diff options
| author | Christopher Baines <mail@cbaines.net> | 2020-11-29 14:19:55 +0000 |
|---|---|---|
| committer | Christopher Baines <mail@cbaines.net> | 2020-11-29 17:34:18 +0000 |
| commit | ff01206345e2306cc633db48e0b29eab9077091a (patch) | |
| tree | 25c7ee17005dadc9bf4fae3f0873e03a4704f782 /etc | |
| parent | ed2545f0fa0e2ad99d5a0c45f532c539b299b9fb (diff) | |
| parent | 7c2e67400ffaef8eb6f30ef7126c976ee3d7e36c (diff) | |
| download | guix-ff01206345e2306cc633db48e0b29eab9077091a.tar.gz | |
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/guix-daemon.cil.in | 205 | ||||
| -rwxr-xr-x | etc/guix-install.sh | 6 | ||||
| -rw-r--r-- | etc/news.scm | 193 | ||||
| -rw-r--r-- | etc/release-manifest.scm | 10 | ||||
| -rw-r--r-- | etc/snippets/text-mode/guix-commit-message-add-cl-package | 15 | ||||
| -rw-r--r-- | etc/snippets/text-mode/guix-commit-message-add-package | 2 |
6 files changed, 409 insertions, 22 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in index e0c9113498..cc8999d9a8 100644 --- a/etc/guix-daemon.cil.in +++ b/etc/guix-daemon.cil.in @@ -1,6 +1,8 @@ ; -*- lisp -*- ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2020 Daniel Brooks <db48x@db48x.net> +;;; Copyright © 2020 Marius Bakke <marius@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -21,6 +23,18 @@ ;; Intermediate Language (CIL). It refers to types that must be defined in ;; the system's base policy. +;; If you, like me, need advice about fixing an SELinux policy, I recommend +;; reading https://danwalsh.livejournal.com/55324.html + +;; In particular, you can run semanage permissive -a guix_daemon.guix_daemon_t +;; to allow guix-daemon to do whatever it wants. SELinux will still check its +;; permissions, and when it doesn't have permission it will still send an +;; audit message to your system logs. This lets you know what permissions it +;; ought to have. Use ausearch --raw to find the permissions violations, then +;; pipe that to audit2allow to generate an updated policy. You'll still need +;; to translate that policy into CIL in order to update this file, but that's +;; fairly straight-forward. Annoying, but easy. + (block guix_daemon ;; Require existing types (typeattributeset cil_gen_require init_t) @@ -34,14 +48,19 @@ (roletype object_r guix_daemon_t) (type guix_daemon_conf_t) (roletype object_r guix_daemon_conf_t) + (typeattributeset file_type guix_daemon_conf_t) (type guix_daemon_exec_t) (roletype object_r guix_daemon_exec_t) + (typeattributeset file_type guix_daemon_exec_t) (type guix_daemon_socket_t) (roletype object_r guix_daemon_socket_t) + (typeattributeset file_type guix_daemon_socket_t) (type guix_store_content_t) (roletype object_r guix_store_content_t) + (typeattributeset file_type guix_store_content_t) (type guix_profiles_t) (roletype object_r guix_profiles_t) + (typeattributeset file_type guix_profiles_t) ;; These types are domains, thereby allowing process rules (typeattributeset domain (guix_daemon_t guix_daemon_exec_t)) @@ -55,6 +74,30 @@ (typetransition guix_store_content_t guix_daemon_exec_t process guix_daemon_t) + (roletype system_r guix_daemon_t) + + ;; allow init_t to read and execute guix files + (allow init_t + guix_profiles_t + (lnk_file (read))) + (allow init_t + guix_daemon_exec_t + (file (execute))) + (allow init_t + guix_daemon_t + (process (transition))) + (allow init_t + guix_store_content_t + (lnk_file (read))) + (allow init_t + guix_store_content_t + (file (open read execute))) + + ;; guix-daemon needs to know the names of users + (allow guix_daemon_t + passwd_file_t + (file (getattr open read))) + ;; Permit communication with NSCD (allow guix_daemon_t nscd_var_run_t @@ -71,25 +114,46 @@ (allow guix_daemon_t nscd_t (unix_stream_socket (connectto))) + (allow guix_daemon_t nscd_t + (nscd (getgrp gethost getpwd getserv shmemgrp shmemhost shmempwd shmemserv))) + + ;; permit downloading packages via HTTP(s) + (allow guix_daemon_t http_port_t + (tcp_socket (name_connect))) + (allow guix_daemon_t ftp_port_t + (tcp_socket (name_connect))) + (allow guix_daemon_t ephemeral_port_t + (tcp_socket (name_connect))) ;; Permit logging and temp file access (allow guix_daemon_t tmp_t - (lnk_file (setattr unlink))) + (lnk_file (create rename setattr unlink))) + (allow guix_daemon_t + tmp_t + (file (link + rename create execute execute_no_trans write + unlink setattr map relabelto relabelfrom))) + (allow guix_daemon_t + tmp_t + (fifo_file (open read write create getattr ioctl setattr unlink))) (allow guix_daemon_t tmp_t - (dir (create - rmdir + (dir (create rename + rmdir relabelto relabelfrom reparent add_name remove_name open read write getattr setattr search))) (allow guix_daemon_t + tmp_t + (sock_file (create getattr setattr unlink write))) + (allow guix_daemon_t var_log_t (file (create getattr open write))) (allow guix_daemon_t var_log_t - (dir (getattr write add_name))) + (dir (getattr create write add_name))) (allow guix_daemon_t var_run_t (lnk_file (read))) @@ -100,10 +164,10 @@ ;; Spawning processes, execute helpers (allow guix_daemon_t self - (process (fork))) + (process (fork execmem setrlimit setpgid setsched))) (allow guix_daemon_t guix_daemon_exec_t - (file (execute execute_no_trans read open))) + (file (execute execute_no_trans read open entrypoint map))) ;; TODO: unknown (allow guix_daemon_t @@ -119,38 +183,51 @@ ;; Build isolation (allow guix_daemon_t guix_store_content_t - (file (mounton))) + (file (ioctl mounton))) (allow guix_store_content_t fs_t (filesystem (associate))) (allow guix_daemon_t guix_store_content_t - (dir (mounton))) + (dir (read mounton))) (allow guix_daemon_t guix_daemon_t (capability (net_admin fsetid fowner chown setuid setgid dac_override dac_read_search - sys_chroot))) + sys_chroot + sys_admin))) (allow guix_daemon_t fs_t (filesystem (unmount))) (allow guix_daemon_t devpts_t + (dir (search))) + (allow guix_daemon_t + devpts_t (filesystem (mount))) (allow guix_daemon_t devpts_t - (chr_file (setattr getattr))) + (chr_file (ioctl open read write setattr getattr))) (allow guix_daemon_t tmpfs_t - (filesystem (mount))) + (filesystem (getattr mount))) (allow guix_daemon_t tmpfs_t - (dir (getattr))) + (file (create open read unlink write))) + (allow guix_daemon_t + tmpfs_t + (dir (getattr add_name remove_name write))) (allow guix_daemon_t proc_t - (filesystem (mount))) + (file (getattr open read))) + (allow guix_daemon_t + proc_t + (dir (read))) + (allow guix_daemon_t + proc_t + (filesystem (associate mount))) (allow guix_daemon_t null_device_t (chr_file (getattr open read write))) @@ -179,7 +256,7 @@ search rename add_name remove_name open write - rmdir))) + rmdir relabelfrom))) (allow guix_daemon_t guix_store_content_t (file (create @@ -189,7 +266,8 @@ link unlink map rename - open read write))) + append + open read write relabelfrom))) (allow guix_daemon_t guix_store_content_t (lnk_file (create @@ -197,17 +275,23 @@ link unlink read rename))) + (allow guix_daemon_t + guix_store_content_t + (fifo_file (create getattr open read unlink write))) + (allow guix_daemon_t + guix_store_content_t + (sock_file (create getattr setattr unlink write))) ;; Access to configuration files and directories (allow guix_daemon_t guix_daemon_conf_t - (dir (search + (dir (search create setattr getattr add_name remove_name open read write))) (allow guix_daemon_t guix_daemon_conf_t - (file (create + (file (create rename lock map getattr setattr @@ -216,11 +300,17 @@ (allow guix_daemon_t guix_daemon_conf_t (lnk_file (create getattr rename unlink))) + (allow guix_daemon_t net_conf_t + (file (getattr open read))) + (allow guix_daemon_t net_conf_t + (lnk_file (read))) + (allow guix_daemon_t NetworkManager_var_run_t + (dir (search))) ;; Access to profiles (allow guix_daemon_t guix_profiles_t - (dir (getattr setattr read open))) + (dir (search getattr setattr read write open create add_name))) (allow guix_daemon_t guix_profiles_t (lnk_file (read getattr))) @@ -233,9 +323,23 @@ (allow guix_daemon_t user_home_t (dir (search))) + (allow guix_daemon_t + cache_home_t + (dir (search))) + + ;; self upgrades + (allow guix_daemon_t + self + (dir (add_name write))) + (allow guix_daemon_t + self + (netlink_route_socket (bind create getattr nlmsg_read read write getopt))) ;; Socket operations (allow guix_daemon_t + guix_daemon_socket_t + (sock_file (unlink))) + (allow guix_daemon_t init_t (fd (use))) (allow guix_daemon_t @@ -255,10 +359,73 @@ getopt setopt))) (allow guix_daemon_t self + (tcp_socket (accept listen bind connect create setopt getopt getattr ioctl read write shutdown))) + (allow guix_daemon_t + unreserved_port_t + (tcp_socket (name_bind name_connect accept listen))) + (allow guix_daemon_t + self + (udp_socket (connect getattr bind getopt setopt read write))) + (allow guix_daemon_t + self (fifo_file (write read))) (allow guix_daemon_t self (udp_socket (ioctl create))) + (allow guix_daemon_t + self + (unix_stream_socket (connectto))) + (allow guix_daemon_t + self + (unix_dgram_socket (create bind connect sendto read write))) + + ;; For some esoteric build jobs (i.e. running PostgreSQL, etc). + (allow guix_daemon_t + self + (capability (kill))) + (allow guix_daemon_t + node_t + (tcp_socket (node_bind))) + (allow guix_daemon_t + node_t + (udp_socket (node_bind))) + (allow guix_daemon_t + port_t + (tcp_socket (name_connect))) + (allow guix_daemon_t + tmpfs_t + (file (map read write link getattr))) + (allow guix_daemon_t + usermodehelper_t + (file (read))) + (allow guix_daemon_t + hugetlbfs_t + (file (map read write))) + (allow guix_daemon_t + proc_net_t + (file (read))) + (allow guix_daemon_t + postgresql_port_t + (tcp_socket (name_connect name_bind))) + (allow guix_daemon_t + rtp_media_port_t + (udp_socket (name_bind))) + (allow guix_daemon_t + vnc_port_t + (tcp_socket (name_bind))) + + ;; I guess sometimes it needs random numbers + (allow guix_daemon_t + random_device_t + (chr_file (read))) + + ;; guix system vm + (allow guix_daemon_t + kvm_device_t + (chr_file (ioctl open read write))) + (allow guix_daemon_t + kernel_t + (system (ipc_info))) ;; Label file system (filecon "@guix_sysconfdir@/guix(/.*)?" @@ -277,5 +444,7 @@ file (system_u object_r guix_daemon_exec_t (low low))) (filecon "@storedir@/.+-(guix-.+|profile)/bin/guix-daemon" file (system_u object_r guix_daemon_exec_t (low low))) + (filecon "@storedir@/[a-z0-9]+-guix-daemon" + file (system_u object_r guix_daemon_exec_t (low low))) (filecon "@guix_localstatedir@/guix/daemon-socket/socket" any (system_u object_r guix_daemon_socket_t (low low)))) diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 7f0dd00e53..f0a1550a74 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -6,6 +6,7 @@ # Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com> +# Copyright © 2020 Daniel Brooks <db48x@db48x.net> # # This file is part of GNU Guix. # @@ -60,6 +61,7 @@ INF="[ INFO ] " DEBUG=0 GNU_URL="https://ftp.gnu.org/gnu/guix/" +#GNU_URL="https://alpha.gnu.org/gnu/guix/" OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5" # This script needs to know where root's home directory is. However, we @@ -228,11 +230,11 @@ guix_get_bin_list() # Filter only version and architecture bin_ver_ls=("$(wget -qO- "$gnu_url" \ - | sed -n -e 's/.*guix-binary-\([0-9.]*\)\..*.tar.xz.*/\1/p' \ + | sed -n -e 's/.*guix-binary-\([0-9.]*[a-z0-9]*\)\..*.tar.xz.*/\1/p' \ | sort -Vu)") latest_ver="$(echo "$bin_ver_ls" \ - | grep -oE "([0-9]{1,2}\.){2}[0-9]{1,2}" \ + | grep -oE "([0-9]{1,2}\.){2}[0-9]{1,2}[a-z0-9]*" \ | tail -n1)" default_ver="guix-binary-${latest_ver}.${ARCH_OS}" diff --git a/etc/news.scm b/etc/news.scm index f1887b60c3..9fabb8ff45 100644 --- a/etc/news.scm +++ b/etc/news.scm @@ -18,9 +18,184 @@ (channel-news (version 0) + (entry (commit "a9a2fdaabcc78e7a54d9a6bcfa4ee3de308e9a90") + (title (en "Logical Volume Manager (LVM) now supported on Guix System") + (de "Logical Volume Manager (LVM) wird jetzt auf Guix System unterstützt")) + (body + (en "On Guix System, the new @code{lvm-device-mapping} variable +allows you to declare ``mapped devices'' for LVM, the Linux Logical Volume +Manager. For example, LVM logical volumes ``alpha'' and ``beta'' from volume +group ``vg0'' can be declared as follows: + +@lisp +(mapped-device + (source \"vg0\") + (target (list \"vg0-alpha\" \"vg0-beta\")) + (type lvm-device-mapping)) +@end lisp + +See @command{info \"(guix) Mapped Devices\"} for more information.") + (de "Auf Guix System erlaubt Ihnen die neue Variable +@code{lvm-device-mapping}, „zugeordnete Geräte“ (Mapped Devices) für LVM, den +Linux Logical Volume Manager, zu deklarieren. Zum Beispiel können logische +Datenträger von LVM namens „alpha“ und „beta“ aus der +Datenträgergruppe (Volume Group) „vg0“ wie folgt deklariert werden: + +@lisp +(mapped-device + (source \"vg0\") + (target (list \"vg0-alpha\" \"vg0-beta\")) + (type lvm-device-mapping)) +@end lisp + +Siehe @command{info \"(guix.de) Zugeordnete Geräte\"} für nähere Informationen."))) + + (entry (commit "3b6e4e5fd05e72b8a32ff1a2d5e21464260e21e6") + (title (en "List of substitute keys is now declarative on Guix System") + (de "Liste der Substitutschlüssel auf Guix System ist jetzt deklarativ") + (es "Claves para sustituciones del sistema Guix en formato declarativo") + (fr "Liste des clefs de substituts désormais déclarative sur Guix System")) + (body + (en "The list of authorized substitute keys, available in +@file{/etc/guix/acl}, is now built by default in a purely declarative fashion +on Guix System based on the @code{authorized-keys} field of the configuration +of @code{guix-service-type}. This means that manual changes to +@file{/etc/guix/acl} are now @emph{discarded} upon reconfiguration or +reboot (a backup is made as @file{/etc/guix/acl.bak} in that case). + +We recommend updating your operating system configuration to explicitly list +all the authorized substitute keys. See @command{info \"(guix) Base +Services\"}, for more info about @code{guix-configuration} and +@code{authorized-keys}. + +Alternatively, you can set the @code{authorize-key?} field of +@code{guix-configuration} to @code{#f} to restore previous behavior.") + (de "Die Liste von autorisierten Substitutschlüsseln, die in +@file{/etc/guix/acl} steht, wird auf Guix System nach Vorgabe jetzt auf rein +deklarative Weise erstellt, je nach Inhalt des @code{authorized-keys}-Feldes +der Konfiguration des @code{guix-service-type}. Das hat zur Folge, dass +manuelle Änderungen an @file{/etc/guix/acl} von jetzt an nach jedem +Rekonfigurieren oder Neustarten @emph{verworfen} werden (in diesem Fall wird +eine Sicherheitskopie namens @file{/etc/guix/acl.bak} angelegt). + +Wir empfehlen, dass Sie Ihre Betriebssystemkonfiguration aktualisieren, damit +dort alle autorisierten Substitutschlüssel ausdrücklich aufgeführt +werden. Siehe @command{info \"(guix.de) Basisdienste\"} für mehr Informationen +zur @code{guix-configuration} und @code{authorized-keys}. + +Alternativ können Sie das @code{authorize-key?}-Feld der +@code{guix-configuration} auf @code{#f} setzen, um zum alten Verhalten +zurückzugehen.") + (es "El listado de claves autorizadas para la obtención de +sustituciones, disponible en @file{/etc/guix/acl}, ahora se genera de manera +predeterminada en el sistema Guix de forma completamente declarativa en base +al campo @code{authorized-keys} del la configuración para el servicio +@code{guix-service-type}. Esto significa que los cambios que se hayan +realizado de manera manual en @file{/etc/guix/acl} @emph{se descartan} tras +una reconfiguración del sistema o tras un reinicio (se realiza una copia de +seguridad en la ruta @file{/etc/guix/acl.bak} en este caso). + +Le recomendamos que actualice su configuración del sistema operativo para que +enumere explícitamente todas las claves que desea autorizar para la obtención +de sustituciones. Véase @command{info \"(guix.es) Servicios base\"}, para +obtener más información sobre @code{guix-configuration} y +@code{authorized-keys}. + +También puede proporcionar el valor @code{#f} en el campo +@code{authorize-key?} de @code{guix-configuration} para volver al +comportamiento que se obtenía con versiones previas.") + (fr "La liste des clefs de substituts autorisées, stockée dans +@file{/guix/guix/acl}, est dorénavant construite par défaut de manière +déclarative sur Guix System, en se basant sur le champs @code{authorized-keys} +de la configuration de @code{guix-service-type}. Cela signifie que les +modifications apportées manuellement à @file{/etc/guix/acl} seront désormais +@emph{perdues} lors d'une reconfiguration ou d'un redémarrage (dans ce cas une +sauvegarde est faite dans @file{/etc/guix/acl.bak}). + +Nous recommandons de mettre à jour sa configuration de système d'exploitation +pour y lister explicitement les clefs autorisées. Lancez @command{info +\"(guix.fr) Services de base\"} pour plus d'informations sur +@code{guix-configuration} et @code{authorized-keys}. + +Il est également possible de mettre le champs @code{authorize-key?} de +@code{guix-configuration} à @code{#f} pour restaurer le comportement qui +prévalait jusqu'à maintenant."))) + + (entry (commit "6aeda81602555fbeac0c0a209e74f5262093b513") + (title (en "New @option{--with-debug-info} package transformation option") + (de "Neue Paketumwandlungsoption @option{--with-debug-info}") + (es "Nueva opción de transformación @option{--with-debug-info}") + (fr "Nouvelle option de transformation @option{--with-debug-info}")) + (body + (en "The new @option{--with-debug-info} option builds a variant of a +package that includes debug info and grafts it onto the application you want +to debug. Thus, only the package for which you want debug info needs to be +recompiled. This is useful for packages that do not already have a +@code{debug} output. + +For example, here is how you would obtain debug info for the @code{glib} +library so you can inspect it while debugging Inkscape: + +@example +guix build --with-debug-info=glib inkscape +@end example + +Run @command{info \"(guix) Package Transformation Options\"} for more info.") + (de "Die neue Paketumwandlungsoption @option{--with-debug-info} lässt +eine Variante eines Pakets erstellen, die auch Informationen zur Fehlersuche +enthält. Damit wird die Anwendung veredelt, wo Sie Fehler nachvollziehen +möchten. Somit muss nur das Paket, für das Sie die Informationen brauchen, neu +kompiliert werden. Das ist hilfreich bei Paketen, die noch nicht über eine +@code{debug}-Ausgabe verfügen. + +Zum Beispiel würden Sie so Informationen zur Fehlersuche für die +@code{glib}-Bibliothek bekommen, um sie inspizieren zu können, wenn Sie Fehler +in Inkscape nachvollziehen möchten: + +@example +guix build --with-debug-info=glib inkscape +@end example + +Führen Sie für mehr Informationen @command{info \"(guix.de) +Paketumwandlungsoptionen\"} aus.") + (es "La nueva opción @option{--with-debug-info} construye una +variante del paquete que incluye la información de depuración y la injerta +en la aplicación que desee depurar. Por tanto, únicamente el paquete del +que desee información de depuración debe construirse de nuevo. Es útil +para paquetes que no tienen ya una salida @code{debug}. + +El siguiente ejemplo muestra como obtener información de depuración +para la biblioteca @code{glib} de modo que pueda inspeccionarla mientras +depura Inkscape: + +@example +guix build --with-debug-info=glib inkscape +@end example + +Ejecute @command{info \"(guix.es) Opciones de transformación de paquetes\"} +para obtener más información.") + (fr "La nouvelle option de transformation de paquets +@option{--with-debug-info} compile une variante d'un paquet avec les +informations de déboguage et la greffe sur l'application que l'on veut +déboguer. Ainsi seul le paquet pour lequel on demande des informations de +déboguage a besoin d'être recompilé. C'est utile pour les paquets n'ayant pas +déjà un résultat @code{debug}. + +Voici par exemple comment obtenir des informations de déboguage pour la +bibliothèque @code{glib} de manière à pouvoir l'inspecter quand on débuggue +Inkscape : + +@example +guix build --with-debug-info=glib inkscape +@end example + +Voir @command{info \"(guix.fr) Options de transformation de paquets\"} pour +plus de détails."))) + (entry (commit "abd7a474615353149a44f4504f0b4b248dcc0716") (title (en "New @option{--with-c-toolchain} package transformation option") (de "Neue Paketumwandlungsoption @option{--with-c-toolchain}") + (es "Nueva opción de transformación @option{--with-c-toolchain}") (fr "Nouvelle option de transformation @option{--with-c-toolchain}")) (body (en "The new @option{--with-c-toolchain} package transformation @@ -57,6 +232,24 @@ guix build octave-cli \\ Führen Sie für mehr Informationen @command{info \"(guix.de) Paketumwandlungsoptionen\"} aus.") + (es "La nueva opción de transformación de paquetes +@option{--with-c-toolchain} proporciona a las desarrolladoras una manera +fácil de reconstruir sus paquetes favoritos con la cadena de herramientas +de compilación de C/C++ que elijan en vez de la predeterminada. + +Por ejemplo, la siguiente orden reconstruye los paquetes @code{fftw} y +@code{fftwf} así como todos los paquetes que dependen de ellos hasta +@code{octave-cli}, usando la versión 10 de GCC (el compilador +predeterminado en estos momentos es GCC 7.5): + +@example +guix build octave-cli \\ + --with-c-toolchain=fftw=gcc-toolchain@@10 \\ + --with-c-toolchain=fftwf=gcc-toolchain@@10 +@end example + +Ejecute @command{info \"(guix.es) Opciones de transformación de paquetes\"} +para obtener más información.") (fr "La nouvelle option de transformation de paquets @option{--with-c-toolchain} permet aux développeur·euses de recompiler leurs paquets préférés avec la chaîne d'outils C/C++ de leur choix à la place de diff --git a/etc/release-manifest.scm b/etc/release-manifest.scm index 7f54fe8768..da98d6e00b 100644 --- a/etc/release-manifest.scm +++ b/etc/release-manifest.scm @@ -49,6 +49,12 @@ TARGET." '("bootstrap-tarballs" "gcc-toolchain" "nss-certs" "openssh" "emacs" "vim" "python" "guile" "guix"))) +(define %base-packages/hurd + ;; XXX: For now we are less demanding of "i586-gnu". + (map specification->package + '("coreutils" "grep" "findutils" "gawk" "make" + "gcc-toolchain" "tar" "xz"))) + (define %system-packages ;; Key packages proposed by the Guix System installer. (append (map specification->package @@ -94,7 +100,9 @@ TARGET." (manifest (append-map (lambda (system) (map (cut package->manifest-entry* <> system) - %base-packages)) + (if (string=? system "i586-gnu") + %base-packages/hurd + %base-packages))) %hydra-supported-systems))) (define %system-manifest diff --git a/etc/snippets/text-mode/guix-commit-message-add-cl-package b/etc/snippets/text-mode/guix-commit-message-add-cl-package new file mode 100644 index 0000000000..e255736b05 --- /dev/null +++ b/etc/snippets/text-mode/guix-commit-message-add-cl-package @@ -0,0 +1,15 @@ +# -*- mode: snippet -*- +# name: guix-commit-message-add-cl-package +# key: addcl +# condition: git-commit-mode +# -- +gnu: Add ${1:`(with-temp-buffer + (magit-git-wash #'magit-diff-wash-diffs + "diff" "--staged") + (beginning-of-buffer) + (when (search-forward "+(define-public " nil 'noerror) + (replace-regexp-in-string + "^sbcl-" "" + (thing-at-point 'sexp 'no-properties))))`}. + +* `(car (magit-staged-files))` (cl-${1:$(replace-regexp-in-string "^cl-" "" yas-text)}, ecl-$1, sbcl-$1): New variables. \ No newline at end of file diff --git a/etc/snippets/text-mode/guix-commit-message-add-package b/etc/snippets/text-mode/guix-commit-message-add-package index 0dff2cbcf5..e54a06de7e 100644 --- a/etc/snippets/text-mode/guix-commit-message-add-package +++ b/etc/snippets/text-mode/guix-commit-message-add-package @@ -7,7 +7,7 @@ gnu: Add ${1:`(with-temp-buffer (magit-git-wash #'magit-diff-wash-diffs "diff" "--staged") (beginning-of-buffer) - (when (search-forward "(define-public " nil 'noerror) + (when (search-forward "+(define-public " nil 'noerror) (thing-at-point 'sexp 'no-properties)))`}. * `(car (magit-staged-files))` ($1): New variable. \ No newline at end of file |