From 61253c4f9759fa83c20d9e09d58a7e7c6dd06572 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Reich=C3=B6r?= Date: Sun, 18 Jun 2017 00:59:27 +0200 Subject: [PATCH 01/33] gnu: Add fping. * gnu/packages/networking.scm (fping): New variable. --- gnu/packages/networking.scm | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 5d1c432da3..d5acac90c5 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -2,7 +2,7 @@ ;;; Copyright © 2014, 2017 Ludovic Courtès ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus ;;; Copyright © 2015 Mark H Weaver -;;; Copyright © 2015, 2016 Stefan Reichör +;;; Copyright © 2015, 2016, 2017 Stefan Reichör ;;; Copyright © 2016 Raimon Grau ;;; Copyright © 2016 Tobias Geerinckx-Rice ;;; Copyright © 2016 John Darrington @@ -522,6 +522,31 @@ network frames.") (license license:gpl2+) (home-page "https://www.wireshark.org/"))) +(define-public fping + (package + (name "fping") + (version "4.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://fping.org/dist/fping-" + version ".tar.gz")) + (sha256 + (base32 + "1kp81wchi79l8z8rrj602fpjrd8bi84y3i7fsaclzlwap5943sv7")))) + (build-system gnu-build-system) + (home-page "http://fping.org/") + (synopsis "Send ICMP ECHO_REQUEST packets to network hosts") + (description + "fping is a ping like program which uses the Internet Control Message +Protocol (ICMP) echo request to determine if a target host is responding. +fping differs from ping in that you can specify any number of targets on the +command line, or specify a file containing the lists of targets to ping. +Instead of sending to one target until it times out or replies, fping will +send out a ping packet and move on to the next target in a round-robin +fashion.") + (license license:expat))) + (define-public httping (package (name "httping") From 7fadeab448b602987765184685e329a59b615c64 Mon Sep 17 00:00:00 2001 From: Danny Milosavljevic Date: Sun, 18 Jun 2017 14:00:23 +0200 Subject: [PATCH 02/33] gnu: Add python-smmap2. * gnu/packages/python.scm (python-smmap2, python2-smmap2): New variables. --- gnu/packages/python.scm | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 92413aa458..c07bbae3e9 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -15383,3 +15383,26 @@ many of the popular cloud service providers using a unified API.") (define-public python2-apache-libcloud (package-with-python2 python-apache-libcloud)) + +(define-public python-smmap2 + (package + (name "python-smmap2") + (version "2.0.3") + (source + (origin + (method url-fetch) + (uri (pypi-uri "smmap2" version)) + (sha256 + (base32 + "1hvn28p3zvxa98sbi9lrqvv2ps4q284j4jq9a619zw0m7yv0sly7")))) + (build-system python-build-system) + (native-inputs + `(("python-nosexcover" ,python-nosexcover))) + (home-page "https://github.com/Byron/smmap") + (synopsis "Python sliding window memory map manager") + (description "@code{smmap2} is a pure Python implementation of a sliding +window memory map manager.") + (license license:bsd-3))) + +(define-public python2-smmap2 + (package-with-python2 python-smmap2)) From 1d3be5d963418a30af6753374ac66a29dbccfdb7 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sun, 18 Jun 2017 16:48:27 +0200 Subject: [PATCH 03/33] gnu: propeller-gcc-4: Add cross environment variables patch. * gnu/packages/embedded.scm (propeller-gcc-4)[source]: Add gcc-cross-environment-variables.patch. --- gnu/packages/embedded.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/embedded.scm b/gnu/packages/embedded.scm index c158405a0c..a11722a2bb 100644 --- a/gnu/packages/embedded.scm +++ b/gnu/packages/embedded.scm @@ -507,7 +507,8 @@ with a layered architecture of JTAG interface and TAP support.") (patches (append (origin-patches (package-source gcc-4.7)) - (search-patches "gcc-4.6-gnu-inline.patch"))))) + (search-patches "gcc-4.6-gnu-inline.patch" + "gcc-cross-environment-variables.patch"))))) (home-page "https://github.com/dbetz/propgcc-gcc")))) ;; There is no release, so we take the latest version as referenced from here: From e1287aed0c2bbe63bd56cf43b846be439d16a823 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sun, 18 Jun 2017 17:18:53 +0200 Subject: [PATCH 04/33] gnu: fish-guix: Update home page. * gnu/packages/shells.scm (fish-guix)[home-page]: Update it. --- gnu/packages/shells.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm index 6b9125e77f..65e0eda50a 100644 --- a/gnu/packages/shells.scm +++ b/gnu/packages/shells.scm @@ -172,7 +172,7 @@ highlighting.") #:phases (modify-phases %standard-phases (delete 'configure)))) ; No configure script. - (home-page "https://pragmatique.xyz/software/fish-guix.html") + (home-page "https://www.infotropique.org/projects/fish-guix/") (synopsis "Fish completions for Guix") (description "Fish-guix provides completions for Guix for users of the fish shell.") From 0fff1495bc83f872c13bc9d407b87801c6dcce99 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 16:50:44 +0200 Subject: [PATCH 05/33] gnu: git: Prevent creating 'perllocal.pod'. * gnu/packages/version-control.scm (git)[arguments]<#:phases>: Rename 'patch-makefile-shebangs' to 'patch-makefiles'. Add substitution. --- gnu/packages/version-control.scm | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 953440a6fd..a412ef8d01 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -186,12 +186,16 @@ as well as the classic centralized workflow.") ,@%gnu-build-system-modules) #:phases (modify-phases %standard-phases - (add-after 'configure 'patch-makefile-shebangs + (add-after 'configure 'patch-makefiles (lambda _ (substitute* "Makefile" (("/bin/sh") (which "sh")) (("/usr/bin/perl") (which "perl")) - (("/usr/bin/python") (which "python"))))) + (("/usr/bin/python") (which "python"))) + (substitute* "perl/Makefile" + ;; Don't create timestamped 'perllocal.pod'. + (("\\$< PREFIX=") "$< NO_PERLLOCAL=1 PREFIX=")) + #t)) (add-after 'configure 'add-PM.stamp (lambda _ ;; Add the "PM.stamp" to avoid "no rule to make target". From b004c79f721b4e7165076e5ec865d712c63035a0 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 17:02:46 +0200 Subject: [PATCH 06/33] gnu: subversion: Don't create 'perllocal.pod'. * gnu/packages/version-control.scm (subversion)[arguments]: Add "NO_PERLLOCAL=1" to Makefile.PL arguments in "install-perl-bindings" phase. --- gnu/packages/version-control.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index a412ef8d01..4b78704537 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -820,6 +820,7 @@ following features: "subversion/bindings/swig/perl/native" (and (zero? (system* "perl" "Makefile.PL" + "NO_PERLLOCAL=1" (string-append "PREFIX=" out))) (zero? (system* "make" "install" From f43cc4a386c2e02e888d7d5e79a4982f3fdc639a Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 17:37:26 +0200 Subject: [PATCH 07/33] gnu: bitcoin-core: Update to 0.14.2. * gnu/packages/finance.scm (bitcoin-core): Update to 0.14.2. --- gnu/packages/finance.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/finance.scm b/gnu/packages/finance.scm index fb2543bceb..04ae70b07a 100644 --- a/gnu/packages/finance.scm +++ b/gnu/packages/finance.scm @@ -49,7 +49,7 @@ (define-public bitcoin-core (package (name "bitcoin-core") - (version "0.14.1") + (version "0.14.2") (source (origin (method url-fetch) (uri @@ -57,7 +57,7 @@ version "/bitcoin-" version ".tar.gz")) (sha256 (base32 - "18zrsinlwkj4q5bj2hzswbhswkvd0sdfi6skfwqwwk85gzh064pj")))) + "1jp8vdc25gs46gj1d9mraqa1xnampffpa7mdy0fw80xca77fbi0s")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) From 200762a44caaee85959b1463ee19d4138a523489 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 17:38:16 +0200 Subject: [PATCH 08/33] gnu: miniupnpc: Update to 2.0.20170509. * gnu/packages/upnp.scm (miniupnpc): Update to 2.0.20170509. [source]: Remove obsolete patch. * gnu/packages/patches/miniupnpc-CVE-2017-8798.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - .../patches/miniupnpc-CVE-2017-8798.patch | 55 ------------------- gnu/packages/upnp.scm | 5 +- 3 files changed, 2 insertions(+), 59 deletions(-) delete mode 100644 gnu/packages/patches/miniupnpc-CVE-2017-8798.patch diff --git a/gnu/local.mk b/gnu/local.mk index 148ba12d68..8c9883a5e2 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -830,7 +830,6 @@ dist_patch_DATA = \ %D%/packages/patches/mesa-wayland-egl-symbols-check-mips.patch \ %D%/packages/patches/metabat-remove-compilation-date.patch \ %D%/packages/patches/mhash-keygen-test-segfault.patch \ - %D%/packages/patches/miniupnpc-CVE-2017-8798.patch \ %D%/packages/patches/mingw-w64-5.0rc2-gcc-4.9.3.patch \ %D%/packages/patches/mpc123-initialize-ao.patch \ %D%/packages/patches/module-init-tools-moduledir.patch \ diff --git a/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch b/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch deleted file mode 100644 index 24eed60af9..0000000000 --- a/gnu/packages/patches/miniupnpc-CVE-2017-8798.patch +++ /dev/null @@ -1,55 +0,0 @@ -Fix CVE-2017-8798. - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8798 -http://seclists.org/oss-sec/2017/q2/247 - -Patch copied from upstream source repository, with Changelog entry removed: - -https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229 - -diff --git a/miniwget.c b/miniwget.c -index 37cb47b..1eda57c 100644 ---- a/miniwget.c -+++ b/miniwget.c -@@ -284,11 +284,12 @@ getHTTPResponse(int s, int * size, int * status_code) - goto end_of_stream; - } - } -- bytestocopy = ((int)chunksize < (n - i))?chunksize:(unsigned int)(n - i); -+ /* it is guaranteed that (n >= i) */ -+ bytestocopy = (chunksize < (unsigned int)(n - i))?chunksize:(unsigned int)(n - i); - if((content_buf_used + bytestocopy) > content_buf_len) - { - char * tmp; -- if(content_length >= (int)(content_buf_used + bytestocopy)) { -+ if((content_length >= 0) && ((unsigned int)content_length >= (content_buf_used + bytestocopy))) { - content_buf_len = content_length; - } else { - content_buf_len = content_buf_used + bytestocopy; -@@ -313,14 +314,15 @@ getHTTPResponse(int s, int * size, int * status_code) - { - /* not chunked */ - if(content_length > 0 -- && (int)(content_buf_used + n) > content_length) { -+ && (content_buf_used + n) > (unsigned int)content_length) { - /* skipping additional bytes */ - n = content_length - content_buf_used; - } - if(content_buf_used + n > content_buf_len) - { - char * tmp; -- if(content_length >= (int)(content_buf_used + n)) { -+ if(content_length >= 0 -+ && (unsigned int)content_length >= (content_buf_used + n)) { - content_buf_len = content_length; - } else { - content_buf_len = content_buf_used + n; -@@ -340,7 +342,7 @@ getHTTPResponse(int s, int * size, int * status_code) - } - } - /* use the Content-Length header value if available */ -- if(content_length > 0 && (int)content_buf_used >= content_length) -+ if(content_length > 0 && content_buf_used >= (unsigned int)content_length) - { - #ifdef DEBUG - printf("End of HTTP content\n"); diff --git a/gnu/packages/upnp.scm b/gnu/packages/upnp.scm index 645e9a6573..3c449937da 100644 --- a/gnu/packages/upnp.scm +++ b/gnu/packages/upnp.scm @@ -28,15 +28,14 @@ (define-public miniupnpc (package (name "miniupnpc") - (version "2.0.20170421") + (version "2.0.20170509") (source (origin (method url-fetch) (uri (string-append "https://miniupnp.tuxfamily.org/files/" name "-" version ".tar.gz")) - (patches (search-patches "miniupnpc-CVE-2017-8798.patch")) (sha256 - (base32 "0n11m2wq812zms5b21h8ihw1kbyaihj9nqjiida0hskf4dmw4m13")))) + (base32 "0spi75q6nafxp3ndnrhrlqagzmjlp8wwlr5x7rnvdpswgxi6ihyk")))) (build-system gnu-build-system) (native-inputs `(("python" ,python-2))) From 1f1b3445f43c7b2586144d9ccf52b480dae8b7e0 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 17:43:15 +0200 Subject: [PATCH 09/33] gnu: pcsc-lite: Update to 1.8.22. * gnu/packages/security-token.scm (pcsc-lite): Update to 1.8.22. --- gnu/packages/security-token.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm index 5873d85b55..8ae2dda1c3 100644 --- a/gnu/packages/security-token.scm +++ b/gnu/packages/security-token.scm @@ -93,15 +93,15 @@ the low-level development kit for the Yubico YubiKey authentication device.") (define-public pcsc-lite (package (name "pcsc-lite") - (version "1.8.21") + (version "1.8.22") (source (origin (method url-fetch) (uri (string-append - "https://alioth.debian.org/frs/download.php/file/4216/" + "https://alioth.debian.org/frs/download.php/file/4225/" "pcsc-lite-" version ".tar.bz2")) (sha256 (base32 - "1b8kwl81f6s3y7qh68ahr8sp8a0w6m464v9b3s4zxq2cgpmnaczy")))) + "01flkdyqs7kr6c63dv2qg8dwir3v9jlr9rzlw7vafrivxmhqydba")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"))) From d76e26342e17c2185598c83c3b628a7d5e1e0fd1 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 17 Jun 2017 18:46:50 +0200 Subject: [PATCH 10/33] gnu: libbluray: Update to 1.0.1. * gnu/packages/video.scm (libbluray): Update to 1.0.1. [arguments]<#:configure-flags>: Adjust deprecated flag. --- gnu/packages/video.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index adae0d3d3e..4acfb24220 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -1144,7 +1144,7 @@ audio, images) from the Web. It can use either mpv or vlc for playback.") (define-public libbluray (package (name "libbluray") - (version "1.0.0") + (version "1.0.1") (source (origin (method url-fetch) (uri (string-append "https://download.videolan.org/videolan/" @@ -1152,10 +1152,10 @@ audio, images) from the Web. It can use either mpv or vlc for playback.") name "-" version ".tar.bz2")) (sha256 (base32 - "1k3lag4lxi2jjd3zh4wcb5l3hadzm54j5kagh92yzfy76p9svqzp")))) + "0fl5cxfj870rwqmmz3s04wh7wnabb7rnynfj1v3sz37ln8frm7qg")))) (build-system gnu-build-system) (arguments - `(#:configure-flags '("--disable-bdjava") + `(#:configure-flags '("--disable-bdjava-jar") #:phases (modify-phases %standard-phases (add-before 'build 'fix-dlopen-paths From efb212e80d55ad258ba4bb62745a54441d8a7f00 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 18 Jun 2017 00:51:15 +0300 Subject: [PATCH 11/33] gnu: enlightenment: Update to 0.21.8. * gnu/packages/enlightenment.scm (enlightenment): Update to 0.21.8. --- gnu/packages/enlightenment.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index 6487446336..dbb4aac334 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -198,7 +198,7 @@ Libraries with some extra bells and whistles.") (define-public enlightenment (package (name "enlightenment") - (version "0.21.7") + (version "0.21.8") (source (origin (method url-fetch) (uri @@ -206,7 +206,7 @@ Libraries with some extra bells and whistles.") name "/" name "-" version ".tar.xz")) (sha256 (base32 - "1xvngjdsa0p901vfhrh2qpa50k32hwwhc8bgi16a9b5d9byzfhvn")))) + "0cjjiip12hd8bfjl9ccl3vzl81pxh1wpymxk2yvrzf6ap5girhps")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--enable-mount-eeze") From 8f1f2784e63b4361d49d5d53b8915c4b6355276e Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 18 Jun 2017 10:50:10 +0300 Subject: [PATCH 12/33] gnu: efl: Update to 1.19.1. * gnu/packages/enlightenment.scm (efl): Update to 1.19.1. [arguments]: Add flag to disable systemd support. [phases]: Add phase to set home directory. (terminology, rage)[arguments]: Set home directory before building. * gnu/packages/connman.scm (econnman)[arguments]: Same. --- gnu/packages/connman.scm | 5 ++++- gnu/packages/enlightenment.scm | 28 +++++++++++++++++++++++----- 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/gnu/packages/connman.scm b/gnu/packages/connman.scm index 08e725118d..8f567fa61b 100644 --- a/gnu/packages/connman.scm +++ b/gnu/packages/connman.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2017 Clément Lassieur ;;; Copyright © 2017 Ricardo Wurmus @@ -114,6 +114,9 @@ sharing) to clients via USB, ethernet, WiFi, cellular and Bluetooth.") `(#:configure-flags '("--localstatedir=/var") #:phases (modify-phases %standard-phases + (add-after 'unpack 'set-home-directory + ;; FATAL: Cannot create run dir '/homeless-shelter/.run' - errno=2 + (lambda _ (setenv "HOME" "/tmp") #t)) (add-after 'install 'wrap-binary (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index dbb4aac334..ce8fae1ce9 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -58,7 +58,7 @@ (define-public efl (package (name "efl") - (version "1.18.5") + (version "1.19.1") (source (origin (method url-fetch) (uri (string-append @@ -66,7 +66,7 @@ version ".tar.xz")) (sha256 (base32 - "0wxz00cijynamm0sx4ss4hp89zyz5y6zliv5zd905jn4nak2mw2n")))) + "0fndwraca9rg0bz3al4isdprvyw56szr88qiyvglb4j8ygsylscc")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -109,7 +109,7 @@ ("xproto" ,xproto))) (propagated-inputs ;; All these inputs are in package config files in section - ;; Require.private. + ;; Requires.private. `(("bullet" ,bullet) ; ephysics.pc ("dbus" ,dbus) ; eldbus.pc, elementary.pc, elocation.pc, ethumb_client.pc ("eudev" ,eudev) ; eeze.pc @@ -123,17 +123,23 @@ ("libsndfile" ,libsndfile) ; ecore-audio.pc, ecore-audio-cxx.pc ("openssl" ,openssl) ; ecore-con.pc, eet.pc, eet-cxx.pc, emile.pc ("pulseaudio" ,pulseaudio) ; ecore-audio.pc, ecore-audio-cxx.pc - ("util-linux" ,util-linux) ; eeze.pc + ("util-linux" ,util-linux) ; mount: eeze.pc ("zlib" ,zlib))) ; eet.pc, eet-cxx.pc, emile.pc (arguments `(#:configure-flags '("--disable-silent-rules" + "--disable-systemd" "--enable-liblz4" "--enable-xinput22" "--enable-image-loader-webp" "--enable-multisense" "--with-opengl=es" "--enable-egl" - "--enable-harfbuzz"))) + "--enable-harfbuzz") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-home-directory + ;; FATAL: Cannot create run dir '/homeless-shelter/.run' - errno=2 + (lambda _ (setenv "HOME" "/tmp") #t))))) (home-page "https://www.enlightenment.org/about-efl") (synopsis "Enlightenment Foundation Libraries") (description @@ -157,6 +163,12 @@ removable devices or support for multimedia.") (base32 "1x4j2q4qqj10ckbka0zaq2r2zm66ff1x791kp8slv1ff7fw45vdz")))) (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-home-directory + ;; FATAL: Cannot create run dir '/homeless-shelter/.run' - errno=2 + (lambda _ (setenv "HOME" "/tmp") #t))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs @@ -184,6 +196,12 @@ contents and more.") (base32 "06kbgcnbhl9clhdl7k983m4d0n6ggsl4qvizzi1nrp8c7np87fix")))) (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-home-directory + ;; FATAL: Cannot create run dir '/homeless-shelter/.run' - errno=2 + (lambda _ (setenv "HOME" "/tmp") #t))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs From 0b6114da015257c8f0e7f876c5014adbce70a4cd Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 18 Jun 2017 16:00:36 +0300 Subject: [PATCH 13/33] gnu: edi: Update to 0.5.0. * gnu/packages/enlightenment.scm (edi): Update to 0.5.0. [arguments]: Set home directory. --- gnu/packages/enlightenment.scm | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index ce8fae1ce9..b3e81bd523 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -315,7 +315,7 @@ Libraries stack (eo, evas, ecore, edje, emotion, ethumb and elementary).") (define-public edi (package (name "edi") - (version "0.4.0") + (version "0.5.0") (source (origin (method url-fetch) @@ -323,9 +323,15 @@ Libraries stack (eo, evas, ecore, edje, emotion, ethumb and elementary).") "download/v" version "/edi-" version ".tar.bz2")) (sha256 (base32 - "0qczz5psryxasphg5km95845h510237rf0k1dy8f0dad52ii90j1")))) + "1l90x1bw82a0df6r11wd55qizhi99gg0qcljwxga606ahy6ycnkn")))) (build-system gnu-build-system) - (arguments '(#:configure-flags '("--with-tests=coverage"))) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'set-home-directory + ;; FATAL: Cannot create run dir '/homeless-shelter/.run' - errno=2 + (lambda _ (setenv "HOME" "/tmp") #t))) + #:configure-flags '("--with-tests=coverage"))) (native-inputs `(("check" ,check) ("lcov" ,lcov) From 83acf3ead40702ed52307fa19db9c847a5c947e8 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 18 Jun 2017 19:13:12 +0300 Subject: [PATCH 14/33] gnu: python-efl: Update to 1.19.0. * gnu/packages/enlightenment.scm (python-efl): Update to 1.19.0. --- gnu/packages/enlightenment.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index b3e81bd523..a56dac4db3 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -265,14 +265,14 @@ embedded systems.") (define-public python-efl (package (name "python-efl") - (version "1.18.0") + (version "1.19.0") (source (origin (method url-fetch) (uri (pypi-uri "python-efl" version)) (sha256 (base32 - "0x49rb7mx7ysjp23m919r2rx8qnl4xackhl9s9x2697m7cs77n1r")))) + "0l0f9bv1134qh5376p5asycncidrhp8hdb6qwd8ybr1a61q9zq67")))) (build-system python-build-system) (arguments '(#:phases From 20b7b75c3225a567637f5fe660fd4a80c59e58be Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 19 Jun 2017 08:39:16 +0300 Subject: [PATCH 15/33] gnu: gnome-planner: Fix building on aarch64. * gnu/packages/gnome.scm (gnome-planner)[arguments]: Add configure-flag to set build-target when building on aarch64. --- gnu/packages/gnome.scm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 43b7e0ac47..34bd33813d 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -6291,7 +6291,11 @@ text views, and buttons to choose the language.") ;; Disable the Python bindings because the Planner program functions ;; without them, and (as of 2017-06-13) we have not packaged all of ;; packages that are necessary for building the Python bindings. - `(#:configure-flags (list "--disable-python"))) + `(#:configure-flags + (list "--disable-python" + ,@(if (string=? "aarch64-linux" (%current-system)) + '("--build=aarch64-unknown-linux-gnu") + '())))) (inputs `(("libgnomecanvas" ,libgnomecanvas) ("libgnomeui" ,libgnomeui) From 15dc52e5a7083a5405bc57709e1be6a1215f1856 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sun, 18 Jun 2017 16:56:11 +0200 Subject: [PATCH 16/33] gnu: texlive-dvips: Update to revision 44591. * gnu/packages/tex.scm (texlive-dvips): Update to revision 44591. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 71aa5c7f3a..459657903e 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -195,7 +195,7 @@ This package contains the binaries.") (revision %texlive-revision))) (sha256 (base32 - "1k11yvz4q95bxyxczwvd4r177h6a2gg03xmf51kmgjgz8an2gq2w")))) + "0fcy2hpapbj01ncpjj3v39yhr0jjxb6rm13qaxjjw66s3vydxls1")))) (build-system trivial-build-system) (arguments `(#:modules ((guix build utils)) From 96c336be07ec943260b434944d80e417fab2131e Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:17:40 +0200 Subject: [PATCH 17/33] gnu: texlive-tex-plain: Update to revision 44591. * gnu/packages/tex.scm (texlive-tex-plain): Update to revision 44591. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 459657903e..087a1fe9b6 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -650,7 +650,7 @@ symbol fonts.") (revision %texlive-revision))) (sha256 (base32 - "1ifmbyl3ir8k0v1g25xjb5rcyy5vhj8a3fa2088nczga09hna5vn")))) + "0mjgl3gscn3ps29yjambz1j9fg81ynnncb96vpprwx4xsijhsns0")))) (build-system trivial-build-system) (arguments `(#:modules ((guix build utils)) From fea8eef34b6c520b0336ca96b02037fa4aae55df Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:18:35 +0200 Subject: [PATCH 18/33] gnu: texlive-generic-ifxetex: Use %texlive-revision as version. * gnu/packages/tex.scm (texlive-generic-ifxetex)[version]: Change to %texlive-revision. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 087a1fe9b6..521a8dc13e 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -835,7 +835,7 @@ overwrite existing files and letting you use @code{filecontents} / (define-public texlive-generic-ifxetex (package (name "texlive-generic-ifxetex") - (version "0.6") + (version (number->string %texlive-revision)) (source (origin (method svn-fetch) (uri (texlive-ref "generic" "ifxetex")) From e3c970fc5c71b936279afee4fd24bc267f40549c Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:19:10 +0200 Subject: [PATCH 19/33] gnu: texlive-latex-graphics: Update to revision 44591. * gnu/packages/tex.scm (texlive-latex-graphics): Update to revision 44591. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 521a8dc13e..d9e211cf8c 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -892,7 +892,7 @@ verbatim source).") (uri (texlive-ref "latex" "graphics")) (sha256 (base32 - "17ka701xr9nqsjlhz30hphr8d9j4zzwgv5zl5r2f118yzqh9c34v")))) + "07azyn0b1s49vbdlr6dmygrminxp72ndl24j1091hiiccvrjq3xc")))) (build-system texlive-build-system) (arguments '(#:tex-directory "latex/graphics" From 1f7d1010b6c4db7464afb9ae3745e43a99c23a04 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:19:47 +0200 Subject: [PATCH 20/33] gnu: texlive-latex-l3kernel: Update to revision 44591. * gnu/packages/tex.scm (texlive-latex-l3kernel): Update to revision 44591. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index d9e211cf8c..ac3aea6f54 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -1101,7 +1101,7 @@ of file names.") (uri (texlive-ref "latex" "l3kernel")) (sha256 (base32 - "0ndqw0flhl20f4ny5lssp8rqpnj5kglyg59whbdrxbh2zc7w7j0b")))) + "0r0wfk594j8wkdqhh21haimwsfq8x5jch4ldm21hkzk5dnmvpbg6")))) (build-system texlive-build-system) (arguments '(#:tex-directory "latex/l3kernel")) From 83474718f2d4f5792978e1188da762a296967f7f Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:20:18 +0200 Subject: [PATCH 21/33] gnu: texlive-latex-l3packages: Update to revision 44591. * gnu/packages/tex.scm (texlive-latex-l3packages): Update to revision 44591. --- gnu/packages/tex.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index ac3aea6f54..21af9d7df4 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -1124,7 +1124,7 @@ that the LaTeX3 conventions can be used with regular LaTeX 2e packages.") (uri (texlive-ref "latex" "l3packages")) (sha256 (base32 - "1p1y9my6ccmp2ab91fzqqgih8ifrk4y3wyh397kagiq9f6a6v91f")))) + "16jplkvzdysfssijq9l051nsks65c2nrarsl17k8gjhc28yznj8y")))) (build-system texlive-build-system) (arguments '(#:tex-directory "latex/l3packages" From 00f037ca44497d5be6da531c8d8440e97a949cd8 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 19 Jun 2017 08:20:45 +0200 Subject: [PATCH 22/33] build-system/texlive: Update to texlive-2017.1, revision 44591. * guix/build-system/texlive.scm (%texlive-tag): Change to texlive-2017.1. (%texlive-revision): Change to 44591. --- guix/build-system/texlive.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guix/build-system/texlive.scm b/guix/build-system/texlive.scm index d4085ea7e8..0357c47a47 100644 --- a/guix/build-system/texlive.scm +++ b/guix/build-system/texlive.scm @@ -40,8 +40,8 @@ ;; Code: ;; These variables specify the SVN tag and the matching SVN revision. -(define %texlive-tag "texlive-2017.0") -(define %texlive-revision 44445) +(define %texlive-tag "texlive-2017.1") +(define %texlive-revision 44591) (define (texlive-ref component id) "Return a object for the package ID, which is part of the From 7e60206dff66339b540fb3a0e1e6d2b4eec4994f Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 19 Jun 2017 09:48:06 +0300 Subject: [PATCH 23/33] gnu: enlightenment: Patch more hardcoded paths. * gnu/packages/enlightenment.scm (enlightenment)[arguments]: Patch hardcoded paths to mount, umount, eject, halt, reboot. [native-inputs]: Add util-linux. --- gnu/packages/enlightenment.scm | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/gnu/packages/enlightenment.scm b/gnu/packages/enlightenment.scm index a56dac4db3..50da8c8d2f 100644 --- a/gnu/packages/enlightenment.scm +++ b/gnu/packages/enlightenment.scm @@ -230,19 +230,28 @@ Libraries with some extra bells and whistles.") `(#:configure-flags '("--enable-mount-eeze") #:phases (modify-phases %standard-phases - (add-before 'configure 'fix-keyboard - (lambda _ - (let ((xkeyboard (assoc-ref %build-inputs "xkeyboard-config"))) + (add-before 'configure 'set-system-actions + (lambda* (#:key inputs #:allow-other-keys) + (let ((xkeyboard (assoc-ref inputs "xkeyboard-config")) + (utils (assoc-ref inputs "util-linux"))) ;; We need to patch the path to 'base.lst' to be able ;; to switch the keyboard layout in E. (substitute* "src/modules/xkbswitch/e_mod_parse.c" (("/usr/share/X11/xkb/rules/xorg.lst") (string-append xkeyboard "/share/X11/xkb/rules/base.lst"))) + (substitute* "configure" + (("/bin/mount") (string-append utils "/bin/mount")) + (("/bin/umount") (string-append utils "/bin/umount")) + (("/usr/bin/eject") (string-append utils "/bin/eject")) + ; TODO: Replace suspend and hibernate also. + (("/sbin/shutdown -h now") "/run/current-system/profile/sbin/halt") + (("/sbin/shutdown -r now") "/run/current-system/profile/sbin/reboot")) #t)))))) (native-inputs `(("gettext" ,gettext-minimal) - ("pkg-config" ,pkg-config))) + ("pkg-config" ,pkg-config) + ("util-linux" ,util-linux))) (inputs `(("alsa-lib" ,alsa-lib) ("dbus" ,dbus) From 731b0c727c017df20cead6f63b91d9b3f44febab Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 7 May 2017 14:31:44 -0400 Subject: [PATCH 24/33] gnu: Add python-mock-2. * gnu/packages/python.scm (python-mock-2): New variable. --- gnu/packages/python.scm | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index c07bbae3e9..87c4d84a87 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -922,6 +922,24 @@ have been used.") (define-public python2-mock (package-with-python2 python-mock)) +;;; Some packages (notably, certbot and python-acme) rely on this newer version +;;; of python-mock. However, a large number of packages fail to build with +;;; mock@2, so we add a new variable for now. Also, there may be a dependency +;;; cycle between mock and six, so we avoid creating python2-mock@2 for now. +(define-public python-mock-2 + (package + (inherit python-mock) + (version "2.0.0") + (source + (origin + (method url-fetch) + (uri (pypi-uri "mock" version)) + (sha256 + (base32 + "1flbpksir5sqrvq2z0dp8sl4bzbadg21sj4d42w3klpdfvgvcn5i")))) + (propagated-inputs + `(("python-pbr" ,python-pbr-minimal) + ,@(package-propagated-inputs python-mock))))) (define-public python-setuptools (package From fed1898d4e7855de03a276eb4d370ca1d32a789e Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 6 May 2017 15:58:16 -0400 Subject: [PATCH 25/33] gnu: certbot: Build with Python 3. * gnu/packages/tls.scm (certbot): Use python-3 to build. [native-inputs, propagated-inputs]: Use Python 3 variants of dependencies. Use python-mock-2. --- gnu/packages/tls.scm | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index bba95eb9bc..ecd4c893d4 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -524,7 +524,7 @@ security, and applying best practice development processes.") #t)))))) ;; TODO: Add optional inputs for testing. (native-inputs - `(("python-mock" ,python-mock) + `(("python-mock" ,python-mock-2) ;; For documentation ("python-sphinx" ,python-sphinx) ("python-sphinxcontrib-programoutput" ,python-sphinxcontrib-programoutput) @@ -560,8 +560,7 @@ security, and applying best practice development processes.") "1srvmjxz75dbafx7xfg1w3n9h3srr9p2ljnfsih9dwwd5cxh9i5q")))) (build-system python-build-system) (arguments - `(#:python ,python-2 - ,@(substitute-keyword-arguments (package-arguments python-acme) + `(,@(substitute-keyword-arguments (package-arguments python-acme) ((#:phases phases) `(modify-phases ,phases (replace 'install-documentation @@ -576,27 +575,27 @@ security, and applying best practice development processes.") #t)))))))) ;; TODO: Add optional inputs for testing. (native-inputs - `(("python2-nose" ,python2-nose) - ("python2-mock" ,python2-mock) + `(("python-nose" ,python-nose) + ("python-mock" ,python-mock-2) ;; For documentation - ("python2-sphinx" ,python2-sphinx) - ("python2-sphinx-rtd-theme" ,python2-sphinx-rtd-theme) - ("python2-sphinx-repoze-autointerface" ,python2-sphinx-repoze-autointerface) - ("python2-sphinxcontrib-programoutput" ,python2-sphinxcontrib-programoutput) + ("python-sphinx" ,python-sphinx) + ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme) + ("python-sphinx-repoze-autointerface" ,python-sphinx-repoze-autointerface) + ("python-sphinxcontrib-programoutput" ,python-sphinxcontrib-programoutput) ("texinfo" ,texinfo))) (propagated-inputs - `(("python2-acme" ,python2-acme) - ("python2-zope-interface" ,python2-zope-interface) - ("python2-pyrfc3339" ,python2-pyrfc3339) - ("python2-pyopenssl" ,python2-pyopenssl) - ("python2-configobj" ,python2-configobj) - ("python2-configargparse" ,python2-configargparse) - ("python2-zope-component" ,python2-zope-component) - ("python2-parsedatetime" ,python2-parsedatetime) - ("python2-six" ,python2-six) - ("python2-psutil" ,python2-psutil) - ("python2-requests" ,python2-requests) - ("python2-pytz" ,python2-pytz))) + `(("python-acme" ,python-acme) + ("python-zope-interface" ,python-zope-interface) + ("python-pyrfc3339" ,python-pyrfc3339) + ("python-pyopenssl" ,python-pyopenssl) + ("python-configobj" ,python-configobj) + ("python-configargparse" ,python-configargparse) + ("python-zope-component" ,python-zope-component) + ("python-parsedatetime" ,python-parsedatetime) + ("python-six" ,python-six) + ("python-psutil" ,python-psutil) + ("python-requests" ,python-requests) + ("python-pytz" ,python-pytz))) (synopsis "Let's Encrypt client by the Electronic Frontier Foundation") (description "Certbot automatically receives and installs X.509 certificates to enable Transport Layer Security (TLS) on servers. It interoperates with the From 299b05254f1ca6565977d38df1107db4a0ac99aa Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 19 Jun 2017 20:17:31 +0300 Subject: [PATCH 26/33] gnu: glpk: Update to 4.62. * gnu/packages/maths.scm (glpk): Update to 4.62. --- gnu/packages/maths.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm index 0a43ad465a..37e92b3cf4 100644 --- a/gnu/packages/maths.scm +++ b/gnu/packages/maths.scm @@ -317,7 +317,7 @@ the OCaml language.") (define-public glpk (package (name "glpk") - (version "4.61") + (version "4.62") (source (origin (method url-fetch) @@ -325,7 +325,7 @@ the OCaml language.") version ".tar.gz")) (sha256 (base32 - "1adbvwiaqrv9pql9ry3lhn2vfsxnff2vh4fs477d90kpfx0xwrlq")))) + "0w7s3869ybwyq9a4490dikpib1qp3jnn5nqz1vvwqy1qz3ilnvh9")))) (build-system gnu-build-system) (inputs `(("gmp" ,gmp))) From 030f3219c3be44e4bdd5a95931d99f4372644598 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 19 Jun 2017 16:45:50 -0400 Subject: [PATCH 27/33] gnu: httpd: Update to 2.4.26 [fixes CVE-2017-7659]. * gnu/packages/web.scm (httpd): Update to 2.5.26. --- gnu/packages/web.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 17583b3c80..3a6e20d1bd 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -94,14 +94,14 @@ (define-public httpd (package (name "httpd") - (version "2.4.25") + (version "2.4.26") (source (origin (method url-fetch) (uri (string-append "mirror://apache/httpd/httpd-" version ".tar.bz2")) (sha256 (base32 - "1cl0bkqg6srb1sypga0cn8dcmdyxldavij73zmmkxvlz3kgw4zpq")))) + "11ykcfv7b9zpd7fb93a7yhnyfwrilryjz21iklaf0yf8mwpvazm0")))) (build-system gnu-build-system) (native-inputs `(("pcre" ,pcre "bin"))) ;for 'pcre-config' (inputs `(("apr" ,apr) From ec450c3642c8dd0ce19bb603de564a1abed557a1 Mon Sep 17 00:00:00 2001 From: Nicolas Goaziou Date: Mon, 19 Jun 2017 23:01:12 +0200 Subject: [PATCH 28/33] gnu: wireshark: Update to 2.2.7. * gnu/packages/networking.scm (wireshark): Update to 2.2.7. --- gnu/packages/networking.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index d5acac90c5..ed0420b422 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -474,7 +474,7 @@ which can be used to encrypt a password with @code{crypt(3)}.") (define-public wireshark (package (name "wireshark") - (version "2.2.6") + (version "2.2.7") (synopsis "Network traffic analyzer") (source (origin @@ -483,7 +483,7 @@ which can be used to encrypt a password with @code{crypt(3)}.") version ".tar.bz2")) (sha256 (base32 - "0jd89i9si43lyv3hsl6p1lkjmz4zagvc37wcbigsxxc5v8gda9zn")))) + "1dfvhra5v6xhzbp097qsxi0zvirw0srbasl4v1wjf58v49idz7b8")))) (build-system glib-or-gtk-build-system) (inputs `(("bison" ,bison) ("c-ares" ,c-ares) From e037e9dbec1ab5a8cfaf65d73aa3afb2eeb98d71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 19 Jun 2017 21:47:22 +0200 Subject: [PATCH 29/33] store: Buffer RPC writes. For a command like: guix build python2-numpy -n this reduces the number of 'write' syscalls from 9.5K to 2.0K. * guix/store.scm ()[buffer, flush]: New fields. (open-connection): Adjust accordingly. Call 'buffering-output-port' to compute the two new fields. (write-buffered-output, buffering-output-port): New procedures. (operation): Write to (nix-server-output-port server). Call 'write-buffered-output'. --- guix/store.scm | 63 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 59 insertions(+), 4 deletions(-) diff --git a/guix/store.scm b/guix/store.scm index 2acab6b1a3..b584caa073 100644 --- a/guix/store.scm +++ b/guix/store.scm @@ -322,12 +322,16 @@ (define-record-type (%make-nix-server socket major minor + buffer flush ats-cache atts-cache) nix-server? (socket nix-server-socket) (major nix-server-major-version) (minor nix-server-minor-version) + (buffer nix-server-output-port) ;output port + (flush nix-server-flush-output) ;thunk + ;; Caches. We keep them per-connection, because store paths build ;; during the session are temporary GC roots kept for the duration of ;; the session. @@ -481,7 +485,11 @@ for this connection will be pinned. Return a server object." (&nix-connection-error (file (or port uri)) (errno EPROTO)) (&message (message "build daemon handshake failed")))))) - (let ((port (or port (connect-to-daemon uri)))) + (let*-values (((port) + (or port (connect-to-daemon uri))) + ((output flush) + (buffering-output-port port + (make-bytevector 8192)))) (write-int %worker-magic-1 port) (let ((r (read-int port))) (and (eqv? r %worker-magic-2) @@ -499,12 +507,18 @@ for this connection will be pinned. Return a server object." (let ((conn (%make-nix-server port (protocol-major v) (protocol-minor v) + output flush (make-hash-table 100) (make-hash-table 100)))) (let loop ((done? (process-stderr conn))) (or done? (process-stderr conn))) conn))))))))) +(define (write-buffered-output server) + "Flush SERVER's output port." + (force-output (nix-server-output-port server)) + ((nix-server-flush-output server))) + (define (close-connection server) "Close the connection to SERVER." (close (nix-server-socket server))) @@ -718,6 +732,44 @@ encoding conversion errors." (let loop ((done? (process-stderr server))) (or done? (process-stderr server))))) +(define (buffering-output-port port buffer) + "Return two value: an output port wrapped around PORT that uses BUFFER (a +bytevector) as its internal buffer, and a thunk to flush this output port." + ;; Note: In Guile 2.2.2, custom binary output ports already have their own + ;; 4K internal buffer. + (define size + (bytevector-length buffer)) + + (define total 0) + + (define (flush) + (put-bytevector port buffer 0 total) + (set! total 0)) + + (define (write bv offset count) + (if (zero? count) ;end of file + (flush) + (let loop ((offset offset) + (count count) + (written 0)) + (cond ((= total size) + (flush) + (loop offset count written)) + ((zero? count) + written) + (else + (let ((to-copy (min count (- size total)))) + (bytevector-copy! bv offset buffer total to-copy) + (set! total (+ total to-copy)) + (loop (+ offset to-copy) (- count to-copy) + (+ written to-copy)))))))) + + ;; Note: We need to return FLUSH because the custom binary port has no way + ;; to be notified of a 'force-output' call on itself. + (values (make-custom-binary-output-port "buffering-output-port" + write #f #f flush) + flush)) + (define %rpc-calls ;; Mapping from RPC names (symbols) to invocation counts. (make-hash-table)) @@ -755,11 +807,14 @@ encoding conversion errors." ((_ (name (type arg) ...) docstring return ...) (lambda (server arg ...) docstring - (let ((s (nix-server-socket server))) + (let* ((s (nix-server-socket server)) + (buffered (nix-server-output-port server))) (record-operation 'name) - (write-int (operation-id name) s) - (write-arg type arg s) + (write-int (operation-id name) buffered) + (write-arg type arg buffered) ... + (write-buffered-output server) + ;; Loop until the server is done sending error output. (let loop ((done? (process-stderr server))) (or done? (loop (process-stderr server)))) From 4dd8d280857607d1ee41ae03c62c5e629ad75c37 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 19 Jun 2017 18:34:57 -0400 Subject: [PATCH 30/33] gnu: exim: Fix CVE-2017-1000369. * gnu/packages/patches/exim-CVE-2017-1000369.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/mail.scm (exim)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/mail.scm | 1 + .../patches/exim-CVE-2017-1000369.patch | 59 +++++++++++++++++++ 3 files changed, 61 insertions(+) create mode 100644 gnu/packages/patches/exim-CVE-2017-1000369.patch diff --git a/gnu/local.mk b/gnu/local.mk index 8c9883a5e2..ae4a59af0b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -575,6 +575,7 @@ dist_patch_DATA = \ %D%/packages/patches/eudev-conflicting-declaration.patch \ %D%/packages/patches/evilwm-lost-focus-bug.patch \ %D%/packages/patches/expat-CVE-2016-0718-fix-regression.patch \ + %D%/packages/patches/exim-CVE-2017-1000369.patch \ %D%/packages/patches/fabric-tests.patch \ %D%/packages/patches/fastcap-mulGlobal.patch \ %D%/packages/patches/fastcap-mulSetup.patch \ diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index f4003d7391..7fde203593 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1004,6 +1004,7 @@ delivery.") version ".tar.bz2") (string-append "ftp://ftp.exim.org/pub/exim/exim4/old/exim-" version ".tar.bz2"))) + (patches (search-patches "exim-CVE-2017-1000369.patch")) (sha256 (base32 "050m2gjzpc6vyik458h1j0vi8bxplkzjsyndkyd2y394i569kdyl")))) diff --git a/gnu/packages/patches/exim-CVE-2017-1000369.patch b/gnu/packages/patches/exim-CVE-2017-1000369.patch new file mode 100644 index 0000000000..a67a8afb0e --- /dev/null +++ b/gnu/packages/patches/exim-CVE-2017-1000369.patch @@ -0,0 +1,59 @@ +Fix CVE-2017-1000369: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369 +https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt + +Patch adapted from upstream source repository: + +https://git.exim.org/exim.git/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 + +From 65e061b76867a9ea7aeeb535341b790b90ae6c21 Mon Sep 17 00:00:00 2001 +From: "Heiko Schlittermann (HS12-RIPE)" +Date: Wed, 31 May 2017 23:08:56 +0200 +Subject: [PATCH] Cleanup (prevent repeated use of -p/-oMr to avoid mem leak) + +--- + doc/doc-docbook/spec.xfpt | 3 ++- + src/src/exim.c | 19 +++++++++++++++++-- + 2 files changed, 19 insertions(+), 3 deletions(-) + +diff --git a/src/src/exim.c b/src/src/exim.c +index 67583e58..88e11977 100644 +--- a/src/exim.c ++++ b/src/exim.c +@@ -3106,7 +3106,14 @@ for (i = 1; i < argc; i++) + + /* -oMr: Received protocol */ + +- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; ++ else if (Ustrcmp(argrest, "Mr") == 0) ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ else received_protocol = argv[++i]; + + /* -oMs: Set sender host name */ + +@@ -3202,7 +3209,15 @@ for (i = 1; i < argc; i++) + + if (*argrest != 0) + { +- uschar *hn = Ustrchr(argrest, ':'); ++ uschar *hn; ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ ++ hn = Ustrchr(argrest, ':'); + if (hn == NULL) + { + received_protocol = argrest; +-- +2.13.1 + From 53c2dc31082aa13fba7c96bb18c332119ccb787e Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 19 Jun 2017 18:51:26 -0400 Subject: [PATCH 31/33] gnu: exim: Update to 4.89. * gnu/packages/mail.scm (exim): Update to 4.89. --- gnu/packages/mail.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 7fde203593..4f16853a97 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -996,7 +996,7 @@ delivery.") (define-public exim (package (name "exim") - (version "4.87.1") + (version "4.89") (source (origin (method url-fetch) @@ -1007,7 +1007,7 @@ delivery.") (patches (search-patches "exim-CVE-2017-1000369.patch")) (sha256 (base32 - "050m2gjzpc6vyik458h1j0vi8bxplkzjsyndkyd2y394i569kdyl")))) + "1c0syp7yxngmq7y8vqsrvijinzin5m941vn0ljihdfld7kh2wbwi")))) (build-system gnu-build-system) (inputs `(("bdb" ,bdb) From 91c623aae0f10992aa46957b9072679534e4cd28 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Mon, 19 Jun 2017 23:07:43 -0400 Subject: [PATCH 32/33] gnu: linux-libre: Add mitigation for CVE-2017-1000364. This increases the stack guard gap size from one page to 1 MiB in linux-libre-4.11, 4.9, and 4.4, to mitigate CVE-2017-1000364 (Stack Clash). * gnu/packages/linux.scm (linux-libre, linux-libre-4.9, linux-libre-4.4): Add patch. --- gnu/packages/linux.scm | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 7d3b4bb239..3ec423422b 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -365,19 +365,49 @@ It has been modified to remove all non-free binary blobs.") (make-linux-libre %linux-libre-version %linux-libre-hash %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=167ec8235f978d7af78c73e9490dae1af3fee67f") + (file-name "linux-libre-4.11-CVE-2017-1000364.patch") + (sha256 + (base32 + "0hv3lxjgpssvsldkydg5q7znnzxv5ncpzrk6g11q01k3gkl0q689")))))) (define-public linux-libre-4.9 (make-linux-libre "4.9.33" "1dam6vqymhlx1vsl0lzxphamiifgyf97snxg18b2czqq402nz094" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=37c40b6777f0bc8a63f616479c469b371097f333") + (file-name "linux-libre-4.9-CVE-2017-1000364.patch") + (sha256 + (base32 + "0zhnh8ysiqldxlnd50bjrxagzx29kc8nlajdrikii2x2ibkbfb4i")))))) (define-public linux-libre-4.4 (make-linux-libre "4.4.73" "144ssqw1dr86z4cgl797pq5rggfibsxqk7wmfbl6j92l1cj6yjrz" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=87422f5b9b4f43efef4eaf37d7d040aed96500cb") + (file-name "linux-libre-4.4-CVE-2017-1000364.patch") + (sha256 + (base32 + "137p1cpiwlbvw4x12w1l23iy593xmdry60kd7j9kk690r9arfagw")))))) (define-public linux-libre-4.1 (make-linux-libre "4.1.41" From 16b0f205cf03eb94ef228d763d94718342027117 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 20 Jun 2017 00:23:00 -0400 Subject: [PATCH 33/33] gnu: guile@2.2: Increase max-silent-time to 10 hours. * gnu/packages/guile.scm (guile-2.2)[properties]: Increase max-silent-time to 10 hours. --- gnu/packages/guile.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index b57f4c3b6c..cf52068244 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -240,7 +240,7 @@ without requiring the source code to be rewritten.") (snippet '(for-each delete-file (find-files "prebuilt" "\\.go$"))))) (properties '((timeout . 72000) ;20 hours - (max-silent-time . 21600))) ;6 hours (needed on ARM + (max-silent-time . 36000))) ;10 hours (needed on ARM ; when heavily loaded) (native-search-paths (list (search-path-specification