Until now, running "guix pack -s i686-linux" on an x86_64-linux machine,
for instance, would use an x86_64 guile for module derivations. This
was OK until now, but would break when passing "--localstatedir" due to
the introduction of guile-sqlite3: we'd be using the i686 guile-sqlite3
along with the x86_64 guile.
* guix/scripts/pack.scm (guix-pack): Pass the 'system option from OPTS
to 'package-derivation'.
This fixes a regression introduced in
df2f6400b1fbc282ef4d6dd7124ea1c17adc23c2: since the new
'register-path' (actually 'reset-timestamps') would make files
read-only, 'delete-file-recursively' would fail to delete them. Thus,
re-running 'guix system init' on an already-populated store would fail
with a 'delete-file' EPERM.
* guix/scripts/system.scm (copy-item): Use 'lstat' instead of
'file-exists?'. Call 'make-file-writable' on each directory below
DEST.
Fixes a regression introduced in
c45477d2a1.
Reported by Christopher Baines <mail@cbaines.net>.
* guix/scripts/pack.scm (not-config?, guile-sqlite3&co): New variables.
(self-contained-tarball)[not-config?]: Remove.
[build]: Use GUILE-SQLITE3&CO for 'with-extensions'.
(squashfs-image)[libgcrypt]: New variable.
[build]: Use 'source-module-closure', 'make-config.scm', and
'with-extensions'.
(docker-image)[not-config?]: Remove.
Without this change, running guix pack fails as (guix sets) is missing when
compiling (guix build store-copy).
* guix/scripts/pack.scm (docker-image): Move (guix build store-copy) to within
the source-module-closure call.
* gnu/build/install.scm (register-closure): Add #:reset-timestamps? and
and #:schema; honor them. Rewrite in terms of 'register-path'.
(populate-single-profile-directory): Add #:schema and honor it. Make
/var/guix/profiles and /var/guix/gcroots.
* gnu/build/vm.scm (root-partition-initializer): Pass
#:reset-timestamps? to 'register-closure'.
* gnu/system/vm.scm (not-config?): New procedure.
(guile-sqlite3&co): New variable.
(expression->derivation-in-linux-vm)[config]: New variable.
[builder]: Use 'with-extensions'.
(iso9660-image)[schema, config]: New variables.
Wrap build expression in 'with-extensions'; add 'sql-schema' call.
Remove GUIX from INPUTS.
(qemu-image)[schema, config]: New variables.
Wrap body in 'with-extensions'.
(system-docker-image)[not-config?]: Remove.
[config]: Use 'make-config.scm'.
[schema]: New variable.
[build]: Use 'with-extensions'. Add call to 'sql-schema'. Remove GUIX
from INPUTS.
* gnu/system/file-systems.scm (%store-prefix): Check whether
'%store-prefix' is defined.
* guix/scripts/pack.scm (self-contained-tarball)[not-config?]
[libgcrypt, schema]: New variables.
[build]: Wrap in 'with-extensions'. Adjust imported module list to use
'make-config.scm' for (guix config).
The previous implementation of 'read-reference-graph' was good enough
for many use cases, but it discarded the graph structure, which is
useful information in some cases.
* guix/build/store-copy.scm (<store-info>): New record type.
(read-reference-graph): Rewrite to return a list of <store-info>.
(closure-size, populate-store): Adjust accordingly.
* gnu/services/base.scm (references-file): Adjust accordingly.
* gnu/system/vm.scm (system-docker-image): Likewise.
* guix/scripts/pack.scm (squashfs-image, docker-image): Likewise.
* tests/gexp.scm ("gexp->derivation #:references-graphs"): Likewise.
* guix/scripts/offload.scm (call-with-timeout): New procedure.
(with-timeout): New macro.
(process-request): Use it around 'transfer-and-offload' call.
* guix/scripts/pull.scm (derivation->manifest-entry): Turn COMMIT into a
keyword parameter; add #:url and #:branch. Add a 'source' property to
the manifest entry.
(build-and-install): Add #:url and #:branch and pass it to
'derivation->manifest-entry'.
(guix-pull): Adjust accordingly.
* guix/packages.scm (patch-file-name): New procedure.
(%vulnerability-regexp): New variable.
(package-patched-vulnerabilities): New procedure.
* guix/scripts/lint.scm (patch-file-name): Remove.
(check-vulnerabilities): Adjust to use
'package-patched-vulnerabilities'.
* tests/packages.scm ("package-patched-vulnerabilities"): New test.
* guix/scripts/pull.scm (%pull-version): New variable.
(build-from-source): Pass #:pull-version to BUILD.
(whole-package-for-legacy, derivation->manifest-entry): New procedure.
(build-and-install): Rewrite in terms of 'build-and-use-profile'.
* guix/scripts/system.scm (maybe-suggest-running-guix-pull)[latest]:
Switch to "/current".
* scripts/guix.in (augment-load-paths!): Remove use of
~/.config/guix/latest.
* build-aux/compile-as-derivation.scm: Replace "/guix/latest/" with
"/current/share/guile/site/X.Y"
* guix/scripts.scm (warn-about-old-distro)[age]: Check "/current"
instead of "/latest".
* doc/guix.texi (Invoking guix pull): Document it.
* doc/contributing.texi (Running Guix Before It Is Installed): Remove
footnote about abusing ~/.config/guix/latest.
* guix/scripts/system.scm (profile-boot-parameters): Reverse
generation-numbers list. This allows old generations to be listed from most
recent to oldest in bootloaders configuration files.
The 'title' field was easily overlooked and was an endless source of
confusion. Now, the value of the 'device' field is self-contained.
* gnu/system/file-systems.scm (<file-system>): Change constructor name
to '%file-system'.
[title]: Remove.
(<file-system-label>): New record type with printer.
(report-deprecation, device-expression)
(process-file-system-declaration, file-system): New macros.
(file-system-title): New procedure.
(file-system->spec, spec->file-system): Adjust to handle
<file-system-label>.
* gnu/system.scm (bootable-kernel-arguments): Add case for
'file-system-label?'.
(read-boot-parameters): Likewise.
(mapped-device-user): Avoid 'file-system-title'.
(fs->boot-device): Remove.
(operating-system-boot-parameters): Use 'file-system-device' instead of
'fs->boot-device'.
(device->sexp): Add case for 'file-system-label?'.
* gnu/bootloader/grub.scm (grub-root-search): Add case for
'file-system-label?'.
* gnu/system/examples/bare-bones.tmpl,
gnu/system/examples/beaglebone-black.tmpl,
gnu/system/examples/lightweight-desktop.tmpl,
gnu/system/examples/vm-image.tmpl: Remove uses of 'title'.
* gnu/system/vm.scm (virtualized-operating-system): Remove uses of
'file-system-title'.
* guix/scripts/system.scm (check-file-system-availability): Likewise,
and adjust fix-it hint.
(check-initrd-modules)[file-system-/dev]: Likewise.
* gnu/build/file-systems.scm (canonicalize-device-spec): Remove 'title'
parameter.
[canonical-title]: Remove.
Match on SPEC's type rather than on CANONICAL-TITLE.
(mount-file-system): Adjust caller.
* gnu/build/linux-boot.scm (boot-system): Interpret ROOT here.
* gnu/services/base.scm (file-system->fstab-entry): Remove use of
'file-system-title'.
* doc/guix.texi (File Systems): Remove documentation of the 'title'
field. Rewrite documentation of 'device' and document
'file-system-label'.
Previously things like:
guix pack -R guile guile-json
would lead to a profile without Guile-JSON, and to an 'etc/profile' that
does not define 'GUILE_LOAD_PATH'.
* guix/scripts/pack.scm (wrapped-package)[build]: Link top-level entries
of PACKAGE into OUTPUT.
* guix/scripts/pack.scm (self-contained-tarball)[build](symlink->directives):
Do not add a 'directory' directive for "/". Previously, as soon as we
were using '-S /bin=bin' or similar, we would add every entry a second
time in the tarball; this would translate as hard links in the tarball,
which tar < 1.30 sometimes fails to extract.
Pass symlinks defined in DIRECTIVES to 'tar'.
* gnu/packages/aux-files/run-in-namespace.c: New file.
* Makefile.am (AUX_FILES): Add it.
* guix/scripts/pack.scm (<c-compiler>): New record type.
(c-compiler, bootstrap-c-compiler, c-compiler-compiler): New procedures.
(self-contained-tarball): Use
'relative-file-name' for the SOURCE -> TARGET symlink.
(docker-image): Add 'defmod' to please Geiser.
(wrapped-package, map-manifest-entries): New procedures.
(%options, show-help): Add --relocatable.
(guix-pack): Honor it.
Fixes a regression introduced in
aad16cc196.
Reported by Julien Lepiller.
* guix/scripts/pack.scm (guix-pack)[manifest-from-args]: In
'match-lambda', add clause for single packages.
* tests/guix-pack.sh: Add test for '-e'.
Previously they would silently be ignored.
* guix/scripts/pack.scm (guix-pack)[manifest-from-args]: Add 'store'
parameter. Call 'options->transformation' and use it.
Move 'with-store' and 'parameterize' around the 'let'.
* tests/guix-pack.sh: Add test using '--with-source'.
* guix/scripts/pack.scm: Do not autoload (gnu packages base).
Previously, we could end up with 'canonical-package' as an unbound
variable because of the incorrect autoload spec.
* guix/ui.scm (print-unbound-variable-error): Add "error:" to the
message.
(report-unbound-variable-error): New procedure, with code formerly in
'report-load-error'.
(report-load-error): Use it.
(call-with-unbound-variable-handling): New procedure.
(with-unbound-variable-handling): New macro.
* guix/scripts/build.scm (options->derivations): Wrap body in
'with-unbound-variable-handling'.
* tests/guix-build.sh (GUIX_PACKAGE_PATH): Add test.
* guix/scripts/weather.scm (report-server-coverage): Remove 'missing'
binding above 'queued-subset' call. Before that 'queued-subset' would
be called with a number instead of a list.
Fixes <https://bugs.gnu.org/29707>.
Reported by Clément Lassieur <clement@lassieur.org>.
* guix/scripts/system/search.scm (service-type-default-shepherd-services)
(service-type-shepherd-names): New procedures.
(service-type->recutils): Use it.
* tests/guix-system.sh: Add test.
Previously, if you wrote (device "my-label") without (title 'label),
you'd get:
guix system: error: stat: No such file or directory: "my-label"
Now you get a proper error and a hint.
Reported by Pierre-Antoine Rouby.
* guix/scripts/system.scm (check-file-system-availability)[literal]: New
variable. Loop over LITERAL.
* gnu/system/file-systems.scm (%pseudo-file-system-types): New variable.
* guix/ui.scm (display-hint): Make public.
* guix/scripts/environment.scm (options/resolve-packages): When loading
manifest files, use the same module environment as in "guix package".
Signed-off-by: Ludovic Courtès <ludovic.courtes@inria.fr>
Previously 'guix build --log-file' would print a backtrace upon X.509
certificate verification errors.
* guix/scripts/build.scm (log-url): Catch 'tls-certificate-error' in
addition to 'getaddrinfo-error'.
* gnu/system/vm.scm (system-docker-image): New procedure.
* guix/scripts/system.scm (system-derivation-for-action): Add a case for
docker-image, and in that case, call system-docker-image.
(show-help): Document docker-image.
(guix-system): Parse arguments for docker-image.
* doc/guix.texi (Invoking guix system): Document "guix system
docker-image".
* gnu/system/examples/docker-image.tmpl: New file.
* guix/docker.scm (build-docker-image): Rename "path" argument to
"prefix" to reflect the fact that it is used as a prefix for the
symlink targets. Add the "paths" argument, and remove the "closure"
argument, since it is now redundant. Add a "transformations"
argument.
* guix/scripts/pack.scm (docker-image): Read the profile's reference
graph and provide its paths to build-docker-image via the new "paths"
argument.
* guix/scripts/pack.scm (bootstrap-xz): New variable.
(%options) <--bootstrap>: New option.
(show-help): Document the new --bootstrap option.
(guix-pack): When --bootstrap is specified, use the bootstrap Guile,
tar, and xz to build the pack, and do not use any profile hooks or
locales.
* doc/guix.texi (Invoking guix pull): Document the new --bootstrap
option.
* tests/guix-pack.sh: New file.
* Makefile.am (SH_TESTS): Add guix-pack.sh.
* gnu/packages/package-management.scm (guix) <inputs>: Add util-linux.
* guix/scripts/system.scm (check-mapped-devices): Take an OS instead of
a list of <mapped-device>. Pass #:needed-for-boot? and #:initrd-modules
to CHECK.
(check-initrd-modules): New procedure.
(perform-action): Move 'check-mapped-devices' call first. Add call to
'check-initrd-modules'.
* gnu/system/mapped-devices.scm (check-device-initrd-modules): New
procedure.
(check-luks-device): Add #:initrd-modules and #:needed-for-boot?. Use
them to call 'check-device-initrd-modules'.
This change allows overriding the home directory of all filesystem mappings to
help hide the identity of the calling user in a container.
* doc/guix.texi (Invoking guix environment)[--container]: Mention --user.
[--user]: Add item.
* guix/scripts/environment.scm (show-help): Add --user.
(%options): Add --user.
(launch-environment/container) Add 'user' parameter. Update doc. Override
'user-mappings' using 'override-user-mappings'. Consider override for chdir.
(mock-passwd, user-override-home, overrid-euser-dir): New procedures.
(guix-environment): Disallow --user without --container. Provide user to
'launch-environment/container'.
* tests/guix-environment.sh: Add user test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This change is motivated by attempts to run programs (like GNU IceCat) within
containers. The 'fontconfig' program, for example, is configured explicitly
to check ~/.guix-profile for additional fonts.
There were no existing container tests in 'tests/guix-environment.sh', but I
added one anyway for this change.
* doc/guix.texi (Invoking guix environment): Add '--link-profile'.
* guix/scripts/environment.scm (show-help): Add '--link-profile'.
(%options): Add 'link-profile' as '#\P', assigned to 'link-profile?'.
(link-environment): New procedure.
(launch-environment/container): Use it when 'link-profile?'.
[link-profile?]: New parameter.
(guix-environment): Leave when '--link-prof' but not '--container'. Add
'#:link-profile?' argument to 'launch-environment/container' application.
* tests/guix-environment-container.sh: New '--link-profile' test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/30184>.
Regression introduced in 297e04d660.
Reported by Christopher Baines <mail@cbaines.net>.
* guix/scripts/publish.scm (nar-response-port): Add 'compression'
parameter and honor it.
(http-write): Get 'x-nar-compression' from the initial RESPONSE.
Suggested by atw on #guix.
* gnu/services/shepherd.scm (shepherd-service-file): Use 'scheme-file'
instead of 'gexp->file'.
(shepherd-configuration-file): Likewise, and adjust to non-monadic
style.
(shepherd-boot-gexp): Adjust accordingly.
* guix/scripts/system.scm (upgrade-shepherd-services): Use
'lower-object' in addition to 'shepherd-service-file'.
Previously we were looking at the load of the past 5 minutes, which
means that, after a build, we could end up waiting for 5 minutes for
that metric to be low enough.
* guix/scripts/offload.scm (machine-load): Compute RAW based on ONE, not
FIVE.
This fixes a regression in 'retrieve-files*' introduced in
896fec476f, whereby (guix scripts offload)
would not read the initial sexp now sent by the remote host via
'store-export-channel'. This would effectively prevent file retrieval
entirely when offloading.
* guix/ssh.scm (retrieve-files*): New procedure, like former
'retrieve-files' but with an extra #:import parameter.
(retrieve-files): Rewrite in terms of 'retrieve-files*'.
(file-retrieval-port): Make private.
* guix/scripts/offload.scm (transfer-and-offload): Pass #:import to
'retrieve-files*'.
(retrieve-files*): Remove.
This was harmless but non-compliant and unnecessary.
* guix/scripts/publish.scm <top level>: Rename "Guix-Nar-Compression" to
"X-Nar-Compression" as should have always been.
(render-nar, nar-response-port): Adjust accordingly.
(strip-headers): New procedure.
(sans-content-length, with-content-length): Use it.
This adjusts the workaround for <http://bugs.gnu.org/21093> so that it's
not limited to a single content-type.
* guix/scripts/publish.scm (render-nar/cached): Add the 'x-raw-file'
header on the response.
(render-content-addressed-file): Likewise.
(with-content-length): Remove the 'x-raw-file' header.
(http-write): Instead of dispatching on 'application/octet-stream',
check whether 'x-raw-file' is set to determine whether to spawn a
thread.
This saves 18 bytes on each 404 narinfo response.
* guix/scripts/publish.scm (render-narinfo): Pass #:phrase to
'not-found'.
(render-narinfo/cached): Likewise.
* guix/scripts/build.scm (numeric-extension?, tarball-base-name): New
procedures, formerly in 'package-with-source'.
(transform-package-source)[new-sources]: Look for '=' in URI. Each
element of the list of now a (PKG VERSION SOURCE) tuple.
Pass VERSION to 'package-with-source'.
(package-with-source): Add 'version' parameter and honor it.
* tests/scripts-build.scm ("options->transformation, with-source, PKG=URI")
("options->transformation, with-source, PKG@VER=URI"): New tests.
* doc/guix.texi (Package Transformation Options): Document the new
forms.
Fixes <https://bugs.gnu.org/29761>.
Reported by Martin Castillo <castilma@uni-bremen.de>.
* guix/scripts/gc.scm (argument->verify-options): New procedure.
(%options) ["verify"]: Adjust to use it.
* tests/guix-gc.sh: Add test.
* guix/scripts/offload.scm (check-machine-status): New procedure.
(guix-offload): Call it when the argument is "status".
* doc/guix.texi (Daemon Offload Setup): Document it.
* guix/scripts/system.scm (show-help): Add expression option.
(%options): Ditto.
(guix-system): Allow commands taking a file as an argument to use an
expression instead.
(process-action): Read operating-system from expression or file.
* doc/guix.texi (Invoking guix system): Introduce the expression option.
* gnu/bootloader/extlinux.scm (install-extlinux): Factorize bootloader
writing in a new procedure write-file-on-device defined in (gnu build
bootloader).
* gnu/build/bootloader.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add new file.
* gnu/system/vm.scm (qemu-img): Adapt to import and use (gnu build bootloader)
module during derivation building.
* gnu/scripts/system.scm (bootloader-installer-derivation): Ditto.
* guix/scripts/lint.scm (check-vulnerabilities): Also check for CVEs
listed as mitigated in the package properties.
* tests/lint.scm ("cve: known safe from vulnerability"): New test.
* guix/scripts/offload.scm (build-machines): Comment out
'(set! %fresh-auto-compile #t)' since with Guile 2.2.3 it could lead to
an actual rebuild of everything that gets loaded from there on. See
<https://bugs.gnu.org/29226>.
* guix/ui.scm (load*): Likewise.
Until now it would print the name of each store item being copied, which
was verbose and unhelpful.
* guix/scripts/system.scm (copy-closure): Use 'progress-reporter/bar'
and 'call-with-progress-reporter'.
(guix-system): Parameterize 'current-terminal-columns'.
* guix/scripts/system.scm (copy-item): Add 'references' argument and
remove 'references*' call. Turn into a non-monadic procedure.
(copy-closure): Remove initial call to 'references*'. Only pass ITEM to
'topologically-sorted*' since that's equivalent. Compute the list of
references corresponding to TO-COPY and pass it to 'copy-item'.
Reported at <https://bugs.gnu.org/27943>
by Danny Milosavljevic <dannym@scratchpost.org>.
* guix/scripts/lint.scm (%distro-directory): New variable.
(check-patch-file-names): Add check for the file name length.
* tests/lint.scm ("patches: file name too long"): New test.
This reverts commit 5f93d97005.
'guix pull' would fail because (guix self) needs 'scheme-files'
from (guix discovery), which was not exported until now.
This mitigates <https://bugs.gnu.org/27284>.
* guix/self.scm: New file.
* Makefile.am (MODULES): Add it.
* build-aux/build-self.scm (libgcrypt, zlib, gzip, bzip2, xz)
(false-if-wrong-guile, package-for-current-guile, guile-json)
(guile-ssh, guile-git, guile-bytestructures): Remove.
(build): Rewrite to simply delegate to 'compiled-guix'.
* gnu/packages.scm (%distro-root-directory): Rewrite to try different
directories.
* guix/discovery.scm (guix): Export 'scheme-files'.
* guix/scripts/pull.scm (build-and-install): Split into...
(install-latest): ... this. New procedure. And...
(build-and-install): ... this, which now takes a monadic value argument.
(indirect-root-added): Remove.
(guix-pull): Call 'add-indirect-root'. Call 'build-from-source' and
pass the result to 'build-and-install'.
Suggested by Marius Bakke <mbakke@fastmail.com>
in <https://bugs.gnu.org/29177>.
* guix/scripts/refresh.scm (all-packages): Pass #:select? to
'fold-packages'.
* guix/scripts/lint.scm (call-with-networking-fail-safe): New procedure.
(with-networking-fail-safe): New macro.
(current-vulnerabilities*): Rewrite in terms of 'with-networking-fail-safe'.
* guix/scripts/challenge.scm (summarize-report-list): New procedure.
(guix-challenge): Use it.
* doc/guix.texi (Invoking guix challenge): Adjust command output in
example.
Fixes <https://bugs.gnu.org/28731>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* guix/scripts/substitute.scm (at-most): New procedure.
(http-multiple-get): Use it to send at most 1000 requests at once.