From 33ec536b90549488379a3dc80b5e23337cc9fac2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 16 May 2017 15:09:57 +0200 Subject: [PATCH 01/37] gnu: guix: Update snapshot. * gnu/packages/package-management.scm (guix): Update to ce92d26. --- gnu/packages/package-management.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 8ebf6b0578..ceaf51b676 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -73,8 +73,8 @@ ;; Note: the 'update-guix-package.scm' script expects this definition to ;; start precisely like this. (let ((version "0.12.0") - (commit "ba2260dbbc5a3c915e2cbd54d93f2f3af2a864c3") - (revision 10)) + (commit "ce92d269fea0a2bfac0ac20414f77127d2f07500") + (revision 11)) (package (name "guix") @@ -90,7 +90,7 @@ (commit commit))) (sha256 (base32 - "0nkwbblsnl7kv2n8jf8c6rl3a7dynaqxizhhni18vbnmvza35c79")) + "17l9r2mdzzv8vfxb3bc5zkdqkl472q979iwsarp7lcqss1jxys7w")) (file-name (string-append "guix-" version "-checkout")))) (build-system gnu-build-system) (arguments From 43e5a262aa4ddf8e2a34f94f9672910ccd48030a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Tue, 16 May 2017 15:16:51 +0200 Subject: [PATCH 02/37] Update NEWS. --- NEWS | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 59 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 8b6727fd93..2f7c8d0abe 100644 --- a/NEWS +++ b/NEWS @@ -2,7 +2,7 @@ #+TITLE: Guix NEWS – history of user-visible changes #+STARTUP: content hidestars -Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès +Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright @@ -10,6 +10,64 @@ Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès Please send Guix bug reports to bug-guix@gnu.org. +* Changes in 0.13.0 (since 0.12.0) + +** Package management + +*** Guix can now be used on aarch64 GNU/Linux systems +*** New ‘guix pack’ command to create bundles +*** New ‘guix copy’ command to copy store items over SSH +*** New ‘--cache’ option for ‘guix publish’ +*** $GUIX_DAEMON_SOCKET can specify remote daemons +*** Guix can now run on Guile 2.2, providing better performance +*** Emacs interface moved to separate Emacs-Guix package +*** New ‘--root’ option for ‘guix environment’ +*** ‘guix pull’ now connects to git.savannah.gnu.org over HTTPS +*** New cross-compilation targets: aarch64-linux-gnu, powerpc-linux-gnu +*** Packages can specify “single-entry search paths” (e.g., ‘GIT_EXEC_PATH’) +*** ‘guix import’ and ‘guix refresh’ now support Stackage +*** Support for the deprecated “PKG-VERSION” syntax has been removed +*** GnuTLS (Guile bindings) is now required + +** Distribution + +*** The GuixSD installation image supports (U)EFI systems +*** GuixSD supports Btrfs () +*** Some system services are now run in separate namespaces +*** The LXDE desktop environment is now available +*** ‘grub-configuration’ can specify settings for the user interface +*** Service types can now specify a default value for services +*** Create the /var/log/wtmp and /var/log/utmpx databases +*** ‘static-networking’ service can now be extended +*** Configuration of ‘nginx-service-type’ has been greatly improved +*** New ‘gnu-build-system’ phase to always reset gzip timestamps +*** FIXME new services + +exim, mail-aliases, inetd, agetty, openvswitch, special-files, redis, +thermald + +*** FIXME new packages +*** FIXME package updates + +** Programming interfaces + +*** (guix scripts challenge) returns complete reports, not just discrepancies +*** New ‘dub-build-system’ for the D language and Dub +*** New ‘ocaml-build-system’ for software written in OCaml +*** New ‘package-mapping’ procedure to rewrite package dependency graphs +*** New modules: (guix workers), (guix discovery), (guix cache), + (guix memoization), (guix ssh) + +** Noteworthy bug fixes + +*** Create home directories once file systems are mounted + () +*** FIXME: Add more + +** Native language support + +Updated translations: fr (French), FIXME + * Changes in 0.12.0 (since 0.11.0) ** Package management From 266d281d253ffd20336f837fc64a64a14eb44b12 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 17 May 2017 23:04:35 +0200 Subject: [PATCH 03/37] Update NEWS. --- NEWS | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/NEWS b/NEWS index 2f7c8d0abe..344b60d28d 100644 --- a/NEWS +++ b/NEWS @@ -27,7 +27,9 @@ Please send Guix bug reports to bug-guix@gnu.org. *** Packages can specify “single-entry search paths” (e.g., ‘GIT_EXEC_PATH’) *** ‘guix import’ and ‘guix refresh’ now support Stackage *** Support for the deprecated “PKG-VERSION” syntax has been removed +*** New Cypher backend for ‘guix graph’ *** GnuTLS (Guile bindings) is now required +*** Guix now issues a warning when it detects that Guix has not been upgraded in a while ** Distribution @@ -38,6 +40,7 @@ Please send Guix bug reports to bug-guix@gnu.org. *** ‘grub-configuration’ can specify settings for the user interface *** Service types can now specify a default value for services *** Create the /var/log/wtmp and /var/log/utmpx databases +*** A raw initial RAM disk can be created to support systems with custom kernel configurations *** ‘static-networking’ service can now be extended *** Configuration of ‘nginx-service-type’ has been greatly improved *** New ‘gnu-build-system’ phase to always reset gzip timestamps @@ -54,14 +57,18 @@ thermald *** (guix scripts challenge) returns complete reports, not just discrepancies *** New ‘dub-build-system’ for the D language and Dub *** New ‘ocaml-build-system’ for software written in OCaml +*** Improvements to the ‘asdf-build-system’ for software written in various Common Lisp dialects. *** New ‘package-mapping’ procedure to rewrite package dependency graphs *** New modules: (guix workers), (guix discovery), (guix cache), (guix memoization), (guix ssh) +*** (gnu build file-systems) now has support for ISO-9660 file systems. ** Noteworthy bug fixes *** Create home directories once file systems are mounted () +*** GNU R now builds bit-reproducibly () + *** FIXME: Add more ** Native language support From 920803fbf443f7e40ed299f433255f10a4ae9fb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 18 May 2017 16:21:35 +0200 Subject: [PATCH 04/37] maint: Add 'update-NEWS' target. * build-aux/update-NEWS.scm: New file. * Makefile.am (EXTRA_DIST): Add it. (GUIX_MAINTENANCE_DIRECTORY): New variable. (update-NEWS): New target. (.PHONY): Add it. --- Makefile.am | 12 ++- build-aux/update-NEWS.scm | 161 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 172 insertions(+), 1 deletion(-) create mode 100644 build-aux/update-NEWS.scm diff --git a/Makefile.am b/Makefile.am index 5bfc9ca88c..e1c7cdd7fa 100644 --- a/Makefile.am +++ b/Makefile.am @@ -420,6 +420,7 @@ EXTRA_DIST = \ build-aux/generate-authors.scm \ build-aux/test-driver.scm \ build-aux/update-guix-package.scm \ + build-aux/update-NEWS.scm \ build-aux/run-system-tests.scm \ d3.v3.js \ graph.js \ @@ -641,6 +642,15 @@ update-guix-package: $(top_srcdir)/build-aux/update-guix-package.scm \ "`git rev-parse HEAD`" +# Location of a checkout of . +# Package data from this checkout is used by 'update-NEWS.scm'. +GUIX_MAINTENANCE_DIRECTORY ?= $(top_srcdir)/../guix-maintenance + +update-NEWS: $(GOBJECTS) + $(top_builddir)/pre-inst-env "$(GUILE)" \ + $(top_srcdir)/build-aux/update-NEWS.scm \ + $(top_srcdir)/NEWS "$(GUIX_MAINTENANCE_DIRECTORY)/data" + # Make sure we're not shipping a file that embeds a local /gnu/store file name. assert-no-store-file-names: $(distdir)/ChangeLog $(AM_V_at)if grep -r --exclude=*.texi --exclude=*.info \ @@ -676,7 +686,7 @@ hydra-jobs.scm: $(GOBJECTS) .PHONY: assert-no-store-file-names assert-binaries-available .PHONY: assert-final-inputs-self-contained .PHONY: clean-go make-go -.PHONY: update-guix-package release +.PHONY: update-guix-package update-NEWS release ## -------------- ## ## Silent rules. ## diff --git a/build-aux/update-NEWS.scm b/build-aux/update-NEWS.scm new file mode 100644 index 0000000000..2e8f68c9a8 --- /dev/null +++ b/build-aux/update-NEWS.scm @@ -0,0 +1,161 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +;;; Commentary: +;;; +;;; This script updates the list of new and updated packages in 'NEWS'. +;;; +;;; Code: + +(use-modules (gnu) (guix) + (guix build utils) + ((guix ui) #:select (fill-paragraph)) + (srfi srfi-1) + (srfi srfi-11) + (ice-9 match) + (ice-9 rdelim) + (ice-9 regex) + (ice-9 pretty-print)) + +(define %header-rx + (make-regexp "^\\* Changes in (version )?([0-9.]+) \\(since ([0-9.]+)\\)")) + +(define (NEWS->versions port) + "Return two values: the previous version and the current version as read +from PORT, which is an input port on the 'NEWS' file." + (let loop () + (let ((line (read-line port))) + (cond ((eof-object? line) + (error "failed to determine previous and current version" + port)) + ((regexp-exec %header-rx line) + => + (lambda (match) + (values (match:substring match 3) + (match:substring match 2)))) + (else + (loop)))))) + +(define (skip-to-org-heading port) + "Read from PORT until an Org heading is found." + (let loop () + (let ((next (peek-char port))) + (cond ((eqv? next #\*) + #t) + ((eof-object? next) + (error "next heading could not be found")) + (else + (read-line port) + (loop)))))) + +(define (rewrite-org-section input output heading-rx proc) + "Write to OUTPUT the text read from INPUT, but with the first Org section +matching HEADING-RX replaced by NEW-HEADING and CONTENTS." + (let loop () + (let ((line (read-line input))) + (cond ((eof-object? line) + (error "failed to match heading regexp" heading-rx)) + ((regexp-exec heading-rx line) + => + (lambda (match) + (proc match output) + (skip-to-org-heading input) + (dump-port input output) + #t)) + (else + (display line output) + (newline output) + (loop)))))) + +(define (enumeration->paragraph lst) + "Turn LST, a list of strings, into a single string that is a ready-to-print +paragraph." + (fill-paragraph (string-join (sort lst stringparagraph added))))))))) + +(define (write-packages-updates news-file old new) + "Write to NEWS-FILE the list of packages upgraded between OLD and NEW." + (let ((upgraded (filter-map (match-lambda + ((package . new-version) + (match (assoc package old) + ((_ . old-version) + (and (version>? new-version old-version) + (string-append package "@" + new-version))) + (_ #f)))) + new))) + (with-atomic-file-replacement news-file + (lambda (input output) + (rewrite-org-section input output + (make-regexp "^(\\*+) (.*) package updates") + (lambda (match port) + (let ((stars (match:substring match 1))) + (format port + "~a ~a package updates~%~%~a~%~%" + stars (length upgraded) + (enumeration->paragraph upgraded))))))))) + + +(define (main . args) + (match args + ((news-file data-directory) + ;; Don't browse things listed in the user's $GUIX_PACKAGE_PATH. Here we + ;; assume that the last item in (%package-module-path) is the distro + ;; directory. + (parameterize ((%package-module-path + (list (last (%package-module-path))))) + (define (package-file version) + (string-append data-directory "/packages-" + version ".txt")) + + (let-values (((previous-version new-version) + (call-with-input-file news-file NEWS->versions))) + (let* ((old (call-with-input-file (package-file previous-version) + read)) + (new (fold-packages (lambda (p r) + (alist-cons (package-name p) (package-version p) + r)) + '()))) + (call-with-output-file (package-file new-version) + (lambda (port) + (pretty-print new port))) + + (write-packages-added news-file old new) + (write-packages-updates news-file old new))))) + (x + (format (current-error-port) "Usage: update-NEWS NEWS-FILE DATA-DIRECTORY + +Update the list of new and updated packages in NEWS-FILE using the +previous-version package list from DATA-DIRECTORY.\n") + (exit 1)))) + +(apply main (cdr (command-line))) From ed5e3ab8abe994d584465afdfe9102fc74ef7e85 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 16 May 2017 22:26:22 +0300 Subject: [PATCH 05/37] gnu: tor: Update to 0.3.0.7. * gnu/packages/tor.scm (tor): Update to 0.3.0.7. --- gnu/packages/tor.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm index 83e49a1536..b31b58a26f 100644 --- a/gnu/packages/tor.scm +++ b/gnu/packages/tor.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès ;;; Copyright © 2014, 2015 Mark H Weaver -;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016, 2017 ng0 ;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; Copyright © 2017 Eric Bavier @@ -43,14 +43,14 @@ (define-public tor (package (name "tor") - (version "0.3.0.6") + (version "0.3.0.7") (source (origin (method url-fetch) (uri (string-append "https://dist.torproject.org/tor-" version ".tar.gz")) (sha256 (base32 - "057vq8wagppmrlg85dgbsrk1v67yqpbi9n87s8gn0mdm7kli5rd3")))) + "00kxa83bn0axh7479fynp6r8znq5wy26kvb8ghixgjpkir2c8h4n")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list "--enable-expensive-hardening" From 5d6e38a6c37eced3f545a5afdcba3db20ec95869 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 16 May 2017 21:59:18 +0200 Subject: [PATCH 06/37] gnu: glibc/hurd: Use modify-phases syntax. * gnu/packages/base.scm (glibc/hurd)[arguments]: Use modify-phases syntax. --- gnu/packages/base.scm | 56 +++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 29 deletions(-) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 59a9acd67e..8a48cadf7b 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -778,35 +778,33 @@ with the Linux kernel.") ((#:phases original-phases) ;; Add libmachuser.so and libhurduser.so to libc.so's search path. ;; See . - `(alist-cons-after - 'install 'augment-libc.so - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out"))) - (substitute* (string-append out "/lib/libc.so") - (("/[^ ]+/lib/libc.so.0.3") - (string-append out "/lib/libc.so.0.3" " libmachuser.so" " libhurduser.so")))) - #t) - (alist-cons-after - 'pre-configure 'pre-configure-set-pwd - (lambda _ - ;; Use the right 'pwd'. - (substitute* "configure" - (("/bin/pwd") "pwd"))) - (alist-replace - 'build - (lambda _ - ;; Force mach/hurd/libpthread subdirs to build first in order to avoid - ;; linking errors. - ;; See - (let ((-j (list "-j" (number->string (parallel-job-count))))) - (let-syntax ((make (syntax-rules () - ((_ target) - (zero? (apply system* "make" target -j)))))) - (and (make "mach/subdir_lib") - (make "hurd/subdir_lib") - (make "libpthread/subdir_lib") - (zero? (apply system* "make" -j)))))) - ,original-phases)))) + `(modify-phases ,original-phases + (add-after 'install 'augment-libc.so + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (substitute* (string-append out "/lib/libc.so") + (("/[^ ]+/lib/libc.so.0.3") + (string-append out "/lib/libc.so.0.3" " libmachuser.so" " libhurduser.so")))) + #t)) + (add-after 'pre-configure 'pre-configure-set-pwd + (lambda _ + ;; Use the right 'pwd'. + (substitute* "configure" + (("/bin/pwd") "pwd")) + #t)) + (replace 'build + (lambda _ + ;; Force mach/hurd/libpthread subdirs to build first in order to avoid + ;; linking errors. + ;; See + (let ((-j (list "-j" (number->string (parallel-job-count))))) + (let-syntax ((make (syntax-rules () + ((_ target) + (zero? (apply system* "make" target -j)))))) + (and (make "mach/subdir_lib") + (make "hurd/subdir_lib") + (make "libpthread/subdir_lib") + (zero? (apply system* "make" -j))))))))) ((#:configure-flags original-configure-flags) `(append (list "--host=i586-pc-gnu" From d03b34cf190b5790ee1884ae551634f5f736f4f1 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 16 May 2017 22:11:41 +0200 Subject: [PATCH 07/37] gnu: glibc/hurd: Do not apply i686 patch. This is a follow-up to commit c2e4f14ac8cd3e1ce7f46a192ad0c9acc084b210. * gnu/packages/base.scm (glibc/hurd)[arguments]: Override pre-configure phase with a copy that does not include the patch application. --- gnu/packages/base.scm | 65 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 8a48cadf7b..d135a18bf8 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -779,6 +779,71 @@ with the Linux kernel.") ;; Add libmachuser.so and libhurduser.so to libc.so's search path. ;; See . `(modify-phases ,original-phases + ;; TODO: This is almost an exact copy of the phase of the same name + ;; in glibc/linux. The only difference is that the i686 patch is + ;; not applied here. In the next update cycle the patch moves to + ;; the patches field and this overwritten phase won't be needed any + ;; more. + (replace 'pre-configure + (lambda* (#:key inputs native-inputs outputs + #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + ;; FIXME: Normally we would look it up only in INPUTS + ;; but cross-base uses it as a native input. + (bash (or (assoc-ref inputs "static-bash") + (assoc-ref native-inputs "static-bash")))) + ;; Install the rpc data base file under `$out/etc/rpc'. + ;; FIXME: Use installFlags = [ "sysconfdir=$(out)/etc" ]; + (substitute* "sunrpc/Makefile" + (("^\\$\\(inst_sysconfdir\\)/rpc(.*)$" _ suffix) + (string-append out "/etc/rpc" suffix "\n")) + (("^install-others =.*$") + (string-append "install-others = " out "/etc/rpc\n"))) + + (substitute* "Makeconfig" + ;; According to + ;; , + ;; linking against libgcc_s is not needed with GCC + ;; 4.7.1. + ((" -lgcc_s") "")) + + ;; Have `system' use that Bash. + (substitute* "sysdeps/posix/system.c" + (("#define[[:blank:]]+SHELL_PATH.*$") + (format #f "#define SHELL_PATH \"~a/bin/bash\"\n" + bash))) + + ;; Same for `popen'. + (substitute* "libio/iopopen.c" + (("/bin/sh") + (string-append bash "/bin/sh"))) + + ;; Same for the shell used by the 'exec' functions for + ;; scripts that lack a shebang. + (substitute* (find-files "." "^paths\\.h$") + (("#define[[:blank:]]+_PATH_BSHELL[[:blank:]].*$") + (string-append "#define _PATH_BSHELL \"" + bash "/bin/sh\"\n"))) + + ;; Nscd uses __DATE__ and __TIME__ to create a string to + ;; make sure the client and server come from the same + ;; libc. Use something deterministic instead. + (substitute* "nscd/nscd_stat.c" + (("static const char compilation\\[21\\] =.*$") + (string-append + "static const char compilation[21] = \"" + (string-take (basename out) 20) "\";\n"))) + + ;; Make sure we don't retain a reference to the + ;; bootstrap Perl. + (substitute* "malloc/mtrace.pl" + (("^#!.*") + ;; The shebang can be omitted, because there's the + ;; "bilingual" eval/exec magic at the top of the file. + "") + (("exec @PERL@") + "exec perl"))))) (add-after 'install 'augment-libc.so (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out"))) From 6d1ae43dcb9c754e14723e41ed10298ff100e5a4 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Mon, 15 May 2017 09:05:48 -0700 Subject: [PATCH 08/37] profiles: Add elapsed time to manual-database hook to output message. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * guix/profiles.scm (manual-database): Add elapsed time to manual-database hook to output message. Signed-off-by: Ludovic Courtès --- guix/profiles.scm | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/guix/profiles.scm b/guix/profiles.scm index eb172ef450..6733f105e3 100644 --- a/guix/profiles.scm +++ b/guix/profiles.scm @@ -957,6 +957,7 @@ the entries in MANIFEST." #~(begin (use-modules (guix build utils) (srfi srfi-1) + (srfi srfi-19) (srfi srfi-26)) (define entries @@ -1011,16 +1012,23 @@ the entries in MANIFEST." (mkdir-p man-directory) (setenv "MANPATH" (string-join entries ":")) - (format #t "creating manual page database for ~a packages...~%" + (format #t "Creating manual page database for ~a packages... " (length entries)) (force-output) - - (zero? (system* #+(file-append man-db "/bin/mandb") - "--quiet" "--create" - "-C" "man_db.conf")))) + (let* ((start-time (current-time)) + (exit-status (system* #+(file-append man-db "/bin/mandb") + "--quiet" "--create" + "-C" "man_db.conf")) + (duration (time-difference (current-time) start-time))) + (format #t "done in ~,3f s~%" + (+ (time-second duration) + (* (time-nanosecond duration) (expt 10 -9)))) + (force-output) + (zero? exit-status)))) (gexp->derivation "manual-database" build #:modules '((guix build utils) + (srfi srfi-19) (srfi srfi-26)) #:local-build? #t)) From c90fd5564cf67f75e28276129d37a0d9128cadda Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 17 May 2017 07:28:09 -0400 Subject: [PATCH 09/37] gnu: qemu: Fix CVE-2017-7493. * gnu/packages/patches/qemu-CVE-2017-7493.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/qemu.scm (qemu)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/qemu-CVE-2017-7493.patch | 182 ++++++++++++++++++ gnu/packages/qemu.scm | 1 + 3 files changed, 184 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2017-7493.patch diff --git a/gnu/local.mk b/gnu/local.mk index c560c71725..2da002b379 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -939,6 +939,7 @@ dist_patch_DATA = \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ %D%/packages/patches/python2-subprocess32-disable-input-test.patch \ + %D%/packages/patches/qemu-CVE-2017-7493.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2017-7493.patch b/gnu/packages/patches/qemu-CVE-2017-7493.patch new file mode 100644 index 0000000000..67b26fad81 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-7493.patch @@ -0,0 +1,182 @@ +Fix CVE-2017-7493: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7493 + +Patch copied from upstream source repository: + +http://git.qemu.org/?p=qemu.git;a=commit;h=7a95434e0ca8a037fd8aa1a2e2461f92585eb77b + +From 7a95434e0ca8a037fd8aa1a2e2461f92585eb77b Mon Sep 17 00:00:00 2001 +From: Greg Kurz +Date: Fri, 5 May 2017 14:48:08 +0200 +Subject: [PATCH] 9pfs: local: forbid client access to metadata (CVE-2017-7493) + +When using the mapped-file security mode, we shouldn't let the client mess +with the metadata. The current code already tries to hide the metadata dir +from the client by skipping it in local_readdir(). But the client can still +access or modify it through several other operations. This can be used to +escalate privileges in the guest. + +Affected backend operations are: +- local_mknod() +- local_mkdir() +- local_open2() +- local_symlink() +- local_link() +- local_unlinkat() +- local_renameat() +- local_rename() +- local_name_to_path() + +Other operations are safe because they are only passed a fid path, which +is computed internally in local_name_to_path(). + +This patch converts all the functions listed above to fail and return +EINVAL when being passed the name of the metadata dir. This may look +like a poor choice for errno, but there's no such thing as an illegal +path name on Linux and I could not think of anything better. + +This fixes CVE-2017-7493. + +Reported-by: Leo Gaspard +Signed-off-by: Greg Kurz +Reviewed-by: Eric Blake +--- + hw/9pfs/9p-local.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 56 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c +index f3ebca4f7a..a2486566af 100644 +--- a/hw/9pfs/9p-local.c ++++ b/hw/9pfs/9p-local.c +@@ -452,6 +452,11 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs) + return telldir(fs->dir.stream); + } + ++static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name) ++{ ++ return !strcmp(name, VIRTFS_META_DIR); ++} ++ + static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs) + { + struct dirent *entry; +@@ -465,8 +470,8 @@ again: + if (ctx->export_flags & V9FS_SM_MAPPED) { + entry->d_type = DT_UNKNOWN; + } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) { +- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) { +- /* skp the meta data directory */ ++ if (local_is_mapped_file_metadata(ctx, entry->d_name)) { ++ /* skip the meta data directory */ + goto again; + } + entry->d_type = DT_UNKNOWN; +@@ -559,6 +564,12 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -605,6 +616,12 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -694,6 +711,12 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + /* + * Mark all the open to not follow symlinks + */ +@@ -752,6 +775,12 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath, + int err = -1; + int dirfd; + ++ if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(fs_ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(fs_ctx, dir_path->data); + if (dirfd == -1) { + return -1; +@@ -826,6 +855,12 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath, + int ret = -1; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, odirpath); + if (odirfd == -1) { + goto out; +@@ -1096,6 +1131,12 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path, + static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path, + const char *name, V9fsPath *target) + { ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + if (dir_path) { + v9fs_path_sprintf(target, "%s/%s", dir_path->data, name); + } else if (strcmp(name, "/")) { +@@ -1116,6 +1157,13 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir, + int ret; + int odirfd, ndirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ (local_is_mapped_file_metadata(ctx, old_name) || ++ local_is_mapped_file_metadata(ctx, new_name))) { ++ errno = EINVAL; ++ return -1; ++ } ++ + odirfd = local_opendir_nofollow(ctx, olddir->data); + if (odirfd == -1) { + return -1; +@@ -1206,6 +1254,12 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir, + int ret; + int dirfd; + ++ if (ctx->export_flags & V9FS_SM_MAPPED_FILE && ++ local_is_mapped_file_metadata(ctx, name)) { ++ errno = EINVAL; ++ return -1; ++ } ++ + dirfd = local_opendir_nofollow(ctx, dir->data); + if (dirfd == -1) { + return -1; +-- +2.13.0 + diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm index 30b9908aa0..0734b6d0f7 100644 --- a/gnu/packages/qemu.scm +++ b/gnu/packages/qemu.scm @@ -74,6 +74,7 @@ (method url-fetch) (uri (string-append "http://wiki.qemu-project.org/download/qemu-" version ".tar.xz")) + (patches (search-patches "qemu-CVE-2017-7493.patch")) (sha256 (base32 "08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h")))) From 37fd9567710b0fc0d7b083f8a1eba3528597c2f6 Mon Sep 17 00:00:00 2001 From: Alex Kost Date: Tue, 9 May 2017 22:44:19 +0300 Subject: [PATCH 10/37] build: Compile stackage only if 'guile-json' is available. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes . This is a followup to commit 3089b5d3f5a31b191b68ce3aa9255b646940b642. * Makefile.am (MODULES): Move "guix/scripts/import/stackage.scm" within 'if HAVE_GUILE_JSON'. Signed-off-by: Ludovic Courtès --- Makefile.am | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index e1c7cdd7fa..b90f419b14 100644 --- a/Makefile.am +++ b/Makefile.am @@ -160,7 +160,6 @@ MODULES = \ guix/scripts/import/gnu.scm \ guix/scripts/import/nix.scm \ guix/scripts/import/hackage.scm \ - guix/scripts/import/stackage.scm \ guix/scripts/import/elpa.scm \ guix/scripts/environment.scm \ guix/scripts/publish.scm \ @@ -185,7 +184,8 @@ MODULES += \ guix/import/stackage.scm \ guix/scripts/import/crate.scm \ guix/scripts/import/gem.scm \ - guix/scripts/import/pypi.scm + guix/scripts/import/pypi.scm \ + guix/scripts/import/stackage.scm endif From 56a03975eb287796128e80feb6799bc07f4b8185 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 17 May 2017 16:10:48 +0200 Subject: [PATCH 11/37] gnu: aspell: 'dict-dir' set to ~/.guix-profile/lib/aspell or $ASPELL_DICT_DIR. See for background. * gnu/packages/patches/aspell-default-dict-dir.patch: New file. * gnu/packages/aspell.scm (aspell)[source](patches): New field. [native-search-paths]: New field. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/aspell.scm | 18 ++++++++++++++--- .../patches/aspell-default-dict-dir.patch | 20 +++++++++++++++++++ 3 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/aspell-default-dict-dir.patch diff --git a/gnu/local.mk b/gnu/local.mk index 2da002b379..ca26bcd812 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -499,6 +499,7 @@ dist_patch_DATA = \ %D%/packages/patches/antiword-CVE-2014-8123.patch \ %D%/packages/patches/apr-skip-getservbyname-test.patch \ %D%/packages/patches/artanis-fix-Makefile.in.patch \ + %D%/packages/patches/aspell-default-dict-dir.patch \ %D%/packages/patches/ath9k-htc-firmware-binutils.patch \ %D%/packages/patches/ath9k-htc-firmware-gcc.patch \ %D%/packages/patches/ath9k-htc-firmware-objcopy.patch \ diff --git a/gnu/packages/aspell.scm b/gnu/packages/aspell.scm index 06ba2ce472..509d428f64 100644 --- a/gnu/packages/aspell.scm +++ b/gnu/packages/aspell.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès ;;; Copyright © 2015, 2016 Alex Kost ;;; Copyright © 2016 John Darrington ;;; Copyright © 2016 Efraim Flashner @@ -26,6 +26,7 @@ #:use-module (guix download) #:use-module (guix build-system gnu) #:use-module (guix licenses) + #:use-module (gnu packages) #:use-module (gnu packages perl) #:use-module (gnu packages base)) @@ -40,7 +41,8 @@ version ".tar.gz")) (sha256 (base32 - "1qgn5psfyhbrnap275xjfrzppf5a83fb67gpql0kfqv37al869gm")))) + "1qgn5psfyhbrnap275xjfrzppf5a83fb67gpql0kfqv37al869gm")) + (patches (search-patches "aspell-default-dict-dir.patch")))) (build-system gnu-build-system) (arguments `(#:phases @@ -53,6 +55,15 @@ '("ASPELL_CONF" "" = ("${ASPELL_CONF:-\"dict-dir ${GUIX_PROFILE:-$HOME/.guix-profile}/lib/aspell\"}"))))))))) (inputs `(("perl" ,perl))) + + (native-search-paths + ;; This is a Guix-specific environment variable that takes a single + ;; entry, not an actual search path. + (list (search-path-specification + (variable "ASPELL_DICT_DIR") + (separator #f) + (files '("lib/aspell"))))) + (home-page "http://aspell.net/") (synopsis "Spell checker") (description @@ -66,7 +77,8 @@ dictionaries, including personal ones.") ;;; Dictionaries. ;;; ;;; Use 'export ASPELL_CONF="dict-dir $HOME/.guix-profile/lib/aspell"' to use -;;; them. +;;; them, or set the Guix-specific 'ASPELL_DICT_DIR', or just do nothing (as +;;; long as 'HOME' is set, that's fine!). ;;; (define* (aspell-dictionary dict-name full-name diff --git a/gnu/packages/patches/aspell-default-dict-dir.patch b/gnu/packages/patches/aspell-default-dict-dir.patch new file mode 100644 index 0000000000..17a6ff606f --- /dev/null +++ b/gnu/packages/patches/aspell-default-dict-dir.patch @@ -0,0 +1,20 @@ +This patch changes the default value of 'dict-dir' to correspond +to ~/.guix-profile/lib/aspell rather than $prefix/lib/aspell-X.Y. + +This is not strictly necessary for the 'aspell' program itself since +one can simply set "ASPELL_CONF=dict-dir $HOME/.guix-profile/lib/aspell". +However it is necessary for applications that use libaspell since +'ASPELL_CONF' is not honored in this case. See . + +--- a/common/config.cpp ++++ b/common/config.cpp +@@ -1349,6 +1349,9 @@ namespace acommon { + # define REPL ".aspell..prepl" + #endif + ++#undef DICT_DIR ++#define DICT_DIR "<$ASPELL_DICT_DIR|home-dir/.guix-profile/lib/aspell>" ++ + static const KeyInfo config_keys[] = { + // the description should be under 50 chars + {"actual-dict-dir", KeyInfoString, "", 0} From a6c642ef63012508f755a1329aa66e4b09da72b5 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 13 May 2017 20:44:36 -0400 Subject: [PATCH 12/37] maint: The 'release' target builds a VM image. * gnu/system/examples/vm-image.tmpl: New file. * Makefile.am (GUIXSD_VM_SYSTEMS, GUIXSD_VM_IMAGE_BASE, GUIXSD_VM_IMAGE_SIZE): New variables. (release): Add logic to build a VM image. (EXAMPLES): Add 'gnu/system/examples/vm-image.tmpl'. * doc/guix.texi (Running GuixSD in a VM, Installing GuixSD in a VM): Mention the pre-built VM image. --- Makefile.am | 27 +++++++++++++++- doc/guix.texi | 29 ++++++++++------- gnu/system/examples/vm-image.tmpl | 53 +++++++++++++++++++++++++++++++ 3 files changed, 97 insertions(+), 12 deletions(-) create mode 100644 gnu/system/examples/vm-image.tmpl diff --git a/Makefile.am b/Makefile.am index b90f419b14..c2fc2642a7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5,6 +5,7 @@ # Copyright © 2016 Mathieu Lirzin # Copyright © 2016, 2017 Mark H Weaver # Copyright © 2017 Mathieu Othacehe +# Copyright © 2017 Leo Famulari # # This file is part of GNU Guix. # @@ -224,7 +225,8 @@ AUX_FILES = \ EXAMPLES = \ gnu/system/examples/bare-bones.tmpl \ gnu/system/examples/desktop.tmpl \ - gnu/system/examples/lightweight-desktop.tmpl + gnu/system/examples/lightweight-desktop.tmpl \ + gnu/system/examples/vm-image.tmpl GOBJECTS = $(MODULES:%.scm=%.go) guix/config.go $(dist_noinst_DATA:%.scm=%.go) @@ -572,12 +574,21 @@ BINARY_TARBALLS = \ # Systems supported by GuixSD. GUIXSD_SUPPORTED_SYSTEMS ?= x86_64-linux i686-linux +# Systems for which we build GuixSD VMs. +GUIXSD_VM_SYSTEMS ?= x86_64-linux + # Prefix of the GuixSD installation image file name. GUIXSD_IMAGE_BASE = guixsd-usb-install-$(PACKAGE_VERSION) +# Prefix of the GuixSD VM image file name. +GUIXSD_VM_IMAGE_BASE = guixsd-vm-image-$(PACKAGE_VERSION) + # Size of the installation image (for x86_64 typically). GUIXSD_INSTALLATION_IMAGE_SIZE ?= 950MiB +# Size of the VM image (for x86_64 typically). +GUIXSD_VM_IMAGE_SIZE ?= 2GiB + # The release process works in several phases: # # 0. We assume the developer created a 'vX.Y' tag. @@ -632,6 +643,20 @@ release: dist mv "$(releasedir)/$(GUIXSD_IMAGE_BASE).$$system.xz.tmp" \ "$(releasedir)/$(GUIXSD_IMAGE_BASE).$$system.xz" ; \ done + for system in $(GUIXSD_VM_SYSTEMS) ; do \ + image=`$(top_builddir)/pre-inst-env \ + guix system vm-image \ + --system=$$system \ + --image-size=$(GUIXSD_VM_IMAGE_SIZE) \ + gnu/system/examples/vm-image.tmpl` ; \ + if [ ! -f "$$image" ] ; then \ + echo "failed to produced GuixSD VM image for $$system" >&2 ; \ + exit 1 ; \ + fi ; \ + xz < "$$image" > "$(releasedir)/$(GUIXSD_VM_IMAGE_BASE).$$system.xz.tmp" ; \ + mv "$(releasedir)/$(GUIXSD_VM_IMAGE_BASE).$$system.xz.tmp" \ + "$(releasedir)/$(GUIXSD_VM_IMAGE_BASE).$$system.xz" ; \ + done @echo @echo "Congratulations! All the release files are now in $(releasedir)." @echo diff --git a/doc/guix.texi b/doc/guix.texi index 7baf6ee38a..3523937030 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -7634,8 +7634,11 @@ good. @subsection Installing GuixSD in a Virtual Machine @cindex virtual machine, GuixSD installation -If you'd like to install GuixSD in a virtual machine (VM) rather than on -your beloved machine, this section is for you. +@cindex virtual private server (VPS) +@cindex VPS (virtual private server) +If you'd like to install GuixSD in a virtual machine (VM) or on a +virtual private server (VPS) rather than on your beloved machine, this +section is for you. To boot a @uref{http://qemu.org/,QEMU} VM for installing GuixSD in a disk image, follow these steps: @@ -15693,17 +15696,21 @@ example graph. @subsection Running GuixSD in a Virtual Machine @cindex virtual machine -One way to run GuixSD in a virtual machine (VM) is to build a GuixSD -virtual machine image using @command{guix system vm-image} -(@pxref{Invoking guix system}). The returned image is in qcow2 format, -which the @uref{http://qemu.org/, QEMU emulator} can efficiently use. +To run GuixSD in a virtual machine (VM), one can either use the +pre-built GuixSD VM image distributed at +@indicateurl{ftp://alpha.gnu.org/guix/guixsd-vm-image-@value{VERSION}.@var{system}.tar.xz} +, or build their own virtual machine image using @command{guix system +vm-image} (@pxref{Invoking guix system}). The returned image is in +qcow2 format, which the @uref{http://qemu.org/, QEMU emulator} can +efficiently use. @cindex QEMU -To run the image in QEMU, copy it out of the store (@pxref{The Store}) -and give yourself permission to write to the copy. When invoking QEMU, -you must choose a system emulator that is suitable for your hardware -platform. Here is a minimal QEMU invocation that will boot the result -of @command{guix system vm-image} on x86_64 hardware: +If you built your own image, you must copy it out of the store +(@pxref{The Store}) and give yourself permission to write to the copy +before you can use it. When invoking QEMU, you must choose a system +emulator that is suitable for your hardware platform. Here is a minimal +QEMU invocation that will boot the result of @command{guix system +vm-image} on x86_64 hardware: @example $ qemu-system-x86_64 \ diff --git a/gnu/system/examples/vm-image.tmpl b/gnu/system/examples/vm-image.tmpl new file mode 100644 index 0000000000..57ac71c535 --- /dev/null +++ b/gnu/system/examples/vm-image.tmpl @@ -0,0 +1,53 @@ +;;; This is an operating system configuration template for a "bare-bones" setup, +;;; suitable for booting in a virtualized environment, including virtual private +;;; servers (VPS). + +(use-modules (gnu)) +(use-package-modules bootloaders disk nvi) + +(define vm-image-motd (plain-file "motd" " +This is the GNU system. Welcome! + +This instance of GuixSD is a bare-bones template for virtualized environments. + +You will probably want to do these things first if you booted in a virtual +private server (VPS): + +* Set a password for 'root'. +* Set up networking. +* Expand the root partition to fill the space available by 0) deleting and +recreating the partition with fdisk, 1) reloading the partition table with +partprobe, and then 2) resizing the filesystem with resize2fs.\n")) + +(operating-system + (host-name "gnu") + (timezone "Etc/UTC") + (locale "en_US.utf8") + + ;; Assuming /dev/sdX is the target hard disk, and "my-root" is + ;; the label of the target root file system. + (bootloader (grub-configuration (device "/dev/sda") + (terminal-outputs '(console)))) + (file-systems (cons (file-system + (device "my-root") + (title 'label) + (mount-point "/") + (type "ext4")) + %base-file-systems)) + + ;; This is where user accounts are specified. The "root" + ;; account is implicit, and is initially created with the + ;; empty password. + (users %base-user-accounts) + + ;; Globally-installed packages. + (packages (cons* nvi fdisk + grub ; mostly so xrefs to its manual work + parted ; partprobe + %base-packages)) + + (services (modify-services %base-services + (login-service-type config => + (login-configuration + (inherit config) + (motd vm-image-motd)))))) From e13b55ae797c8da2b06811d25e21abd173295b8d Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 17 May 2017 13:36:17 +0200 Subject: [PATCH 13/37] services: openssh: Don't depend on networking. * gnu/services/ssh.scm (openssh-shepherd-service): Drop requirement. --- gnu/services/ssh.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 9917c311c7..2a6c8d45c2 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -385,7 +385,7 @@ The other options should be self-descriptive." (list (shepherd-service (documentation "OpenSSH server.") - (requirement '(networking syslogd)) + (requirement '(syslogd)) (provision '(ssh-daemon)) (start #~(make-forkexec-constructor #$openssh-command #:pid-file #$pid-file)) From f3f8938fe0c07d221ebccdf5a9a0029fda01f036 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 17 Apr 2017 22:49:23 +0200 Subject: [PATCH 14/37] install: Enable SSH in installation image. * gnu/system/install.scm (%installation-services): Add OPENSSH-SERVICE-TYPE. * doc/guix.texi (Preparing for Installation)[Networking]: Document it. --- doc/guix.texi | 14 +++++++++++++- gnu/system/install.scm | 12 ++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 3523937030..12fc806e17 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -36,7 +36,8 @@ Copyright @copyright{} 2017 Federico Beffa@* Copyright @copyright{} 2017 Carlo Zancanaro@* Copyright @copyright{} 2017 Thomas Danckaert@* Copyright @copyright{} 2017 humanitiesNerd@* -Copyright @copyright{} 2017 Christopher Allan Webber +Copyright @copyright{} 2017 Christopher Allan Webber@* +Copyright @copyright{} 2017 Marius Bakke Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -7452,6 +7453,17 @@ ping -c 3 gnu.org Setting up network access is almost always a requirement because the image does not contain all the software and tools that may be needed. +@cindex installing over SSH +If you want to, you can continue the installation remotely by starting +an SSH server: + +@example +herd start ssh-daemon +@end example + +Make sure to either set a password with @command{passwd}, or configure +OpenSSH public key authentication before logging in. + @subsubsection Disk Partitioning Unless this has already been done, the next step is to partition, and diff --git a/gnu/system/install.scm b/gnu/system/install.scm index 191ccf1680..9a6febfeba 100644 --- a/gnu/system/install.scm +++ b/gnu/system/install.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Andreas Enge +;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -25,6 +26,7 @@ #:use-module (guix monads) #:use-module ((guix store) #:select (%store-prefix)) #:use-module (gnu services shepherd) + #:use-module (gnu services ssh) #:use-module (gnu packages admin) #:use-module (gnu packages bash) #:use-module (gnu packages bootloaders) @@ -262,6 +264,16 @@ You have been warned. Thanks for being so brave. ;; To facilitate copy/paste. (gpm-service) + ;; Add an SSH server to facilitate remote installs. + (service openssh-service-type + (openssh-configuration + (port-number 22) + (permit-root-login #t) + ;; The root account is passwordless, so make sure + ;; a password is set before allowing logins. + (allow-empty-passwords? #f) + (password-authentication? #t))) + ;; Since this is running on a USB stick with a unionfs as the root ;; file system, use an appropriate cache configuration. (nscd-service (nscd-configuration From 51fe9cd38d4d64b5fade8a899d5323da0e217d5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 18 May 2017 10:08:55 +0200 Subject: [PATCH 15/37] services: user-homes: Do not create home directories marked as no-create. Fixes a bug whereby GuixSD would create the /nonexistent directory, from user 'nobody', even though it has 'create-home-directory?' set to #f. * gnu/build/activation.scm (activate-users+groups): Add comment for \#:create-home?. (activate-user-home)[ensure-user-home]: Skip when CREATE-HOME? is #f or SYSTEM? is #t. * gnu/tests/base.scm (run-basic-test)["no extra home directories"]: New tests. --- gnu/build/activation.scm | 9 ++++++++- gnu/tests/base.scm | 22 ++++++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index beee56d437..a1d2a9cc7d 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -227,7 +227,11 @@ numeric gid or #f." #:supplementary-groups supplementary-groups #:comment comment #:home home + + ;; Home directories of non-system accounts are created by + ;; 'activate-user-home'. #:create-home? (and create-home? system?) + #:shell shell #:password password) @@ -282,7 +286,10 @@ they already exist." (match-lambda ((name uid group supplementary-groups comment home create-home? shell password system?) - (unless (or (not home) (directory-exists? home)) + ;; The home directories of system accounts are created during + ;; activation, not here. + (unless (or (not home) (not create-home?) system? + (directory-exists? home)) (let* ((pw (getpwnam name)) (uid (passwd:uid pw)) (gid (passwd:gid pw))) diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 37aab8ef67..e5ac320b74 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -199,6 +199,28 @@ info --version") ',users+homes)) marionette))) + (test-equal "no extra home directories" + '() + + ;; Make sure the home directories that are not supposed to be + ;; created are indeed not created. + (let ((nonexistent + '#$(filter-map (lambda (user) + (and (not + (user-account-create-home-directory? + user)) + (user-account-home-directory user))) + (operating-system-user-accounts os)))) + (marionette-eval + `(begin + (use-modules (srfi srfi-1)) + + ;; Note: Do not flag "/var/empty". + (filter file-exists? + ',(remove (cut string-prefix? "/var/" <>) + nonexistent))) + marionette))) + (test-equal "login on tty1" "root\n" (begin From 36c99429a3638305c16f1e6f5e087daa174d249c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 18 May 2017 11:35:45 +0200 Subject: [PATCH 16/37] union: Gracefully handle dangling symlinks in the input. Fixes . Reported by Pjotr Prins . * guix/build/union.scm (file-is-directory?): Return #f when FILE does not exist or is a dangling symlink. (file=?): Pass #f as a second argument to 'stat'; return #f when both ST1 or ST2 is #f. * tests/profiles.scm (test-equalm): New macro. ("union vs. dangling symlink"): New test. --- .dir-locals.el | 1 + guix/build/union.scm | 43 +++++++++++++++++++++++-------------------- tests/profiles.scm | 29 +++++++++++++++++++++++++++++ 3 files changed, 53 insertions(+), 20 deletions(-) diff --git a/.dir-locals.el b/.dir-locals.el index 4aaeae95c9..04b58d2ce0 100644 --- a/.dir-locals.el +++ b/.dir-locals.el @@ -17,6 +17,7 @@ (eval . (put 'call-with-prompt 'scheme-indent-function 1)) (eval . (put 'test-assert 'scheme-indent-function 1)) (eval . (put 'test-assertm 'scheme-indent-function 1)) + (eval . (put 'test-equalm 'scheme-indent-function 1)) (eval . (put 'test-equal 'scheme-indent-function 1)) (eval . (put 'test-eq 'scheme-indent-function 1)) (eval . (put 'call-with-input-string 'scheme-indent-function 1)) diff --git a/guix/build/union.scm b/guix/build/union.scm index a2ea72e1f5..18167fa3e3 100644 --- a/guix/build/union.scm +++ b/guix/build/union.scm @@ -47,31 +47,34 @@ (loop (cons file files))))))) (define (file-is-directory? file) - (eq? 'directory (stat:type (stat file)))) + (match (stat file #f) + (#f #f) ;maybe a dangling symlink + (st (eq? 'directory (stat:type st))))) (define (file=? file1 file2) "Return #t if FILE1 and FILE2 are regular files and their contents are identical, #f otherwise." - (let ((st1 (stat file1)) - (st2 (stat file2))) + (let ((st1 (stat file1 #f)) + (st2 (stat file2 #f))) ;; When deduplication is enabled, identical files share the same inode. - (or (= (stat:ino st1) (stat:ino st2)) - (and (eq? (stat:type st1) 'regular) - (eq? (stat:type st2) 'regular) - (= (stat:size st1) (stat:size st2)) - (call-with-input-file file1 - (lambda (port1) - (call-with-input-file file2 - (lambda (port2) - (define len 8192) - (define buf1 (make-bytevector len)) - (define buf2 (make-bytevector len)) - (let loop () - (let ((n1 (get-bytevector-n! port1 buf1 0 len)) - (n2 (get-bytevector-n! port2 buf2 0 len))) - (and (equal? n1 n2) - (or (eof-object? n1) - (loop))))))))))))) + (and st1 st2 + (or (= (stat:ino st1) (stat:ino st2)) + (and (eq? (stat:type st1) 'regular) + (eq? (stat:type st2) 'regular) + (= (stat:size st1) (stat:size st2)) + (call-with-input-file file1 + (lambda (port1) + (call-with-input-file file2 + (lambda (port2) + (define len 8192) + (define buf1 (make-bytevector len)) + (define buf2 (make-bytevector len)) + (let loop () + (let ((n1 (get-bytevector-n! port1 buf1 0 len)) + (n2 (get-bytevector-n! port2 buf2 0 len))) + (and (equal? n1 n2) + (or (eof-object? n1) + (loop)))))))))))))) (define* (union-build output inputs #:key (log-port (current-error-port)) diff --git a/tests/profiles.scm b/tests/profiles.scm index d0b1e14a86..093422792f 100644 --- a/tests/profiles.scm +++ b/tests/profiles.scm @@ -50,6 +50,12 @@ (run-with-store %store exp #:guile-for-build (%guile-for-build)))) +(define-syntax-rule (test-equalm name value exp) + (test-equal name + value + (run-with-store %store exp + #:guile-for-build (%guile-for-build)))) + ;; Example manifest entries. (define guile-1.8.8 @@ -366,6 +372,29 @@ get-string-all) "foo!")))))) +(test-equalm "union vs. dangling symlink" ; + "does-not-exist" + (mlet* %store-monad + ((thing1 -> (dummy-package "dummy" + (build-system trivial-build-system) + (arguments + `(#:guile ,%bootstrap-guile + #:builder + (let ((out (assoc-ref %outputs "out"))) + (mkdir out) + (symlink "does-not-exist" + (string-append out "/dangling")) + #t))))) + (thing2 -> (package (inherit thing1) (name "dummy2"))) + (drv (profile-derivation (packages->manifest + (list thing1 thing2)) + #:hooks '() + #:locales? #f)) + (profile -> (derivation->output-path drv))) + (mbegin %store-monad + (built-derivations (list drv)) + (return (readlink (readlink (string-append profile "/dangling"))))))) + (test-end "profiles") ;;; Local Variables: From 4a628d57fc7956ae8a0fb167337d83ba66fe4f52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 18 May 2017 21:19:49 +0200 Subject: [PATCH 17/37] publish: Fix narinfo rendering for already-compressed items. Fixes . Reported by Mark H Weaver . * guix/scripts/publish.scm (bake-narinfo+nar): Pass #f as the 2nd argument to 'stat' and properly handle #f. * tests/publish.scm (wait-for-file): New procedure. ("with cache"): Remove 'wait-for-file' procedure. ("with cache, uncompressed"): New test. --- guix/scripts/publish.scm | 3 +- tests/publish.scm | 71 +++++++++++++++++++++++++++++++++++----- 2 files changed, 65 insertions(+), 9 deletions(-) diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm index 8da75cb825..db7f6a957e 100644 --- a/guix/scripts/publish.scm +++ b/guix/scripts/publish.scm @@ -481,7 +481,8 @@ requested using POOL." (%private-key) #:nar-path nar-path #:compression compression - #:file-size (stat:size (stat nar))) + #:file-size (and=> (stat nar #f) + stat:size)) port)))))) ;; XXX: Declare the 'Guix-Compression' HTTP header, which is in fact for diff --git a/tests/publish.scm b/tests/publish.scm index 268c324551..31043f71fa 100644 --- a/tests/publish.scm +++ b/tests/publish.scm @@ -98,6 +98,18 @@ (connect conn AF_INET (inet-pton AF_INET "127.0.0.1") port)) (loop))))) +(define (wait-for-file file) + ;; Wait until FILE shows up. + (let loop ((i 20)) + (cond ((file-exists? file) + #t) + ((zero? i) + (error "file didn't show up" file)) + (else + (pk 'wait-for-file file) + (sleep 1) + (loop (- i 1)))))) + ;; Wait until the two servers are ready. (wait-until-ready 6789) @@ -331,14 +343,6 @@ FileSize: ~a~%" 200) ;nar/… (call-with-temporary-directory (lambda (cache) - (define (wait-for-file file) - (let loop ((i 20)) - (or (file-exists? file) - (begin - (pk 'wait-for-file file) - (sleep 1) - (loop (- i 1)))))) - (let ((thread (with-separate-output-ports (call-with-new-thread (lambda () @@ -384,4 +388,55 @@ FileSize: ~a~%" (stat:size (stat nar))) (response-code uncompressed))))))))) +(unless (zlib-available?) + (test-skip 1)) +(let ((item (add-text-to-store %store "fake-compressed-thing.tar.gz" + (random-text)))) + (test-equal "with cache, uncompressed" + (list #f + `(("StorePath" . ,item) + ("URL" . ,(string-append "nar/" (basename item))) + ("Compression" . "none")) + 200 ;nar/… + (path-info-nar-size + (query-path-info %store item)) ;FileSize + 404) ;nar/gzip/… + (call-with-temporary-directory + (lambda (cache) + (let ((thread (with-separate-output-ports + (call-with-new-thread + (lambda () + (guix-publish "--port=6796" "-C2" + (string-append "--cache=" cache))))))) + (wait-until-ready 6796) + (let* ((base "http://localhost:6796/") + (part (store-path-hash-part item)) + (url (string-append base part ".narinfo")) + (cached (string-append cache "/none/" + (basename item) ".narinfo")) + (nar (string-append cache "/none/" + (basename item) ".nar")) + (response (http-get url))) + (and (= 404 (response-code response)) + + (wait-for-file cached) + (let* ((body (http-get-port url)) + (compressed (http-get (string-append base "nar/gzip/" + (basename item)))) + (uncompressed (http-get (string-append base "nar/" + (basename item)))) + (narinfo (recutils->alist body))) + (list (file-exists? nar) + (filter (lambda (item) + (match item + (("Compression" . _) #t) + (("StorePath" . _) #t) + (("URL" . _) #t) + (_ #f))) + narinfo) + (response-code uncompressed) + (string->number + (assoc-ref narinfo "FileSize")) + (response-code compressed)))))))))) + (test-end "publish") From 4ee6584cbfe5389db72f490f29e438f9935c2316 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 19 May 2017 10:45:12 +0200 Subject: [PATCH 18/37] modules: Add more source-less modules. * guix/modules.scm (%source-less-modules): New variable. (source-module-dependencies): Use it. --- guix/modules.scm | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/guix/modules.scm b/guix/modules.scm index 8c63f21a97..24b5903579 100644 --- a/guix/modules.scm +++ b/guix/modules.scm @@ -95,11 +95,16 @@ depends on." (('gnu _ ...) #t) (_ #f))) +(define %source-less-modules + ;; These are modules that have no corresponding source files or a source + ;; file different from what you'd expect. + '((system syntax) ;2.0, defined in boot-9 + (ice-9 ports internal) ;2.2, defined in (ice-9 ports) + (system syntax internal))) ;2.2, defined in boot-9 + (define* (source-module-dependencies module #:optional (load-path %load-path)) "Return the modules used by MODULE by looking at its source code." - ;; The (system syntax) module is a special-case because it has no - ;; corresponding source file (as of Guile 2.0.) - (if (equal? module '(system syntax)) + (if (member module %source-less-modules) '() (module-file-dependencies (search-path load-path From c383dc520f4b71bcb99115768bfafa00df85f9d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 19 May 2017 10:50:20 +0200 Subject: [PATCH 19/37] gnu: guile-ssh: Fix potential double-free/use-after-free issue. Fixes . Reported by Mark H Weaver . * gnu/packages/patches/guile-ssh-double-free.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ssh.scm (guile-ssh)[source](patches): Add it. --- gnu/local.mk | 1 + .../patches/guile-ssh-double-free.patch | 37 +++++++++++++++++++ gnu/packages/ssh.scm | 3 +- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-ssh-double-free.patch diff --git a/gnu/local.mk b/gnu/local.mk index ca26bcd812..f1a3cf6dba 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -651,6 +651,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-relocatable.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/guile-ssh-rexec-bug.patch \ + %D%/packages/patches/guile-ssh-double-free.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ %D%/packages/patches/gtk2-theme-paths.patch \ diff --git a/gnu/packages/patches/guile-ssh-double-free.patch b/gnu/packages/patches/guile-ssh-double-free.patch new file mode 100644 index 0000000000..9692b81d39 --- /dev/null +++ b/gnu/packages/patches/guile-ssh-double-free.patch @@ -0,0 +1,37 @@ +Fix a double-free or use-after-free issue with Guile-SSH used +with Guile 2.2. See . + +diff --git a/libguile-ssh/channel-type.c b/libguile-ssh/channel-type.c +index 3dd641f..0839854 100644 +--- a/libguile-ssh/channel-type.c ++++ b/libguile-ssh/channel-type.c +@@ -229,10 +229,11 @@ ptob_close (SCM channel) + ssh_channel_free (ch->ssh_channel); + } + ++ SCM_SETSTREAM (channel, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (channel, NULL); + + return 0; + #endif +diff --git a/libguile-ssh/sftp-file-type.c b/libguile-ssh/sftp-file-type.c +index 8879924..f87cf03 100644 +--- a/libguile-ssh/sftp-file-type.c ++++ b/libguile-ssh/sftp-file-type.c +@@ -224,10 +224,11 @@ ptob_close (SCM sftp_file) + sftp_close (fd->file); + } + ++ SCM_SETSTREAM (sftp_file, NULL); ++ + #if USING_GUILE_BEFORE_2_2 + scm_gc_free (pt->write_buf, pt->write_buf_size, "port write buffer"); + scm_gc_free (pt->read_buf, pt->read_buf_size, "port read buffer"); +- SCM_SETSTREAM (sftp_file, NULL); + + return 1; + #endif diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 6a074d10fa..bb1898774b 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -226,7 +226,8 @@ Additionally, various channel-specific options can be negotiated.") (sha256 (base32 "0r261i8kc3avbmbwgyzak2vnqwssjlgz37g2y2fwm80w9bmn2m7j")) - (patches (search-patches "guile-ssh-rexec-bug.patch")) + (patches (search-patches "guile-ssh-rexec-bug.patch" + "guile-ssh-double-free.patch")) (modules '((guix build utils))) (snippet ;; 'configure.ac' mistakenly tries to link files from examples/ From fd5a30ab7b999f9b1095426054b5fcdfdacddc6f Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 11 Apr 2017 10:47:38 +0200 Subject: [PATCH 20/37] vm: Support arbitrary partition flags. * gnu/build/vm.scm (): Change BOOTABLE? to FLAGS. (initialize-partition-table): Pass each flag to parted. (initialize-hard-disk): Locate boot partition. * gnu/system/vm.scm (qemu-image): Adjust partition flags. --- gnu/build/vm.scm | 17 ++++++++++++----- gnu/system/vm.scm | 2 +- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm index 1eb9a4c45e..00d625c946 100644 --- a/gnu/build/vm.scm +++ b/gnu/build/vm.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2016 Christopher Allan Webber ;;; Copyright © 2016 Leo Famulari ;;; Copyright © 2017 Mathieu Othacehe +;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -41,7 +42,7 @@ partition-size partition-file-system partition-label - partition-bootable? + partition-flags partition-initializer root-partition-initializer @@ -141,7 +142,7 @@ the #:references-graphs parameter of 'derivation'." (size partition-size) (file-system partition-file-system (default "ext4")) (label partition-label (default #f)) - (bootable? partition-bootable? (default #f)) + (flags partition-flags (default '())) (initializer partition-initializer (default (const #t)))) (define (fold2 proc seed1 seed2 lst) ;TODO: factorize @@ -168,9 +169,10 @@ actual /dev name based on DEVICE." (cons* "mkpart" "primary" "ext2" (format #f "~aB" offset) (format #f "~aB" (+ offset (partition-size part))) - (if (partition-bootable? part) - `("set" ,(number->string index) "boot" "on") - '()))) + (append-map (lambda (flag) + (list "set" (number->string index) + (symbol->string flag) "on")) + (partition-flags part)))) (define (options partitions offset) (let loop ((partitions partitions) @@ -300,6 +302,11 @@ in PARTITIONS, and using BOOTCFG as its bootloader configuration file. Each partition is initialized by calling its 'initializer' procedure, passing it a directory name where it is mounted." + + (define (partition-bootable? partition) + "Return the first partition found with the boot flag set." + (member 'boot (partition-flags partition))) + (let* ((partitions (initialize-partition-table device partitions)) (root (find partition-bootable? partitions)) (target "/fs")) diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 2c8b954c80..71bc55d7d8 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -229,7 +229,7 @@ the image." (* 10 (expt 2 20)))) (label #$file-system-label) (file-system #$file-system-type) - (bootable? #t) + (flags '(boot)) (initializer initialize))))) (initialize-hard-disk "/dev/vda" #:partitions partitions From 03119da21172c0c969b23596bec72b8383f7584e Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 6 May 2017 22:53:58 +0200 Subject: [PATCH 21/37] vm: Support creating FAT partitions. * gnu/build/vm.scm (create-ext-file-system, create-fat-file-system): New procedures. (format-partition): Use them. Error for unknown file systems. * gnu/system/vm.scm (qemu-image): Include DOSFSTOOLS. * gnu/system/linux-initrd.scm (base-initrd): Always add nls_is8859-1.ko. --- gnu/build/vm.scm | 30 ++++++++++++++++++++++++++---- gnu/system/linux-initrd.scm | 4 +--- gnu/system/vm.scm | 2 +- 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm index 00d625c946..ef8dcc315f 100644 --- a/gnu/build/vm.scm +++ b/gnu/build/vm.scm @@ -213,10 +213,10 @@ actual /dev name based on DEVICE." (define MS_BIND 4096) ; again! -(define* (format-partition partition type - #:key label) - "Create a file system TYPE on PARTITION. If LABEL is true, use that as the -volume name." +(define* (create-ext-file-system partition type + #:key label) + "Create an ext-family filesystem of TYPE on PARTITION. If LABEL is true, +use that as the volume name." (format #t "creating ~a partition...\n" type) (unless (zero? (apply system* (string-append "mkfs." type) "-F" partition @@ -225,6 +225,28 @@ volume name." '()))) (error "failed to create partition"))) +(define* (create-fat-file-system partition + #:key label) + "Create a FAT filesystem on PARTITION. The number of File Allocation Tables +will be determined based on filesystem size. If LABEL is true, use that as the +volume name." + (format #t "creating FAT partition...\n") + (unless (zero? (apply system* "mkfs.fat" partition + (if label + `("-n" ,label) + '()))) + (error "failed to create FAT partition"))) + +(define* (format-partition partition type + #:key label) + "Create a file system TYPE on PARTITION. If LABEL is true, use that as the +volume name." + (cond ((string-prefix? "ext" type) + (create-ext-file-system partition type #:label label)) + ((or (string-prefix? "fat" type) (string= "vfat" type)) + (create-fat-file-system partition #:label label)) + (else (error "Unsupported file system.")))) + (define (initialize-partition partition) "Format PARTITION, a object with a non-#f 'device' field, mount it, run its initializer, and unmount it." diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm index dfe198e43e..3a5e76034a 100644 --- a/gnu/system/linux-initrd.scm +++ b/gnu/system/linux-initrd.scm @@ -268,6 +268,7 @@ loaded at boot time in the order in which they appear." "usbhid" "hid-generic" "hid-apple" ;keyboards during early boot "dm-crypt" "xts" "serpent_generic" "wp512" ;for encrypted root partitions "nvme" ;for new SSD NVMe devices + "nls_iso8859-1" ;for `mkfs.fat`, et.al ,@(if (string-match "^(x86_64|i[3-6]86)-" (%current-system)) '("pata_acpi" "pata_atiixp" ;for ATA controllers "isci") ;for SAS controllers like Intel C602 @@ -281,9 +282,6 @@ loaded at boot time in the order in which they appear." ,@(if (find (file-system-type-predicate "9p") file-systems) virtio-9p-modules '()) - ,@(if (find (file-system-type-predicate "vfat") file-systems) - '("nls_iso8859-1") - '()) ,@(if (find (file-system-type-predicate "btrfs") file-systems) '("btrfs") '()) diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 71bc55d7d8..2110ce68bb 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -201,7 +201,7 @@ the image." (guix build utils)) (let ((inputs - '#$(append (list qemu parted grub e2fsprogs) + '#$(append (list qemu parted grub e2fsprogs dosfstools) (map canonical-package (list sed grep coreutils findutils gawk)) (if register-closures? (list guix) '()))) From 6520904b3e79a5f59bd681931d0ae72783e43eee Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sun, 7 May 2017 15:31:30 +0200 Subject: [PATCH 22/37] vm: Add UEFI loader to disk images. * gnu/build/vm.scm (install-efi): New procedure. (initialize-hard-disk): Generate EFI blob when ESP is present. * gnu/system/vm.scm (qemu-image): Append 40MiB EFI System Partition. (cherry picked from commit ecf5d5376979fadd971559367bf553df89fcc62b) --- gnu/build/vm.scm | 60 +++++++++++++++++++++++++++++++++++++++++++++++ gnu/system/vm.scm | 20 +++++++++++++--- 2 files changed, 77 insertions(+), 3 deletions(-) diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm index ef8dcc315f..7147ce1993 100644 --- a/gnu/build/vm.scm +++ b/gnu/build/vm.scm @@ -27,6 +27,7 @@ #:use-module (gnu build linux-boot) #:use-module (gnu build install) #:use-module (guix records) + #:use-module (ice-9 format) #:use-module (ice-9 match) #:use-module (ice-9 regex) #:use-module (srfi srfi-1) @@ -315,9 +316,38 @@ SYSTEM-DIRECTORY is the name of the directory of the 'system' derivation." (mkdir-p directory) (symlink bootcfg (string-append directory "/grub.cfg")))) +(define (install-efi grub esp config-file) + "Write a self-contained GRUB EFI loader to the mounted ESP using CONFIG-FILE." + (let* ((system %host-type) + ;; Hard code the output location to a well-known path recognized by + ;; compliant firmware. See "3.5.1.1 Removable Media Boot Behaviour": + ;; http://www.uefi.org/sites/default/files/resources/UEFI%20Spec%202_6.pdf + (grub-mkstandalone (string-append grub "/bin/grub-mkstandalone")) + (efi-directory (string-append esp "/EFI/BOOT")) + ;; Map grub target names to boot file names. + (efi-targets (cond ((string-prefix? "x86_64" system) + '("x86_64-efi" . "BOOTX64.EFI")) + ((string-prefix? "i686" system) + '("i386-efi" . "BOOTIA32.EFI")) + ((string-prefix? "armhf" system) + '("arm-efi" . "BOOTARM.EFI")) + ((string-prefix? "aarch64" system) + '("arm64-efi" . "BOOTAA64.EFI"))))) + ;; grub-mkstandalone requires a TMPDIR to prepare the firmware image. + (setenv "TMPDIR" esp) + + (mkdir-p efi-directory) + (unless (zero? (system* grub-mkstandalone "-O" (car efi-targets) + "-o" (string-append efi-directory "/" + (cdr efi-targets)) + ;; Graft the configuration file onto the image. + (string-append "boot/grub/grub.cfg=" config-file))) + (error "failed to create GRUB EFI image")))) + (define* (initialize-hard-disk device #:key grub.cfg + (grub-efi #f) (partitions '())) "Initialize DEVICE as a disk containing all the objects listed in PARTITIONS, and using BOOTCFG as its bootloader configuration file. @@ -329,8 +359,13 @@ passing it a directory name where it is mounted." "Return the first partition found with the boot flag set." (member 'boot (partition-flags partition))) + (define (partition-esp? partition) + "Return the first EFI System Partition." + (member 'esp (partition-flags partition))) + (let* ((partitions (initialize-partition-table device partitions)) (root (find partition-bootable? partitions)) + (esp (find partition-esp? partitions)) (target "/fs")) (unless root (error "no bootable partition specified" partitions)) @@ -342,6 +377,31 @@ passing it a directory name where it is mounted." (mount (partition-device root) target (partition-file-system root)) (install-grub grub.cfg device target) + (when esp + ;; Mount the ESP somewhere and install GRUB UEFI image. + (let ((mount-point (string-append target "/boot/efi")) + (grub-config (string-append target "/tmp/grub-standalone.cfg"))) + (display "mounting EFI system partition...\n") + (mkdir-p mount-point) + (mount (partition-device esp) mount-point + (partition-file-system esp)) + + ;; Create a tiny configuration file telling the embedded grub + ;; where to load the real thing. + (call-with-output-file grub-config + (lambda (port) + (format port + "insmod part_msdos~@ + search --set=root --label gnu-disk-image~@ + configfile /boot/grub/grub.cfg~%"))) + + (display "creating EFI firmware image...") + (install-efi grub-efi mount-point grub-config) + (display "done.\n") + + (delete-file grub-config) + (umount mount-point))) + ;; Register GRUB.CFG as a GC root. (register-grub.cfg-root target grub.cfg) diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 2110ce68bb..c40bb4c436 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2016 Christopher Allan Webber ;;; Copyright © 2016 Leo Famulari ;;; Copyright © 2017 Mathieu Othacehe +;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -226,14 +227,27 @@ the image." #:system-directory #$os-derivation)) (partitions (list (partition (size #$(- disk-image-size - (* 10 (expt 2 20)))) + (* 50 (expt 2 20)))) (label #$file-system-label) (file-system #$file-system-type) (flags '(boot)) - (initializer initialize))))) + (initializer initialize)) + ;; Append a small EFI System Partition for + ;; use with UEFI bootloaders. + (partition + ;; The standalone grub image is about 10MiB, but + ;; leave some room for custom or multiple images. + (size (* 40 (expt 2 20))) + (label "GNU-ESP") ;cosmetic only + ;; Use "vfat" here since this property is used + ;; when mounting. The actual FAT-ness is based + ;; on filesystem size (16 in this case). + (file-system "vfat") + (flags '(esp)))))) (initialize-hard-disk "/dev/vda" #:partitions partitions - #:grub.cfg #$grub-configuration) + #:grub.cfg #$grub-configuration + #:grub-efi #$grub-efi) (reboot))))) #:system system #:make-disk-image? #t From 429046e9dd38a8cd9e569172f2f23dce3d61cbf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Fri, 19 May 2017 23:36:56 +0200 Subject: [PATCH 23/37] system: Use Guile 2.2 rather than 2.0 in %BASE-PACKAGES. * gnu/system.scm (%base-packages): Change GUILE-2.0 to GUILE-2.2. --- gnu/system.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/system.scm b/gnu/system.scm index f9a0da9a75..2fab394d23 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -494,7 +494,7 @@ explicitly appear in OS." ;; The packages below are also in %FINAL-INPUTS, so take them from ;; there to avoid duplication. (map canonical-package - (list guile-2.0 bash coreutils-8.27 findutils grep sed + (list guile-2.2 bash coreutils-8.27 findutils grep sed diffutils patch gawk tar gzip bzip2 xz lzip)))) (define %default-issue From 6a9defd7474f0e8b0f9030de60b1241a551ad403 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 19 May 2017 20:26:58 -0400 Subject: [PATCH 24/37] gnu: dropbear: Update to 2017.75 [fixes CVE-2017-{9078,9079}]. * gnu/packages/ssh.scm (dropbear): Update to 2017.75. --- gnu/packages/ssh.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index bb1898774b..b01a94f871 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -380,7 +380,7 @@ especially over Wi-Fi, cellular, and long-distance links.") (define-public dropbear (package (name "dropbear") - (version "2016.74") + (version "2017.75") (source (origin (method url-fetch) (uri (string-append @@ -388,7 +388,7 @@ especially over Wi-Fi, cellular, and long-distance links.") name "-" version ".tar.bz2")) (sha256 (base32 - "14c8f4gzixf0j9fkx68jgl85q7b05852kk0vf09gi6h0xmafl817")))) + "1309cm2aw62n9m3h38prvgsqr8bj85hfasgnvwkd42cp3k5ivg3c")))) (build-system gnu-build-system) (arguments `(#:tests? #f)) ; There is no "make check" or anything similar (inputs `(("zlib" ,zlib))) From 7dccad95b62871af048dd2d337579424f07595f2 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 19 May 2017 18:31:48 -0400 Subject: [PATCH 25/37] gnu: icedtea@2: Update to 2.6.10 [security fixes]. Fixes CVE-2017-{3509,3511,3512,3514,3526,3533,3539,3544}. * gnu/packages/java.scm (icedtea-7): Update to 2.6.10. --- gnu/packages/java.scm | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm index 4a381b6a1c..85f2bb975f 100644 --- a/gnu/packages/java.scm +++ b/gnu/packages/java.scm @@ -341,12 +341,12 @@ build process and its dependencies, whereas Make uses Makefile format.") (license license:asl2.0))) (define-public icedtea-7 - (let* ((version "2.6.9") + (let* ((version "2.6.10") (drop (lambda (name hash) (origin (method url-fetch) (uri (string-append - "http://icedtea.classpath.org/download/drops/" + "http://icedtea.classpath.org/download/drops" "/icedtea7/" version "/" name ".tar.bz2")) (sha256 (base32 hash)))))) (package @@ -359,7 +359,7 @@ build process and its dependencies, whereas Make uses Makefile format.") version ".tar.xz")) (sha256 (base32 - "1slmajiakq7sk137vgqq9c93r5s620a46lw2jwbnzxhysjw3wkwf")) + "0am945k2zqrka2xn7lb5grmkad4lwncnhnwk8iq6f269birzsj8w")) (modules '((guix build utils))) (snippet '(substitute* "Makefile.in" @@ -770,25 +770,25 @@ build process and its dependencies, whereas Make uses Makefile format.") (native-inputs `(("openjdk-src" ,(drop "openjdk" - "08a4d1sg5m9l99lc7gafc7dmzmf4d8jvij5pffxv8rf6pk7psk24")) + "02klsxp9hlf5sial6mxpiq53hmrhlrg6x774j7bjjfhb7hpdvadh")) ("corba-drop" ,(drop "corba" - "12br49cfrqgvms0bnaij7fvnakvb6q8dlpqja64rg5q5r3x4gps8")) + "1vbly6khri241xda05gnwkpf2fk41d96ls96ximi084mx0a3w5rd")) ("jaxp-drop" ,(drop "jaxp" - "07v2y3pll6z2wma94qilgffwyn2n4jna01mrhqwkb27whfpjfkmz")) + "0s8zln64vdwdxwlw1vpfzm8xbpyhgsv3nqjmnv7y36qpsszg27a5")) ("jaxws-drop" ,(drop "jaxws" - "18rw64jjpq14v56d0q1xvz8knl0kf02rcday7fvlaxrbbj19km55")) + "0myd66bv8ib8krzgqv754bc564rd8xwpwabvf7my1apyb86vap3n")) ("jdk-drop" ,(drop "jdk" - "1ig7xipi3vzm6cphy5fdraxi72p27xsg2qb51yqx9qwsmlrv1zj4")) + "10b4lfv10vba07zblw0wii7mhrfhf32pf7410x5nz2q0smgszl2h")) ("langtools-drop" ,(drop "langtools" - "0sn9qv9nnhaan2smbhrv54lfhwsjhgd3b3h736p5d2hzpw8kicry")) + "0lvncxb5qzrlqkflrnd0l8vwy155cwj1jb07rkq10z2vx0bq7lq2")) ("hotspot-drop" ,(drop "hotspot" - "16ijxy8br8dla339m4i90wr9xpf7s8z3nrhfyxm7jahr8injpzyl")) + "0q6mdgbbd3681y3n0z1v783irdjhhi73z6sn5csczpyhjm318axb")) ("ant" ,ant) ("attr" ,attr) ("autoconf" ,autoconf) From 96afb480f8165a315a69b1dd3a031e053044d3b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 20 May 2017 14:28:24 +0200 Subject: [PATCH 26/37] pack: Use 'guile2.0-json' when building with Guile 2.0. Fixes . Reported by Pjotr Prins . Fixes a regression introduced in commit 2252f087d4bd450ab41a71379320467887edfc0f. * guix/scripts/pack.scm (docker-image)[json]: New variable. [build]: Use it. --- guix/scripts/pack.scm | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/guix/scripts/pack.scm b/guix/scripts/pack.scm index 1595be1f52..1273c09f54 100644 --- a/guix/scripts/pack.scm +++ b/guix/scripts/pack.scm @@ -35,7 +35,7 @@ #:autoload (gnu packages base) (tar) #:autoload (gnu packages package-management) (guix) #:autoload (gnu packages gnupg) (libgcrypt) - #:autoload (gnu packages guile) (guile-json) + #:autoload (gnu packages guile) (guile2.0-json guile-json) #:use-module (srfi srfi-1) #:use-module (srfi srfi-9) #:use-module (srfi srfi-37) @@ -217,6 +217,13 @@ the image." (define %libgcrypt #+(file-append libgcrypt "/lib/libgcrypt")))))) + (define json + ;; Pick the guile-json package that corresponds to the Guile used to build + ;; derivations. + (if (string-prefix? "2.0" (package-version (default-guile))) + guile2.0-json + guile-json)) + (define build (with-imported-modules `(,@(source-module-closure '((guix docker)) #:select? not-config?) @@ -224,7 +231,7 @@ the image." #~(begin ;; Guile-JSON is required by (guix docker). (add-to-load-path - (string-append #$guile-json "/share/guile/site/" + (string-append #+json "/share/guile/site/" (effective-version))) (use-modules (guix docker) (srfi srfi-19)) From 402f241da491b685132b2a1a4327553c700a4e62 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 20 May 2017 23:39:30 +0200 Subject: [PATCH 27/37] Update NEWS. --- NEWS | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 344b60d28d..3d437e332f 100644 --- a/NEWS +++ b/NEWS @@ -68,8 +68,10 @@ thermald *** Create home directories once file systems are mounted () *** GNU R now builds bit-reproducibly () - -*** FIXME: Add more +*** The daemon’s default settings are used unless overriden (https://bugs.gnu.org/20217) +*** ‘guix system’ now supports the common build option ‘--root’ (https://bugs.gnu.org/26271) +*** Mesa uses LLVM for better Gallium performance (https://bugs.gnu.org/25953) +*** Grafting no longer triggers a download of all the outputs of each derivation (https://bugs.gnu.org/24886) ** Native language support From a588e34e0defcb5fde48570cf3a304cb942bf743 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 20 May 2017 21:28:20 +0200 Subject: [PATCH 28/37] vm: Increase default disk size to account for ESP partition. Fixes a test regression introduced by ecf5d5376979fadd971559367bf553df89fcc62b. * gnu/system/vm.scm (system-qemu-image/shared-store-script): 30MiB -> 70MiB. --- gnu/system/vm.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index c40bb4c436..f01f68fbd3 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -485,7 +485,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS." (mappings '()) full-boot? (disk-image-size - (* (if full-boot? 500 30) + (* (if full-boot? 500 70) (expt 2 20)))) "Return a derivation that builds a script to run a virtual machine image of OS that shares its store with the host. From 324499184a13e8f27d9805d5db2b133380e69bfe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 01:07:17 +0200 Subject: [PATCH 29/37] gnu: unionfs-fuse-static: Remove 'unionfsctl' executable. This avoids pulling in glibc & co. Fixes a regression introduced in 2f861edf5cf5118ad560737343312c9a5efe5b2f (the 'unionfsctl' executable did not exist in unionfs-fuse 0.26). * gnu/packages/linux.scm (unionfs-fuse/static)[arguments] : Remove 'unionfsctl' binary. --- gnu/packages/linux.scm | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 7bb26c72f5..cd2c833e39 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1568,7 +1568,12 @@ UnionFS-FUSE additionally supports copy-on-write.") (exe (string-append out "/bin/unionfs"))) ;; By default, 'unionfs' keeps references to ;; $glibc/share/locale and similar stuff. Remove them. - (remove-store-references exe))) + (remove-store-references exe) + + ;; 'unionfsctl' has references to glibc as well. Since + ;; we don't need it, remove it. + (delete-file (string-append out "/bin/unionfsctl")) + #t)) %standard-phases))) (inputs `(("fuse" ,fuse-static))))) From 092c58e74513fd4056c064098540421a5e9a5c5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 01:25:16 +0200 Subject: [PATCH 30/37] guix system: Increase image size for 'guix system vm'. This is a followup to 9a1bfe764859365b6726f168da95b88a2d22403b. * guix/scripts/system.scm (system-derivation-for-action): Add 40MiB to the default size for 'vm'. --- guix/scripts/system.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm index 9c09767508..6977a57844 100644 --- a/guix/scripts/system.scm +++ b/guix/scripts/system.scm @@ -550,7 +550,7 @@ PATTERN, a string. When PATTERN is #f, display all the system generations." #:disk-image-size (if full-boot? image-size - (* 30 (expt 2 20))) + (* 70 (expt 2 20))) #:mappings mappings)) ((disk-image) (system-disk-image os #:disk-image-size image-size)))) From 8a29dc07a4b62ee480490137592cf02c33b1799f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 11:49:07 +0200 Subject: [PATCH 31/37] guix system: Don't warn about old distros for "guix system init". * guix/scripts/system.scm (process-action): Don't call 'warn-about-old-distro' when ACTION is 'init' or 'build'. --- guix/scripts/system.scm | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm index 6977a57844..ede158c17c 100644 --- a/guix/scripts/system.scm +++ b/guix/scripts/system.scm @@ -847,8 +847,10 @@ resulting from command-line parsing." ((shepherd-graph) (export-shepherd-graph os (current-output-port))) (else - (warn-about-old-distro #:suggested-command - "guix system reconfigure") + (unless (memq action '(build init)) + (warn-about-old-distro #:suggested-command + "guix system reconfigure")) + (perform-action action os #:dry-run? dry? #:derivations-only? (assoc-ref opts From 9d0c24d1be393d14bddd031e910b1d0e51156f58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 11:56:29 +0200 Subject: [PATCH 32/37] tests: ssh: Use 'guile2.0-ssh'. Fixes a regression introduced in 4d8806c3d662c74e6d48d0f0d6ce423fce9a3a08. * gnu/tests/ssh.scm (run-ssh-test): Use GUILE2.0-SSH instead of GUILE-SSH. --- gnu/tests/ssh.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/tests/ssh.scm b/gnu/tests/ssh.scm index 02931e982a..5f06151081 100644 --- a/gnu/tests/ssh.scm +++ b/gnu/tests/ssh.scm @@ -51,7 +51,7 @@ When SFTP? is true, run an SFTP server test." (eval-when (expand load eval) ;; Prepare to use Guile-SSH. (set! %load-path - (cons (string-append #$guile-ssh "/share/guile/site/" + (cons (string-append #+guile2.0-ssh "/share/guile/site/" (effective-version)) %load-path))) From 31025edc9415d8befd7dc2e5df2946495df0c29e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 11:58:35 +0200 Subject: [PATCH 33/37] Update NEWS. --- NEWS | 558 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 550 insertions(+), 8 deletions(-) diff --git a/NEWS b/NEWS index 3d437e332f..06316cfa9a 100644 --- a/NEWS +++ b/NEWS @@ -35,7 +35,7 @@ Please send Guix bug reports to bug-guix@gnu.org. *** The GuixSD installation image supports (U)EFI systems *** GuixSD supports Btrfs () -*** Some system services are now run in separate namespaces +*** Some system services are now run in separate namespaces (“containers”) *** The LXDE desktop environment is now available *** ‘grub-configuration’ can specify settings for the user interface *** Service types can now specify a default value for services @@ -49,8 +49,545 @@ Please send Guix bug reports to bug-guix@gnu.org. exim, mail-aliases, inetd, agetty, openvswitch, special-files, redis, thermald -*** FIXME new packages -*** FIXME package updates +*** 840 new packages + +0ad, 0ad-data, adb, alpine, alsa-plugins, angband, antlr2, antlr3, +appstream-glib, aris, aspell-dict-pt-br, asunder, balsa, bam, beep, +binutils-vc4, blind, blists, btrfs-progs-static, camlzip, cargo, catdoc, +catimg, ccd2cue, cdogs-sdl, cdrtools, ceph, checkpolicy, cifs-utils, cmst, +colors, compface, compton, cool-retro-term, corrode, crawl, darcs, +darktable, dcmtk, deutex, ding-libs, dotherside, dovecot-libsodium-plugin, +dovecot-trees, dub, dvd+rw-tools, dvdauthor, dvdstyler, dzen, e3, electrum, +emacs-adaptive-wrap, emacs-ag, emacs-aggressive-indent, emacs-alert, +emacs-ansi, emacs-calfw, emacs-cdlatex, emacs-commander, +emacs-default-encrypt, emacs-diminish, emacs-dream-theme, +emacs-evil-commentary, emacs-evil-surround, emacs-exwm, emacs-git-gutter, +emacs-git-timemachine, emacs-gntp, emacs-gnuplot, emacs-google-maps, +emacs-highlight-sexp, emacs-ht, emacs-htmlize, emacs-idle-highlight, +emacs-key-chord, emacs-keyfreq, emacs-linum-relative, emacs-log4e, +emacs-memoize, emacs-mew, emacs-monroe, emacs-mu4e-alert, emacs-ox-twbs, +emacs-pretty-mode, emacs-strace-mode, emacs-stripe-buffer, emacs-sx, +emacs-symon, emacs-transpose-frame, emacs-use-package, emacs-xelb, +emacs-xmlgen, emacs-yasnippet, emacspeak, enigma, ert-runner, es, +eudev-with-hwdb, f3, fabric, fcitx-configtool, filezilla, fillets-ng, +fish-guix, fmt, font-awesome, font-cns11643, font-cns11643-swjz, +font-comic-neue, font-go, font-google-material-design-icons, +font-google-roboto, font-iosevka, font-linuxlibertine, font-tamzen, +font-wqy-microhei, fortify-headers, fprintd, freeciv, freedoom, freegish, +freerdp, freetalk, freexl, gcc-vc4, gcompris-qt, geos, ghc-code-page, +ghc-hslogger, ghc-json, ghc-language-c, ghc-markdown-unlit, ghc-setlocale, +ghc-unexceptionalio, ghc-wave, git-crypt, gl2ps, gnome-autoar, +gnome-disk-utility, gnumach, gnushogi, gnustep-make, gpicview, grafx2, +graphene, guildhall, guile-8sync, guile-bash, guile-fibers, guile-git, +guile-ics, guile-miniadapton, guile-sdl2, guile-sjson, +guile-syntax-highlight, guile2.0-commonmark, guile2.0-haunt, guile2.0-json, +guile2.0-reader, guile2.0-ssh, guile2.2-gdbm-ffi, guile2.2-gnutls, +guile2.2-haunt, guile2.2-lib, guile2.2-reader, guile2.2-ssh, heimdal, +hiawatha, hisat2, http-parser, httpfs2, httpstat, hubbub, human, hurd, +hyperestraier, idris-bifunctors, idris-lens, idris-lightyear, +idris-wl-pprint, intel-gpu-tools, itpp, jacal, java-asm, java-cglib, +java-commons-cli, java-commons-codec, java-commons-collections4, +java-commons-compress, java-commons-daemon, java-commons-io, +java-commons-lang, java-commons-lang3, java-commons-logging-minimal, +java-commons-math3, java-commons-net, java-easymock, java-eclipse-ant-core, +java-eclipse-compare-core, java-eclipse-core-commands, +java-eclipse-core-contenttype, java-eclipse-core-expressions, +java-eclipse-core-filesystem, java-eclipse-core-jobs, +java-eclipse-core-resources, java-eclipse-core-runtime, +java-eclipse-core-variables, java-eclipse-equinox-app, +java-eclipse-equinox-common, java-eclipse-equinox-preferences, +java-eclipse-equinox-registry, java-eclipse-jdt-core, java-eclipse-osgi, +java-eclipse-team-core, java-eclipse-text, java-guava, java-hamcrest-all, +java-httpcomponents-httpclient, java-httpcomponents-httpcore, +java-httpcomponents-httpcore-ab, java-httpcomponents-httpcore-nio, +java-httpcomponents-httpmime, java-icu4j, java-javax-mail, java-jmh, +java-jmock, java-jopt-simple, java-jsch, java-jsr305, java-log4j-api, +java-mockito, java-objenesis, java-osgi-annotation, java-osgi-core, +java-osgi-service-event, java-plexus-interpolation, java-plexus-utils, +java-rsyntaxtextarea, java-simple-xml, java-usb4java, joe, kakoune, +keybinder, kiki, knot, lchat, le-certs, leafpad, lensfun, leveldb, libbson, +libcss, libdom, libfilezilla, libfprint, libgig, libgme, +libgnome-games-support, libircclient, libmesode, libmnl, libmp4v2, +libmpack, libnftnl, libnsbmp, libnsgif, libnspsl, libnsutils, +libparserutils, libpng-apng, libselinux, libsemanage, libsepol, libsmf, +libstaroffice, libstrophe, libsvgtiny, libtorrent-rasterbar, liburcu, +libusb4java, libutf, libvterm, libwapcaplet, libxls, libzmf, lierolibre, +light, lightdm, lightdm-gtk-greeter, linsmith, linuxdcpp, +llvm-for-extempore, lmms, loudmouth, lshw, lsyncd, lua-libmpack, +lua5.2-bitop, lua5.2-libmpack, lua5.2-lpeg, lugaru, luminance-hdr, lush2, +lxde, lxde-common, lxde-icon-theme, lxinput, lxmenu-data, lxpanel, +lxsession, maxflow, mbedtls-apache, mcabber, mcomix, mdbtools, megaglest, +megaglest-data, menumaker, mes, meson, mia, minizip, mlmmj, +multipath-tools, neofetch, neomutt, neovim, neovim-syntastic, +netcdf-fortran, niftilib, nim, nnn, no-more-secrets, noice, non-mixer, +non-timeline, nsgenbind, nss-pam-ldapd, nyacc, nyx, obconf, obnam, +ocaml-alcotest, ocaml-astring, ocaml-base64, ocaml-batteries, +ocaml-bin-prot, ocaml-bisect, ocaml-bitstring, ocaml-bos, ocaml-cmdliner, +ocaml-cppo, ocaml-csv, ocaml-expect, ocaml-fieldslib, ocaml-fileutils, +ocaml-fmt, ocaml-fpath, ocaml-frontc, ocaml-gsl, ocaml-js-build-tools, +ocaml-jsonm, ocaml-logs, ocaml-lwt, ocaml-mcl, ocaml-mtime, ocaml-oasis, +ocaml-ocurl, ocaml-ounit, ocaml-pcre, ocaml-ppx-assert, ocaml-ppx-bench, +ocaml-ppx-compare, ocaml-ppx-core, ocaml-ppx-deriving, ocaml-ppx-driver, +ocaml-ppx-enumerate, ocaml-ppx-here, ocaml-ppx-inline-test, ocaml-ppx-let, +ocaml-ppx-optcomp, ocaml-ppx-sexp-conv, ocaml-ppx-tools, +ocaml-ppx-type-conv, ocaml-ppx-typerep-conv, ocaml-ppx-variants-conv, +ocaml-qcheck, ocaml-qtest, ocaml-react, ocaml-result, ocaml-rresult, +ocaml-sexplib, ocaml-sqlite3, ocaml-ssl, ocaml-stringext, ocaml-topkg, +ocaml-typerep, ocaml-uchar, ocaml-ulex, ocaml-uutf, ocaml-variantslib, +ocaml-xmlm, ocaml-zarith, ocaml4.01-batteries, ocaml4.01-bisect, +ocaml4.01-camlzip, ocaml4.01-csv, ocaml4.01-findlib, ocaml4.01-gsl, +ocaml4.01-mcl, ocaml4.01-ounit, ocaml4.01-qtest, ocaml4.01-sqlite3, +ocaml4.01-xmlm, ocamlify, ocamlmod, omake, opencascade-oce, openspin, +openvswitch, orca, ovmf, pcc, pdfgrep, perl-any-moose, perl-anyevent, +perl-anyevent-i3, perl-async-interrupt, perl-canary-stability, +perl-cddb-get, perl-crypt-rc4, perl-cwd-guard, perl-devel-checkcompiler, +perl-ev, perl-extutils-depends, perl-extutils-pkgconfig, perl-file-pushd, +perl-module-build-xsutil, perl-mouse, perl-mousex-nativetraits, +perl-ole-storage-lite, perl-parallel-forkmanager, perl-switch, +perl-test-needs, perl-test-number-delta, perl-x11-xcb, perl-xml-descent, +perl-xml-tokeparser, perl-xs-object-magic, phonon-backend-gstreamer, +pngcrunch, policycoreutils, polkit-gnome, ponymix, pootle, postorius, +pplacer, prboom-plus, profanity, proj.4, proot, proot-static, +propeller-development-suite, propeller-gcc, propeller-load, +propeller-toolchain, proplib, prout, python-astroid, python-autopep8, +python-colorspacious, python-configparser, python-cram, python-cssmin, +python-cssutils, python-cycler, python-ddt, python-defusedxml, +python-diff-match-patch, python-dirsync, python-dj-database-url, +python-django-allauth, python-django-appconf, python-django-assets, +python-django-bulk-update, python-django-contact-form, +python-django-contrib-comments, python-django-gravatar2, +python-django-jsonfield, python-django-mailman3, python-django-overextends, +python-django-redis, python-django-rq, python-django-sortedm2m, +python-django-statici18n, python-dulwich, python-elasticsearch, +python-eventlet, python-factory-boy, python-faker, python-fakeredis, +python-fastimport, python-flake8-polyfill, python-flask-htmlmin, +python-flask-login, python-flask-multistatic, python-flask-oidc, +python-flask-wtf, python-fudge, python-geventhttpclient, python-gpg, +python-hdf4, python-hiredis, python-htmlmin, python-httpbin, python-ipy, +python-isort, python-kitchen, python-levenshtein, python-lz4, python-lzo, +python-mando, python-mando, python-matplotlib-documentation, python-mpmath, +python-munch, python-mwclient, python-mysqlclient, python-netcdf4, +python-nosexcover, python-numpy-documentation, python-oauth2client, +python-openid, python-openid-cla, python-openid-teams, +python-paramunittest, python-pbkdf2, python-poppler-qt5, python-pyatspi, +python-pycosat, python-pygit2, python-pykka, python-pylint, +python-pyodbc-c, python-pypeg2, python-pytest-catchlog, +python-pytest-httpbin, python-pytest-warnings, python-qrcode, python-reno, +python-rst2ansi, python-scandir, python-sepolgen, python-setools, +python-sge-pygame, python-snowballstemmer, python-sockjs-tornado, +python-sphinx-alabaster-theme, python-sphinx-cloud-sptheme, +python-sphinx-me, python-straight-plugin, python-tmx, +python-translate-toolkit, python-trollius-redis, python-utils, +python-webassets, python-xdo, python2-astroid, python2-autopep8, +python2-backports-functools-lru-cache, +python2-backports-shutil-get-terminal-size, python2-cheetah, +python2-cliapp, python2-colorspacious, python2-configparser, +python2-coverage-test-runner, python2-cram, python2-cssmin, python2-cycler, +python2-ddt, python2-defusedxml, python2-diff-match-patch, python2-dirsync, +python2-dj-database-url, python2-django-allauth, python2-django-appconf, +python2-django-assets, python2-django-bulk-update, +python2-django-contact-form, python2-django-contrib-comments, +python2-django-gravatar2, python2-django-jsonfield, +python2-django-mailman3, python2-django-overextends, python2-django-redis, +python2-django-rq, python2-django-sortedm2m, python2-django-statici18n, +python2-dulwich, python2-elasticsearch, python2-eventlet, +python2-factory-boy, python2-faker, python2-fakeredis, python2-fastimport, +python2-flake8-polyfill, python2-flask-htmlmin, python2-flask-login, +python2-flask-multistatic, python2-flask-wtf, python2-fudge, +python2-geventhttpclient, python2-gpg, python2-hdf4, python2-hiredis, +python2-htmlmin, python2-httpbin, python2-isort, python2-kitchen, +python2-larch, python2-levenshtein, python2-lz4, python2-lzo, +python2-mando, python2-matplotlib-documentation, python2-mpmath, +python2-munch, python2-mwclient, python2-mysqlclient, python2-netcdf4, +python2-nosexcover, python2-numpy-documentation, python2-openid, +python2-openid-cla, python2-openid-teams, python2-paramunittest, +python2-pbkdf2, python2-pycosat, python2-pygame, python2-pygit2, +python2-pykka, python2-pylint, python2-pyodbc-c, python2-pytest-catchlog, +python2-pytest-httpbin, python2-pytest-warnings, python2-qrcode, +python2-reno, python2-ruamel.ordereddict, python2-scandir, +python2-sge-pygame, python2-slowaes, python2-snowballstemmer, +python2-sockjs-tornado, python2-sphinx-alabaster-theme, +python2-sphinx-cloud-sptheme, python2-sphinx-me, python2-stemming, +python2-straight-plugin, python2-subprocess32, python2-tmx, +python2-tracing, python2-translate-toolkit, python2-trollius-redis, +python2-ttystatus, python2-utils, pzstd, qdbm, qjackctl, qtcanvas3d, +qtcharts, qtdatavis3d, qtdeclarative-render2d, qtgamepad, qtpurchasing, +qtscxml, qtserialbus, qutebrowser, r-affy, r-affyio, r-ape, r-base64, +r-beeswarm, r-bookdown, r-boot, r-bsgenome-hsapiens-1000genomes-hs37d5, +r-cairo, r-car, r-caret, r-centipede, r-chipseq, r-class, r-commonmark, +r-compquadform, r-copyhelper, r-copywriter, r-cowplot, r-delayedarray, +r-deoptimr, r-desc, r-diptest, r-fastica, r-fivethirtyeight, r-flexmix, +r-fnn, r-fpc, r-genomeinfodbdata, r-ggbeeswarm, r-ggthemes, r-lars, r-lme4, +r-maldiquant, r-mass, r-matrixmodels, r-mclust, r-minimal, r-minqa, +r-mixtools, r-mnormt, r-modelmetrics, r-modeltools, r-msnbase, r-msnid, +r-mzid, r-mzr, r-nlme, r-nloptr, r-numderiv, r-pbapply, r-pbkrtest, +r-pcamethods, r-plogr, r-prabclus, r-protgenerics, r-quantreg, +r-randomforest, r-ranger, r-rann, r-raremetals2, r-rcppeigen, +r-rcppprogress, r-rhdf5, r-robustbase, r-rprojroot, r-seqminer, r-seurat, +r-sn, r-sourcetools, r-spatial, r-statmod, r-sva, r-tclust, r-trimcluster, +r-tsne, r-txdb-mmusculus-ucsc-mm10-knowngene, r-tximport, r-vgam, r-vipor, +r-vsn, rdma-core, re2c, reducelcs, ribodiff, ripit, rocksdb, roffit, +rsnapshot, ruby-mail, sambamba, sbm, scheme48-rx, scm, scrypt, scsh, +seabios, secilc, sedsed, shellcheck, simh, skroll, slib, sonic, +speedtest-cli, speexdsp, spin2cpp, spinsim, spoon, sssd, stringtemplate3, +stringtemplate4, stunnel, swaks, syslinux, sysstat, tailon, talloc-static, +tango-icon-theme, taxtastic, tclx, teeworlds, tftp-hpa, thermald, +tidy-html, tipp10, tlp, tokyocabinet, tracker, tremc, twm, unibilium, +unrar, vim-airline, vim-airline-themes, vim-context-filetype, vim-luna, +vim-neocomplete, vim-neosnippet, vim-neosnippet-snippets, vim-scheme, +vim-syntastic, vinagre, volk, wificurse, wimlib, wwwoffle, wxsvg, xbattmon, +xcalc, xdot, xerces-c, xfce4-notifyd, xinetd, xmag, xmessage, xshogi, +you-get, youtube-dl-gui, zile-on-guile, zpaq, zstd + +*** 1220 package updates + +abbaye@2.0.1, abcde@2.8.1, abiword@3.0.2, acct@6.6.3, acme-client@0.1.16, +acpid@2.0.28, adwaita-icon-theme@3.24.0, aide@0.16, aisleriot@3.22.1, +allegro@5.0.11, allegro@5.2.0, alsa-lib@1.1.3, alsa-utils@1.1.3, +ams-lv2@1.2.1, amsynth@1.7.1, ansible@2.3.0.0, ant@1.9.9, apl@1.7, +aqbanking@5.6.12, arb@2.10.0, arc-icon-theme@20161122, arc-theme@20170302, +ardour@5.8, aria-maestosa@1.4.13, aria2@1.31.0, +arm-none-eabi-nano-toolchain@6.3.0, arm-none-eabi-toolchain@6.3.0, +armadillo@7.800.2, aseprite@1.1.7, assword@0.10, asymptote@2.41, +at-spi2-atk@2.22.0, at-spi2-core@2.22.0, atk@2.22.0, attica@5.34.0, +audacity@2.1.3, augeas@1.8.0, autoconf-archive@2017.03.21, autoconf@2.69, +awesome@4.0, awscli@1.11.63, baloo@5.34.0, bamtools@2.4.1, baobab@3.24.0, +bash-completion@2.5, bash-minimal@4.4.12, bash-static@4.4.12, bash@4.4.12, +bc@1.07.1, bedtools@2.26.0, beets@1.4.3, bind@9.11.1, bioruby@1.5.1, +bison@3.0.4, bitcoin-core@0.14.1, bitlbee@3.5.1, bluez-qt@5.34.0, +bluez@5.44, boost@1.63.0, borg@1.0.10, breeze-icons@5.34.0, +bs1770gain@0.4.12, btrfs-progs@4.10.2, bullet@2.86.1, bundler@1.14.5, +busybox@1.26.0, cairo-xcb@1.14.8, cairo@1.14.8, cairomm@1.12.2, +calibre@2.76.0, capnproto@0.6.0, cbatticon@1.6.5, ccache@3.3.4, +ccid@1.4.26, cd-hit@4.6.6, certbot@0.14.0, cgit@1.1, chicken@4.12.0, +cl-stumpwm@1.0.0, clang-runtime@3.9.1, clang@3.6.2, clang@3.7.1, +clang@3.8.1, clang@3.9.1, claws-mail@3.15.0, clutter-gst@3.0.22, +clutter-gtk@1.8.2, cmake@3.7.2, cmark@0.27.1, coda@2.18, cogl@1.22.2, +conky@1.10.6, connman@1.34, coreutils-minimal@8.26, coreutils@8.26, +coreutils@8.27, cppcheck@1.78, cpupower@4.11, cryptsetup-static@1.7.5, +cryptsetup@1.7.5, cuirass@0.0.1-6.870e8d6, cups-filters@1.13.1, +curl@7.53.0, d-feet@0.3.11, dash@0.5.9.1, datamash@1.1.1, dbus-glib@0.108, +dbus@1.10.16, dconf-editor@3.22.1, ddrescue@1.22, denemo@2.1, +desktop-file-utils@0.23, devhelp@3.22.0, devil@1.8.0, di@4.43, +diamond@0.8.38, diffoscope@81, diffstat@1.61, direnv@2.11.3, dlib@19.3, +dmenu@4.7, dnscrypt-proxy@1.9.5, docbook-xml@4.4, docbook-xml@4.5, +dosfstools@4.1, dovecot@2.2.29.1, doxygen@1.8.13, dropbear@2017.75, +drumkv1@0.8.2, dtc@1.4.4, duplicity@0.7.12, dwm@6.1, e2fsck-static@1.43.4, +e2fsprogs@1.43.4, ecl-stumpwm@1.0.0, ecl@16.1.3, ed@1.14.1, efl@1.18.5, +elfutils@0.169, elixir@1.4.2, emacs-auctex@11.90.0, emacs-bui@1.1.0, +emacs-clojure-mode@5.4.0, emacs-company@0.9.3, emacs-debbugs@0.14, +emacs-elfeed@2.1.0, emacs-emms@4.3, emacs-flycheck@30, emacs-guix@0.3.1, +emacs-ivy@0.9.1, emacs-magit-popup@2.10.3, emacs-minimal@25.2, +emacs-no-x-toolkit@25.2, emacs-no-x@25.2, emacs-org@20170502, +emacs-projectile@0.14.0, emacs-seq@2.19, emacs-slime@2.19, +emacs-smartparens@1.10.1, emacs-spinner@1.7.3, emacs-with-editor@2.5.10, +emacs-zenburn-theme@2.5, emacs@25.2, enlightenment@0.21.7, eog@3.20.5, +epiphany@3.22.7, erlang@19.3, ethtool@4.10, eudev@3.2.1, evince@3.22.1, +evolution-data-server@3.22.3, exempi@2.4.2, exfat-utils@1.2.6, exim@4.87.1, +extra-cmake-modules@5.34.0, extremetuxracer@0.7.4, eyed3@0.7.10, +fatfsck-static@4.1, faust@2.0.a51, feh@2.18.3, ffmpeg@2.8.11, ffmpeg@3.3.1, +file-roller@3.22.2, fio@2.19, fish@2.5.0, flac@1.3.2, flex@2.6.1, +flex@2.6.3, font-abattis-cantarell@0.0.25, font-gnu-unifont@9.0.06, +freefall@4.11, freetype@2.7.1, frescobaldi@3.0.0, fuse-exfat@1.2.6, +fuse@2.9.7, gajim@0.16.7, gcal@4.1, +gcc-cross-sans-libc-arm-none-eabi@5.4.0-1.227977, +gcc-cross-sans-libc-arm-none-eabi@6.3.0, gcc-stripped-tarball@5.4.0, +gcc-toolchain@4.9.4, gcc-toolchain@5.4.0, gcc-toolchain@6.3.0, +gcc-toolchain@7.1.0, gcc@4.8.5, gcc@4.9.4, gcc@5.4.0, gcc@6.3.0, gcc@7.1.0, +gcj@5.4.0, gd@2.2.4, gdb-arm-none-eabi@7.12.1, gdb@7.12.1, +gdk-pixbuf+svg@2.36.6, gdk-pixbuf@2.36.6, gdm@3.22.1, gedit@3.22.0, +geoclue@2.4.6, getmail@4.52.0, gflags@2.2.0, gfortran@6.3.0, +gfortran@7.1.0, ghc-quickcheck-instances@0.3.12, ghc-quickcheck@2.8.2, +ghc-semigroups@0.18.2, ghc-xmonad-contrib@0.12, ghc@8.0.2, +giac-xcas@1.2.3-37, gimp@2.8.22, girara@0.2.7, git-modes@1.2.4, git@2.13.0, +gitolite@3.6.6, gjs@1.46.0, glib-networking@2.50.0, glib@2.50.3, +glibc-hurd-headers@2.23, glibc-hurd@2.23, glibc-locales@2.25, +glibc-utf8-locales@2.25, glibc@2.22, glibc@2.23, glibc@2.24, glibc@2.25, +glibmm@2.50.0, global@6.5.6, glpk@4.61, glulxe@0.5.4, gmime@2.6.23, +gmp@6.1.2, gmsh@2.16.0, gnome-backgrounds@3.22.1, gnome-calendar@3.22.2, +gnome-control-center@3.22.1, gnome-desktop@3.22.2, gnome-klotski@3.22.1, +gnome-mines@3.22.2, gnome-mpv@0.11, gnome-online-accounts@3.22.3, +gnome-screenshot@3.22.0, gnome-session@3.22.2, +gnome-settings-daemon@3.22.1, gnome-shell-extensions@3.22.2, +gnome-shell@3.22.2, gnome-sudoku@3.22.2, gnome-system-monitor@3.22.2, +gnome-terminal@3.24.1, gnome-themes-standard@3.22.2, +gnome-tweak-tool@3.22.0, gnome@3.22.2, gnubik@2.4.3, gnucash@2.6.16, +gnupg@2.0.30, gnupg@2.1.20, gnuplot@5.0.6, gnurl@7.54.0, gnutls@3.5.9, +go@1.8.1, gobject-introspection@1.50.0, goffice@0.10.34, googletest@1.8.0, +gp2c@0.0.10, gparted@0.28.1, gperf@3.1, gpgme@1.9.0, +graphicsmagick@1.3.25-2.6156b4c, graphite2@1.3.9, greenisland@0.9.0.1, +grep@3.0, grilo-plugins@0.3.3, grilo@0.3.2, +gsettings-desktop-schemas@3.22.0, gst-libav@1.12.0, gst-plugins-bad@1.12.0, +gst-plugins-base@1.12.0, gst-plugins-good@1.12.0, gst-plugins-ugly@1.12.0, +gstreamer@1.12.0, gtk+@3.22.12, gtk-vnc@0.7.0, gtkmm@3.22.0, +gtksourceview@3.22.2, guile-aspell@0.4, +guile-bytestructures@20170402.91d042e, guile-daemon@0.1.2, +guile-json@0.6.0, guile-lib@0.2.5, guile-ncurses@2.2, guile-next@2.2.2, +guile-reader@0.6.2, guile-sqlite3@0.0-1.607721f, guile-ssh@0.11.0, +guile-static-stripped-tarball@2.0.14, guile-static-stripped@2.0.14, +guile2.2-json@0.6.0, guile@2.0.14, guile@2.2.2, guitarix-lv2@0.35.3, +guitarix@0.35.3, guix@0.12.0-11.ce92d26, gusb@0.2.9, gvfs@1.30.3, +gx-guvnor-lv2@0.1, gx-hyperion-lv2@0.1, gx-super-fuzz-lv2@0.1, +gx-suppa-tone-bender-lv2@0.1, gx-vintage-fuzz-master-lv2@0.1, +gx-voodoo-fuzz-lv2@0.1, gxtuner@2.4, harfbuzz@1.4.3, haunt@0.2.1, +hdf4-alt@4.2.12, hdf4@4.2.12, hdparm@9.52, hexchat@2.12.4, +hicolor-icon-theme@0.15, httpd@2.4.25, hwloc@1.11.7, hyperrogue@9.4g, +i3status@2.11, ibus-anthy@1.5.9, ibus-libpinyin@1.9.0, ibus@1.5.15, +icecat@52.1.0-gnu1, icedtea@3.3.0, icu4c@58.2, idris@1.0, +imagemagick@6.9.8-4, imlib2@1.4.10, inkscape@0.92.1, iperf@3.1.7, +iproute2@4.10.0, iptables@1.6.1, irssi@1.0.2, ixion@0.12.2, jack@0.125.0, +jalv-select@0.8, jalv@1.6.0, jasper@2.0.12, java-ngs@1.3.0, java-xz@1.6, +jemalloc@4.5.0, jsoncpp@1.8.0, julia@0.5.1, kactivities-stats@5.34.0, +kactivities@5.34.0, kapidox@5.34.0, karchive@5.34.0, kauth@5.34.0, +kbd@2.0.4, kbookmarks@5.34.0, kcmutils@5.34.0, kcodecs@5.34.0, +kcompletion@5.34.0, kconfig@5.34.0, kconfigwidgets@5.34.0, +kcoreaddons@5.34.0, kcrash@5.34.0, kdbusaddons@5.34.0, kdeclarative@5.34.0, +kded@5.34.0, kdesignerplugin@5.34.0, kdesu@5.34.0, kdevelop@5.1.0, +kdevplatform@5.1.0, kdnssd@5.34.0, kdoctools@5.34.0, kemoticons@5.34.0, +kfilemetadata@5.34.0, kglobalaccel@5.34.0, kguiaddons@5.34.0, khal@0.9.5, +khard@0.11.4, ki18n@5.34.0, kiconthemes@5.34.0, kidletime@5.34.0, +kimageformats@5.34.0, kinit@5.34.0, kio@5.34.0, kitemmodels@5.34.0, +kitemviews@5.34.0, kjobwidgets@5.34.0, kmod@24, knewstuff@5.34.0, +knotifications@5.34.0, knotifyconfig@5.34.0, kodi@18.0_alpha-4-b8ad238, +kpackage@5.34.0, kparts@5.34.0, kpeople@5.34.0, kplotting@5.34.0, +kpty@5.34.0, krunner@5.34.0, kservice@5.34.0, ksyntaxhighlighting@5.34.0, +ktexteditor@5.34.0, ktextwidgets@5.34.0, kunitconversion@5.34.0, +kwallet@5.34.0, kwayland@5.34.0, kwidgetsaddons@5.34.0, +kwindowsystem@5.34.0, kxmlgui@5.34.0, kxmlrpcclient@5.34.0, lablgtk@2.18.5, +lcms@2.8, ldc@0.17.3, ldc@1.1.1, leptonica@1.74.0, less@487, +letsencrypt@0.14.0, lftp@4.7.5, libarchive@3.2.2, libass@0.13.6, +libatomic-ops@7.4.4, libbluray@1.0.0, libcap@2.25, libchamplain@0.12.14, +libcmis@0.5.1, libdrm@2.4.80, libepoxy@1.4.1, libetonyek@0.1.6, +libetpan@1.8, libev@4.24, libevdev@1.5.6, libevent@2.1.8, libffcall@1.12, +libfm-extra@1.2.5, libfm@1.2.5, libgc@7.6.0, libgcrypt@1.7.6, +libgee@0.18.1, libgit2@0.25.1, libgnomekbd@3.22.0, libgpg-error@1.26, +libgsf@1.14.41, libgweather@3.20.4, libiberty@5.4.0, libiconv@1.15, +libidn2@0.16, libinput-minimal@1.7.0, libinput@1.7.0, libjpeg@9b, +libmp3splt@0.9.2, libmpdclient@2.11, libmtp@1.1.13, libnotify@0.7.7, +libosinfo@1.0.0, libpcap@1.8.1, libpciaccess@0.13.5, libpeas@1.20.0, +libpinyin@2.0.0, libpng@1.6.28, libpsl@0.17.0, libreoffice@5.3.1.2, +librep@0.92.6, libressl@2.5.4, libsamplerate@0.1.9, libseccomp@2.3.2, +libsndfile@1.0.28, libsodium@1.0.12, libssh2@1.8.0, libssh@0.7.4, +libtasn1@4.10, libtermkey@0.20, libtirpc@1.0.1, libunistring@0.9.7, +libupnp@1.6.21, libusb@1.0.21, libuv@1.11.0, libva@1.8.1, +libvirt-glib@1.0.0, libvirt@3.2.0, libvpx@1.6.1, libwacom@0.23, +libwebp@0.6.0, libwnck@3.20.1, libx11@1.6.5, libx264@20170316-2245, +libxcb@1.12, libxfont@2.0.1, libxi@1.7.9, libxkbcommon@0.7.1, +libxml++@3.0.1, libxpm@3.5.12, lilv@0.24.2, lilypond@2.19.58, +limnoria@2017.03.30, linux-libre-arm-generic@4.11, +linux-libre-headers@4.4.47, linux-libre@4.11, linux-libre@4.9.27, +linux-pam@1.3.0, llvm@3.6.2, llvm@3.7.1, llvm@3.8.1, llvm@3.9.1, lsof@4.89, +lua-lpeg@1.0.1, lua@5.3.4, luajit@2.1.0-beta2, lvm2-static@2.02.171, +lvm2@2.02.171, lxterminal@0.3.0, lynx@2.8.9dev.11, lz4@1.7.5, m4@1.4.18, +mafft@7.310, magit@2.10.3, mailutils@3.2, maim@4.4.62, man-pages@4.11, +manaplus@1.7.3.4, mariadb@10.1.23, mate-themes@3.22.10, mcelog@149, +mdadm-static@4.0, mdadm@4.0, mdds@1.2.2, menu-cache@1.0.2, +mesa-headers@17.0.4, mesa@17.0.4, mg@20161005, milkytracker@1.0.0, +minetest@0.4.15, miniupnpc@2.0.20170421, minixml@2.10, mit-krb5@1.14.4, +mlt@6.4.1, moc@2.5.2, mod-host@0.10.6-2.299a39774, modemmanager-qt@5.34.0, +moka-icon-theme@5.3.5, moreutils@0.60, mosh@1.3.0, mozjs@38.2.1.rc0, +mp3splt@2.6.2, mpd@0.20.6, mpfr@3.1.5, mpv@0.25.0, msgpack@1.4.2, +msmtp@1.6.6, mu@0.9.18, multiqc@0.9, mumble@1.2.19, mupdf@1.11, mutt@1.8.2, +mutter@3.22.2-1.23c315e, myrepos@1.20170129, mysql@5.7.18, nagios@4.2.4, +nano@2.8.2, nautilus@3.22.2, ncbi-vdb@2.8.2, ncmpc@0.27, neon@0.30.2, +netsurf@3.6, nettle@3.3, network-manager@1.6.2, networkmanager-qt@5.34.0, +nfs-utils@2.1.1, nginx@1.12.0, ngircd@24, ngs-sdk@1.3.0, ninja@1.7.2, +nix@1.11.9, nmap@7.40, node@7.8.0, non-sequencer@1.9.5-3.10c31e5, +non-session-manager@1.9.5-3.10c31e5, notmuch@0.24.1, nspr@4.14, +nss-certs@3.30.2, nss@3.30.2, ntp@4.2.8p10, obs@18.0.2, ocrad@0.26, +octave@4.2.1, offlineimap@7.1.0, ola@0.10.3, openjpeg@2.1.2, openssh@7.5p1, +openssl@1.1.0e, openvpn@2.4.2, opus@1.1.4, orcus@0.12.1, +owncloud-client@2.3.1, oxygen-icons@5.34.0, pango@1.40.3, +par2cmdline@0.7.0, parallel@20170422, pari-gp@2.9.1, password-store@1.7.1, +pciutils@3.5.4, pcmanfm@1.2.5, pcre2@10.23, pcre@8.40, pcsc-lite@1.8.20, +pd@0.47-1, perf@4.11, perl-b-hooks-endofscope@0.21, perl-capture-tiny@0.46, +perl-class-load@0.23, perl-clone@0.38, perl-common-sense@3.74, +perl-compress-raw-bzip2@2.074, perl-compress-raw-zlib@2.074, +perl-cpan-meta-check@0.011, perl-cpan-meta-requirements@2.140, +perl-cpan-meta-yaml@0.018, perl-db-file@1.840, perl-dbd-pg@3.5.3, +perl-dbd-sqlite@1.54, perl-devel-overloadinfo@0.004, +perl-devel-partialdump@0.18, perl-email-mime@1.940, +perl-email-simple@2.213, perl-image-exiftool@10.40, perl-io-compress@2.074, +perl-lingua-en-findnumber@1.32, perl-lingua-en-inflect-number@1.12, +perl-lingua-en-inflect@1.901, perl-lingua-en-number-isordinal@0.05, +perl-lingua-en-tagger@0.28, perl-module-runtime-conflicts@0.003, +perl-mojolicious@7.29, perl-moose@2.2004, +perl-package-deprecationmanager@0.17, perl-params-validate@1.26, +perl-parse-cpan-meta@2.150010, perl-scalar-list-utils@1.47, +perl-sub-name@0.21, perl-term-readkey@2.37, perl-test-cleannamespaces@0.22, +perl-test-exception@0.43, perl-test-simple@1.302078, +perl-test-warnings@0.026, perl-time-duration-parse@0.13, +perl-variable-magic@0.61, perl-xml-compile-soap@3.21, +perl-xml-compile-wsdl11@3.06, perl-yaml@1.23, perl-zip@1.59, phonon@4.9.1, +php@7.1.4, pianobar@2016.06.02, pidgin@2.12.0, pioneers@15.4, pius@2.2.4, +pkg-config@0.29.1, plasma-framework@5.34.0, podofo@0.9.5, +poppler-qt4@0.52.0, poppler-qt5@0.52.0, poppler@0.52.0, +portaudio@190600.20161030, postgresql@9.6.3, potrace@1.14, +powertabeditor@2.0.0-alpha9, progress@0.13.1, prosody@0.9.12, +proteinortho@5.16, proxychains-ng@4.12, psmisc@22.21, pugixml@1.8.1, +pulseaudio@10.0, python-acme@0.14.0, python-alembic@0.8.10, +python-appdirs@1.4.3, python-atomicwrites@1.1.5, python-babel@2.3.4, +python-backports-abc@0.5, python-beautifulsoup4@4.5.3, +python-botocore@1.5.26, python-certifi@2017.1.23, python-click-log@0.1.8, +python-click@6.7, python-colorama@0.3.7, python-cython@0.25.2, +python-dateutil@2.6.0, python-debian@0.1.28, python-decorator@4.0.10, +python-dendropy@4.2.0, python-django@1.10.7, python-drmaa@0.7.7, +python-email-validator@1.0.2, python-enum34@1.1.6, +python-feedgenerator@1.9, python-flake8@2.5.4, python-freezegun@0.3.8, +python-graphql-relay@0.4.5, python-greenlet@0.4.11, python-gst@1.12.0, +python-icalendar@3.11.4, python-ipaddress@1.0.18, python-ipykernel@4.5.2, +python-ipython@5.2.2, python-jupyter-core@4.2.1, python-libvirt@3.2.0, +python-llfuse@1.2, python-mako@1.0.6, python-markdown@2.6.8, +python-matplotlib@2.0.0, python-minimal-wrapper@3.5.3, +python-minimal@3.5.3, python-mistune@0.7.3, python-mutagen@1.36, +python-natsort@5.0.2, python-nbxmpp@0.5.5, python-ndg-httpsclient@0.4.2, +python-notmuch@0.24.1, python-numexpr@2.6.1, python-numpy@1.12.0, +python-orderedmultidict@0.7.11, python-oslosphinx@4.10.0, +python-pafy@0.5.3.1, python-pandas@0.19.2, python-paramiko@1.17.4, +python-parsedatetime@2.3, python-passlib@1.7.1, python-paste@2.0.3, +python-pbr@1.10.0, python-pexpect@4.2.1, python-pip@9.0.1, python-ply@3.9, +python-prompt-toolkit@1.0.9, python-psycopg2@2.6.2, +python-ptyprocess@0.5.1, python-publicsuffix2@2.20160818, python-py@1.4.32, +python-pycparser@2.17, python-pygame@1.9.3, python-pygments@2.1.3, +python-pygobject@3.22.0, python-pyicu@1.9.5, python-pyopenssl@17.0.0, +python-pyquery@1.2.17, python-pysam@0.10.0, python-pytest-cov@2.4.0, +python-pytest-django@3.1.2, python-pytest-runner@2.11.1, +python-pytest@3.0.7, python-pytz@2016.10, python-pyyaml@3.12, +python-rauth@0.7.3, python-redis@2.10.5, python-requests-mock@1.3.0, +python-requests@2.13.0, python-rq@0.7.1, python-s3transfer@0.1.10, +python-scikit-learn@0.18.1, python-scipy@0.18.1, python-seaborn@0.7.1, +python-setuptools-scm@1.15.0, python-sphinx@1.5.1, python-sphinx@1.5.3, +python-sphinxcontrib-programoutput@0.10, python-sqlalchemy-utils@0.32.13, +python-statsmodels@0.8.0, python-stem@1.5.4, python-sympy@1.0, +python-tabulate@0.7.7, python-testtools@1.4.0, python-texttable@0.8.7, +python-tornado@4.5.1, python-unidecode@0.04.20, python-waf@1.9.8, +python-wcwidth@0.1.7, python-werkzeug@0.11.15, python-wheel@0.30.0a0, +python-wrapper@3.5.3, python-wrapt@1.10.8, python-zope-component@4.3.0, +python2-acme@0.14.0, python2-alembic@0.8.10, python2-appdirs@1.4.3, +python2-atomicwrites@1.1.5, python2-babel@2.3.4, python2-backports-abc@0.5, +python2-beautifulsoup4@4.5.3, python2-botocore@1.5.26, +python2-certifi@2017.1.23, python2-click@6.7, python2-colorama@0.3.7, +python2-cython@0.25.2, python2-dateutil@2.6.0, python2-debian@0.1.28, +python2-decorator@4.0.10, python2-dendropy@4.2.0, python2-django@1.10.7, +python2-dogtail@0.9.9, python2-drmaa@0.7.7, python2-email-validator@1.0.2, +python2-enum34@1.1.6, python2-feedgenerator@1.9, python2-flake8@2.5.4, +python2-freezegun@0.3.8, python2-futures@3.0.5, +python2-graphql-relay@0.4.5, python2-greenlet@0.4.11, python2-gst@1.12.0, +python2-ipaddress@1.0.18, python2-ipykernel@4.5.2, python2-ipython@5.2.2, +python2-jupyter-core@4.2.1, python2-libvirt@3.2.0, python2-llfuse@1.2, +python2-mako@1.0.6, python2-markdown@2.6.8, python2-matplotlib@2.0.0, +python2-mistune@0.7.3, python2-mutagen@1.36, python2-natsort@5.0.2, +python2-nbxmpp@0.5.5, python2-ndg-httpsclient@0.4.2, +python2-notmuch@0.24.1, python2-numexpr@2.6.1, python2-numpy@1.12.0, +python2-orderedmultidict@0.7.11, python2-oslosphinx@4.10.0, +python2-pandas@0.19.2, python2-paramiko@1.17.4, python2-parsedatetime@2.3, +python2-passlib@1.7.1, python2-paste@2.0.3, python2-pbr@1.10.0, +python2-pexpect@4.2.1, python2-pip@9.0.1, python2-ply@3.9, +python2-prompt-toolkit@1.0.9, python2-psycopg2@2.6.2, +python2-ptyprocess@0.5.1, python2-publicsuffix2@2.20160818, +python2-py@1.4.32, python2-pycparser@2.17, python2-pygments@2.1.3, +python2-pygobject@3.22.0, python2-pyicu@1.9.5, python2-pyopenssl@17.0.0, +python2-pyquery@1.2.17, python2-pysam@0.10.0, python2-pysqlite@2.8.3, +python2-pytest-cov@2.4.0, python2-pytest-django@3.1.2, +python2-pytest-runner@2.11.1, python2-pytest@3.0.7, python2-pytz@2016.10, +python2-pyyaml@3.12, python2-rauth@0.7.3, python2-redis@2.10.5, +python2-requests-mock@1.3.0, python2-requests@2.13.0, python2-rq@0.7.1, +python2-s3transfer@0.1.10, python2-scikit-learn@0.18.1, +python2-scipy@0.18.1, python2-seaborn@0.7.1, python2-setuptools-scm@1.15.0, +python2-sphinx@1.5.1, python2-sphinxcontrib-programoutput@0.10, +python2-sqlalchemy-utils@0.32.13, python2-statsmodels@0.8.0, +python2-stem@1.5.4, python2-sympy@1.0, python2-tabulate@0.7.7, +python2-testtools@1.4.0, python2-texttable@0.8.7, python2-tornado@4.5.1, +python2-unidecode@0.04.20, python2-waf@1.9.8, python2-wcwidth@0.1.7, +python2-werkzeug@0.11.15, python2-wheel@0.30.0a0, python2-wrapt@1.10.8, +python2-xdo@0.3, python2-zope-component@4.3.0, python@3.5.3, qca@2.1.3, +qemu-minimal@2.9.0, qemu@2.9.0, qsyncthingtray@0.5.7, qsynth@0.4.4, +qt@5.6.2, qtbase@5.7.1, qtconnectivity@5.7.1, qtdeclarative@5.7.1, +qtgraphicaleffects@5.7.1, qtimageformats@5.7.1, qtkeychain@0.8.0, +qtlocation@5.7.1, qtmultimedia@5.7.1, qtquickcontrols2@5.7.1, +qtquickcontrols@5.7.1, qtractor@0.8.1, qtscript@5.7.1, qtsensors@5.7.1, +qtserialport@5.7.1, qtsvg@5.7.1, qttools@5.7.1, qtwayland@5.7.1, +qtwebchannel@5.7.1, qtwebkit@5.7.1, qtwebsockets@5.7.1, qtx11extras@5.7.1, +qtxmlpatterns@5.7.1, r-ade4@1.7-6, r-annotate@1.54.0, +r-annotationdbi@1.38.0, r-annotationforge@1.18.0, r-assertthat@0.2.0, +r-backports@1.0.5, r-bamsignals@1.8.0, r-bbmisc@1.11, r-bh@1.62.0-1, +r-biobase@2.36.0, r-bioccheck@1.12.0, r-biocgenerics@0.22.0, +r-biocinstaller@1.26.0, r-biocparallel@1.10.0, r-biocstyle@2.4.0, +r-biocviews@1.44.0, r-biomart@2.32.0, r-biostrings@2.44.0, +r-bsgenome@1.44.0, r-category@2.42.0, r-chron@2.3-50, r-cluster@2.0.6, +r-coda@0.19-1, r-colorspace@1.3-2, r-curl@2.5, r-data-table@1.10.4, +r-dbi@0.6-1, r-deseq2@1.16.0, r-digest@0.6.12, r-dnacopy@1.50.0, +r-e1071@1.6-8, r-edger@3.18.0, r-estimability@1.2, r-fastcluster@1.1.22, +r-gdtools@0.1.4, r-genefilter@1.58.0, r-geneplotter@1.54.0, +r-genomation@1.8.0, r-genomeinfodb@1.12.0, r-genomicalignments@1.12.0, +r-genomicfeatures@1.28.0, r-genomicranges@1.28.0, r-ggplot2@2.2.1, +r-git2r@0.18.0, r-gostats@2.42.0, r-graph@1.54.0, r-grohmm@1.10.0, +r-gseabase@1.38.0, r-hexbin@1.27.1-1, r-hmisc@4.0-2, r-hms@0.3, +r-htmltable@1.9, r-htmlwidgets@0.8, r-impute@1.50.0, r-iranges@2.10.0, +r-jsonlite@1.4, r-knitr@1.15.1, r-lattice@0.20-35, r-limma@3.32.0, +r-markdown@0.8, r-matrix@1.2-8, r-matrixstats@0.52.2, r-memoise@1.1.0, +r-mgcv@1.8-17, r-motifrg@1.20.0, r-multitaper@1.0-13, +r-mutationalpatterns@1.2.0, r-mvtnorm@1.0-6, r-openssl@0.9.6, +r-plotly@4.5.6, r-plotrix@3.6-4, r-pracma@2.0.4, r-preprocesscore@1.38.0, +r-qtl@1.40-8, r-r-rsp@0.41.0, r-r-utils@2.5.0, r-rbgl@1.52.0, r-rcas@1.1.1, +r-rcpp@0.12.10, r-rcpparmadillo@0.7.800.2.0, r-readr@1.1.0, +r-rhtslib@1.8.0, r-rmarkdown@1.4, r-roxygen2@6.0.1, r-rpart@4.1-11, +r-rsamtools@1.28.0, r-rsqlite@1.1-2, r-rtracklayer@1.36.0, r-rtsne@0.13, +r-s4vectors@0.14.0, r-scales@0.4.1, r-seqinr@3.3-6, r-seqlogo@1.42.0, +r-seqpattern@1.8.0, r-servr@0.5, r-shortread@1.34.0, r-sparsem@1.76, +r-stringi@1.1.5, r-stringr@1.2.0, r-summarizedexperiment@1.6.0, +r-survival@2.41-3, r-svglite@1.2.0, r-systempiper@1.10.0, r-tibble@1.3.0, +r-tidyr@0.6.1, r-topgo@2.28.0, r-variantannotation@1.22.0, r-vegan@2.4-3, +r-viridis@0.4.0, r-viridislite@0.2.0, r-xml2@1.1.1, r-xml@3.98-1.6, +r-xvector@0.16.0, r-yaml@2.1.14, r-zlibbioc@1.22.0, r-zoo@1.8-0, r@3.4.0, +racket@6.8, radeontop@1.0, radicale@1.1.2, ratpoison@1.4.9, +raul@0.8.4-1.f8bf77d3c, raxml@8.2.10, re2@2017-05-01, red-eclipse@1.5.8, +retroarch@1.5.0, rhythmbox@3.4.1, rofi@1.3.1, rpcbind@0.2.4, +ruby-coderay@1.1.1, ruby-hoe@3.16.0, ruby-minitar@0.5.4-1.e25205ec, +ruby-minitest@5.10.1, ruby-nokogiri@1.7.0.1, ruby-pry@0.10.4, +ruby-rspec-expectations@3.5.0, ruby-rspec@3.5.0, +ruby-shoulda-matchers@3.1.1, ruby-slop@4.1.0, ruby-sqlite3@1.3.13, +ruby-yard@0.9.6, rustc@1.16.0, samba@4.5.8, samplv1@0.8.2, samtools@1.3.1, +sbcl-stumpwm-with-slynk@1.0.0, sbcl-stumpwm@1.0.0, schismtracker@20170420, +screen@4.5.1, sdl-gfx@2.0.26, sed@4.4, serd@0.26.0, serf@1.3.9, +sessreg@1.1.1, setbfree@0.8.4, shadow@4.4, shared-mime-info@1.8, +shotwell@0.25.5, simple-scan@3.24.1, slock@1.4, slop@5.3.37, +slurm@16.05.9.1, snakemake@3.11.2, solid@5.34.0, sonnet@5.34.0, +sord@0.16.0, soxr@0.1.2, spice-gtk@0.33, spice-protocol@0.12.12, +sqlite@3.17.0, sra-tools@2.8.2-1, sratom@0.6.0, sshfs-fuse@2.9, stagit@0.5, +star@2.5.3a, starfighter@1.7, stellarium@0.15.1, strace@4.16, +sudo@1.8.19p1, suil@0.8.4, supertux@0.5.1, surf@2.0, synergy@1.8.8, +synthv1@0.8.2, talloc@2.1.9, tcl@8.6.6, tcpdump@4.9.0, tcsh@6.20.00, +telepathy-mission-control@5.16.4, terminology@1.0.0, texinfo@5.2, +texinfo@6.3, the-silver-searcher@1.0.2, thefuck@3.16, threadweaver@5.34.0, +tiled@0.18.2, tintin++@2.01.2, tk@8.6.6, tmux@2.4, tomb@2.3, tor@0.3.0.7, +totem-pl-parser@3.10.7, totem@3.22.0, trash-cli@0.17.1.14, tuxguitar@1.4, +tvtime@1.0.11, txt2man@1.6.0, tzdata@2017a, tzdata@2017b, +u-boot-am335x_boneblack@2017.03, u-boot-malta@2017.03, +u-boot-vexpress_ca9x4@2017.03, unionfs-fuse-static@2.0, unionfs-fuse@2.0, +units@2.14, upower@0.99.4, utf8proc@2.1.0, util-linux@2.29.2, +v4l-utils@1.12.3, vala@0.34.4, vapoursynth@37, vc-dwim@1.8, +vcftools@0.1.15, vdirsyncer@0.15.0, vim-full@8.0.0566, vim@8.0.0566, +virglrenderer@0.6.0, virt-manager@1.4.1, vis@0.3, vsearch@2.4.3, +vte-ng@0.48.2.a, vte@0.48.2, w3m@0.5.3+git20170102, wavpack@5.1.0, +wayland@1.13.0, wcslib@5.16, webkitgtk@2.16.2, weechat@1.8, weston@2.0.0, +wget@1.19.1, whois@5.2.15, windowmaker@0.95.8, wine@2.4, wiredtiger@2.9.1, +wireless-regdb@2017.03.07, wireshark@2.2.6, wxwidgets@3.0.2, +wxwidgets@3.1.0, x265@2.3, xapian@1.4.4, xauth@1.0.10, xcape@1.2, +xcb-proto@1.12, xcb-util-cursor@0.1.3, xcb-util-xrm@1.2, xdg-utils@1.1.1, +xf86-input-evdev@2.10.5, xf86-input-libinput@0.25.1, +xf86-input-wacom@0.34.0, xf86-video-geode@2.11.19, xf86-video-glint@1.2.9, +xf86-video-intel@2.99.917-5-b57abe2, xf86-video-mga@1.6.5, +xf86-video-nouveau@1.0.15, xf86-video-nv@2.1.21, xf86-video-qxl@0.1.5, +xf86-video-r128@6.10.2, xf86-video-savage@2.3.9, +xf86-video-siliconmotion@1.7.9, xf86-video-sis@0.10.9, +xf86-video-tdfx@1.4.7, xf86-video-trident@1.3.8, xf86-video-vmware@13.2.1, +xfce4-terminal@0.8.3, xkeyboard-config@2.20, xmonad@0.12, xonsh@0.5.9, +xorg-server-xwayland@1.19.3, xorg-server@1.19.3, xproto@7.0.31, +xscreensaver@5.36, yadifa@2.2.4, yelp@3.22.0, yoshimi@1.5.1.1, yosys@0.7, +youtube-dl@2017.05.07, zathura-cb@0.1.6, zathura-djvu@0.2.6, +zathura-pdf-poppler@0.2.7, zathura-ps@0.2.4, zathura@0.3.7, zenity@3.22.0, +zimg@2.5, zlib@1.2.11, znc@1.6.5 ** Programming interfaces @@ -60,7 +597,7 @@ thermald *** Improvements to the ‘asdf-build-system’ for software written in various Common Lisp dialects. *** New ‘package-mapping’ procedure to rewrite package dependency graphs *** New modules: (guix workers), (guix discovery), (guix cache), - (guix memoization), (guix ssh) + (guix memoization), (guix ssh), (gnu build shepherd) *** (gnu build file-systems) now has support for ISO-9660 file systems. ** Noteworthy bug fixes @@ -68,10 +605,15 @@ thermald *** Create home directories once file systems are mounted () *** GNU R now builds bit-reproducibly () -*** The daemon’s default settings are used unless overriden (https://bugs.gnu.org/20217) -*** ‘guix system’ now supports the common build option ‘--root’ (https://bugs.gnu.org/26271) -*** Mesa uses LLVM for better Gallium performance (https://bugs.gnu.org/25953) -*** Grafting no longer triggers a download of all the outputs of each derivation (https://bugs.gnu.org/24886) +*** The daemon’s default settings are used unless overriden + () +*** ‘guix system’ now supports the common build option ‘--root’ + () +*** Mesa uses LLVM for better Gallium performance () +*** Grafting no longer triggers a download of all the outputs of each derivation + () +*** Home directories are created when using a separate /home + () ** Native language support From df671177f854da26bb171d9d5e9a6990024107a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 13:46:35 +0200 Subject: [PATCH 34/37] doc: Replace fingerprint of OpenPGP signing key. * doc/guix.texi (OPENPGP-SIGNING-KEY-ID): Change to Ludo's key. --- doc/guix.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 12fc806e17..764257a5cd 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -10,7 +10,7 @@ @include version.texi @c Identifier of the OpenPGP key used to sign tarballs and such. -@set OPENPGP-SIGNING-KEY-ID BCA689B636553801C3C62150197A5888235FACAC +@set OPENPGP-SIGNING-KEY-ID 3CE464558A84FDC69DB40CFB090B11993D9AEBB5 @copying Copyright @copyright{} 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès@* From a6d728b7aaee09892b0b420d07ed2dbb7de5e63f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 16:58:53 +0200 Subject: [PATCH 35/37] gnu: guix: Update to 0.13.0. --- gnu/packages/package-management.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index ceaf51b676..76dc9adf2e 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -72,9 +72,9 @@ ;; Latest version of Guix, which may or may not correspond to a release. ;; Note: the 'update-guix-package.scm' script expects this definition to ;; start precisely like this. - (let ((version "0.12.0") - (commit "ce92d269fea0a2bfac0ac20414f77127d2f07500") - (revision 11)) + (let ((version "0.13.0") + (commit "df671177f854da26bb171d9d5e9a6990024107a0") + (revision 0)) (package (name "guix") @@ -90,7 +90,7 @@ (commit commit))) (sha256 (base32 - "17l9r2mdzzv8vfxb3bc5zkdqkl472q979iwsarp7lcqss1jxys7w")) + "1j4b2aki7sc28bl7nahcmb02dmj4wa5g6myvc68p03rgv25cqw1d")) (file-name (string-append "guix-" version "-checkout")))) (build-system gnu-build-system) (arguments From e9c53359e71f23e24acbb0637b58c70a73289c61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 21 May 2017 16:59:04 +0200 Subject: [PATCH 36/37] gnu: guix: Update to a6d728b. --- gnu/packages/package-management.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index 76dc9adf2e..246d2539d6 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -73,8 +73,8 @@ ;; Note: the 'update-guix-package.scm' script expects this definition to ;; start precisely like this. (let ((version "0.13.0") - (commit "df671177f854da26bb171d9d5e9a6990024107a0") - (revision 0)) + (commit "a6d728b7aaee09892b0b420d07ed2dbb7de5e63f") + (revision 1)) (package (name "guix") @@ -90,7 +90,7 @@ (commit commit))) (sha256 (base32 - "1j4b2aki7sc28bl7nahcmb02dmj4wa5g6myvc68p03rgv25cqw1d")) + "1nrskyk8z6w5i9cdfh5zxfgsrqf744sb30ssqi2g5xhijwagr1yq")) (file-name (string-append "guix-" version "-checkout")))) (build-system gnu-build-system) (arguments From 7c63fff6d0ba1dcd74e1a31c13b501d24d9c66f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 22 May 2017 17:25:08 +0200 Subject: [PATCH 37/37] Update NEWS. --- NEWS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 06316cfa9a..8280902557 100644 --- a/NEWS +++ b/NEWS @@ -44,7 +44,7 @@ Please send Guix bug reports to bug-guix@gnu.org. *** ‘static-networking’ service can now be extended *** Configuration of ‘nginx-service-type’ has been greatly improved *** New ‘gnu-build-system’ phase to always reset gzip timestamps -*** FIXME new services +*** New services exim, mail-aliases, inetd, agetty, openvswitch, special-files, redis, thermald @@ -617,7 +617,7 @@ zimg@2.5, zlib@1.2.11, znc@1.6.5 ** Native language support -Updated translations: fr (French), FIXME +Updated translations: fr (French) * Changes in 0.12.0 (since 0.11.0)