Re: python-tests: python-oslosphinx fixed. Please evaluate.
Leo Famulari writes: > On Mon, Feb 20, 2017 at 12:00:21AM +0100, Marius Bakke wrote: >> Danny Milosavljevic writes: >> > @Leo: Can you please start a new evaluation of python-tests? >> >> I pushed some other fixes recently and built most of `guix package -A >> python`, so I think we're ready for a new evaluation. I suggest we do a >> new evaluation on 'master' after fixing the most critical packages so we >> can include this in 'core-updates'. How does that sound? > > I just started a new evaluation of the branch. > >> These packages are known to fail still: >> >> python-dendropy >> python2-fastlmm >> python2-bandit >> python-openid >> python-axolotl >> >> + Many of the python2 variants of the openstack family libraries (oslo >> etc), which seems to have a unittest2 version mismatch. Should be >> easy to fix, but let's get some substitutes first :-) > > I think we should set '#:tests? #f' in these packages and build and > merge the branch. > > If these remaining test suite failures indicate that the packages are > broken, they will be equally broken with the test suites disabled. But > overall we will benefit from fixing this bug in python-build-system. I agree. Only two tests (out of 820) for python-dendropy fail: + test_fixed_species_tree_fitting (dendropy.test.test_multispeciescoalescent.MultispeciesCoalescentBasicTestCase) + test1 (dendropy.test.test_multispeciescoalescent.MultispeciesCoalescentFixedSingleTreesCalculationTestCase) Both fail with TypeError: unorderable types: Edge() < Edge() I think it’s worth building the package anyway after disabling these two tests. I reported the test failures upstream: https://github.com/jeetsukumaran/DendroPy/issues/77 -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net
grep-3.0 FAILS on Make phase
Hello, I've opened a new ticket to report a new error in 'grep' package on Hurd (version 3.0 and 2.28). https://debbugs.gnu.org/cgi/bugreport.cgi?bug=25821 /-/ CC localcharset.o CC glthread/lock.o glthread/lock.c: In function 'glthread_rwlock_init_for_glibc': glthread/lock.c:53:3: warning: implicit declaration of function 'pthread_rwlockattr_setkind_np' [-Wimplicit-function-declaration] err = pthread_rwlockattr_setkind_np (&attributes, ^ glthread/lock.c:54:40: error: 'PTHREAD_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP' undeclared (first use in this function) PTHREAD_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP); ^ glthread/lock.c:54:40: note: each undeclared identifier is reported only once for each function it appears in Makefile:1711: recipe for target 'glthread/lock.o' failed make[3]: *** [glthread/lock.o] Error 1 make[3]: Leaving directory '/tmp/guix-build-grep-3.0.drv-0/grep-3.0/lib' Makefile:1478: recipe for target 'all' failed make[2]: *** [all] Error 2 make[2]: Leaving directory '/tmp/guix-build-grep-3.0.drv-0/grep-3.0/lib' Makefile:1291: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/tmp/guix-build-grep-3.0.drv-0/grep-3.0' Makefile:1232: recipe for target 'all' failed make: *** [all] Error 2 phase `build' failed after 5.3 seconds /-/ Regards
Re: python-tests: python-oslosphinx fixed. Please evaluate.
On Mon, Feb 20, 2017 at 12:00:21AM +0100, Marius Bakke wrote: > Danny Milosavljevic writes: > > @Leo: Can you please start a new evaluation of python-tests? > > I pushed some other fixes recently and built most of `guix package -A > python`, so I think we're ready for a new evaluation. I suggest we do a > new evaluation on 'master' after fixing the most critical packages so we > can include this in 'core-updates'. How does that sound? I just started a new evaluation of the branch. > These packages are known to fail still: > > python-dendropy > python2-fastlmm > python2-bandit > python-openid > python-axolotl > > + Many of the python2 variants of the openstack family libraries (oslo > etc), which seems to have a unittest2 version mismatch. Should be > easy to fix, but let's get some substitutes first :-) I think we should set '#:tests? #f' in these packages and build and merge the branch. If these remaining test suite failures indicate that the packages are broken, they will be equally broken with the test suites disabled. But overall we will benefit from fixing this bug in python-build-system. signature.asc Description: PGP signature
Re: Leaving the guix project
On Mon, Feb 20, 2017 at 14:25:51 +0100, John Darrington wrote: > 3. Undertake extra paid employment in some activity (not necessarily computer > related) > which benefits the community, and spend the mony you earn to purchase harware > on which > GuixSD runs better. To add: certain things (like Wifi) do not require a full system replacement, either: adapters/cards of various sorts are available. I unfortunately haven't owned a laptop where the stock hardware works with free drivers; I have a ThinkPenguin wireless USB dongle that I plug into whatever I need to work with. In some laptops, you can simply remove and replace the built-in wireless card. -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05 Old: 2217 5B02 E626 BC98 D7C0 C2E5 F22B B815 8EE3 0EAB https://mikegerwitz.com signature.asc Description: PGP signature
[PATCH 2/4] services: openssh: Remove deprecated options.
* gnu/services/ssh.scm (openssh-config-file): Remove them. ()[rsa-authentication?]: Remove it. ()[protocol-number]: Remove it. * doc/guix.texi (Networking Services): Remove them. --- doc/guix.texi| 8 gnu/services/ssh.scm | 10 -- 2 files changed, 18 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 22eef3a64..fdfb88046 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9151,19 +9151,11 @@ false, users have to use other authentication method. Authorized public keys are stored in @file{~/.ssh/authorized_keys}. This is used only by protocol version 2. -@item @code{rsa-authentication?} (default: @code{#t}) -When true, users may log in using pure RSA authentication. When false, -users have to use other means of authentication. This is used only by -protocol 1. - @item @code{x11-forwarding?} (default: @code{#f}) When true, forwarding of X11 graphical client connections is enabled---in other words, @command{ssh} options @option{-X} and @option{-Y} will work. -@item @code{protocol-number} (default: @code{2}) -The SSH protocol number to use. - @item @code{challenge-response-authentication?} (default: @code{#f}) Specifies whether challenge response authentication is allowed (e.g. via PAM). diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 78641f526..fe4598927 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -273,12 +273,8 @@ The other options should be self-descriptive." (default #t)) (public-key-authentication? openssh-configuration-public-key-authentication? (default #t)) ;Boolean - (rsa-authentication? openssh-configuration-rsa-authentication? ;Boolean - (default #t)) (x11-forwarding? openssh-configuration-x11-forwarding? ;Boolean (default #f)) - (protocol-number openssh-configuration-protocol-number ;integer - (default 2)) (challenge-response-authentication? openssh-challenge-response-authentication? (default #f)) ;Boolean (use-pam? openssh-configuration-use-pam? @@ -311,9 +307,6 @@ The other options should be self-descriptive." #~(call-with-output-file #$output (lambda (port) (display "# Generated by 'openssh-service'.\n" port) - (format port "Protocol ~a\n" - #$(if (eq? (openssh-configuration-protocol-number config) 1) - "1" "2")) (format port "Port ~a\n" #$(number->string (openssh-configuration-port-number config))) (format port "PermitRootLogin ~a\n" @@ -330,9 +323,6 @@ The other options should be self-descriptive." (format port "PubkeyAuthentication ~a\n" #$(if (openssh-configuration-public-key-authentication? config) "yes" "no")) - (format port "RSAAuthentication ~a\n" - #$(if (openssh-configuration-rsa-authentication? config) - "yes" "no")) (format port "X11Forwarding ~a\n" #$(if (openssh-configuration-x11-forwarding? config) "yes" "no")) -- 2.11.1
[PATCH 1/4] services: openssh: Enable PAM.
* gnu/services/ssh.scm: (%openssh-pam-services): New variable. (openssh-service-type): Use it to extend PAM-ROOT-SERVICE-TYPE. ()[challenge-response-authentication?]: New field. ()[use-pam?]: New field. (openssh-config-file): Add them. * doc/guix.texi (Networking Services): Document them. --- doc/guix.texi| 16 gnu/services/ssh.scm | 17 - 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6cdb5e592..22eef3a64 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9163,6 +9163,22 @@ enabled---in other words, @command{ssh} options @option{-X} and @item @code{protocol-number} (default: @code{2}) The SSH protocol number to use. + +@item @code{challenge-response-authentication?} (default: @code{#f}) +Specifies whether challenge response authentication is allowed (e.g. via +PAM). + +@item @code{use-pam?} (default: @code{#t}) +Enables the Pluggable Authentication Module interface. If set to +@code{#t}, this will enable PAM authentication using +@code{challenge-response-authentication?} and +@code{password-authentication?}, in addition to PAM account and session +module processing for all authentication types. + +Because PAM challenge response authentication usually serves an +equivalent role to password authentication, you should disable either +@code{challenge-response-authentication?} or +@code{password-authentication?}. @end table @end deftp diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 58c35c9f5..78641f526 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -278,7 +278,11 @@ The other options should be self-descriptive." (x11-forwarding? openssh-configuration-x11-forwarding? ;Boolean (default #f)) (protocol-number openssh-configuration-protocol-number ;integer - (default 2))) + (default 2)) + (challenge-response-authentication? openssh-challenge-response-authentication? + (default #f)) ;Boolean + (use-pam? openssh-configuration-use-pam? + (default #t))) ;Boolean (define %openssh-accounts (list (user-group (name "sshd") (system? #t)) @@ -334,6 +338,12 @@ The other options should be self-descriptive." "yes" "no")) (format port "PidFile ~a\n" #$(openssh-configuration-pid-file config)) + (format port "ChallengeResponseAuthentication ~a\n" + #$(if (openssh-challenge-response-authentication? config) + "yes" "no")) + (format port "UsePAM ~a\n" + #$(if (openssh-configuration-use-pam? config) + "yes" "no")) #t (define (openssh-shepherd-service config) @@ -354,11 +364,16 @@ The other options should be self-descriptive." #:pid-file #$pid-file)) (stop #~(make-kill-destructor) +(define %openssh-pam-services + (list (unix-pam-service "sshd"))) + (define openssh-service-type (service-type (name 'openssh) (extensions (list (service-extension shepherd-root-service-type openssh-shepherd-service) + (service-extension pam-root-service-type + (const %openssh-pam-services)) (service-extension activation-service-type openssh-activation) (service-extension account-service-type -- 2.11.1
[PATCH 4/4] services: openssh: Add 'subsystems' option.
* gnu/services/ssh.scm (openssh-config-file): Add it. ()[subsystems]: Add it. * doc/guix.texi (Networking Services): Document it. --- doc/guix.texi| 19 + gnu/services/ssh.scm | 80 +--- 2 files changed, 64 insertions(+), 35 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index db0bf0f9b..69ff33149 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9175,6 +9175,25 @@ equivalent role to password authentication, you should disable either @item @code{print-last-log?} (default: @code{#t}) Specifies whether @command{sshd} should print the date and time of the last user login when a user logs in interactively. + +@item @code{subsystems} (default: @code{'()}) +Configures external subsystems (e.g. file transfer daemon). + +This is a list of two-element tuples, where each tuple contains the +subsystem name and a command (with optional arguments) to execute upon +subsystem request. + +The command @command{sftp-server} implements the SFTP file transfer +subsystem. +@example +'(("sftp" "/usr/libexec/sftp-server")) +@end example + +Alternately the name @command{internal-sftp} implements an in-process +SFTP server. +@example +'(("sftp" "internal-sftp")) +@end example @end table @end deftp diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 9e1449743..054743d11 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -280,7 +280,9 @@ The other options should be self-descriptive." (use-pam? openssh-configuration-use-pam? (default #t)) ;Boolean (print-last-log? openssh-configuration-print-last-log? - (default #t))) ;Boolean + (default #t)) ;Boolean + (subsystemsopenssh-configuration-subsystems + (default '( ;List of two-element tuples (define %openssh-accounts (list (user-group (name "sshd") (system? #t)) @@ -314,40 +316,48 @@ The other options should be self-descriptive." "Return the sshd configuration file corresponding to CONFIG." (computed-file "sshd_config" - #~(call-with-output-file #$output - (lambda (port) - (display "# Generated by 'openssh-service'.\n" port) - (format port "Port ~a\n" - #$(number->string (openssh-configuration-port-number config))) - (format port "PermitRootLogin ~a\n" - #$(match (openssh-configuration-permit-root-login config) - (#t "yes") - (#f "no") - ('without-password "without-password"))) - (format port "PermitEmptyPasswords ~a\n" - #$(if (openssh-configuration-allow-empty-passwords? config) - "yes" "no")) - (format port "PasswordAuthentication ~a\n" - #$(if (openssh-configuration-password-authentication? config) - "yes" "no")) - (format port "PubkeyAuthentication ~a\n" - #$(if (openssh-configuration-public-key-authentication? config) - "yes" "no")) - (format port "X11Forwarding ~a\n" - #$(if (openssh-configuration-x11-forwarding? config) - "yes" "no")) - (format port "PidFile ~a\n" - #$(openssh-configuration-pid-file config)) - (format port "ChallengeResponseAuthentication ~a\n" - #$(if (openssh-challenge-response-authentication? config) - "yes" "no")) - (format port "UsePAM ~a\n" - #$(if (openssh-configuration-use-pam? config) - "yes" "no")) - (format port "PrintLastLog ~a\n" - #$(if (openssh-configuration-print-last-log? config) - "yes" "no")) - #t + #~(begin + (use-modules (ice-9 match)) + (call-with-output-file #$output + (lambda (port) + (display "# Generated by 'openssh-service'.\n" port) + (format port "Port ~a\n" + #$(number->string + (openssh-configuration-port-number config))) + (format port "PermitRootLogin ~a\n" + #$(match (openssh-configuration-permit-root-login config) + (#t "yes") + (#f "no") + ('without-password "without-password"))) + (format port "PermitEmptyPasswords ~a\n" + #$(if (openssh-configuration-allow-empty-passwords? config) + "yes" "no")) + (format port "PasswordAuthentication ~a\n" + #$(if (openssh-configuration-password-authentication? config) + "yes" "no")) + (format port "PubkeyAuthentication ~a\n" + #$(if (openssh-configuration-public-key-authentication? + config) + "yes" "no
[PATCH 0/4] Openssh service patches
Here is an updated version of the patch series. It containes minor changes plus: - removal of deprecated 'Protocol' option, - PrintLastLog fix, - addition of 'subsystems' option (as suggested by ng0, see below). ng0, could you please test the 'Subsystem' patch? (I didn't test it.) Actually, I'm not sure it's worth adding, since the Match directive (which is often used along the Subsystem directive) is unsupported by the Openssh service. Comments are welcome! Clément Clément Lassieur (4): services: openssh: Enable PAM. services: openssh: Remove deprecated options. services: openssh: Fix 'PrintLastLog' default behaviour. services: openssh: Add 'subsystems' option. doc/guix.texi| 45 gnu/services/ssh.scm | 98 +--- 2 files changed, 101 insertions(+), 42 deletions(-) -- 2.11.1
[PATCH 3/4] services: openssh: Fix 'PrintLastLog' default behaviour.
* gnu/services/ssh.scm (openssh-config-file): Add 'pring-last-log?' option. ()[print-last-log?]: Add it. (openssh-activation): Touch /var/log/lastlog. * doc/guix.texi (Networking Services): Document 'pring-last-log?'. Before that, the service did not work as expected because /var/log/lastlog did not exist. --- doc/guix.texi| 4 gnu/services/ssh.scm | 13 + 2 files changed, 17 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index fdfb88046..db0bf0f9b 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9171,6 +9171,10 @@ Because PAM challenge response authentication usually serves an equivalent role to password authentication, you should disable either @code{challenge-response-authentication?} or @code{password-authentication?}. + +@item @code{print-last-log?} (default: @code{#t}) +Specifies whether @command{sshd} should print the date and time of the +last user login when a user logs in interactively. @end table @end deftp diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index fe4598927..9e1449743 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -278,6 +278,8 @@ The other options should be self-descriptive." (challenge-response-authentication? openssh-challenge-response-authentication? (default #f)) ;Boolean (use-pam? openssh-configuration-use-pam? + (default #t)) ;Boolean + (print-last-log? openssh-configuration-print-last-log? (default #t))) ;Boolean (define %openssh-accounts @@ -297,6 +299,14 @@ The other options should be self-descriptive." (mkdir-p "/etc/ssh") (mkdir-p (dirname #$(openssh-configuration-pid-file config))) + (define (touch file-name) +(call-with-output-file file-name (const #t))) + + (let ((lastlog "/var/log/lastlog")) +(when #$(openssh-configuration-print-last-log? config) + (unless (file-exists? lastlog) +(touch lastlog + ;; Generate missing host keys. (system* (string-append #$openssh "/bin/ssh-keygen") "-A"))) @@ -334,6 +344,9 @@ The other options should be self-descriptive." (format port "UsePAM ~a\n" #$(if (openssh-configuration-use-pam? config) "yes" "no")) + (format port "PrintLastLog ~a\n" + #$(if (openssh-configuration-print-last-log? config) + "yes" "no")) #t (define (openssh-shepherd-service config) -- 2.11.1
Re: Leaving the guix project
On 17-02-20 14:25:51, John Darrington wrote: > On Mon, Feb 20, 2017 at 09:59:05AM +0100, Tomas Cech wrote: > > Running GuixSD on HW not fully supported by linux-libre is painful for > me as well. I remember my first time success with GuixSD - after some > coffee and sweating I managed to deploy and boot GuixSD on my notebook > which had WiFi card requiring firmware to run. I wasn't able to fix > missing package without reboot. > > It took me some time to get with my own kernel (vanilla > based) and initrd on top of Guix (especially as Guile is still > language barrier for me). > > I'd love to see some coordinated effort outside of (or better on top of) > Guix to share such work. > > IMO a better way to spend your effort would be:- > > 1. Writing free drivers for the devices which are not in linux-libre and > submitting > them a patch; OR I wonder if either linux or linux-libre have a list of devices which can absolutely NOT be written free drivers for for whatever of the multiple reasons companies can come up with to go legal against reverse engineering. Resources are, well useful to have. > 2. Helping the development of low cost hardware which on which fully free > software > can run; OR > > 3. Undertake extra paid employment in some activity (not necessarily computer > related) > which benefits the community, and spend the mony you earn to purchase harware > on which > GuixSD runs better. > > > J' > > -- > Avoid eavesdropping. Send strong encrypted email. > PGP Public key ID: 1024D/2DE827B3 > fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3 > See http://sks-keyservers.net or any PGP keyserver for public key. >
Re: [PATCH] installer: Only build if guile-ncurses is available.
John Darrington writes: > It looks good to me. > > Feel free to push to wip-installer Done! -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net
Re: wrt git-exec-path patch
On 17-02-20 16:07:27, Leo Famulari wrote: > On Mon, Feb 20, 2017 at 08:59:23PM +, ng0 wrote: > > export > > GIT_EXEC_PATH="/home/ng0/.guix-profile/libexec/git-core${GIT_EXEC_PATH:+:}$GIT_EXEC_PATH" > > GIT_EXEC_PATH is not really a search path. Instead, it must point to a > single path. > > This works for me: > /home/leo/.guix-profile/libexec/git-core Okay, this fixed it for me, thanks! > > If there's no solution or explanation, my advice is to revert this. > > Perhaps, or we should make the recommendation show the correct path. Or > patch this path internally while building Git, if possible. >
Re: ANNOUNCE: Guix on Aarch64 !!
On Mon, Feb 20, 2017 at 04:32:18PM +0200, Efraim Flashner wrote: > Its my pleasure to announce that guix now has all the code necessary to > support aarch64! Currently support is limited to the core-updates > branch, but that shouldn't be too much of a problem, since currently > everything needs to be built from source. > > For those interested in the numbers, I built (at least) 13 copies of the > bootstrap binaries while attempting to pin down bugs. I'm using an > Odroid-C2 with Debian as a base and a 32GB SD card. After supplying > dependencies and running bootstrap and configure, make takes about 25 > minutes. It takes almost 16 hours, starting from an empty store, to > build all the way to hello. The board has a base of 2GB of RAM, about > 256 MB of which is used for graphics, but I somehow managed to enable zram, > which I'm guessing helped. Wow, awesome! I'm going to try it in QEMU. signature.asc Description: PGP signature
Re: wrt git-exec-path patch
On Mon, Feb 20, 2017 at 08:59:23PM +, ng0 wrote: > export > GIT_EXEC_PATH="/home/ng0/.guix-profile/libexec/git-core${GIT_EXEC_PATH:+:}$GIT_EXEC_PATH" GIT_EXEC_PATH is not really a search path. Instead, it must point to a single path. This works for me: /home/leo/.guix-profile/libexec/git-core > If there's no solution or explanation, my advice is to revert this. Perhaps, or we should make the recommendation show the correct path. Or patch this path internally while building Git, if possible.
Re: wrt git-exec-path patch
On 17-02-15 22:26:48, ng0 wrote: > Why was this patch necessary? I only face troubles with it. > > Fixed is now "git rebase" after someone in IRC told me to unset > GIT_EXEC_PATH, but git send-email is now "not a git command". > > This is on GuixSD. > > > commit 82de2655a16dcc7a8e3b992b4afd34ec32c244a6 > Author: David Craven > Date: Fri Feb 10 12:21:08 2017 +0100 > > gnu: git: Add GIT_EXEC_PATH search-path-specification. > > Enables git plugins to be found when in they're in the system profile. > > * gnu/packages/version-control.scm (git)[native-search-paths]: Add > GIT_EXEC_PATH. Remove git wrapper and outdated comment. > The recommendation was to export this: export GIT_EXEC_PATH="/home/ng0/.guix-profile/libexec/git-core${GIT_EXEC_PATH:+:}$GIT_EXEC_PATH" Afterwards, this is what leads to my error: ng0@wasp ~> cd src/guix/guix/ ng0@wasp ~/s/g/guix> torify git pull upstream master --rebase >From git://git.savannah.gnu.org/guix * branchmaster -> FETCH_HEAD /home/ng0/.guix-profile/libexec/git-core/git-sh-setup: line 46: /home/ng0/.guix-profile/libexec/git-core:/gnu/store/bbirr7a14463ahl3m378rwv5px4h2lk0-profile/libexec/git-core:/home/ng0/.guix-profile/libexec/git-core:/gnu/store/bbirr7a14463ahl3m378rwv5px4h2lk0-profile/libexec/git-core:/home/ng0/.guix-profile/libexec/git-core/git-sh-i18n: No such file or directory And when I unset GIT_EXEC_PATH, I can at least use --rebase, but I can't use git send-email. If there's no solution or explanation, my advice is to revert this.
Re: [PATCH] installer: Only build if guile-ncurses is available.
It looks good to me. Feel free to push to wip-installer J' On Mon, Feb 20, 2017 at 05:43:18PM +0100, Ricardo Wurmus wrote: Hi John, the following patch ensures that Guix can be built without the installer in case guile-ncurses is not available. This is primarily for the benefit of packagers who want to provide Guix on foreign distros, who would not benefit from the installer and who may not have guile-ncurses available. -- Avoid eavesdropping. Send strong encrypted email. PGP Public key ID: 1024D/2DE827B3 fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3 See http://sks-keyservers.net or any PGP keyserver for public key. signature.asc Description: Digital signature
Re: ANNOUNCE: Guix on Aarch64 !!
Efraim, On 20/02/17 15:32, Efraim Flashner wrote: > Its my pleasure to announce that guix now has all the code necessary > to support aarch64! Wow. Thank you so much for all the time you spent on this! Kind regards, T G-R signature.asc Description: OpenPGP digital signature
Re: ANNOUNCE: Guix on Aarch64 !!
On 02/20/2017 04:32 PM, Efraim Flashner wrote: > Its my pleasure to announce that guix now has all the code necessary to > support aarch64! Currently support is limited to the core-updates > branch, but that shouldn't be too much of a problem, since currently > everything needs to be built from source. Yaaay!! I am already building on my arm64 machine! Well done! :D Manolis
[PATCH] installer: Only build if guile-ncurses is available.
Hi John, the following patch ensures that Guix can be built without the installer in case guile-ncurses is not available. This is primarily for the benefit of packagers who want to provide Guix on foreign distros, who would not benefit from the installer and who may not have guile-ncurses available. >From fad5f5fb8dffb4a1cbe40ee9d31a346b901305d1 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 20 Feb 2017 17:26:35 +0100 Subject: [PATCH] installer: Only build if guile-ncurses is available. * configure.ac: Set HAVE_GUILE_NCURSES if Guile ncurses is available. * Makefile.am (MODULES): Add gurses modules only when HAVE_GUILE_NCURSES is true. * gnu/local.mk (GNU_SYSTEM_MODULES): Add the installer modules only when HAVE_GUILE_NCURSES is true. * guix/scripts/system.scm: Avoid loading the installer module. --- Makefile.am | 14 + configure.ac| 4 gnu/local.mk| 55 +++-- guix/scripts/system.scm | 7 ++- 4 files changed, 50 insertions(+), 30 deletions(-) diff --git a/Makefile.am b/Makefile.am index 2f9bf4744..0a8c6a61d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -30,10 +30,6 @@ nodist_noinst_SCRIPTS =\ include gnu/local.mk MODULES = \ - gurses/buttons.scm\ - gurses/form.scm \ - gurses/menu.scm \ - gurses/stexi.scm \ guix/base32.scm\ guix/base64.scm\ guix/cpio.scm \ @@ -166,6 +162,16 @@ MODULES = \ guix.scm \ $(GNU_SYSTEM_MODULES) +if HAVE_GUILE_NCURSES + +MODULES += \ + gurses/buttons.scm\ + gurses/form.scm \ + gurses/menu.scm\ + gurses/stexi.scm + +endif + if HAVE_GUILE_JSON MODULES += \ diff --git a/configure.ac b/configure.ac index 06b0618b4..3dff7cb9c 100644 --- a/configure.ac +++ b/configure.ac @@ -95,6 +95,10 @@ dnl guile-json is used for the PyPI package importer GUILE_MODULE_AVAILABLE([have_guile_json], [(json)]) AM_CONDITIONAL([HAVE_GUILE_JSON], [test "x$have_guile_json" = "xyes"]) +dnl guile-ncurses is used for the system installer +GUILE_MODULE_AVAILABLE([have_guile_ncurses], [(ncurses curses)]) +AM_CONDITIONAL([HAVE_GUILE_NCURSES], [test "x$have_guile_ncurses" = "xyes"]) + dnl Make sure we have a full-fledged Guile. GUIX_ASSERT_GUILE_FEATURES([regex posix socket net-db threads]) diff --git a/gnu/local.mk b/gnu/local.mk index 67fe767cd..9c0f27832 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -443,31 +443,6 @@ GNU_SYSTEM_MODULES =\ %D%/system/shadow.scm\ %D%/system/vm.scm\ \ - %D%/system/installer/filesystems.scm \ - %D%/system/installer/network.scm \ - %D%/system/installer/wireless.scm \ - %D%/system/installer/install.scm \ - %D%/system/installer/dialog.scm \ - %D%/system/installer/hostname.scm \ - %D%/system/installer/mount-point.scm \ - %D%/system/installer/guixsd-installer.scm \ - %D%/system/installer/disks.scm\ - %D%/system/installer/format.scm \ - %D%/system/installer/locale.scm \ - %D%/system/installer/levelled-stack.scm \ - %D%/system/installer/ping.scm \ - %D%/system/installer/key-map.scm \ - %D%/system/installer/role.scm \ - %D%/system/installer/user-edit.scm\ - %D%/system/installer/users.scm\ - %D%/system/installer/utils.scm\ - %D%/system/installer/page.scm \ - %D%/system/installer/passphrase.scm \ - %D%/system/installer/configure.scm\ - %D%/system/installer/time-zone.scm\ - %D%/system/installer/misc.scm \ - %D%/system/installer/partition-reader.scm \ - \ %D%/build/activation.scm \ %D%/build/cross-toolchain.scm \ %D%/build/file-systems.scm \ @@ -490,6 +465,36 @@ GNU_SYSTEM_MODULES =\ %D%/tests/ssh.scm\ %D%/tests/web.scm +if HAVE_GUILE_NCURSES + +GNU_SYSTEM_MODULES +=\ + %D%/system/installer/filesystems.scm \ + %D%/system/installer/network.scm \ + %D%/system/installer/wireless.scm \ + %D%/system/installer/install.scm \ + %D%/system/installer/dialog.scm \ + %D%/system/installer/hostname.scm \ + %D%/system/installer/mount-point.scm \ + %D%/system/installer/guixsd-installer.scm \ + %D%/system/installer/disks.scm \ + %D%/system/installer/format.scm \ + %D%/system/installer/locale.scm \ + %D%/system/installer/levelled-stack.scm \ + %D%/system/installer/ping.scm \ + %D%/system/installer/key-map.scm \ + %D%/system/installer/role.scm \ + %D%/system/installer/user-edit.scm\ + %D%/system/installer/users.scm\ + %D%/system/installer/utils.scm \ + %D%/system/installer/page.scm \ + %D%/sys
Re: ANNOUNCE: Guix on Aarch64 !!
Efraim Flashner writes: > Its my pleasure to announce that guix now has all the code necessary to > support aarch64! Currently support is limited to the core-updates > branch, but that shouldn't be too much of a problem, since currently > everything needs to be built from source. This is excellent! Thank you for persevering! > In my quest for alternative architectures I'm considering converting one > of my old macbooks to the x32 pseudo-arch and seeing if I can get guix > working there too. Yay for more ports! -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net
[PATCH] services: connman: Rework service.
* gnu/services/networking.scm (connman-service): Remove. (): New record specifying the package to be used (connman) and whether vpn plugin shall be disabled (disable-vpn?). (connman-configuration): New exported variable. (connman-configuration?): New exported variable. (connman-service-type): Export it. * doc/guix.texi (Networking Services): Adjust accordingly. --- doc/guix.texi | 34 +- gnu/services/networking.scm | 86 ++--- 2 files changed, 75 insertions(+), 45 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6cdb5e5..c00346d 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8972,16 +8972,34 @@ NetworkManager will not modify @code{resolv.conf}. @end deftp @cindex Connman -@deffn {Scheme Procedure} connman-service @ - [#:connman @var{connman}] -Return a service that runs @url{https://01.org/connman,Connman}, a network -connection manager. - -This service adds the @var{connman} package to the global profile, providing -several the @command{connmanctl} command to interact with the daemon and -configure networking." +@deffn {Scheme Variable} connman-service-type +This is the service type to run @url{https://01.org/connman,Connman}, +a network connection manager. + +Its value must be an +@code{connman-configuration} record as in this example: + +@example +(service connman-service-type + (connman-configuration + (disable-vpn? #t))) +@end example + +See below for details about @code{connman-configuration}. @end deffn +@deftp {Data Type} connman-configuration +Data Type representing the configuration of connman. + +@table @asis +@item @code{connman} (default: @var{connman}) +The connman package to use. + +@item @code{disable-vpn?} (default: @code{#f}) +When true, enable connman's vpn plugin. +@end table +@end deftp + @cindex WPA Supplicant @defvr {Scheme Variable} wpa-supplicant-service-type This is the service type to run @url{https://w1.fi/wpa_supplicant/,WPA diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 18bce2a..9b8e5b3 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -80,7 +80,10 @@ network-manager-configuration-dns network-manager-service-type -connman-service +connman-configuration +connman-configuration? +connman-service-type + wpa-supplicant-service-type openvswitch-service-type @@ -822,45 +825,54 @@ dns=" dns " ;;; Connman ;;; -(define %connman-activation - ;; Activation gexp for Connman. - #~(begin - (use-modules (guix build utils)) - (mkdir-p "/var/lib/connman/") - (mkdir-p "/var/lib/connman-vpn/"))) - -(define (connman-shepherd-service connman) +(define-record-type* + connman-configuration make-connman-configuration + connman-configuration? + (connman connman-configuration-connman +(default connman)) + (disable-vpn? connman-configuration-disable-vpn? +(default #f))) + +(define (connman-activation config) + (let ((disable-vpn? (connman-configuration-disable-vpn? config))) +(with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/lib/connman/") + (unless #$disable-vpn? +(mkdir-p "/var/lib/connman-vpn/")) + +(define (connman-shepherd-service config) "Return a shepherd service for Connman" - (list (shepherd-service - (documentation "Run Connman") - (provision '(networking)) - (requirement '(user-processes dbus-system loopback wpa-supplicant)) - (start #~(make-forkexec-constructor - (list (string-append #$connman -"/sbin/connmand") - "-n" "-r"))) - (stop #~(make-kill-destructor) + (and + (connman-configuration? config) + (let ((connman (connman-configuration-connman config)) + (disable-vpn? (connman-configuration-disable-vpn? config))) + (list (shepherd-service +(documentation "Run Connman") +(provision '(networking)) +(requirement + '(user-processes dbus-system loopback wpa-supplicant)) +(start #~(make-forkexec-constructor + (list (string-append #$connman + "/sbin/connmand") +"-n" "-r" +#$@(if disable-vpn? '("--noplugin=vpn") '() +(stop #~(make-kill-destructor))) (define connman-service-type - (service-type (name 'connman) -(extensions - (list (service-extension shepherd-root-service-type - connman-shepherd-service) - (service-extension dbus-root-service-type list) - (service-extension activation-
Re: ANNOUNCE: Guix on Aarch64 !!
Great work! I'm looking forward to trying it. J' On Mon, Feb 20, 2017 at 04:32:18PM +0200, Efraim Flashner wrote: Its my pleasure to announce that guix now has all the code necessary to support aarch64! Currently support is limited to the core-updates branch, but that shouldn't be too much of a problem, since currently everything needs to be built from source. For those interested in the numbers, I built (at least) 13 copies of the bootstrap binaries while attempting to pin down bugs. I'm using an Odroid-C2 with Debian as a base and a 32GB SD card. After supplying dependencies and running bootstrap and configure, make takes about 25 minutes. It takes almost 16 hours, starting from an empty store, to build all the way to hello. The board has a base of 2GB of RAM, about 256 MB of which is used for graphics, but I somehow managed to enable zram, which I'm guessing helped. In my quest for alternative architectures I'm considering converting one of my old macbooks to the x32 pseudo-arch and seeing if I can get guix working there too. -- Efraim Flashner ?? ?? GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted -- Avoid eavesdropping. Send strong encrypted email. PGP Public key ID: 1024D/2DE827B3 fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3 See http://sks-keyservers.net or any PGP keyserver for public key. signature.asc Description: Digital signature
ANNOUNCE: Guix on Aarch64 !!
Its my pleasure to announce that guix now has all the code necessary to support aarch64! Currently support is limited to the core-updates branch, but that shouldn't be too much of a problem, since currently everything needs to be built from source. For those interested in the numbers, I built (at least) 13 copies of the bootstrap binaries while attempting to pin down bugs. I'm using an Odroid-C2 with Debian as a base and a 32GB SD card. After supplying dependencies and running bootstrap and configure, make takes about 25 minutes. It takes almost 16 hours, starting from an empty store, to build all the way to hello. The board has a base of 2GB of RAM, about 256 MB of which is used for graphics, but I somehow managed to enable zram, which I'm guessing helped. In my quest for alternative architectures I'm considering converting one of my old macbooks to the x32 pseudo-arch and seeing if I can get guix working there too. -- Efraim Flashner אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted signature.asc Description: PGP signature
Re: Leaving the guix project
On Mon, Feb 20, 2017 at 09:59:05AM +0100, Tomas Cech wrote: Running GuixSD on HW not fully supported by linux-libre is painful for me as well. I remember my first time success with GuixSD - after some coffee and sweating I managed to deploy and boot GuixSD on my notebook which had WiFi card requiring firmware to run. I wasn't able to fix missing package without reboot. It took me some time to get with my own kernel (vanilla based) and initrd on top of Guix (especially as Guile is still language barrier for me). I'd love to see some coordinated effort outside of (or better on top of) Guix to share such work. IMO a better way to spend your effort would be:- 1. Writing free drivers for the devices which are not in linux-libre and submitting them a patch; OR 2. Helping the development of low cost hardware which on which fully free software can run; OR 3. Undertake extra paid employment in some activity (not necessarily computer related) which benefits the community, and spend the mony you earn to purchase harware on which GuixSD runs better. J' -- Avoid eavesdropping. Send strong encrypted email. PGP Public key ID: 1024D/2DE827B3 fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3 See http://sks-keyservers.net or any PGP keyserver for public key. signature.asc Description: Digital signature
Re: Leaving the guix project
On Sun, 19 Feb 2017 19:30:31 +0100, Alex Kost wrote: > > David Craven (2017-02-17 13:56 +0100) wrote: > > >> I think if you posit a free software project that works in the way you > >> describe ("on its own"), it would work very much like Guile works > >> right now. > > > > An operating system has to work on all hardware. Asking people to buy a > > RYF approved device to run guixsd is no different than apple requiring you > > to buy an apple computer to run mac os x. Turning guixsd into an embedded > > system for RYF devices is not something I want to spend time and effort on. > > I > > can't with good conscience recommend to people to buy a usb wifi adapter to > > use guixsd when I believe they have much larger privacy issues in their > > devices. > > > > To be comfortable contributing to a free project I need to know that people > > are > > able to do whatever THEY want, with those contributions, and not what the > > FSF > > wants. The FSDG and GNU philosophy prevent me from offering any kind of help > > and require me to do it hidden. What really gets to me is that I feel > > - whether justly > > or not - that the FSF believes I need to feel shame for doing and > > recommending > > whatever I believe is best. The word "immoral" in this context is > > simply unacceptable > > to me. > > > > Compliance with the FSDG makes guix very much dependent on an > > external entity. > > Thanks for this explanation. Now I understand your point and I agree > with it! I also don't like that by default GuixSD stricts itself to the > hardware supported by linux-libre. If linux-libre didn't support all > the hardware on my computer, most likely I would not used GuixSD at all. Running GuixSD on HW not fully supported by linux-libre is painful for me as well. I remember my first time success with GuixSD - after some coffee and sweating I managed to deploy and boot GuixSD on my notebook which had WiFi card requiring firmware to run. I wasn't able to fix missing package without reboot. It took me some time to get with my own kernel (vanilla based) and initrd on top of Guix (especially as Guile is still language barrier for me). I'd love to see some coordinated effort outside of (or better on top of) Guix to share such work. I value the freedom, I like the way that Guix cares about it. Yet I want and need to do something with my computer as well and this could help sometimes:) So, guys, where are your GIT repositories for GUIX_PACKAGE_PATH? S_W