~ruther/guix-local

ef5f5c8659b1ca3999e362dfa33478e0a0150ced — Ludovic Courtès 10 years ago 7c49ab5 
build: Protect against misconfiguration of localstatedir.

Suggested by Jookia <166291@gmail.com>.

* m4/guix.m4 (GUIX_CURRENT_LOCALSTATEDIR, GUIX_CHECK_LOCALSTATEDIR): New
macros.
* config-daemon.ac: Use 'GUIX_CHECK_LOCALSTATEDIR'.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Add --localstatedir.
* doc/guix.texi (Requirements): Mention --localstatedir.
(The Store): Mention LOCALSTATEDIR as such.
patch browse .tar.gz 
4 files changed, 63 insertions(+), 3 deletions(-)

M Makefile.am
M config-daemon.ac
M doc/guix.texi
M m4/guix.m4

M Makefile.am => Makefile.am +4 -0
@@ 421,7 421,11 @@ include daemon.am
endif BUILD_DAEMON

ACLOCAL_AMFLAGS = -I m4

# Pass an explicit '--localstatedir' so that configure does not error out if
# it finds an existing installation with a different localstatedir.
AM_DISTCHECK_CONFIGURE_FLAGS =			\
  --localstatedir="$$dc_install_base/var"	\
  --with-libgcrypt-prefix="$(LIBGCRYPT_PREFIX)"	\
  --with-libgcrypt-libdir="$(LIBGCRYPT_LIBDIR)"	\
  --with-nix-prefix="$(NIX_PREFIX)"		\


M config-daemon.ac => config-daemon.ac +2 -0
@@ 140,6 140,8 @@ if test "x$guix_build_daemon" = "xyes"; then
  GUIX_TEST_ROOT="$ac_cv_guix_test_root"
  AC_SUBST([GUIX_TEST_ROOT])

  GUIX_CHECK_LOCALSTATEDIR

  AC_CONFIG_FILES([nix/scripts/list-runtime-roots],
    [chmod +x nix/scripts/list-runtime-roots])
  AC_CONFIG_FILES([nix/scripts/substitute],


M doc/guix.texi => doc/guix.texi +11 -3
@@ 527,6 527,14 @@ following packages are also needed:
C++11 standard.
@end itemize

When configuring Guix on a system that already has a Guix installation,
be sure to specify the same state directory as the existing installation
using the @code{--localstatedir} option of the @command{configure}
script (@pxref{Directory Variables, @code{localstatedir},, standards,
GNU Coding Standards}).  The @command{configure} script protects against
unintended misconfiguration of @var{localstatedir} so you do not
inadvertently corrupt your store (@pxref{The Store}).

When a working installation of @url{http://nixos.org/nix/, the Nix package
manager} is available, you
can instead configure Guix with @code{--disable-daemon}.  In that case,


@@ 2945,9 2953,9 @@ Sub-directories in the store are referred to as @dfn{store items} or
sometimes @dfn{store paths}.  The store has an associated database that
contains information such as the store paths referred to by each store
path, and the list of @emph{valid} store items---results of successful
builds.  This database resides in @file{/var/guix/db} (or under whatever
state directory was specified @i{via} @option{--localstatedir} at
configure time).
builds.  This database resides in @file{@var{localstatedir}/guix/db},
where @var{localstatedir} is the state directory specified @i{via}
@option{--localstatedir} at configure time, usually @file{/var}.

The store is @emph{always} accessed by the daemon on behalf of its clients
(@pxref{Invoking guix-daemon}).  To manipulate the store, clients


M m4/guix.m4 => m4/guix.m4 +46 -0
@@ 307,3 307,49 @@ AC_DEFUN([GUIX_LIBGCRYPT_LIBDIR], [
     fi])
  $1="$guix_cv_libgcrypt_libdir"
])

dnl GUIX_CURRENT_LOCALSTATEDIR
dnl
dnl Determine the localstatedir of an existing Guix installation and set
dnl 'guix_cv_current_localstatedir' accordingly.  Set it to "none" if no
dnl existing installation was found.
AC_DEFUN([GUIX_CURRENT_LOCALSTATEDIR], [
  AC_PATH_PROG([GUILE], [guile])
  AC_CACHE_CHECK([the current installation's localstatedir],
    [guix_cv_current_localstatedir],
    [dnl Call 'dirname' because (guix config) appends "/guix" to LOCALSTATEDIR.
     guix_cv_current_localstatedir="`"$GUILE" \
       -c '(use-modules (guix config))
           (when (string=? %store-directory "'$storedir'")
             (display (dirname %state-directory)))' \
       2>/dev/null`"
     if test "x$guix_cv_current_localstatedir" = "x"; then
       guix_cv_current_localstatedir=none
     fi])])

dnl GUIX_CHECK_LOCALSTATEDIR
dnl
dnl Check that the LOCALSTATEDIR value is consistent with that of the existing
dnl Guix installation, if any.  Error out or warn if they do not match.
AC_DEFUN([GUIX_CHECK_LOCALSTATEDIR], [
  AC_REQUIRE([GUIX_CURRENT_LOCALSTATEDIR])
  if test "x$guix_cv_current_localstatedir" != "xnone"; then
    if test "$guix_cv_current_localstatedir" != "$guix_localstatedir"; then
      case "$localstatedir" in
        NONE|\${prefix}*)
          # User kept the default value---i.e., did not pass '--localstatedir'.
          AC_MSG_ERROR([chosen localstatedir '$guix_localstatedir' does not match \
that of the existing installation '$guix_cv_current_localstatedir'
Installing may corrupt $storedir!
Use './configure --localstatedir=$guix_cv_current_localstatedir'.])
          ;;
        *)
          # User passed an explicit '--localstatedir'.  Assume they know what
          # they're doing.
          AC_MSG_WARN([chosen localstatedir '$guix_localstatedir' does not match \
that of the existing installation '$guix_cv_current_localstatedir'])
          AC_MSG_WARN([installing may corrupt $storedir!])
         ;;
      esac
    fi
  fi])