The default was an empty list which would remove any ~/.ssh/authorized_keys
file and replace it with a symlink to an empty file. On some systems, notably
Ubuntu 22.10, the guix home generated ~/.ssh/authorized_keys file does not
allow login.
* doc/guix.texi (Secure Shell): Update, describe default #false value.
* gnu/home/services/ssh.scm (<home-openssh-configuration>)
[authorized-keys]: Change default to #f.
(openssh-configuration-files): Cater for default #f value: Do not register
"authorized_keys".
* gnu/packages/freedesktop.scm (libfprint)[arguments]: Adjust
configure-flags to explicitly link to nss.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
* gnu/packages/geo.scm (xygrib)[source]: Add upstream patch to build
with newer version of proj.
[inputs]: Replace proj-7 with proj.
* gnu/packages/patches/xygrib-newer-proj.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
Fixes <https://issues.guix.gnu.org/63198>.
Have the CUPS service extend pam-root-service-type providing minimal
configuration to authenticate users. Since PAM authentication is provided,
the regular cups package can be used as default instead of the minimal,
PAM-lacking variant.
* gnu/services/cups.scm (cups-configuration)
[cups]: Replace cups-minimal with cups.
[allow-empty-password?]: PAM service configuration permitting empty passwords.
(opaque-cups-configuration): Likewise.
(cups-pam-service): New procedure.
(cups-service-type): Extend pam-root-service-type with cups-pam-service.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Fixes: CVE-2023-28755 (ReDoS vulnerability in URI), and
CVE-2023-28756 (ReDoS vulnerability in Time).
* gnu/packages/ruby.scm (ruby-2.7-fixed): Update to 2.7.8.
(ruby-2.7)[replacement]: Graft.
Signed-off-by: Andreas Enge <andreas@enge.fr>
This version is not released upstream, but it does fix compatibility
with Transmission 4.0 and works for me.
* gnu/packages/bittorrent.scm: Update to 0.9.3-0.6c15e3f.
Oops, I forgot to add a copyright line - this version fixes that.
* gnu/packages/python-crypto.scm (python-txtorcon): Fix failing build.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rethrowing with 'throw' doesn't work as intended when the exception
being rethrown is a SRFI-34 exception.
Fixes <https://issues.guix.gnu.org/55820>.
* guix/scripts/substitute.scm (kind-and-args-exception?): New variable.
(call-with-cached-connection): Rewrite using 'guard' instead of 'catch'
and 'raise' instead of 'throw'.
(system-error?): Use 'kind-and-args-exception?' instead of local
definition.
Fixes <https://issues.guix.gnu.org/63517>.
Reported by Luca Cirrottola <luca.cirrottola@inria.fr>.
* gnu/packages/code.scm (lcov)[arguments]: Rename 'patch-pwd' phase to
'patch-references-to-commands', and patch reference to 'find'.
* gnu/packages/gnome.scm (geary): Update to 43.0.
[arguments]<#:phases>: Drop ‘disable-failing-tests’ and ‘generate-vapis’.
Rename ‘disable-postinstall-script’ to ‘skip-gtk-update-icon-cache’ and adjust
accordingly.
[inputs]: Replace folks-with-libsoup2 with folks.
Replace gnome-online-accounts-3.44 with gnome-online-accounts.
Replace webkitgtk-with-libsoup2 with webkitgtk.
[native-inputs]: Replace vala-0.52 with vala.
Add gnutls.
Change emacs-keycast to emacs-compat, as I think this was what was intended in
87d5754107.
Having emacs-keycast being a propagated input of emacs-keycast causes problems
when trying to compute the derivation for the package, as well as all
operations that involve this (guix weather, guix pull package cache, ...).
* gnu/packages/emacs-xyz.scm (emacs-keycast)[propagated-inputs]: Change
emacs-keycast to emacs-compat.