Commit | Line | Data |
---|---|---|
568717fd LC |
1 | \input texinfo |
2 | @c -*-texinfo-*- | |
3 | ||
4 | @c %**start of header | |
5 | @setfilename guix.info | |
6 | @documentencoding UTF-8 | |
f8348b91 | 7 | @settitle GNU Guix Reference Manual |
568717fd LC |
8 | @c %**end of header |
9 | ||
10 | @include version.texi | |
7df7a74e NK |
11 | |
12 | @copying | |
425b0bfc | 13 | Copyright @copyright{} 2012, 2013, 2014 Ludovic Courtès@* |
af8a56b8 | 14 | Copyright @copyright{} 2013, 2014 Andreas Enge@* |
7df7a74e NK |
15 | Copyright @copyright{} 2013 Nikita Karetnikov |
16 | ||
17 | Permission is granted to copy, distribute and/or modify this document | |
18 | under the terms of the GNU Free Documentation License, Version 1.3 or | |
19 | any later version published by the Free Software Foundation; with no | |
20 | Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A | |
21 | copy of the license is included in the section entitled ``GNU Free | |
22 | Documentation License''. | |
23 | @end copying | |
568717fd | 24 | |
eeaf4427 | 25 | @dircategory Package management |
568717fd LC |
26 | @direntry |
27 | * guix: (guix). Guix, the functional package manager. | |
e49951eb | 28 | * guix package: (guix)Invoking guix package |
eeaf4427 | 29 | Managing packages with Guix. |
e49951eb | 30 | * guix build: (guix)Invoking guix build |
568717fd | 31 | Building packages with Guix. |
054e8576 LC |
32 | * guix system: (guix)Invoking guix system |
33 | Managing the operating system configuration. | |
568717fd | 34 | @end direntry |
568717fd LC |
35 | |
36 | @titlepage | |
7730d112 LC |
37 | @title GNU Guix Reference Manual |
38 | @subtitle Using the GNU Guix Functional Package Manager | |
568717fd | 39 | @author Ludovic Courtès |
da7cabd4 | 40 | @author Andreas Enge |
acc08466 | 41 | @author Nikita Karetnikov |
568717fd LC |
42 | |
43 | @page | |
44 | @vskip 0pt plus 1filll | |
45 | Edition @value{EDITION} @* | |
46 | @value{UPDATED} @* | |
47 | ||
7df7a74e | 48 | @insertcopying |
568717fd LC |
49 | @end titlepage |
50 | ||
568717fd LC |
51 | @contents |
52 | ||
53 | @c ********************************************************************* | |
54 | @node Top | |
f8348b91 | 55 | @top GNU Guix |
568717fd | 56 | |
f8348b91 LC |
57 | This document describes GNU Guix version @value{VERSION}, a functional |
58 | package management tool written for the GNU system. | |
568717fd LC |
59 | |
60 | @menu | |
61 | * Introduction:: What is Guix about? | |
bd5e766b | 62 | * Installation:: Installing Guix. |
eeaf4427 | 63 | * Package Management:: Package installation, upgrade, etc. |
568717fd LC |
64 | * Programming Interface:: Using Guix in Scheme. |
65 | * Utilities:: Package management commands. | |
a1ba8475 | 66 | * GNU Distribution:: Software for your friendly GNU system. |
9bf3c1a7 | 67 | * Contributing:: Your help needed! |
568717fd LC |
68 | |
69 | * Acknowledgments:: Thanks! | |
70 | * GNU Free Documentation License:: The license of this manual. | |
71 | * Concept Index:: Concepts. | |
a85b83d2 | 72 | * Programming Index:: Data types, functions, and variables. |
568717fd LC |
73 | @end menu |
74 | ||
75 | @c ********************************************************************* | |
76 | @node Introduction | |
77 | @chapter Introduction | |
78 | ||
c80e7e55 LC |
79 | GNU Guix@footnote{``Guix'' is pronounced like ``geeks'', or ``ɡiːks'' |
80 | using the international phonetic alphabet (IPA).} is a functional | |
81 | package management tool for the GNU system. Package management consists | |
4bfc4ea3 NK |
82 | of all activities that relate to building packages from sources, |
83 | honoring their build-time and run-time dependencies, | |
c80e7e55 LC |
84 | installing packages in user environments, upgrading installed packages |
85 | to new versions or rolling back to a previous set, removing unused | |
86 | software packages, etc. | |
568717fd LC |
87 | |
88 | @cindex functional package management | |
89 | The term @dfn{functional} refers to a specific package management | |
90 | discipline. In Guix, the package build and installation process is seen | |
4bfc4ea3 NK |
91 | as a function, in the mathematical sense. That function takes inputs, |
92 | such as build scripts, a compiler, and libraries, and | |
93 | returns an installed package. As a pure function, its result depends | |
568717fd LC |
94 | solely on its inputs---for instance, it cannot refer to software or |
95 | scripts that were not explicitly passed as inputs. A build function | |
4bfc4ea3 NK |
96 | always produces the same result when passed a given set of inputs. It |
97 | cannot alter the system's environment in | |
568717fd LC |
98 | any way; for instance, it cannot create, modify, or delete files outside |
99 | of its build and installation directories. This is achieved by running | |
e900c503 | 100 | build processes in isolated environments (or @dfn{containers}), where only their |
4bfc4ea3 | 101 | explicit inputs are visible. |
568717fd | 102 | |
e531ac2a | 103 | @cindex store |
568717fd | 104 | The result of package build functions is @dfn{cached} in the file |
e531ac2a LC |
105 | system, in a special directory called @dfn{the store} (@pxref{The |
106 | Store}). Each package is installed in a directory of its own, in the | |
834129e0 | 107 | store---by default under @file{/gnu/store}. The directory name contains |
568717fd LC |
108 | a hash of all the inputs used to build that package; thus, changing an |
109 | input yields a different directory name. | |
110 | ||
111 | This approach is the foundation of Guix's salient features: support for | |
4bfc4ea3 | 112 | transactional package upgrade and rollback, per-user installation, and |
eeaf4427 | 113 | garbage collection of packages (@pxref{Features}). |
568717fd | 114 | |
4bfc4ea3 | 115 | Guix has a command-line interface, which allows users to build, install, |
568717fd | 116 | upgrade, and remove packages, as well as a Scheme programming interface. |
568717fd | 117 | |
a1ba8475 LC |
118 | Last but not least, Guix is used to build a distribution of the GNU |
119 | system, with many GNU and non-GNU free software packages. @xref{GNU | |
120 | Distribution}. | |
121 | ||
bd5e766b LC |
122 | @c ********************************************************************* |
123 | @node Installation | |
124 | @chapter Installation | |
125 | ||
48febeb8 LC |
126 | GNU Guix is available for download from its website at |
127 | @url{http://www.gnu.org/software/guix/}. This section describes the | |
128 | software requirements of Guix, as well as how to install it and get | |
129 | ready to use it. | |
bd5e766b | 130 | |
5af6de3e LC |
131 | Note that this section is concerned with the installation of the package |
132 | manager, which can be done on top of a running GNU/Linux system. If, | |
133 | instead, you want to install the complete GNU operating system, | |
6621cdb6 | 134 | @pxref{System Installation}. |
5af6de3e | 135 | |
b22a12fd | 136 | The build procedure for Guix is the same as for other GNU software, and |
1da983b9 | 137 | is not covered here. Please see the files @file{README} and |
b22a12fd LC |
138 | @file{INSTALL} in the Guix source tree for additional details. |
139 | ||
bd5e766b LC |
140 | @menu |
141 | * Requirements:: Software needed to build and run Guix. | |
142 | * Setting Up the Daemon:: Preparing the build daemon's environment. | |
143 | * Invoking guix-daemon:: Running the build daemon. | |
144 | @end menu | |
145 | ||
146 | @node Requirements | |
147 | @section Requirements | |
148 | ||
149 | GNU Guix depends on the following packages: | |
150 | ||
151 | @itemize | |
4a328f73 | 152 | @item @url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.5 or later; |
288dca55 LC |
153 | @item @url{http://gnupg.org/, GNU libgcrypt}; |
154 | @item | |
155 | optionally, installing | |
156 | @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will | |
157 | allow you to use the @command{guix import pypi} command; it is of | |
158 | interest primarily for developers and not for casual users. | |
bd5e766b LC |
159 | @end itemize |
160 | ||
161 | Unless @code{--disable-daemon} was passed to @command{configure}, the | |
162 | following packages are also needed: | |
163 | ||
164 | @itemize | |
165 | @item @url{http://sqlite.org, SQLite 3} | |
166 | @item @url{http://www.bzip.org, libbz2} | |
167 | @item @url{http://gcc.gnu.org, GCC's g++} | |
168 | @end itemize | |
169 | ||
4bfc4ea3 NK |
170 | When a working installation of @url{http://nixos.org/nix/, the Nix package |
171 | manager} is available, you | |
bd5e766b | 172 | can instead configure Guix with @code{--disable-daemon}. In that case, |
4bfc4ea3 | 173 | Nix replaces the three dependencies above. |
bd5e766b | 174 | |
b22a12fd LC |
175 | Guix is compatible with Nix, so it is possible to share the same store |
176 | between both. To do so, you must pass @command{configure} not only the | |
177 | same @code{--with-store-dir} value, but also the same | |
4bfc4ea3 NK |
178 | @code{--localstatedir} value. The latter is essential because it |
179 | specifies where the database that stores metadata about the store is | |
834129e0 | 180 | located, among other things. The default values for Nix are |
b22a12fd | 181 | @code{--with-store-dir=/nix/store} and @code{--localstatedir=/nix/var}. |
4bfc4ea3 NK |
182 | Note that @code{--disable-daemon} is not required if |
183 | your goal is to share the store with Nix. | |
b22a12fd | 184 | |
bd5e766b LC |
185 | @node Setting Up the Daemon |
186 | @section Setting Up the Daemon | |
187 | ||
188 | @cindex daemon | |
189 | Operations such as building a package or running the garbage collector | |
49e6291a | 190 | are all performed by a specialized process, the @dfn{build daemon}, on |
bd5e766b LC |
191 | behalf of clients. Only the daemon may access the store and its |
192 | associated database. Thus, any operation that manipulates the store | |
193 | goes through the daemon. For instance, command-line tools such as | |
e49951eb | 194 | @command{guix package} and @command{guix build} communicate with the |
bd5e766b LC |
195 | daemon (@i{via} remote procedure calls) to instruct it what to do. |
196 | ||
49e6291a LC |
197 | The following sections explain how to prepare the build daemon's |
198 | environment. | |
199 | ||
200 | @menu | |
201 | * Build Environment Setup:: Preparing the isolated build environment. | |
202 | * Daemon Offload Setup:: Offloading builds to remote machines. | |
203 | @end menu | |
204 | ||
205 | @node Build Environment Setup | |
206 | @subsection Build Environment Setup | |
207 | ||
bd5e766b LC |
208 | In a standard multi-user setup, Guix and its daemon---the |
209 | @command{guix-daemon} program---are installed by the system | |
834129e0 | 210 | administrator; @file{/gnu/store} is owned by @code{root} and |
bd5e766b LC |
211 | @command{guix-daemon} runs as @code{root}. Unprivileged users may use |
212 | Guix tools to build packages or otherwise access the store, and the | |
213 | daemon will do it on their behalf, ensuring that the store is kept in a | |
214 | consistent state, and allowing built packages to be shared among users. | |
215 | ||
216 | @cindex build users | |
217 | When @command{guix-daemon} runs as @code{root}, you may not want package | |
218 | build processes themselves to run as @code{root} too, for obvious | |
219 | security reasons. To avoid that, a special pool of @dfn{build users} | |
220 | should be created for use by build processes started by the daemon. | |
221 | These build users need not have a shell and a home directory: they will | |
222 | just be used when the daemon drops @code{root} privileges in build | |
223 | processes. Having several such users allows the daemon to launch | |
224 | distinct build processes under separate UIDs, which guarantees that they | |
225 | do not interfere with each other---an essential feature since builds are | |
226 | regarded as pure functions (@pxref{Introduction}). | |
227 | ||
228 | On a GNU/Linux system, a build user pool may be created like this (using | |
229 | Bash syntax and the @code{shadow} commands): | |
230 | ||
091196b3 LC |
231 | @c See http://lists.gnu.org/archive/html/bug-guix/2013-01/msg00239.html |
232 | @c for why `-G' is needed. | |
bd5e766b LC |
233 | @example |
234 | # groupadd guix-builder | |
235 | # for i in `seq 1 10`; | |
236 | do | |
091196b3 LC |
237 | useradd -g guix-builder -G guix-builder \ |
238 | -d /var/empty -s `which nologin` \ | |
4d1a2b50 LC |
239 | -c "Guix build user $i" --system \ |
240 | guix-builder$i; | |
bd5e766b LC |
241 | done |
242 | @end example | |
243 | ||
244 | @noindent | |
245 | The @code{guix-daemon} program may then be run as @code{root} with: | |
246 | ||
247 | @example | |
248 | # guix-daemon --build-users-group=guix-builder | |
249 | @end example | |
250 | ||
e900c503 | 251 | @cindex chroot |
b095792f LC |
252 | @noindent |
253 | This way, the daemon starts build processes in a chroot, under one of | |
254 | the @code{guix-builder} users. On GNU/Linux, by default, the chroot | |
6dc99317 LC |
255 | environment contains nothing but: |
256 | ||
257 | @c Keep this list in sync with libstore/build.cc! ----------------------- | |
258 | @itemize | |
259 | @item | |
4743a4da LC |
260 | a minimal @code{/dev} directory, created mostly independently from the |
261 | host @code{/dev}@footnote{``Mostly'', because while the set of files | |
262 | that appear in the chroot's @code{/dev} is fixed, most of these files | |
263 | can only be created if the host has them.}; | |
264 | ||
265 | @item | |
266 | the @code{/proc} directory; it only shows the container's processes | |
267 | since a separate PID name space is used; | |
6dc99317 LC |
268 | |
269 | @item | |
270 | @file{/etc/passwd} with an entry for the current user and an entry for | |
271 | user @file{nobody}; | |
272 | ||
273 | @item | |
274 | @file{/etc/group} with an entry for the user's group; | |
275 | ||
276 | @item | |
277 | @file{/etc/hosts} with an entry that maps @code{localhost} to | |
278 | @code{127.0.0.1}; | |
279 | ||
280 | @item | |
281 | a writable @file{/tmp} directory. | |
282 | @end itemize | |
b095792f | 283 | |
d43eb499 | 284 | If you are installing Guix as an unprivileged user, it is still |
bd5e766b LC |
285 | possible to run @command{guix-daemon}. However, build processes will |
286 | not be isolated from one another, and not from the rest of the system. | |
287 | Thus, build processes may interfere with each other, and may access | |
288 | programs, libraries, and other files available on the system---making it | |
289 | much harder to view them as @emph{pure} functions. | |
290 | ||
49e6291a LC |
291 | |
292 | @node Daemon Offload Setup | |
293 | @subsection Using the Offload Facility | |
294 | ||
295 | @cindex offloading | |
4ec2e92d LC |
296 | @cindex build hook |
297 | When desired, the build daemon can @dfn{offload} | |
298 | derivation builds to other machines | |
49e6291a LC |
299 | running Guix, using the @code{offload} @dfn{build hook}. When that |
300 | feature is enabled, a list of user-specified build machines is read from | |
301 | @file{/etc/guix/machines.scm}; anytime a build is requested, for | |
302 | instance via @code{guix build}, the daemon attempts to offload it to one | |
303 | of the machines that satisfies the derivation's constraints, in | |
304 | particular its system type---e.g., @file{x86_64-linux}. Missing | |
305 | prerequisites for the build are copied over SSH to the target machine, | |
306 | which then proceeds with the build; upon success the output(s) of the | |
307 | build are copied back to the initial machine. | |
308 | ||
4ec2e92d | 309 | The @file{/etc/guix/machines.scm} file typically looks like this: |
49e6291a LC |
310 | |
311 | @example | |
312 | (list (build-machine | |
313 | (name "eightysix.example.org") | |
314 | (system "x86_64-linux") | |
315 | (user "bob") | |
316 | (speed 2.)) ; incredibly fast! | |
317 | ||
318 | (build-machine | |
319 | (name "meeps.example.org") | |
320 | (system "mips64el-linux") | |
321 | (user "alice") | |
322 | (private-key | |
323 | (string-append (getenv "HOME") | |
324 | "/.ssh/id-rsa-for-guix")))) | |
325 | @end example | |
326 | ||
327 | @noindent | |
328 | In the example above we specify a list of two build machines, one for | |
329 | the @code{x86_64} architecture and one for the @code{mips64el} | |
4ec2e92d LC |
330 | architecture. |
331 | ||
332 | In fact, this file is---not surprisingly!---a Scheme file that is | |
333 | evaluated when the @code{offload} hook is started. Its return value | |
334 | must be a list of @code{build-machine} objects. While this example | |
335 | shows a fixed list of build machines, one could imagine, say, using | |
336 | DNS-SD to return a list of potential build machines discovered in the | |
337 | local network (@pxref{Introduction, Guile-Avahi,, guile-avahi, Using | |
338 | Avahi in Guile Scheme Programs}). | |
339 | ||
340 | The compulsory fields for a @code{build-machine} declaration are: | |
49e6291a LC |
341 | |
342 | @table @code | |
343 | ||
344 | @item name | |
345 | The remote machine's host name. | |
346 | ||
347 | @item system | |
348 | The remote machine's system type. | |
349 | ||
350 | @item user | |
351 | The user account to use when connecting to the remote machine over SSH. | |
352 | Note that the SSH key pair must @emph{not} be passphrase-protected, to | |
353 | allow non-interactive logins. | |
354 | ||
355 | @end table | |
356 | ||
357 | @noindent | |
4ec2e92d | 358 | A number of optional fields may be specified: |
49e6291a LC |
359 | |
360 | @table @code | |
361 | ||
cecd72d5 LC |
362 | @item port |
363 | Port number of the machine's SSH server (default: 22). | |
364 | ||
49e6291a LC |
365 | @item private-key |
366 | The SSH private key file to use when connecting to the machine. | |
367 | ||
368 | @item parallel-builds | |
369 | The number of builds that may run in parallel on the machine (1 by | |
370 | default.) | |
371 | ||
372 | @item speed | |
373 | A ``relative speed factor''. The offload scheduler will tend to prefer | |
374 | machines with a higher speed factor. | |
375 | ||
376 | @item features | |
377 | A list of strings denoting specific features supported by the machine. | |
378 | An example is @code{"kvm"} for machines that have the KVM Linux modules | |
379 | and corresponding hardware support. Derivations can request features by | |
380 | name, and they will be scheduled on matching build machines. | |
381 | ||
382 | @end table | |
383 | ||
384 | The @code{guix} command must be in the search path on the build | |
385 | machines, since offloading works by invoking the @code{guix archive} and | |
386 | @code{guix build} commands. | |
387 | ||
388 | There's one last thing to do once @file{machines.scm} is in place. As | |
389 | explained above, when offloading, files are transferred back and forth | |
390 | between the machine stores. For this to work, you need to generate a | |
391 | key pair to allow the daemon to export signed archives of files from the | |
392 | store (@pxref{Invoking guix archive}): | |
393 | ||
394 | @example | |
395 | # guix archive --generate-key | |
396 | @end example | |
397 | ||
398 | @noindent | |
399 | Thus, when receiving files, a machine's build daemon can make sure they | |
400 | are genuine, have not been tampered with, and that they are signed by an | |
401 | authorized key. | |
402 | ||
403 | ||
bd5e766b LC |
404 | @node Invoking guix-daemon |
405 | @section Invoking @command{guix-daemon} | |
406 | ||
407 | The @command{guix-daemon} program implements all the functionality to | |
408 | access the store. This includes launching build processes, running the | |
409 | garbage collector, querying the availability of a build result, etc. It | |
410 | is normally run as @code{root} like this: | |
411 | ||
412 | @example | |
413 | # guix-daemon --build-users-group=guix-builder | |
414 | @end example | |
415 | ||
416 | @noindent | |
417 | For details on how to set it up, @ref{Setting Up the Daemon}. | |
418 | ||
e900c503 LC |
419 | @cindex chroot |
420 | @cindex container, build environment | |
421 | @cindex build environment | |
422 | @cindex reproducible builds | |
bd5e766b LC |
423 | By default, @command{guix-daemon} launches build processes under |
424 | different UIDs, taken from the build group specified with | |
425 | @code{--build-users-group}. In addition, each build process is run in a | |
426 | chroot environment that only contains the subset of the store that the | |
427 | build process depends on, as specified by its derivation | |
428 | (@pxref{Programming Interface, derivation}), plus a set of specific | |
429 | system directories. By default, the latter contains @file{/dev} and | |
e900c503 LC |
430 | @file{/dev/pts}. Furthermore, on GNU/Linux, the build environment is a |
431 | @dfn{container}: in addition to having its own file system tree, it has | |
432 | a separate mount name space, its own PID name space, network name space, | |
433 | etc. This helps achieve reproducible builds (@pxref{Features}). | |
bd5e766b LC |
434 | |
435 | The following command-line options are supported: | |
436 | ||
437 | @table @code | |
438 | @item --build-users-group=@var{group} | |
439 | Take users from @var{group} to run build processes (@pxref{Setting Up | |
440 | the Daemon, build users}). | |
441 | ||
6858f9d1 | 442 | @item --no-substitutes |
b5385b52 | 443 | @cindex substitutes |
6858f9d1 | 444 | Do not use substitutes for build products. That is, always build things |
c4202d60 LC |
445 | locally instead of allowing downloads of pre-built binaries |
446 | (@pxref{Substitutes}). | |
6858f9d1 | 447 | |
b5385b52 LC |
448 | By default substitutes are used, unless the client---such as the |
449 | @command{guix package} command---is explicitly invoked with | |
450 | @code{--no-substitutes}. | |
451 | ||
452 | When the daemon runs with @code{--no-substitutes}, clients can still | |
453 | explicitly enable substitution @i{via} the @code{set-build-options} | |
454 | remote procedure call (@pxref{The Store}). | |
455 | ||
4ec2e92d LC |
456 | @cindex build hook |
457 | @item --no-build-hook | |
458 | Do not use the @dfn{build hook}. | |
459 | ||
460 | The build hook is a helper program that the daemon can start and to | |
461 | which it submits build requests. This mechanism is used to offload | |
462 | builds to other machines (@pxref{Daemon Offload Setup}). | |
463 | ||
bd5e766b LC |
464 | @item --cache-failures |
465 | Cache build failures. By default, only successful builds are cached. | |
466 | ||
467 | @item --cores=@var{n} | |
468 | @itemx -c @var{n} | |
469 | Use @var{n} CPU cores to build each derivation; @code{0} means as many | |
470 | as available. | |
471 | ||
472 | The default value is @code{1}, but it may be overridden by clients, such | |
e49951eb MW |
473 | as the @code{--cores} option of @command{guix build} (@pxref{Invoking |
474 | guix build}). | |
bd5e766b LC |
475 | |
476 | The effect is to define the @code{NIX_BUILD_CORES} environment variable | |
477 | in the build process, which can then use it to exploit internal | |
478 | parallelism---for instance, by running @code{make -j$NIX_BUILD_CORES}. | |
479 | ||
480 | @item --max-jobs=@var{n} | |
481 | @itemx -M @var{n} | |
482 | Allow at most @var{n} build jobs in parallel. The default value is | |
483 | @code{1}. | |
484 | ||
485 | @item --debug | |
486 | Produce debugging output. | |
487 | ||
488 | This is useful to debug daemon start-up issues, but then it may be | |
489 | overridden by clients, for example the @code{--verbosity} option of | |
e49951eb | 490 | @command{guix build} (@pxref{Invoking guix build}). |
bd5e766b LC |
491 | |
492 | @item --chroot-directory=@var{dir} | |
493 | Add @var{dir} to the build chroot. | |
494 | ||
495 | Doing this may change the result of build processes---for instance if | |
496 | they use optional dependencies found in @var{dir} when it is available, | |
497 | and not otherwise. For that reason, it is not recommended to do so. | |
498 | Instead, make sure that each derivation declares all the inputs that it | |
499 | needs. | |
500 | ||
501 | @item --disable-chroot | |
502 | Disable chroot builds. | |
503 | ||
504 | Using this option is not recommended since, again, it would allow build | |
505 | processes to gain access to undeclared dependencies. | |
506 | ||
507 | @item --disable-log-compression | |
508 | Disable compression of the build logs. | |
509 | ||
1da983b9 LC |
510 | Unless @code{--lose-logs} is used, all the build logs are kept in the |
511 | @var{localstatedir}. To save space, the daemon automatically compresses | |
512 | them with bzip2 by default. This option disables that. | |
513 | ||
ab3893d7 LC |
514 | @item --disable-deduplication |
515 | @cindex deduplication | |
bd5e766b LC |
516 | Disable automatic file ``deduplication'' in the store. |
517 | ||
1da983b9 | 518 | By default, files added to the store are automatically ``deduplicated'': |
ab3893d7 LC |
519 | if a newly added file is identical to another one found in the store, |
520 | the daemon makes the new file a hard link to the other file. This can | |
521 | noticeably reduce disk usage, at the expense of slightly increasde | |
522 | input/output load at the end of a build process. This option disables | |
523 | this optimization. | |
1da983b9 | 524 | |
6e37066e LC |
525 | @item --gc-keep-outputs[=yes|no] |
526 | Tell whether the garbage collector (GC) must keep outputs of live | |
527 | derivations. | |
528 | ||
529 | When set to ``yes'', the GC will keep the outputs of any live derivation | |
530 | available in the store---the @code{.drv} files. The default is ``no'', | |
531 | meaning that derivation outputs are kept only if they are GC roots. | |
532 | ||
533 | @item --gc-keep-derivations[=yes|no] | |
534 | Tell whether the garbage collector (GC) must keep derivations | |
535 | corresponding to live outputs. | |
536 | ||
537 | When set to ``yes'', as is the case by default, the GC keeps | |
538 | derivations---i.e., @code{.drv} files---as long as at least one of their | |
539 | outputs is live. This allows users to keep track of the origins of | |
540 | items in their store. Setting it to ``no'' saves a bit of disk space. | |
541 | ||
542 | Note that when both @code{--gc-keep-derivations} and | |
543 | @code{--gc-keep-outputs} are used, the effect is to keep all the build | |
544 | prerequisites (the sources, compiler, libraries, and other build-time | |
545 | tools) of live objects in the store, regardless of whether these | |
546 | prerequisites are live. This is convenient for developers since it | |
547 | saves rebuilds or downloads. | |
548 | ||
bd5e766b LC |
549 | @item --impersonate-linux-2.6 |
550 | On Linux-based systems, impersonate Linux 2.6. This means that the | |
551 | kernel's @code{uname} system call will report 2.6 as the release number. | |
552 | ||
553 | This might be helpful to build programs that (usually wrongfully) depend | |
554 | on the kernel version number. | |
555 | ||
556 | @item --lose-logs | |
557 | Do not keep build logs. By default they are kept under | |
ce33631f | 558 | @code{@var{localstatedir}/guix/log}. |
bd5e766b LC |
559 | |
560 | @item --system=@var{system} | |
561 | Assume @var{system} as the current system type. By default it is the | |
562 | architecture/kernel pair found at configure time, such as | |
563 | @code{x86_64-linux}. | |
b8d2aa26 LC |
564 | |
565 | @item --listen=@var{socket} | |
566 | Listen for connections on @var{socket}, the file name of a Unix-domain | |
567 | socket. The default socket is | |
568 | @file{@var{localstatedir}/daemon-socket/socket}. This option is only | |
569 | useful in exceptional circumstances, such as if you need to run several | |
570 | daemons on the same machine. | |
bd5e766b LC |
571 | @end table |
572 | ||
573 | ||
eeaf4427 LC |
574 | @c ********************************************************************* |
575 | @node Package Management | |
576 | @chapter Package Management | |
577 | ||
f8348b91 | 578 | The purpose of GNU Guix is to allow users to easily install, upgrade, and |
eeaf4427 LC |
579 | remove software packages, without having to know about their build |
580 | procedure or dependencies. Guix also goes beyond this obvious set of | |
581 | features. | |
582 | ||
583 | This chapter describes the main features of Guix, as well as the package | |
584 | management tools it provides. | |
585 | ||
586 | @menu | |
587 | * Features:: How Guix will make your life brighter. | |
e49951eb | 588 | * Invoking guix package:: Package installation, removal, etc. |
457f60fa | 589 | * Emacs Interface:: Package management from Emacs. |
c4202d60 | 590 | * Substitutes:: Downloading pre-built binaries. |
760c60d6 | 591 | * Packages with Multiple Outputs:: Single source package, multiple outputs. |
e49951eb | 592 | * Invoking guix gc:: Running the garbage collector. |
f651b477 | 593 | * Invoking guix pull:: Fetching the latest Guix and distribution. |
760c60d6 | 594 | * Invoking guix archive:: Exporting and importing store files. |
eeaf4427 LC |
595 | @end menu |
596 | ||
597 | @node Features | |
598 | @section Features | |
599 | ||
600 | When using Guix, each package ends up in the @dfn{package store}, in its | |
601 | own directory---something that resembles | |
834129e0 | 602 | @file{/gnu/store/xxx-package-1.2}, where @code{xxx} is a base32 string. |
eeaf4427 LC |
603 | |
604 | Instead of referring to these directories, users have their own | |
605 | @dfn{profile}, which points to the packages that they actually want to | |
821b0015 LC |
606 | use. These profiles are stored within each user's home directory, at |
607 | @code{$HOME/.guix-profile}. | |
eeaf4427 | 608 | |
821b0015 | 609 | For example, @code{alice} installs GCC 4.7.2. As a result, |
eeaf4427 | 610 | @file{/home/alice/.guix-profile/bin/gcc} points to |
834129e0 | 611 | @file{/gnu/store/@dots{}-gcc-4.7.2/bin/gcc}. Now, on the same machine, |
821b0015 LC |
612 | @code{bob} had already installed GCC 4.8.0. The profile of @code{bob} |
613 | simply continues to point to | |
834129e0 | 614 | @file{/gnu/store/@dots{}-gcc-4.8.0/bin/gcc}---i.e., both versions of GCC |
821b0015 | 615 | coexist on the same system without any interference. |
eeaf4427 | 616 | |
e49951eb MW |
617 | The @command{guix package} command is the central tool to manage |
618 | packages (@pxref{Invoking guix package}). It operates on those per-user | |
821b0015 | 619 | profiles, and can be used @emph{with normal user privileges}. |
eeaf4427 LC |
620 | |
621 | The command provides the obvious install, remove, and upgrade | |
622 | operations. Each invocation is actually a @emph{transaction}: either | |
ba55b1cb | 623 | the specified operation succeeds, or nothing happens. Thus, if the |
e49951eb | 624 | @command{guix package} process is terminated during the transaction, |
eeaf4427 LC |
625 | or if a power outage occurs during the transaction, then the user's |
626 | profile remains in its previous state, and remains usable. | |
627 | ||
628 | In addition, any package transaction may be @emph{rolled back}. So, if, | |
629 | for example, an upgrade installs a new version of a package that turns | |
630 | out to have a serious bug, users may roll back to the previous instance | |
4af2447e LC |
631 | of their profile, which was known to work well. Similarly, the global |
632 | system configuration is subject to transactional upgrades and roll-back | |
633 | (@pxref{Using the Configuration System}). | |
eeaf4427 LC |
634 | |
635 | All those packages in the package store may be @emph{garbage-collected}. | |
636 | Guix can determine which packages are still referenced by the user | |
fe8ff028 | 637 | profiles, and remove those that are provably no longer referenced |
e49951eb | 638 | (@pxref{Invoking guix gc}). Users may also explicitly remove old |
fe8ff028 LC |
639 | generations of their profile so that the packages they refer to can be |
640 | collected. | |
eeaf4427 | 641 | |
e900c503 LC |
642 | @cindex reproducibility |
643 | @cindex reproducible builds | |
eeaf4427 LC |
644 | Finally, Guix takes a @dfn{purely functional} approach to package |
645 | management, as described in the introduction (@pxref{Introduction}). | |
834129e0 | 646 | Each @file{/gnu/store} package directory name contains a hash of all the |
eeaf4427 LC |
647 | inputs that were used to build that package---compiler, libraries, build |
648 | scripts, etc. This direct correspondence allows users to make sure a | |
649 | given package installation matches the current state of their | |
e900c503 LC |
650 | distribution. It also helps maximize @dfn{build reproducibility}: |
651 | thanks to the isolated build environments that are used, a given build | |
652 | is likely to yield bit-identical files when performed on different | |
653 | machines (@pxref{Invoking guix-daemon, container}). | |
eeaf4427 | 654 | |
c4202d60 | 655 | @cindex substitutes |
eeaf4427 | 656 | This foundation allows Guix to support @dfn{transparent binary/source |
c4202d60 | 657 | deployment}. When a pre-built binary for a @file{/gnu/store} item is |
18f2887b | 658 | available from an external source---a @dfn{substitute}, Guix just |
c4202d60 LC |
659 | downloads it and unpacks it; |
660 | otherwise, it builds the package from source, locally | |
661 | (@pxref{Substitutes}). | |
eeaf4427 | 662 | |
e49951eb MW |
663 | @node Invoking guix package |
664 | @section Invoking @command{guix package} | |
eeaf4427 | 665 | |
e49951eb | 666 | The @command{guix package} command is the tool that allows users to |
eeaf4427 LC |
667 | install, upgrade, and remove packages, as well as rolling back to |
668 | previous configurations. It operates only on the user's own profile, | |
669 | and works with normal user privileges (@pxref{Features}). Its syntax | |
670 | is: | |
671 | ||
672 | @example | |
e49951eb | 673 | guix package @var{options} |
eeaf4427 LC |
674 | @end example |
675 | ||
ba55b1cb | 676 | Primarily, @var{options} specifies the operations to be performed during |
eeaf4427 LC |
677 | the transaction. Upon completion, a new profile is created, but |
678 | previous generations of the profile remain available, should the user | |
679 | want to roll back. | |
680 | ||
6447738c MW |
681 | For example, to remove @code{lua} and install @code{guile} and |
682 | @code{guile-cairo} in a single transaction: | |
683 | ||
684 | @example | |
685 | guix package -r lua -i guile guile-cairo | |
686 | @end example | |
687 | ||
b9e5c0a9 | 688 | For each user, a symlink to the user's default profile is automatically |
0ec1af59 | 689 | created in @file{$HOME/.guix-profile}. This symlink always points to the |
b9e5c0a9 LC |
690 | current generation of the user's default profile. Thus, users can add |
691 | @file{$HOME/.guix-profile/bin} to their @code{PATH} environment | |
692 | variable, and so on. | |
693 | ||
0ec1af59 LC |
694 | In a multi-user setup, user profiles must be stored in a place |
695 | registered as a @dfn{garbage-collector root}, which | |
e49951eb | 696 | @file{$HOME/.guix-profile} points to (@pxref{Invoking guix gc}). That |
0ec1af59 LC |
697 | directory is normally |
698 | @code{@var{localstatedir}/profiles/per-user/@var{user}}, where | |
699 | @var{localstatedir} is the value passed to @code{configure} as | |
700 | @code{--localstatedir}, and @var{user} is the user name. It must be | |
701 | created by @code{root}, with @var{user} as the owner. When it does not | |
70c43291 LC |
702 | exist, or is not owned by @var{user}, @command{guix package} emits an |
703 | error about it. | |
0ec1af59 LC |
704 | |
705 | The @var{options} can be among the following: | |
706 | ||
eeaf4427 LC |
707 | @table @code |
708 | ||
6447738c MW |
709 | @item --install=@var{package} @dots{} |
710 | @itemx -i @var{package} @dots{} | |
711 | Install the specified @var{package}s. | |
eeaf4427 | 712 | |
6447738c | 713 | Each @var{package} may specify either a simple package name, such as |
eeaf4427 | 714 | @code{guile}, or a package name followed by a hyphen and version number, |
dc5669cd MW |
715 | such as @code{guile-1.8.8}. If no version number is specified, the |
716 | newest available version will be selected. In addition, @var{package} | |
717 | may contain a colon, followed by the name of one of the outputs of the | |
6e721c4d | 718 | package, as in @code{gcc:doc} or @code{binutils-2.22:lib} |
e7f34eb0 LC |
719 | (@pxref{Packages with Multiple Outputs}). Packages with a corresponding |
720 | name (and optionally version) are searched for among the GNU | |
721 | distribution modules (@pxref{Package Modules}). | |
eeaf4427 | 722 | |
461572cc LC |
723 | @cindex propagated inputs |
724 | Sometimes packages have @dfn{propagated inputs}: these are dependencies | |
725 | that automatically get installed along with the required package. | |
726 | ||
727 | An example is the GNU MPC library: its C header files refer to those of | |
728 | the GNU MPFR library, which in turn refer to those of the GMP library. | |
729 | Thus, when installing MPC, the MPFR and GMP libraries also get installed | |
730 | in the profile; removing MPC also removes MPFR and GMP---unless they had | |
731 | also been explicitly installed independently. | |
732 | ||
ba7ea5ce | 733 | Besides, packages sometimes rely on the definition of environment |
5924080d | 734 | variables for their search paths (see explanation of |
ba7ea5ce | 735 | @code{--search-paths} below). Any missing or possibly incorrect |
5924080d LC |
736 | environment variable definitions are reported here. |
737 | ||
ef010c0f | 738 | @c XXX: keep me up-to-date |
5924080d | 739 | Finally, when installing a GNU package, the tool reports the |
ef010c0f LC |
740 | availability of a newer upstream version. In the future, it may provide |
741 | the option of installing directly from the upstream version, even if | |
742 | that version is not yet in the distribution. | |
743 | ||
5d4b411f LC |
744 | @item --install-from-expression=@var{exp} |
745 | @itemx -e @var{exp} | |
746 | Install the package @var{exp} evaluates to. | |
747 | ||
748 | @var{exp} must be a Scheme expression that evaluates to a | |
749 | @code{<package>} object. This option is notably useful to disambiguate | |
750 | between same-named variants of a package, with expressions such as | |
751 | @code{(@@ (gnu packages base) guile-final)}. | |
752 | ||
753 | Note that this option installs the first output of the specified | |
754 | package, which may be insufficient when needing a specific output of a | |
755 | multiple-output package. | |
756 | ||
6447738c MW |
757 | @item --remove=@var{package} @dots{} |
758 | @itemx -r @var{package} @dots{} | |
759 | Remove the specified @var{package}s. | |
eeaf4427 | 760 | |
6447738c | 761 | As for @code{--install}, each @var{package} may specify a version number |
13ed095c LC |
762 | and/or output name in addition to the package name. For instance, |
763 | @code{-r glibc:debug} would remove the @code{debug} output of | |
764 | @code{glibc}. | |
765 | ||
6447738c MW |
766 | @item --upgrade[=@var{regexp} @dots{}] |
767 | @itemx -u [@var{regexp} @dots{}] | |
768 | Upgrade all the installed packages. If one or more @var{regexp}s are | |
769 | specified, upgrade only installed packages whose name matches a | |
770 | @var{regexp}. | |
eeaf4427 | 771 | |
f651b477 LC |
772 | Note that this upgrades package to the latest version of packages found |
773 | in the distribution currently installed. To update your distribution, | |
774 | you should regularly run @command{guix pull} (@pxref{Invoking guix | |
775 | pull}). | |
776 | ||
24e262f0 LC |
777 | @item --roll-back |
778 | Roll back to the previous @dfn{generation} of the profile---i.e., undo | |
779 | the last transaction. | |
780 | ||
781 | When combined with options such as @code{--install}, roll back occurs | |
782 | before any other actions. | |
783 | ||
d9307267 | 784 | When rolling back from the first generation that actually contains |
4b2bc804 NK |
785 | installed packages, the profile is made to point to the @dfn{zeroth |
786 | generation}, which contains no files apart from its own meta-data. | |
d9307267 | 787 | |
82fe08ed LC |
788 | Installing, removing, or upgrading packages from a generation that has |
789 | been rolled back to overwrites previous future generations. Thus, the | |
790 | history of a profile's generations is always linear. | |
791 | ||
5924080d LC |
792 | @item --search-paths |
793 | @cindex search paths | |
794 | Report environment variable definitions, in Bash syntax, that may be | |
795 | needed in order to use the set of installed packages. These environment | |
796 | variables are used to specify @dfn{search paths} for files used by some | |
797 | of the installed packages. | |
798 | ||
799 | For example, GCC needs the @code{CPATH} and @code{LIBRARY_PATH} | |
800 | environment variables to be defined so it can look for headers and | |
801 | libraries in the user's profile (@pxref{Environment Variables,,, gcc, | |
802 | Using the GNU Compiler Collection (GCC)}). If GCC and, say, the C | |
803 | library are installed in the profile, then @code{--search-paths} will | |
804 | suggest setting these variables to @code{@var{profile}/include} and | |
805 | @code{@var{profile}/lib}, respectively. | |
806 | ||
eeaf4427 LC |
807 | @item --profile=@var{profile} |
808 | @itemx -p @var{profile} | |
809 | Use @var{profile} instead of the user's default profile. | |
810 | ||
70915c1a LC |
811 | @item --verbose |
812 | Produce verbose output. In particular, emit the environment's build log | |
813 | on the standard error port. | |
814 | ||
eeaf4427 LC |
815 | @item --bootstrap |
816 | Use the bootstrap Guile to build the profile. This option is only | |
817 | useful to distribution developers. | |
818 | ||
819 | @end table | |
820 | ||
e49951eb | 821 | In addition to these actions @command{guix package} supports the |
733b4130 LC |
822 | following options to query the current state of a profile, or the |
823 | availability of packages: | |
eeaf4427 | 824 | |
733b4130 LC |
825 | @table @option |
826 | ||
acc08466 NK |
827 | @item --search=@var{regexp} |
828 | @itemx -s @var{regexp} | |
829 | List the available packages whose synopsis or description matches | |
299112d3 LC |
830 | @var{regexp}. Print all the meta-data of matching packages in |
831 | @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, | |
832 | GNU recutils manual}). | |
acc08466 | 833 | |
299112d3 LC |
834 | This allows specific fields to be extracted using the @command{recsel} |
835 | command, for instance: | |
836 | ||
837 | @example | |
e49951eb | 838 | $ guix package -s malloc | recsel -p name,version |
299112d3 LC |
839 | name: glibc |
840 | version: 2.17 | |
841 | ||
842 | name: libgc | |
843 | version: 7.2alpha6 | |
844 | @end example | |
acc08466 | 845 | |
a12d92f5 LC |
846 | Similarly, to show the name of all the packages available under the |
847 | terms of the GNU@tie{}LGPL version 3: | |
848 | ||
849 | @example | |
850 | $ guix package -s "" | recsel -p name -e 'license ~ "LGPL 3"' | |
851 | name: elfutils | |
852 | ||
853 | name: gmp | |
854 | @dots{} | |
855 | @end example | |
856 | ||
2aa6efb0 CR |
857 | @item --show=@var{package} |
858 | Show details about @var{package}, taken from the list of available packages, in | |
859 | @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, GNU | |
860 | recutils manual}). | |
861 | ||
862 | @example | |
863 | $ guix package --show=python | recsel -p name,version | |
864 | name: python | |
865 | version: 2.7.6 | |
866 | ||
867 | name: python | |
868 | version: 3.3.5 | |
869 | @end example | |
870 | ||
871 | You may also specify the full name of a package to only get details about a | |
872 | specific version of it: | |
873 | @example | |
874 | $ guix package --show=python-3.3.5 | recsel -p name,version | |
875 | name: python | |
876 | version: 3.3.5 | |
877 | @end example | |
878 | ||
879 | ||
880 | ||
733b4130 LC |
881 | @item --list-installed[=@var{regexp}] |
882 | @itemx -I [@var{regexp}] | |
bd9bde1c LC |
883 | List the currently installed packages in the specified profile, with the |
884 | most recently installed packages shown last. When @var{regexp} is | |
885 | specified, list only installed packages whose name matches @var{regexp}. | |
733b4130 LC |
886 | |
887 | For each installed package, print the following items, separated by | |
888 | tabs: the package name, its version string, the part of the package that | |
889 | is installed (for instance, @code{out} for the default output, | |
890 | @code{include} for its headers, etc.), and the path of this package in | |
891 | the store. | |
892 | ||
64fc89b6 LC |
893 | @item --list-available[=@var{regexp}] |
894 | @itemx -A [@var{regexp}] | |
a1ba8475 LC |
895 | List packages currently available in the software distribution |
896 | (@pxref{GNU Distribution}). When @var{regexp} is specified, list only | |
897 | installed packages whose name matches @var{regexp}. | |
64fc89b6 LC |
898 | |
899 | For each package, print the following items separated by tabs: its name, | |
6e721c4d LC |
900 | its version string, the parts of the package (@pxref{Packages with |
901 | Multiple Outputs}), and the source location of its definition. | |
64fc89b6 | 902 | |
f566d765 LC |
903 | @item --list-generations[=@var{pattern}] |
904 | @itemx -l [@var{pattern}] | |
905 | Return a list of generations along with their creation dates; for each | |
906 | generation, show the installed packages, with the most recently | |
4b2bc804 NK |
907 | installed packages shown last. Note that the zeroth generation is never |
908 | shown. | |
f566d765 LC |
909 | |
910 | For each installed package, print the following items, separated by | |
911 | tabs: the name of a package, its version string, the part of the package | |
912 | that is installed (@pxref{Packages with Multiple Outputs}), and the | |
913 | location of this package in the store. | |
914 | ||
915 | When @var{pattern} is used, the command returns only matching | |
916 | generations. Valid patterns include: | |
917 | ||
918 | @itemize | |
919 | @item @emph{Integers and comma-separated integers}. Both patterns denote | |
920 | generation numbers. For instance, @code{--list-generations=1} returns | |
921 | the first one. | |
922 | ||
923 | And @code{--list-generations=1,8,2} outputs three generations in the | |
924 | specified order. Neither spaces nor trailing commas are allowed. | |
925 | ||
926 | @item @emph{Ranges}. @code{--list-generations=2..9} prints the | |
927 | specified generations and everything in between. Note that the start of | |
928 | a range must be lesser than its end. | |
929 | ||
930 | It is also possible to omit the endpoint. For example, | |
931 | @code{--list-generations=2..}, returns all generations starting from the | |
932 | second one. | |
933 | ||
934 | @item @emph{Durations}. You can also get the last @emph{N}@tie{}days, weeks, | |
935 | or months by passing an integer along with the first letter of the | |
d7ddb257 LC |
936 | duration. For example, @code{--list-generations=20d} lists generations |
937 | that are up to 20 days old. | |
f566d765 LC |
938 | @end itemize |
939 | ||
b7884ca3 NK |
940 | @item --delete-generations[=@var{pattern}] |
941 | @itemx -d [@var{pattern}] | |
d7ddb257 LC |
942 | When @var{pattern} is omitted, delete all generations except the current |
943 | one. | |
b7884ca3 NK |
944 | |
945 | This command accepts the same patterns as @option{--list-generations}. | |
d7ddb257 LC |
946 | When @var{pattern} is specified, delete the matching generations. When |
947 | @var{pattern} specifies a duration, generations @emph{older} than the | |
948 | specified duration match. For instance, @code{--delete-generations=1m} | |
949 | deletes generations that are more than one month old. | |
950 | ||
951 | If the current generation matches, it is deleted atomically---i.e., by | |
952 | switching to the previous available generation. Note that the zeroth | |
953 | generation is never deleted. | |
b7884ca3 | 954 | |
1bb9900a LC |
955 | Note that deleting generations prevents roll-back to them. |
956 | Consequently, this command must be used with care. | |
957 | ||
733b4130 | 958 | @end table |
eeaf4427 | 959 | |
70ee5642 LC |
960 | Finally, since @command{guix package} may actually start build |
961 | processes, it supports all the common build options that @command{guix | |
962 | build} supports (@pxref{Invoking guix build, common build options}). | |
963 | ||
457f60fa AK |
964 | @include emacs.texi |
965 | ||
c4202d60 LC |
966 | @node Substitutes |
967 | @section Substitutes | |
968 | ||
969 | @cindex substitutes | |
970 | @cindex pre-built binaries | |
971 | Guix supports transparent source/binary deployment, which means that it | |
972 | can either build things locally, or download pre-built items from a | |
973 | server. We call these pre-built items @dfn{substitutes}---they are | |
974 | substitutes for local build results. In many cases, downloading a | |
975 | substitute is much faster than building things locally. | |
976 | ||
977 | Substitutes can be anything resulting from a derivation build | |
978 | (@pxref{Derivations}). Of course, in the common case, they are | |
979 | pre-built package binaries, but source tarballs, for instance, which | |
980 | also result from derivation builds, can be available as substitutes. | |
981 | ||
982 | The @code{hydra.gnu.org} server is a front-end to a build farm that | |
983 | builds packages from the GNU distribution continuously for some | |
984 | architectures, and makes them available as substitutes. | |
985 | ||
986 | @cindex security | |
987 | @cindex digital signatures | |
988 | To allow Guix to download substitutes from @code{hydra.gnu.org}, you | |
989 | must add its public key to the access control list (ACL) of archive | |
990 | imports, using the @command{guix archive} command (@pxref{Invoking guix | |
991 | archive}). Doing so implies that you trust @code{hydra.gnu.org} to not | |
992 | be compromised and to serve genuine substitutes. | |
993 | ||
994 | This public key is installed along with Guix, in | |
995 | @code{@var{prefix}/share/guix/hydra.gnu.org.pub}, where @var{prefix} is | |
996 | the installation prefix of Guix. If you installed Guix from source, | |
997 | make sure you checked the GPG signature of | |
998 | @file{guix-@value{VERSION}.tar.gz}, which contains this public key file. | |
999 | Then, you can run something like this: | |
1000 | ||
1001 | @example | |
1002 | # guix archive --authorize < hydra.gnu.org.pub | |
1003 | @end example | |
1004 | ||
1005 | Once this is in place, the output of a command like @code{guix build} | |
1006 | should change from something like: | |
1007 | ||
1008 | @example | |
1009 | $ guix build emacs --dry-run | |
1010 | The following derivations would be built: | |
1011 | /gnu/store/yr7bnx8xwcayd6j95r2clmkdl1qh688w-emacs-24.3.drv | |
1012 | /gnu/store/x8qsh1hlhgjx6cwsjyvybnfv2i37z23w-dbus-1.6.4.tar.gz.drv | |
1013 | /gnu/store/1ixwp12fl950d15h2cj11c73733jay0z-alsa-lib-1.0.27.1.tar.bz2.drv | |
1014 | /gnu/store/nlma1pw0p603fpfiqy7kn4zm105r5dmw-util-linux-2.21.drv | |
1015 | @dots{} | |
1016 | @end example | |
1017 | ||
1018 | @noindent | |
1019 | to something like: | |
1020 | ||
1021 | @example | |
1022 | $ guix build emacs --dry-run | |
1023 | The following files would be downloaded: | |
1024 | /gnu/store/pk3n22lbq6ydamyymqkkz7i69wiwjiwi-emacs-24.3 | |
1025 | /gnu/store/2ygn4ncnhrpr61rssa6z0d9x22si0va3-libjpeg-8d | |
1026 | /gnu/store/71yz6lgx4dazma9dwn2mcjxaah9w77jq-cairo-1.12.16 | |
1027 | /gnu/store/7zdhgp0n1518lvfn8mb96sxqfmvqrl7v-libxrender-0.9.7 | |
1028 | @dots{} | |
1029 | @end example | |
1030 | ||
1031 | @noindent | |
1032 | This indicates that substitutes from @code{hydra.gnu.org} are usable and | |
1033 | will be downloaded, when possible, for future builds. | |
1034 | ||
1035 | Guix ignores substitutes that are not signed, or that are not signed by | |
ef27aa9c | 1036 | one of the keys listed in the ACL. It also detects and raises an error |
c4202d60 LC |
1037 | when attempting to use a substitute that has been tampered with. |
1038 | ||
1039 | The substitute mechanism can be disabled globally by running | |
1040 | @code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoking | |
1041 | guix-daemon}). It can also be disabled temporarily by passing the | |
1042 | @code{--no-substitutes} option to @command{guix package}, @command{guix | |
1043 | build}, and other command-line tools. | |
1044 | ||
1045 | ||
1046 | Today, each individual's control over their own computing is at the | |
1047 | mercy of institutions, corporations, and groups with enough power and | |
1048 | determination to subvert the computing infrastructure and exploit its | |
1049 | weaknesses. While using @code{hydra.gnu.org} substitutes can be | |
1050 | convenient, we encourage users to also build on their own, or even run | |
1051 | their own build farm, such that @code{hydra.gnu.org} is less of an | |
1052 | interesting target. | |
1053 | ||
1054 | Guix has the foundations to maximize build reproducibility | |
1055 | (@pxref{Features}). In most cases, independent builds of a given | |
1056 | package or derivation should yield bit-identical results. Thus, through | |
1057 | a diverse set of independent package builds, we can strengthen the | |
1058 | integrity of our systems. | |
1059 | ||
1060 | In the future, we want Guix to have support to publish and retrieve | |
1061 | binaries to/from other users, in a peer-to-peer fashion. If you would | |
1062 | like to discuss this project, join us on @email{guix-devel@@gnu.org}. | |
1063 | ||
1064 | ||
6e721c4d LC |
1065 | @node Packages with Multiple Outputs |
1066 | @section Packages with Multiple Outputs | |
1067 | ||
1068 | @cindex multiple-output packages | |
1069 | @cindex package outputs | |
1070 | ||
1071 | Often, packages defined in Guix have a single @dfn{output}---i.e., the | |
1072 | source package leads exactly one directory in the store. When running | |
1073 | @command{guix package -i glibc}, one installs the default output of the | |
1074 | GNU libc package; the default output is called @code{out}, but its name | |
1075 | can be omitted as shown in this command. In this particular case, the | |
1076 | default output of @code{glibc} contains all the C header files, shared | |
1077 | libraries, static libraries, Info documentation, and other supporting | |
1078 | files. | |
1079 | ||
1080 | Sometimes it is more appropriate to separate the various types of files | |
1081 | produced from a single source package into separate outputs. For | |
1082 | instance, the GLib C library (used by GTK+ and related packages) | |
1083 | installs more than 20 MiB of reference documentation as HTML pages. | |
1084 | To save space for users who do not need it, the documentation goes to a | |
1085 | separate output, called @code{doc}. To install the main GLib output, | |
1086 | which contains everything but the documentation, one would run: | |
1087 | ||
1088 | @example | |
1089 | guix package -i glib | |
1090 | @end example | |
1091 | ||
1092 | The command to install its documentation is: | |
1093 | ||
1094 | @example | |
1095 | guix package -i glib:doc | |
1096 | @end example | |
1097 | ||
1098 | Some packages install programs with different ``dependency footprints''. | |
1099 | For instance, the WordNet package install both command-line tools and | |
1100 | graphical user interfaces (GUIs). The former depend solely on the C | |
1101 | library, whereas the latter depend on Tcl/Tk and the underlying X | |
1102 | libraries. In this case, we leave the command-line tools in the default | |
1103 | output, whereas the GUIs are in a separate output. This allows users | |
1104 | who do not need the GUIs to save space. | |
1105 | ||
1106 | There are several such multiple-output packages in the GNU distribution. | |
91ef73d4 LC |
1107 | Other conventional output names include @code{lib} for libraries and |
1108 | possibly header files, @code{bin} for stand-alone programs, and | |
1109 | @code{debug} for debugging information (@pxref{Installing Debugging | |
1110 | Files}). The outputs of a packages are listed in the third column of | |
1111 | the output of @command{guix package --list-available} (@pxref{Invoking | |
1112 | guix package}). | |
6e721c4d | 1113 | |
eeaf4427 | 1114 | |
e49951eb MW |
1115 | @node Invoking guix gc |
1116 | @section Invoking @command{guix gc} | |
fe8ff028 LC |
1117 | |
1118 | @cindex garbage collector | |
1119 | Packages that are installed but not used may be @dfn{garbage-collected}. | |
e49951eb | 1120 | The @command{guix gc} command allows users to explicitly run the garbage |
834129e0 | 1121 | collector to reclaim space from the @file{/gnu/store} directory. |
fe8ff028 LC |
1122 | |
1123 | The garbage collector has a set of known @dfn{roots}: any file under | |
834129e0 | 1124 | @file{/gnu/store} reachable from a root is considered @dfn{live} and |
fe8ff028 LC |
1125 | cannot be deleted; any other file is considered @dfn{dead} and may be |
1126 | deleted. The set of garbage collector roots includes default user | |
e49951eb MW |
1127 | profiles, and may be augmented with @command{guix build --root}, for |
1128 | example (@pxref{Invoking guix build}). | |
fe8ff028 | 1129 | |
1bb9900a LC |
1130 | Prior to running @code{guix gc --collect-garbage} to make space, it is |
1131 | often useful to remove old generations from user profiles; that way, old | |
1132 | package builds referenced by those generations can be reclaimed. This | |
1133 | is achieved by running @code{guix package --delete-generations} | |
1134 | (@pxref{Invoking guix package}). | |
1135 | ||
e49951eb | 1136 | The @command{guix gc} command has three modes of operation: it can be |
fe8ff028 LC |
1137 | used to garbage-collect any dead files (the default), to delete specific |
1138 | files (the @code{--delete} option), or to print garbage-collector | |
1139 | information. The available options are listed below: | |
1140 | ||
1141 | @table @code | |
1142 | @item --collect-garbage[=@var{min}] | |
1143 | @itemx -C [@var{min}] | |
834129e0 | 1144 | Collect garbage---i.e., unreachable @file{/gnu/store} files and |
fe8ff028 LC |
1145 | sub-directories. This is the default operation when no option is |
1146 | specified. | |
1147 | ||
1148 | When @var{min} is given, stop once @var{min} bytes have been collected. | |
1149 | @var{min} may be a number of bytes, or it may include a unit as a | |
4a44d7bb LC |
1150 | suffix, such as @code{MiB} for mebibytes and @code{GB} for gigabytes |
1151 | (@pxref{Block size, size specifications,, coreutils, GNU Coreutils}). | |
fe8ff028 LC |
1152 | |
1153 | When @var{min} is omitted, collect all the garbage. | |
1154 | ||
1155 | @item --delete | |
1156 | @itemx -d | |
1157 | Attempt to delete all the store files and directories specified as | |
1158 | arguments. This fails if some of the files are not in the store, or if | |
1159 | they are still live. | |
1160 | ||
1161 | @item --list-dead | |
1162 | Show the list of dead files and directories still present in the | |
1163 | store---i.e., files and directories no longer reachable from any root. | |
1164 | ||
1165 | @item --list-live | |
1166 | Show the list of live store files and directories. | |
ba8b732d LC |
1167 | |
1168 | @end table | |
1169 | ||
1170 | In addition, the references among existing store files can be queried: | |
1171 | ||
1172 | @table @code | |
1173 | ||
1174 | @item --references | |
1175 | @itemx --referrers | |
1176 | List the references (respectively, the referrers) of store files given | |
1177 | as arguments. | |
1178 | ||
8e59fdd5 LC |
1179 | @item --requisites |
1180 | @itemx -R | |
1181 | List the requisites of the store files passed as arguments. Requisites | |
1182 | include the store files themselves, their references, and the references | |
1183 | of these, recursively. In other words, the returned list is the | |
1184 | @dfn{transitive closure} of the store files. | |
1185 | ||
fe8ff028 LC |
1186 | @end table |
1187 | ||
eeaf4427 | 1188 | |
f651b477 LC |
1189 | @node Invoking guix pull |
1190 | @section Invoking @command{guix pull} | |
1191 | ||
1192 | Packages are installed or upgraded to the latest version available in | |
1193 | the distribution currently available on your local machine. To update | |
1194 | that distribution, along with the Guix tools, you must run @command{guix | |
1195 | pull}: the command downloads the latest Guix source code and package | |
1196 | descriptions, and deploys it. | |
1197 | ||
1198 | On completion, @command{guix package} will use packages and package | |
1199 | versions from this just-retrieved copy of Guix. Not only that, but all | |
1200 | the Guix commands and Scheme modules will also be taken from that latest | |
1201 | version. New @command{guix} sub-commands added by the update also | |
1202 | become available. | |
1203 | ||
1204 | The @command{guix pull} command is usually invoked with no arguments, | |
1205 | but it supports the following options: | |
1206 | ||
1207 | @table @code | |
1208 | @item --verbose | |
1209 | Produce verbose output, writing build logs to the standard error output. | |
1210 | ||
ab5d72ad LC |
1211 | @item --url=@var{url} |
1212 | Download the source tarball of Guix from @var{url}. | |
1213 | ||
1214 | By default, the tarball is taken from its canonical address at | |
1215 | @code{gnu.org}, for the stable branch of Guix. | |
1216 | ||
f651b477 LC |
1217 | @item --bootstrap |
1218 | Use the bootstrap Guile to build the latest Guix. This option is only | |
1219 | useful to Guix developers. | |
1220 | @end table | |
1221 | ||
760c60d6 LC |
1222 | |
1223 | @node Invoking guix archive | |
1224 | @section Invoking @command{guix archive} | |
1225 | ||
1226 | The @command{guix archive} command allows users to @dfn{export} files | |
1227 | from the store into a single archive, and to later @dfn{import} them. | |
1228 | In particular, it allows store files to be transferred from one machine | |
1229 | to another machine's store. For example, to transfer the @code{emacs} | |
1230 | package to a machine connected over SSH, one would run: | |
1231 | ||
1232 | @example | |
1233 | guix archive --export emacs | ssh the-machine guix archive --import | |
1234 | @end example | |
1235 | ||
87236aed LC |
1236 | @noindent |
1237 | However, note that, in this example, all of @code{emacs} and its | |
1238 | dependencies are transferred, regardless of what is already available in | |
1239 | the target machine's store. The @code{--missing} option can help figure | |
1240 | out which items are missing from the target's store. | |
1241 | ||
760c60d6 | 1242 | Archives are stored in the ``Nix archive'' or ``Nar'' format, which is |
0dbd88db LC |
1243 | comparable in spirit to `tar', but with a few noteworthy differences |
1244 | that make it more appropriate for our purposes. First, rather than | |
1245 | recording all Unix meta-data for each file, the Nar format only mentions | |
1246 | the file type (regular, directory, or symbolic link); Unix permissions | |
1247 | and owner/group are dismissed. Second, the order in which directory | |
1248 | entries are stored always follows the order of file names according to | |
1249 | the C locale collation order. This makes archive production fully | |
1250 | deterministic. | |
1251 | ||
1252 | When exporting, the daemon digitally signs the contents of the archive, | |
1253 | and that digital signature is appended. When importing, the daemon | |
1254 | verifies the signature and rejects the import in case of an invalid | |
1255 | signature or if the signing key is not authorized. | |
760c60d6 LC |
1256 | @c FIXME: Add xref to daemon doc about signatures. |
1257 | ||
1258 | The main options are: | |
1259 | ||
1260 | @table @code | |
1261 | @item --export | |
1262 | Export the specified store files or packages (see below.) Write the | |
1263 | resulting archive to the standard output. | |
1264 | ||
1265 | @item --import | |
1266 | Read an archive from the standard input, and import the files listed | |
1267 | therein into the store. Abort if the archive has an invalid digital | |
f82cc5fd LC |
1268 | signature, or if it is signed by a public key not among the authorized |
1269 | keys (see @code{--authorize} below.) | |
554f26ec | 1270 | |
87236aed LC |
1271 | @item --missing |
1272 | Read a list of store file names from the standard input, one per line, | |
1273 | and write on the standard output the subset of these files missing from | |
1274 | the store. | |
1275 | ||
554f26ec | 1276 | @item --generate-key[=@var{parameters}] |
f82cc5fd | 1277 | @cindex signing, archives |
554f26ec LC |
1278 | Generate a new key pair for the daemons. This is a prerequisite before |
1279 | archives can be exported with @code{--export}. Note that this operation | |
1280 | usually takes time, because it needs to gather enough entropy to | |
1281 | generate the key pair. | |
1282 | ||
1283 | The generated key pair is typically stored under @file{/etc/guix}, in | |
1284 | @file{signing-key.pub} (public key) and @file{signing-key.sec} (private | |
1285 | key, which must be kept secret.) When @var{parameters} is omitted, it | |
1286 | is a 4096-bit RSA key. Alternately, @var{parameters} can specify | |
1287 | @code{genkey} parameters suitable for Libgcrypt (@pxref{General | |
1288 | public-key related Functions, @code{gcry_pk_genkey},, gcrypt, The | |
1289 | Libgcrypt Reference Manual}). | |
f82cc5fd LC |
1290 | |
1291 | @item --authorize | |
1292 | @cindex authorizing, archives | |
1293 | Authorize imports signed by the public key passed on standard input. | |
1294 | The public key must be in ``s-expression advanced format''---i.e., the | |
1295 | same format as the @file{signing-key.pub} file. | |
1296 | ||
1297 | The list of authorized keys is kept in the human-editable file | |
1298 | @file{/etc/guix/acl}. The file contains | |
1299 | @url{http://people.csail.mit.edu/rivest/Sexp.txt, ``advanced-format | |
1300 | s-expressions''} and is structured as an access-control list in the | |
1301 | @url{http://theworld.com/~cme/spki.txt, Simple Public-Key Infrastructure | |
1302 | (SPKI)}. | |
760c60d6 LC |
1303 | @end table |
1304 | ||
1305 | To export store files as an archive to the standard output, run: | |
1306 | ||
1307 | @example | |
1308 | guix archive --export @var{options} @var{specifications}... | |
1309 | @end example | |
1310 | ||
1311 | @var{specifications} may be either store file names or package | |
1312 | specifications, as for @command{guix package} (@pxref{Invoking guix | |
1313 | package}). For instance, the following command creates an archive | |
1314 | containing the @code{gui} output of the @code{git} package and the main | |
1315 | output of @code{emacs}: | |
1316 | ||
1317 | @example | |
834129e0 | 1318 | guix archive --export git:gui /gnu/store/...-emacs-24.3 > great.nar |
760c60d6 LC |
1319 | @end example |
1320 | ||
1321 | If the specified packages are not built yet, @command{guix archive} | |
1322 | automatically builds them. The build process may be controlled with the | |
1323 | same options that can be passed to the @command{guix build} command | |
70ee5642 | 1324 | (@pxref{Invoking guix build, common build options}). |
760c60d6 LC |
1325 | |
1326 | ||
568717fd LC |
1327 | @c ********************************************************************* |
1328 | @node Programming Interface | |
1329 | @chapter Programming Interface | |
1330 | ||
3dc1970d LC |
1331 | GNU Guix provides several Scheme programming interfaces (APIs) to |
1332 | define, build, and query packages. The first interface allows users to | |
1333 | write high-level package definitions. These definitions refer to | |
1334 | familiar packaging concepts, such as the name and version of a package, | |
1335 | its build system, and its dependencies. These definitions can then be | |
1336 | turned into concrete build actions. | |
1337 | ||
ba55b1cb | 1338 | Build actions are performed by the Guix daemon, on behalf of users. In a |
3dc1970d | 1339 | standard setup, the daemon has write access to the store---the |
834129e0 | 1340 | @file{/gnu/store} directory---whereas users do not. The recommended |
3dc1970d LC |
1341 | setup also has the daemon perform builds in chroots, under a specific |
1342 | build users, to minimize interference with the rest of the system. | |
1343 | ||
1344 | @cindex derivation | |
1345 | Lower-level APIs are available to interact with the daemon and the | |
1346 | store. To instruct the daemon to perform a build action, users actually | |
1347 | provide it with a @dfn{derivation}. A derivation is a low-level | |
1348 | representation of the build actions to be taken, and the environment in | |
1349 | which they should occur---derivations are to package definitions what | |
49ad317a LC |
1350 | assembly is to C programs. The term ``derivation'' comes from the fact |
1351 | that build results @emph{derive} from them. | |
3dc1970d LC |
1352 | |
1353 | This chapter describes all these APIs in turn, starting from high-level | |
1354 | package definitions. | |
1355 | ||
568717fd | 1356 | @menu |
b860f382 | 1357 | * Defining Packages:: Defining new packages. |
7458bd0a | 1358 | * Build Systems:: Specifying how packages are built. |
b860f382 LC |
1359 | * The Store:: Manipulating the package store. |
1360 | * Derivations:: Low-level interface to package derivations. | |
1361 | * The Store Monad:: Purely functional interface to the store. | |
21b679f6 | 1362 | * G-Expressions:: Manipulating build expressions. |
568717fd LC |
1363 | @end menu |
1364 | ||
1365 | @node Defining Packages | |
1366 | @section Defining Packages | |
1367 | ||
3dc1970d LC |
1368 | The high-level interface to package definitions is implemented in the |
1369 | @code{(guix packages)} and @code{(guix build-system)} modules. As an | |
1370 | example, the package definition, or @dfn{recipe}, for the GNU Hello | |
1371 | package looks like this: | |
1372 | ||
1373 | @example | |
e7f34eb0 LC |
1374 | (define-module (gnu packages hello) |
1375 | #:use-module (guix packages) | |
1376 | #:use-module (guix download) | |
1377 | #:use-module (guix build-system gnu) | |
1378 | #:use-module (guix licenses)) | |
b22a12fd | 1379 | |
79f5dd59 | 1380 | (define-public hello |
3dc1970d LC |
1381 | (package |
1382 | (name "hello") | |
1383 | (version "2.8") | |
1384 | (source (origin | |
1385 | (method url-fetch) | |
1386 | (uri (string-append "mirror://gnu/hello/hello-" version | |
1387 | ".tar.gz")) | |
1388 | (sha256 | |
1389 | (base32 "0wqd8sjmxfskrflaxywc7gqw7sfawrfvdxd9skxawzfgyy0pzdz6")))) | |
1390 | (build-system gnu-build-system) | |
7458bd0a | 1391 | (arguments `(#:configure-flags '("--enable-silent-rules"))) |
3dc1970d | 1392 | (inputs `(("gawk" ,gawk))) |
7458bd0a LC |
1393 | (synopsis "Hello, GNU world: An example GNU package") |
1394 | (description "Guess what GNU Hello prints!") | |
3dc1970d | 1395 | (home-page "http://www.gnu.org/software/hello/") |
b22a12fd | 1396 | (license gpl3+))) |
3dc1970d LC |
1397 | @end example |
1398 | ||
1399 | @noindent | |
1400 | Without being a Scheme expert, the reader may have guessed the meaning | |
e7f34eb0 | 1401 | of the various fields here. This expression binds variable @code{hello} |
3dc1970d LC |
1402 | to a @code{<package>} object, which is essentially a record |
1403 | (@pxref{SRFI-9, Scheme records,, guile, GNU Guile Reference Manual}). | |
1404 | This package object can be inspected using procedures found in the | |
1405 | @code{(guix packages)} module; for instance, @code{(package-name hello)} | |
1406 | returns---surprise!---@code{"hello"}. | |
1407 | ||
e7f34eb0 LC |
1408 | In the example above, @var{hello} is defined into a module of its own, |
1409 | @code{(gnu packages hello)}. Technically, this is not strictly | |
1410 | necessary, but it is convenient to do so: all the packages defined in | |
1411 | modules under @code{(gnu packages @dots{})} are automatically known to | |
1412 | the command-line tools (@pxref{Package Modules}). | |
1413 | ||
3dc1970d LC |
1414 | There are a few points worth noting in the above package definition: |
1415 | ||
1416 | @itemize | |
1417 | @item | |
1418 | The @code{source} field of the package is an @code{<origin>} object. | |
1419 | Here, the @code{url-fetch} method from @code{(guix download)} is used, | |
1420 | meaning that the source is a file to be downloaded over FTP or HTTP. | |
1421 | ||
1422 | The @code{mirror://gnu} prefix instructs @code{url-fetch} to use one of | |
1423 | the GNU mirrors defined in @code{(guix download)}. | |
1424 | ||
1425 | The @code{sha256} field specifies the expected SHA256 hash of the file | |
1426 | being downloaded. It is mandatory, and allows Guix to check the | |
1427 | integrity of the file. The @code{(base32 @dots{})} form introduces the | |
6c365eca | 1428 | base32 representation of the hash. You can obtain this information with |
210cc920 LC |
1429 | @code{guix download} (@pxref{Invoking guix download}) and @code{guix |
1430 | hash} (@pxref{Invoking guix hash}). | |
3dc1970d | 1431 | |
f9cc8971 LC |
1432 | @cindex patches |
1433 | When needed, the @code{origin} form can also have a @code{patches} field | |
1434 | listing patches to be applied, and a @code{snippet} field giving a | |
1435 | Scheme expression to modify the source code. | |
1436 | ||
3dc1970d LC |
1437 | @item |
1438 | @cindex GNU Build System | |
7458bd0a LC |
1439 | The @code{build-system} field specifies the procedure to build the |
1440 | package (@pxref{Build Systems}). Here, @var{gnu-build-system} | |
1441 | represents the familiar GNU Build System, where packages may be | |
1442 | configured, built, and installed with the usual @code{./configure && | |
1443 | make && make check && make install} command sequence. | |
1444 | ||
1445 | @item | |
1446 | The @code{arguments} field specifies options for the build system | |
1447 | (@pxref{Build Systems}). Here it is interpreted by | |
1448 | @var{gnu-build-system} as a request run @file{configure} with the | |
1449 | @code{--enable-silent-rules} flag. | |
3dc1970d LC |
1450 | |
1451 | @item | |
1452 | The @code{inputs} field specifies inputs to the build process---i.e., | |
1453 | build-time or run-time dependencies of the package. Here, we define an | |
1454 | input called @code{"gawk"} whose value is that of the @var{gawk} | |
1455 | variable; @var{gawk} is itself bound to a @code{<package>} object. | |
1456 | ||
1457 | Note that GCC, Coreutils, Bash, and other essential tools do not need to | |
1458 | be specified as inputs here. Instead, @var{gnu-build-system} takes care | |
7458bd0a | 1459 | of ensuring that they are present (@pxref{Build Systems}). |
3dc1970d LC |
1460 | |
1461 | However, any other dependencies need to be specified in the | |
1462 | @code{inputs} field. Any dependency not specified here will simply be | |
1463 | unavailable to the build process, possibly leading to a build failure. | |
1464 | @end itemize | |
1465 | ||
3dc1970d LC |
1466 | Once a package definition is in place@footnote{Simple package |
1467 | definitions like the one above may be automatically converted from the | |
e49951eb MW |
1468 | Nixpkgs distribution using the @command{guix import} command.}, the |
1469 | package may actually be built using the @code{guix build} command-line | |
7458bd0a | 1470 | tool (@pxref{Invoking guix build}). @xref{Packaging Guidelines}, for |
b4f5e0e8 CR |
1471 | more information on how to test package definitions, and |
1472 | @ref{Invoking guix lint}, for information on how to check a definition | |
1473 | for style conformance. | |
1474 | ||
7458bd0a LC |
1475 | |
1476 | Eventually, updating the package definition to a new upstream version | |
1477 | can be partly automated by the @command{guix refresh} command | |
1478 | (@pxref{Invoking guix refresh}). | |
3dc1970d LC |
1479 | |
1480 | Behind the scenes, a derivation corresponding to the @code{<package>} | |
1481 | object is first computed by the @code{package-derivation} procedure. | |
834129e0 | 1482 | That derivation is stored in a @code{.drv} file under @file{/gnu/store}. |
ba55b1cb | 1483 | The build actions it prescribes may then be realized by using the |
3dc1970d LC |
1484 | @code{build-derivations} procedure (@pxref{The Store}). |
1485 | ||
1486 | @deffn {Scheme Procedure} package-derivation @var{store} @var{package} [@var{system}] | |
59688fc4 LC |
1487 | Return the @code{<derivation>} object of @var{package} for @var{system} |
1488 | (@pxref{Derivations}). | |
3dc1970d LC |
1489 | |
1490 | @var{package} must be a valid @code{<package>} object, and @var{system} | |
1491 | must be a string denoting the target system type---e.g., | |
1492 | @code{"x86_64-linux"} for an x86_64 Linux-based GNU system. @var{store} | |
1493 | must be a connection to the daemon, which operates on the store | |
1494 | (@pxref{The Store}). | |
1495 | @end deffn | |
568717fd | 1496 | |
9c1edabd LC |
1497 | @noindent |
1498 | @cindex cross-compilation | |
1499 | Similarly, it is possible to compute a derivation that cross-builds a | |
1500 | package for some other system: | |
1501 | ||
1502 | @deffn {Scheme Procedure} package-cross-derivation @var{store} @ | |
1503 | @var{package} @var{target} [@var{system}] | |
59688fc4 LC |
1504 | Return the @code{<derivation>} object of @var{package} cross-built from |
1505 | @var{system} to @var{target}. | |
9c1edabd LC |
1506 | |
1507 | @var{target} must be a valid GNU triplet denoting the target hardware | |
1508 | and operating system, such as @code{"mips64el-linux-gnu"} | |
1509 | (@pxref{Configuration Names, GNU configuration triplets,, configure, GNU | |
1510 | Configure and Build System}). | |
1511 | @end deffn | |
1512 | ||
1513 | ||
7458bd0a LC |
1514 | @node Build Systems |
1515 | @section Build Systems | |
1516 | ||
1517 | @cindex build system | |
1518 | Each package definition specifies a @dfn{build system} and arguments for | |
1519 | that build system (@pxref{Defining Packages}). This @code{build-system} | |
1520 | field represents the build procedure of the package, as well implicit | |
1521 | dependencies of that build procedure. | |
1522 | ||
1523 | Build systems are @code{<build-system>} objects. The interface to | |
1524 | create and manipulate them is provided by the @code{(guix build-system)} | |
1525 | module, and actual build systems are exported by specific modules. | |
1526 | ||
0d5a559f LC |
1527 | Under the hood, build systems first compile package objects to |
1528 | @dfn{bags}. A @dfn{bag} is like a package, but with less | |
1529 | ornamentation---in other words, a bag is a lower-level representation of | |
1530 | a package, which includes all the inputs of that package, including some | |
1531 | that were implicitly added by the build system. This intermediate | |
1532 | representation is then compiled to a derivation (@pxref{Derivations}). | |
1533 | ||
7458bd0a LC |
1534 | Build systems accept an optional list of @dfn{arguments}. In package |
1535 | definitions, these are passed @i{via} the @code{arguments} field | |
1536 | (@pxref{Defining Packages}). They are typically keyword arguments | |
1537 | (@pxref{Optional Arguments, keyword arguments in Guile,, guile, GNU | |
1538 | Guile Reference Manual}). The value of these arguments is usually | |
1539 | evaluated in the @dfn{build stratum}---i.e., by a Guile process launched | |
1540 | by the daemon (@pxref{Derivations}). | |
1541 | ||
1542 | The main build system is @var{gnu-build-system}, which implements the | |
1543 | standard build procedure for GNU packages and many other packages. It | |
1544 | is provided by the @code{(guix build-system gnu)} module. | |
1545 | ||
1546 | @defvr {Scheme Variable} gnu-build-system | |
1547 | @var{gnu-build-system} represents the GNU Build System, and variants | |
1548 | thereof (@pxref{Configuration, configuration and makefile conventions,, | |
1549 | standards, GNU Coding Standards}). | |
1550 | ||
1551 | @cindex build phases | |
1552 | In a nutshell, packages using it configured, built, and installed with | |
1553 | the usual @code{./configure && make && make check && make install} | |
1554 | command sequence. In practice, a few additional steps are often needed. | |
1555 | All these steps are split up in separate @dfn{phases}, | |
1556 | notably@footnote{Please see the @code{(guix build gnu-build-system)} | |
1557 | modules for more details about the build phases.}: | |
1558 | ||
1559 | @table @code | |
1560 | @item unpack | |
1561 | Unpack the source tarball, and change the current directory to the | |
1562 | extracted source tree. If the source is actually a directory, copy it | |
1563 | to the build tree, and enter that directory. | |
1564 | ||
1565 | @item patch-source-shebangs | |
1566 | Patch shebangs encountered in source files so they refer to the right | |
1567 | store file names. For instance, this changes @code{#!/bin/sh} to | |
1568 | @code{#!/gnu/store/@dots{}-bash-4.3/bin/sh}. | |
1569 | ||
1570 | @item configure | |
1571 | Run the @file{configure} script with a number of default options, such | |
1572 | as @code{--prefix=/gnu/store/@dots{}}, as well as the options specified | |
1573 | by the @code{#:configure-flags} argument. | |
1574 | ||
1575 | @item build | |
1576 | Run @code{make} with the list of flags specified with | |
1577 | @code{#:make-flags}. If the @code{#:parallel-builds?} argument is true | |
1578 | (the default), build with @code{make -j}. | |
1579 | ||
1580 | @item check | |
1581 | Run @code{make check}, or some other target specified with | |
1582 | @code{#:test-target}, unless @code{#:tests? #f} is passed. If the | |
1583 | @code{#:parallel-tests?} argument is true (the default), run @code{make | |
1584 | check -j}. | |
1585 | ||
1586 | @item install | |
1587 | Run @code{make install} with the flags listed in @code{#:make-flags}. | |
1588 | ||
1589 | @item patch-shebangs | |
1590 | Patch shebangs on the installed executable files. | |
1591 | ||
1592 | @item strip | |
1593 | Strip debugging symbols from ELF files (unless @code{#:strip-binaries?} | |
1594 | is false), copying them to the @code{debug} output when available | |
1595 | (@pxref{Installing Debugging Files}). | |
1596 | @end table | |
1597 | ||
1598 | @vindex %standard-phases | |
1599 | The build-side module @code{(guix build gnu-build-system)} defines | |
1600 | @var{%standard-phases} as the default list of build phases. | |
1601 | @var{%standard-phases} is a list of symbol/procedure pairs, where the | |
1602 | procedure implements the actual phase. | |
1603 | ||
1604 | The list of phases used for a particular package can be changed with the | |
1605 | @code{#:phases} parameter. For instance, passing: | |
1606 | ||
1607 | @example | |
1608 | #:phases (alist-delete 'configure %standard-phases) | |
1609 | @end example | |
1610 | ||
9bf404e9 | 1611 | means that all the phases described above will be used, except the |
7458bd0a LC |
1612 | @code{configure} phase. |
1613 | ||
1614 | In addition, this build system ensures that the ``standard'' environment | |
1615 | for GNU packages is available. This includes tools such as GCC, libc, | |
1616 | Coreutils, Bash, Make, Diffutils, grep, and sed (see the @code{(guix | |
1617 | build-system gnu)} module for a complete list.) We call these the | |
1618 | @dfn{implicit inputs} of a package, because package definitions don't | |
1619 | have to mention them. | |
1620 | @end defvr | |
1621 | ||
1622 | Other @code{<build-system>} objects are defined to support other | |
1623 | conventions and tools used by free software packages. They inherit most | |
1624 | of @var{gnu-build-system}, and differ mainly in the set of inputs | |
1625 | implicitly added to the build process, and in the list of phases | |
1626 | executed. Some of these build systems are listed below. | |
1627 | ||
1628 | @defvr {Scheme Variable} cmake-build-system | |
1629 | This variable is exported by @code{(guix build-system cmake)}. It | |
1630 | implements the build procedure for packages using the | |
1631 | @url{http://www.cmake.org, CMake build tool}. | |
1632 | ||
1633 | It automatically adds the @code{cmake} package to the set of inputs. | |
1634 | Which package is used can be specified with the @code{#:cmake} | |
1635 | parameter. | |
9849cfc1 LC |
1636 | |
1637 | The @code{#:configure-flags} parameter is taken as a list of flags | |
1638 | passed to the @command{cmake} command. The @code{#:build-type} | |
1639 | parameter specifies in abstract terms the flags passed to the compiler; | |
1640 | it defaults to @code{"RelWithDebInfo"} (short for ``release mode with | |
1641 | debugging information''), which roughly means that code is compiled with | |
1642 | @code{-O2 -g}, as is the case for Autoconf-based packages by default. | |
7458bd0a LC |
1643 | @end defvr |
1644 | ||
3afcf52b FB |
1645 | @defvr {Scheme Variable} glib-or-gtk-build-system |
1646 | This variable is exported by @code{(guix build-system glib-or-gtk)}. It | |
1647 | is intended for use with packages making use of GLib or GTK+. | |
1648 | ||
1649 | This build system adds the following two phases to the ones defined by | |
1650 | @var{gnu-build-system}: | |
1651 | ||
1652 | @table @code | |
1653 | @item glib-or-gtk-wrap | |
1654 | The phase @code{glib-or-gtk-wrap} ensures that programs found under | |
1655 | @file{bin/} are able to find GLib's ``schemas'' and | |
1656 | @uref{https://developer.gnome.org/gtk3/stable/gtk-running.html, GTK+ | |
1657 | modules}. This is achieved by wrapping the programs in launch scripts | |
1658 | that appropriately set the @code{XDG_DATA_DIRS} and @code{GTK_PATH} | |
1659 | environment variables. | |
1660 | ||
1661 | @item glib-or-gtk-compile-schemas | |
1662 | The phase @code{glib-or-gtk-compile-schemas} makes sure that all GLib's | |
1663 | @uref{https://developer.gnome.org/gio/stable/glib-compile-schemas.html, | |
1664 | GSettings schemas} are compiled. Compilation is performed by the | |
1665 | @command{glib-compile-schemas} program. It is provided by the package | |
1666 | @code{glib:bin} which is automatically imported by the build system. | |
1667 | The @code{glib} package providing @command{glib-compile-schemas} can be | |
1668 | specified with the @code{#:glib} parameter. | |
1669 | @end table | |
1670 | ||
1671 | Both phases are executed after the @code{install} phase. | |
1672 | @end defvr | |
1673 | ||
7458bd0a LC |
1674 | @defvr {Scheme Variable} python-build-system |
1675 | This variable is exported by @code{(guix build-system python)}. It | |
1676 | implements the more or less standard build procedure used by Python | |
1677 | packages, which consists in running @code{python setup.py build} and | |
1678 | then @code{python setup.py install --prefix=/gnu/store/@dots{}}. | |
1679 | ||
1680 | For packages that install stand-alone Python programs under @code{bin/}, | |
1681 | it takes care of wrapping these programs so their @code{PYTHONPATH} | |
1682 | environment variable points to all the Python libraries they depend on. | |
1683 | ||
1684 | Which Python package is used can be specified with the @code{#:python} | |
1685 | parameter. | |
1686 | @end defvr | |
1687 | ||
1688 | @defvr {Scheme Variable} perl-build-system | |
1689 | This variable is exported by @code{(guix build-system perl)}. It | |
1690 | implements the standard build procedure for Perl packages, which | |
1691 | consists in running @code{perl Makefile.PL PREFIX=/gnu/store/@dots{}}, | |
1692 | followed by @code{make} and @code{make install}. | |
1693 | ||
1694 | The initial @code{perl Makefile.PL} invocation passes flags specified by | |
1695 | the @code{#:make-maker-flags} parameter. | |
1696 | ||
1697 | Which Perl package is used can be specified with @code{#:perl}. | |
1698 | @end defvr | |
1699 | ||
c08f9818 DT |
1700 | @defvr {Scheme Variable} ruby-build-system |
1701 | This variable is exported by @code{(guix build-system ruby)}. It | |
1702 | implements the RubyGems build procedure used by Ruby packages, which | |
1703 | involves running @code{gem build} followed by @code{gem install}. | |
1704 | ||
1705 | Which Ruby package is used can be specified with the @code{#:ruby} | |
1706 | parameter. | |
1707 | @end defvr | |
7458bd0a LC |
1708 | |
1709 | Lastly, for packages that do not need anything as sophisticated, a | |
1710 | ``trivial'' build system is provided. It is trivial in the sense that | |
1711 | it provides basically no support: it does not pull any implicit inputs, | |
1712 | and does not have a notion of build phases. | |
1713 | ||
1714 | @defvr {Scheme Variable} trivial-build-system | |
1715 | This variable is exported by @code{(guix build-system trivial)}. | |
1716 | ||
1717 | This build system requires a @code{#:builder} argument. This argument | |
1718 | must be a Scheme expression that builds the package's output(s)---as | |
1719 | with @code{build-expression->derivation} (@pxref{Derivations, | |
1720 | @code{build-expression->derivation}}). | |
1721 | @end defvr | |
1722 | ||
568717fd LC |
1723 | @node The Store |
1724 | @section The Store | |
1725 | ||
e531ac2a LC |
1726 | @cindex store |
1727 | @cindex store paths | |
1728 | ||
1729 | Conceptually, the @dfn{store} is where derivations that have been | |
834129e0 | 1730 | successfully built are stored---by default, under @file{/gnu/store}. |
e531ac2a LC |
1731 | Sub-directories in the store are referred to as @dfn{store paths}. The |
1732 | store has an associated database that contains information such has the | |
1733 | store paths referred to by each store path, and the list of @emph{valid} | |
1734 | store paths---paths that result from a successful build. | |
1735 | ||
1736 | The store is always accessed by the daemon on behalf of its clients | |
1737 | (@pxref{Invoking guix-daemon}). To manipulate the store, clients | |
1738 | connect to the daemon over a Unix-domain socket, send it requests, and | |
1739 | read the result---these are remote procedure calls, or RPCs. | |
1740 | ||
1741 | The @code{(guix store)} module provides procedures to connect to the | |
1742 | daemon, and to perform RPCs. These are described below. | |
1743 | ||
1744 | @deffn {Scheme Procedure} open-connection [@var{file}] [#:reserve-space? #t] | |
1745 | Connect to the daemon over the Unix-domain socket at @var{file}. When | |
1746 | @var{reserve-space?} is true, instruct it to reserve a little bit of | |
1747 | extra space on the file system so that the garbage collector can still | |
1748 | operate, should the disk become full. Return a server object. | |
1749 | ||
1750 | @var{file} defaults to @var{%default-socket-path}, which is the normal | |
1751 | location given the options that were passed to @command{configure}. | |
1752 | @end deffn | |
1753 | ||
1754 | @deffn {Scheme Procedure} close-connection @var{server} | |
1755 | Close the connection to @var{server}. | |
1756 | @end deffn | |
1757 | ||
1758 | @defvr {Scheme Variable} current-build-output-port | |
1759 | This variable is bound to a SRFI-39 parameter, which refers to the port | |
1760 | where build and error logs sent by the daemon should be written. | |
1761 | @end defvr | |
1762 | ||
1763 | Procedures that make RPCs all take a server object as their first | |
1764 | argument. | |
1765 | ||
1766 | @deffn {Scheme Procedure} valid-path? @var{server} @var{path} | |
1767 | Return @code{#t} when @var{path} is a valid store path. | |
1768 | @end deffn | |
1769 | ||
cfbf9160 | 1770 | @deffn {Scheme Procedure} add-text-to-store @var{server} @var{name} @var{text} [@var{references}] |
e531ac2a LC |
1771 | Add @var{text} under file @var{name} in the store, and return its store |
1772 | path. @var{references} is the list of store paths referred to by the | |
1773 | resulting store path. | |
1774 | @end deffn | |
1775 | ||
874e6874 | 1776 | @deffn {Scheme Procedure} build-derivations @var{server} @var{derivations} |
59688fc4 LC |
1777 | Build @var{derivations} (a list of @code{<derivation>} objects or |
1778 | derivation paths), and return when the worker is done building them. | |
1779 | Return @code{#t} on success. | |
874e6874 LC |
1780 | @end deffn |
1781 | ||
b860f382 LC |
1782 | Note that the @code{(guix monads)} module provides a monad as well as |
1783 | monadic versions of the above procedures, with the goal of making it | |
1784 | more convenient to work with code that accesses the store (@pxref{The | |
1785 | Store Monad}). | |
1786 | ||
e531ac2a LC |
1787 | @c FIXME |
1788 | @i{This section is currently incomplete.} | |
568717fd LC |
1789 | |
1790 | @node Derivations | |
1791 | @section Derivations | |
1792 | ||
874e6874 LC |
1793 | @cindex derivations |
1794 | Low-level build actions and the environment in which they are performed | |
1795 | are represented by @dfn{derivations}. A derivation contain the | |
1796 | following pieces of information: | |
1797 | ||
1798 | @itemize | |
1799 | @item | |
1800 | The outputs of the derivation---derivations produce at least one file or | |
1801 | directory in the store, but may produce more. | |
1802 | ||
1803 | @item | |
1804 | The inputs of the derivations, which may be other derivations or plain | |
1805 | files in the store (patches, build scripts, etc.) | |
1806 | ||
1807 | @item | |
1808 | The system type targeted by the derivation---e.g., @code{x86_64-linux}. | |
1809 | ||
1810 | @item | |
1811 | The file name of a build script in the store, along with the arguments | |
1812 | to be passed. | |
1813 | ||
1814 | @item | |
1815 | A list of environment variables to be defined. | |
1816 | ||
1817 | @end itemize | |
1818 | ||
1819 | @cindex derivation path | |
1820 | Derivations allow clients of the daemon to communicate build actions to | |
1821 | the store. They exist in two forms: as an in-memory representation, | |
1822 | both on the client- and daemon-side, and as files in the store whose | |
1823 | name end in @code{.drv}---these files are referred to as @dfn{derivation | |
1824 | paths}. Derivations paths can be passed to the @code{build-derivations} | |
1825 | procedure to perform the build actions they prescribe (@pxref{The | |
1826 | Store}). | |
1827 | ||
1828 | The @code{(guix derivations)} module provides a representation of | |
1829 | derivations as Scheme objects, along with procedures to create and | |
1830 | otherwise manipulate derivations. The lowest-level primitive to create | |
1831 | a derivation is the @code{derivation} procedure: | |
1832 | ||
1909431c LC |
1833 | @deffn {Scheme Procedure} derivation @var{store} @var{name} @var{builder} @ |
1834 | @var{args} [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
2096ef47 | 1835 | [#:recursive? #f] [#:inputs '()] [#:env-vars '()] @ |
1909431c | 1836 | [#:system (%current-system)] [#:references-graphs #f] @ |
b53be755 | 1837 | [#:allowed-references #f] [#:local-build? #f] |
59688fc4 LC |
1838 | Build a derivation with the given arguments, and return the resulting |
1839 | @code{<derivation>} object. | |
874e6874 | 1840 | |
2096ef47 | 1841 | When @var{hash} and @var{hash-algo} are given, a |
874e6874 | 1842 | @dfn{fixed-output derivation} is created---i.e., one whose result is |
36bbbbd1 LC |
1843 | known in advance, such as a file download. If, in addition, |
1844 | @var{recursive?} is true, then that fixed output may be an executable | |
1845 | file or a directory and @var{hash} must be the hash of an archive | |
1846 | containing this output. | |
5b0c9d16 | 1847 | |
858e9282 | 1848 | When @var{references-graphs} is true, it must be a list of file |
5b0c9d16 LC |
1849 | name/store path pairs. In that case, the reference graph of each store |
1850 | path is exported in the build environment in the corresponding file, in | |
1851 | a simple text format. | |
1909431c | 1852 | |
b53be755 LC |
1853 | When @var{allowed-references} is true, it must be a list of store items |
1854 | or outputs that the derivation's output may refer to. | |
1855 | ||
1909431c LC |
1856 | When @var{local-build?} is true, declare that the derivation is not a |
1857 | good candidate for offloading and should rather be built locally | |
1858 | (@pxref{Daemon Offload Setup}). This is the case for small derivations | |
1859 | where the costs of data transfers would outweigh the benefits. | |
874e6874 LC |
1860 | @end deffn |
1861 | ||
1862 | @noindent | |
1863 | Here's an example with a shell script as its builder, assuming | |
1864 | @var{store} is an open connection to the daemon, and @var{bash} points | |
1865 | to a Bash executable in the store: | |
1866 | ||
1867 | @lisp | |
1868 | (use-modules (guix utils) | |
1869 | (guix store) | |
1870 | (guix derivations)) | |
1871 | ||
59688fc4 LC |
1872 | (let ((builder ; add the Bash script to the store |
1873 | (add-text-to-store store "my-builder.sh" | |
1874 | "echo hello world > $out\n" '()))) | |
1875 | (derivation store "foo" | |
1876 | bash `("-e" ,builder) | |
21b679f6 | 1877 | #:inputs `((,bash) (,builder)) |
59688fc4 | 1878 | #:env-vars '(("HOME" . "/homeless")))) |
834129e0 | 1879 | @result{} #<derivation /gnu/store/@dots{}-foo.drv => /gnu/store/@dots{}-foo> |
874e6874 LC |
1880 | @end lisp |
1881 | ||
21b679f6 LC |
1882 | As can be guessed, this primitive is cumbersome to use directly. A |
1883 | better approach is to write build scripts in Scheme, of course! The | |
1884 | best course of action for that is to write the build code as a | |
1885 | ``G-expression'', and to pass it to @code{gexp->derivation}. For more | |
6621cdb6 | 1886 | information, @pxref{G-Expressions}. |
21b679f6 LC |
1887 | |
1888 | Once upon a time, @code{gexp->derivation} did not exist and constructing | |
1889 | derivations with build code written in Scheme was achieved with | |
1890 | @code{build-expression->derivation}, documented below. This procedure | |
1891 | is now deprecated in favor of the much nicer @code{gexp->derivation}. | |
874e6874 | 1892 | |
dd1a5a15 LC |
1893 | @deffn {Scheme Procedure} build-expression->derivation @var{store} @ |
1894 | @var{name} @var{exp} @ | |
1895 | [#:system (%current-system)] [#:inputs '()] @ | |
1896 | [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
36bbbbd1 | 1897 | [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ |
63a42824 LC |
1898 | [#:references-graphs #f] [#:allowed-references #f] @ |
1899 | [#:local-build? #f] [#:guile-for-build #f] | |
874e6874 LC |
1900 | Return a derivation that executes Scheme expression @var{exp} as a |
1901 | builder for derivation @var{name}. @var{inputs} must be a list of | |
1902 | @code{(name drv-path sub-drv)} tuples; when @var{sub-drv} is omitted, | |
1903 | @code{"out"} is assumed. @var{modules} is a list of names of Guile | |
1904 | modules from the current search path to be copied in the store, | |
1905 | compiled, and made available in the load path during the execution of | |
1906 | @var{exp}---e.g., @code{((guix build utils) (guix build | |
1907 | gnu-build-system))}. | |
1908 | ||
1909 | @var{exp} is evaluated in an environment where @code{%outputs} is bound | |
1910 | to a list of output/path pairs, and where @code{%build-inputs} is bound | |
1911 | to a list of string/output-path pairs made from @var{inputs}. | |
1912 | Optionally, @var{env-vars} is a list of string pairs specifying the name | |
1913 | and value of environment variables visible to the builder. The builder | |
1914 | terminates by passing the result of @var{exp} to @code{exit}; thus, when | |
1915 | @var{exp} returns @code{#f}, the build is considered to have failed. | |
1916 | ||
1917 | @var{exp} is built using @var{guile-for-build} (a derivation). When | |
1918 | @var{guile-for-build} is omitted or is @code{#f}, the value of the | |
1919 | @code{%guile-for-build} fluid is used instead. | |
9c629a27 | 1920 | |
63a42824 LC |
1921 | See the @code{derivation} procedure for the meaning of |
1922 | @var{references-graphs}, @var{allowed-references}, and @var{local-build?}. | |
874e6874 LC |
1923 | @end deffn |
1924 | ||
1925 | @noindent | |
1926 | Here's an example of a single-output derivation that creates a directory | |
1927 | containing one file: | |
1928 | ||
1929 | @lisp | |
1930 | (let ((builder '(let ((out (assoc-ref %outputs "out"))) | |
834129e0 | 1931 | (mkdir out) ; create /gnu/store/@dots{}-goo |
874e6874 LC |
1932 | (call-with-output-file (string-append out "/test") |
1933 | (lambda (p) | |
1934 | (display '(hello guix) p)))))) | |
dd1a5a15 | 1935 | (build-expression->derivation store "goo" builder)) |
874e6874 | 1936 | |
834129e0 | 1937 | @result{} #<derivation /gnu/store/@dots{}-goo.drv => @dots{}> |
874e6874 LC |
1938 | @end lisp |
1939 | ||
568717fd | 1940 | |
b860f382 LC |
1941 | @node The Store Monad |
1942 | @section The Store Monad | |
1943 | ||
1944 | @cindex monad | |
1945 | ||
1946 | The procedures that operate on the store described in the previous | |
1947 | sections all take an open connection to the build daemon as their first | |
1948 | argument. Although the underlying model is functional, they either have | |
1949 | side effects or depend on the current state of the store. | |
1950 | ||
1951 | The former is inconvenient: the connection to the build daemon has to be | |
1952 | carried around in all those functions, making it impossible to compose | |
1953 | functions that do not take that parameter with functions that do. The | |
1954 | latter can be problematic: since store operations have side effects | |
1955 | and/or depend on external state, they have to be properly sequenced. | |
1956 | ||
1957 | @cindex monadic values | |
1958 | @cindex monadic functions | |
1959 | This is where the @code{(guix monads)} module comes in. This module | |
1960 | provides a framework for working with @dfn{monads}, and a particularly | |
1961 | useful monad for our uses, the @dfn{store monad}. Monads are a | |
1962 | construct that allows two things: associating ``context'' with values | |
1963 | (in our case, the context is the store), and building sequences of | |
1964 | computations (here computations includes accesses to the store.) Values | |
1965 | in a monad---values that carry this additional context---are called | |
1966 | @dfn{monadic values}; procedures that return such values are called | |
1967 | @dfn{monadic procedures}. | |
1968 | ||
1969 | Consider this ``normal'' procedure: | |
1970 | ||
1971 | @example | |
45adbd62 LC |
1972 | (define (sh-symlink store) |
1973 | ;; Return a derivation that symlinks the 'bash' executable. | |
1974 | (let* ((drv (package-derivation store bash)) | |
1975 | (out (derivation->output-path drv)) | |
1976 | (sh (string-append out "/bin/bash"))) | |
1977 | (build-expression->derivation store "sh" | |
1978 | `(symlink ,sh %output)))) | |
b860f382 LC |
1979 | @end example |
1980 | ||
1981 | Using @code{(guix monads)}, it may be rewritten as a monadic function: | |
1982 | ||
ada3df03 | 1983 | @c FIXME: Find a better example, one that uses 'mlet'. |
b860f382 | 1984 | @example |
45adbd62 | 1985 | (define (sh-symlink) |
b860f382 | 1986 | ;; Same, but return a monadic value. |
ada3df03 LC |
1987 | (gexp->derivation "sh" |
1988 | #~(symlink (string-append #$bash "/bin/bash") #$output))) | |
b860f382 LC |
1989 | @end example |
1990 | ||
1991 | There are two things to note in the second version: the @code{store} | |
1992 | parameter is now implicit, and the monadic value returned by | |
1993 | @code{package-file}---a wrapper around @code{package-derivation} and | |
1994 | @code{derivation->output-path}---is @dfn{bound} using @code{mlet} | |
1995 | instead of plain @code{let}. | |
1996 | ||
1997 | Calling the monadic @code{profile.sh} has no effect. To get the desired | |
1998 | effect, one must use @code{run-with-store}: | |
1999 | ||
2000 | @example | |
2001 | (run-with-store (open-connection) (profile.sh)) | |
834129e0 | 2002 | @result{} /gnu/store/...-profile.sh |
b860f382 LC |
2003 | @end example |
2004 | ||
b9b86078 LC |
2005 | Note that the @code{(guix monad-repl)} module extends Guile's REPL with |
2006 | new ``meta-commands'' to make it easier to deal with monadic procedures: | |
2007 | @code{run-in-store}, and @code{enter-store-monad}. The former, is used | |
2008 | to ``run'' a single monadic value through the store: | |
2009 | ||
2010 | @example | |
2011 | scheme@@(guile-user)> ,run-in-store (package->derivation hello) | |
2012 | $1 = #<derivation /gnu/store/@dots{}-hello-2.9.drv => @dots{}> | |
2013 | @end example | |
2014 | ||
2015 | The latter enters a recursive REPL, where all the return values are | |
2016 | automatically run through the store: | |
2017 | ||
2018 | @example | |
2019 | scheme@@(guile-user)> ,enter-store-monad | |
2020 | store-monad@@(guile-user) [1]> (package->derivation hello) | |
2021 | $2 = #<derivation /gnu/store/@dots{}-hello-2.9.drv => @dots{}> | |
2022 | store-monad@@(guile-user) [1]> (text-file "foo" "Hello!") | |
2023 | $3 = "/gnu/store/@dots{}-foo" | |
2024 | store-monad@@(guile-user) [1]> ,q | |
2025 | scheme@@(guile-user)> | |
2026 | @end example | |
2027 | ||
2028 | @noindent | |
2029 | Note that non-monadic values cannot be returned in the | |
2030 | @code{store-monad} REPL. | |
2031 | ||
b860f382 LC |
2032 | The main syntactic forms to deal with monads in general are described |
2033 | below. | |
2034 | ||
2035 | @deffn {Scheme Syntax} with-monad @var{monad} @var{body} ... | |
2036 | Evaluate any @code{>>=} or @code{return} forms in @var{body} as being | |
2037 | in @var{monad}. | |
2038 | @end deffn | |
2039 | ||
2040 | @deffn {Scheme Syntax} return @var{val} | |
2041 | Return a monadic value that encapsulates @var{val}. | |
2042 | @end deffn | |
2043 | ||
2044 | @deffn {Scheme Syntax} >>= @var{mval} @var{mproc} | |
2045 | @dfn{Bind} monadic value @var{mval}, passing its ``contents'' to monadic | |
2046 | procedure @var{mproc}@footnote{This operation is commonly referred to as | |
2047 | ``bind'', but that name denotes an unrelated procedure in Guile. Thus | |
2048 | we use this somewhat cryptic symbol inherited from the Haskell | |
2049 | language.}. | |
2050 | @end deffn | |
2051 | ||
2052 | @deffn {Scheme Syntax} mlet @var{monad} ((@var{var} @var{mval}) ...) @ | |
2053 | @var{body} ... | |
2054 | @deffnx {Scheme Syntax} mlet* @var{monad} ((@var{var} @var{mval}) ...) @ | |
2055 | @var{body} ... | |
2056 | Bind the variables @var{var} to the monadic values @var{mval} in | |
2057 | @var{body}. The form (@var{var} -> @var{val}) binds @var{var} to the | |
2058 | ``normal'' value @var{val}, as per @code{let}. | |
2059 | ||
2060 | @code{mlet*} is to @code{mlet} what @code{let*} is to @code{let} | |
2061 | (@pxref{Local Bindings,,, guile, GNU Guile Reference Manual}). | |
2062 | @end deffn | |
2063 | ||
2064 | The interface to the store monad provided by @code{(guix monads)} is as | |
2065 | follows. | |
2066 | ||
2067 | @defvr {Scheme Variable} %store-monad | |
2068 | The store monad. Values in the store monad encapsulate accesses to the | |
2069 | store. When its effect is needed, a value of the store monad must be | |
2070 | ``evaluated'' by passing it to the @code{run-with-store} procedure (see | |
2071 | below.) | |
2072 | @end defvr | |
2073 | ||
2074 | @deffn {Scheme Procedure} run-with-store @var{store} @var{mval} [#:guile-for-build] [#:system (%current-system)] | |
2075 | Run @var{mval}, a monadic value in the store monad, in @var{store}, an | |
2076 | open store connection. | |
2077 | @end deffn | |
2078 | ||
2079 | @deffn {Monadic Procedure} text-file @var{name} @var{text} | |
2080 | Return as a monadic value the absolute file name in the store of the file | |
45adbd62 LC |
2081 | containing @var{text}, a string. |
2082 | @end deffn | |
2083 | ||
2084 | @deffn {Monadic Procedure} text-file* @var{name} @var{text} @dots{} | |
2085 | Return as a monadic value a derivation that builds a text file | |
2086 | containing all of @var{text}. @var{text} may list, in addition to | |
2087 | strings, packages, derivations, and store file names; the resulting | |
2088 | store file holds references to all these. | |
2089 | ||
2090 | This variant should be preferred over @code{text-file} anytime the file | |
2091 | to create will reference items from the store. This is typically the | |
2092 | case when building a configuration file that embeds store file names, | |
2093 | like this: | |
2094 | ||
2095 | @example | |
2096 | (define (profile.sh) | |
2097 | ;; Return the name of a shell script in the store that | |
2098 | ;; initializes the 'PATH' environment variable. | |
2099 | (text-file* "profile.sh" | |
2100 | "export PATH=" coreutils "/bin:" | |
2101 | grep "/bin:" sed "/bin\n")) | |
2102 | @end example | |
2103 | ||
834129e0 | 2104 | In this example, the resulting @file{/gnu/store/@dots{}-profile.sh} file |
45adbd62 LC |
2105 | will references @var{coreutils}, @var{grep}, and @var{sed}, thereby |
2106 | preventing them from being garbage-collected during its lifetime. | |
b860f382 LC |
2107 | @end deffn |
2108 | ||
0a90af15 LC |
2109 | @deffn {Monadic Procedure} interned-file @var{file} [@var{name}] @ |
2110 | [#:recursive? #t] | |
2111 | Return the name of @var{file} once interned in the store. Use | |
2112 | @var{name} as its store name, or the basename of @var{file} if | |
2113 | @var{name} is omitted. | |
2114 | ||
2115 | When @var{recursive?} is true, the contents of @var{file} are added | |
2116 | recursively; if @var{file} designates a flat file and @var{recursive?} | |
2117 | is true, its contents are added, and its permission bits are kept. | |
2118 | ||
2119 | The example below adds a file to the store, under two different names: | |
2120 | ||
2121 | @example | |
2122 | (run-with-store (open-connection) | |
2123 | (mlet %store-monad ((a (interned-file "README")) | |
2124 | (b (interned-file "README" "LEGU-MIN"))) | |
2125 | (return (list a b)))) | |
2126 | ||
2127 | @result{} ("/gnu/store/rwm@dots{}-README" "/gnu/store/44i@dots{}-LEGU-MIN") | |
2128 | @end example | |
2129 | ||
2130 | @end deffn | |
2131 | ||
b860f382 | 2132 | @deffn {Monadic Procedure} package-file @var{package} [@var{file}] @ |
4231f05b LC |
2133 | [#:system (%current-system)] [#:target #f] @ |
2134 | [#:output "out"] Return as a monadic | |
b860f382 LC |
2135 | value in the absolute file name of @var{file} within the @var{output} |
2136 | directory of @var{package}. When @var{file} is omitted, return the name | |
4231f05b LC |
2137 | of the @var{output} directory of @var{package}. When @var{target} is |
2138 | true, use it as a cross-compilation target triplet. | |
b860f382 LC |
2139 | @end deffn |
2140 | ||
b860f382 | 2141 | @deffn {Monadic Procedure} package->derivation @var{package} [@var{system}] |
4231f05b LC |
2142 | @deffnx {Monadic Procedure} package->cross-derivation @var{package} @ |
2143 | @var{target} [@var{system}] | |
2144 | Monadic version of @code{package-derivation} and | |
2145 | @code{package-cross-derivation} (@pxref{Defining Packages}). | |
b860f382 LC |
2146 | @end deffn |
2147 | ||
2148 | ||
21b679f6 LC |
2149 | @node G-Expressions |
2150 | @section G-Expressions | |
2151 | ||
2152 | @cindex G-expression | |
2153 | @cindex build code quoting | |
2154 | So we have ``derivations'', which represent a sequence of build actions | |
2155 | to be performed to produce an item in the store (@pxref{Derivations}). | |
2156 | Those build actions are performed when asking the daemon to actually | |
2157 | build the derivations; they are run by the daemon in a container | |
2158 | (@pxref{Invoking guix-daemon}). | |
2159 | ||
2160 | @cindex strata of code | |
2161 | It should come as no surprise that we like to write those build actions | |
2162 | in Scheme. When we do that, we end up with two @dfn{strata} of Scheme | |
2163 | code@footnote{The term @dfn{stratum} in this context was coined by | |
ef4ab0a4 LC |
2164 | Manuel Serrano et al.@: in the context of their work on Hop. Oleg |
2165 | Kiselyov, who has written insightful | |
2166 | @url{http://okmij.org/ftp/meta-programming/#meta-scheme, essays and code | |
2167 | on this topic}, refers to this kind of code generation as | |
2168 | @dfn{staging}.}: the ``host code''---code that defines packages, talks | |
2169 | to the daemon, etc.---and the ``build code''---code that actually | |
2170 | performs build actions, such as making directories, invoking | |
2171 | @command{make}, etc. | |
21b679f6 LC |
2172 | |
2173 | To describe a derivation and its build actions, one typically needs to | |
2174 | embed build code inside host code. It boils down to manipulating build | |
2175 | code as data, and Scheme's homoiconicity---code has a direct | |
2176 | representation as data---comes in handy for that. But we need more than | |
2177 | Scheme's normal @code{quasiquote} mechanism to construct build | |
2178 | expressions. | |
2179 | ||
2180 | The @code{(guix gexp)} module implements @dfn{G-expressions}, a form of | |
2181 | S-expressions adapted to build expressions. G-expressions, or | |
2182 | @dfn{gexps}, consist essentially in three syntactic forms: @code{gexp}, | |
2183 | @code{ungexp}, and @code{ungexp-splicing} (or simply: @code{#~}, | |
2184 | @code{#$}, and @code{#$@@}), which are comparable respectively to | |
2185 | @code{quasiquote}, @code{unquote}, and @code{unquote-splicing} | |
2186 | (@pxref{Expression Syntax, @code{quasiquote},, guile, GNU Guile | |
2187 | Reference Manual}). However, there are major differences: | |
2188 | ||
2189 | @itemize | |
2190 | @item | |
2191 | Gexps are meant to be written to a file and run or manipulated by other | |
2192 | processes. | |
2193 | ||
2194 | @item | |
2195 | When a package or derivation is unquoted inside a gexp, the result is as | |
2196 | if its output file name had been introduced. | |
2197 | ||
2198 | @item | |
2199 | Gexps carry information about the packages or derivations they refer to, | |
2200 | and these dependencies are automatically added as inputs to the build | |
2201 | processes that use them. | |
2202 | @end itemize | |
2203 | ||
2204 | To illustrate the idea, here is an example of a gexp: | |
2205 | ||
2206 | @example | |
2207 | (define build-exp | |
2208 | #~(begin | |
2209 | (mkdir #$output) | |
2210 | (chdir #$output) | |
2211 | (symlink (string-append #$coreutils "/bin/ls") | |
2212 | "list-files"))) | |
2213 | @end example | |
2214 | ||
2215 | This gexp can be passed to @code{gexp->derivation}; we obtain a | |
2216 | derivation that builds a directory containing exactly one symlink to | |
2217 | @file{/gnu/store/@dots{}-coreutils-8.22/bin/ls}: | |
2218 | ||
2219 | @example | |
2220 | (gexp->derivation "the-thing" build-exp) | |
2221 | @end example | |
2222 | ||
e20fd1bf | 2223 | As one would expect, the @code{"/gnu/store/@dots{}-coreutils-8.22"} string is |
21b679f6 LC |
2224 | substituted to the reference to the @var{coreutils} package in the |
2225 | actual build code, and @var{coreutils} is automatically made an input to | |
2226 | the derivation. Likewise, @code{#$output} (equivalent to @code{(ungexp | |
2227 | output)}) is replaced by a string containing the derivation's output | |
667b2508 LC |
2228 | directory name. |
2229 | ||
2230 | @cindex cross compilation | |
2231 | In a cross-compilation context, it is useful to distinguish between | |
2232 | references to the @emph{native} build of a package---that can run on the | |
2233 | host---versus references to cross builds of a package. To that end, the | |
2234 | @code{#+} plays the same role as @code{#$}, but is a reference to a | |
2235 | native package build: | |
2236 | ||
2237 | @example | |
2238 | (gexp->derivation "vi" | |
2239 | #~(begin | |
2240 | (mkdir #$output) | |
2241 | (system* (string-append #+coreutils "/bin/ln") | |
2242 | "-s" | |
2243 | (string-append #$emacs "/bin/emacs") | |
2244 | (string-append #$output "/bin/vi"))) | |
2245 | #:target "mips64el-linux") | |
2246 | @end example | |
2247 | ||
2248 | @noindent | |
2249 | In the example above, the native build of @var{coreutils} is used, so | |
2250 | that @command{ln} can actually run on the host; but then the | |
2251 | cross-compiled build of @var{emacs} is referenced. | |
2252 | ||
2253 | The syntactic form to construct gexps is summarized below. | |
21b679f6 LC |
2254 | |
2255 | @deffn {Scheme Syntax} #~@var{exp} | |
2256 | @deffnx {Scheme Syntax} (gexp @var{exp}) | |
2257 | Return a G-expression containing @var{exp}. @var{exp} may contain one | |
2258 | or more of the following forms: | |
2259 | ||
2260 | @table @code | |
2261 | @item #$@var{obj} | |
2262 | @itemx (ungexp @var{obj}) | |
2263 | Introduce a reference to @var{obj}. @var{obj} may be a package or a | |
2264 | derivation, in which case the @code{ungexp} form is replaced by its | |
2265 | output file name---e.g., @code{"/gnu/store/@dots{}-coreutils-8.22}. | |
2266 | ||
2267 | If @var{obj} is a list, it is traversed and any package or derivation | |
2268 | references are substituted similarly. | |
2269 | ||
2270 | If @var{obj} is another gexp, its contents are inserted and its | |
2271 | dependencies are added to those of the containing gexp. | |
2272 | ||
2273 | If @var{obj} is another kind of object, it is inserted as is. | |
2274 | ||
2275 | @item #$@var{package-or-derivation}:@var{output} | |
2276 | @itemx (ungexp @var{package-or-derivation} @var{output}) | |
2277 | This is like the form above, but referring explicitly to the | |
2278 | @var{output} of @var{package-or-derivation}---this is useful when | |
2279 | @var{package-or-derivation} produces multiple outputs (@pxref{Packages | |
2280 | with Multiple Outputs}). | |
2281 | ||
667b2508 LC |
2282 | @item #+@var{obj} |
2283 | @itemx #+@var{obj}:output | |
2284 | @itemx (ungexp-native @var{obj}) | |
2285 | @itemx (ungexp-native @var{obj} @var{output}) | |
2286 | Same as @code{ungexp}, but produces a reference to the @emph{native} | |
2287 | build of @var{obj} when used in a cross compilation context. | |
2288 | ||
21b679f6 LC |
2289 | @item #$output[:@var{output}] |
2290 | @itemx (ungexp output [@var{output}]) | |
2291 | Insert a reference to derivation output @var{output}, or to the main | |
2292 | output when @var{output} is omitted. | |
2293 | ||
2294 | This only makes sense for gexps passed to @code{gexp->derivation}. | |
2295 | ||
2296 | @item #$@@@var{lst} | |
2297 | @itemx (ungexp-splicing @var{lst}) | |
2298 | Like the above, but splices the contents of @var{lst} inside the | |
2299 | containing list. | |
2300 | ||
667b2508 LC |
2301 | @item #+@@@var{lst} |
2302 | @itemx (ungexp-native-splicing @var{lst}) | |
2303 | Like the above, but refers to native builds of the objects listed in | |
2304 | @var{lst}. | |
2305 | ||
21b679f6 LC |
2306 | @end table |
2307 | ||
2308 | G-expressions created by @code{gexp} or @code{#~} are run-time objects | |
2309 | of the @code{gexp?} type (see below.) | |
2310 | @end deffn | |
2311 | ||
2312 | @deffn {Scheme Procedure} gexp? @var{obj} | |
2313 | Return @code{#t} if @var{obj} is a G-expression. | |
2314 | @end deffn | |
2315 | ||
2316 | G-expressions are meant to be written to disk, either as code building | |
2317 | some derivation, or as plain files in the store. The monadic procedures | |
2318 | below allow you to do that (@pxref{The Store Monad}, for more | |
2319 | information about monads.) | |
2320 | ||
2321 | @deffn {Monadic Procedure} gexp->derivation @var{name} @var{exp} @ | |
68a61e9f | 2322 | [#:system (%current-system)] [#:target #f] [#:inputs '()] @ |
21b679f6 LC |
2323 | [#:hash #f] [#:hash-algo #f] @ |
2324 | [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ | |
2325 | [#:references-graphs #f] [#:local-build? #f] @ | |
2326 | [#:guile-for-build #f] | |
2327 | Return a derivation @var{name} that runs @var{exp} (a gexp) with | |
68a61e9f LC |
2328 | @var{guile-for-build} (a derivation) on @var{system}. When @var{target} |
2329 | is true, it is used as the cross-compilation target triplet for packages | |
2330 | referred to by @var{exp}. | |
21b679f6 LC |
2331 | |
2332 | Make @var{modules} available in the evaluation context of @var{EXP}; | |
2333 | @var{MODULES} is a list of names of Guile modules from the current | |
2334 | search path to be copied in the store, compiled, and made available in | |
2335 | the load path during the execution of @var{exp}---e.g., @code{((guix | |
2336 | build utils) (guix build gnu-build-system))}. | |
2337 | ||
b53833b2 LC |
2338 | When @var{references-graphs} is true, it must be a list of tuples of one of the |
2339 | following forms: | |
2340 | ||
2341 | @example | |
2342 | (@var{file-name} @var{package}) | |
2343 | (@var{file-name} @var{package} @var{output}) | |
2344 | (@var{file-name} @var{derivation}) | |
2345 | (@var{file-name} @var{derivation} @var{output}) | |
2346 | (@var{file-name} @var{store-item}) | |
2347 | @end example | |
2348 | ||
2349 | The right-hand-side of each element of @var{references-graphs} is automatically made | |
2350 | an input of the build process of @var{exp}. In the build environment, each | |
2351 | @var{file-name} contains the reference graph of the corresponding item, in a simple | |
2352 | text format. | |
2353 | ||
e20fd1bf | 2354 | The other arguments are as for @code{derivation} (@pxref{Derivations}). |
21b679f6 LC |
2355 | @end deffn |
2356 | ||
2357 | @deffn {Monadic Procedure} gexp->script @var{name} @var{exp} | |
2358 | Return an executable script @var{name} that runs @var{exp} using | |
2359 | @var{guile} with @var{modules} in its search path. | |
2360 | ||
2361 | The example below builds a script that simply invokes the @command{ls} | |
2362 | command: | |
2363 | ||
2364 | @example | |
2365 | (use-modules (guix gexp) (gnu packages base)) | |
2366 | ||
2367 | (gexp->script "list-files" | |
2368 | #~(execl (string-append #$coreutils "/bin/ls") | |
2369 | "ls")) | |
2370 | @end example | |
2371 | ||
2372 | When ``running'' it through the store (@pxref{The Store Monad, | |
e20fd1bf | 2373 | @code{run-with-store}}), we obtain a derivation that produces an |
21b679f6 LC |
2374 | executable file @file{/gnu/store/@dots{}-list-files} along these lines: |
2375 | ||
2376 | @example | |
2377 | #!/gnu/store/@dots{}-guile-2.0.11/bin/guile -ds | |
2378 | !# | |
2379 | (execl (string-append "/gnu/store/@dots{}-coreutils-8.22"/bin/ls") | |
2380 | "ls") | |
2381 | @end example | |
2382 | @end deffn | |
2383 | ||
2384 | @deffn {Monadic Procedure} gexp->file @var{name} @var{exp} | |
2385 | Return a derivation that builds a file @var{name} containing @var{exp}. | |
2386 | ||
2387 | The resulting file holds references to all the dependencies of @var{exp} | |
2388 | or a subset thereof. | |
2389 | @end deffn | |
2390 | ||
2391 | Of course, in addition to gexps embedded in ``host'' code, there are | |
2392 | also modules containing build tools. To make it clear that they are | |
2393 | meant to be used in the build stratum, these modules are kept in the | |
2394 | @code{(guix build @dots{})} name space. | |
2395 | ||
2396 | ||
568717fd LC |
2397 | @c ********************************************************************* |
2398 | @node Utilities | |
2399 | @chapter Utilities | |
2400 | ||
210cc920 LC |
2401 | This section describes tools primarily targeted at developers and users |
2402 | who write new package definitions. They complement the Scheme | |
2403 | programming interface of Guix in a convenient way. | |
2404 | ||
568717fd | 2405 | @menu |
37166310 | 2406 | * Invoking guix build:: Building packages from the command line. |
210cc920 | 2407 | * Invoking guix download:: Downloading a file and printing its hash. |
37166310 LC |
2408 | * Invoking guix hash:: Computing the cryptographic hash of a file. |
2409 | * Invoking guix refresh:: Updating package definitions. | |
b4f5e0e8 | 2410 | * Invoking guix lint:: Finding errors in package definitions. |
568717fd LC |
2411 | @end menu |
2412 | ||
e49951eb MW |
2413 | @node Invoking guix build |
2414 | @section Invoking @command{guix build} | |
568717fd | 2415 | |
e49951eb | 2416 | The @command{guix build} command builds packages or derivations and |
6798a8e4 LC |
2417 | their dependencies, and prints the resulting store paths. Note that it |
2418 | does not modify the user's profile---this is the job of the | |
e49951eb | 2419 | @command{guix package} command (@pxref{Invoking guix package}). Thus, |
6798a8e4 LC |
2420 | it is mainly useful for distribution developers. |
2421 | ||
2422 | The general syntax is: | |
c78bd12b LC |
2423 | |
2424 | @example | |
e49951eb | 2425 | guix build @var{options} @var{package-or-derivation}@dots{} |
c78bd12b LC |
2426 | @end example |
2427 | ||
2428 | @var{package-or-derivation} may be either the name of a package found in | |
5401dd75 LC |
2429 | the software distribution such as @code{coreutils} or |
2430 | @code{coreutils-8.20}, or a derivation such as | |
834129e0 | 2431 | @file{/gnu/store/@dots{}-coreutils-8.19.drv}. In the former case, a |
e7f34eb0 LC |
2432 | package with the corresponding name (and optionally version) is searched |
2433 | for among the GNU distribution modules (@pxref{Package Modules}). | |
2434 | ||
2435 | Alternatively, the @code{--expression} option may be used to specify a | |
2436 | Scheme expression that evaluates to a package; this is useful when | |
2437 | disambiguation among several same-named packages or package variants is | |
2438 | needed. | |
c78bd12b LC |
2439 | |
2440 | The @var{options} may be zero or more of the following: | |
2441 | ||
2442 | @table @code | |
2443 | ||
2444 | @item --expression=@var{expr} | |
2445 | @itemx -e @var{expr} | |
ac5de156 | 2446 | Build the package or derivation @var{expr} evaluates to. |
c78bd12b | 2447 | |
5401dd75 | 2448 | For example, @var{expr} may be @code{(@@ (gnu packages guile) |
c78bd12b LC |
2449 | guile-1.8)}, which unambiguously designates this specific variant of |
2450 | version 1.8 of Guile. | |
2451 | ||
56b82106 LC |
2452 | Alternately, @var{expr} may be a G-expression, in which case it is used |
2453 | as a build program passed to @code{gexp->derivation} | |
2454 | (@pxref{G-Expressions}). | |
2455 | ||
2456 | Lastly, @var{expr} may refer to a zero-argument monadic procedure | |
ac5de156 LC |
2457 | (@pxref{The Store Monad}). The procedure must return a derivation as a |
2458 | monadic value, which is then passed through @code{run-with-store}. | |
2459 | ||
c78bd12b LC |
2460 | @item --source |
2461 | @itemx -S | |
2462 | Build the packages' source derivations, rather than the packages | |
2463 | themselves. | |
2464 | ||
e49951eb | 2465 | For instance, @code{guix build -S gcc} returns something like |
834129e0 | 2466 | @file{/gnu/store/@dots{}-gcc-4.7.2.tar.bz2}, which is GCC's source tarball. |
c78bd12b | 2467 | |
f9cc8971 LC |
2468 | The returned source tarball is the result of applying any patches and |
2469 | code snippets specified in the package's @code{origin} (@pxref{Defining | |
2470 | Packages}). | |
2471 | ||
c78bd12b LC |
2472 | @item --system=@var{system} |
2473 | @itemx -s @var{system} | |
2474 | Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of | |
2475 | the host's system type. | |
2476 | ||
2477 | An example use of this is on Linux-based systems, which can emulate | |
2478 | different personalities. For instance, passing | |
2479 | @code{--system=i686-linux} on an @code{x86_64-linux} system allows users | |
2480 | to build packages in a complete 32-bit environment. | |
2481 | ||
e55ec43d LC |
2482 | @item --target=@var{triplet} |
2483 | @cindex cross-compilation | |
2484 | Cross-build for @var{triplet}, which must be a valid GNU triplet, such | |
2485 | as @code{"mips64el-linux-gnu"} (@pxref{Configuration Names, GNU | |
2486 | configuration triplets,, configure, GNU Configure and Build System}). | |
2487 | ||
7f3673f2 LC |
2488 | @item --with-source=@var{source} |
2489 | Use @var{source} as the source of the corresponding package. | |
2490 | @var{source} must be a file name or a URL, as for @command{guix | |
2491 | download} (@pxref{Invoking guix download}). | |
2492 | ||
2493 | The ``corresponding package'' is taken to be one specified on the | |
2494 | command line whose name matches the base of @var{source}---e.g., if | |
2495 | @var{source} is @code{/src/guile-2.0.10.tar.gz}, the corresponding | |
2496 | package is @code{guile}. Likewise, the version string is inferred from | |
2497 | @var{source}; in the previous example, it's @code{2.0.10}. | |
2498 | ||
2499 | This option allows users to try out versions of packages other than the | |
2500 | one provided by the distribution. The example below downloads | |
2501 | @file{ed-1.7.tar.gz} from a GNU mirror and uses that as the source for | |
2502 | the @code{ed} package: | |
2503 | ||
2504 | @example | |
2505 | guix build ed --with-source=mirror://gnu/ed/ed-1.7.tar.gz | |
2506 | @end example | |
2507 | ||
2508 | As a developer, @code{--with-source} makes it easy to test release | |
2509 | candidates: | |
2510 | ||
2511 | @example | |
2512 | guix build guile --with-source=../guile-2.0.9.219-e1bb7.tar.xz | |
2513 | @end example | |
2514 | ||
2515 | ||
c78bd12b LC |
2516 | @item --derivations |
2517 | @itemx -d | |
2518 | Return the derivation paths, not the output paths, of the given | |
2519 | packages. | |
2520 | ||
70ee5642 LC |
2521 | @item --root=@var{file} |
2522 | @itemx -r @var{file} | |
2523 | Make @var{file} a symlink to the result, and register it as a garbage | |
2524 | collector root. | |
2525 | ||
2526 | @item --log-file | |
2527 | Return the build log file names for the given | |
2528 | @var{package-or-derivation}s, or raise an error if build logs are | |
2529 | missing. | |
2530 | ||
2531 | This works regardless of how packages or derivations are specified. For | |
2532 | instance, the following invocations are equivalent: | |
2533 | ||
2534 | @example | |
2535 | guix build --log-file `guix build -d guile` | |
2536 | guix build --log-file `guix build guile` | |
2537 | guix build --log-file guile | |
2538 | guix build --log-file -e '(@@ (gnu packages guile) guile-2.0)' | |
2539 | @end example | |
2540 | ||
2541 | ||
2542 | @end table | |
2543 | ||
2544 | @cindex common build options | |
2545 | In addition, a number of options that control the build process are | |
2546 | common to @command{guix build} and other commands that can spawn builds, | |
2547 | such as @command{guix package} or @command{guix archive}. These are the | |
2548 | following: | |
2549 | ||
2550 | @table @code | |
2551 | ||
300868ba LC |
2552 | @item --load-path=@var{directory} |
2553 | @itemx -L @var{directory} | |
2554 | Add @var{directory} to the front of the package module search path | |
2555 | (@pxref{Package Modules}). | |
2556 | ||
2557 | This allows users to define their own packages and make them visible to | |
2558 | the command-line tools. | |
2559 | ||
c78bd12b LC |
2560 | @item --keep-failed |
2561 | @itemx -K | |
2562 | Keep the build tree of failed builds. Thus, if a build fail, its build | |
2563 | tree is kept under @file{/tmp}, in a directory whose name is shown at | |
2564 | the end of the build log. This is useful when debugging build issues. | |
2565 | ||
2566 | @item --dry-run | |
2567 | @itemx -n | |
2568 | Do not build the derivations. | |
2569 | ||
56b1f4b7 LC |
2570 | @item --fallback |
2571 | When substituting a pre-built binary fails, fall back to building | |
2572 | packages locally. | |
2573 | ||
c78bd12b | 2574 | @item --no-substitutes |
b5385b52 | 2575 | Do not use substitutes for build products. That is, always build things |
c4202d60 LC |
2576 | locally instead of allowing downloads of pre-built binaries |
2577 | (@pxref{Substitutes}). | |
c78bd12b | 2578 | |
425b0bfc | 2579 | @item --no-build-hook |
4ec2e92d LC |
2580 | Do not attempt to offload builds @i{via} the daemon's ``build hook'' |
2581 | (@pxref{Daemon Offload Setup}). That is, always build things locally | |
2582 | instead of offloading builds to remote machines. | |
425b0bfc | 2583 | |
969e678e LC |
2584 | @item --max-silent-time=@var{seconds} |
2585 | When the build or substitution process remains silent for more than | |
2586 | @var{seconds}, terminate it and report a build failure. | |
2587 | ||
002622b6 LC |
2588 | @item --timeout=@var{seconds} |
2589 | Likewise, when the build or substitution process lasts for more than | |
2590 | @var{seconds}, terminate it and report a build failure. | |
2591 | ||
2592 | By default there is no timeout. This behavior can be restored with | |
2593 | @code{--timeout=0}. | |
2594 | ||
07ab4bf1 LC |
2595 | @item --verbosity=@var{level} |
2596 | Use the given verbosity level. @var{level} must be an integer between 0 | |
2597 | and 5; higher means more verbose output. Setting a level of 4 or more | |
2598 | may be helpful when debugging setup issues with the build daemon. | |
2599 | ||
70ee5642 LC |
2600 | @item --cores=@var{n} |
2601 | @itemx -c @var{n} | |
2602 | Allow the use of up to @var{n} CPU cores for the build. The special | |
2603 | value @code{0} means to use as many CPU cores as available. | |
bf421152 | 2604 | |
c78bd12b LC |
2605 | @end table |
2606 | ||
e49951eb | 2607 | Behind the scenes, @command{guix build} is essentially an interface to |
c78bd12b LC |
2608 | the @code{package-derivation} procedure of the @code{(guix packages)} |
2609 | module, and to the @code{build-derivations} procedure of the @code{(guix | |
2610 | store)} module. | |
2611 | ||
210cc920 LC |
2612 | @node Invoking guix download |
2613 | @section Invoking @command{guix download} | |
2614 | ||
2615 | When writing a package definition, developers typically need to download | |
2616 | the package's source tarball, compute its SHA256 hash, and write that | |
2617 | hash in the package definition (@pxref{Defining Packages}). The | |
2618 | @command{guix download} tool helps with this task: it downloads a file | |
2619 | from the given URI, adds it to the store, and prints both its file name | |
2620 | in the store and its SHA256 hash. | |
2621 | ||
2622 | The fact that the downloaded file is added to the store saves bandwidth: | |
2623 | when the developer eventually tries to build the newly defined package | |
2624 | with @command{guix build}, the source tarball will not have to be | |
2625 | downloaded again because it is already in the store. It is also a | |
2626 | convenient way to temporarily stash files, which may be deleted | |
2627 | eventually (@pxref{Invoking guix gc}). | |
2628 | ||
2629 | The @command{guix download} command supports the same URIs as used in | |
2630 | package definitions. In particular, it supports @code{mirror://} URIs. | |
2631 | @code{https} URIs (HTTP over TLS) are supported @emph{provided} the | |
2632 | Guile bindings for GnuTLS are available in the user's environment; when | |
2633 | they are not available, an error is raised. | |
2634 | ||
2635 | The following option is available: | |
2636 | ||
2637 | @table @code | |
2638 | @item --format=@var{fmt} | |
2639 | @itemx -f @var{fmt} | |
2640 | Write the hash in the format specified by @var{fmt}. For more | |
2641 | information on the valid values for @var{fmt}, @ref{Invoking guix hash}. | |
2642 | @end table | |
2643 | ||
6c365eca NK |
2644 | @node Invoking guix hash |
2645 | @section Invoking @command{guix hash} | |
2646 | ||
210cc920 | 2647 | The @command{guix hash} command computes the SHA256 hash of a file. |
6c365eca NK |
2648 | It is primarily a convenience tool for anyone contributing to the |
2649 | distribution: it computes the cryptographic hash of a file, which can be | |
2650 | used in the definition of a package (@pxref{Defining Packages}). | |
2651 | ||
2652 | The general syntax is: | |
2653 | ||
2654 | @example | |
2655 | guix hash @var{option} @var{file} | |
2656 | @end example | |
2657 | ||
2658 | @command{guix hash} has the following option: | |
2659 | ||
2660 | @table @code | |
2661 | ||
2662 | @item --format=@var{fmt} | |
2663 | @itemx -f @var{fmt} | |
210cc920 | 2664 | Write the hash in the format specified by @var{fmt}. |
6c365eca NK |
2665 | |
2666 | Supported formats: @code{nix-base32}, @code{base32}, @code{base16} | |
2667 | (@code{hex} and @code{hexadecimal} can be used as well). | |
2668 | ||
2669 | If the @option{--format} option is not specified, @command{guix hash} | |
2670 | will output the hash in @code{nix-base32}. This representation is used | |
2671 | in the definitions of packages. | |
2672 | ||
3140f2df LC |
2673 | @item --recursive |
2674 | @itemx -r | |
2675 | Compute the hash on @var{file} recursively. | |
2676 | ||
2677 | In this case, the hash is computed on an archive containing @var{file}, | |
2678 | including its children if it is a directory. Some of @var{file}'s | |
2679 | meta-data is part of the archive; for instance, when @var{file} is a | |
2680 | regular file, the hash is different depending on whether @var{file} is | |
2681 | executable or not. Meta-data such as time stamps has no impact on the | |
2682 | hash (@pxref{Invoking guix archive}). | |
2683 | @c FIXME: Replace xref above with xref to an ``Archive'' section when | |
2684 | @c it exists. | |
2685 | ||
6c365eca NK |
2686 | @end table |
2687 | ||
37166310 LC |
2688 | @node Invoking guix refresh |
2689 | @section Invoking @command{guix refresh} | |
2690 | ||
2691 | The primary audience of the @command{guix refresh} command is developers | |
2692 | of the GNU software distribution. By default, it reports any packages | |
2693 | provided by the distribution that are outdated compared to the latest | |
2694 | upstream version, like this: | |
2695 | ||
2696 | @example | |
2697 | $ guix refresh | |
2698 | gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1 | |
2699 | gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0 | |
2700 | @end example | |
2701 | ||
2702 | It does so by browsing each package's FTP directory and determining the | |
2703 | highest version number of the source tarballs | |
2704 | therein@footnote{Currently, this only works for GNU packages.}. | |
2705 | ||
2706 | When passed @code{--update}, it modifies distribution source files to | |
2707 | update the version numbers and source tarball hashes of those packages' | |
2708 | recipes (@pxref{Defining Packages}). This is achieved by downloading | |
2709 | each package's latest source tarball and its associated OpenPGP | |
2710 | signature, authenticating the downloaded tarball against its signature | |
2711 | using @command{gpg}, and finally computing its hash. When the public | |
2712 | key used to sign the tarball is missing from the user's keyring, an | |
2713 | attempt is made to automatically retrieve it from a public key server; | |
2714 | when it's successful, the key is added to the user's keyring; otherwise, | |
2715 | @command{guix refresh} reports an error. | |
2716 | ||
2717 | The following options are supported: | |
2718 | ||
2719 | @table @code | |
2720 | ||
2721 | @item --update | |
2722 | @itemx -u | |
2723 | Update distribution source files (package recipes) in place. | |
2724 | @ref{Defining Packages}, for more information on package definitions. | |
2725 | ||
2726 | @item --select=[@var{subset}] | |
2727 | @itemx -s @var{subset} | |
2728 | Select all the packages in @var{subset}, one of @code{core} or | |
2729 | @code{non-core}. | |
2730 | ||
2731 | The @code{core} subset refers to all the packages at the core of the | |
2732 | distribution---i.e., packages that are used to build ``everything | |
2733 | else''. This includes GCC, libc, Binutils, Bash, etc. Usually, | |
2734 | changing one of these packages in the distribution entails a rebuild of | |
2735 | all the others. Thus, such updates are an inconvenience to users in | |
2736 | terms of build time or bandwidth used to achieve the upgrade. | |
2737 | ||
2738 | The @code{non-core} subset refers to the remaining packages. It is | |
2739 | typically useful in cases where an update of the core packages would be | |
2740 | inconvenient. | |
2741 | ||
2742 | @end table | |
2743 | ||
2744 | In addition, @command{guix refresh} can be passed one or more package | |
2745 | names, as in this example: | |
2746 | ||
2747 | @example | |
2748 | guix refresh -u emacs idutils | |
2749 | @end example | |
2750 | ||
2751 | @noindent | |
2752 | The command above specifically updates the @code{emacs} and | |
2753 | @code{idutils} packages. The @code{--select} option would have no | |
2754 | effect in this case. | |
2755 | ||
7d193ec3 EB |
2756 | When considering whether to upgrade a package, it is sometimes |
2757 | convenient to know which packages would be affected by the upgrade and | |
2758 | should be checked for compatibility. For this the following option may | |
2759 | be used when passing @command{guix refresh} one or more package names: | |
2760 | ||
2761 | @table @code | |
2762 | ||
2763 | @item --list-dependent | |
2764 | @itemx -l | |
2765 | List top-level dependent packages that would need to be rebuilt as a | |
2766 | result of upgrading one or more packages. | |
2767 | ||
2768 | @end table | |
2769 | ||
2770 | Be aware that the @code{--list-dependent} option only | |
2771 | @emph{approximates} the rebuilds that would be required as a result of | |
2772 | an upgrade. More rebuilds might be required under some circumstances. | |
2773 | ||
2774 | @example | |
7779ab61 LC |
2775 | $ guix refresh --list-dependent flex |
2776 | Building the following 120 packages would ensure 213 dependent packages are rebuilt: | |
2777 | hop-2.4.0 geiser-0.4 notmuch-0.18 mu-0.9.9.5 cflow-1.4 idutils-4.6 @dots{} | |
7d193ec3 EB |
2778 | @end example |
2779 | ||
2780 | The command above lists a set of packages that could be built to check | |
2781 | for compatibility with an upgraded @code{flex} package. | |
2782 | ||
f9230085 LC |
2783 | The following options can be used to customize GnuPG operation: |
2784 | ||
2785 | @table @code | |
2786 | ||
2787 | @item --key-server=@var{host} | |
2788 | Use @var{host} as the OpenPGP key server when importing a public key. | |
2789 | ||
2790 | @item --gpg=@var{command} | |
2791 | Use @var{command} as the GnuPG 2.x command. @var{command} is searched | |
2792 | for in @code{$PATH}. | |
2793 | ||
2794 | @end table | |
2795 | ||
b4f5e0e8 CR |
2796 | @node Invoking guix lint |
2797 | @section Invoking @command{guix lint} | |
2798 | The @command{guix lint} is meant to help package developers avoid common | |
2799 | errors and use a consistent style. It runs a few checks on a given set of | |
2800 | packages in order to find common mistakes in their definitions. | |
2801 | ||
2802 | The general syntax is: | |
2803 | ||
2804 | @example | |
2805 | guix lint @var{options} @var{package}@dots{} | |
2806 | @end example | |
2807 | ||
2808 | If no package is given on the command line, then all packages are checked. | |
2809 | The @var{options} may be zero or more of the following: | |
2810 | ||
2811 | @table @code | |
2812 | ||
2813 | @item --list-checkers | |
2814 | @itemx -l | |
2815 | List and describe all the available checkers that will be run on packages | |
2816 | and exit. | |
2817 | ||
2818 | @end table | |
37166310 | 2819 | |
a1ba8475 LC |
2820 | @c ********************************************************************* |
2821 | @node GNU Distribution | |
2822 | @chapter GNU Distribution | |
2823 | ||
2824 | Guix comes with a distribution of free software@footnote{The term | |
2825 | ``free'' here refers to the | |
2826 | @url{http://www.gnu.org/philosophy/free-sw.html,freedom provided to | |
c320011d | 2827 | users of that software}.} that forms the basis of the GNU system. This |
a1ba8475 LC |
2828 | includes core GNU packages such as GNU libc, GCC, and Binutils, as well |
2829 | as many GNU and non-GNU applications. The complete list of available | |
d03bb653 LC |
2830 | packages can be browsed |
2831 | @url{http://www.gnu.org/software/guix/package-list.html,on-line} or by | |
2832 | running @command{guix package} (@pxref{Invoking guix package}): | |
a1ba8475 LC |
2833 | |
2834 | @example | |
e49951eb | 2835 | guix package --list-available |
a1ba8475 LC |
2836 | @end example |
2837 | ||
401c53c4 LC |
2838 | Our goal is to build a practical 100% free software distribution of |
2839 | Linux-based and other variants of GNU, with a focus on the promotion and | |
2840 | tight integration of GNU components, and an emphasis on programs and | |
2841 | tools that help users exert that freedom. | |
2842 | ||
c320011d LC |
2843 | The GNU distribution is currently available on the following platforms: |
2844 | ||
2845 | @table @code | |
2846 | ||
2847 | @item x86_64-linux | |
2848 | Intel/AMD @code{x86_64} architecture, Linux-Libre kernel; | |
2849 | ||
2850 | @item i686-linux | |
2851 | Intel 32-bit architecture (IA32), Linux-Libre kernel; | |
2852 | ||
2853 | @item mips64el-linux | |
2854 | little-endian 64-bit MIPS processors, specifically the Loongson series, | |
2855 | n32 application binary interface (ABI), and Linux-Libre kernel. | |
2856 | ||
2857 | @end table | |
2858 | ||
2859 | @noindent | |
2860 | For information on porting to other architectures or kernels, | |
2861 | @xref{Porting}. | |
2862 | ||
401c53c4 | 2863 | @menu |
5af6de3e | 2864 | * System Installation:: Installing the whole operating system. |
cf4a9129 | 2865 | * System Configuration:: Configuring a GNU system. |
91ef73d4 | 2866 | * Installing Debugging Files:: Feeding the debugger. |
401c53c4 | 2867 | * Package Modules:: Packages from the programmer's viewpoint. |
da7cabd4 | 2868 | * Packaging Guidelines:: Growing the distribution. |
401c53c4 | 2869 | * Bootstrapping:: GNU/Linux built from scratch. |
8b315a6d | 2870 | * Porting:: Targeting another platform or kernel. |
401c53c4 LC |
2871 | @end menu |
2872 | ||
2873 | Building this distribution is a cooperative effort, and you are invited | |
2874 | to join! @ref{Contributing}, for information about how you can help. | |
2875 | ||
5af6de3e LC |
2876 | @node System Installation |
2877 | @section System Installation | |
2878 | ||
2879 | This section explains how to install the complete GNU operating system | |
2880 | on a machine. The Guix package manager can also be installed on top of | |
6621cdb6 | 2881 | a running GNU/Linux system, @pxref{Installation}. |
5af6de3e LC |
2882 | |
2883 | @ifinfo | |
2884 | @c This paragraph is for people reading this from tty2 of the | |
2885 | @c installation image. | |
2886 | You're reading this documentation with an Info reader. For details on | |
2887 | how to use it, hit the @key{RET} key (``return'' or ``enter'') on the | |
6621cdb6 | 2888 | link that follows: @pxref{Help,,, info, Info: An Introduction}. Hit |
5af6de3e LC |
2889 | @kbd{l} afterwards to come back here. |
2890 | @end ifinfo | |
2891 | ||
8aaaae38 LC |
2892 | @subsection Limitations |
2893 | ||
2894 | As of version @value{VERSION}, GNU@tie{}Guix and the GNU system | |
2895 | distribution are alpha software. It may contain bugs and lack important | |
2896 | features. Thus, if you are looking for a stable production system that | |
2897 | respects your freedom as a computer user, a good solution at this point | |
2898 | is to consider @url{http://www.gnu.org/distros/free-distros.html, one of | |
2899 | more established GNU/Linux distributions}. We hope you can soon switch | |
2900 | to the GNU system without fear, of course. In the meantime, you can | |
2901 | also keep using your distribution and try out the package manager on top | |
2902 | of it (@pxref{Installation}). | |
2903 | ||
2904 | Before you proceed with the installation, be aware of the following | |
2905 | noteworthy limitations applicable to version @value{VERSION}: | |
2906 | ||
2907 | @itemize | |
2908 | @item | |
2909 | The installation process does not include a graphical user interface and | |
2910 | requires familiarity with GNU/Linux (see the following subsections to | |
2911 | get a feel of what that means.) | |
2912 | ||
2913 | @item | |
2914 | The system does not yet provide graphical desktop environments such as | |
2915 | GNOME and KDE. | |
2916 | ||
2917 | @item | |
dbcb0ab1 | 2918 | Support for the Logical Volume Manager (LVM) is missing. |
8aaaae38 LC |
2919 | |
2920 | @item | |
2921 | Few system services are currently supported out-of-the-box | |
2922 | (@pxref{Services}). | |
2923 | ||
2924 | @item | |
2925 | On the order of 1,000 packages are available, which means that you may | |
2926 | occasionally find that a useful package is missing. | |
2927 | @end itemize | |
2928 | ||
2929 | You've been warned. But more than a disclaimer, this is an invitation | |
2930 | to report issues (and success stories!), and join us in improving it. | |
2931 | @xref{Contributing}, for more info. | |
5af6de3e LC |
2932 | |
2933 | @subsection USB Stick Installation | |
2934 | ||
2935 | An installation image for USB sticks can be downloaded from | |
2936 | @url{ftp://alpha.gnu.org/gnu/guix/gnu-usb-install-@value{VERSION}.@var{system}.xz}, | |
2937 | where @var{system} is one of: | |
2938 | ||
2939 | @table @code | |
2940 | @item x86_64-linux | |
2941 | for a GNU/Linux system on Intel/AMD-compatible 64-bit CPUs; | |
2942 | ||
2943 | @item i686-linux | |
2944 | for a 32-bit GNU/Linux system on Intel-compatible CPUs. | |
2945 | @end table | |
2946 | ||
2947 | This image contains a single partition with the tools necessary for an | |
2948 | installation. It is meant to be copied @emph{as is} to a large-enough | |
2949 | USB stick. | |
2950 | ||
2951 | To copy the image to a USB stick, follow these steps: | |
2952 | ||
2953 | @enumerate | |
2954 | @item | |
2955 | Decompress the image using the @command{xz} command: | |
2956 | ||
2957 | @example | |
2958 | xz -d gnu-usb-install-@value{VERSION}.@var{system}.xz | |
2959 | @end example | |
2960 | ||
2961 | @item | |
2962 | Insert a USB stick of 1@tie{}GiB or more in your machine, and determine | |
2963 | its device name. Assuming that USB stick is known as @file{/dev/sdX}, | |
2964 | copy the image with: | |
2965 | ||
2966 | @example | |
445d6529 | 2967 | dd if=gnu-usb-install-@value{VERSION}.x86_64 of=/dev/sdX |
5af6de3e LC |
2968 | @end example |
2969 | ||
2970 | Access to @file{/dev/sdX} usually requires root privileges. | |
2971 | @end enumerate | |
2972 | ||
2973 | Once this is done, you should be able to reboot the system and boot from | |
2974 | the USB stick. The latter usually requires you to get in the BIOS' boot | |
2975 | menu, where you can choose to boot from the USB stick. | |
2976 | ||
2977 | @subsection Preparing for Installation | |
2978 | ||
2979 | Once you have successfully booted the image on the USB stick, you should | |
2980 | end up with a root prompt. Several console TTYs are configured and can | |
2981 | be used to run commands as root. TTY2 shows this documentation, | |
2982 | browsable using the Info reader commands (@pxref{Help,,, info, Info: An | |
2983 | Introduction}). | |
2984 | ||
2985 | To install the system, you would: | |
2986 | ||
2987 | @enumerate | |
2988 | ||
2989 | @item | |
2990 | Configure the network, by running @command{dhclient eth0} (to get an | |
2991 | automatically assigned IP address from the wired network interface | |
2992 | controller), or using the @command{ifconfig} command. | |
2993 | ||
2994 | The system automatically loads drivers for your network interface | |
2995 | controllers. | |
2996 | ||
2997 | Setting up network access is almost always a requirement because the | |
2998 | image does not contain all the software and tools that may be needed. | |
2999 | ||
3000 | @item | |
3001 | Unless this has already been done, you must partition and format the | |
3002 | target partitions. | |
3003 | ||
7ab44369 LC |
3004 | Preferably, assign partitions a label so that you can easily and |
3005 | reliably refer to them in @code{file-system} declarations (@pxref{File | |
3006 | Systems}). This is typically done using the @code{-L} option of | |
3007 | @command{mkfs.ext4} and related commands. | |
3008 | ||
5af6de3e LC |
3009 | The installation image includes Parted (@pxref{Overview,,, parted, GNU |
3010 | Parted User Manual}), @command{fdisk}, and e2fsprogs, the suite of tools | |
3011 | to manipulate ext2/ext3/ext4 file systems. | |
3012 | ||
83a17b62 LC |
3013 | @item |
3014 | Once that is done, mount the target root partition under @file{/mnt}. | |
3015 | ||
3016 | @item | |
3017 | Lastly, run @code{deco start cow-store /mnt}. | |
3018 | ||
3019 | This will make @file{/gnu/store} copy-on-write, such that packages added | |
3020 | to it during the installation phase will be written to the target disk | |
3021 | rather than kept in memory. | |
3022 | ||
5af6de3e LC |
3023 | @end enumerate |
3024 | ||
5af6de3e LC |
3025 | |
3026 | @subsection Proceeding with the Installation | |
3027 | ||
3028 | With the target partitions ready, you now have to edit a file and | |
3029 | provide the declaration of the operating system to be installed. To | |
3030 | that end, the installation system comes with two text editors: GNU nano | |
3031 | (@pxref{Top,,, nano, GNU nano Manual}), and GNU Zile, an Emacs clone. | |
3032 | It is better to store that file on the target root file system, say, as | |
3033 | @file{/mnt/etc/config.scm}. | |
3034 | ||
3035 | A minimal operating system configuration, with just the bare minimum and | |
1dac8566 LC |
3036 | only a root account would look like this (on the installation system, |
3037 | this example is available as @file{/etc/configuration-template.scm}): | |
5af6de3e LC |
3038 | |
3039 | @example | |
931c132a | 3040 | @include os-config.texi |
5af6de3e LC |
3041 | @end example |
3042 | ||
3043 | @noindent | |
3044 | For more information on @code{operating-system} declarations, | |
6621cdb6 | 3045 | @pxref{Using the Configuration System}. |
5af6de3e LC |
3046 | |
3047 | Once that is done, the new system must be initialized (remember that the | |
3048 | target root file system is mounted under @file{/mnt}): | |
3049 | ||
3050 | @example | |
3051 | guix system init /mnt/etc/config.scm /mnt | |
3052 | @end example | |
3053 | ||
3054 | @noindent | |
3055 | This will copy all the necessary files, and install GRUB on | |
3056 | @file{/dev/sdX}, unless you pass the @option{--no-grub} option. For | |
6621cdb6 | 3057 | more information, @pxref{Invoking guix system}. This command may trigger |
5af6de3e LC |
3058 | downloads or builds of missing packages, which can take some time. |
3059 | ||
3060 | Once that command has completed---and hopefully succeeded!---you can | |
ad14d9e7 | 3061 | run @command{reboot} and boot into the new system. Cross fingers, and |
5af6de3e LC |
3062 | join us on @code{#guix} on the Freenode IRC network or on |
3063 | @file{guix-devel@@gnu.org} to share your experience---good or not so | |
3064 | good. | |
3065 | ||
3066 | @subsection Building the Installation Image | |
3067 | ||
3068 | The installation image described above was built using the @command{guix | |
3069 | system} command, specifically: | |
3070 | ||
3071 | @example | |
3072 | guix system disk-image --image-size=800MiB gnu/system/install.scm | |
3073 | @end example | |
3074 | ||
3075 | @xref{Invoking guix system}, for more information. See | |
3076 | @file{gnu/system/install.scm} in the source tree for more information | |
3077 | about the installation image. | |
3078 | ||
cf4a9129 LC |
3079 | @node System Configuration |
3080 | @section System Configuration | |
b208a005 | 3081 | |
cf4a9129 LC |
3082 | @cindex system configuration |
3083 | The GNU system supports a consistent whole-system configuration | |
3084 | mechanism. By that we mean that all aspects of the global system | |
3085 | configuration---such as the available system services, timezone and | |
3086 | locale settings, user accounts---are declared in a single place. Such | |
3087 | a @dfn{system configuration} can be @dfn{instantiated}---i.e., effected. | |
91ef73d4 | 3088 | |
cf4a9129 LC |
3089 | One of the advantages of putting all the system configuration under the |
3090 | control of Guix is that it supports transactional system upgrades, and | |
3091 | makes it possible to roll-back to a previous system instantiation, | |
3092 | should something go wrong with the new one (@pxref{Features}). Another | |
3093 | one is that it makes it easy to replicate the exact same configuration | |
3094 | across different machines, or at different points in time, without | |
3095 | having to resort to additional administration tools layered on top of | |
3096 | the system's own tools. | |
3097 | @c Yes, we're talking of Puppet, Chef, & co. here. ↑ | |
91ef73d4 | 3098 | |
cf4a9129 LC |
3099 | This section describes this mechanism. First we focus on the system |
3100 | administrator's viewpoint---explaining how the system is configured and | |
3101 | instantiated. Then we show how this mechanism can be extended, for | |
3102 | instance to support new system services. | |
91ef73d4 | 3103 | |
cf4a9129 LC |
3104 | @menu |
3105 | * Using the Configuration System:: Customizing your GNU system. | |
3106 | * File Systems:: Configuring file system mounts. | |
510f9d86 | 3107 | * Mapped Devices:: Block device extra processing. |
cf4a9129 LC |
3108 | * User Accounts:: Specifying user accounts. |
3109 | * Services:: Specifying system services. | |
0ae8c15a | 3110 | * Setuid Programs:: Programs running with root privileges. |
fd1b1fa2 | 3111 | * Initial RAM Disk:: Linux-Libre bootstrapping. |
cf4a9129 LC |
3112 | * Invoking guix system:: Instantiating a system configuration. |
3113 | * Defining Services:: Adding new service definitions. | |
3114 | @end menu | |
91ef73d4 | 3115 | |
cf4a9129 LC |
3116 | @node Using the Configuration System |
3117 | @subsection Using the Configuration System | |
64d76fa6 | 3118 | |
cf4a9129 LC |
3119 | The operating system is configured by providing an |
3120 | @code{operating-system} declaration in a file that can then be passed to | |
3121 | the @command{guix system} command (@pxref{Invoking guix system}). A | |
3122 | simple setup, with the default system services, the default Linux-Libre | |
3123 | kernel, initial RAM disk, and boot loader looks like this: | |
91ef73d4 | 3124 | |
cf4a9129 LC |
3125 | @findex operating-system |
3126 | @lisp | |
3127 | (use-modules (gnu) ; for 'user-account', '%base-services', etc. | |
3128 | (gnu packages emacs) ; for 'emacs' | |
3129 | (gnu services ssh)) ; for 'lsh-service' | |
91ef73d4 | 3130 | |
cf4a9129 LC |
3131 | (operating-system |
3132 | (host-name "komputilo") | |
3133 | (timezone "Europe/Paris") | |
3134 | (locale "fr_FR.UTF-8") | |
3135 | (bootloader (grub-configuration | |
3136 | (device "/dev/sda"))) | |
a69576ea | 3137 | (file-systems (cons (file-system |
cf4a9129 LC |
3138 | (device "/dev/sda1") ; or partition label |
3139 | (mount-point "/") | |
a69576ea LC |
3140 | (type "ext3")) |
3141 | %base-file-systems)) | |
cf4a9129 LC |
3142 | (users (list (user-account |
3143 | (name "alice") | |
3144 | (password "") | |
1c00f836 | 3145 | (uid 1000) (group 100) |
cf4a9129 LC |
3146 | (comment "Bob's sister") |
3147 | (home-directory "/home/alice")))) | |
3148 | (packages (cons emacs %base-packages)) | |
3149 | (services (cons (lsh-service #:port 2222 #:allow-root-login? #t) | |
3150 | %base-services))) | |
3151 | @end lisp | |
401c53c4 | 3152 | |
cf4a9129 LC |
3153 | This example should be self-describing. Some of the fields defined |
3154 | above, such as @code{host-name} and @code{bootloader}, are mandatory. | |
3155 | Others, such as @code{packages} and @code{services}, can be omitted, in | |
3156 | which case they get a default value. | |
e7f34eb0 | 3157 | |
cf4a9129 LC |
3158 | @vindex %base-packages |
3159 | The @code{packages} field lists | |
3160 | packages that will be globally visible on the system, for all user | |
3161 | accounts---i.e., in every user's @code{PATH} environment variable---in | |
3162 | addition to the per-user profiles (@pxref{Invoking guix package}). The | |
3163 | @var{%base-packages} variable provides all the tools one would expect | |
3164 | for basic user and administrator tasks---including the GNU Core | |
3165 | Utilities, the GNU Networking Utilities, the GNU Zile lightweight text | |
3166 | editor, @command{find}, @command{grep}, etc. The example above adds | |
3167 | Emacs to those, taken from the @code{(gnu packages emacs)} module | |
3168 | (@pxref{Package Modules}). | |
e7f34eb0 | 3169 | |
cf4a9129 LC |
3170 | @vindex %base-services |
3171 | The @code{services} field lists @dfn{system services} to be made | |
3172 | available when the system starts (@pxref{Services}). | |
3173 | The @code{operating-system} declaration above specifies that, in | |
3174 | addition to the basic services, we want the @command{lshd} secure shell | |
3175 | daemon listening on port 2222, and allowing remote @code{root} logins | |
3176 | (@pxref{Invoking lshd,,, lsh, GNU lsh Manual}). Under the hood, | |
3177 | @code{lsh-service} arranges so that @code{lshd} is started with the | |
3178 | right command-line options, possibly with supporting configuration files | |
3179 | generated as needed (@pxref{Defining Services}). | |
a1ba8475 | 3180 | |
cf4a9129 LC |
3181 | Assuming the above snippet is stored in the @file{my-system-config.scm} |
3182 | file, the @command{guix system reconfigure my-system-config.scm} command | |
3183 | instantiates that configuration, and makes it the default GRUB boot | |
3184 | entry (@pxref{Invoking guix system}). The normal way to change the | |
3185 | system's configuration is by updating this file and re-running the | |
3186 | @command{guix system} command. | |
b81e1947 | 3187 | |
cf4a9129 LC |
3188 | At the Scheme level, the bulk of an @code{operating-system} declaration |
3189 | is instantiated with the following monadic procedure (@pxref{The Store | |
3190 | Monad}): | |
b81e1947 | 3191 | |
cf4a9129 LC |
3192 | @deffn {Monadic Procedure} operating-system-derivation os |
3193 | Return a derivation that builds @var{os}, an @code{operating-system} | |
3194 | object (@pxref{Derivations}). | |
b81e1947 | 3195 | |
cf4a9129 LC |
3196 | The output of the derivation is a single directory that refers to all |
3197 | the packages, configuration files, and other supporting files needed to | |
3198 | instantiate @var{os}. | |
3199 | @end deffn | |
b81e1947 | 3200 | |
cf4a9129 LC |
3201 | @node File Systems |
3202 | @subsection File Systems | |
b81e1947 | 3203 | |
cf4a9129 LC |
3204 | The list of file systems to be mounted is specified in the |
3205 | @code{file-systems} field of the operating system's declaration | |
3206 | (@pxref{Using the Configuration System}). Each file system is declared | |
3207 | using the @code{file-system} form, like this: | |
b81e1947 LC |
3208 | |
3209 | @example | |
cf4a9129 LC |
3210 | (file-system |
3211 | (mount-point "/home") | |
3212 | (device "/dev/sda3") | |
3213 | (type "ext4")) | |
b81e1947 LC |
3214 | @end example |
3215 | ||
cf4a9129 LC |
3216 | As usual, some of the fields are mandatory---those shown in the example |
3217 | above---while others can be omitted. These are described below. | |
b81e1947 | 3218 | |
cf4a9129 LC |
3219 | @deftp {Data Type} file-system |
3220 | Objects of this type represent file systems to be mounted. They | |
3221 | contain the following members: | |
5ff3c4b8 | 3222 | |
cf4a9129 LC |
3223 | @table @asis |
3224 | @item @code{type} | |
3225 | This is a string specifying the type of the file system---e.g., | |
3226 | @code{"ext4"}. | |
5ff3c4b8 | 3227 | |
cf4a9129 LC |
3228 | @item @code{mount-point} |
3229 | This designates the place where the file system is to be mounted. | |
b81e1947 | 3230 | |
cf4a9129 LC |
3231 | @item @code{device} |
3232 | This names the ``source'' of the file system. By default it is the name | |
3233 | of a node under @file{/dev}, but its meaning depends on the @code{title} | |
3234 | field described below. | |
401c53c4 | 3235 | |
cf4a9129 LC |
3236 | @item @code{title} (default: @code{'device}) |
3237 | This is a symbol that specifies how the @code{device} field is to be | |
3238 | interpreted. | |
401c53c4 | 3239 | |
cf4a9129 LC |
3240 | When it is the symbol @code{device}, then the @code{device} field is |
3241 | interpreted as a file name; when it is @code{label}, then @code{device} | |
3242 | is interpreted as a partition label name; when it is @code{uuid}, | |
3243 | @code{device} is interpreted as a partition unique identifier (UUID). | |
da7cabd4 | 3244 | |
cf4a9129 LC |
3245 | The @code{label} and @code{uuid} options offer a way to refer to disk |
3246 | partitions without having to hard-code their actual device name. | |
da7cabd4 | 3247 | |
cf4a9129 LC |
3248 | @item @code{flags} (default: @code{'()}) |
3249 | This is a list of symbols denoting mount flags. Recognized flags | |
2c071ce9 LC |
3250 | include @code{read-only}, @code{bind-mount}, @code{no-dev} (disallow |
3251 | access to special files), @code{no-suid} (ignore setuid and setgid | |
3252 | bits), and @code{no-exec} (disallow program execution.) | |
da7cabd4 | 3253 | |
cf4a9129 LC |
3254 | @item @code{options} (default: @code{#f}) |
3255 | This is either @code{#f}, or a string denoting mount options. | |
da7cabd4 | 3256 | |
cf4a9129 LC |
3257 | @item @code{needed-for-boot?} (default: @code{#f}) |
3258 | This Boolean value indicates whether the file system is needed when | |
3259 | booting. If that is true, then the file system is mounted when the | |
3260 | initial RAM disk (initrd) is loaded. This is always the case, for | |
3261 | instance, for the root file system. | |
da7cabd4 | 3262 | |
cf4a9129 LC |
3263 | @item @code{check?} (default: @code{#t}) |
3264 | This Boolean indicates whether the file system needs to be checked for | |
3265 | errors before being mounted. | |
f9cc8971 | 3266 | |
4e469051 LC |
3267 | @item @code{create-mount-point?} (default: @code{#f}) |
3268 | When true, the mount point is created if it does not exist yet. | |
3269 | ||
cf4a9129 LC |
3270 | @end table |
3271 | @end deftp | |
da7cabd4 | 3272 | |
a69576ea LC |
3273 | The @code{(gnu system file-systems)} exports the following useful |
3274 | variables. | |
3275 | ||
3276 | @defvr {Scheme Variable} %base-file-systems | |
3277 | These are essential file systems that are required on normal systems, | |
3278 | such as @var{%devtmpfs-file-system} (see below.) Operating system | |
3279 | declarations should always contain at least these. | |
3280 | @end defvr | |
3281 | ||
3282 | @defvr {Scheme Variable} %devtmpfs-file-system | |
3283 | The @code{devtmpfs} file system to be mounted on @file{/dev}. This is a | |
3284 | requirement for udev (@pxref{Base Services, @code{udev-service}}). | |
3285 | @end defvr | |
3286 | ||
7f239fd3 LC |
3287 | @defvr {Scheme Variable} %pseudo-terminal-file-system |
3288 | This is the file system to be mounted as @file{/dev/pts}. It supports | |
3289 | @dfn{pseudo-terminals} created @i{via} @code{openpty} and similar | |
3290 | functions (@pxref{Pseudo-Terminals,,, libc, The GNU C Library Reference | |
3291 | Manual}). Pseudo-terminals are used by terminal emulators such as | |
3292 | @command{xterm}. | |
3293 | @end defvr | |
3294 | ||
db17ae5c LC |
3295 | @defvr {Scheme Variable} %shared-memory-file-system |
3296 | This file system is mounted as @file{/dev/shm} and is used to support | |
3297 | memory sharing across processes (@pxref{Memory-mapped I/O, | |
3298 | @code{shm_open},, libc, The GNU C Library Reference Manual}). | |
3299 | @end defvr | |
3300 | ||
a69576ea LC |
3301 | @defvr {Scheme Variable} %binary-format-file-system |
3302 | The @code{binfmt_misc} file system, which allows handling of arbitrary | |
3303 | executable file types to be delegated to user space. This requires the | |
3304 | @code{binfmt.ko} kernel module to be loaded. | |
3305 | @end defvr | |
3306 | ||
3307 | @defvr {Scheme Variable} %fuse-control-file-system | |
3308 | The @code{fusectl} file system, which allows unprivileged users to mount | |
3309 | and unmount user-space FUSE file systems. This requires the | |
3310 | @code{fuse.ko} kernel module to be loaded. | |
3311 | @end defvr | |
3312 | ||
510f9d86 LC |
3313 | @node Mapped Devices |
3314 | @subsection Mapped Devices | |
3315 | ||
3316 | @cindex device mapping | |
3317 | @cindex mapped devices | |
3318 | The Linux kernel has a notion of @dfn{device mapping}: a block device, | |
3319 | such as a hard disk partition, can be @dfn{mapped} into another device, | |
3320 | with additional processing over the data that flows through | |
3321 | it@footnote{Note that the GNU@tie{}Hurd makes no difference between the | |
3322 | concept of a ``mapped device'' and that of a file system: both boil down | |
3323 | to @emph{translating} input/output operations made on a file to | |
3324 | operations on its backing store. Thus, the Hurd implements mapped | |
3325 | devices, like file systems, using the generic @dfn{translator} mechanism | |
3326 | (@pxref{Translators,,, hurd, The GNU Hurd Reference Manual}).}. A | |
3327 | typical example is encryption device mapping: all writes to the mapped | |
3328 | device are encrypted, and all reads are deciphered, transparently. | |
3329 | ||
3330 | Mapped devices are declared using the @code{mapped-device} form: | |
3331 | ||
3332 | @example | |
3333 | (mapped-device | |
3334 | (source "/dev/sda3") | |
3335 | (target "home") | |
3336 | (type luks-device-mapping)) | |
3337 | @end example | |
3338 | ||
3339 | @noindent | |
3340 | @cindex disk encryption | |
3341 | @cindex LUKS | |
3342 | This example specifies a mapping from @file{/dev/sda3} to | |
3343 | @file{/dev/mapper/home} using LUKS---the | |
3344 | @url{http://code.google.com/p/cryptsetup,Linux Unified Key Setup}, a | |
3345 | standard mechanism for disk encryption. The @file{/dev/mapper/home} | |
3346 | device can then be used as the @code{device} of a @code{file-system} | |
3347 | declaration (@pxref{File Systems}). The @code{mapped-device} form is | |
3348 | detailed below. | |
3349 | ||
3350 | @deftp {Data Type} mapped-device | |
3351 | Objects of this type represent device mappings that will be made when | |
3352 | the system boots up. | |
3353 | ||
3354 | @table @code | |
3355 | @item source | |
3356 | This string specifies the name of the block device to be mapped, such as | |
3357 | @code{"/dev/sda3"}. | |
3358 | ||
3359 | @item target | |
3360 | This string specifies the name of the mapping to be established. For | |
3361 | example, specifying @code{"my-partition"} will lead to the creation of | |
3362 | the @code{"/dev/mapper/my-partition"} device. | |
3363 | ||
3364 | @item type | |
3365 | This must be a @code{mapped-device-kind} object, which specifies how | |
3366 | @var{source} is mapped to @var{target}. | |
3367 | @end table | |
3368 | @end deftp | |
3369 | ||
3370 | @defvr {Scheme Variable} luks-device-mapping | |
3371 | This defines LUKS block device encryption using the @command{cryptsetup} | |
3372 | command, from the same-named package. This relies on the | |
3373 | @code{dm-crypt} Linux kernel module. | |
3374 | @end defvr | |
3375 | ||
cf4a9129 LC |
3376 | @node User Accounts |
3377 | @subsection User Accounts | |
ee85f3db | 3378 | |
cf4a9129 | 3379 | User accounts are specified with the @code{user-account} form: |
ee85f3db | 3380 | |
cf4a9129 LC |
3381 | @example |
3382 | (user-account | |
3383 | (name "alice") | |
3384 | (group "users") | |
24e752c0 LC |
3385 | (supplementary-groups '("wheel" ;allow use of sudo, etc. |
3386 | "audio" ;sound card | |
3387 | "video" ;video devices such as webcams | |
3388 | "cdrom")) ;the good ol' CD-ROM | |
cf4a9129 LC |
3389 | (comment "Bob's sister") |
3390 | (home-directory "/home/alice")) | |
3391 | @end example | |
25083588 | 3392 | |
cf4a9129 LC |
3393 | @deftp {Data Type} user-account |
3394 | Objects of this type represent user accounts. The following members may | |
3395 | be specified: | |
ee85f3db | 3396 | |
cf4a9129 LC |
3397 | @table @asis |
3398 | @item @code{name} | |
3399 | The name of the user account. | |
ee85f3db | 3400 | |
cf4a9129 LC |
3401 | @item @code{group} |
3402 | This is the name (a string) or identifier (a number) of the user group | |
3403 | this account belongs to. | |
ee85f3db | 3404 | |
cf4a9129 LC |
3405 | @item @code{supplementary-groups} (default: @code{'()}) |
3406 | Optionally, this can be defined as a list of group names that this | |
3407 | account belongs to. | |
ee85f3db | 3408 | |
cf4a9129 LC |
3409 | @item @code{uid} (default: @code{#f}) |
3410 | This is the user ID for this account (a number), or @code{#f}. In the | |
3411 | latter case, a number is automatically chosen by the system when the | |
3412 | account is created. | |
ee85f3db | 3413 | |
cf4a9129 LC |
3414 | @item @code{comment} (default: @code{""}) |
3415 | A comment about the account, such as the account's owner full name. | |
c8c871d1 | 3416 | |
cf4a9129 LC |
3417 | @item @code{home-directory} |
3418 | This is the name of the home directory for the account. | |
ee85f3db | 3419 | |
cf4a9129 LC |
3420 | @item @code{shell} (default: Bash) |
3421 | This is a G-expression denoting the file name of a program to be used as | |
3422 | the shell (@pxref{G-Expressions}). | |
ee85f3db | 3423 | |
cf4a9129 LC |
3424 | @item @code{system?} (default: @code{#f}) |
3425 | This Boolean value indicates whether the account is a ``system'' | |
3426 | account. System accounts are sometimes treated specially; for instance, | |
3427 | graphical login managers do not list them. | |
ee85f3db | 3428 | |
cf4a9129 LC |
3429 | @item @code{password} (default: @code{#f}) |
3430 | Unless @code{#f}, this is the password to be used for the account. | |
c8c871d1 | 3431 | |
cf4a9129 LC |
3432 | @end table |
3433 | @end deftp | |
ee85f3db | 3434 | |
cf4a9129 | 3435 | User group declarations are even simpler: |
ee85f3db | 3436 | |
cf4a9129 LC |
3437 | @example |
3438 | (user-group (name "students")) | |
3439 | @end example | |
ee85f3db | 3440 | |
cf4a9129 LC |
3441 | @deftp {Data Type} user-group |
3442 | This type is for, well, user groups. There are just a few fields: | |
af8a56b8 | 3443 | |
cf4a9129 LC |
3444 | @table @asis |
3445 | @item @code{name} | |
3446 | The group's name. | |
ee85f3db | 3447 | |
cf4a9129 LC |
3448 | @item @code{id} (default: @code{#f}) |
3449 | The group identifier (a number). If @code{#f}, a new number is | |
3450 | automatically allocated when the group is created. | |
ee85f3db | 3451 | |
c8fa3426 LC |
3452 | @item @code{system?} (default: @code{#f}) |
3453 | This Boolean value indicates whether the group is a ``system'' group. | |
3454 | System groups have low numerical IDs. | |
3455 | ||
cf4a9129 LC |
3456 | @item @code{password} (default: @code{#f}) |
3457 | What, user groups can have a password? Well, apparently yes. Unless | |
3458 | @code{#f}, this field specifies the group's password. | |
ee85f3db | 3459 | |
cf4a9129 LC |
3460 | @end table |
3461 | @end deftp | |
401c53c4 | 3462 | |
cf4a9129 LC |
3463 | For convenience, a variable lists all the basic user groups one may |
3464 | expect: | |
401c53c4 | 3465 | |
cf4a9129 LC |
3466 | @defvr {Scheme Variable} %base-groups |
3467 | This is the list of basic user groups that users and/or packages expect | |
3468 | to be present on the system. This includes groups such as ``root'', | |
3469 | ``wheel'', and ``users'', as well as groups used to control access to | |
3470 | specific devices such as ``audio'', ``disk'', and ``cdrom''. | |
3471 | @end defvr | |
401c53c4 | 3472 | |
401c53c4 | 3473 | |
cf4a9129 LC |
3474 | @node Services |
3475 | @subsection Services | |
401c53c4 | 3476 | |
cf4a9129 LC |
3477 | @cindex system services |
3478 | An important part of preparing an @code{operating-system} declaration is | |
3479 | listing @dfn{system services} and their configuration (@pxref{Using the | |
3480 | Configuration System}). System services are typically daemons launched | |
3481 | when the system boots, or other actions needed at that time---e.g., | |
3482 | configuring network access. They are managed by GNU@tie{}dmd | |
3483 | (@pxref{Introduction,,, dmd, GNU dmd Manual}). | |
401c53c4 | 3484 | |
cf4a9129 LC |
3485 | The following sections document the available services, starting with |
3486 | the core services. | |
401c53c4 | 3487 | |
cf4a9129 LC |
3488 | @menu |
3489 | * Base Services:: Essential system services. | |
3490 | * Networking Services:: Network setup, SSH daemon, etc. | |
3491 | * X Window:: Graphical display. | |
3492 | @end menu | |
401c53c4 | 3493 | |
cf4a9129 LC |
3494 | @node Base Services |
3495 | @subsubsection Base Services | |
a1ba8475 | 3496 | |
cf4a9129 LC |
3497 | The @code{(gnu services base)} module provides definitions for the basic |
3498 | services that one expects from the system. The services exported by | |
3499 | this module are listed below. | |
401c53c4 | 3500 | |
cf4a9129 LC |
3501 | @defvr {Scheme Variable} %base-services |
3502 | This variable contains a list of basic services@footnote{Technically, | |
3503 | this is a list of monadic services. @xref{The Store Monad}.} one would | |
3504 | expect from the system: a login service (mingetty) on each tty, syslogd, | |
3505 | libc's name service cache daemon (nscd), the udev device manager, and | |
3506 | more. | |
401c53c4 | 3507 | |
cf4a9129 LC |
3508 | This is the default value of the @code{services} field of |
3509 | @code{operating-system} declarations. Usually, when customizing a | |
3510 | system, you will want to append services to @var{%base-services}, like | |
3511 | this: | |
401c53c4 | 3512 | |
cf4a9129 LC |
3513 | @example |
3514 | (cons* (avahi-service) (lshd-service) %base-services) | |
3515 | @end example | |
3516 | @end defvr | |
401c53c4 | 3517 | |
cf4a9129 LC |
3518 | @deffn {Monadic Procedure} host-name-service @var{name} |
3519 | Return a service that sets the host name to @var{name}. | |
3520 | @end deffn | |
401c53c4 | 3521 | |
cf4a9129 LC |
3522 | @deffn {Monadic Procedure} mingetty-service @var{tty} [#:motd] @ |
3523 | [#:auto-login #f] [#:login-program] [#:login-pause? #f] @ | |
3524 | [#:allow-empty-passwords? #f] | |
3525 | Return a service to run mingetty on @var{tty}. | |
401c53c4 | 3526 | |
cf4a9129 LC |
3527 | When @var{allow-empty-passwords?} is true, allow empty log-in password. When |
3528 | @var{auto-login} is true, it must be a user name under which to log-in | |
3529 | automatically. @var{login-pause?} can be set to @code{#t} in conjunction with | |
3530 | @var{auto-login}, in which case the user will have to press a key before the | |
3531 | login shell is launched. | |
401c53c4 | 3532 | |
cf4a9129 LC |
3533 | When true, @var{login-program} is a gexp or a monadic gexp denoting the name |
3534 | of the log-in program (the default is the @code{login} program from the Shadow | |
3535 | tool suite.) | |
401c53c4 | 3536 | |
cf4a9129 LC |
3537 | @var{motd} is a monadic value containing a text file to use as |
3538 | the ``message of the day''. | |
3539 | @end deffn | |
401c53c4 | 3540 | |
cf4a9129 LC |
3541 | @deffn {Monadic Procedure} nscd-service [#:glibc glibc] |
3542 | Return a service that runs libc's name service cache daemon (nscd). | |
3543 | @end deffn | |
401c53c4 | 3544 | |
cf4a9129 LC |
3545 | @deffn {Monadic Procedure} syslog-service |
3546 | Return a service that runs @code{syslogd} with reasonable default | |
3547 | settings. | |
3548 | @end deffn | |
401c53c4 | 3549 | |
cf4a9129 LC |
3550 | @deffn {Monadic Procedure} guix-service [#:guix guix] @ |
3551 | [#:builder-group "guixbuild"] [#:build-accounts 10] @ | |
3552 | [#:authorize-hydra-key? #f] [#:use-substitutes? #t] @ | |
3553 | [#:extra-options '()] | |
3554 | Return a service that runs the build daemon from @var{guix}, and has | |
3555 | @var{build-accounts} user accounts available under @var{builder-group}. | |
401c53c4 | 3556 | |
cf4a9129 LC |
3557 | When @var{authorize-hydra-key?} is true, the @code{hydra.gnu.org} public key |
3558 | provided by @var{guix} is authorized upon activation, meaning that substitutes | |
3559 | from @code{hydra.gnu.org} are used by default. | |
401c53c4 | 3560 | |
cf4a9129 LC |
3561 | If @var{use-substitutes?} is false, the daemon is run with |
3562 | @option{--no-substitutes} (@pxref{Invoking guix-daemon, | |
3563 | @option{--no-substitutes}}). | |
401c53c4 | 3564 | |
cf4a9129 LC |
3565 | Finally, @var{extra-options} is a list of additional command-line options |
3566 | passed to @command{guix-daemon}. | |
3567 | @end deffn | |
a1ba8475 | 3568 | |
cf4a9129 LC |
3569 | @deffn {Monadic Procedure} udev-service [#:udev udev] |
3570 | Run @var{udev}, which populates the @file{/dev} directory dynamically. | |
3571 | @end deffn | |
401c53c4 | 3572 | |
a69576ea | 3573 | |
cf4a9129 LC |
3574 | @node Networking Services |
3575 | @subsubsection Networking Services | |
401c53c4 | 3576 | |
cf4a9129 LC |
3577 | The @code{(gnu system networking)} module provides services to configure |
3578 | the network interface. | |
a1ba8475 | 3579 | |
a023cca8 LC |
3580 | @cindex DHCP, networking service |
3581 | @deffn {Monadic Procedure} dhcp-client-service [#:dhcp @var{isc-dhcp}] | |
3582 | Return a service that runs @var{dhcp}, a Dynamic Host Configuration | |
3583 | Protocol (DHCP) client, on all the non-loopback network interfaces. | |
3584 | @end deffn | |
3585 | ||
cf4a9129 LC |
3586 | @deffn {Monadic Procedure} static-networking-service @var{interface} @var{ip} @ |
3587 | [#:gateway #f] [#:name-services @code{'()}] | |
3588 | Return a service that starts @var{interface} with address @var{ip}. If | |
3589 | @var{gateway} is true, it must be a string specifying the default network | |
3590 | gateway. | |
3591 | @end deffn | |
8b315a6d | 3592 | |
cf4a9129 LC |
3593 | @deffn {Monadic Procedure} tor-service [#:tor tor] |
3594 | Return a service to run the @uref{https://torproject.org,Tor} daemon. | |
8b315a6d | 3595 | |
cf4a9129 LC |
3596 | The daemon runs with the default settings (in particular the default exit |
3597 | policy) as the @code{tor} unprivileged user. | |
3598 | @end deffn | |
8b315a6d | 3599 | |
4627a464 LC |
3600 | @deffn {Monadic Procedure} bitlbee-service [#:bitlbee bitlbee] @ |
3601 | [#:interface "127.0.0.1"] [#:port 6667] @ | |
3602 | [#:extra-settings ""] | |
3603 | Return a service that runs @url{http://bitlbee.org,BitlBee}, a daemon that | |
3604 | acts as a gateway between IRC and chat networks. | |
3605 | ||
3606 | The daemon will listen to the interface corresponding to the IP address | |
3607 | specified in @var{interface}, on @var{port}. @code{127.0.0.1} means that only | |
3608 | local clients can connect, whereas @code{0.0.0.0} means that connections can | |
3609 | come from any networking interface. | |
3610 | ||
3611 | In addition, @var{extra-settings} specifies a string to append to the | |
3612 | configuration file. | |
3613 | @end deffn | |
3614 | ||
3615 | Furthermore, @code{(gnu system ssh)} provides the following service. | |
8b315a6d | 3616 | |
cf4a9129 LC |
3617 | @deffn {Monadic Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @ |
3618 | [#:interfaces '()] [#:port-number 22] @ | |
3619 | [#:allow-empty-passwords? #f] [#:root-login? #f] @ | |
3620 | [#:syslog-output? #t] [#:x11-forwarding? #t] @ | |
3621 | [#:tcp/ip-forwarding? #t] [#:password-authentication? #t] @ | |
3622 | [public-key-authentication? #t] [#:initialize? #f] | |
3623 | Run the @command{lshd} program from @var{lsh} to listen on port @var{port-number}. | |
3624 | @var{host-key} must designate a file containing the host key, and readable | |
3625 | only by root. | |
72e25e35 | 3626 | |
cf4a9129 LC |
3627 | When @var{initialize?} is true, automatically create the seed and host key |
3628 | upon service activation if they do not exist yet. This may take long and | |
3629 | require interaction. | |
8b315a6d | 3630 | |
cf4a9129 LC |
3631 | When @var{interfaces} is empty, lshd listens for connections on all the |
3632 | network interfaces; otherwise, @var{interfaces} must be a list of host names | |
3633 | or addresses. | |
9bf3c1a7 | 3634 | |
cf4a9129 LC |
3635 | @var{allow-empty-passwords?} specifies whether to accepts log-ins with empty |
3636 | passwords, and @var{root-login?} specifies whether to accepts log-ins as | |
3637 | root. | |
4af2447e | 3638 | |
cf4a9129 LC |
3639 | The other options should be self-descriptive. |
3640 | @end deffn | |
4af2447e | 3641 | |
fa0c1d61 LC |
3642 | @defvr {Scheme Variable} %facebook-host-aliases |
3643 | This variable contains a string for use in @file{/etc/hosts} | |
3644 | (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each | |
3645 | line contains a entry that maps a known server name of the Facebook | |
3646 | on-line service---e.g., @code{www.facebook.com}---to the local | |
3647 | host---@code{127.0.0.1} or its IPv6 equivalent, @code{::1}. | |
3648 | ||
3649 | This variable is typically used in the @code{hosts-file} field of an | |
3650 | @code{operating-system} declaration (@pxref{Using the Configuration | |
3651 | System}): | |
3652 | ||
3653 | @example | |
3654 | (use-modules (gnu) (guix)) | |
3655 | ||
3656 | (operating-system | |
3657 | (host-name "mymachine") | |
3658 | ;; ... | |
3659 | (hosts-file | |
3660 | ;; Create a /etc/hosts file with aliases for "localhost" | |
3661 | ;; and "mymachine", as well as for Facebook servers. | |
3662 | (text-file "hosts" | |
3663 | (string-append (local-host-aliases host-name) | |
3664 | %facebook-host-aliases)))) | |
3665 | @end example | |
3666 | ||
3667 | This mechanism can prevent programs running locally, such as Web | |
3668 | browsers, from accessing Facebook. | |
3669 | @end defvr | |
3670 | ||
cf4a9129 LC |
3671 | @node X Window |
3672 | @subsubsection X Window | |
68ad877c | 3673 | |
cf4a9129 LC |
3674 | Support for the X Window graphical display system---specifically |
3675 | Xorg---is provided by the @code{(gnu services xorg)} module. Note that | |
3676 | there is no @code{xorg-service} procedure. Instead, the X server is | |
3677 | started by the @dfn{login manager}, currently SLiM. | |
4af2447e | 3678 | |
cf4a9129 LC |
3679 | @deffn {Monadic Procedure} slim-service [#:allow-empty-passwords? #f] @ |
3680 | [#:auto-login? #f] [#:default-user ""] [#:startx] | |
3681 | Return a service that spawns the SLiM graphical login manager, which in | |
3682 | turn starts the X display server with @var{startx}, a command as returned by | |
3683 | @code{xorg-start-command}. | |
4af2447e | 3684 | |
cf4a9129 LC |
3685 | When @var{allow-empty-passwords?} is true, allow logins with an empty |
3686 | password. When @var{auto-login?} is true, log in automatically as | |
3687 | @var{default-user}. | |
3688 | @end deffn | |
4af2447e | 3689 | |
4af2447e | 3690 | |
0ae8c15a LC |
3691 | @node Setuid Programs |
3692 | @subsection Setuid Programs | |
3693 | ||
3694 | @cindex setuid programs | |
3695 | Some programs need to run with ``root'' privileges, even when they are | |
3696 | launched by unprivileged users. A notorious example is the | |
3697 | @command{passwd} programs, which can users can run to change their | |
3698 | password, and which requires write access to the @file{/etc/passwd} and | |
3699 | @file{/etc/shadow} files---something normally restricted to root, for | |
3700 | obvious security reasons. To address that, these executables are | |
3701 | @dfn{setuid-root}, meaning that they always run with root privileges | |
3702 | (@pxref{How Change Persona,,, libc, The GNU C Library Reference Manual}, | |
3703 | for more info about the setuid mechanisms.) | |
3704 | ||
3705 | The store itself @emph{cannot} contain setuid programs: that would be a | |
3706 | security issue since any user on the system can write derivations that | |
3707 | populate the store (@pxref{The Store}). Thus, a different mechanism is | |
3708 | used: instead of changing the setuid bit directly on files that are in | |
3709 | the store, we let the system administrator @emph{declare} which programs | |
3710 | should be setuid root. | |
3711 | ||
3712 | The @code{setuid-programs} field of an @code{operating-system} | |
3713 | declaration contains a list of G-expressions denoting the names of | |
3714 | programs to be setuid-root (@pxref{Using the Configuration System}). | |
3715 | For instance, the @command{passwd} program, which is part of the Shadow | |
3716 | package, can be designated by this G-expression (@pxref{G-Expressions}): | |
3717 | ||
3718 | @example | |
3719 | #~(string-append #$shadow "/bin/passwd") | |
3720 | @end example | |
3721 | ||
3722 | A default set of setuid programs is defined by the | |
3723 | @code{%setuid-programs} variable of the @code{(gnu system)} module. | |
3724 | ||
3725 | @defvr {Scheme Variable} %setuid-programs | |
3726 | A list of G-expressions denoting common programs that are setuid-root. | |
3727 | ||
3728 | The list includes commands such as @command{passwd}, @command{ping}, | |
3729 | @command{su}, and @command{sudo}. | |
3730 | @end defvr | |
3731 | ||
3732 | Under the hood, the actual setuid programs are created in the | |
3733 | @file{/run/setuid-programs} directory at system activation time. The | |
3734 | files in this directory refer to the ``real'' binaries, which are in the | |
3735 | store. | |
3736 | ||
3737 | ||
fd1b1fa2 LC |
3738 | @node Initial RAM Disk |
3739 | @subsection Initial RAM Disk | |
3740 | ||
3741 | @cindex initial RAM disk (initrd) | |
3742 | @cindex initrd (initial RAM disk) | |
3743 | For bootstrapping purposes, the Linux-Libre kernel is passed an | |
3744 | @dfn{initial RAM disk}, or @dfn{initrd}. An initrd contains a temporary | |
3745 | root file system, as well as an initialization script. The latter is | |
3746 | responsible for mounting the real root file system, and for loading any | |
3747 | kernel modules that may be needed to achieve that. | |
3748 | ||
3749 | The @code{initrd} field of an @code{operating-system} declaration allows | |
3750 | you to specify which initrd you would like to use. The @code{(gnu | |
3751 | system linux-initrd)} module provides two ways to build an initrd: the | |
3752 | high-level @code{base-initrd} procedure, and the low-level | |
3753 | @code{expression->initrd} procedure. | |
3754 | ||
3755 | The @code{base-initrd} procedure is intended to cover most common uses. | |
3756 | For example, if you want to add a bunch of kernel modules to be loaded | |
3757 | at boot time, you can define the @code{initrd} field of the operating | |
3758 | system declaration like this: | |
3759 | ||
3760 | @example | |
52ac153e LC |
3761 | (initrd (lambda (file-systems . rest) |
3762 | (apply base-initrd file-systems | |
3763 | #:extra-modules '("my.ko" "modules.ko") | |
3764 | rest))) | |
fd1b1fa2 LC |
3765 | @end example |
3766 | ||
52ac153e LC |
3767 | The @code{base-initrd} procedure also handles common use cases that |
3768 | involves using the system as a QEMU guest, or as a ``live'' system whose | |
3769 | root file system is volatile. | |
fd1b1fa2 LC |
3770 | |
3771 | @deffn {Monadic Procedure} base-initrd @var{file-systems} @ | |
3772 | [#:qemu-networking? #f] [#:virtio? #f] [#:volatile-root? #f] @ | |
52ac153e | 3773 | [#:extra-modules '()] [#:mapped-devices '()] |
fd1b1fa2 LC |
3774 | Return a monadic derivation that builds a generic initrd. @var{file-systems} is |
3775 | a list of file-systems to be mounted by the initrd, possibly in addition to | |
3776 | the root file system specified on the kernel command line via @code{--root}. | |
52ac153e LC |
3777 | @var{mapped-devices} is a list of device mappings to realize before |
3778 | @var{file-systems} are mounted (@pxref{Mapped Devices}). | |
fd1b1fa2 LC |
3779 | |
3780 | When @var{qemu-networking?} is true, set up networking with the standard QEMU | |
3781 | parameters. When @var{virtio?} is true, load additional modules so the initrd can | |
3782 | be used as a QEMU guest with para-virtualized I/O drivers. | |
3783 | ||
3784 | When @var{volatile-root?} is true, the root file system is writable but any changes | |
3785 | to it are lost. | |
3786 | ||
3787 | The initrd is automatically populated with all the kernel modules necessary | |
3788 | for @var{file-systems} and for the given options. However, additional kernel | |
3789 | modules can be listed in @var{extra-modules}. They will be added to the initrd, and | |
3790 | loaded at boot time in the order in which they appear. | |
3791 | @end deffn | |
3792 | ||
3793 | Needless to say, the initrds we produce and use embed a | |
3794 | statically-linked Guile, and the initialization program is a Guile | |
3795 | program. That gives a lot of flexibility. The | |
3796 | @code{expression->initrd} procedure builds such an initrd, given the | |
3797 | program to run in that initrd. | |
3798 | ||
3799 | @deffn {Monadic Procedure} expression->initrd @var{exp} @ | |
3800 | [#:guile %guile-static-stripped] [#:name "guile-initrd"] @ | |
42d10464 | 3801 | [#:modules '()] |
fd1b1fa2 LC |
3802 | Return a derivation that builds a Linux initrd (a gzipped cpio archive) |
3803 | containing @var{guile} and that evaluates @var{exp}, a G-expression, | |
df650fa8 LC |
3804 | upon booting. All the derivations referenced by @var{exp} are |
3805 | automatically copied to the initrd. | |
fd1b1fa2 | 3806 | |
42d10464 LC |
3807 | @var{modules} is a list of Guile module names to be embedded in the |
3808 | initrd. | |
fd1b1fa2 LC |
3809 | @end deffn |
3810 | ||
cf4a9129 LC |
3811 | @node Invoking guix system |
3812 | @subsection Invoking @code{guix system} | |
0918e64a | 3813 | |
cf4a9129 LC |
3814 | Once you have written an operating system declaration, as seen in the |
3815 | previous section, it can be @dfn{instantiated} using the @command{guix | |
3816 | system} command. The synopsis is: | |
4af2447e | 3817 | |
cf4a9129 LC |
3818 | @example |
3819 | guix system @var{options}@dots{} @var{action} @var{file} | |
3820 | @end example | |
4af2447e | 3821 | |
cf4a9129 LC |
3822 | @var{file} must be the name of a file containing an |
3823 | @code{operating-system} declaration. @var{action} specifies how the | |
3824 | operating system is instantiate. Currently the following values are | |
3825 | supported: | |
4af2447e | 3826 | |
cf4a9129 LC |
3827 | @table @code |
3828 | @item reconfigure | |
3829 | Build the operating system described in @var{file}, activate it, and | |
3830 | switch to it@footnote{This action is usable only on systems already | |
3831 | running GNU.}. | |
4af2447e | 3832 | |
cf4a9129 LC |
3833 | This effects all the configuration specified in @var{file}: user |
3834 | accounts, system services, global package list, setuid programs, etc. | |
4af2447e | 3835 | |
cf4a9129 LC |
3836 | It also adds a GRUB menu entry for the new OS configuration, and moves |
3837 | entries for older configurations to a submenu---unless | |
3838 | @option{--no-grub} is passed. | |
4af2447e | 3839 | |
cf4a9129 LC |
3840 | @item build |
3841 | Build the operating system's derivation, which includes all the | |
3842 | configuration files and programs needed to boot and run the system. | |
3843 | This action does not actually install anything. | |
113daf62 | 3844 | |
cf4a9129 LC |
3845 | @item init |
3846 | Populate the given directory with all the files necessary to run the | |
3847 | operating system specified in @var{file}. This is useful for first-time | |
3848 | installations of the GNU system. For instance: | |
113daf62 LC |
3849 | |
3850 | @example | |
cf4a9129 | 3851 | guix system init my-os-config.scm /mnt |
113daf62 LC |
3852 | @end example |
3853 | ||
cf4a9129 LC |
3854 | copies to @file{/mnt} all the store items required by the configuration |
3855 | specified in @file{my-os-config.scm}. This includes configuration | |
3856 | files, packages, and so on. It also creates other essential files | |
3857 | needed for the system to operate correctly---e.g., the @file{/etc}, | |
3858 | @file{/var}, and @file{/run} directories, and the @file{/bin/sh} file. | |
113daf62 | 3859 | |
cf4a9129 LC |
3860 | This command also installs GRUB on the device specified in |
3861 | @file{my-os-config}, unless the @option{--no-grub} option was passed. | |
113daf62 | 3862 | |
cf4a9129 LC |
3863 | @item vm |
3864 | @cindex virtual machine | |
3865 | Build a virtual machine that contain the operating system declared in | |
3866 | @var{file}, and return a script to run that virtual machine (VM). | |
113daf62 | 3867 | |
cf4a9129 | 3868 | The VM shares its store with the host system. |
113daf62 | 3869 | |
cf4a9129 LC |
3870 | @item vm-image |
3871 | @itemx disk-image | |
3872 | Return a virtual machine or disk image of the operating system declared | |
3873 | in @var{file} that stands alone. Use the @option{--image-size} option | |
3874 | to specify the size of the image. | |
113daf62 | 3875 | |
cf4a9129 LC |
3876 | When using @code{vm-image}, the returned image is in qcow2 format, which |
3877 | the QEMU emulator can efficiently use. | |
113daf62 | 3878 | |
cf4a9129 LC |
3879 | When using @code{disk-image}, a raw disk image is produced; it can be |
3880 | copied as is to a USB stick, for instance. Assuming @code{/dev/sdc} is | |
3881 | the device corresponding to a USB stick, one can copy the image on it | |
3882 | using the following command: | |
113daf62 | 3883 | |
cf4a9129 LC |
3884 | @example |
3885 | # dd if=$(guix system disk-image my-os.scm) of=/dev/sdc | |
3886 | @end example | |
113daf62 | 3887 | |
cf4a9129 | 3888 | @end table |
113daf62 | 3889 | |
cf4a9129 LC |
3890 | @var{options} can contain any of the common build options provided by |
3891 | @command{guix build} (@pxref{Invoking guix build}). In addition, | |
3892 | @var{options} can contain one of the following: | |
113daf62 | 3893 | |
cf4a9129 LC |
3894 | @table @option |
3895 | @item --system=@var{system} | |
3896 | @itemx -s @var{system} | |
3897 | Attempt to build for @var{system} instead of the host's system type. | |
3898 | This works as per @command{guix build} (@pxref{Invoking guix build}). | |
113daf62 | 3899 | |
cf4a9129 LC |
3900 | @item --image-size=@var{size} |
3901 | For the @code{vm-image} and @code{disk-image} actions, create an image | |
3902 | of the given @var{size}. @var{size} may be a number of bytes, or it may | |
4a44d7bb LC |
3903 | include a unit as a suffix (@pxref{Block size, size specifications,, |
3904 | coreutils, GNU Coreutils}). | |
113daf62 | 3905 | @end table |
113daf62 | 3906 | |
cf4a9129 LC |
3907 | Note that all the actions above, except @code{build} and @code{init}, |
3908 | rely on KVM support in the Linux-Libre kernel. Specifically, the | |
3909 | machine should have hardware virtualization support, the corresponding | |
3910 | KVM kernel module should be loaded, and the @file{/dev/kvm} device node | |
3911 | must exist and be readable and writable by the user and by the daemon's | |
3912 | build users. | |
8451a568 | 3913 | |
cf4a9129 LC |
3914 | @node Defining Services |
3915 | @subsection Defining Services | |
8451a568 | 3916 | |
cf4a9129 LC |
3917 | The @code{(gnu services @dots{})} modules define several procedures that allow |
3918 | users to declare the operating system's services (@pxref{Using the | |
3919 | Configuration System}). These procedures are @emph{monadic | |
3920 | procedures}---i.e., procedures that return a monadic value in the store | |
3921 | monad (@pxref{The Store Monad}). For examples of such procedures, | |
3922 | @xref{Services}. | |
8451a568 | 3923 | |
cf4a9129 LC |
3924 | @cindex service definition |
3925 | The monadic value returned by those procedures is a @dfn{service | |
3926 | definition}---a structure as returned by the @code{service} form. | |
3927 | Service definitions specifies the inputs the service depends on, and an | |
3928 | expression to start and stop the service. Behind the scenes, service | |
3929 | definitions are ``translated'' into the form suitable for the | |
3930 | configuration file of dmd, the init system (@pxref{Services,,, dmd, GNU | |
3931 | dmd Manual}). | |
8451a568 | 3932 | |
cf4a9129 LC |
3933 | As an example, here is what the @code{nscd-service} procedure looks |
3934 | like: | |
8451a568 | 3935 | |
cf4a9129 LC |
3936 | @lisp |
3937 | (define (nscd-service) | |
3938 | (with-monad %store-monad | |
3939 | (return (service | |
3940 | (documentation "Run libc's name service cache daemon.") | |
3941 | (provision '(nscd)) | |
3942 | (activate #~(begin | |
3943 | (use-modules (guix build utils)) | |
3944 | (mkdir-p "/var/run/nscd"))) | |
3945 | (start #~(make-forkexec-constructor | |
3946 | (string-append #$glibc "/sbin/nscd") | |
3947 | "-f" "/dev/null" "--foreground")) | |
3948 | (stop #~(make-kill-destructor)) | |
3949 | (respawn? #f))))) | |
3950 | @end lisp | |
8451a568 | 3951 | |
cf4a9129 LC |
3952 | @noindent |
3953 | The @code{activate}, @code{start}, and @code{stop} fields are G-expressions | |
3954 | (@pxref{G-Expressions}). The @code{activate} field contains a script to | |
3955 | run at ``activation'' time; it makes sure that the @file{/var/run/nscd} | |
3956 | directory exists before @command{nscd} is started. | |
8451a568 | 3957 | |
cf4a9129 LC |
3958 | The @code{start} and @code{stop} fields refer to dmd's facilities to |
3959 | start and stop processes (@pxref{Service De- and Constructors,,, dmd, | |
3960 | GNU dmd Manual}). The @code{provision} field specifies the name under | |
3961 | which this service is known to dmd, and @code{documentation} specifies | |
3962 | on-line documentation. Thus, the commands @command{deco start ncsd}, | |
3963 | @command{deco stop nscd}, and @command{deco doc nscd} will do what you | |
3964 | would expect (@pxref{Invoking deco,,, dmd, GNU dmd Manual}). | |
8451a568 | 3965 | |
8451a568 | 3966 | |
cf4a9129 LC |
3967 | @node Installing Debugging Files |
3968 | @section Installing Debugging Files | |
8451a568 | 3969 | |
cf4a9129 LC |
3970 | @cindex debugging files |
3971 | Program binaries, as produced by the GCC compilers for instance, are | |
3972 | typically written in the ELF format, with a section containing | |
3973 | @dfn{debugging information}. Debugging information is what allows the | |
3974 | debugger, GDB, to map binary code to source code; it is required to | |
3975 | debug a compiled program in good conditions. | |
8451a568 | 3976 | |
cf4a9129 LC |
3977 | The problem with debugging information is that is takes up a fair amount |
3978 | of disk space. For example, debugging information for the GNU C Library | |
3979 | weighs in at more than 60 MiB. Thus, as a user, keeping all the | |
3980 | debugging info of all the installed programs is usually not an option. | |
3981 | Yet, space savings should not come at the cost of an impediment to | |
3982 | debugging---especially in the GNU system, which should make it easier | |
3983 | for users to exert their computing freedom (@pxref{GNU Distribution}). | |
8451a568 | 3984 | |
cf4a9129 LC |
3985 | Thankfully, the GNU Binary Utilities (Binutils) and GDB provide a |
3986 | mechanism that allows users to get the best of both worlds: debugging | |
3987 | information can be stripped from the binaries and stored in separate | |
3988 | files. GDB is then able to load debugging information from those files, | |
3989 | when they are available (@pxref{Separate Debug Files,,, gdb, Debugging | |
3990 | with GDB}). | |
8451a568 | 3991 | |
cf4a9129 LC |
3992 | The GNU distribution takes advantage of this by storing debugging |
3993 | information in the @code{lib/debug} sub-directory of a separate package | |
3994 | output unimaginatively called @code{debug} (@pxref{Packages with | |
3995 | Multiple Outputs}). Users can choose to install the @code{debug} output | |
3996 | of a package when they need it. For instance, the following command | |
3997 | installs the debugging information for the GNU C Library and for GNU | |
3998 | Guile: | |
8451a568 LC |
3999 | |
4000 | @example | |
cf4a9129 | 4001 | guix package -i glibc:debug guile:debug |
8451a568 LC |
4002 | @end example |
4003 | ||
cf4a9129 LC |
4004 | GDB must then be told to look for debug files in the user's profile, by |
4005 | setting the @code{debug-file-directory} variable (consider setting it | |
4006 | from the @file{~/.gdbinit} file, @pxref{Startup,,, gdb, Debugging with | |
4007 | GDB}): | |
8451a568 | 4008 | |
cf4a9129 LC |
4009 | @example |
4010 | (gdb) set debug-file-directory ~/.guix-profile/lib/debug | |
4011 | @end example | |
8451a568 | 4012 | |
cf4a9129 LC |
4013 | From there on, GDB will pick up debugging information from the |
4014 | @code{.debug} files under @file{~/.guix-profile/lib/debug}. | |
8451a568 | 4015 | |
cf4a9129 LC |
4016 | In addition, you will most likely want GDB to be able to show the source |
4017 | code being debugged. To do that, you will have to unpack the source | |
4018 | code of the package of interest (obtained with @code{guix build | |
4019 | --source}, @pxref{Invoking guix build}), and to point GDB to that source | |
4020 | directory using the @code{directory} command (@pxref{Source Path, | |
4021 | @code{directory},, gdb, Debugging with GDB}). | |
8451a568 | 4022 | |
cf4a9129 LC |
4023 | @c XXX: keep me up-to-date |
4024 | The @code{debug} output mechanism in Guix is implemented by the | |
4025 | @code{gnu-build-system} (@pxref{Build Systems}). Currently, it is | |
4026 | opt-in---debugging information is available only for those packages | |
4027 | whose definition explicitly declares a @code{debug} output. This may be | |
4028 | changed to opt-out in the future, if our build farm servers can handle | |
4029 | the load. To check whether a package has a @code{debug} output, use | |
4030 | @command{guix package --list-available} (@pxref{Invoking guix package}). | |
8451a568 | 4031 | |
8451a568 | 4032 | |
cf4a9129 LC |
4033 | @node Package Modules |
4034 | @section Package Modules | |
8451a568 | 4035 | |
cf4a9129 LC |
4036 | From a programming viewpoint, the package definitions of the |
4037 | GNU distribution are provided by Guile modules in the @code{(gnu packages | |
4038 | @dots{})} name space@footnote{Note that packages under the @code{(gnu | |
4039 | packages @dots{})} module name space are not necessarily ``GNU | |
4040 | packages''. This module naming scheme follows the usual Guile module | |
4041 | naming convention: @code{gnu} means that these modules are distributed | |
4042 | as part of the GNU system, and @code{packages} identifies modules that | |
4043 | define packages.} (@pxref{Modules, Guile modules,, guile, GNU Guile | |
4044 | Reference Manual}). For instance, the @code{(gnu packages emacs)} | |
4045 | module exports a variable named @code{emacs}, which is bound to a | |
4046 | @code{<package>} object (@pxref{Defining Packages}). | |
113daf62 | 4047 | |
300868ba | 4048 | The @code{(gnu packages @dots{})} module name space is |
cf4a9129 LC |
4049 | automatically scanned for packages by the command-line tools. For |
4050 | instance, when running @code{guix package -i emacs}, all the @code{(gnu | |
4051 | packages @dots{})} modules are scanned until one that exports a package | |
4052 | object whose name is @code{emacs} is found. This package search | |
4053 | facility is implemented in the @code{(gnu packages)} module. | |
113daf62 | 4054 | |
300868ba | 4055 | @cindex customization, of packages |
8689901f | 4056 | @cindex package module search path |
cf4a9129 | 4057 | Users can store package definitions in modules with different |
300868ba LC |
4058 | names---e.g., @code{(my-packages emacs)}. These package definitions |
4059 | will not be visible by default. Thus, users can invoke commands such as | |
4060 | @command{guix package} and @command{guix build} have to be used with the | |
4061 | @code{-e} option so that they know where to find the package, or use the | |
4062 | @code{-L} option of these commands to make those modules visible | |
8689901f LC |
4063 | (@pxref{Invoking guix build, @code{--load-path}}), or define the |
4064 | @code{GUIX_PACKAGE_PATH} environment variable. This environment | |
4065 | variable makes it easy to extend or customize the distribution and is | |
4066 | honored by all the user interfaces. | |
4067 | ||
4068 | @defvr {Environment Variable} GUIX_PACKAGE_PATH | |
4069 | This is a colon-separated list of directories to search for package | |
4070 | modules. Directories listed in this variable take precedence over the | |
4071 | distribution's own modules. | |
4072 | @end defvr | |
ef5dd60a | 4073 | |
cf4a9129 LC |
4074 | The distribution is fully @dfn{bootstrapped} and @dfn{self-contained}: |
4075 | each package is built based solely on other packages in the | |
4076 | distribution. The root of this dependency graph is a small set of | |
4077 | @dfn{bootstrap binaries}, provided by the @code{(gnu packages | |
4078 | bootstrap)} module. For more information on bootstrapping, | |
4079 | @ref{Bootstrapping}. | |
ef5dd60a | 4080 | |
cf4a9129 LC |
4081 | @node Packaging Guidelines |
4082 | @section Packaging Guidelines | |
ef5dd60a | 4083 | |
cf4a9129 LC |
4084 | The GNU distribution is nascent and may well lack some of your favorite |
4085 | packages. This section describes how you can help make the distribution | |
4086 | grow. @xref{Contributing}, for additional information on how you can | |
4087 | help. | |
ef5dd60a | 4088 | |
cf4a9129 LC |
4089 | Free software packages are usually distributed in the form of |
4090 | @dfn{source code tarballs}---typically @file{tar.gz} files that contain | |
4091 | all the source files. Adding a package to the distribution means | |
4092 | essentially two things: adding a @dfn{recipe} that describes how to | |
4093 | build the package, including a list of other packages required to build | |
4094 | it, and adding @dfn{package meta-data} along with that recipe, such as a | |
4095 | description and licensing information. | |
ef5dd60a | 4096 | |
cf4a9129 LC |
4097 | In Guix all this information is embodied in @dfn{package definitions}. |
4098 | Package definitions provide a high-level view of the package. They are | |
4099 | written using the syntax of the Scheme programming language; in fact, | |
4100 | for each package we define a variable bound to the package definition, | |
4101 | and export that variable from a module (@pxref{Package Modules}). | |
4102 | However, in-depth Scheme knowledge is @emph{not} a prerequisite for | |
4103 | creating packages. For more information on package definitions, | |
4104 | @ref{Defining Packages}. | |
ef5dd60a | 4105 | |
cf4a9129 LC |
4106 | Once a package definition is in place, stored in a file in the Guix |
4107 | source tree, it can be tested using the @command{guix build} command | |
4108 | (@pxref{Invoking guix build}). For example, assuming the new package is | |
4109 | called @code{gnew}, you may run this command from the Guix build tree: | |
ef5dd60a LC |
4110 | |
4111 | @example | |
cf4a9129 | 4112 | ./pre-inst-env guix build gnew --keep-failed |
ef5dd60a | 4113 | @end example |
ef5dd60a | 4114 | |
cf4a9129 LC |
4115 | Using @code{--keep-failed} makes it easier to debug build failures since |
4116 | it provides access to the failed build tree. Another useful | |
4117 | command-line option when debugging is @code{--log-file}, to access the | |
4118 | build log. | |
ef5dd60a | 4119 | |
cf4a9129 LC |
4120 | If the package is unknown to the @command{guix} command, it may be that |
4121 | the source file contains a syntax error, or lacks a @code{define-public} | |
4122 | clause to export the package variable. To figure it out, you may load | |
4123 | the module from Guile to get more information about the actual error: | |
ef5dd60a | 4124 | |
cf4a9129 LC |
4125 | @example |
4126 | ./pre-inst-env guile -c '(use-modules (gnu packages gnew))' | |
4127 | @end example | |
ef5dd60a | 4128 | |
cf4a9129 LC |
4129 | Once your package builds correctly, please send us a patch |
4130 | (@pxref{Contributing}). Well, if you need help, we will be happy to | |
4131 | help you too. Once the patch is committed in the Guix repository, the | |
4132 | new package automatically gets built on the supported platforms by | |
4133 | @url{http://hydra.gnu.org/gnu/master, our continuous integration | |
4134 | system}. | |
ef5dd60a | 4135 | |
cf4a9129 LC |
4136 | @cindex substituter |
4137 | Users can obtain the new package definition simply by running | |
4138 | @command{guix pull} (@pxref{Invoking guix pull}). When | |
4139 | @code{hydra.gnu.org} is done building the package, installing the | |
4140 | package automatically downloads binaries from there | |
4141 | (@pxref{Substitutes}). The only place where human intervention is | |
4142 | needed is to review and apply the patch. | |
ef5dd60a | 4143 | |
ef5dd60a | 4144 | |
cf4a9129 LC |
4145 | @menu |
4146 | * Software Freedom:: What may go into the distribution. | |
4147 | * Package Naming:: What's in a name? | |
4148 | * Version Numbers:: When the name is not enough. | |
4149 | * Python Modules:: Taming the snake. | |
4150 | * Perl Modules:: Little pearls. | |
4151 | @end menu | |
ef5dd60a | 4152 | |
cf4a9129 LC |
4153 | @node Software Freedom |
4154 | @subsection Software Freedom | |
ef5dd60a | 4155 | |
cf4a9129 | 4156 | @c Adapted from http://www.gnu.org/philosophy/philosophy.html. |
c11a6eb1 | 4157 | |
cf4a9129 LC |
4158 | The GNU operating system has been developed so that users can have |
4159 | freedom in their computing. GNU is @dfn{free software}, meaning that | |
4160 | users have the @url{http://www.gnu.org/philosophy/free-sw.html,four | |
4161 | essential freedoms}: to run the program, to study and change the program | |
4162 | in source code form, to redistribute exact copies, and to distribute | |
4163 | modified versions. Packages found in the GNU distribution provide only | |
4164 | software that conveys these four freedoms. | |
c11a6eb1 | 4165 | |
cf4a9129 LC |
4166 | In addition, the GNU distribution follow the |
4167 | @url{http://www.gnu.org/distros/free-system-distribution-guidelines.html,free | |
4168 | software distribution guidelines}. Among other things, these guidelines | |
4169 | reject non-free firmware, recommendations of non-free software, and | |
4170 | discuss ways to deal with trademarks and patents. | |
ef5dd60a | 4171 | |
cf4a9129 LC |
4172 | Some packages contain a small and optional subset that violates the |
4173 | above guidelines, for instance because this subset is itself non-free | |
4174 | code. When that happens, the offending items are removed with | |
4175 | appropriate patches or code snippets in the package definition's | |
4176 | @code{origin} form (@pxref{Defining Packages}). That way, @code{guix | |
4177 | build --source} returns the ``freed'' source rather than the unmodified | |
4178 | upstream source. | |
ef5dd60a | 4179 | |
ef5dd60a | 4180 | |
cf4a9129 LC |
4181 | @node Package Naming |
4182 | @subsection Package Naming | |
ef5dd60a | 4183 | |
cf4a9129 LC |
4184 | A package has actually two names associated with it: |
4185 | First, there is the name of the @emph{Scheme variable}, the one following | |
4186 | @code{define-public}. By this name, the package can be made known in the | |
4187 | Scheme code, for instance as input to another package. Second, there is | |
4188 | the string in the @code{name} field of a package definition. This name | |
4189 | is used by package management commands such as | |
4190 | @command{guix package} and @command{guix build}. | |
ef5dd60a | 4191 | |
cf4a9129 LC |
4192 | Both are usually the same and correspond to the lowercase conversion of |
4193 | the project name chosen upstream, with underscores replaced with | |
4194 | hyphens. For instance, GNUnet is available as @code{gnunet}, and | |
4195 | SDL_net as @code{sdl-net}. | |
927097ef | 4196 | |
cf4a9129 LC |
4197 | We do not add @code{lib} prefixes for library packages, unless these are |
4198 | already part of the official project name. But see @pxref{Python | |
4199 | Modules} and @ref{Perl Modules} for special rules concerning modules for | |
4200 | the Python and Perl languages. | |
927097ef | 4201 | |
ef5dd60a | 4202 | |
cf4a9129 LC |
4203 | @node Version Numbers |
4204 | @subsection Version Numbers | |
ef5dd60a | 4205 | |
cf4a9129 LC |
4206 | We usually package only the latest version of a given free software |
4207 | project. But sometimes, for instance for incompatible library versions, | |
4208 | two (or more) versions of the same package are needed. These require | |
4209 | different Scheme variable names. We use the name as defined | |
4210 | in @ref{Package Naming} | |
4211 | for the most recent version; previous versions use the same name, suffixed | |
4212 | by @code{-} and the smallest prefix of the version number that may | |
4213 | distinguish the two versions. | |
ef5dd60a | 4214 | |
cf4a9129 LC |
4215 | The name inside the package definition is the same for all versions of a |
4216 | package and does not contain any version number. | |
ef5dd60a | 4217 | |
cf4a9129 | 4218 | For instance, the versions 2.24.20 and 3.9.12 of GTK+ may be packaged as follows: |
ef5dd60a | 4219 | |
cf4a9129 LC |
4220 | @example |
4221 | (define-public gtk+ | |
4222 | (package | |
4223 | (name "gtk+") | |
4224 | (version "3.9.12") | |
4225 | ...)) | |
4226 | (define-public gtk+-2 | |
4227 | (package | |
4228 | (name "gtk+") | |
4229 | (version "2.24.20") | |
4230 | ...)) | |
4231 | @end example | |
4232 | If we also wanted GTK+ 3.8.2, this would be packaged as | |
4233 | @example | |
4234 | (define-public gtk+-3.8 | |
4235 | (package | |
4236 | (name "gtk+") | |
4237 | (version "3.8.2") | |
4238 | ...)) | |
4239 | @end example | |
ef5dd60a | 4240 | |
ef5dd60a | 4241 | |
cf4a9129 LC |
4242 | @node Python Modules |
4243 | @subsection Python Modules | |
ef5dd60a | 4244 | |
cf4a9129 LC |
4245 | We currently package Python 2 and Python 3, under the Scheme variable names |
4246 | @code{python-2} and @code{python} as explained in @ref{Version Numbers}. | |
4247 | To avoid confusion and naming clashes with other programming languages, it | |
4248 | seems desirable that the name of a package for a Python module contains | |
4249 | the word @code{python}. | |
ef5dd60a | 4250 | |
cf4a9129 LC |
4251 | Some modules are compatible with only one version of Python, others with both. |
4252 | If the package Foo compiles only with Python 3, we name it | |
4253 | @code{python-foo}; if it compiles only with Python 2, we name it | |
4254 | @code{python2-foo}. If it is compatible with both versions, we create two | |
4255 | packages with the corresponding names. | |
ef5dd60a | 4256 | |
cf4a9129 LC |
4257 | If a project already contains the word @code{python}, we drop this; |
4258 | for instance, the module python-dateutil is packaged under the names | |
4259 | @code{python-dateutil} and @code{python2-dateutil}. | |
113daf62 | 4260 | |
523e4896 | 4261 | |
cf4a9129 LC |
4262 | @node Perl Modules |
4263 | @subsection Perl Modules | |
523e4896 | 4264 | |
cf4a9129 LC |
4265 | Perl programs standing for themselves are named as any other package, |
4266 | using the lowercase upstream name. | |
4267 | For Perl packages containing a single class, we use the lowercase class name, | |
4268 | replace all occurrences of @code{::} by dashes and prepend the prefix | |
4269 | @code{perl-}. | |
4270 | So the class @code{XML::Parser} becomes @code{perl-xml-parser}. | |
4271 | Modules containing several classes keep their lowercase upstream name and | |
4272 | are also prepended by @code{perl-}. Such modules tend to have the word | |
4273 | @code{perl} somewhere in their name, which gets dropped in favor of the | |
4274 | prefix. For instance, @code{libwww-perl} becomes @code{perl-libwww}. | |
523e4896 | 4275 | |
523e4896 | 4276 | |
b25937e3 | 4277 | |
cf4a9129 LC |
4278 | @node Bootstrapping |
4279 | @section Bootstrapping | |
b25937e3 | 4280 | |
cf4a9129 | 4281 | @c Adapted from the ELS 2013 paper. |
b25937e3 | 4282 | |
cf4a9129 | 4283 | @cindex bootstrapping |
7889394e | 4284 | |
cf4a9129 LC |
4285 | Bootstrapping in our context refers to how the distribution gets built |
4286 | ``from nothing''. Remember that the build environment of a derivation | |
4287 | contains nothing but its declared inputs (@pxref{Introduction}). So | |
4288 | there's an obvious chicken-and-egg problem: how does the first package | |
4289 | get built? How does the first compiler get compiled? Note that this is | |
4290 | a question of interest only to the curious hacker, not to the regular | |
4291 | user, so you can shamelessly skip this section if you consider yourself | |
4292 | a ``regular user''. | |
72b9d60d | 4293 | |
cf4a9129 LC |
4294 | @cindex bootstrap binaries |
4295 | The GNU system is primarily made of C code, with libc at its core. The | |
4296 | GNU build system itself assumes the availability of a Bourne shell and | |
4297 | command-line tools provided by GNU Coreutils, Awk, Findutils, `sed', and | |
4298 | `grep'. Furthermore, build programs---programs that run | |
4299 | @code{./configure}, @code{make}, etc.---are written in Guile Scheme | |
4300 | (@pxref{Derivations}). Consequently, to be able to build anything at | |
4301 | all, from scratch, Guix relies on pre-built binaries of Guile, GCC, | |
4302 | Binutils, libc, and the other packages mentioned above---the | |
4303 | @dfn{bootstrap binaries}. | |
72b9d60d | 4304 | |
cf4a9129 LC |
4305 | These bootstrap binaries are ``taken for granted'', though we can also |
4306 | re-create them if needed (more on that later). | |
72b9d60d | 4307 | |
cf4a9129 | 4308 | @unnumberedsubsec Preparing to Use the Bootstrap Binaries |
c79d54fe | 4309 | |
cf4a9129 LC |
4310 | @c As of Emacs 24.3, Info-mode displays the image, but since it's a |
4311 | @c large image, it's hard to scroll. Oh well. | |
4312 | @image{images/bootstrap-graph,6in,,Dependency graph of the early bootstrap derivations} | |
523e4896 | 4313 | |
cf4a9129 LC |
4314 | The figure above shows the very beginning of the dependency graph of the |
4315 | distribution, corresponding to the package definitions of the @code{(gnu | |
4316 | packages bootstrap)} module. At this level of detail, things are | |
4317 | slightly complex. First, Guile itself consists of an ELF executable, | |
4318 | along with many source and compiled Scheme files that are dynamically | |
4319 | loaded when it runs. This gets stored in the @file{guile-2.0.7.tar.xz} | |
4320 | tarball shown in this graph. This tarball is part of Guix's ``source'' | |
4321 | distribution, and gets inserted into the store with @code{add-to-store} | |
4322 | (@pxref{The Store}). | |
2e7b5cea | 4323 | |
cf4a9129 LC |
4324 | But how do we write a derivation that unpacks this tarball and adds it |
4325 | to the store? To solve this problem, the @code{guile-bootstrap-2.0.drv} | |
4326 | derivation---the first one that gets built---uses @code{bash} as its | |
4327 | builder, which runs @code{build-bootstrap-guile.sh}, which in turn calls | |
4328 | @code{tar} to unpack the tarball. Thus, @file{bash}, @file{tar}, | |
4329 | @file{xz}, and @file{mkdir} are statically-linked binaries, also part of | |
4330 | the Guix source distribution, whose sole purpose is to allow the Guile | |
4331 | tarball to be unpacked. | |
fb729425 | 4332 | |
cf4a9129 LC |
4333 | Once @code{guile-bootstrap-2.0.drv} is built, we have a functioning |
4334 | Guile that can be used to run subsequent build programs. Its first task | |
4335 | is to download tarballs containing the other pre-built binaries---this | |
4336 | is what the @code{.tar.xz.drv} derivations do. Guix modules such as | |
4337 | @code{ftp-client.scm} are used for this purpose. The | |
4338 | @code{module-import.drv} derivations import those modules in a directory | |
4339 | in the store, using the original layout. The | |
4340 | @code{module-import-compiled.drv} derivations compile those modules, and | |
4341 | write them in an output directory with the right layout. This | |
4342 | corresponds to the @code{#:modules} argument of | |
4343 | @code{build-expression->derivation} (@pxref{Derivations}). | |
fb729425 | 4344 | |
cf4a9129 LC |
4345 | Finally, the various tarballs are unpacked by the |
4346 | derivations @code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, | |
4347 | etc., at which point we have a working C tool chain. | |
fb729425 | 4348 | |
fb729425 | 4349 | |
cf4a9129 | 4350 | @unnumberedsubsec Building the Build Tools |
523e4896 | 4351 | |
cf4a9129 LC |
4352 | @c TODO: Add a package-level dependency graph generated from (gnu |
4353 | @c packages base). | |
df2ce343 | 4354 | |
cf4a9129 LC |
4355 | Bootstrapping is complete when we have a full tool chain that does not |
4356 | depend on the pre-built bootstrap tools discussed above. This | |
4357 | no-dependency requirement is verified by checking whether the files of | |
4358 | the final tool chain contain references to the @file{/gnu/store} | |
4359 | directories of the bootstrap inputs. The process that leads to this | |
4360 | ``final'' tool chain is described by the package definitions found in | |
4361 | the @code{(gnu packages base)} module. | |
df2ce343 | 4362 | |
cf4a9129 LC |
4363 | @c See <http://lists.gnu.org/archive/html/gnu-system-discuss/2012-10/msg00000.html>. |
4364 | The first tool that gets built with the bootstrap binaries is | |
4365 | GNU Make, which is a prerequisite for all the following packages. | |
4366 | From there Findutils and Diffutils get built. | |
523e4896 | 4367 | |
cf4a9129 LC |
4368 | Then come the first-stage Binutils and GCC, built as pseudo cross |
4369 | tools---i.e., with @code{--target} equal to @code{--host}. They are | |
4370 | used to build libc. Thanks to this cross-build trick, this libc is | |
4371 | guaranteed not to hold any reference to the initial tool chain. | |
4af2447e | 4372 | |
cf4a9129 LC |
4373 | From there the final Binutils and GCC are built. GCC uses @code{ld} |
4374 | from the final Binutils, and links programs against the just-built libc. | |
4375 | This tool chain is used to build the other packages used by Guix and by | |
4376 | the GNU Build System: Guile, Bash, Coreutils, etc. | |
4af2447e | 4377 | |
cf4a9129 LC |
4378 | And voilà! At this point we have the complete set of build tools that |
4379 | the GNU Build System expects. These are in the @code{%final-inputs} | |
dd164244 MW |
4380 | variable of the @code{(gnu packages commencement)} module, and are |
4381 | implicitly used by any package that uses @code{gnu-build-system} | |
4382 | (@pxref{Defining Packages}). | |
4af2447e | 4383 | |
4af2447e | 4384 | |
cf4a9129 | 4385 | @unnumberedsubsec Building the Bootstrap Binaries |
4af2447e | 4386 | |
cf4a9129 LC |
4387 | Because the final tool chain does not depend on the bootstrap binaries, |
4388 | those rarely need to be updated. Nevertheless, it is useful to have an | |
4389 | automated way to produce them, should an update occur, and this is what | |
4390 | the @code{(gnu packages make-bootstrap)} module provides. | |
4af2447e | 4391 | |
cf4a9129 LC |
4392 | The following command builds the tarballs containing the bootstrap |
4393 | binaries (Guile, Binutils, GCC, libc, and a tarball containing a mixture | |
4394 | of Coreutils and other basic command-line tools): | |
4b2615e1 | 4395 | |
cf4a9129 LC |
4396 | @example |
4397 | guix build bootstrap-tarballs | |
4398 | @end example | |
4399 | ||
4400 | The generated tarballs are those that should be referred to in the | |
4401 | @code{(gnu packages bootstrap)} module mentioned at the beginning of | |
4402 | this section. | |
4403 | ||
4404 | Still here? Then perhaps by now you've started to wonder: when do we | |
4405 | reach a fixed point? That is an interesting question! The answer is | |
4406 | unknown, but if you would like to investigate further (and have | |
4407 | significant computational and storage resources to do so), then let us | |
4408 | know. | |
4409 | ||
4410 | @node Porting | |
4411 | @section Porting to a New Platform | |
4412 | ||
4413 | As discussed above, the GNU distribution is self-contained, and | |
4414 | self-containment is achieved by relying on pre-built ``bootstrap | |
4415 | binaries'' (@pxref{Bootstrapping}). These binaries are specific to an | |
4416 | operating system kernel, CPU architecture, and application binary | |
4417 | interface (ABI). Thus, to port the distribution to a platform that is | |
4418 | not yet supported, one must build those bootstrap binaries, and update | |
4419 | the @code{(gnu packages bootstrap)} module to use them on that platform. | |
4420 | ||
4421 | Fortunately, Guix can @emph{cross compile} those bootstrap binaries. | |
4422 | When everything goes well, and assuming the GNU tool chain supports the | |
4423 | target platform, this can be as simple as running a command like this | |
4424 | one: | |
4425 | ||
4426 | @example | |
4427 | guix build --target=armv5tel-linux-gnueabi bootstrap-tarballs | |
4428 | @end example | |
4429 | ||
4430 | Once these are built, the @code{(gnu packages bootstrap)} module needs | |
4431 | to be updated to refer to these binaries on the target platform. In | |
4432 | addition, the @code{glibc-dynamic-linker} procedure in that module must | |
4433 | be augmented to return the right file name for libc's dynamic linker on | |
4434 | that platform; likewise, @code{system->linux-architecture} in @code{(gnu | |
4435 | packages linux)} must be taught about the new platform. | |
4436 | ||
4437 | In practice, there may be some complications. First, it may be that the | |
4438 | extended GNU triplet that specifies an ABI (like the @code{eabi} suffix | |
4439 | above) is not recognized by all the GNU tools. Typically, glibc | |
4440 | recognizes some of these, whereas GCC uses an extra @code{--with-abi} | |
4441 | configure flag (see @code{gcc.scm} for examples of how to handle this). | |
4442 | Second, some of the required packages could fail to build for that | |
4443 | platform. Lastly, the generated binaries could be broken for some | |
4444 | reason. | |
4af2447e LC |
4445 | |
4446 | ||
9bf3c1a7 LC |
4447 | @c ********************************************************************* |
4448 | @node Contributing | |
4449 | @chapter Contributing | |
4450 | ||
4451 | This project is a cooperative effort, and we need your help to make it | |
5ff3c4b8 PAR |
4452 | grow! Please get in touch with us on @email{guix-devel@@gnu.org} and |
4453 | @code{#guix} on the Freenode IRC network. We welcome ideas, bug | |
4454 | reports, patches, and anything that may be helpful to the project. We | |
4455 | particularly welcome help on packaging (@pxref{Packaging Guidelines}). | |
a1ba8475 | 4456 | |
9bf3c1a7 LC |
4457 | Please see the |
4458 | @url{http://git.savannah.gnu.org/cgit/guix.git/tree/HACKING, | |
4459 | @file{HACKING} file} that comes with the Guix source code for practical | |
4460 | details about contributions. | |
4461 | ||
c78bd12b | 4462 | |
568717fd LC |
4463 | @c ********************************************************************* |
4464 | @node Acknowledgments | |
4465 | @chapter Acknowledgments | |
4466 | ||
4467 | Guix is based on the Nix package manager, which was designed and | |
4468 | implemented by Eelco Dolstra. Nix pioneered functional package | |
4469 | management, and promoted unprecedented features, such as transactional | |
4470 | package upgrades and rollbacks, per-user profiles, and referentially | |
4471 | transparent build processes. Without this work, Guix would not exist. | |
4472 | ||
4473 | The Nix-based software distributions, Nixpkgs and NixOS, have also been | |
4474 | an inspiration for Guix. | |
4475 | ||
4476 | @c ********************************************************************* | |
4477 | @node GNU Free Documentation License | |
4478 | @appendix GNU Free Documentation License | |
4479 | ||
4480 | @include fdl-1.3.texi | |
4481 | ||
4482 | @c ********************************************************************* | |
4483 | @node Concept Index | |
4484 | @unnumbered Concept Index | |
4485 | @printindex cp | |
4486 | ||
a85b83d2 LC |
4487 | @node Programming Index |
4488 | @unnumbered Programming Index | |
4489 | @syncodeindex tp fn | |
4490 | @syncodeindex vr fn | |
568717fd LC |
4491 | @printindex fn |
4492 | ||
4493 | @bye | |
4494 | ||
4495 | @c Local Variables: | |
4496 | @c ispell-local-dictionary: "american"; | |
4497 | @c End: |