* gnu/services.scm (privileged-program->activation-gexp): Add
‘let-system’ form to define staged ‘libcap’ variable. Use
‘supported-package?’ only when not cross-compiling.
Change-Id: Ifa9bd97b5dc8c3a162d8427533b41d3c30bac18d
* gnu/packages/version-control.scm (libgit2-1.8): Update to 1.8.1.
[source]: deps/http-parser does not exist so update the list
[arguments]: semantics of -DUSE_HTTP_PARSER has changed, so
update configure-flags to reflect the same
Change-Id: Ifd9694a93326f7c3d368bd354a5fadf4e4b93119
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/68313>.
HDF5 1.14.3 contains the fix for <https://github.com/HDFGroup/hdf5/pull/3421>.
* gnu/packages/maths.scm (hdf5-parallel-openmpi): Inherit from HDF5-1.14.
[arguments]: Take arguments from HDF5-1.14. Use gexps.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I99222a1085dcd75c3c9ac83a0e88495e86a8cf59
* gnu/packages/ntp.scm (chrony): Update to 4.5.
[source]: Download from GitLab as the original site is not accessible
anymore.
[native-inputs]: Add "bison" and "ruby-asciidoctor".
[synopsis]: Fix a typo.
[description]: Improve formatting.
[home-page]: Change to "https://chrony-project.org/".
Change-Id: I33b053fff0aced37cefab9f3c5df44fe2b9abb0c
Signed-off-by: Zheng Junjie <zhengjunjie@iscas.ac.cn>
Guix provides its own superior-quality time-outs.
* gnu/packages/gtk.scm (at-spi2-core)[arguments]: Remove the
‘timeout’ argument from the test invocation.
Change-Id: Ic324c5992d48cafa4b6b9856b381d461083d8de2
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
`icedove` does currently not built.
* gnu/packages/gnuzilla.scm (icedove-wayland): Use `icedove-minimal` instead of
`icedove`.
Change-Id: Idc01d6a93071cff11ef139e6738aff1c7687d975
* gnu/packages/gnuzilla.scm (all-mozilla-102-locales,
%icecat-102-base-version, %icecat-102-version, icecat-102-source):
Remove variables.
(%icedove-build-id, %icedove-version, thunderbird-comm-source): Update for 115.10.1.
(thunderbird-comm-l10n): Switch to provided tarball.
(icedove-source)[origin]: Add `zstd` package. Use `icecat-source`.
Provide l10n folder from tarball.
(icedove-minimal)[arguments]: Use MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE instead
of deprecated MACH_USE_SYSTEM_PYTHON. Use GUIX_PYTHONPATH and bundled
NSS library.
[inputs]: Use `icu4c-73`. Add `nspr`. Remove `nss` for now.
[native-inputs]: Update clang and llvm to version 15. Use newer
`node-lts`.
(make-l10n-package)[arguments]: Set GUIX_PYTHONPATH.
Change-Id: Ie6d9eb00f609c9872ac985adec72da92ee4be336
Icedove@115 does not properly work without this patch. See:
https://bugzilla.mozilla.org/show_bug.cgi?id=1843007
* gnu/packages/icu4c.scm (icu4c-73)[source]: Use patch.
* gnu/packages/patches/icu4c-icu-22132-fix-vtimezone.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register patch.
Change-Id: Ie64d1e33afedbaedbaafaeb607a201eb671ac7bd
Change-Id: I6d753eacc7daac5663128b20a550044d0fd0ddb7
* gnu/system/privilege.scm (<privileged-program>): Add a field
representing the program's POSIX capabilities.
(privileged-program-capabilities): New public procedure.
* doc/guix.texi (Privileged Programs): Document it.
* gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP
package argument providing setcap(8) to apply said capabilities.
* gnu/services.scm (privileged-program->activation-gexp): Pass said
package argument where supported. Include privileged-program-capabilities
in the compatibility hack.
* gnu/system.scm (<operating-system>): Add new privileged-programs
field, that defaults to…
(%default-privileged-programs): …this new variable, renamed from…
(%setuid-programs): …this, which is now defined as the empty list.
* doc/guix.texi (Setuid Programs): Rename this…
(Privileged Programs): …to this. Adjust all refs. Update all mentions
of ‘setuid’ (whether in prose, variable names, or code samples) to use
the new ‘privilege[d]’ terminology instead.
(operating-system Reference, X Window, Invoking guix system)
(Service Reference): Adjust likewise.
* gnu/services.scm (setuid-program->activation-gexp): Rename this…
(privileged-program->activation-gexp): …to this.
Operate on a list of <privileged-program> records.
(privileged-program-service-type): New variable, renamed from
setuid-program-service-type. Rename the service-type accordingly.
(setuid-program-service-type): Redefine as an alias for the above.
* gnu/build/activation.scm (activate-setuid-programs): Rename this…
(activate-privileged-programs): …to this.
Operate on a list of <privileged-program> records.
* gnu/services.scm (setuid-program->activation-gexp): Adjust caller.
* gnu/system/setuid.scm (setuid-program): Rewrite as syntax to create a
<privileged-program> record that is setuid by default.
(setuid-program?, setuid-program-program, setuid-program-setuid?)
(setuid-program-setgid?, setuid-program-user, setuid-program-group):
Alias their privileged-program equivalent.
Create /run/setuid-programs compatibility symlinks so that we can
migrate all users (both package and human) piecemeal at our leisure.
Apart from being symlinks, this should be a user-invisible change.
* gnu/build/activation.scm (%privileged-program-directory): New variable.
[activate-setuid-programs]: Put privileged copies in
%PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in
%SETUID-DIRECTORY.
* gnu/services.scm (setuid-program-service-type): Update docstring.
* doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
It has been a warning for well over a year now. Now, with
privileged-programs coming, don't let's support nested deprecation
hacks.
* gnu/system.scm (<operating-system>):
Don't ‘sanitize’ the setuid-programs field.
(ensure-setuid-program-list): Delete syntax.
(%ensure-setuid-program-list): Delete variable.