Until now deduplication was performed as an additional pass after
copying files, which involve re-traversing all the files that had just
been copied.
* guix/store/deduplication.scm (copy-file/deduplicate): New procedure.
* tests/store-deduplication.scm ("copy-file/deduplicate"): New test.
* guix/build/store-copy.scm (populate-store): Add #:deduplicate?
parameter and honor it.
* tests/gexp.scm ("gexp->derivation, store copy"): Pass #:deduplicate? #f
to 'populate-store'.
* gnu/build/image.scm (initialize-root-partition): Pass #:deduplicate?
to 'populate-store'. Pass #:deduplicate? #f to 'register-closure'.
* gnu/build/vm.scm (root-partition-initializer): Likewise.
* gnu/build/install.scm (populate-single-profile-directory): Pass
#:deduplicate? #f to 'populate-store'.
* gnu/build/linux-initrd.scm (build-initrd): Likewise.
* guix/scripts/pack.scm (self-contained-tarball)[import-module?]: New
procedure.
[build]: Pass it as an argument to 'source-module-closure'.
* guix/scripts/pack.scm (squashfs-image)[build]: Wrap in
'with-extensions'.
* gnu/system/linux-initrd.scm (expression->initrd)[import-module?]: New
procedure.
[builder]: Pass it to 'source-module-closure'.
* gnu/system/install.scm (cow-store-service-type)[import-module?]: New
procedure. Pass it to 'source-module-closure'.
Until now, 'populate-store' would reset permissions but not timestamps,
so callers would resort to going through an extra directory traversal to
reset timestamps.
* guix/build/store-copy.scm (reset-permissions): Remove.
(copy-recursively): New procedure.
(populate-store): Pass #:keep-permissions? to 'copy-recursively'.
Remove call to 'reset-permissions'.
* tests/gexp.scm ("gexp->derivation, store copy"): In BUILD-DRV, check
whether 'populate-store' canonicalizes permissions and timestamps.
* gnu/build/image.scm (initialize-root-partition): Pass #:reset-timestamps? #f
to 'register-closure'.
* gnu/build/vm.scm (root-partition-initializer): Likewise.
This avoids having to traverse and re-read the files that we have just
restored, thereby reducing I/O.
* guix/serialization.scm (dump-file): New procedure.
(restore-file): Add #:dump-file parameter and honor it.
* guix/store/deduplication.scm (tee, dump-file/deduplicate): New
procedures.
* guix/nar.scm (restore-one-item): Pass #:dump-file to 'restore-file'.
(finalize-store-file): Pass #:deduplicate? #f to 'register-items'.
* tests/nar.scm <top level>: Call 'setenv' to set "NIX_STORE".
* guix/serialization.scm (restore-file): Set the permissions and mtime
of FILE.
* guix/nar.scm (finalize-store-file): Pass #:reset-timestamps? #f to
'register-items'.
* tests/nar.scm (rm-rf): Add 'chmod' calls to ensure files are writable.
("write-file + restore-file with symlinks"): Ensure every file in OUTPUT
passes 'canonical-file?'.
* tests/guix-archive.sh: Run "chmod -R +w" before "rm -rf".
* guix/serialization.scm (fold-archive): Call PROC with a
'directory-complete tag when done with a directory.
(restore-file): Handle it.
* guix/scripts/archive.scm (list-contents): Likewise.
* guix/scripts/challenge.scm (archive-contents): Likewise.
* tests/nar.scm ("write-file-tree + fold-archive"): Adjust accordingly.
This is a followup to a8dccd4bdc, which
broke the test.
* guix/import/opam.scm (get-opam-repository): Prevent inlining.
* tests/opam.scm ("opam->guix-package"): Mock 'get-opam-repository'.
This avoids spawning one substitute process per substitution.
* nix/libstore/build.cc (class Worker)[substituter]: New field.
[outPipe, logPipe, pid]: Remove.
(class SubstitutionGoal)[expectedHashStr, status, substituter]: New fields.
(SubstitutionGoal::timedOut): Adjust to check 'substituter'.
(SubstitutionGoal::tryToRun): Remove references to 'outPipe' and
'logPipe'. Run "guix substitute --substitute" as an 'Agent'. Send the
request with 'writeLine'.
(SubstitutionGoal::finished): Likewise.
(SubstitutionGoal::handleChildOutput): Change to fill in
'expectedHashStr' and 'status'.
(SubstitutionGoal::handleEOF): Call 'wakeUp' unconditionally.
(SubstitutionGoal::~SubstitutionGoal): Adjust to check 'substituter'.
* guix/scripts/substitute.scm (process-substitution): Write "success\n"
to stdout upon success.
(%error-to-file-descriptor-4?): New variable.
(guix-substitute): Set 'current-error-port' to file descriptor 4
unless (%error-to-file-descriptor-4?) is false.
Remove "--substitute" arguments. Loop reading line from stdin.
* tests/substitute.scm <top level>: Call '%error-to-file-descriptor-4?'.
(request-substitution): New procedure.
("substitute, no signature")
("substitute, invalid hash")
("substitute, unauthorized key")
("substitute, authorized key")
("substitute, unauthorized narinfo comes first")
("substitute, unsigned narinfo comes first")
("substitute, first narinfo is unsigned and has wrong hash")
("substitute, first narinfo is unsigned and has wrong refs")
("substitute, two invalid narinfos")
("substitute, narinfo with several URLs"): Adjust to new "guix
substitute --substitute" calling convention.
* nix/libstore/local-store.hh (RunningSubstituter): Remove.
(LocalStore)[runningSubstituter]: Change to unique_ptr<Agent>.
[setSubstituterEnv, didSetSubstituterEnv]: Remove.
[getLineFromSubstituter, getIntLineFromSubstituter]: Take an 'Agent'.
* nix/libstore/local-store.cc (LocalStore::~LocalStore): Remove
reference to 'runningSubstituter'.
(LocalStore::setSubstituterEnv, LocalStore::startSubstituter): Remove.
(LocalStore::getLineFromSubstituter): Adjust to 'run' being an 'Agent'.
(LocalStore::querySubstitutablePaths): Spawn substituter agent if
needed. Adjust to 'Agent' interface.
(LocalStore::querySubstitutablePathInfos): Likewise.
* nix/libstore/build.cc (SubstitutionGoal::tryToRun): Remove call to
'setSubstituterEnv' and add 'setenv' call for "_NIX_OPTIONS" instead.
(SubstitutionGoal::finished): Remove 'readLine' call for 'dummy'.
* guix/scripts/substitute.scm (%allow-unauthenticated-substitutes?):
Remove second argument to 'make-parameter'.
(process-query): Call 'warn-about-missing-authentication'
when (%allow-unauthenticated-substitutes?) is #t.
(guix-substitute): Wrap body in 'parameterize'. Set 'guix-warning-port'
too. No longer exit when 'substitute-urls' returns the empty list. No
longer print newline initially.
* tests/substitute.scm (test-quit): Parameterize 'current-error-port' to
account for the port changes in 'guix-substitute'.
In particular, "<origin> patches: same file name -> no warnings" would
have caught the issue which was fixed in commit
21887021b9.
* tests/lint.scm (patches: file names): Rename this test case...
("file patches: different file name -> warning"): ... to this.
("file patches: same file name -> no warnings")
("<origin> patches: different file name -> warning")
("<origin> patches: same file name -> no warnings"): New test cases.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/23874>.
Reported by Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de>.
* guix/profiles.scm (manifest-transaction-effects): Delete duplicates in
install and remove. Let multiple upgrades and downgrades shadow previous
transactions of the same kind.
* tests/profiles.scm
("manifest-transaction-effects no double install or upgrades")
("manifest-transaction-effects no double downgrade")
("manifest-transaction-effects no double removal"): New tests.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/import/crate.scm: Add comment for the 'module-autoload!' calls.
* tests/crate.scm (have-guile-semver?): New variable.
("crate->guix-package", "cargo-recursive-import")
("cargo-recursive-import-hoors-existing-packages"): Skip when
HAVE-GUILE-SEMVER? is false.
If a package satisfying the dependency's semver requirement already exists,
use it. Prior to this change the highest version matching the semver
requirement was used (and imported in case it was not defined as package
already).
When resolving a dependency (now done in `sort-map-dependencies`), first
search for a package matching the semver requirement and only if this fails
reach out for a crate.
* guix/import/crate.scm (crate->guix-package)[find-package-version]: New
function. [dependency-name+version]: New function.
[sort-map-dependencies]: Use it instead of lambda function.
* tests/crate.scm (test-doctool-crate, test-doctool-dependencies): New
variables.
("self-test …", "cargo-recursive-import-hoors-existing-packages"): New
tests.
This complies to how versions are matched for caret requirements in crates:
An update is allowed if the new version number does not modify the left-most
non-zero digit in the major, minor, patch grouping.
* guix/import/crate.scm (version->semver-prefix): New function.
(make-crate-sexp)[format-inputs]: Use it.
(make-crate-sexp): Use it to pass shorter version to package->definition.
* guix/import/utils.scm (package->definition): Change optional parameter
APPEND-VERSION? into APPEND-VERSION?/STRING. If it is a string, append its
value to name.
* tests/crate.scm: Adjust tests accordingly.
This remove the patch version from generated package names. For example
'rust-my-crate-1.1.2' now becomes 'rust-my-crate-1.1'.
* guix/import/utils.scm (package->definition): Trim patch version from
generated package names.
* tests/crate.scm: (cargo>guix-package, cargo-recursive-import): Likewise.
The recursive crate importer will now include development dependencies only
for the top level package, but not for any of the recursively imported
packages. Also #:skip-build will be false for the top-most package.
* guix/import/crate.scm (make-crate-sexp): Add the key BUILD?.
(crate->guix-package): Add the key INCLUDE-DEV-DEPS?.
(crate-recursive-import): Likewise.
* guix/scripts/import/crate.scm (guix-import-crate): Likewise.
* tests/crate.scm (cargo-recursive-import): Likewise.
* guix/import/crate.scm: Add guile-semver as a soft dependency.
(make-crate-sexp): Don't allow other keys. Add '#:skip-build?' to build
system args. Pass a VERSION argument to 'cargo-inputs'.
(crate->guix-package): Use guile-semver to resolve the correct module
versions. Treat "build" dependencies as normal dependencies.
(crate-name->package-name): Reuse the procedure 'guix-name' instead of
duplicating its logic.
* guix/import/utils.scm (package-names->package-inputs): Implement
handling of (name version) pairs.
* guix/scripts/import/crate.scm (guix-import-crate): Use
crate-recursive-import instead of duplicate code.
* tests/crate.scm (recursive-import): Change test packages versions to be
distinguishable. Add version data to the test. Check created symbols, too.
Co-authored-by: Hartmut Goebel <h.goebel@crazy-compilers.com>
This adds a key VERSION to 'recursive-import' and moves the parameter REPO to
a key. This also changes all the places that rely on 'recursive-import'.
* guix/import/utils.scm (recursive-import): Add the VERSION key. Make REPO a
key.
(package->definition): Add optional 'append-version?'.
* guix/scripts/import/crate.scm (guix-import-crate): Add the VERSION key.
* guix/import/crate.scm (crate->guix-package): Add the VERSION key.
(crate-recursive-import): Pass VERSION to recursive-import, remove now
unnecessary code.
* guix/import/cran.scm (cran->guix-package, cran-recursive-import): Change the
REPO parameter to a key.
* guix/import/elpa.scm (elpa->guix-package, elpa-recursive-import): Likewise.
* guix/import/gem.scm (gem->guix-package, recursive-import): Likewise.
* guix/import/opam.scm (opam-recurive-import): Likewise.
* guix/import/pypi.scm (pypi-recursive-import): Likewise.
* guix/import/stackage.scm (stackage-recursive-import): Likewise.
* guix/scripts/import/cran.scm (guix-import-cran): Likewise.
* guix/scripts/import/elpa.scm (guix-import-elpa): Likewise.
* tests/elpa.scm (eval-test-with-elpa): Likewise.
* tests/import-utils.scm (recursive-import): Likewise.
Co-authored-by: Hartmut Goebel <h.goebel@crazy-compilers.com>
* guix/lint.scm (check-haskell-stackage): New procedure.
(%network-dependent-checkers): Add 'haskell-stackage' checker.
* guix/import/hackage.scm (%hackage-url): New variable.
(hackage-source-url, hackage-cabal-url): Use it in place of a
hard-coded string.
* guix/import/stackage.scm (%stackage-url): Make it a parameter.
(stackage-lts-info-fetch): Update accordingly.
* tests/lint.scm ("hackage-stackage"): New test.
Fixes <https://bugs.gnu.org/44626>.
Reported by Vagrant Cascadian <vagrant@debian.org>.
* tests/build-utils.scm ("wrap-script, simple case"): Pass
SCRIPT-CONTENTS to 'display' rather than 'format'.
* gnu/services/base.scm (file-system->shepherd-service-name)
[valid-characters, mount-point]: New variables.
Filter out invalid store file name characters from the mount point of
FILE-SYSTEM.
Reported by Ricardo Wurmus <rekado@elephly.net>.
* guix/scripts/publish.scm (compress-nar): Add 'chmod' call to ensure
PORT is #o644, in the uncompressed case.
(bake-narinfo+nar): Likewise for the narinfo file.
* tests/publish.scm ("with cache"): Check permissions on CACHED and NAR.
While importing those modules from the host system is valid, it is often
a mistake that introduces non-reproducibility. This patch prints a
warning when that happens.
* guix/gexp.scm (gexp-attribute): Add #:validate parameter and honor it.
(gexp-modules)[validate-modules]: New procedure.
Pass it to 'gexp-attribute'.
* tests/gexp.scm ("gexp-modules, warning"): New test.
* guix/gexp.scm (<gexp>)[location]: New field.
(gexp-location): New procedure.
(write-gexp): Print the location of GEXP.
(gexp->derivation): Adjust call to 'make-gexp'.
(gexp): Likewise.
Fixes <https://bugs.gnu.org/44442>.
Regression introduced in 2b2ab7796a.
* guix/scripts/publish.scm (render-nar/cached): Do not call
'bypass-cache?' when ITEM is the empty string.
* tests/publish.scm ("with cache, cache bypass, unmapped hash part"):
New test.
Fixes <http://issues.guix.gnu.org/44196>
* gnu/machine/ssh.scm (roll-back-managed-host): Use
boot-parameters-store-directory-prefix.
* gnu/system.scm (define-module): Export
boot-parameters-store-directory-prefix.
(<boot-parameters>)[store-directory-prefix]: New field. It is used to
generate the correct paths when /gnu/store is installed on a btrfs
subvolume whose name doesn't match the final runtime path, as the
bootloader doesn't have knowledge about the final mounting points.
[boot-parameters-store-directory-prefix]: New accessor.
(read-boot-parameters): Read directory-prefix from store field.
(operating-system-boot-parameters-file): Add directory-prefix to
store field.
* guix/scripts/system.scm (reinstall-bootloader): Use
boot-parameters-store-directory-prefix.
* test/boot-parameters.scm (%default-btrfs-subvolume,
%default-store-directory-prefix): New variables.
(%grub-boot-parameters): Use %default-store-directory-prefix.
(%default-operating-system): Use %default-btrfs-subvolume.
(test-boot-parameters): Add directory-prefix.
(test optional fields): Add test for directory-prefix.
(test os store-directory-prefix): New test.
Fixes <https://bugs.gnu.org/44261>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* gnu/packages/aux-files/run-in-namespace.c (exec_in_user_namespace):
Add call to 'prctl'. Call 'mount' for NEW_ROOT and define 'is_tmpfs'.
When IS_TMPFS is true, call 'umount' and 'rmdir' after 'waitpid';
otherwise, call 'rm_rf' only when 'waitpid' returns -1 the second time.
(exec_with_loader): Call 'prctl'. Remove NEW_ROOT only when 'waitpid'
returns -1 the second time, otherwise leave it behind.
* tests/guix-pack-relocatable.sh (wait_for_file): New function.
Add test.
* guix/scripts/pack.scm (wrapped-package)<build>: Build wrappers for
executable files and symlink others.
* tests/guix-pack-relocatable.sh: Test relocatable example of mixed
executable and non-executable files.
* guix/scripts/publish.scm (render-signing-key): New procedure.
(render-home-page): Add link to it.
(make-request-handler): Handle it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/build.scm (transform-package-with-debug-info): New
procedure.
(%transformations): Add 'with-debug-info'.
(%transformation-options, show-transformation-options-help): Add
'--with-debug-info'.
* tests/scripts-build.scm ("options->transformation, with-debug-info"):
New test.
* doc/guix.texi (Package Transformation Options): Document
'--with-debug-info'.
(Installing Debugging Files): Introduce sections. Remove bit about
eventual "opt-out" since this is not happening. Document
'--with-debug-info' under "Rebuilding with Debugging Info".
Fixes a bug whereby the presence of propagated inputs could lead to two
non-eq? but actually equal packages in a bag's inputs. The problem
would manifest itself when running, for instance:
guix build inkscape -d --with-graft=glib=glib-networking --no-grafts
The resulting derivation would differ due from that without
'--with-graft'. This was due to the fact that glib propagates libffi;
this instance of libffi was not rewritten even though other instances in
the graph were rewritten. Thus, glib would end up with two non-eq?
libffi instances, which in turn would lead to duplicate entries in its
'%build-inputs' variable.
Fixes <https://bugs.gnu.org/43890>.
* guix/packages.scm (package-mapping)[rewrite]: Remove call to 'cut?'
and call 'replace' unconditionally.
[replace]: Add 'cut?' case.
* tests/guix-build.sh: Add test combining '--no-grafts' and
'--with-graft'.
* tests/packages.scm ("package-input-rewriting/spec, identity")
("package-input-rewriting, identity"): New tests.
Fixes <https://bugs.gnu.org/43498>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
* guix/ui.scm (known-variable-definition): Check for variables in the
public interface of HEAD, not in HEAD itself.
* tests/guix-build.sh: Add test.
Fixes <https://bugs.gnu.org/43940>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
The "channel-instances->manifest" test would fail since
1d4ab335b2: 'quiet-guile' would be passed #f
as GUILE, and thus 'package-version' would fail with wrong-type-arg.
* guix/channels.scm (whole-package-for-legacy): Pass #:guile to
'whole-package'.
* tests/channels.scm ("channel-instances->manifest"): Remove 'test-expect-fail'.
Allow the Guix package to be updated while awaiting resolution for
<https://issues.guix.gnu.org/43940>.
* tests/channels.scm (channel-instances->manifest): Mark test as expected to
fail.
This is a followup to 0f53c801b9.
* guix/scripts/environment.scm (launch-environment/container): Add call
to 'set-network-interface-up'.
* tests/guix-environment-container.sh: Add test.
* guix/scripts/package.scm (transaction-upgrade-entry)[upgrade]: Add
'transform' parameter. Pass PKG through it. Use
'manifest-entry-with-transformations'.
Call 'options->transformation' to get the transformation procedure.
* tests/guix-package.sh: Add 'guix package -u' test.
* tests/packages.scm ("transaction-upgrade-entry, transformation options preserved"):
New test.
* doc/guix.texi (Invoking guix package): Mention that transformations
are preserved across upgrades.
(Package Transformation Options): Likewise.
With this change, package transformation options used while building a
manifest are saved in the metadata of the manifest entries.
* guix/scripts/build.scm (transformation-procedure): New procedure.
(options->transformation)[applicable]: Use it. Change to a list of
key/value/proc tuples instead of key/proc pairs.
[package-with-transformation-properties, tagged-object]: New
procedures. Use them.
(package-transformations, manifest-entry-with-transformations): New
procedures.
* guix/scripts/pack.scm (guix-pack)[with-transformations]: New
procedure.
Use it.
* guix/scripts/package.scm (process-actions)[transform-entry]: Use it.
* tests/guix-package-aliases.sh: Add test.
Test regression introduced in f88fea0eaa.
* tests/guix-package.sh: Add minor and patch levels in the version
numbers of 'emacs-foo-bar' and 'emacs-foo-bar-patched'.
Fixes <https://bugs.gnu.org/43736>.
Reported by Vitaliy Shatrov <guix.vits@disroot.org>.
* guix/gexp.scm (%local-file): Add #:literal? and #:location.
Emit a warning when LITERAL? is false and FILE is not absolute.
(local-file): In the non-literal case, pass #:location and #:literal?.
* po/guix/POTFILES.in: Add guix/gexp.scm.
* tests/guix-system.sh: Add test for the warning.
* guix/scripts/system.scm (list-image-types): New procedure,
(%options): add "image-type" and "list-image-types" options, remove
"file-system-type" option,
(show-help): adapt accordingly,
(%default-options): also adapt, and set the default "image-type" to "raw",
(perform-action): add image-type argument and remove file-system-type argument,
(process-action): adapt perform-action call,
(system-derivation-for-action): remove base-image
argument, add image-type argument, and use it to create the image passed to
"system-image".
* tests/guix-system.sh: Adapt accordingly and add a test for
"--list-image-types" command.
* doc/guix.texi (Building the Installation Image,
Invoking guix system): Adapt accordingly.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* tests/guix-archive.sh, tests/guix-build-branch.sh, tests/guix-build.sh,
tests/guix-daemon.sh, tests/guix-download.sh, tests/guix-environment.sh,
tests/guix-gc.sh, tests/guix-git-authenticate.sh, tests/guix-graph.sh,
tests/guix-hash.sh, tests/guix-lint.sh, tests/guix-pack-relocatable.sh,
tests/guix-pack.sh, tests/guix-package-aliases.sh, tests/guix-package-net.sh,
tests/guix-package.sh: Use the shell '!' keyword to negate command exit status
in place of 'if ...; then false; else true; fi'
* guix/packages.scm (package-input-rewriting): Add #:deep? and pass it
to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check it.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting"): Pass #:deep? #f and
ensure implicit inputs were not rewritten. Avoid 'eq?' comparisons.
("package-input-rewriting, deep"): New test.
* gnu/packages/guile.scm (package-for-guile-2.0, package-for-guile-3.0):
Pass #:deep? #f.
Previously, something like:
guix build glib --with-graft=glibc=glibc@2.29
would produce a result showing that rewriting rules were not applied to
libx11@1.6.A (a replacement).
* guix/packages.scm (package-mapping): Call REPLACE instead of PROC to
'replacement'.
* tests/packages.scm ("package-input-rewriting/spec, graft"): New test.
With this change, '--with-input', '--with-graft', etc. also apply to
implicit dependencies. Thus, it's now possible to do:
guix build python-itsdangerous --with-input=python-wrapper=python@2
or:
guix build hello --with-graft=glibc=glibc@2.29
Additionally, before, implicit inputs were not rewritten, which could
lead to duplicates in the output of 'bag-transitive-inputs' (packages
that are not 'eq?' but lead to the same derivation). This in turn would
lead to unnecessary rebuilds when using '--with-input' & co. This
change fixes it by ensuring even implicit inputs are rewritten.
Fixes <https://bugs.gnu.org/42156>.
* guix/packages.scm (package-input-rewriting/spec): Add #:deep?
defaulting to #true, and pass it to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check that property and set it on the result of PROC.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting/spec"): Ensure implicit
inputs were unchanged.
("package-input-rewriting/spec, partial match"): Pass #:deep? #f.
("package-input-rewriting/spec, deep")
("package-input-rewriting/spec, no duplicates"): New tests.
(package/inherit): Move before use.
* tests/guix-build.sh: Add tests.
* tests/scripts-build.scm ("options->transformation, with-graft"):
Compare dependencies by package name or derivation file name.
* doc/guix.texi (Defining Packages): Adjust accordingly.
* guix/packages.scm (build-system-with-package-mapping): New procedure.
(package-mapping): Add #:deep? and honor it.
* tests/packages.scm ("package-mapping"): Compare the direct inputs of
the bag of P0 and that of P1.
("package-mapping, deep"): New test.
This makes the test slightly less expensive.
* tests/store.scm ("add-text-to-store vs. delete-paths")
("add-to-store vs. delete-paths"): Delete and merge into...
("add-text-to-store/add-to-store vs. delete-paths"): ... this test.
Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
There's no reason at this point to mimic the calling convention of the
'openssl' command.
* nix/libstore/local-store.cc (LocalStore::exportPath): Add only "sign"
and HASH to ARGS. Remove 'tmpDir' and 'hashFile'.
(LocalStore::importPath): Add only "verify" and SIGNATURE to
* guix/scripts/authenticate.scm (guix-authenticate): Adjust
accordingly; remove the OpenSSL-style clauses.
(read-hash-data): Remove.
(sign-with-key): Replace 'port' with 'sha256' and adjust accordingly.
(validate-signature): Export SIGNATURE to be a canonical sexp.
* tests/guix-authenticate.sh: Adjust tests accordingly.
* guix/scripts/offload.scm (<build-machine>)[systems]: New field.
[system]: Accessor changed to %build-machine-system. Default to #f.
* guix/scripts/offload.scm (build-machine-system): Wrap %build-machine-system
with a deprecation warning.
(build-machine-systems): Access the new systems field or fallback to use
build-machine-system, for backward compatibility.
(machine-matches?): Adjust.
* tests/offload.scm: Add tests...
* Makefile.am (SCM_TESTS): ...and register them.
* doc/guix.texi (Daemon Offload Setup): Update doc.
* Makefile.am (MODULES): Remove guix/zlib.scm and guix/lzlib.scm,
(SCM_TESTS): remove tests/zlib.scm, tests/lzlib.scm.
* build-aux/build-self.scm (make-config.scm): Remove unused %libz variable.
* configure.ac: Remove LIBZ and LIBLZ variables and check instead for
Guile-zlib and Guile-lzlib.
* doc/guix.texi ("Requirements"): Remove zlib requirement and add Guile-zlib
and Guile-lzlib instead.
* gnu/packages/package-management.scm (guix)[native-inputs]: Add "guile-zlib"
and "guile-lzlib",
[inputs]: remove "zlib" and "lzlib",
[propagated-inputs]: ditto,
[arguments]: add "guile-zlib" and "guile-lzlib" to Guile load path.
* guix/config.scm.in (%libz, %liblz): Remove them.
* guix/lzlib.scm: Remove it.
* guix/man-db.scm: Use (zlib) instead of (guix zlib).
* guix/profiles.scm (manual-database): Do not stub (guix config) in imported
modules list, instead add "guile-zlib" to the extension list.
* guix/scripts/publish.scm: Use (zlib) instead of (guix zlib) and (lzlib)
instead of (guix lzlib),
(string->compression-type, effective-compression): do not check for zlib and
lzlib availability.
* guix/scripts/substitute.scm (%compression-methods): Do not check for lzlib
availability.
* guix/self.scm (specification->package): Add "guile-zlib" and "guile-lzlib"
and remove "zlib" and "lzlib",
(compiled-guix): remove "zlib" and "lzlib" arguments and add guile-zlib and
guile-lzlib to the dependencies, also do not pass "zlib" and "lzlib" to
"make-config.scm" procedure,
(make-config.scm): remove "zlib" and "lzlib" arguments as well as %libz and
%liblz variables.
* guix/utils.scm (lzip-port): Use (lzlib) instead of (guix lzlib) and do not
check for lzlib availability.
* guix/zlib.scm: Remove it.
* m4/guix.m4 (GUIX_LIBZ_LIBDIR, GUIX_LIBLZ_FILE_NAME): Remove them.
* tests/lzlib.scm: Use (zlib) instead of (guix zlib) and (lzlib)
instead of (guix lzlib), and do not check for zlib and lzlib availability.
* tests/publish.scm: Ditto.
* tests/substitute.scm: Do not check for lzlib availability.
* tests/utils.scm: Ditto.
* tests/zlib.scm: Remove it.
This should help to debug test failures due to duplicated packages.
* tests/packages ("fold-available-packages with/without cache"): Print
duplicated packages.
Fixes <https://bugs.gnu.org/42543>.
Reported by Jack Hill <jackhill@jackhill.us>.
* guix/lint.scm (check-formatting): Always return a list (previously we
would return #f when 'search-path' returns #f). Check whether
LOCATION's file is a relative file name. Return a warning if not.
* tests/guix-lint.sh: Add test.
* gnu/services/linux.scm (<zram-device-configuration>): New record.
(zram-device-service-type): New variable.
* doc/guix.texi (Linux Services): Document it.
* tests/services/linux.scm (zram-swap-device-test): New tests.
Previously it would silently fail to create the /gnu/store symlink when
the host has a read-only /gnu as is the case in these tests.
* gnu/packages/aux-files/run-in-namespace.c (exec_with_loader): Unlink
the ancestor of ORIGINAL_STORE under NEW_ROOT. Check the return value
of 'symlink' when creating NEW_STORE.
* tests/guix-pack-relocatable.sh: Check the contents of the store as
seen by the wrapped executable, with all three engines, and with both
"/gnu" and "/gnu/store" erased.
Fixes <https://bugs.gnu.org/42558>.
Until now, loading 'pack-audit.so' in a truly non-Guix environment would
usually fail because 'pack-audit.so' depends on 'libgcc_s.so' and
'libc.so', none of which could be found.
Furthermore, the test was not working as expected: the trick
unshare -mrf sh -c 'mount -t tmpfs none /gnu ; ...'
would allow the fakechroot engine to make its store available as
/gnu/store as a result of another bug.
* gnu/packages/aux-files/run-in-namespace.c (relocated_search_path): New
function.
(exec_with_loader): Pass "--library-path" to the loader.
* guix/scripts/pack.scm (wrapped-package)[build](runpath): New procedure.
(elf-loader-compile-flags): Pass "-DLOADER_AUDIT_RUNPATH".
* tests/guix-pack-relocatable.sh: Remove 'STORE_PARENT'.
(run_without_store): New function. Erase $NIX_STORE_DIR instead of
$STORE_PARENT.
Use 'run_without_store' throughout.
The 'memoize' binding was re-exported in 2016, commit
19e1d5f7f9, as a backwards-compatibility
measure that makes little sense now.
* guix/utils.scm: Don't re-export 'memoize'.
* guix/import/pypi.scm: Adjust imports.
* tests/pypi.scm: Remove duplicate (guix memoization) import.
* guix/scripts/pack.scm (self-contained-tarball)
[set-utf8-locale]: New variable.
[build]: Use it.
* tests/pack.scm ("self-contained-tarball"): Use a <profile> record
instead of 'profile-derivation'.
Fixes <https://bugs.gnu.org/42327>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
This is a followup to f52fbf7094.
* guix/packages.scm (bag-transitive-inputs, bag-transitive-build-inputs)
(bag-transitive-host-inputs, bag-transitive-target-inputs): Parameterize
%CURRENT-SYSTEM in addition to %CURRENT-TARGET-SYSTEM.
* tests/packages.scm ("package->bag, sensitivity to %current-system"):
New test.
Until now the 'source' checker would look at URL for 'url-fetch' origins
but not for 'git-fetch' origins.
* guix/lint.scm (check-source): Add case for 'git-reference?'.
* tests/lint.scm ("source, git-reference: 301 -> 200"): New test.
Suggested by Ricardo Wurmus and Simon Tournier.
* guix/channels.scm (sexp->channel-introduction): New procedure.
(read-channel-metadata): Use it.
(profile-channels)[sexp->channel-introduction]: Remove.
* tests/channels.scm ("latest-channel-instances, authenticate dependency"):
New test.
* doc/guix.texi (Channels)[Declaring Channel Dependencies]: Augment example.
This fixes a style issue similar to that of
a18d02def9.
* tests/channels.scm ("authenticate-channel, .guix-authorizations"):
Change to 'test-equal' so that test failures are properly diagnosed.
* guix/channels.scm (<channel-introduction>): Rename constructor to
'%make-channel-introduction'.
(make-channel-introduction): New procedure.
* tests/channels.scm ("authenticate-channel, wrong first commit signer")
("authenticate-channel, .guix-authorizations"): Use
'make-channel-introduction' without '@@' and without third argument.
* doc/guix.texi (Channels)[Channel Authentication, Specifying Channel
Authorizations]: New subsections.
* guix/channels.scm (latest-channel-instance): Raise an error instead of
warning when 'guix is unauthenticated.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
New test.
Fixes <https://bugs.gnu.org/42077>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
The typo was introduced in 7b06781a58.
* tests/git-authenticate.scm <top level>: Remove call to 'which'
around (gpg+git-available?).
Until now the test would always succeed because it would return
'failed, which has truth value. The exercise
'verify-introductory-commit', we need to add a second commit beyond the
introductory commit, which is what we do here.
* tests/channels.scm ("authenticate-channel, wrong first commit
signer"): Add a second commit and authenticate up to that one. Change
'message?' to 'message-condition?'.
This test was skipped since the switch to Guile 3 because
'assert-container-features' would be inlined and thus accessing it with
@@ would fail with an unbound-variable error.
* guix/scripts/environment.scm (assert-container-features): Export.
* tests/guix-environment-container.sh: Use single '@'.
This should come before patching, authentication, etc.
* guix/channels.scm (latest-channel-instance): Add #:validate-pull
parameter and honor it. Return a single value: the instance.
(ensure-forward-channel-update): Change 'instance' parameter to 'commit'
and adjust accordingly.
(latest-channel-instances): Adjust to 'latest-channel-instance' changes.
* guix/scripts/pull.scm (warn-about-backward-updates): Change 'instance'
parameter to 'commit' and adjust accordingly.
* tests/channels.scm ("latest-channel-instances #:validate-pull"):
Likewise.
Fixes <https://bugs.gnu.org/22883>.
* guix/channels.scm (<channel>)[introduction]: New field.
(<channel-introduction>): New record type.
(%guix-channel-introduction): New variable.
(%default-channels): Use it.
(<channel-metadata>)[keyring-reference]: New field.
(%default-keyring-reference): New variable.
(read-channel-metadata, read-channel-metadata-from-source): Initialize
the 'keyring-reference' field.
(commit-short-id, verify-introductory-commit)
(authenticate-channel): New procedures.
(latest-channel-instance): Call 'authenticate-channel' when CHANNEL has
an introduction.
* tests/channels.scm (gpg+git-available?, commit-id-string): New
procedures.
("authenticate-channel, wrong first commit signer"):
("authenticate-channel, .guix-authorizations"): New tests.
* doc/guix.texi (Invoking guix pull): Mention authentication.
* guix/git-authenticate.scm (commit-signing-key): Add
#:disallowed-hash-algorithms and honor it.
(authenticate-commit)[recent-commit?]: New variable.
Pass #:disallowed-hash-algorithms to 'commit-signing-key'.
* tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test.
Fixes <https://bugs.gnu.org/41796>.
Reported by Jakub Kądziołka <kuba@kadziolka.net>.
* guix/packages.scm (input-graft): Add 'output' parameter and honor it.
Add OUTPUT to the cache key.
(input-cross-graft): Likewise.
(fold-bag-dependencies): Operate on inputs instead of nodes. Turn
VISITED into a vhash instead of a set. Pass PROC HEAD and OUTPUT
instead of just HEAD.
(bag-grafts): Adjust accordingly.
* tests/packages.scm ("package-grafts, dependency on several outputs"):
New test.
* guix/git.scm (commit-difference): Initialize VISITED to the closure of
OLD and EXCLUDED, as written in the docstring.
* tests/git.scm ("commit-difference, excluded commits"): Adjust
accordingly.
* gnu/system/hurd.scm (%hurd-def%hurd-default-operating-system-kernel,
%hurd-default-operating-system): New exported variables.
* gnu/system/examples/bare-hurd.tmpl: New file.
* Makefile.am (EXAMPLES): Add it.
* tests/guix-system.sh: Add --target=i586-pc-gnu when testing it.
Fixes <https://bugs.gnu.org/41527>.
Regression introduced in d03001a31a.
* guix/gexp.scm (lower+expand-object): When LOWERED is not a struct and
EXPAND is true, call EXPAND.
* tests/gexp.scm ("file-append, raw store item"): New test.
* guix/channels.scm (latest-channel-instance): Add #:starting-commit and
pass it to 'update-cached-checkout'. Return the commit relation as a
second value.
(ensure-forward-channel-update): New procedure.
(latest-channel-instances): Add #:current-channels and #:validate-pull.
[current-commit]: New procedure.
Pass #:starting-commit to 'latest-channel-instance'. When the returned
relation is true, call VALIDATE-PULL.
(latest-channel-derivation): Add #:current-channels and #:validate-pull.
Pass them to 'latest-channel-instances*'.
* tests/channels.scm ("latest-channel-instances #:validate-pull"): New
test.
* guix/git.scm (update-cached-checkout): Add #:starting-commit
parameter. Call 'commit-relation' when #:starting-commit is true.
Always return the relation or #f as the third value.
(latest-repository-commit): Adjust accordingly.
* guix/import/opam.scm (get-opam-repository): Likewise.
* tests/channels.scm ("latest-channel-instances includes channel dependencies")
("latest-channel-instances excludes duplicate channel dependencies"):
Update mock of 'update-cached-checkout' accordingly.
* guix/scripts/package.scm (process-query): List installed multiple profiles.
* tests/guix-package-net.sh: Test it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* tests/packages.scm: Use #:prefix instead of #:hide for (gcrypt hash).
This accomodates for 'sha512' syntax literal matches with Guile-Gcrypt 0.3.0,
which exports 'sha512' in addition to 'sha256'.
* gnu/bootloader/grub.scm (strip-mount-point): Remove procedure.
(normalize-file): Add procedure.
(grub-configuration-file): New BTRFS-SUBVOLUME-FILE-NAME parameter. When
defined, prepend its value to the kernel and initrd file names, using the
NORMALIZE-FILE procedure. Adjust the call to EYE-CANDY to pass the
BTRFS-SUBVOLUME-FILE-NAME argument. Normalize the KEYMAP file as well.
(eye-candy): Add a BTRFS-SUBVOLUME-FILE-NAME parameter, and use it, along with
the NORMALIZE-FILE procedure, to normalize the FONT-FILE and IMAGE nested
variables. Adjust doc.
* gnu/bootloader/depthcharge.scm (depthcharge-configuration-file): Adapt.
* gnu/bootloader/extlinux.scm (extlinux-configuration-file): Likewise.
* gnu/system/file-systems.scm (btrfs-subvolume?)
(btrfs-store-subvolume-file-name): New procedures.
* gnu/system.scm (operating-system-bootcfg): Specify the Btrfs
subvolume file name the store resides on to the
`operating-system-bootcfg' procedure, using the new
BTRFS-SUBVOLUME-FILE-NAME argument.
* doc/guix.texi (File Systems): Add a Btrfs subsection to document the use of
subvolumes.
* gnu/tests/install.scm (%btrfs-root-on-subvolume-os)
(%btrfs-root-on-subvolume-os-source)
(%btrfs-root-on-subvolume-installation-script)
(%test-btrfs-root-on-subvolume-os): New variables.
* guix/gexp.scm (<system-binding>): New record type.
(let-system): New macro.
(system-binding-compiler): New procedure.
(default-expander): Add 'self-quoting?' case.
(self-quoting?): New procedure.
(lower-inputs): Add 'filterm'. Pass the result of
'mapm/accumulate-builds' through FILTERM.
(gexp->sexp)[self-quoting?]: Remove.
* tests/gexp.scm ("let-system", "let-system, target")
("let-system, ungexp-native, target")
("let-system, nested"): New tests.
* doc/guix.texi (G-Expressions): Document it.
* gnu/packages/aux-files/run-in-namespace.c (HAVE_EXEC_WITH_LOADER): New
macro.
(bind_mount): Rename to...
(mirror_directory): ... this. Add 'firmlink' argument and use it
instead of calling mkdir/open/close/mount directly.
(bind_mount, make_symlink): New functions.
(exec_in_user_namespace): Adjust accordingly.
(exec_with_loader) [HAVE_EXEC_WITH_LOADER]: New function.
(exec_performance): New function.
(engines): Add them.
* guix/scripts/pack.scm (wrapped-package)[fakechroot-library]
[audit-module]: New procedures.
[audit-source]: New variable.
[build](elf-interpreter, elf-loader-compile-flags): New procedures.
(build-wrapper): Use them.
* tests/guix-pack-relocatable.sh: Test with
'GUIX_EXECUTION_ENGINE=fakechroot'.
* doc/guix.texi (Invoking guix pack): Document the 'performance' and
'fakechroot' engines.
* gnu/packages/aux-files/pack-audit.c: New file.
* Makefile.am (AUX_FILES): Add it.
* gnu/packages/aux-files/run-in-namespace.c (struct engine): New type.
(exec_default): New function.
(engines): New variable.
(execution_engine): New function.
(main): Use it instead of calling 'exec_in_user_namespace' and
'exec_with_proot' directly.
* tests/guix-pack-relocatable.sh: Add test with 'GUIX_EXECUTION_ENGINE'.
* doc/guix.texi (Invoking guix pack): Document 'GUIX_EXECUTION_ENGINE'.
Fixes a bug whereby a bag's transitive dependencies would depend on the
global '%current-target-system' value.
Partly fixes <https://issues.guix.gnu.org/41182>.
* guix/packages.scm (bag-transitive-inputs)
(bag-transitive-build-inputs, bag-transitive-target-inputs):
Parameterize '%current-target-system'.
* tests/packages.scm ("package->bag, sensitivity to %current-target-system"):
New test.
The graph traversal procedures in (guix graph) assume that nodes can be
compared with 'eq?', which was not the case for nodes of
%REFERENCE-NODE-TYPE and %REFERRER-NODE-TYPE (strings).
* guix/scripts/graph.scm (intern): New procedure.
(ensure-store-items, references*)
(%reference-node-type, non-derivation-referrers)
(%referrer-node-type): Use it on all store items.
* tests/graph.scm ("node-transitive-edges, references"): New test.
* guix/channels.scm (<patch>): New record type.
(apply-patches): New procedure.
(latest-channel-instance)[dot-git?]: New procedure.
Use 'update-cached-checkout' and 'add-to-store' instead of
'latest-repository-commit'. Call 'apply-patches' when CHANNEL is the
'guix channel.
(%patches): New variable.
* guix/git.scm (url+commit->name): Make public.
* tests/channels.scm ("latest-channel-instances includes channel dependencies")
("latest-channel-instances excludes duplicate channel dependencies"):
Mock 'update-cached-checkout' instead of 'latest-repository-commit'.
Wrap body in 'with-store' and pass the store to 'latest-channel-instances'.
* guix/openpgp.scm (string->openpgp-packet): New procedure.
* tests/openpgp.scm ("verify-openpgp-signature, missing key")
("verify-openpgp-signature, good signatures")
("verify-openpgp-signature, bad signature"): Use it.
Previously, 'lookup-key-by-{id,fingerprint}' would always return the
list of packets where the primary key is first. Thus, the caller would
need to use 'find' to actually find the requested key.
* guix/openpgp.scm (keyring-insert): Always add KEY to PACKETS.
(lookup-key-by-id, lookup-key-by-fingerprint): Change to return the key
as the first value.
(verify-openpgp-signature): Remove now unneeded call to 'find'.
* tests/openpgp.scm ("get-openpgp-keyring"): Adjust accordingly.
* guix/openpgp.scm (verify-openpgp-signature): Use
'lookup-key-by-fingerprint' when SIG contains a fingerprint.
Honor FINGERPRINT in the 'find' predicate. Upon missing-key, return
FINGERPRINT if available.
* tests/openpgp.scm ("verify-openpgp-signature, missing key"): Adjust
expected value accordingly.
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable.
(openpgp-signature-issuer-fingerprint): New procedure.
(key-id-matches-fingerprint?): New procedure.
(get-signature): Look for the 'issuer and 'issuer-fingerprint
subpackets. Ensure the issuer key ID matches the fingerprint when both
are available.
(parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT.
* tests/openpgp.scm (%rsa-key-fingerprint)
(%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the
result of 'openpgp-signature-issuer-fingerprint'.