From cfb7e269e9d91598d884b3d531710d7f22c11a44 Mon Sep 17 00:00:00 2001 From: Danny Milosavljevic Date: Thu, 29 Sep 2016 12:39:42 -0400 Subject: gnu: xonsh: Remove bundled PLY. * gnu/packages/shells.scm (xonsh)[source]: Add snippet to remove bundled python-ply. [inputs]: Add python-ply. Signed-off-by: Leo Famulari --- gnu/packages/shells.scm | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/gnu/packages/shells.scm b/gnu/packages/shells.scm index c165f99d4c..272fff7430 100644 --- a/gnu/packages/shells.scm +++ b/gnu/packages/shells.scm @@ -281,8 +281,18 @@ ksh, and tcsh.") (uri (pypi-uri "xonsh" version)) (sha256 (base32 - "0byxd9kjl99q2pyvjh9jy18l0di1i35wr0qqgnw4i6jh6ig3zcki")))) + "0byxd9kjl99q2pyvjh9jy18l0di1i35wr0qqgnw4i6jh6ig3zcki")) + (modules '((guix build utils))) + (snippet + `(begin + ;; Delete bundled ply. + (delete-file-recursively "xonsh/ply") + (substitute* '("setup.py") + (("'xonsh\\.ply',") "")) + #t)))) (build-system python-build-system) + (inputs + `(("python-ply" ,python-ply))) (home-page "http://xon.sh/") (synopsis "Python-ish shell") (description -- cgit v1.2.3 From 5a88b2d1304ad57c1249558a261a8d191daf9758 Mon Sep 17 00:00:00 2001 From: Taylan Ulrich Bayırlı/Kammer Date: Tue, 27 Sep 2016 22:34:06 +0200 Subject: build: Improve Guile 2.2 compatibility. * build-aux/compile-all.scm (compile-file*): Ensure loading of compilation related modules before going parallel. * guix/build/pull.scm (build-guix): Ditto. --- build-aux/compile-all.scm | 3 +++ guix/build/pull.scm | 3 +++ 2 files changed, 6 insertions(+) diff --git a/build-aux/compile-all.scm b/build-aux/compile-all.scm index 7c937a0422..46b381723b 100644 --- a/build-aux/compile-all.scm +++ b/build-aux/compile-all.scm @@ -81,6 +81,9 @@ (let ((files (filter file-needs-compilation? files))) (for-each load-module-file files) (let ((mutex (make-mutex))) + ;; Make sure compilation related modules are loaded before starting to + ;; compile files in parallel. + (compile #f) (par-for-each (lambda (file) (compile-file* file mutex)) files))))) diff --git a/guix/build/pull.scm b/guix/build/pull.scm index ccf1868516..871bf6f535 100644 --- a/guix/build/pull.scm +++ b/guix/build/pull.scm @@ -125,6 +125,9 @@ containing the source code. Write any debugging output to DEBUG-PORT." (newline) (let ((mutex (make-mutex)) (completed 0)) + ;; Make sure compilation related modules are loaded before starting to + ;; compile files in parallel. + (compile #f) (par-for-each (lambda (file) (with-mutex mutex -- cgit v1.2.3 From bddf22b99e911f0b12afe9e067acc88674227553 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 29 Sep 2016 17:45:03 -0400 Subject: gnu: libreoffice: Update to 5.1.5.2. * gnu/packages/libreoffice.scm (libreoffice): Update to 5.1.5.2. --- gnu/packages/libreoffice.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/libreoffice.scm b/gnu/packages/libreoffice.scm index 8f4a6c9f61..e02e4f4cdc 100644 --- a/gnu/packages/libreoffice.scm +++ b/gnu/packages/libreoffice.scm @@ -710,7 +710,7 @@ and to return information on pronunciations, meanings and synonyms.") (define-public libreoffice (package (name "libreoffice") - (version "5.1.4.2") + (version "5.1.5.2") (source (origin (method url-fetch) @@ -719,7 +719,7 @@ and to return information on pronunciations, meanings and synonyms.") "http://download.documentfoundation.org/libreoffice/src/" (version-prefix version 3) "/libreoffice-" version ".tar.xz")) (sha256 (base32 - "11c30y9gvsy5h3nh9pnciq57gi99plrmr6qp8hhdk2l5xmwlmrfa")))) + "1qg0dj0zwh5ifhmvv4k771nmyqddz4ifn75s9mr1p0nyix8zks8x")))) (build-system gnu-build-system) (native-inputs `(;; autoreconf is run by the LibreOffice build system, since after -- cgit v1.2.3 From ebb9b9a60c424b078f138cc669104233af5eb1eb Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 30 Sep 2016 18:57:29 -0400 Subject: gnu: tmux: Update to 2.3. * gnu/packages/tmux.scm (tmux): Update to 2.3. --- gnu/packages/tmux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/tmux.scm b/gnu/packages/tmux.scm index e4f3b45d68..c6a9ca8cae 100644 --- a/gnu/packages/tmux.scm +++ b/gnu/packages/tmux.scm @@ -32,7 +32,7 @@ (define-public tmux (package (name "tmux") - (version "2.2") + (version "2.3") (source (origin (method url-fetch) (uri (string-append @@ -40,7 +40,7 @@ version "/tmux-" version ".tar.gz")) (sha256 (base32 - "1r0riry5vw604hc21087ffbkqgr6j4ia1rrsivz2k6grchdm8a5w")))) + "0aw5fcav8pa70ym391n4g6mh5vir34x35xhb09zdwhhg5w9kwcam")))) (build-system gnu-build-system) (inputs `(("libevent" ,libevent) -- cgit v1.2.3 From df0e8a239bfee0fc1f429a133797251238c76969 Mon Sep 17 00:00:00 2001 From: 宋文武 Date: Fri, 30 Sep 2016 20:19:15 +0800 Subject: gnu: shroud: Wrap 'shroud' with 'GUILE_LOAD_COMPILED_PATH'. * gnu/packages/password-utils.scm (shroud)[arguments]: New field. --- gnu/packages/password-utils.scm | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm index d2410c6106..30b538d630 100644 --- a/gnu/packages/password-utils.scm +++ b/gnu/packages/password-utils.scm @@ -109,6 +109,17 @@ algorithms AES or Twofish.") (base32 "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr")))) (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'install 'wrap-shroud + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (ccachedir (string-append out "/lib/guile/2.0/ccache")) + (prog (string-append out "/bin/shroud"))) + (wrap-program prog + `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir))) + #t)))))) (inputs `(("guile" ,guile-2.0) ("gnupg" ,gnupg) -- cgit v1.2.3 From f1b61e26ae886a533fba6220fc55a5f371c00078 Mon Sep 17 00:00:00 2001 From: ng0 Date: Tue, 27 Sep 2016 16:24:29 +0000 Subject: gnu: Add emacs-rudel. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/emacs.scm (emacs-rudel): New variable. Signed-off-by: 宋文武 --- gnu/packages/emacs.scm | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index df9f4496fb..4a20f0c1a5 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -12,7 +12,7 @@ ;;; Copyright © 2016 David Thompson ;;; Copyright © 2016 Matthew Jordan ;;; Copyright © 2016 Roel Janssen -;;; Copyright © 2016 ng0 +;;; Copyright © 2016 ng0 ;;; Copyright © 2016 Alex Griffin ;;; Copyright © 2016 Nicolas Goaziou ;;; Copyright © 2016 Alex Vong @@ -2231,6 +2231,30 @@ perspective only its buffers are available by default.") ;; the Expat license. (license license:gpl3+))) +(define-public emacs-rudel + (package + (name "emacs-rudel") + (version "0.3.1") + (source + (origin + (method url-fetch) + (uri (string-append "http://elpa.gnu.org/packages/rudel-" + version ".tar")) + (sha256 + (base32 + "0glqa68g509p0s2vcc0i8kzlddnc9brd9jqhnm5rzxz4i050cvnz")))) + (build-system emacs-build-system) + (home-page "http://rudel.sourceforge.net/") + (synopsis "Collaborative editing framework") + (description + "Rudel is a collaborative editing environment for GNU Emacs. Its purpose +is to share buffers with other users in order to edit the contents of those +buffers collaboratively. Rudel supports multiple backends to enable +communication with other collaborative editors using different protocols, +though currently Obby (for use with the Gobby editor) is the only +fully-functional one.") + (license license:gpl3+))) + (define-public emacs-hydra (package (name "emacs-hydra") -- cgit v1.2.3 From c165591d471ab92f63d7e3f01ca616dff7624482 Mon Sep 17 00:00:00 2001 From: Ivan Vilata i Balaguer Date: Wed, 21 Sep 2016 11:19:07 +0200 Subject: gnu: Add python-i3-py. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/wm.scm (python-i3-py, python2-i3-py): New variables. Signed-off-by: 宋文武 --- gnu/packages/wm.scm | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index 710a93397f..3dbd9043da 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -35,6 +35,7 @@ #:use-module (guix build-system cmake) #:use-module (guix build-system gnu) #:use-module (guix build-system haskell) + #:use-module (guix build-system python) #:use-module (gnu packages haskell) #:use-module (gnu packages base) #:use-module (gnu packages pkg-config) @@ -203,6 +204,48 @@ from scratch. i3 is primarily targeted at advanced users and developers.") (license license:bsd-3))) +(define-public python-i3-py + (package + (name "python-i3-py") + (version "0.6.5") + (source + (origin + ;; The latest release is not tagged in Git nor has an entry in PyPi, + ;; but there is still a clear commit for it, and it's been the last one + ;; for years. + (method git-fetch) + (uri (git-reference + (url "https://github.com/ziberna/i3-py.git") + (commit "27f88a616e9ecc340e7d041d3d00782f8a1964c1"))) + (sha256 + (base32 + "1nm719dc2xqlll7vj4c4m7mpjb27lpn3bg3c66gajvnrz2x1nmxs")) + (file-name (string-append name "-" version "-checkout")))) + (build-system python-build-system) + (arguments + `(#:tests? #f ; no tests yet + #:phases (modify-phases %standard-phases + (add-after 'install 'install-doc + ;; Copy readme file to documentation directory. + (lambda* (#:key outputs #:allow-other-keys) + (let ((doc (string-append (assoc-ref outputs "out") + "/share/doc/" ,name))) + (install-file "README.md" doc) + ;; Avoid unspecified return value. + #t)))))) + (propagated-inputs + `(("i3-wm" ,i3-wm))) + (home-page "https://github.com/ziberna/i3-py") + (synopsis "Python interface to the i3 window manager") + (description "This package allows you to interact from a Python program +with the i3 window manager via its IPC socket. It can send commands and other +kinds of messages to i3, select the affected containers, filter results and +subscribe to events.") + (license license:gpl3+))) + +(define-public python2-i3-py + (package-with-python2 python-i3-py)) + (define-public xmonad (package (name "xmonad") -- cgit v1.2.3 From 37356e0bf8ef930fc0db7167bb2149858f0c754f Mon Sep 17 00:00:00 2001 From: Ivan Vilata i Balaguer Date: Wed, 21 Sep 2016 11:19:20 +0200 Subject: gnu: Add quickswitch-i3. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/wm.scm (quickswitch-i3): New variable. * gnu/packages/patches/quickswitch-fix-dmenu-check.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Signed-off-by: 宋文武 --- gnu/local.mk | 1 + .../patches/quickswitch-fix-dmenu-check.patch | 32 +++++++++++++++ gnu/packages/wm.scm | 46 ++++++++++++++++++++++ 3 files changed, 79 insertions(+) create mode 100644 gnu/packages/patches/quickswitch-fix-dmenu-check.patch diff --git a/gnu/local.mk b/gnu/local.mk index b864ea9020..6e68ad4a6c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -784,6 +784,7 @@ dist_patch_DATA = \ %D%/packages/patches/python-paste-remove-timing-test.patch \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/qt4-ldflags.patch \ + %D%/packages/patches/quickswitch-fix-dmenu-check.patch \ %D%/packages/patches/rapicorn-isnan.patch \ %D%/packages/patches/ratpoison-shell.patch \ %D%/packages/patches/readline-link-ncurses.patch \ diff --git a/gnu/packages/patches/quickswitch-fix-dmenu-check.patch b/gnu/packages/patches/quickswitch-fix-dmenu-check.patch new file mode 100644 index 0000000000..9c6cca47c6 --- /dev/null +++ b/gnu/packages/patches/quickswitch-fix-dmenu-check.patch @@ -0,0 +1,32 @@ +Fix check for dmenu (open file mode, dependency on which). + +See . + +--- quickswitch-i3-2.2/quickswitch.py 2016-09-18 19:59:10.257765542 +0200 ++++ quickswitch-i3-2.2/quickswitch.py 2016-09-21 10:43:01.277577819 +0200 +@@ -24,9 +24,10 @@ + + import argparse + import subprocess +-import os + import re + ++from distutils.spawn import find_executable ++ + try: + import i3 + except ImportError: +@@ -37,11 +38,8 @@ + + def check_dmenu(): + '''Check if dmenu is available.''' +- devnull = open(os.devnull) +- retcode = subprocess.call(["which", "dmenu"], +- stdout=devnull, +- stderr=devnull) +- return True if retcode == 0 else False ++ executable = find_executable("dmenu") ++ return executable != None + + + def dmenu(options, dmenu): diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index 3dbd9043da..90d1dc1e33 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -11,6 +11,7 @@ ;;; Copyright © 2016 Ludovic Courtès ;;; Copyright © 2016 ng0 ;;; Copyright © 2016 doncatnip +;;; Copyright © 2016 Ivan Vilata i Balaguer ;;; ;;; This file is part of GNU Guix. ;;; @@ -60,6 +61,7 @@ #:use-module (gnu packages gperf) #:use-module (gnu packages imagemagick) #:use-module (gnu packages lua) + #:use-module (gnu packages suckless) #:use-module (guix download) #:use-module (guix git-download)) @@ -246,6 +248,50 @@ subscribe to events.") (define-public python2-i3-py (package-with-python2 python-i3-py)) +(define-public quickswitch-i3 + (let ((commit "ed692b1e8f43b95bd907ced26238ce8ccb2ed28f") + (revision "1")) ; Guix package revision + (package + (name "quickswitch-i3") + (version (string-append "2.2-" revision "." + (string-take commit 7))) + (source + (origin + ;; The latest commit is a few years old and just a couple commits + ;; after the last tagged release, so we use that latest commit + ;; instead of the release. + (method git-fetch) + (uri (git-reference + (url "https://github.com/proxypoke/quickswitch-for-i3.git") + (commit commit))) + (sha256 + (base32 + "0447077sama80jcdg5p64zjsvafmz5rbdrirhm1adcdjhkh6iqc5")) + (patches (search-patches "quickswitch-fix-dmenu-check.patch")) + (file-name (string-append name "-" version "-checkout")))) + (build-system python-build-system) + (arguments + `(#:tests? #f ; no tests yet + #:phases (modify-phases %standard-phases + (add-after 'install 'install-doc + ;; Copy readme file to documentation directory. + (lambda* (#:key outputs #:allow-other-keys) + (let ((doc (string-append (assoc-ref outputs "out") + "/share/doc/" ,name))) + (install-file "README.rst" doc) + ;; Avoid unspecified return value. + #t)))))) + (inputs + `(("python-i3-py" ,python-i3-py) + ("dmenu" ,dmenu))) + (home-page "https://github.com/proxypoke/quickswitch-for-i3") + (synopsis "Quickly change to and locate windows in the i3 window manager") + (description + "This utility for the i3 window manager allows you to quickly switch to +and locate windows on all your workspaces, using an interactive dmenu +prompt.") + (license (license:non-copyleft "http://www.wtfpl.net/txt/copying/"))))) + (define-public xmonad (package (name "xmonad") -- cgit v1.2.3 From 43f7af428e139f64b9ec229eb74918e328a63a5a Mon Sep 17 00:00:00 2001 From: John Darrington Date: Sat, 1 Oct 2016 09:23:47 +0200 Subject: gnu: rpcbind-configuration: Rename pkg to nfs-utils * gnu/services/nfs.scm (): "pkg" --> "nfs-utils" --- gnu/services/nfs.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/services/nfs.scm b/gnu/services/nfs.scm index 82713d8133..b1e1f53fb6 100644 --- a/gnu/services/nfs.scm +++ b/gnu/services/nfs.scm @@ -38,11 +38,11 @@ (shepherd-service-type 'rpcbind (lambda (config) - (define pkg + (define nfs-utils (rpcbind-configuration-rpcbind config)) (define rpcbind-command - #~(list (string-append #$pkg "/bin/rpcbind") "-f" + #~(list (string-append #$nfs-utils "/bin/rpcbind") "-f" #$@(if (rpcbind-configuration-warm-start? config) '("-w") '()))) (shepherd-service -- cgit v1.2.3 From 917de2511b21fa95d82f199d98e00b420ec20e3e Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 29 Sep 2016 11:32:34 -0400 Subject: gnu: gd: Fix CVE-2016-7568. * gnu/packages/patches/gd-CVE-2016-7568.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gd.scm (gd)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gd.scm | 3 +- gnu/packages/patches/gd-CVE-2016-7568.patch | 44 +++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/gd-CVE-2016-7568.patch diff --git a/gnu/local.mk b/gnu/local.mk index 6e68ad4a6c..4260a928e9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -529,6 +529,7 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-cross-environment-variables.patch \ %D%/packages/patches/gcc-libvtv-runpath.patch \ %D%/packages/patches/gcc-5.0-libvtv-runpath.patch \ + %D%/packages/patches/gd-CVE-2016-7568.patch \ %D%/packages/patches/gd-fix-gd2-read-test.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ %D%/packages/patches/gegl-CVE-2012-4433.patch \ diff --git a/gnu/packages/gd.scm b/gnu/packages/gd.scm index 4ba019460f..6c94d35bdf 100644 --- a/gnu/packages/gd.scm +++ b/gnu/packages/gd.scm @@ -50,7 +50,8 @@ (sha256 (base32 "0g3xz8jpz1pl2zzmssglrpa9nxiaa7rmcmvgpbrjz8k9cyynqsvl")) - (patches (search-patches "gd-fix-gd2-read-test.patch" + (patches (search-patches "gd-CVE-2016-7568.patch" + "gd-fix-gd2-read-test.patch" "gd-fix-tests-on-i686.patch")))) (build-system gnu-build-system) (native-inputs diff --git a/gnu/packages/patches/gd-CVE-2016-7568.patch b/gnu/packages/patches/gd-CVE-2016-7568.patch new file mode 100644 index 0000000000..6a1a63296c --- /dev/null +++ b/gnu/packages/patches/gd-CVE-2016-7568.patch @@ -0,0 +1,44 @@ +Fix CVE-2016-7568 (integer overflow in gdImageWebpCtx()): + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568 + +Patch copied from upstream source repository: + +https://github.com/libgd/libgd/commit/2806adfdc27a94d333199345394d7c302952b95f + +From 2806adfdc27a94d333199345394d7c302952b95f Mon Sep 17 00:00:00 2001 +From: trylab +Date: Tue, 6 Sep 2016 18:35:32 +0800 +Subject: [PATCH] Fix integer overflow in gdImageWebpCtx + +Integer overflow can be happened in expression gdImageSX(im) * 4 * +gdImageSY(im). It could lead to heap buffer overflow in the following +code. This issue has been reported to the PHP Bug Tracking System. The +proof-of-concept file will be supplied some days later. This issue was +discovered by Ke Liu of Tencent's Xuanwu LAB. +--- + src/gd_webp.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/gd_webp.c b/src/gd_webp.c +index 8eb4dee..9886399 100644 +--- a/src/gd_webp.c ++++ b/src/gd_webp.c +@@ -199,6 +199,14 @@ BGD_DECLARE(void) gdImageWebpCtx (gdImagePtr im, gdIOCtx * outfile, int quality) + quality = 80; + } + ++ if (overflow2(gdImageSX(im), 4)) { ++ return; ++ } ++ ++ if (overflow2(gdImageSX(im) * 4, gdImageSY(im))) { ++ return; ++ } ++ + argb = (uint8_t *)gdMalloc(gdImageSX(im) * 4 * gdImageSY(im)); + if (!argb) { + return; +-- +2.10.0 + -- cgit v1.2.3 From 9b72ce60fb99d6a86995d505ce58039f82374782 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sun, 25 Sep 2016 11:00:05 +0200 Subject: gnu: utf8proc: Update to 2.0.2. * gnu/packages/textutils.scm (utf8proc): Update to 2.0.2. --- gnu/packages/textutils.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/textutils.scm b/gnu/packages/textutils.scm index c4479fbde9..a9725b47d3 100644 --- a/gnu/packages/textutils.scm +++ b/gnu/packages/textutils.scm @@ -102,7 +102,7 @@ libenca and several charset conversion libraries and tools.") (define-public utf8proc (package (name "utf8proc") - (version "1.3.1") + (version "2.0.2") (source (origin (method url-fetch) @@ -111,7 +111,7 @@ libenca and several charset conversion libraries and tools.") version ".tar.gz")) (file-name (string-append name "-" version ".tar.gz")) (sha256 - (base32 "1k48as5kjkar4yj3dwxyll8ykj4k723ib5a6mnw1g86q3zi0zdl3")))) + (base32 "140vib1m6n5kwzkw1n9fbsi5gl6xymbd7yndwqx1sj15aakak776")))) (build-system gnu-build-system) (arguments '(#:tests? #f ;no "check" target @@ -124,7 +124,7 @@ libenca and several charset conversion libraries and tools.") (synopsis "C library for processing UTF-8 Unicode data") (description "utf8proc is a small C library that provides Unicode normalization, case-folding, and other operations for data in the UTF-8 -encoding, supporting Unicode version 7.0.") +encoding, supporting Unicode version 9.0.0.") (license license:expat))) (define-public libgtextutils -- cgit v1.2.3 From d70f5139da5a5fbbc2c79ddb70cf455299de9afc Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 24 Sep 2016 14:16:21 +0200 Subject: gnu: julia: Update to 0.5.0. * gnu/packages/julia.scm (libuv-julia): Update to commit 8d5131b6c1595920dd30644cd1435b4f344b46c8. (libunwind-for-julia): New variable. (julia): Update to 0.5.0. [arguments]: Disable stripping of binaries; modify "prepare-deps" phase; add "fix-llvm-flag" phase; add "set-home" phase; adjust "hardcode-soname-map" phase; remove fix for "double-conversion" from "fix-include-and-link-paths" phase; enable "repl" and "replcompletions" tests; disable "backtrace", "compile", "replutil", and "cmdlineargs" tests; remove USE_SYSTEM_RMATH flag; remove USE_SYSTEM_GRISU flag. [inputs]: Replace "llvm-3.5" with "llvm"; replace "libunwind" with "libunwind-for-julia"; remove "double-conversion"; remove "rmath-julia"; update "suitesparse" origin; replace "virtualenv" origin with "python2-virtualenv". [native-inputs]: Add "openssl". --- gnu/packages/julia.scm | 142 +++++++++++++++++++++++++++++-------------------- 1 file changed, 84 insertions(+), 58 deletions(-) diff --git a/gnu/packages/julia.scm b/gnu/packages/julia.scm index e3cefb4330..a6664a54c2 100644 --- a/gnu/packages/julia.scm +++ b/gnu/packages/julia.scm @@ -40,16 +40,17 @@ #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) #:use-module (gnu packages textutils) + #:use-module (gnu packages tls) #:use-module (gnu packages version-control) #:use-module (gnu packages wget) #:use-module (ice-9 match)) (define libuv-julia - (let ((commit "efb40768b7c7bd9f173a7868f74b92b1c5a61a0e") - (revision "3")) + (let ((commit "8d5131b6c1595920dd30644cd1435b4f344b46c8") + (revision "4")) (package (inherit libuv) (name "libuv-julia") - (version (string-append "0.11.26." revision "-" (string-take commit 8))) + (version (string-append "1.9.0-" revision "." (string-take commit 8))) (source (origin (method git-fetch) (uri (git-reference @@ -58,7 +59,7 @@ (file-name (string-append name "-" version "-checkout")) (sha256 (base32 - "16k6pm2jl0ymz5j4ldxn94imdimahqqfd2izgr3zf1vwyyay77w3")))) + "1fq0vhiprdryw8iisxxwyld3xdr5za6y8458p22ff56al98h22fv")))) (build-system gnu-build-system) (arguments (substitute-keyword-arguments (package-arguments libuv) @@ -67,10 +68,22 @@ (delete 'autogen))))) (home-page "https://github.com/JuliaLang/libuv")))) +(define libunwind-for-julia + (package + (inherit libunwind) + (version "1.1-julia2") + (source (origin + (method url-fetch) + (uri (string-append "https://s3.amazonaws.com/julialang/src/" + "libunwind-" version ".tar.gz")) + (sha256 + (base32 + "0499x7sg2v18a6cry6l8y713cgmic0adnjph8i0xr1db9p7n8qyv")))))) + (define-public julia (package (name "julia") - (version "0.4.5") + (version "0.5.0") (source (origin (method url-fetch) (uri (string-append @@ -78,7 +91,7 @@ version "/julia-" version ".tar.gz")) (sha256 (base32 - "09gc6yf3v4in0qwhrbgjrjgvblp941di0mli4zax22mvf4dzc7s4")))) + "0bhickil88lalp9jdj1kmf4is70zinhx8ha9rng0g3z50r4a2qmv")))) (build-system gnu-build-system) (arguments `(#:test-target "test" @@ -86,6 +99,9 @@ (guix build gnu-build-system) (guix build utils)) + ;; Do not strip binaries to keep support for full backtraces. + ;; See https://github.com/JuliaLang/julia/issues/17831 + #:strip-binaries? #f ;; The DSOs use $ORIGIN to refer to each other, but (guix build ;; gremlin) doesn't support it yet, so skip this phase. @@ -96,24 +112,33 @@ (delete 'configure) (add-after 'unpack 'prepare-deps (lambda* (#:key inputs #:allow-other-keys) - (copy-file (assoc-ref inputs "rmath-julia") - "deps/Rmath-julia-0.1.tar.gz") + (mkdir "deps/srccache") (copy-file (assoc-ref inputs "dsfmt") - "deps/dsfmt-2.2.3.tar.gz") + "deps/srccache/dsfmt-2.2.3.tar.gz") (copy-file (assoc-ref inputs "objconv") - "deps/objconv.zip") + "deps/srccache/objconv.zip") (copy-file (assoc-ref inputs "suitesparse") - "deps/SuiteSparse-4.4.2.tar.gz") - (copy-file (assoc-ref inputs "virtualenv") - "deps/virtualenv-1.11.6.tar.gz") + "deps/srccache/SuiteSparse-4.4.5.tar.gz") + (copy-file (string-append (assoc-ref inputs "virtualenv") + "/bin/virtualenv") + "julia-env") + #t)) + (add-after 'unpack 'fix-llvm-flag + (lambda _ + (substitute* "src/Makefile" + (("-lLLVM-\\$\\(shell \\$\\(LLVM_CONFIG_HOST\\) --version\\)") + "$(shell $(LLVM_CONFIG_HOST) --libs)")) #t)) + (add-before 'check 'set-home + ;; Some tests require a home directory to be set. + (lambda _ (setenv "HOME" "/tmp") #t)) (add-after 'unpack 'hardcode-soname-map - ;; ./src/ccall.cpp creates a map from library names to paths using the - ;; output of "/sbin/ldconfig -p". Since ldconfig is not used in Guix, - ;; we patch ccall.cpp to contain a static map. + ;; ./src/runtime_ccall.cpp creates a map from library names to paths + ;; using the output of "/sbin/ldconfig -p". Since ldconfig is not + ;; used in Guix, we patch runtime_ccall.cpp to contain a static map. (lambda* (#:key inputs #:allow-other-keys) (use-modules (ice-9 match)) - (substitute* "src/ccall.cpp" + (substitute* "src/runtime_ccall.cpp" (("jl_read_sonames.*;") (string-join (map (match-lambda @@ -133,6 +158,31 @@ ("openspecfun" "libopenspecfun" "libopenspecfun.so") ("fftw" "libfftw3" "libfftw3.so") ("fftwf" "libfftw3f" "libfftw3f.so")))))) + (substitute* "base/fft/FFTW.jl" + (("const libfftw = Base.libfftw_name") + (string-append "const libfftw = \"" + (assoc-ref inputs "fftw") "/lib/libfftw3.so" + "\"")) + (("const libfftwf = Base.libfftwf_name") + (string-append "const libfftwf = \"" + (assoc-ref inputs "fftwf") "/lib/libfftw3f.so" + "\""))) + (substitute* "base/math.jl" + (("const libm = Base.libm_name") + (string-append "const libm = \"" + (assoc-ref inputs "openlibm") + "/lib/libopenlibm.so" + "\"")) + (("const openspecfun = \"libopenspecfun\"") + (string-append "const openspecfun = \"" + (assoc-ref inputs "openspecfun") + "/lib/libopenspecfun.so" + "\""))) + (substitute* "base/pcre.jl" + (("const PCRE_LIB = \"libpcre2-8\"") + (string-append "const PCRE_LIB = \"" + (assoc-ref inputs "pcre2") + "/lib/libpcre2-8.so" "\""))) #t)) (add-before 'build 'fix-include-and-link-paths (lambda* (#:key inputs #:allow-other-keys) @@ -153,10 +203,6 @@ (assoc-ref %build-inputs "libuv") "/lib/libuv.so "))) - (substitute* "deps/Makefile" - (("/usr/include/double-conversion") - (string-append (assoc-ref %build-inputs "double-conversion") - "/include/double-conversion"))) (substitute* "base/Makefile" (("\\$\\(build_includedir\\)/uv-errno.h") (string-append (assoc-ref inputs "libuv") @@ -176,15 +222,13 @@ (add-before 'check 'disable-broken-tests (lambda _ (substitute* "test/choosetests.jl" - ;; These tests time out. See - ;; https://github.com/JuliaLang/julia/issues/14374 for ongoing - ;; discussion. - (("\"replcompletions\",") "") - (("\"repl\",") "")) - (substitute* "test/repl.jl" - ;; This test fails because we cannot escape the build - ;; directory. - (("@test pwd\\(\\) == homedir\\(\\)") "#")) + ;; These tests fail, probably because some of the input + ;; binaries have been stripped and thus backtraces don't look + ;; as expected. + (("\"backtrace\",") "") + (("\"compile\",") "") + (("\"replutil\",") "") + (("\"cmdlineargs\",") "")) #t))) #:make-flags (list @@ -203,9 +247,6 @@ "CONFIG_SHELL=bash" ;needed to build bundled libraries "USE_SYSTEM_DSFMT=0" ;not packaged for Guix and upstream has no ;build system for a shared library. - "USE_SYSTEM_RMATH=0" ;Julia uses a bundled version of R's math - ;library, patched to use the DSFMT RNG. - "USE_SYSTEM_LAPACK=1" "USE_SYSTEM_BLAS=1" "USE_BLAS64=0" ;needed when USE_SYSTEM_BLAS=1 @@ -222,7 +263,6 @@ ;; "/include") "USE_GPL_LIBS=1" ;proudly - "USE_SYSTEM_GRISU=1" ;for double-conversion "USE_SYSTEM_UTF8PROC=1" (string-append "UTF8PROC_INC=" (assoc-ref %build-inputs "utf8proc") @@ -245,15 +285,14 @@ "USE_SYSTEM_LIBGIT2=1" "USE_SYSTEM_OPENSPECFUN=1"))) (inputs - `(("llvm" ,llvm-3.5) + `(("llvm" ,llvm) ("arpack-ng" ,arpack-ng) ("coreutils" ,coreutils) ;for bindings to "mkdir" and the like ("lapack" ,lapack) ("openblas" ,openblas) ;Julia does not build with Atlas - ("libunwind" ,libunwind) + ("libunwind" ,libunwind-for-julia) ("openlibm" ,openlibm) ("openspecfun" ,openspecfun) - ("double-conversion" ,double-conversion) ("libgit2" ,libgit2) ("fftw" ,fftw) ("fftwf" ,fftwf) @@ -266,24 +305,19 @@ ("which" ,which) ("zlib" ,zlib) ("gmp" ,gmp) + ("virtualenv" ,python2-virtualenv) ;; FIXME: The following inputs are downloaded from upstream to allow us ;; to use the lightweight Julia release tarball. Ideally, these inputs ;; would eventually be replaced with proper Guix packages. - ("rmath-julia" - ,(origin - (method url-fetch) - (uri "https://api.github.com/repos/JuliaLang/Rmath-julia/tarball/v0.1") - (file-name "rmath-julia-0.1.tar.gz") - (sha256 - (base32 - "0ai5dhjc43zcvangz123ryxmlbm51s21rg13bllwyn98w67arhb4")))) + + ;; TODO: run "make -f contrib/repackage_system_suitesparse4.make" to copy static lib ("suitesparse" ,(origin (method url-fetch) - (uri "http://faculty.cse.tamu.edu/davis/SuiteSparse/SuiteSparse-4.4.2.tar.gz") + (uri "http://faculty.cse.tamu.edu/davis/SuiteSparse/SuiteSparse-4.4.5.tar.gz") (sha256 (base32 - "1dg0qsv07n71nbn9cgcvn73933rgy1jnxw5bfqkwfq3bidk44cqc")))) + "1jcbxb8jx5wlcixzf6n5dca2rcfx6mlcms1k2rl5gp67ay3bix43")))) ("objconv" ,(origin (method url-fetch) @@ -299,18 +333,10 @@ "SFMT/dSFMT-src-2.2.3.tar.gz")) (sha256 (base32 - "03kaqbjbi6viz0n33dk5jlf6ayxqlsq4804n7kwkndiga9s4hd42")))) - ("virtualenv" - ,(origin - (method url-fetch) - (uri (string-append "https://pypi.python.org/packages/24/cc/" - "a3cdf0a49ffcaef483b7e2511476aa520cf7260c199a6928fda6c43ba916/" - "virtualenv-1.11.6.tar.gz")) - (sha256 - (base32 - "1xq4prmg25n9cz5zcvbqx68lmc3kl39by582vd8pzs9f3qalqyiy")))))) + "03kaqbjbi6viz0n33dk5jlf6ayxqlsq4804n7kwkndiga9s4hd42")))))) (native-inputs - `(("perl" ,perl) + `(("openssl" ,openssl) + ("perl" ,perl) ("patchelf" ,patchelf) ("pkg-config" ,pkg-config) ("python" ,python-2))) -- cgit v1.2.3 From 89fa2219a76a30bebaf38b76a060b1e9599ee25b Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 1 Oct 2016 21:35:47 +0200 Subject: gnu: eigen: Update to 3.2.9. * gnu/packages/algebra.scm (eigen): Update to 3.2.9. --- gnu/packages/algebra.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/algebra.scm b/gnu/packages/algebra.scm index 4425514673..9e19d5552f 100644 --- a/gnu/packages/algebra.scm +++ b/gnu/packages/algebra.scm @@ -593,14 +593,14 @@ cosine/ sine transforms or DCT/DST).") (define-public eigen (package (name "eigen") - (version "3.2.8") + (version "3.2.9") (source (origin (method url-fetch) (uri (string-append "https://bitbucket.org/eigen/eigen/get/" version ".tar.bz2")) (sha256 (base32 - "0mby6my1djsg8681fcvlaq0i4kd17fja9qn5f713j3xpfbb66akj")) + "1zs5b210mq7nyanky07li6456rrd0xv2nxf6sl2lhkzdq5p067jd")) (file-name (string-append name "-" version ".tar.bz2")) (modules '((guix build utils))) (snippet -- cgit v1.2.3 From 09a86196e90d19744a23eab7a1ca27b511bbbbc2 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 1 Oct 2016 22:31:10 +0200 Subject: gnu: guitarix: Update to 0.35.1. * gnu/packages/audio.scm (guitarix): Update to 0.35.1. --- gnu/packages/audio.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index ed1a8f62d7..3d889ee4d0 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -877,7 +877,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.") (define-public guitarix (package (name "guitarix") - (version "0.35.0") + (version "0.35.1") (source (origin (method url-fetch) (uri (string-append @@ -885,7 +885,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.") version ".tar.xz")) (sha256 (base32 - "10hijqrrl8xil46kgsac10ysfxysisxlibm2rz133zyig5n63jdw")))) + "066qva1zk63qw60s0vbi9g9jh22ljw67p91pk82kv11gw24h3vg6")))) (build-system waf-build-system) (arguments `(#:tests? #f ; no "check" target -- cgit v1.2.3 From 2bfa61c034eb67f03ffd4365e97294dd7c6d06a2 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 1 Oct 2016 18:20:28 -0400 Subject: gnu: linux-libre@4.4: Update to 4.4.23. * gnu/packages/linux.scm (linux-libre-4.4): Update to 4.4.23. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 7089af3044..c3a556dc46 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -328,8 +328,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.22" - "0pwqp5hain26p3wmiqgq3qasyp4j7nl2ai49sq2n8xdi3g2vnmii" + (make-linux-libre "4.4.23" + "07akixpxlcrpfsadnppyk2hbggqf7j2hzlkg56k0yh3dhyglxv86" %intel-compatible-systems #:configuration-file kernel-config)) -- cgit v1.2.3 From 79992a3e6f2854f8d1a650ed425c3817a3aa67b2 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 1 Oct 2016 18:22:43 -0400 Subject: gnu: linux-libre: Update to 4.7.6. * gnu/packages/linux.scm (linux-libre): Update to 4.7.6. --- gnu/packages/linux.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index c3a556dc46..693558f055 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -322,8 +322,8 @@ It has been modified to remove all non-free binary blobs.") (define %intel-compatible-systems '("x86_64-linux" "i686-linux")) (define-public linux-libre - (make-linux-libre "4.7.5" - "1v5xzagc7zmf0dszq623h83rzhn2qwcapg2fwlihrrb6h9317xqx" + (make-linux-libre "4.7.6" + "0716lpzq3w2pdc0nrrx06gqzdfzhkrjq7g37v4ws9wjlzak8hkvy" %intel-compatible-systems #:configuration-file kernel-config)) @@ -340,8 +340,8 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) ;; Avoid rebuilding kernel variants when there is a minor version bump. -(define %linux-libre-version "4.7.5") -(define %linux-libre-hash "1v5xzagc7zmf0dszq623h83rzhn2qwcapg2fwlihrrb6h9317xqx") +(define %linux-libre-version "4.7.6") +(define %linux-libre-hash "0716lpzq3w2pdc0nrrx06gqzdfzhkrjq7g37v4ws9wjlzak8hkvy") (define-public linux-libre-arm-generic (make-linux-libre %linux-libre-version -- cgit v1.2.3 From 10bc741619c9bf2a772ff8be36d139ffc16706de Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Sun, 2 Oct 2016 11:38:32 +0300 Subject: gnu: ffmpeg: Update to 3.1.4. * gnu/packages/video.scm (ffmpeg): Update to 3.1.4. --- gnu/packages/video.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 8bed50e424..fa3ee0ade5 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -403,14 +403,14 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).") (define-public ffmpeg (package (name "ffmpeg") - (version "3.1.3") + (version "3.1.4") (source (origin (method url-fetch) (uri (string-append "https://ffmpeg.org/releases/ffmpeg-" version ".tar.xz")) (sha256 (base32 - "08l8290gipm632dhrqndnphdpkc5ncqc1j3hxdx46r1a3q3mqmzq")))) + "0nvb2k0maj5g8llfg47j8z5xpvp4q3g9pab2pp6vpjd5vmwb6358")))) (build-system gnu-build-system) (inputs `(("fontconfig" ,fontconfig) -- cgit v1.2.3 From 4bdc3df92dc4c673b328e59cd9d2ab6ffcc51e6b Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Sun, 2 Oct 2016 22:25:39 +1000 Subject: gnu: vsearch: Update to 2.1.2. * gnu/packages/bioinformatics.scm (vsearch): Update to 2.1.2. --- gnu/packages/bioinformatics.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 3cf1ffcd1f..cf20057bcd 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -5571,7 +5571,7 @@ track. The database is exposed as a @code{TxDb} object.") (define-public vsearch (package (name "vsearch") - (version "2.1.1") + (version "2.1.2") (source (origin (method url-fetch) @@ -5581,7 +5581,7 @@ track. The database is exposed as a @code{TxDb} object.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0rn40inkpgv0j1r1j9kmgjkb7nc8v5c9ijvbhzr17iayannxvlq9")) + "1zzfj6ydsfzljyswlwqknpp8s2cf31vimi1aqf9ljsbagjyizc58")) (modules '((guix build utils))) (snippet '(begin -- cgit v1.2.3 From 6a703976f43bcfc3166df24163800b46d65186b7 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sun, 2 Oct 2016 10:45:19 -0400 Subject: gnu: libotf: Fix source URI. * gnu/packages/fontutils.scm (libotf)[source]: Fix suorce URI. --- gnu/packages/fontutils.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index 4867164fa6..c528e61ad5 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -434,9 +434,8 @@ resolution.") (version "0.9.13") (source (origin (method url-fetch) - (uri (string-append - "mirror://savannah/releases/m17n/libotf-" - version ".tar.gz")) + (uri (string-append "mirror://savannah/m17n/libotf-" + version ".tar.gz")) (sha256 (base32 "0239zvfan56w7vrppriwy77fzb10ag9llaz15nsraps2a2x6di3v")))) (build-system gnu-build-system) -- cgit v1.2.3 From c6ab73e8ff357ea35c3d0ebf1b09c6c7be300a94 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 29 Sep 2016 17:08:23 +0200 Subject: gnu: Add r-viridislite. * gnu/packages/statistics.scm (r-viridislite): New variable. --- gnu/packages/statistics.scm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm index 9cf79ef7c9..51294e5b3b 100644 --- a/gnu/packages/statistics.scm +++ b/gnu/packages/statistics.scm @@ -3040,6 +3040,31 @@ black-and-white. They are also designed to be perceived by readers with the most common form of color blindness.") (license license:x11))) +(define-public r-viridislite + (package + (name "r-viridislite") + (version "0.1.3") + (source + (origin + (method url-fetch) + (uri (cran-uri "viridisLite" version)) + (sha256 + (base32 + "1b0fhj8i1m9jsz91gzag60k7vy7kk5xkdg31rc3h3spq96l66psp")))) + (properties `((upstream-name . "viridisLite"))) + (build-system r-build-system) + (home-page "https://github.com/sjmgarnier/viridisLite") + (synopsis "Default color maps from matplotlib") + (description + "This package is a port of the new @code{matplotlib} color maps ('viridis', +'magma', 'plasma' and 'inferno') to R. matplotlib is a popular plotting +library for Python. These color maps are designed in such a way that they +will analytically be perfectly perceptually-uniform, both in regular form and +also when converted to black-and-white. They are also designed to be +perceived by readers with the most common form of color blindness. This is +the 'lite' version of the more complete @code{viridis} package.") + (license license:expat))) + (define-public r-tidyr (package (name "r-tidyr") -- cgit v1.2.3 From a3c6445be5f18ea7af2e26f9ee1344b06e02593b Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 29 Sep 2016 17:11:34 +0200 Subject: gnu: Add r-purrr. * gnu/packages/statistics.scm (r-purrr): New variable. --- gnu/packages/statistics.scm | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm index 51294e5b3b..fd5aaf4b75 100644 --- a/gnu/packages/statistics.scm +++ b/gnu/packages/statistics.scm @@ -3117,6 +3117,31 @@ and tidyr provides no margins or aggregation.") It uses and relies on grid graphics and formal (S4) classes and methods.") (license license:gpl2+))) +(define-public r-purrr + (package + (name "r-purrr") + (version "0.2.2") + (source + (origin + (method url-fetch) + (uri (cran-uri "purrr" version)) + (sha256 + (base32 + "0lss8q733nv7s154wargm6vnxq55qygnxakib8xdj4jv0y86sxc3")))) + (build-system r-build-system) + (propagated-inputs + `(("r-bh" ,r-bh) + ("r-dplyr" ,r-dplyr) + ("r-lazyeval" ,r-lazyeval) + ("r-magrittr" ,r-magrittr) + ("r-rcpp" ,r-rcpp))) + (home-page "https://github.com/hadley/purrr") + (synopsis "Functional programming tools") + (description + "This package completes R's functional programming tools with missing +features present in other programming languages.") + (license license:gpl3+))) + (define-public r-plotly (package (name "r-plotly") -- cgit v1.2.3 From 88cf917b74731146abecf9fd306459dd29ed4789 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 29 Sep 2016 17:11:57 +0200 Subject: gnu: r-plotly: Update to 4.5.2. * gnu/packages/statistics.scm (r-plotly): Update to 4.5.2. [propagated-inputs]: Remove r-plyr; remove r-viridis; add r-dplyr; add r-lazyeval; add r-purrr; add r-tibble; add r-viridislite. --- gnu/packages/statistics.scm | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/gnu/packages/statistics.scm b/gnu/packages/statistics.scm index fd5aaf4b75..cbaf026728 100644 --- a/gnu/packages/statistics.scm +++ b/gnu/packages/statistics.scm @@ -3145,27 +3145,30 @@ features present in other programming languages.") (define-public r-plotly (package (name "r-plotly") - (version "3.6.0") + (version "4.5.2") (source (origin (method url-fetch) (uri (cran-uri "plotly" version)) (sha256 (base32 - "15hvqa0sf4z6l6vvr614zjszfphwpv66zpc665iyiynq0pd1jv2c")))) + "08shs0qhy9js0fpj3d4rzfbwmw11ki3z5vg8jszfm6m69mfkgzw1")))) (build-system r-build-system) (propagated-inputs `(("r-base64enc" ,r-base64enc) ("r-digest" ,r-digest) + ("r-dplyr" ,r-dplyr) ("r-ggplot2" ,r-ggplot2) ("r-hexbin" ,r-hexbin) ("r-htmlwidgets" ,r-htmlwidgets) ("r-httr" ,r-httr) ("r-jsonlite" ,r-jsonlite) + ("r-lazyeval" ,r-lazyeval) ("r-magrittr" ,r-magrittr) - ("r-plyr" ,r-plyr) + ("r-purrr" ,r-purrr) ("r-scales" ,r-scales) + ("r-tibble" ,r-tibble) ("r-tidyr" ,r-tidyr) - ("r-viridis" ,r-viridis))) + ("r-viridislite" ,r-viridislite))) (home-page "https://plot.ly/r") (synopsis "Create interactive web graphics") (description -- cgit v1.2.3 From 2d47cee25b8bb31d22e6803f1cb3e1679641e14a Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 1 Oct 2016 13:24:22 +0200 Subject: gnu: Do not propagate inputs in haskell.scm. * gnu/packages/haskell.scm (ghc-streaming-commons)[propagated-inputs]: Move ghc-random... [inputs]: ...to here; remove ghc-async, add ghc-directory, add ghc-transformers; move ghc-quickcheck, ghc-hspec... [native-inputs]: ...to here; add hspec-discover. (ghc-test-framework)[propagated-inputs]: Move all from here... [inputs]: ...to here; move ghc-hunit and ghc-quickcheck... [native-inputs]: ...to here. (ghc-attoparsec)[propagated-inputs]: Move ghc-scientific... [inputs]: ...to here; move ghc-quickcheck, ghc-quickcheck-unicode, ghc-test-framework, ghc-test-framework-quickcheck2, ghc-vector... [native-inputs]: ...to here. (ghc-zip-archive)[propagated-inputs]: Move all inputs from here... [inputs]: ...to here; move ghc-hunit from here... [native-inputs]: ...to here. (ghc-network-uri)[inputs]: Add ghc-parsec; move ghc-hunit from here... [native-inputs]: ...to here. [propagated-inputs]: Remove. (ghc-wai)[propagated-inputs]: Move all inputs from here... [inputs]: ...to here; move ghc-quickcheck, ghc-hunit, and ghc-hspec from here... [native-inputs]: ...to here. Add hspec-discover. (ghc-wai-extra)[propagated-inputs]: Remove ghc-hspec and ghc-hunit; move all other inputs from here... [inputs]: ...to here. [native-inputs]: Add hspec-discover, ghc-hspec, and ghc-hunit. (ghc-resourcet, ghc-xss-sanitize, ghc-parsec, ghc-vector, ghc-http, ghc-base-compat, ghc-base-orphans, ghc-word8)[inputs]: Move all inputs from here... [native-inputs]: ...to here. (ghc-haddock-library, ghc-hspec-contrib, ghc-base-compat, ghc-base-orphans, ghc-fast-logger, ghc-word8, ghc-aeson-qq, ghc-logging-facade, ghc-mockery, ghc-yaml, ghc-hslua)[native-inputs]: Add hspec-discover. (ghc-fast-logger)[inputs]: Move ghc-hspec from here... [native-inputs]: ...to here. (ghc-data-default, ghc-data-default-instances-base, ghc-data-default-instances-containers, ghc-data-default-instances-dlist, ghc-haddock-api, ghc-happy, ghc-haskell-src-exts, ghc-resourcet, ghc-xss-sanitize, ghc-sdl-mixer, ghc-sdl-image, ghc-glut, ghc-gluraw, ghc-opengl, cpphs, ghc-old-time, ghc-data-default-instances-old-locale, cabal-install, ghc-x11, ghc-x11-xft, ghc-hashable, ghc-test-framework-hunit, ghc-test-framework, ghc-tf-random, ghc-transformers-base, ghc-unix-time, ghc-http-types, ghc-iproute, ghc-regex-base, ghc-regex-posix, ghc-regex-tdfa-rc, ghc-parsers, ghc-trifecta, ghc-distributive, ghc-comonad, ghc-polyparse, ghc-profunctors, ghc-reducers, ghc-xml, ghc-exceptions, ghc-temporary, ghc-temporary-rc, ghc-smallcheck, ghc-tasty-ant-xml, ghc-quickcheck-instances, ghc-quickcheck, ghc-case-insensitive, ghc-chasingbottoms, ghc-unordererd-containers, ghc-uniplate, ghc-ansi-wl-pprint, ghc-parsec, ghc-vector, ghc-vector-binary-instances, ghc-http, ghc-hspec, ghc-hspec-contrib, ghc-hspec-core, ghc-hspec-meta, ghc-vault, ghc-monad-control, ghc-blaze-builder, ghc-blaze-markup, ghc-blaze-html, ghc-async, ghc-optparse-applicative, ghc-charset, ghc-void, ghc-kan-extensions, ghc-statevar, ghc-lens, ghc-cheapskate, ghc-semigroupoids, ghc-contrvariant, ghc-semigroups, ghc-free, ghc-adjunctions, ghc-fast-logger, ghc-doctest, ghc-lifted-base, ghc-tasty-quickcheck, ghc-tasty-golden, ghc-tasty, ghc-cookie, ghc-scientific, ghc-aeson, ghc-wai-logger, ghc-pandoc-types, ghc-texmath, ghc-regex-pcre-builtin, ghc-highlighting-kate, ghc-cmark, ghc-enclosed-exceptions, ghc-th-lift, ghc-th-expand-syns, ghc-th-reify-many, ghc-th-orphans, ghc-haskell-src-meta, ghc-aeson-qq, ghc-conduit, ghc-mockery, ghc-yaml, ghc-filemanip, ghc-juicypixels, ghc-hslua, ghc-mime-types, ghc-http-client, ghc-hourglass, ghc-pem, ghc-asn1-types, ghc-asn1-encoding, ghc-asn1-parse, ghc-tasty-kat, ghc-cryptonite, ghc-x509, ghc-x509-store, ghc-x509-validation, ghc-x509-system, ghc-tls, ghc-socks, ghc-connection, ghc-http-client-tls, ghc-pandoc)[propagated-inputs]: Move inputs from here... [inputs]: ...to here. --- gnu/packages/haskell.scm | 543 ++++++++++++++++++++++------------------------- 1 file changed, 257 insertions(+), 286 deletions(-) diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm index 3bd3e1476d..d79dfd698b 100644 --- a/gnu/packages/haskell.scm +++ b/gnu/packages/haskell.scm @@ -342,7 +342,7 @@ reduce @code{UndecidableInstances}.") (sha256 (base32 "0d1hm0l9kim3kszshr4msmgzizrzha48gz2kb7b61p7n3gs70m7c")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class) ("ghc-data-default-instances-base" @@ -394,7 +394,7 @@ packages.") (sha256 (base32 "1832nq6by91f1iw73ycvkbgn8kpra83pvf2q61hy47xffh0zy4pb")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class))) (home-page "https://hackage.haskell.org/package/data-default-instances-base") (synopsis "Default instances for types in base") @@ -417,7 +417,7 @@ package.") (sha256 (base32 "06h8xka031w752a7cjlzghvr8adqbl95xj9z5zc1b62w02phfpm5")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class))) (home-page "https://hackage.haskell.org/package/data-default-instances-containers") (synopsis "Default instances for types in containers") @@ -439,7 +439,7 @@ package.") (sha256 (base32 "0narkdqiprhgayjiawrr4390h4rq4pl2pb6mvixbv2phrc8kfs3x")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class) ("ghc-dlist" ,ghc-dlist))) (home-page "https://hackage.haskell.org/package/data-default-instances-dlist") @@ -467,6 +467,8 @@ package.") `(("ghc-base-compat" ,ghc-base-compat) ("ghc-hspec" ,ghc-hspec) ("ghc-quickcheck" ,ghc-quickcheck))) + (native-inputs + `(("hspec-discover" ,hspec-discover))) (home-page "http://www.haskell.org/haddock/") (synopsis "Library exposing some functionality of Haddock") @@ -493,7 +495,7 @@ the ‘haddock’ package.") (base32 "1spd5axg1pdjv4dkdb5gcwjsc8gg37qi4mr2k2db6ayywdkis1p2")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-paths" ,ghc-paths) ("ghc-haddock-library" ,ghc-haddock-library))) (home-page "http://www.haskell.org/haddock/") @@ -774,7 +776,7 @@ postfix notation. For more information on stack based languages, see (build-system haskell-build-system) (arguments `(#:tests? #f)) ;; cannot satisfy -package mtl. Possible Cabal ;; issue. - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl))) (home-page "https://hackage.haskell.org/package/happy") (synopsis "Parser generator for Haskell") @@ -798,7 +800,7 @@ Happy works in a similar way to the yacc tool for C.") (base32 "1h8gjw5g92rvvzadqzpscg73x7ajvs1wlphrh27afim3scdd8frz")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("cpphs" ,cpphs) ("ghc-mtl" ,ghc-mtl) ("ghc-happy" ,ghc-happy) @@ -861,14 +863,14 @@ unwanted suggestions, and to add your own custom suggestions.") (base32 "0zhsaaa4n8ry76vjih519a8npm2hrzk10d5asrgllcwpzmifl41y")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-transformers-base" ,ghc-transformers-base) ("ghc-monad-control" ,ghc-monad-control) ("ghc-transformers-compat" ,ghc-transformers-compat) ("ghc-mtl" ,ghc-mtl) ("ghc-mmorph" ,ghc-mmorph) ("ghc-exceptions" ,ghc-exceptions))) - (inputs + (native-inputs `(("ghc-lifted-base" ,ghc-lifted-base) ("ghc-hspec" ,ghc-hspec))) (home-page "https://github.com/snoyberg/conduit") @@ -892,12 +894,12 @@ code where you can safely allocate resources.") (base32 "1j2qrn2dbfx01m7zyk9ilgnp9zjwq9mk62b0rdal4zkg4vh212h0")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-tagsoup" ,ghc-tagsoup) ("ghc-utf8-string" ,ghc-utf8-string) ("ghc-css-text" ,ghc-css-text) ("ghc-network-uri" ,ghc-network-uri))) - (inputs + (native-inputs `(("ghc-text" ,ghc-text) ("ghc-attoparsec" ,ghc-attoparsec) ("ghc-hspec" ,ghc-hspec) @@ -978,10 +980,9 @@ award winning Linux port of \"Civilization: Call To Power.\"") (let* ((sdl-mixer (assoc-ref %build-inputs "sdl-mixer")) (sdl-mixer-include (string-append sdl-mixer "/include/SDL"))) (list (string-append "--extra-include-dirs=" sdl-mixer-include))))) - (propagated-inputs - `(("ghc-sdl" ,ghc-sdl))) (inputs - `(("sdl-mixer" ,sdl-mixer))) + `(("ghc-sdl" ,ghc-sdl) + ("sdl-mixer" ,sdl-mixer))) (home-page "https://hackage.haskell.org/package/SDL-mixer") (synopsis "Haskell bindings to libSDL_mixer") (description "SDL_mixer is a sample multi-channel audio mixer library. It @@ -1010,10 +1011,9 @@ MIDI, Ogg Vorbis, and SMPEG MP3 libraries.") (let* ((sdl-image (assoc-ref %build-inputs "sdl-image")) (sdl-image-include (string-append sdl-image "/include/SDL"))) (list (string-append "--extra-include-dirs=" sdl-image-include))))) - (propagated-inputs - `(("ghc-sdl" ,ghc-sdl))) (inputs - `(("sdl-image" ,sdl-image))) + `(("ghc-sdl" ,ghc-sdl) + ("sdl-image" ,sdl-image))) (home-page "https://hackage.haskell.org/package/SDL-image") (synopsis "Haskell bindings to libSDL_image") (description "SDL_image is an image file loading library. It loads images @@ -1089,12 +1089,11 @@ found at runtime, a userError is thrown.") (base32 "1qfilpc10jm47anan44c20y8mh76f2dv09m5d22gk0f7am7hg4k2")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-statevar" ,ghc-statevar) + ("ghc-opengl" ,ghc-opengl) ("ghc-openglraw" ,ghc-openglraw) ("freeglut" ,freeglut))) - (inputs - `(("ghc-opengl" ,ghc-opengl))) (home-page "http://www.haskell.org/haskellwiki/Opengl") (synopsis "Haskell bindings for the OpenGL Utility Toolkit") (description "This library provides Haskell bindings for the OpenGL @@ -1117,7 +1116,7 @@ programs.") (base32 "0gscd9lhp9mb10q8s716nx26m8qng9xbb4h6b3f48zzgkc1sy96x")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-openglraw" ,ghc-openglraw))) (home-page "http://www.haskell.org/haskellwiki/Opengl") (synopsis "Raw Haskell bindings GLU") @@ -1141,7 +1140,7 @@ basis for a nicer interface.") (base32 "1mcfb167jl75qc2hgylh83vf2jqizvyvkvhhb72adi2crc3zqz4b")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text) ("ghc-objectname" ,ghc-objectname) ("ghc-gluraw" ,ghc-gluraw) @@ -1169,17 +1168,19 @@ version 1.3).") (base32 "12nw9bwvy6zrabkgvbp371klca3ds6qjlfncg1b8pbwx1y7m8c8h")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-random" ,ghc-random))) (inputs - `(("ghc-quickcheck" ,ghc-quickcheck) - ("ghc-async" ,ghc-async) - ("ghc-blaze-builder" ,ghc-blaze-builder) - ("ghc-hspec" ,ghc-hspec) + `(("ghc-blaze-builder" ,ghc-blaze-builder) + ("ghc-directory" ,ghc-directory) + ("ghc-network" ,ghc-network) + ("ghc-random" ,ghc-random) ("ghc-stm" ,ghc-stm) ("ghc-text" ,ghc-text) - ("ghc-network" ,ghc-network) + ("ghc-transformers" ,ghc-transformers) ("ghc-zlib" ,ghc-zlib))) + (native-inputs + `(("ghc-quickcheck" ,ghc-quickcheck) + ("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/streaming-commons") (synopsis "Conduit and pipes needed by some streaming data libraries") (description "Provides low-dependency functionality commonly needed by @@ -1201,7 +1202,7 @@ various Haskell streaming data libraries, such as @code{conduit} and (base32 "1njpmxgpah5pcqppcl1cxb5xicf6xlqrd162qm12khp9hainlm72")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-polyparse" ,ghc-polyparse) ("ghc-old-locale" ,ghc-old-locale) ("ghc-old-time" ,ghc-old-time))) @@ -1276,7 +1277,7 @@ date and time formats.") (base32 "1h9b26s3kfh2k0ih4383w90ibji6n0iwamxp6rfp2lbq1y5ibjqw")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-old-locale" ,ghc-old-locale))) (home-page "https://hackage.haskell.org/package/old-time") (synopsis "Time compatibility library for Haskell") @@ -1299,7 +1300,7 @@ old @code{time} library. For new projects, the newer (sha256 (base32 "00h81i5phib741yj517p8mbnc48myvfj8axzsw44k34m48lv1lv0")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class) ("ghc-old-locale" ,ghc-old-locale))) (home-page @@ -1368,7 +1369,7 @@ versions of GHC (i.e., < 6.10).") (base32 "1d5h7h2wjwc2s3dvsvzjgmmfrfl2312ym2h6kyjgm9wnaqw9w8wx")))) (arguments `(#:tests? #f)) ; FIXME: testing libraries are missing. (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-http" ,ghc-http) ("ghc-mtl" ,ghc-mtl) ("ghc-network-uri" ,ghc-network-uri) @@ -1492,9 +1493,8 @@ environment variables.") `(("libx11" ,libx11) ("libxrandr" ,libxrandr) ("libxinerama" ,libxinerama) - ("libxscrnsaver" ,libxscrnsaver))) - (propagated-inputs - `(("ghc-data-default" ,ghc-data-default))) + ("libxscrnsaver" ,libxscrnsaver) + ("ghc-data-default" ,ghc-data-default))) (home-page "https://github.com/haskell-pkg-janitors/X11") (synopsis "Bindings to the X11 graphics library") (description @@ -1513,11 +1513,10 @@ bindings are a direct translation of the C bindings.") "X11-xft-" version ".tar.gz")) (sha256 (base32 "1lgqb0s2qfwwgbvwxhjbi23rbwamzdi0l0slfr20c3jpcbp3zfjf")))) - (propagated-inputs - `(("ghc-x11" ,ghc-x11) - ("ghc-utf8-string" ,ghc-utf8-string))) (inputs - `(("libx11" ,libx11) + `(("ghc-x11" ,ghc-x11) + ("ghc-utf8-string" ,ghc-utf8-string) + ("libx11" ,libx11) ("libxft" ,libxft) ("xproto" ,xproto))) (native-inputs @@ -1674,8 +1673,7 @@ in terms of large data quantities and high speed.") (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: currently missing libraries used for tests. - ;; these inputs are necessary to use this library - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text))) (home-page "https://github.com/tibbe/hashable") (synopsis @@ -1767,18 +1765,18 @@ library, including the ability to split random number generators.") (base32 "0wxjgdvb1c4ykazw774zlx86550848wbsvgjgcrdzcgbb9m650vq")))) (build-system haskell-build-system) - (inputs + (native-inputs `(("ghc-hunit" ,ghc-hunit) - ("ghc-libxml" ,ghc-libxml) ("ghc-quickcheck" ,ghc-quickcheck))) - (propagated-inputs + (inputs `(("ghc-ansi-terminal" ,ghc-ansi-terminal) ("ghc-ansi-wl-pprint" ,ghc-ansi-wl-pprint) ("ghc-hostname" ,ghc-hostname) ("ghc-old-locale" ,ghc-old-locale) ("ghc-random" ,ghc-random) ("ghc-regex-posix" ,ghc-regex-posix) - ("ghc-xml" ,ghc-xml))) + ("ghc-xml" ,ghc-xml) + ("ghc-libxml" ,ghc-libxml))) (home-page "https://batterseapower.github.io/test-framework/") (synopsis "Framework for running and organising tests") (description @@ -1803,7 +1801,7 @@ reporting and test statistics output.") (base32 "1h0h55kf6ff25nbfx1mhliwyknc0glwv3zi78wpzllbjbs7gvyfk")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-extensible-exceptions" ,ghc-extensible-exceptions) ("ghc-hunit" ,ghc-hunit) ("ghc-test-framework" ,ghc-test-framework))) @@ -1834,7 +1832,7 @@ reporting and test statistics output.") '(substitute* "test-framework-quickcheck2.cabal" (("QuickCheck >= 2.4 && < 2.8") "QuickCheck >= 2.4 && < 2.9"))))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-extensible-exceptions" ,ghc-extensible-exceptions) ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-random" ,ghc-random) @@ -1861,8 +1859,7 @@ package.") (sha256 (base32 "0445r2nns6009fmq0xbfpyv7jpzwv0snccjdg7hwj4xk4z0cwc1f")))) (build-system haskell-build-system) - ;; these inputs are necessary to use this package - (propagated-inputs + (inputs `(("ghc-primitive" ,ghc-primitive) ("ghc-random" ,ghc-random))) (home-page "https://hackage.haskell.org/package/tf-random") @@ -1889,10 +1886,9 @@ Hashing\" by Claessen, Pałka for details and the rationale of the design.") (base32 "11r3slgpgpra6zi2kjg3g60gvv17b1fh6qxipcpk8n86qx7lk8va")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-stm" ,ghc-stm))) (inputs - `(("ghc-transformers-compat" ,ghc-transformers-compat))) + `(("ghc-stm" ,ghc-stm) + ("ghc-transformers-compat" ,ghc-transformers-compat))) (home-page "https://hackage.haskell.org/package/transformers-compat") (synopsis @@ -1943,7 +1939,7 @@ but also need those types.") (arguments `(#:tests? #f)) ; FIXME: Test fails with "System.Time not found". This ; is weird, that should be provided by GHC 7.10.2. - (propagated-inputs + (inputs `(("ghc-old-time" ,ghc-old-time) ("ghc-old-locale" ,ghc-old-locale))) (home-page "https://hackage.haskell.org/package/unix-time") @@ -1994,11 +1990,10 @@ isn't available, portable implementations are used.") (arguments `(#:tests? #f)) ; FIXME: Tests cannot find ; Blaze.Bytestring.Builder, which should be ; provided by ghc-blaze-builder. - (propagated-inputs - `(("ghc-case-insensitive" ,ghc-case-insensitive) - ("ghc-blaze-builder" ,ghc-blaze-builder))) (inputs - `(("ghc-text" ,ghc-text))) + `(("ghc-case-insensitive" ,ghc-case-insensitive) + ("ghc-blaze-builder" ,ghc-blaze-builder) + ("ghc-text" ,ghc-text))) (home-page "https://github.com/aristidb/http-types") (synopsis "Generic HTTP types for Haskell") (description "This package provides generic HTTP types for Haskell (for @@ -2047,11 +2042,10 @@ lines continued at an indented level below.") (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Tests cannot find System.ByteOrder, ; exported by ghc-byteorder. Doctest issue. - (propagated-inputs - `(("ghc-appar" ,ghc-appar) - ("ghc-byteorder" ,ghc-byteorder))) (inputs - `(("ghc-network" ,ghc-network) + `(("ghc-appar" ,ghc-appar) + ("ghc-byteorder" ,ghc-byteorder) + ("ghc-network" ,ghc-network) ("ghc-safe" ,ghc-safe))) (home-page "http://www.mew.org/~kazu/proj/iproute/") (synopsis "IP routing table") @@ -2075,7 +2069,7 @@ removed. Both IPv4 and IPv6 are supported.") (base32 "0y1j4h2pg12c853nzmczs263di7xkkmlnsq5dlp5wgbgl49mgp10")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl))) (home-page "http://sourceforge.net/projects/lazy-regex") @@ -2099,7 +2093,7 @@ regex-posix, regex-pcre, regex-parsec, regex-tdfa, regex-dfa.") (base32 "0gkhzhj8nvfn1ija31c7xnl6p0gadwii9ihyp219ck2arlhrj0an")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-regex-base" ,ghc-regex-base))) (home-page "http://sourceforge.net/projects/lazy-regex") (synopsis "POSIX regular expressions for Haskell") @@ -2146,11 +2140,10 @@ Haskell library @code{regex-base}.") (base32 "1vi11i23gkkjg6193ak90g55akj69bhahy542frkwb68haky4pp3")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-regex-base" ,ghc-regex-base) - ("ghc-parsec" ,ghc-parsec))) (inputs - `(("ghc-mtl" ,ghc-mtl))) + `(("ghc-regex-base" ,ghc-regex-base) + ("ghc-parsec" ,ghc-parsec) + ("ghc-mtl" ,ghc-mtl))) (home-page "https://hackage.haskell.org/package/regex-tdfa") (synopsis "Tagged DFA regex engine for Haskell") @@ -2175,14 +2168,13 @@ Haskell library @code{regex-base}.") (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Test fails with "cannot satisfy ; -package attoparsec-0.13.0.1" - (propagated-inputs + (inputs `(("ghc-base-orphans" ,ghc-base-orphans) ("ghc-attoparsec" ,ghc-attoparsec) ("ghc-parsec" ,ghc-parsec) ("ghc-scientific" ,ghc-scientific) - ("ghc-charset" ,ghc-charset))) - (inputs - `(("ghc-text" ,ghc-text) + ("ghc-charset" ,ghc-charset) + ("ghc-text" ,ghc-text) ("ghc-unordered-containers" ,ghc-unordered-containers))) (home-page "https://github.com/ekmett/parsers/") (synopsis "Parsing combinators") @@ -2210,15 +2202,14 @@ the parsers provided by @code{parsec}, @code{attoparsec} and @code{base}'s (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Test fails with "cannot satisfy ; -package ansi-terminal-0.6.2.3" - (propagated-inputs + (inputs `(("ghc-charset" ,ghc-charset) ("ghc-comonad" ,ghc-comonad) ("ghc-lens" ,ghc-lens) ("ghc-profunctors" ,ghc-profunctors) ("ghc-reducers" ,ghc-reducers) - ("ghc-semigroups" ,ghc-semigroups))) - (inputs - `(("ghc-ansi-wl-pprint" ,ghc-ansi-wl-pprint) + ("ghc-semigroups" ,ghc-semigroups) + ("ghc-ansi-wl-pprint" ,ghc-ansi-wl-pprint) ("ghc-ansi-terminal" ,ghc-ansi-terminal) ("ghc-blaze-builder" ,ghc-blaze-builder) ("ghc-blaze-html" ,ghc-blaze-html) @@ -2250,14 +2241,14 @@ with slicing and Clang-style colored diagnostics.") (base32 "0cprkr7bl4lrr80pz8mryb4rbfwdgpsrl7g0fbcaybhl8p5hm26f")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-scientific" ,ghc-scientific))) (inputs + `(("ghc-scientific" ,ghc-scientific) + ("ghc-text" ,ghc-text))) + (native-inputs `(("ghc-quickcheck" ,ghc-quickcheck) ("ghc-quickcheck-unicode" ,ghc-quickcheck-unicode) ("ghc-test-framework" ,ghc-test-framework) ("ghc-test-framework-quickcheck2" ,ghc-test-framework-quickcheck2) - ("ghc-text" ,ghc-text) ("ghc-vector" ,ghc-vector))) (home-page "https://github.com/bos/attoparsec") (synopsis "Fast combinator parsing for bytestrings and text") @@ -2307,15 +2298,15 @@ Haskell.") (base32 "169nkxr5zlbymiz1ydlhlqr66vqiycmg85xh559phpkr64w3nqj1")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-old-time" ,ghc-old-time) - ("ghc-digest" ,ghc-digest))) (inputs - `(("ghc-hunit" ,ghc-hunit) - ("ghc-mtl" ,ghc-mtl) + `(("ghc-old-time" ,ghc-old-time) + ("ghc-digest" ,ghc-digest) ("zip" ,zip) + ("ghc-mtl" ,ghc-mtl) ("ghc-text" ,ghc-text) ("ghc-zlib" ,ghc-zlib))) + (native-inputs + `(("ghc-hunit" ,ghc-hunit))) (home-page "https://hackage.haskell.org/package/zip-archive") (synopsis "Zip archive library for Haskell") (description "The zip-archive library provides functions for creating, @@ -2339,7 +2330,7 @@ modifying, and extracting files from zip archives in Haskell.") (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: fails with "cannot satisfy -package ; tagged-0.8.1". Suspected Cabal issue. - (propagated-inputs + (inputs `(("ghc-tagged" ,ghc-tagged) ("ghc-transformers-compat" ,ghc-transformers-compat))) (home-page "https://github.com/ekmett/distributive/") @@ -2385,14 +2376,13 @@ parser isolation, and labeled blocks for better error messages.") (base32 "0arvbaxgkawzdp38hh53akkahjg2aa3kj2b4ns0ni8a5ylg2cqmp")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-distributive" ,ghc-distributive) - ("ghc-transformers-compat" ,ghc-transformers-compat) - ("ghc-contravariant" ,ghc-contravariant))) (arguments `(#:tests? #f)) ; FIXME: Test fails with "cannot satisfy ; -package contravariant-1.3.3" (inputs - `(("ghc-semigroups" ,ghc-semigroups) + `(("ghc-distributive" ,ghc-distributive) + ("ghc-transformers-compat" ,ghc-transformers-compat) + ("ghc-contravariant" ,ghc-contravariant) + ("ghc-semigroups" ,ghc-semigroups) ("ghc-tagged" ,ghc-tagged) ("ghc-contravariant" ,ghc-contravariant))) (home-page "https://github.com/ekmett/comonad/") @@ -2439,7 +2429,7 @@ and mIRC chat codes.") (base32 "1z417f80b0jm4dgv25fk408p3d9mmcd1dlbya3ry0zdx4md09vrh")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text))) (home-page "http://code.haskell.org/~malcolm/polyparse/") @@ -2493,10 +2483,9 @@ this package makes them available back to GHC 7.2.") (base32 "0lw2ipacpnp9yqmi8zsp01pzpn5hwj8af3y0f3079mddrmw48gw7")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-distributive" ,ghc-distributive))) (inputs - `(("ghc-comonad" ,ghc-comonad) + `(("ghc-distributive" ,ghc-distributive) + ("ghc-comonad" ,ghc-comonad) ("ghc-tagged" ,ghc-tagged))) (home-page "https://github.com/ekmett/profunctors/") (synopsis "Profunctors for Haskell") @@ -2518,13 +2507,12 @@ this package makes them available back to GHC 7.2.") (base32 "0pkddg0s3cn759miq0nfrq7lnp3imk5sx784ihsilsbjh9kvffz4")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-semigroupoids" ,ghc-semigroupoids))) (inputs `(("ghc-fingertree" ,ghc-fingertree) ("ghc-hashable" ,ghc-hashable) ("ghc-text" ,ghc-text) ("ghc-unordered-containers" ,ghc-unordered-containers) + ("ghc-semigroupoids" ,ghc-semigroupoids) ("ghc-semigroups" ,ghc-semigroups))) (home-page "https://github.com/ekmett/reducers/") (synopsis "Semigroups, specialized containers and a general map/reduce framework") @@ -2662,7 +2650,7 @@ online}.") (base32 "0g814lj7vaxvib2g3r734221k80k7ap9czv9hinifn8syals3l9j")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text))) (home-page "http://code.galois.com") (synopsis "Simple XML library for Haskell") @@ -2685,7 +2673,7 @@ online}.") "1x1bk1jf42k1gigiqqmkkh38z2ffhx8rsqiszdq3f94m2h6kw2h7")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Missing test-framework package. - (propagated-inputs + (inputs `(("ghc-stm" ,ghc-stm) ("ghc-mtl" ,ghc-mtl) ("ghc-transformers-compat" ,ghc-transformers-compat))) @@ -2710,7 +2698,7 @@ for Haskell.") (base32 "0is67bmsjmbbw6wymhis8wyq9gax3sszm573p5719fx2c9z9r24a")))) (build-system haskell-build-system) - (propagated-inputs `(("ghc-exceptions" ,ghc-exceptions))) + (inputs `(("ghc-exceptions" ,ghc-exceptions))) (home-page "http://www.github.com/batterseapower/temporary") (synopsis "Temporary file and directory support") (description "The functions for creating temporary files and directories @@ -2735,7 +2723,7 @@ installed.") (base32 "1nqih0qks439k3pr5kmbbc8rjdw730slrxlflqb27fbxbzb8skqs")))) (build-system haskell-build-system) - (propagated-inputs `(("ghc-exceptions" ,ghc-exceptions))) + (inputs `(("ghc-exceptions" ,ghc-exceptions))) (home-page "http://www.github.com/feuerbach/temporary") (synopsis @@ -2764,10 +2752,9 @@ This is a better maintained fork of the \"temporary\" package.") (base32 "1ygrabxh40bym3grnzqyfqn96lirnxspb8cmwkkr213239y605sd")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-logict" ,ghc-logict))) (inputs - `(("ghc-mtl" ,ghc-mtl))) + `(("ghc-logict" ,ghc-logict) + ("ghc-mtl" ,ghc-mtl))) (home-page "https://github.com/feuerbach/smallcheck") (synopsis "Property-based testing library") @@ -2791,11 +2778,10 @@ automatically by SmallCheck.") (base32 "0pgz2lclg2hp72ykljcbxd88pjanfdfk8m5vb2qzcyjr85kwrhxv")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-generic-deriving" ,ghc-generic-deriving) - ("ghc-xml" ,ghc-xml))) (inputs - `(("ghc-mtl" ,ghc-mtl) + `(("ghc-generic-deriving" ,ghc-generic-deriving) + ("ghc-xml" ,ghc-xml) + ("ghc-mtl" ,ghc-mtl) ("ghc-stm" ,ghc-stm) ("ghc-tagged" ,ghc-tagged) ("ghc-tasty" ,ghc-tasty))) @@ -2874,11 +2860,10 @@ writing to stdout and other handles.") (base32 "041s6963czs1pz0fc9cx17lgd6p83czqy2nxji7bhxqxwl2j15h2")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-old-time" ,ghc-old-time) - ("ghc-unordered-containers" ,ghc-unordered-containers))) (inputs - `(("ghc-hashable" ,ghc-hashable) + `(("ghc-old-time" ,ghc-old-time) + ("ghc-unordered-containers" ,ghc-unordered-containers) + ("ghc-hashable" ,ghc-hashable) ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-text" ,ghc-text))) (home-page @@ -2955,8 +2940,7 @@ use HUnit assertions as QuickCheck properties.") (arguments `(#:tests? #f ; FIXME: currently missing libraries used for tests. #:configure-flags '("-f base4"))) - ;; these inputs are necessary to use this package - (propagated-inputs + (inputs `(("ghc-tf-random" ,ghc-tf-random))) (home-page "https://github.com/nick8325/quickcheck") @@ -2985,7 +2969,7 @@ use HUnit assertions as QuickCheck properties.") (inputs `(("ghc-hunit" ,ghc-hunit))) ;; these inputs are necessary to use this library - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text) ("ghc-hashable" ,ghc-hashable))) (arguments @@ -3079,7 +3063,7 @@ encourages inductive, recursive definitions of graph algorithms.") '(substitute* "ChasingBottoms.cabal" (("syb >= 0.1.0.2 && < 0.6") "syb >= 0.1.0.2 && < 0.7"))))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-random" ,ghc-random) @@ -3118,9 +3102,8 @@ Partial and Infinite Values\"}.") ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-test-framework" ,ghc-test-framework) ("ghc-test-framework-hunit" ,ghc-test-framework-hunit) - ("ghc-test-framework-quickcheck2" ,ghc-test-framework-quickcheck2))) - ;; these inputs are necessary to use this library - (propagated-inputs `(("ghc-hashable" ,ghc-hashable))) + ("ghc-test-framework-quickcheck2" ,ghc-test-framework-quickcheck2) + ("ghc-hashable" ,ghc-hashable))) (home-page "https://github.com/tibbe/unordered-containers") (synopsis @@ -3146,7 +3129,7 @@ and high speed.") (base32 "1dx8f9aw27fz8kw0ad1nm6355w5rdl7bjvb427v2bsgnng30pipw")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-syb" ,ghc-syb) ("ghc-hashable" ,ghc-hashable) ("ghc-unordered-containers" ,ghc-unordered-containers))) @@ -3240,7 +3223,7 @@ instances of the @code{Pretty} class.") (base32 "025pyphsjf0dnbrmj5nscbi6gzyigwgp3ifxb3psn7kji6mfr29p")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-ansi-terminal" ,ghc-ansi-terminal))) (home-page "https://github.com/ekmett/ansi-wl-pprint") (synopsis "Wadler/Leijen Pretty Printer for colored ANSI terminal output") @@ -3296,10 +3279,9 @@ mainstream languages.") (sha256 (base32 "1ja20cmj6v336jy87c6h3jzjp00sdbakwbdwp11iln499k913xvi")))) (build-system haskell-build-system) - (inputs + (native-inputs `(("ghc-hunit" ,ghc-hunit))) - ;; these inputs are necessary to use this library - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text) ("ghc-mtl" ,ghc-mtl))) (arguments @@ -3330,10 +3312,8 @@ is also parametric in the input stream type.") "1r1jlksy7b0kb0fy00g64isk6nyd9wzzdq31gx5v1wn38knj0lqa")))) (build-system haskell-build-system) (inputs - `(("ghc-quickcheck" ,ghc-quickcheck))) - ;; these inputs are necessary to use this library - (propagated-inputs - `(("ghc-primitive" ,ghc-primitive))) + `(("ghc-primitive" ,ghc-primitive) + ("ghc-quickcheck" ,ghc-quickcheck))) (arguments `(#:tests? #f)) ; FIXME: currently missing libraries used for tests. (home-page "https://github.com/haskell/vector") @@ -3358,10 +3338,9 @@ optimisation framework.") (base32 "028rsf2w193rhs1gic5yvvrwidw9sblczcn10aw64npfc6502l4l")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-cereal" ,ghc-cereal))) (inputs - `(("ghc-vector" ,ghc-vector))) + `(("ghc-cereal" ,ghc-cereal) + ("ghc-vector" ,ghc-vector))) (home-page "https://github.com/bos/vector-binary-instances") (synopsis "Instances of Data.Binary and Data.Serialize for vector") (description "This library provides instances of @code{Binary} for the @@ -3413,13 +3392,13 @@ boxed and storable vectors.") (base32 "1pwbqb2rk4rnvllvdch42p5368xcvpkanp7bxckdhxya8zzwvhhg")))) (build-system haskell-build-system) - (inputs - `(("ghc-hunit" ,ghc-hunit) - ("ghc-network" ,ghc-network))) (arguments `(#:tests? #f)) ; FIXME: currently missing libraries used for tests. - (propagated-inputs - `(("ghc-parsec" ,ghc-parsec))) + (native-inputs + `(("ghc-hunit" ,ghc-hunit))) + (inputs + `(("ghc-parsec" ,ghc-parsec) + ("ghc-network" ,ghc-network))) (home-page "https://github.com/haskell/network-uri") (synopsis "Library for URI manipulation") @@ -3466,9 +3445,9 @@ cursor, and changing the title.") (base32 "0nyqdxr5ls2dxkf4a1f3x15xzwdm46ppn99nkcbhswlr6s3cq1s4")))) (build-system haskell-build-system) - (inputs + (native-inputs `(("ghc-hunit" ,ghc-hunit))) - (propagated-inputs + (inputs `(("ghc-old-time" ,ghc-old-time) ("ghc-parsec" ,ghc-parsec) ("ghc-mtl" ,ghc-mtl) @@ -3499,14 +3478,13 @@ responses coming back.") (base32 "0zqisxznlbszivsgy3irvf566zhcr6ipqqj3x9i7pj5hy913jwqf")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-hspec-core" ,ghc-hspec-core) ("hspec-discover" ,hspec-discover) ("ghc-hspec-expectations" ,ghc-hspec-expectations) ("ghc-quickcheck" ,ghc-quickcheck) - ("ghc-hunit" ,ghc-hunit))) - (inputs - `(("ghc-stringbuilder" ,ghc-stringbuilder) + ("ghc-hunit" ,ghc-hunit) + ("ghc-stringbuilder" ,ghc-stringbuilder) ("ghc-hspec-meta" ,ghc-hspec-meta))) (home-page "http://hspec.github.io/") (synopsis "Testing Framework for Haskell") @@ -3527,11 +3505,13 @@ Haskell, inspired by the Ruby library RSpec.") (base32 "006syw8xagfhsx06ws9ywig1qx5lk4cgl7sq6pbid1s64c72mxn4")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-hspec-core" ,ghc-hspec-core) ("ghc-hunit" ,ghc-hunit) ("ghc-hspec" ,ghc-hspec) ("ghc-quickcheck" ,ghc-quickcheck))) + (native-inputs + `(("hspec-discover" ,hspec-discover))) (home-page "http://hspec.github.io/") (synopsis "Contributed functionality for Hspec") (description @@ -3600,13 +3580,12 @@ runs Hspec tests.") "1wgd55k652jaf81nkvciyqi67ycj7zamr4nd9z1cqf8nr9fc3sa4")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: testing libraries are missing. - (propagated-inputs + (inputs `(("ghc-setenv" ,ghc-setenv) ("ghc-ansi-terminal" ,ghc-ansi-terminal) ("ghc-async" ,ghc-async) - ("ghc-quickcheck-io" ,ghc-quickcheck-io))) - (inputs - `(("ghc-hunit" ,ghc-hunit) + ("ghc-quickcheck-io" ,ghc-quickcheck-io) + ("ghc-hunit" ,ghc-hunit) ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-hspec-expectations" ,ghc-hspec-expectations) ("ghc-silently" ,ghc-silently))) @@ -3631,7 +3610,7 @@ be used to extend Hspec's functionality.") (base32 "1fmqmgrzp135cxhmxxbaswkk4bqbpgfml00cmcz0d39n11vzpa5z")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-quickcheck" ,ghc-quickcheck) ("ghc-hunit" ,ghc-hunit) ("ghc-ansi-terminal" ,ghc-ansi-terminal) @@ -3661,7 +3640,7 @@ used to test the in-development version of Hspec.") (base32 "0ah6qrg71krc87f4vjy4b4shdd0mgyil8fikb3j6fl4kfwlg67jn")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-unordered-containers" ,ghc-unordered-containers) ("ghc-hashable" ,ghc-hashable))) (home-page @@ -3712,7 +3691,7 @@ manipulating monad transformer stacks.") (base32 "07pn1p4m80wdd7gw62s4yny8rbvm60ka1q8qx5y1plznd8sbg179")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-stm" ,ghc-stm) ("ghc-transformers-base" ,ghc-transformers-base) ("ghc-transformers-compat" ,ghc-transformers-compat))) @@ -3763,9 +3742,10 @@ system.") (base32 "02m93hzgxg4bcnp7xcc2fdh2hrsc2h6fwl8hix5nx9k864kwf41q")))) (build-system haskell-build-system) - (inputs + (native-inputs `(("ghc-quickcheck" ,ghc-quickcheck) - ("ghc-hspec" ,ghc-hspec))) + ("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/base-compat") (synopsis "Haskell compiler compatibility library") (description "This library provides functions available in later versions @@ -3789,7 +3769,7 @@ pragmas in your code.") "1id3w33x9f7q5m3xpggmvzw03bkp94bpfyz81625bldqgf3yqdn1")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Missing test libraries. - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text) ("ghc-utf8-string" ,ghc-utf8-string))) (home-page "https://github.com/lpsmith/blaze-builder") @@ -3817,7 +3797,7 @@ interoperate with code that uses the new implementation.") "080vlhd8dwjxrma4bb524lh8gxs5lm3xh122icy6lnnyipla0s9y")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: testing libraries are missing. - (propagated-inputs + (inputs `(("ghc-blaze-builder" ,ghc-blaze-builder) ("ghc-text" ,ghc-text))) (home-page "http://jaspervdj.be/blaze") @@ -3842,7 +3822,7 @@ library for Haskell.") "1dnw50kh0s405cg9i2y4a8awanhj3bqzk21jwgfza65kcjby7lpq")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: testing libraries are missing. - (propagated-inputs + (inputs `(("ghc-blaze-builder" ,ghc-blaze-builder) ("ghc-text" ,ghc-text) ("ghc-blaze-markup" ,ghc-blaze-markup))) @@ -3888,11 +3868,10 @@ library for Haskell.") "0azx4qk65a9a2gvqsfmz3w89m6shzr2iz0i5lly2zvly4n2d6m6v")))) (build-system haskell-build-system) (inputs - `(("ghc-hunit" ,ghc-hunit) + `(("ghc-stm" ,ghc-stm) + ("ghc-hunit" ,ghc-hunit) ("ghc-test-framework" ,ghc-test-framework) ("ghc-test-framework-hunit" ,ghc-test-framework-hunit))) - (propagated-inputs - `(("ghc-stm" ,ghc-stm))) (home-page "https://github.com/simonmar/async") (synopsis "Library to run IO operations asynchronously") (description "Async provides a library to run IO operations @@ -3940,7 +3919,7 @@ simple general-purpose data structure\".") (base32 "0ni52ii9555jngljvzxn1ngicr6i2w647ww3rzhdrmng04y95iii")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-transformers-compat" ,ghc-transformers-compat) ("ghc-ansi-wl-pprint" ,ghc-ansi-wl-pprint))) (home-page "https://github.com/pcapriotti/optparse-applicative") @@ -3964,9 +3943,10 @@ command line options in Haskell.") (base32 "0hhgpwjvx7jhvlhsygmmf0q5hv2ymijzz4bjilicw99bmv13qcpl")))) (build-system haskell-build-system) - (inputs + (native-inputs `(("ghc-quickcheck" ,ghc-quickcheck) - ("ghc-hspec" ,ghc-hspec))) + ("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/base-orphans") (synopsis "Orphan instances for backwards compatibility") (description "This package defines orphan instances that mimic instances @@ -4101,10 +4081,9 @@ timer functions of different operating systems via a unified API.") (base32 "1gn0m96qpjww8hpp2g1as5yy0wcwy4iq73h3kz6g0yxxhcl5sh9x")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-semigroups" ,ghc-semigroups))) (inputs - `(("ghc-unordered-containers" ,ghc-unordered-containers))) + `(("ghc-semigroups" ,ghc-semigroups) + ("ghc-unordered-containers" ,ghc-unordered-containers))) (home-page "https://github.com/ekmett/charset") (synopsis "Fast unicode character sets for Haskell") (description "This package provides fast unicode character sets for @@ -4171,10 +4150,9 @@ Compatibility package for older packages.") (base32 "1x15x2axz84ndw2bf60vjqljhrb0w95lddaljsxrl0hcd29zvw69")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-semigroups" ,ghc-semigroups))) (inputs - `(("ghc-hashable" ,ghc-hashable))) + `(("ghc-semigroups" ,ghc-semigroups) + ("ghc-hashable" ,ghc-hashable))) (home-page "https://github.com/ekmett/void") (synopsis "Logically uninhabited data type") @@ -4198,10 +4176,9 @@ given term should not exist.") (base32 "0iywbadpy8s3isfzlx9dlz3apaywhqq4gdbxkwygksq8pzdhwkrk")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-adjunctions" ,ghc-adjunctions))) (inputs - `(("ghc-comonad" ,ghc-comonad) + `(("ghc-adjunctions" ,ghc-adjunctions) + ("ghc-comonad" ,ghc-comonad) ("ghc-contravariant" ,ghc-contravariant) ("ghc-distributive" ,ghc-distributive) ("ghc-free" ,ghc-free) @@ -4229,7 +4206,7 @@ forms of the Yoneda lemma, and (co)density (co)monads for Haskell.") (base32 "1ap51cvwq61xckx5hw44l82ihbxvsq3263xr5hqg42c5qp67kbhf")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-stm" ,ghc-stm))) (home-page "https://hackage.haskell.org/package/StateVar") (synopsis "State variables for Haskell") @@ -4253,7 +4230,7 @@ in the @code{IO} monad, like @code{IORef}s or parts of the OpenGL state.") "0g4g0xksrb2m8wgsmraaq8qnk1sssb42kr65fc7clgyid6zyfmim")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: doctest packagedb propagation problem. - (propagated-inputs + (inputs `(("ghc-base-orphans" ,ghc-base-orphans) ("ghc-bifunctors" ,ghc-bifunctors) ("ghc-distributive" ,ghc-distributive) @@ -4263,9 +4240,8 @@ in the @code{IO} monad, like @code{IORef}s or parts of the OpenGL state.") ("ghc-parallel" ,ghc-parallel) ("ghc-reflection" ,ghc-reflection) ("ghc-semigroupoids" ,ghc-semigroupoids) - ("ghc-vector" ,ghc-vector))) - (inputs - `(("ghc-comonad" ,ghc-comonad) + ("ghc-vector" ,ghc-vector) + ("ghc-comonad" ,ghc-comonad) ("ghc-contravariant" ,ghc-contravariant) ("ghc-hashable" ,ghc-hashable) ("ghc-mtl" ,ghc-mtl) @@ -4359,11 +4335,10 @@ are implemented as FFI bindings to efficient code from zlib.") (base32 "0drx1hlqvdcrij4097q6bxhbfcqm73jsqv1wwhd3hsnjdmr46ch2")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-xss-sanitize" ,ghc-xss-sanitize) - ("ghc-data-default" ,ghc-data-default))) (inputs - `(("ghc-mtl" ,ghc-mtl) + `(("ghc-xss-sanitize" ,ghc-xss-sanitize) + ("ghc-data-default" ,ghc-data-default) + ("ghc-mtl" ,ghc-mtl) ("ghc-text" ,ghc-text) ("ghc-blaze-html" ,ghc-blaze-html) ("ghc-syb" ,ghc-syb) @@ -4419,16 +4394,15 @@ attacks.") (base32 "1jf7jnfhdvl6p18wdr21yi2fim1xb8alcn6szhrdswj0dkilgq6d")))) (build-system haskell-build-system) - (propagated-inputs + (arguments `(#:tests? #f)) ; FIXME: doctest packagedb propagation problem. + (inputs `(("ghc-base-orphans" ,ghc-base-orphans) ("ghc-transformers-compat" ,ghc-transformers-compat) ("ghc-bifunctors" ,ghc-bifunctors) ("ghc-comonad" ,ghc-comonad) ("ghc-contravariant" ,ghc-contravariant) - ("ghc-distributive" ,ghc-distributive))) - (arguments `(#:tests? #f)) ; FIXME: doctest packagedb propagation problem. - (inputs - `(("ghc-semigroups" ,ghc-semigroups) + ("ghc-distributive" ,ghc-distributive) + ("ghc-semigroups" ,ghc-semigroups) ("ghc-tagged" ,ghc-tagged))) (home-page "https://github.com/ekmett/semigroupoids") (synopsis "Semigroupoids operations for Haskell") @@ -4457,12 +4431,11 @@ just a @code{Semigroup} are added.") (base32 "184hcmhsznqrkmqlc1kza9pb5p591anva574ry8wrh81vqmhwfb5")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-void" ,ghc-void) ("ghc-transformers-compat" ,ghc-transformers-compat) - ("ghc-statevar" ,ghc-statevar))) - (inputs - `(("ghc-semigroups" ,ghc-semigroups))) + ("ghc-statevar" ,ghc-statevar) + ("ghc-semigroups" ,ghc-semigroups))) (home-page "https://github.com/ekmett/contravariant/") (synopsis "Contravariant functors") @@ -4484,12 +4457,11 @@ just a @code{Semigroup} are added.") (base32 "0gvpfi7s6ys4qha3y9a1zl1a15gf9cgg33wjb94ghg82ivcxnc3r")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-nats" ,ghc-nats) ("ghc-tagged" ,ghc-tagged) - ("ghc-unordered-containers" ,ghc-unordered-containers))) - (inputs - `(("ghc-text" ,ghc-text) + ("ghc-unordered-containers" ,ghc-unordered-containers) + ("ghc-text" ,ghc-text) ("ghc-hashable" ,ghc-hashable))) (home-page "https://github.com/ekmett/semigroups/") (synopsis "Semigroup operations for Haskell") @@ -4517,12 +4489,11 @@ semigroup.") (base32 "0sr8phvrb4ny8j1wzq55rdn8q4br23q4pw2j276npr844825jr9p")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-prelude-extras" ,ghc-prelude-extras) ("ghc-profunctors" ,ghc-profunctors) - ("ghc-exceptions" ,ghc-exceptions))) - (inputs - `(("ghc-bifunctors" ,ghc-bifunctors) + ("ghc-exceptions" ,ghc-exceptions) + ("ghc-bifunctors" ,ghc-bifunctors) ("ghc-comonad" ,ghc-comonad) ("ghc-distributive" ,ghc-distributive) ("ghc-mtl" ,ghc-mtl) @@ -4554,10 +4525,9 @@ definition of @code{Monad}.") (base32 "00p030iypjzjib8pxz1x6mxfi59wvyrwjj11zv9bh766dgkdbwjq")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-profunctors" ,ghc-profunctors))) (inputs - `(("ghc-comonad" ,ghc-comonad) + `(("ghc-profunctors" ,ghc-profunctors) + ("ghc-comonad" ,ghc-comonad) ("ghc-contravariant" ,ghc-contravariant) ("ghc-distributive" ,ghc-distributive) ("ghc-free" ,ghc-free) @@ -4587,12 +4557,13 @@ for Haskell.") (base32 "0kjk1861qcls8m8y7i55msfpprws5wk6c5mxzi35g2qbl2sih4p5")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-bytestring-builder" ,ghc-bytestring-builder) - ("ghc-auto-update" ,ghc-auto-update))) (inputs - `(("ghc-hspec" ,ghc-hspec) + `(("ghc-bytestring-builder" ,ghc-bytestring-builder) + ("ghc-auto-update" ,ghc-auto-update) ("ghc-text" ,ghc-text))) + (native-inputs + `(("hspec-discover" ,hspec-discover) + ("ghc-hspec" ,ghc-hspec))) (home-page "https://hackage.haskell.org/package/fast-logger") (synopsis "Fast logging system") (description "This library provides a fast logging system for Haskell.") @@ -4614,11 +4585,10 @@ for Haskell.") "1jbyhzbi2hfrfg7vbkpj6vriaap8cn99nnmzwcfscwaijz09jyrm")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: missing test framework - (propagated-inputs - `(("ghc-syb" ,ghc-syb) - ("ghc-paths" ,ghc-paths))) (inputs - `(("ghc-base-compat" ,ghc-base-compat) + `(("ghc-syb" ,ghc-syb) + ("ghc-paths" ,ghc-paths) + ("ghc-base-compat" ,ghc-base-compat) ("ghc-hunit" ,ghc-hunit) ("ghc-hspec" ,ghc-hspec) ("ghc-quickcheck" ,ghc-quickcheck) @@ -4649,11 +4619,10 @@ It is modeled after doctest for Python, see "1yz14a1rsgknwyl08n4kxrlc26hfwmb95a3c2drbnsgmhdyq7iap")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Missing testing libraries. - (propagated-inputs - `(("ghc-transformers-base" ,ghc-transformers-base) - ("ghc-monad-control" ,ghc-monad-control))) (inputs - `(("ghc-transformers-compat" ,ghc-transformers-compat) + `(("ghc-transformers-base" ,ghc-transformers-base) + ("ghc-monad-control" ,ghc-monad-control) + ("ghc-transformers-compat" ,ghc-transformers-compat) ("ghc-hunit" ,ghc-hunit))) (home-page "https://github.com/basvandijk/lifted-base") (synopsis "Lifted IO operations from the base library") @@ -4679,8 +4648,9 @@ Kaseorg.") (base32 "1pbn8ra3qhwvw07p375cdmp7jzlg07hgdcr4cpscz3h7b9sy7fiw")))) (build-system haskell-build-system) - (inputs - `(("ghc-hspec" ,ghc-hspec))) + (native-inputs + `(("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/word8") (synopsis "Word8 library for Haskell") (description "Word8 library to be used with @code{Data.ByteString}.") @@ -4723,10 +4693,9 @@ occurrences of a substring (the first in case of overlaps) with another.") (base32 "15rjxib5jmjq0hzj47x15kgp3awc73va4cy1pmpf7k3hvfv4qprn")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-quickcheck" ,ghc-quickcheck))) (inputs - `(("ghc-tagged" ,ghc-tagged) + `(("ghc-quickcheck" ,ghc-quickcheck) + ("ghc-tagged" ,ghc-tagged) ("ghc-tasty" ,ghc-tasty) ("ghc-random" ,ghc-random) ("ghc-ansi-terminal" ,ghc-ansi-terminal) @@ -4753,10 +4722,9 @@ Haskell test framework.") (base32 "0n7nll1sx75n3lffwhgnjrxdn0jz1g0921z9mj193fxqw0wz8axh")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-temporary" ,ghc-temporary))) (inputs - `(("ghc-tasty" ,ghc-tasty) + `(("ghc-temporary" ,ghc-temporary) + ("ghc-tasty" ,ghc-tasty) ("ghc-mtl" ,ghc-mtl) ("ghc-optparse-applicative" ,ghc-optparse-applicative) ("ghc-tagged" ,ghc-tagged) @@ -4788,7 +4756,7 @@ the correct result for the test.") (base32 "1chapivmmwsb1ghwagvdm80bfj3hdk75m94z4p212ng2i4ghpjkx")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-stm" ,ghc-stm) ("ghc-mtl" ,ghc-mtl) ("ghc-tagged" ,ghc-tagged) @@ -4843,10 +4811,9 @@ test framework.") (base32 "0b6ym6fn29p5az4dwydy036lxj131kagrmgb93w4bbkqfkds8b9s")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-old-locale" ,ghc-old-locale))) (inputs - `(("ghc-blaze-builder" ,ghc-blaze-builder) + `(("ghc-old-locale" ,ghc-old-locale) + ("ghc-blaze-builder" ,ghc-blaze-builder) ("ghc-text" ,ghc-text) ("ghc-data-default-class" ,ghc-data-default-class) ("ghc-hunit" ,ghc-hunit) @@ -4874,11 +4841,10 @@ test framework.") (base32 "0mimdkva0cgzaychr6whv9if29z0r5wwhkss9bmd4rz8kq1kgngn")))) (build-system haskell-build-system) - (propagated-inputs - `(("ghc-hashable" ,ghc-hashable) - ("ghc-vector" ,ghc-vector))) (inputs - `(("ghc-text" ,ghc-text) + `(("ghc-hashable" ,ghc-hashable) + ("ghc-vector" ,ghc-vector) + ("ghc-text" ,ghc-text) ("ghc-tasty" ,ghc-tasty) ("ghc-tasty-ant-xml" ,ghc-tasty-ant-xml) ("ghc-tasty-hunit" ,ghc-tasty-hunit) @@ -4911,16 +4877,15 @@ notation}.") "19kp33rfivr4d3myyr8xn803wd7p8x5nc4wb3qvlgjwgyqjaxvrz")))) (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: testing libraries are missing. - (propagated-inputs + (inputs `(("ghc-attoparsec" ,ghc-attoparsec) ("ghc-dlist" ,ghc-dlist) ("ghc-mtl" ,ghc-mtl) ("ghc-scientific" ,ghc-scientific) ("ghc-syb" ,ghc-syb) ("ghc-unordered-containers" ,ghc-unordered-containers) - ("ghc-vector" ,ghc-vector))) - (inputs - `(("ghc-hashable" ,ghc-hashable) + ("ghc-vector" ,ghc-vector) + ("ghc-hashable" ,ghc-hashable) ("ghc-text" ,ghc-text) ("ghc-hunit" ,ghc-hunit) ("ghc-quickcheck" ,ghc-quickcheck))) @@ -4979,18 +4944,19 @@ essentially the opposite of pretty-printing.") (base32 "1551n0g0n22vml33v0jz5xgjcy6j79algvsdqg11a1z5ljjrjlqf")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-bytestring-builder" ,ghc-bytestring-builder) ("ghc-unix-compat" ,ghc-unix-compat) ("ghc-vault" ,ghc-vault) ("ghc-blaze-builder" ,ghc-blaze-builder) - ("ghc-network" ,ghc-network))) - (inputs - `(("ghc-quickcheck" ,ghc-quickcheck) - ("ghc-hunit" ,ghc-hunit) - ("ghc-hspec" ,ghc-hspec) + ("ghc-network" ,ghc-network) ("ghc-text" ,ghc-text) ("ghc-http-types" ,ghc-http-types))) + (native-inputs + `(("hspec-discover" ,hspec-discover) + ("ghc-quickcheck" ,ghc-quickcheck) + ("ghc-hunit" ,ghc-hunit) + ("ghc-hspec" ,ghc-hspec))) (home-page "https://hackage.haskell.org/package/wai") (synopsis "Web application interface for Haskell") (description "This package provides a Web Application Interface (WAI) @@ -5015,13 +4981,12 @@ communication between web applications and web servers.") (build-system haskell-build-system) (arguments `(#:tests? #f)) ; FIXME: Tests cannot find libraries exported ; by propagated-inputs. - (propagated-inputs + (inputs `(("ghc-auto-update" ,ghc-auto-update) ("ghc-byteorder" ,ghc-byteorder) ("ghc-easy-file" ,ghc-easy-file) - ("ghc-unix-time" ,ghc-unix-time))) - (inputs - `(("ghc-blaze-builder" ,ghc-blaze-builder) + ("ghc-unix-time" ,ghc-unix-time) + ("ghc-blaze-builder" ,ghc-blaze-builder) ("ghc-case-insensitive" ,ghc-case-insensitive) ("ghc-fast-logger" ,ghc-fast-logger) ("ghc-http-types" ,ghc-http-types) @@ -5047,7 +5012,7 @@ communication between web applications and web servers.") (base32 "1kr2s5qyx1dvnwr372h7pca4sgxjv0pdx96xkgsfi180h3mb0vq8")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-ansi-terminal" ,ghc-ansi-terminal) ("ghc-base64-bytestring" ,ghc-base64-bytestring) ("ghc-cookie" ,ghc-cookie) @@ -5062,16 +5027,17 @@ communication between web applications and web servers.") ("ghc-zlib" ,ghc-zlib) ("ghc-word8" ,ghc-word8) ("ghc-iproute" ,ghc-iproute) - ("ghc-void" ,ghc-void))) - (inputs - `(("ghc-wai" ,ghc-wai) + ("ghc-void" ,ghc-void) + ("ghc-wai" ,ghc-wai) ("ghc-http-types" ,ghc-http-types) ("ghc-text" ,ghc-text) ("ghc-case-insensitive" ,ghc-case-insensitive) ("ghc-data-default-class" ,ghc-data-default-class) ("ghc-unix-compat" ,ghc-unix-compat) ("ghc-vault" ,ghc-vault) - ("ghc-aeson" ,ghc-aeson) + ("ghc-aeson" ,ghc-aeson))) + (native-inputs + `(("hspec-discover" ,hspec-discover) ("ghc-hspec" ,ghc-hspec) ("ghc-hunit" ,ghc-hunit))) (home-page "https://github.com/yesodweb/wai") @@ -5126,7 +5092,7 @@ providing an 'rnf' implementation.") (base32 "094mzgdxva84kcpjf9m8b5n3chm1wm44bzflh5x6xhddz6pb7zpq")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-syb" ,ghc-syb) ("ghc-aeson" ,ghc-aeson) ("ghc-deepseq-generics" ,ghc-deepseq-generics))) @@ -5150,7 +5116,7 @@ building up, manipulating and serialising @code{Pandoc} structures.") (base32 "143c8k7dyhwa9blpa8svy23ybx7i4xzb9jnfcimj8iigizbw7y1k")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-syb" ,ghc-syb) ("ghc-network-uri" ,ghc-network-uri) ("ghc-split" ,ghc-split) @@ -5184,7 +5150,7 @@ it can parse and apply LaTeX macros.") (base32 "0y7as9wqlkykpipka2cfdhmcnin345q01pp0wsva8fwmvsavdl8b")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-regex-base" ,ghc-regex-base))) (home-page "https://hackage.haskell.org/package/regex-pcre") (synopsis "Enhancement of the builtin Text.Regex library") @@ -5226,7 +5192,7 @@ and utilities for pretty printing.") (base32 "03c4flh4h1jd48bx0qmplax3q8w6wj1dhbh6j0xhaf5h95fbinki")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-diff" ,ghc-diff) ("ghc-regex-pcre-builtin" ,ghc-regex-pcre-builtin))) (native-inputs @@ -5257,7 +5223,7 @@ descriptions.") (base32 "09515h9b26az9c2mbl6l7azimaixa6yff8w359k0ml8jwykjvqaa")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text))) (native-inputs `(("ghc-hunit" ,ghc-hunit))) @@ -5305,7 +5271,7 @@ as invoked.\" This library tries to provide the missing path.") (base32 "16ax1kqdsk4apg642qxkm2hf9vb5hzmkd14zmkxra8ssp8rn28z5")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-lifted-base" ,ghc-lifted-base) ("ghc-monad-control" ,ghc-monad-control) ("ghc-async" ,ghc-async) @@ -5362,7 +5328,7 @@ asynchronous exceptions.") (base32 "13xdkk1chdghf059sfx8d3d8r0mj1dbzdi5kf2zf0mjmz3qq7m7k")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-packedstring" ,ghc-packedstring))) (home-page "https://github.com/mboes/th-lift") (synopsis "Derive Template Haskell's Lift class for datatypes") @@ -5384,7 +5350,7 @@ datatypes.") (base32 "03qv93pyqk8all39knsf0mzmbfdck5x61kqnyn8rbisw5c1ymx6j")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-syb" ,ghc-syb))) (home-page "https://hackage.haskell.org/package/th-expand-syns") (synopsis "Expands type synonyms in Template Haskell ASTs") @@ -5406,7 +5372,7 @@ datatypes.") (base32 "00hryljcs434wcv1vaamfdbjk857f46djxv7mlwplkl3zsmfhlfx")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-safe" ,ghc-safe) ("ghc-th-expand-syns" ,ghc-th-expand-syns))) @@ -5431,7 +5397,7 @@ function which generates instances.") (base32 "105y03bxh0a2r69l603i7md17gg1vxs1jj1n40pn5q486lmfxbmx")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-th-lift" ,ghc-th-lift) ("ghc-th-reify-many" ,ghc-th-reify-many) ("ghc-mtl" ,ghc-mtl) @@ -5460,7 +5426,7 @@ package, and that's where the version number started.") (base32 "1mzbfrfvl6pj8068w3m6alzry1403ir1gmz3czg66n5z198l4dql")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-haskell-src-exts" ,ghc-haskell-src-exts) ("ghc-syb" ,ghc-syb) ("ghc-th-orphans" ,ghc-th-orphans))) @@ -5483,7 +5449,7 @@ template-haskell abstract syntax.") (base32 "1z8kh3qjc4khadz1ijdqm7fbk7dh17sisqhpwd3c9aibj2927k9d")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-base-compat" ,ghc-base-compat) ("ghc-text" ,ghc-text) ("ghc-attoparsec" ,ghc-attoparsec) @@ -5493,7 +5459,8 @@ template-haskell abstract syntax.") ("ghc-parsec" ,ghc-parsec) ("ghc-haskell-src-meta" ,ghc-haskell-src-meta))) (native-inputs - `(("ghc-hspec" ,ghc-hspec))) + `(("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://github.com/zalora/aeson-qq") (synopsis "JSON quasiquoter for Haskell") (description @@ -5514,7 +5481,7 @@ of a JSON value into a @code{Data.Aeson.Value}.") (base32 "0aq6wswd5dkhdmy7sjhd99mldpq33dqpgbdcwpm94ahvckqxs7v5")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-exceptions" ,ghc-exceptions) ("ghc-lifted-base" ,ghc-lifted-base) ("ghc-mmorph" ,ghc-mmorph) @@ -5550,7 +5517,8 @@ enumerator/iteratee and pipes." ) "0zhdbjyj0j9by19rma9alxysrxnnl3s4kks4zk4bx0dg5xa0264y")))) (build-system haskell-build-system) (native-inputs - `(("ghc-hspec" ,ghc-hspec))) + `(("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/logging-facade") (synopsis "Simple logging abstraction that allows multiple back-ends") (description @@ -5570,11 +5538,12 @@ back-ends.") (base32 "0m0lp2z63sgkylz5318j53r5hnrkp705qh7nqbb149ir4gy7g1bg")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-temporary" ,ghc-temporary) ("ghc-logging-facade" ,ghc-logging-facade))) (native-inputs - `(("ghc-hspec" ,ghc-hspec))) + `(("ghc-hspec" ,ghc-hspec) + ("hspec-discover" ,hspec-discover))) (home-page "https://hackage.haskell.org/package/mockery") (synopsis "Support functions for automated testing") (description @@ -5593,7 +5562,7 @@ back-ends.") (base32 "0v6c435xmgm99zxb30pqr7lhkb2a56wxqp70g4hjz8p7rj0vichx")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-conduit" ,ghc-conduit) ("ghc-resourcet" ,ghc-resourcet) ("ghc-aeson" ,ghc-aeson) @@ -5608,6 +5577,7 @@ back-ends.") (native-inputs `(("ghc-hspec" ,ghc-hspec) ("ghc-hunit" ,ghc-hunit) + ("hspec-discover" ,hspec-discover) ("ghc-mockery" ,ghc-mockery))) (home-page "https://github.com/snoyberg/yaml/") (synopsis "Parsing and rendering YAML documents") @@ -5627,7 +5597,7 @@ back-ends.") (base32 "0ilqr8jv41zxcj5qyicg29m8s30b9v70x6f9h2h2rw5ap8bxldl8")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-unix-compat" ,ghc-unix-compat))) (home-page "https://github.com/bos/filemanip") @@ -5672,7 +5642,7 @@ do on-demand loading.") (base32 "0hxa57cdknz86zywpjwfbdhac5lmk7j0wd5hy4mcnb8mw6r2m592")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-zlib" ,ghc-zlib) ("ghc-vector" ,ghc-vector) @@ -5727,12 +5697,12 @@ libraries, like OpenSSL.") (arguments `(#:configure-flags '("-fsystem-lua"))) (inputs - `(("lua" ,lua-5.1))) - (propagated-inputs - `(("ghc-text" ,ghc-text))) + `(("lua" ,lua-5.1) + ("ghc-text" ,ghc-text))) (native-inputs `(("ghc-hspec" ,ghc-hspec) ("ghc-hspec-contrib" ,ghc-hspec-contrib) + ("hspec-discover" ,hspec-discover) ("ghc-hunit" ,ghc-hunit) ("ghc-quickcheck" ,ghc-quickcheck) ("ghc-quickcheck-instances" ,ghc-quickcheck-instances))) @@ -5756,7 +5726,7 @@ described in @url{http://www.lua.org/}.") (base32 "090z3dp928243amnc6s8g10rk2h2bprk9y138q6wj3cpflzr72pw")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text))) (home-page "https://github.com/yesodweb/wai") (synopsis "Basic MIME type handling types and functions") @@ -5779,7 +5749,7 @@ described in @url{http://www.lua.org/}.") (build-system haskell-build-system) ;; Tests require access to the web. (arguments `(#:tests? #f)) - (propagated-inputs + (inputs `(("ghc-text" ,ghc-text) ("ghc-http-types" ,ghc-http-types) ("ghc-blaze-builder" ,ghc-blaze-builder) @@ -5837,7 +5807,7 @@ wrapping a bytestring with stronger and more meaniful name.") (base32 "1xha17nwzxdjizbcp63d2142c6q051y77facs7xribgcl5iz2m4v")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-old-locale" ,ghc-old-locale))) (native-inputs @@ -5866,7 +5836,7 @@ representations of current time.") (base32 "162sk5sg22w21wqz5qv8kx6ibxp99v5p20g3nknhm1kddk3hha1p")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-base64-bytestring" ,ghc-base64-bytestring))) (native-inputs @@ -5895,7 +5865,7 @@ Mail} (PEM) format.") (base32 "1iif9yrh4mmj249gyvam0zb2vb3jnlz777gahh2z9sx00dsx9rja")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-memory" ,ghc-memory) ("ghc-hourglass" ,ghc-hourglass))) (home-page "https://github.com/vincenthz/hs-asn1-types") @@ -5918,7 +5888,7 @@ format.") (base32 "01ki5msrpccgdbdiaaa5a9zw0icp1hki4hca8qx6hzlp0rcf1mwh")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-hourglass" ,ghc-hourglass) ("ghc-asn1-types" ,ghc-asn1-types) ("ghc-text" ,ghc-text) @@ -5946,7 +5916,7 @@ supports for high level forms of ASN1 (BER, and DER).") (base32 "025prsihk5g6rdv9xlfmj0zpa0wa3qjzj5i4ilzvg7f6f3sji8y6")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-asn1-types" ,ghc-asn1-types) ("ghc-asn1-encoding" ,ghc-asn1-encoding))) (home-page "https://github.com/vincenthz/hs-asn1") @@ -5968,7 +5938,7 @@ when ASN1 pattern matching is not convenient.") (base32 "14yvlpli6cv6bn3kh8mlfp4x1l6ns4fvmfv6hmj75cvxyzq029d7")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-tasty" ,ghc-tasty) ("ghc-mtl" ,ghc-mtl) ("ghc-tasty-quickcheck" ,ghc-tasty-quickcheck) @@ -5993,7 +5963,7 @@ tasty.") (base32 "1rw5k34vpn4134yrzdhf0rsshsrkixfbv9ap18di2n00z2cw1shw")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-memory" ,ghc-memory) ("ghc-byteable" ,ghc-byteable))) (native-inputs @@ -6048,7 +6018,7 @@ set, memory copy, ..) and more") (base32 "1pmsby29abn485fvnymsgipvb3p1ch9c591xj5ncszkf0ivjiiin")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-memory" ,ghc-memory) ("ghc-mtl" ,ghc-mtl) ("ghc-hourglass" ,ghc-hourglass) @@ -6079,7 +6049,7 @@ set, memory copy, ..) and more") (base32 "01abx528i9f7djq2772xyna8x2mykrnwqkcfrapcx7z3bhprvml3")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-pem" ,ghc-pem) ("ghc-asn1-types" ,ghc-asn1-types) @@ -6106,7 +6076,7 @@ collections, certificates, revocation lists, and exception lists.") (base32 "1qr1v561hdlhjgqjv9pj9mbk0q1xf2mr1j67ghy93nlxxyzd7dw0")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-memory" ,ghc-memory) ("ghc-byteable" ,ghc-byteable) ("ghc-mtl" ,ghc-mtl) @@ -6138,7 +6108,7 @@ list validation.") (base32 "10qf60d2f9jqwnbrhsb2cwpi86xg66m6dxndlxw967v1cdb3h6gf")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-pem" ,ghc-pem) ("ghc-x509" ,ghc-x509) @@ -6162,7 +6132,7 @@ for X.509 certificates.") (base32 "1rdidf18i781c0vdvy9yn79yh08hmcacf6fp3sgghyiy3h0wyh5l")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-mtl" ,ghc-mtl) ("ghc-cereal" ,ghc-cereal) ("ghc-data-default-class" ,ghc-data-default-class) @@ -6205,7 +6175,7 @@ extensions.") (base32 "1nmldlwxqasmg359i2aa3a903gi3lmnlspvf12xk49jrg3mf3dg9")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-cereal" ,ghc-cereal) ("ghc-network" ,ghc-network))) (home-page "https://github.com/vincenthz/hs-socks") @@ -6227,7 +6197,7 @@ extensions.") (base32 "090il95jnm7ihwvcx3s9v6iwnp37nnsdx15q7722l845g51d95c8")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-byteable" ,ghc-byteable) ("ghc-data-default-class" ,ghc-data-default-class) ("ghc-network" ,ghc-network) @@ -6260,7 +6230,7 @@ the choice of SSL/TLS, and SOCKS.") (build-system haskell-build-system) ;; Tests require Internet access (arguments `(#:tests? #f)) - (propagated-inputs + (inputs `(("ghc-data-default-class" ,ghc-data-default-class) ("ghc-http-client" ,ghc-http-client) ("ghc-connection" ,ghc-connection) @@ -6290,7 +6260,7 @@ libraries, such as http-conduit.") (base32 "1v78zq12p71gq0pc24h08inxcq5gxd0xb7m5ds0xw9pv9l2pswl1")))) (build-system haskell-build-system) - (propagated-inputs + (inputs `(("ghc-syb" ,ghc-syb) ("ghc-unordered-containers" ,ghc-unordered-containers) ("ghc-parsec" ,ghc-parsec) @@ -6867,6 +6837,7 @@ Polymorphism', by Mark P Jones. This package is almost a compatible replacement the @code{mtl-tf} package.") (license license:bsd-3))) +;; Do not use this. Bytestring is a standard library and always included. (define-public ghc-bytestring (package (name "ghc-bytestring") -- cgit v1.2.3 From d79e8f65b5c0b9726bef4cc89e5fe95bc824b929 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Sat, 1 Oct 2016 17:02:32 +0200 Subject: gnu: ghc-process: Replace reference to /bin/sh. * gnu/packages/haskell.scm (ghc-process)[arguments]: Add phases "patch-reference-to-/bin/sh" to replace reference to /bin/sh. --- gnu/packages/haskell.scm | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm index d79dfd698b..cf17c4f3d8 100644 --- a/gnu/packages/haskell.scm +++ b/gnu/packages/haskell.scm @@ -6918,6 +6918,7 @@ supported. A module of colour names (\"Data.Colour.Names\") is provided.") files and directories in a portable way.") (license license:bsd-3))) +;; Do not use this as an input. It is part of GHC. (define-public ghc-process (package (name "ghc-process") @@ -6932,6 +6933,14 @@ files and directories in a portable way.") (base32 "1v1bav5isqxq9fc4lw714x94qbfsjbm2nn12kjp69r1ql8jaaaqw")))) (build-system haskell-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-reference-to-/bin/sh + (lambda _ + (substitute* "System/Process/Posix.hs" + (("/bin/sh") (which "sh"))) + #t))))) (home-page "http://hackage.haskell.org/package/process") (synopsis "System process libraries") (description -- cgit v1.2.3 From 92c03a871559590f7f3b0640e3a6cfd83c8044e6 Mon Sep 17 00:00:00 2001 From: Jan Nieuwenhuizen Date: Thu, 8 Sep 2016 01:20:43 +0200 Subject: services: Add rottlog. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/admin.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (Log Rotation): New node. Co-authored-by: Ludovic Courtès --- doc/guix.texi | 84 ++++++++++++++++++++++++++++++++++- gnu/local.mk | 1 + gnu/services/admin.scm | 117 +++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 201 insertions(+), 1 deletion(-) create mode 100644 gnu/services/admin.scm diff --git a/doc/guix.texi b/doc/guix.texi index f5bbb92c7c..b670823753 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -26,7 +26,8 @@ Copyright @copyright{} 2016 Ben Woodcroft@* Copyright @copyright{} 2016 Chris Marusich@* Copyright @copyright{} 2016 Efraim Flashner@* Copyright @copyright{} 2016 John Darrington@* -Copyright @copyright{} 2016 ng0 +Copyright @copyright{} 2016 ng0@* +Copyright @copyright{} 2016 Jan Nieuwenhuizen Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -213,6 +214,7 @@ Services * Base Services:: Essential system services. * Scheduled Job Execution:: The mcron service. +* Log Rotation:: The rottlog service. * Networking Services:: Network setup, SSH daemon, etc. * X Window:: Graphical display. * Desktop Services:: D-Bus and desktop services. @@ -7581,6 +7583,7 @@ declaration. @menu * Base Services:: Essential system services. * Scheduled Job Execution:: The mcron service. +* Log Rotation:: The rottlog service. * Networking Services:: Network setup, SSH daemon, etc. * X Window:: Graphical display. * Desktop Services:: D-Bus and desktop services. @@ -8055,6 +8058,85 @@ specifications,, mcron, GNU@tie{}mcron}). @end deftp +@node Log Rotation +@subsubsection Log Rotation + +@cindex rottlog +@cindex log rotation +Log files such as those found in @file{/var/log} tend to grow endlessly, +so it's a good idea to @dfn{rotate} them once in a while---i.e., archive +their contents in separate files, possibly compressed. The @code{(gnu +services admin)} module provides an interface to GNU@tie{}Rot[t]log, a +log rotation tool (@pxref{Top,,, rottlog, GNU Rot[t]log Manual}). + +The example below defines an operating system that provides log rotation +with the default settings. + +@lisp +(use-modules (guix) (gnu)) +(use-service-modules admin mcron) +(use-package-modules base idutils) + +(operating-system + ;; @dots{} + (services (cons* (mcron-service) + (service rottlog-service-type (rottlog-configuration)) + %base-services))) +@end lisp + +@defvr {Scheme Variable} rottlog-service-type +This is the type of the Rottlog service, whose value is a +@code{rottlog-configuration} object. + +This service type can define mcron jobs (@pxref{Scheduled Job +Execution}) to run the rottlog service. +@end defvr + +@deftp {Data Type} rottlog-configuration +Data type representing the configuration of rottlog. + +@table @asis +@item @code{rottlog} (default: @code{rottlog}) +The Rottlog package to use. + +@item @code{rc-file} (default: @code{(file-append rottlog "/etc/rc")}) +The Rottlog configuration file to use (@pxref{Mandatory RC Variables,,, +rottlog, GNU Rot[t]log Manual}). + +@item @code{periodic-rotations} (default: @code{`(("weekly" %default-rotatations))}) +A list of Rottlog period-name/period-config tuples. + +For example, taking an example from the Rottlog manual (@pxref{Period +Related File Examples,,, rottlog, GNU Rot[t]log Manual}), a valid tuple +might be: + +@example +("daily" ,(plain-file "daily" + "\ + /var/log/apache/* @{ + storedir apache-archives + rotate 6 + notifempty + nocompress + @}")) +@end example + +@item @code{jobs} +This is a list of gexps where each gexp corresponds to an mcron job +specification (@pxref{Scheduled Job Execution}). +@end table +@end deftp + +@defvr {Scheme Variable} %default-rotations +Specifies weekly rotation of @var{%rotated-files} and +@code{"/var/log/shepherd.log"}. +@end defvr + +@defvr {Scheme Variable} %rotated-files +The list of syslog-controlled files to be rotated. By default it is: +@code{'("/var/log/messages" "/var/log/secure")}. +@end defvr + @node Networking Services @subsubsection Networking Services diff --git a/gnu/local.mk b/gnu/local.mk index 4260a928e9..15647ce838 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -385,6 +385,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/zip.scm \ \ %D%/services.scm \ + %D%/services/admin.scm \ %D%/services/avahi.scm \ %D%/services/base.scm \ %D%/services/databases.scm \ diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm new file mode 100644 index 0000000000..6e04039fe6 --- /dev/null +++ b/gnu/services/admin.scm @@ -0,0 +1,117 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Jan Nieuwenhuizen +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of thye GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services admin) + #:use-module (gnu packages admin) + #:use-module (gnu packages base) + #:use-module (gnu services) + #:use-module (gnu services mcron) + #:use-module (gnu services shepherd) + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (srfi srfi-1) + #:export (%default-rotations + %rotated-files + rottlog-configuration + rottlog-configuration? + rottlog-service + rottlog-service-type)) + +;;; Commentary: +;;; +;;; This module implements configuration of rottlog by writing +;;; /etc/rottlog/{rc,hourly|daily|weekly}. Example usage +;;; +;;; (mcron-service) +;;; (service rottlog-service-type (rottlog-configuration)) +;;; +;;; Code: + +(define %rotated-files + '("/var/log/messages" "/var/log/secure")) + +(define (syslog-rotation-config file) + #~(#$file " { + sharedscripts + postrotate + " #$coreutils "/bin/kill -HUP $(cat /var/run/syslog.pid) 2> /dev/null + endscript +} +")) + +(define (simple-rotation-config file) + (string-append file " { + sharedscripts + postrotate + endscript +} +")) + +(define %default-rotations + `(("weekly" + ,(computed-file "rottlog.weekly" + #~(call-with-output-file #$output + (lambda (port) + (display + (string-join + (apply append '#$(map syslog-rotation-config + %rotated-files)) + "") + port) + (display #$(simple-rotation-config + "/var/log/shepherd.log") + port))))))) + +(define (default-jobs rottlog) + (list #~(job '(next-hour '(0)) ;midnight + (lambda () + (system* #$(file-append rottlog "/sbin/rottlog")))) + #~(job '(next-hour '(12)) ;noon + (lambda () + (system* #$(file-append rottlog "/sbin/rottlog")))))) + +(define-record-type* + rottlog-configuration make-rottlog-configuration + rottlog-configuration? + (rottlog rottlog-rottlog ;package + (default rottlog)) + (rc-file rottlog-rc-file ;file-like + (default (file-append rottlog "/etc/rc"))) + (periodic-rotations rottlog-periodic-rotations ;list of (name file) tuples + (default %default-rotations)) + (jobs rottlog-jobs ;list of + (default #f))) + +(define (rottlog-etc config) + `(("rottlog" ,(file-union "rottlog" + (cons `("rc" ,(rottlog-rc-file config)) + (rottlog-periodic-rotations config)))))) + +(define (rottlog-jobs-or-default config) + (or (rottlog-jobs config) + (default-jobs (rottlog-rottlog config)))) + +(define rottlog-service-type + (service-type + (name 'rottlog) + (extensions (list (service-extension etc-service-type rottlog-etc) + (service-extension mcron-service-type + rottlog-jobs-or-default))))) + +;;; admin.scm ends here -- cgit v1.2.3 From d8f3128119d32bcc186c8a1fe15b037bba25b4b8 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 2 Oct 2016 23:18:08 +0200 Subject: services: openssh-service-type: Expose 'openssh-configuration'. * gnu/services/ssh.scm (): Add default values. [pubkey-authentication?]: Rename to... [public-key-authentication?]: ... this. (openssh-service): Remove. * doc/guix.texi (Networking Services): Adjust accordingly. --- doc/guix.texi | 91 ++++++++++++++++++++++++++++++++++------------------ gnu/services/ssh.scm | 51 +++++++++++------------------ 2 files changed, 78 insertions(+), 64 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index b670823753..73570277f6 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8281,40 +8281,67 @@ root. The other options should be self-descriptive. @end deffn -@deffn {Scheme Procedure} openssh-service [#:pid-file "/var/run/sshd.pid"] @ - [#:port-number 22] [#:permit-root-login 'without-password] @ - [#:allow-empty-passwords #f] [#:password-authentication? #t] @ - [#:pubkey-authentication? #t] [#:rsa-authentication? #t] @ - [#:x11-forwarding? #f] [#:protocol-number "2"] -Run the @command{sshd} program from @var{openssh} on port -@var{port-number}. @command{sshd} runs an SSH daemon and writes its PID -to @var{pid-file}. It understands SSH protocol -@var{protocol-number}. The @var{protocol-number} can be either 1 or 2. - -@var{permit-root-login} takes one of @code{#t}, @code{'without-password} -and @code{#f}. It is used to allow root login through SSH. -@code{'without-password} means that root login is allowed, but not with -password-based authentication. - -When @var{allow-empty-passwords?} is true, users with empty passwords -may log in. When false, they may not. - -When @var{password-authentication?} is true, users may log in with their -password. When false, they have to use other means of authentication. - -When @var{pubkey-authentication?} is true, users may log in using public -key authentication. When false, users have to use other means of -authentication. Authorized public keys are stored in -@file{~/.ssh/authorized_keys}. This is used only by protocol version 2. - -When @var{rsa-authentication?} is true, users may log in using pure RSA -authentication. When false, users have to use other means of -authentication. This is used only by protocol 1. - -When @var{x11-forwarding?} is true, @command{ssh} options @option{-X} -and @option{-Y} will work. +@deffn {Scheme Variable} openssh-service-type +This is the type for the @uref{http://www.openssh.org, OpenSSH} secure +shell daemon, @command{sshd}. Its value must be an +@code{openssh-configuration} record as in this example: + +@example +(service openssh-service-type + (openssh-configuration + (x11-forwarding? #t) + (permit-root-login 'without-password))) +@end example + +See below for details about @code{openssh-configuration}. @end deffn +@deftp {Data Type} openssh-configuration +This is the configuration record for OpenSSH's @command{sshd}. + +@table @asis +@item @code{pid-file} (default: @code{"/var/run/sshd.pid"}) +Name of the file where @command{sshd} writes its PID. + +@item @code{port-number} (default: @code{22}) +TCP port on which @command{sshd} listens for incoming connections. + +@item @code{permit-root-login} (default: @code{#f}) +This field determines whether and when to allow logins as root. If +@code{#f}, root logins are disallowed; if @code{#t}, they are allowed. +If it's the symbol @code{'without-password}, then root logins are +permitted but not with password-based authentication. + +@item @code{allow-empty-passwords?} (default: @code{#f}) +When true, users with empty passwords may log in. When false, they may +not. + +@item @code{password-authentication?} (default: @code{#t}) +When true, users may log in with their password. When false, they have +other authentication methods. + +@item @code{public-key-authentication?} (default: @code{#t}) +When true, users may log in using public key authentication. When +false, users have to use other authentication method. + +Authorized public keys are stored in @file{~/.ssh/authorized_keys}. +This is used only by protocol version 2. + +@item @code{rsa-authentication?} (default: @code{#t}) +When true, users may log in using pure RSA authentication. When false, +users have to use other means of authentication. This is used only by +protocol 1. + +@item @code{x11-forwarding?} (default: @code{#f}) +When true, forwarding of X11 graphical client connections is +enabled---in other words, @command{ssh} options @option{-X} and +@option{-Y} will work. + +@item @code{protocol-number} (default: @code{2}) +The SSH protocol number to use. +@end table +@end deftp + @deffn {Scheme Procedure} dropbear-service [@var{config}] Run the @uref{https://matt.ucc.asn.au/dropbear/dropbear.html,Dropbear SSH daemon} with the given @var{config}, a @code{} diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 084f8fa4ea..6da612da67 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -50,7 +50,6 @@ ;;; ;;; Code: -;; TODO: Export. (define-record-type* lsh-configuration make-lsh-configuration lsh-configuration? @@ -261,15 +260,24 @@ The other options should be self-descriptive." (define-record-type* openssh-configuration make-openssh-configuration openssh-configuration? - (pid-file openssh-configuration-pid-file) ;string - (port-number openssh-configuration-port-number) ;integer - (permit-root-login openssh-configuration-permit-root-login) ;Boolean | 'without-password - (allow-empty-passwords? openssh-configuration-allow-empty-passwords?) ;Boolean - (password-authentication? openssh-configuration-password-authentication?) ;Boolean - (pubkey-authentication? openssh-configuration-pubkey-authentication?) ;Boolean - (rsa-authentication? openssh-configuration-rsa-authentication?) ;Boolean - (x11-forwarding? openssh-configuration-x11-forwarding?) ;Boolean - (protocol-number openssh-configuration-protocol-number)) ;integer + (pid-file openssh-configuration-pid-file + (default "/var/run/sshd.pid")) + (port-number openssh-configuration-port-number ;integer + (default 22)) + (permit-root-login openssh-configuration-permit-root-login ;Boolean | 'without-password + (default #f)) + (allow-empty-passwords? openssh-configuration-allow-empty-passwords? ;Boolean + (default #f)) + (password-authentication? openssh-configuration-password-authentication? ;Boolean + (default #t)) + (public-key-authentication? openssh-configuration-public-key-authentication? + (default #t)) ;Boolean + (rsa-authentication? openssh-configuration-rsa-authentication? ;Boolean + (default #t)) + (x11-forwarding? openssh-configuration-x11-forwarding? ;Boolean + (default #f)) + (protocol-number openssh-configuration-protocol-number ;integer + (default 2))) (define %openssh-accounts (list (user-group (name "sshd") (system? #t)) @@ -314,7 +322,7 @@ The other options should be self-descriptive." #$(if (openssh-configuration-password-authentication? config) "yes" "no")) (format port "PubkeyAuthentication ~a\n" - #$(if (openssh-configuration-pubkey-authentication? config) + #$(if (openssh-configuration-public-key-authentication? config) "yes" "no")) (format port "RSAAuthentication ~a\n" #$(if (openssh-configuration-rsa-authentication? config) @@ -354,27 +362,6 @@ The other options should be self-descriptive." (service-extension account-service-type (const %openssh-accounts)))))) -(define* (openssh-service #:key - (pid-file "/var/run/sshd.pid") - (port-number 22) - (permit-root-login 'without-password) - (allow-empty-passwords? #f) - (password-authentication? #t) - (pubkey-authentication? #t) - (rsa-authentication? #t) - (x11-forwarding? #f) - (protocol-number 2)) - (service openssh-service-type (openssh-configuration - (pid-file pid-file) - (port-number port-number) - (permit-root-login permit-root-login) - (allow-empty-passwords? allow-empty-passwords?) - (password-authentication? password-authentication?) - (pubkey-authentication? pubkey-authentication?) - (rsa-authentication? rsa-authentication?) - (x11-forwarding? x11-forwarding?) - (protocol-number protocol-number)))) - ;;; ;;; Dropbear. -- cgit v1.2.3 From d5b0c9024ed174907aed4816b2607ada814a035c Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 00:37:38 +0200 Subject: tests: Add 'openssh-service-type' test. * gnu/tests/ssh.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 3 +- gnu/tests/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 160 insertions(+), 1 deletion(-) create mode 100644 gnu/tests/ssh.scm diff --git a/gnu/local.mk b/gnu/local.mk index 15647ce838..7e6fa8d949 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -430,7 +430,8 @@ GNU_SYSTEM_MODULES = \ \ %D%/tests.scm \ %D%/tests/base.scm \ - %D%/tests/install.scm + %D%/tests/install.scm \ + %D%/tests/ssh.scm patchdir = $(guilemoduledir)/%D%/packages/patches diff --git a/gnu/tests/ssh.scm b/gnu/tests/ssh.scm new file mode 100644 index 0000000000..a9592d9fee --- /dev/null +++ b/gnu/tests/ssh.scm @@ -0,0 +1,158 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Ludovic Courtès +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu tests ssh) + #:use-module (gnu tests) + #:use-module (gnu system) + #:use-module (gnu system grub) + #:use-module (gnu system file-systems) + #:use-module (gnu system shadow) + #:use-module (gnu system vm) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services ssh) + #:use-module (gnu services networking) + #:use-module (gnu packages ssh) + #:use-module (guix gexp) + #:use-module (guix store) + #:use-module (guix monads) + #:export (%test-openssh)) + +(define %openssh-os + (operating-system + (host-name "komputilo") + (timezone "Europe/Berlin") + (locale "en_US.UTF-8") + + (bootloader (grub-configuration (device "/dev/sdX"))) + (file-systems %base-file-systems) + (firmware '()) + (users %base-user-accounts) + + ;; Allow root logins with an empty password to simplify testing. + (services (cons* (service openssh-service-type + (openssh-configuration + (permit-root-login #t) + (allow-empty-passwords? #t))) + (dhcp-client-service) + %base-services)))) + +(define (run-openssh-test name) + (mlet* %store-monad ((os -> (marionette-operating-system + %openssh-os + #:imported-modules '((gnu services herd) + (guix combinators)))) + (command (system-qemu-image/shared-store-script + os #:graphic? #f))) + (define test + (with-imported-modules '((gnu build marionette)) + #~(begin + (eval-when (expand load eval) + ;; Prepare to use Guile-SSH. + (set! %load-path + (cons (string-append #$guile-ssh "/share/guile/site/" + (effective-version)) + %load-path))) + + (use-modules (gnu build marionette) + (srfi srfi-64) + (ice-9 match) + (ssh session) + (ssh auth) + (ssh channel)) + + (define marionette + ;; Enable TCP forwarding of the guest's port 22. + (make-marionette (list #$command "-net" + "user,hostfwd=tcp::2222-:22"))) + + (define (wait-for-file file) + ;; Wait until FILE exists in the guest; 'read' its content and + ;; return it. + (marionette-eval + `(let loop ((i 10)) + (cond ((file-exists? ,file) + (call-with-input-file ,file read)) + ((> i 0) + (sleep 1) + (loop (- i 1))) + (else + (error "file didn't show up" ,file)))) + marionette)) + + (mkdir #$output) + (chdir #$output) + + (test-begin "openssh") + + ;; Wait for sshd to be up and running. + (test-eq "service running" + 'running! + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (start-service 'ssh-daemon) + 'running!) + marionette)) + + ;; Check sshd's PID file. + (test-equal "sshd PID" + (wait-for-file "/var/run/sshd.pid") + (marionette-eval + '(begin + (use-modules (gnu services herd) + (srfi srfi-1)) + + (live-service-running + (find (lambda (live) + (memq 'ssh-daemon + (live-service-provision live))) + (current-services)))) + marionette)) + + ;; Connect to the guest over SSH. We should be able to connect as + ;; "root" with an empty password. Make sure we can run a shell + ;; command there. + (test-equal "connect" + 'hello + (let* ((session (make-session #:user "root" + #:port 2222 #:host "localhost" + #:log-verbosity 'protocol))) + (match (connect! session) + ('ok + (match (pk 'auth (userauth-password! session "")) + ('success + ;; FIXME: 'get-server-public-key' segfaults. + ;; (get-server-public-key session) + (let ((channel (make-channel session))) + (channel-open-session channel) + (channel-request-exec channel + "echo hello > /root/witness") + (and (zero? (channel-get-exit-status channel)) + (wait-for-file "/root/witness"))))))))) + + (test-end) + (exit (= (test-runner-fail-count (test-runner-current)) 0))))) + + (gexp->derivation name test))) + +(define %test-openssh + (system-test + (name "openssh") + (description "Connect to a running OpenSSH daemon.") + (value (run-openssh-test name)))) -- cgit v1.2.3 From 4d67ed70a396ff0d374b93ed2b9eeccdc28c04b6 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 14:39:25 +0200 Subject: services: rottlog: Improve default weekly rotations. * gnu/services/admin.scm (%rotated-files): Add "/var/log/maillog". (syslog-rotation-config): Change parameter to 'files'. Return a string-append gexp for all of FILES. (simple-rotation-config): Remove unnecessary 'postrotate' and 'endscript'. (%default-rotations): Adjust accordingly. --- gnu/services/admin.scm | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm index 6e04039fe6..aeeec4e83b 100644 --- a/gnu/services/admin.scm +++ b/gnu/services/admin.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Jan Nieuwenhuizen +;;; Copyright © 2016 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -44,10 +45,12 @@ ;;; Code: (define %rotated-files - '("/var/log/messages" "/var/log/secure")) + ;; Syslog files subject to rotation. + '("/var/log/messages" "/var/log/secure" "/var/log/maillog")) -(define (syslog-rotation-config file) - #~(#$file " { +(define (syslog-rotation-config files) + #~(string-append #$(string-join files ",") + " { sharedscripts postrotate " #$coreutils "/bin/kill -HUP $(cat /var/run/syslog.pid) 2> /dev/null @@ -58,8 +61,6 @@ (define (simple-rotation-config file) (string-append file " { sharedscripts - postrotate - endscript } ")) @@ -68,12 +69,8 @@ ,(computed-file "rottlog.weekly" #~(call-with-output-file #$output (lambda (port) - (display - (string-join - (apply append '#$(map syslog-rotation-config - %rotated-files)) - "") - port) + (display #$(syslog-rotation-config %rotated-files) + port) (display #$(simple-rotation-config "/var/log/shepherd.log") port))))))) -- cgit v1.2.3 From 26cfc415be663d4c1c3ec6ce40afe7867a346a04 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 14:48:01 +0200 Subject: services: rottlog: Add Rottlog to the global profile. * gnu/services/admin.scm (rottlog-service-type): Extend PROFILE-SERVICE-TYPE. --- gnu/services/admin.scm | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm index aeeec4e83b..d8086b78d4 100644 --- a/gnu/services/admin.scm +++ b/gnu/services/admin.scm @@ -109,6 +109,11 @@ (name 'rottlog) (extensions (list (service-extension etc-service-type rottlog-etc) (service-extension mcron-service-type - rottlog-jobs-or-default))))) + rottlog-jobs-or-default) + + ;; Add Rottlog to the global profile so users can access + ;; the documentation. + (service-extension profile-service-type + (compose list rottlog-rottlog)))))) ;;; admin.scm ends here -- cgit v1.2.3 From 0e59885060df92bcfb1ee765dfbfdcf26dd67e08 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 15:14:46 +0200 Subject: tests: ssh: Generalize. * gnu/tests/ssh.scm (%openssh-os): Rename to... (%base-os): ... this. [services]: Remove 'openssh-service-type' instance. (os-with-service): New procedure. (run-openssh-test): Rename to... (run-ssh-test): ... this. Add 'ssh-service' and 'pid-file' parameters. Use 'os-with-service' to add SSH-SERVICE to %BASE-OS. Honor PID-FILE. (%test-openssh): Adjust accordingly. --- gnu/tests/ssh.scm | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/gnu/tests/ssh.scm b/gnu/tests/ssh.scm index a9592d9fee..bcf7c973c4 100644 --- a/gnu/tests/ssh.scm +++ b/gnu/tests/ssh.scm @@ -33,7 +33,7 @@ #:use-module (guix monads) #:export (%test-openssh)) -(define %openssh-os +(define %base-os (operating-system (host-name "komputilo") (timezone "Europe/Berlin") @@ -43,18 +43,22 @@ (file-systems %base-file-systems) (firmware '()) (users %base-user-accounts) + (services (cons (dhcp-client-service) + %base-services)))) - ;; Allow root logins with an empty password to simplify testing. - (services (cons* (service openssh-service-type - (openssh-configuration - (permit-root-login #t) - (allow-empty-passwords? #t))) - (dhcp-client-service) - %base-services)))) - -(define (run-openssh-test name) +(define (os-with-service service) + "Return a test operating system that runs SERVICE." + (operating-system + (inherit %base-os) + (services (cons service + (operating-system-user-services %base-os))))) + +(define (run-ssh-test name ssh-service pid-file) + "Run a test of an OS running SSH-SERVICE, which writes its PID to PID-FILE. +SSH-SERVICE must be configured to listen on port 22 and to allow for root and +empty-password logins." (mlet* %store-monad ((os -> (marionette-operating-system - %openssh-os + (os-with-service ssh-service) #:imported-modules '((gnu services herd) (guix combinators)))) (command (system-qemu-image/shared-store-script @@ -98,7 +102,7 @@ (mkdir #$output) (chdir #$output) - (test-begin "openssh") + (test-begin "ssh-daemon") ;; Wait for sshd to be up and running. (test-eq "service running" @@ -112,7 +116,7 @@ ;; Check sshd's PID file. (test-equal "sshd PID" - (wait-for-file "/var/run/sshd.pid") + (wait-for-file #$pid-file) (marionette-eval '(begin (use-modules (gnu services herd) @@ -155,4 +159,11 @@ (system-test (name "openssh") (description "Connect to a running OpenSSH daemon.") - (value (run-openssh-test name)))) + (value (run-ssh-test name + ;; Allow root logins with an empty password to + ;; simplify testing. + (service openssh-service-type + (openssh-configuration + (permit-root-login #t) + (allow-empty-passwords? #t))) + "/var/run/sshd.pid")))) -- cgit v1.2.3 From 2b4363891c70bbf641bff8ff0a6fb7526babd5b9 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 15:18:51 +0200 Subject: tests: ssh: Add Dropbear test. * gnu/tests/ssh.scm (run-ssh-test): Try authenticating with 'userauth-none!' when 'userauth-password!' fails. (%test-dropbear): New variable. --- gnu/tests/ssh.scm | 46 +++++++++++++++++++++++++++++++++++----------- 1 file changed, 35 insertions(+), 11 deletions(-) diff --git a/gnu/tests/ssh.scm b/gnu/tests/ssh.scm index bcf7c973c4..456476e69d 100644 --- a/gnu/tests/ssh.scm +++ b/gnu/tests/ssh.scm @@ -31,7 +31,8 @@ #:use-module (guix gexp) #:use-module (guix store) #:use-module (guix monads) - #:export (%test-openssh)) + #:export (%test-openssh + %test-dropbear)) (define %base-os (operating-system @@ -74,6 +75,7 @@ empty-password logins." %load-path))) (use-modules (gnu build marionette) + (srfi srfi-26) (srfi srfi-64) (ice-9 match) (ssh session) @@ -139,16 +141,27 @@ empty-password logins." #:log-verbosity 'protocol))) (match (connect! session) ('ok - (match (pk 'auth (userauth-password! session "")) - ('success - ;; FIXME: 'get-server-public-key' segfaults. - ;; (get-server-public-key session) - (let ((channel (make-channel session))) - (channel-open-session channel) - (channel-request-exec channel - "echo hello > /root/witness") - (and (zero? (channel-get-exit-status channel)) - (wait-for-file "/root/witness"))))))))) + ;; Try the simple authentication methods. Dropbear + ;; requires 'none' when there are no passwords, whereas + ;; OpenSSH accepts 'password' with an empty password. + (let loop ((methods (list (cut userauth-password! <> "") + (cut userauth-none! <>)))) + (match methods + (() + (error "all the authentication methods failed")) + ((auth rest ...) + (match (pk 'auth (auth session)) + ('success + ;; FIXME: 'get-server-public-key' segfaults. + ;; (get-server-public-key session) + (let ((channel (make-channel session))) + (channel-open-session channel) + (channel-request-exec channel + "echo hello > /root/witness") + (and (zero? (channel-get-exit-status channel)) + (wait-for-file "/root/witness")))) + ('denied + (loop rest)))))))))) (test-end) (exit (= (test-runner-fail-count (test-runner-current)) 0))))) @@ -167,3 +180,14 @@ empty-password logins." (permit-root-login #t) (allow-empty-passwords? #t))) "/var/run/sshd.pid")))) + +(define %test-dropbear + (system-test + (name "dropbear") + (description "Connect to a running Dropbear SSH daemon.") + (value (run-ssh-test name + (service dropbear-service-type + (dropbear-configuration + (root-login? #t) + (allow-empty-passwords? #t))) + "/var/run/dropbear.pid")))) -- cgit v1.2.3 From d223ac4acc51602e1be91d611ea2b4266edf6ee3 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 3 Oct 2016 15:24:21 +0200 Subject: tests: Adjust 'guix build -S' test for source-less packages. This is a followup to 8a54c0ec694ad6e22b155d167552b8fd0914e82d. * tests/guix-build.sh: Allow 'guix build -S' to succeed with source-less packages. Check that the result is the empty string. --- tests/guix-build.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/guix-build.sh b/tests/guix-build.sh index 9e9788bca0..e1ec560641 100644 --- a/tests/guix-build.sh +++ b/tests/guix-build.sh @@ -26,9 +26,9 @@ guix build --version if guix build -e +; then false; else true; fi -# Should fail because this is a source-less package. -if guix build -e '(@ (gnu packages bootstrap) %bootstrap-glibc)' -S -then false; else true; fi +# Source-less packages are accepted; they just return nothing. +guix build -e '(@ (gnu packages bootstrap) %bootstrap-glibc)' -S +test "`guix build -e '(@ (gnu packages bootstrap) %bootstrap-glibc)' -S`" = "" # Should pass. guix build -e '(@@ (gnu packages bootstrap) %bootstrap-guile)' | \ -- cgit v1.2.3 From 85358aef8e80d810405916f571816bd028c245b8 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 3 Oct 2016 14:38:17 -0400 Subject: gnu: perl-dbd-mysql: Update to 4.037 [fixes CVE-2016-1246]. * gnu/packages/databases.scm (perl-dbd-mysql): Update to 4.037. --- gnu/packages/databases.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index d517805f35..971c57c42d 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -777,7 +777,7 @@ columns, primary keys, unique constraints and relationships.") (define-public perl-dbd-mysql (package (name "perl-dbd-mysql") - (version "4.035") + (version "4.037") (source (origin (method url-fetch) @@ -785,7 +785,7 @@ columns, primary keys, unique constraints and relationships.") "DBD-mysql-" version ".tar.gz")) (sha256 (base32 - "0dqrnrk8yjl06xl8hld5wyalk77z0h9j5h1gdk4z9g0nx9js7v5p")))) + "1z1wxnzhxfr9awjqb1d8pz9hf50shbk9ip2jmsmgdlwfyb78lmyz")))) (build-system perl-build-system) ;; Tests require running MySQL server (arguments `(#:tests? #f)) -- cgit v1.2.3 From b38e97e03b92d54524953949934884828a1683c1 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sun, 2 Oct 2016 15:58:06 -0400 Subject: gnu: libarchive: Fix several security issues. * gnu/packages/backup.scm (libarchive)[replacement]: New field. (libarchive/fixed): New variable. * gnu/packages/patches/libarchive-7zip-heap-overflow.patch, gnu/packages/patches/libarchive-fix-symlink-check.patch, gnu/packages/patches/libarchive-fix-filesystem-attacks.patch, gnu/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. --- gnu/local.mk | 4 + gnu/packages/backup.scm | 12 + .../patches/libarchive-7zip-heap-overflow.patch | 77 ++++ .../libarchive-fix-filesystem-attacks.patch | 445 +++++++++++++++++++++ .../patches/libarchive-fix-symlink-check.patch | 60 +++ .../libarchive-safe_fprintf-buffer-overflow.patch | 44 ++ 6 files changed, 642 insertions(+) create mode 100644 gnu/packages/patches/libarchive-7zip-heap-overflow.patch create mode 100644 gnu/packages/patches/libarchive-fix-filesystem-attacks.patch create mode 100644 gnu/packages/patches/libarchive-fix-symlink-check.patch create mode 100644 gnu/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch diff --git a/gnu/local.mk b/gnu/local.mk index 7e6fa8d949..2637791b81 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -624,6 +624,10 @@ dist_patch_DATA = \ %D%/packages/patches/liba52-link-with-libm.patch \ %D%/packages/patches/liba52-set-soname.patch \ %D%/packages/patches/liba52-use-mtune-not-mcpu.patch \ + %D%/packages/patches/libarchive-7zip-heap-overflow.patch \ + %D%/packages/patches/libarchive-fix-symlink-check.patch \ + %D%/packages/patches/libarchive-fix-filesystem-attacks.patch \ + %D%/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch \ %D%/packages/patches/libbonobo-activation-test-race.patch \ %D%/packages/patches/libcanberra-sound-theme-freedesktop.patch \ %D%/packages/patches/libcmis-fix-test-onedrive.patch \ diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index c6f1321d77..797c06e149 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -172,6 +172,7 @@ backups (called chunks) to allow easy burning to CD/DVD.") (define-public libarchive (package (name "libarchive") + (replacement libarchive/fixed) (version "3.2.1") (source (origin @@ -227,6 +228,17 @@ archive. In particular, note that there is currently no built-in support for random access nor for in-place modification.") (license license:bsd-2))) +(define libarchive/fixed + (package + (inherit libarchive) + (source (origin + (inherit (package-source libarchive)) + (patches (search-patches + "libarchive-7zip-heap-overflow.patch" + "libarchive-fix-symlink-check.patch" + "libarchive-fix-filesystem-attacks.patch" + "libarchive-safe_fprintf-buffer-overflow.patch")))))) + (define-public rdup (package (name "rdup") diff --git a/gnu/packages/patches/libarchive-7zip-heap-overflow.patch b/gnu/packages/patches/libarchive-7zip-heap-overflow.patch new file mode 100644 index 0000000000..bef628f0a8 --- /dev/null +++ b/gnu/packages/patches/libarchive-7zip-heap-overflow.patch @@ -0,0 +1,77 @@ +Fix buffer overflow reading 7Zip files: + +https://github.com/libarchive/libarchive/issues/761 + +Patch copied from upstream repository: + +https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126 + +From 7f17c791dcfd8c0416e2cd2485b19410e47ef126 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 18 Sep 2016 18:14:58 -0700 +Subject: [PATCH] Issue 761: Heap overflow reading corrupted 7Zip files + +The sample file that demonstrated this had multiple 'EmptyStream' +attributes. The first one ended up being used to calculate +certain statistics, then was overwritten by the second which +was incompatible with those statistics. + +The fix here is to reject any header with multiple EmptyStream +attributes. While here, also reject headers with multiple +EmptyFile, AntiFile, Name, or Attributes markers. +--- + libarchive/archive_read_support_format_7zip.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/libarchive/archive_read_support_format_7zip.c b/libarchive/archive_read_support_format_7zip.c +index 1dfe52b..c0a536c 100644 +--- a/libarchive/archive_read_support_format_7zip.c ++++ b/libarchive/archive_read_support_format_7zip.c +@@ -2431,6 +2431,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h, + + switch (type) { + case kEmptyStream: ++ if (h->emptyStreamBools != NULL) ++ return (-1); + h->emptyStreamBools = calloc((size_t)zip->numFiles, + sizeof(*h->emptyStreamBools)); + if (h->emptyStreamBools == NULL) +@@ -2451,6 +2453,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h, + return (-1); + break; + } ++ if (h->emptyFileBools != NULL) ++ return (-1); + h->emptyFileBools = calloc(empty_streams, + sizeof(*h->emptyFileBools)); + if (h->emptyFileBools == NULL) +@@ -2465,6 +2469,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h, + return (-1); + break; + } ++ if (h->antiBools != NULL) ++ return (-1); + h->antiBools = calloc(empty_streams, + sizeof(*h->antiBools)); + if (h->antiBools == NULL) +@@ -2491,6 +2497,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h, + if ((ll & 1) || ll < zip->numFiles * 4) + return (-1); + ++ if (zip->entry_names != NULL) ++ return (-1); + zip->entry_names = malloc(ll); + if (zip->entry_names == NULL) + return (-1); +@@ -2543,6 +2551,8 @@ read_Header(struct archive_read *a, struct _7z_header_info *h, + if ((p = header_bytes(a, 2)) == NULL) + return (-1); + allAreDefined = *p; ++ if (h->attrBools != NULL) ++ return (-1); + h->attrBools = calloc((size_t)zip->numFiles, + sizeof(*h->attrBools)); + if (h->attrBools == NULL) +-- +2.10.0 + diff --git a/gnu/packages/patches/libarchive-fix-filesystem-attacks.patch b/gnu/packages/patches/libarchive-fix-filesystem-attacks.patch new file mode 100644 index 0000000000..bce63d5e4e --- /dev/null +++ b/gnu/packages/patches/libarchive-fix-filesystem-attacks.patch @@ -0,0 +1,445 @@ +This patch fixes two bugs that allow attackers to overwrite or change +the permissions of arbitrary files: + +https://github.com/libarchive/libarchive/issues/745 +https://github.com/libarchive/libarchive/issues/746 + +Patch copied from upstream repository: + +https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 + +From dfd6b54ce33960e420fb206d8872fb759b577ad9 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 11 Sep 2016 13:21:57 -0700 +Subject: [PATCH] Fixes for Issue #745 and Issue #746 from Doran Moppert. + +--- + libarchive/archive_write_disk_posix.c | 294 ++++++++++++++++++++++++++-------- + 1 file changed, 227 insertions(+), 67 deletions(-) + +diff --git a/libarchive/archive_write_disk_posix.c b/libarchive/archive_write_disk_posix.c +index 8f0421e..abe1a86 100644 +--- a/libarchive/archive_write_disk_posix.c ++++ b/libarchive/archive_write_disk_posix.c +@@ -326,12 +326,14 @@ struct archive_write_disk { + + #define HFS_BLOCKS(s) ((s) >> 12) + ++static int check_symlinks_fsobj(char *path, int *error_number, struct archive_string *error_string, int flags); + static int check_symlinks(struct archive_write_disk *); + static int create_filesystem_object(struct archive_write_disk *); + static struct fixup_entry *current_fixup(struct archive_write_disk *, const char *pathname); + #if defined(HAVE_FCHDIR) && defined(PATH_MAX) + static void edit_deep_directories(struct archive_write_disk *ad); + #endif ++static int cleanup_pathname_fsobj(char *path, int *error_number, struct archive_string *error_string, int flags); + static int cleanup_pathname(struct archive_write_disk *); + static int create_dir(struct archive_write_disk *, char *); + static int create_parent_dir(struct archive_write_disk *, char *); +@@ -2014,6 +2016,10 @@ create_filesystem_object(struct archive_write_disk *a) + const char *linkname; + mode_t final_mode, mode; + int r; ++ /* these for check_symlinks_fsobj */ ++ char *linkname_copy; /* non-const copy of linkname */ ++ struct archive_string error_string; ++ int error_number; + + /* We identify hard/symlinks according to the link names. */ + /* Since link(2) and symlink(2) don't handle modes, we're done here. */ +@@ -2022,6 +2028,27 @@ create_filesystem_object(struct archive_write_disk *a) + #if !HAVE_LINK + return (EPERM); + #else ++ archive_string_init(&error_string); ++ linkname_copy = strdup(linkname); ++ if (linkname_copy == NULL) { ++ return (EPERM); ++ } ++ /* TODO: consider using the cleaned-up path as the link target? */ ++ r = cleanup_pathname_fsobj(linkname_copy, &error_number, &error_string, a->flags); ++ if (r != ARCHIVE_OK) { ++ archive_set_error(&a->archive, error_number, "%s", error_string.s); ++ free(linkname_copy); ++ /* EPERM is more appropriate than error_number for our callers */ ++ return (EPERM); ++ } ++ r = check_symlinks_fsobj(linkname_copy, &error_number, &error_string, a->flags); ++ if (r != ARCHIVE_OK) { ++ archive_set_error(&a->archive, error_number, "%s", error_string.s); ++ free(linkname_copy); ++ /* EPERM is more appropriate than error_number for our callers */ ++ return (EPERM); ++ } ++ free(linkname_copy); + r = link(linkname, a->name) ? errno : 0; + /* + * New cpio and pax formats allow hardlink entries +@@ -2362,115 +2389,228 @@ current_fixup(struct archive_write_disk *a, const char *pathname) + * recent paths. + */ + /* TODO: Extend this to support symlinks on Windows Vista and later. */ ++ ++/* ++ * Checks the given path to see if any elements along it are symlinks. Returns ++ * ARCHIVE_OK if there are none, otherwise puts an error in errmsg. ++ */ + static int +-check_symlinks(struct archive_write_disk *a) ++check_symlinks_fsobj(char *path, int *error_number, struct archive_string *error_string, int flags) + { + #if !defined(HAVE_LSTAT) + /* Platform doesn't have lstat, so we can't look for symlinks. */ + (void)a; /* UNUSED */ ++ (void)path; /* UNUSED */ ++ (void)error_number; /* UNUSED */ ++ (void)error_string; /* UNUSED */ ++ (void)flags; /* UNUSED */ + return (ARCHIVE_OK); + #else +- char *pn; ++ int res = ARCHIVE_OK; ++ char *tail; ++ char *head; ++ int last; + char c; + int r; + struct stat st; ++ int restore_pwd; ++ ++ /* Nothing to do here if name is empty */ ++ if(path[0] == '\0') ++ return (ARCHIVE_OK); + + /* + * Guard against symlink tricks. Reject any archive entry whose + * destination would be altered by a symlink. ++ * ++ * Walk the filename in chunks separated by '/'. For each segment: ++ * - if it doesn't exist, continue ++ * - if it's symlink, abort or remove it ++ * - if it's a directory and it's not the last chunk, cd into it ++ * As we go: ++ * head points to the current (relative) path ++ * tail points to the temporary \0 terminating the segment we're currently examining ++ * c holds what used to be in *tail ++ * last is 1 if this is the last tail + */ +- /* Whatever we checked last time doesn't need to be re-checked. */ +- pn = a->name; +- if (archive_strlen(&(a->path_safe)) > 0) { +- char *p = a->path_safe.s; +- while ((*pn != '\0') && (*p == *pn)) +- ++p, ++pn; +- } ++ restore_pwd = open(".", O_RDONLY | O_BINARY | O_CLOEXEC); ++ __archive_ensure_cloexec_flag(restore_pwd); ++ if (restore_pwd < 0) ++ return (ARCHIVE_FATAL); ++ head = path; ++ tail = path; ++ last = 0; ++ /* TODO: reintroduce a safe cache here? */ + /* Skip the root directory if the path is absolute. */ +- if(pn == a->name && pn[0] == '/') +- ++pn; +- c = pn[0]; +- /* Keep going until we've checked the entire name. */ +- while (pn[0] != '\0' && (pn[0] != '/' || pn[1] != '\0')) { ++ if(tail == path && tail[0] == '/') ++ ++tail; ++ /* Keep going until we've checked the entire name. ++ * head, tail, path all alias the same string, which is ++ * temporarily zeroed at tail, so be careful restoring the ++ * stashed (c=tail[0]) for error messages. ++ * Exiting the loop with break is okay; continue is not. ++ */ ++ while (!last) { ++ /* Skip the separator we just consumed, plus any adjacent ones */ ++ while (*tail == '/') ++ ++tail; + /* Skip the next path element. */ +- while (*pn != '\0' && *pn != '/') +- ++pn; +- c = pn[0]; +- pn[0] = '\0'; ++ while (*tail != '\0' && *tail != '/') ++ ++tail; ++ /* is this the last path component? */ ++ last = (tail[0] == '\0') || (tail[0] == '/' && tail[1] == '\0'); ++ /* temporarily truncate the string here */ ++ c = tail[0]; ++ tail[0] = '\0'; + /* Check that we haven't hit a symlink. */ +- r = lstat(a->name, &st); ++ r = lstat(head, &st); + if (r != 0) { ++ tail[0] = c; + /* We've hit a dir that doesn't exist; stop now. */ + if (errno == ENOENT) { + break; + } else { +- /* Note: This effectively disables deep directory ++ /* Treat any other error as fatal - best to be paranoid here ++ * Note: This effectively disables deep directory + * support when security checks are enabled. + * Otherwise, very long pathnames that trigger + * an error here could evade the sandbox. + * TODO: We could do better, but it would probably + * require merging the symlink checks with the + * deep-directory editing. */ +- return (ARCHIVE_FAILED); ++ if (error_number) *error_number = errno; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Could not stat %s", ++ path); ++ res = ARCHIVE_FAILED; ++ break; ++ } ++ } else if (S_ISDIR(st.st_mode)) { ++ if (!last) { ++ if (chdir(head) != 0) { ++ tail[0] = c; ++ if (error_number) *error_number = errno; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Could not chdir %s", ++ path); ++ res = (ARCHIVE_FATAL); ++ break; ++ } ++ /* Our view is now from inside this dir: */ ++ head = tail + 1; + } + } else if (S_ISLNK(st.st_mode)) { +- if (c == '\0') { ++ if (last) { + /* + * Last element is symlink; remove it + * so we can overwrite it with the + * item being extracted. + */ +- if (unlink(a->name)) { +- archive_set_error(&a->archive, errno, +- "Could not remove symlink %s", +- a->name); +- pn[0] = c; +- return (ARCHIVE_FAILED); ++ if (unlink(head)) { ++ tail[0] = c; ++ if (error_number) *error_number = errno; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Could not remove symlink %s", ++ path); ++ res = ARCHIVE_FAILED; ++ break; + } +- a->pst = NULL; + /* + * Even if we did remove it, a warning + * is in order. The warning is silly, + * though, if we're just replacing one + * symlink with another symlink. + */ +- if (!S_ISLNK(a->mode)) { +- archive_set_error(&a->archive, 0, +- "Removing symlink %s", +- a->name); ++ tail[0] = c; ++ /* FIXME: not sure how important this is to restore ++ if (!S_ISLNK(path)) { ++ if (error_number) *error_number = 0; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Removing symlink %s", ++ path); + } ++ */ + /* Symlink gone. No more problem! */ +- pn[0] = c; +- return (0); +- } else if (a->flags & ARCHIVE_EXTRACT_UNLINK) { ++ res = ARCHIVE_OK; ++ break; ++ } else if (flags & ARCHIVE_EXTRACT_UNLINK) { + /* User asked us to remove problems. */ +- if (unlink(a->name) != 0) { +- archive_set_error(&a->archive, 0, +- "Cannot remove intervening symlink %s", +- a->name); +- pn[0] = c; +- return (ARCHIVE_FAILED); ++ if (unlink(head) != 0) { ++ tail[0] = c; ++ if (error_number) *error_number = 0; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Cannot remove intervening symlink %s", ++ path); ++ res = ARCHIVE_FAILED; ++ break; + } +- a->pst = NULL; ++ tail[0] = c; + } else { +- archive_set_error(&a->archive, 0, +- "Cannot extract through symlink %s", +- a->name); +- pn[0] = c; +- return (ARCHIVE_FAILED); ++ tail[0] = c; ++ if (error_number) *error_number = 0; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Cannot extract through symlink %s", ++ path); ++ res = ARCHIVE_FAILED; ++ break; + } + } +- pn[0] = c; +- if (pn[0] != '\0') +- pn++; /* Advance to the next segment. */ ++ /* be sure to always maintain this */ ++ tail[0] = c; ++ if (tail[0] != '\0') ++ tail++; /* Advance to the next segment. */ + } +- pn[0] = c; +- /* We've checked and/or cleaned the whole path, so remember it. */ +- archive_strcpy(&a->path_safe, a->name); +- return (ARCHIVE_OK); ++ /* Catches loop exits via break */ ++ tail[0] = c; ++#ifdef HAVE_FCHDIR ++ /* If we changed directory above, restore it here. */ ++ if (restore_pwd >= 0) { ++ r = fchdir(restore_pwd); ++ if (r != 0) { ++ if(error_number) *error_number = errno; ++ if(error_string) ++ archive_string_sprintf(error_string, ++ "chdir() failure"); ++ } ++ close(restore_pwd); ++ restore_pwd = -1; ++ if (r != 0) { ++ res = (ARCHIVE_FATAL); ++ } ++ } ++#endif ++ /* TODO: reintroduce a safe cache here? */ ++ return res; + #endif + } + ++/* ++ * Check a->name for symlinks, returning ARCHIVE_OK if its clean, otherwise ++ * calls archive_set_error and returns ARCHIVE_{FATAL,FAILED} ++ */ ++static int ++check_symlinks(struct archive_write_disk *a) ++{ ++ struct archive_string error_string; ++ int error_number; ++ int rc; ++ archive_string_init(&error_string); ++ rc = check_symlinks_fsobj(a->name, &error_number, &error_string, a->flags); ++ if (rc != ARCHIVE_OK) { ++ archive_set_error(&a->archive, error_number, "%s", error_string.s); ++ } ++ archive_string_free(&error_string); ++ a->pst = NULL; /* to be safe */ ++ return rc; ++} ++ ++ + #if defined(__CYGWIN__) + /* + * 1. Convert a path separator from '\' to '/' . +@@ -2544,15 +2684,17 @@ cleanup_pathname_win(struct archive_write_disk *a) + * is set) if the path is absolute. + */ + static int +-cleanup_pathname(struct archive_write_disk *a) ++cleanup_pathname_fsobj(char *path, int *error_number, struct archive_string *error_string, int flags) + { + char *dest, *src; + char separator = '\0'; + +- dest = src = a->name; ++ dest = src = path; + if (*src == '\0') { +- archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, +- "Invalid empty pathname"); ++ if (error_number) *error_number = ARCHIVE_ERRNO_MISC; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Invalid empty pathname"); + return (ARCHIVE_FAILED); + } + +@@ -2561,9 +2703,11 @@ cleanup_pathname(struct archive_write_disk *a) + #endif + /* Skip leading '/'. */ + if (*src == '/') { +- if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { +- archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, +- "Path is absolute"); ++ if (flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { ++ if (error_number) *error_number = ARCHIVE_ERRNO_MISC; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Path is absolute"); + return (ARCHIVE_FAILED); + } + +@@ -2590,10 +2734,11 @@ cleanup_pathname(struct archive_write_disk *a) + } else if (src[1] == '.') { + if (src[2] == '/' || src[2] == '\0') { + /* Conditionally warn about '..' */ +- if (a->flags & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { +- archive_set_error(&a->archive, +- ARCHIVE_ERRNO_MISC, +- "Path contains '..'"); ++ if (flags & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { ++ if (error_number) *error_number = ARCHIVE_ERRNO_MISC; ++ if (error_string) ++ archive_string_sprintf(error_string, ++ "Path contains '..'"); + return (ARCHIVE_FAILED); + } + } +@@ -2624,7 +2769,7 @@ cleanup_pathname(struct archive_write_disk *a) + * We've just copied zero or more path elements, not including the + * final '/'. + */ +- if (dest == a->name) { ++ if (dest == path) { + /* + * Nothing got copied. The path must have been something + * like '.' or '/' or './' or '/././././/./'. +@@ -2639,6 +2784,21 @@ cleanup_pathname(struct archive_write_disk *a) + return (ARCHIVE_OK); + } + ++static int ++cleanup_pathname(struct archive_write_disk *a) ++{ ++ struct archive_string error_string; ++ int error_number; ++ int rc; ++ archive_string_init(&error_string); ++ rc = cleanup_pathname_fsobj(a->name, &error_number, &error_string, a->flags); ++ if (rc != ARCHIVE_OK) { ++ archive_set_error(&a->archive, error_number, "%s", error_string.s); ++ } ++ archive_string_free(&error_string); ++ return rc; ++} ++ + /* + * Create the parent directory of the specified path, assuming path + * is already in mutable storage. diff --git a/gnu/packages/patches/libarchive-fix-symlink-check.patch b/gnu/packages/patches/libarchive-fix-symlink-check.patch new file mode 100644 index 0000000000..f042c31a84 --- /dev/null +++ b/gnu/packages/patches/libarchive-fix-symlink-check.patch @@ -0,0 +1,60 @@ +Make sure to check for symlinks even if the pathname is very long: + +https://github.com/libarchive/libarchive/issues/744 + +Patch copied from upstream repository: + +https://github.com/libarchive/libarchive/commit/1fa9c7bf90f0862036a99896b0501c381584451a + +From 1fa9c7bf90f0862036a99896b0501c381584451a Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 21 Aug 2016 17:11:45 -0700 +Subject: [PATCH] Issue #744 (part of Issue #743): Enforce sandbox with very + long pathnames + +Because check_symlinks is handled separately from the deep-directory +support, very long pathnames cause problems. Previously, the code +ignored most failures to lstat() a path component. In particular, +this led to check_symlinks always passing for very long paths, which +in turn provides a way to evade the symlink checks in the sandboxing +code. + +We now fail on unrecognized lstat() failures, which plugs this +hole at the cost of disabling deep directory support when the +user requests sandboxing. + +TODO: This probably cannot be completely fixed without +entirely reimplementing the deep directory support to +integrate the symlink checks. I want to reimplement the +deep directory hanlding someday anyway; openat() and +related system calls now provide a much cleaner way to +handle deep directories than the chdir approach used by this +code. +--- + libarchive/archive_write_disk_posix.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/libarchive/archive_write_disk_posix.c b/libarchive/archive_write_disk_posix.c +index 39ee3b6..8f0421e 100644 +--- a/libarchive/archive_write_disk_posix.c ++++ b/libarchive/archive_write_disk_posix.c +@@ -2401,8 +2401,18 @@ check_symlinks(struct archive_write_disk *a) + r = lstat(a->name, &st); + if (r != 0) { + /* We've hit a dir that doesn't exist; stop now. */ +- if (errno == ENOENT) ++ if (errno == ENOENT) { + break; ++ } else { ++ /* Note: This effectively disables deep directory ++ * support when security checks are enabled. ++ * Otherwise, very long pathnames that trigger ++ * an error here could evade the sandbox. ++ * TODO: We could do better, but it would probably ++ * require merging the symlink checks with the ++ * deep-directory editing. */ ++ return (ARCHIVE_FAILED); ++ } + } else if (S_ISLNK(st.st_mode)) { + if (c == '\0') { + /* diff --git a/gnu/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch b/gnu/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch new file mode 100644 index 0000000000..0e70ac90ce --- /dev/null +++ b/gnu/packages/patches/libarchive-safe_fprintf-buffer-overflow.patch @@ -0,0 +1,44 @@ +Fixes this buffer overflow: +https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a + +Patch copied from upstream source repository: +https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a + +From e37b620fe8f14535d737e89a4dcabaed4517bf1a Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 21 Aug 2016 10:51:43 -0700 +Subject: [PATCH] Issue #767: Buffer overflow printing a filename + +The safe_fprintf function attempts to ensure clean output for an +arbitrary sequence of bytes by doing a trial conversion of the +multibyte characters to wide characters -- if the resulting wide +character is printable then we pass through the corresponding bytes +unaltered, otherwise, we convert them to C-style ASCII escapes. + +The stack trace in Issue #767 suggest that the 20-byte buffer +was getting overflowed trying to format a non-printable multibyte +character. This should only happen if there is a valid multibyte +character of more than 5 bytes that was unprintable. (Each byte +would get expanded to a four-charcter octal-style escape of the form +"\123" resulting in >20 characters for the >5 byte multibyte character.) + +I've not been able to reproduce this, but have expanded the conversion +buffer to 128 bytes on the belief that no multibyte character set +has a single character of more than 32 bytes. +--- + tar/util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tar/util.c b/tar/util.c +index 9ff22f2..2b4aebe 100644 +--- a/tar/util.c ++++ b/tar/util.c +@@ -182,7 +182,7 @@ safe_fprintf(FILE *f, const char *fmt, ...) + } + + /* If our output buffer is full, dump it and keep going. */ +- if (i > (sizeof(outbuff) - 20)) { ++ if (i > (sizeof(outbuff) - 128)) { + outbuff[i] = '\0'; + fprintf(f, "%s", outbuff); + i = 0; -- cgit v1.2.3