Age | Commit message (Expand) | Author |
2020-10-31 | pack: Relocatable wrapper leaves root available to child processes....Fixes <https://bugs.gnu.org/44261>.
Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
* gnu/packages/aux-files/run-in-namespace.c (exec_in_user_namespace):
Add call to 'prctl'. Call 'mount' for NEW_ROOT and define 'is_tmpfs'.
When IS_TMPFS is true, call 'umount' and 'rmdir' after 'waitpid';
otherwise, call 'rm_rf' only when 'waitpid' returns -1 the second time.
(exec_with_loader): Call 'prctl'. Remove NEW_ROOT only when 'waitpid'
returns -1 the second time, otherwise leave it behind.
* tests/guix-pack-relocatable.sh (wait_for_file): New function.
Add test.
| Ludovic Courtès |
2020-10-30 | guix: pack: Only wrap executable files....* guix/scripts/pack.scm (wrapped-package)<build>: Build wrappers for
executable files and symlink others.
* tests/guix-pack-relocatable.sh: Test relocatable example of mixed
executable and non-executable files.
| Eric Bavier |
2020-09-28 | tests: Simplify shell exit status negation;...* tests/guix-archive.sh, tests/guix-build-branch.sh, tests/guix-build.sh,
tests/guix-daemon.sh, tests/guix-download.sh, tests/guix-environment.sh,
tests/guix-gc.sh, tests/guix-git-authenticate.sh, tests/guix-graph.sh,
tests/guix-hash.sh, tests/guix-lint.sh, tests/guix-pack-relocatable.sh,
tests/guix-pack.sh, tests/guix-package-aliases.sh, tests/guix-package-net.sh,
tests/guix-package.sh: Use the shell '!' keyword to negate command exit status
in place of 'if ...; then false; else true; fi'
| Eric Bavier |
2020-07-28 | pack: "fakechroot" engine always creates its store....Previously it would silently fail to create the /gnu/store symlink when
the host has a read-only /gnu as is the case in these tests.
* gnu/packages/aux-files/run-in-namespace.c (exec_with_loader): Unlink
the ancestor of ORIGINAL_STORE under NEW_ROOT. Check the return value
of 'symlink' when creating NEW_STORE.
* tests/guix-pack-relocatable.sh: Check the contents of the store as
seen by the wrapped executable, with all three engines, and with both
"/gnu" and "/gnu/store" erased.
| Ludovic Courtès |
2020-07-28 | pack: "fakechroot" execution engine can load its audit module....Fixes <https://bugs.gnu.org/42558>.
Until now, loading 'pack-audit.so' in a truly non-Guix environment would
usually fail because 'pack-audit.so' depends on 'libgcc_s.so' and
'libc.so', none of which could be found.
Furthermore, the test was not working as expected: the trick
unshare -mrf sh -c 'mount -t tmpfs none /gnu ; ...'
would allow the fakechroot engine to make its store available as
/gnu/store as a result of another bug.
* gnu/packages/aux-files/run-in-namespace.c (relocated_search_path): New
function.
(exec_with_loader): Pass "--library-path" to the loader.
* guix/scripts/pack.scm (wrapped-package)[build](runpath): New procedure.
(elf-loader-compile-flags): Pass "-DLOADER_AUDIT_RUNPATH".
* tests/guix-pack-relocatable.sh: Remove 'STORE_PARENT'.
(run_without_store): New function. Erase $NIX_STORE_DIR instead of
$STORE_PARENT.
Use 'run_without_store' throughout.
| Ludovic Courtès |
2020-07-24 | pack: '-R' applies to propagated inputs too....Fixes <https://bugs.gnu.org/42510>.
* guix/scripts/pack.scm (wrapped-manifest-entry): Recurse on
'dependencies' field.
* tests/guix-pack-relocatable.sh: Add test.
| Ludovic Courtès |
2020-05-14 | pack: Add relocation via ld.so and fakechroot....* gnu/packages/aux-files/run-in-namespace.c (HAVE_EXEC_WITH_LOADER): New
macro.
(bind_mount): Rename to...
(mirror_directory): ... this. Add 'firmlink' argument and use it
instead of calling mkdir/open/close/mount directly.
(bind_mount, make_symlink): New functions.
(exec_in_user_namespace): Adjust accordingly.
(exec_with_loader) [HAVE_EXEC_WITH_LOADER]: New function.
(exec_performance): New function.
(engines): Add them.
* guix/scripts/pack.scm (wrapped-package)[fakechroot-library]
[audit-module]: New procedures.
[audit-source]: New variable.
[build](elf-interpreter, elf-loader-compile-flags): New procedures.
(build-wrapper): Use them.
* tests/guix-pack-relocatable.sh: Test with
'GUIX_EXECUTION_ENGINE=fakechroot'.
* doc/guix.texi (Invoking guix pack): Document the 'performance' and
'fakechroot' engines.
* gnu/packages/aux-files/pack-audit.c: New file.
* Makefile.am (AUX_FILES): Add it.
| Ludovic Courtès |
2020-05-14 | pack: Wrapper honors 'GUIX_EXECUTION_ENGINE' environment variable....* gnu/packages/aux-files/run-in-namespace.c (struct engine): New type.
(exec_default): New function.
(engines): New variable.
(execution_engine): New function.
(main): Use it instead of calling 'exec_in_user_namespace' and
'exec_with_proot' directly.
* tests/guix-pack-relocatable.sh: Add test with 'GUIX_EXECUTION_ENGINE'.
* doc/guix.texi (Invoking guix pack): Document 'GUIX_EXECUTION_ENGINE'.
| Ludovic Courtès |
2020-04-24 | pack: 'guix pack -R' wrapper correctly reports exit code....Fixes <https://bugs.gnu.org/40816>.
Reported by Jan (janneke) Nieuwenhuizen <janneke@gnu.org>.
* gnu/packages/aux-files/run-in-namespace.c (main): In the 'default'
case, check 'WIFEXITED (status)' and exit with the corresponding code in
that case. Exit with 255 in other cases.
* tests/guix-pack-relocatable.sh: Add test.
| Ludovic Courtès |
2019-08-23 | pack: '-R' honors the requested output....Fixes <https://bugs.gnu.org/36925>.
Reported by Jesse Gibbons <jgibbons2357@gmail.com>.
* guix/scripts/pack.scm (wrapped-package): Add 'output*' parameter.
[build]: Define 'input' and 'target'; use them instead of #$package and
#$output, respectively.
(wrapped-manifest-entry): New procedure.
(map-manifest-entries): Call PROC directly.
(guix-pack): Pass WRAPPED-MANIFEST-ENTRY to 'map-manifest-entries'.
| Ludovic Courtès |
2019-05-18 | pack: '--localstatedir' and '-R' tests gracefully handle missing /gnu/store....Fixes <https://bugs.gnu.org/35776>.
Reported by Ting-Wei Lan <lantw44@gmail.com>.
* tests/guix-pack-localstatedir.sh: Set 'storedir' before
'NIX_STORE_DIR'.
* tests/guix-pack-relocatable.sh: Likewise.
| Ludovic Courtès |
2019-05-09 | tests: Ensure 'unshare' works before relying on it....Fixes <https://bugs.gnu.org/35642>.
Reported by Josh Holland <josh@inv.alid.pw>.
* tests/guix-pack-relocatable.sh: Before invoking 'unshare' at the
bottom, add "if unshare -r true" condition.
* tests/guix-pack.sh: Likewise.
| Ludovic Courtès |
2019-03-15 | pack: "-RR" produces PRoot-enabled relocatable binaries....* gnu/packages/aux-files/run-in-namespace.c (exec_with_proot): New
function.
(main): When 'clone' fails, call 'rm_rf'.
[PROOT_PROGRAM]: When 'clone' fails, call 'exec_with_proot'.
* guix/scripts/pack.scm (wrapped-package): Add #:proot?.
[proot]: New procedure.
[build]: Compile with -DPROOT_PROGRAM when PROOT? is true.
* guix/scripts/pack.scm (%options): Set the 'relocatable?' value to
'proot when "-R" is passed several times.
(guix-pack): Pass #:proot? to 'wrapped-package'.
* tests/guix-pack-relocatable.sh: Use "-RR" on Intel systems that lack
user namespace support.
* doc/guix.texi (Invoking guix pack): Document -RR.
| Ludovic Courtès |
2018-11-06 | pack: Add test for '--relocatable'....* tests/guix-pack-relocatable.sh: New file.
* Makefile.am (SH_TESTS): Add it.
| Ludovic Courtès |