This is a followup to 81c580c866.
* guix/scripts/pull.scm (guix-pull): Move 'ensure-default-profile' call after
'set-build-options-from-command-line' call. This ensures that the
'profiles/per-user/$USER' directory is created before
'ensure-default-profile' is called when 'GUIX_DAEMON_SOCKET' points to a
remote TCP daemon.
Fixes <https://bugs.gnu.org/37744>.
Reported at <https://www.openwall.com/lists/oss-security/2019/10/09/4>.
Based on Nix commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d
by Eelco Dolstra <edolstra@gmail.com>.
* nix/libstore/local-store.cc (LocalStore::LocalStore): Set 'perUserDir'
to #o755 instead of #o1777.
(LocalStore::createUser): New function.
* nix/libstore/local-store.hh (LocalStore): Add it.
* nix/libstore/store-api.hh (StoreAPI): Add it.
* nix/nix-daemon/nix-daemon.cc (performOp): In 'wopSetOptions', add
condition to handle "user-name" property and honor it.
(processConnection): Add 'userId' parameter. Call 'store->createUser'
when userId is not -1.
* guix/profiles.scm (ensure-profile-directory): Note that this is now
handled by the daemon.
* guix/store.scm (current-user-name): New procedure.
(set-build-options): Add #:user-name parameter and pass it to the daemon.
* tests/guix-daemon.sh: Test the creation of 'profiles/per-user' when
listening on a TCP socket.
* tests/store.scm ("profiles/per-user exists and is not writable")
("profiles/per-user/$USER exists"): New tests.
This makes the behaviour more consistent.
* guix/inferior.scm (inferior-pipe): Wrap the second open-pipe* call with
with-error-to-port, to match the first call to open-pipe*.
Previously, stderr for the inferior process would always be sent to /dev/null
because the current-output-port when the process is launched is a void
port. This change means that it's possible to pass in a different port to use.
* guix/inferior.scm (inferior-pipe): Take the error-port as an argument.
(open-inferior): Add new error-port keyword argument, with a default
of (%make-void-port "w").
* guix/gexp.scm (load-path-expression): Use ungexp-splicing instead of
ungexp-native-splicing so that the cross extensions are used when target is
set.
* guix/build/syscalls.scm (RNDADDTOENTCNT): New variable.
(add-to-entropy-count): New procedure.
* tests/syscalls.scm ("add-to-entropy-count"): New test.
Fixes <https://bugs.gnu.org/37531>.
"herd eval root '(length %load-path)'" on a freshly-booted bare-bones
system now returns 8 instead of 119 before.
* guix/gexp.scm (load-path-expression): Rewrite expression to that it
deletes duplicates.
Fixes <https://bugs.gnu.org/37506>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* guix/channels.scm (syscalls-reexports-local-variables?)
(guile-2.2.4, guile-for-source): New procedures.
(%quirks): New variable.
(build-from-source): Add calls to 'guile-for-source' and
'set-guile-for-build'.
* guix/import/crate.scm (crate-recursive-import): New procedure.
(crate->guix-package): Return dependencies as a second value.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Really fixes <https://bugs.gnu.org/37505>.
This is a followup to f751b4646d3989d76dad9e33e39f9724c7c50be6.
* guix/scripts/pull.scm (display-channel-news): Remove second occurrence
of '~*' in a format string.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rather than (guix scripts repl), from which the machine-repl procedure was
removed in [1].
1: 92a4087bf4
* guix/inferior.scm (inferior-pipe): Load (guix repl) rather than (guix
scripts repl).
Fixes <https://bugs.gnu.org/37505>.
Reported by Konrad Hinsen <konrad.hinsen@fastmail.net>.
* guix/scripts/pull.scm (display-channel-news): Use ~a instead of ~*
when reporting new channels.
Fixes <https://bugs.gnu.org/36723>.
Reported by Timothy Sample <samplet@ngyro.com>.
* guix/build/syscalls.scm (define-as-needed): Rewrite to use lower-level
module primitives; define VARIABLE only if it's not already defined to
avoid "re-exporting local variable" error.
This is useful when a single machine appears several time, with
different port numbers.
* guix/scripts/offload.scm (machine-slot-file): Add MACHINE's port to
the file name.
This prevent a race condition where multiple compilation threads could report
the same progress.
* guix/build/compile.scm (compile-files)<completed>: Rename to...
<progress>: ...this. Increment in same mutex region as the compilation is
reported.
The resulting nar takes ~500KiB and it's quicker to build it locally
than to download it.
* guix/self.scm (node-source+compiled): Pass #:options to
'computed-file'.
Avoid invalid store-file-name by explicitly passing the destination
name, replacing any character not allowed in the store-file-name by an
underscore.
Fixes <http://issues.guix.gnu.org/issue/26175>
* guix/scripts/download.scm (safe-naensure-valid-store-file-nameme):
New function. (download-to-store*): Use it to generate a "safe"
basename of URL.
* guix/colors.scm (coloring-procedure): New procedure.
(%highlight-color): Remove.
(highlight): Define in terms of 'coloring-procedure'.
(dim): New procedure.
Previously 'channel-news-for-commit' would use the former while 'guix
pull' would use the latter. Consequently, the first 'guix pull -N'
would clone the repository anew.
* guix/scripts/pull.scm (guix-pull): Remove 'cache', and leave
%REPOSITORY-CACHE-DIRECTORY to its default value.
Previously we would, for example, generate build scripts in the store;
when trying to run them, we'd get a 'read' error due to the presence
of #<foo> syntax in there.
* guix/gexp.scm (gexp->sexp)[self-quoting?]: New procedure.
[reference->sexp]: Check whether the argument in a <gexp-input> box is
self-quoting. Raise a '&gexp-input-error' condition if it's not.
* tests/gexp.scm ("lower-gexp, non-self-quoting input"): New test.
This is a followup to 91300526b7.
* guix/scripts/deploy.scm (show-help, %options): Add '--verbosity'.
(guix-deploy): Wrap 'with-store' in 'with-status-verbosity'.
* guix/scripts/pull.scm (display-profile-news): Return true when there's
more to display.
(display-news-entry-title): New procedure.
(display-news-entry): Use it.
(display-channel-specific-news): Return true when there's more to
display.
(display-channel-news-headlines): New procedure.
(build-and-install): Call it. When 'display-channel-news-headlines' or
'display-profile-news' returns #t, print a hint to run "pull --news".
(display-new/upgraded-packages): Return true when there's more to display.
* guix/scripts/pull.scm (display-news-entry)
(display-channel-specific-news): New procedures.
(display-channel-news): Call it.
(display-new/upgraded-packages): Adjust hint message.
* doc/guix.texi (Invoking guix pull): Mention it.
Suggested by Ricardo Wurmus <rekado@elephly.net>.
* guix/channels.scm (<channel-news-entry>)[tag]: New field.
(sexp->channel-news-entry): Accept either 'commit' or 'tag' in 'entry'
forms.
(resolve-channel-news-entry-tag): New procedure.
(channel-news-for-commit): Move 'with-repository' form one level
higher. Call 'resolve-channel-news-entry-tag' on all the news entries.
* guix/tests/git.scm (populate-git-repository): Add clause for 'tag'.
* tests/channels.scm ("channel-news, one entry"): Create a tag and add
an entry with a tag. Check that the tag is resolved and also visible in
the <channel-news-entry> record.
* doc/guix.texi (Channels): Mention tags in news entries.
Ludovic Courtès
Guillaume Le Vaillant
Christopher Baines
Mathieu Othacehe
Carl Dong
Ricardo Wurmus
Martin Becze
Konrad Hinsen
Eric Bavier
Marius Bakke
Hartmut Goebel
Vagrant Cascadian