So that importers can adjust the file before inserting.
* guix/scripts/import.scm (%standard-import-options): Add ‘--file-to-insert’.
(guix-import): Pass it to importers when ‘--insert’ is set.
Change-Id: I8e7a18ee8e0f96d7fc5688a207a7a5390ad2fa30
* guix/utils.scm (find-definition-location): New procedure.
(find-definition-insertion-location): Define with it.
* guix/scripts/import.scm (import-as-definitions, guix-import): Support
expressions defined by 'define.
Change-Id: I03118e1a3372028b4f0530964aba871b4a1a4d25
For consistency with ‘insert-expression’.
* guix/scripts/import.scm (guix-import): Add two newlines after inserting.
Change-Id: I55b45ca137d175fdf6ee5c0bb2b6b1ca8385750d
* guix/scripts/offload.scm (choose-build-machine): Display amount of
free space using more specific units.
(check-machine-status): Same.
Change-Id: I93ebbf3115f15dacf57be7e63350bfbe8a3974b6
* guix/ui.scm (number->size): New procedure.
* guix/scripts/gc.scm (guix-gc)[actions]: Display the amount of
collected-garbage using more specific units.
[ensure-free-space]: Display the size using an appropriate size unit.
* nix/libstore/gc.cc (deletePathRecursive, removeUnusedLinks): Same.
* nix/libstore/optimise-store.cc (showBytes): Move function ...
* nix/libstore/misc.cc: ... to here. Expand to adjust the output based
on the amount of bytes received.
Change-Id: Idceb1a13f8e45f959d327f53d1a8accb29d2678b
Fixes <https://issues.guix.gnu.org/70826>.
This allows users to specify extra arguments specific to the underlying
mapped device type.
* gnu/system/mapped-devices.scm (<mapped-device>)[arguments]: New field.
(device-mapping-service-type): Honor it.
* guix/scripts/system.scm (check-mapped-devices): Likewise.
* gnu/system/linux-initrd.scm (raw-initrd): Likewise.
* doc/guix.texi (Mapped Devices): Document it.
Reported-by: 45mg <45mg.writes@gmail.com>
Change-Id: Idef5a3e68535c412f13bae9a92c81c49053d4f4a
Fixesguix/guix#664.
This is necessary when running ‘guix-daemon’ as an unprivileged user and
also when running ‘guix weather’ as an unprivileged user.
* guix/pki.scm (ensure-acl): Make ‘%acl-file’ #o644.
* guix/scripts/archive.scm (authorize-key): Likewise.
* guix/ssh.scm (remote-authorize-signing-key): Likewise.
Change-Id: I3c979b2cdf52e7cb657d8fafa244c58854e7fb67
Fixes <https://issues.guix.gnu.org/78283>.
* guix/scripts/git/authenticate.scm (guix-git-authenticate): Call
‘current-branch’ and do nothing if it returns the keyring branch.
Reported-by: Vagrant Cascadian <vagrant@debian.org>
Change-Id: I66c2a3f4babf68ac1df0913db6bc708ac0c7968e
Partly fixes <https://issues.guix.gnu.org/74583>.
Previously, passing an annotated tag to ‘--end’, as can happen when
‘guix git authenticate’ is invoked by the pre-push hook when pushing
tags, would lead to an error:
guix git: error: Git error: the requested type does not match the type in the ODB
* guix/scripts/git/authenticate.scm (ensure-commit-id): New procedure.
(guix-git-authenticate): Use it.
* tests/guix-git-authenticate.sh: Test with $v1_2_0_annotated_tag.
Change-Id: I22e8eb665609522c80c1f0dcb9e77a46c23c0c3c
Partly fixes <https://issues.guix.gnu.org/74583>.
* guix/scripts/git/authenticate.scm (%pre-push-hook): New variable.
(install-hooks): Use it.
(broken-pre-push-hook?, maybe-upgrade-hooks): New procedures.
(guix-git-authenticate): Call ‘maybe-upgrade-hooks’ when ‘configured?’
returns true.
Change-Id: I39d34ab66ffe0f34170c0f562e9f97f2f69c9fdc
Guile-Git 0.7.0 was released in May 2024.
* guix/scripts/git/authenticate.scm (record-configuration): Remove
‘module-defined?’ condition for Guile-Git < 0.7.0.
(install-hooks): Likewise.
Change-Id: I27af82068b989d6a18ff1a66453e0a8d397ed380
* guix/import/nuget.scm: New file.
* guix/scripts/import/nuget.scm: New file.
* guix/scripts/import.scm: Add reference to it.
* gnu/packages/guile-xyz.scm (guile-semver): Update to 0.2.0.
[source]: Switch.
Change-Id: I159c5cf3b02b42435b03d989d5815d3fcf001c92
Fixes#419 where the same search path is used multiple times, leading to the
last one overriding the previous one.
The solution relies on the #$profile/etc/profile file that is already verified
and in case of errors, it is just one place to repair instead of repairing at
multiple places, like in singularity-environment-file
* guix/pack.scm (singularity-environment-file): Source #$profile/etc/profile
Reported-by: Alexis Simon <alexis.simon@runbox.com>
Change-Id: Ic304fef99ad34d83e4e10cdd2b26d3b1802b5251
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit prevents Guix substitute servers from distributing binaries
which are marked non-substitutable. This prevents substitute servers
from accidentally committing copyright violations by distributing
binaries that are non-substitutable for copyright reasons.
* guix/scripts/publish.scm (render-nar): Query the derivers of
‘store-path’ and do nothing if one of them does not match
‘substitutable-derivation?’.
* tests/publish.scm ("non-substitutable derivation"): New test.
Change-Id: Iaca81f5bdb430a12a3ad41e9b83e0bcc535af607
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/78210>.
This patch adds the /gnu and /gnu/store directories to the Docker layer
created by ‘guix pack -f docker …’, which enables the Docker image to be
used to create an AWS Lambda function. Without the patch, creating the
AWS Lambda function fails with this error:
"MissingParentDirectory: Parent directory does not exist for file: gnu/store/…-info-dir/"
* guix/scripts/pack.scm (docker-image)[build]: Add store directory to
the docker layer.
* guix/docker.scm (build-docker-image): Change order of arguments to
‘tar’ so parent directories are added before their contents.
Change-Id: I2b103c59981e828c965564ccc5d2415b00a7e52e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/environment.scm (launch-environment/container): Add
/run/user/UID to ‘file-systems’.
* tests/guix-environment-container.sh: Test it.
Change-Id: I44c70a7554a06f40d073c25929ea7c6ded356d08
* guix/scripts/refresh.scm (update-specification->update-spec): Flag the
update-spec as partial when it is prefixed with '~'.
* tests/guix-refresh.sh: Test it. Remove extraneous 'guix refresh'
invocation.
* doc/guix.texi (Invoking guix refresh): Document it.
Change-Id: Iab4482d9367105f6ffcd2d6a49148736c93d53e4
Reviewed-by: Florian Pelz <pelzflorian@pelzflorian.de>
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/environment.scm (file-name-equal-or-under?): New procedure.
(override-user-mappings, override-user-dir): Use it.
Change-Id: Iadd9b838f6442a8080998ed7e07414db562068bf
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/78272>.
Fixes a bug caused by commit ce363c1dc7,
which inadvertently made /tmp read-only as well.
* guix/scripts/environment.scm (launch-environment/container)[tmpfs]:
New variable.
Add it to ‘file-systems’.
* guix/scripts/home.scm (spawn-home-container): Add /tmp file system
to #:mounts.
* tests/guix-environment-container.sh: Add test.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I5cb449e6d0c213d4b5866cbcbd14990437a7d4c5
* gnu/build/linux-container.scm (run-container): Add #:loopback-network?
and honor it via #:populate-file-system.
(call-with-container): Add #:loopback-network? and pass it to
‘run-container’.
* guix/scripts/environment.scm (launch-environment/container): Remove
call to ‘set-network-interface-up’ and remove generation of /etc/hosts.
* guix/scripts/home.scm (spawn-home-container): Likewise.
Change-Id: I5933a4e8dc6d8e19235a79696b62299d74d1ba21
This is an incompatible change where the root file system in
‘guix shell -C’ is now read-only by default.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add ‘--writable-root’.
* guix/scripts/environment.scm (setup-fhs): Invoke /sbin/ldconfig; moved
from…
(launch-environment): … here.
(launch-environment/container): Add #:writable-root? and pass it to
‘call-with-container’. Move root file system setup to #:populate-file-system.
(guix-environment*): Honor ‘--writable-root’.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document ‘--writable-root’.
(Debugging Build Failures): Mention it before “rm /bin/sh”.
Change-Id: I2e8517d6f01eb8093160bffc0f9f56071ad6fee6
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* guix/scripts/home.scm (spawn-home-container): Move creation of
accounts, /etc/hosts, /tmp, and HOME-DIRECTORY from the first argument
of ‘eval/container’ to #:populate-file-system. Remove #:writable-root?.
* tests/guix-home.sh: Test that the root file system is read-only.
Change-Id: Icda54706321d51b95b563c86c3fb2238cc65ee20
Until now, the read-only file system set up by ‘call-with-container’
would always be writable. With this change, it can be made read-only.
With this patch, only ‘least-authority-wrapper’ switches to a read-only
root file system.
* gnu/build/linux-container.scm (remount-read-only): New procedure.
(mount-file-systems): Add #:writable-root? and #:populate-file-system
and honor them.
(run-container): Likewise.
(call-with-container): Likewise.
* gnu/system/linux-container.scm (container-script): Pass #:writable-root?
to ‘call-with-container’.
(eval/container): Add #:populate-file-system and #:writable-root? and
honor them.
* guix/scripts/environment.scm (launch-environment/container):
Pass #:writable-root? to ‘call-with-container’.
* guix/scripts/home.scm (spawn-home-container): Likewise.
* tests/containers.scm ("call-with-container, mnt namespace, read-only root")
("call-with-container, mnt namespace, writable root"): New tests.
Change-Id: I603e2fd08851338b737bb16c8af3f765e2538906
Code in `ui.scm' in `initialize-guix' procedure changes the handling of
SIGPIPE to SIG_IGN. So restore the handling to SIG_DFL so that process
executed will have the usual action. Technically we should record what the
handling was, and restore it to the previous value, but that would be much
more invasive change.
Always setting it to SIG_DFL is at least less surprising than always setting
to SIG_IGN.
* guix/scripts/environment.scm (launch-environment): Restore default action
for SIGPIPE.
Change-Id: Ifabae1d3e71aa44e63078cea5bd3824b8f61ba14
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/home.scm (process-action): Handle operating-system declaration
and extract home environment for current user.
* doc/guix.texi (Guix Services)[Guix Home Service]: Document it.
Change-Id: I995f79c2549e6edc76322542d0422159e0b79996
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail>
Fixes <https://issues.guix.gnu.org/76141>.
* guix/scripts/locate.scm (guix-locate): Use writable db when --clear is given.
Change-Id: I2e4e945cef022b08dd6af4c252e67c2a4d5bf38c
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/77606>.
Calling ‘fdatasync’ for each and every narinfo file created by ‘guix
substitute’ proved to be too expensive on spinning HDDs and/or under
load (from 0.1s to 1.3s for the ‘fdatasync’ call alone).
* guix/git-authenticate.scm (cache-authenticated-commit): Pass #:sync? #f.
* guix/http-client.scm (http-fetch/cached): Likewise.
* guix/scripts/discover.scm (write-publish-file): Likewise.
* guix/scripts/style.scm (format-whole-file): Likewise.
* guix/substitutes.scm (cache-narinfo!): Likewise.
Reported-by: Christopher Baines <mail@cbaines.net>
Change-Id: I82297eae737bc5aae8a3f7604119e9f3d4b625bf
This is a follow-up to commit 79a46d6537 ("gnupg: Automatically fallback to
'always policy when non-interactive."), which introduced the following
problem:
guix refresh --update libvirt
-> guix refresh: error: invalid key-download policy: #f
* guix/scripts/refresh.scm (%default-options): Set default key-download option
value to 'auto.
(%options): Accept auto as a valid value from the command line.
Change-Id: I45ceee8e07d1a3a3c377e12ed017813f92289565
Partly fixes <https://issues.guix.gnu.org/76315>.
Fixes a bug whereby a service whose canonical name has changed would not
be restarted—e.g., if '(syslogd) has a replacement providing
'(system-log syslogd).
* gnu/services/shepherd.scm (shepherd-service-upgrade)[running?]:
Remove.
[to-restart]: Change to a subset of LIVE. Look up all the names of each
element of TARGET.
* guix/scripts/system/reconfigure.scm (upgrade-shepherd-services):
TO-RESTART is now a list of <live-service>; adjust accordingly.
* tests/services.scm ("shepherd-service-upgrade: one unchanged, one upgraded, one new"):
("shepherd-service-upgrade: service depended on is not unloaded"):
("shepherd-service-upgrade: obsolete services that depend on each other"):
("shepherd-service-upgrade: transient service"): Adjust accordingly.
("shepherd-service-upgrade: service has new canonical name"): New test.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I7cec495b4e824da5fad5518f039607cf92f935d9
So that this is evaluated when the main part of the script runs.
I'm looking at this to allow using setaffinity in the publish tests.
* guix/scripts/publish.scm (%default-options): Remove workers default.
(guix-publish): Move the default to here.
Change-Id: I83cd0d048f2641291b5bd8a932b479b23dd92d29
* guix/scripts/build.scm (options->things-to-build): Wrap the manifest
build option with the result of the '--system' option.
Change-Id: I1c3ff93af56bb659ddc00e1872c769cfc5e7a0d5
