gnu: Remove KDE 4.

* gnu/packages/kde.scm (qjson): Move from here...
* gnu/packages/qt.scm (qjson): ...to here.
* gnu/packages/pumpio.scm: Drop inclusion of (gnu packages kde).
* gnu/packages/kde.scm: Delete file.
* gnu-system.am (GNU_SYSTEM_MODULES): Unregister it.
* gnu/packages/rdf.scm (soprano): Delete variable.

KDE 4 relies on Qt 4, which does not receive security updates any more.

gnu: qemu: Add fixes for CVE-2015-8619, CVE-2016-1981, CVE-2016-2197.

* gnu/packages/patches/qemu-CVE-2015-8619.patch,
  gnu/packages/patches/qemu-CVE-2016-1981.patch,
  gnu/packages/patches/qemu-CVE-2016-2197.patch,
  gnu/packages/patches/qemu-usb-ehci-oob-read.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/qemu.scm (qemu)[source]: Add patches.

gnu: cpio: Add fix for CVE-2016-2037.

* gnu/packages/patches/cpio-CVE-2016-2037.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/cpio.scm (cpio)[source]: Add patch.

gnu: glibc: Add fix for CVE-2015-7547.

* gnu/packages/patches/glibc-CVE-2015-7547.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc)[source]: Add patch.

gnu: Add mate-icon-theme.

* gnu/packages/mate.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* gnu/packages/mate.scm (mate-icon-theme): New variable.

gnu: Add Augeas.

* gnu/packages/augeas.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.

gnu: Add slurm.

* gnu/packages/parallel.scm (slurm): New variable.
* gnu/packages/patches/slurm-configure-remove-nonfree-contribs.patch:
  New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/parallel.scm: Introduce license name space.

Co-authored-by: Andreas Enge <andreas@enge.fr>

gnu: libsndfile: Update to 1.0.26 [with follow-up fix CVE-2015-7805].

Note: The previous fix for CVE-2015-7805 was incomplete.

* gnu/packages/patches/libsndfile-CVE-2014-9496.patch,
  gnu/packages/patches/libsndfile-CVE-2015-7805.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/pulseaudio.scm (libsndfile): Update to 1.0.26.
  [source]: Remove patches.

gnu: Add ocaml-findlib.

* gnu/packages/ocaml.scm (ocaml-findlib): New variable.
* gnu/packages/patches/ocaml-findlib-make-install.patch: New file.
* gnu-system.am (dist_patch_DATA): Register it.

gnu: gnupg: Add upstream fix for test failures on x86_64.

Fixes <https://debbugs.gnu.org/22558>.

* gnu/packages/patches/gnupg-simple-query-ignore-status-messages.patch: New
  file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnupg.scm (gnupg)[source]: Add patch.

gnu: Add tclxml.

* gnu/packages/patches/tclxml-3.2-install.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/tcl.scm (tclxml): New variable.

Signed-off-by: Leo Famulari <leo@famulari.name>

gnu: icecat: Update bundled graphite2 to 1.3.5 for security fixes.

* gnu/packages/patches/icecat-update-graphite2.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  Add TODO
  comment about using the system graphite2 in the future.

gnu: mit-krb5: Update to 1.13.3; add fixes for CVE-2015-{8629,8630,8631}.

* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2696.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2697.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: Delete files.
* gnu/packages/patches/mit-krb5-CVE-2015-8629.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8630.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8631.patch,
  gnu/packages/patches/mit-krb5-init-context-null-spnego.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/mit-krb5.scm (mit-krb5): Update to 1.13.3.
  [source]: Update URI to download conventional .tar.gz file.  Add patches.
  [native-inputs]: Remove old patches-as-inputs.
  [arguments]: Remove hacks needed to cope with the older unconventional
  tarball that contained an inner source tarball and signature: Remove
  #:modules argument, and the custom 'unpack' and 'apply-patches' phases.

gnu: xdotools: Update to 3.20150503.1

* gnu/packages/xdisorg.scm (xdotools): Upgrade to 3.20150503.1.
* gnu/packages/patches/xdotool-fix-makefile.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.

gnu: Add python-pygpgme

* gnu/packages/gnupg.scm (python-pygpgme, python2-pygpgme): New variables.
* gnu/packages/patches/pygpgme-disable-problematic-tests.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.

gnu: icecat: Re-enable the Ephemeral Diffie-Hellman cipher suites.

* gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.

gnu: icecat: Update to 38.6.0-gnu1.

* gnu/packages/patches/icecat-bug-1146335-pt1.patch,
  gnu/packages/patches/icecat-bug-1146335-pt2.patch,
  gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch,
  gnu/packages/patches/icecat-CVE-2016-1935.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/gnuzilla.scm (icecat): Update to 38.6.0-gnu1.
  [source]: Remove patches.

gnu: jasper: Add fixes for several security flaws.

* gnu/packages/patches/jasper-CVE-2007-2721.patch,
gnu/packages/patches/jasper-CVE-2008-3520.patch,
gnu/packages/patches/jasper-CVE-2011-4516-and-CVE-2011-4517.patch,
gnu/packages/patches/jasper-CVE-2014-8137.patch,
gnu/packages/patches/jasper-CVE-2014-8138.patch,
gnu/packages/patches/jasper-CVE-2014-8157.patch,
gnu/packages/patches/jasper-CVE-2014-8158.patch,
gnu/packages/patches/jasper-CVE-2014-9029.patch,
gnu/packages/patches/jasper-CVE-2016-1867.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.

gnu: perl-io-socket-ssl: Add workaround for OpenSSL-1.0.2f.

* gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-io-socket-ssl)[source]: Add patch.

guix system: 'reconfigure' loads and starts new services.

Partly fixes <http://bugs.gnu.org/22039>.

* gnu/services/herd.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* gnu/services/shepherd.scm (shepherd-service-canonical-name): New
procedure.
(shepherd-service-file): Export.
* guix/scripts/system.scm (upgrade-shepherd-services): New procedure.
(switch-to-system): Use it.
* guix/ui.scm (info): New procedure.
* doc/guix.texi (Invoking guix system): Mention system services.