gnu: icecat: Update bundled graphite2 to 1.3.5 for security fixes.

* gnu/packages/patches/icecat-update-graphite2.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  Add TODO
  comment about using the system graphite2 in the future.

gnu: mit-krb5: Update to 1.13.3; add fixes for CVE-2015-{8629,8630,8631}.

* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2696.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2697.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: Delete files.
* gnu/packages/patches/mit-krb5-CVE-2015-8629.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8630.patch,
  gnu/packages/patches/mit-krb5-CVE-2015-8631.patch,
  gnu/packages/patches/mit-krb5-init-context-null-spnego.patch: New files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/mit-krb5.scm (mit-krb5): Update to 1.13.3.
  [source]: Update URI to download conventional .tar.gz file.  Add patches.
  [native-inputs]: Remove old patches-as-inputs.
  [arguments]: Remove hacks needed to cope with the older unconventional
  tarball that contained an inner source tarball and signature: Remove
  #:modules argument, and the custom 'unpack' and 'apply-patches' phases.

gnu: xdotools: Update to 3.20150503.1

* gnu/packages/xdisorg.scm (xdotools): Upgrade to 3.20150503.1.
* gnu/packages/patches/xdotool-fix-makefile.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.

gnu: Add python-pygpgme

* gnu/packages/gnupg.scm (python-pygpgme, python2-pygpgme): New variables.
* gnu/packages/patches/pygpgme-disable-problematic-tests.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.

gnu: icecat: Re-enable the Ephemeral Diffie-Hellman cipher suites.

* gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.

gnu: icecat: Update to 38.6.0-gnu1.

* gnu/packages/patches/icecat-bug-1146335-pt1.patch,
  gnu/packages/patches/icecat-bug-1146335-pt2.patch,
  gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch,
  gnu/packages/patches/icecat-CVE-2016-1935.patch: Delete files.
* gnu-system.am (dist_patch_DATA): Remove them.
* gnu/packages/gnuzilla.scm (icecat): Update to 38.6.0-gnu1.
  [source]: Remove patches.

gnu: jasper: Add fixes for several security flaws.

* gnu/packages/patches/jasper-CVE-2007-2721.patch,
gnu/packages/patches/jasper-CVE-2008-3520.patch,
gnu/packages/patches/jasper-CVE-2011-4516-and-CVE-2011-4517.patch,
gnu/packages/patches/jasper-CVE-2014-8137.patch,
gnu/packages/patches/jasper-CVE-2014-8138.patch,
gnu/packages/patches/jasper-CVE-2014-8157.patch,
gnu/packages/patches/jasper-CVE-2014-8158.patch,
gnu/packages/patches/jasper-CVE-2014-9029.patch,
gnu/packages/patches/jasper-CVE-2016-1867.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/image.scm (jasper)[source]: Add patches.

gnu: perl-io-socket-ssl: Add workaround for OpenSSL-1.0.2f.

* gnu/packages/patches/perl-io-socket-ssl-openssl-1.0.2f-fix.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/web.scm (perl-io-socket-ssl)[source]: Add patch.

guix system: 'reconfigure' loads and starts new services.

Partly fixes <http://bugs.gnu.org/22039>.

* gnu/services/herd.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
* gnu/services/shepherd.scm (shepherd-service-canonical-name): New
procedure.
(shepherd-service-file): Export.
* guix/scripts/system.scm (upgrade-shepherd-services): New procedure.
(switch-to-system): Use it.
* guix/ui.scm (info): New procedure.
* doc/guix.texi (Invoking guix system): Mention system services.

gnu: Add emacs-constants.

* gnu/packages/emacs.scm (emacs-constants): New variable.
* gnu/packages/patches/emacs-constants-lisp-like.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add it.

gnu: Add emacs-scheme-complete.

* gnu/packages/emacs.scm (emacs-scheme-complete): New variable.
* gnu/packages/patches/emacs-scheme-complete-scheme-r5rs-info.patch: New patch.
* gnu-system.am (dist_patch_DATA): Add the new patch.

gnu: qemu: Update to 2.5.0; add fixes for security flaws.

* gnu/packages/patches/qemu-CVE-2015-6855.patch: Delete file.
* gnu/packages/patches/qemu-virtio-9p-use-accessor-to-get-thread-pool.patch,
  gnu/packages/patches/qemu-CVE-2015-8558.patch,
  gnu/packages/patches/qemu-CVE-2015-8567.patch,
  gnu/packages/patches/qemu-CVE-2015-8613.patch,
  gnu/packages/patches/qemu-CVE-2015-8701.patch,
  gnu/packages/patches/qemu-CVE-2015-8743.patch,
  gnu/packages/patches/qemu-CVE-2016-1568.patch,
  gnu/packages/patches/qemu-CVE-2016-1922.patch: New files.
* gnu-system.am (dist_patch_DATA): Remove 'qemu-CVE-2015-6855.patch'; add the
  new patches.
* gnu/packages/qemu.scm (qemu): Update to 2.5.0.
  [source]: Remove old patches and add new ones.
  [arguments]: Add 'disable-test-qga' phase.
  (%glib-memory-vtable-patch, %glib-duplicate-test-patch): Remove variables.

gnu: linux-libre: Update to 4.4.1.

* gnu/packages/patches/linux-libre-CVE-2016-0728.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/linux.scm (linux-libre): Update to 4.4.1.
  [source]: Remove patch.

gnu: Add pinball.

* gnu/packages/games.scm (pinball): New variable.
* gnu/packages/patches/pinball-const-fix.patch,
  gnu/packages/patches/pinball-cstddef.patch,
  gnu/packages/patches/pinball-missing-separators.patch,
  gnu/packages/patches/pinball-src-deps.patch,
  gnu/packages/patches/pinball-system-ltdl.patch: New patches.
* gnu-system.am (dist_patch_DATA): Add them.

gnu: perl-tk: Update to 804.033.

* gnu/packages/tcl.scm (perl-tk): Update to 804.033.
[source]: Remove patch.
* gnu/packages/patches/perl-tk-x11-discover.patch: Remove file.
* gnu-system.am (dist_patch_DATA): Remove patch.

Rename (gnu services dmd) to (gnu services shepherd).

* gnu/services/dmd.scm: Rename to...
* gnu/services/shepherd.scm: ... this.
* gnu/system.scm: Use it.
* gnu/system/install.scm: Likewise.
* gnu/services/xorg.scm: Likewise.
* gnu/services/web.scm: Likewise.
* gnu/services/ssh.scm: Likewise.
* gnu/services/networking.scm: Likewise.
* gnu/services/mail.scm: Likewise.
* gnu/services/lirc.scm: Likewise.
* gnu/services/desktop.scm: Likewise.
* gnu/services/dbus.scm: Likewise.
* gnu/services/databases.scm: Likewise.
* gnu/services/base.scm: Likewise.
* gnu/services/avahi.scm: Likewise.
* guix/scripts/system.scm: Likewise.
* tests/services.scm: Likewise.
* tests/guix-system.sh: Likewise.
* doc/guix.texi (Shepherd Services): Adjust accordingly.
* gnu-system.am (GNU_SYSTEM_MODULES): Likewise.
* po/guix/POTFILES.in: Likewise.

build: Add 'DL' silent rule.

* Makefile.am (AM_V_DL, AM_V_DL_, AM_V_DL_0): New variables.
* gnu-system.am (gnu/packages/bootstrap/x86_64-linux/guile-2.0.9.tar.xz)
(gnu/packages/bootstrap/i686-linux/guile-2.0.9.tar.xz)
(gnu/packages/bootstrap/armhf-linux/guile-2.0.11.tar.xz)
(gnu/packages/bootstrap/mips64el-linux/guile-2.0.9.tar.xz): Use $(AM_V_DL).
* build-aux/download.scm: Print a line break between target and origin.

Merge branch 'core-updates'

gnu: icecat: Add fixes for CVE-2016-{1930,1935} and other bugs.

* gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch,
  gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch,
  gnu/packages/patches/icecat-CVE-2016-1935.patch,
  gnu/packages/patches/icecat-bug-1146335-pt1.patch,
  gnu/packages/patches/icecat-bug-1146335-pt2.patch,
  gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch: New
  files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.

gnu: c-ares: Move to adns.scm.

* gnu/packages/aria2.scm (c-ares): Move to...
* gnu/packages/adns.scm (c-ares): ... here.
* gnu/packages/aria2.scm: Remove file.
* gnu-system.am (GNU_SYSTEM_MODULES): Remove aria2.scm.