* gnu/packages/patches/mpg321-CVE-2019-14247.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/mp3.scm (mpg321)[source]: Apply it.
Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net>
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/packages/databases.scm (libmemcached): Disable test suite. Removing
trailing #t.
[phases]{fix-configure}: Remove useless group in pattern.
{disable-failing-tests}: Remove phase.
{build-and-install-html-doc}: Order after the build phase.
[home-page]: Please 'guix lint'.
Reported-by: Simon Tournier <zimon.toutoune@gmail.com>
mongodb 3.4.10 has unpatched CVEs and mongodb 3.4.24 has some files in the
release tarball under the SSPL, therefore we cannot provide mongodb while
upholding to good security standards.
It turns out feff80cec3 was right since while
the main license file wasnt altered to SSPL, some files in the tree contain
SSPL headers.
* gnu/packages/databases.scm (go-gopkg.in-mgo.v2): Remove.
* gnu/packages/databases.scm (mongo-tools): Remove.
* doc/guix.texi (mongodb-service-type): Remove.
* gnu/tests/databases.scm (%test-mongodb, %mongodb-os, run-mongodb-test):
Remove.
* gnu/services/databases.scm (mongodb-configuration, mongodb-configuration?,
mongodb-configuration-mongodb, mongodb-configuration-config-file,
mongodb-configuration-data-directory, mongodb-service-type,
%default-mongodb-configuration-file, %mongodb-accounts, mongodb-activation,
mongodb-shepherd-service): Remove.
* gnu/packages/databases.scm (mongodb): Remove.
On some systems, the columns in /proc/self/mountinfo look like this:
23 28 0:21 / /proc rw,nosuid,nodev,noexec,relatime shared:11 - proc proc rw
Before this change, the mounts procedure was written with the assumption that
the type and source could always be found in columns 8 and 9, respectively.
However, the proc(5) man page explains that there can be zero or more optional
fields starting at column 7 (e.g., "shared:11" above), so this assumption is
false in some situations.
* guix/build/syscalls.scm (mounts): Update the match pattern to use ellipsis
to match zero or more optional fields followed by a single hyphen. Remove the
trailing ellipsis, since multiple ellipses are not allowed in the same level.
The proc(5) man page indicates that there are no additional columns, so it is
probably OK to match an exact number of columns at the end like this.
* gnu/packages/virtualization.scm (qemu): Update to 5.2.0.
[source]: Re-indent and break long lines, to appease 'guix lint'.
[arguments]{disable-unusable-tests}: Adjust for the new Meson build
system. Remove patching for a test workaround that has been resolved in
5.2.0.
{patch-test-shebangs, patch-/bin/sh-references}: Combine into...
{patch-embedded-shebangs}: ... this new phase. Patch the SHELL variable in
the Makefile.
{fix-optionrom-makefile}: New phase.
{install-user-static}: Adjust as the binaries are now symbolic links pointing to their
actual build path.
[native-inputs]: Add ninja.
* gnu/packages/patches/qemu-build-info-manual.patch: Update patch.
Co-authored-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Fixes <https://issues.guix.gnu.org/36117>.
Before this change, the 'binfmt_misc' entries registered for QEMU would not be
usable in container contexts outside of guix-daemon (without manually bind
mounting file names).
For example:
$ docker run --rm arm32v7/debian true
standard_init_linux.go:207: exec user process caused "no such file or directory"
After this change, any container can make use of the QEMU binfmt_misc
registrations, as their corresponding QEMU static binaries are fully
pre-loaded by the kernel.
* gnu/services/virtualization.scm (<qemu-platform>): Define using
'define-record-type*'.
[flags]: New field, which defaults to "F" (fix binary).
(%i386, %i486, %alpha, %arm, %armeb, %sparc, %sparc32plus, %ppc, %ppc64)
(%ppc64le, %m68k, %mips, %mipsel, %mipsn32, %mipsn32el, %mips64, %mips64el)
(%riscv32, %riscv64, %sh4, %sh4eb, %s390x, %aarch64, %hppa): Adjust.
(qemu-binfmt-guix-chroot): Remove variable.
(qemu-binfmt-service-type): Remove the qemu-binfmt-guix-chroot extension.
* gnu/services/qemu-binfmt (qemu-platform->binfmt): Use the static output of
QEMU.
* doc/contributing.texi (Submitting Patches): Update doc.
* doc/guix.texi (Virtualization Services): Update doc.
The static output is equivalent to what other distributions commonly package
as 'qemu-user-static'.
* gnu/packages/virtualization.scm (qemu)[outputs]: Add a static output.
[phases]{configure}: Configure the main build as an out-of-source build. Move
all configure flags to ...
[configure-flags]: ... here. The options explicitly enabling optional
features are removed; the configure script does a good job at enabling all the
features available based on the inputs present and this allows reusing the
flags in variant packages such as qemu-minimal.
{configure-user-static, build-user-static, install-user-static}: New phases.
{patch-test-shebangs}: New phase, extracted from the configure phase.
[native-inputs]: Add glib-static, pcre:static and zlib:static.
(qemu-minimal)[arguments]: Reuse the configure-flags argument. Rewrite to use
match instead of cond.