Fixesguix/guix#2410.
Until now, ‘guix shell’ and ‘guix time-machine’ would store GC roots under
~/.cache/guix. However, this directory is unreadable to guix-daemon when it’s
running without root privileges. This commit changes ‘guix shell’ and ‘guix
time-machine’ so they store GC roots under /var/guix/profiles/per-user/$USER,
in a world-readable directory.
An added benefit is that, in cluster setups, user homes no longer need to be
mounted on the head node for GC to work (assuming ‘guix build -r’ and similar
are not used).
* guix/inferior.scm (%inferior-cache-directory): Change default value to be
under ‘%profile-directory’.
(%legacy-inferior-cache-directory): New variable.
(cached-channel-instance): Add ‘maybe-remove-expired-cache-entries’ call.
* guix/scripts/environment.scm (launch-environment/container)[nesting-mappings]:
Add /inferiors and /profiles sub-directories of ‘%profile-directory’. Call
‘mkdir-p’ for these two directories.
* guix/scripts/shell.scm (%profile-cache-directory): Change default value to
be under ‘%profile-directory’.
(%legacy-cache-directory): New variable.
(guix-shell): Add call to ‘maybe-remove-expired-cache-entries’.
Change-Id: Ie7d6c16a55b35c7beb18078c967d6fc902bf68d0
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/environment.scm (launch-environment/container): Add
/run/user/UID to ‘file-systems’.
* tests/guix-environment-container.sh: Test it.
Change-Id: I44c70a7554a06f40d073c25929ea7c6ded356d08
* guix/scripts/environment.scm (file-name-equal-or-under?): New procedure.
(override-user-mappings, override-user-dir): Use it.
Change-Id: Iadd9b838f6442a8080998ed7e07414db562068bf
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/78272>.
Fixes a bug caused by commit ce363c1dc7,
which inadvertently made /tmp read-only as well.
* guix/scripts/environment.scm (launch-environment/container)[tmpfs]:
New variable.
Add it to ‘file-systems’.
* guix/scripts/home.scm (spawn-home-container): Add /tmp file system
to #:mounts.
* tests/guix-environment-container.sh: Add test.
Reported-by: Tomas Volf <~@wolfsden.cz>
Change-Id: I5cb449e6d0c213d4b5866cbcbd14990437a7d4c5
* gnu/build/linux-container.scm (run-container): Add #:loopback-network?
and honor it via #:populate-file-system.
(call-with-container): Add #:loopback-network? and pass it to
‘run-container’.
* guix/scripts/environment.scm (launch-environment/container): Remove
call to ‘set-network-interface-up’ and remove generation of /etc/hosts.
* guix/scripts/home.scm (spawn-home-container): Likewise.
Change-Id: I5933a4e8dc6d8e19235a79696b62299d74d1ba21
This is an incompatible change where the root file system in
‘guix shell -C’ is now read-only by default.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add ‘--writable-root’.
* guix/scripts/environment.scm (setup-fhs): Invoke /sbin/ldconfig; moved
from…
(launch-environment): … here.
(launch-environment/container): Add #:writable-root? and pass it to
‘call-with-container’. Move root file system setup to #:populate-file-system.
(guix-environment*): Honor ‘--writable-root’.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document ‘--writable-root’.
(Debugging Build Failures): Mention it before “rm /bin/sh”.
Change-Id: I2e8517d6f01eb8093160bffc0f9f56071ad6fee6
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Until now, the read-only file system set up by ‘call-with-container’
would always be writable. With this change, it can be made read-only.
With this patch, only ‘least-authority-wrapper’ switches to a read-only
root file system.
* gnu/build/linux-container.scm (remount-read-only): New procedure.
(mount-file-systems): Add #:writable-root? and #:populate-file-system
and honor them.
(run-container): Likewise.
(call-with-container): Likewise.
* gnu/system/linux-container.scm (container-script): Pass #:writable-root?
to ‘call-with-container’.
(eval/container): Add #:populate-file-system and #:writable-root? and
honor them.
* guix/scripts/environment.scm (launch-environment/container):
Pass #:writable-root? to ‘call-with-container’.
* guix/scripts/home.scm (spawn-home-container): Likewise.
* tests/containers.scm ("call-with-container, mnt namespace, read-only root")
("call-with-container, mnt namespace, writable root"): New tests.
Change-Id: I603e2fd08851338b737bb16c8af3f765e2538906
Code in `ui.scm' in `initialize-guix' procedure changes the handling of
SIGPIPE to SIG_IGN. So restore the handling to SIG_DFL so that process
executed will have the usual action. Technically we should record what the
handling was, and restore it to the previous value, but that would be much
more invasive change.
Always setting it to SIG_DFL is at least less surprising than always setting
to SIG_IGN.
* guix/scripts/environment.scm (launch-environment): Restore default action
for SIGPIPE.
Change-Id: Ifabae1d3e71aa44e63078cea5bd3824b8f61ba14
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/environment.scm (setup-fhs): When /bin/cc already exists,
keep it.
Reported-by: Marco Fortina <marco_fortina@hotmail.it>
Change-Id: I73d39d2aa6fbafd236061a0e3b8d1fe327b2bb19
Fixes a bug with ‘guix shell -C …’ in cases where ‘getpwuid’
returns #f (for example because nscd isn’t running) and
‘user’ is #f.
* guix/scripts/environment.scm (launch-environment/container): Use
‘name’ when building the ‘directory’ value, not ‘user’ since it can be #f.
Change-Id: I5da807d982a1edbb4122ac29b5a1e5fc4b0ce1b7
Fixes a bug whereby ‘package->development-manifest’ would run with the
wrong system in mind, leading to errors like this:
$ guix shell -s i586-gnu -D shepherd --no-grafts
guix shell: error: package linux-libre-headers@5.15.49 does not support i586-gnu
* guix/scripts/environment.scm (options/resolve-packages): Define
‘system’ and pass it to ‘package->development-manifest’.’
* tests/guix-shell.sh: Test it.
Change-Id: I95c471c1918913ab80dec7d3ca64fe38583cce78
Previously, ‘%graft?’ would be parameterized after ‘package-derivation’
had been called for ‘%guile-for-build’, which is too late.
* guix/scripts/environment.scm (guix-environment*)[with-store/maybe]:
Parameterize ‘%graft?’.
Remove ‘%graft?’ parameterization from body.
Change-Id: I65ef4a8c5f27e19a49196005871e5f7057fabaec
Partly fixes <https://issues.guix.gnu.org/65225>.
* guix/scripts/environment.scm (guix-environment*): Pass SYSTEM to
‘package-derivation’ when defining ‘%guile-for-build’.
Reported-by: Simon Tournier <zimon.toutoune@gmail.com>
Change-Id: I9d883f1e61fac72754fdc9dee9b7c8a3dea32add
Fixes a performance regression on cache hits introduced in
b31ea797ed, whereby (guix scripts pack)
would be loaded eagerly during startup, leading hundreds of (gnu
packages *) modules to be loaded.
Fixes <https://issues.guix.gnu.org/62899>.
* guix/scripts/environment.scm: Autoload (gnu build install).
(%options): Add indirection when calling 'symlink-spec-option-parser' so
that (guix scripts pack) is auto-loaded only when needed.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add '--nesting'.
(options/resolve-packages): Handle it.
(launch-environment/container): Add #:nesting? and honor it.
[nesting-mappings]: New procedure.
(guix-environment*): Add support for '--nesting'.
* guix/scripts/shell.scm (profile-cached-gc-root): Special-case
'nesting?'.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document it.
Fixes <https://issues.guix.gnu.org/46782>.
* guix/scripts/environment.scm (launch-environment/container): Move the CWD
mapping to the front of the file system mappings.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Fixes <https://issues.guix.gnu.org/61201>.
Previously, common practice was to splice arbitrary strings (user names,
file names, etc.) into Texinfo snippets passed to 'display-hint'. This
is unsafe in the general case because at signs and braces need to be
escaped to produced valid Texinfo. This commit addresses that.
* guix/ui.scm (texinfo-quote): New procedure.
(display-hint): When ARGUMENTS is non-empty, pass it to 'texinfo-quote'
and call 'format'.
(report-unbound-variable-error, check-module-matches-file)
(display-collision-resolution-hint, run-guix-command): Remove explicit
'format' call; pass 'format' arguments as extra arguments to 'display-hint'.
* gnu/services/monitoring.scm (zabbix-front-end-config): Likewise.
* guix/scripts.scm (warn-about-disk-space): Likewise.
* guix/scripts/build.scm (%standard-cross-build-options)
(%standard-native-build-options): Likewise.
* guix/scripts/describe.scm (display-checkout-info): Likewise.
* guix/scripts/environment.scm (suggest-command-name): Likewise.
* guix/scripts/home.scm (process-command): Likewise.
* guix/scripts/home/edit.scm (service-type-not-found): Likewise.
* guix/scripts/import.scm (guix-import): Likewise.
* guix/scripts/package.scm (display-search-path-hint): Likewise.
* guix/scripts/pull.scm (build-and-install): Likewise.
* guix/scripts/shell.scm (auto-detect-manifest): Likewise.
* guix/scripts/system.scm (check-file-system-availability): Likewise.
(guix-system): Likewise.
* guix/scripts/system/edit.scm (service-type-not-found): Likewise.
* guix/status.scm (print-build-event): Likewise.
Fixes <https://issues.guix.gnu.org/60566> where even if "--preserve='^PATH$'"
was passed to 'guix shell' it would be replaced by just the FHS directories
when '--emulate-fhs' was also set.
* gnu/scripts/environment.scm (launch-environment): Add the FHS directories to
$PATH rather than overriding $PATH completely.
* tests/guix-environment-container.sh: Test that FHS directories are in $PATH
in the container and that $PATH can be preserved.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Previously, if the name service switch was dysfunctional, as can happen
on foreign distros lacking nscd, "guix shell -C" would crash with a
backtrace on the uncaught 'getpwuid' exception. To address that, catch
the exception and deal with it gracefully.
Reported by remsd1 on #guix.
* guix/scripts/environment.scm (launch-environment/container): Wrap
'getpwuid' call in 'false-if-exception'.
* guix/scripts/pack.scm (%options): Extract symlink parsing logic to...
(symlink-spec-option-parser): ... here.
(self-contained-tarball/builder): Add a comment mentioning why a relative file
name is used for the link target.
* guix/scripts/environment.scm (show-environment-options-help): Document new
--symlink option.
(%default-options): Add default value for symlinks.
(%options): Register new symlink option.
(launch-environment/container): Add #:symlinks argument and extend doc, and
create symlinks using evaluate-populate-directive.
(guix-environment*): Pass symlinks arguments to launch-environment/container.
* doc/guix.texi (Invoking guix shell): Document it.
* tests/guix-shell.sh: Add a --symlink (negative) test.
* tests/guix-environment-container.sh: Add tests.
These modules would use (guix grafts) just to access '%graft?' and
related bindings, which are now in (guix store).
* gnu/ci.scm,
guix/gexp.scm,
guix/lint.scm,
guix/scripts.scm,
guix/scripts/archive.scm,
guix/scripts/build.scm,
guix/scripts/challenge.scm,
guix/scripts/deploy.scm,
guix/scripts/environment.scm,
guix/scripts/home.scm,
guix/scripts/pack.scm,
guix/scripts/package.scm,
guix/scripts/pull.scm,
guix/scripts/size.scm,
guix/scripts/system.scm,
guix/scripts/weather.scm,
tests/builders.scm,
tests/channels.scm,
tests/cpan.scm,
tests/derivations.scm,
tests/gexp.scm,
tests/graph.scm,
tests/guix-daemon.sh,
tests/monads.scm,
tests/pack.scm,
tests/packages.scm,
tests/profiles.scm,
tests/system.scm: Remove #:use-module (guix grafts).
These typos were found and reported through weblate.
* gnu/packages/audio.scm (wildmidi)[description]: Fix typo.
* gnu/packages/games.scm (cgoban)[description]: Fix typo.
* gnu/services/version-control.scm (gitolite-service-type)[description]:
Fix typo.
* gnu/installer/newt/substitutes.scm (run-substitutes-page): Remove full
stop at end of title.
* gnu/machine/ssh.scm (machine-ssh-configuration-system): Move
punctuation outside of quotes.
* guix/scripts/home.scm (process-action): Remove trailing space before
newline.
* guix/scripts/system.scm (show-help): Fix typo.
* guix/scripts/environment.scm (with-store/maybe): Fix typo.
Previously, using 'guix shell -CF coreutils' twice (such that the
profile is cache) would result in:
guix shell: error: '--profile' cannot be used with package options
This patch fixes it by moving argument handling to (guix scripts shell),
before 'options-with-caching' is called.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Remove '--emulate-fhs'.
(guix-environment*): Pass OPTS as-is to 'options/resolve-packages'.
* guix/scripts/shell.scm (show-help, %options): Add '--emulate-fhs'.
Add the (expression . ...) component to RESULT right from the argument
handler.
* tests/guix-environment-container.sh: Change '--emulate-fhs' tests to
use 'guix shell' instead of 'guix environment'.
* guix/scripts/environment.scm (show-environment-options-help, %options): Add
'--emulate-fhs'.
(setup-fhs): New procedure. Setup for the Filesystem Hierarchy Standard (FHS)
container. Defines and uses FHS-SYMLINKS and LINK-CONTENTS to create FHS
expected directories and creates /etc/ld.so.conf.
(launch-environment): Add 'emulate-fhs?' key and implement it to set $PATH and
generate /etc/ld.so.cache before calling COMMAND.
(launch-environment/container): Add 'emulate-fhs?' and 'setup-hook' keys and
implement them. Define and use FHS-MAPPINGS, to set up additional bind mounts
in the container to follow FHS expectations.
(guix-environment*): Add glibc-for-fhs to the container packages when
'emulate-fhs?' key is in OPTS.
* doc/guix.texi (Invoking guix shell): Document '--emulate-fhs'.
(Invoking guix environment): Document '--emulate-fhs'.
* tests/guix-environment-container.sh: Add tests for '--emulate-fhs'.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Fixes a bug whereby, for example:
guix shell bash -- bash -c xyz
would erroneously print:
guix shell: error: bash: command not found
simply because the parent process could not distinguish that 127 from a
"genuine" 127 used by convention for "command not found".
* guix/scripts/environment.scm (launch-environment): Before exiting,
report a "command not found" error and suggest a command name.
(validate-exit-status): Remove.
(launch-environment/fork): Remove call
(launch-environment/container)[exit/status*]: Remove.
Call 'exit/status' instead of it.
Also factorize the --system and --target build options. Check that the passed
system and target arguments are known platforms.
* doc/guix.texi (Additional Build Options): Document the new --list-systems
and --list-targets options.
* guix/scripts/build.scm (show-cross-build-options-help,
show-emulated-build-options-help, list-systems, list-targets): New procedures.
(%standard-cross-build-options, %standard-emulated-build-options): New
variables.
(show-help): Remove --system and --target entries and use
show-cross-build-options-help and show-emulated-build-options-help procedures instead.
(%options): Remove --system and --target entries and use
%standard-cross-build-options and %standard-emulated-build-options variables instead.
* guix/scripts/archive.scm (show-help, %options): Adapt them.
* guix/scripts/environment.scm: Ditto.
* guix/scripts/graph.scm: Ditto.
* guix/scripts/pack.scm: Ditto.
* guix/scripts/pull.scm: Ditto.
* guix/scripts/size.scm: Ditto.
* guix/scripts/weather.scm: Ditto.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Partly fixes <https://issues.guix.gnu.org/53355>.
Reported by Chris Marusich <cmmarusich@gmail.com>.
* guix/scripts/environment.scm (guix-environment*): Warn and do nothing
when both '--check' and '--container' are used.
* guix/scripts/environment.scm (launch-environment): Call
'primitive-_exit' upon 'system-error.
(suggest-command-name, validate-exit-status): New procedures.
(launch-environment/fork): Call 'validate-exit-status'.
(launch-environment/container)[exit/status*]: New procedure.
Use it instead of 'exit/status'.
This further speeds up the 'guix environment -p PROFILE' case.
* guix/scripts/environment.scm (guix-environment*)[store-needed?]: New
variable.
[with-store/maybe]: New macro.
Use it instead of 'with-store', and remove 'with-build-handler' form.
