Includes fixes for CVE-2020-15999, CVE-2020-16012, CVE-2020-26951,
CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959,
CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26966, and
CVE-2020-26968.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
And add a new '--volatile' option to have it volatile otherwise.
* guix/scripts/system.scm (%options)[volatile-root?]: New boolean option.
(%default-options): Set its default value to #f.
(show-help): Add help doc.
* guix/scripts/system.scm (perform-action): Propagate option...
(system-derivation-for-action): ...here. Use it to set the volatile-root?
field of the image object passed to SYSTEM-IMAGE.
* doc/guix.texi (Invoking guix system): Document it.
Fixes <http://issues.guix.gnu.org/44353>.
Every bootloader should try their best to install themselves using only the
MOUNT-POINT and otherwise do nothing. This requirement comes from the
necessity to call INSTALL-GRUB when installing the (non-EFI) GRUB bootloader,
which needs to populate the root file system with extra modules that cannot be
fit in the core.img file, limited in size to 491520 bytes (by the i386-pc
format required for legacy BIOS compatibility).
As introducing bootloader knowledge at the level of the image code is
undesirable, every bootloader should be adapted to support this fall-back for
their installation procedure (TODO).
* gnu/bootloader/grub.scm (install-grub-efi)[efi-dir]: Skip when the EFI-DIR
argument is set to #f.
When the image type is "raw" or derived from it (such as "qcow2"), an ESP
partition and file system is already added by the image generator. If a
conflicting user-provided EFI file system is provided, it causes the boot to
fail, as happens for the lightweight-desktop.tmpl and desktop.tmpl templates
under gnu/system/examples.
* gnu/system/image.scm (operating-system-for-image): Remove file systems whose
mount point is "/boot/efi".
Reported by Florian Pelz:
https://lists.gnu.org/archive/html/guix-devel/2020-11/msg00326.html.
* gnu/installer/utils.scm (call-with-time): New procedure,
(let/time): new macro.
* gnu/installer/parted.scm (with-delay-device-in-use?): Increase the retry
count to 16.
(non-install-devices): Remove the call to with-delay-device-in-use? as it
doesn't return the expected result, and would block much longer now.
(free-parted): Log the time required to sync each device.
Reported by Florian Pelz:
https://lists.gnu.org/archive/html/guix-devel/2020-11/msg00326.html.
* gnu/installer/utils.scm (call-with-time): New procedure,
(let/time): new macro.
* gnu/installer/parted.scm (with-delay-device-in-use?): Increase the retry
count to 16.
(non-install-devices): Remove the call to with-delay-device-in-use? as it
doesn't return the expected result, and would block much longer now.
(free-parted): Log the time required to sync each device.