bug#43893: [PATCH v3] maint: update-guix-package: Prevent accidentally breaking guix pull.
Hi Ludovic, Ludovic Courtès writes: > Hi, > > Maxim Cournoyer skribis: > >> Ludovic Courtès writes: > [...] >> Sorry, I'm a bit lost. Are you suggesting that we should restore the >> code following the ;; Re-add SOURCE [...], but wrapped with unless to >> make it conditional to GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT being >> defined? That part depends on SOURCE, a store file name, which we don't >> have anymore since we no longer add the sources to the store to compute >> the hash. > > I’m saying that the solution to the initial problem (that if you don’t > run ‘guix build guix -S --check’ you’re not sure ‘guix’ is referring to > a valid upstream commit) The original problem was about the updated Guix package containing a faulty hash (due to being computed from a uncontrolled checkout that could be dirty). The other concern about preventing the use of a not yet published commit was added based on earlier feedback. > above. The trick at “Re-add SOURCE” is here precisely to prevent > attempts to re-download, as the comment explains, and this is what has > been causing these troubles. > > The advantages (to me) would have been simpler code, no shelling out to > ‘git’, and no fiddling with files under $PWD. Less code would also mean poorer diagnostics: time ./pre-inst-env guix build guix -S The following derivation will be built: /gnu/store/zhfchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv building /gnu/store/zhfchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv... guile: warning: failed to install locale environment variable `PATH' set to `/gnu/store/378zjf2kgajcfd7mfr98jn5xyc5wa3qv-gzip-1.10/bin:/gnu/store/sf3rbvb6iqcphgm1afbplcs72hsywg25-tar-1.32/bin' Initialized empty Git repository in /gnu/store/02da8jb3wzzi3bqvrl214gdg0kkxmaf8-guix-1.1.0-31.07c13ae-checkout/.git/ error: Server does not allow request for unadvertised object 07c13aeb5abb1a5bc3cabffb9b2212993a0d5a0e Failed to do a shallow fetch; retrying a full fetch... >From https://git.savannah.gnu.org/git/guix * [new branch] core-updates-> origin/core-updates [...] * [new tag] v1.1.0rc2 -> v1.1.0rc2 fatal: reference is not a tree: 07c13aeb5abb1a5bc3cabffb9b2212993a0d5a0e git-fetch: '/gnu/store/i5b1vv7qc6l2gi4xwa9mqzjy3shvgk30-git-minimal-2.28.0/bin/git checkout 07c13aeb5abb1a5bc3cabffb9b2212993a0d5a0e' failed with exit code 128 Trying content-addressed mirror at berlin.guix.gnu.org... Trying content-addressed mirror at berlin.guix.gnu.org... Trying to download from Software Heritage... builder for `/gnu/store/zhfchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv' failed to produce output path `/gnu/store/02da8jb3wzzi3bqvrl214gdg0kkxmaf8-guix-1.1.0-31.07c13ae-checkout' build of /gnu/store/zhfchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv failed View build log at '/var/log/guix/drvs/zh/fchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv.bz2'. guix build: error: build of `/gnu/store/zhfchz831mncd2kyqmh5d2q0r2rpg57s-guix-1.1.0-31.07c13ae-checkout.drv' failed real1m42.825s user0m2.191s sys 0m0.189s This took nearly 2 minutes, fetching the full Guix git repo just to tell me that *something* is not right. Currently, we have: time make update-guix-package git rev-parse HEAD 4893a1394e2eb8b97995b491f2f37ed85513a20f ./pre-inst-env "/gnu/store/i7z4pfa0c22q0qkxyl7fy2nlp3w658yg-profile/bin/guile" \ ./build-aux/update-guix-package.scm \ "`git rev-parse HEAD`" error: Commit 4893a1394e2eb8b97995b491f2f37ed85513a20f is not pushed upstream. Aborting. make: *** [Makefile:6507: update-guix-package] Error 1 real0m1.135s user0m1.066s sys 0m0.199s > BTW, in ‘make release’ does ‘make update-guix-package’ and expects it to > work with a not-pushed-yet commit. So it’s a case where we need > GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT=yes. Ah, good point. I'd like to fix this, but running 'make release', it fails on: make[3]: *** No rule to make target 'po/doc/guix-manual.pot', needed by 'distdir-am'. Stop. What did I miss? Thank you! Maxim
bug#44139: Consider remove package emacs-cl-generic
Hello, Zhu Zihao writes: > According to the description of emacs-cl-generic, it exists to provide > some backward compatibility for old Emacsen(< 25) > > However, the Guix already package Emacs 27(even 28 on master branch). > IMO, emacs-cl-generic have done its job and we no longer need it. > > Package emacs-finalize depends on emacs-cl-generic, it should still work > after we remove this dependency. If user install this package > accidentally, it may shadow the real cl-generic.el bundled with Emacs itself. The package has now been removed (commit f1939f7d16), and emacs-finalize no longer depend on it. Thank you for the report! Closing, Maxim
bug#44101: Unable to use /dev/disk/by-id/ symlinks with u-boot and guix system reconfigure
Hi, On +2020-10-22 13:08:45 -0700, Vagrant Cascadian wrote: > On 2020-10-22, Mathieu Othacehe wrote: > > Hey Vagrant, > > > >> I'm writing this from memory now, but I can also boot the machines at a > >> later point and get the exact configurations, if needed. > > > > Sorry for breaking your use-case. Recently I have split up the > > bootloader installation in two distinct parts: > > Thanks for your work on it, even if it resulted in a regression. :) > > > > - Installing a bootloader directly on a mounted directory. > > - Installing a bootloader on a raw-image or device. > > > > Depending on the bootloader type, one or both of the methods are > > supported. u-boot does not really support the first method, so the > > patch you are mentioning is disabling this method. > > > > The problem is while reconfiguring, the first method only is used. The > > attached patch tries to fallback to the second method if the first one > > is not defined. > > I don't quite understand why that would be the issue here; guix system > reconfigure works fine when /dev/mmcblkN is specified target in the > system config.scm, just not when the target is /dev/disk/by-id/... > > My wild guess was something was checking for a literal block device, and > failing with a symlink pointing to a block device. > IIUC [1] implies the contents of /dev/disk/by-id is populated on udev events, so IIRC the values can be stale. Maybe that's an eliminated race by now, or a clue about old systems? [1] https://unix.stackexchange.com/questions/86764/understanding-dev-disk-by-folders > > Trying your patch gets me a backtrace, unfortunately... > > With the bootloader section... > > (bootloader (bootloader-configuration >(target "/dev/disk/by-id/mmc-SDU64_0xbaf3002e") > (bootloader u-boot-pinebook-bootloader) > )) > > And your patch applied on top of 3e09453884efa82ef97b8ec6e34470c67a1206a7... > > $ sudo -E ./pre-inst-env guix system reconfigure --keep-going > ~/pinebook-1080p-desktop.scm > ... > waiting for locks or build slots... > building > /gnu/store/n17lkvs6vhq0x16mk0rxnv4j5ifvrlyr-switch-to-system.scm.drv... > making '/gnu/store/vc3bzajlv0yxrdjmqph4sikzqkywvfq1-system' the current > system... > setting up setuid programs in '/run/setuid-programs'... > populating /etc from /gnu/store/gssnxbhwa9dygn1i6i46j81ww5gczzav-etc... > The following derivation will be built: >/gnu/store/s19y61jrdys760zccxm2qiiqjpcv1fcx-install-bootloader.scm.drv > > building > /gnu/store/s19y61jrdys760zccxm2qiiqjpcv1fcx-install-bootloader.scm.drv... > Backtrace: > In guix/scripts/system.scm: >1339:8 19 (_) > In guix/status.scm: > 776:4 18 (call-with-status-report _ _) > In guix/scripts/system.scm: >1172:4 17 (_) > In ice-9/boot-9.scm: > 1736:10 16 (with-exception-handler _ _ #:unwind? _ # _) > In guix/store.scm: >631:37 15 (thunk) >1300:8 14 (call-with-build-handler _ _) >1300:8 13 (call-with-build-handler _ _) >1300:8 12 (call-with-build-handler _ _) >1300:8 11 (call-with-build-handler _ _) >1300:8 10 (call-with-build-handler _ _) >1300:8 9 (call-with-build-handler # …) > 2042:24 8 (run-with-store # …) > In guix/scripts/system.scm: >842:13 7 (_ _) >844:15 6 (_ _) >750:13 5 (_ _) > In ice-9/boot-9.scm: > 152:2 4 (with-fluid* _ _ _) > In unknown file: >3 (primitive-load "/gnu/store/81w2h9zd6b5q0ddchc0wr6vph22…") > In ice-9/eval.scm: > 619:8 2 (_ #(#(# "//v…") #)) > In ice-9/boot-9.scm: > 1669:16 1 (raise-exception _ #:continuable? _) > 1669:16 0 (raise-exception _ #:continuable? _) > > ice-9/boot-9.scm:1669:16: In procedure raise-exception: > ERROR: > 1. /o-filename: "/dev/disk/by-id/mmc-SDU64_0xbaf3002e" > > > It also fails when target is /dev/mmcblk1. > > So, clearly this is some other issue... > > > live well, > vagrant HTH, otherwise sorry for the noise :) -- Regards, Bengt Richter
bug#40613: [PATCH] gnu: Add emacs-typing.
Hello Nicolas, Alberto, Nicolas Goaziou writes: > Hello, > > Alberto Eleuterio Flores Guerrero writes: > >> * gnu/packages/emacs-xyz.scm (emacs-typing): New variable. > > Thank you. > >> +(define-public emacs-typing >> + (package >> +(name "emacs-typing") >> +(version "1.1.4") > > This is not a regular release, this is extracted from the main file. We > need to provide a commit and a revision. See, e.g., "emacs-dhall-mode". > >> +(description "@code{emacs-typing} is a game for Emacs that > > I would write "The Typing of Emacs" instead of emacs-typing, i.e., the > name of the game instead of the symbol. > >> +forces you to type words correctly as fast as possible, otherwise >> +you will die. The game builds the list of words from the active buffer") > > The description is missing a final dot. > >> +(license license:gpl2))) > > The license is gpl2+. > > Could you send an updated patch? I modified the original definition with your above suggestions and pushed as commit a49bfa1f6c22363c9e495070f51b82e60b1495af. Closing. Thank you! Maxim
bug#41702: `guix environment` performance issues
Hello, Ludovic Courtès writes: > Hi Lars, > > Lars-Dominik Braun skribis: > >> From 42ff75c9d4da4eb2aeece96119ae5a65a9ccac82 Mon Sep 17 00:00:00 2001 >> From: Lars-Dominik Braun >> Date: Mon, 20 Jul 2020 11:27:35 +0200 >> Subject: [PATCH 1/2] gnu: guile-ssh: Update to 0.13.0. >> >> * gnu/packages/ssh.scm (guile-ssh): Update to 0.13.0. > > [...] > >> From 6a18c9a4533075d1ee9795777a998fde3e64030f Mon Sep 17 00:00:00 2001 >> From: Lars-Dominik Braun >> Date: Mon, 20 Jul 2020 11:28:51 +0200 >> Subject: [PATCH 2/2] guix: Speed up RPC via SSH connections. >> >> See issue #41702 >> >> * guix/ssh.scm (open-ssh-session): Enable #:nodelay. >> * m4/guix.m4 (GUIX_CHECK_GUILE_SSH): Add feature check for this new >> parameter. > > I adjusted the commit log and pushed. > > I think it’s okay to use the new Guile-SSH feature right away because > it’s not central, and ‘guix pull’ gives people the ability to get the > new Guile-SSH version. Judging from the above, it seems this issue has been resolved. Closing. Thank you, Maxim
bug#44101: Unable to use /dev/disk/by-id/ symlinks with u-boot and guix system reconfigure
On 2020-10-22, Mathieu Othacehe wrote: > Hey Vagrant, > >> I'm writing this from memory now, but I can also boot the machines at a >> later point and get the exact configurations, if needed. > > Sorry for breaking your use-case. Recently I have split up the > bootloader installation in two distinct parts: Thanks for your work on it, even if it resulted in a regression. :) > - Installing a bootloader directly on a mounted directory. > - Installing a bootloader on a raw-image or device. > > Depending on the bootloader type, one or both of the methods are > supported. u-boot does not really support the first method, so the > patch you are mentioning is disabling this method. > > The problem is while reconfiguring, the first method only is used. The > attached patch tries to fallback to the second method if the first one > is not defined. I don't quite understand why that would be the issue here; guix system reconfigure works fine when /dev/mmcblkN is specified target in the system config.scm, just not when the target is /dev/disk/by-id/... My wild guess was something was checking for a literal block device, and failing with a symlink pointing to a block device. Trying your patch gets me a backtrace, unfortunately... With the bootloader section... (bootloader (bootloader-configuration (target "/dev/disk/by-id/mmc-SDU64_0xbaf3002e") (bootloader u-boot-pinebook-bootloader) )) And your patch applied on top of 3e09453884efa82ef97b8ec6e34470c67a1206a7... $ sudo -E ./pre-inst-env guix system reconfigure --keep-going ~/pinebook-1080p-desktop.scm ... waiting for locks or build slots... building /gnu/store/n17lkvs6vhq0x16mk0rxnv4j5ifvrlyr-switch-to-system.scm.drv... making '/gnu/store/vc3bzajlv0yxrdjmqph4sikzqkywvfq1-system' the current system... setting up setuid programs in '/run/setuid-programs'... populating /etc from /gnu/store/gssnxbhwa9dygn1i6i46j81ww5gczzav-etc... The following derivation will be built: /gnu/store/s19y61jrdys760zccxm2qiiqjpcv1fcx-install-bootloader.scm.drv building /gnu/store/s19y61jrdys760zccxm2qiiqjpcv1fcx-install-bootloader.scm.drv... Backtrace: In guix/scripts/system.scm: 1339:8 19 (_) In guix/status.scm: 776:4 18 (call-with-status-report _ _) In guix/scripts/system.scm: 1172:4 17 (_) In ice-9/boot-9.scm: 1736:10 16 (with-exception-handler _ _ #:unwind? _ # _) In guix/store.scm: 631:37 15 (thunk) 1300:8 14 (call-with-build-handler _ _) 1300:8 13 (call-with-build-handler _ _) 1300:8 12 (call-with-build-handler _ _) 1300:8 11 (call-with-build-handler _ _) 1300:8 10 (call-with-build-handler _ _) 1300:8 9 (call-with-build-handler # …) 2042:24 8 (run-with-store # …) In guix/scripts/system.scm: 842:13 7 (_ _) 844:15 6 (_ _) 750:13 5 (_ _) In ice-9/boot-9.scm: 152:2 4 (with-fluid* _ _ _) In unknown file: 3 (primitive-load "/gnu/store/81w2h9zd6b5q0ddchc0wr6vph22…") In ice-9/eval.scm: 619:8 2 (_ #(#(# "//v…") #)) In ice-9/boot-9.scm: 1669:16 1 (raise-exception _ #:continuable? _) 1669:16 0 (raise-exception _ #:continuable? _) ice-9/boot-9.scm:1669:16: In procedure raise-exception: ERROR: 1. /o-filename: "/dev/disk/by-id/mmc-SDU64_0xbaf3002e" It also fails when target is /dev/mmcblk1. So, clearly this is some other issue... live well, vagrant signature.asc Description: PGP signature
bug#39606: Keyboard layout defined by 'set-xorg-configuration' is not honored by GDM.
Hello! I'm happy to report this was due to mis-configuration on my part. More specifically, it it was missing the xorg-configuration modification bit, which is documented. Testing in a VM using the following, modified configuration cannot reproduce the problem: --8<---cut here---start->8--- diff --git a/gnu/system/examples/lightweight-desktop.tmpl b/gnu/system/examples/lightweight-desktop.tmpl index d5a63dc457..42e7891641 100644 --- a/gnu/system/examples/lightweight-desktop.tmpl +++ b/gnu/system/examples/lightweight-desktop.tmpl @@ -3,7 +3,7 @@ ;; environments. (use-modules (gnu) (gnu system nss)) -(use-service-modules desktop) +(use-service-modules desktop xorg) (use-package-modules bootloaders certs emacs emacs-xyz ratpoison suckless wm xorg) @@ -11,12 +11,14 @@ (host-name "antelope") (timezone "Europe/Paris") (locale "en_US.utf8") + (keyboard-layout (keyboard-layout "jp")) ;; Use the UEFI variant of GRUB with the EFI System ;; Partition mounted on /boot/efi. (bootloader (bootloader-configuration -(bootloader grub-efi-bootloader) -(target "/boot/efi"))) + (bootloader grub-efi-bootloader) + (target "/boot/efi") + (keyboard-layout keyboard-layout))) ;; Assume the target root file system is labelled "my-root", ;; and the EFI System Partition has UUID 1234-ABCD. @@ -53,7 +55,10 @@ ;; Use the "desktop" services, which include the X11 ;; log-in service, networking with NetworkManager, and more. - (services %desktop-services) + (services (cons (set-xorg-configuration + (xorg-configuration ;for Xorg +(keyboard-layout keyboard-layout))) + %desktop-services)) ;; Allow resolution of '.local' host names with mDNS. (name-service-switch %mdns-host-lookup-nss)) --8<---cut here---end--->8--- Closing :-) Maxim
bug#44146: CVE-2020-15999 in FreeType
Marius, Marius Bakke 写道: The 'freetype' package is vulnerable to CVE-2020-15999. Oh dear. 'Thanks' for breaking the news. I'm busy for a couple of days and won't be able to work on it in time. Volunteers wanted! It feels like it shouldn't work (what with the different .so version & all) but I've been unable to break a ghostscript grafted to use 2.10.4. I'm currently reconfiguring my system with it; if it works, I'll push it. Whatever happens, I won't have time to apply the core-updates half tonight. Forwarding a message from oss-security, we may have to patch Ghostscript as well: I don't know enough about FT/GS's internals to really understand what's going on, but being a C(ompile-time) macro, this *could* be safe to graft, right? Kind regards, T G-R signature.asc Description: PGP signature
bug#44000: Guile-Git cross-compiled to i586-pc-gnu gets bytestructures wrong
Ludovic Courtès writes: > Hi, > > Taylan Kammer skribis: > >> Could you please test whether bytestructures 1.0.8 fixes the issue? > > Thanks for the prompt reply! I tested 1.0.8 and it does not fix the > problem. > > I think the problem might be that the ‘cond-expand-provide’ call might > affect a module that’s not the one tested in (eval '(cond-expand …) …). > > Does that make sense? Yes, you're right. I've made another release (1.0.9), where I use (environment '(guile) '(bytestructures guile numeric-data-model)) for the 'base-environment' binding in case we're running on Guile. It now gives me correct results locally (woe on me for not having properly tested the previous one) so I think it should definitely work when cross-compiling too, since the 'eval' is sure to be executed at run-time and not compile-time... Fingers crossed, I hope I don't waste your time this time! - Taylan
bug#44146: CVE-2020-15999 in FreeType
Hello, The 'freetype' package is vulnerable to CVE-2020-15999. According to https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html, an exploit already exists in the wild. I'm busy for a couple of days and won't be able to work on it in time. Volunteers wanted! Forwarding a message from oss-security, we may have to patch Ghostscript as well: Start of forwarded message To: oss-secur...@lists.openwall.com Cc: Werner LEMBERG From: Alan Coopersmith Date: Tue, 20 Oct 2020 09:49:31 -0700 Subject: [oss-security] CVE-2020-15999 fixed in FreeType 2.10.4 Before making this release, Werner said: > I've just fixed a heap buffer overflow that can happen for some > malformed `.ttf` files with PNG sbit glyphs. It seems that this > vulnerability gets already actively used in the wild, so I ask all > users to apply the corresponding commit as soon as possible. But distros should be warned that 2.10.3 and later may break the build of ghostscript, due to ghostscript's use of a withdrawn macro that wasn't intended for external usage: https://bugs.ghostscript.com/show_bug.cgi?id=702985 https://lists.nongnu.org/archive/html/freetype-devel/2020-10/msg2.html Ghostscript's fix for that is at: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Engineering - https://blogs.oracle.com/alanc Forwarded Message Subject: [ft-announce] Announcing FreeType 2.10.4 Date: Tue, 20 Oct 2020 07:47:31 +0200 (CEST) From: Werner LEMBERG To: freetype-annou...@nongnu.org, freetype-de...@nongnu.org, freet...@nongnu.org FreeType 2.10.4 has been released. It is available from http://savannah.nongnu.org/download/freetype/ or http://sourceforge.net/projects/freetype/files/ The latter site also holds older versions of the FreeType library. See below for the relevant snippet from the CHANGES file. Enjoy! Werner PS: Downloads from savannah.nongnu.org will redirect to your nearest mirror site. Files on mirrors may be subject to a replication delay of up to 24 hours. In case of problems use http://download-mirror.savannah.gnu.org/releases/ -- http://www.freetype.org FreeType 2 is a software font engine that is designed to be small, efficient, highly customizable, and portable while capable of producing high-quality output (glyph images) of most vector and bitmap font formats. Note that FreeType 2 is a font service and doesn't provide APIs to perform higher-level features, like text layout or graphics processing (e.g., colored text rendering, `hollowing', etc.). However, it greatly simplifies these tasks by providing a simple, easy to use, and uniform interface to access the content of font files. FreeType 2 is released under two open-source licenses: our own BSD-like FreeType License and the GPL. It can thus be used by any kind of projects, be they proprietary or not. -- CHANGES BETWEEN 2.10.3 and 2.10.4 I. IMPORTANT BUG FIXES - A heap buffer overflow has been found in the handling of embedded PNG bitmaps, introduced in FreeType version 2.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately. ___ Freetype-announce mailing list freetype-annou...@nongnu.org https://lists.nongnu.org/mailman/listinfo/freetype-announce End of forwarded message signature.asc Description: PGP signature
bug#44139: Consider remove package emacs-cl-generic
According to the description of emacs-cl-generic, it exists to provide some backward compatibility for old Emacsen(< 25) However, the Guix already package Emacs 27(even 28 on master branch). IMO, emacs-cl-generic have done its job and we no longer need it. Package emacs-finalize depends on emacs-cl-generic, it should still work after we remove this dependency. If user install this package accidentally, it may shadow the real cl-generic.el bundled with Emacs itself. -- Retrieve my public GPG key: https://meta.sr.ht/~citreu.pgp Zihao signature.asc Description: PGP signature
bug#43850: cuirass: inconsistent SQL queries execution time.
Hello, > I have now copied the database to a tmpfs mounted directory to make sure > that those inconsistent duration are only caused by the I/O pressure on > berlin. This helps a lot. The Cuirass web service has been running smooth since two days, without any inconsistent query times. I'm considering using a tmpfs backed database for good. The problem is that we would need a save/restore mechanism in case Berlin reboots. WDYT? Thanks, Mathieu
bug#43565: cuirass: Fibers scheduling blocked.
Hey Ludo! > ‘process-build-log’ in Cuirass uses ‘read-line/non-blocking’ to read a > line from the log port of ‘build-derivations&’. If that really is > non-blocking (and I think it is), then we should be fine? > > We should attach GDB to Cuirass next time to see what’s blocking. Cuirass is currently hanging probably due to the same issue. I saved a GDB core dump in /home/mathieu/core.76483. Could use your help finding the guilty thread :) Thanks, Mathieu
bug#44112: SBCL is not reproducible
Hi Guillaume, Thank you for asking upstream. On Wed, 21 Oct 2020 at 18:45, Guillaume Le Vaillant wrote: > A developer of SBCL agrees that the timestamp should be removed [1], but > currently Slime has a function depending on it. I asked if this could > be fixed [2]. We'll see... > > [1] https://sourceforge.net/p/sbcl/mailman/message/37133640/ Ouch! Hard to read when not subscribed. :-) > [2] https://github.com/slime/slime/issues/583 If upstream does not want to patch, do you think it is doable to patch SLIME and maintain the patch with the Guix package? Thanks, simon
bug#44104: [patch] guix publish: provide server's signing key.
Thanks, Updated. >From fe0098082289a2350002da4e2438c41f6385b3e2 Mon Sep 17 00:00:00 2001 From: Amar Singh Date: Wed, 21 Oct 2020 02:02:02 +0530 Subject: [PATCH] guix publish: Provide server's signing key. Published at $(guix-publish-uri)/signing-key.pub Knock yourselves out! Best in industry. Signed-off-by: Amar Singh --- guix/scripts/publish.scm | 18 +- tests/publish.scm| 5 + 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm index 4eaf961ab2..1741b93309 100644 --- a/guix/scripts/publish.scm +++ b/guix/scripts/publish.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 David Thompson +;;; Copyright © 2020 by Amar M. Singh ;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. @@ -686,6 +687,13 @@ to compress or decompress the log file; just return it as-is." (values (response-headers log) log) (not-found request +(define (render-signing-key) + "Render signing key." + (let ((file %public-key-file)) +(values `((content-type . (text/plain (charset . "UTF-8"))) + (x-raw-file . ,file)) +file))) + (define (render-home-page request) "Render the home page." (values `((content-type . (text/html (charset . "UTF-8" @@ -699,7 +707,12 @@ to compress or decompress the log file; just return it as-is." (a (@ (href "https://guix.gnu.org/manual/en/html_node/Invoking-guix-publish.html;)) (tt "guix publish")) - " speaking. Welcome!"))) + " speaking. Welcome!") +(p "Here is the " + (a (@ (href + "signing-key.pub")) + (tt "signing key")) + " for this server. Knock yourselves out!"))) port) (define (extract-narinfo-hash str) @@ -918,6 +931,9 @@ methods, return the applicable compression." ;; / ((or () ("index.html")) (render-home-page request)) + ;; guix signing-key + (("signing-key.pub") + (render-signing-key)) ;; /.narinfo (((= extract-narinfo-hash (? string? hash))) (if cache diff --git a/tests/publish.scm b/tests/publish.scm index 1c3b2785fb..13f667aa7e 100644 --- a/tests/publish.scm +++ b/tests/publish.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015 David Thompson +;;; Copyright © 2020 by Amar M. Singh ;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. @@ -613,6 +614,10 @@ References: ~%" (let ((uri (publish-uri "/log/does-not-exist"))) (response-code (http-get uri +(test-equal "/signing-key.pub" + 200 + (response-code (http-get (publish-uri "/signing-key.pub" + (test-equal "non-GET query" '(200 404) (let ((path (string-append "/" (store-path-hash-part %item) -- 2.28.0
bug#44054: [1.2 installer]: Kernel panic when attempting to reboot after install.
Hey, > Mathieu, are there other file system operations happening beyond that? The final "sync" call is done just after the user clicks on "Reboot", so if the flash drive is removed before clicking on "Reboot" I guess things can go wrong. I'll see if I can reproduce this issue. Thanks, Mathieu
bug#43023: clang++ in a {clang-toolchain + gcc-toolchain} environment
Hi Emmanuel, Emmanuel Agullo skribis: > A typical "hello world" C++ fails in an environment with both > `gcc-toolchain' and `clang-toolchain', apperently due to the setup of > the `CPLUS_INCLUDE_PATH' environment variable (used because of the > `#include ' instruction), when compiling with `clang++'. Did you want to have both toolchains in the environment, or was the goal to use Clang, but GCC just happened to be already there (being the default toolchain)? In the latter case, the new ‘--with-c-toolchain’ option may help: it allows you to select ‘clang-toolchain’ instead of the default GCC tool chain. Note “instead of” rather than “in addition to”, which means that there’s only one tool chain in the environment, so no risk of interference. https://guix.gnu.org/manual/devel/en/html_node/Package-Transformation-Options.html Now, if you really want the two toolchains in the same environment, we’ll have to investigate, though I’m not sure it’s even fixable as it breaks assumptions behind uses of #include_next in libstdc++ and elsewhere. Thanks, Ludo’.
bug#44101: Unable to use /dev/disk/by-id/ symlinks with u-boot and guix system reconfigure
Hey Vagrant, > I'm writing this from memory now, but I can also boot the machines at a > later point and get the exact configurations, if needed. Sorry for breaking your use-case. Recently I have split up the bootloader installation in two distinct parts: - Installing a bootloader directly on a mounted directory. - Installing a bootloader on a raw-image or device. Depending on the bootloader type, one or both of the methods are supported. u-boot does not really support the first method, so the patch you are mentioning is disabling this method. The problem is while reconfiguring, the first method only is used. The attached patch tries to fallback to the second method if the first one is not defined. WDYT? Thanks, Mathieu >From 7fd5fb804317df5af5e14a6a95179acb3c8ac598 Mon Sep 17 00:00:00 2001 From: Mathieu Othacehe Date: Wed, 21 Oct 2020 10:42:50 +0200 Subject: [PATCH] system: reconfigure: Use the disk-installer if provided. --- gnu/tests/reconfigure.scm | 4 +++- guix/scripts/system/reconfigure.scm | 12 +--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/gnu/tests/reconfigure.scm b/gnu/tests/reconfigure.scm index 928a210a94..52beeef447 100644 --- a/gnu/tests/reconfigure.scm +++ b/gnu/tests/reconfigure.scm @@ -260,7 +260,9 @@ bootloader's configuration file." ;; test suite, the bootloader installer script is omitted. 'grub-install' ;; would attempt to write directly to the virtual disk if the ;; installation script were run. - (test (install-bootloader-program #f #f bootcfg bootcfg-file #f "/") + (test + (install-bootloader-program #f #f #f bootcfg bootcfg-file #f "/") + (define %test-switch-to-system (system-test diff --git a/guix/scripts/system/reconfigure.scm b/guix/scripts/system/reconfigure.scm index d89caf80fc..b1982b20d2 100644 --- a/guix/scripts/system/reconfigure.scm +++ b/guix/scripts/system/reconfigure.scm @@ -204,7 +204,8 @@ services as defined by OS." ;;; Bootloader configuration. ;;; -(define (install-bootloader-program installer bootloader-package bootcfg +(define (install-bootloader-program installer disk-installer +bootloader-package bootcfg bootcfg-file device target) "Return an executable store item that, upon being evaluated, will install BOOTCFG to BOOTCFG-FILE, a target file name, on DEVICE, a file system device, @@ -246,10 +247,12 @@ BOOTLOADER-PACKAGE." ;; a broken installation. (switch-symlinks new-gc-root #$bootcfg) (install-boot-config #$bootcfg #$bootcfg-file #$target) - (when #$installer + (when (or #$installer #$disk-installer) (catch #t (lambda () - (#$installer #$bootloader-package #$device #$target)) + (if #$installer + (#$installer #$bootloader-package #$device #$target) + (#$disk-installer #$bootloader-package 0 #$device))) (lambda args (delete-file new-gc-root) (match args @@ -272,11 +275,14 @@ additional configurations specified by MENU-ENTRIES can be selected." (let* ((bootloader (bootloader-configuration-bootloader configuration)) (installer (and run-installer? (bootloader-installer bootloader))) + (disk-installer (and run-installer? + (bootloader-disk-image-installer bootloader))) (package (bootloader-package bootloader)) (device (bootloader-configuration-target configuration)) (bootcfg-file (bootloader-configuration-file bootloader))) (eval #~(parameterize ((current-warning-port (%make-void-port "w"))) (primitive-load #$(install-bootloader-program installer +disk-installer package bootcfg bootcfg-file -- 2.28.0
bug#43783: ssh-copy-id: line 254: /dev/null`: Permission denied
It happens with both my gentoo machines as well. But they can copy id's among each other fine. On Tue, Oct 20, 2020 at 11:03 PM Maxim Cournoyer wrote: > Hello, > > Nathan Dehnel writes: > > > ssh-copy-id errors out and then does not install the key > > > > bash-5.0$ ssh-copy-id pi@raspberrypi > > /home/nathan/.guix-profile/bin/ssh-copy-id: INFO: attempting to log in > with > > the new key(s), to filter out any that are already installed > > /home/nathan/.guix-profile/bin/ssh-copy-id: INFO: 2 key(s) remain to be > > installed -- if you are prompted now it is to install the new keys > > /home/nathan/.guix-profile/bin/ssh-copy-id: line 251: warning: > > here-document at line 251 delimited by end-of-file (wanted `EOF') > > /home/nathan/.guix-profile/bin/ssh-copy-id: line 250: warning: > > here-document at line 250 delimited by end-of-file (wanted `EOF') > > /home/nathan/.guix-profile/bin/ssh-copy-id: line 254: /dev/null`: > > Permission denied > > /home/nathan/.guix-profile/bin/ssh-copy-id: line 260: EOF: command not > found > > pi@raspberrypi's password: > > > > Number of key(s) added: 2 > > > > Now try logging into the machine, with: "ssh 'pi@raspberrypi'" > > and check to make sure that only the key(s) you wanted were added. > > Could this be specific to the raspberrypi? I cannot reproduce such > problem using a remote Guix System. But I just tried using a Buildroot > target I had on hand, and I could reproduce something similar: > > --8<---cut here---start->8--- > $ ssh-copy-id target > /home/maxim/.guix-profile/bin/ssh-copy-id: INFO: attempting to log in with > the new key(s), to filter out any that are already installed > /home/maxim/.guix-profile/bin/ssh-copy-id: INFO: 1 key(s) remain to be > installed -- if you are prompted now it is to install the new keys > /home/maxim/.guix-profile/bin/ssh-copy-id: line 251: warning: > here-document at line 251 delimited by end-of-file (wanted `EOF') > /home/maxim/.guix-profile/bin/ssh-copy-id: line 250: warning: > here-document at line 250 delimited by end-of-file (wanted `EOF') > mkdir: cannot create directory ‘/etc/dropbear’: Permission denied > Pseudo-terminal will not be allocated because stdin is not a terminal. > Warning: Permanently added '10.42.0.243' (ECDSA) to the list of known > hosts. > root@10.42.0.243's password: > -sh: ssh-rsa: not found > --8<---cut here---end--->8--- > > I think it probably has to do with the script not finding the tools it > expects on the minimal (embedded) environments of the > Rasperrypi/Buildroot. I'll try to have a closer look soon. > > Thanks, > > Maxim >