Re: Installing guix packages without root permissions (in HPC environments)

[Pjotr Prins]

Relocatable guix in action: https://github.com/lomereiter/sambamba/issues/219

[PATCH] import: pypi: Don't add setuptools to propagated-inputs.

[Carlo Zancanaro]

The pypi importer currently adds python-setuptools to the propagated
inputs. According to the manual we don't need to do this any more, so
here's a patch that updates the importer to match.

From d819fce415614d269fbb28f035963e6e0d6efbee Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro 
Date: Sat, 21 Jan 2017 16:15:21 +1100
Subject: [PATCH] import: pypi: Don't add setuptools to propagated-inputs.

* guix/import/pypi.scm (compute-inputs): Don't add setuptools to the imported
  package's propagated-inputs.
---
 guix/import/pypi.scm | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/guix/import/pypi.scm b/guix/import/pypi.scm
index 7cce0fc59..ed0d4297a 100644
--- a/guix/import/pypi.scm
+++ b/guix/import/pypi.scm
@@ -227,10 +227,8 @@ name/variable pairs describing the required inputs of this package."
   (sort
 (map (lambda (input)
(list input (list 'unquote (string->symbol input
- (append '("python-setuptools")
- ;; Argparse has been part of Python since 2.7.
- (remove (cut string=? "python-argparse" <>)
- (guess-requirements source-url wheel-url tarball
+ (remove (cut string=? "python-argparse" <>)
+ (guess-requirements source-url wheel-url tarball)))
 (lambda args
   (match args
 (((a _ ...) (b _ ...))
-- 
2.11.0



signature.asc
Description: PGP signature

[PATCH 3/4] gnu: Add python2-slowaes

[Carlo Zancanaro]

* gnu/packages/python.scm (python2-slowaes): New variable.
---
 gnu/packages/python.scm | 21 +
 1 file changed, 21 insertions(+)

diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 0ee1b6ef8..ad62c25e8 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -12516,3 +12516,24 @@ console.")
 
 (define-public python2-qrcode
   (package-with-python2 python-qrcode))
+
+;; SlowAES isn't compatible with Python 3.
+(define-public python2-slowaes
+  (package
+(name "python-slowaes")
+(version "0.1a1")
+(source
+ (origin
+   (method url-fetch)
+   (uri (pypi-uri "slowaes" version))
+   (sha256
+(base32
+ "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"
+(build-system python-build-system)
+(arguments `(#:python ,python-2))
+(home-page "http://code.google.com/p/slowaes/";)
+(synopsis "Implementation of AES in Python")
+(description "This package contains an implementation of AES in Python.
+This implementation is slow (hence the project name) but still useful when
+faster ones are not available.")
+(license license:asl2.0)))
-- 
2.11.0

[PATCH 2/4] gnu: Add python-qrcode.

[Carlo Zancanaro]

* gnu/packages/python.scm (python-qrcode, python2-qrcode): New variables.
---
 gnu/packages/python.scm | 25 +
 1 file changed, 25 insertions(+)

diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 21347b25e..0ee1b6ef8 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -12491,3 +12491,28 @@ a file-like object from which an arbitrarly-sized key 
can be read.")
 (define-public python2-pbkdf2
   (package-with-python2 python-pbkdf2))
 
+(define-public python-qrcode
+  (package
+(name "python-qrcode")
+(version "5.3")
+(source
+ (origin
+   (method url-fetch)
+   (uri (pypi-uri "qrcode" version))
+   (sha256
+(base32
+ "0kljfrfq0c2rmxf8am57333ia41kd0snbm2rnqbdy816hgpcq5a1"
+(build-system python-build-system)
+(home-page "https://github.com/lincolnloop/python-qrcode";)
+(synopsis "QR Code image generator")
+(description "This package provides a pure Python QR Code generator
+module.  It uses the Python Imaging Library (PIL) to allow for the generation
+of QR Codes.
+
+In addition this package provides a command line tool to generate QR codes and
+either write these QR codes to a file or do the output as ascii art at the
+console.")
+(license license:bsd-3)))
+
+(define-public python2-qrcode
+  (package-with-python2 python-qrcode))
-- 
2.11.0

[PATCH 1/4] gnu: Add python-pbkdf2.

[Carlo Zancanaro]

* gnu/packages/python.scm (python-pbkdf2, python2-pbkdf2): New variables.
---
 gnu/packages/python.scm | 29 +
 1 file changed, 29 insertions(+)

diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 6a5b0c4f1..21347b25e 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -34,6 +34,7 @@
 ;;; Copyright © 2016 Julien Lepiller 
 ;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice 
 ;;; Copyright © 2016 Thomas Danckaert 
+;;; Copyright © 2017 Carlo Zancanaro 
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -12462,3 +12463,31 @@ Features:
 @item Compiles templates into optimized, yet readable, Python code.
 @end enumerate")
 (license (license:x11-style "file://LICENSE"
+
+(define-public python-pbkdf2
+  (package
+(name "python-pbkdf2")
+(version "1.3")
+(source
+ (origin
+   (method url-fetch)
+   (uri (pypi-uri "pbkdf2" version))
+   (sha256
+(base32
+ "0yb99rl2mbsaamj571s1mf6vgniqh23v98k4632150hjkwv9fqxc"
+(build-system python-build-system)
+(home-page "http://www.dlitz.net/software/python-pbkdf2/";)
+(synopsis "Password-based key derivation")
+(description "This module implements the password-based key derivation
+function, PBKDF2, specified in RSA PKCS#5 v2.0.
+
+PKCS#5 v2.0 Password-Based Key Derivation is a key derivation function which
+is part of the RSA Public Key Cryptography Standards series.  The provided
+implementation takes a password or a passphrase and a salt value (and
+optionally a iteration count, a digest module, and a MAC module) and provides
+a file-like object from which an arbitrarly-sized key can be read.")
+(license license:expat)))
+
+(define-public python2-pbkdf2
+  (package-with-python2 python-pbkdf2))
+
-- 
2.11.0

Re: jquery 3.1.1

[Mike Gerwitz]

On Fri, Jan 20, 2017 at 22:14:42 +0100, Ludovic Courtès wrote:
> (One could argue that single-function packages are “trivial” from a
> copyright standpoint.  Then the subset of the npm repo containing those
> trivial packages could be viewed as a database of “facts” (which, in
> some jurisdiction, is covered by a “sui generis” right disjoint from
> copyright.))

That depends on the size/complexity of the function, but it's
interesting to consider the packaging situation in that manner.

It's also interesting to think about whether the recursive composition
of trivial (non-copyrightable) packages constitutes a copyrightable
work, and if so, at what point.  Because you'd otherwise imagine that
any program could be factored such that it is a sum of a large number of
trivial components.

I digress...

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
Old: 2217 5B02 E626 BC98 D7C0  C2E5 F22B B815 8EE3 0EAB
https://mikegerwitz.com


signature.asc
Description: PGP signature

Create a symlink /usr/bin/env by default in GuixSD?

[Mekeor Melire]

/bin/sh is often used in shebangs. I guess that's why GuixSD by default
creates that symlink which points to /gnu/store/HASH-bash-VERSION/bin/sh
which again is a symlink pointing
to /gnu/store/HASH-bash-VERSION/bin/bash.

/usr/bin/env is also used very often in shebangs. Wouldn't it make
sense to also create that symlink? Maybe
to /run/current-system/profile/bin/env? Maybe optionally, maybe by
default?

Re: [PATCH] gnu: Add kakoune

[Carlo Zancanaro]

Let's give this another try, then. I think I've taken into account all
your feedback, and I've updated to a more recent kakoune commit.

From a15396f186d5a88f7fbe1af21add9bbd40ddc59b Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro 
Date: Fri, 30 Dec 2016 02:15:59 +1100
Subject: [PATCH] gnu: Add kakoune

* gnu/packages/patches/kakoune-leave-manpages-uncompressed.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register patch.
* gnu/packages/text-editors.scm (kakoune): New variable.
---
 gnu/local.mk   |  1 +
 .../kakoune-leave-manpages-uncompressed.patch  | 69 +++
 gnu/packages/text-editors.scm  | 78 +-
 3 files changed, 147 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/kakoune-leave-manpages-uncompressed.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 2da8b82db..ce7a905d2 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -645,6 +645,7 @@ dist_patch_DATA =		\
   %D%/packages/patches/isl-0.11.1-aarch64-support.patch	\
   %D%/packages/patches/jbig2dec-ignore-testtest.patch		\
   %D%/packages/patches/jq-CVE-2015-8863.patch			\
+  %D%/packages/patches/kakoune-leave-manpages-uncompressed.patch		\
   %D%/packages/patches/kdbusaddons-kinit-file-name.patch	\
   %D%/packages/patches/khal-disable-failing-tests.patch		\
   %D%/packages/patches/khmer-use-libraries.patch\
diff --git a/gnu/packages/patches/kakoune-leave-manpages-uncompressed.patch b/gnu/packages/patches/kakoune-leave-manpages-uncompressed.patch
new file mode 100644
index 0..eb1acb34d
--- /dev/null
+++ b/gnu/packages/patches/kakoune-leave-manpages-uncompressed.patch
@@ -0,0 +1,69 @@
+Kakoune compresses its manpages, which makes the build non-reproducible (as it
+leaves timestamps in files). If we don't do that here, and instead do it in
+the guix phases `compress-manpages` then the build is reproducible.
+
+--- a/src/Makefile
 b/src/Makefile
+@@ -22,7 +22,7 @@
+ objects := $(addprefix ., $(sources:.cc=$(suffix).o))
+ deps := $(addprefix ., $(sources:.cc=$(suffix).d))
+ docs := $(wildcard ../doc/manpages/*.asciidoc)
+-mandocs := $(docs:.asciidoc=.gz)
++mandocs := $(docs:.asciidoc=.1)
+ 
+ PREFIX ?= /usr/local
+ DESTDIR ?= # root dir
+@@ -76,19 +76,17 @@
+ 	$(CXX) $(CPPFLAGS) $(CXXFLAGS) -MD -MP -MF $(addprefix ., $(<:.cc=$(suffix).d)) -c -o $@ $<
+ 
+ # Generate the man page
+-../doc/kak.1.gz: ../doc/kak.1.txt
++../doc/kak.1: ../doc/kak.1.txt
+ 	a2x --no-xmllint -f manpage $<
+-	gzip -f $(basename $<)
+ 
+ # Generate the editor's documentation pages
+ # Since `a2x` won't generate man pages if some sections are missing (which we don't need),
+-# we generate the pages, patch them and then compress them
+-../doc/manpages/%.gz: ../doc/manpages/%.asciidoc
++# we generate the pages and patch them
++../doc/manpages/%.1: ../doc/manpages/%.asciidoc
+ 	a2x --no-xmllint -f manpage $<
+ 	sed -i -r -e "s,^\.TH .+,.TH KAKOUNE 1 \"\" \"\" \"$(basename $(notdir $<))\"," \
+-	-e "/^\.SH \"NAME\"/{N;d;}" $(@:.gz=.1)
+-	gzip -f $(@:.gz=.1)
+-	mv -f $(@:.gz=.1.gz) $@
++	-e "/^\.SH \"NAME\"/{N;d;}" $@
++
+ 
+ check: test
+ test:
+@@ -97,7 +95,7 @@
+ TAGS: tags
+ tags:
+ 	ctags -R
+-man: ../doc/kak.1.gz
++man: ../doc/kak.1
+ doc: $(mandocs)
+ 
+ clean:
+@@ -124,8 +122,8 @@
+ 	[ -e $(sharedir)/autoload ]	|| ln -s rc	$(sharedir)/autoload
+ 	install	-m 0644	../colors/*	$(sharedir)/colors
+ 	install	-m 0644	../README.asciidoc $(docdir)
+-	install	-m 0644	../doc/manpages/*.gz $(docdir)/manpages
+-	install	-m 0644	../doc/kak.1.gz	$(mandir)
++	install	-m 0644	../doc/manpages/*.1 $(docdir)/manpages
++	install	-m 0644	../doc/kak.1	$(mandir)
+ 
+ install-strip: install
+ 	strip -s $(bindir)/kak
+@@ -134,7 +132,7 @@
+ 	rm -rf $(bindir)/kak \
+ 		$(sharedir)	\
+ 		$(docdir) \
+-		$(mandir)/kak.1.gz
++		$(mandir)/kak.1
+ 
+ .PHONY: check TAGS clean distclean installdirs install install-strip uninstall
+ .PHONY: tags test man doc
diff --git a/gnu/packages/text-editors.scm b/gnu/packages/text-editors.scm
index 4e2324dbe..8b7e95975 100644
--- a/gnu/packages/text-editors.scm
+++ b/gnu/packages/text-editors.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2016 José Miguel Sánchez García 
+;;; Copyright © 2016 Carlo Zancanaro 
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -19,13 +20,20 @@
 (define-module (gnu packages text-editors)
   #:use-module (guix packages)
   #:use-module (guix download)
+  #:use-module (guix git-download)
   #:use-module (guix utils)
   #:use-module (guix build-system gnu)
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (gnu packages)
   #:use-module (gnu packages lua)
   #:use-module (gnu packages ncurses)
-  #:use-module (gnu packages terminals))
+  #:use-module (gnu packages terminals)
+  #:use-module (gnu packages gcc)
+  #:use-module (gnu packages bash)
+  #:use-module (gnu packages documentation)
+  #:use-module (gnu packages boost)
+  #:use-mod

Re: pre-push signature hook error reporting [was Re: [PATCH v6] gnu: python-sphinx: Update to 1.4.8.]

[Leo Famulari]

On Fri, Jan 20, 2017 at 03:05:42PM +0100, Ludovic Courtès wrote:
> For the pre-push hook, the overhead seems reasonable (perhaps we could
> limit the range to commits after the first signed commit to avoid
> looping for no reason?) and an improvement.

I agree that it's reasonable and an improvement for the common case of
pushing to existing branches; only the new commits' signatures are
verified in this case.

It's a good idea to limit the range when pushing new branches. It will
still fail invariably, but it will fail more quickly.

I believe the first signed commit is e3d0fcbf7e55 (gnu: Default to
GCC 5.).

Due to merges in the history (I think), using `git rev-list` to
enumerate the commits from e3d0fcbf7e55^..HEAD gives a list of commits
begins with aae03c484f21832 (gnu: Add singular.), which is an earlier
commit.

That's a little confusing, but maybe it doesn't matter if we are just
trying to save the user some time before it fails. They'll have to
disable the hook to push a branch anyways.

WDYT?

> Eventually we could rewrite in Scheme using guile-git, which should be
> faster (no need to fork that much).

Yes, that would be good!


signature.asc
Description: PGP signature

Re: [PATCH] Update gd and php

[Leo Famulari]

On Fri, Jan 20, 2017 at 10:25:40PM +0100, Ludovic Courtès wrote:
> Leo Famulari  skribis:
> If gd-for-php has #f as its replacement, then nothing will be grafted to
> replace it.
> 
> Or am I missing something?

No, I am the one missing something. I built PHP (sans tests) and it does
refer to gd-2.2.4. I'm sorry for the confusion; I'm under the weather
these past few days.

However, PHP fails its test suite on my machine. The summary is below.
Please let me know which log files you might like me to share from the
build tree.

=
FAILED TEST SUMMARY
-
Test disk_free_space and its alias diskfreespace() functions : basic 
functionality [ext/standard/tests/file/disk_free_space_basic.phpt]
Test lstat() and stat() functions: usage variations - creating file/subdir 
[ext/standard/tests/file/lstat_stat_variation8.phpt]
Test lstat() and stat() functions: usage variations - deleting file/subdir 
[ext/standard/tests/file/lstat_stat_variation9.phpt]
=

=
WARNED TEST SUMMARY
-
Temporary leak on exception [Zend/tests/temporary_cleaning_001.phpt] (warn: 
XFAIL section but test passes)
Fundamental memory leak test on temporaries 
[Zend/tests/temporary_cleaning_003.phpt] (warn: XFAIL section but test passes)
Temporary leak with switch [Zend/tests/temporary_cleaning_004.phpt] (warn: 
XFAIL section but test passes)
Temporary leak with foreach [Zend/tests/temporary_cleaning_005.phpt] (warn: 
XFAIL section but test passes)
Exception after separation during indirect write to fcall result 
[Zend/tests/temporary_cleaning_006.phpt] (warn: XFAIL section but test passes)
Bug #72663: Create an Unexpected Object and Don't Invoke __wakeup() in 
Deserialization [ext/standard/tests/strings/bug72663_3.phpt] (warn: XFAIL 
section but test passes)
FPM: Test status page [sapi/fpm/tests/010.phpt] (warn: XFAIL section but test 
passes)
=

You may have found a problem in PHP.
This report can be automatically sent to the PHP QA team at
http://qa.php.net/reports and http://news.php.net/php.qa.reports
This gives us a better understanding of PHP's behavior.
If you don't want to send the report immediately you can choose
option "s" to save it.  You can then email it to qa-repo...@lists.php.net later.
Do you want to send this report now? [Yns]: 
Please enter your email address.
(Your address will be mangled so that it will not go out on any
mailinglist in plain text): sh: autoconf: command not found

Warning: fsockopen(): php_network_getaddresses: getaddrinfo failed: Name or 
service not known in /tmp/guix-build-php-7.0.14.drv-0/php-7.0.14/run-tests.php 
on line 1035

Warning: fsockopen(): unable to connect to qa.php.net:80 
(php_network_getaddresses: getaddrinfo failed: Name or service not known) in 
/tmp/guix-build-php-7.0.14.drv-0/php-7.0.14/run-tests.php on line 1035

The test script was unable to automatically send the report to PHP's QA Team
Please send 
/tmp/guix-build-php-7.0.14.drv-0/php-7.0.14/php_test_results_20170121_0053.txt 
to qa-repo...@lists.php.net manually, thank you.
make: *** [Makefile:236: test] Error 1
phase `check' failed after 1234.5 seconds


signature.asc
Description: PGP signature

Re: [PATCH] gnu: whois: Move mkpasswd to its own output.

[ng0]

Ludovic Courtès  writes:

> ng0  skribis:
>
>> Ludovic Courtès  writes:
>>
>>> Hey,
>>>
>>> ng0  skribis:
>>>
 Mkpasswd has nothing to do with whois, and upstream says so. I
 think we should be able to install whois and just have whois, not
 some random "historical bundled" binary in addition to whois.
 I'm just stating the sizes as in comparison to the other outputs
 they sometimes matter even if its just KiB.

 Like I've written in the opening email, another approach could be
 to simply delete mkpasswd from the output build and create an
 'mkpasswd' package (inheriting from whois) which does the same
 for whois.
>>>
>>> I might be overlooking something, but my gut reaction is that (1) it’s
>>> not “bundling” in that we don’t have any other package providing
>>> mkpasswd, and (2) it’s up to upstream to decide whether or not to
>>> distribute mkpasswd.
>>>
>>> WDYT?
>>>
>>> Ludo’.
>>>
>> And upstreams decision is not to do it (on making it a choice not
>> to build it or to move it to another tarball):
>>
>> "No, but thank you for asking."
>
> So upstream’s decision is to keep mkpasswd in whois?
>
>> So we stick with the default case? I'm still in favor for making
>> it separate guix packages.
>
> I’m still in favor of sticking to upstream’s decision, whatever that
> is.  But honestly, I fail to see why this is a big deal.  :-)
>
> Thanks,
> Ludo’.

Okay. If someone comes up with it again, we can discuss it. For
me it is done.
-- 
♥Ⓐ  ng0 -- https://www.inventati.org/patternsinthechaos/

Re: jquery 3.1.1

[Catonano]

2017-01-20 22:23 GMT+01:00 Ludovic Courtès :

> Hi!
>
> Catonano  skribis:
>
> > I made a crawler and I let it loose on the jquery 3.1.1 dependencies on
> > registry.npmjs.com
> >
> > It recursevely fetched the dependencies of jquery 3.1.1, then the
> > dependencies of the dependencies, then the dependencies of the
> dependencies
> > of the dependencies... and so on
> >
> > Until there were no more dependencies to fetch.
> >
> > It stored all such dependencies in a graph database made by the amazing
> > amz3 for their project, Culturia. They wrote about such project several
> > times on the guile-users mailing list.
>
> Neat!
>
> > It took days to download. And it took me months to produce a working
> > version of this code. Because I don't know Guile very well and maybe I'm
> > not that smart overall.
> >
> > Anyway, now I have a COMPLETE graph of the dependencies of jquery 3.1.1
> >
> > It's made of
> > 47311 vertices and
> > 324569 edges
>
> Impressive.
>
> I suppose the data you gathered about the graph could help guide usage
> of Jelle’s importer?  (… which we should consider merging BTW!)
>
>
I would be honored if my data could help guide usage of Jelle's importer.

That was exactly my idea when I started this. The Nodejs stuff can't be
treated with brute force.
A data oriented approach can help, here.

[PATCH] gnu: Add opencascade-oce

[Paul Garlick]

* gnu/packages/maths.scm: Add it
---
 gnu/packages/maths.scm | 49 +
 1 file changed, 49 insertions(+)

diff --git a/gnu/packages/maths.scm b/gnu/packages/maths.scm
index 313f6ac..62415e7 100644
--- a/gnu/packages/maths.scm
+++ b/gnu/packages/maths.scm
@@ -15,6 +15,7 @@
 ;;; Copyright © 2016 Ludovic Courtès 
 ;;; Copyright © 2016 Leo Famulari 
 ;;; Copyright © 2016 Thomas Danckaert 
+;;; Copyright © 2017 Paul Garlick 
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -43,6 +44,7 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system r)
   #:use-module (gnu packages algebra)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages boost)
   #:use-module (gnu packages check)
@@ -52,6 +54,7 @@
   #:use-module (gnu packages cyrus-sasl)
   #:use-module (gnu packages documentation)
   #:use-module (gnu packages elf)
+  #:use-module (gnu packages file)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages fltk)
   #:use-module (gnu packages fontutils)
@@ -78,6 +81,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages qt)
   #:use-module (gnu packages readline)
   #:use-module (gnu packages tbb)
   #:use-module (gnu packages shells)
@@ -2843,3 +2847,48 @@ instruction sets.  Thus, an application written with Vc 
can be compiled for:
 @end enumerate\n")
 (home-page "https://github.com/VcDevel/Vc";)
 (license license:bsd-3)))
+
+(define-public opencascade-oce
+  (package
+(name "opencascade-oce")
+(version "0.17.2")
+(source
+  (origin
+(method url-fetch)
+(uri (string-append
+   "https://github.com/tpaviot/oce/archive/OCE-";
+   version
+   ".tar.gz"))
+(sha256
+  (base32
+"0vpmnb0k5y2f7lpmwx9pg9yfq24zjvnsak5alzacncfm1hv9b6cd"
+(build-system cmake-build-system)
+(arguments
+ '(#:configure-flags
+(list "-DOCE_TESTING:BOOL=ON"
+  (string-append "-DOCE_INSTALL_PREFIX:PATH="
+(assoc-ref %outputs "out")
+(inputs
+  `(("freetype" ,freetype)
+("ftgl" ,ftgl)
+("glu" ,glu)
+("qt" ,qt)
+("libtool" ,libtool)
+("libxmu" ,libxmu)
+("file" ,file)
+("tk" ,tk)
+("tcl" ,tcl)
+("mesa" ,mesa)))
+(native-inputs
+  `(("python" ,python-wrapper)))
+(home-page "https://github.com/tpaviot/oce";)
+(synopsis
+  "Libraries for 3D modeling and numerical simulation")
+(description "OCE stands for Open CASCADE Community Edition.  The project
+gathers patches/improvements/experiments contributed by users over the official
+Open CASCADE library.")
+(license (list license:lgpl2.1; OCE libraries, with an exception for the
+  ; use of header files; see
+  ; OCCT_LGPL_EXCEPTION.txt
+   license:expat; file src/OpenGl/OpenGl_glext.h
+   license:bsd-3; test framework gtest
-- 
2.7.4

Ideas for Summer of Code 2017

[Mathieu Lirzin]

Hello,

GNU is applying as an organization for Google Summer of Code 2017.  So
this is time to start gathering ideas for possible Guix/Shepherd related
projects.

I have created a page based on the one from last year:

  https://libreplanet.org/wiki/Group:Guix/GSoC-2017

It's a Wiki, so feel free to contribute to it.

TIA.

-- 
Mathieu Lirzin
GPG: F2A3 8D7E EB2B 6640 5761  070D 0ADE E100 9460 4D37

Re: [PATCH 06/16] gnu: Add r-raremetals2.

[Ludovic Courtès]

Ricardo Wurmus  skribis:

> Ludovic Courtès  writes:
>
>> Ricardo Wurmus  skribis:
>>
>>> * gnu/packages/bioinformatics.scm (r-raremetals2): New variable.
>>
>> [...]
>>
>>> +(home-page "http://genome.sph.umich.edu/wiki/RareMETALS2";)
>>> +(synopsis "Analyze gene-level association tests for binary trait")
>>> +(description
>>> + "The R package rareMETALS2 is an extension of the R package 
>>> rareMETALS.
>>> +It was designed to meta-analyze gene-level association tests for binary 
>>> trait.
>>> +While rareMETALS offers a near-complete solution for meta-analysis of
>>> +gene-level tests for quantitative trait, it does not offer the optimal
>>> +solution for binary trait.  The package rareMETALS2 offers improved 
>>> features
>>> +for analyzing gene-level association tests in meta-analyses for binary
>>> +trait.")
>>> +(license license:gpl3)))
>>
>> The only piece of licensing info I could find is this line in
>> ‘DESCRIPTION’:
>>
>>   License: GPL3
>>
>> Does that mean “version 3 only” or “any later version”?
>
> It means “version 3 only”.  To indicate “any later version” the
> DESCRIPTION file would have to state “GPL (>= 3)”.  The importer knows
> about these conventions and generally does the right thing.  (It didn’t
> always do that in the past, though.)

Oh, perfect then.

Ludo’.

Re: [PATCH] Update gd and php

[Ludovic Courtès]

Leo Famulari  skribis:

> On Fri, Jan 20, 2017 at 05:12:46PM +0100, julien lepiller wrote:
>> How do you make php use gd-2.2.4, then? It needs to be updated too because
>> the security issues with gd are still present in our current php package.
>
> It seems that gd-for-php gets replaced by gd-2.2.4 now:
>
> $ ./pre-inst-env guix build -e '(@@ (gnu packages php) gd-for-php)'
> /gnu/store/xg2r8hk5axfq7xk1aj9ql5ncgkpnh0vk-gd-2.2.4
>
> But, building PHP with --dry-run implies that gd@2.2.3 will be used.
>
> I think that we need to set (replacement #f) in gd-for-php, so that PHP
> is built with gd@2.2.3, which will then be grafted to refer to gd-2.2.4
> in the built output of PHP.
>
> I'm a little unsure. Does anyone have advice?

If gd-for-php has #f as its replacement, then nothing will be grafted to
replace it.

Or am I missing something?

Ludo’.

Re: jquery 3.1.1

[Ludovic Courtès]

Hi!

Catonano  skribis:

> I made a crawler and I let it loose on the jquery 3.1.1 dependencies on
> registry.npmjs.com
>
> It recursevely fetched the dependencies of jquery 3.1.1, then the
> dependencies of the dependencies, then the dependencies of the dependencies
> of the dependencies... and so on
>
> Until there were no more dependencies to fetch.
>
> It stored all such dependencies in a graph database made by the amazing
> amz3 for their project, Culturia. They wrote about such project several
> times on the guile-users mailing list.

Neat!

> It took days to download. And it took me months to produce a working
> version of this code. Because I don't know Guile very well and maybe I'm
> not that smart overall.
>
> Anyway, now I have a COMPLETE graph of the dependencies of jquery 3.1.1
>
> It's made of
> 47311 vertices and
> 324569 edges

Impressive.

I suppose the data you gathered about the graph could help guide usage
of Jelle’s importer?  (… which we should consider merging BTW!)

Thanks,
Ludo’.

Re: jquery 3.1.1

[Ludovic Courtès]

Hey,

Mike Gerwitz  skribis:

> On Thu, Jan 19, 2017 at 21:48:44 +0100, Catonano wrote:
>> Anyway, now I have a COMPLETE graph of the dependencies of jquery 3.1.1
>>
>> It's made of
>> 47311 vertices and
>> 324569 edges
>
> lol...
>
>> Anyway, these broken packages pose a challenge to the mission of porting
>> Jquery into Guix, in my opinion,
>
> My greater concern is verifying licenses: that'd have to be considered
> in the DAG (...I hope it's a DAG; who knows what those node packages
> might be doing!) to flag potential problems.  The JS community is pretty
> lax on licensing (in both the permissive sense and the I-don't-care
> sense); the license might not be correct or might be missing
> entirely.  Or might not match what's in the source files.
>
> Verifying that many dependencies is going to be a challenge for an
> automated system; we'd want humans to look at many of them too to make
> sure things aren't fishy. :x  The problem is that one single dependency
> that's mischaracterized as free---even if it's one of the
> single-function packages---can destroy an entire project (e.g. jQuery).

Indeed, that’s terrible.

(One could argue that single-function packages are “trivial” from a
copyright standpoint.  Then the subset of the npm repo containing those
trivial packages could be viewed as a database of “facts” (which, in
some jurisdiction, is covered by a “sui generis” right disjoint from
copyright.))

>> One last fun fact: while I was watching the output flowing in my terminal,
>> I saw a package called
>>
>> "broccoli-funnel"
>
> Ah, they missed a really good logo opportunity!

:-)

Ludo’.

Re: [PATCH 01/35] gnu: Add r-cowplot.

[Ludovic Courtès]

Hi Raoul!

I think it’s the first time a newcomer says “hello” with a 35-patch
series, congrats on that.  :-)

To facilitate the process, can you confirm that you ran ‘guix lint’ on
the packages and generally followed
?

At first sight this looks good.  I suppose Ricardo (hi! :-)) or another
R person will take a look and apply the whole batch.

Thank you, and welcome!

Ludo’.

Re: Shadow -> 4.4

[Ludovic Courtès]

Leo Famulari  skribis:

> On Thu, Jan 19, 2017 at 08:06:34PM +, contact@cryptolab.net wrote:
>> Question: I don't prefer to crash and burn systems, which test is
>> enough to show that it works? Reconfiguring one of my own systems?
>
> Yes. If it breaks your system, you can always reboot into an earlier
> system generation. Another option is to use a VM. I tested both cases,
> and it works for me.

“make check-system TESTS=basic” is rather fast (as long as you don’t
have to build QEMU and Linux-libre) and should catch serious issues.

Ludo’.

Re: gnu: gnutls: Add gnutls-3.5.5 and gnutls-with-guile-next.

[Ludovic Courtès]

Hello!

Christopher Allan Webber  skribis:

> Hello!  I was talking in #guile and realized that even though guile-next
> now includes glorious https support via gnutls, few have tried it or
> know how to use it.
>
> It turns out you need a specially packaged version of gnutls!  Or,
> specially packaged until `guile-next' becomes just `guile'.
>
> Here's a patch that will give you that package.  You can give it a shot
> like so:
>
>   $ guix environment --ad-hoc guile-next gnutls-with-guile-next --pure

Good idea!  I ended up pushing a slightly different patch, calling the
package ‘guile2.2-gnutls’ to match what ‘package-for-guile-2.2’ does:

  
http://git.savannah.gnu.org/cgit/guix.git/commit/?id=079f013be2a3601518a67d65f4e39f7fabddb053

Let me know if anything’s wrong!

> Have fun hacking with https support,

BTW, it would be nice :-) to port this to Guile as well:

  
http://git.savannah.gnu.org/cgit/guix.git/commit/?id=bc3c41ce36349ed4ec758c70b48a7059e363043a
  
http://git.savannah.gnu.org/cgit/guix.git/commit/?id=580deec5b44d623e994e59ef07e9e0c5496762fd

Anyway, thanks for the heads-up!

Ludo’.

'python-tests' merge

[Marius Bakke]

>> I wonder if we should update scipy and numpy while at it. Thoughts?
>
> Ugh. I tried this out (plus matplotlib), but the latest matplotlib
> (2.0.0) has a circular dependency on ipython. Great.
>
> The motivation is that the scipy failure stems from the Sphinx update.
> I think I'll add an older Sphinx for now to get the ball rolling again;
> we should start a new 'python-updates' branch as soon as this is merged.

Turns out sphinx-1.5.1 broke matplotlib again. I've changed both
matplotlib and scipy to use python-sphinx@1.2.3 in a50e030141.

@Leo: Can you start a new evaluation? Hopefully we can get this merged
before the next 'core-updates' evaluation. Alternatively merge it to
that branch.


signature.asc
Description: PGP signature

Re:Re: [PATCH] Add fcitx-configtool

[Marius Bakke]

tumashu  writes:

> yes, it workswell for me

Thanks for confirming, pushed as 7386a0481c26d6 !


signature.asc
Description: PGP signature

[PATCH] gnu: add geos

[Björn Höfling]

* gnu/packages/geo.scm (geos): New variable.
---
 gnu/packages/geo.scm | 34 ++
 1 file changed, 34 insertions(+)

diff --git a/gnu/packages/geo.scm b/gnu/packages/geo.scm
index 797b9ea30..75fde2752 100644
--- a/gnu/packages/geo.scm
+++ b/gnu/packages/geo.scm
@@ -32,6 +32,40 @@
   #:use-module (gnu packages webkit)
   #:use-module (gnu packages xml))
 
+(define-public geos
+  (package
+(name "geos")
+(version "3.6.1")
+(source (origin
+  (method url-fetch)
+  (uri (string-append "http://download.osgeo.org/geos/geos-";
+  version
+  ".tar.bz2"))
+  (sha256
+   (base32
+"1icz31kd5sml2kdxhjznvmv33zfr6nig9l0i6bdcz9q9g8x4wbja"
+(build-system gnu-build-system)
+(arguments `(#:phases
+ (modify-phases %standard-phases
+   (add-after
+   'unpack 'patch-test-shebangs
+ (lambda _
+   (substitute* '("tests/xmltester/testrunner.sh"
+  "tests/geostest/testrunner.sh")
+ (("/bin/sh") (which "bash")))
+   #t)
+(inputs
+ `(("glib" ,glib)))
+(home-page "https://geos.osgeo.org/";)
+(synopsis "Geometry Engine - Open Source")
+(description
+ "GEOS (Geometry Engine - Open Source) is a C++ port of the
+Java Topology Suite (JTS).  As such, it aims to contain the complete
+functionality of JTS in C++.  This includes all the OpenGIS Simple Features
+for SQL spatial predicate functions and spatial operators,
+as well as specific JTS enhanced topology functions.")
+(license license:lgpl2.1)))
+
 ;;; FIXME GNOME Maps only runs within GNOME. On i3, it fails with this error:
 ;;; (org.gnome.Maps:8568): GLib-GIO-ERROR **: Settings schema
 ;;; 'org.gnome.desktop.interface' is not installed
-- 
2.11.0

Re: gnu: abbaye: Update to 2.0.1 from new repository.

[Alex Kost]

Adonay Felipe Nogueira (2017-01-15 11:48 -0200) wrote:

> After so much wait, we got L'Abbaye des Morts game out of Google
> Code. :)
>
> I had to remove the bundled fonts because they no longer use these
> directly in the game. It seems to be in their repository just because
> they don't want to lose the rare text font they found.

He-he :-)

> From 1991208b15a9a304224091c09dd80d01862d3e36 Mon Sep 17 00:00:00 2001
> From: Adonay Felipe Nogueira 
> Date: Sat, 14 Jan 2017 16:42:05 -0200
> Subject: [PATCH] gnu: abbaye: Update to 2.0.1 from new repository.
>
> * gnu/packages/games.scm: (abbaye): Update to 2.0.1.
> ---
>  gnu/packages/games.scm | 39 ---
>  1 file changed, 20 insertions(+), 19 deletions(-)
>
> diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm
> index c449f59..272fa0f 100644
> --- a/gnu/packages/games.scm
> +++ b/gnu/packages/games.scm
> @@ -24,6 +24,7 @@
>  ;;; Copyright © 2016 Efraim Flashner 
>  ;;; Copyright © 2016 Jan Nieuwenhuizen 
>  ;;; Copyright © 2016 Steve Webber 
> +;;; Copyright © 2017 Adonay "adfeno" Felipe Nogueira 
>  

Not sure what others think, but as for me, the above libreplanet link is
redundant…, and "adfeno" as well :-)

>  ;;;
>  ;;; This file is part of GNU Guix.
>  ;;;
> @@ -176,22 +177,24 @@ scriptable with Guile.")
>  (define-public abbaye
>(package
>  (name "abbaye")
> -(version "1.13")
> +(version "2.0.1")
>  (source
>   (origin
> -   (method url-fetch)
> -   (uri (string-append "https://storage.googleapis.com/";
> -   
> "google-code-archive-downloads/v2/code.google.com/"
> -   "abbaye-for-linux/abbaye-for-linux-src-"
> -   version ".tar.gz"))
> +   (method git-fetch)
> +   (uri (git-reference
> +  (url "git://github.com/nevat/abbayedesmorts-gpl.git")
> +  (commit (string-append "v" version

I think we prefer to use tarball snapshots instead of git-fetch:

  https://github.com/nevat/abbayedesmorts-gpl/archive/v2.0.1.tar.gz

> (sha256
>  (base32
> - "1wgvckgqa2084rbskxif58wbb83xbas8s1i8s7d57xbj08ryq8rk"
> + "1pwqf7r9bqb2p3xrw9i7y8pgr1401fy3mnnqpb1qkhmdl3gqi9hb"))
> +   (modules '((guix build utils)))
> +   (snippet
> + '(begin
> +;; Unbundle fonts.
> +(delete-file-recursively "fonts")
>  (build-system gnu-build-system)
>  (arguments
> - '(#:modules ((ice-9 match)
> -  (guix build gnu-build-system)
> -  (guix build utils))
> + '(#:make-flags '("CC=gcc")
> #:phases (modify-phases %standard-phases
>(add-after 'set-paths 'set-sdl-paths
>  (lambda* (#:key inputs #:allow-other-keys)
> @@ -199,12 +202,10 @@ scriptable with Guile.")
>(string-append (assoc-ref inputs "sdl-union")
>   "/include/SDL"
>(add-after 'patch-source-shebangs 'patch-makefile
> -(lambda* (#:key outputs #:allow-other-keys)
> -  ;; Replace /usr with package output directory.
> -  (for-each (lambda (file)
> -  (substitute* file
> -(("/usr") (assoc-ref outputs "out"
> -'("makefile" "src/pantallas.c" 
> "src/comun.h"
> +  (lambda* (#:key outputs #:allow-other-keys)
> +   ;; Replace /usr with package output 
> directory
> +   (substitute* "Makefile"
> +(("/usr") (assoc-ref outputs 
> "out")

You broke the indentation here, (but it's not a problem; the one who
will commit it, will probably fix it).  So patching "src/pantallas.c"
and "src/comun.h" is not needed anymore, right?

-- 
Alex

Re: [PATCH] Update gd and php

[Leo Famulari]

On Fri, Jan 20, 2017 at 05:12:46PM +0100, julien lepiller wrote:
> How do you make php use gd-2.2.4, then? It needs to be updated too because
> the security issues with gd are still present in our current php package.

It seems that gd-for-php gets replaced by gd-2.2.4 now:

$ ./pre-inst-env guix build -e '(@@ (gnu packages php) gd-for-php)'
/gnu/store/xg2r8hk5axfq7xk1aj9ql5ncgkpnh0vk-gd-2.2.4

But, building PHP with --dry-run implies that gd@2.2.3 will be used.

I think that we need to set (replacement #f) in gd-for-php, so that PHP
is built with gd@2.2.3, which will then be grafted to refer to gd-2.2.4
in the built output of PHP.

I'm a little unsure. Does anyone have advice?

Re: [PATCH] Update gd and php

[julien lepiller]

Le 2017-01-20 16:33, Leo Famulari a écrit :

On Fri, Jan 20, 2017 at 12:53:19AM -0500, Leo Famulari wrote:

And I think that PHP's use of libgd should be updated in the same
commit. Otherwise, after patch 1/2, PHP would require a gd-for-php 
with

patches that would fail to apply, leaving PHP broken for that commit.


I made a "thinko" here. My suggested patch wouldn't update the gd that
PHP is built with, but would only graft the output. So I've pushed the
graft without the change to PHP.


How do you make php use gd-2.2.4, then? It needs to be updated too 
because the security issues with gd are still present in our current php 
package.

Re: Install FAQ: Only build the non-deterministic packages?

[carlo von lynX]

On Fri, Jan 13, 2017 at 02:14:24PM +0100, Ludovic Courtès wrote:
> Hello!

Hej Ludó!

> The problem is that you never know whether a package is reproducible.

I see the philosophical debate you had at the summit, but
I think most users would be fine with something pragmatic
that *improves* the probability of software being secure
*compared* to the insecure operating systems of today.

So if 3 guix devs say they were able to reproduce libiberty.so 
for *my* architecture exactly as is distributed by gnunet-fs
or old-fashioned mirror networks, that is a starting point
that is sufficient for *me*.

Reproducible is a static factual goal when you define it
in a focused way on a *specific* version for *one* specific
architecture. If somebody fails to recreate the binaries
that 17 other people were able to create, then that is not
a reason to panic. It simply means there is a bug in the
process. But 17 got the same binary, so *that* binary cannot
be affected by attackers, by men in the middle. That is
enough. That the mechanism doesn't *always* work is
irrelevant for security.

> At best you can tell that a package is *not* reproducible, but that’s
> it.

But that isn't actually important. As soon as two people managed
to compile a package identically, be it because they started
the process in the exact same millisecond, then they created
a binary package that I can trust if I have reason to believe
that these two people would never conspire against me.

Admittedly the term "reproducible" doesn't apply then, but
still that binary package is better than any rpm out there.
So when it comes to facts, the real need on the street is
much easier to achieve as any abstract perfectionism that
may have confused some minds at the summit.

Rok Garbas writes in 
https://garbas.si/2016/reproducible-builds-summit-in-berlin.html as follows:
| What I realized during the summit is that reproducibility is not something 
which is true or false, but something that we is true until somebody disproves 
it. Reproducibility is a goal which we are always working towards, just like 
security.

But isn't that an overspecification of the problem? Letting
perfectionism distract from the actual goal: having binaries
that a number of other people can confirm to be backdoor-free.
Looks like I should better have been at the summit to help
unconfuse this thinking.

| Getting the involvement outside of the Debian community is high on the list, 
since everybody realizes that only with common efforts we will be able to 
achive reproducibility nirvana.

I disagree on this as well. As soon as one distro has the
reproducibility figured out, it has good chances of being
the next big distro of choice. The next debian, the next
Ubuntu. Users don't care for how many contributors are left
behind in the historic distributions. I expect Guix or Nix
to take over similarly as git wiped out cvs and subversion.
A hybrid strategy might survive, as humanity loves backward
compatible kludges.

| Many of us look down on language specific package managers

With all good reasons. Had free software provided an encompassing
package manager that solves the issues, all of these self-service
restaurants shouldn't have materialized. Unfortunately, only when
challenges are *really* hard, like developing a git, a Tor or a
Linux kernel - then the number of alternative projects is limited
and has good reasons to exist - whereas doing your own package
manager is *fun*, or at least it looks like fun at first, so it
will be repeated over and over and the same design mistakes will
be done over and over because the software industry is among the
worst in learning from the past. 

To me the solution is simple. I don't care for a single of those
languages if it won't be willing to make it reproducible. Bad
enough that it takes an older gcc to bootstrap gcc. nodejs folks
may think the world has no chance of turning without them, but
if they don't get their act together, the next most popular OS
of this planet simply will not ship a *single* nodejs app. No
matter how many amazing problems of humanity they managed to
solve in Javascript. If it's not bootstrappable, it is neither
free software, nor open source. It is proprietary software.
These languages should be banned from open source distros as
having to "trust upstream binaries" is a breach of license
and the promise made to the users of FLOSS.

| I got the impression that the sole reason of reproducible builds is that you 
would be more secure. That implies that everybody cares about security. Which 
would be great, but in a world with tight deadlines and startups security is 
usually the first thing that gets crossed out of the list. We need to make a 
more compelling reason then just security.

As soon as reproducibility is realistic and popular among a
certain percentage of users, professionals and hacktivists,
I can imagine political parties taking the issue into 
parliaments, legislating computer reproducibility as a
precondition

Re: [PATCH] Update gd and php

[Leo Famulari]

On Fri, Jan 20, 2017 at 12:53:19AM -0500, Leo Famulari wrote:
> And I think that PHP's use of libgd should be updated in the same
> commit. Otherwise, after patch 1/2, PHP would require a gd-for-php with
> patches that would fail to apply, leaving PHP broken for that commit.

I made a "thinko" here. My suggested patch wouldn't update the gd that
PHP is built with, but would only graft the output. So I've pushed the
graft without the change to PHP.


signature.asc
Description: PGP signature

Re: [PATCH 1/1] gnu: gd: Replace with gd-2.2.4 [fixes CVE-2016-{6912, 9317} and others].

[Leo Famulari]

On Fri, Jan 20, 2017 at 02:49:50PM +0100, Ludovic Courtès wrote:
> Leo Famulari  skribis:
> >  (define-public php
> >(package
> >  (name "php")
> > @@ -291,7 +280,7 @@
> > ("curl" ,curl)
> > ("cyrus-sasl" ,cyrus-sasl)
> > ("freetype" ,freetype)
> > -   ("gd" ,gd-for-php)
> > +   ("gd" ,gd)
> 
> I don’t think we can do this since gd (not its replacement) is still
> 2.2.3.
> 
> WDYT?

Oops, you're right :/

> Otherwise LGTM.

Pushed as 3f0603ea653cefa9ff728c2637d3cd0d778b3602.

Re: [PATCH] gnu: whois: Move mkpasswd to its own output.

[Ricardo Wurmus]

ng0  writes:

>> I might be overlooking something, but my gut reaction is that (1) it’s
>> not “bundling” in that we don’t have any other package providing
>> mkpasswd, and (2) it’s up to upstream to decide whether or not to
>> distribute mkpasswd.
>>
>> WDYT?
>>
>> Ludo’.
>>
> And upstreams decision is not to do it (on making it a choice not
> to build it or to move it to another tarball):
>
> "No, but thank you for asking."
>
> I think it's informative and neutral enough that I can just share
> this.
>
> So we stick with the default case? I'm still in favor for making
> it separate guix packages.

I’d rather stick with what upstream provides.  I don’t see an advantage
of separating these tools.

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

Re: [PATCH 2/2] services: network-manager: Use record for configuration.

[宋文武]

Christopher Baines  writes:

> 宋文武  writes:
>
>> Christopher Baines  writes:
>>
>>> * gnu/services/network-manager.scm (): New
>>> record type.
>>> (network-manager-shpeherd-service): Change to use the
>>> network-manager-configuration record, rather than a package.  Generate a
>>> simple configuration file from the network-manager-configuration record.
>>> (network-manager-service-type): Update extensions to take the
>>> network-manager-configuration rather than a package.
>>> ---
>>>  gnu/services/networking.scm | 77 
>>> +
>>>  1 file changed, 50 insertions(+), 27 deletions(-)
>>
>> Thanks, could you mention the remove of 'network-manager-service' in the
>> changelog and update the 'Network Manager' section of manual?
>
> Thanks for your review. I've sent an updated patch now, which includes
> the removal of network-manager-service in the commit message (I'm hoping
> that is what you meant by changelog), and manual updates.

Applied, thank you!

Re: [PATCH] gnu: Add ldc-1.1.0-beta6

[Ludovic Courtès]

Frederick Muriithi  skribis:

> On 19 Jan 2017 3:47 p.m., "Ludovic Courtès"  wrote:
>
>  ... However, on my x86_64 machine, the build fails with:
>  --8<---cut here---start->8---
>  99% tests passed, 1 tests failed out of 751
>
>  Total Test time (real) = 2134.61 sec
>
>  The following tests FAILED:
>  235 - std.datetime (Failed)
>  Errors while running CTest
>  make: *** [Makefile:76: test] Error 8
>  --8<---cut here---end--->8---
>
>  Any idea what’s amiss?
>
> If you have the time , look in builild/Testing/Temporary/Last test.log file 
> in the debug folder created by guix with the --keep-failed flag: If you can't,
> I'll look at it when I get back to my computer.

Please do!

TIA,
Ludo’.

Re: [PATCH 06/16] gnu: Add r-raremetals2.

[Ricardo Wurmus]

Ludovic Courtès  writes:

> Ricardo Wurmus  skribis:
>
>> * gnu/packages/bioinformatics.scm (r-raremetals2): New variable.
>
> [...]
>
>> +(home-page "http://genome.sph.umich.edu/wiki/RareMETALS2";)
>> +(synopsis "Analyze gene-level association tests for binary trait")
>> +(description
>> + "The R package rareMETALS2 is an extension of the R package rareMETALS.
>> +It was designed to meta-analyze gene-level association tests for binary 
>> trait.
>> +While rareMETALS offers a near-complete solution for meta-analysis of
>> +gene-level tests for quantitative trait, it does not offer the optimal
>> +solution for binary trait.  The package rareMETALS2 offers improved features
>> +for analyzing gene-level association tests in meta-analyses for binary
>> +trait.")
>> +(license license:gpl3)))
>
> The only piece of licensing info I could find is this line in
> ‘DESCRIPTION’:
>
>   License: GPL3
>
> Does that mean “version 3 only” or “any later version”?

It means “version 3 only”.  To indicate “any later version” the
DESCRIPTION file would have to state “GPL (>= 3)”.  The importer knows
about these conventions and generally does the right thing.  (It didn’t
always do that in the past, though.)

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

Re: [PATCH 2/2] gnu: Add openvpn service.

[Ludovic Courtès]

Alex Kost  skribis:

> Ludovic Courtès (2017-01-19 12:51 +0100) wrote:

[...]

>> The problem is that people using indent-code.el typically have raw Emacs
>> with scheme-mode, but most likely without Geiser and Emacs-Guix.  So we
>> need a mechanism that works in that case.
>
> ... I see 2 ways:
>
> - either using "guix environment emacs-guix" as Ricardo proposed
>   initially,
>
> - or simply by adding the required indentation rules for all the missing
>   keywords directly into "indent-code.el".
>
> I prefer the latter as it seems simple and clean.

Done, thanks!

Ludo’.

Re: A postinst equivalent in Guix?

[Ludovic Courtès]

Hi,

Georgi Kirilov  skribis:

> is there anything in Guix that can do things at install time, like postinst
> scripts in Debian?

No.  There are “profile hooks” in (guix profiles) that are used to a
similar effect, for instance to assemble the ‘dir’ file that contains
pointers to Info documentation.

> A program in a package I created is trying to access /var, but has no
> permissions. (Well, /gnu/store/.../var)
> The 'install' make target was doing 'chgrp' and 'install -g', but I had to
> remove these because there was no such group in the chroot jail. And it
> would be wrong anyway, as the gid in the jail would be different from that
> in the systems where the package will be installed.
> So, I guess /gnu/store/.../var has to be chgrp-ed during installation, on
> the user's system.

First, you probably need to pass --localstatedir=/var to this package’s
configure state, since at run time it won’t be able to write to
/gnu/store/…/var anyway.

Second, it will try and fail to create /var.  The way to address that is
by simply commenting out or patching out the offending commands.  See
for instance ‘avahi-localstatedir.patch’ or ‘mcron-install.patch’.

HTH!

Ludo’.

Re: [PATCH 3/4] gnu: Add kdev-python.

[Ludovic Courtès]

Thomas Danckaert  skribis:

>> process 1051: D-Bus library appears to be incorrectly set up; failed
>> to read machine uuid: Failed to open "/etc/machine-id": No such file
>> or directory See the manual page for dbus-uuidgen to correct this
>> issue.
>>
>>   D-Bus not built with -rdynamic so unable to print a backtrace
>
> Any ideas on how to continue?

Probably:

  (setenv "DBUS_FATAL_WARNINGS" "0")

There are several packages using that.

HTH!

Ludo’.

Re: pre-push signature hook error reporting [was Re: [PATCH v6] gnu: python-sphinx: Update to 1.4.8.]

[Ludovic Courtès]

Leo Famulari  skribis:

> On Fri, Jan 13, 2017 at 10:24:00AM -0500, Leo Famulari wrote:
>> I bet that you are using the new pre-push hook that verifies commit
>> signatures, and you're trying to push some commits that fail the
>> signature verification check.
>> 
>> Someone should add some error reporting to the hook.
>
> In Git 2.11.0, it seems that `git verify-commit` can't tell the user
> which commits failed verification:
>
> https://git.kernel.org/cgit/git/git.git/tree/builtin/verify-commit.c?h=v2.11.0
>
> With a warm cache and all the public keys on my machine, checking the
> signature of all 17813 commits on the master branch takes ~40 seconds
> with `git verify-commit $(git rev-list HEAD)`. This is what the pre-push
> hook does now.
>
> Checking the commits one at a time takes ~105 seconds, using something
> like this:
>
> for commit in $(git rev-list HEAD); do
>   if ! git verify-commit $commit; then
>   echo $commit
>   fi
> done
>
> We could make the hook do something like that. Thoughts? I think the
> performance regression is worth the convenience of knowing why it
> failed.

For the pre-push hook, the overhead seems reasonable (perhaps we could
limit the range to commits after the first signed commit to avoid
looping for no reason?) and an improvement.

Eventually we could rewrite in Scheme using guile-git, which should be
faster (no need to fork that much).

Thanks!

Ludo’.

Re: [PATCH] gnu: whois: Move mkpasswd to its own output.

[Ludovic Courtès]

ng0  skribis:

> Ludovic Courtès  writes:
>
>> Hey,
>>
>> ng0  skribis:
>>
>>> Mkpasswd has nothing to do with whois, and upstream says so. I
>>> think we should be able to install whois and just have whois, not
>>> some random "historical bundled" binary in addition to whois.
>>> I'm just stating the sizes as in comparison to the other outputs
>>> they sometimes matter even if its just KiB.
>>>
>>> Like I've written in the opening email, another approach could be
>>> to simply delete mkpasswd from the output build and create an
>>> 'mkpasswd' package (inheriting from whois) which does the same
>>> for whois.
>>
>> I might be overlooking something, but my gut reaction is that (1) it’s
>> not “bundling” in that we don’t have any other package providing
>> mkpasswd, and (2) it’s up to upstream to decide whether or not to
>> distribute mkpasswd.
>>
>> WDYT?
>>
>> Ludo’.
>>
> And upstreams decision is not to do it (on making it a choice not
> to build it or to move it to another tarball):
>
> "No, but thank you for asking."

So upstream’s decision is to keep mkpasswd in whois?

> So we stick with the default case? I'm still in favor for making
> it separate guix packages.

I’m still in favor of sticking to upstream’s decision, whatever that
is.  But honestly, I fail to see why this is a big deal.  :-)

Thanks,
Ludo’.

Re: [PATCH 1/1] gnu: gd: Replace with gd-2.2.4 [fixes CVE-2016-{6912, 9317} and others].

[Ludovic Courtès]

Leo Famulari  skribis:

> 'CHANGELOG.md' in the development repository lists several fixed bugs with
> potential security implications:
>
> https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md
>
> * gnu/packages/gd.scm (gd)[replacement]: New field.
> (gd-2.2.4): New variable.
> * gnu/packages/php.scm (gd-for-php): Remove variable.
> (php)[inputs]: Replace gd-for-php with gd.
> * gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch,
> gnu/packages/patches/gd-fix-truecolor-format-correction.patch: Delete files.
> * gnu/local.mk (dist_patch_DATA): Remove them.

[...]

> --- a/gnu/packages/php.scm
> +++ b/gnu/packages/php.scm
> @@ -50,17 +50,6 @@
>#:use-module (guix build-system gnu)
>#:use-module ((guix licenses) #:prefix license:))
>  
> -;; This fixes PHP bugs 73155 and 73159. Remove when gd
> -;; is updated to > 2.2.3.
> -(define gd-for-php
> -  (package (inherit gd)
> -   (source
> -(origin
> -  (inherit (package-source gd))
> -  (patches (search-patches
> -"gd-fix-truecolor-format-correction.patch"
> -"gd-fix-chunk-size-on-boundaries.patch"))
> -
>  (define-public php
>(package
>  (name "php")
> @@ -291,7 +280,7 @@
> ("curl" ,curl)
> ("cyrus-sasl" ,cyrus-sasl)
> ("freetype" ,freetype)
> -   ("gd" ,gd-for-php)
> +   ("gd" ,gd)

I don’t think we can do this since gd (not its replacement) is still
2.2.3.

WDYT?

Otherwise LGTM.

Thank you!

Ludo’.

Re: [PATCH] gnu: Add lsyncd.

[Ludovic Courtès]

Ricardo Wurmus  skribis:

> * gnu/packages/sync.scm (lsyncd): New variable.

LGTM, thanks!

Re: [PATCH 1/2] gnu: tlsdate: Use the system provided certificate store.

[Ludovic Courtès]

ng0  skribis:

> Ludovic Courtès  writes:
>
>> ng0  skribis:
>>
>>> Ludovic Courtès  writes:
>>>
 Hello!

 ng0  skribis:

> * gnu/packages/ntp.scm (tlsdate)[arguments]: Configure with unprivileged 
> user and group.
> [arguments]: Build with the system provided certificates in a new phase.

 [...]

> + '(#:configure-flags '("--with-unpriv-user=tlsdate"
> +   "--with-unpriv-group=tlsdate")

 Why?  I think the default is nobody/nogroup, which is fine no?
>>
>> s/I think//
>>
>>> I'm not sure if this is still fine when tlsdated is run. But I'll
>>> figure out soon.
>>
>> Right.  The choice between “nobody” and “tlsdate” is purely cosmetic.
>>
> +   #:phases (modify-phases %standard-phases
> +  (add-after 'unpack 'set-cert-path
> +;; Use the system certificate store, not the
> +;; application bundled certificates.
> +(lambda _
> +  (substitute* "Makefile.am"
> +
> (("$(sysconfdir)/tlsdate/ca-roots/tlsdate-ca-roots.conf")
> + "/etc/ssl/certs/ca-certificates.crt"

 I sympathize with this but this may or may not work on foreign distros.
 Still, it’s probably better (this ‘tlsdata-ca-roots.conf’ file seems to
 be a 4-year old copy from Mozilla’s NSS).

 WDYT?

 Thanks,
 Ludo’.

>>>
>>> I don't really like the current way to setenv everything, but is
>>> this something we could do here to keep other distros happy? if
>>> so, what's a good suggestion how to apply this?
>>
>> Actually there’s an even better option: add a dependency on ‘nss-certs’
>> and change the above substitution to refer to it.  This would always
>> work.
>>
>> Problem is ‘nss-certs’ doesn’t have the single-file certificate bundle
>> so you’d have to create that, essentially by duplicating
>> ‘ca-certificate-bundle’ from (guix profiles).
>>
>> Could you do that?
>
> I agree this is a better approach. Is there an easy way (like import
> ca-certificate-bundle from module guix profiles) or do I have to
> really recreate it all in the ntp module in a phase of tlsdate
> where it can only be used by tlsdate again?

Hmm looks like there’s no easy way currently, sorry.  :-/
That will require a bit of fiddling.

Ludo’.

Re: FOSDEM social dinner

[Alex Sassmannshausen]

Hello,

To confirm, I've now placed a reservation for Saturday 4 February at
19:30 at a Lebanese restaurant called Al Jannah.  I haven't been there
before, but the menu looks diverse, the prices good and the location
relatively central.

https://www.tripadvisor.com/Restaurant_Review-g188644-d2039550-Reviews-Al_Jannah-Brussels.html

Address:
Rue Blaes 59, Brussels 1000, Belgium

There is a direct tram line from ULB to Louise, and then it's a 5-10 min
walk.  From there it's probably around 15 min walk to the central
station where there are trains to Antwerp.

List of attendees:
Leo, Catonano, Amirouche, Efraim, Tomáš, Thomas, Tobias, Christopher
Baines, Manolis, Ludo, Ricardo, Matias and myself.

Let me know if I missed you, or if you have questions!

For now, until then :-)

Alex


Alex Sassmannshausen writes:

> Hello,
>
> Guile has a dev room at FOSDEM this year — for a whole day!  The dev
> room will be on Sunday.
>
> Whilst organising it, we had the idea that it would be fun to have a
> Guile/Guix user & dev dinner on the Saturday evening.  I'm hereby
> officially opening registration for that :-D
>
> I have not chosen a restaurant yet, but it will be something that
> provides a varietary of dietary options (omnivore, veggie, vegan).  If
> you are interested in coming along, just drop me a line to confirm.
>
> So — who's in for Guile social dinner on Saturday 4 February 2017 in
> Brussels?
>
> Best wishes,
>
> Alex

Re: [PATCH 15/16] gnu: Add r-msnbase.

[Ludovic Courtès]

Ricardo Wurmus  skribis:

> * gnu/packages/bioinformatics.scm (r-msnbase): New variable.

[...]

> +(synopsis "Base functions and classes for MS-based proteomics")
> +(description
> + "This package provides basic plotting, data manipulation and processing
> +of MS-based proteomics data.")

Please expand “MS” at least in the description.

Otherwise LGTM, thanks!

Re: Systemd error on symlink

[Hartmut Goebel]

Am 20.01.2017 um 14:07 schrieb Leo Famulari:
> Did somebody send a patch yet?

I thought, you did?!

-- 
Regards
Hartmut Goebel

| Hartmut Goebel  | h.goe...@crazy-compilers.com   |
| www.crazy-compilers.com | compilers which you thought are impossible |

Re: [PATCH 09/10] gnu: Add ocaml-js-build-tools.

[Ludovic Courtès]

Marius Bakke  skribis:

>> --- /dev/null
>> +++ b/gnu/packages/patches/ocaml-janestreet-fix-libdir.patch
>> @@ -0,0 +1,36 @@
>> +diff -aur package.pristine/Makefile package.new/Makefile
>> +--- package.pristine/Makefile   2016-02-06 01:55:14.650150309 +0100
>>  package.new/Makefile2016-02-06 01:57:56.012174364 +0100

Also, please add one or two lines here describing what the patch does
and what its upstream status is.

Thanks,
Ludo’.

Re: [PATCH 06/16] gnu: Add r-raremetals2.

[Ludovic Courtès]

Ricardo Wurmus  skribis:

> * gnu/packages/bioinformatics.scm (r-raremetals2): New variable.

[...]

> +(home-page "http://genome.sph.umich.edu/wiki/RareMETALS2";)
> +(synopsis "Analyze gene-level association tests for binary trait")
> +(description
> + "The R package rareMETALS2 is an extension of the R package rareMETALS.
> +It was designed to meta-analyze gene-level association tests for binary 
> trait.
> +While rareMETALS offers a near-complete solution for meta-analysis of
> +gene-level tests for quantitative trait, it does not offer the optimal
> +solution for binary trait.  The package rareMETALS2 offers improved features
> +for analyzing gene-level association tests in meta-analyses for binary
> +trait.")
> +(license license:gpl3)))

The only piece of licensing info I could find is this line in
‘DESCRIPTION’:

  License: GPL3

Does that mean “version 3 only” or “any later version”?

Otherwise LGTM, thanks!

Ludo’.

Re: [PATCH] gnu: Add nyx.

[Ludovic Courtès]

contact@cryptolab.net skribis:

> From: ng0 
>
> * gnu/packages/tor.scm (nyx): New variable.

I applied the changes below and then realized that it fails to build:

--8<---cut here---start->8---
starting phase `install'
running install
running build
running build_py
running install_lib
creating 
/gnu/store/alk9r3rir93pjmv8im20f8xrvv90219z-python-3.5.2/lib/python3.5/site-packages/nyx
/gnu/store/alk9r3rir93pjmv8im20f8xrvv90219z-python-3.5.2/lib/python3.5/distutils/dist.py:261:
 UserWarning: Unknown distribution option: 'install_requires'
  warnings.warn(msg)
error: could not create 
'/gnu/store/alk9r3rir93pjmv8im20f8xrvv90219z-python-3.5.2/lib/python3.5/site-packages/nyx':
 Permission denied
phase `install' failed after 0.9 seconds
--8<---cut here---end--->8---

Could you send an update?

Thanks,
Ludo’.

diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 8b03b14c6..cbc857e48 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -227,16 +227,16 @@ from you.")
 (license (list gpl3+
bsd-3 ; onionshare/socks.py
 
-;; The last release of arm was 5 years ago, meanwhile python3 support has
-;; been added and the software was renamed to nyx.
+;; The last release of "arm" was 5 years ago, meanwhile python3 support has
+;; been added and the software was renamed to "nyx".
 (define-public nyx
   (let ((commit "fea209127484d9b304b908a4711c9528b1d065bc")
 (revision "1"))
 (package
   (name "nyx")
-  (version (string-append "1.4.5.0-" revision "." (string-take commit 7)))
-  (source
-   (origin
+  (version (string-append "1.4.5.0-"
+  revision "." (string-take commit 7)))
+  (source (origin
 (method git-fetch)
 (uri (git-reference
   (url "https://git.torproject.org/nyx.git";)
@@ -256,14 +256,10 @@ from you.")
   (inputs
`(("tor" ,tor)
  ("python-stem" ,python-stem)))
-  ;; (native-inputs
-  ;;  `(("python-mock" ,python-mock)
-  ;;("lsof" ,lsof)
-  ;;("net-tools" ,net-tools)))
   (home-page "https://www.atagar.com/arm/";)
   (synopsis "Ncurses-based status monitor for Tor relays")
   (description
- "Anonymizing relay monitor (arm) is a command line interface status
-monitor for Tor.  This functions much like top does for system usage,
-providing real time statistics.")
+   "Nyx (formerly Anonymizing Relay Monitor or \"arm\") is a command-line
+interface status monitor for Tor.  This functions much like top does for
+system usage, providing real time statistics.")
   (license gpl3+

Re: Services: gnunet. (require help)

[Ludovic Courtès]

contact@cryptolab.net skribis:

> I've been changing this service back and forth and back again, now
> running on one computer, and leaving aside all confusion you will see
> in there, gnunet needs at least a .config/gnunet file, the rest should
> be automatically created. unless it isn't, which was the case
> here. And all shepherd gives me on the computer where I run the branch
> is: starting service gnunet.  couldn't start service gnunet.

You can use

  (make-forkexec-constructor … #:log-file "/var/log/gnunet.log")

to log stdout/stderr from GNUnet.

HTH!

Ludo’.

Re: [PATCH 15/16] gnu: Add r-msnbase.

[Ludovic Courtès]

I quickly looked at the other patches in the series and didn’t notice
anything particular.  I’d say go ahead!

Ludo’.

Re: Systemd error on symlink

[Leo Famulari]

On Fri, Jan 20, 2017 at 12:31:35PM +0100, Hartmut Goebel wrote:
> Am 20.01.2017 um 11:22 schrieb Pjotr Prins:
> > will throw an error. The solution is not to symlink but to copy the service 
> > file.
> 
> There is already a patch pending to change the manual, see
> http://lists.gnu.org/archive/html/guix-devel/2017-01/msg01199.html

Did somebody send a patch yet?

Any change we make won't reach new users until the next release.

Re: [PATCH] gnu: whois: Move mkpasswd to its own output.

[Hartmut Goebel]

Am 20.01.2017 um 11:41 schrieb ng0:
> I'm still in favor for making it separate guix packages.

+1

-- 
Regards
Hartmut Goebel

| Hartmut Goebel  | h.goe...@crazy-compilers.com   |
| www.crazy-compilers.com | compilers which you thought are impossible |

Re: Systemd error on symlink

[Hartmut Goebel]

Am 20.01.2017 um 11:22 schrieb Pjotr Prins:
> will throw an error. The solution is not to symlink but to copy the service 
> file.

There is already a patch pending to change the manual, see
http://lists.gnu.org/archive/html/guix-devel/2017-01/msg01199.html

-- 
Regards
Hartmut Goebel

| Hartmut Goebel  | h.goe...@crazy-compilers.com   |
| www.crazy-compilers.com | compilers which you thought are impossible |

[PATCH] gnu: Add compton.

[José Miguel Sánchez García]

--José Miguel Sánchez García

0001-gnu-Add-compton.patch
Description: Binary data

Re: Systemd error on symlink

[Ricardo Wurmus]

Pjotr Prins  writes:

> Following the manual:
>
> If your host distro uses the systemd init system, this can be achieved with 
> these commands:
>
>   # ln -s ~root/.guix-profile/lib/systemd/system/guix-daemon.service \
>   /etc/systemd/system/
>   # systemctl start guix-daemon && systemctl enable guix-daemon
>
> will throw an error. The solution is not to symlink but to copy the service 
> file.

This actually depends on the version of systemd.  More recent versions
(e.g. on Fedora or RHEL) are okay with symlinking.

~~ Ricardo

Re: Shadow -> 4.4

[ng0]

Leo Famulari  writes:

> On Thu, Jan 19, 2017 at 08:06:34PM +, contact@cryptolab.net wrote:
>> Question: I don't prefer to crash and burn systems, which test is
>> enough to show that it works? Reconfiguring one of my own systems?
>
> Yes. If it breaks your system, you can always reboot into an earlier
> system generation. Another option is to use a VM. I tested both cases,
> and it works for me.
>
> Would anyone else like to test it?

I have just reconfigured my system and I can login, and use
sudo. More testing wasn't done.

By the way, why don't we build 'shadow' with SELinux support?
I know everyone is busy, but I think we really should get that
hardening plan going - or at least come up with a plan on what we
want now and who's interested/will be involved, etc.

-- 
♥Ⓐ  ng0 -- https://www.inventati.org/patternsinthechaos/

Re: [PATCH] gnu: whois: Move mkpasswd to its own output.

[ng0]

Ludovic Courtès  writes:

> Hey,
>
> ng0  skribis:
>
>> Mkpasswd has nothing to do with whois, and upstream says so. I
>> think we should be able to install whois and just have whois, not
>> some random "historical bundled" binary in addition to whois.
>> I'm just stating the sizes as in comparison to the other outputs
>> they sometimes matter even if its just KiB.
>>
>> Like I've written in the opening email, another approach could be
>> to simply delete mkpasswd from the output build and create an
>> 'mkpasswd' package (inheriting from whois) which does the same
>> for whois.
>
> I might be overlooking something, but my gut reaction is that (1) it’s
> not “bundling” in that we don’t have any other package providing
> mkpasswd, and (2) it’s up to upstream to decide whether or not to
> distribute mkpasswd.
>
> WDYT?
>
> Ludo’.
>
And upstreams decision is not to do it (on making it a choice not
to build it or to move it to another tarball):

"No, but thank you for asking."

I think it's informative and neutral enough that I can just share
this.

So we stick with the default case? I'm still in favor for making
it separate guix packages.
-- 
♥Ⓐ  ng0 -- https://www.inventati.org/patternsinthechaos/

Systemd error on symlink

[Pjotr Prins]

Following the manual:

If your host distro uses the systemd init system, this can be achieved with 
these commands:

  # ln -s ~root/.guix-profile/lib/systemd/system/guix-daemon.service \
  /etc/systemd/system/
  # systemctl start guix-daemon && systemctl enable guix-daemon

will throw an error. The solution is not to symlink but to copy the service 
file.

Pj.

Re: [PATCH 2/2] services: network-manager: Use record for configuration.

[Christopher Baines]

宋文武  writes:

> Christopher Baines  writes:
>
>> * gnu/services/network-manager.scm (): New
>> record type.
>> (network-manager-shpeherd-service): Change to use the
>> network-manager-configuration record, rather than a package.  Generate a
>> simple configuration file from the network-manager-configuration record.
>> (network-manager-service-type): Update extensions to take the
>> network-manager-configuration rather than a package.
>> ---
>>  gnu/services/networking.scm | 77 
>> +
>>  1 file changed, 50 insertions(+), 27 deletions(-)
>
> Thanks, could you mention the remove of 'network-manager-service' in the
> changelog and update the 'Network Manager' section of manual?

Thanks for your review. I've sent an updated patch now, which includes
the removal of network-manager-service in the commit message (I'm hoping
that is what you meant by changelog), and manual updates.


signature.asc
Description: PGP signature

[PATCH] services: network-manager: Use record for configuration.

[Christopher Baines]

* gnu/services/network-manager.scm (): New
record type.
(network-manager-shpeherd-service): Change to use the
network-manager-configuration record, rather than a package.  Generate a
simple configuration file from the network-manager-configuration record.
(network-manager-service-type): Update extensions to take the
network-manager-configuration rather than a package.
(network-manager-service): Remove function, the network-manager-service-type
can be used instead, and this avoids keeping the function signature and value
coresponding to the service type in sync.
* doc/guix.texi (Networking Services): Remove documentation for the removed
network-manager-service procedure, and add documentation of the
network-manager-service-type variable and network-manager-configuration
record.
---
 doc/guix.texi   | 38 +++---
 gnu/services/networking.scm | 77 +
 2 files changed, 83 insertions(+), 32 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 7cd9cd046..46daac3b9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -8758,11 +8758,39 @@ and @command{wicd-curses} user interfaces.
 @end deffn
 
 @cindex NetworkManager
-@deffn {Scheme Procedure} network-manager-service @
-   [#:network-manager @var{network-manager}]
-Return a service that runs NetworkManager, a network connection manager
-attempting to keep network connectivity active when available.
-@end deffn
+
+@defvr {Scheme Variable} network-manager-service-type
+This is the service type for the
+@uref{https://wiki.gnome.org/Projects/NetworkManager, NetworkManager}
+service. The value for this service type is a
+@code{network-manager-configuration} record.
+@end defvr
+
+@deftp {Data Type} network-manager-configuration
+Data type representing the configuration of NetworkManager.
+
+@table @asis
+@item @code{network-manager} (default: @code{network-manager})
+The NetworkManager package to use.
+
+@item @code{dns} (default: @code{"default"})
+Processing mode for DNS, which affects how NetworkManager uses the
+@code{resolv.conf} configuration file.
+
+@table @samp
+@item default
+NetworkManager will update @code{resolv.conf} to reflect the nameservers
+provided by currently active connections.
+
+@item dnsmasq
+NetworkManager will run @code{dnsmasq} as a local caching nameserver,
+using a "split DNS" configuration if you are connected to a VPN, and
+then update @code{resolv.conf} to point to the local nameserver.
+
+@item none
+NetworkManager will not modify @code{resolv.conf}.
+@end table
+@end deftp
 
 @cindex Connman
 @deffn {Scheme Procedure} connman-service @
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index ac011f128..8f136f0dc 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -64,7 +64,12 @@
 
 wicd-service-type
 wicd-service
-network-manager-service
+
+network-manager-configuration
+network-manager-configuration?
+network-manager-configuration-dns
+network-manager-service-type
+
 connman-service
 wpa-supplicant-service-type))
 
@@ -679,40 +684,58 @@ and @command{wicd-curses} user interfaces."
 ;;; NetworkManager
 ;;;
 
+(define-record-type* 
+  network-manager-configuration make-network-manager-configuration
+  network-manager-configuration?
+  (network-manager network-manager-configuration-network-manager
+   (default network-manager))
+  (dns network-manager-configuration-dns
+   (default "default")))
+
 (define %network-manager-activation
   ;; Activation gexp for NetworkManager.
   #~(begin
   (use-modules (guix build utils))
   (mkdir-p "/etc/NetworkManager/system-connections")))
 
-(define (network-manager-shepherd-service network-manager)
-  "Return a shepherd service for NETWORK-MANAGER."
-  (list (shepherd-service
- (documentation "Run the NetworkManager.")
- (provision '(networking))
- (requirement '(user-processes dbus-system wpa-supplicant loopback))
- (start #~(make-forkexec-constructor
-   (list (string-append #$network-manager
-"/sbin/NetworkManager")
- "--no-daemon")))
- (stop #~(make-kill-destructor)
+(define network-manager-shepherd-service
+  (match-lambda
+(($  network-manager dns)
+ (let
+ ((conf (plain-file "NetworkManager.conf"
+(string-append "
+[main]
+dns=" dns "
+"
+ (list (shepherd-service
+(documentation "Run the NetworkManager.")
+(provision '(networking))
+(requirement '(user-processes dbus-system wpa-supplicant loopback))
+(start #~(make-forkexec-constructor
+  (list (string-append #$network-manager
+   "/sbin/NetworkManager")
+(string-append "--confi