gnu: trealla: Update to 2.88.2.
* gnu/packages/prolog.scm (trealla): Update to 2.88.2.
Change-Id: I452a589dd2ed8023de78a1a90d06dae02a183e89
doc: Briefly discuss default git branch name.
* doc/contributing.texi (Building from git): Discuss branch name.
Change-Id: I9ddb9318749c7974a8724355c1a6b18a98fa9e8e
Signed-off-by: Gabriel Wicki <gabriel@erlikon.ch>
gnu: grammalecte: Update to 2.3.0.
* gnu/packages/dictionaries.scm (grammalecte): Update to 2.3.0.
[source]: Update location.
Change-Id: Id5a9145102cdbf6f05b176e7f22e3ae5893b16a5
gnu: cantata: Update to 3.4.0.
* gnu/packages/mpd.scm (cantata): Update to 3.4.0.
[origin]: Remove unneeded bundled code.
[inputs]: Add karchive, kitemviews; remove unused libmusicbrainz, libebur128,
libmtp, mpg123, taglib.
Closes: guix/guix#5010
Change-Id: I9af0ec0f93d4d7b098217de8f77daf7cf26d90f4
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
gnu: mailutils: Update to 3.21.
* gnu/packages/mail.scm (mailutils): Update to 3.21.
Closes: guix/guix#5022
Change-Id: If12aa167438f205e0df0c5b7cb7661c3733fcc01
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
gnu: mu: Update to 1.12.14.
* gnu/packages/mail.scm (mu): Update to 1.12.14.
[arguments]<#:phases>{patch-bin-references}: Remove upstreamed patching.
Closes: guix/guix#5048
Change-Id: I54886215da506c8600e999f8f248b369389df0c1
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
guix-install.sh: Do not set GUILE_LOAD_PATH in zzz-guix.sh.
Channels from the load path will shadow channels used through time-machine or
used through any other guix than the one in ~/.config/guix/current. This is
true for all channels that are in ~/.config/guix/current except guix. On Guix
System, /run/current-system/profile/share/guile/site/3.0 is usually in
GUILE_LOAD_PATH that typically has only Guix, so no shadowing happens in most
cases.
For using Geiser and other sw, it's possible to configure them to use "guix
repl" that's intended for this use case. This is then makes the guix being
used explicit.
It is expected that this is only a temporary solution. After a proper
solutions is found, it will be reverted.
Workaround #4819.
Reverts: 78390634d76c0c75c6e93742fa7caec965194641.
Change-Id: I36b921a758618f382af9097003415f902b27c44b
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
guix-install.sh: Install AppArmor profile.
* etc/guix-install.sh (sys_maybe_setup_apparmor): New function.
(main_install): Call it.
(sys_delete_apparmor_profiles): New function.
(main_uninstall): Call it.
Fixes #4210.
Fixes <https://issues.guix.gnu.org/71226>.
Change-Id: Ice4bf4d91a1ae438fc5654dec327f53ae9a7b888
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
self: Install AppArmor profile.
* guix/self.scm (apparmor-tunables): New procedure.
(miscellaneous-files): Add etc/apparmor.d/{guix,guix-daemon,tunables/guix}.
Change-Id: I8952ef4097924d62432775cc39d38098785fdcdf
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
etc: Add AppArmor profile for the guix command.
* etc/apparmor.d/guix: New file.
* Makefile.am (nodist_apparmor_profile_DATA): Add it.
Change-Id: I3d61238203d7663ce582717f8e4eac4c6f679928
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
etc: Add AppArmor profile for the daemon.
* .gitignore: Add etc/apparmor.d/tunables/guix.
* Makefile.am (nodist_apparmor_profile_DATA)
(nodist_apparmor_profile_tunables_DATA): Define it.
* configure.ac: Generate etc/apparmor.d/tunables/guix. Add
--with-apparmor-profile-dir option.
* etc/apparmor.d/guix-daemon: New file.
* etc/apparmor.d/tunables/guix.in: New file.
* doc/guix.texi: Document AppArmor profiles.
* gnu/packages/package-management.scm (guix): Add future changes commented.
Change-Id: Iac7df9d642383cc46a2d450c3badef31199ab041
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
guix-daemon.service.in: Make service restartable.
Currently the service cannot be restarted, because the gnu store mount makes
it read-only. So fix this by removing the mount when starting the service.
"-" to accept failures, in case the command doesn't finish successfully,
chances are, the store can be mounted as RW, so continue.
"+" to run as root
Fixes: #4744
* etc/guix-daemon.service.in
(Service)<ExecStartPre>: Stop gnu-store.mount
(Service)<ExecStartPost>: Start gnu-store.mount
Change-Id: I296f5d8805497f8a7364b68d627eb6d4fc05dbff
gnu: pius: Update to 3.0.0-0.5f7c10b.
* gnu/packages/gnupg.scm (pius)[source]: Switch to git-fetch.
[build-system]: Switch to pyproject-build-system.
[arguments]<#:check>: Execute project test script.
[native-inputs]: Add python-setuptools.
[home-page]: Update url.
Change-Id: I8d1228789cde2de4dda67a07f9859bb47e510608
Signed-off-by: Cayetano Santos <csantosb@inventati.org>
Modified-by: Cayetano Santos <csantosb@inventati.org>
gnu: Add hare-mcron.
* gnu/packages/hare-apps.scm (hare-mcron): New variable.
Change-Id: I324f5711cf359ac996111f6adcb71db5ff68dda5
gnu: trealla: Update to 2.88.1.
* gnu/packages/prolog.scm (trealla): Update to 2.88.1.
Change-Id: I8770e77950a53ef0284fe50248bed5fab01d70a0
services: Modernize redis service.
* gnu/services/databases.scm
(redis-configuration): Rewrite using `define-configuration'.
(redis-shepherd-service): Honor it.
* doc/guix.texi (Database Services) <redis>: Regenerate
documentation.
Change-Id: I5b99822ca3d8d23fb5133497d00eada0336d0c65
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #2158
gnu: shepherd@1.0: Don't inherit package arguments.
Followup to e1038aee6da92263f0c3d2fdb91d46ee5b63d2ec.
Previously when cross compiling the fibers directory was reset to fibers 1.3
because evaluating the arguments of shepherd@0.10 with '(package-arguments
shepherd-0.10)' kept the reference to the fibers input of shepherd@0.10.
Work around this by not using 'substitute-keyword-arguments' and replacing
'this-package-input' with 'search-input-file'.
* gnu/packages/admin.scm (shepherd-1.0)[arguments]:
Replace 'substitute-keyword-arguments' with explicit arguments.
Use search-input-file in 'set-fibers-directory phase to search for the cross fibers.
Change-Id: Ia1061d8cea531569385f4a0136cfd22f27ce5a0e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #4672
archive: Make /etc/guix/signing-key.* readable by ‘guix-daemon’.
The manual suggests running ‘guix archive --generate-key’ as root, but that
would lead to root-owned /etc/guix/signing-key.{pub,sec}, with the secret key
unreadable by the unprivileged guix-daemon. This fixes it.
Reported in guix/guix#4844.
* guix/scripts/archive.scm (generate-key-pair)[ensure-daemon-ownership]: New
procedure.
Use it for ‘%public-key-file’, ‘%private-key-file’, and their parent
directory.
Reported-by: Rutherther <rutherther@ditigal.xyz>
Change-Id: I7ae980bfd40078fb7ef27a193217b15f366d5d50
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #4958
authenticate: Report failure to load keys to the daemon.
Previously, when failing to load a signing key, ‘guix authenticate’ would
print a backtrace and exit with a non-zero code. That, in turn, would lead
the guix-daemon child process to crash with:
nix/libutil/serialise.cc:15: virtual nix::BufferedSink::~BufferedSink(): Assertion `!bufPos' failed.
This patch fixes it by reporting the error to the daemon as was intended.
* guix/scripts/authenticate.scm (guix-authenticate): Arrange to call
‘load-key-pair’ from within ‘with-reply’.
* tests/guix-authenticate.sh: Test it.
Fixes: guix/guix#4928
Reported-by: Rutherther <rutherther@ditigal.xyz>
Change-Id: I8654ad6fdfbe18c55e1e85647d0c49f408d0574a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #4961
authenticate: Improve error replies.
* guix/scripts/authenticate.scm (guix-authenticate)[send-reply]: Wrap guard in
‘with-fluids’. Call ‘string-trim-right’ on the message string of ‘c’.
Change-Id: I6ab5f645f2dc9d6f53bb57eabb4de1df8212892f
Signed-off-by: Ludovic Courtès <ludo@gnu.org>