* gnu/build/vm.scm (load-in-linux-vm): Rename the RNG.
* gnu/system/vm.scm (common-qemu-options): Likewise.
(system-docker-image): Rename the ROOT-DIRECTORY.
* gnu/packages/crypto.scm (eschalot)[arguments]: Use a different
arbitrary string.
* gnu/packages/wicd.scm (wicd)[arguments]: Remove unused configure flag.
* gnu/packages/xorg.scm (xorg-server): Set a more accurate OS vendor.
This is a follow-up of f19cf27c2b. The
bootloader installation must be done on the final disk-image, hence using
"disk-image-installer" instead of "installer" callback.
* gnu/bootloader/u-boot.scm: Turn all installer callbacks into
disk-image-installer callbacks.
* gnu/build/bootloader.scm (write-file-on-device): Open the output file with
'no-truncate and 'no-create options.
* gnu/system/image.scm (with-imported-modules*): Add (gnu build bootloader)
module.
This allows the client running on the host to know when it's actually
connect to the server running in the guest. Failing that, the client
would connect right away to QEMU and send secrets even though the server
is not running yet in the guest, which is unreliable.
* gnu/build/secret-service.scm (secret-service-send-secrets): Add
#:handshake-timeout. Read from SOCK an initial message from the
server. Return #f on error.
(secret-service-receive-secrets): Send 'secret-service-server' message
to the client. Close SOCK upon timeout.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start'
method returns #f when 'secret-service-send-secrets' returns #f.
* gnu/build/secret-service.scm (secret-service-receive-secrets)
[wait-for-client]: Call 'select' with a 60s timeout before 'accept'.
Return #f upon timeout.
[read-secrets]: Return FILES on success.
Adjust caller of 'wait-for-client' to handle #f.
* gnu/build/image.scm (convert-disk-image): New procedure.
(genimage): Remove target argument.
* gnu/system/image.scm (system-disk-image): Add support for 'compressed-qcow2
image format. Call "convert-disk-image" to apply image conversions on the
final image. Add "qemu-minimal" to the build inputs.
(system-image): Also add support for 'compressed-qcow2.
Fixes: <https://issues.guix.gnu.org/43533>.
* gnu/build/shepherd.scm (fork+exec-command/container): Check if containers
are supported before joining PID namespaces.
This is a follow-up of 5316dfc0f1. Some users of
run-container may expect that the container is jailed, even if there are no
mounts. This is the case for some Guix tests.
* gnu/build/linux-container.scm (run-container): Do not jail the container
when the requested root is "/".
When the store overlay is mounted, other processes such as kmscon, udev
and guix-daemon may open files from the store, preventing the
underlying install support from being umounted. See:
https://lists.gnu.org/archive/html/guix-devel/2018-12/msg00161.html.
To avoid this situation, mount the store overlay inside a container,
and run the installation from within that container.
* gnu/build/shepherd.scm (fork+exec-command/container): New procedure.
* gnu/services/base.scm (guix-shepherd-service): Support an optional PID
argument passed to the "start" method. If that argument is passed, ensure that
guix-daemon enters the given PID MNT namespace by using
fork+exec-command/container procedure.
* gnu/installer/final.scm (umount-cow-store): Remove it,
(install-system): run the installation from within a container.
* gnu/installer/newt/final.scm (run-install-shell): Remove the display hack.
We may want to run a container inside the MNT namespace, without jailing the
container. If RUN-CONTAINER is passed a null MOUNTS list, do not jail the
container.
* gnu/build/linux-container.scm (run-container): Do not call
MOUNT-FILE-SYSTEMS if MOUNTS list is empty.
Move the cow-store procedure from the service declaration in (gnu system
install) to (gnu build install), so that it can be called from within a
different context than Shepherd.
* gnu/build/install.scm (mount-cow-store, unmount-cow-store): New procedures.
* gnu/system/install.scm (make-cow-store): Remove it,
(cow-store-service-type): adapt it accordingly.
This adds a "secret-service" that can be added to a Childhurd VM to receive
out-of-band secrets (keys) sent from the host.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/virtualization.scm (secret-service-activation): New procedure.
(secret-service-type): New variable.
* gnu/build/secret-service.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
This commit adds support for GZIP compression for linux-libre kernel
modules. The initrd modules are kept uncompressed as the initrd is already
compressed as a whole.
The linux-libre kernel also supports XZ compression, but as Guix does not have
any available bindings for now, and the compression time is far more
significant, GZIP seems to be a better option.
* gnu/build/linux-modules.scm (modinfo-section-contents): Use
'call-with-gzip-input-port' to read from a module file using '.gz' extension,
(strip-extension): new procedure,
(dot-ko): adapt to support compression,
(ensure-dot-ko): ditto,
(file-name->module-name): ditto,
(find-module-file): ditto,
(load-linux-module*): ditto,
(module-name->file-name/guess): ditto,
(module-name-lookup): ditto,
(write-module-name-database): ditto,
(write-module-alias-database): ditto,
(write-module-device-database): ditto.
* gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib"
to the extensions and make sure that the initrd only contains
uncompressed module files.
* gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the
extensions.
* guix/profiles.scm (linux-module-database): Ditto.
* gnu/system/file-systems.scm (<file-system>): Add a mount-may-fail? field.
(file-system->spec): adapt accordingly,
(spec->file-system): ditto.
* gnu/build/file-systems.scm (mount-file-system): If 'system-error is raised
and mount-may-fail? is true, ignore it. Otherwise, re-raise the exception.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
This fixes <https://bugs.gnu.org/42151>.
* gnu/system/images/hurd.scm (hurd-initialize-root-partition): Use #:wal-mode #f
in call to ...
* gnu/build/image.scm (initialize-root-partition): ... this, add #:wal-mode?
parameter, pass it to ...
(register-closure): ... this, add #:wal-mode? parameter, pass it to ...
* guix/store/database.scm (with-database): ... this, add #:wal-mode?
parameter, pass it to ...
(call-with-database): ... this, add #:wal-mode? parameter; when
set to #f, do not set journal_model=WAL.
The "image-root" derivation output is used as a temporary directory that is
passed to mke2fs and mkdosfs later on. By merging the creation of this
directory and the production of partition images, we can get rid of the
derivation.
As mke2fs and mkdosfs are not able to override file permissions, call those
commands with fakeroot. This way, all the image files will be owned by root,
even if image generation is done in an unprivilegded context.
* gnu/system/image.scm (system-disk-image): Merge "image-root" and
"iso9660-image" derivations so that we spare an extra derivation. Also add
"fakeroot" and its runtime dependencies to the inputs.
* gnu/build/image.scm (make-ext-image, make-vfat-image): Make sure that mke2fs
and mkdosfs are respectively called by fakeroot.
Note: Using `getxattr' on the Hurd instead of running showtrans does not
work (yet?).
* gnu/build/hurd-boot.scm (setup-translator): Use 'setxattr' instead of
invoking settrans.
* gnu/system.scm (hurd-multiboot-modules): Add --x-xattr-translator-records to
enable xattr-embedding of translators.
* gnu/build/hurd-boot.scm (make-hurd-device-nodes): Do not create
dev/{null,zero,full,random,urandom} mount points.
(passive-translator-xattr?, passive-translator-installed?, translated?,
set-translator, set-hurd-device-translators): New procedures.
(false-if-EEXIST): New macro.
(boot-hurd-system): Use them instead of running MAKEDEV.
This mirrors a change made in the Shepherd 0.8.0. Previously, upon
startup failure, we could have left processes behind.
* gnu/build/shepherd.scm (read-pid-file/container): Kill (- PID) instead
of PID.
Fixes <https://bugs.gnu.org/41791>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
This change mirrors changes made in the Shepherd 0.8.1, where signals
are blocked in the shepherd process in support of 'signalfd'. The
regression was introduced with the switch to 0.8.1 in
3f9c62d1a8: child processes would not
receive SIGTERM upon 'herd stop SERVICE'.
* gnu/build/shepherd.scm <top level>: Autoload (shepherd system).
(make-forkexec-constructor/container): Call call to 'sigaction' and
'unblock-signals'.
* gnu/build/activation.scm (boot-time-system):
Evaluate the linux-command-line thunk for linux systems to boot
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Calling "mknod" without root permissions fails. Plus those device nodes do not
appear to be needed to boot.
* gnu/build/image.scm (initialize-root-partition): Do not use
make-essential-device-nodes as default make-device-nodes procedure.
This decouples startup of the Hurd from the "hurd" package, moving the RC
script into SYSTEM.
* gnu/packages/hurd.scm (hurd)[inputs]: Remove hurd-rc-script.
[arguments]: Do not substitute it. Update "runsystem.sh" to parse kernel
arguments and exec into --system=SYSTEM/rc.
(hurd-rc-script): Move to...
* gnu/services.scm (%hurd-rc-file): ...this new variable.
(hurd-rc-entry): New procedure.
(%hurd-startup-service): Use it in new variable.
* gnu/system.scm (hurd-default-essential-services): Use it.
* gnu/build/activation.scm (boot-time-system): Use "command-line" for the
Hurd.
* gnu/system.scm (hurd-default-essential-services): Add %boot-service and
%activation-service.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Remove #:target.
[builder]: Use #+. Don't pass #:target-arm32? and #:target-aarch64? to
'load-in-linux-vm'.
Pass #:target #f to 'gexp->derivation'.
(qemu-image): Adjust accordingly.
* gnu/build/vm.scm (load-in-linux-vm): Remove #:target-aarch64?
and #:target-arm32?. Define them as local variables.
* gnu/build/image.scm (initialize-root-partition): Add bootloader-package and
bootloader-installer arguments. Run the bootloader-installer if defined.
* gnu/system/image.scm (system-disk-image): Adapt the partition initializer
call accordingly.
* gnu/build/image.scm (make-ext4-image): Rename to ...
(make-ext-image): ... it, and pass the file-system type to mke2fs,
(make-partition-image): Adapt to call "make-ext-image" if the partition
file-system is prefixed by "ext".
The --root option can now be omitted, and inferred from the root file system
declaration instead.
* gnu/build/file-systems.scm (canonicalize-device-spec): Extend to support NFS
directly, and...
* gnu/build/linux-boot.scm (boot-system): ...remove NFS special casing from
here. Remove nested definitions for root-fs-type, root-fs-flags and
root-fs-options, and bind those inside the let* instead. Make "--root" take
precedence over the device field string representation of the root file
system.
* doc/guix.texi (Initial RAM Disk): Document that "--root" can be left
unspecified.
* gnu/build/vm.scm (install-efi, make-iso9660-image): Remove those procedures
that are now implemented in (gnu build image) module,
(initialize-hard-disk): remove efi support.
* gnu/system/vm.scm (iso9660-image): Remove it,
(qemu-image): adapt it to remove ISO9660 support.
Raw disk-images and ISO9660 images are created in a Qemu virtual machine. This
is quite fragile, very slow, and almost unusable without KVM.
For all these reasons, add support for host image generation. This implies the
use new image generation mechanisms.
- Raw disk images: images of partitions are created using tools such as mke2fs
and mkdosfs depending on the partition file-system type. The partition
images are then assembled into a final image using genimage.
- ISO9660 images: the ISO root directory is populated within the store. GNU
xorriso is then called on that directory, in the exact same way as this is
done in (gnu build vm) module.
Those mechanisms are built upon the new (gnu image) module.
* gnu/image.scm: New file.
* gnu/system/image.scm: New file.
* gnu/build/image: New file.
* gnu/local.mk: Add them.
* gnu/system/vm.scm (system-disk-image): Rename to system-disk-image-in-vm.
* gnu/ci.scm (qemu-jobs): Adapt to new API.
* gnu/tests/install.scm (run-install): Ditto.
* guix/scripts/system.scm (system-derivation-for-action): Ditto.
* gnu/build/bootloader.scm (install-efi): New procedure copied from (gnu build vm).
(install-efi-loader): New exported procedure, wrapping install-efi.
* gnu/build/vm.scm (initialize-hard-disk): Adapt to use install-efi-loader.
There's no need to set the store GID as is will be done by the guix-daemon,
with the following snippet:
if (chown(chrootStoreDir.c_str(), 0, buildUser.getGID()) == -1)
throw SysError(format("cannot change ownership of ‘%1%’") % chrootStoreDir);
* gnu/build/install.scm (directives): Do not set store GID.
Changing ownership may require root permissions. As image can now be generated
without root permissions (no VM involved), ignore those exceptions.
* gnu/build/install.scm (evaluate-populate-directive): Ignore chown
exceptions.
Follow-up to 23b37c3d40.
* gnu/build/file-systems.scm (bytevector-utf16-length): New procedure.
(null-terminated-utf16->string): New procedure.
(f2fs-superblock-volume-name): Use it.
* gnu/build/linux-boot.scm (boot-system) Treat a root option with ":/" as an nfs source
and avoid to call 'canonicalize-device-spec' for it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/build/vm.scm (root-partition-initializer): Add #:make-device-nodes
parameter and use it.
* gnu/system/vm.scm (qemu-image): Add #:device-node parameter. Pass
#:make-device-nodes to 'root-partition-initializer'.
Previously, when REGISTER-CLOSURES? was false, we'd set all the files
under /dev to #o644, including /dev/null, /dev/zero, etc.
* gnu/build/vm.scm (root-partition-initializer): Call 'reset-timestamps'
separately for /dev, with #:preserve-permissions? #t.
* gnu/build/vm.scm (<partition>)[file-system-options]: New field.
(create-ext-file-system, create-fat-file-system)
(format-partition): Add #:options and honor it.
(initialize-partition): Pass #:options to 'format-partition'.
* gnu/system/vm.scm (qemu-image): Add #:file-system-options and use it
for the root partition.
* gnu/build/vm.scm (root-partition-initializer): Add #:extra-directives
parameter and pass it to 'populate-root-file-system'.
* gnu/system/vm.scm (qemu-image): Add #:extra-directives parameter and
pass it to 'root-partition-initializer'.
Fixes <https://bugs.gnu.org/34276>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
* gnu/system/vm.scm (expression->derivation-in-linux-vm)[loader]:
Produce '/xchg/.exit-status' file upon success.
* gnu/build/vm.scm (load-in-linux-vm): Check for 'xchg/.exit-status'
once QEMU has completed and respond accordingly.
* gnu/build/marionette.scm (%qwerty-us-keystrokes): Use shit-comma and
shift-dot for #\< and #\> because the "less" key doesn't work the same
in "US intl." layouts.
This is a followup to 2073b55e6b.
* gnu/build/cross-toolchain.scm (%gcc-include-paths): Switch back to
'C_INCLUDE_PATH' & co.
* gnu/packages/cross-base.scm (%gcc-include-paths): Likewise.
(cross-gcc-arguments): Remove 'treat-glibc-as-system-header' phase.
(cross-gcc)[native-inputs]: Reorder so that libc comes last.
[search-paths]: Add "include/c++" for 'CROSS_CPLUS_INCLUDE_PATH'.
* guix/build-system/gnu.scm (standard-cross-packages): Have "cross-gcc"
appear both for 'host and 'target.
* gnu/build/activation.scm (activate-modprobe): Check whether
/proc/sys/kernel/modprobe exists before writing to it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/38800>.
Reported by Jakub Kądziołka <kuba@kadziolka.net>.
* gnu/build/activation.scm (activate-setuid-programs): Catch
'system-error' around 'make-setuid-program' calls.
* gnu/build/vm.scm (load-in-linux-vm): Move Qemu network configuration from
ARCH-SPECIFIC-FLAGS to the Qemu command line. Use the "-nic" option of Qemu
instead of "-device" and "-net".
* gnu/system/vm.scm (common-qemu-options): Do not add a '-net' command.
(virtual-machine-compiler): Use "-nic user,..." instead of "-net".
* doc/guix.texi (Installing Guix in a VM, Invoking guix system, Running Guix
in a VM): Do the same for examples.
* gnu/build/linux-boot.scm (mount-root-file-system): Add the 'flags' keyword
argument and use it when mounting the root file system.
(boot-system): Pass the root file system flags to 'mount-root-file-system'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/build/syscalls.scm (MS_LAZYTIME): New variable.
* gnu/build/file-systems.scm (mount-flags->bit-mask): Add match rules for
'strict-atime' and 'lazy-time'.
* doc/guix.texi (File Systems): Add 'strict-atime' and 'lazy-time' to the list
of supported flags.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/build/vm.scm (load-in-linux-vm): Add target-arm64? argument and use it
to pass correct arguments to qemu.
* gnu/system/vm.scm (expression->derivation-in-linux-vm): Pass the new
target-arm64? argument added above. Do not add ESP partition on all ARM
targets. Do not pass grub-efi package to initialize-hard-disk on ARM targets.
Fixes <https://bugs.gnu.org/37977>.
* gnu/build/linux-boot.scm (mount-root-file-system): Add the 'options'
keyword argument and use it when mounting the root file system.
(boot-system): Pass the root file system options to
'mount-root-file-system'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/build/file-systems.scm (mount-file-system): Clean the documentation from
the no longer existing parameters (these are now encapsulated within a
<file-system> record).
* gnu/build/linux-container.scm (call-with-container): Add
#:process-spawned-hook and honor it.
* gnu/system/linux-container.scm (container-script)[script]:
Define 'explain' and pass it as #:process-spawned-hook'.
This allows containers created by "guix environment -CN" or by
"guix system container -N" to talk to the host nscd.
* gnu/system/file-systems.scm (%network-file-mappings): Add
"/var/run/nscd".
* gnu/build/shepherd.scm (default-mounts)[nscd-socket]: Remove.
* gnu/system/linux-container.scm (container-script)[nscd-run-directory]
[nscd-mapping, nscd-os, nscd-specs]: Remove.
[script]: Filter out from SPECS bind-mounts where the device does not
exist.
* guix/scripts/environment.scm (launch-environment/container)
[optional-mapping->fs]: New procedure.
[mappings]: Remove %NETWORK-FILE-MAPPINGS.
[file-systems]: Add %NETWORK-FILE-MAPPINGS here, filtered through
'optional-mapping->fs'.
When adding multiple instances of a service requiring some user
account/group, we could end up with multiple entries for that account or
group in /etc/passwd or /etc/group.
* gnu/build/accounts.scm (database-writer)[write-entries]: Add call to
'delete-duplicates'.
* tests/accounts.scm ("write-passwd with duplicate entry"): New test.
Fixes <https://bugs.gnu.org/34902>.
Reported by Julien Lepiller <julien@lepiller.eu>.
* gnu/build/linux-modules.scm (module-formal-name): New procedure.
(load-linux-modules-from-directory)[lookup-module]: Remove.
[module-name->file-name]: New variable. Use it.
(module-name->file-name/guess, module-name-lookup)
(write-module-name-database): New procedures.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Call
'write-module-name-database'.
* gnu/build/linux-modules.scm (aliases->device-tuple)
(write-module-device-database): New procedures.
(%not-dash): New variable.
Co-authored-by: Danny Milosavljevic <dannym@scratchpost.org>.
This patch parameterizes previously hard-coded instances of
i686-w64-mingw32, adding support for x86_64-w64-mingw32.
* gnu/packages/mingw.scm (make-mingw-w64): New procedure.
(mingw-w64-i686, mingw-w64-x86_64): New variables.
(%mingw-triplet): Remove.
(mingw-w64): Update to point to 'mingw-w64-i686'.
* gnu/packages/cross-base.scm (cross-gcc): Use 'libc' keyword argument
if specified, instead of treating it as a boolean.
(native-libc): Return the correct mingw-w64 depending on machine
specified in target.
* gnu/packages/bootstrap.scm (glibc-dynamic-linker): Add "x86_64-mingw".
* gnu/build/cross-toolchain.scm (set-cross-path/mingw): Replace
hardcoded 'i686-w64-mingw32' instances with 'target' keyword argument.
(cross-gcc-build-phases): Update accordingly; use 'target-mingw?'
implementation of target checking and add commentary.
* gnu/ci.scm (%cross-targets): Add "x86_64-w64-mingw32".
Fixes <https://bugs.gnu.org/36463>.
Reported by Steffen Rytter Postas <nc@scalehost.eu>.
* gnu/build/linux-container.scm (mount-file-systems): When /dev/ptmx
exists on the host, explicitly mount a new instance of devpts and make
/dev/ptmx a symlink to /dev/pts/ptmx.
Fixes a bug whereby derivations importing (gnu build linux-container),
such as the 'bitlbee' and 'tor' services, would depend on the
user's (guix config) file, which was pulled as a dependency of (guix
utils). As a result, those derivations would vary from user to user.
* gnu/build/linux-container.scm (call-with-temporary-directory): New
procedure.
Fixes <https://bugs.gnu.org/36076>.
Reported by Jack Hill <jackhill@jackhill.us>
and Giovanni Biscuolo <g@xelera.eu>
* gnu/build/locale.scm (locale->name+codeset): New file.
* gnu/packages/base.scm (make-glibc-locales): Add #:modules
and #:imported-modules. Add a 'symlink-normalized-codesets' phase.
Suggested by Florian Pelz <pelzflorian@pelzflorian.de>
in <http://bugs.gnu.org/35996>.
* gnu/build/accounts.scm (%password-lock-file): New variable.
* gnu/build/activation.scm (activate-users+groups): Wrap calls to
'user+group-databases', 'write-group', etc. into 'with-file-lock'.
Fixes a bug whereby Tor (for example) would emit syslog messages with a
UTC timestamp instead of local time.
* gnu/build/shepherd.scm (default-mounts): Add /etc/localtime to
MAPPINGS.
* guix/build/syscalls.scm (MS_NOATIME): New variable.
* gnu/build/file-systems.scm (mount-flags->bit-mask): Support it.
* doc/guix.texi (File Systems): Document it and add cross-references to
the relevant documentation.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Starting from commit 0ae735bcc8, Guix
System would preserve the user shell across reconfigure and reboot.
This was done so as to allow for the use of 'chsh'.
This proved to be a misguided decision. This commit goes back to
considering user shells as config and not "state."
* gnu/build/accounts.scm (allocate-passwd): Do not use shell from
PREVIOUS.
On 32-bit systems, 'string-hash' would raise an out-of-range exception
when the second argument was 2^32.
* gnu/build/vm.scm (make-iso9660-image): Pass 2^32 - 1 to 'string-hash'.
This is a followup to 66ec389580.
This reverts 178be030c0, which is no
longer needed.
* gnu/build/vm.scm (make-iso9660-image): Remove "-padding" option.
Fixes <https://bugs.gnu.org/34788>.
Reported by Jack Hill <jackhill@jackhill.us>.
Regression introduced by the combination of
8bb76f3d44 and
0ae735bcc8: /var/empty would be 700 and
owned by one of the system accounts (thus inaccessible to others), and
/var/run/dbus would be 700 as well, thereby preventing D-Bus clients
from connecting to the daemon.
* gnu/build/activation.scm (duplicates): New procedure.
(activate-users+groups)[system-accounts]: New variable.
Use it. Make shared system account home directories #o555 and
root-owned.
* gnu/services/dbus.scm (dbus-activation): Make /var/run/dbus #o755.
* gnu/tests/base.scm (run-basic-test): Test the ownership and
permissions of /var/empty.
* gnu/system/accounts.scm (sexp->user-group, sexp->user-account): New
procedures.
* gnu/system/shadow.scm (account-activation): Call them in the arguments
to 'activate-users+groups'.
(account-shepherd-service): Likewise.
* gnu/build/activation.scm (activate-users+groups): Expect a list of
<user-account> and a list of <user-group>. Replace uses of 'match' on
tuples with calls to record accessors.
(activate-user-home): Likewise.
Until now they'd be #o755, except for /root, which is treated specially
in (gnu build install).
* gnu/build/activation.scm (activate-user-home): Chmod HOME to #o700.
Remove redundant 'unless system?'.
This makes sure it is inherited by packages using (cross-gcc ...). This
commit is a followup to 01e8263feb.
* gnu/build/cross-toolchain.scm (cross-gcc-build-phases): Move
'treat-glibc-as-system-header' phase ...
* gnu/packages/cross-base.scm (cross-gcc-arguments): ... here.
* gnu/packages/cross-base.scm (%gcc-cross-include-paths): Remove
CROSS_C_INCLUDE_PATH & co in favor of CROSS_CPATH.
* gnu/build/cross-toolchain.scm (%gcc-cross-include-paths): Likewise.
(cross-gcc-build-phases): Set CROSS_C_INCLUDE_PATH and
CROSS_CPLUS_INCLUDE_PATH when building the cross GCC.
* gnu/packages/commencement.scm (libstdc++): Add
"--disable-libstdcxx-dual-abi" to #:configure-flags.
(gcc-boot0)[arguments]: Add "--disable-libmpx"
to #:configure-flags.
(gcc-final): Add phase to set C_INCLUDE_PATH and CPLUS_INCLUDE_PATH before
building GCC.
(gcc-toolchain-5): Use MAKE-GCC-TOOLCHAIN.
(gcc-toolchain-7): Change to GCC-TOOLCHAIN.
* gnu/packages/gcc.scm (gcc): Change from GCC-5 to GCC-7.
(gfortran): Change to GFORTRAN-7.
(gcc-objc): Change to GCC-OBJC-7.
(gcc-objc++): Change to GCC-OBJC++-7.
* gnu/packages/rust.scm (rust-1.19.0)[native-search-paths]: Change from
C_INCLUDE_PATH & co to CPATH.
