This allows substitutes to be downloaded from unauthorized servers, as
long as they advertise the same hash and references as one of the
authorized servers.
* guix/scripts/substitute.scm (assert-valid-narinfo): Remove.
(valid-narinfo?): Add #:verbose?. Handle each case of
'signature-case'.
(equivalent-narinfo?): New procedure.
(lookup-narinfos/diverse): Add 'authorized?' parameter and honor it.
[select-hit]: New procedure.
(lookup-narinfo): Add 'authorized?' parameter and pass it.
(process-query): Adjust callers accordingly.
(process-substitution): Remove call to 'assert-valid-narinfo'. Check
whether 'lookup-narinfo' returns true and call 'leave' if not.
* tests/substitute.scm (%main-substitute-directory)
(%alternate-substitute-directory): New variables.
(call-with-narinfo): Make 'narinfo-directory' a parameter. Call
'mkdir-p' to create it. Change unwind handler to check whether
CACHE-DIRECTORY exists before deleting it.
(with-narinfo*): New macro.
("substitute, no signature")
("substitute, invalid hash")
("substitute, unauthorized key"): Change expected error message to "no
valid substitute".
("substitute, unauthorized narinfo comes first")
("substitute, unsigned narinfo comes first")
("substitute, first narinfo is unsigned and has wrong hash")
("substitute, first narinfo is unsigned and has wrong refs")
("substitute, unsigned narinfo comes first")
("substitute, two invalid narinfos"): New tests.
* doc/guix.texi (Substitutes): Explain the new behavior.
* guix/scripts/substitute.scm (%cache-urls): Rename to...
(%default-substitute-urls): ... this.
(substitute-urls): New variable.
(guix-substitute): Use it instead of %CACHE-URLS.
* tests/substitute.scm: Likewise.
* guix/build/download.scm (http-fetch): Complete the hard-coded list of HTTP
redirection status codes.
* guix/http-client.scm (http-fetch): Likewise.
* guix/scripts/lint.scm (probe-uri): Likewise.
When current-processor-count is used without (ice-9 threads) being used, Guile
complains with the following warning:
Import (ice-9 threads) to have access to `current-processor-count'.
* guix/store.scm: Use (ice-9 threads).
Partly fixes <https://bugs.gnu.org/28159>.
Suggested by Hartmut Goebel <h.goebel@crazy-compilers.com>.
* guix/gnu-maintenance.scm (%gnu-file-list-uri): New variable.
(ftp.gnu.org-files, latest-gnu-release): New procedures.
(%gnu-updater)[pred]: Change to GNU-HOSTED?.
[latest]: Change to LATEST-GNU-RELEASE.
(%gnu-ftp-updater): New variable.
Previously (mlambda () (define foo 2) bar) would trigger a syntax error.
* guix/memoization.scm (%mlambda): In the zero-argument case, move
BODY... to a lambda to allow for inner 'define' and such.
Detecting when no files were installed was broken when switching to use
cond. Test with (not (null? ...)) to fix this.
* guix/build/emacs-build-system.scm (install): Fix detecting when no files
were installed.
Modify the install phase to detect when nothing has been installed, and error
if this happens. This is preferable to continuing, and allowing the next phase
to fail.
Also, when nothing can be found to be installed, print out each file that was
considered, along with the regular expressions that were used to include and
exclude it.
* gnu/build/emacs-build-system.scm (install-file?): Add additional error
checking and logging.
Fixes <http://bugs.gnu.org/27157>.
Having a finite default `max-silent-time' value for scripts such as 'guix
environment' could lead to timeouts when building subtitutes; this was
undesirable.
This change also fixes client behavior to match the documentation, which
is that by default the daemon's settings are honored.
* guix/scripts/archive.scm (%default-options): Remove max-silent-time entry.
* guix/scripts/copy.scm (%default-options): Likewise.
* guix/scripts/environment.scm (%default-options): Likewise.
* guix/scripts/pack.scm (%default-options): Likewise.
* guix/scripts/package.scm (%default-options): Likewise.
* guix/scripts/pull.scm (%default-options): Likewise.
* guix/scripts/system.scm (%default-options): Likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/download.scm (%mirrors)[sourceforge]: Remove
nbtelecom.dl.sourceforge.net, which never returns 404 responses. This causes
download failures due to hash mismatch, effectively preventing secondary
source URLs from being queried.
Fixes <http://bugs.gnu.org/28212>.
Reported by Leo Famulari <leo@famulari.name>.
* guix/build/graft.scm (replace-store-references): When I >= END, check
whether WRITTEN > END and call 'get-bytevector-n!' when it is.
* tests/grafts.scm (buffer-size): New variable.
("replace-store-references, <http://bugs.gnu.org/28212>"): New test.
Works around <https://bugs.gnu.org/28211>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* guix/packages.scm (guile-2.0): New procedure.
(package-derivation, package-cross-derivation): Use it when computing
the #:guile argument to 'graft-derivation'.
* gnu/bootloader.scm (<bootloader-configuration>): Deprecate "device" field in
favor of "target" field. This is mostly a renaming but also a generalization
to support UEFI targets being paths to a mounted partition instead of a device
name.
* gnu/system/examples/bare-bones.tmpl:
* gnu/system/examples/desktop.tmpl:
* gnu/system/examples/lightweight-desktop.tmpl:
* gnu/system/examples/vm-image.tmpl:
* gnu/system/install.scm:
* gnu/tests.scm:
* gnu/tests/install.scm:
* gnu/tests/nfs.scm:
* tests/system.scm: Adapt all invocations of bootloader-configuration.
* guix/scripts/system.scm (perform-action): Rename device argument to
bootloader-target.
(process-action): Adapt caller.
* doc/guix.texi (Proceeding with the Installation):
* doc/guix.texi (Bootloader Configuration): Update documentation.
* guix/scripts/download.scm (guix-download): Treat the URL argument as a local
file path when it fails on 'string->uri'. Call 'fetch' with the processed
'uri' instead of the original URL argument.
* tests/guix-download.sh: Adjust accordingly.
* guix/scripts/pull.scm (build-from-source): Add #:commit parameter.
Pass it to BUILD.
(build-and-install): Add #:commit and pass it to 'build-from-source'.
(guix-pull): Pass #:commit to 'build-and-install'.
* guix/scripts/pull.scm (%snapshot-url, with-environment-variable)
(with-PATH): Remove.
(ensure-guile-git!): New procedure.
(%repository-url): New variable.
(%default-options): Add 'repository-url' and 'ref'.
(show-help, %options): Add '--commit' and '--url'.
(temporary-directory, first-directory, interned-then-deleted)
(unpack): Remove.
(build-from-source): Rename 'tarball' to 'source'. Remove call to
'unpack'.
(build-and-install): Rename 'tarball' to 'source'.
(honor-lets-encrypt-certificates!, report-git-error): New procedures.
(with-git-error-handling): New macro.
(guix-pull)[fetch-tarball]: Remove.
Wrap body in 'with-git-error-handling'. Rewrite to use
'latest-repository-commit'.
* build-aux/build-self.scm (build): Print an error message and exit when
GUILE-GIT is #f.
* doc/guix.texi (Invoking guix pull): Mention Git. Document '--commit'
and '--branch'.
Fixes <https://bugs.gnu.org/27820>.
Reported by Hartmut Goebel <h.goebel@crazy-compilers.com>.
* guix/scripts/package.scm (%options) <"-u">: Emit a warning when ARG
starts with "-".
* guix/git-download.scm (git-predicate): Remove call to
'canonicalize-path' since this could lead to discrepancies. For
instance it broke 'make update-guix-package' since it passes a
non-canonical directory name.
* gnu/bootloader.scm (menu-entry-device-mount-point): New variable. Export it.
(<menu-entry>: New field "device".
* gnu/bootloader/grub.scm (grub-confgiuration-file): Handle <menu-entry>
entries.
* gnu/bootloader/extlinux.scm (extlinux-configuration-file): Handle
<menu-entry> entries.
* gnu/system.scm (menu->entry->boot-parameters): Delete variable.
(boot-parameters->menu-entry): New variable. Export it.
(operating-system-bootcfg): Make OLD-ENTRIES a list of <menu-entry>.
* guix/script/system.scm (reinstall-bootloader): Fix bootcfg usage.
(perform-action): Fix bootcfg usage.
Adjust 'git-predicate' to use data structures that perform better when used
with git repositories with a large number of files.
Previously when matching either a regular file or directory, 'git-predicate'
would search a list with a length equal to the number of files in the
repository. As a search operation happens for roughly every file in the
repository, this meant that the time taken to use 'git-predicate' to traverse
all the files in a repository was roughly exponential with respect to the
number of files in the repository.
Now, for matching regular files or symlinks, 'git-predicate' uses a vhash
using the inode value as the key. This should perform roughly in constant
amount of time, instead of linear with respect to the number of files in the
repository.
For matching directories, 'git-predicate' now uses a tree structure stored in
association lists. To check if a directory is in the tree, the tree is
traversed from the root. The time complexity of this depends on the shape of
the tree, but it should be an improvement on searching through the list of all
files.
* guix/git-download.scm (files->directory-tree, directory-in-tree?): New
procedures.
(git-predicate): Compute DIRECTORY-TREE. Turn INODES into a vhash.
Adjust body of lambda accordingly.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
The '%slots' list could grow indefinitely; in practice though,
guix-daemon is likely to restart 'guix offload' often enough.
* guix/scripts/offload.scm (%slots): Remove.
(choose-build-machine): Don't 'set!' %SLOTS. Return the acquired slot
as a second value.
(process-request): Adjust accordingly. Release the returned slot after
'transfer-and-offload'.
This fixes a memory leak that can be seen by running:
(map (lambda _ (machine-load m)) (iota 1000))
* guix/scripts/offload.scm (machine-load): Add call to 'disconnect!'.
Suggested by Mark H Weaver <mhw@netris.org>.
* guix/scripts/publish.scm (nar-expiration-time): New procedure.
(render-narinfo/cached): Use it as the #:entry-expiration passed to
'maybe-remove-expired-cache-entries'.