diff options
45 files changed, 967 insertions, 337 deletions
diff --git a/gnu-system.am b/gnu-system.am index 4086067b15..fc7f326c4f 100644 --- a/gnu-system.am +++ b/gnu-system.am @@ -356,21 +356,22 @@ dist_patch_DATA = \ gnu/packages/patches/duplicity-piped-password.patch \ gnu/packages/patches/duplicity-test_selection-tmp.patch \ gnu/packages/patches/eudev-rules-directory.patch \ - gnu/packages/patches/file-CVE-2014-3587.patch \ gnu/packages/patches/findutils-absolute-paths.patch \ gnu/packages/patches/flashrom-use-libftdi1.patch \ gnu/packages/patches/flex-bison-tests.patch \ gnu/packages/patches/gawk-shell.patch \ gnu/packages/patches/gcc-cross-environment-variables.patch \ - gnu/packages/patches/gcc-fix-pr61801.patch \ gnu/packages/patches/gd-mips64-deplibs-fix.patch \ gnu/packages/patches/glib-tests-desktop.patch \ gnu/packages/patches/glib-tests-homedir.patch \ gnu/packages/patches/glib-tests-prlimit.patch \ gnu/packages/patches/glib-tests-timer.patch \ gnu/packages/patches/glib-tests-gapplication.patch \ + gnu/packages/patches/glibc-CVE-2012-3406.patch \ + gnu/packages/patches/glibc-CVE-2014-7817.patch \ gnu/packages/patches/glibc-bootstrap-system.patch \ gnu/packages/patches/glibc-ldd-x86_64.patch \ + gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch \ gnu/packages/patches/gnunet-fix-scheduler.patch \ gnu/packages/patches/gnunet-fix-tests.patch \ gnu/packages/patches/gobject-introspection-cc.patch \ @@ -411,7 +412,6 @@ dist_patch_DATA = \ gnu/packages/patches/lm-sensors-hwmon-attrs.patch \ gnu/packages/patches/luit-posix.patch \ gnu/packages/patches/m4-gets-undeclared.patch \ - gnu/packages/patches/m4-readlink-EINVAL.patch \ gnu/packages/patches/make-impure-dirs.patch \ gnu/packages/patches/mc-fix-ncurses-build.patch \ gnu/packages/patches/mcron-install.patch \ diff --git a/gnu/packages/autotools.scm b/gnu/packages/autotools.scm index 3db3f45949..427c6e3113 100644 --- a/gnu/packages/autotools.scm +++ b/gnu/packages/autotools.scm @@ -178,7 +178,7 @@ exec ~a --no-auto-compile \"$0\" \"$@\" (native-search-paths (list (search-path-specification (variable "ACLOCAL_PATH") - (directories '("share/aclocal"))))) + (files '("share/aclocal"))))) (arguments '(#:modules ((guix build gnu-build-system) (guix build utils) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 85e92aad3b..1f479ccbbe 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -65,14 +65,14 @@ command-line arguments, multiple languages, and so on.") (define-public grep (package (name "grep") - (version "2.20") + (version "2.21") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/grep/grep-" version ".tar.xz")) (sha256 (base32 - "0rcs0spsxdmh6yz8y4frkqp6f5iw19mdbdl9s2v6956hq0mlbbzh")))) + "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j")))) (build-system gnu-build-system) (synopsis "Print lines matching a pattern") (description @@ -312,14 +312,14 @@ change. GNU make offers many powerful extensions over the standard utility.") (define-public binutils (package (name "binutils") - (version "2.24") + (version "2.25") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/binutils/binutils-" version ".tar.bz2")) (sha256 (base32 - "0ds1y7qa0xqihw4ihnsgg6bxanmb228r228ddvwzgrv4jszcbs75")) + "08r9i26b05zcwb9zxb6zllpfdiiicdfsgbpsjlrjmvx3rxjzrpi2")) (patches (list (search-patch "binutils-ld-new-dtags.patch") (search-patch "binutils-loongson-workaround.patch"))))) (build-system gnu-build-system) @@ -375,32 +375,37 @@ included.") (("use_ldconfig=yes") "use_ldconfig=no"))) (modules '((guix build utils))) - (patches (list (search-patch "glibc-ldd-x86_64.patch"))))) + (patches (list (search-patch "glibc-CVE-2014-7817.patch") + (search-patch "glibc-CVE-2012-3406.patch") + (search-patch "glibc-mips-dangling-vfork-ref.patch") + (search-patch "glibc-ldd-x86_64.patch"))))) (build-system gnu-build-system) ;; Glibc's <limits.h> refers to <linux/limit.h>, for instance, so glibc ;; users should automatically pull Linux headers as well. (propagated-inputs `(("linux-headers" ,linux-libre-headers))) - ;; Store the locales separately (~100 MiB). Note that "out" retains a - ;; reference to them anyway, so there's no space savings here. - ;; TODO: Eventually we may want to add a $LOCALE_ARCHIVE search path like - ;; Nixpkgs does. - (outputs '("out" "locales" "debug")) + (outputs '("out" "debug")) (arguments `(#:out-of-source? #t #:configure-flags (list "--enable-add-ons" "--sysconfdir=/etc" - (string-append "--localedir=" (assoc-ref %outputs "locales") - "/share/locale") + ;; Installing a locale archive with all the locales is to + ;; expensive (~100 MiB), so we rely on users to install the + ;; locales they really want. + ;; + ;; Set the default locale path. In practice, $LOCPATH may be + ;; defined to point whatever locales users want. However, setuid + ;; binaries don't honor $LOCPATH, so they'll instead look into + ;; $libc_cv_localedir; we choose /run/current-system/locale, with + ;; the idea that it is going to be populated by the sysadmin. + ;; ;; `--localedir' is not honored, so work around it. ;; See <http://sourceware.org/ml/libc-alpha/2013-03/msg00093.html>. - (string-append "libc_cv_localedir=" - (assoc-ref %outputs "locales") - "/share/locale") + (string-append "libc_cv_localedir=/run/current-system/locale") (string-append "--with-headers=" (assoc-ref %build-inputs "linux-headers") @@ -477,11 +482,7 @@ included.") "") (("exec @PERL@") "exec perl")))) - (alist-cons-after - 'install 'install-locales - (lambda _ - (zero? (system* "make" "localedata/install-locales"))) - %standard-phases)))) + %standard-phases))) (inputs `(("static-bash" ,(static-package bash-light)))) diff --git a/gnu/packages/bootstrap.scm b/gnu/packages/bootstrap.scm index 854d97bcfb..5a19783bb6 100644 --- a/gnu/packages/bootstrap.scm +++ b/gnu/packages/bootstrap.scm @@ -409,10 +409,10 @@ exec ~a/bin/.gcc-wrapped -B~a/lib \ (native-search-paths (list (search-path-specification (variable "CPATH") - (directories '("include"))) + (files '("include"))) (search-path-specification (variable "LIBRARY_PATH") - (directories '("lib" "lib64"))))) + (files '("lib" "lib64"))))) (synopsis "Bootstrap binaries of the GNU Compiler Collection") (description #f) (home-page #f) diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm index f2736b9eb3..cda1984f6a 100644 --- a/gnu/packages/compression.scm +++ b/gnu/packages/compression.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; @@ -115,13 +115,7 @@ file; as a result, it is often used in conjunction with \"tar\", resulting in (home-page "http://www.gnu.org/software/gzip/"))) (define-public bzip2 - (let ((fix-man-dir - ;; Move man pages to $out/share/. - '(lambda* (#:key outputs #:allow-other-keys) - (with-directory-excursion (assoc-ref outputs "out") - (mkdir "share") - (rename-file "man" "share/man")))) - (build-shared-lib + (let ((build-shared-lib ;; Build a shared library. '(lambda* (#:key inputs #:allow-other-keys) (patch-makefile-SHELL "Makefile-libbz2_so") @@ -171,20 +165,16 @@ file; as a result, it is often used in conjunction with \"tar\", resulting in `(alist-cons-before 'build 'build-shared-lib ,build-shared-lib (alist-cons-after - 'install 'fix-man-dir ,fix-man-dir - (alist-cons-after - 'install 'install-shared-lib ,install-shared-lib - (alist-replace 'configure ,set-cross-environment - %standard-phases)))) + 'install 'install-shared-lib ,install-shared-lib + (alist-replace 'configure ,set-cross-environment + %standard-phases))) ;; Native compilation: build the shared library. `(alist-cons-before 'build 'build-shared-lib ,build-shared-lib (alist-cons-after - 'install 'fix-man-dir ,fix-man-dir - (alist-cons-after - 'install 'install-shared-lib ,install-shared-lib - (alist-delete 'configure %standard-phases))))) + 'install 'install-shared-lib ,install-shared-lib + (alist-delete 'configure %standard-phases)))) #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) diff --git a/gnu/packages/cross-base.scm b/gnu/packages/cross-base.scm index 74809d08f9..0f32c9fab9 100644 --- a/gnu/packages/cross-base.scm +++ b/gnu/packages/cross-base.scm @@ -234,10 +234,10 @@ GCC that does not target a libc; otherwise, target that libc." (search-paths (list (search-path-specification (variable "CROSS_CPATH") - (directories '("include"))) + (files '("include"))) (search-path-specification (variable "CROSS_LIBRARY_PATH") - (directories '("lib" "lib64"))))) + (files '("lib" "lib64"))))) (native-search-paths '()))) (define* (cross-libc target diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm index 070695ec2c..7d8504b74a 100644 --- a/gnu/packages/file.scm +++ b/gnu/packages/file.scm @@ -27,14 +27,14 @@ (define-public file (package (name "file") - (version "5.19") - (source (origin - (method url-fetch) - (uri (string-append "ftp://ftp.astron.com/pub/file/file-" - version ".tar.gz")) - (sha256 (base32 - "0z1sgrcfy6d285kj5izy1yypf371bjl3247plh9ppk0svaxv714l")) - (patches (list (search-patch "file-CVE-2014-3587.patch"))))) + (version "5.20") + (source (origin + (method url-fetch) + (uri (string-append "ftp://ftp.astron.com/pub/file/file-" + version ".tar.gz")) + (sha256 + (base32 + "0iyjs9z8kp43gz7gva4j67h4p0n53f7q8x3ibai9s01sp3xnphsv")))) (build-system gnu-build-system) ;; When cross-compiling, this package depends upon a native install of @@ -50,13 +50,3 @@ of the file.") (license bsd-2) (home-page "http://www.darwinsys.com/file/"))) -(define-public file-5.20 ;fix for CVE-2014-3710 - (package (inherit file) - (version "5.20") - (source (origin - (method url-fetch) - (uri (string-append "ftp://ftp.astron.com/pub/file/file-" - version ".tar.gz")) - (sha256 - (base32 - "0iyjs9z8kp43gz7gva4j67h4p0n53f7q8x3ibai9s01sp3xnphsv")))))) diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm index 82cdbc55c4..b1a68a72c7 100644 --- a/gnu/packages/games.scm +++ b/gnu/packages/games.scm @@ -714,7 +714,7 @@ for common mesh file formats, and collision detection.") (native-search-paths (list (search-path-specification (variable "MINETEST_SUBGAME_PATH") - (directories '("share/minetest/games"))))) + (files '("share/minetest/games"))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs diff --git a/gnu/packages/gawk.scm b/gnu/packages/gawk.scm index 10506197f3..996be7af4a 100644 --- a/gnu/packages/gawk.scm +++ b/gnu/packages/gawk.scm @@ -64,7 +64,17 @@ '((substitute* "extension/configure" (("/usr/bin/file") (which "file")))) '()))) - %standard-phases))) + + (alist-cons-before + 'check 'install-locales + (lambda _ + ;; A bunch of tests require the availability of a UTF-8 + ;; locale and otherwise fail. Give them what they want. + (setenv "LOCPATH" (getcwd)) + (zero? (system* "localedef" "--no-archive" + "--prefix" (getcwd) "-i" "en_US" + "-f" "UTF-8" "./en_US.UTF-8"))) + %standard-phases)))) (inputs `(("libsigsegv" ,libsigsegv) ,@(if (%current-target-system) diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm index b28b3e0588..4733fc1af6 100644 --- a/gnu/packages/gcc.scm +++ b/gnu/packages/gcc.scm @@ -245,10 +245,10 @@ where the OS part is overloaded to denote a specific ABI---into GCC (native-search-paths (list (search-path-specification (variable "CPATH") - (directories '("include"))) + (files '("include"))) (search-path-specification (variable "LIBRARY_PATH") - (directories '("lib" "lib64"))))) + (files '("lib" "lib64"))))) (properties `((gcc-libc . ,(assoc-ref inputs "libc")))) (synopsis "GNU Compiler Collection") @@ -261,15 +261,14 @@ Go. It also includes runtime support libraries for these languages.") (define-public gcc-4.8 (package (inherit gcc-4.7) - (version "4.8.3") + (version "4.8.4") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/gcc/gcc-" version "/gcc-" version ".tar.bz2")) (sha256 (base32 - "07hg10zs7gnqz58my10ch0zygizqh0z0bz6pv4pgxx45n48lz3ka")) - (patches (list (search-patch "gcc-fix-pr61801.patch"))))))) + "15c6gwm6dzsaagamxkak5smdkf1rdfbqqjs9jdbrp3lbg4ism02a")))))) (define-public gcc-4.9 (package (inherit gcc-4.7) diff --git a/gnu/packages/gettext.scm b/gnu/packages/gettext.scm index bbdf0c5862..dd86fe4c5b 100644 --- a/gnu/packages/gettext.scm +++ b/gnu/packages/gettext.scm @@ -35,14 +35,14 @@ (define-public gnu-gettext (package (name "gettext") - (version "0.19.3") + (version "0.19.4") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/gettext/gettext-" version ".tar.gz")) (sha256 (base32 - "1xmkxviqnq60h4wmh3bi6b1zkc9qsk3l1lv91k0iwfrxb982v5ck")))) + "0gvz86m4cs8bdf3mwmwsyx6lrq4ydfxgadrgd9jlx32z3bnz3jca")))) (build-system gnu-build-system) (inputs `(("expat" ,expat))) diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm index 83d55d64ff..5a5b4dfd0a 100644 --- a/gnu/packages/glib.scm +++ b/gnu/packages/glib.scm @@ -189,7 +189,7 @@ shared NFS home directories.") ;; by 'glib-compile-schemas'. (list (search-path-specification (variable "XDG_DATA_DIRS") - (directories '("share"))))) + (files '("share"))))) (search-paths native-search-paths) (synopsis "Thread-safe general utility library; basis of GTK+ and GNOME") @@ -231,7 +231,7 @@ dynamic loading, and an object system.") (native-search-paths (list (search-path-specification (variable "GI_TYPELIB_PATH") - (directories '("lib/girepository-1.0"))))) + (files '("lib/girepository-1.0"))))) (search-paths native-search-paths) (arguments `(#:phases diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index a2ef712220..61260557e3 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -143,17 +143,6 @@ The gnome-about program helps find which version of GNOME is installed.") (base32 "19n4x25ndzngaciiyd8dd6s2mf9gv6nv3wv27ggns2smm7zkj1nb")))) (build-system gnu-build-system) - (arguments - `(#:phases - (alist-cons-before - 'check 'pre-check - (lambda* (#:key inputs #:allow-other-keys #:rest args) - ;; This is needed, because without it, xmlint etc tries - ;; to download docbookx.dtd from the net - (setenv "XML_CATALOG_FILES" - (string-append (assoc-ref inputs "docbook-xml") - "/xml/dtd/docbook/catalog.xml"))) - %standard-phases))) (native-inputs `(("intltool" ,intltool) ("docbook-xml" ,docbook-xml-4.4) diff --git a/gnu/packages/gps.scm b/gnu/packages/gps.scm index 1fbf38f125..231b1d1b04 100644 --- a/gnu/packages/gps.scm +++ b/gnu/packages/gps.scm @@ -100,17 +100,7 @@ manipulate maps.") (substitute* "Makefile" (("prefix[[:blank:]]*=.*$") (string-append "prefix = " (assoc-ref outputs "out") - "\n"))) - - ;; Make sure the DocBook XML and XSL files are found. - ;; Note: this is a space-separated list. - (setenv "XML_CATALOG_FILES" - (string-append (assoc-ref inputs "docbook-xml") - "/xml/dtd/docbook/catalog.xml " - (assoc-ref inputs "docbook-xsl") - "/xml/xsl/" - ,(package-full-name docbook-xsl) - "/catalog.xml"))) + "\n")))) %standard-phases) #:tests? #f)) (inputs diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 6a76bafe84..7e3b5f847d 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -95,7 +95,7 @@ (native-search-paths (list (search-path-specification (variable "GUILE_LOAD_PATH") - (directories '("share/guile/site"))))) + (files '("share/guile/site"))))) (synopsis "Scheme implementation intended especially for extensions") (description @@ -155,10 +155,10 @@ without requiring the source code to be rewritten.") (native-search-paths (list (search-path-specification (variable "GUILE_LOAD_PATH") - (directories '("share/guile/site/2.0"))) + (files '("share/guile/site/2.0"))) (search-path-specification (variable "GUILE_LOAD_COMPILED_PATH") - (directories '("share/guile/site/2.0"))))) + (files '("share/guile/site/2.0"))))) (synopsis "Scheme implementation intended especially for extensions") (description diff --git a/gnu/packages/ld-wrapper.scm b/gnu/packages/ld-wrapper.scm index d3eb083f2f..19856176b3 100644 --- a/gnu/packages/ld-wrapper.scm +++ b/gnu/packages/ld-wrapper.scm @@ -11,7 +11,7 @@ main="(@ (gnu build-support ld-wrapper) ld-wrapper)" exec @GUILE@ -c "(load-compiled \"$0.go\") (apply $main (cdr (command-line)))" "$@" !# ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,6 +30,7 @@ exec @GUILE@ -c "(load-compiled \"$0.go\") (apply $main (cdr (command-line)))" " (define-module (gnu build-support ld-wrapper) #:use-module (srfi srfi-1) + #:use-module (ice-9 match) #:export (ld-wrapper)) ;;; Commentary: @@ -103,58 +104,62 @@ exec @GUILE@ -c "(load-compiled \"$0.go\") (apply $main (cdr (command-line)))" " (< depth %max-symlink-depth) (loop (readlink file) (+ 1 depth)))))))) -(define (switch-arguments switch args) - ;; Return the arguments passed for the occurrences of SWITCH--e.g., - ;; "-L"--in ARGS. - (let ((prefix-len (string-length switch))) - (fold-right (lambda (arg path) - (if (string-prefix? switch arg) - (cons (substring arg prefix-len) path) - path)) - '() - args))) - -(define (library-path args) - ;; Return the library search path extracted from `-L' switches in ARGS. - ;; Note: allow references to out-of-store directories. When this leads to - ;; actual impurities, this is caught later. - (switch-arguments "-L" args)) - (define (library-files-linked args) ;; Return the file names of shared libraries explicitly linked against via - ;; `-l' in ARGS. - (map (lambda (lib) - (string-append "lib" lib ".so")) - (switch-arguments "-l" args))) - -(define (rpath-arguments lib-path library-files) - ;; Return the `-rpath' argument list for each of LIBRARY-FILES found in - ;; LIB-PATH. + ;; `-l' or with an absolute file name in ARGS. + (define path+files + (fold (lambda (argument result) + (match result + ((library-path . library-files) + (cond ((string-prefix? "-L" argument) ;augment the search path + (cons (append library-path + (list (string-drop argument 2))) + library-files)) + ((string-prefix? "-l" argument) ;add library + (let* ((lib (string-append "lib" + (string-drop argument 2) + ".so")) + (full (search-path library-path lib))) + (if full + (cons library-path + (cons full library-files)) + result))) + ((and (string-prefix? %store-directory argument) + (string-suffix? ".so" argument)) ;add library + (cons library-path + (cons argument library-files))) + (else + result))))) + (cons '() '()) + args)) + + (match path+files + ((path . files) + (reverse files)))) + +(define (rpath-arguments library-files) + ;; Return the `-rpath' argument list for each of LIBRARY-FILES, a list of + ;; absolute file names. (fold-right (lambda (file args) - (let ((absolute (search-path lib-path file))) - (if absolute - (if (or %allow-impurities? - (pure-file-name? absolute)) - (cons* "-rpath" (dirname absolute) - args) - (begin - (format (current-error-port) - "ld-wrapper: error: attempt to use impure library ~s~%" - absolute) - (exit 1))) - args))) + (if (or %allow-impurities? + (pure-file-name? file)) + (cons* "-rpath" (dirname file) args) + (begin + (format (current-error-port) + "ld-wrapper: error: attempt to use impure library ~s~%" + file) + (exit 1)))) '() library-files)) (define (ld-wrapper . args) ;; Invoke the real `ld' with ARGS, augmented with `-rpath' switches. - (let* ((lib-path (library-path args)) - (libs (library-files-linked args)) - (args (append args (rpath-arguments lib-path libs)))) - (if %debug? - (format (current-error-port) - "ld-wrapper: invoking `~a' with ~s~%" - %real-ld args)) + (let* ((libs (library-files-linked args)) + (args (append args (rpath-arguments libs)))) + (when %debug? + (format (current-error-port) + "ld-wrapper: invoking `~a' with ~s~%" + %real-ld args)) (apply execl %real-ld (basename %real-ld) args))) ;;; ld-wrapper.scm ends here diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index a2708a290f..9dc5f5cd40 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -196,7 +196,7 @@ for SYSTEM, or #f if there is no configuration for SYSTEM." (build-phase '(lambda* (#:key system inputs #:allow-other-keys #:rest args) ;; Apply the neat patch. - (system* "patch" "-p1" "--batch" + (system* "patch" "-p1" "--force" "-i" (assoc-ref inputs "patch/freedo+gnu")) (let ((arch (car (string-split system #\-)))) @@ -774,7 +774,7 @@ manpages.") 'unpack 'patch (lambda* (#:key inputs #:allow-other-keys) (define (apply-patch file) - (zero? (system* "patch" "-p1" "--batch" + (zero? (system* "patch" "-p1" "--force" "--input" file))) (let ((patch.gz (assoc-ref inputs "patch"))) diff --git a/gnu/packages/m4.scm b/gnu/packages/m4.scm index 0915fde4f2..b3b3a00fde 100644 --- a/gnu/packages/m4.scm +++ b/gnu/packages/m4.scm @@ -33,8 +33,7 @@ version ".tar.bz2")) (sha256 (base32 - "0w0da1chh12mczxa5lnwzjk9czi3dq6gnnndbpa6w4rj76b1yklf")) - (patches (list (search-patch "m4-readlink-EINVAL.patch"))))) + "0w0da1chh12mczxa5lnwzjk9czi3dq6gnnndbpa6w4rj76b1yklf")))) (build-system gnu-build-system) (arguments ;; XXX: Disable tests on those platforms with know issues. diff --git a/gnu/packages/man.scm b/gnu/packages/man.scm index 028403ce74..712622aee8 100644 --- a/gnu/packages/man.scm +++ b/gnu/packages/man.scm @@ -105,7 +105,7 @@ a flexible and convenient way.") (native-search-paths (list (search-path-specification (variable "MANPATH") - (directories '("share/man"))))) + (files '("share/man"))))) (home-page "http://man-db.nongnu.org/") (synopsis "Standard Unix documentation system") (description diff --git a/gnu/packages/mit-krb5.scm b/gnu/packages/mit-krb5.scm index 2528f46157..3f3e85773e 100644 --- a/gnu/packages/mit-krb5.scm +++ b/gnu/packages/mit-krb5.scm @@ -62,7 +62,7 @@ ;; XXX The current patch system does not support unusual ;; source unpack methods, so we have to apply this patch in a ;; non-standard way. - (zero? (system* "patch" "-p1" "--batch" "-i" + (zero? (system* "patch" "-p1" "--force" "-i" (assoc-ref %build-inputs "patch/init-fix")))))) (alist-replace 'check diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm index de7e6f6721..0dbc583f79 100644 --- a/gnu/packages/ncurses.scm +++ b/gnu/packages/ncurses.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; ;;; This file is part of GNU Guix. @@ -99,11 +99,6 @@ ,(string-append "--includedir=" (assoc-ref %outputs "out") "/include") - ;; By default man pages land in PREFIX/man, but we want them - ;; in PREFIX/share/man. - ,(string-append "--mandir=" (assoc-ref %outputs "out") - "/share/man") - ;; Make sure programs like 'tic', 'reset', and 'clear' have a ;; correct RUNPATH. ,(string-append "LDFLAGS=-Wl,-rpath=" (assoc-ref %outputs "out") diff --git a/gnu/packages/patches/file-CVE-2014-3587.patch b/gnu/packages/patches/file-CVE-2014-3587.patch deleted file mode 100644 index cf88bf5f3e..0000000000 --- a/gnu/packages/patches/file-CVE-2014-3587.patch +++ /dev/null @@ -1,16 +0,0 @@ -Fixes CVE-2014-3587. Copied from upstream commit -0641e56be1af003aa02c7c6b0184466540637233. - ---- file-5.19/src/cdf.c.orig 2014-06-09 09:04:37.000000000 -0400 -+++ file-5.19/src/cdf.c 2014-08-26 11:55:23.887118898 -0400 -@@ -824,6 +824,10 @@ - q = (const uint8_t *)(const void *) - ((const char *)(const void *)p + ofs - - 2 * sizeof(uint32_t)); -+ if (q < p) { -+ DPRINTF(("Wrapped around %p < %p\n", q, p)); -+ goto out; -+ } - if (q > e) { - DPRINTF(("Ran of the end %p > %p\n", q, e)); - goto out; diff --git a/gnu/packages/patches/gcc-fix-pr61801.patch b/gnu/packages/patches/gcc-fix-pr61801.patch deleted file mode 100644 index e9cd92aa1c..0000000000 --- a/gnu/packages/patches/gcc-fix-pr61801.patch +++ /dev/null @@ -1,25 +0,0 @@ -GCC bug fix for <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61801>. -Initially discussed at - <http://lists.gnu.org/archive/html/guix-devel/2014-09/msg00283.html>. -Patch from <https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=212740>. - -2014-07-17 Richard Biener <rguenther@suse.de> - - PR rtl-optimization/61801 - - * sched-deps.c (sched_analyze_2): For ASM_OPERANDS and - ASM_INPUT don't set reg_pending_barrier if it appears in a - debug-insn. - ---- gcc-4_8-branch/gcc/sched-deps.c 2014/07/17 07:48:49 212739 -+++ gcc-4_8-branch/gcc/sched-deps.c 2014/07/17 07:49:44 212740 -@@ -2744,7 +2744,8 @@ - Consider for instance a volatile asm that changes the fpu rounding - mode. An insn should not be moved across this even if it only uses - pseudo-regs because it might give an incorrectly rounded result. */ -- if (code != ASM_OPERANDS || MEM_VOLATILE_P (x)) -+ if ((code != ASM_OPERANDS || MEM_VOLATILE_P (x)) -+ && !DEBUG_INSN_P (insn)) - reg_pending_barrier = TRUE_BARRIER; - - /* For all ASM_OPERANDS, we must traverse the vector of input operands. diff --git a/gnu/packages/patches/glibc-CVE-2012-3406.patch b/gnu/packages/patches/glibc-CVE-2012-3406.patch new file mode 100644 index 0000000000..9147a2aeee --- /dev/null +++ b/gnu/packages/patches/glibc-CVE-2012-3406.patch @@ -0,0 +1,282 @@ +Fix CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] + +Note: Here the ChangeLog and NEWS updates are removed from Jeff's + patch, since they depend on other earlier commits. + +From: Jeff Law <law@redhat.com> +Date: Mon, 15 Dec 2014 09:09:32 +0000 (+0100) +Subject: CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] +X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff_plain;h=a3a1f4163c4d0f9a36056c8640661a88674ae8a2 + +CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] + +A larger number of format specifiers coudld cause a stack overflow, +potentially allowing to bypass _FORTIFY_SOURCE format string +protection. + +(cherry picked from commit a5357b7ce2a2982c5778435704bcdb55ce3667a0) +(cherry picked from commit ae61fc7b33d9d99d2763c16de8275227dc9748ba) + +Conflicts: + NEWS +--- + +diff --git a/stdio-common/Makefile b/stdio-common/Makefile +index 5f8e534..e5e45b6 100644 +--- a/stdio-common/Makefile ++++ b/stdio-common/Makefile +@@ -57,7 +57,7 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ + bug19 bug19a tst-popen2 scanf13 scanf14 scanf15 bug20 bug21 bug22 \ + scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \ + bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \ +- bug25 tst-printf-round bug26 ++ bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 + + test-srcs = tst-unbputc tst-printf + +diff --git a/stdio-common/bug23-2.c b/stdio-common/bug23-2.c +new file mode 100644 +index 0000000..9e0cfe6 +--- /dev/null ++++ b/stdio-common/bug23-2.c +@@ -0,0 +1,70 @@ ++#include <stdio.h> ++#include <string.h> ++#include <stdlib.h> ++ ++static const char expected[] = "\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55\ ++\n\ ++a\n\ ++abbcd55%%%%%%%%%%%%%%%%%%%%%%%%%%\n"; ++ ++static int ++do_test (void) ++{ ++ char *buf = malloc (strlen (expected) + 1); ++ snprintf (buf, strlen (expected) + 1, ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n", ++ "a", "b", "c", "d", 5); ++ return strcmp (buf, expected) != 0; ++} ++ ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +diff --git a/stdio-common/bug23-3.c b/stdio-common/bug23-3.c +new file mode 100644 +index 0000000..57c8cef +--- /dev/null ++++ b/stdio-common/bug23-3.c +@@ -0,0 +1,50 @@ ++#include <stdio.h> ++#include <string.h> ++#include <stdlib.h> ++ ++int ++do_test (void) ++{ ++ size_t instances = 16384; ++#define X0 "\n%1$s\n" "%1$s" "%2$s" "%2$s" "%3$s" "%4$s" "%5$d" "%5$d" ++ const char *item = "\na\nabbcd55"; ++#define X3 X0 X0 X0 X0 X0 X0 X0 X0 ++#define X6 X3 X3 X3 X3 X3 X3 X3 X3 ++#define X9 X6 X6 X6 X6 X6 X6 X6 X6 ++#define X12 X9 X9 X9 X9 X9 X9 X9 X9 ++#define X14 X12 X12 X12 X12 ++#define TRAILER "%%%%%%%%%%%%%%%%%%%%%%%%%%" ++#define TRAILER2 TRAILER TRAILER ++ size_t length = instances * strlen (item) + strlen (TRAILER) + 1; ++ ++ char *buf = malloc (length + 1); ++ snprintf (buf, length + 1, ++ X14 TRAILER2 "\n", ++ "a", "b", "c", "d", 5); ++ ++ const char *p = buf; ++ size_t i; ++ for (i = 0; i < instances; ++i) ++ { ++ const char *expected; ++ for (expected = item; *expected; ++expected) ++ { ++ if (*p != *expected) ++ { ++ printf ("mismatch at offset %zu (%zu): expected %d, got %d\n", ++ (size_t) (p - buf), i, *expected & 0xFF, *p & 0xFF); ++ return 1; ++ } ++ ++p; ++ } ++ } ++ if (strcmp (p, TRAILER "\n") != 0) ++ { ++ printf ("mismatch at trailer: [%s]\n", p); ++ return 1; ++ } ++ free (buf); ++ return 0; ++} ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +diff --git a/stdio-common/bug23-4.c b/stdio-common/bug23-4.c +new file mode 100644 +index 0000000..a478564 +--- /dev/null ++++ b/stdio-common/bug23-4.c +@@ -0,0 +1,31 @@ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <sys/resource.h> ++ ++#define LIMIT 1000000 ++ ++int ++main (void) ++{ ++ struct rlimit lim; ++ getrlimit (RLIMIT_STACK, &lim); ++ lim.rlim_cur = 1048576; ++ setrlimit (RLIMIT_STACK, &lim); ++ char *fmtstr = malloc (4 * LIMIT + 1); ++ if (fmtstr == NULL) ++ abort (); ++ char *output = malloc (LIMIT + 1); ++ if (output == NULL) ++ abort (); ++ for (size_t i = 0; i < LIMIT; i++) ++ memcpy (fmtstr + 4 * i, "%1$d", 4); ++ fmtstr[4 * LIMIT] = '\0'; ++ int ret = snprintf (output, LIMIT + 1, fmtstr, 0); ++ if (ret != LIMIT) ++ abort (); ++ for (size_t i = 0; i < LIMIT; i++) ++ if (output[i] != '0') ++ abort (); ++ return 0; ++} +diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c +index c4ff833..429a3d1 100644 +--- a/stdio-common/vfprintf.c ++++ b/stdio-common/vfprintf.c +@@ -263,6 +263,12 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap) + /* For the argument descriptions, which may be allocated on the heap. */ + void *args_malloced = NULL; + ++ /* For positional argument handling. */ ++ struct printf_spec *specs; ++ ++ /* Track if we malloced the SPECS array and thus must free it. */ ++ bool specs_malloced = false; ++ + /* This table maps a character into a number representing a + class. In each step there is a destination label for each + class. */ +@@ -1679,8 +1685,8 @@ do_positional: + size_t nspecs = 0; + /* A more or less arbitrary start value. */ + size_t nspecs_size = 32 * sizeof (struct printf_spec); +- struct printf_spec *specs = alloca (nspecs_size); + ++ specs = alloca (nspecs_size); + /* The number of arguments the format string requests. This will + determine the size of the array needed to store the argument + attributes. */ +@@ -1721,11 +1727,39 @@ do_positional: + if (nspecs * sizeof (*specs) >= nspecs_size) + { + /* Extend the array of format specifiers. */ ++ if (nspecs_size * 2 < nspecs_size) ++ { ++ __set_errno (ENOMEM); ++ done = -1; ++ goto all_done; ++ } + struct printf_spec *old = specs; +- specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size); ++ if (__libc_use_alloca (2 * nspecs_size)) ++ specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size); ++ else ++ { ++ nspecs_size *= 2; ++ specs = malloc (nspecs_size); ++ if (specs == NULL) ++ { ++ __set_errno (ENOMEM); ++ specs = old; ++ done = -1; ++ goto all_done; ++ } ++ } + + /* Copy the old array's elements to the new space. */ + memmove (specs, old, nspecs * sizeof (*specs)); ++ ++ /* If we had previously malloc'd space for SPECS, then ++ release it after the copy is complete. */ ++ if (specs_malloced) ++ free (old); ++ ++ /* Now set SPECS_MALLOCED if needed. */ ++ if (!__libc_use_alloca (nspecs_size)) ++ specs_malloced = true; + } + + /* Parse the format specifier. */ +@@ -2046,6 +2080,8 @@ do_positional: + } + + all_done: ++ if (specs_malloced) ++ free (specs); + if (__glibc_unlikely (args_malloced != NULL)) + free (args_malloced); + if (__glibc_unlikely (workstart != NULL)) diff --git a/gnu/packages/patches/glibc-CVE-2014-7817.patch b/gnu/packages/patches/glibc-CVE-2014-7817.patch new file mode 100644 index 0000000000..14c885523c --- /dev/null +++ b/gnu/packages/patches/glibc-CVE-2014-7817.patch @@ -0,0 +1,171 @@ +Fix CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. + +Note: Here the ChangeLog and NEWS updates are removed from Carlos's + patch, since they depend on other earlier commits. + +From: Carlos O'Donell <carlos@redhat.com> +Date: Wed, 19 Nov 2014 16:44:12 +0000 (-0500) +Subject: CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. +X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff_plain;h=33ceaf6187b31ea15284ac65131749e1cb68d2ae + +CVE-2014-7817: wordexp fails to honour WRDE_NOCMD. + +The function wordexp() fails to properly handle the WRDE_NOCMD +flag when processing arithmetic inputs in the form of "$((... ``))" +where "..." can be anything valid. The backticks in the arithmetic +epxression are evaluated by in a shell even if WRDE_NOCMD forbade +command substitution. This allows an attacker to attempt to pass +dangerous commands via constructs of the above form, and bypass +the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD +in exec_comm(), the only place that can execute a shell. All other +checks for WRDE_NOCMD are superfluous and removed. + +We expand the testsuite and add 3 new regression tests of roughly +the same form but with a couple of nested levels. + +On top of the 3 new tests we add fork validation to the WRDE_NOCMD +testing. If any forks are detected during the execution of a wordexp() +call with WRDE_NOCMD, the test is marked as failed. This is slightly +heuristic since vfork might be used in the future, but it provides a +higher level of assurance that no shells were executed as part of +command substitution with WRDE_NOCMD in effect. In addition it doesn't +require libpthread or libdl, instead we use the public implementation +namespace function __register_atfork (already part of the public ABI +for libpthread). + +Tested on x86_64 with no regressions. + +(cherry picked from commit a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c) +--- + +diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c +index 4957006..bdd65e4 100644 +--- a/posix/wordexp-test.c ++++ b/posix/wordexp-test.c +@@ -27,6 +27,25 @@ + + #define IFS " \n\t" + ++extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden"))); ++extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); ++ ++static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void)) ++{ ++ return __register_atfork (prepare, parent, child, ++ &__dso_handle == NULL ? NULL : __dso_handle); ++} ++ ++/* Number of forks seen. */ ++static int registered_forks; ++ ++/* For each fork increment the fork count. */ ++static void ++register_fork (void) ++{ ++ registered_forks++; ++} ++ + struct test_case_struct + { + int retval; +@@ -206,6 +225,12 @@ struct test_case_struct + { WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS }, + { WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS }, + { WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS }, ++ /* Test for CVE-2014-7817. We test 3 combinations of command ++ substitution inside an arithmetic expression to make sure that ++ no commands are executed and error is returned. */ ++ { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, ++ { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, ++ { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS }, + + { -1, NULL, NULL, 0, 0, { NULL, }, IFS }, + }; +@@ -258,6 +283,15 @@ main (int argc, char *argv[]) + return -1; + } + ++ /* If we are not allowed to do command substitution, we install ++ fork handlers to verify that no forks happened. No forks should ++ happen at all if command substitution is disabled. */ ++ if (__app_register_atfork (register_fork, NULL, NULL) != 0) ++ { ++ printf ("Failed to register fork handler.\n"); ++ return -1; ++ } ++ + for (test = 0; test_case[test].retval != -1; test++) + if (testit (&test_case[test])) + ++fail; +@@ -367,6 +401,9 @@ testit (struct test_case_struct *tc) + + printf ("Test %d (%s): ", ++tests, tc->words); + ++ if (tc->flags & WRDE_NOCMD) ++ registered_forks = 0; ++ + if (tc->flags & WRDE_APPEND) + { + /* initial wordexp() call, to be appended to */ +@@ -378,6 +415,13 @@ testit (struct test_case_struct *tc) + } + retval = wordexp (tc->words, &we, tc->flags); + ++ if ((tc->flags & WRDE_NOCMD) ++ && (registered_forks > 0)) ++ { ++ printf ("FAILED fork called for WRDE_NOCMD\n"); ++ return 1; ++ } ++ + if (tc->flags & WRDE_DOOFFS) + start_offs = sav_we.we_offs; + +diff --git a/posix/wordexp.c b/posix/wordexp.c +index b6b65dd..26f3a26 100644 +--- a/posix/wordexp.c ++++ b/posix/wordexp.c +@@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size_t *word_length, size_t *max_length, + pid_t pid; + int noexec = 0; + ++ /* Do nothing if command substitution should not succeed. */ ++ if (flags & WRDE_NOCMD) ++ return WRDE_CMDSUB; ++ + /* Don't fork() unless necessary */ + if (!comm || !*comm) + return 0; +@@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word_length, size_t *max_length, + } + } + +- if (flags & WRDE_NOCMD) +- return WRDE_CMDSUB; +- + (*offset) += 2; + return parse_comm (word, word_length, max_length, words, offset, flags, + quoted? NULL : pwordexp, ifs, ifs_white); +@@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_length, size_t *max_length, + break; + + case '`': +- if (flags & WRDE_NOCMD) +- return WRDE_CMDSUB; +- + ++(*offset); + error = parse_backtick (word, word_length, max_length, words, + offset, flags, NULL, NULL, NULL); +@@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *pwordexp, int flags) + break; + + case '`': +- if (flags & WRDE_NOCMD) +- { +- error = WRDE_CMDSUB; +- goto do_error; +- } +- + ++words_offset; + error = parse_backtick (&word, &word_length, &max_length, words, + &words_offset, flags, pwordexp, ifs, diff --git a/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch b/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch new file mode 100644 index 0000000000..852b6de669 --- /dev/null +++ b/gnu/packages/patches/glibc-mips-dangling-vfork-ref.patch @@ -0,0 +1,45 @@ +Avoid a dangling `vfork@GLIBC_2.0' reference on MIPS. + +Note: Here the ChangeLog and NEWS updates are removed from Maciej's + patch, since they depend on other earlier commits. + +From: Maciej W. Rozycki <macro@codesourcery.com> +Date: Wed, 22 Oct 2014 14:20:37 +0000 (+0100) +Subject: MIPS: Avoid a dangling `vfork@GLIBC_2.0' reference +X-Git-Url: https://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=c14e752fc73d34c75d4f84f37fea8e0b1734cf98 + +MIPS: Avoid a dangling `vfork@GLIBC_2.0' reference + +This satisfies a symbol reference created with: + + .symver __libc_vfork, vfork@GLIBC_2.0 + +where `__libc_vfork' has not been defined or referenced. In this case +the `vfork@GLIBC_2.0' reference is supposed to be discarded, however a +bug present in GAS since forever causes an undefined symbol table entry +to be created. This in turn triggers a problem in the linker that can +manifest itself by link errors such as: + +ld: libpthread.so: invalid string offset 2765592330 >= 5154 for section `.dynstr' + +The GAS and linker bugs need to be resolved, but we can avoid them too +by providing a `__libc_vfork' definition just like our other platforms. + + [BZ #17485] + * sysdeps/unix/sysv/linux/mips/vfork.S (__libc_vfork): Define. + +(cherry picked from commit b5af9297d51a43f96c5be1bafab032184690dd6f) + +Conflicts: + NEWS +--- + +diff --git a/sysdeps/unix/sysv/linux/mips/vfork.S b/sysdeps/unix/sysv/linux/mips/vfork.S +index 80c362d..2c1a747 100644 +--- a/sysdeps/unix/sysv/linux/mips/vfork.S ++++ b/sysdeps/unix/sysv/linux/mips/vfork.S +@@ -108,3 +108,4 @@ L(error): + + libc_hidden_def(__vfork) + weak_alias (__vfork, vfork) ++strong_alias (__vfork, __libc_vfork) diff --git a/gnu/packages/patches/m4-readlink-EINVAL.patch b/gnu/packages/patches/m4-readlink-EINVAL.patch deleted file mode 100644 index dd371584a7..0000000000 --- a/gnu/packages/patches/m4-readlink-EINVAL.patch +++ /dev/null @@ -1,18 +0,0 @@ -Newer Linux kernels would return EINVAL instead of ENOENT. -The patch below, taken from Gnulib, allows the test to pass when -these Linux versions are in use: -https://lists.gnu.org/archive/html/bug-gnulib/2011-03/msg00308.html . - -diff --git a/tests/test-readlink.h b/tests/test-readlink.h -index 08d5662..7247fc4 100644 ---- a/tests/test-readlink.h -+++ b/tests/test-readlink.h -@@ -38,7 +38,7 @@ test_readlink (ssize_t (*func) (char const *, char *, size_t), bool print) - ASSERT (errno == ENOENT); - errno = 0; - ASSERT (func ("", buf, sizeof buf) == -1); -- ASSERT (errno == ENOENT); -+ ASSERT (errno == ENOENT || errno == EINVAL); - errno = 0; - ASSERT (func (".", buf, sizeof buf) == -1); - ASSERT (errno == EINVAL); diff --git a/gnu/packages/patchutils.scm b/gnu/packages/patchutils.scm index 3dbf72435e..48f4d29584 100644 --- a/gnu/packages/patchutils.scm +++ b/gnu/packages/patchutils.scm @@ -96,7 +96,7 @@ listing the files modified by a patch.") (build-system gnu-build-system) (inputs `(("perl" ,perl) ("less" ,less) - ("file" ,file-5.20) ;work around CVE-2014-3710 + ("file" ,file) ("ed" ,ed))) (arguments '(#:parallel-tests? #f diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index 03cad3e25f..699fe751de 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -66,7 +66,7 @@ %standard-phases))) (native-search-paths (list (search-path-specification (variable "PERL5LIB") - (directories '("lib/perl5/site_perl"))))) + (files '("lib/perl5/site_perl"))))) (synopsis "Implementation of the Perl programming language") (description "Perl 5 is a highly capable, feature-rich programming language with over diff --git a/gnu/packages/pkg-config.scm b/gnu/packages/pkg-config.scm index 62b0d5f65c..dd5120c474 100644 --- a/gnu/packages/pkg-config.scm +++ b/gnu/packages/pkg-config.scm @@ -30,7 +30,7 @@ (define-public %pkg-config (package (name "pkg-config") - (version "0.27.1") + (version "0.28") (source (origin (method url-fetch) (uri (string-append @@ -38,14 +38,13 @@ version ".tar.gz")) (sha256 (base32 - "05wc5nwkqz7saj2v33ydmz1y6jdg659dll4jjh91n41m63gx0qsg")))) + "0igqq5m204w71m11y0nipbdf5apx87hwfll6axs12hn4dqfb6vkb")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-internal-glib"))) (native-search-paths (list (search-path-specification (variable "PKG_CONFIG_PATH") - (directories '("lib/pkgconfig" "lib64/pkgconfig" - "share/pkgconfig"))))) + (files '("lib/pkgconfig" "lib64/pkgconfig" "share/pkgconfig"))))) (home-page "http://www.freedesktop.org/wiki/Software/pkg-config") (license gpl2+) (synopsis "Helper tool used when compiling applications and libraries") diff --git a/gnu/packages/pth.scm b/gnu/packages/pth.scm index ba5fb8216d..50385b14f8 100644 --- a/gnu/packages/pth.scm +++ b/gnu/packages/pth.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; ;;; This file is part of GNU Guix. @@ -37,12 +37,7 @@ "0ckjqw5kz5m30srqi87idj7xhpw6bpki43mj07bazjm2qmh3cdbj")))) (build-system gnu-build-system) (arguments - '(#:parallel-build? #f - ;; By default, man pages are put in PREFIX/man, - ;; but we want them in PREFIX/share/man. - #:configure-flags (list (string-append "--mandir=" - (assoc-ref %outputs "out") - "/share/man")))) + '(#:parallel-build? #f)) (home-page "http://www.gnu.org/software/pth") (synopsis "Portable thread library") (description diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 162acec639..c2eab7dc6d 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -198,7 +198,7 @@ (native-search-paths (list (search-path-specification (variable "PYTHONPATH") - (directories '("lib/python2.7/site-packages"))))) + (files '("lib/python2.7/site-packages"))))) (home-page "http://python.org") (synopsis "High-level, dynamically-typed programming language") @@ -237,7 +237,7 @@ data types.") (native-search-paths (list (search-path-specification (variable "PYTHONPATH") - (directories '("lib/python3.3/site-packages"))))))) + (files '("lib/python3.3/site-packages"))))))) (define-public python-wrapper (package (inherit python) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 4b6665cb6b..f8276db698 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -77,10 +77,9 @@ (native-search-paths (list (search-path-specification (variable "GEM_PATH") - (directories - (list (string-append "lib/ruby/gems/" - (version-major+minor version) - ".0")))))) + (files (list (string-append "lib/ruby/gems/" + (version-major+minor version) + ".0")))))) (synopsis "Programming language interpreter") (description "Ruby is a dynamic object-oriented programming language with a focus on simplicity and productivity.") diff --git a/gnu/packages/tcl.scm b/gnu/packages/tcl.scm index d988249c4c..2de2624df4 100644 --- a/gnu/packages/tcl.scm +++ b/gnu/packages/tcl.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org> ;;; @@ -63,12 +63,6 @@ "tclsh"))))) %standard-phases)) - ;; By default, man pages are put in PREFIX/man, - ;; but we want them in PREFIX/share/man. - #:configure-flags (list (string-append "--mandir=" - (assoc-ref %outputs "out") - "/share/man")) - ;; XXX: There are a few test failures (related to HTTP, most ;; likely related to name resolution), but that doesn't cause ;; `make' to fail. diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index dd41794b39..47b4692d7c 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -696,7 +696,7 @@ accessed and migrated on modern systems.") (inputs `(("e2fsprogs" ,e2fsprogs) ("curl" ,curl) - ("file" ,file-5.20) ;work around CVE-2014-3710 + ("file" ,file) ("libxml2" ,libxml2) ("zlib" ,zlib) ("gettext" ,gnu-gettext))) diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 1ff3dfb5a5..8a64211697 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -644,16 +644,7 @@ help you implement simple HTTP servers.") ;; Uncommenting the next two lines may assist in debugging ;; (substitute* "docs/man5/Makefile" (("a2x") "a2x -v")) ;; (setenv "XML_DEBUG_CATALOG" "1") - - (setenv "XML_CATALOG_FILES" - (string-append - (assoc-ref inputs "docbook-xsl") - "/xml/xsl/docbook-xsl-1.78.1/catalog.xml" - ;; Contrary to the documentation, the file names must - ;; be separated by a space, not a colon. - " " - (assoc-ref inputs "docbook-xml") - "/xml/dtd/docbook/catalog.xml"))) + #t) %standard-phases))) ;; All of the below are used to generate the documentation ;; (Should they be propagated inputs of asciidoc ??) diff --git a/gnu/packages/xfce.scm b/gnu/packages/xfce.scm index 2b15c3e35c..17b2b4d9f7 100644 --- a/gnu/packages/xfce.scm +++ b/gnu/packages/xfce.scm @@ -267,7 +267,7 @@ management D-Bus specification.") (native-search-paths (list (search-path-specification (variable "X_XFCE4_LIB_DIRS") - (directories '("lib/xfce4"))))) + (files '("lib/xfce4"))))) (home-page "http://www.xfce.org/") (synopsis "Xfce desktop panel") (description diff --git a/gnu/packages/xiph.scm b/gnu/packages/xiph.scm index 77b732ba35..e6700c4c27 100644 --- a/gnu/packages/xiph.scm +++ b/gnu/packages/xiph.scm @@ -202,12 +202,7 @@ OpenBSD's sndio.") "1p0hh190kqvpkbk1bbajd81jfbmkyl4fn2i7pggk2zppq6m68bgs")))) (build-system gnu-build-system) (arguments - `(#:parallel-tests? #f - ;; By default, man pages are put in PREFIX/man, - ;; but we want them in PREFIX/share/man. - #:configure-flags (list (string-append "--mandir=" - (assoc-ref %outputs "out") - "/share/man")))) + `(#:parallel-tests? #f)) ;; FIXME: configure also looks for xmms, input could be added once it exists (inputs `(("libogg" ,libogg))) (synopsis "Free lossless audio codec") diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index 76366db58c..f2b3baa418 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013 Andreas Enge <andreas@enge.fr> ;;; ;;; This file is part of GNU Guix. @@ -68,6 +68,18 @@ things the parser might find in the XML document (like start tags).") (inputs `(("zlib" ,zlib))) (native-inputs `(("perl" ,perl) ("python" ,python-2))) ; incompatible with Python 3 (print syntax) + + + ;; $XML_CATALOG_FILES lists 'catalog.xml' files found in under the 'xml' + ;; sub-directory of any given package. + (native-search-paths (list (search-path-specification + (variable "XML_CATALOG_FILES") + (separator " ") + (files '("xml")) + (file-pattern "^catalog\\.xml$") + (file-type 'regular)))) + (search-paths native-search-paths) + (arguments `(#:phases (alist-replace diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm index 17fa7afd8d..cdfba2f9b7 100644 --- a/guix/build/gnu-build-system.scm +++ b/guix/build/gnu-build-system.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -20,6 +20,7 @@ #:use-module (guix build utils) #:use-module (ice-9 ftw) #:use-module (ice-9 match) + #:use-module (ice-9 regex) #:use-module (ice-9 format) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) @@ -72,19 +73,23 @@ input-directories))) (for-each (match-lambda - ((env-var (directories ...) separator) - (set-path-environment-variable env-var directories + ((env-var (files ...) separator type pattern) + (set-path-environment-variable env-var files input-directories - #:separator separator))) + #:separator separator + #:type type + #:pattern pattern))) search-paths) (when native-search-paths ;; Search paths for native inputs, when cross building. (for-each (match-lambda - ((env-var (directories ...) separator) - (set-path-environment-variable env-var directories + ((env-var (files ...) separator type pattern) + (set-path-environment-variable env-var files native-input-directories - #:separator separator))) + #:separator separator + #:type type + #:pattern pattern))) native-search-paths)) #t) @@ -236,18 +241,11 @@ makefiles." (string-append srcdir "/configure") flags)))) -(define %parallel-job-count - ;; String to be passed next to GNU Make's `-j' argument. - (match (getenv "NIX_BUILD_CORES") - (#f "1") - ("0" (number->string (current-processor-count))) - (x x))) - (define* (build #:key (make-flags '()) (parallel-build? #t) #:allow-other-keys) (zero? (apply system* "make" `(,@(if parallel-build? - `("-j" ,%parallel-job-count) + `("-j" ,(number->string (parallel-job-count))) '()) ,@make-flags)))) @@ -257,7 +255,7 @@ makefiles." (if tests? (zero? (apply system* "make" test-target `(,@(if parallel-tests? - `("-j" ,%parallel-job-count) + `("-j" ,(number->string (parallel-job-count))) '()) ,@make-flags))) (begin @@ -267,7 +265,7 @@ makefiles." (define* (install #:key (make-flags '()) #:allow-other-keys) (zero? (apply system* "make" "install" make-flags))) -(define* (patch-shebangs #:key outputs (patch-shebangs? #t) +(define* (patch-shebangs #:key inputs outputs (patch-shebangs? #t) #:allow-other-keys) (define (list-of-files dir) (map (cut string-append dir "/" <>) @@ -276,20 +274,26 @@ makefiles." (eq? 'regular (stat:type s))))) '()))) - (define bindirs - (append-map (match-lambda - ((_ . dir) - (list (string-append dir "/bin") - (string-append dir "/sbin")))) - outputs)) + (define bin-directories + (match-lambda + ((_ . dir) + (list (string-append dir "/bin") + (string-append dir "/sbin"))))) + + (define output-bindirs + (append-map bin-directories outputs)) + + (define input-bindirs + ;; Shebangs should refer to binaries of the target system---i.e., from + ;; "inputs", not from "native-inputs". + (append-map bin-directories inputs)) (when patch-shebangs? - (let ((path (append bindirs - (search-path-as-string->list (getenv "PATH"))))) + (let ((path (append output-bindirs input-bindirs))) (for-each (lambda (dir) (let ((files (list-of-files dir))) (for-each (cut patch-shebang <> path) files))) - bindirs))) + output-bindirs))) #t) (define* (strip #:key target outputs (strip-binaries? #t) @@ -350,7 +354,9 @@ makefiles." debug-output objcopy-command)) (file-system-fold (const #t) (lambda (path stat result) ; leaf - (and (or (not debug-output) + (and (file-exists? path) ;discard dangling symlinks + (or (elf-file? path) (ar-file? path)) + (or (not debug-output) (make-debug-file path)) (zero? (apply system* strip-command (append strip-flags (list path)))) @@ -377,6 +383,85 @@ makefiles." strip-directories))) outputs)))) +(define* (validate-documentation-location #:key outputs + #:allow-other-keys) + "Documentation should go to 'share/info' and 'share/man', not just 'info/' +and 'man/'. This phase moves directories to the right place if needed." + (define (validate-sub-directory output sub-directory) + (let ((directory (string-append output "/" sub-directory))) + (when (directory-exists? directory) + (let ((target (string-append output "/share/" sub-directory))) + (format #t "moving '~a' to '~a'~%" directory target) + (mkdir-p (dirname target)) + (rename-file directory target))))) + + (define (validate-output output) + (for-each (cut validate-sub-directory output <>) + '("man" "info"))) + + (match outputs + (((names . directories) ...) + (for-each validate-output directories))) + #t) + +(define* (compress-documentation #:key outputs + (compress-documentation? #t) + (documentation-compressor "gzip") + (documentation-compressor-flags + '("--best" "--no-name")) + (compressed-documentation-extension ".gz") + #:allow-other-keys) + "When COMPRESS-DOCUMENTATION? is true, compress man pages and Info files +found in OUTPUTS using DOCUMENTATION-COMPRESSOR, called with +DOCUMENTATION-COMPRESSOR-FLAGS." + (define (retarget-symlink link) + (let ((target (readlink link))) + (delete-file link) + (symlink (string-append target compressed-documentation-extension) + link))) + + (define (has-links? file) + ;; Return #t if FILE has hard links. + (> (stat:nlink (lstat file)) 1)) + + (define (maybe-compress-directory directory regexp) + (or (not (directory-exists? directory)) + (match (find-files directory regexp) + (() ;nothing to compress + #t) + ((files ...) ;one or more files + (format #t + "compressing documentation in '~a' with ~s and flags ~s~%" + directory documentation-compressor + documentation-compressor-flags) + (call-with-values + (lambda () + (partition symbolic-link? files)) + (lambda (symlinks regular-files) + ;; Compress the non-symlink files, and adjust symlinks to refer + ;; to the compressed files. Leave files that have hard links + ;; unchanged ('gzip' would refuse to compress them anyway.) + (and (zero? (apply system* documentation-compressor + (append documentation-compressor-flags + (remove has-links? regular-files)))) + (every retarget-symlink + (filter (cut string-match regexp <>) + symlinks))))))))) + + (define (maybe-compress output) + (and (maybe-compress-directory (string-append output "/share/man") + "\\.[0-9]+$") + (maybe-compress-directory (string-append output "/share/info") + "\\.info(-[0-9]+)?$"))) + + (if compress-documentation? + (match outputs + (((names . directories) ...) + (every maybe-compress directories))) + (begin + (format #t "not compressing documentation~%") + #t))) + (define %standard-phases ;; Standard build phases, as a list of symbol/procedure pairs. (let-syntax ((phases (syntax-rules () @@ -385,7 +470,9 @@ makefiles." patch-usr-bin-file patch-source-shebangs configure patch-generated-file-shebangs build check install - patch-shebangs strip))) + patch-shebangs strip + validate-documentation-location + compress-documentation))) (define* (gnu-build #:key (source #f) (outputs #f) (inputs #f) diff --git a/guix/build/utils.scm b/guix/build/utils.scm index cda4fb12ef..86b7ca0155 100644 --- a/guix/build/utils.scm +++ b/guix/build/utils.scm @@ -31,15 +31,21 @@ #:re-export (alist-cons alist-delete) #:export (%store-directory + parallel-job-count + directory-exists? executable-file? + symbolic-link? call-with-ascii-input-file + elf-file? + ar-file? with-directory-excursion mkdir-p copy-recursively delete-file-recursively find-files + search-path-as-list set-path-environment-variable search-path-as-string->list list->search-path-as-string @@ -69,6 +75,14 @@ (or (getenv "NIX_STORE") "/gnu/store")) +(define parallel-job-count + ;; Number of processes to be passed next to GNU Make's `-j' argument. + (make-parameter + (match (getenv "NIX_BUILD_CORES") ;set by the daemon + (#f 1) + ("0" (current-processor-count)) + (x (or (string->number x) 1))))) + (define (directory-exists? dir) "Return #t if DIR exists and is a directory." (let ((s (stat dir #f))) @@ -81,6 +95,10 @@ (and s (not (zero? (logand (stat:mode s) #o100)))))) +(define (symbolic-link? file) + "Return #t if FILE is a symbolic link (aka. \"symlink\".)" + (eq? (stat:type (lstat file)) 'symlink)) + (define (call-with-ascii-input-file file proc) "Open FILE as an ASCII or binary file, and pass the resulting port to PROC. FILE is closed when PROC's dynamic extent is left. Return the @@ -96,6 +114,42 @@ return values of applying PROC to the port." (lambda () (close-input-port port))))) +(define (file-header-match header) + "Return a procedure that returns true when its argument is a file starting +with the bytes in HEADER, a bytevector." + (define len + (bytevector-length header)) + + (lambda (file) + "Return true if FILE starts with the right magic bytes." + (define (get-header) + (call-with-input-file file + (lambda (port) + (get-bytevector-n port len)) + #:binary #t #:guess-encoding #f)) + + (catch 'system-error + (lambda () + (equal? (get-header) header)) + (lambda args + (if (= EISDIR (system-error-errno args)) + #f ;FILE is a directory + (apply throw args)))))) + +(define %elf-magic-bytes + ;; Magic bytes of ELF files. See <elf.h>. + (u8-list->bytevector (map char->integer (string->list "\x7FELF")))) + +(define elf-file? + (file-header-match %elf-magic-bytes)) + +(define %ar-magic-bytes + ;; Magic bytes of archives created by 'ar'. See <ar.h>. + (u8-list->bytevector (map char->integer (string->list "!<arch>\n")))) + +(define ar-file? + (file-header-match %ar-magic-bytes)) + (define-syntax-rule (with-directory-excursion dir body ...) "Run BODY with DIR as the process's current directory." (let ((init (getcwd))) @@ -237,23 +291,37 @@ matches REGEXP." ;;; Search paths. ;;; -(define (search-path-as-list sub-directories input-dirs) - "Return the list of directories among SUB-DIRECTORIES that exist in -INPUT-DIRS. Example: +(define* (search-path-as-list files input-dirs + #:key (type 'directory) pattern) + "Return the list of directories among FILES of the given TYPE (a symbol as +returned by 'stat:type') that exist in INPUT-DIRS. Example: (search-path-as-list '(\"share/emacs/site-lisp\" \"share/emacs/24.1\") (list \"/package1\" \"/package2\" \"/package3\")) => (\"/package1/share/emacs/site-lisp\" \"/package3/share/emacs/site-lisp\") +When PATTERN is true, it is a regular expression denoting file names to look +for under the directories designated by FILES. For example: + + (search-path-as-list '(\"xml\") (list docbook-xml docbook-xsl) + #:type 'regular + #:pattern \"^catalog\\\\.xml$\") + => (\"/…/xml/dtd/docbook/catalog.xml\" + \"/…/xml/xsl/docbook-xsl-1.78.1/catalog.xml\") " (append-map (lambda (input) - (filter-map (lambda (dir) - (let ((dir (string-append input "/" - dir))) - (and (directory-exists? dir) - dir))) - sub-directories)) + (append-map (lambda (file) + (let ((file (string-append input "/" file))) + ;; XXX: By using 'find-files', we implicitly + ;; assume #:type 'regular. + (if pattern + (find-files file pattern) + (let ((stat (stat file #f))) + (if (and stat (eq? type (stat:type stat))) + (list file) + '()))))) + files)) input-dirs)) (define (list->search-path-as-string lst separator) @@ -262,16 +330,31 @@ INPUT-DIRS. Example: (define* (search-path-as-string->list path #:optional (separator #\:)) (string-tokenize path (char-set-complement (char-set separator)))) -(define* (set-path-environment-variable env-var sub-directories input-dirs - #:key (separator ":")) - "Look for each of SUB-DIRECTORIES in INPUT-DIRS. Set ENV-VAR to a -SEPARATOR-separated path accordingly. Example: +(define* (set-path-environment-variable env-var files input-dirs + #:key + (separator ":") + (type 'directory) + pattern) + "Look for each of FILES of the given TYPE (a symbol as returned by +'stat:type') in INPUT-DIRS. Set ENV-VAR to a SEPARATOR-separated path +accordingly. Example: (set-path-environment-variable \"PKG_CONFIG\" '(\"lib/pkgconfig\") (list package1 package2)) + +When PATTERN is not #f, it must be a regular expression (really a string) +denoting file names to look for under the directories designated by FILES: + + (set-path-environment-variable \"XML_CATALOG_FILES\" + '(\"xml\") + (list docbook-xml docbook-xsl) + #:type 'regular + #:pattern \"^catalog\\\\.xml$\") " - (let* ((path (search-path-as-list sub-directories input-dirs)) + (let* ((path (search-path-as-list files input-dirs + #:type type + #:pattern pattern)) (value (list->search-path-as-string path separator))) (if (string-null? value) (begin @@ -365,10 +448,11 @@ PROC's result is returned." (false-if-exception (delete-file template)))))) (define (substitute file pattern+procs) - "PATTERN+PROCS is a list of regexp/two-argument procedure. For each line -of FILE, and for each PATTERN that it matches, call the corresponding PROC -as (PROC LINE MATCHES); PROC must return the line that will be written as a -substitution of the original line." + "PATTERN+PROCS is a list of regexp/two-argument-procedure pairs. For each +line of FILE, and for each PATTERN that it matches, call the corresponding +PROC as (PROC LINE MATCHES); PROC must return the line that will be written as +a substitution of the original line. Be careful about using '$' to match the +end of a line; by itself it won't match the terminating newline of a line." (let ((rx+proc (map (match-lambda (((? regexp? pattern) . proc) (cons pattern proc)) @@ -428,7 +512,10 @@ When one of the MATCH-VAR is `_', no variable is bound to the corresponding match substring. Alternatively, FILE may be a list of file names, in which case they are -all subject to the substitutions." +all subject to the substitutions. + +Be careful about using '$' to match the end of a line; by itself it won't +match the terminating newline of a line." ((substitute* file ((regexp match-var ...) body ...) ...) (let () (define (substitute-one-file file-name) @@ -572,9 +659,7 @@ When KEEP-MTIME? is true, the atime/mtime of FILE are kept unchanged." ;; XXX: Unlike with `patch-shebang', FILE is always touched. (define (find-shell name) - (let ((shell - (search-path (search-path-as-string->list (getenv "PATH")) - name))) + (let ((shell (which name))) (unless shell (format (current-error-port) "patch-makefile-SHELL: warning: no binary for shell `~a' found in $PATH~%" @@ -583,7 +668,7 @@ When KEEP-MTIME? is true, the atime/mtime of FILE are kept unchanged." (let ((st (stat file))) (substitute* file - (("^ *SHELL[[:blank:]]*=[[:blank:]]*([[:graph:]]*/)([[:graph:]]+)(.*)$" + (("^ *SHELL[[:blank:]]*:?=[[:blank:]]*([[:graph:]]*/)([[:graph:]]+)(.*)$" _ dir shell args) (let* ((old (string-append dir shell)) (new (or (find-shell shell) old))) @@ -707,7 +792,7 @@ contents: #!location/of/bin/bash export PATH=\"/gnu/.../bar/bin\" export CERT_PATH=\"$CERT_PATH${CERT_PATH:+:}/gnu/.../baz/certs:/qux/certs\" - exec location/of/.foo-real + exec -a location/of/foo location/of/.foo-real \"$@\" This is useful for scripts that expect particular programs to be in $PATH, for programs that expect particular shared libraries to be in $LD_LIBRARY_PATH, or @@ -731,6 +816,7 @@ the previous wrapper." (copy-file prog prog-real) prog-real) (wrapper-file-name number))) + (let* ((number (next-wrapper-number)) (target (wrapper-target number)) (wrapper (wrapper-file-name (1+ number))) @@ -760,10 +846,11 @@ the previous wrapper." (with-output-to-file prog-tmp (lambda () (format #t - "#!~a~%~a~%exec \"~a\" \"$@\"~%" + "#!~a~%~a~%exec -a \"~a\" \"~a\" \"$@\"~%" (which "bash") (string-join (map export-variable vars) "\n") + (canonicalize-path prog) (canonicalize-path target)))) (chmod prog-tmp #o755) @@ -773,6 +860,7 @@ the previous wrapper." ;;; Local Variables: ;;; eval: (put 'call-with-output-file/atomic 'scheme-indent-function 1) +;;; eval: (put 'call-with-ascii-input-file 'scheme-indent-function 1) ;;; eval: (put 'with-throw-handler 'scheme-indent-function 1) ;;; eval: (put 'let-matches 'scheme-indent-function 3) ;;; eval: (put 'with-atomic-file-replacement 'scheme-indent-function 1) diff --git a/guix/packages.scm b/guix/packages.scm index 2a9a55e12f..68fd531c6b 100644 --- a/guix/packages.scm +++ b/guix/packages.scm @@ -171,16 +171,21 @@ representation." (define-record-type* <search-path-specification> search-path-specification make-search-path-specification search-path-specification? - (variable search-path-specification-variable) - (directories search-path-specification-directories) - (separator search-path-specification-separator (default ":"))) + (variable search-path-specification-variable) ;string + (files search-path-specification-files) ;list of strings + (separator search-path-specification-separator ;string + (default ":")) + (file-type search-path-specification-file-type ;symbol + (default 'directory)) + (file-pattern search-path-specification-file-pattern ;#f | string + (default #f))) (define (search-path-specification->sexp spec) "Return an sexp representing SPEC, a <search-path-specification>. The sexp corresponds to the arguments expected by `set-path-environment-variable'." (match spec - (($ <search-path-specification> variable directories separator) - `(,variable ,directories ,separator)))) + (($ <search-path-specification> variable files separator type pattern) + `(,variable ,files ,separator ,type ,pattern)))) (define %supported-systems ;; This is the list of system types that are supported. By default, we @@ -399,7 +404,10 @@ IMPORTED-MODULES specify modules to use/import for use by SNIPPET." (define (apply-patch input) (let ((patch* (assoc-ref %build-inputs input))) (format (current-error-port) "applying '~a'...~%" patch*) - (zero? (system* patch "--batch" ,@flags "--input" patch*)))) + + ;; Use '--force' so that patches that do not apply perfectly are + ;; rejected. + (zero? (system* patch "--force" ,@flags "--input" patch*)))) (define (first-file directory) ;; Return the name of the first file in DIRECTORY. diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm index c388b0c52c..b3a79d9251 100644 --- a/guix/scripts/environment.scm +++ b/guix/scripts/environment.scm @@ -45,17 +45,15 @@ path value is appended." (($ <search-path-specification> variable directories separator) (let* ((current (getenv variable)) - (path ((@@ (guix build utils) search-path-as-list) - directories paths)) - (value (list->search-path-as-string path separator))) + (path (search-path-as-list directories paths)) + (value (list->search-path-as-string path separator))) (proc variable (if (and current (not pure?)) (string-append value separator current) value))))) (cons* (search-path-specification (variable "PATH") - (directories '("bin" "sbin")) - (separator ":")) + (files '("bin" "sbin"))) (delete-duplicates (append-map package-native-search-paths inputs)))))) diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm index 21dc66cb75..30b0658198 100644 --- a/guix/scripts/package.scm +++ b/guix/scripts/package.scm @@ -29,7 +29,8 @@ #:use-module (guix utils) #:use-module (guix config) #:use-module (guix scripts build) - #:use-module ((guix build utils) #:select (directory-exists? mkdir-p)) + #:use-module ((guix build utils) + #:select (directory-exists? mkdir-p search-path-as-list)) #:use-module (ice-9 format) #:use-module (ice-9 match) #:use-module (ice-9 regex) @@ -362,19 +363,24 @@ current settings and report only settings not already effective." (define search-path-definition (match-lambda - (($ <search-path-specification> variable directories separator) - (let ((values (or (and=> (getenv variable) - (cut string-tokenize* <> separator)) - '())) - (directories (filter file-exists? - (map (cut string-append profile - "/" <>) - directories)))) - (if (every (cut member <> values) directories) + (($ <search-path-specification> variable files separator + type pattern) + (let* ((values (or (and=> (getenv variable) + (cut string-tokenize* <> separator)) + '())) + ;; Add a trailing slash to force symlinks to be treated as + ;; directories when 'find-files' traverses them. + (files (if pattern + (map (cut string-append <> "/") files) + files)) + (path (search-path-as-list files (list profile) + #:type type + #:pattern pattern))) + (if (every (cut member <> values) path) #f (format #f "export ~a=\"~a\"" variable - (string-join directories separator))))))) + (string-join path separator))))))) (let* ((packages (filter-map manifest-entry->package entries)) (search-paths (delete-duplicates diff --git a/tests/packages.scm b/tests/packages.scm index f7d6155ecc..72c69ff653 100644 --- a/tests/packages.scm +++ b/tests/packages.scm @@ -19,6 +19,7 @@ (define-module (test-packages) #:use-module (guix tests) #:use-module (guix store) + #:use-module (guix monads) #:use-module ((guix utils) ;; Rename the 'location' binding to allow proper syntax ;; matching when setting the 'location' field of a package. @@ -31,10 +32,13 @@ #:use-module (guix build-system) #:use-module (guix build-system trivial) #:use-module (guix build-system gnu) + #:use-module (guix profiles) + #:use-module (guix scripts package) #:use-module (gnu packages) #:use-module (gnu packages base) #:use-module (gnu packages guile) #:use-module (gnu packages bootstrap) + #:use-module (gnu packages xml) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (srfi srfi-34) @@ -328,10 +332,10 @@ search-paths))))))) (x (list (search-path-specification (variable "GUILE_LOAD_PATH") - (directories '("share/guile/site/2.0"))) + (files '("share/guile/site/2.0"))) (search-path-specification (variable "GUILE_LOAD_COMPILED_PATH") - (directories '("share/guile/site/2.0"))))) + (files '("share/guile/site/2.0"))))) (a (package (inherit (dummy-package "guile")) (build-system s) (native-search-paths x))) @@ -527,6 +531,53 @@ (((? (cut eq? hello <>))) #t) (wrong (pk 'find-packages-by-name wrong #f)))) +(test-assert "--search-paths with pattern" + ;; Make sure 'guix package --search-paths' correctly reports environment + ;; variables when file patterns are used (in particular, it must follow + ;; symlinks when looking for 'catalog.xml'.) To do that, we rely on the + ;; libxml2 package specification, which contains such a definition. + (let* ((p1 (package + (name "foo") (version "0") (source #f) + (build-system trivial-build-system) + (arguments + `(#:guile ,%bootstrap-guile + #:modules ((guix build utils)) + #:builder (begin + (use-modules (guix build utils)) + (let ((out (assoc-ref %outputs "out"))) + (mkdir-p (string-append out "/xml/bar/baz")) + (call-with-output-file + (string-append out "/xml/bar/baz/catalog.xml") + (lambda (port) + (display "xml? wat?!" port))))))) + (synopsis #f) (description #f) + (home-page #f) (license #f))) + (p2 (package + ;; Provide a fake libxml2 to avoid building the real one. This + ;; is OK because 'guix package' gets search path specifications + ;; from the same-named package found in the distro. + (name "libxml2") (version "0.0.0") (source #f) + (build-system trivial-build-system) + (arguments + `(#:guile ,%bootstrap-guile + #:builder (mkdir (assoc-ref %outputs "out")))) + (native-search-paths (package-native-search-paths libxml2)) + (synopsis #f) (description #f) + (home-page #f) (license #f))) + (prof (run-with-store %store + (profile-derivation + (manifest (map package->manifest-entry + (list p1 p2))) + #:info-dir? #f) + #:guile-for-build (%guile-for-build)))) + (build-derivations %store (list prof)) + (string-match (format #f "^export XML_CATALOG_FILES=\"~a/xml/+bar/baz/catalog\\.xml\"\n" + (derivation->output-path prof)) + (with-output-to-string + (lambda () + (guix-package "-p" (derivation->output-path prof) + "--search-paths")))))) + (test-end "packages") |