* gnu/packages/patches/busybox-CVE-2021-28831.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/busybox.scm (busybox): Apply it.
* gnu/packages/patches/ungoogled-chromium-system-opus.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%preserved-third-party-files): Adjust for 89.
(%chromium-version): Remove variable.
(%ungoogled-revision): Set to 89.0.4389.90-1.
(%ungoogled-origin): Conditionally set file name based on commit/tag.
(%guix-patches): Add the new file.
(libvpx/chromium): Update to 1.9.0-104-gb5d77a48d.
(ungoogled-chromium)[version]: Use %UNGOOGLED-REVISION.
[source]: Update hash.
[arguments]: Adjust #:configure-flags for build system changes. Don't build
with external WebRTC SSL library. Remove obsolete substitution.
[inputs]: Remove OPENSSL. Change from PIPEWIRE to PIPEWIRE-0.3.
For more context, see the discussion in <https://bugs.gnu.org/47111>.
* doc/contributing.texi (Commit Access): Add paragraph about removing
inactive committers.
Otherwise, the test crashes (not fails) when run in `guix environment --pure guix`.
Fixes <https://bugs.gnu.org/46445>.
* tests/store.scm (%shell): Fallback to "/bin/sh".
* gnu/packages/time.scm (countdown): New variable.
Also adds copyright, adds necessary module dependencies, and sorts them alphabetically.
Signed-off-by: Nicolas Goaziou <mail@nicolasgoaziou.fr>
This updates the 'guix' package so that it provides the fix
for <https://bugs.gnu.org/47229>.
* gnu/packages/package-management.scm (guix): Update to ec7fb66.
Fixes <https://bugs.gnu.org/47229>.
Reported by Nathan Nye of WhiteBeam Security.
* nix/libstore/build.cc (DerivationGoal::startBuilder): When 'useChroot'
is true, add "/top" to 'tmpDir'.
(DerivationGoal::deleteTmpDir): Adjust accordingly. When
'settings.keepFailed' is true, chown in two steps: first the "/top"
sub-directory, and then rename "/top" to its parent.
References:
https://sysctl-explorer.net/fs/protected_hardlinks/https://sysctl-explorer.net/fs/protected_symlinks/
* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/imagemagick.scm (imagemagick/fixed)[arguments]: Add
'fix-compat-cheat-rename-so phase to redirect old soname paths (expected
without grafting) to new sonames introduced by ImageMagick 6.9.12-0 and
later. These sonames are probably not forward compatible but most probably
backwards compatible so it should suffice until we remove the graft.
This avoids the script crashing if all data is fetched from the cache.
* guix/scripts/weather.scm (report-server-coverage): Only show request
statistics when some requests have been made.
This should reduce confusion on when to use the "autoconf"
package and when to use "autoconf-wrapper" instead in
package definitions.
Fixes <https://bugs.gnu.org/46564>.
* gnu/packages/autotools.scm (autoconf-wrapper):
advise to use the "autoconf" package instead where
possible.
* gnu/packages/game-development.scm (tsukundere)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gimp.scm
(glimpse)[native-inputs]: likewise.
(gimp-resynthesizer)[native-inputs]: add comment on why
"autoconf-wrapper" is used.
* gnu/packages/gnunet.scm (gnunet)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/gnupg.scm (signing-party)[native-inputs]:
add comment on why "autoconf-wrapper" is used.
* gnu/packages/guile-xyz.scm
(guile-bash,guile-filesystem,guile-ics,guile-udev)[native-inputs]:
use "autoconf" instead of "autoconf-wrapper".
* gnu/packages/libevent.scm (libuv)[native-inputs]: indicates
"autoconf-wrapper" needs to be replaced with "autoconf"
on core-updates.
* gnu/packages/logging.scm (glog)[native-inputs]: use "autoconf"
instead of "autoconf-wrapper".
* gnu/packages/mail.scm (libetpan)[native-inputs]: likewise.
* gnu/packages/mate.scm
(mate-icon-theme-faenza)[native-inputs]: add comment on why
"autoconf-wrapper" is used.
(mate-screensaver)[native-inputs]: use "autoconf" instead of
"autoconf-wrapper".
* gnu/packages/package-management.scm (guix)[native-inputs]: likewise.
* gnu/packages/sawfish.scm (librep)[native-inputs]: likewise.
* gnu/packages/video.scm (motion)[native-inputs]: likewise.
* gnu/packages/zile.scm (zile)[native-inputs]: likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a bug whereby NetworkManager would be updated to version "rc2".
* guix/import/gnome.scm (latest-gnome-release)[even-minor-version?]:
Change catch-all case to return #f when the first part is not a digit.
Previously, the "seconds per request" and "requests per second" statistics
really reported (cache lookups + requests) per second. By looking at the
actual number of requests made within lookup-narinfos, a more representative
value can be reported.
* guix/scripts/weather.scm (let/time): Allow for multiple return values.
(report-server-coverage): Alter the reporting of request statistics.
As an additional value, in addition to the narinfos. This value is useful in
the weather script for reporting how many requests to the substitute server
were made.
* guix/substitutes.scm (lookup-narinfos): Additionally return the number of
requests made.
The call-with-connection-error-handling was added in
20c08a8a45, but that error handling was
previously inside of open-connection-for-uri/maybe, which is related
to (call-)with-cached-connection which was used in process-substitution, but
only actually used with call-with-cached-connection when used in
fetch-narinfos.
There's some handling for similar errors within with-networking, which is used
within process-substitution.
* guix/scripts/substitute.scm (process-substitution): Remove
call-with-connection-error-handling call.
In f50f5751ff, the way fetch was called within
process-substitution was changed. As call-with-cached-connection actually
includes important error handling for the opening of a HTTP request, this
change removed some error handling. This commit adds that back.
Fixes <https://bugs.gnu.org/47157>.
* guix/scripts/substitute.scm (call-with-cached-connection): New procedure.
(with-cached-connection): New syntax rule.
(process-substitution): Retry once for some errors when making HTTP requests
to fetch substitutes.
Amend the changes in 1a265842e6 to properly
access the origin patches from libtirpc.
I noticed this as guix weather didn't work for this package.
* gnu/packages/onc-rpc.scm (libtirpc/hurd)[source]: Call origin-patches
on (package-source libtirpc) rather than the libtirpc package.