* guix/scripts/system.scm (list-image-types): New procedure,
(%options): add "image-type" and "list-image-types" options, remove
"file-system-type" option,
(show-help): adapt accordingly,
(%default-options): also adapt, and set the default "image-type" to "raw",
(perform-action): add image-type argument and remove file-system-type argument,
(process-action): adapt perform-action call,
(system-derivation-for-action): remove base-image
argument, add image-type argument, and use it to create the image passed to
"system-image".
* tests/guix-system.sh: Adapt accordingly and add a test for
"--list-image-types" command.
* doc/guix.texi (Building the Installation Image,
Invoking guix system): Adapt accordingly.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* guix/packages.scm (package-input-rewriting): Add #:deep? and pass it
to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check it.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting"): Pass #:deep? #f and
ensure implicit inputs were not rewritten. Avoid 'eq?' comparisons.
("package-input-rewriting, deep"): New test.
* gnu/packages/guile.scm (package-for-guile-2.0, package-for-guile-3.0):
Pass #:deep? #f.
Previously, something like:
guix build glib --with-graft=glibc=glibc@2.29
would produce a result showing that rewriting rules were not applied to
libx11@1.6.A (a replacement).
* guix/packages.scm (package-mapping): Call REPLACE instead of PROC to
'replacement'.
* tests/packages.scm ("package-input-rewriting/spec, graft"): New test.
With this change, '--with-input', '--with-graft', etc. also apply to
implicit dependencies. Thus, it's now possible to do:
guix build python-itsdangerous --with-input=python-wrapper=python@2
or:
guix build hello --with-graft=glibc=glibc@2.29
Additionally, before, implicit inputs were not rewritten, which could
lead to duplicates in the output of 'bag-transitive-inputs' (packages
that are not 'eq?' but lead to the same derivation). This in turn would
lead to unnecessary rebuilds when using '--with-input' & co. This
change fixes it by ensuring even implicit inputs are rewritten.
Fixes <https://bugs.gnu.org/42156>.
* guix/packages.scm (package-input-rewriting/spec): Add #:deep?
defaulting to #true, and pass it to 'package-mapping'.
[replacement-property]: New variable.
[rewrite]: Check that property and set it on the result of PROC.
[cut?]: New procedure.
* tests/packages.scm ("package-input-rewriting/spec"): Ensure implicit
inputs were unchanged.
("package-input-rewriting/spec, partial match"): Pass #:deep? #f.
("package-input-rewriting/spec, deep")
("package-input-rewriting/spec, no duplicates"): New tests.
(package/inherit): Move before use.
* tests/guix-build.sh: Add tests.
* tests/scripts-build.scm ("options->transformation, with-graft"):
Compare dependencies by package name or derivation file name.
* doc/guix.texi (Defining Packages): Adjust accordingly.
* guix/packages.scm (build-system-with-package-mapping): New procedure.
(package-mapping): Add #:deep? and honor it.
* tests/packages.scm ("package-mapping"): Compare the direct inputs of
the bag of P0 and that of P1.
("package-mapping, deep"): New test.
Fixes <https://bugs.gnu.org/42688>.
Reported by pkill9 <pkill9@runbox.com>.
This ensures that 'guix repl -s SCRIPT' give SCRIPT the right value
of (current-profile), which in turn ensures that (%package-module-path)
is initialized with the right set of channels.
* guix/describe.scm (initial-program-arguments): New variable.
(current-profile): Use it.
* guix/scripts/repl.scm (guix-repl): Call 'current-profile' before
'set-program-arguments'.
[Accidentally pushed patch v1, this commit contains the rest of the
changes. Revised commit message follows.]
Apart from debug information, one can also strip some symbols. This can
be a significant difference, the closure of gcc-toolchain@7 got reduced
by 15 MB in my tests.
As per [1], --strip-debug is included in --strip-unneeded, and
the debug files created also contain a copy of the information removed
by --strip-unneeded.
Linux From Scratch suggests that this option shouldn't be used on static
libraries [2], however other sources [3] indicate otherwise. Building a
toolchain with this patch succeeds, and the result works fine for
'gcc -static hello-world.c'.
[1]: https://stackoverflow.com/a/52555093
[2]: http://www.linuxfromscratch.org/lfs/view/9.1/chapter05/stripping.html
[3]: https://www.technovelty.org/linux/stripping-shared-libraries.html
* guix/build/gnu-build-system.scm (strip): Use --strip-unneeded.
* guix/build-system/gnu.scm (static-package, gnu-build, gnu-cross-build): Likewise.
Apart from debug information, one can also strip some symbols. This can
be a significant difference, qtbase:out consists of about 5 MB of those
symbols. As per [1], --strip-debug is included in --strip-unneeded, and
the debug files created also contain a copy of the information removed
by --strip-unneeded.
Linux From Scratch suggests that this option shouldn't be used on static
libraries [2], however other sources [3] indicate otherwise. Building a
toolchain with this patch succeeds, and the result works fine for
'gcc -static hello-world.c'.
[1]: https://stackoverflow.com/a/52555093
[2]: http://www.linuxfromscratch.org/lfs/view/9.1/chapter05/stripping.html
[3]: https://www.technovelty.org/linux/stripping-shared-libraries.html
* guix/build/gnu-build-system.scm (strip): Use --strip-unneeded.
* guix/build-system/asdf.scm (asdf-build): Remove the 'files' variable.
* guix/build/asd-build-system.scm (find-asd-files): New variable.
(build, check): Use it.
* guix/ui.scm (show-what-to-build): When VERBOSITY is 1, add a newline
before the "would/will be downloaded" line, and wrap that message in
'highlight'.
In practice we're always using the same key pair,
/etc/guix/signing-key.{pub,sec}. Keeping them in cache allows us to
avoid redundant I/O and parsing when signing multiple store items in a
row.
* guix/scripts/authenticate.scm (load-key-pair): New procedure.
(sign-with-key): Remove 'key-file' parameter and add 'public-key' and
'secret-key'. Adjust accordingly.
(validate-signature): Add 'acl' parameter and pass it to
'authorized-key?'.
(guix-authenticate)[call-with-reply]: New procedure.
[with-reply]: New macro.
Call 'current-acl' upfront and cache its result. Add 'key-pairs' as an
argument to 'loop' and use it as a cache of key pairs.
Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
* guix/svn-download.scm (download-svn-to-store): Add a subdirectory to
the download path. The subdirectory is used as the target for the 'svn
export' command, avoiding a 'directory exists' error when attempting to
use the parent directory directly.
It was made transactional in a4678c6ba1, with
the reasoning to prevent broken intermediate states from being visible. I
think this means something like an entry being in ValidPaths, but the Refs not
being inserted.
Using a transaction for this makes sense, but I think using one single
transaction for the whole register-items call is unnecessary to avoid broken
states from being visible, and could block other writes to the store database
while register-items is running. Because the deduplication and resetting
timestamps happens within the transaction as well, even though these things
don't involve the database, writes to the database will still be blocked while
this is happening.
To reduce the potential for register-items to block other writers to the
database for extended periods, this commit moves the transaction to just wrap
the call to sqlite-register. This is the one place where writes occur, so that
should prevent the broken intermediate states issue above. The one difference
this will make is some of the registered items will be visible to other
connections while others may be still being added. I think this is OK, as it's
equivalent to just registering different items.
* guix/store/database.scm (register-items): Reduce transaction scope.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
It's necessary that store items be locked and protected from garbage
collection while they are being registered. This documents that.
* guix/store/database.scm (register-path, register-items): document GC
protection and locking requirements.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This causes with-writable-file to take into consideration the actual store
being used, as passed to 'deduplicate', rather than
whatever (%store-directory) may return.
* guix/store/deduplication.scm (replace-with-link): new keyword argument
'store'. Pass to with-writable-file.
(with-writable-file, call-with-writable-file): new store argument.
(deduplicate): pass store to replace-with-link.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/ui.scm (show-manifest-transaction)[package-strings]: Add an
OLD-VERSIONS keyword parameter. Absorb the code path previously found in the
upgrade-string. Remove upgrade-string.
(show-manifest-transaction): Adjust to the above changes.
There's no reason at this point to mimic the calling convention of the
'openssl' command.
* nix/libstore/local-store.cc (LocalStore::exportPath): Add only "sign"
and HASH to ARGS. Remove 'tmpDir' and 'hashFile'.
(LocalStore::importPath): Add only "verify" and SIGNATURE to
* guix/scripts/authenticate.scm (guix-authenticate): Adjust
accordingly; remove the OpenSSL-style clauses.
(read-hash-data): Remove.
(sign-with-key): Replace 'port' with 'sha256' and adjust accordingly.
(validate-signature): Export SIGNATURE to be a canonical sexp.
* tests/guix-authenticate.sh: Adjust tests accordingly.
* doc/guix.texi (Invoking guix archive): Introduce the term "nar bundle"
and clarify what the output of "guix archive --export" really is.
* guix/nar.scm (restore-one-item, restore-file-set): Use the term "nar
bundle" in docstrings.
Fixes <https://bugs.gnu.org/43039>.
Reported by Adam Griffiths <adam.lw.griffiths@gmail.com>.
Previously, a client could lead 'guix substitute' to run in a non-UTF-8
locale, such as the "C" locale. Consequently, 'guix substitute' would
now fail to decode UTF-8 file names such as those that appear in the
'nss-certs' package.
* guix/scripts/substitute.scm (guix-substitute): Set LC_MESSAGES, not LC_ALL.
In order to do so, default to an empty options list, and expose options whose
default values are sensitive directly as keyword arguments.
* guix/gexp.scm (computed-file): Extract the LOCAL-BUILD? parameter from the
OPTIONS parameter to make it a stand-alone keyword argument. Introduce an
OPTIONS* binding which is obtained by combining the LOCAL-BUILD? keyword and
its value with OPTIONS.
* doc/guix.texi (G-Expressions): Adjust doc.
Suggested-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/system.scm (%options): Add `--label'.
(system-derivation-for-action): Take a #:label key to set volume ID.
(perform-action): Take a #:label key.
(%default-options): Add default label value.
(process-action): Pass label value from command-line to perform-action.
* gnu/system/image.scm (image-with-label): New procedure.
Suggested by Robin Green <greenrd@greenrd.org>.
* guix/packages.scm (print-content-hash): Gracefully deal with cases
with 'content-hash-value' returns #f, as is the case for 'linux-libre'.
Fixes <https://bugs.gnu.org/42740>.
* guix/scripts/copy.scm (send-to-remote-host): Keep the result of
'connect-to-remote-daemon' in scope, and explicitly close it after the
call to 'send-files'.
(retrieve-from-remote-host): Explicitly close REMOTE and disconnect
SESSION.
* guix/scripts/offload.scm (transfer-and-offload): Explicitly close
STORE and disconnect SESSION upon completion.
This leads a 4% improvement on the wall-clock time of:
guix build -e '(@@ (gnu packages libreoffice) libreoffice)' --no-grafts -d
* guix/derivations.scm (escaped-string): New procedure.
(write-derivation)[write-escaped-string]: New procedure.
[write-string-list, write-output, write-env-var]: Use it.
This yields a 4% improvement on the wall-clock time of:
guix build -e '(@@ (gnu packages libreoffice) libreoffice)' --no-grafts -d
* guix/derivations.scm (write-sequence, write-list, write-tuple): Use
'put-char' instead of 'display'.
(write-derivation): Use 'put-string' and 'put-char', and remove unused
'format' binding.
The file names returned by `find ...` instead of `git ls-files...` contains
leading './' characters, which can cause problems when the file lists is
further processed with regexps, for example, as was discovered while updating
the ruby-asciidoctor package in commit
5df1126c3a.
* guix/build/ruby-build-system.scm (replace-git-ls-files): Strip the first two
characters ("./") of the file names returned by the 'find' command. Fix typo
in doc. Simplify '(when (not ...' into '(unless ...'.
* guix/scripts/pull.scm (ensure-default-profile): Do not call
'migrate-generations' when
%USER-PROFILE-DIRECTORY (~/.config/guix/current) does not exist. This
avoids a confusing "Migrating profile" message when the user runs 'guix
pull' for the first time.
This improves the error message when unable to access ~/.cache as
reported by Jonathan Brielmaier <jonathan.brielmaier@web.de> in
<https://bugs.gnu.org/42859>.
* guix/scripts/lint.scm (guix-lint): Wrap body in 'with-error-handling'.
* guix/scripts/offload.scm (<build-machine>)[systems]: New field.
[system]: Accessor changed to %build-machine-system. Default to #f.
* guix/scripts/offload.scm (build-machine-system): Wrap %build-machine-system
with a deprecation warning.
(build-machine-systems): Access the new systems field or fallback to use
build-machine-system, for backward compatibility.
(machine-matches?): Adjust.
* tests/offload.scm: Add tests...
* Makefile.am (SCM_TESTS): ...and register them.
* doc/guix.texi (Daemon Offload Setup): Update doc.
This commit adds support for GZIP compression for linux-libre kernel
modules. The initrd modules are kept uncompressed as the initrd is already
compressed as a whole.
The linux-libre kernel also supports XZ compression, but as Guix does not have
any available bindings for now, and the compression time is far more
significant, GZIP seems to be a better option.
* gnu/build/linux-modules.scm (modinfo-section-contents): Use
'call-with-gzip-input-port' to read from a module file using '.gz' extension,
(strip-extension): new procedure,
(dot-ko): adapt to support compression,
(ensure-dot-ko): ditto,
(file-name->module-name): ditto,
(find-module-file): ditto,
(load-linux-module*): ditto,
(module-name->file-name/guess): ditto,
(module-name-lookup): ditto,
(write-module-name-database): ditto,
(write-module-alias-database): ditto,
(write-module-device-database): ditto.
* gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib"
to the extensions and make sure that the initrd only contains
uncompressed module files.
* gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the
extensions.
* guix/profiles.scm (linux-module-database): Ditto.
* Makefile.am (MODULES): Remove guix/zlib.scm and guix/lzlib.scm,
(SCM_TESTS): remove tests/zlib.scm, tests/lzlib.scm.
* build-aux/build-self.scm (make-config.scm): Remove unused %libz variable.
* configure.ac: Remove LIBZ and LIBLZ variables and check instead for
Guile-zlib and Guile-lzlib.
* doc/guix.texi ("Requirements"): Remove zlib requirement and add Guile-zlib
and Guile-lzlib instead.
* gnu/packages/package-management.scm (guix)[native-inputs]: Add "guile-zlib"
and "guile-lzlib",
[inputs]: remove "zlib" and "lzlib",
[propagated-inputs]: ditto,
[arguments]: add "guile-zlib" and "guile-lzlib" to Guile load path.
* guix/config.scm.in (%libz, %liblz): Remove them.
* guix/lzlib.scm: Remove it.
* guix/man-db.scm: Use (zlib) instead of (guix zlib).
* guix/profiles.scm (manual-database): Do not stub (guix config) in imported
modules list, instead add "guile-zlib" to the extension list.
* guix/scripts/publish.scm: Use (zlib) instead of (guix zlib) and (lzlib)
instead of (guix lzlib),
(string->compression-type, effective-compression): do not check for zlib and
lzlib availability.
* guix/scripts/substitute.scm (%compression-methods): Do not check for lzlib
availability.
* guix/self.scm (specification->package): Add "guile-zlib" and "guile-lzlib"
and remove "zlib" and "lzlib",
(compiled-guix): remove "zlib" and "lzlib" arguments and add guile-zlib and
guile-lzlib to the dependencies, also do not pass "zlib" and "lzlib" to
"make-config.scm" procedure,
(make-config.scm): remove "zlib" and "lzlib" arguments as well as %libz and
%liblz variables.
* guix/utils.scm (lzip-port): Use (lzlib) instead of (guix lzlib) and do not
check for lzlib availability.
* guix/zlib.scm: Remove it.
* m4/guix.m4 (GUIX_LIBZ_LIBDIR, GUIX_LIBLZ_FILE_NAME): Remove them.
* tests/lzlib.scm: Use (zlib) instead of (guix zlib) and (lzlib)
instead of (guix lzlib), and do not check for zlib and lzlib availability.
* tests/publish.scm: Ditto.
* tests/substitute.scm: Do not check for lzlib availability.
* tests/utils.scm: Ditto.
* tests/zlib.scm: Remove it.
* Makefile.am (MODULES): Move guix/build/download-nar.scm to ...
(MODULES_NOT_COMPILED): ... here.
* guix/build/download-nar.scm: Use (zlib) instead of (guix zlib).
* guix/cvs-download.scm (cvs-fetch): Do not stub (guix config) in imported
modules list, instead add "guile-zlib" to the extension list.
* guix/git-download.scm (git-fetch): Ditto.
* guix/hg-download.scm (hg-fetch): Do not stub (guix config) in imported
modules list, instead add "guile-zlib" to the extension list.
Fixes <https://bugs.gnu.org/42543>.
Reported by Jack Hill <jackhill@jackhill.us>.
* guix/lint.scm (check-formatting): Always return a list (previously we
would return #f when 'search-path' returns #f). Check whether
LOCATION's file is a relative file name. Return a warning if not.
* tests/guix-lint.sh: Add test.
The "--bindir" option is not as useful as it seems as the configured location
is embedded in the outputs. Instead of using "--bindir" it seems better to
build a statically linked binary and move the binary to its own output to
avoid references between the "out" and "bin" outputs.
* guix/build/haskell-build-system.scm (configure): Do not pass "--bindir".
See <https://bugs.gnu.org/39309>.
* guix/build-system/haskell.scm (lower): Include the transitive
propagated inputs of 'extra-directories' inputs.
(haskell-build): Add the 'extra-directories' keyword and pass it through
to the builder.
* guix/build/haskell-build-system.scm (configure): Use it to select
which inputs get passed via 'extra-include-dirs' and 'extra-lib-dirs' to
Cabal.
* gnu/packages/haskell-xyz.scm (ghc-alsa-core, ghc-hmatrix,
ghc-hmatrix-gsl, ghc-hslua, ghc-iwlib, ghc-libyaml, ghc-ncurses,
ghc-openglraw, ghc-x11, ghc-x11-xft, ghc-zlib): Set 'extra-directories'.
* gnu/packages/haskell-crypto.scm (ghc-digest, ghc-hsopenssl): Likewise.
* guix/build/haskell-build-system.scm (register): Strip references to the doc
output from the generated package config files; move the haddock files from
the "doc" output to the "lib" output.
* guix/build-system/haskell.scm (lower): Add OUTPUTS keyword and add the
"static" output in the common case.
(haskell-build): Set the default value for the OUTPUTS keyword to include the
"static" output.
* guix/build/haskell-build-system.scm (install): Move static libraries to the
"static" output if it exists.
* guix/build/haskell-build-system.scm (configure): Add configure flags to
build shared libraries by default, to generate position independent code, and
to set the RUNPATH.
* guix/build-system/haskell.scm (haskell-build): Add keyword PARALLEL-BUILD?
and pass it on to the builder.
* guix/build/haskell-build-system.scm (build): Accept keyword PARALLEL-BUILD?
and pass the number of parallel jobs to GHC.
This is a followup to commit 8f53d73493,
which did not have the desired effect: the 'resolve-module' call was
bound to succeed since the inferior runs 'guix repl'.
* guix/ssh.scm (store-import-channel)[import]: Add call to
'resolve-module' and write '(module-error) upon error. Write
'(importing) when we're ready.
(send-files)[inferior-remote-eval*]: Remove.
[missing]: Remove call to 'resolve-module'.
Call 'handle-import/export-channel-error' when PORT doesn't
return '(importing).
(handle-import/export-channel-error): New procedure.
(retrieve-files*): Use it.
Fixes <https://bugs.gnu.org/42601>.
Reported by Jan Wielkiewicz <tona_kosmicznego_smiecia@interia.pl>.
Regression introduced in efe037fc5c
whereby errors like 'wrong-type-arg' would be improperly reported:
guix environment: error: Wrong type argument in position ~A (expecting ~A): ~S
See also commit a07d5e558b.
* guix/ui.scm (call-with-error-handling): Move 'message-condition?'
clause after '&exception-with-kind-and-args' clause.
* guix/ui.scm (%default-verbosity): New variable.
(show-what-to-build): Add #:verbosity and honor it.
(build-notifier): Add #:verbosity and pass it to 'show-what-to-build'.
