speed
with @code{deflate} but offers more dense compression.
The specification of the Brotli Compressed Data Format is defined in RFC 7932.")
(license license:expat)))

4
gnu/packages/cran.scm
View File

@ -1809,14 +1809,14 @@ statistics, etc.")
(define-public r-scatterplot3d
(package
(name "r-scatterplot3d")
(version "0.3-40")
(version "0.3-41")
(source
(origin
(method url-fetch)
(uri (cran-uri "scatterplot3d" version))
(sha256
(base32
"0ababcj87kx7860mica9y2ydlhskxmgj9n46crx036cila512jc2"))))
"152xqz9c70qab86mpgng049gxsg5f4fpf1m8dh93fb9v1avjd0sc"))))
(build-system r-build-system)
(home-page "https://cran.r-project.org/web/packages/scatterplot3d/")
(synopsis "3D scatter plot")

120
gnu/packages/databases.scm
View File

@ -31,6 +31,7 @@
;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2017 Kristofer Buffington <kristoferbuffington@gmail.com>
;;; Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -58,6 +59,7 @@
#:use-module (gnu packages bison)
#:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages cmake)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
#:use-module (gnu packages curl)
@ -92,6 +94,7 @@
#:use-module (gnu packages textutils)
#:use-module (gnu packages tls)
#:use-module (gnu packages valgrind)
#:use-module (gnu packages web)
#:use-module (gnu packages xml)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
@ -2736,3 +2739,120 @@ Replay oplog entries between MongoDB servers
Monitor read/write activity on a mongo server
@end table")
(license license:asl2.0)))
(define-public apache-arrow
(package
(name "apache-arrow")
(version "0.7.0")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/apache/arrow")
(commit (string-append "apache-arrow-" version))))
(file-name (git-file-name name version))
(sha256
(base32
"1x7sdd8lbs3nfqjql1pcgbkjc19bls56zmgjayshkmablvlc4dy3"))))
(build-system cmake-build-system)
(arguments
`(#:tests? #f
#:phases
(modify-phases %standard-phases
(add-before 'configure 'enter-source-directory
(lambda _ (chdir "cpp") #t))
(add-after 'unpack 'set-env
(lambda _
(setenv "BOOST_ROOT" (assoc-ref %build-inputs "boost"))
(setenv "BROTLI_HOME" (assoc-ref %build-inputs "brotli"))
(setenv "FLATBUFFERS_HOME" (assoc-ref %build-inputs "flatbuffers"))
(setenv "JEMALLOC_HOME" (assoc-ref %build-inputs "jemalloc"))
(setenv "RAPIDJSON_HOME" (assoc-ref %build-inputs "rapidjson"))
#t)))
#:configure-flags
(list "-DCMAKE_BUILD_TYPE=Release"
"-DARROW_PYTHON=ON"
;; Install to PREFIX/lib (the default is
;; PREFIX/lib64).
(string-append "-DCMAKE_INSTALL_LIBDIR="
(assoc-ref %outputs "out")
"/lib")
;; XXX These Guix package offer static
;; libraries that are not position independent,
;; and ld fails to link them into the arrow .so
"-DARROW_WITH_SNAPPY=OFF"
"-DARROW_WITH_ZLIB=OFF"
"-DARROW_WITH_ZSTD=OFF"
"-DARROW_WITH_LZ4=OFF"
;; Building the tests forces on all the
;; optional features and the use of static
;; libraries.
"-DARROW_BUILD_TESTS=OFF"
"-DARROW_BUILD_STATIC=OFF")))
(inputs
`(("boost" ,boost)
("rapidjson" ,rapidjson)
("brotli" ,google-brotli)
("flatbuffers" ,flatbuffers)
;; Arrow is not yet compatible with jemalloc >= 5:
;; https://issues.apache.org/jira/browse/ARROW-1141
("jemalloc" ,jemalloc-4.5.0)
("python-3" ,python)
("python-numpy" ,python-numpy)))
(home-page "https://arrow.apache.org/")
(synopsis "Columnar in-memory analytics")
(description "Apache Arrow is a columnar in-memory analytics layer
designed to accelerate big data. It houses a set of canonical in-memory
representations of flat and hierarchical data along with multiple
language-bindings for structure manipulation. It also provides IPC and common
algorithm implementations.")
(license license:asl2.0)))
(define-public python-pyarrow
(package
(name "python-pyarrow")
(version "0.7.0")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/apache/arrow")
(commit (string-append "apache-arrow-" version))))
(file-name (git-file-name name version))
(sha256
(base32
"1x7sdd8lbs3nfqjql1pcgbkjc19bls56zmgjayshkmablvlc4dy3"))))
(build-system python-build-system)
(arguments
'(#:tests? #f ; XXX Test failures related to missing libhdfs, libhdfs3,
; and "Unsupported numpy type 22".
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'enter-source-directory
(lambda _ (chdir "python") #t))
(add-after 'unpack 'set-env
(lambda _
(setenv "ARROW_HOME" (assoc-ref %build-inputs "apache-arrow"))
#t)))))
(propagated-inputs
`(("apache-arrow" ,apache-arrow)
("python-numpy" ,python-numpy)
("python-pandas" ,python-pandas)
("python-six" ,python-six)))
(native-inputs
`(("cmake" ,cmake)
("python-cython" ,python-cython)
("python-pytest" ,python-pytest)
("python-setuptools-scm" ,python-setuptools-scm)))
(home-page "https://arrow.apache.org/docs/python/")
(synopsis "Python bindings for Apache Arrow")
(description "This library provides a Pythonic API wrapper for the reference
Arrow C++ implementation, along with tools for interoperability with pandas,
NumPy, and other traditional Python scientific computing packages.")
(license license:asl2.0)))
(define-public python2-pyarrow
(package-with-python2 python-pyarrow))

7
gnu/packages/dns.scm
View File

@ -99,7 +99,7 @@ and BOOTP/TFTP for network booting of diskless machines.")
(define-public isc-bind
(package
(name "bind")
(version "9.12.0")
(version "9.12.1")
(source (origin
(method url-fetch)
(uri (string-append
@ -107,7 +107,7 @@ and BOOTP/TFTP for network booting of diskless machines.")
version ".tar.gz"))
(sha256
(base32
"10iwkghl5g50b7wc17bsb9wa0dh2gd57bjlk6ynixhywz6dhx1r9"))))
"043mjcw405qa0ghm5dkhfsq35gsy279724fz3mjqpr1mbi14dr0n"))))
(build-system gnu-build-system)
(outputs `("out" "utils"))
(inputs
@ -149,7 +149,8 @@ and BOOTP/TFTP for network booting of diskless machines.")
;; (system "bin/tests/system/ifconfig.sh up")))
(replace 'check
(lambda _
(zero? (system* "make" "force-test")))))))
(invoke "make" "force-test")
#t)))))
(synopsis "An implementation of the Domain Name System")
(description "BIND is an implementation of the @dfn{Domain Name System}
(DNS) protocols for the Internet. It is a reference implementation of those

45
gnu/packages/emacs.scm
View File

@ -7369,3 +7369,48 @@ highlighting and indentation support.")
@uref{https://www.terraform.io/, Terraform} configuration files. Most of the
functionality is inherited from @code{hcl-mode}.")
(license license:gpl3+)))
(define-public emacs-exec-path-from-shell
(package
(name "emacs-exec-path-from-shell")
(version "1.11")
(source
(origin
(method url-fetch)
(uri (string-append
"https://stable.melpa.org/packages/exec-path-from-shell-"
version ".el"))
(sha256
(base32
"03qjgb81cq1l3j54lvlf98r75vmmgd06mj6qh5wa6mz4xzp4w26r"))))
(build-system emacs-build-system)
(home-page "https://github.com/purcell/exec-path-from-shell")
(synopsis "Get environment variables such as @var{PATH} from the shell")
(description
"This library allows the user to set Emacs @var{exec-path} and @var{PATH}
from the shell @var{PATH}, so that @code{shell-command}, @code{compile} and
the like work as expected on systems on which Emacs is not guaranteed to
inherit a login shell's environment variables. It also allows other
environment variables to be retrieved from the shell, so that Emacs will see
the same values you get in a terminal.")
(license license:gpl3+)))
(define-public emacs-deft
(package
(name "emacs-deft")
(version "0.8")
(source
(origin
(method url-fetch)
(uri (string-append "https://stable.melpa.org/packages/deft-"
version ".el"))
(sha256
(base32
"1vb9cjxskc7c0yyf9pvxy1fzypg1vrcgwnjz0m3hslinsgdyig58"))))
(build-system emacs-build-system)
(home-page "https://jblevins.org/projects/deft/")
(synopsis "Quickly browse, filter, and edit plain text notes")
(description
"Deft is an Emacs mode for quickly browsing, filtering, and editing
directories of plain text notes, inspired by Notational Velocity.")
(license license:bsd-3)))

4
gnu/packages/freedesktop.scm
View File

@ -1088,13 +1088,13 @@ update-desktop-database: updates the database containing a cache of MIME types
(define-public xdg-user-dirs
(package
(name "xdg-user-dirs")
(version "0.16")
(version "0.17")
(source (origin
(method url-fetch)
(uri (string-append "http://user-dirs.freedesktop.org/releases/"
name "-" version ".tar.gz"))
(sha256
(base32 "1rp3c94hxjlfsryvwajklynfnrcvxplhwnjqc7395l89i0nb83vp"))))
(base32 "13216b8rfkzak5k6bvpx6jvqv3cnbgpijnjwj8a8d3kq4cl0a1ra"))))
(build-system gnu-build-system)
(native-inputs
`(("gettext" ,gettext-minimal)

121
gnu/packages/geo.scm
View File

@ -5,6 +5,7 @@
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -26,6 +27,7 @@
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (guix build-system scons)
#:use-module (guix build-system r)
#:use-module (guix download)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
@ -35,6 +37,7 @@
#:use-module (gnu packages compression)
#:use-module (gnu packages databases)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages cran)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gtk)
@ -42,6 +45,8 @@
#:use-module (gnu packages icu4c)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages statistics)
#:use-module (gnu packages web)
#:use-module (gnu packages webkit)
#:use-module (gnu packages wxwidgets)
#:use-module (gnu packages xml))
@ -491,3 +496,119 @@ development.")
construct common SQL queries, or craft your own SQL queries.")
(home-page "https://www.gaia-gis.it/fossil/spatialite_gui/index")
(license license:gpl3+)))
(define-public r-maps
(package
(name "r-maps")
(version "3.2.0")
(source
(origin
(method url-fetch)
(uri (cran-uri "maps" version))
(sha256
(base32
"0577f3b5d3a7djl7r0miy9mzr6xq6jb32p8nyrma7m2azasbwyj3"))))
(build-system r-build-system)
(home-page "https://cran.r-project.org/web/packages/maps")
(synopsis "Draw geographical maps")
(description "This package provies an R module for display of maps.
Projection code and larger maps are in separate packages ('mapproj' and
'mapdata').")
(license license:gpl2)))
(define-public r-mapproj
(package
(name "r-mapproj")
(version "1.2-5")
(source
(origin
(method url-fetch)
(uri (cran-uri "mapproj" version))
(sha256
(base32
"0rjz37r4rizk2c6jaf54f0kfb60dqv6b262cnhiwjl55d4x6l0pk"))))
(build-system r-build-system)
(propagated-inputs `(("r-maps" ,r-maps)))
(home-page "https://cran.r-project.org/web/packages/mapproj")
(synopsis "Map projection in R")
(description "This package converts latitude/longitude into projected
coordinates.")
(license (list license:gpl2 ; The R interface
(license:non-copyleft ; The C code
"https://www.gnu.org/licenses/license-list.en.html#lucent102"
"Lucent Public License Version 1.02")))))
(define-public r-rgooglemaps
(package
(name "r-rgooglemaps")
(version "1.4.1")
(source
(origin
(method url-fetch)
(uri (cran-uri "RgoogleMaps" version))
(sha256
(base32
"0fsmlnhl4kw2j4972kfanzw9njhnzk695gsyw8g6yppsmz2clcaq"))))
(properties `((upstream-name . "RgoogleMaps")))
(build-system r-build-system)
(propagated-inputs `(("r-png" ,r-png)))
(home-page "https://cran.r-project.org/web/packages/RgoogleMaps")
(synopsis "Use Google Maps in R")
(description "This package serves two purposes: (i) Provide a comfortable R
interface to query the Google server for static maps, and (ii) Use the map as a
background image to overlay plots within R. This requires proper coordinate
scaling.")
(license license:gpl2+)))
(define-public r-geosphere
(package
(name "r-geosphere")
(version "1.5-7")
(source
(origin
(method url-fetch)
(uri (cran-uri "geosphere" version))
(sha256
(base32
"186qdm5niq7v3d4w4rngx71znsgi44hnam7698bsx9ar5mg5b6wx"))))
(build-system r-build-system)
(propagated-inputs `(("r-sp" ,r-sp)))
(home-page "https://cran.r-project.org/web/packages/geosphere")
(synopsis "Spherical trigonometry")
(description "This package computes spherical trigonometry for geographic
applications. That is, compute distances and related measures for angular
(longitude/latitude) locations.")
(license license:gpl3+)))
(define-public r-ggmap
(package
(name "r-ggmap")
(version "2.6.1")
(source
(origin
(method url-fetch)
(uri (cran-uri "ggmap" version))
(sha256
(base32
"0mssb09w818jv58h7mly9y181pzv22sgcd4a079cfpq04bs0wigw"))))
(build-system r-build-system)
(propagated-inputs
`(("r-digest" ,r-digest)
("r-geosphere" ,r-geosphere)
("r-ggplot2" ,r-ggplot2)
("r-jpeg" ,r-jpeg)
("r-mapproj" ,r-mapproj)
("r-plyr" ,r-plyr)
("r-png" ,r-png)
("r-proto" ,r-proto)
("r-reshape2" ,r-reshape2)
("r-rgooglemaps" ,r-rgooglemaps)
("r-rjson" ,r-rjson)
("r-scales" ,r-scales)))
(home-page "https://github.com/dkahle/ggmap")
(synopsis "Spatial visualization with ggplot2")
(description "This package provides a collection of functions to visualize
spatial data and models on top of static maps from various online sources (e.g
Google Maps and Stamen Maps). It includes tools common to those tasks,
including functions for geolocation and routing.")
(license license:gpl2)))

30
gnu/packages/gnuzilla.scm
View File

@ -424,24 +424,32 @@ security standards.")
(mozilla-patch "icecat-bug-1350152.patch" "f822bda79c28" "1wf56169ca874shr6r7qx40s17h2gwj7ngmpyylrpmd1c6hipvsj")
(mozilla-patch "icecat-bug-1411708.patch" "34c968767eb7" "0l2jy201ikj3m3h66mvlsj4y0ki7cpm7x7nnfygbwnfxg42s1sip")
(mozilla-patch "icecat-bug-1375217.patch" "00fc630c9a46" "17pcprp452nslk6sac6sili0p74zh8w3g0v1wsdn0ikm9xmnphhv")
(mozilla-patch "icecat-bug-1261175.patch" "f0ec180993d2" "0jiazxcwki83wr00fyh2g518ynsd33p7nk65zk4d1682gn22lc8v")
(mozilla-patch "icecat-bug-1433005.patch" "a6a9e26688c1" "0cvizvilb4k422j2gzqcbakznvsffmk6n6xn1ayj5rgxfaizkkqk")
(mozilla-patch "icecat-bug-1434580.patch" "198ad052621e" "1721zx8hifdlflrhvw6hmkdgjbvsmxl9n84iji5qywhlp2krdk9r")
(mozilla-patch "icecat-CVE-2018-5145.patch" "f0ec180993d2" "0jiazxcwki83wr00fyh2g518ynsd33p7nk65zk4d1682gn22lc8v")
(mozilla-patch "icecat-CVE-2018-5130.patch" "a6a9e26688c1" "0cvizvilb4k422j2gzqcbakznvsffmk6n6xn1ayj5rgxfaizkkqk")
(mozilla-patch "icecat-CVE-2018-5125-pt1.patch" "198ad052621e" "1721zx8hifdlflrhvw6hmkdgjbvsmxl9n84iji5qywhlp2krdk9r")
(mozilla-patch "icecat-bug-1426087.patch" "391ea77ebfdb" "1fhkvd0z6mvdkj7m0d3jlj42rsdw5r4x122c1wb1i428228ifw6n")
(mozilla-patch "icecat-bug-1416307.patch" "54f2f7f93b30" "1ncjir16mqya37wgf6fy2rqki3vl433c4grjr3fypmlig6xfgg1l")
(mozilla-patch "icecat-bug-1430557.patch" "2c4d7a59041b" "178c6gid89cvw52yqs43i6x6s5w0hslj0rfa2r8b4762ij3civ92")
(mozilla-patch "icecat-bug-1416529.patch" "f87ef3774d5e" "0payf3az2w93nzl5qknqx290jbxk8v39rwhdgq7wyd5f245dywxk")
(mozilla-patch "icecat-bug-1324042.patch" "ac743923f81d" "0msyr45xr1j5q4x6ah4r907pwjngyi0k6pp9y8ixk21cnwbzrdwx")
(mozilla-patch "icecat-bug-1428947.patch" "456913d7e8b5" "0fx0s06kxxj7g4hllinaskgh41z3k48zml6yqqzxx485qk3hdh9x")
(mozilla-patch "icecat-CVE-2018-5127.patch" "2c4d7a59041b" "178c6gid89cvw52yqs43i6x6s5w0hslj0rfa2r8b4762ij3civ92")
(mozilla-patch "icecat-CVE-2018-5125-pt2.patch" "f87ef3774d5e" "0payf3az2w93nzl5qknqx290jbxk8v39rwhdgq7wyd5f245dywxk")
(mozilla-patch "icecat-CVE-2018-5125-pt3.patch" "ac743923f81d" "0msyr45xr1j5q4x6ah4r907pwjngyi0k6pp9y8ixk21cnwbzrdwx")
(mozilla-patch "icecat-CVE-2018-5129.patch" "456913d7e8b5" "0fx0s06kxxj7g4hllinaskgh41z3k48zml6yqqzxx485qk3hdh9x")
(mozilla-patch "icecat-bug-1334465-pt1.patch" "f95c5b881442" "0iaddhf65jd9cycj4bw0b207n2jiqkr4q84jifzyqn4ygs75wdqd")
(mozilla-patch "icecat-bug-1334465-pt2.patch" "8a4265c8fb41" "1d9zfdbrlw9wzr84b7pj7lxgy487lsx0kfd89287hjk0al8m6vrw")
(mozilla-patch "icecat-bug-1398021.patch" "28855df568d8" "1kmq836gniplxpjnvq8lhbcc1aqi56al628r1mzdy94b5yb0lis3")
(mozilla-patch "icecat-bug-1388020.patch" "e8ab2736499b" "0n28vcd65rxsyq3z22rfcfksryfndhm1i3g6ah3akg11jnagqf5v")
(mozilla-patch "icecat-bug-1437087.patch" "014877bf17ea" "0hk90pnf7h7kvidji6ydvva1zpyraipn03pjhvprdqr7k2fqzmsz")
(mozilla-patch "icecat-bug-1437507.patch" "5b3a5de48912" "1ifya05rcd34ryp9zawdacihhkkf2m0xn2q8m8c6v78bvxj0mgig")
(mozilla-patch "icecat-bug-1440926.patch" "1df9b4404acd" "1sd59vsarfsbh3vlrzrqv6n1ni7vxdzm83j6s6g0fygl1h8kwijg")
(mozilla-patch "icecat-CVE-2018-5125-pt4.patch" "014877bf17ea" "0hk90pnf7h7kvidji6ydvva1zpyraipn03pjhvprdqr7k2fqzmsz")
(mozilla-patch "icecat-CVE-2018-5125-pt5.patch" "5b3a5de48912" "1ifya05rcd34ryp9zawdacihhkkf2m0xn2q8m8c6v78bvxj0mgig")
(mozilla-patch "icecat-CVE-2018-5144.patch" "1df9b4404acd" "1sd59vsarfsbh3vlrzrqv6n1ni7vxdzm83j6s6g0fygl1h8kwijg")
(mozilla-patch "icecat-bug-1430173-pt1.patch" "9124c3972e2b" "13ns5yy39yzfx7lrkv4rgwdz6s6q0z4i09wkbxdvnkfsz17cd17i")
(mozilla-patch "icecat-bug-1430173-pt2.patch" "9f6dc031be51" "0bv2p98z5ahp3x9wxnhwxn87g21djvzzp7jy55ik90hqixsbhwdl")))
(mozilla-patch "icecat-bug-1430173-pt2.patch" "9f6dc031be51" "0bv2p98z5ahp3x9wxnhwxn87g21djvzzp7jy55ik90hqixsbhwdl")
(mozilla-patch "icecat-CVE-2018-5131.patch" "3102fbb97b32" "0kg0183v92gxjb9255xjwhxyd6gl77l9c0civx3040k975fybwlp")
(mozilla-patch "icecat-CVE-2018-5125-pt6.patch" "4904c0f4a645" "0lsq62ynksy1fbw0m87f1d741fyvrrp1vrznx5hx0l2p4g4frhv3")
(mozilla-patch "icecat-CVE-2018-5125-pt7.patch" "16b8073d5c30" "1dv94qqah1wjd3bxjvrkmjbb2f95d3d11zpm8mggdk52il575bwl")
(mozilla-patch "icecat-bug-1442127-pt1.patch" "f931f85b09da" "02s380w8a73g4w2wm810lbigh4z4rrlfy10ywwhv4lpkbk8xg7pr")
(mozilla-patch "icecat-bug-1442127-pt2.patch" "da5792b70f30" "116k9qja5ir9b3laazasp43f5jx59qq72nknmq5bn5v1ixya9r4l")
(mozilla-patch "icecat-CVE-2018-5125-pt8.patch" "62b831df8269" "109pn0hqn7s27580glv4z7qv1pmjzii9szvf3wkn97k5wybrzgkx")
(mozilla-patch "icecat-bug-1442504.patch" "8954ce68a364" "0bl65zw82bwqg0mmcri94pxqq6ibff7y5rclkzapb081p6yvf73q")
(mozilla-patch "icecat-CVE-2018-5125-pt9.patch" "8a16f439117c" "108iarql6z7h1r4rlzac6n6lrzs78x7kcdbfa0b5dbr5xc66jmgb")))
(modules '((guix build utils)))
(snippet
'(begin

35
gnu/packages/graph.scm
View File

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -33,7 +34,10 @@
#:use-module (gnu packages maths)
#:use-module (gnu packages multiprecision)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages python-web)
#:use-module (gnu packages statistics)
#:use-module (gnu packages time)
#:use-module (gnu packages xml))
(define-public igraph
@ -199,3 +203,34 @@ objects from the @code{graph} package.")
represented by horizontal lines, and edges are represented by vertical
lines.")
(license license:expat))))
(define-public python-plotly
(package
(name "python-plotly")
(version "2.4.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "plotly" version))
(sha256
(base32
"0n18116jz6bl5n9cq23vabv1gcbh1x3yficdnfq55v0z4cwy0zlf"))))
(build-system python-build-system)
(arguments
'(#:tests? #f)) ; The tests are not distributed in the release
(propagated-inputs
`(("python-decorator" ,python-decorator)
("python-nbformat" ,python-nbformat)
("python-pytz" ,python-pytz)
("python-requests" ,python-requests)
("python-six" ,python-six)))
(home-page "https://plot.ly/python/")
(synopsis "Interactive plotting library for Python")
(description "Plotly's Python graphing library makes interactive,
publication-quality graphs online. Examples of how to make line plots, scatter
plots, area charts, bar charts, error bars, box plots, histograms, heatmaps,
subplots, multiple-axes, polar charts, and bubble charts. ")
(license license:expat)))
(define-public python2-plotly
(package-with-python2 python-plotly))

4
gnu/packages/gtk.scm
View File

@ -392,7 +392,7 @@ printing and other features typical of a source code editor.")
(define-public gtksourceview
(package
(name "gtksourceview")
(version "3.24.6")
(version "3.24.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
@ -400,7 +400,7 @@ printing and other features typical of a source code editor.")
name "-" version ".tar.xz"))
(sha256
(base32
"1261fwjpwn3qizmvjns9z3k3a264j3ql5anyvmisfwywpkzbv9ks"))))
"1rp8zspwyw3mmdgccsas3pa6v7s0hqjaaglg6n4kcls7ccx0vhm5"))))
(build-system gnu-build-system)
(arguments
'(#:phases

64
gnu/packages/idris.scm
View File

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;; Copyright © 2016, 2017 David Craven <david@craven.ch>
;;; Copyright © 2018 Alex ter Weele <alex.ter.weele@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -30,6 +31,52 @@
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages))
(define ghc-aeson-1.1.2.0
(package (inherit ghc-aeson)
(version "1.1.2.0")
(source
(origin
(method url-fetch)
(uri (string-append
"https://hackage.haskell.org/package/aeson/aeson-"
version
".tar.gz"))
(sha256
(base32
"1zy5z8pzvh53qkjm0nm3f4rwqfqg3867ck8ncd6mrxpcyvxqqj1p"))))))
(define ghc-trifecta-1.6.2.1
(package (inherit ghc-trifecta)
(version "1.6.2.1")
(source
(origin
(method url-fetch)
(uri (string-append
"https://hackage.haskell.org/package/trifecta/"
"trifecta-" version ".tar.gz"))
(sha256
(base32
"1rgv62dlmm4vkdymx5rw5jg3w8ifpzg1745rvs1m4kzdx16p5cxs"))))))
;; ghc-cheapskate appeared too new. This follows LTS Haskell.
(define ghc-cheapskate-0.1.0.5
(package
(inherit ghc-cheapskate)
(version "0.1.0.5")
(source
(origin
(method url-fetch)
(uri (string-append
"https://hackage.haskell.org/package/cheapskate/cheapskate-"
version
".tar.gz"))
(sha256
(base32
"0cpsmfx5z2xykg71sv8j7pl8ga6pzyjnjdb9bxn00vcpqkzvfqvs"))))
(arguments
;; LTS Haskell says data-default >=0.5 && <0.8
`(#:configure-flags (list "--allow-newer=data-default")))))
(define-public idris
(package
(name "idris")
@ -46,15 +93,15 @@
(inputs
`(("gmp" ,gmp)
("ncurses" ,ncurses)
("ghc-aeson" ,ghc-aeson)
("ghc-async" ,ghc-async)
("ghc-aeson" ,ghc-aeson-1.1.2.0)
("ghc-annotated-wl-pprint" ,ghc-annotated-wl-pprint)
("ghc-ansi-terminal" ,ghc-ansi-terminal)
("ghc-ansi-wl-pprint" ,ghc-ansi-wl-pprint)
("ghc-async" ,ghc-async)
("ghc-base64-bytestring" ,ghc-base64-bytestring)
("ghc-blaze-html" ,ghc-blaze-html)
("ghc-blaze-markup" ,ghc-blaze-markup)
("ghc-cheapskate" ,ghc-cheapskate)
("ghc-cheapskate" ,ghc-cheapskate-0.1.0.5)
("ghc-code-page" ,ghc-code-page)
("ghc-fingertree" ,ghc-fingertree)
("ghc-fsnotify" ,ghc-fsnotify)
@ -62,23 +109,18 @@
("ghc-mtl" ,ghc-mtl)
("ghc-network" ,ghc-network)
("ghc-optparse-applicative" ,ghc-optparse-applicative)
("ghc-parsers" ,ghc-parsers)
("ghc-regex-tdfa" ,ghc-regex-tdfa)
("ghc-safe" ,ghc-safe)
("ghc-split" ,ghc-split)
("ghc-tasty" ,ghc-tasty)
("ghc-tasty-golden" ,ghc-tasty-golden)
("ghc-tasty-rerun" ,ghc-tasty-rerun)
("ghc-terminal-size" ,ghc-terminal-size)
("ghc-text" ,ghc-text)
("ghc-trifecta" ,ghc-trifecta)
("ghc-trifecta" ,ghc-trifecta-1.6.2.1)
("ghc-uniplate" ,ghc-uniplate)
("ghc-unordered-containers" ,ghc-unordered-containers)
("ghc-utf8-string" ,ghc-utf8-string)
("ghc-vector-binary-instances" ,ghc-vector-binary-instances)
("ghc-vector" ,ghc-vector)
("ghc-zip-archive" ,ghc-zip-archive)
("ghc-zlib" ,ghc-zlib)))
("ghc-vector-binary-instances" ,ghc-vector-binary-instances)
("ghc-zip-archive" ,ghc-zip-archive)))
(arguments
`(#:tests? #f ; FIXME: Test suite doesn't run in a sandbox.
#:configure-flags

21
gnu/packages/image.scm
View File

@ -16,6 +16,7 @@
;;; Copyright © 2017 ng0 <ng0@infotropique.org>
;;; Copyright © 2017 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2017 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -1293,3 +1294,23 @@ Features:
@item Upload to Imgur.
@end itemize\n")
(license license:gpl3+)))
(define-public r-jpeg
(package
(name "r-jpeg")
(version "0.1-8")
(source
(origin
(method url-fetch)
(uri (cran-uri "jpeg" version))
(sha256
(base32
"05hawv5qcb82ljc1l2nchx1wah8mq2k2kfkhpzyww554ngzbwcnh"))))
(build-system r-build-system)
(inputs `(("libjpeg" ,libjpeg)))
(home-page "http://www.rforge.net/jpeg/")
(synopsis "Read and write JPEG images with R")
(description "This package provides a way to read, write and display bitmap
images stored in the JPEG format with R. It can read and write both files and
in-memory raw vectors.")
(license license:gpl2+)))

1
gnu/packages/inkscape.scm
View File

@ -68,6 +68,7 @@
("libgc" ,libgc)
("freetype" ,freetype)
("popt" ,popt)
("potrace" ,potrace)
("python" ,python-2)
("lcms" ,lcms)
("boost" ,boost)))

44
gnu/packages/java.scm
View File

@ -1077,7 +1077,7 @@ bootstrapping purposes.")
(license license:gpl2+)))
(define-public icedtea-7
(let* ((version "2.6.12")
(let* ((version "2.6.13")
(drop (lambda (name hash)
(origin
(method url-fetch)
@ -1095,7 +1095,7 @@ bootstrapping purposes.")
version ".tar.xz"))
(sha256
(base32
"0s0zh0mj1sab99kb516lsgq3859vsc951phc565gwix4l5g9zppk"))
"1w331rdqx1dcx2xb0fmjmrkdc71xqn20fxsgw8by4xhiblh88khh"))
(modules '((guix build utils)))
(snippet
'(begin
@ -1507,25 +1507,25 @@ bootstrapping purposes.")
(native-inputs
`(("openjdk-src"
,(drop "openjdk"
"15qf3nfidgnigh2zny6djfp8bhfwjnwk9i06mxs2jbq6na953ql2"))
"0l34ikyf62hbzlf9032alzkkqvf7bpmckz4gvirvph755w7gka8l"))
("corba-drop"
,(drop "corba"
"1phvn8fyl5mw2n2sn97f17nm442k75xsz2023bfw4h66ywzkqhqy"))
"050gv2jbg1pi6qkn8w18bwpbklfa5b0kymjvan9pncddbj8m84fz"))
("jaxp-drop"
,(drop "jaxp"
"0j4ms6lmnfa2cwfh9yfqdfg1bnn3fc40ay4x6k8zqa8yvspik5w5"))
"1k6yldwnxfzdg5926r1nlfv8d1r1j7rlp2nkz6gqh05vgyamnfhl"))
("jaxws-drop"
,(drop "jaxws"
"09sddj73k7n29s39hvdk14r130mvlknbxkpd2w58f34sq5sgpdrg"))
"110j7jlz47x2gg6f7653x12mssan5kvj9l9h1m1c8c92drfxbqyk"))
("jdk-drop"
,(drop "jdk"
"0q896zz8wyswmksy225q1k27nz3v3l27052dcvvpv20ryykz8yp7"))
"0d1mca38ksxvdskp9im3pp7fdijhj1n3lwq9w13r9s4v3qyskgdd"))
("langtools-drop"
,(drop "langtools"
"0niicyfccim4a9is4akh87jd7wbl8jrazdaab957mcv9l1x3bnqc"))
"0nq5236fzxn3p6x8cgncl56mzcmsj07q9gymysnws4c8byc6n0qj"))
("hotspot-drop"
,(drop "hotspot"
"1jw42qhbm3wfavk39304m53lmqipcllrvjqiab2f42mjs10i8gfx"))
"17bdv39n4lh8l5737c96f3xgamx4y305m067p01cywgp7zaddqws"))
("ant" ,ant-bootstrap)
("attr" ,attr)
("coreutils" ,coreutils)
@ -1575,7 +1575,7 @@ IcedTea build harness.")
(license license:gpl2+))))
(define-public icedtea-8
(let* ((version "3.6.0")
(let* ((version "3.7.0")
(drop (lambda (name hash)
(origin
(method url-fetch)
@ -1584,7 +1584,7 @@ IcedTea build harness.")
"/icedtea8/" version "/" name ".tar.xz"))
(sha256 (base32 hash))))))
(package (inherit icedtea-7)
(version "3.6.0")
(version "3.7.0")
(source (origin
(method url-fetch)
(uri (string-append
@ -1592,7 +1592,7 @@ IcedTea build harness.")
version ".tar.xz"))
(sha256
(base32
"0zj192zrrxqh6j1ywc3399gk2ycay9w8pvzcvvr2kvdkb37ak86h"))
"09yqzn8rpccs7cyv89hhy5zlznpgqw5x3jz0w1ccp0cz1vgs8l5w"))
(modules '((guix build utils)))
(snippet
'(begin
@ -1694,34 +1694,34 @@ new Date();"))
`(("jdk" ,icedtea-7 "jdk")
("openjdk-src"
,(drop "openjdk"
"0mqxh81kq05z4wydkik0yrr81ibf84xmwsdcw9n2gfrzs4f5jxnb"))
"1mj6xgmw31i6qd30qi9dmv7160fbcfq5ikz1jwjihdg2793il19p"))
("aarch32-drop"
,(drop "aarch32"
"0b207g2n6kn510zf5vwh58bsxgqrmkvrna4p20r74v9cwcwx83n2"))
"1wb8k5zm40zld0986dvmlh5xh3gyixbg9h26sl662zy92amhmyyg"))
("corba-drop"
,(drop "corba"
"0qinc1q4w01nkr9klhfyd8caxvyrrfxjrz32nd7kgyja2bj8x7dd"))
"11ma4zz0599cy70xd219v7a8vin7p96xrhhz3wsaw6cjhkzpagah"))
("jaxp-drop"
,(drop "jaxp"
"07azrp3g86vk2laybmr5xfn0yrljkxs0rlm1q48385br225bgdxi"))
"14m1y0z0fbm5z5zjw3vnq85py8dma84bi3f9cw8rhdyc6skk8q4i"))
("jaxws-drop"
,(drop "jaxws"
"018fd2hq57zp3pq06wlxy5pabqcyk36xi8hk0d6xk3a90wsjvyik"))
"09andnm6xaasnp963hgx42yiflifiljp9z7z85jrfyc5z8a5whmf"))
("jdk-drop"
,(drop "jdk"
"0vs488kq5j2cc6kplc78jbhfxwq4fn06l34xrbq4d6y17777arg8"))
"0s6lcpc0zckz2fnq98aqf28nz9y3wbi41a3kyaqqa2abwbkm1zwl"))
("langtools-drop"
,(drop "langtools"
"04f6d1wvck5jrpvrcw5gsbzxnihcry9zrf1v85czdm959q21zv9c"))
"15wizy123vhk40chl1b4p552jf2pw2hdww0myf11qab425axz4nw"))
("hotspot-drop"
,(drop "hotspot"
"1mfgpzyr6zzy9klf8nn3z6d41fydb9ghpfpqzjq3cl95axfbdl1g"))
"1ciz1w9j0kz7s1dxdhyqq71nla9icyz6qvn0b9z2zgkklqa98qmm"))
("nashorn-drop"
,(drop "nashorn"
"1a26cmzbs50gkh4rmmmxls7zljx62vfp1wq02gsfd5jqs4xvlibj"))
"19pzl3ppaw8j6r5cnyp8qiw3hxijh3hdc46l39g5yfhdl4pr4hpa"))
("shenandoah-drop"
,(drop "shenandoah"
"11hmn9mwmvryfddcanzx3qffjm8bbiv18nwv3iy9cswrvxjy010f"))
"0k33anxdzw1icn072wynfmmdjhsv50hay0j1sfkfxny12rb3vgdy"))
,@(fold alist-delete (package-native-inputs icedtea-7)
'("jdk" "openjdk-src" "corba-drop" "jaxp-drop" "jaxws-drop"
"jdk-drop" "langtools-drop" "hotspot-drop")))))))

8
gnu/packages/language.scm
View File

@ -98,7 +98,7 @@ converting a word to singular or plural.")
(define-public perl-lingua-en-inflect-phrase
(package
(name "perl-lingua-en-inflect-phrase")
(version "0.18")
(version "0.20")
(source
(origin
(method url-fetch)
@ -106,7 +106,7 @@ converting a word to singular or plural.")
"Lingua-EN-Inflect-Phrase-" version ".tar.gz"))
(sha256
(base32
"19prg6pkgnznrc82ymdkdi3l9schg815axjig7adca5yqa7mn2i9"))))
"1a6y1l2pjim2242wcpgz066di4pbzfgsjjdl7vg5a5wzm48qj1am"))))
(build-system perl-build-system)
(native-inputs
`(("perl-test-nowarnings" ,perl-test-nowarnings)))
@ -365,7 +365,7 @@ stemmer at http://snowball.sourceforge.net.")
(define-public perl-string-toidentifier-en
(package
(name "perl-string-toidentifier-en")
(version "0.11")
(version "0.12")
(source
(origin
(method url-fetch)
@ -373,7 +373,7 @@ stemmer at http://snowball.sourceforge.net.")
"String-ToIdentifier-EN-" version ".tar.gz"))
(sha256
(base32
"1bawghkgkkx7j3avnrj5sg3vix1z5564ks6wf9az3jc2knh8s5nh"))))
"12nw7h2yiybhdw0vnnpc7bif8ylhsn6kqf6s39dsrf9h54iq9yrs"))))
(build-system perl-build-system)
(propagated-inputs
`(("perl-lingua-en-inflect-phrase" ,perl-lingua-en-inflect-phrase)

11
gnu/packages/linux.scm
View File

@ -383,8 +383,8 @@ It has been modified to remove all non-free binary blobs.")
;; supports qemu "virt" machine and possibly a large number of ARM boards.
;; See : https://wiki.debian.org/DebianKernel/ARMMP.
(define %linux-libre-version "4.15.9")
(define %linux-libre-hash "13lcard7i6w2c1cf9rfhvmq79xk4qp2p1c1920mfi69l20yvm572")
(define %linux-libre-version "4.15.10")
(define %linux-libre-hash "10fp8jmy0fxq8l01m1nnagpq1hznl9jmhcwknk8izjmdcb5snq6c")
(define-public linux-libre
(make-linux-libre %linux-libre-version
@ -392,8 +392,8 @@ It has been modified to remove all non-free binary blobs.")
%linux-compatible-systems
#:configuration-file kernel-config))
(define %linux-libre-4.14-version "4.14.26")
(define %linux-libre-4.14-hash "1m2zr17wpasg5riysbaa4g5i492jzr93py2jm088ki818s4a9cm3")
(define %linux-libre-4.14-version "4.14.27")
(define %linux-libre-4.14-hash "0mgkka9niyd0lj4qliy4v7jjh9lg1a5jwlv60yw7z0s4k7ajyyrp")
(define-public linux-libre-4.14
(make-linux-libre %linux-libre-4.14-version
@ -556,7 +556,8 @@ providing the system administrator with some help in common tasks.")
(sha256
(base32
"04fzrnrr3pvqskvjn9f81y0knh0jvvqx4lmbz5pd4lfdm5pv2l8s"))
(patches (search-patches "util-linux-tests.patch"))
(patches (search-patches "util-linux-tests.patch"
"util-linux-CVE-2018-7738.patch"))
(modules '((guix build utils)))
(snippet
;; We take the 'logger' program from GNU Inetutils and 'kill'

56
gnu/packages/maths.scm
View File

@ -23,6 +23,7 @@
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Dave Love <me@fx@gnu.org>
;;; Copyright © 2018 Jan Nieuwenhuizen <janneke@gnu.org>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -1312,7 +1313,7 @@ can solve two kinds of problems:
(define-public octave
(package
(name "octave")
(version "4.2.1")
(version "4.2.2")
(source
(origin
(method url-fetch)
@ -1320,7 +1321,7 @@ can solve two kinds of problems:
version ".tar.lz"))
(sha256
(base32
"09zhhch79jw3ynw39vizx0i2cbd2bjz3sp38pjdzraqrbivpwp92"))))
"0pkkz1vazsh7ipffb09q0nc2jgx6q27pkkngygjij6jrpcly5zsp"))))
(build-system gnu-build-system)
(inputs
`(("lapack" ,lapack)
@ -3769,3 +3770,54 @@ specifications. Also, state spaces can be manipulated, visualised and
analysed.")
(home-page "http://mcrl2.org")
(license license:boost1.0)))
(define-public r-subplex
(package
(name "r-subplex")
(version "1.5-2")
(source
(origin
(method url-fetch)
(uri (cran-uri "subplex" version))
(sha256
(base32
"1v9xrnkapnq7v1jbhlg32ignklzf2vn8rqpayc8pzk8wvz53r33g"))))
(build-system r-build-system)
(native-inputs
`(("gfortran" ,gfortran)))
(home-page "https://cran.r-project.org/web/packages/subplex")
(synopsis "Unconstrained optimization using the subplex algorithm")
(description "This package implements the Subplex optimization algorithm.
It solves unconstrained optimization problems using a simplex method on
subspaces. The method is well suited for optimizing objective functions that
are noisy or are discontinuous at the solution.")
(license license:gpl3+)))
(define-public r-desolve
(package
(name "r-desolve")
(version "1.20")
(source
(origin
(method url-fetch)
(uri (cran-uri "deSolve" version))
(sha256
(base32
"18nx3maww979a8p8ly4hv63y65mnjx8vbj2fpipd6rhcbf1lbsan"))))
(properties `((upstream-name . "deSolve")))
(build-system r-build-system)
(native-inputs
`(("gfortran" ,gfortran)))
(home-page "https://desolve.r-forge.r-project.org/")
(synopsis "Solvers for initial value problems of differential equations")
(description "This package provides functions that solve initial
value problems of a system of first-order ordinary differential equations (ODE),
of partial differential equations (PDE), of differential algebraic equations
(DAE), and of delay differential equations. The functions provide an interface
to the FORTRAN functions lsoda, lsodar, lsode, lsodes of the ODEPACK collection,
to the FORTRAN functions dvode and daspk and a C-implementation of solvers of
the Runge-Kutta family with fixed or variable time steps. The package contains
routines designed for solving ODEs resulting from 1-D, 2-D and 3-D partial
differential equations (PDE) that have been converted to ODEs by numerical
differencing.")
(license license:gpl2+)))

12
gnu/packages/messaging.scm
View File

@ -875,10 +875,18 @@ instant messenger with audio and video chat capabilities.")
(("__DATE__") "\"\"")
(("__TIME__") "\"\"")
(("TIMESTAMP") "\"\""))
#t)))))
#t))
;; Ensure that icons are found at runtime.
(add-after 'install 'wrap-executable
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(wrap-program (string-append out "/bin/qtox")
`("QT_PLUGIN_PATH" prefix
,(list (string-append (assoc-ref inputs "qtsvg")
"/lib/qt5/plugins/"))))))))))
(inputs
`(("ffmpeg" ,ffmpeg)
("filteraudio", filteraudio)
("filteraudio" ,filteraudio)
("glib" ,glib)
("gtk+" ,gtk+-2)
("libsodium" ,libsodium)

21
gnu/packages/networking.scm
View File

@ -87,17 +87,22 @@
#:use-module (gnu packages xml)
#:use-module (ice-9 match))
;; The gnu.org home for this GNU project is a directory listing with 1.6.0 as
;; the latest version. The author's git repository, mentioned in the 1.6.0
;; README and otherwise legit-looking, contains a proper 1.7.0 release tarball
;; with many OUI updates. Use it, even though it's also several years old now.
(define-public macchanger
(package
(name "macchanger")
(version "1.6.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/"
name "/" name "-" version ".tar.gz"))
(sha256
(base32
"1xsiivjjyhqcs6dyjcshrnxlgypvyfzacjz7gcjgl88xiw9lylri"))))
(version "1.7.0")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/alobbs/macchanger/"
"releases/download/" version "/"
name "-" version ".tar.gz"))
(sha256
(base32 "1gs5m0jxyprdp00w2qkbnaqm3ilkjz0q1gqdg4nzdm8g4xy73qns"))))
(build-system gnu-build-system)
(home-page "https://www.gnu.org/software/macchanger/")
(synopsis "Viewing and manipulating MAC addresses of network interfaces")

191
gnu/packages/patches/shadow-CVE-2018-7169.patch Normal file
View File

@ -0,0 +1,191 @@
Fix CVE-2018-7169:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
Patch copied from upstream source repository:
https://github.com/shadow-maint/shadow/commit/fb28c99b8a66ff2605c5cb96abc0a4d975f92de0
From fb28c99b8a66ff2605c5cb96abc0a4d975f92de0 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de>
Date: Thu, 15 Feb 2018 23:49:40 +1100
Subject: [PATCH] newgidmap: enforce setgroups=deny if self-mapping a group
This is necessary to match the kernel-side policy of "self-mapping in a
user namespace is fine, but you cannot drop groups" -- a policy that was
created in order to stop user namespaces from allowing trivial privilege
escalation by dropping supplementary groups that were "blacklisted" from
certain paths.
This is the simplest fix for the underlying issue, and effectively makes
it so that unless a user has a valid mapping set in /etc/subgid (which
only administrators can modify) -- and they are currently trying to use
that mapping -- then /proc/$pid/setgroups will be set to deny. This
workaround is only partial, because ideally it should be possible to set
an "allow_setgroups" or "deny_setgroups" flag in /etc/subgid to allow
administrators to further restrict newgidmap(1).
We also don't write anything in the "allow" case because "allow" is the
default, and users may have already written "deny" even if they
technically are allowed to use setgroups. And we don't write anything if
the setgroups policy is already "deny".
Ref: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
Fixes: CVE-2018-7169
Reported-by: Craig Furman <craig.furman89@gmail.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
---
src/newgidmap.c | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 80 insertions(+), 9 deletions(-)
diff --git a/src/newgidmap.c b/src/newgidmap.c
index b1e33513..59a2e75c 100644
--- a/src/newgidmap.c
+++ b/src/newgidmap.c
@@ -46,32 +46,37 @@
*/
const char *Prog;
-static bool verify_range(struct passwd *pw, struct map_range *range)
+
+static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
{
/* An empty range is invalid */
if (range->count == 0)
return false;
- /* Test /etc/subgid */
- if (have_sub_gids(pw->pw_name, range->lower, range->count))
+ /* Test /etc/subgid. If the mapping is valid then we allow setgroups. */
+ if (have_sub_gids(pw->pw_name, range->lower, range->count)) {
+ *allow_setgroups = true;
return true;
+ }
- /* Allow a process to map its own gid */
- if ((range->count == 1) && (pw->pw_gid == range->lower))
+ /* Allow a process to map its own gid. */
+ if ((range->count == 1) && (pw->pw_gid == range->lower)) {
+ /* noop -- if setgroups is enabled already we won't disable it. */
return true;
+ }
return false;
}
static void verify_ranges(struct passwd *pw, int ranges,
- struct map_range *mappings)
+ struct map_range *mappings, bool *allow_setgroups)
{
struct map_range *mapping;
int idx;
mapping = mappings;
for (idx = 0; idx < ranges; idx++, mapping++) {
- if (!verify_range(pw, mapping)) {
+ if (!verify_range(pw, mapping, allow_setgroups)) {
fprintf(stderr, _( "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"),
Prog,
mapping->upper,
@@ -89,6 +94,70 @@ static void usage(void)
exit(EXIT_FAILURE);
}
+void write_setgroups(int proc_dir_fd, bool allow_setgroups)
+{
+ int setgroups_fd;
+ char *policy, policy_buffer[4096];
+
+ /*
+ * Default is "deny", and any "allow" will out-rank a "deny". We don't
+ * forcefully write an "allow" here because the process we are writing
+ * mappings for may have already set themselves to "deny" (and "allow"
+ * is the default anyway). So allow_setgroups == true is a noop.
+ */
+ policy = "deny\n";
+ if (allow_setgroups)
+ return;
+
+ setgroups_fd = openat(proc_dir_fd, "setgroups", O_RDWR|O_CLOEXEC);
+ if (setgroups_fd < 0) {
+ /*
+ * If it's an ENOENT then we are on too old a kernel for the setgroups
+ * code to exist. Emit a warning and bail on this.
+ */
+ if (ENOENT == errno) {
+ fprintf(stderr, _("%s: kernel doesn't support setgroups restrictions\n"), Prog);
+ goto out;
+ }
+ fprintf(stderr, _("%s: couldn't open process setgroups: %s\n"),
+ Prog,
+ strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+ /*
+ * Check whether the policy is already what we want. /proc/self/setgroups
+ * is write-once, so attempting to write after it's already written to will
+ * fail.
+ */
+ if (read(setgroups_fd, policy_buffer, sizeof(policy_buffer)) < 0) {
+ fprintf(stderr, _("%s: failed to read setgroups: %s\n"),
+ Prog,
+ strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+ if (!strncmp(policy_buffer, policy, strlen(policy)))
+ goto out;
+
+ /* Write the policy. */
+ if (lseek(setgroups_fd, 0, SEEK_SET) < 0) {
+ fprintf(stderr, _("%s: failed to seek setgroups: %s\n"),
+ Prog,
+ strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+ if (dprintf(setgroups_fd, "%s", policy) < 0) {
+ fprintf(stderr, _("%s: failed to setgroups %s policy: %s\n"),
+ Prog,
+ policy,
+ strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+
+out:
+ close(setgroups_fd);
+}
+
/*
* newgidmap - Set the gid_map for the specified process
*/
@@ -103,6 +172,7 @@ int main(int argc, char **argv)
struct stat st;
struct passwd *pw;
int written;
+ bool allow_setgroups = false;
Prog = Basename (argv[0]);
@@ -145,7 +215,7 @@ int main(int argc, char **argv)
(unsigned long) getuid ()));
return EXIT_FAILURE;
}
-
+
/* Get the effective uid and effective gid of the target process */
if (fstat(proc_dir_fd, &st) < 0) {
fprintf(stderr, _("%s: Could not stat directory for target %u\n"),
@@ -177,8 +247,9 @@ int main(int argc, char **argv)
if (!mappings)
usage();
- verify_ranges(pw, ranges, mappings);
+ verify_ranges(pw, ranges, mappings, &allow_setgroups);
+ write_setgroups(proc_dir_fd, allow_setgroups);
write_mapping(proc_dir_fd, ranges, mappings, "gid_map");
sub_gid_close();
--
2.16.2

49
gnu/packages/patches/util-linux-CVE-2018-7738.patch Normal file
View File

@ -0,0 +1,49 @@
Fix CVE-2018-7738:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738
Patch copied from upstream source repository:
https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55
From 75f03badd7ed9f1dd951863d75e756883d3acc55 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Thu, 16 Nov 2017 16:27:32 +0100
Subject: [PATCH] bash-completion: (umount) use findmnt, escape a space in
paths
# mount /dev/sdc1 /mnt/test/foo\ bar
# umount <tab>
has to return "/mnt/test/foo\ bar".
Changes:
* don't use mount | awk output, we have findmnt
* force compgen use \n as entries separator
Addresses: https://github.com/karelzak/util-linux/issues/539
Signed-off-by: Karel Zak <kzak@redhat.com>
---
bash-completion/umount | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/bash-completion/umount b/bash-completion/umount
index d76cb9fff..98c90d61a 100644
--- a/bash-completion/umount
+++ b/bash-completion/umount
@@ -40,9 +40,10 @@ _umount_module()
return 0
;;
esac
- local DEVS_MPOINTS
- DEVS_MPOINTS="$(mount | awk '{print $1, $3}')"
- COMPREPLY=( $(compgen -W "$DEVS_MPOINTS" -- $cur) )
- return 0
+
+ local oldifs=$IFS
+ IFS=$'\n'
+ COMPREPLY=( $( compgen -W '$(findmnt -lno TARGET | sed "s/\([[:blank:]]\)/\\\\\1/g")' -- "$cur" ) )
+ IFS=$oldifs
}
complete -F _umount_module umount

4
gnu/packages/python-web.scm
View File

@ -1693,14 +1693,14 @@ provide an easy-to-use Python interface for building OAuth1 and OAuth2 clients."
(define-public python-betamax
(package
(name "python-betamax")
(version "0.8.0")
(version "0.8.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "betamax" version))
(sha256
(base32
"18f8v5gng3j773jlbbzx4rg1i4y2zw3m2l1zpmbvp8bh5a2q1i42"))))
"1hki1c2vs7adq7zr56wi6i5bhrkia4s2ywpv2c98ibnczz709w2v"))))
(build-system python-build-system)
(arguments
'(;; Many tests fail because they require networking.

1
gnu/packages/python.scm
View File

@ -3873,6 +3873,7 @@ Python's distutils.")
(uri (git-reference
(url "https://github.com/dieterv/elib.intl.git")
(commit "d09997cfef")))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0y7vzff9xgbnaay7m0va1arl6g68ncwrvbgwl7jqlclsahzzb09d"))))

4
gnu/packages/samba.scm
View File

@ -50,14 +50,14 @@
(define-public cifs-utils
(package
(name "cifs-utils")
(version "6.7")
(version "6.8")
(source
(origin
(method url-fetch)
(uri (string-append "https://download.samba.org/pub/linux-cifs/"
name "/" name "-" version ".tar.bz2"))
(sha256 (base32
"1ayghnkryy1n1zm5dyvyyr7n3807nsm6glfcbbki5c2a8w91dwmj"))))
"0ygz3pagjpaj5ky11hzh4byyymb7fpmqiqkprn11zwj31h2zdlg7"))))
(build-system gnu-build-system)
(native-inputs
`(("autoconf" ,autoconf)

78
gnu/packages/serialization.scm
View File

@ -9,6 +9,7 @@
;;; Copyright © 2017 Frederick M. Muriithi <fredmanglis@gmail.com>
;;; Copyright © 2017 ng0 <ng0@infotropique.org>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2018 Joshua Sierles, Nextjournal <joshua@nextjournal.com>
;;;
;;; This file is part of GNU Guix.
;;;
@ -32,17 +33,21 @@
#:use-module (guix utils)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (guix build-system r)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages cran)
#:use-module (gnu packages databases)
#:use-module (gnu packages documentation)
#:use-module (gnu packages lua)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages perl)
#:use-module (guix build-system python))
#:use-module (gnu packages statistics))
(define-public cereal
(package
@ -411,3 +416,74 @@ JSON's ability, but serializes to a binary format which is smaller and faster
to generate and parse. The two primary functions are @code{cbor.loads} and
@code{cbor.dumps}.")
(license license:asl2.0)))
(define-public flatbuffers
(package
(name "flatbuffers")
(version "1.8.0")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/google/flatbuffers/archive/v"
version ".tar.gz"))
(sha256
(base32
"0blc978wc5h91662vai24xj92c3bx56y6hzid90qva7il302jl64"))))
(build-system cmake-build-system)
(arguments
'(#:configure-flags
(list (string-append "-DCMAKE_INSTALL_LIBDIR="
(assoc-ref %outputs "out") "/lib")
"-DCMAKE_BUILD_TYPE=Release")))
(home-page "https://google.github.io/flatbuffers/")
(synopsis "Memory-efficient serialization library")
(description "FlatBuffers is a cross platform serialization library for C++,
C#, C, Go, Java, JavaScript, PHP, and Python. It was originally created for
game development and other performance-critical applications.")
(license license:asl2.0)))
(define-public r-feather
(package
(name "r-feather")
(version "0.3.1")
(source
(origin
(method url-fetch)
(uri (cran-uri "feather" version))
(sha256
(base32
"1q6dbkfnkpnabq8lb6bm9ma44cfcghx2lm23pyk3vg7943wrn1pi"))))
(build-system r-build-system)
(propagated-inputs
`(("r-hms" ,r-hms)
("r-rcpp" ,r-rcpp)
("r-tibble" ,r-tibble)))
(home-page "https://github.com/wesm/feather")
(synopsis "R Bindings to the Feather API")
(description "Read and write feather files, a lightweight binary columnar
daa store designed for maximum speed.")
(license license:asl2.0)))
(define-public python-feather-format
(package
(name "python-feather-format")
(version "0.4.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "feather-format" version))
(sha256
(base32
"1adivm5w5ji4qv7hq7942vqlk8l2wgw87bdlsia771z14z3zp857"))))
(build-system python-build-system)
(propagated-inputs
`(("python-pandas" ,python-pandas)
("python-pyarrow" ,python-pyarrow)))
(home-page "https://github.com/wesm/feather")
(synopsis "Python wrapper to the Feather file format")
(description "This package provides a Python wrapper library to the
Apache Arrow-based Feather binary columnar serialization data frame format.")
(license license:asl2.0)))
(define-public python2-feather-format
(package-with-python2 python-feather-format))

4
gnu/packages/suckless.scm
View File

@ -138,14 +138,14 @@ optimising the environment for the application in use and the task performed.")
(define-public dmenu
(package
(name "dmenu")
(version "4.7")
(version "4.8")
(source (origin
(method url-fetch)
(uri (string-append "https://dl.suckless.org/tools/dmenu-"
version ".tar.gz"))
(sha256
(base32
"1fgph549i0yw62x02jhfc8qmqk2rnzcnm46bxq6jig1cvkw3amm7"))))
"0qfvfrj10xlwd9hkvb57wshryan65bl6423h0qhiw1h76rf5lqgy"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no tests

82
gnu/packages/tex.scm
View File

@ -1037,6 +1037,7 @@ contain.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "filecontents"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0swkbxv8vg0yizadfnvrwjb4cj0pn34v9wm6v7wqq903fdav7k7q"))))
@ -1061,6 +1062,7 @@ overwrite existing files and letting you use @code{filecontents} /
(source (origin
(method svn-fetch)
(uri (texlive-ref "generic" "ifxetex"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0w2xj7n0szavj329kds09q626szkc378p3w0sk022q0ln4ksz86d"))))
@ -1089,6 +1091,7 @@ requires the e-TeX extensions to the TeX primitive set.")
%texlive-tag "/Master/texmf-dist/"
"/tex/generic/epsf"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"14w3j81ympyvg8hkk9i1xgr8a0gfnfsb2ki8qqsk5pa051za1xcy"))))
@ -1121,6 +1124,7 @@ users, via its Plain TeX version.)")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "fancyvrb"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"03l7140y031rr14h02i4z9zqsfvrbn7wzwxbjsrjcgrk6sdr71wv"))))
@ -1148,6 +1152,7 @@ verbatim source).")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "graphics"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"07azyn0b1s49vbdlr6dmygrminxp72ndl24j1091hiiccvrjq3xc"))))
@ -1180,6 +1185,9 @@ verbatim source).")
(uri (git-reference
(url "https://github.com/latex3/graphics-cfg.git")
(commit "19d1238af17df376cd46333b229579b0f7f3a41f")))
(file-name (string-append "graphics-cfg-"
(number->string %texlive-revision)
"-checkout"))
(sha256
(base32
"12kbgbm52gmmgn8zajb74s8n5rvnxcfdvs3iyj8vcw5vrsw5i6mh"))))
@ -1191,6 +1199,9 @@ verbatim source).")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/graphics-def"))
(revision %texlive-revision)))
(file-name (string-append "graphics-def-"
(number->string %texlive-revision)
"-checkout"))
(sha256
(base32
"0gi4qv6378nl84s8n1yx3hjqvv7r4lza7hpbymbl5rzwgw8qrnyb"))))))
@ -1212,6 +1223,7 @@ keyval, and lscape.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "xcolor"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"01n613s7bcrd2n4jfawm0k4nn2ny3aaifp2jjfif3lz4sbv31494"))))
@ -1265,6 +1277,7 @@ pdf and HTML backends. The package is distributed with the @code{backref} and
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "oberdiek"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0aswvsxgsn709xmvpcg50d2xl7vcy1ckdxb9c1cligqqfjjvviqf"))))
@ -1295,6 +1308,7 @@ arrows; record information about document class(es) used; and many more.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "tools"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"052a0pch2k5zls5jlay9xxcf93rw3i60a2x28y3ip3rhbsv3xgiz"))))
@ -1324,6 +1338,7 @@ xr, and xspace.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/url"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"184s2543cwia5l7iibhlkl1ffbncfhjpv5p56zq0c15by5sghlac"))))
@ -1359,6 +1374,7 @@ of file names.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "l3kernel"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0r0wfk594j8wkdqhh21haimwsfq8x5jch4ldm21hkzk5dnmvpbg6"))))
@ -1382,6 +1398,7 @@ that the LaTeX3 conventions can be used with regular LaTeX 2e packages.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "l3packages"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"16jplkvzdysfssijq9l051nsks65c2nrarsl17k8gjhc28yznj8y"))))
@ -1429,6 +1446,7 @@ programming tools and kernel sup­port. Packages provided in this release are:
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "fontspec"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1rx43y5xmjqvc27pjdnmqwp4pcw3czcfd6nfpmzc1gnqfl1hlc0q"))))
@ -1459,6 +1477,7 @@ the l3kernel and xparse bundles from the LaTeX 3 development team.")
(uri (string-append "https://github.com/lualatex/lualibs/"
"releases/download/v"
version "/lualibs.zip"))
(file-name (string-append name "-" version ".zip"))
(sha256
(base32
"1xx9blvrmx9hyhrl345lpai9m6xxnw997261a1ahn1bm5r2j5fqy"))))
@ -1491,6 +1510,7 @@ this bundle for use independent of ConTeXt.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "amsmath"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"178ywjpdlv78qmfzqdyn6gy14620zjsn2q9wap76fbr9s4hw6dba"))))
@ -1519,6 +1539,7 @@ definitions.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "amscls"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0jmcr37mcdi7drczppvr6lmz5d5yd9m67ii79gp2nglg1xpw934j"))))
@ -1542,6 +1563,7 @@ distribution.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "babel"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1n3i5adsyy7jw0imnzrm2i8wkf73i3mjk9h3ic8cb9cd19i4r9r3"))))
@ -1598,6 +1620,7 @@ for Canadian and USA text.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "cyrillic"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1mdhl35hwas68ki56qqngzar37dwv4mm64l2canihr255bz34lbv"))))
@ -1620,6 +1643,7 @@ language that is written in a Cyrillic alphabet.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "psnfss"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1920dcq8613yzprasbg80fh4fcjcidvvl54wkx438nimyxcri7qz"))))
@ -1963,6 +1987,7 @@ without affecting the structure of the list (this works for @code{itemize} and
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/filemod"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0vpxilfw69xv78f03g0j0zw0bw4qcn36whqp8phcq48qk1ax2kr2"))))
@ -2022,6 +2047,7 @@ classes of systems.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "natbib"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0aqliq0nwblxyrzhwhv77pnmk7qh2y3prgq7z7qhwcbgz5kisld7"))))
@ -2109,6 +2135,7 @@ re-processing.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/seminar"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0y4i651b75y6006n03x8n86bsqvjsailvvz9bhzy51dzsznqidq0"))))
@ -2132,6 +2159,7 @@ recent classes such as powerdot or beamer, both of which are tuned to
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "trimspaces"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0da00lb32am4g63mn96625wg48p3pj3spx79lajrk17d549apwqa"))))
@ -2479,6 +2507,7 @@ situations where longtable has problems.")
%texlive-tag "/Master/texmf-dist/"
"/tex/texinfo"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"09zj2w3lx0y6i2syfjjgizahf86z301dw8p37ln6syfhqhzqdz46"))))
@ -2542,6 +2571,7 @@ does not affect @code{\\tt}, @code{\\texttt}, etc.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/anysize"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"19khwqjlvznc955sijhww3c4zbb0053rvzwv9nz738qknq7y18vb"))))
@ -2571,6 +2601,7 @@ considered obsolete; alternatives are the @code{typearea} package from the
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "appendix"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0rxfpr8vq3brwx5rc7qn91ixlp9zva4zrms8a579fqa1g5yva7vg"))))
@ -2593,6 +2624,7 @@ command.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "changebar"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1ik4m8pzfsn1grlda6fniqqfwmgj7rfxwg63jdw0p0qv002vc7ik"))))
@ -2649,6 +2681,7 @@ copy-and-paste functions work properly.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "colortbl"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"190pmq8la2rq07xry8bn8z8yywzxv6fqyqaj7yjfj5rgw6x0mas8"))))
@ -2672,6 +2705,7 @@ tables to be coloured.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/fancybox"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0smmnaad2q8qwicay1frri990lv65l0k8cwzsvdsyp3jk8kp042w"))))
@ -2706,6 +2740,7 @@ floats, center, flushleft, and flushright, lists, and pages.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/fancyhdr"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"04h430agf8aj7ziwyb46xpk95c605rjk1wzhr63m6ylipihidlgw"))))
@ -2735,6 +2770,7 @@ would automatically change the heading style in use).")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "float"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0nbl7wylkv22fcdv4p8byhhj575fli6jnqjpkhrkbv8dzwah84nq"))))
@ -2758,6 +2794,7 @@ with @code{\\floatplacement{figure}{H}}.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "footmisc"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"03x61wwql8nh6zrqiiiq3rb0x7m3pn48c606zapy19y21fybwdxs"))))
@ -2781,6 +2818,7 @@ footnotes with symbols rather than numbers.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "listings"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1nsn9wp3wl12b36c0sqrim33lf33cr5wky0h4ncnw8lvqgm7h8wf"))))
@ -2808,6 +2846,7 @@ styles. Support for @code{hyperref} is provided.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/jknapltx"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0m034x72f2g07icr50gacyxfb9g1lz2rmqh4kqr1qjb421x2kds9"))))
@ -2846,6 +2885,7 @@ in SGML; use maths minus in text as appropriate; simple Young tableaux.")
%texlive-tag "/Master/texmf-dist/"
"/fonts/source/jknappen/ec/"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"12av65fbz9xiashm09c9m1fj1mijxls5xspd7652ry1n5s0nixy4"))))
@ -2873,13 +2913,13 @@ in SGML; use maths minus in text as appropriate; simple Young tableaux.")
(mkdir "build")
(every (lambda (font)
(format #t "building font ~a\n" font)
(zero? (system* "mf" "-progname=mf"
"-output-directory=build"
(string-append "\\"
"mode:=ljfour; "
"mag:=1; "
"batchmode; "
"input " (basename font ".mf")))))
(invoke "mf" "-progname=mf"
"-output-directory=build"
(string-append "\\"
"mode:=ljfour; "
"mag:=1; "
"batchmode; "
"input " (basename font ".mf"))))
(find-files "." "[0-9]+\\.mf$"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
@ -2927,6 +2967,7 @@ texlive-2017.1/Master/texmf-dist/doc/fonts/ec/copyrite.txt"))))
%texlive-tag "/Master/texmf-dist/"
"/fonts/source/public/rsfs/"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0r12pn02r4a955prcvq0048nifh86ihlcgvw3pppqqvfngv34l5h"))))
@ -2954,13 +2995,13 @@ texlive-2017.1/Master/texmf-dist/doc/fonts/ec/copyrite.txt"))))
(mkdir "build")
(every (lambda (font)
(format #t "building font ~a\n" font)
(zero? (system* "mf" "-progname=mf"
"-output-directory=build"
(string-append "\\"
"mode:=ljfour; "
"mag:=1; "
"batchmode; "
"input " (basename font ".mf")))))
(invoke "mf" "-progname=mf"
"-output-directory=build"
(string-append "\\"
"mode:=ljfour; "
"mag:=1; "
"batchmode; "
"input " (basename font ".mf"))))
(find-files "." "[0-9]+\\.mf$"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
@ -2996,6 +3037,7 @@ one of the packages @code{calrsfs} and @code{mathrsfs}.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "eso-pic"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1xvmms28mvvfpks9x7lfya2xhh5k8jy3qnlih1mzcnf156xnb89z"))))
@ -3020,6 +3062,7 @@ routine, which may be used to place the output at fixed positions. The
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/eepic"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1c68gvh021pvybg07apsd2xhq2ljbg80kq94wh71drdga3c2zqjw"))))
@ -3088,6 +3131,7 @@ in the form @code{key=value} are available, for example:
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "multirow"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0qlxy47f1f8plgch3jqfsnrdgpyz20sz46yp33i2jwvf9hvfczf0"))))
@ -3112,6 +3156,7 @@ entry at the \"natural\" width of its text.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/overpic"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0m29q9qdb00558b7g2i7iw6w62n5s46yx81j8m99qkv77magk4fm"))))
@ -3177,6 +3222,7 @@ designed class) helps alleviate this untidiness.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "pdfpages"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"06p5smfq66559ppdnmkl3hp8534x84ywbscimsiir4gllpya3i9h"))))
@ -3200,6 +3246,7 @@ use this package to insert PostScript files, in addition to PDF files.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "fonts" "stmaryrd"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"08pn4ca3vl6qm9l3wm5h5iyjsrg411kkm1yana329xwg2j14s9n6"))))
@ -3232,6 +3279,7 @@ the whole font.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "subfigure"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"15spcl5wb7w269qd6y596vp4yi8sa5ppcx8w4z2i9kyp02r3a0yb"))))
@ -3287,6 +3335,7 @@ according to the natural width of the widest cell in the column.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/threeparttable"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"10vy9k150w2lviw8h22s2mcykff38xci653m5823s2vv44pwbmzq"))))
@ -3494,6 +3543,7 @@ of ink traps which typify the Kurier font.")
%texlive-tag "/Master/texmf-dist/"
"/tex/latex/titlesec"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"04nmkhqx6jxcxx9a30zbcd5smxi5fd0cbp132bki7fnvhspnhg21"))))
@ -3554,6 +3604,7 @@ now contains a package @code{fix-cm},f which performs the task of
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "lh"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"00gdiwh3sfhh1iimjhpja7lm7k4vzqzql2irgwnpz94qvh25zwi5"))))
@ -3584,6 +3635,7 @@ OT2 encoded fonts, CM bright shaped fonts and Concrete shaped fonts.")
%texlive-tag "/Master/texmf-dist/"
"/metapost"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"03nvjddffiz796wll6axzmgfvynyciy2mqamv20qx252w71vwkwd"))))
@ -3667,6 +3719,7 @@ get a narrower “natural” width.")
(source (origin
(method svn-fetch)
(uri (texlive-ref "latex" "wasysym"))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"1sgwbfwjjf70g54hh93gsd9jp9nm67w6n74x9d72a56n07jbk5hv"))))
@ -3821,6 +3874,7 @@ e-TeX.")
%texlive-tag "/Master/texmf-dist/"
"/tex/generic/pdftex"))
(revision %texlive-revision)))
(file-name (string-append name "-" version "-checkout"))
(sha256
(base32
"0k68zmqzs4qvrqxdwsrawbjb14hxqjfamq649azvai0jjxdpkljd"))))

6
gnu/packages/tls.scm
View File

@ -500,13 +500,13 @@ netcat implementation that supports TLS.")
(package
(name "python-acme")
;; Remember to update the hash of certbot when updating python-acme.
(version "0.21.1")
(version "0.22.0")
(source (origin
(method url-fetch)
(uri (pypi-uri "acme" version))
(sha256
(base32
"02x6f37ddldaxrxzh2wjw8wmzqchxb7gl5i4i4daysas9yzqlvi9"))))
"1s2zamyb99zdyga3c75xxgnj0z2hixw8wv24v1l4p49fncnxab2a"))))
(build-system python-build-system)
(arguments
`(#:phases
@ -555,7 +555,7 @@ netcat implementation that supports TLS.")
(uri (pypi-uri name version))
(sha256
(base32
"1sn4wqkp6kjj9p8maf4jnjwwvb083hgakm9i10rk9273nnqfkj76"))))
"1cyb3lhxrw7ghyhrl2wc95vqhdaxz6n4pai66c573gcly7c7sc7f"))))
(build-system python-build-system)
(arguments
`(,@(substitute-keyword-arguments (package-arguments python-acme)

4
gnu/packages/video.scm
View File

@ -1276,7 +1276,7 @@ other site that youtube-dl supports.")
(define-public you-get
(package
(name "you-get")
(version "0.4.1025")
(version "0.4.1040")
(source (origin
(method url-fetch)
(uri (string-append
@ -1285,7 +1285,7 @@ other site that youtube-dl supports.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"10103jw1gzar85jlajzl9wslk08vw21n26hkhfcz5bvkm9lxxs2c"))))
"0257p9bn426rv0cjk2j5hsx6cg7dz5gpjwlqq0sy1axa47phis46"))))
(build-system python-build-system)
(inputs
`(("ffmpeg" ,ffmpeg))) ; for multi-part and >=1080p videos

14
gnu/packages/webkit.scm
View File

@ -3,6 +3,7 @@
;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
@ -54,14 +55,14 @@
(define-public webkitgtk
(package
(name "webkitgtk")
(version "2.18.6")
(version "2.20.0")
(source (origin
(method url-fetch)
(uri (string-append "https://www.webkitgtk.org/releases/"
name "-" version ".tar.xz"))
(sha256
(base32
"0g5cpdijjv5hlrbi4i4dh97yrh5apnyvm90wpr9f84hgyk12r4ck"))))
"0g0an3pc2yz13gzpaysfgch2yp510gw1qcpk0xr8m6mx43vl1xjp"))))
(build-system cmake-build-system)
(arguments
'(#:tests? #f ; no tests
@ -79,7 +80,12 @@
;; included. More investigation is needed. For
;; now, we explicitly disable it to prevent an error
;; at configuration time.
"-DUSE_GSTREAMER_GL=OFF")
"-DUSE_GSTREAMER_GL=OFF"
;; XXX Disable WOFF2 web fonts. These were never
;; supported in our previous builds. Enabling them
;; requires building libwoff2 and possibly woff2dec.
"-DUSE_WOFF2=OFF")
#:phases
(modify-phases %standard-phases
(add-after
@ -130,7 +136,7 @@
("libxt" ,libxt)
("mesa" ,mesa)
("sqlite" ,sqlite)))
(home-page "http://www.webkitgtk.org/")
(home-page "https://www.webkitgtk.org/")
(synopsis "Web content engine for GTK+")
(description
"WebKitGTK+ is a full-featured port of the WebKit rendering engine,

15
gnu/packages/xiph.scm
View File

@ -6,7 +6,7 @@
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017, 2018 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
@ -81,6 +81,7 @@ periodic timestamps for seeking.")
(package
(name "libvorbis")
(version "1.3.5")
(replacement libvorbis-1.3.6)
(source (origin
(method url-fetch)
(uri (string-append "http://downloads.xiph.org/releases/vorbis/"
@ -105,6 +106,18 @@ polyphonic) audio and music at fixed and variable bitrates from 16 to
"See COPYING in the distribution."))
(home-page "https://xiph.org/vorbis/")))
;; For CVE-2018-5146.
(define-public libvorbis-1.3.6
(package/inherit libvorbis
(version "1.3.6")
(source (origin
(method url-fetch)
(uri (string-append "http://downloads.xiph.org/releases/vorbis/"
"libvorbis-" version ".tar.xz"))
(sha256
(base32
"05dlzjkdpv46zb837wysxqyn8l636x3dw8v8ymlrwz2fg1dbn05g"))))))
(define libtheora
(package
(name "libtheora")

67
gnu/services/base.scm
View File

@ -62,6 +62,7 @@
%default-console-font
console-font-service-type
console-font-service
virtual-terminal-service-type
udev-configuration
udev-configuration?
@ -665,22 +666,27 @@ to add @var{device} to the kernel's entropy pool. The service will fail if
"Return a service that sets the host name to @var{name}."
(service host-name-service-type name))
(define (unicode-start tty)
"Return a gexp to start Unicode support on @var{tty}."
(with-imported-modules '((guix build syscalls))
#~(let* ((fd (open-fdes #$tty O_RDWR))
(termios (tcgetattr fd)))
(define (set-utf8-input termios)
(set-field termios (termios-input-flags)
(logior (input-flags IUTF8)
(termios-input-flags termios))))
(tcsetattr fd (tcsetattr-action TCSAFLUSH)
(set-utf8-input termios))
;; TODO: ioctl(fd, KDSKBMODE, K_UNICODE);
(close-fdes fd)
#t)))
(define virtual-terminal-service-type
;; Ensure that virtual terminals run in UTF-8 mode. This is the case by
;; default with recent Linux kernels, but this service allows us to ensure
;; this. This service must start before any 'term-' service so that newly
;; created terminals inherit this property. See
;; <https://bugs.gnu.org/30505> for a discussion.
(shepherd-service-type
'virtual-terminal
(lambda (utf8?)
(shepherd-service
(documentation "Set virtual terminals in UTF-8 module.")
(provision '(virtual-terminal))
(requirement '(root-file-system))
(start #~(lambda _
(call-with-output-file
"/sys/module/vt/parameters/default_utf8"
(lambda (port)
(display 1 port)))
#t))
(stop #~(const #f))))
#t)) ;default to UTF-8
(define console-keymap-service-type
(shepherd-service-type
@ -719,8 +725,6 @@ to add @var{device} to the kernel's entropy pool. The service will fail if
(requirement (list (symbol-append 'term-
(string->symbol tty))))
(modules '((guix build syscalls) ;for 'tcsetattr'
(srfi srfi-9 gnu))) ;for 'set-field'
(start #~(lambda _
;; It could be that mingetty is not fully ready yet,
;; which we check by calling 'ttyname'.
@ -732,16 +736,18 @@ to add @var{device} to the kernel's entropy pool. The service will fail if
(usleep 500)
(loop (- i 1))))
(and #$(unicode-start device)
;; 'setfont' returns EX_OSERR (71) when an
;; KDFONTOP ioctl fails, for example. Like
;; systemd's vconsole support, let's not treat
;; this as an error.
(case (status:exit-val
(system* #$(file-append kbd "/bin/setfont")
"-C" #$device #$font))
((0 71) #t)
(else #f)))))
;; Assume the VT is already in UTF-8 mode, thanks to
;; the 'virtual-terminal' service.
;;
;; 'setfont' returns EX_OSERR (71) when an
;; KDFONTOP ioctl fails, for example. Like
;; systemd's vconsole support, let's not treat
;; this as an error.
(case (status:exit-val
(system* #$(file-append kbd "/bin/setfont")
"-C" #$device #$font))
((0 71) #t)
(else #f))))
(stop #~(const #t))
(respawn? #f)))))
tty+font))
@ -1093,7 +1099,7 @@ the tty to run, among other things."
;; Since the login prompt shows the host name, wait for the 'host-name'
;; service to be done. Also wait for udev essentially so that the tty
;; text is not lost in the middle of kernel messages (XXX).
(requirement '(user-processes host-name udev))
(requirement '(user-processes host-name udev virtual-terminal))
(start #~(make-forkexec-constructor
(list #$(file-append mingetty "/sbin/mingetty")
@ -2034,7 +2040,7 @@ This service is not part of @var{%base-services}."
(shepherd-service
(documentation "kmscon virtual terminal")
(requirement '(user-processes udev dbus-system))
(requirement '(user-processes udev dbus-system virtual-terminal))
(provision (list (symbol-append 'term- (string->symbol virtual-terminal))))
(start #~(make-forkexec-constructor #$kmscon-command))
(stop #~(make-kill-destructor)))))))
@ -2044,6 +2050,7 @@ This service is not part of @var{%base-services}."
;; Convenience variable holding the basic services.
(list (login-service)
(service virtual-terminal-service-type)
(service console-font-service-type
(map (lambda (tty)
(cons tty %default-console-font))

26
gnu/services/shepherd.scm
View File

@ -104,14 +104,24 @@
;; <shepherd-service> objects.
(service shepherd-root-service-type '()))
(define-syntax-rule (shepherd-service-type service-name proc)
"Return a <service-type> denoting a simple shepherd service--i.e., the type
for a service that extends SHEPHERD-ROOT-SERVICE-TYPE and nothing else."
(service-type
(name service-name)
(extensions
(list (service-extension shepherd-root-service-type
(compose list proc))))))
(define-syntax shepherd-service-type
(syntax-rules ()
"Return a <service-type> denoting a simple shepherd service--i.e., the type
for a service that extends SHEPHERD-ROOT-SERVICE-TYPE and nothing else. When
DEFAULT is given, use it as the service's default value."
((_ service-name proc default)
(service-type
(name service-name)
(extensions
(list (service-extension shepherd-root-service-type
(compose list proc))))
(default-value default)))
((_ service-name proc)
(service-type
(name service-name)
(extensions
(list (service-extension shepherd-root-service-type
(compose list proc))))))))
(define %default-imported-modules
;; Default set of modules imported for a service's consumption.

4
gnu/system/install.scm
View File

@ -214,7 +214,9 @@ You have been warned. Thanks for being so brave.\x1b[0m
(define bare-bones-os
(load "examples/bare-bones.tmpl"))
(list (mingetty-service (mingetty-configuration
(list (service virtual-terminal-service-type)
(mingetty-service (mingetty-configuration
(tty "tty1")
(auto-login "root")))

46
gnu/system/linux-initrd.scm
View File

@ -24,7 +24,6 @@
#:use-module (guix store)
#:use-module (guix gexp)
#:use-module (guix utils)
#:use-module (guix i18n)
#:use-module ((guix store)
#:select (%store-prefix))
#:use-module ((guix derivations)
@ -38,22 +37,16 @@
#:select (%guile-static-stripped))
#:use-module (gnu system file-systems)
#:use-module (gnu system mapped-devices)
#:autoload (gnu build linux-modules)
(device-module-aliases matching-modules known-module-aliases)
#:use-module (ice-9 match)
#:use-module (ice-9 regex)
#:use-module (ice-9 vlist)
#:use-module (ice-9 format)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-34)
#:use-module (srfi srfi-35)
#:export (expression->initrd
%base-initrd-modules
raw-initrd
file-system-packages
base-initrd
check-device-initrd-modules))
base-initrd))
;;; Commentary:
@ -350,41 +343,4 @@ loaded at boot time in the order in which they appear."
#:volatile-root? volatile-root?
#:on-error on-error))
(define (check-device-initrd-modules device linux-modules location)
"Raise an error if DEVICE needs modules beyond LINUX-MODULES to operate.
DEVICE must be a \"/dev\" file name."
(define aliases
;; Attempt to load 'modules.alias' from the current kernel, assuming we're
;; on GuixSD, and assuming that corresponds to the kernel we'll be
;; installing. Skip the whole thing if that file cannot be read.
(catch 'system-error
(lambda ()
(known-module-aliases))
(const #f)))
(when aliases
(let ((modules (delete-duplicates
(append-map (cut matching-modules <> aliases)
(device-module-aliases device)))))
(unless (every (cute member <> linux-modules) modules)
(raise (condition
(&message
(message (format #f (G_ "you may need these modules \
in the initrd for ~a:~{ ~a~}")
device modules)))
(&fix-hint
(hint (format #f (G_ "Try adding them to the
@code{initrd-modules} field of your @code{operating-system} declaration, along
these lines:
@example
(operating-system
;; @dots{}
(initrd-modules (append (list~{ ~s~})
%base-initrd-modules)))
@end example\n")
modules)))
(&error-location
(location (source-properties->location location)))))))))
;;; linux-initrd.scm ends here

51
gnu/system/mapped-devices.scm
View File

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2017 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2017, 2018 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -25,13 +25,14 @@
#:use-module (guix i18n)
#:use-module ((guix utils)
#:select (source-properties->location
&fix-hint
&error-location))
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system uuid)
#:use-module ((gnu system linux-initrd)
#:select (check-device-initrd-modules))
#:autoload (gnu build file-systems) (find-partition-by-luks-uuid)
#:autoload (gnu build linux-modules)
(device-module-aliases matching-modules known-module-aliases)
#:autoload (gnu packages cryptsetup) (cryptsetup-static)
#:autoload (gnu packages linux) (mdadm-static)
#:use-module (srfi srfi-1)
@ -55,6 +56,8 @@
device-mapping-service-type
device-mapping-service
check-device-initrd-modules ;XXX: needs a better place
luks-device-mapping
raid-device-mapping))
@ -106,6 +109,48 @@
"Return a service that sets up @var{mapped-device}."
(service device-mapping-service-type mapped-device))
;;;
;;; Static checks.
;;;
(define (check-device-initrd-modules device linux-modules location)
"Raise an error if DEVICE needs modules beyond LINUX-MODULES to operate.
DEVICE must be a \"/dev\" file name."
(define aliases
;; Attempt to load 'modules.alias' from the current kernel, assuming we're
;; on GuixSD, and assuming that corresponds to the kernel we'll be
;; installing. Skip the whole thing if that file cannot be read.
(catch 'system-error
(lambda ()
(known-module-aliases))
(const #f)))
(when aliases
(let ((modules (delete-duplicates
(append-map (cut matching-modules <> aliases)
(device-module-aliases device)))))
(unless (every (cute member <> linux-modules) modules)
(raise (condition
(&message
(message (format #f (G_ "you may need these modules \
in the initrd for ~a:~{ ~a~}")
device modules)))
(&fix-hint
(hint (format #f (G_ "Try adding them to the
@code{initrd-modules} field of your @code{operating-system} declaration, along
these lines:
@example
(operating-system
;; @dots{}
(initrd-modules (append (list~{ ~s~})
%base-initrd-modules)))
@end example\n")
modules)))
(&error-location
(location (source-properties->location location)))))))))
;;;
;;; Common device mappings.

18
guix/scripts/system.scm
View File

@ -733,7 +733,8 @@ and TARGET arguments."
(#$installer #$bootloader #$device #$target))))))
(define* (perform-action action os
#:key install-bootloader?
#:key skip-safety-checks?
install-bootloader?
dry-run? derivations-only?
use-substitutes? bootloader-target target
image-size file-system-type full-boot?
@ -750,7 +751,10 @@ When DERIVATIONS-ONLY? is true, print the derivation file name(s) without
building anything.
When GC-ROOT is a path, also make that path an indirect root of the build
output when building a system derivation, such as a disk image."
output when building a system derivation, such as a disk image.
When SKIP-SAFETY-CHECKS? is true, skip the file system and initrd module
static checks."
(define println
(cut format #t "~a~%" <>))
@ -760,7 +764,8 @@ output when building a system derivation, such as a disk image."
;; Check whether the declared file systems exist. This is better than
;; instantiating a broken configuration. Assume that we can only check if
;; running as root.
(when (memq action '(init reconfigure))
(when (and (not skip-safety-checks?)
(memq action '(init reconfigure)))
(check-mapped-devices os)
(when (zero? (getuid))
(check-file-system-availability (operating-system-file-systems os))
@ -933,6 +938,8 @@ Some ACTIONS support additional ARGS.\n"))
--expose=SPEC for 'vm', expose host file system according to SPEC"))
(display (G_ "
--full-boot for 'vm', make a full boot sequence"))
(display (G_ "
--skip-checks skip file system and initrd module safety checks"))
(newline)
(display (G_ "
-h, --help display this help and exit"))
@ -974,6 +981,9 @@ Some ACTIONS support additional ARGS.\n"))
(option '("full-boot") #f #f
(lambda (opt name arg result)
(alist-cons 'full-boot? #t result)))
(option '("skip-checks") #f #f
(lambda (opt name arg result)
(alist-cons 'skip-safety-checks? #t result)))
(option '("share") #t #f
(lambda (opt name arg result)
@ -1067,6 +1077,8 @@ resulting from command-line parsing."
#:derivations-only? (assoc-ref opts
'derivations-only?)
#:use-substitutes? (assoc-ref opts 'substitutes?)
#:skip-safety-checks?
(assoc-ref opts 'skip-safety-checks?)
#:file-system-type (assoc-ref opts 'file-system-type)
#:image-size (assoc-ref opts 'image-size)
#:full-boot? (assoc-ref opts 'full-boot?)

2
po/guix/POTFILES.in
View File

@ -5,7 +5,7 @@ gnu/packages.scm
gnu/services.scm
gnu/system.scm
gnu/services/shepherd.scm
gnu/system/linux-initrd.scm
gnu/system/mapped-devices.scm
gnu/system/shadow.scm
guix/scripts.scm
guix/scripts/build.scm

19
tests/packages.scm
View File

@ -377,24 +377,9 @@
(unless (network-reachable?) (test-skip 1))
(test-equal "package-source-derivation, snippet"
"OK"
(let* ((file (search-bootstrap-binary (match (%current-system)
("armhf-linux"
"guile-2.0.11.tar.xz")
("aarch64-linux"
"guile-2.0.14.tar.xz")
(_
"guile-2.0.9.tar.xz"))
(%current-system)))
(sha256 (call-with-input-file file port-sha256))
(fetch (lambda* (url hash-algo hash
#:optional name #:key system)
(pk 'fetch url hash-algo hash name system)
(interned-file url)))
(source (bootstrap-origin
(let* ((source (bootstrap-origin
(origin
(method fetch)
(uri file)
(sha256 sha256)
(inherit (bootstrap-guile-origin (%current-system)))
(patch-inputs
`(("tar" ,%bootstrap-coreutils&co)
("xz" ,%bootstrap-coreutils&co)