* gnu/services/containers.scm: New file;
(rootless-podman-configuration): new variable;
(rootless-podman-service-subids): new variable;
(rootless-podman-service-accounts): new variable;
(rootless-podman-service-profile): new variable;
(rootless-podman-shepherd-services): new variable;
(rootless-podman-service-etc): new variable;
(rootless-podman-service-type): new variable.
* gnu/local.mk: Test it.
* gnu/local.mk: Add them.
* doc/guix.texi (Miscellaneous Services): Document it.
Change-Id: I041496474c1027da353bd6852f2554a065914d7a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit adds a Guix System service to handle allocation of subuid
and subgid requests. Users that don't care can just add themselves as a
subid-range and don't need to specify anything but their user name.
Users that care about specific ranges, such as possibly LXD, can specify
a start and a count.
* doc/guix.texi (Miscellaneous Services): Document it.
* gnu/build/activation.scm (activate-subuids+subgids): New variable.
* gnu/local.mk: Add gnu/tests/shadow.scm.
* gnu/system/accounts.scm (sexp->subid-range): New variable.
* gnu/system/shadow.scm (%root-subid): New variable;
(subids-configuration): new record;
(subid-range->gexp): new variable;
(assert-valid-subids): new variable;
(delete-duplicate-ranges): new variable;
(subids-activation): new variable;
(subids-extension): new record;
(append-subid-ranges): new variable;
(subids-extension-merge): new variable;
(subids-service-type): new variable.
* gnu/tests/shadow.scm (subids): New system test.
Change-Id: I3755e1c75771220c74fe8ae5de1a7d90f2376635
Signed-off-by: Giacomo Leidi <goodoldpaul@autistici.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/patches/librewolf-use-system-wide-dir.patch: New file.
* gnu/local.mk (dist_patch_DATA): Regisiter it.
* gnu/packages/librewolf.scm (make-librewolf-source)[patches]: Add it along with
torbrowser-compare-paths.patch.
(librewolf)[native-search-paths]: Add ICECAT_SYSTEM_DIR.
Change-Id: I8609d25a7e2725ad94ab257d720326639eb06778
* gnu/packages/patches/libjami-libgit2-compatibility.patch: New file.
* gnu/packages/jami.scm (libjami)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.
Change-Id: I6a87d47f9a0ec1663b7ad3459960e9aaaf4bf562
* gnu/packages/patches/pdl-2.019-glut-bitmap-fonts.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/perl-maths.scm (perl-pdl)[source]: Use it.
Change-Id: I0331b1192d75a69831168d2fd634cadaa6260cd4
* gnu/packages/patches/texmacs-wayland-hidpi.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/text-editors.scm (texmacs)[source]: Use it.
(texmacs-guile3)[source]: Use it.
(mogan)[source]: Use it.
Change-Id: Ida737433957cb26695bf43538cff4d5d1c8a83c3
Fixes CVEs 2024-10458, 2024-10459, 2024-10460, 2024-10461, 2024-10462,
2024-10463, 2024-10464, 2024-10465, 2024-10466, 2024-10467, 2024-11691,
2024-11692, 2024-11693, 2024-11694, 2024-11695, 2024-11696, 2024-11697,
2024-11698 and 2024-11699. See
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-48/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-64/> for
details.
* gnu/packages/patches/torbrowser-compare-paths.patch: New file.
* gnu/local.mk (dist_patch_DATA): Regisiter it.
* gnu/packages/tor-browsers.scm (firefox-locales): Update to
f75c1e6a305e68161037337767ece88e9de940b9.
(%torbrowser-build-date): Update to 20241125154204.
(%torbrowser-version): Update to 14.0.3.
(%torbrowser-firefox-version): Update to 128.5.0esr-14.0-1-build2.
(torbrowser-translation-base): Update to
caa431bbea1a76d7ad61eeda94086a1513762605.
(torbrowser-translation-specific): Update to
4314d0a7ce780ffdf82b84e324bfbc437198f993.
(make-torbrowser) [arguments] <#:phases>: On 'apply-guix-specific-patches
change icecat-compare-paths.patch to torbrowser-compare-paths.patch as
the patched file has changed its name between major versions.
On 'remove-cargo-frozen-flag, update the regex to match this newer version
string.
Change-Id: Ia5d445e387351b3d5d08ecb14c2f31bf4cc81396
Signed-off-by: Hilton Chain <hako@ultrarare.space>
* gnu/packages/patches/guile-emacs-build-fixes.patch: New file.
* gnu/packages/patches/guile-emacs-fix-configure.patch: Remove file.
* gnu/local.mk (dist_patch_DATA): Update accordingly.
* gnu/packages/emacs.scm (guile-emacs): Update to
8f87cbc1dae6a9e77368afc5736df8c342e9153d and use new patch.
[arguments]: Allow parallel-build. Do not strip-binaries.
Use recommended #:configure-flags and #:make-flags.
Add stages "help-patch-progam-file-names" and "touch-lisp/finder-inf.el".
No longer delete non-existent stage "strip-double-wrap". Delete stages
"patch-compilation-driver", "set-libgccjit-path", "validate-comp-integrity",
"restore-emacs-pdmp", "build-trampolines", and "install-site-start".
[native-search-paths]: New field.
Change-Id: I8153a55ef0061720ffd3c4833eff3ae6df3eccfc
See <https://logs.guix.gnu.org/hurd/2024-11-20.log#082237>.
* gnu/packages/patches/hurd-refcounts-assert.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/hurd.scm (hurd): Use it.
Change-Id: I51ee319f1b7e26a7ed0f4e9f69755aa596ea6877
* gnu/packages/patches/gdb-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gdb.scm (gdb-15): Use it in new variable.
(gdb-minmal-15): New variable.
(gdb/pinned): When building for the 64bit Hurd, set #:configure-flags to
"--enable-targets=i586-pc-gnu,x86_64-pc-gnu".
Change-Id: I52d28092be6c415b8668bb5a77d41c87df841351
* gnu/packages/patches/grub-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/bootloaders.scm (grub)[arguments]: When building for the 64bit
Hurd, use it in new "apply-hurd64-patch" stage.
Change-Id: I780f6a92418b49e5fe0d23eb1c90e155216f1428
* gnu/packages/patches/inetutils-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/admin.scm (inetutils)[arguments]: When building for the 64bit
Hurd, use it in new "apply-hurd64-patch" stage.
Change-Id: I780f6a92418b49e5fe0d23eb1c90e155216f1428
* gnu/packages/patches/hurd-64bit.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/hurd.scm (hurd)[source]: Use it.
[arguments]: When building for the 64bit Hurd, add "create-machine-symlink"
phase. In phases "build-libdde-linux" and "install-goodies", do not assume
x86, rather use actual ARCH, and follow upstream's "amd64" symlinking voodoo.
Change-Id: If264a91b2433add13f9121c482f0abe67ae5f1e9
* gnu/packages/patches/netdde-csum.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/hurd.scm (netdde)[source]: Use it.
[arguments]: Do not assume x86, rather use actual ARCH in #:make-flags, and
follow upstream's "amd64" symlinking voodoo.
Change-Id: Ie825e56779dae2f489066569dc3c4405bac778c1
* gnu/packages/patches/libpciaccess-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/xorg.scm (libpciaccess) [arguments]: Use g-expressions. When
building for the 64bit Hurd, use it in new "apply-hurd64-patch" phase.
Change-Id: I8936377da726681b748cc010e1fbae3fb19dee05
* gnu/packages/patches/pciutils-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/pciutils.scm (pciutils)[arguments]: Use g-expressions. When
building for the 64bit Hurd, use it in new "apply-hurd64-patch" phase.
Change-Id: I8936377da726681b748cc010e1fbae3fb19dee05
* gnu/packages/patches/openssl-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/tls.scm (openssl-3.0)[arguments]: When building for the 64bit
Hurd, use it in new "apply-hurd-patch" phase. In #:configure-flags use
"hurd-x86_64" for the 64bit Hurd.
Change-Id: I8936377da726681b748cc010e1fbae3fb19dee05
* gnu/packages/patches/libgpg-error-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnupg.scm (libgpg-error)[arguments]: Use it when building for
the 64bit Hurd.
Change-Id: Icabb7cd7bb5bcc771ccee5b8a7f57f52b9b58183
This fixes findutil's gnulib-tests's test-sigaction's raise call, by working
around an alleged gcc-14.2 optimization bug. See
<https://lists.gnu.org/archive/html/bug-hurd/2024-11/msg00143.html>.
* gnu/packages/patches/glibc-hurd64-gcc-14.2-tls-bug.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/base.scm (glibc/hurd): Use it.
Change-Id: I11e683f521f34dedeb7f739a2545f5d1d866922a
* gnu/packages/patches/guile-lzlib-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/guile.scm (guile-lzlib)[arguments]: Use G-expressions. When
building for the 64bit Hurd, or cross-compiling, use it in new
"apply-hurd64-patch" stage.
Change-Id: Id03f71baa80e2f4f967f54037ce7d9f1c5dc4bb6
These patches fix:
* Statically linked tar to hang/segfault upon issuing the "--mtime=@1"
warning; this is also applicable for the 32bit Hurd using glibc-2.39!
See <https://lists.gnu.org/archive/html/bug-hurd/2024-11/msg00115.html>.
* Shell replacement problems for the 64bit Hurd.
See <https://lists.debian.org/debian-hurd/2024/07/msg00063.html>.
* Findutil's gnulib-tests/test-sigaction failure.
* gnu/packages/patches/glibc-hurd-pthread_setcancelstate.patch,
gnu/packages/patches/glibc-hurd64-fault.patch,
gnu/packages/patches/glibc-hurd64-intr-msg-clobber.patch,
gnu/packages/patches/glibc-hurd64-sgms-context.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/base.scm (glibc/hurd): Use them.
Change-Id: I9ee65983876cd22ad1dc01aabb41a34074631599
* gnu/packages/patches/libxcrypt-hurd64.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/crypto.scm (libxcrypt)[arguments]: When building for the 64bit
Hurd, use it in new phase `apply-hurd64-patch'.
Change-Id: I795a591ef8282ee5b760fec43bd4ad849007f602
* gnu/packages/patches/gnumach-version.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/hurd.scm (gnumach-headers): Update to v1.8+git20240714 and use
it.
* gnu/packages/commencement.scm (gnumach-headers-boot0)[origin]: Reset
patches.
Change-Id: I147c64021c2ee79dfc4cd4fd9a29529eef8890c5
Reset .dict file mtime to start of the epoch before compressing with dictzip.
* gnu/packages/patches/freedict-tools-fix-determinism.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/dictionaries.scm (freedict-tools): Use it.
Signed-off-by: Runciter <runciter@whispers-vpn.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
gnu/packages/rust.scm (rust-1.81)[source]: Add patch to fix bootstrap of
1.82 on riscv64.
gnu/packages/rust.scm (rust-1.82): New variable.
gnu/packages/rust.scm (rust): Update to 1.82.
[source]: Update snippet for newer version.
[arguments]: Disable more tests in the 'disable-tests-requiring-crates.io
phase.
Change-Id: If6ff59011edca7a230946a3ba77b51f26cd47789
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
* gnu/packages/maths.scm (dune-istl): Update to 2.10.0.
[source]: Remove patch that has been applied upstream.
* gnu/packages/patches/dune-istl-fix-solver-playground.patch: Remove
file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Change-Id: Ifbbb6f2dea815159a1743ae6e622c154cf1cc9b0
Signed-off-by: Andreas Enge <andreas@enge.fr>
* gnu/packages/maths.scm (dune-grid): Update to 2.10.0.
[source]: Remove patch that has been applied upstream.
* gnu/packages/patches/dune-grid-add-missing-include-cassert.patch:
Remove file.
* gnu/local.mk (dist_patch_DATA): Remove it.
Change-Id: I793f9151ace3c5104fd2b8d74ace128e73133cf3
Signed-off-by: Andreas Enge <andreas@enge.fr>
