This allows containers created by "guix environment -CN" or by
"guix system container -N" to talk to the host nscd.
* gnu/system/file-systems.scm (%network-file-mappings): Add
"/var/run/nscd".
* gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove.
* gnu/system/linux-container.scm (container-script)[nscd-run-directory]
[nscd-mapping, nscd-os, nscd-specs]: Remove.
[script]: Filter out from SPECS bind-mounts where the device does not
exist.
* guix/scripts/environment.scm (launch-environment/container)
[optional-mapping->fs]: New procedure.
[mappings]: Remove %NETWORK-FILE-MAPPINGS.
[file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through
'optional-mapping->fs'.
* doc/guix.texi (Invoking guix environment): Add --no-cwd.
* guix/scripts/environment.scm (show-help, %options): Add --no-cwd.
(launch-environment/container): Add 'map-cwd?' param; only add mapping
for cwd if #t. Only change to cwd within container if #t, otherwise
home.
(guix-environment): Error if --no-cwd without --container. Provide
'(not no-cwd?)' to launch-environment/container as 'map-cwd?'.
* tests/guix-environment.sh: Add test for no-cwd.
Co-authored-by: Mike Gerwitz <mtg@gnu.org>
* guix/scripts/environment.scm (launch-environment/container): Only
apply override-user-mappings to user-mappings and cwd. Do not apply to
network configuration mapping and inputs.
* guix/scripts/environment.scm (launch-environment/container): Add UID
and GID. Use them in PASSWD and GROUPS. Pass them as #:guest-uid and
#:guest-gid to 'call-with-container'.
* tests/guix-environment-container.sh: Test the inner UID.
In '--user' test, replace hard-coded 0 with 1000.
* doc/guix.texi (Invoking guix environment): Adjust accordingly.
Reported by Pierre Neidhardt <mail@ambrevar.xyz>.
* guix/scripts/environment.scm (launch-environment/container): Create
GROUPS and call 'write-group'.
* tests/guix-environment-container.sh: Test it.
* guix/scripts/environment.scm (launch-environment/container): Remove
call to 'mock-passwd'; instantiate a <password-entry> instead. Call
'write-passwd' to write the pasword database instead of using custom
code.
(mock-passwd): Remove.
* tests/guix-environment-container.sh: Test 'getpwuid'.
* guix/scripts/environment.scm (%options): Remove "--exec", which was
deprecated in commit 1de2fe95e0 in 2015.
* tests/guix-environment.sh: Remove use of '-E'.
* guix/scripts/environment.scm (purify-environment): Add 'white-list'
parameter and honor it.
(create-environment): Add #:white-list parameter and honor it.
(launch-environment): Likewise.
(launch-environment/fork): Likewise.
(show-help, %options): Add '--inherit'.
(guix-environment): Define 'white-list' and pass it to
'launch-environment/fork'.
* tests/guix-environment.sh: Test '--inherit'.
* doc/guix.texi (Invoking guix environment): Document it.
The previous '--verbosity' option was misleading and rarely what users
were looking for. The new option provides a consistent way to choose
whether or not to display the build log.
* guix/scripts/build.scm (show-build-options-help): Remove "--verbosity"
and add "--debug".
(set-build-options-from-command-line): Use the 'debug key of OPTS for
#:verbosity.
(%standard-build-options): Change "verbosity" to "debug". Use
'string->number*' instead of 'string->number'.
(%default-options): Change 'verbosity to 'debug and add a 'verbosity
key.
(show-help): Add '--verbosity'.
(%options): Likewise, and change '--quiet' to set the 'verbosity key of
RESULT.
(guix-build): Use 'with-status-verbosity' instead of parameterizing
CURRENT-BUILD-OUTPUT-PORT, honor the 'verbosity key of OPTS, and remove
'quiet?'.
* guix/scripts/environment.scm (show-help, %options): Add '--verbosity'.
(%default-options): Add 'debug'.
(guix-environment): Honor the 'verbosity key of OPTS.
* guix/scripts/pack.scm (%default-options): Add 'debug.
(%options, show-help): Add '--verbosity'.
(guix-pack): Honor the 'verbosity key of OPTS.
* guix/scripts/package.scm (%default-options): Add 'debug.
(show-help, %options): Add '--verbosity'. Mark '--verbose' as
deprecated and change it to set 'verbosity.
(guix-package): Honor the 'verbosity key of OPTS and remove 'verbose?'.
* guix/scripts/pull.scm (%default-options): Add 'debug.
(show-help, %options): Add '--verbosity'.
(guix-pull): Honor the 'verbosity key of OPTS.
* guix/scripts/system.scm (show-help, %options): Add '--verbosity'.
(%default-options): Add 'debug.
(guix-system): Honor the 'verbosity key of OPTS.
* guix/scripts/archive.scm (%default-options): Add 'debug,
'print-build-trace?, 'print-extended-build-trace?, and
'multiplexed-build-output?.
(show-help, %options): Add '--verbosity'.
(export-from-store): Remove call to 'set-build-options-from-command-line'.
(guix-archive): Wrap body in 'with-status-verbosity'. Add call to
'set-build-options-from-command-line.
* doc/guix.texi (Common Build Options): Document '--verbosity' and
'--debug'.
(Additional Build Options): Adjust description of '--quiet'.
Previously we'd use the (sequence M (map P L)) idiom just because 'mapm'
was slower (not specialized for the given monad). This is no longer the
case since commit dcb95c1fc9.
* guix/gexp.scm (lower-inputs): Use (mapm M P L) instead of (sequence
M (map P L)).
(lower-references, gexp->sexp, imported-files): Likewise.
* guix/profiles.scm (profile-derivation): Likewise.
* guix/scripts/environment.scm (inputs->requisites): Likewise.
* guix/scripts/system.scm (copy-closure): Likewise.
This allows for more accurate status tracking and parsing of extended
build traces.
* guix/status.scm (multiplexed-output-supported?): New procedure.
(print-build-event): Don't print \r when PRINT-LOG? is true.
Adjust 'build-log' handling for when 'multiplexed-output-supported?'
returns true.
(bytevector-index, split-lines): New procedures.
(build-event-output-port)[%build-output-pid, %build-output]
[%build-output-left]: New variables.
[process-line]: Handle "@ build-output" traces.
[process-build-output]: New procedure.
[write!]: Add case for when %BUILD-OUTPUT-PID is true. Use
'bytevector-index' rather than 'string-index'.
(compute-status): Add #:derivation-path->output-path. Use it.
* tests/status.scm ("compute-status, multiplexed build output"):
New test.
("build-output-port, UTF-8")
("current-build-output-port, UTF-8 + garbage"): Adjust to new
'build-log' output.
* guix/scripts/build.scm (set-build-options-from-command-line):
Pass #:multiplexed-build-output?.
(%default-options): Add 'multiplexed-build-output?'.
* guix/scripts/environment.scm (%default-options): Likewise.
* guix/scripts/pack.scm (%default-options): Likewise.
* guix/scripts/package.scm (%default-options): Likewise.
* guix/scripts/pull.scm (%default-options): Likewise.
* guix/scripts/system.scm (%default-options): Likewise.
* guix/profiles.scm (profile-search-paths): New procedure.
* guix/scripts/environment.scm (evaluate-search-paths): Remove.
(create-environment): Replace 'paths' with 'manifest'. Use
'profile-search-paths' instead of 'evaluate-search-paths'.
(show-search-paths): Likewise.
(launch-environment): Replace 'paths' with 'manifest'. Make 'pure?' a
keyword parameter.
(launch-environment/fork, launch-environment/container): Likewise.
(guix-environment): Remove 'paths' variable. Adjust callers of the
above procedures accordingly.
* guix/scripts/environment.scm (strip-input-name)
(package+propagated-inputs, package-or-package+output?)
(compact): Remove.
(inputs->profile-derivation): Rename to...
(manifest->derivation): ... this. Replace 'inputs' parameter with
'manifest'.
(input->manifest-entry): New procedure.
(package-environment-inputs): Rewrite to return a list of manifest
entries.
(options/resolve-packages): Rewrite to return a manifest.
(guix-environment): Remove 'inputs'. Define 'paths' in terms of
'manifest-search-paths'.
* guix/scripts/environment.scm (options/resolve-packages): When loading
manifest files, use the same module environment as in "guix package".
Signed-off-by: Ludovic Courtès <ludovic.courtes@inria.fr>
This change allows overriding the home directory of all filesystem mappings to
help hide the identity of the calling user in a container.
* doc/guix.texi (Invoking guix environment)[--container]: Mention --user.
[--user]: Add item.
* guix/scripts/environment.scm (show-help): Add --user.
(%options): Add --user.
(launch-environment/container) Add 'user' parameter. Update doc. Override
'user-mappings' using 'override-user-mappings'. Consider override for chdir.
(mock-passwd, user-override-home, overrid-euser-dir): New procedures.
(guix-environment): Disallow --user without --container. Provide user to
'launch-environment/container'.
* tests/guix-environment.sh: Add user test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This change is motivated by attempts to run programs (like GNU IceCat) within
containers. The 'fontconfig' program, for example, is configured explicitly
to check ~/.guix-profile for additional fonts.
There were no existing container tests in 'tests/guix-environment.sh', but I
added one anyway for this change.
* doc/guix.texi (Invoking guix environment): Add '--link-profile'.
* guix/scripts/environment.scm (show-help): Add '--link-profile'.
(%options): Add 'link-profile' as '#\P', assigned to 'link-profile?'.
(link-environment): New procedure.
(launch-environment/container): Use it when 'link-profile?'.
[link-profile?]: New parameter.
(guix-environment): Leave when '--link-prof' but not '--container'. Add
'#:link-profile?' argument to 'launch-environment/container' application.
* tests/guix-environment-container.sh: New '--link-profile' test.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <http://bugs.gnu.org/27157>.
Having a finite default `max-silent-time' value for scripts such as 'guix
environment' could lead to timeouts when building subtitutes; this was
undesirable.
This change also fixes client behavior to match the documentation, which
is that by default the daemon's settings are honored.
* guix/scripts/archive.scm (%default-options): Remove max-silent-time entry.
* guix/scripts/copy.scm (%default-options): Likewise.
* guix/scripts/environment.scm (%default-options): Likewise.
* guix/scripts/pack.scm (%default-options): Likewise.
* guix/scripts/package.scm (%default-options): Likewise.
* guix/scripts/pull.scm (%default-options): Likewise.
* guix/scripts/system.scm (%default-options): Likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Before this change '--substitute-urls' would be ignored.
* guix/scripts/environment.scm (build-environment): Remove redundant
call to 'set-build-options-from-command-line*'.
(guix-environment): Move 'set-build-options-from-command-line' right
after 'with-store'.
Reported by Efraim Flashner.
This is a followup to a654dc4bcf.
* guix/profiles.scm (profile-derivation): Add #:allow-collisions? and
honor it.
* guix/scripts/environment.scm (inputs->profile-derivation): Pass
#:allow-collisions? #f to 'profile-derivation'.
* tests/guix-environment.sh: Test "guix environment guix".
* guix/scripts/environment.scm (launch-environment/container): Include the
file name in the call to string=? when deciding if the file should be
writable.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reported by Chris Webber.
* guix/scripts/build.scm (register-root): If ROOT is absolute, keep it
as is.
* guix/scripts/environment.scm (register-gc-root): Likewise.
* tests/guix-environment.sh (expected): Add test.
Commit 1af0860e8b added a mandatory
dependency on 'glibc-utf8-locales', which entails long rebuilds for
tests.
* guix/profiles.scm (profile-derivation): Add #:locales? parameter.
Add 'set-utf8-locale' variable. Use it when LOCALES? is true.
(link-to-empty-profile): Pass #:locales? #f.
* guix/scripts/environment.scm (inputs->profile-derivation): Pass
#:locales?.
* guix/scripts/package.scm (build-and-use-profile): Likewise.
* tests/packages.scm ("--search-paths with pattern"): Pass #:locales? #f.
* tests/profiles.scm ("profile-derivation")
("profile-derivation, inputs", "profile-manifest, search-paths")
("etc/profile", "etc/profile when etc/ already exists"):
("etc/profile when etc/ is a symlink"): Likewise.
* gnu/build/linux-container.scm (mount-file-systems): 'mounts' is now a
list of <file-system> objects instead of a list of lists ("specs").
Add call to 'file-system->spec' as the argument to 'mount-file-system'.
(run-container, call-with-container): Adjust docstring accordingly.
* gnu/system/file-systems.scm (spec->file-system): New procedure.
* gnu/system/linux-container.scm (container-script)[script]: Call
'spec->file-system' inside gexp.
* guix/scripts/environment.scm (launch-environment/container): Remove
call to 'file-system->spec'.
* tests/containers.scm ("call-with-container, mnt namespace")
("call-with-container, mnt namespace, wrong bind mount"): Pass a list of
<file-system> objects.
* guix/scripts/archive.scm, guix/scripts/build.scm,
guix/scripts/environment.scm, guix/scripts/system.scm,
guix/scripts/package.scm: Disable grafting when a dry-run parameter is given.
* guix/scripts/environment.scm (create-environment): Set
'GUIX_ENVIRONMENT' to PROFILE.
* tests/guix-environment.sh: Test it.
* doc/guix.texi (Invoking guix environment): Document it.
Switching to execlp means that the process spawned in a container is PID
1, which obsoleted one of the 'guix environment --container' tests
because the init process can't be killed in the usual manner.
* guix/scripts/environment.scm (launch-environment/fork): New procedure.
(launch-environment): Switch from system* to execlp. Add handler for
SIGINT.
(guix-environment): Use launch-environment/fork.
* tests/guix-environment-container.sh: Replace abnormal exit test with
one that works now that the spawned process is PID 1.
* guix/scripts/environment.scm (launch-environment/container): Change
$HOME to the current user's home directory instead of
/homeless-shelter. Create a dummy /etc/passwd with a single entry for
the current user.
* doc/guix.texi ("invoking guix environment"): Add a note about the
dummy home directory and /etc/passwd.
Fixes <http://bugs.gnu.org/19816>.
* guix/scripts/environment.scm (evaluate-input-search-paths)
(build-inputs): Delete.
(evaluate-profile-search-paths, strip-input-name)
(package-or-package+output?, package-environment-inputs)
(build-environment, inputs->profile-derivations): New procedures.
(create-environment, show-search-paths, launch-environment)
(launch-environment/container): Replace 'inputs' argument
with 'profile' argument.
(package+propagated-inputs): Strip off names off of input tuples.
(options/resolve-packages): Handle input tuples that specify an output
in expressions.
(guix-environment): Convert inputs into a profile to use in the
environment. Remove non-package inputs such as origins from
environment inputs.
* doc/guix.texi ("invoking guix environment"): Document package+output
tuples for --expression option.
* tests/guix-environment.sh: Update tests.
* tests/guix-environment-container.sh: Likewise.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>