X-Git-Url: http://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/a0ae64a334ce4dda269828bbb3c9182842e5cd50..f9c3bd2e0183b777ad3794674a360222c62633b0:/gnu/packages/base.scm diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 37e09eb8ce..109e9b698d 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -7,6 +7,8 @@ ;;; Copyright © 2014, 2015 Manolis Fragkiskos Ragkousis ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Jan Nieuwenhuizen +;;; Copyright © 2017 Rene Saavedra +;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2017 Marius Bakke ;;; ;;; This file is part of GNU Guix. @@ -79,14 +81,14 @@ command-line arguments, multiple languages, and so on.") (define-public grep (package (name "grep") - (version "3.0") + (version "3.1") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/grep/grep-" version ".tar.xz")) (sha256 (base32 - "1dcasjp3a578nrvzrcn38mpizb8w1q6mvfzhjmcqqgkf0nsivj72")) + "0zm0ywmyz9g8vn1plw14mn8kj74yipx5qsljndbyfgmvndx5qqnv")) (patches (search-patches "grep-timing-sensitive-test.patch")))) (build-system gnu-build-system) (native-inputs `(("perl" ,perl))) ;some of the tests require it @@ -228,14 +230,14 @@ differences.") (define-public diffutils (package (name "diffutils") - (version "3.5") + (version "3.6") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/diffutils/diffutils-" version ".tar.xz")) (sha256 (base32 - "0csmqfz8ks23kdjsq0v2ll1acqiz8lva06dj19mwmymrsp69ilys")))) + "1mivg0fy3a6fcn535ln8nkgfj6vxh5hsxxs5h6692wxmsjyyh8fn")))) (build-system gnu-build-system) (synopsis "Comparing and merging files") (description @@ -258,8 +260,13 @@ interactive means to merge two files.") (sha256 (base32 "178nn4dl7wbcw499czikirnkniwnx36argdnqgz4ik9i6zvwkm6y")) - (patches (search-patches "findutils-localstatedir.patch" - "findutils-test-xargs.patch")))) + (patches (search-patches + "findutils-localstatedir.patch" + "findutils-test-xargs.patch" + ;; test-lock has performance issues on multi-core + ;; machines, it hangs or takes a long time to complete. + ;; This is a commit from gnulib to fix this issue. + "findutils-gnulib-multi-core.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list @@ -285,15 +292,14 @@ used to apply commands with arbitrarily long arguments.") (define-public coreutils (package (name "coreutils") - (version "8.26") + (version "8.28") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/coreutils/coreutils-" version ".tar.xz")) (sha256 (base32 - "13lspazc7xkviy93qz7ks9jv4sldvgmwpq36ghrbrqpq93br8phm")) - (patches (search-patches "coreutils-fix-cross-compilation.patch")))) + "0r8c1bgm68kl70j1lgd0rv12iykw6143k4m9a56xip9rc2hv25qi")))) (build-system gnu-build-system) (inputs `(("acl" ,acl) ; TODO: add SELinux ("gmp" ,gmp) ;bignums in 'expr', yay! @@ -308,51 +314,24 @@ used to apply commands with arbitrarily long arguments.") ;; copy of help2man. However, don't pass it when cross-compiling since ;; that would lead it to try to run programs to get their '--help' output ;; for help2man. - `(,@(if (%current-target-system) - '() - `(("perl" ,perl))) - - ;; Apply this patch only on ARM to avoid a full rebuild. - ;; TODO: Move to 'patches' in the next update cycle. - ,@(if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - `(("cut-test.patch" - ,(search-patch "coreutils-cut-huge-range-test.patch"))) - '()))) + (if (%current-target-system) + '() + `(("perl" ,perl)))) (outputs '("out" "debug")) (arguments `(#:parallel-build? #f ; help2man may be called too early - #:parallel-tests? #f ; race condition fixed after 8.26 - #:phases (alist-cons-before - 'build 'patch-shell-references - (lambda* (#:key inputs #:allow-other-keys) - (let ((bash (assoc-ref inputs "bash"))) - ;; 'split' uses either $SHELL or /bin/sh. Set $SHELL so - ;; that tests pass, since /bin/sh isn't in the chroot. - (setenv "SHELL" (which "sh")) - - (substitute* (find-files "gnulib-tests" "\\.c$") - (("/bin/sh") - (format #f "~a/bin/sh" bash))) - (substitute* (find-files "tests" "\\.sh$") - (("#!/bin/sh") - (format #f "#!~a/bin/sh" bash))))) - - ,@(if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - '((alist-cons-before - 'build 'patch-cut-test - (lambda* (#:key inputs native-inputs - #:allow-other-keys) - (let ((patch (or (assoc-ref inputs - "cut-test.patch") - (assoc-ref native-inputs - "cut-test.patch")))) - (zero? - (system* "patch" "-p1" "--force" - "--input" patch)))) - %standard-phases)) - '(%standard-phases))))) + #:phases (modify-phases %standard-phases + (add-before 'build 'patch-shell-references + (lambda _ + ;; 'split' uses either $SHELL or /bin/sh. Set $SHELL so + ;; that tests pass, since /bin/sh isn't in the chroot. + (setenv "SHELL" (which "sh")) + + (substitute* (find-files "gnulib-tests" "\\.c$") + (("/bin/sh") (which "sh"))) + (substitute* (find-files "tests" "\\.sh$") + (("#!/bin/sh") (which "sh"))) + #t))))) (synopsis "Core GNU utilities (file, text, shell)") (description "GNU Coreutils includes all of the basic command-line tools that are @@ -362,29 +341,6 @@ functionality beyond that which is outlined in the POSIX standard.") (license gpl3+) (home-page "https://www.gnu.org/software/coreutils/"))) -;; We add version 8.27 here for use in (gnu system) due to a time -;; zone bug in `date' versions 8.25 - 8.26. -;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23035 -;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=26238 -(define-public coreutils-8.27 - (package - (inherit coreutils) - (version "8.27") - (source (origin - (method url-fetch) - (uri (string-append "mirror://gnu/coreutils/coreutils-" - version ".tar.xz")) - (sha256 - (base32 - "0sv547572iq8ayy8klir4hnngnx92a9nsazmf1wgzfc7xr4x74c8")))) - (arguments - (if (string-prefix? "arm" (or (%current-target-system) - (%current-system))) - (substitute-keyword-arguments (package-arguments coreutils) - ((#:phases phases) - `(alist-delete 'patch-cut-test ,phases))) - (package-arguments coreutils))))) - (define-public coreutils-minimal ;; Coreutils without its optional dependencies. (package @@ -434,17 +390,16 @@ change. GNU make offers many powerful extensions over the standard utility.") (define-public binutils (package (name "binutils") - (version "2.27") + (version "2.28.1") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/binutils/binutils-" version ".tar.bz2")) (sha256 (base32 - "125clslv17xh1sab74343fg6v31msavpmaa1c1394zsqa773g5rn")) + "1sj234nd05cdgga1r36zalvvdkvpfbr12g5mir2n8i1dwsdrj939")) (patches (search-patches "binutils-ld-new-dtags.patch" - "binutils-loongson-workaround.patch" - "binutils-mips-bash-bug.patch")))) + "binutils-loongson-workaround.patch")))) (build-system gnu-build-system) ;; TODO: Add dependency on zlib + those for Gold. @@ -456,10 +411,6 @@ change. GNU make offers many powerful extensions over the standard utility.") ;; Don't search under /usr/lib & co. "--with-lib-path=/no-ld-lib-path" - ;; Glibc 2.17 has a "comparison of unsigned - ;; expression >= 0 is always true" in wchar.h. - "--disable-werror" - ;; Install BFD. It ends up in a hidden directory, ;; but it's here. "--enable-install-libbfd" @@ -482,7 +433,7 @@ included.") (define* (make-ld-wrapper name #:key (target (const #f)) binutils - (guile (canonical-package guile-2.0)) + (guile (canonical-package guile-2.2)) (bash (canonical-package bash)) (guile-for-build guile)) "Return a package called NAME that contains a wrapper for the 'ld' program @@ -557,15 +508,14 @@ store.") (define-public glibc/linux (package (name "glibc") - (version "2.25") - (replacement glibc-2.25-patched) + (version "2.26") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/glibc/glibc-" version ".tar.xz")) (sha256 (base32 - "1813dzkgw6v8q8q1m4v96yfis7vjqc9pslqib6j9mrwh6fxxjyq6")) + "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5")) (snippet ;; Disable 'ldconfig' and /etc/ld.so.cache. The latter is ;; required on LFS distros to avoid loading the distro's libc.so @@ -576,6 +526,7 @@ store.") (modules '((guix build utils))) (patches (search-patches "glibc-ldd-x86_64.patch" "glibc-versioned-locpath.patch" + "glibc-CVE-2017-15670-15671.patch" "glibc-o-largefile.patch")))) (build-system gnu-build-system) @@ -583,21 +534,23 @@ store.") ;; users should automatically pull Linux headers as well. (propagated-inputs `(("kernel-headers" ,linux-libre-headers))) - (outputs '("out" "debug")) + (outputs '("out" "debug" + "static")) ;9 MiB of .a files (arguments `(#:out-of-source? #t - ;; In version 2.21, there a race in the 'elf' directory, see - ;; . - #:parallel-build? #f - ;; The libraries have an empty RUNPATH, but some, such as the versioned ;; libraries (libdl-2.24.so, etc.) have ld.so marked as NEEDED. Since ;; these libraries are always going to be found anyway, just skip ;; RUNPATH checks. #:validate-runpath? #f + #:modules ((ice-9 ftw) + (srfi srfi-26) + (guix build utils) + (guix build gnu-build-system)) + #:configure-flags (list "--enable-add-ons" "--sysconfdir=/etc" @@ -627,10 +580,10 @@ store.") "kernel-headers") "/include") - ;; This is the default for most architectures as of GNU libc 2.21, + ;; This is the default for most architectures as of GNU libc 2.26, ;; but we specify it explicitly for clarity and consistency. See ;; "kernel-features.h" in the GNU libc for details. - "--enable-kernel=2.6.32" + "--enable-kernel=3.2.0" ;; Use our Bash instead of /bin/sh. (string-append "BASH_SHELL=" @@ -667,19 +620,6 @@ store.") ;; 4.7.1. ((" -lgcc_s") "")) - ;; Apply patch only on i686. - ;; TODO: Move the patch to 'patches' in the next update cycle. - ,@(if (string-prefix? "i686" (or (%current-target-system) - (%current-system))) - `((unless (zero? (system* "patch" "-p1" "--force" - "--input" - (or (assoc-ref native-inputs - "glibc-memchr-overflow-i686.patch") - (assoc-ref inputs - "glibc-memchr-overflow-i686.patch")))) - (error "patch failed for glibc-memchr-overflow-i686.patch"))) - '()) - ;; Have `system' use that Bash. (substitute* "sysdeps/posix/system.c" (("#define[[:blank:]]+SHELL_PATH.*$") @@ -715,7 +655,46 @@ store.") ;; "bilingual" eval/exec magic at the top of the file. "") (("exec @PERL@") - "exec perl")))))))) + "exec perl"))))) + + (add-after 'install 'move-static-libs + (lambda* (#:key outputs #:allow-other-keys) + ;; Move static libraries to the "static" output. + (define (static-library? file) + ;; Return true if FILE is a static library. The + ;; "_nonshared.a" files are referred to by libc.so, + ;; libpthread.so, etc., which are in fact linker + ;; scripts. + (and (string-suffix? ".a" file) + (not (string-contains file "_nonshared")))) + + (define (linker-script? file) + ;; Guess whether FILE, a ".a" file, is actually a + ;; linker script. + (and (not (ar-file? file)) + (not (elf-file? file)))) + + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (files (scandir lib static-library?)) + (static (assoc-ref outputs "static")) + (slib (string-append static "/lib"))) + (mkdir-p slib) + (for-each (lambda (base) + (rename-file (string-append lib "/" base) + (string-append slib "/" base))) + files) + + ;; Usually libm.a is a linker script so we need to + ;; change the file names in there to refer to STATIC + ;; instead of OUT. + (for-each (lambda (ld-script) + (substitute* ld-script + ((out) static))) + (filter linker-script? + (map (cut string-append slib "/" <>) + files))) + #t)))))) (inputs `(("static-bash" ,static-bash))) @@ -723,15 +702,7 @@ store.") ;; install the message catalogs, with 'msgfmt'. (native-inputs `(("texinfo" ,texinfo) ("perl" ,perl) - ("gettext" ,gettext-minimal) - - ;; Apply this patch only on i686 to avoid a full rebuild. - ;; TODO: Move to 'patches' in the next update cycle. - ,@(if (string-prefix? "i686" (or (%current-target-system) - (%current-system))) - `(("glibc-memchr-overflow-i686.patch" - ,(search-patch "glibc-memchr-overflow-i686.patch"))) - '()))) + ("gettext" ,gettext-minimal))) (native-search-paths ;; Search path for packages that provide locale data. This is useful @@ -780,71 +751,6 @@ with the Linux kernel.") ;; Add libmachuser.so and libhurduser.so to libc.so's search path. ;; See . `(modify-phases ,original-phases - ;; TODO: This is almost an exact copy of the phase of the same name - ;; in glibc/linux. The only difference is that the i686 patch is - ;; not applied here. In the next update cycle the patch moves to - ;; the patches field and this overwritten phase won't be needed any - ;; more. - (replace 'pre-configure - (lambda* (#:key inputs native-inputs outputs - #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (bin (string-append out "/bin")) - ;; FIXME: Normally we would look it up only in INPUTS - ;; but cross-base uses it as a native input. - (bash (or (assoc-ref inputs "static-bash") - (assoc-ref native-inputs "static-bash")))) - ;; Install the rpc data base file under `$out/etc/rpc'. - ;; FIXME: Use installFlags = [ "sysconfdir=$(out)/etc" ]; - (substitute* "sunrpc/Makefile" - (("^\\$\\(inst_sysconfdir\\)/rpc(.*)$" _ suffix) - (string-append out "/etc/rpc" suffix "\n")) - (("^install-others =.*$") - (string-append "install-others = " out "/etc/rpc\n"))) - - (substitute* "Makeconfig" - ;; According to - ;; , - ;; linking against libgcc_s is not needed with GCC - ;; 4.7.1. - ((" -lgcc_s") "")) - - ;; Have `system' use that Bash. - (substitute* "sysdeps/posix/system.c" - (("#define[[:blank:]]+SHELL_PATH.*$") - (format #f "#define SHELL_PATH \"~a/bin/bash\"\n" - bash))) - - ;; Same for `popen'. - (substitute* "libio/iopopen.c" - (("/bin/sh") - (string-append bash "/bin/sh"))) - - ;; Same for the shell used by the 'exec' functions for - ;; scripts that lack a shebang. - (substitute* (find-files "." "^paths\\.h$") - (("#define[[:blank:]]+_PATH_BSHELL[[:blank:]].*$") - (string-append "#define _PATH_BSHELL \"" - bash "/bin/sh\"\n"))) - - ;; Nscd uses __DATE__ and __TIME__ to create a string to - ;; make sure the client and server come from the same - ;; libc. Use something deterministic instead. - (substitute* "nscd/nscd_stat.c" - (("static const char compilation\\[21\\] =.*$") - (string-append - "static const char compilation[21] = \"" - (string-take (basename out) 20) "\";\n"))) - - ;; Make sure we don't retain a reference to the - ;; bootstrap Perl. - (substitute* "malloc/mtrace.pl" - (("^#!.*") - ;; The shebang can be omitted, because there's the - ;; "bilingual" eval/exec magic at the top of the file. - "") - (("exec @PERL@") - "exec perl"))))) (add-after 'install 'augment-libc.so (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out"))) @@ -902,22 +808,30 @@ GLIBC/HURD for a Hurd host" (define-syntax glibc (identifier-syntax (glibc-for-target))) -(define glibc-2.25-patched +;; Below are old libc versions, which we use mostly to build locale data in +;; the old format (which the new libc cannot cope with.) + +(define-public glibc-2.25 (package (inherit glibc) + (version "2.25") (source (origin (inherit (package-source glibc)) + (uri (string-append "mirror://gnu/glibc/glibc-" + version ".tar.xz")) + (sha256 + (base32 + "1813dzkgw6v8q8q1m4v96yfis7vjqc9pslqib6j9mrwh6fxxjyq6")) (patches (search-patches "glibc-ldd-x86_64.patch" "glibc-versioned-locpath.patch" "glibc-o-largefile.patch" "glibc-vectorized-strcspn-guards.patch" + "glibc-CVE-2015-5180.patch" + "glibc-CVE-2017-15670-15671.patch" "glibc-CVE-2017-1000366-pt1.patch" "glibc-CVE-2017-1000366-pt2.patch" "glibc-CVE-2017-1000366-pt3.patch")))))) -;; Below are old libc versions, which we use mostly to build locale data in -;; the old format (which the new libc cannot cope with.) - (define-public glibc-2.24 (package (inherit glibc) @@ -934,6 +848,7 @@ GLIBC/HURD for a Hurd host" "glibc-o-largefile.patch" "glibc-vectorized-strcspn-guards.patch" "glibc-CVE-2015-5180.patch" + "glibc-CVE-2017-15670-15671.patch" "glibc-CVE-2017-1000366-pt1.patch" "glibc-CVE-2017-1000366-pt2.patch" "glibc-CVE-2017-1000366-pt3.patch")))))) @@ -957,6 +872,7 @@ GLIBC/HURD for a Hurd host" "glibc-CVE-2016-3075.patch" "glibc-CVE-2016-3706.patch" "glibc-CVE-2016-4429.patch" + "glibc-CVE-2017-15670-15671.patch" "glibc-CVE-2017-1000366-pt1.patch" "glibc-CVE-2017-1000366-pt2.patch" "glibc-CVE-2017-1000366-pt3.patch")))))) @@ -974,6 +890,12 @@ GLIBC/HURD for a Hurd host" "0j49682pm2nh4qbdw35bas82p1pgfnz4d2l7iwfyzvrvj0318wzb")) (patches (search-patches "glibc-ldd-x86_64.patch" "glibc-vectorized-strcspn-guards.patch" + "glibc-CVE-2015-5180.patch" + "glibc-CVE-2015-7547.patch" + "glibc-CVE-2016-3075.patch" + "glibc-CVE-2016-3706.patch" + "glibc-CVE-2016-4429.patch" + "glibc-CVE-2017-15670-15671.patch" "glibc-CVE-2017-1000366-pt1.patch" "glibc-CVE-2017-1000366-pt2.patch" "glibc-CVE-2017-1000366-pt3.patch")))) @@ -1007,12 +929,12 @@ the 'share/locale' sub-directory of this package.") ,@(package-arguments glibc)))) (substitute-keyword-arguments args ((#:phases phases) - `(alist-replace - 'build - (lambda* (#:key outputs #:allow-other-keys) - (zero? (system* "make" "localedata/install-locales" - "-j" (number->string (parallel-job-count))))) - (alist-delete 'install ,phases))) + `(modify-phases ,phases + (replace 'build + (lambda _ + (zero? (system* "make" "localedata/install-locales" + "-j" (number->string (parallel-job-count)))))) + (delete 'install))) ((#:configure-flags flags) `(append ,flags ;; Use $(libdir)/locale/X.Y as is the case by default. @@ -1134,7 +1056,7 @@ command.") (define-public tzdata (package (name "tzdata") - (version "2017b") + (version "2017c") (source (origin (method url-fetch) (uri (string-append @@ -1142,7 +1064,7 @@ command.") version ".tar.gz")) (sha256 (base32 - "11l0s43vx33dcs78p80122i8s5s9l1sjwkzzwh66njd35r92l97q")))) + "02yrrfj0p7ar885ja41ylijzbr8wc6kz6kzlw8c670i9m693ym6n")))) (build-system gnu-build-system) (arguments '(#:tests? #f @@ -1190,7 +1112,7 @@ command.") version ".tar.gz")) (sha256 (base32 - "0h1d567gn8l3iqgyadcswwdy2yh07nhz3lfl8ds8saz2ajxka5sd")))))) + "1dvrq0b2hz7cjqdyd7x21wpy4qcng3rvysr61ij0c2g64fyb9s41")))))) (home-page "https://www.iana.org/time-zones") (synopsis "Database of current and historical time zones") (description "The Time Zone Database (often called tz or zoneinfo) @@ -1203,7 +1125,7 @@ and daylight-saving rules.") ;;; A "fixed" version of tzdata, which is used in the test suites of ;;; glib and R. We can update this whenever we are able to rebuild ;;; thousands of packages (for example, in a core-updates rebuild). -(define-public tzdata-2017a +(define-public tzdata-for-tests (package (inherit tzdata) (version "2017a")