Previously, on machines where /etc/ssl/certs did exist, we'd have this:
$ unset SSL_CERT_DIR
$ unset SSL_CERT_FILE
$ guix pull
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: Git error: the SSL certificate is invalid
This is because we'd let OpenSSL look for certificates in its default
location, which is an empty directory in its own prefix.
* guix/scripts/pull.scm (honor-x509-certificates): New procedure.
(guix-pull): Use it instead of calling 'honor-lets-encrypt-certificates!'.
Previously a command like:
$(readlink -f ~/.config/guix/current)/bin/guix describe
would succeed without printing anything.
* guix/scripts/describe.scm (display-profile-info): Don't call
'generation-file-name' when NUMBER is zero.
* guix/scripts/pull.scm (display-profile-content): Likewise.
* guix/gnupg.scm (%gpgv-command, current-keyring): New variables
(gnupg-verify): Add optional 'keyring' parameter. Use 'gpgv' instead of
'gpg' and pass it '--keyring'.
(gnupg-receive-keys): Add optional 'keyring' parameter and honor it.
(gnupg-verify*): Add #:keyring and honor it.
* guix/scripts/refresh.scm (%options, show-help): Add '--keyring'.
(guix-refresh): Parameterize CURRENT-KEYRING.
* doc/guix.texi (Invoking guix refresh): Document '--keyring' and the
keybox format.
Reported-by: Ludovic Courtès <ludo@gnu.org>.
* guix/scripts/build.scm (guix-build),
guix/scripts/package.scm (guix-package): Duplicate port before handing it to
build-output-port.
* guix/profiles.scm (package->manifest-entry): Add #:properties and
honor it.
* guix/scripts/package.scm (package-provenance)
(package->manifest-entry*): New procedures.
(transaction-upgrade-entry, options->installable): Use
'package->manifest-entry*' instead of 'package->manifest-entry'.
* guix/channels.scm: New file.
* Makefile.am (MODULES): Add it.
* guix/scripts/pull.scm: Use it.
(%default-options): Remove 'repository-url' and 'ref'.
(show-help, %options): Add '--channels'.
(%self-build-file, %pull-version, build-from-source)
(whole-package-for-legacy, derivation->manifest-entry): Remove. These
now exist in a similar form in (guix channels).
(build-and-install): Change 'source' to 'instances'. Remove #:url,
#:branch, and #:commit. Rewrite using 'channel-instances->manifest'.
(channel-list): New procedure.
(guix-pull): Parameterize %REPOSITORY-CACHE-DIRECTORY. Call
'honor-lets-encrypt-certificates!' unconditionally. Load
~/.config/guix/channels.scm. Rewrite to use (guix channels).
[use-le-certs?]: Remove.
* po/guix/POTFILES.in: Add (guix channels).
* doc/guix.texi (Invoking guix pull): Group the description of '--url',
'--commit', and '--branch'. Remove mention of 'GUIX_PULL_URL'. Add
references to "Channels". Document '--channels'.
(Channels): New node.
(Defining Packages): Link to "Channels" instead of "Package Modules".
(Invoking guix edit): Link to "Package Modules" instead of "Defining
Packages".
(Package Modules): Document both GUIX_PACKAGE_PATH and channels.
The autoload hack was added a year ago, before 0.14.0, i.e., before any
release would depend on Guile-Git. Both 0.14.0 and 0.15.0 required
Guile-Git, and 'guix pull' now automatically pulls it in, so this hack
is no longer necessary.
* guix/scripts/pull.scm: Use (git) and (guix git). Remove top-level
call to 'module-autoload!'.
(ensure-guile-git!): Remove.
(guix-pull): Remove call to 'ensure-guile-git!'.
Threaded compression makes archives non-deterministic: the result depends on
the number of threads used for compressing. See <https://bugs.gnu.org/31015>.
This reverts commit 63102406f2.
* guix/scripts/pull.scm (display-profile-news): New procedure.
(build-and-install): Call it.
(display-new/upgraded-packages): Add #:heading and honor it.
Reported by Roel Janssen <roel@gnu.org>
at <https://lists.gnu.org/archive/html/guix-devel/2018-07/msg00036.html>.
* guix/profiles.scm (switch-to-generation): Use (basename generation) as
the symlink target.
* guix/scripts/package.scm (build-and-use-profile): Likewise,
use (basename name) as the symlink target.
* tests/guix-package.sh: Adjust --roll-back test accordingly. Add
explicitly test with '-p foo/prof'.
* guix/profiles.scm (profile-search-paths): New procedure.
* guix/scripts/environment.scm (evaluate-search-paths): Remove.
(create-environment): Replace 'paths' with 'manifest'. Use
'profile-search-paths' instead of 'evaluate-search-paths'.
(show-search-paths): Likewise.
(launch-environment): Replace 'paths' with 'manifest'. Make 'pure?' a
keyword parameter.
(launch-environment/fork, launch-environment/container): Likewise.
(guix-environment): Remove 'paths' variable. Adjust callers of the
above procedures accordingly.
* guix/scripts/environment.scm (strip-input-name)
(package+propagated-inputs, package-or-package+output?)
(compact): Remove.
(inputs->profile-derivation): Rename to...
(manifest->derivation): ... this. Replace 'inputs' parameter with
'manifest'.
(input->manifest-entry): New procedure.
(package-environment-inputs): Rewrite to return a list of manifest
entries.
(options/resolve-packages): Rewrite to return a manifest.
(guix-environment): Remove 'inputs'. Define 'paths' in terms of
'manifest-search-paths'.
* guix/scripts/container.scm (guix-container):
* guix/scripts/import.scm (guix-import):
* guix/scripts/substitute.scm (guix-substitute): Add -V as the short option
for --version to match show-help's description.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Until now, running "guix pack -s i686-linux" on an x86_64-linux machine,
for instance, would use an x86_64 guile for module derivations. This
was OK until now, but would break when passing "--localstatedir" due to
the introduction of guile-sqlite3: we'd be using the i686 guile-sqlite3
along with the x86_64 guile.
* guix/scripts/pack.scm (guix-pack): Pass the 'system option from OPTS
to 'package-derivation'.
This fixes a regression introduced in
df2f6400b1fbc282ef4d6dd7124ea1c17adc23c2: since the new
'register-path' (actually 'reset-timestamps') would make files
read-only, 'delete-file-recursively' would fail to delete them. Thus,
re-running 'guix system init' on an already-populated store would fail
with a 'delete-file' EPERM.
* guix/scripts/system.scm (copy-item): Use 'lstat' instead of
'file-exists?'. Call 'make-file-writable' on each directory below
DEST.
Fixes a regression introduced in
c45477d2a1.
Reported by Christopher Baines <mail@cbaines.net>.
* guix/scripts/pack.scm (not-config?, guile-sqlite3&co): New variables.
(self-contained-tarball)[not-config?]: Remove.
[build]: Use GUILE-SQLITE3&CO for 'with-extensions'.
(squashfs-image)[libgcrypt]: New variable.
[build]: Use 'source-module-closure', 'make-config.scm', and
'with-extensions'.
(docker-image)[not-config?]: Remove.
Without this change, running guix pack fails as (guix sets) is missing when
compiling (guix build store-copy).
* guix/scripts/pack.scm (docker-image): Move (guix build store-copy) to within
the source-module-closure call.
* gnu/build/install.scm (register-closure): Add #:reset-timestamps? and
and #:schema; honor them. Rewrite in terms of 'register-path'.
(populate-single-profile-directory): Add #:schema and honor it. Make
/var/guix/profiles and /var/guix/gcroots.
* gnu/build/vm.scm (root-partition-initializer): Pass
#:reset-timestamps? to 'register-closure'.
* gnu/system/vm.scm (not-config?): New procedure.
(guile-sqlite3&co): New variable.
(expression->derivation-in-linux-vm)[config]: New variable.
[builder]: Use 'with-extensions'.
(iso9660-image)[schema, config]: New variables.
Wrap build expression in 'with-extensions'; add 'sql-schema' call.
Remove GUIX from INPUTS.
(qemu-image)[schema, config]: New variables.
Wrap body in 'with-extensions'.
(system-docker-image)[not-config?]: Remove.
[config]: Use 'make-config.scm'.
[schema]: New variable.
[build]: Use 'with-extensions'. Add call to 'sql-schema'. Remove GUIX
from INPUTS.
* gnu/system/file-systems.scm (%store-prefix): Check whether
'%store-prefix' is defined.
* guix/scripts/pack.scm (self-contained-tarball)[not-config?]
[libgcrypt, schema]: New variables.
[build]: Wrap in 'with-extensions'. Adjust imported module list to use
'make-config.scm' for (guix config).
The previous implementation of 'read-reference-graph' was good enough
for many use cases, but it discarded the graph structure, which is
useful information in some cases.
* guix/build/store-copy.scm (<store-info>): New record type.
(read-reference-graph): Rewrite to return a list of <store-info>.
(closure-size, populate-store): Adjust accordingly.
* gnu/services/base.scm (references-file): Adjust accordingly.
* gnu/system/vm.scm (system-docker-image): Likewise.
* guix/scripts/pack.scm (squashfs-image, docker-image): Likewise.
* tests/gexp.scm ("gexp->derivation #:references-graphs"): Likewise.
* guix/scripts/offload.scm (call-with-timeout): New procedure.
(with-timeout): New macro.
(process-request): Use it around 'transfer-and-offload' call.