Commit graph

75662 commits

Author SHA1 Message Date
Tobias Geerinckx-Rice
2baae75e82
gnu: isc-dhcp: Update bundled bind to 9.11.29.
* gnu/packages/admin.scm (isc-dhcp)[inputs]: Update bundled bind to
9.11.29.
2021-03-18 17:08:10 +01:00
Tobias Geerinckx-Rice
000e27b3d7
gnu: bind: Update to 9.16.13.
* gnu/packages/dns.scm (isc-bind): Update to 9.16.13.
2021-03-18 17:08:10 +01:00
Florian Pelz
9783645ee8
news: Add ‘de’ translation. 2021-03-18 14:38:57 +00:00
Ludovic Courtès
1955ef93b7
news: Add entry for '--keep-failed' vulnerability.
* etc/news.scm: Add entry.
2021-03-18 12:34:02 +01:00
Ludovic Courtès
94f0312546
gnu: guix: Update to ec7fb66 [security].
This updates the 'guix' package so that it provides the fix
for <https://bugs.gnu.org/47229>.

* gnu/packages/package-management.scm (guix): Update to ec7fb66.
2021-03-18 12:32:03 +01:00
Ludovic Courtès
ec7fb66994
daemon: Prevent privilege escalation with '--keep-failed' [security].
Fixes <https://bugs.gnu.org/47229>.
Reported by Nathan Nye of WhiteBeam Security.

* nix/libstore/build.cc (DerivationGoal::startBuilder): When 'useChroot'
is true, add "/top" to 'tmpDir'.
(DerivationGoal::deleteTmpDir): Adjust accordingly.  When
'settings.keepFailed' is true, chown in two steps: first the "/top"
sub-directory, and then rename "/top" to its parent.
2021-03-18 12:18:56 +01:00
Leo Famulari
898489f48e
services: Enable "protected hardlinks" and "protected symlinks" by default.
References:

https://sysctl-explorer.net/fs/protected_hardlinks/
https://sysctl-explorer.net/fs/protected_symlinks/

* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-18 12:17:33 +01:00
Léo Le Bouter
45695cc8a7
Revert "gnu: python2-urllib3: Update to 1.26.4 [fixes CVE-2021-28363]."
In response to commit 1a265842e6 we should no
longer need this. Also see <https://bugs.gnu.org/47186>.

This reverts commit db87d6ddaf.
2021-03-18 11:26:11 +01:00
Léo Le Bouter
2e0ff59f0c
gnu: imagemagick/fixed: Redirect old sonames to new sonames.
* gnu/packages/imagemagick.scm (imagemagick/fixed)[arguments]: Add
'fix-compat-cheat-rename-so phase to redirect old soname paths (expected
without grafting) to new sonames introduced by ImageMagick 6.9.12-0 and
later. These sonames are probably not forward compatible but most probably
backwards compatible so it should suffice until we remove the graft.
2021-03-18 11:13:18 +01:00
Leo Famulari
334c6850c6
gnu: linux-libre 4.4: Update to 4.4.262.
* gnu/packages/linux.scm (linux-libre-4.4-version): Update to 4.4.262.
(linux-libre-4.4-pristine-source): Update hash.
2021-03-18 01:05:49 -04:00
Leo Famulari
c3504337cc
gnu: linux-libre 4.9: Update to 4.9.262.
* gnu/packages/linux.scm (linux-libre-4.9-version): Update to 4.9.262.
(linux-libre-4.9-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Leo Famulari
d72347deec
gnu: linux-libre 4.14: Update to 4.14.226.
* gnu/packages/linux.scm (linux-libre-4.14-version): Update to 4.14.226.
(linux-libre-4.14-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Leo Famulari
1ff0377a52
gnu: linux-libre 4.19: Update to 4.19.181.
* gnu/packages/linux.scm (linux-libre-4.19-version): Update to 4.19.181.
(linux-libre-4.19-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Leo Famulari
1de35e8036
gnu: linux-libre 5.4: Update to 5.4.106.
* gnu/packages/linux.scm (linux-libre-5.4-version): Update to 5.4.106.
(linux-libre-5.4-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Leo Famulari
e0dcafc1c2
gnu: linux-libre 5.10: Update to 5.10.24.
* gnu/packages/linux.scm (linux-libre-5.10-version): Update to 5.10.24.
(linux-libre-5.10-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Leo Famulari
aacfbb8c24
gnu: linux-libre: Update to 5.11.7.
* gnu/packages/linux.scm (linux-libre-5.11-version): Update to 5.11.7.
(linux-libre-5.11-pristine-source): Update hash.
2021-03-18 01:05:48 -04:00
Christopher Baines
806125e52f
weather: Only show request statistics when requests were made.
This avoids the script crashing if all data is fetched from the cache.

* guix/scripts/weather.scm (report-server-coverage): Only show request
statistics when some requests have been made.
2021-03-17 23:12:31 +00:00
qblade
966e61fb8f
gnu: Add libucl.
* gnu/packages/wm.scm (libucl): New variable.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-17 23:10:20 +01:00
Maxime Devos
ce10e2b3e9
gnu: Use autoconf instead of autoconf-wrapper when possible.
This should reduce confusion on when to use the "autoconf"
package and when to use "autoconf-wrapper" instead in
package definitions.

Fixes <https://bugs.gnu.org/46564>.

* gnu/packages/autotools.scm (autoconf-wrapper):
  advise to use the "autoconf" package instead where
  possible.
* gnu/packages/game-development.scm (tsukundere)[native-inputs]:
  use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gimp.scm
  (glimpse)[native-inputs]: likewise.
  (gimp-resynthesizer)[native-inputs]: add comment on why
  "autoconf-wrapper" is used.
* gnu/packages/gnunet.scm (gnunet)[native-inputs]:
  use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gnupg.scm (signing-party)[native-inputs]:
  add comment on why "autoconf-wrapper" is used.
* gnu/packages/guile-xyz.scm
  (guile-bash,guile-filesystem,guile-ics,guile-udev)[native-inputs]:
  use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/libevent.scm (libuv)[native-inputs]: indicates
  "autoconf-wrapper" needs to be replaced with "autoconf"
  on core-updates.
* gnu/packages/logging.scm (glog)[native-inputs]: use "autoconf"
  instead of "autoconf-wrapper".
* gnu/packages/mail.scm (libetpan)[native-inputs]: likewise.
* gnu/packages/mate.scm
  (mate-icon-theme-faenza)[native-inputs]: add comment on why
  "autoconf-wrapper" is used.
  (mate-screensaver)[native-inputs]: use "autoconf" instead of
  "autoconf-wrapper".
* gnu/packages/package-management.scm (guix)[native-inputs]: likewise.
* gnu/packages/sawfish.scm (librep)[native-inputs]: likewise.
* gnu/packages/video.scm (motion)[native-inputs]: likewise.
* gnu/packages/zile.scm (zile)[native-inputs]: likewise.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-17 23:10:19 +01:00
Ludovic Courtès
f526105210
doc: Tweak "Invoking guix refresh" node.
* doc/guix.texi (Invoking guix refresh): Update output in '--recursive'
example.  Use @xref, not @ref, at the beginning of a sentence.
2021-03-17 23:10:19 +01:00
Ludovic Courtès
62c1b0b744
import: gnome: Silence URL redirect messages.
* guix/import/gnome.scm (latest-gnome-release): Pass #:log-port to
'http-fetch/cached'.
2021-03-17 23:10:19 +01:00
Ludovic Courtès
dbfc6a32bb
http-client: 'http-fetch' and 'http-fetch/cached' accept #:log-port.
* guix/http-client.scm (http-fetch, http-fetch/cached): Add #:log-port
and honor it.
2021-03-17 23:10:19 +01:00
Ludovic Courtès
c81eeabb99
import: gnome: Exclude version numbers that do not start with a digit.
Fixes a bug whereby NetworkManager would be updated to version "rc2".

* guix/import/gnome.scm (latest-gnome-release)[even-minor-version?]:
Change catch-all case to return #f when the first part is not a digit.
2021-03-17 23:10:19 +01:00
Christopher Baines
c37f78a9f5
scripts: weather: Provide more representative request statistics.
Previously, the "seconds per request" and "requests per second" statistics
really reported (cache lookups + requests) per second.  By looking at the
actual number of requests made within lookup-narinfos, a more representative
value can be reported.

* guix/scripts/weather.scm (let/time): Allow for multiple return values.
(report-server-coverage): Alter the reporting of request statistics.
2021-03-17 20:46:21 +00:00
Christopher Baines
c5ab78f90b
substitutes: lookup-narinfos: Return the number of requests made.
As an additional value, in addition to the narinfos.  This value is useful in
the weather script for reporting how many requests to the substitute server
were made.

* guix/substitutes.scm (lookup-narinfos): Additionally return the number of
requests made.
2021-03-17 20:46:20 +00:00
Christopher Baines
b48204259a
scripts: substitute: Tweak error reporting in process-substitution.
The call-with-connection-error-handling was added in
20c08a8a45, but that error handling was
previously inside of open-connection-for-uri/maybe, which is related
to (call-)with-cached-connection which was used in process-substitution, but
only actually used with call-with-cached-connection when used in
fetch-narinfos.

There's some handling for similar errors within with-networking, which is used
within process-substitution.

* guix/scripts/substitute.scm (process-substitution): Remove
call-with-connection-error-handling call.
2021-03-17 20:41:13 +00:00
Christopher Baines
c37e3b92ad
scripts: substitute: Add back some error handling.
In f50f5751ff, the way fetch was called within
process-substitution was changed.  As call-with-cached-connection actually
includes important error handling for the opening of a HTTP request, this
change removed some error handling.  This commit adds that back.

Fixes <https://bugs.gnu.org/47157>.

* guix/scripts/substitute.scm (call-with-cached-connection): New procedure.
(with-cached-connection): New syntax rule.
(process-substitution): Retry once for some errors when making HTTP requests
to fetch substitutes.
2021-03-17 20:41:10 +00:00
Tobias Geerinckx-Rice
24f1ce9e71
gnu: scdoc: Cross-compile.
* gnu/packages/man.scm (scdoc)[arguments]: Use CC-FOR-TARGET.
2021-03-17 21:22:21 +01:00
Tobias Geerinckx-Rice
841e5fb4dd
gnu: scdoc: Don't use unstable tarball.
The autogenerated tarball was modified upstream.

* gnu/packages/man.scm (scdoc)[source]: Use GIT-FETCH and
GIT-FILE-NAME.
2021-03-17 21:22:20 +01:00
Christopher Baines
d7b4ccefa9
gnu: libtirpc/hurd: Fix package source.
Amend the changes in 1a265842e6 to properly
access the origin patches from libtirpc.

I noticed this as guix weather didn't work for this package.

* gnu/packages/onc-rpc.scm (libtirpc/hurd)[source]: Call origin-patches
on (package-source libtirpc) rather than the libtirpc package.
2021-03-17 20:15:15 +00:00
Efraim Flashner
f4f677f223
gnu: lua.scm: Sort package module imports alphabetically.
* gnu/packages/lua.scm: Sort package module imports alphabetically.
2021-03-17 21:33:01 +02:00
Léo Le Bouter
2691f57678
gnu: python-pygments: Update to 2.7.4 [fixes CVE-2021-27291].
* gnu/packages/python-xyz.scm (python-pygments/fixed): New variable.
(python-pygments)[replacement]: Graft.
2021-03-17 18:36:47 +01:00
Oleg Pykhalov
cb424bad32
gnu: Add emacs-kotlin-mode.
* gnu/packages/emacs-xyz.scm (emacs-kotlin-mode): New variable.
2021-03-17 18:48:06 +03:00
Nicolas Goaziou
d79d63e782
gnu: emacs-marginalia: Update to 0.4.
* gnu/packages/emacs-xyz.scm (emacs-marginalia): Update to 0.4.
2021-03-17 14:32:45 +01:00
Leo Prikler
284864df91
gnu: komikku: Update to 0.27.0.
* gnu/packages/gnome.scm (komikku): Update to 0.27.0.
[inputs]: Add python-brotli and webkitgtk.
2021-03-17 14:21:30 +01:00
Leo Prikler
fef91c0cc8
gnu: Move lolcode to esolangs.
* gnu/packages/lolcode.scm (lci): Move from here...
* gnu/packages/esolangs.scm (lolcode-lci): ... to here.
* gnu/packages/lolcode.scm: Delete file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Adjust accordingly.
2021-03-17 14:21:29 +01:00
Julien Lepiller
bf6a1dbae1
news: Add 'fr' translation.
* etc/news.scm: Add missing French translations.
2021-03-17 13:31:43 +01:00
LibreMiami
d45d779e2a
gnu: tig: Update to 2.5.3.
* gnu/packages/version-control.scm (tig): Update to 2.5.3.

Co-authored-by: jgart <jgart@dismail.de>
Co-authored-by: donotshake <donotshake:matrix.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-17 12:03:25 +01:00
Ludovic Courtès
728c90862e
gnu-maintenance: Add a timeout on FTP connection establishment.
* guix/gnu-maintenance.scm (latest-ftp-release): Pass #:timeout to
'ftp-open'.
2021-03-17 12:03:25 +01:00
Ludovic Courtès
29330b57e2
gnu-maintenance: Remove unused parameters of 'latest-ftp-release'.
* guix/gnu-maintenance.scm (latest-ftp-release): Remove #:ftp-open, #:ftp-close,
and #:keep-file?.
2021-03-17 12:03:25 +01:00
Ludovic Courtès
fe96f64110
gnu: hwloc: Add 'release-monitoring-url' property.
* gnu/packages/mpi.scm (hwloc-1)[properties]: New field.
2021-03-17 12:03:25 +01:00
Ludovic Courtès
af9af2180e
gnu-maintenance: Add 'generic-html' updater.
This brings total updater coverage, as reported by 'guix refresh
--list-updaters', from 78% to 88.3%.  Among many other things, it covers
freedesktop.org packages.

* guix/gnu-maintenance.scm (html-updatable-package?)
(latest-html-updatable-release): New procedures.
(%generic-html-updater): New variable.
* doc/guix.texi (Invoking guix refresh): Document it.
2021-03-17 12:03:24 +01:00
Ludovic Courtès
1d5a946ce5
gnu-maintenance: 'latest-html-release' better computes version number.
* guix/gnu-maintenance.scm (latest-html-release): Use 'tarball->version'
rather than 'package-name->name+version' to extract the version number.
This fixes problems with packages like 'netsurf' and 'libdom' that have
"-src" in their tarball name, where "src" would be taken as the new
version number.
2021-03-17 12:03:24 +01:00
Ludovic Courtès
99f42e14d4
gnu-maintenance: 'latest-html-release' can determine signature file name.
* guix/gnu-maintenance.scm (latest-html-release): #:file->signature
defaults to #f.
[file->signature/guess]: New procedure.
[url->release]: Use it when FILE->SIGNATURE is #f.
Introduce 'links' variable.
(url-prefix-rewrite): Check whether URL is true before calling
'string-prefix?'.
(latest-savannah-release): Adjust comment about detached signatures.
2021-03-17 12:03:24 +01:00
Ludovic Courtès
9e75b31b39
gnu-maintenance: 'release-file?' rejects checksum files.
* guix/gnu-maintenance.scm (release-file?): Reject ".md5sum",
".sha1sum", and ".sha256sum".
2021-03-17 12:03:24 +01:00
Ludovic Courtès
db69ebb9de
gnu-maintenance: 'latest-html-release' considers non-relative URLs.
* guix/gnu-maintenance.scm (latest-html-release): Allow for URL to be an
arbitrary URL rather than a relative URL reference.
2021-03-17 12:03:24 +01:00
Ludovic Courtès
71f6acd28d
gnu-maintenance: Use (htmlprag) for 'latest-html-release'.
* guix/gnu-maintenance.scm (html->sxml): Remove.  Autoload (htmlprag)
instead.
* doc/guix.texi (Requirements): Mention 'guix refresh' for the Guile-Lib
dependency.
2021-03-17 12:03:24 +01:00
Ludovic Courtès
62a091368d
maint: Check whether Guile-zlib is recent enough.
This is a followup to a04aef2430.

* m4/guix.m4 (GUIX_CHECK_GUILE_ZLIB): New macro.
* configure.ac: Use it when checking for Guile-zlib.
2021-03-17 12:03:23 +01:00
Ludovic Courtès
0571aa7abf
doc: Define the term "profile".
Fixes <https://bugs.gnu.org/46803>.
Reported by Luis Felipe <luis.felipe.la@protonmail.com>.

* doc/guix.texi (Getting Started): Introduce the term "profile".
(Invoking guix package): Likewise.
2021-03-17 12:03:23 +01:00
Ludovic Courtès
bc3896db25
daemon: Correctly handle '--discover' with no value.
Previously, we'd get:

  $ guix-daemon --discover
  error: basic_string::_M_construct null not valid

* nix/nix-daemon/guix-daemon.cc (parse_opt): Change second argument to
'settings.set' to properly handle case where ARG is NULL.
2021-03-17 12:03:23 +01:00