Merge remote-tracking branch 'origin/master' into core-updates
commit
14656f4495
12
HACKING
12
HACKING
|
@ -2,7 +2,7 @@
|
|||
|
||||
#+TITLE: Hacking GNU Guix and Its Incredible Distro
|
||||
|
||||
Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
|
||||
Copyright © 2012, 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
Copyright © 2015 Mathieu Lirzin <mthl@openmailbox.org>
|
||||
|
||||
Copying and distribution of this file, with or without modification,
|
||||
|
@ -35,9 +35,13 @@ upgrading GnuTLS or GLib.) We have a mailing list for commit notifications
|
|||
(guix-commits@gnu.org), so people can notice. Before pushing your changes,
|
||||
make sure to run ‘git pull --rebase’.
|
||||
|
||||
All commits that are pushed to the central repository on Savannah should be
|
||||
signed with a PGP key, and the public key should be uploaded to your user
|
||||
account on Savannah.
|
||||
All commits that are pushed to the central repository on Savannah must be
|
||||
signed with an OpenPGP key, and the public key should be uploaded to your user
|
||||
account on Savannah and to public key servers, such as ‘pgp.mit.edu’. To
|
||||
configure Git to automatically sign commits, run:
|
||||
|
||||
git config commit.gpgsign true
|
||||
git config user.signingkey CABBA6EA1DC0FF33
|
||||
|
||||
For anything else, please post to guix-devel@gnu.org and leave time for a
|
||||
review, without committing anything. If you didn’t receive any reply
|
||||
|
|
|
@ -15,6 +15,10 @@ our project uses a ``Contributor Covenant'', which was adapted from
|
|||
@url{http://contributor-covenant.org/}. You can find a local version in
|
||||
the @file{CODE-OF-CONDUCT} file in the source tree.
|
||||
|
||||
Contributors are not required to use their legal name in patches and
|
||||
on-line communication; they can use any name or pseudonym of their
|
||||
choice.
|
||||
|
||||
@menu
|
||||
* Building from Git:: The latest and greatest.
|
||||
* Running Guix Before It Is Installed:: Hacker tricks.
|
||||
|
@ -333,4 +337,7 @@ referring to people, such as
|
|||
|
||||
When posting a patch to the mailing list, use @samp{[PATCH] @dots{}} as
|
||||
a subject. You may use your email client or the @command{git
|
||||
send-email} command.
|
||||
send-email} command. We prefer to get patches in plain text messages,
|
||||
either inline or as MIME attachments. You are advised to pay attention if
|
||||
your email client changes anything like line breaks or indentation which
|
||||
could could potentially break the patches.
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
Copyright @copyright{} 2012, 2013, 2014, 2015, 2016 Ludovic Courtès@*
|
||||
Copyright @copyright{} 2013, 2014, 2016 Andreas Enge@*
|
||||
Copyright @copyright{} 2013 Nikita Karetnikov@*
|
||||
Copyright @copyright{} 2014, 2015, 2016 Alex Kost@*
|
||||
Copyright @copyright{} 2015, 2016 Mathieu Lirzin@*
|
||||
Copyright @copyright{} 2014 Pierre-Antoine Rault@*
|
||||
Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/Kammer@*
|
||||
|
@ -1208,6 +1209,24 @@ for Chinese languages:
|
|||
guix package -i font-adobe-source-han-sans:cn
|
||||
@end example
|
||||
|
||||
Older programs such as @command{xterm} do not use Fontconfig and instead
|
||||
rely on server-side font rendering. Such programs require to specify a
|
||||
full name of a font using XLFD (X Logical Font Description), like this:
|
||||
|
||||
@example
|
||||
-*-dejavu sans-medium-r-normal-*-*-100-*-*-*-*-*-1
|
||||
@end example
|
||||
|
||||
To be able to use such full names for the TrueType fonts installed in
|
||||
your Guix profile, you need to extend the font path of the X server:
|
||||
|
||||
@example
|
||||
xset +fp ~/.guix-profile/share/fonts/truetype
|
||||
@end example
|
||||
|
||||
After that, you can run @code{xlsfonts} (from @code{xlsfonts} package)
|
||||
to make sure your TrueType fonts are listed there.
|
||||
|
||||
@subsection X.509 Certificates
|
||||
|
||||
The @code{nss-certs} package provides X.509 certificates, which allow
|
||||
|
@ -4517,8 +4536,9 @@ You can freely access a huge library of build logs!
|
|||
|
||||
@cindex package definition, editing
|
||||
So many packages, so many source files! The @command{guix edit} command
|
||||
facilitates the life of packagers by pointing their editor at the source
|
||||
file containing the definition of the specified packages. For instance:
|
||||
facilitates the life of users and packagers by pointing their editor at
|
||||
the source file containing the definition of the specified packages.
|
||||
For instance:
|
||||
|
||||
@example
|
||||
guix edit gcc@@4.9 vim
|
||||
|
@ -4526,9 +4546,15 @@ guix edit gcc@@4.9 vim
|
|||
|
||||
@noindent
|
||||
launches the program specified in the @code{VISUAL} or in the
|
||||
@code{EDITOR} environment variable to edit the recipe of GCC@tie{}4.9.3
|
||||
@code{EDITOR} environment variable to view the recipe of GCC@tie{}4.9.3
|
||||
and that of Vim.
|
||||
|
||||
If you are using a Guix Git checkout (@pxref{Building from Git}), or
|
||||
have created your own packages on @code{GUIX_PACKAGE_PATH}
|
||||
(@pxref{Defining Packages}), you will be able to edit the package
|
||||
recipes. Otherwise, you will be able to examine the read-only recipes
|
||||
for packages currently in the store.
|
||||
|
||||
If you are using Emacs, note that the Emacs user interface provides the
|
||||
@kbd{M-x guix-edit} command and a similar functionality in the ``package
|
||||
info'' and ``package list'' buffers created by the @kbd{M-x
|
||||
|
|
|
@ -683,6 +683,9 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/openjpeg-CVE-2015-6581.patch \
|
||||
%D%/packages/patches/openjpeg-use-after-free-fix.patch \
|
||||
%D%/packages/patches/openssh-CVE-2015-8325.patch \
|
||||
%D%/packages/patches/openssh-CVE-2016-6210-1.patch \
|
||||
%D%/packages/patches/openssh-CVE-2016-6210-2.patch \
|
||||
%D%/packages/patches/openssh-CVE-2016-6210-3.patch \
|
||||
%D%/packages/patches/openssl-runpath.patch \
|
||||
%D%/packages/patches/openssl-c-rehash-in.patch \
|
||||
%D%/packages/patches/openssl-CVE-2016-2177.patch \
|
||||
|
|
|
@ -106,8 +106,7 @@ spying and/or modification by the server.")
|
|||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
;; Source tarballs are not versioned
|
||||
(uri "http://archive.miek.nl/projects/hdup2/hdup.tar.bz2")
|
||||
(uri "https://fossies.org/linux/privat/old/hdup-2.0.14.tar.bz2")
|
||||
(sha256
|
||||
(base32
|
||||
"02bnczg01cyhajmm4rhbnc0ja0dd9ikv9fwv28asxh1rlx9yr0b7"))))
|
||||
|
|
|
@ -36,6 +36,7 @@
|
|||
#:use-module (guix build-system gnu)
|
||||
#:use-module (guix build-system perl)
|
||||
#:use-module (gnu packages)
|
||||
#:use-module (gnu packages assembly)
|
||||
#:use-module (gnu packages autotools)
|
||||
#:use-module (gnu packages backup)
|
||||
#:use-module (gnu packages base)
|
||||
|
@ -834,3 +835,39 @@ also be used to apply such patches. xdelta is similar to @command{diff} and
|
|||
@command{patch}, but is not limited to plain text and does not generate
|
||||
human-readable output.")
|
||||
(license license:asl2.0)))
|
||||
|
||||
(define-public lrzip
|
||||
(package
|
||||
(name "lrzip")
|
||||
(version "0.630")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"http://ck.kolivas.org/apps/lrzip/lrzip-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"01ykxliqw4cavx9f2gawxfa9wf52cjy1qx28cnkrh6i3lfzzcq94"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(;; nasm is only required when building for 32-bit x86 platforms
|
||||
,@(if (string-prefix? "i686" (or (%current-target-system)
|
||||
(%current-system)))
|
||||
`(("nasm" ,nasm))
|
||||
'())
|
||||
("perl" ,perl)))
|
||||
(inputs
|
||||
`(("bzip2" ,bzip2)
|
||||
("lzo" ,lzo)
|
||||
("zlib" ,zlib)))
|
||||
(home-page "http://ck.kolivas.org/apps/lrzip/")
|
||||
(synopsis "Large file compressor with a very high compression ratio")
|
||||
(description "lrzip is a compression utility that uses long-range
|
||||
redundancy reduction to improve the subsequent compression ratio of
|
||||
larger files. It can then further compress the result with the ZPAQ or
|
||||
LZMA algorithms for maximum compression, or LZO for maximum speed. This
|
||||
choice between size or speed allows for either better compression than
|
||||
even LZMA can provide, or a higher speed than gzip while compressing as
|
||||
well as bzip2.")
|
||||
(license (list license:gpl3+
|
||||
license:public-domain)))) ; most files in lzma/
|
||||
|
|
|
@ -33,9 +33,7 @@
|
|||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"http://miller.emu.id.au/pmiller/software/cook/cook-" version
|
||||
".tar.gz"))
|
||||
(uri "http://fossies.org/linux/misc/old/cook-2.34.tar.gz")
|
||||
(sha256
|
||||
(base32
|
||||
"104saqnqql1l7zr2pm3f718fdky3ds8j07c6xvwrs1rfkhrw58yw"))))
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
|
@ -303,14 +303,14 @@ device-specific programs to convert and print many types of files.")
|
|||
(define-public hplip
|
||||
(package
|
||||
(name "hplip")
|
||||
(version "3.16.3")
|
||||
(version "3.16.7")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/hplip/hplip/" version
|
||||
"/hplip-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1501qdnkjp1ybgagy5188fmf6cgmj5555ygjl3543nlbwcp31lj2"))))
|
||||
"1hpzyf9ifs0vilsbwxcgpv8g9557p1x8w5qwgz5l0avgcd10dzlx"))))
|
||||
(build-system gnu-build-system)
|
||||
(home-page "http://hplipopensource.com/")
|
||||
(synopsis "HP Printer Drivers")
|
||||
|
|
|
@ -117,9 +117,7 @@
|
|||
(lambda* (#:key inputs outputs #:allow-other-keys)
|
||||
(let* ((guix-src (assoc-ref inputs "guix-src"))
|
||||
(out (assoc-ref outputs "out"))
|
||||
(lisp-dir (string-append out "/share/emacs/"
|
||||
,(version-major+minor version)
|
||||
"/site-lisp"))
|
||||
(lisp-dir (string-append out "/share/emacs/site-lisp"))
|
||||
(unpack (assoc-ref %standard-phases 'unpack)))
|
||||
(mkdir "guix")
|
||||
(with-directory-excursion "guix"
|
||||
|
@ -2079,9 +2077,7 @@ It is built on top of the custom theme support in Emacs 24 or later.")
|
|||
"1ha3slc6d9wi9ilkhmwrzkvf308n6ph7b0k69pk369s9304awxzx"))))
|
||||
(build-system emacs-build-system)
|
||||
(propagated-inputs
|
||||
`(("emacs-dash" ,emacs-dash)
|
||||
("emacs-f" ,emacs-f)
|
||||
("emacs-s" ,emacs-s)))
|
||||
`(("emacs-dash" ,emacs-dash)))
|
||||
(home-page "http://github.com/bbatsov/solarized-emacs")
|
||||
(synopsis "Port of the Solarized theme for Emacs")
|
||||
(description
|
||||
|
|
|
@ -29,14 +29,14 @@
|
|||
(define-public fish
|
||||
(package
|
||||
(name "fish")
|
||||
(version "2.3.0")
|
||||
(version "2.3.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://fishshell.com/files/"
|
||||
(uri (string-append "https://fishshell.com/files/"
|
||||
version "/fish-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1ralmp7lavdl0plc09ppm232aqsn0crxx6m3hgaa06ibam3sqawi"))
|
||||
"0r46p64lg6da3v6chsa4gisvl04kd3rpy60yih8r870kbp9wm2ij"))
|
||||
(modules '((guix build utils)))
|
||||
;; Don't try to install /etc/fish/config.fish.
|
||||
(snippet
|
||||
|
@ -61,5 +61,5 @@ has extensive and discoverable help. A special help command gives access to
|
|||
all the fish documentation in your web browser. Other features include smart
|
||||
terminal handling based on terminfo, an easy to search history, and syntax
|
||||
highlighting.")
|
||||
(home-page "http://fishshell.com/")
|
||||
(home-page "https://fishshell.com/")
|
||||
(license gpl2)))
|
||||
|
|
|
@ -37,8 +37,10 @@
|
|||
(version "0.25")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://www.exiv2.org/exiv2-"
|
||||
version ".tar.gz"))
|
||||
(uri (list (string-append "http://www.exiv2.org/exiv2-"
|
||||
version ".tar.gz")
|
||||
(string-append "https://fossies.org/linux/misc/exiv2-"
|
||||
version ".tar.gz")))
|
||||
(sha256
|
||||
(base32
|
||||
"197g6vgcpyf9p2cwn5p5hb1r714xsk1v4p96f5pv1z8mi9vzq2y8"))))
|
||||
|
|
|
@ -235,13 +235,14 @@ compatible to GNU Pth.")
|
|||
("sqlite" ,sqlite)
|
||||
("zlib" ,zlib)))
|
||||
(arguments
|
||||
`(#:phases
|
||||
(alist-cons-before
|
||||
'configure 'patch-config-files
|
||||
`(#:configure-flags '("--enable-gpg2-is-gpg")
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-before 'configure 'patch-config-files
|
||||
(lambda _
|
||||
(substitute* "tests/openpgp/defs.inc"
|
||||
(("/bin/pwd") (which "pwd"))))
|
||||
%standard-phases)))
|
||||
(("/bin/pwd") (which "pwd")))
|
||||
#t)))))
|
||||
(home-page "https://gnupg.org/")
|
||||
(synopsis "GNU Privacy Guard")
|
||||
(description
|
||||
|
@ -280,12 +281,25 @@ libskba (working with X.509 certificates and CMS data).")
|
|||
("readline" ,readline)))
|
||||
(arguments
|
||||
`(#:phases
|
||||
(alist-cons-before
|
||||
'configure 'patch-config-files
|
||||
(modify-phases %standard-phases
|
||||
(add-before 'configure 'patch-config-files
|
||||
(lambda _
|
||||
(substitute* "tests/openpgp/Makefile.in"
|
||||
(("/bin/sh") (which "bash"))))
|
||||
%standard-phases)))))
|
||||
(("/bin/sh") (which "bash")))
|
||||
#t))
|
||||
(add-after 'install 'rename-v2-commands
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
;; Upstream suggests removing the trailing '2' from command names:
|
||||
;; <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#58>.
|
||||
(let ((out (assoc-ref outputs "out")))
|
||||
(with-directory-excursion (string-append out "/bin")
|
||||
(rename-file "gpgv2" "gpgv")
|
||||
(rename-file "gpg2" "gpg")
|
||||
|
||||
;; Keep the old name around to ease transition.
|
||||
(symlink "gpgv" "gpgv2")
|
||||
(symlink "gpg" "gpg2")
|
||||
#t)))))))))
|
||||
|
||||
(define-public gnupg-1
|
||||
(package (inherit gnupg)
|
||||
|
|
|
@ -293,16 +293,16 @@ standards.")
|
|||
(define-public icecat
|
||||
(package
|
||||
(name "icecat")
|
||||
(version "38.8.0-gnu1")
|
||||
(version "38.8.0-gnu2")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://gnu/gnuzilla/"
|
||||
(first (string-split version #\-)) "/"
|
||||
version "/"
|
||||
name "-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0v4k47ziqsyfksv9sn4v1xvk4q414rc883hb1qzld63grj2nxxwp"))
|
||||
"1yb7a1zsqpra9cgq8hrzrbm5v31drb9367cwvwiksz0ngqy342hb"))
|
||||
(patches (search-patches
|
||||
"icecat-avoid-bundled-includes.patch"
|
||||
"icecat-CVE-2016-2818-pt1.patch"
|
||||
|
@ -405,7 +405,7 @@ standards.")
|
|||
(arguments
|
||||
`(#:tests? #f ; no check target
|
||||
#:out-of-source? #t ; must be built outside of the source directory
|
||||
|
||||
#:parallel-build? #f
|
||||
|
||||
;; XXX: There are RUNPATH issues such as
|
||||
;; $prefix/lib/icecat-31.6.0/plugin-container NEEDing libmozalloc.so,
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2016 Erik Edrosa <erik.edrosa@gmail.com>
|
||||
;;; Copyright © 2016 Eraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -50,6 +51,8 @@
|
|||
#:use-module (gnu packages sdl)
|
||||
#:use-module (gnu packages maths)
|
||||
#:use-module (gnu packages image)
|
||||
#:use-module (gnu packages xdisorg)
|
||||
#:use-module (gnu packages xorg)
|
||||
#:use-module (guix packages)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix git-download)
|
||||
|
@ -1123,4 +1126,58 @@ It currently supports MySQL, Postgres and SQLite3.")
|
|||
SQL databases. This package implements the interface for SQLite.")
|
||||
(license gpl2+)))
|
||||
|
||||
(define-public guile-xosd
|
||||
(package
|
||||
(name "guile-xosd")
|
||||
(version "0.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/alezost/" name
|
||||
"/releases/download/v" version
|
||||
"/" name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1j0b07kycccfslp5n6q0hz7adwc7k41fpzds2dvrly67gavjqljv"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
(inputs
|
||||
`(("guile" ,guile-2.0)
|
||||
("libx11" ,libx11)
|
||||
("libxext" ,libxext)
|
||||
("libxinerama" ,libxinerama)
|
||||
("xosd" ,xosd)))
|
||||
(home-page "https://github.com/alezost/guile-xosd")
|
||||
(synopsis "XOSD bindings for Guile")
|
||||
(description
|
||||
"Guile-XOSD provides Guile bindings for @code{libxosd},
|
||||
@uref{http://sourceforge.net/projects/libxosd/, the X On Screen Display
|
||||
library}.")
|
||||
(license gpl3+)))
|
||||
|
||||
(define-public guile-daemon
|
||||
(package
|
||||
(name "guile-daemon")
|
||||
(version "0.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/alezost/" name
|
||||
"/releases/download/v" version
|
||||
"/" name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1s90h8qhblhhz4ahn3p5d573a24px6cdjq2w311ibpgwnsni4qvq"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
(inputs
|
||||
`(("guile" ,guile-2.0)))
|
||||
(home-page "https://github.com/alezost/guile-daemon")
|
||||
(synopsis "Evaluate code in a running Guile process")
|
||||
(description
|
||||
"Guile-Daemon is a small Guile program that loads your initial
|
||||
configuration file, and then reads and evaluates Guile expressions that
|
||||
you send to a FIFO file.")
|
||||
(license gpl3+)))
|
||||
|
||||
;;; guile.scm ends here
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org>
|
||||
;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -6008,14 +6009,14 @@ generators, and more.")
|
|||
(define-public ghc-memory
|
||||
(package
|
||||
(name "ghc-memory")
|
||||
(version "0.10")
|
||||
(version "0.13")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://hackage.haskell.org/package/"
|
||||
"memory/memory-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1xqs9zmjbjihb7gfbk25f2q00m2lsi4kc3jv672175ac8a36pgag"))))
|
||||
"02l742qxjqy3jw1a347gb7sn7pn7a5qha1vzi2qqbvgafcjn0wyw"))))
|
||||
(build-system haskell-build-system)
|
||||
(native-inputs
|
||||
`(("ghc-tasty" ,ghc-tasty)
|
||||
|
|
|
@ -535,17 +535,38 @@ build process and its dependencies, whereas Make uses Makefile format.")
|
|||
"/etc/ssl/certs"))
|
||||
(keytool (string-append (assoc-ref outputs "jdk")
|
||||
"/bin/keytool")))
|
||||
(define (extract-cert file target)
|
||||
(call-with-input-file file
|
||||
(lambda (in)
|
||||
(call-with-output-file target
|
||||
(lambda (out)
|
||||
(let loop ((line (read-line in 'concat))
|
||||
(copying? #f))
|
||||
(cond
|
||||
((eof-object? line) #t)
|
||||
((string-prefix? "-----BEGIN" line)
|
||||
(display line out)
|
||||
(loop (read-line in 'concat) #t))
|
||||
((string-prefix? "-----END" line)
|
||||
(display line out)
|
||||
#t)
|
||||
(else
|
||||
(when copying? (display line out))
|
||||
(loop (read-line in 'concat) copying?)))))))))
|
||||
(define (import-cert cert)
|
||||
(format #t "Importing certificate ~a\n" (basename cert))
|
||||
(let* ((port (open-pipe* OPEN_WRITE keytool
|
||||
(let ((temp "tmpcert"))
|
||||
(extract-cert cert temp)
|
||||
(let ((port (open-pipe* OPEN_WRITE keytool
|
||||
"-import"
|
||||
"-alias" (basename cert)
|
||||
"-keystore" keystore
|
||||
"-storepass" "changeit"
|
||||
"-file" cert)))
|
||||
"-file" temp)))
|
||||
(display "yes\n" port)
|
||||
(when (not (zero? (status:exit-val (close-pipe port))))
|
||||
(error "failed to import" cert))))
|
||||
(error "failed to import" cert)))
|
||||
(delete-file temp)))
|
||||
|
||||
;; This is necessary because the certificate directory contains
|
||||
;; files with non-ASCII characters in their names.
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2016 Federico Beffa <beffa@fbengineering.ch>
|
||||
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
|
||||
;;; Copyright © 2016 Andy Patterson <ajpatter@uwaterloo.ca>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -102,15 +103,15 @@ interface to the Tk widget system.")
|
|||
(define-public ecl
|
||||
(package
|
||||
(name "ecl")
|
||||
(version "15.2.21")
|
||||
(version "16.1.2")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/ecls/ecls/"
|
||||
(version-major+minor version)
|
||||
"/ecl-" version ".tgz"))
|
||||
(uri (string-append
|
||||
"https://common-lisp.net/project/ecl/static/files/release/"
|
||||
name "-" version ".tgz"))
|
||||
(sha256
|
||||
(base32 "05di23v977byf67rq5bdshw8lqbby1ycbscdcl1vca0z6r1s204j"))))
|
||||
(base32 "16ab8qs3awvdxy8xs8jy82v8r04x4wr70l9l2j45vgag18d2nj1d"))))
|
||||
(build-system gnu-build-system)
|
||||
;; src/configure uses 'which' to confirm the existence of 'gzip'.
|
||||
(native-inputs `(("which" ,which)))
|
||||
|
@ -119,30 +120,38 @@ interface to the Tk widget system.")
|
|||
("libgc" ,libgc)
|
||||
("libffi" ,libffi)))
|
||||
(arguments
|
||||
'(;; During 'make check', ECL fails to initialize with "protocol not
|
||||
;; supported", presumably because /etc/protocols is missing in the
|
||||
;; build environment. See <http://sourceforge.net/p/ecls/bugs/300/>.
|
||||
;;
|
||||
;; Should the test suite be re-enabled, it might be necessary to add
|
||||
;; '#:parallel-tests #f'. See the same bug report as above.
|
||||
;;
|
||||
;; The following might also be necessary, due to 'make check' assuming
|
||||
;; ECL is installed. See <http://sourceforge.net/p/ecls/bugs/299/>.
|
||||
;;
|
||||
;; #:phases
|
||||
;; (let* ((check-phase (assq-ref %standard-phases 'check))
|
||||
;; (rearranged-phases
|
||||
;; (alist-cons-after 'install 'check check-phase
|
||||
;; (alist-delete 'check %standard-phases))))
|
||||
;; (alist-cons-before
|
||||
;; 'check 'pre-check
|
||||
;; (lambda* (#:key outputs #:allow-other-keys)
|
||||
;; (substitute* '("build/tests/Makefile")
|
||||
;; (("ECL=ecl")
|
||||
;; (string-append
|
||||
;; "ECL=" (assoc-ref outputs "out") "/bin/ecl"))))
|
||||
;; rearranged-phases))
|
||||
#:tests? #f))
|
||||
'(#:tests? #t
|
||||
#:make-flags `(,(string-append "ECL="
|
||||
(assoc-ref %outputs "out")
|
||||
"/bin/ecl"))
|
||||
#:parallel-tests? #f
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(delete 'check)
|
||||
(add-after 'install 'wrap
|
||||
(lambda* (#:key inputs outputs #:allow-other-keys)
|
||||
(let* ((ecl (assoc-ref outputs "out"))
|
||||
(input-path (lambda (lib path)
|
||||
(string-append
|
||||
(assoc-ref inputs lib) path)))
|
||||
(libraries '("gmp" "libatomic-ops" "libgc" "libffi" "libc"))
|
||||
(binaries '("gcc" "ld-wrapper" "binutils"))
|
||||
(library-directories
|
||||
(map (lambda (lib) (input-path lib "/lib"))
|
||||
libraries)))
|
||||
|
||||
(wrap-program (string-append ecl "/bin/ecl")
|
||||
`("PATH" prefix
|
||||
,(map (lambda (binary)
|
||||
(input-path binary "/bin"))
|
||||
binaries))
|
||||
`("CPATH" suffix
|
||||
,(map (lambda (lib)
|
||||
(input-path lib "/include"))
|
||||
`("linux-headers" ,@libraries)))
|
||||
`("LIBRARY_PATH" suffix ,library-directories)
|
||||
`("LD_LIBRARY_PATH" suffix ,library-directories)))))
|
||||
(add-after 'wrap 'check (assoc-ref %standard-phases 'check)))))
|
||||
(home-page "http://ecls.sourceforge.net/")
|
||||
(synopsis "Embeddable Common Lisp")
|
||||
(description "ECL is an implementation of the Common Lisp language as
|
||||
|
@ -209,14 +218,14 @@ an interpreter, a compiler, a debugger, and much more.")
|
|||
(define-public sbcl
|
||||
(package
|
||||
(name "sbcl")
|
||||
(version "1.2.8")
|
||||
(version "1.3.7")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/sbcl/sbcl/" version "/sbcl-"
|
||||
version "-source.tar.bz2"))
|
||||
(sha256
|
||||
(base32 "0ab9lw056yf6y0rjmx3iirn5n59pmssqxf00fbmpyl6qsnpaja1d"))))
|
||||
(base32 "0fjdqnb2rsm2vi9794ywp27jr239ddvzc4xfr0dk49jd4v7p2kc5"))))
|
||||
(build-system gnu-build-system)
|
||||
(outputs '("out" "doc"))
|
||||
;; Bootstrap with CLISP.
|
||||
|
@ -243,7 +252,11 @@ an interpreter, a compiler, a debugger, and much more.")
|
|||
;; occurs in some .sh files too (which contain Lisp code). Use
|
||||
;; ISO-8859-1 because some of the files are ISO-8859-1 encoded.
|
||||
(with-fluids ((%default-port-encoding #f))
|
||||
(substitute* (find-files "." "\\.(lisp|sh)$")
|
||||
;; The removed file is utf-16-be encoded, which gives substitute*
|
||||
;; trouble. It does not contain references to the listed programs.
|
||||
(substitute* (delete
|
||||
"./tests/data/compile-file-pos-utf16be.lisp"
|
||||
(find-files "." "\\.(lisp|sh)$"))
|
||||
(("\"/bin/sh\"") (quoted-path bash "/bin/sh"))
|
||||
(("\"/usr/bin/env\"") (quoted-path coreutils "/usr/bin/env"))
|
||||
(("\"/bin/cat\"") (quoted-path coreutils "/bin/cat"))
|
||||
|
|
|
@ -293,7 +293,7 @@ and corrections. It is based on a Bayesian filter.")
|
|||
(define-public offlineimap
|
||||
(package
|
||||
(name "offlineimap")
|
||||
(version "6.7.0.1")
|
||||
(version "7.0.0")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/OfflineIMAP/offlineimap/"
|
||||
|
@ -301,10 +301,10 @@ and corrections. It is based on a Bayesian filter.")
|
|||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1ys26v2w3vws08acjs7w5irjgahdxyad00pmj7fhcx91hbvizs80"))))
|
||||
"0hnyfby6ib7i7yblg7qpabdyl35n9l3n0a6agk47w1crpn2lsric"))))
|
||||
(build-system python-build-system)
|
||||
(native-inputs `(("python" ,python-2)))
|
||||
(inputs `(("python2-pysqlite" ,python2-pysqlite)))
|
||||
(inputs `(("python2-pysqlite" ,python2-pysqlite)
|
||||
("python2-six" ,python2-six)))
|
||||
(arguments
|
||||
;; The setup.py script expects python-2.
|
||||
`(#:python ,python-2
|
||||
|
|
|
@ -44,7 +44,7 @@
|
|||
(define-public parallel
|
||||
(package
|
||||
(name "parallel")
|
||||
(version "20160622")
|
||||
(version "20160722")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
|
@ -52,7 +52,7 @@
|
|||
version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"1axng9bwapmb0vrrv67pp787gv7r5g02zyrfwnrhpxhi8zmm1jmg"))))
|
||||
"08gm0i9vj2nz8qgqi98z00myypgb3dni0s5yf3l17fp8h78fp4g3"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs `(("perl" ,perl)))
|
||||
(home-page "http://www.gnu.org/software/parallel/")
|
||||
|
|
|
@ -0,0 +1,114 @@
|
|||
From e5ef9d3942cebda819a6fd81647b51c8d87d23df Mon Sep 17 00:00:00 2001
|
||||
From: Darren Tucker <dtucker@zip.com.au>
|
||||
Date: Fri, 15 Jul 2016 13:32:45 +1000
|
||||
Subject: Determine appropriate salt for invalid users.
|
||||
|
||||
When sshd is processing a non-PAM login for a non-existent user it uses
|
||||
the string from the fakepw structure as the salt for crypt(3)ing the
|
||||
password supplied by the client. That string has a Blowfish prefix, so on
|
||||
systems that don't understand that crypt will fail fast due to an invalid
|
||||
salt, and even on those that do it may have significantly different timing
|
||||
from the hash methods used for real accounts (eg sha512). This allows
|
||||
user enumeration by, eg, sending large password strings. This was noted
|
||||
by EddieEzra.Harari at verint.com (CVE-2016-6210).
|
||||
|
||||
To mitigate, use the same hash algorithm that root uses for hashing
|
||||
passwords for users that do not exist on the system. ok djm@
|
||||
|
||||
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc
|
||||
Bug-Debian: https://bugs.debian.org/831902
|
||||
Last-Update: 2016-07-22
|
||||
|
||||
Patch-Name: CVE-2016-6210-1.patch
|
||||
---
|
||||
auth-passwd.c | 12 ++++++++----
|
||||
openbsd-compat/xcrypt.c | 34 ++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 42 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/auth-passwd.c b/auth-passwd.c
|
||||
index 63ccf3c..530b5d4 100644
|
||||
--- a/auth-passwd.c
|
||||
+++ b/auth-passwd.c
|
||||
@@ -193,7 +193,7 @@ int
|
||||
sys_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
{
|
||||
struct passwd *pw = authctxt->pw;
|
||||
- char *encrypted_password;
|
||||
+ char *encrypted_password, *salt = NULL;
|
||||
|
||||
/* Just use the supplied fake password if authctxt is invalid */
|
||||
char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
|
||||
@@ -202,9 +202,13 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
|
||||
return (1);
|
||||
|
||||
- /* Encrypt the candidate password using the proper salt. */
|
||||
- encrypted_password = xcrypt(password,
|
||||
- (pw_password[0] && pw_password[1]) ? pw_password : "xx");
|
||||
+ /*
|
||||
+ * Encrypt the candidate password using the proper salt, or pass a
|
||||
+ * NULL and let xcrypt pick one.
|
||||
+ */
|
||||
+ if (authctxt->valid && pw_password[0] && pw_password[1])
|
||||
+ salt = pw_password;
|
||||
+ encrypted_password = xcrypt(password, salt);
|
||||
|
||||
/*
|
||||
* Authentication is accepted if the encrypted passwords
|
||||
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
|
||||
index 8577cbd..8913bb8 100644
|
||||
--- a/openbsd-compat/xcrypt.c
|
||||
+++ b/openbsd-compat/xcrypt.c
|
||||
@@ -25,6 +25,7 @@
|
||||
#include "includes.h"
|
||||
|
||||
#include <sys/types.h>
|
||||
+#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <pwd.h>
|
||||
|
||||
@@ -62,11 +63,44 @@
|
||||
# define crypt DES_crypt
|
||||
# endif
|
||||
|
||||
+/*
|
||||
+ * Pick an appropriate password encryption type and salt for the running
|
||||
+ * system.
|
||||
+ */
|
||||
+static const char *
|
||||
+pick_salt(void)
|
||||
+{
|
||||
+ struct passwd *pw;
|
||||
+ char *passwd, *p;
|
||||
+ size_t typelen;
|
||||
+ static char salt[32];
|
||||
+
|
||||
+ if (salt[0] != '\0')
|
||||
+ return salt;
|
||||
+ strlcpy(salt, "xx", sizeof(salt));
|
||||
+ if ((pw = getpwuid(0)) == NULL)
|
||||
+ return salt;
|
||||
+ passwd = shadow_pw(pw);
|
||||
+ if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL)
|
||||
+ return salt; /* no $, DES */
|
||||
+ typelen = p - passwd + 1;
|
||||
+ strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
|
||||
+ explicit_bzero(passwd, strlen(passwd));
|
||||
+ return salt;
|
||||
+}
|
||||
+
|
||||
char *
|
||||
xcrypt(const char *password, const char *salt)
|
||||
{
|
||||
char *crypted;
|
||||
|
||||
+ /*
|
||||
+ * If we don't have a salt we are encrypting a fake password for
|
||||
+ * for timing purposes. Pick an appropriate salt.
|
||||
+ */
|
||||
+ if (salt == NULL)
|
||||
+ salt = pick_salt();
|
||||
+
|
||||
# ifdef HAVE_MD5_PASSWORDS
|
||||
if (is_md5_salt(salt))
|
||||
crypted = md5_crypt(password, salt);
|
|
@ -0,0 +1,111 @@
|
|||
From dde63f7f998ac3812a26bbb2c1b2947f24fcd060 Mon Sep 17 00:00:00 2001
|
||||
From: Darren Tucker <dtucker@zip.com.au>
|
||||
Date: Fri, 15 Jul 2016 13:49:44 +1000
|
||||
Subject: Mitigate timing of disallowed users PAM logins.
|
||||
|
||||
When sshd decides to not allow a login (eg PermitRootLogin=no) and
|
||||
it's using PAM, it sends a fake password to PAM so that the timing for
|
||||
the failure is not noticeably different whether or not the password
|
||||
is correct. This behaviour can be detected by sending a very long
|
||||
password string which is slower to hash than the fake password.
|
||||
|
||||
Mitigate by constructing an invalid password that is the same length
|
||||
as the one from the client and thus takes the same time to hash.
|
||||
Diff from djm@
|
||||
|
||||
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946
|
||||
Bug-Debian: https://bugs.debian.org/831902
|
||||
Last-Update: 2016-07-22
|
||||
|
||||
Patch-Name: CVE-2016-6210-2.patch
|
||||
---
|
||||
auth-pam.c | 35 +++++++++++++++++++++++++++++++----
|
||||
1 file changed, 31 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/auth-pam.c b/auth-pam.c
|
||||
index 8425af1..abd6a5e 100644
|
||||
--- a/auth-pam.c
|
||||
+++ b/auth-pam.c
|
||||
@@ -232,7 +232,6 @@ static int sshpam_account_status = -1;
|
||||
static char **sshpam_env = NULL;
|
||||
static Authctxt *sshpam_authctxt = NULL;
|
||||
static const char *sshpam_password = NULL;
|
||||
-static char badpw[] = "\b\n\r\177INCORRECT";
|
||||
|
||||
/* Some PAM implementations don't implement this */
|
||||
#ifndef HAVE_PAM_GETENVLIST
|
||||
@@ -810,12 +809,35 @@ sshpam_query(void *ctx, char **name, char **info,
|
||||
return (-1);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Returns a junk password of identical length to that the user supplied.
|
||||
+ * Used to mitigate timing attacks against crypt(3)/PAM stacks that
|
||||
+ * vary processing time in proportion to password length.
|
||||
+ */
|
||||
+static char *
|
||||
+fake_password(const char *wire_password)
|
||||
+{
|
||||
+ const char junk[] = "\b\n\r\177INCORRECT";
|
||||
+ char *ret = NULL;
|
||||
+ size_t i, l = wire_password != NULL ? strlen(wire_password) : 0;
|
||||
+
|
||||
+ if (l >= INT_MAX)
|
||||
+ fatal("%s: password length too long: %zu", __func__, l);
|
||||
+
|
||||
+ ret = malloc(l + 1);
|
||||
+ for (i = 0; i < l; i++)
|
||||
+ ret[i] = junk[i % (sizeof(junk) - 1)];
|
||||
+ ret[i] = '\0';
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
/* XXX - see also comment in auth-chall.c:verify_response */
|
||||
static int
|
||||
sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
{
|
||||
Buffer buffer;
|
||||
struct pam_ctxt *ctxt = ctx;
|
||||
+ char *fake;
|
||||
|
||||
debug2("PAM: %s entering, %u responses", __func__, num);
|
||||
switch (ctxt->pam_done) {
|
||||
@@ -836,8 +858,11 @@ sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
(sshpam_authctxt->pw->pw_uid != 0 ||
|
||||
options.permit_root_login == PERMIT_YES))
|
||||
buffer_put_cstring(&buffer, *resp);
|
||||
- else
|
||||
- buffer_put_cstring(&buffer, badpw);
|
||||
+ else {
|
||||
+ fake = fake_password(*resp);
|
||||
+ buffer_put_cstring(&buffer, fake);
|
||||
+ free(fake);
|
||||
+ }
|
||||
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) {
|
||||
buffer_free(&buffer);
|
||||
return (-1);
|
||||
@@ -1181,6 +1206,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
{
|
||||
int flags = (options.permit_empty_passwd == 0 ?
|
||||
PAM_DISALLOW_NULL_AUTHTOK : 0);
|
||||
+ char *fake = NULL;
|
||||
|
||||
if (!options.use_pam || sshpam_handle == NULL)
|
||||
fatal("PAM: %s called when PAM disabled or failed to "
|
||||
@@ -1196,7 +1222,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
*/
|
||||
if (!authctxt->valid || (authctxt->pw->pw_uid == 0 &&
|
||||
options.permit_root_login != PERMIT_YES))
|
||||
- sshpam_password = badpw;
|
||||
+ sshpam_password = fake = fake_password(password);
|
||||
|
||||
sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
|
||||
(const void *)&passwd_conv);
|
||||
@@ -1206,6 +1232,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
|
||||
sshpam_err = pam_authenticate(sshpam_handle, flags);
|
||||
sshpam_password = NULL;
|
||||
+ free(fake);
|
||||
if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
|
||||
debug("PAM: password authentication accepted for %.100s",
|
||||
authctxt->user);
|
|
@ -0,0 +1,60 @@
|
|||
From abde8dda29c2db2405d6fbca2fe022430e2c1177 Mon Sep 17 00:00:00 2001
|
||||
From: Darren Tucker <dtucker@zip.com.au>
|
||||
Date: Thu, 21 Jul 2016 14:17:31 +1000
|
||||
Subject: Search users for one with a valid salt.
|
||||
|
||||
If the root account is locked (eg password "!!" or "*LK*") keep looking
|
||||
until we find a user with a valid salt to use for crypting passwords of
|
||||
invalid users. ok djm@
|
||||
|
||||
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=dbf788b4d9d9490a5fff08a7b09888272bb10fcc
|
||||
Bug-Debian: https://bugs.debian.org/831902
|
||||
Last-Update: 2016-07-22
|
||||
|
||||
Patch-Name: CVE-2016-6210-3.patch
|
||||
---
|
||||
openbsd-compat/xcrypt.c | 24 +++++++++++++++---------
|
||||
1 file changed, 15 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
|
||||
index 8913bb8..cf6a9b9 100644
|
||||
--- a/openbsd-compat/xcrypt.c
|
||||
+++ b/openbsd-compat/xcrypt.c
|
||||
@@ -65,7 +65,9 @@
|
||||
|
||||
/*
|
||||
* Pick an appropriate password encryption type and salt for the running
|
||||
- * system.
|
||||
+ * system by searching through accounts until we find one that has a valid
|
||||
+ * salt. Usually this will be root unless the root account is locked out.
|
||||
+ * If we don't find one we return a traditional DES-based salt.
|
||||
*/
|
||||
static const char *
|
||||
pick_salt(void)
|
||||
@@ -78,14 +80,18 @@ pick_salt(void)
|
||||
if (salt[0] != '\0')
|
||||
return salt;
|
||||
strlcpy(salt, "xx", sizeof(salt));
|
||||
- if ((pw = getpwuid(0)) == NULL)
|
||||
- return salt;
|
||||
- passwd = shadow_pw(pw);
|
||||
- if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL)
|
||||
- return salt; /* no $, DES */
|
||||
- typelen = p - passwd + 1;
|
||||
- strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
|
||||
- explicit_bzero(passwd, strlen(passwd));
|
||||
+ setpwent();
|
||||
+ while ((pw = getpwent()) != NULL) {
|
||||
+ passwd = shadow_pw(pw);
|
||||
+ if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
|
||||
+ typelen = p - passwd + 1;
|
||||
+ strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
|
||||
+ explicit_bzero(passwd, strlen(passwd));
|
||||
+ goto out;
|
||||
+ }
|
||||
+ }
|
||||
+ out:
|
||||
+ endpwent();
|
||||
return salt;
|
||||
}
|
||||
|
|
@ -5028,14 +5028,14 @@ connection to each user.")
|
|||
(define-public python-waf
|
||||
(package
|
||||
(name "python-waf")
|
||||
(version "1.8.8")
|
||||
(version "1.9.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://waf.io/"
|
||||
"waf-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0b5q307fgn6a5d8yjia2d1l4bk1q3ilvc0w8k4isfrrx2gbcw8wn"))))
|
||||
"1nc4qaqx2vsanlpp9mcwvf91xjqpkvcc6fcxd5sb4fwvaxamw5v6"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
'(#:phases
|
||||
|
@ -5627,17 +5627,14 @@ and MAC network addresses.")
|
|||
(define-public python-iso8601
|
||||
(package
|
||||
(name "python-iso8601")
|
||||
(version "0.1.10")
|
||||
(version "0.1.11")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"https://pypi.python.org/packages/source/i/iso8601/iso8601-"
|
||||
version
|
||||
".tar.gz"))
|
||||
(uri (pypi-uri "iso8601" version))
|
||||
(sha256
|
||||
(base32
|
||||
"1qf01afxh7j4gja71vxv345if8avg6nnm0ry0zsk6j3030xgy4p7"))))
|
||||
"0c7gh3lsdjds262h0v1sqc66l7hqgfwbakn96qrhdbl0i3vm5yz8"))))
|
||||
(build-system python-build-system)
|
||||
(inputs
|
||||
`(("python-setuptools" ,python-setuptools)))
|
||||
|
|
|
@ -39,29 +39,30 @@
|
|||
(define-public iniparser
|
||||
(package
|
||||
(name "iniparser")
|
||||
(version "3.1")
|
||||
(version "4.0")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "http://ndevilla.free.fr/iniparser/iniparser-"
|
||||
(uri (string-append "https://github.com/ndevilla/iniparser/archive/v"
|
||||
version ".tar.gz"))
|
||||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1igmxzcy0s25zcy9vmcw0kd13lh60r0b4qg8lnp1jic33f427pxf"))))
|
||||
"1flj7srvh2hp9ls96qz922bklyhw7f27mmn23b16839zpdjddfz0"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
'(#:phases (alist-replace
|
||||
'configure
|
||||
'(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(replace 'configure
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(substitute* "Makefile"
|
||||
(substitute* '("Makefile" "test/Makefile")
|
||||
(("/usr/lib")
|
||||
(string-append (assoc-ref outputs "out") "/lib"))))
|
||||
(alist-replace
|
||||
'build
|
||||
(string-append (assoc-ref outputs "out") "/lib"))
|
||||
(("\\?= gcc") "= gcc"))))
|
||||
(replace 'build
|
||||
(lambda _
|
||||
(and (zero? (system* "make" "libiniparser.so"))
|
||||
(symlink "libiniparser.so.0" "libiniparser.so")))
|
||||
(alist-replace
|
||||
'install
|
||||
(symlink "libiniparser.so.0" "libiniparser.so"))))
|
||||
(replace 'install
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let* ((out (assoc-ref outputs "out"))
|
||||
(lib (string-append out "/lib"))
|
||||
|
@ -85,9 +86,7 @@
|
|||
(for-each (copy html)
|
||||
(find-files "html" ".*"))
|
||||
(for-each (copy doc)
|
||||
'("AUTHORS" "INSTALL" "LICENSE"
|
||||
"README"))))
|
||||
%standard-phases)))))
|
||||
'("AUTHORS" "INSTALL" "LICENSE" "README.md"))))))))
|
||||
(home-page "http://ndevilla.free.fr/iniparser")
|
||||
(synopsis "Standalone ini file parsing library")
|
||||
(description
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2016 Matthew Jordan <matthewjordandevops@yandex.com>
|
||||
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -17,11 +18,14 @@
|
|||
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
(define-module (gnu packages shellutils)
|
||||
#:use-module (gnu packages base)
|
||||
#:use-module (gnu packages python)
|
||||
#:use-module (guix licenses)
|
||||
#:use-module (guix packages)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix utils)
|
||||
#:use-module (guix build-system gnu))
|
||||
#:use-module (guix build-system gnu)
|
||||
#:use-module (guix build-system python))
|
||||
|
||||
(define-public envstore
|
||||
(package
|
||||
|
@ -48,3 +52,39 @@
|
|||
between various shells or commands.")
|
||||
(license
|
||||
(non-copyleft "http://www.wtfpl.net/txt/copying/"))))
|
||||
|
||||
(define-public trash-cli
|
||||
(package
|
||||
(name "trash-cli")
|
||||
(version "0.12.9.14")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "trash-cli" version))
|
||||
(sha256
|
||||
(base32
|
||||
"1p4v2qx0sy47d9c9axszq04wns63s4b7rrhmsavg948sklqdaf54"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:python ,python-2
|
||||
#:tests? #f ; no tests
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-before 'build 'patch-path-constants
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((libc (assoc-ref inputs "libc"))
|
||||
(coreutils (assoc-ref inputs "coreutils")))
|
||||
(substitute* "trashcli/list_mount_points.py"
|
||||
(("\"/lib/libc.so.6\".*")
|
||||
(string-append "\"" libc "/lib/libc.so.6\"\n"))
|
||||
(("\"df\"")
|
||||
(string-append "\"" coreutils "/bin/df\"")))))))))
|
||||
(inputs `(("coreutils" ,coreutils)))
|
||||
(home-page "https://github.com/andreafrancia/trash-cli")
|
||||
(synopsis "Trash can management tool")
|
||||
(description
|
||||
"trash-cli is a command line utility for interacting with the
|
||||
FreeDesktop.org trash can used by GNOME, KDE, XFCE, and other common desktop
|
||||
environments. It can move files to the trash, and remove or list files that
|
||||
are already there.")
|
||||
(license gpl2+)))
|
||||
|
|
|
@ -135,7 +135,10 @@ a server that supports the SSH-2 protocol.")
|
|||
tail))))
|
||||
(sha256 (base32
|
||||
"132lh9aanb0wkisji1d6cmsxi520m8nh7c7i9wi6m1s3l38q29x7"))
|
||||
(patches (search-patches "openssh-CVE-2015-8325.patch"))))
|
||||
(patches (search-patches "openssh-CVE-2015-8325.patch"
|
||||
"openssh-CVE-2016-6210-1.patch"
|
||||
"openssh-CVE-2016-6210-2.patch"
|
||||
"openssh-CVE-2016-6210-3.patch"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs `(("groff" ,groff)
|
||||
("openssl" ,openssl)
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
(define-public pspp
|
||||
(package
|
||||
(name "pspp")
|
||||
(version "0.10.1")
|
||||
(version "0.10.2")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
|
@ -70,7 +70,7 @@
|
|||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0xw61kq0hxh7f6a4yjhnqbhc0fj9r3wb3qnpq05qhdp79n30ik24"))))
|
||||
"1afsq0a3iij64qacczvwhk81qg0q5rfqm055y5h9ls28d6paqz7p"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs
|
||||
`(("cairo" ,cairo)
|
||||
|
|
|
@ -113,14 +113,14 @@ as well as the classic centralized workflow.")
|
|||
;; Keep in sync with 'git-manpages'!
|
||||
(package
|
||||
(name "git")
|
||||
(version "2.9.1")
|
||||
(version "2.9.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
|
||||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"18l2jb4bkp9ljz6p2aviwzxqyzza9z3v6h1pnkz7kjf1fay61zp8"))))
|
||||
"1d9dmhgzcnwc2jbib4q23ypjbnw1gh1w8gif63qldwkpixj4dxgq"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-inputs
|
||||
`(("native-perl" ,perl)
|
||||
|
@ -295,7 +295,7 @@ everything from small to very large projects with speed and efficiency.")
|
|||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1v9icsf85vvrrg7fakm91d11q23rvnh6dq4b4c4ya8v95z00mg8p"))))
|
||||
"08y38w6yfvrpgj10dl3vghp05xjpl8jj37kkfna2nhf0wip52p2c"))))
|
||||
(build-system trivial-build-system)
|
||||
(arguments
|
||||
'(#:modules ((guix build utils))
|
||||
|
|
|
@ -805,14 +805,7 @@ SVCD, DVD, 3ivx, DivX 3/4/5, WMV and H.264 movies.")
|
|||
("pulseaudio" ,pulseaudio)
|
||||
("rsound" ,rsound)
|
||||
("vapoursynth" ,vapoursynth)
|
||||
("waf" ,(origin
|
||||
(method url-fetch)
|
||||
;; Keep this in sync with the version in the bootstrap.py
|
||||
;; script of the source tarball.
|
||||
(uri "http://www.freehackers.org/~tnagy/release/waf-1.8.12")
|
||||
(sha256
|
||||
(base32
|
||||
"12y9c352zwliw0zk9jm2lhynsjcf5jy0k1qch1c1av8hnbm2pgq1"))))
|
||||
("waf" ,python-waf)
|
||||
("youtube-dl" ,youtube-dl)
|
||||
("zlib" ,zlib)))
|
||||
(arguments
|
||||
|
@ -902,7 +895,7 @@ access to mpv's powerful playback capabilities.")
|
|||
(define-public youtube-dl
|
||||
(package
|
||||
(name "youtube-dl")
|
||||
(version "2016.06.14")
|
||||
(version "2016.07.22")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://youtube-dl.org/downloads/"
|
||||
|
@ -910,7 +903,7 @@ access to mpv's powerful playback capabilities.")
|
|||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0fmvpqipc1xwagvk7ih4slmv1xz1rb6s8wpndhypwvrq4pnnm9ns"))))
|
||||
"02wcxpcbpvsbvyxcnhhf94ma0x5dcg4fygnxxca2h31dp47dkak9"))))
|
||||
(build-system python-build-system)
|
||||
(home-page "https://youtube-dl.org")
|
||||
(arguments
|
||||
|
|
|
@ -2390,18 +2390,21 @@ and IPv6 sockets, intended as a replacement for IO::Socket::INET.")
|
|||
(define-public perl-io-socket-ssl
|
||||
(package
|
||||
(name "perl-io-socket-ssl")
|
||||
(version "2.002")
|
||||
(version "2.033")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://cpan/authors/id/S/SU/SULLR/"
|
||||
"IO-Socket-SSL-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1mph52lw6x5v44wf8mw00llzi8pp6k5c4jnrnrvlacrlfv260jb8"))
|
||||
"01qggwmc97kpzx49fp4fxysrjyq8mpnx54nrb087ridj0ch3cf46"))
|
||||
(patches (search-patches
|
||||
"perl-io-socket-ssl-openssl-1.0.2f-fix.patch"))))
|
||||
(build-system perl-build-system)
|
||||
(propagated-inputs `(("perl-net-ssleay" ,perl-net-ssleay)))
|
||||
(propagated-inputs
|
||||
`(("perl-net-ssleay" ,perl-net-ssleay)
|
||||
;; for IDN support
|
||||
("perl-uri" ,perl-uri)))
|
||||
(synopsis "Nearly transparent SSL encapsulation for IO::Socket::INET")
|
||||
(description
|
||||
"IO::Socket::SSL makes using SSL/TLS much easier by wrapping the
|
||||
|
|
|
@ -42,7 +42,8 @@
|
|||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/wxwindows/" version
|
||||
(uri (string-append "https://github.com/wxWidgets/wxWidgets/"
|
||||
"releases/download/v" version
|
||||
"/wxWidgets-" version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32 "0paq27brw4lv8kspxh9iklpa415mxi8zc117vbbbhfjgapf7js1l"))))
|
||||
|
@ -88,8 +89,9 @@ and many other languages.")
|
|||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://sourceforge/wxwindows/" version
|
||||
"/wxWidgets-" version ".tar.bz2"))
|
||||
(uri (string-append "https://github.com/wxWidgets/wxWidgets/"
|
||||
"releases/download/v" version
|
||||
"/wxGTK-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32 "1gjs9vfga60mk4j4ngiwsk9h6c7j22pw26m3asxr1jwvqbr8kkqk"))))
|
||||
(inputs
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
|
||||
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -913,6 +914,28 @@ demos. It also acts as a nice screen locker.")
|
|||
"http://metadata.ftp-master.debian.org/changelogs/"
|
||||
"/main/x/xscreensaver/xscreensaver_5.34-2_copyright")))))
|
||||
|
||||
(define-public xdpyprobe
|
||||
(package
|
||||
(name "xdpyprobe")
|
||||
(version "0.1")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "https://github.com/alezost/" name
|
||||
"/releases/download/v" version
|
||||
"/" name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1h09wd2qcg08rj5hcakvdh9q01hkrj8vxly94ax3ch2x06lm0zq8"))))
|
||||
(build-system gnu-build-system)
|
||||
(inputs
|
||||
`(("libx11" ,libx11)))
|
||||
(home-page "https://github.com/alezost/xdpyprobe")
|
||||
(synopsis "Probe X server for connectivity")
|
||||
(description
|
||||
"Xdpyprobe is a tiny C program whose only purpose is to probe a
|
||||
connectivity of the X server running on a particular @code{DISPLAY}.")
|
||||
(license license:gpl3+)))
|
||||
|
||||
(define-public rofi
|
||||
(package
|
||||
(name "rofi")
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
;;; Copyright © 2015 Cyrill Schenkel <cyrill.schenkel@gmail.com>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
|
||||
;;; Copyright © 2016 Alex Kost <alezost@gmail.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -3870,6 +3871,97 @@ running on X server.")
|
|||
protocol.")
|
||||
(license license:x11)))
|
||||
|
||||
(define-public xfontsel
|
||||
(package
|
||||
(name "xfontsel")
|
||||
(version "1.0.5")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"mirror://xorg/individual/app/xfontsel-"
|
||||
version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"1grir464hy52a71r3mpm9mzvkf7nwr3vk0b1vc27pd3gp588a38p"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
;; By default, it tries to install XFontSel file in
|
||||
;; "/gnu/store/<libxt>/share/X11/app-defaults": it defines this
|
||||
;; directory from 'libxt' (using 'pkg-config'). To put this file
|
||||
;; inside output dir and to use it properly, we need to configure
|
||||
;; --with-appdefaultdir and to wrap 'xfontsel' binary.
|
||||
(let ((app-defaults-dir "/share/X11/app-defaults"))
|
||||
`(#:configure-flags
|
||||
(list (string-append "--with-appdefaultdir="
|
||||
%output ,app-defaults-dir))
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'install 'wrap-xfontsel
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let ((out (assoc-ref outputs "out")))
|
||||
(wrap-program (string-append out "/bin/xfontsel")
|
||||
`("XAPPLRESDIR" =
|
||||
(,(string-append out ,app-defaults-dir)))))))))))
|
||||
(inputs
|
||||
`(("libx11" ,libx11)
|
||||
("libxaw" ,libxaw)
|
||||
("libxmu" ,libxmu)
|
||||
("libxt" ,libxt)))
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
(home-page "https://www.x.org/wiki/")
|
||||
(synopsis "Browse and select X font names")
|
||||
(description
|
||||
"XFontSel provides a simple way to display the X11 core protocol fonts
|
||||
known to your X server, examine samples of each, and retrieve the X Logical
|
||||
Font Description (XLFD) full name for a font.")
|
||||
(license license:x11)))
|
||||
|
||||
(define-public xfd
|
||||
(package
|
||||
(name "xfd")
|
||||
(version "1.1.2")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
"mirror://xorg/individual/app/xfd-"
|
||||
version ".tar.bz2"))
|
||||
(sha256
|
||||
(base32
|
||||
"0n97iqqap9wyxjan2n520vh4rrf5bc0apsw2k9py94dqzci258y1"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
;; The same 'app-defaults' problem as with 'xfontsel' package.
|
||||
(let ((app-defaults-dir "/share/X11/app-defaults"))
|
||||
`(#:configure-flags
|
||||
(list (string-append "--with-appdefaultdir="
|
||||
%output ,app-defaults-dir))
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'install 'wrap-xfd
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let ((out (assoc-ref outputs "out")))
|
||||
(wrap-program (string-append out "/bin/xfd")
|
||||
`("XAPPLRESDIR" =
|
||||
(,(string-append out ,app-defaults-dir)))))))))))
|
||||
(inputs
|
||||
`(("fontconfig" ,fontconfig)
|
||||
("libx11" ,libx11)
|
||||
("libxaw" ,libxaw)
|
||||
("libxft" ,libxft)
|
||||
("libxmu" ,libxmu)
|
||||
("libxrender" ,libxrender)))
|
||||
(native-inputs
|
||||
`(("gettext" ,gnu-gettext)
|
||||
("pkg-config" ,pkg-config)))
|
||||
(home-page "https://www.x.org/wiki/")
|
||||
(synopsis "Display all the characters in an X font")
|
||||
(description
|
||||
"XFD (X Font Display) package provides an utility that displays a
|
||||
window containing the name of the font being displayed, a row of command
|
||||
buttons, several lines of text for displaying character metrics, and a grid
|
||||
containing one glyph per cell.")
|
||||
(license license:x11)))
|
||||
|
||||
(define-public xmodmap
|
||||
(package
|
||||
|
@ -4562,7 +4654,17 @@ protocol and arbitrary X extension protocol.")
|
|||
(base32
|
||||
"0c3563kw9fg15dpgx4dwvl12qz6sdqdns1pxa574hc7i5m42mman"))))
|
||||
(build-system gnu-build-system)
|
||||
(propagated-inputs
|
||||
(arguments
|
||||
'(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'install 'wrap-mkfontdir
|
||||
(lambda* (#:key inputs outputs #:allow-other-keys)
|
||||
(wrap-program (string-append (assoc-ref outputs "out")
|
||||
"/bin/mkfontdir")
|
||||
`("PATH" ":" prefix
|
||||
(,(string-append (assoc-ref inputs "mkfontscale")
|
||||
"/bin")))))))))
|
||||
(inputs
|
||||
`(("mkfontscale" ,mkfontscale)))
|
||||
(native-inputs
|
||||
`(("pkg-config" ,pkg-config)))
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2013, 2014, 2015 Andreas Enge <andreas@enge.fr>
|
||||
;;; Copyright © 2015 Federico Beffa <beffa@fbengineering.ch>
|
||||
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -99,6 +100,7 @@
|
|||
"http://www.centervenus.com/mirrors/nongnu/"
|
||||
"http://download.savannah.gnu.org/releases-noredirect/")
|
||||
(sourceforge ; https://sourceforge.net/p/forge/documentation/Mirrors/
|
||||
"http://downloads.sourceforge.net/project/"
|
||||
"http://ufpr.dl.sourceforge.net/project/"
|
||||
"http://heanet.dl.sourceforge.net/project/"
|
||||
"http://freefr.dl.sourceforge.net/project/"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2013 Nikita Karetnikov <nikita@karetnikov.org>
|
||||
;;; Copyright © 2014 Alex Kost <alezost@gmail.com>
|
||||
;;; Copyright © 2014, 2016 Alex Kost <alezost@gmail.com>
|
||||
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
|
||||
;;;
|
||||
|
@ -756,10 +756,51 @@ entries. It's used to query the MIME type of a given file."
|
|||
#:substitutable? #f)
|
||||
(return #f))))
|
||||
|
||||
(define (fonts-dir-file manifest)
|
||||
"Return a derivation that builds the @file{fonts.dir} and @file{fonts.scale}
|
||||
files for the truetype fonts of the @var{manifest} entries."
|
||||
(define mkfontscale
|
||||
(module-ref (resolve-interface '(gnu packages xorg)) 'mkfontscale))
|
||||
|
||||
(define mkfontdir
|
||||
(module-ref (resolve-interface '(gnu packages xorg)) 'mkfontdir))
|
||||
|
||||
(define build
|
||||
#~(begin
|
||||
(use-modules (srfi srfi-26)
|
||||
(guix build utils)
|
||||
(guix build union))
|
||||
(let ((ttf-dirs (filter file-exists?
|
||||
(map (cut string-append <>
|
||||
"/share/fonts/truetype")
|
||||
'#$(manifest-inputs manifest)))))
|
||||
(mkdir #$output)
|
||||
(if (null? ttf-dirs)
|
||||
(exit #t)
|
||||
(let* ((fonts-dir (string-append #$output "/share/fonts"))
|
||||
(ttf-dir (string-append fonts-dir "/truetype"))
|
||||
(mkfontscale (string-append #+mkfontscale
|
||||
"/bin/mkfontscale"))
|
||||
(mkfontdir (string-append #+mkfontdir
|
||||
"/bin/mkfontdir")))
|
||||
(mkdir-p fonts-dir)
|
||||
(union-build ttf-dir ttf-dirs
|
||||
#:log-port (%make-void-port "w"))
|
||||
(with-directory-excursion ttf-dir
|
||||
(exit (and (zero? (system* mkfontscale))
|
||||
(zero? (system* mkfontdir))))))))))
|
||||
|
||||
(gexp->derivation "fonts-dir" build
|
||||
#:modules '((guix build utils)
|
||||
(guix build union))
|
||||
#:local-build? #t
|
||||
#:substitutable? #f))
|
||||
|
||||
(define %default-profile-hooks
|
||||
;; This is the list of derivation-returning procedures that are called by
|
||||
;; default when making a non-empty profile.
|
||||
(list info-dir-file
|
||||
fonts-dir-file
|
||||
ghc-package-cache-file
|
||||
ca-certificate-bundle
|
||||
gtk-icon-themes
|
||||
|
|
|
@ -203,14 +203,25 @@ by two spaces; possible infraction~p at ~{~a~^, ~}")
|
|||
(define (check-inputs-should-be-native package)
|
||||
;; Emit a warning if some inputs of PACKAGE are likely to belong to its
|
||||
;; native inputs.
|
||||
(let ((inputs (package-inputs package)))
|
||||
(let ((linted package)
|
||||
(inputs (package-inputs package))
|
||||
(native-inputs '("pkg-config" "glib:bin" "intltool" "itstool")))
|
||||
(match inputs
|
||||
(((labels packages . _) ...)
|
||||
(when (member "pkg-config"
|
||||
(map package-name (filter package? packages)))
|
||||
(emit-warning package
|
||||
(_ "pkg-config should probably be a native input")
|
||||
'inputs))))))
|
||||
(((labels packages . outputs) ...)
|
||||
(for-each (lambda (package output)
|
||||
(when (package? package)
|
||||
(let ((input (string-append
|
||||
(package-name package)
|
||||
(if (> (length output) 0)
|
||||
(string-append ":" (car output))
|
||||
""))))
|
||||
(when (member input native-inputs)
|
||||
(emit-warning linted
|
||||
(format #f (_ "'~a' should probably \
|
||||
be a native input")
|
||||
input)
|
||||
'inputs)))))
|
||||
packages outputs)))))
|
||||
|
||||
(define (package-name-regexp package)
|
||||
"Return a regexp that matches PACKAGE's name as a word at the beginning of a
|
||||
|
|
|
@ -31,6 +31,7 @@
|
|||
#:use-module (guix scripts lint)
|
||||
#:use-module (guix ui)
|
||||
#:use-module (gnu packages)
|
||||
#:use-module (gnu packages glib)
|
||||
#:use-module (gnu packages pkg-config)
|
||||
#:use-module (web server)
|
||||
#:use-module (web server http)
|
||||
|
@ -319,7 +320,16 @@ string) on HTTP requests."
|
|||
(let ((pkg (dummy-package "x"
|
||||
(inputs `(("pkg-config" ,pkg-config))))))
|
||||
(check-inputs-should-be-native pkg)))
|
||||
"pkg-config should probably be a native input")))
|
||||
"'pkg-config' should probably be a native input")))
|
||||
|
||||
(test-assert "inputs: glib:bin is probably a native input"
|
||||
(->bool
|
||||
(string-contains
|
||||
(with-warnings
|
||||
(let ((pkg (dummy-package "x"
|
||||
(inputs `(("glib" ,glib "bin"))))))
|
||||
(check-inputs-should-be-native pkg)))
|
||||
"'glib:bin' should probably be a native input")))
|
||||
|
||||
(test-assert "patches: file names"
|
||||
(->bool
|
||||
|
|
Reference in New Issue