Commit | Line | Data |
---|---|---|
568717fd LC |
1 | \input texinfo |
2 | @c -*-texinfo-*- | |
3 | ||
4 | @c %**start of header | |
5 | @setfilename guix.info | |
6 | @documentencoding UTF-8 | |
f8348b91 | 7 | @settitle GNU Guix Reference Manual |
568717fd LC |
8 | @c %**end of header |
9 | ||
10 | @include version.texi | |
7df7a74e NK |
11 | |
12 | @copying | |
425b0bfc | 13 | Copyright @copyright{} 2012, 2013, 2014 Ludovic Courtès@* |
7df7a74e NK |
14 | Copyright @copyright{} 2013 Andreas Enge@* |
15 | Copyright @copyright{} 2013 Nikita Karetnikov | |
16 | ||
17 | Permission is granted to copy, distribute and/or modify this document | |
18 | under the terms of the GNU Free Documentation License, Version 1.3 or | |
19 | any later version published by the Free Software Foundation; with no | |
20 | Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A | |
21 | copy of the license is included in the section entitled ``GNU Free | |
22 | Documentation License''. | |
23 | @end copying | |
568717fd | 24 | |
eeaf4427 | 25 | @dircategory Package management |
568717fd LC |
26 | @direntry |
27 | * guix: (guix). Guix, the functional package manager. | |
e49951eb | 28 | * guix package: (guix)Invoking guix package |
eeaf4427 | 29 | Managing packages with Guix. |
e49951eb | 30 | * guix build: (guix)Invoking guix build |
568717fd LC |
31 | Building packages with Guix. |
32 | @end direntry | |
568717fd LC |
33 | |
34 | @titlepage | |
7730d112 LC |
35 | @title GNU Guix Reference Manual |
36 | @subtitle Using the GNU Guix Functional Package Manager | |
568717fd | 37 | @author Ludovic Courtès |
da7cabd4 | 38 | @author Andreas Enge |
acc08466 | 39 | @author Nikita Karetnikov |
568717fd LC |
40 | |
41 | @page | |
42 | @vskip 0pt plus 1filll | |
43 | Edition @value{EDITION} @* | |
44 | @value{UPDATED} @* | |
45 | ||
7df7a74e | 46 | @insertcopying |
568717fd LC |
47 | @end titlepage |
48 | ||
568717fd LC |
49 | @contents |
50 | ||
51 | @c ********************************************************************* | |
52 | @node Top | |
f8348b91 | 53 | @top GNU Guix |
568717fd | 54 | |
f8348b91 LC |
55 | This document describes GNU Guix version @value{VERSION}, a functional |
56 | package management tool written for the GNU system. | |
568717fd LC |
57 | |
58 | @menu | |
59 | * Introduction:: What is Guix about? | |
bd5e766b | 60 | * Installation:: Installing Guix. |
eeaf4427 | 61 | * Package Management:: Package installation, upgrade, etc. |
568717fd LC |
62 | * Programming Interface:: Using Guix in Scheme. |
63 | * Utilities:: Package management commands. | |
a1ba8475 | 64 | * GNU Distribution:: Software for your friendly GNU system. |
9bf3c1a7 | 65 | * Contributing:: Your help needed! |
568717fd LC |
66 | |
67 | * Acknowledgments:: Thanks! | |
68 | * GNU Free Documentation License:: The license of this manual. | |
69 | * Concept Index:: Concepts. | |
70 | * Function Index:: Functions. | |
71 | @end menu | |
72 | ||
73 | @c ********************************************************************* | |
74 | @node Introduction | |
75 | @chapter Introduction | |
76 | ||
c80e7e55 LC |
77 | GNU Guix@footnote{``Guix'' is pronounced like ``geeks'', or ``ɡiːks'' |
78 | using the international phonetic alphabet (IPA).} is a functional | |
79 | package management tool for the GNU system. Package management consists | |
4bfc4ea3 NK |
80 | of all activities that relate to building packages from sources, |
81 | honoring their build-time and run-time dependencies, | |
c80e7e55 LC |
82 | installing packages in user environments, upgrading installed packages |
83 | to new versions or rolling back to a previous set, removing unused | |
84 | software packages, etc. | |
568717fd LC |
85 | |
86 | @cindex functional package management | |
87 | The term @dfn{functional} refers to a specific package management | |
88 | discipline. In Guix, the package build and installation process is seen | |
4bfc4ea3 NK |
89 | as a function, in the mathematical sense. That function takes inputs, |
90 | such as build scripts, a compiler, and libraries, and | |
91 | returns an installed package. As a pure function, its result depends | |
568717fd LC |
92 | solely on its inputs---for instance, it cannot refer to software or |
93 | scripts that were not explicitly passed as inputs. A build function | |
4bfc4ea3 NK |
94 | always produces the same result when passed a given set of inputs. It |
95 | cannot alter the system's environment in | |
568717fd LC |
96 | any way; for instance, it cannot create, modify, or delete files outside |
97 | of its build and installation directories. This is achieved by running | |
e900c503 | 98 | build processes in isolated environments (or @dfn{containers}), where only their |
4bfc4ea3 | 99 | explicit inputs are visible. |
568717fd | 100 | |
e531ac2a | 101 | @cindex store |
568717fd | 102 | The result of package build functions is @dfn{cached} in the file |
e531ac2a LC |
103 | system, in a special directory called @dfn{the store} (@pxref{The |
104 | Store}). Each package is installed in a directory of its own, in the | |
568717fd LC |
105 | store---by default under @file{/nix/store}. The directory name contains |
106 | a hash of all the inputs used to build that package; thus, changing an | |
107 | input yields a different directory name. | |
108 | ||
109 | This approach is the foundation of Guix's salient features: support for | |
4bfc4ea3 | 110 | transactional package upgrade and rollback, per-user installation, and |
eeaf4427 | 111 | garbage collection of packages (@pxref{Features}). |
568717fd | 112 | |
4bfc4ea3 | 113 | Guix has a command-line interface, which allows users to build, install, |
568717fd | 114 | upgrade, and remove packages, as well as a Scheme programming interface. |
568717fd | 115 | |
a1ba8475 LC |
116 | Last but not least, Guix is used to build a distribution of the GNU |
117 | system, with many GNU and non-GNU free software packages. @xref{GNU | |
118 | Distribution}. | |
119 | ||
bd5e766b LC |
120 | @c ********************************************************************* |
121 | @node Installation | |
122 | @chapter Installation | |
123 | ||
48febeb8 LC |
124 | GNU Guix is available for download from its website at |
125 | @url{http://www.gnu.org/software/guix/}. This section describes the | |
126 | software requirements of Guix, as well as how to install it and get | |
127 | ready to use it. | |
bd5e766b | 128 | |
b22a12fd | 129 | The build procedure for Guix is the same as for other GNU software, and |
1da983b9 | 130 | is not covered here. Please see the files @file{README} and |
b22a12fd LC |
131 | @file{INSTALL} in the Guix source tree for additional details. |
132 | ||
bd5e766b LC |
133 | @menu |
134 | * Requirements:: Software needed to build and run Guix. | |
135 | * Setting Up the Daemon:: Preparing the build daemon's environment. | |
136 | * Invoking guix-daemon:: Running the build daemon. | |
137 | @end menu | |
138 | ||
139 | @node Requirements | |
140 | @section Requirements | |
141 | ||
142 | GNU Guix depends on the following packages: | |
143 | ||
144 | @itemize | |
4a328f73 | 145 | @item @url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.5 or later; |
bd5e766b LC |
146 | @item @url{http://gnupg.org/, GNU libgcrypt} |
147 | @end itemize | |
148 | ||
149 | Unless @code{--disable-daemon} was passed to @command{configure}, the | |
150 | following packages are also needed: | |
151 | ||
152 | @itemize | |
153 | @item @url{http://sqlite.org, SQLite 3} | |
154 | @item @url{http://www.bzip.org, libbz2} | |
155 | @item @url{http://gcc.gnu.org, GCC's g++} | |
156 | @end itemize | |
157 | ||
4bfc4ea3 NK |
158 | When a working installation of @url{http://nixos.org/nix/, the Nix package |
159 | manager} is available, you | |
bd5e766b | 160 | can instead configure Guix with @code{--disable-daemon}. In that case, |
4bfc4ea3 | 161 | Nix replaces the three dependencies above. |
bd5e766b | 162 | |
b22a12fd LC |
163 | Guix is compatible with Nix, so it is possible to share the same store |
164 | between both. To do so, you must pass @command{configure} not only the | |
165 | same @code{--with-store-dir} value, but also the same | |
4bfc4ea3 NK |
166 | @code{--localstatedir} value. The latter is essential because it |
167 | specifies where the database that stores metadata about the store is | |
168 | located, among other things. The default values are | |
b22a12fd | 169 | @code{--with-store-dir=/nix/store} and @code{--localstatedir=/nix/var}. |
4bfc4ea3 NK |
170 | Note that @code{--disable-daemon} is not required if |
171 | your goal is to share the store with Nix. | |
b22a12fd | 172 | |
bd5e766b LC |
173 | @node Setting Up the Daemon |
174 | @section Setting Up the Daemon | |
175 | ||
176 | @cindex daemon | |
177 | Operations such as building a package or running the garbage collector | |
49e6291a | 178 | are all performed by a specialized process, the @dfn{build daemon}, on |
bd5e766b LC |
179 | behalf of clients. Only the daemon may access the store and its |
180 | associated database. Thus, any operation that manipulates the store | |
181 | goes through the daemon. For instance, command-line tools such as | |
e49951eb | 182 | @command{guix package} and @command{guix build} communicate with the |
bd5e766b LC |
183 | daemon (@i{via} remote procedure calls) to instruct it what to do. |
184 | ||
49e6291a LC |
185 | The following sections explain how to prepare the build daemon's |
186 | environment. | |
187 | ||
188 | @menu | |
189 | * Build Environment Setup:: Preparing the isolated build environment. | |
190 | * Daemon Offload Setup:: Offloading builds to remote machines. | |
191 | @end menu | |
192 | ||
193 | @node Build Environment Setup | |
194 | @subsection Build Environment Setup | |
195 | ||
bd5e766b LC |
196 | In a standard multi-user setup, Guix and its daemon---the |
197 | @command{guix-daemon} program---are installed by the system | |
198 | administrator; @file{/nix/store} is owned by @code{root} and | |
199 | @command{guix-daemon} runs as @code{root}. Unprivileged users may use | |
200 | Guix tools to build packages or otherwise access the store, and the | |
201 | daemon will do it on their behalf, ensuring that the store is kept in a | |
202 | consistent state, and allowing built packages to be shared among users. | |
203 | ||
204 | @cindex build users | |
205 | When @command{guix-daemon} runs as @code{root}, you may not want package | |
206 | build processes themselves to run as @code{root} too, for obvious | |
207 | security reasons. To avoid that, a special pool of @dfn{build users} | |
208 | should be created for use by build processes started by the daemon. | |
209 | These build users need not have a shell and a home directory: they will | |
210 | just be used when the daemon drops @code{root} privileges in build | |
211 | processes. Having several such users allows the daemon to launch | |
212 | distinct build processes under separate UIDs, which guarantees that they | |
213 | do not interfere with each other---an essential feature since builds are | |
214 | regarded as pure functions (@pxref{Introduction}). | |
215 | ||
216 | On a GNU/Linux system, a build user pool may be created like this (using | |
217 | Bash syntax and the @code{shadow} commands): | |
218 | ||
091196b3 LC |
219 | @c See http://lists.gnu.org/archive/html/bug-guix/2013-01/msg00239.html |
220 | @c for why `-G' is needed. | |
bd5e766b LC |
221 | @example |
222 | # groupadd guix-builder | |
223 | # for i in `seq 1 10`; | |
224 | do | |
091196b3 LC |
225 | useradd -g guix-builder -G guix-builder \ |
226 | -d /var/empty -s `which nologin` \ | |
4d1a2b50 LC |
227 | -c "Guix build user $i" --system \ |
228 | guix-builder$i; | |
bd5e766b LC |
229 | done |
230 | @end example | |
231 | ||
232 | @noindent | |
233 | The @code{guix-daemon} program may then be run as @code{root} with: | |
234 | ||
235 | @example | |
236 | # guix-daemon --build-users-group=guix-builder | |
237 | @end example | |
238 | ||
e900c503 | 239 | @cindex chroot |
b095792f LC |
240 | @noindent |
241 | This way, the daemon starts build processes in a chroot, under one of | |
242 | the @code{guix-builder} users. On GNU/Linux, by default, the chroot | |
6dc99317 LC |
243 | environment contains nothing but: |
244 | ||
245 | @c Keep this list in sync with libstore/build.cc! ----------------------- | |
246 | @itemize | |
247 | @item | |
248 | the @code{/dev} and @code{/proc} directories@footnote{On some systems | |
249 | @code{/dev/shm}, which supports shared memory, is a symlink to another | |
250 | directory such as @code{/run/shm}, that is @emph{not} is the chroot. | |
251 | When that is the case, shared memory support is unavailable in the | |
252 | chroot environment. The workaround is to make sure that @file{/dev/shm} | |
253 | is directly a @code{tmpfs} mount point.}; | |
254 | ||
255 | @item | |
256 | @file{/etc/passwd} with an entry for the current user and an entry for | |
257 | user @file{nobody}; | |
258 | ||
259 | @item | |
260 | @file{/etc/group} with an entry for the user's group; | |
261 | ||
262 | @item | |
263 | @file{/etc/hosts} with an entry that maps @code{localhost} to | |
264 | @code{127.0.0.1}; | |
265 | ||
266 | @item | |
267 | a writable @file{/tmp} directory. | |
268 | @end itemize | |
b095792f | 269 | |
d43eb499 | 270 | If you are installing Guix as an unprivileged user, it is still |
bd5e766b LC |
271 | possible to run @command{guix-daemon}. However, build processes will |
272 | not be isolated from one another, and not from the rest of the system. | |
273 | Thus, build processes may interfere with each other, and may access | |
274 | programs, libraries, and other files available on the system---making it | |
275 | much harder to view them as @emph{pure} functions. | |
276 | ||
49e6291a LC |
277 | |
278 | @node Daemon Offload Setup | |
279 | @subsection Using the Offload Facility | |
280 | ||
281 | @cindex offloading | |
4ec2e92d LC |
282 | @cindex build hook |
283 | When desired, the build daemon can @dfn{offload} | |
284 | derivation builds to other machines | |
49e6291a LC |
285 | running Guix, using the @code{offload} @dfn{build hook}. When that |
286 | feature is enabled, a list of user-specified build machines is read from | |
287 | @file{/etc/guix/machines.scm}; anytime a build is requested, for | |
288 | instance via @code{guix build}, the daemon attempts to offload it to one | |
289 | of the machines that satisfies the derivation's constraints, in | |
290 | particular its system type---e.g., @file{x86_64-linux}. Missing | |
291 | prerequisites for the build are copied over SSH to the target machine, | |
292 | which then proceeds with the build; upon success the output(s) of the | |
293 | build are copied back to the initial machine. | |
294 | ||
4ec2e92d | 295 | The @file{/etc/guix/machines.scm} file typically looks like this: |
49e6291a LC |
296 | |
297 | @example | |
298 | (list (build-machine | |
299 | (name "eightysix.example.org") | |
300 | (system "x86_64-linux") | |
301 | (user "bob") | |
302 | (speed 2.)) ; incredibly fast! | |
303 | ||
304 | (build-machine | |
305 | (name "meeps.example.org") | |
306 | (system "mips64el-linux") | |
307 | (user "alice") | |
308 | (private-key | |
309 | (string-append (getenv "HOME") | |
310 | "/.ssh/id-rsa-for-guix")))) | |
311 | @end example | |
312 | ||
313 | @noindent | |
314 | In the example above we specify a list of two build machines, one for | |
315 | the @code{x86_64} architecture and one for the @code{mips64el} | |
4ec2e92d LC |
316 | architecture. |
317 | ||
318 | In fact, this file is---not surprisingly!---a Scheme file that is | |
319 | evaluated when the @code{offload} hook is started. Its return value | |
320 | must be a list of @code{build-machine} objects. While this example | |
321 | shows a fixed list of build machines, one could imagine, say, using | |
322 | DNS-SD to return a list of potential build machines discovered in the | |
323 | local network (@pxref{Introduction, Guile-Avahi,, guile-avahi, Using | |
324 | Avahi in Guile Scheme Programs}). | |
325 | ||
326 | The compulsory fields for a @code{build-machine} declaration are: | |
49e6291a LC |
327 | |
328 | @table @code | |
329 | ||
330 | @item name | |
331 | The remote machine's host name. | |
332 | ||
333 | @item system | |
334 | The remote machine's system type. | |
335 | ||
336 | @item user | |
337 | The user account to use when connecting to the remote machine over SSH. | |
338 | Note that the SSH key pair must @emph{not} be passphrase-protected, to | |
339 | allow non-interactive logins. | |
340 | ||
341 | @end table | |
342 | ||
343 | @noindent | |
4ec2e92d | 344 | A number of optional fields may be specified: |
49e6291a LC |
345 | |
346 | @table @code | |
347 | ||
348 | @item private-key | |
349 | The SSH private key file to use when connecting to the machine. | |
350 | ||
351 | @item parallel-builds | |
352 | The number of builds that may run in parallel on the machine (1 by | |
353 | default.) | |
354 | ||
355 | @item speed | |
356 | A ``relative speed factor''. The offload scheduler will tend to prefer | |
357 | machines with a higher speed factor. | |
358 | ||
359 | @item features | |
360 | A list of strings denoting specific features supported by the machine. | |
361 | An example is @code{"kvm"} for machines that have the KVM Linux modules | |
362 | and corresponding hardware support. Derivations can request features by | |
363 | name, and they will be scheduled on matching build machines. | |
364 | ||
365 | @end table | |
366 | ||
367 | The @code{guix} command must be in the search path on the build | |
368 | machines, since offloading works by invoking the @code{guix archive} and | |
369 | @code{guix build} commands. | |
370 | ||
371 | There's one last thing to do once @file{machines.scm} is in place. As | |
372 | explained above, when offloading, files are transferred back and forth | |
373 | between the machine stores. For this to work, you need to generate a | |
374 | key pair to allow the daemon to export signed archives of files from the | |
375 | store (@pxref{Invoking guix archive}): | |
376 | ||
377 | @example | |
378 | # guix archive --generate-key | |
379 | @end example | |
380 | ||
381 | @noindent | |
382 | Thus, when receiving files, a machine's build daemon can make sure they | |
383 | are genuine, have not been tampered with, and that they are signed by an | |
384 | authorized key. | |
385 | ||
386 | ||
bd5e766b LC |
387 | @node Invoking guix-daemon |
388 | @section Invoking @command{guix-daemon} | |
389 | ||
390 | The @command{guix-daemon} program implements all the functionality to | |
391 | access the store. This includes launching build processes, running the | |
392 | garbage collector, querying the availability of a build result, etc. It | |
393 | is normally run as @code{root} like this: | |
394 | ||
395 | @example | |
396 | # guix-daemon --build-users-group=guix-builder | |
397 | @end example | |
398 | ||
399 | @noindent | |
400 | For details on how to set it up, @ref{Setting Up the Daemon}. | |
401 | ||
e900c503 LC |
402 | @cindex chroot |
403 | @cindex container, build environment | |
404 | @cindex build environment | |
405 | @cindex reproducible builds | |
bd5e766b LC |
406 | By default, @command{guix-daemon} launches build processes under |
407 | different UIDs, taken from the build group specified with | |
408 | @code{--build-users-group}. In addition, each build process is run in a | |
409 | chroot environment that only contains the subset of the store that the | |
410 | build process depends on, as specified by its derivation | |
411 | (@pxref{Programming Interface, derivation}), plus a set of specific | |
412 | system directories. By default, the latter contains @file{/dev} and | |
e900c503 LC |
413 | @file{/dev/pts}. Furthermore, on GNU/Linux, the build environment is a |
414 | @dfn{container}: in addition to having its own file system tree, it has | |
415 | a separate mount name space, its own PID name space, network name space, | |
416 | etc. This helps achieve reproducible builds (@pxref{Features}). | |
bd5e766b LC |
417 | |
418 | The following command-line options are supported: | |
419 | ||
420 | @table @code | |
421 | @item --build-users-group=@var{group} | |
422 | Take users from @var{group} to run build processes (@pxref{Setting Up | |
423 | the Daemon, build users}). | |
424 | ||
6858f9d1 | 425 | @item --no-substitutes |
b5385b52 | 426 | @cindex substitutes |
6858f9d1 LC |
427 | Do not use substitutes for build products. That is, always build things |
428 | locally instead of allowing downloads of pre-built binaries. | |
429 | ||
b5385b52 LC |
430 | By default substitutes are used, unless the client---such as the |
431 | @command{guix package} command---is explicitly invoked with | |
432 | @code{--no-substitutes}. | |
433 | ||
434 | When the daemon runs with @code{--no-substitutes}, clients can still | |
435 | explicitly enable substitution @i{via} the @code{set-build-options} | |
436 | remote procedure call (@pxref{The Store}). | |
437 | ||
4ec2e92d LC |
438 | @cindex build hook |
439 | @item --no-build-hook | |
440 | Do not use the @dfn{build hook}. | |
441 | ||
442 | The build hook is a helper program that the daemon can start and to | |
443 | which it submits build requests. This mechanism is used to offload | |
444 | builds to other machines (@pxref{Daemon Offload Setup}). | |
445 | ||
bd5e766b LC |
446 | @item --cache-failures |
447 | Cache build failures. By default, only successful builds are cached. | |
448 | ||
449 | @item --cores=@var{n} | |
450 | @itemx -c @var{n} | |
451 | Use @var{n} CPU cores to build each derivation; @code{0} means as many | |
452 | as available. | |
453 | ||
454 | The default value is @code{1}, but it may be overridden by clients, such | |
e49951eb MW |
455 | as the @code{--cores} option of @command{guix build} (@pxref{Invoking |
456 | guix build}). | |
bd5e766b LC |
457 | |
458 | The effect is to define the @code{NIX_BUILD_CORES} environment variable | |
459 | in the build process, which can then use it to exploit internal | |
460 | parallelism---for instance, by running @code{make -j$NIX_BUILD_CORES}. | |
461 | ||
462 | @item --max-jobs=@var{n} | |
463 | @itemx -M @var{n} | |
464 | Allow at most @var{n} build jobs in parallel. The default value is | |
465 | @code{1}. | |
466 | ||
467 | @item --debug | |
468 | Produce debugging output. | |
469 | ||
470 | This is useful to debug daemon start-up issues, but then it may be | |
471 | overridden by clients, for example the @code{--verbosity} option of | |
e49951eb | 472 | @command{guix build} (@pxref{Invoking guix build}). |
bd5e766b LC |
473 | |
474 | @item --chroot-directory=@var{dir} | |
475 | Add @var{dir} to the build chroot. | |
476 | ||
477 | Doing this may change the result of build processes---for instance if | |
478 | they use optional dependencies found in @var{dir} when it is available, | |
479 | and not otherwise. For that reason, it is not recommended to do so. | |
480 | Instead, make sure that each derivation declares all the inputs that it | |
481 | needs. | |
482 | ||
483 | @item --disable-chroot | |
484 | Disable chroot builds. | |
485 | ||
486 | Using this option is not recommended since, again, it would allow build | |
487 | processes to gain access to undeclared dependencies. | |
488 | ||
489 | @item --disable-log-compression | |
490 | Disable compression of the build logs. | |
491 | ||
1da983b9 LC |
492 | Unless @code{--lose-logs} is used, all the build logs are kept in the |
493 | @var{localstatedir}. To save space, the daemon automatically compresses | |
494 | them with bzip2 by default. This option disables that. | |
495 | ||
bd5e766b LC |
496 | @item --disable-store-optimization |
497 | Disable automatic file ``deduplication'' in the store. | |
498 | ||
1da983b9 LC |
499 | By default, files added to the store are automatically ``deduplicated'': |
500 | if a newly added file is identical as another one found in the store, | |
501 | the daemon makes the new file a hard link to the other file. This | |
502 | slightly increases the input/output load at the end of a build process. | |
503 | This option disables this. | |
504 | ||
6e37066e LC |
505 | @item --gc-keep-outputs[=yes|no] |
506 | Tell whether the garbage collector (GC) must keep outputs of live | |
507 | derivations. | |
508 | ||
509 | When set to ``yes'', the GC will keep the outputs of any live derivation | |
510 | available in the store---the @code{.drv} files. The default is ``no'', | |
511 | meaning that derivation outputs are kept only if they are GC roots. | |
512 | ||
513 | @item --gc-keep-derivations[=yes|no] | |
514 | Tell whether the garbage collector (GC) must keep derivations | |
515 | corresponding to live outputs. | |
516 | ||
517 | When set to ``yes'', as is the case by default, the GC keeps | |
518 | derivations---i.e., @code{.drv} files---as long as at least one of their | |
519 | outputs is live. This allows users to keep track of the origins of | |
520 | items in their store. Setting it to ``no'' saves a bit of disk space. | |
521 | ||
522 | Note that when both @code{--gc-keep-derivations} and | |
523 | @code{--gc-keep-outputs} are used, the effect is to keep all the build | |
524 | prerequisites (the sources, compiler, libraries, and other build-time | |
525 | tools) of live objects in the store, regardless of whether these | |
526 | prerequisites are live. This is convenient for developers since it | |
527 | saves rebuilds or downloads. | |
528 | ||
bd5e766b LC |
529 | @item --impersonate-linux-2.6 |
530 | On Linux-based systems, impersonate Linux 2.6. This means that the | |
531 | kernel's @code{uname} system call will report 2.6 as the release number. | |
532 | ||
533 | This might be helpful to build programs that (usually wrongfully) depend | |
534 | on the kernel version number. | |
535 | ||
536 | @item --lose-logs | |
537 | Do not keep build logs. By default they are kept under | |
538 | @code{@var{localstatedir}/nix/log}. | |
539 | ||
540 | @item --system=@var{system} | |
541 | Assume @var{system} as the current system type. By default it is the | |
542 | architecture/kernel pair found at configure time, such as | |
543 | @code{x86_64-linux}. | |
b8d2aa26 LC |
544 | |
545 | @item --listen=@var{socket} | |
546 | Listen for connections on @var{socket}, the file name of a Unix-domain | |
547 | socket. The default socket is | |
548 | @file{@var{localstatedir}/daemon-socket/socket}. This option is only | |
549 | useful in exceptional circumstances, such as if you need to run several | |
550 | daemons on the same machine. | |
bd5e766b LC |
551 | @end table |
552 | ||
553 | ||
eeaf4427 LC |
554 | @c ********************************************************************* |
555 | @node Package Management | |
556 | @chapter Package Management | |
557 | ||
f8348b91 | 558 | The purpose of GNU Guix is to allow users to easily install, upgrade, and |
eeaf4427 LC |
559 | remove software packages, without having to know about their build |
560 | procedure or dependencies. Guix also goes beyond this obvious set of | |
561 | features. | |
562 | ||
563 | This chapter describes the main features of Guix, as well as the package | |
564 | management tools it provides. | |
565 | ||
566 | @menu | |
567 | * Features:: How Guix will make your life brighter. | |
e49951eb | 568 | * Invoking guix package:: Package installation, removal, etc. |
760c60d6 | 569 | * Packages with Multiple Outputs:: Single source package, multiple outputs. |
e49951eb | 570 | * Invoking guix gc:: Running the garbage collector. |
f651b477 | 571 | * Invoking guix pull:: Fetching the latest Guix and distribution. |
760c60d6 | 572 | * Invoking guix archive:: Exporting and importing store files. |
eeaf4427 LC |
573 | @end menu |
574 | ||
575 | @node Features | |
576 | @section Features | |
577 | ||
578 | When using Guix, each package ends up in the @dfn{package store}, in its | |
579 | own directory---something that resembles | |
580 | @file{/nix/store/xxx-package-1.2}, where @code{xxx} is a base32 string. | |
581 | ||
582 | Instead of referring to these directories, users have their own | |
583 | @dfn{profile}, which points to the packages that they actually want to | |
821b0015 LC |
584 | use. These profiles are stored within each user's home directory, at |
585 | @code{$HOME/.guix-profile}. | |
eeaf4427 | 586 | |
821b0015 | 587 | For example, @code{alice} installs GCC 4.7.2. As a result, |
eeaf4427 | 588 | @file{/home/alice/.guix-profile/bin/gcc} points to |
821b0015 LC |
589 | @file{/nix/store/@dots{}-gcc-4.7.2/bin/gcc}. Now, on the same machine, |
590 | @code{bob} had already installed GCC 4.8.0. The profile of @code{bob} | |
591 | simply continues to point to | |
592 | @file{/nix/store/@dots{}-gcc-4.8.0/bin/gcc}---i.e., both versions of GCC | |
593 | coexist on the same system without any interference. | |
eeaf4427 | 594 | |
e49951eb MW |
595 | The @command{guix package} command is the central tool to manage |
596 | packages (@pxref{Invoking guix package}). It operates on those per-user | |
821b0015 | 597 | profiles, and can be used @emph{with normal user privileges}. |
eeaf4427 LC |
598 | |
599 | The command provides the obvious install, remove, and upgrade | |
600 | operations. Each invocation is actually a @emph{transaction}: either | |
ba55b1cb | 601 | the specified operation succeeds, or nothing happens. Thus, if the |
e49951eb | 602 | @command{guix package} process is terminated during the transaction, |
eeaf4427 LC |
603 | or if a power outage occurs during the transaction, then the user's |
604 | profile remains in its previous state, and remains usable. | |
605 | ||
606 | In addition, any package transaction may be @emph{rolled back}. So, if, | |
607 | for example, an upgrade installs a new version of a package that turns | |
608 | out to have a serious bug, users may roll back to the previous instance | |
4af2447e LC |
609 | of their profile, which was known to work well. Similarly, the global |
610 | system configuration is subject to transactional upgrades and roll-back | |
611 | (@pxref{Using the Configuration System}). | |
eeaf4427 LC |
612 | |
613 | All those packages in the package store may be @emph{garbage-collected}. | |
614 | Guix can determine which packages are still referenced by the user | |
fe8ff028 | 615 | profiles, and remove those that are provably no longer referenced |
e49951eb | 616 | (@pxref{Invoking guix gc}). Users may also explicitly remove old |
fe8ff028 LC |
617 | generations of their profile so that the packages they refer to can be |
618 | collected. | |
eeaf4427 | 619 | |
e900c503 LC |
620 | @cindex reproducibility |
621 | @cindex reproducible builds | |
eeaf4427 LC |
622 | Finally, Guix takes a @dfn{purely functional} approach to package |
623 | management, as described in the introduction (@pxref{Introduction}). | |
624 | Each @file{/nix/store} package directory name contains a hash of all the | |
625 | inputs that were used to build that package---compiler, libraries, build | |
626 | scripts, etc. This direct correspondence allows users to make sure a | |
627 | given package installation matches the current state of their | |
e900c503 LC |
628 | distribution. It also helps maximize @dfn{build reproducibility}: |
629 | thanks to the isolated build environments that are used, a given build | |
630 | is likely to yield bit-identical files when performed on different | |
631 | machines (@pxref{Invoking guix-daemon, container}). | |
eeaf4427 | 632 | |
18f2887b | 633 | @cindex substitute |
eeaf4427 | 634 | This foundation allows Guix to support @dfn{transparent binary/source |
3b78d1ea | 635 | deployment}. When a pre-built binary for a @file{/nix/store} path is |
18f2887b LC |
636 | available from an external source---a @dfn{substitute}, Guix just |
637 | downloads it@footnote{@c XXX: Remove me when outdated. | |
638 | As of version @value{VERSION}, substitutes are downloaded from | |
639 | @url{http://hydra.gnu.org/} but are @emph{not} authenticated---i.e., | |
640 | Guix cannot tell whether binaries it downloaded have been tampered with, | |
641 | nor whether they come from the genuine @code{gnu.org} build farm. This | |
642 | will be fixed in future versions. In the meantime, concerned users can | |
643 | opt for @code{--no-substitutes} (@pxref{Invoking guix-daemon}).}; | |
644 | otherwise, it builds the package from source, locally. | |
eeaf4427 | 645 | |
e49951eb MW |
646 | @node Invoking guix package |
647 | @section Invoking @command{guix package} | |
eeaf4427 | 648 | |
e49951eb | 649 | The @command{guix package} command is the tool that allows users to |
eeaf4427 LC |
650 | install, upgrade, and remove packages, as well as rolling back to |
651 | previous configurations. It operates only on the user's own profile, | |
652 | and works with normal user privileges (@pxref{Features}). Its syntax | |
653 | is: | |
654 | ||
655 | @example | |
e49951eb | 656 | guix package @var{options} |
eeaf4427 LC |
657 | @end example |
658 | ||
ba55b1cb | 659 | Primarily, @var{options} specifies the operations to be performed during |
eeaf4427 LC |
660 | the transaction. Upon completion, a new profile is created, but |
661 | previous generations of the profile remain available, should the user | |
662 | want to roll back. | |
663 | ||
6447738c MW |
664 | For example, to remove @code{lua} and install @code{guile} and |
665 | @code{guile-cairo} in a single transaction: | |
666 | ||
667 | @example | |
668 | guix package -r lua -i guile guile-cairo | |
669 | @end example | |
670 | ||
b9e5c0a9 | 671 | For each user, a symlink to the user's default profile is automatically |
0ec1af59 | 672 | created in @file{$HOME/.guix-profile}. This symlink always points to the |
b9e5c0a9 LC |
673 | current generation of the user's default profile. Thus, users can add |
674 | @file{$HOME/.guix-profile/bin} to their @code{PATH} environment | |
675 | variable, and so on. | |
676 | ||
0ec1af59 LC |
677 | In a multi-user setup, user profiles must be stored in a place |
678 | registered as a @dfn{garbage-collector root}, which | |
e49951eb | 679 | @file{$HOME/.guix-profile} points to (@pxref{Invoking guix gc}). That |
0ec1af59 LC |
680 | directory is normally |
681 | @code{@var{localstatedir}/profiles/per-user/@var{user}}, where | |
682 | @var{localstatedir} is the value passed to @code{configure} as | |
683 | @code{--localstatedir}, and @var{user} is the user name. It must be | |
684 | created by @code{root}, with @var{user} as the owner. When it does not | |
70c43291 LC |
685 | exist, or is not owned by @var{user}, @command{guix package} emits an |
686 | error about it. | |
0ec1af59 LC |
687 | |
688 | The @var{options} can be among the following: | |
689 | ||
eeaf4427 LC |
690 | @table @code |
691 | ||
6447738c MW |
692 | @item --install=@var{package} @dots{} |
693 | @itemx -i @var{package} @dots{} | |
694 | Install the specified @var{package}s. | |
eeaf4427 | 695 | |
6447738c | 696 | Each @var{package} may specify either a simple package name, such as |
eeaf4427 | 697 | @code{guile}, or a package name followed by a hyphen and version number, |
dc5669cd MW |
698 | such as @code{guile-1.8.8}. If no version number is specified, the |
699 | newest available version will be selected. In addition, @var{package} | |
700 | may contain a colon, followed by the name of one of the outputs of the | |
6e721c4d | 701 | package, as in @code{gcc:doc} or @code{binutils-2.22:lib} |
e7f34eb0 LC |
702 | (@pxref{Packages with Multiple Outputs}). Packages with a corresponding |
703 | name (and optionally version) are searched for among the GNU | |
704 | distribution modules (@pxref{Package Modules}). | |
eeaf4427 | 705 | |
461572cc LC |
706 | @cindex propagated inputs |
707 | Sometimes packages have @dfn{propagated inputs}: these are dependencies | |
708 | that automatically get installed along with the required package. | |
709 | ||
710 | An example is the GNU MPC library: its C header files refer to those of | |
711 | the GNU MPFR library, which in turn refer to those of the GMP library. | |
712 | Thus, when installing MPC, the MPFR and GMP libraries also get installed | |
713 | in the profile; removing MPC also removes MPFR and GMP---unless they had | |
714 | also been explicitly installed independently. | |
715 | ||
ba7ea5ce | 716 | Besides, packages sometimes rely on the definition of environment |
5924080d | 717 | variables for their search paths (see explanation of |
ba7ea5ce | 718 | @code{--search-paths} below). Any missing or possibly incorrect |
5924080d LC |
719 | environment variable definitions are reported here. |
720 | ||
ef010c0f | 721 | @c XXX: keep me up-to-date |
5924080d | 722 | Finally, when installing a GNU package, the tool reports the |
ef010c0f LC |
723 | availability of a newer upstream version. In the future, it may provide |
724 | the option of installing directly from the upstream version, even if | |
725 | that version is not yet in the distribution. | |
726 | ||
5d4b411f LC |
727 | @item --install-from-expression=@var{exp} |
728 | @itemx -e @var{exp} | |
729 | Install the package @var{exp} evaluates to. | |
730 | ||
731 | @var{exp} must be a Scheme expression that evaluates to a | |
732 | @code{<package>} object. This option is notably useful to disambiguate | |
733 | between same-named variants of a package, with expressions such as | |
734 | @code{(@@ (gnu packages base) guile-final)}. | |
735 | ||
736 | Note that this option installs the first output of the specified | |
737 | package, which may be insufficient when needing a specific output of a | |
738 | multiple-output package. | |
739 | ||
6447738c MW |
740 | @item --remove=@var{package} @dots{} |
741 | @itemx -r @var{package} @dots{} | |
742 | Remove the specified @var{package}s. | |
eeaf4427 | 743 | |
6447738c | 744 | As for @code{--install}, each @var{package} may specify a version number |
13ed095c LC |
745 | and/or output name in addition to the package name. For instance, |
746 | @code{-r glibc:debug} would remove the @code{debug} output of | |
747 | @code{glibc}. | |
748 | ||
6447738c MW |
749 | @item --upgrade[=@var{regexp} @dots{}] |
750 | @itemx -u [@var{regexp} @dots{}] | |
751 | Upgrade all the installed packages. If one or more @var{regexp}s are | |
752 | specified, upgrade only installed packages whose name matches a | |
753 | @var{regexp}. | |
eeaf4427 | 754 | |
f651b477 LC |
755 | Note that this upgrades package to the latest version of packages found |
756 | in the distribution currently installed. To update your distribution, | |
757 | you should regularly run @command{guix pull} (@pxref{Invoking guix | |
758 | pull}). | |
759 | ||
24e262f0 LC |
760 | @item --roll-back |
761 | Roll back to the previous @dfn{generation} of the profile---i.e., undo | |
762 | the last transaction. | |
763 | ||
764 | When combined with options such as @code{--install}, roll back occurs | |
765 | before any other actions. | |
766 | ||
d9307267 | 767 | When rolling back from the first generation that actually contains |
4b2bc804 NK |
768 | installed packages, the profile is made to point to the @dfn{zeroth |
769 | generation}, which contains no files apart from its own meta-data. | |
d9307267 | 770 | |
82fe08ed LC |
771 | Installing, removing, or upgrading packages from a generation that has |
772 | been rolled back to overwrites previous future generations. Thus, the | |
773 | history of a profile's generations is always linear. | |
774 | ||
5924080d LC |
775 | @item --search-paths |
776 | @cindex search paths | |
777 | Report environment variable definitions, in Bash syntax, that may be | |
778 | needed in order to use the set of installed packages. These environment | |
779 | variables are used to specify @dfn{search paths} for files used by some | |
780 | of the installed packages. | |
781 | ||
782 | For example, GCC needs the @code{CPATH} and @code{LIBRARY_PATH} | |
783 | environment variables to be defined so it can look for headers and | |
784 | libraries in the user's profile (@pxref{Environment Variables,,, gcc, | |
785 | Using the GNU Compiler Collection (GCC)}). If GCC and, say, the C | |
786 | library are installed in the profile, then @code{--search-paths} will | |
787 | suggest setting these variables to @code{@var{profile}/include} and | |
788 | @code{@var{profile}/lib}, respectively. | |
789 | ||
eeaf4427 LC |
790 | @item --profile=@var{profile} |
791 | @itemx -p @var{profile} | |
792 | Use @var{profile} instead of the user's default profile. | |
793 | ||
70915c1a LC |
794 | @item --verbose |
795 | Produce verbose output. In particular, emit the environment's build log | |
796 | on the standard error port. | |
797 | ||
eeaf4427 LC |
798 | @item --bootstrap |
799 | Use the bootstrap Guile to build the profile. This option is only | |
800 | useful to distribution developers. | |
801 | ||
802 | @end table | |
803 | ||
e49951eb | 804 | In addition to these actions @command{guix package} supports the |
733b4130 LC |
805 | following options to query the current state of a profile, or the |
806 | availability of packages: | |
eeaf4427 | 807 | |
733b4130 LC |
808 | @table @option |
809 | ||
acc08466 NK |
810 | @item --search=@var{regexp} |
811 | @itemx -s @var{regexp} | |
812 | List the available packages whose synopsis or description matches | |
299112d3 LC |
813 | @var{regexp}. Print all the meta-data of matching packages in |
814 | @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, | |
815 | GNU recutils manual}). | |
acc08466 | 816 | |
299112d3 LC |
817 | This allows specific fields to be extracted using the @command{recsel} |
818 | command, for instance: | |
819 | ||
820 | @example | |
e49951eb | 821 | $ guix package -s malloc | recsel -p name,version |
299112d3 LC |
822 | name: glibc |
823 | version: 2.17 | |
824 | ||
825 | name: libgc | |
826 | version: 7.2alpha6 | |
827 | @end example | |
acc08466 | 828 | |
733b4130 LC |
829 | @item --list-installed[=@var{regexp}] |
830 | @itemx -I [@var{regexp}] | |
bd9bde1c LC |
831 | List the currently installed packages in the specified profile, with the |
832 | most recently installed packages shown last. When @var{regexp} is | |
833 | specified, list only installed packages whose name matches @var{regexp}. | |
733b4130 LC |
834 | |
835 | For each installed package, print the following items, separated by | |
836 | tabs: the package name, its version string, the part of the package that | |
837 | is installed (for instance, @code{out} for the default output, | |
838 | @code{include} for its headers, etc.), and the path of this package in | |
839 | the store. | |
840 | ||
64fc89b6 LC |
841 | @item --list-available[=@var{regexp}] |
842 | @itemx -A [@var{regexp}] | |
a1ba8475 LC |
843 | List packages currently available in the software distribution |
844 | (@pxref{GNU Distribution}). When @var{regexp} is specified, list only | |
845 | installed packages whose name matches @var{regexp}. | |
64fc89b6 LC |
846 | |
847 | For each package, print the following items separated by tabs: its name, | |
6e721c4d LC |
848 | its version string, the parts of the package (@pxref{Packages with |
849 | Multiple Outputs}), and the source location of its definition. | |
64fc89b6 | 850 | |
f566d765 LC |
851 | @item --list-generations[=@var{pattern}] |
852 | @itemx -l [@var{pattern}] | |
853 | Return a list of generations along with their creation dates; for each | |
854 | generation, show the installed packages, with the most recently | |
4b2bc804 NK |
855 | installed packages shown last. Note that the zeroth generation is never |
856 | shown. | |
f566d765 LC |
857 | |
858 | For each installed package, print the following items, separated by | |
859 | tabs: the name of a package, its version string, the part of the package | |
860 | that is installed (@pxref{Packages with Multiple Outputs}), and the | |
861 | location of this package in the store. | |
862 | ||
863 | When @var{pattern} is used, the command returns only matching | |
864 | generations. Valid patterns include: | |
865 | ||
866 | @itemize | |
867 | @item @emph{Integers and comma-separated integers}. Both patterns denote | |
868 | generation numbers. For instance, @code{--list-generations=1} returns | |
869 | the first one. | |
870 | ||
871 | And @code{--list-generations=1,8,2} outputs three generations in the | |
872 | specified order. Neither spaces nor trailing commas are allowed. | |
873 | ||
874 | @item @emph{Ranges}. @code{--list-generations=2..9} prints the | |
875 | specified generations and everything in between. Note that the start of | |
876 | a range must be lesser than its end. | |
877 | ||
878 | It is also possible to omit the endpoint. For example, | |
879 | @code{--list-generations=2..}, returns all generations starting from the | |
880 | second one. | |
881 | ||
882 | @item @emph{Durations}. You can also get the last @emph{N}@tie{}days, weeks, | |
883 | or months by passing an integer along with the first letter of the | |
d7ddb257 LC |
884 | duration. For example, @code{--list-generations=20d} lists generations |
885 | that are up to 20 days old. | |
f566d765 LC |
886 | @end itemize |
887 | ||
b7884ca3 NK |
888 | @item --delete-generations[=@var{pattern}] |
889 | @itemx -d [@var{pattern}] | |
d7ddb257 LC |
890 | When @var{pattern} is omitted, delete all generations except the current |
891 | one. | |
b7884ca3 NK |
892 | |
893 | This command accepts the same patterns as @option{--list-generations}. | |
d7ddb257 LC |
894 | When @var{pattern} is specified, delete the matching generations. When |
895 | @var{pattern} specifies a duration, generations @emph{older} than the | |
896 | specified duration match. For instance, @code{--delete-generations=1m} | |
897 | deletes generations that are more than one month old. | |
898 | ||
899 | If the current generation matches, it is deleted atomically---i.e., by | |
900 | switching to the previous available generation. Note that the zeroth | |
901 | generation is never deleted. | |
b7884ca3 | 902 | |
1bb9900a LC |
903 | Note that deleting generations prevents roll-back to them. |
904 | Consequently, this command must be used with care. | |
905 | ||
733b4130 | 906 | @end table |
eeaf4427 | 907 | |
70ee5642 LC |
908 | Finally, since @command{guix package} may actually start build |
909 | processes, it supports all the common build options that @command{guix | |
910 | build} supports (@pxref{Invoking guix build, common build options}). | |
911 | ||
6e721c4d LC |
912 | @node Packages with Multiple Outputs |
913 | @section Packages with Multiple Outputs | |
914 | ||
915 | @cindex multiple-output packages | |
916 | @cindex package outputs | |
917 | ||
918 | Often, packages defined in Guix have a single @dfn{output}---i.e., the | |
919 | source package leads exactly one directory in the store. When running | |
920 | @command{guix package -i glibc}, one installs the default output of the | |
921 | GNU libc package; the default output is called @code{out}, but its name | |
922 | can be omitted as shown in this command. In this particular case, the | |
923 | default output of @code{glibc} contains all the C header files, shared | |
924 | libraries, static libraries, Info documentation, and other supporting | |
925 | files. | |
926 | ||
927 | Sometimes it is more appropriate to separate the various types of files | |
928 | produced from a single source package into separate outputs. For | |
929 | instance, the GLib C library (used by GTK+ and related packages) | |
930 | installs more than 20 MiB of reference documentation as HTML pages. | |
931 | To save space for users who do not need it, the documentation goes to a | |
932 | separate output, called @code{doc}. To install the main GLib output, | |
933 | which contains everything but the documentation, one would run: | |
934 | ||
935 | @example | |
936 | guix package -i glib | |
937 | @end example | |
938 | ||
939 | The command to install its documentation is: | |
940 | ||
941 | @example | |
942 | guix package -i glib:doc | |
943 | @end example | |
944 | ||
945 | Some packages install programs with different ``dependency footprints''. | |
946 | For instance, the WordNet package install both command-line tools and | |
947 | graphical user interfaces (GUIs). The former depend solely on the C | |
948 | library, whereas the latter depend on Tcl/Tk and the underlying X | |
949 | libraries. In this case, we leave the command-line tools in the default | |
950 | output, whereas the GUIs are in a separate output. This allows users | |
951 | who do not need the GUIs to save space. | |
952 | ||
953 | There are several such multiple-output packages in the GNU distribution. | |
91ef73d4 LC |
954 | Other conventional output names include @code{lib} for libraries and |
955 | possibly header files, @code{bin} for stand-alone programs, and | |
956 | @code{debug} for debugging information (@pxref{Installing Debugging | |
957 | Files}). The outputs of a packages are listed in the third column of | |
958 | the output of @command{guix package --list-available} (@pxref{Invoking | |
959 | guix package}). | |
6e721c4d | 960 | |
eeaf4427 | 961 | |
e49951eb MW |
962 | @node Invoking guix gc |
963 | @section Invoking @command{guix gc} | |
fe8ff028 LC |
964 | |
965 | @cindex garbage collector | |
966 | Packages that are installed but not used may be @dfn{garbage-collected}. | |
e49951eb | 967 | The @command{guix gc} command allows users to explicitly run the garbage |
fe8ff028 LC |
968 | collector to reclaim space from the @file{/nix/store} directory. |
969 | ||
970 | The garbage collector has a set of known @dfn{roots}: any file under | |
971 | @file{/nix/store} reachable from a root is considered @dfn{live} and | |
972 | cannot be deleted; any other file is considered @dfn{dead} and may be | |
973 | deleted. The set of garbage collector roots includes default user | |
e49951eb MW |
974 | profiles, and may be augmented with @command{guix build --root}, for |
975 | example (@pxref{Invoking guix build}). | |
fe8ff028 | 976 | |
1bb9900a LC |
977 | Prior to running @code{guix gc --collect-garbage} to make space, it is |
978 | often useful to remove old generations from user profiles; that way, old | |
979 | package builds referenced by those generations can be reclaimed. This | |
980 | is achieved by running @code{guix package --delete-generations} | |
981 | (@pxref{Invoking guix package}). | |
982 | ||
e49951eb | 983 | The @command{guix gc} command has three modes of operation: it can be |
fe8ff028 LC |
984 | used to garbage-collect any dead files (the default), to delete specific |
985 | files (the @code{--delete} option), or to print garbage-collector | |
986 | information. The available options are listed below: | |
987 | ||
988 | @table @code | |
989 | @item --collect-garbage[=@var{min}] | |
990 | @itemx -C [@var{min}] | |
991 | Collect garbage---i.e., unreachable @file{/nix/store} files and | |
992 | sub-directories. This is the default operation when no option is | |
993 | specified. | |
994 | ||
995 | When @var{min} is given, stop once @var{min} bytes have been collected. | |
996 | @var{min} may be a number of bytes, or it may include a unit as a | |
997 | suffix, such as @code{MiB} for mebibytes and @code{GB} for gigabytes. | |
998 | ||
999 | When @var{min} is omitted, collect all the garbage. | |
1000 | ||
1001 | @item --delete | |
1002 | @itemx -d | |
1003 | Attempt to delete all the store files and directories specified as | |
1004 | arguments. This fails if some of the files are not in the store, or if | |
1005 | they are still live. | |
1006 | ||
1007 | @item --list-dead | |
1008 | Show the list of dead files and directories still present in the | |
1009 | store---i.e., files and directories no longer reachable from any root. | |
1010 | ||
1011 | @item --list-live | |
1012 | Show the list of live store files and directories. | |
ba8b732d LC |
1013 | |
1014 | @end table | |
1015 | ||
1016 | In addition, the references among existing store files can be queried: | |
1017 | ||
1018 | @table @code | |
1019 | ||
1020 | @item --references | |
1021 | @itemx --referrers | |
1022 | List the references (respectively, the referrers) of store files given | |
1023 | as arguments. | |
1024 | ||
8e59fdd5 LC |
1025 | @item --requisites |
1026 | @itemx -R | |
1027 | List the requisites of the store files passed as arguments. Requisites | |
1028 | include the store files themselves, their references, and the references | |
1029 | of these, recursively. In other words, the returned list is the | |
1030 | @dfn{transitive closure} of the store files. | |
1031 | ||
fe8ff028 LC |
1032 | @end table |
1033 | ||
eeaf4427 | 1034 | |
f651b477 LC |
1035 | @node Invoking guix pull |
1036 | @section Invoking @command{guix pull} | |
1037 | ||
1038 | Packages are installed or upgraded to the latest version available in | |
1039 | the distribution currently available on your local machine. To update | |
1040 | that distribution, along with the Guix tools, you must run @command{guix | |
1041 | pull}: the command downloads the latest Guix source code and package | |
1042 | descriptions, and deploys it. | |
1043 | ||
1044 | On completion, @command{guix package} will use packages and package | |
1045 | versions from this just-retrieved copy of Guix. Not only that, but all | |
1046 | the Guix commands and Scheme modules will also be taken from that latest | |
1047 | version. New @command{guix} sub-commands added by the update also | |
1048 | become available. | |
1049 | ||
1050 | The @command{guix pull} command is usually invoked with no arguments, | |
1051 | but it supports the following options: | |
1052 | ||
1053 | @table @code | |
1054 | @item --verbose | |
1055 | Produce verbose output, writing build logs to the standard error output. | |
1056 | ||
ab5d72ad LC |
1057 | @item --url=@var{url} |
1058 | Download the source tarball of Guix from @var{url}. | |
1059 | ||
1060 | By default, the tarball is taken from its canonical address at | |
1061 | @code{gnu.org}, for the stable branch of Guix. | |
1062 | ||
f651b477 LC |
1063 | @item --bootstrap |
1064 | Use the bootstrap Guile to build the latest Guix. This option is only | |
1065 | useful to Guix developers. | |
1066 | @end table | |
1067 | ||
760c60d6 LC |
1068 | |
1069 | @node Invoking guix archive | |
1070 | @section Invoking @command{guix archive} | |
1071 | ||
1072 | The @command{guix archive} command allows users to @dfn{export} files | |
1073 | from the store into a single archive, and to later @dfn{import} them. | |
1074 | In particular, it allows store files to be transferred from one machine | |
1075 | to another machine's store. For example, to transfer the @code{emacs} | |
1076 | package to a machine connected over SSH, one would run: | |
1077 | ||
1078 | @example | |
1079 | guix archive --export emacs | ssh the-machine guix archive --import | |
1080 | @end example | |
1081 | ||
87236aed LC |
1082 | @noindent |
1083 | However, note that, in this example, all of @code{emacs} and its | |
1084 | dependencies are transferred, regardless of what is already available in | |
1085 | the target machine's store. The @code{--missing} option can help figure | |
1086 | out which items are missing from the target's store. | |
1087 | ||
760c60d6 | 1088 | Archives are stored in the ``Nix archive'' or ``Nar'' format, which is |
0dbd88db LC |
1089 | comparable in spirit to `tar', but with a few noteworthy differences |
1090 | that make it more appropriate for our purposes. First, rather than | |
1091 | recording all Unix meta-data for each file, the Nar format only mentions | |
1092 | the file type (regular, directory, or symbolic link); Unix permissions | |
1093 | and owner/group are dismissed. Second, the order in which directory | |
1094 | entries are stored always follows the order of file names according to | |
1095 | the C locale collation order. This makes archive production fully | |
1096 | deterministic. | |
1097 | ||
1098 | When exporting, the daemon digitally signs the contents of the archive, | |
1099 | and that digital signature is appended. When importing, the daemon | |
1100 | verifies the signature and rejects the import in case of an invalid | |
1101 | signature or if the signing key is not authorized. | |
760c60d6 LC |
1102 | @c FIXME: Add xref to daemon doc about signatures. |
1103 | ||
1104 | The main options are: | |
1105 | ||
1106 | @table @code | |
1107 | @item --export | |
1108 | Export the specified store files or packages (see below.) Write the | |
1109 | resulting archive to the standard output. | |
1110 | ||
1111 | @item --import | |
1112 | Read an archive from the standard input, and import the files listed | |
1113 | therein into the store. Abort if the archive has an invalid digital | |
f82cc5fd LC |
1114 | signature, or if it is signed by a public key not among the authorized |
1115 | keys (see @code{--authorize} below.) | |
554f26ec | 1116 | |
87236aed LC |
1117 | @item --missing |
1118 | Read a list of store file names from the standard input, one per line, | |
1119 | and write on the standard output the subset of these files missing from | |
1120 | the store. | |
1121 | ||
554f26ec | 1122 | @item --generate-key[=@var{parameters}] |
f82cc5fd | 1123 | @cindex signing, archives |
554f26ec LC |
1124 | Generate a new key pair for the daemons. This is a prerequisite before |
1125 | archives can be exported with @code{--export}. Note that this operation | |
1126 | usually takes time, because it needs to gather enough entropy to | |
1127 | generate the key pair. | |
1128 | ||
1129 | The generated key pair is typically stored under @file{/etc/guix}, in | |
1130 | @file{signing-key.pub} (public key) and @file{signing-key.sec} (private | |
1131 | key, which must be kept secret.) When @var{parameters} is omitted, it | |
1132 | is a 4096-bit RSA key. Alternately, @var{parameters} can specify | |
1133 | @code{genkey} parameters suitable for Libgcrypt (@pxref{General | |
1134 | public-key related Functions, @code{gcry_pk_genkey},, gcrypt, The | |
1135 | Libgcrypt Reference Manual}). | |
f82cc5fd LC |
1136 | |
1137 | @item --authorize | |
1138 | @cindex authorizing, archives | |
1139 | Authorize imports signed by the public key passed on standard input. | |
1140 | The public key must be in ``s-expression advanced format''---i.e., the | |
1141 | same format as the @file{signing-key.pub} file. | |
1142 | ||
1143 | The list of authorized keys is kept in the human-editable file | |
1144 | @file{/etc/guix/acl}. The file contains | |
1145 | @url{http://people.csail.mit.edu/rivest/Sexp.txt, ``advanced-format | |
1146 | s-expressions''} and is structured as an access-control list in the | |
1147 | @url{http://theworld.com/~cme/spki.txt, Simple Public-Key Infrastructure | |
1148 | (SPKI)}. | |
760c60d6 LC |
1149 | @end table |
1150 | ||
1151 | To export store files as an archive to the standard output, run: | |
1152 | ||
1153 | @example | |
1154 | guix archive --export @var{options} @var{specifications}... | |
1155 | @end example | |
1156 | ||
1157 | @var{specifications} may be either store file names or package | |
1158 | specifications, as for @command{guix package} (@pxref{Invoking guix | |
1159 | package}). For instance, the following command creates an archive | |
1160 | containing the @code{gui} output of the @code{git} package and the main | |
1161 | output of @code{emacs}: | |
1162 | ||
1163 | @example | |
1164 | guix archive --export git:gui /nix/store/...-emacs-24.3 > great.nar | |
1165 | @end example | |
1166 | ||
1167 | If the specified packages are not built yet, @command{guix archive} | |
1168 | automatically builds them. The build process may be controlled with the | |
1169 | same options that can be passed to the @command{guix build} command | |
70ee5642 | 1170 | (@pxref{Invoking guix build, common build options}). |
760c60d6 LC |
1171 | |
1172 | ||
568717fd LC |
1173 | @c ********************************************************************* |
1174 | @node Programming Interface | |
1175 | @chapter Programming Interface | |
1176 | ||
3dc1970d LC |
1177 | GNU Guix provides several Scheme programming interfaces (APIs) to |
1178 | define, build, and query packages. The first interface allows users to | |
1179 | write high-level package definitions. These definitions refer to | |
1180 | familiar packaging concepts, such as the name and version of a package, | |
1181 | its build system, and its dependencies. These definitions can then be | |
1182 | turned into concrete build actions. | |
1183 | ||
ba55b1cb | 1184 | Build actions are performed by the Guix daemon, on behalf of users. In a |
3dc1970d LC |
1185 | standard setup, the daemon has write access to the store---the |
1186 | @file{/nix/store} directory---whereas users do not. The recommended | |
1187 | setup also has the daemon perform builds in chroots, under a specific | |
1188 | build users, to minimize interference with the rest of the system. | |
1189 | ||
1190 | @cindex derivation | |
1191 | Lower-level APIs are available to interact with the daemon and the | |
1192 | store. To instruct the daemon to perform a build action, users actually | |
1193 | provide it with a @dfn{derivation}. A derivation is a low-level | |
1194 | representation of the build actions to be taken, and the environment in | |
1195 | which they should occur---derivations are to package definitions what | |
1196 | assembly is to C programs. | |
1197 | ||
1198 | This chapter describes all these APIs in turn, starting from high-level | |
1199 | package definitions. | |
1200 | ||
568717fd | 1201 | @menu |
b860f382 LC |
1202 | * Defining Packages:: Defining new packages. |
1203 | * The Store:: Manipulating the package store. | |
1204 | * Derivations:: Low-level interface to package derivations. | |
1205 | * The Store Monad:: Purely functional interface to the store. | |
568717fd LC |
1206 | @end menu |
1207 | ||
1208 | @node Defining Packages | |
1209 | @section Defining Packages | |
1210 | ||
3dc1970d LC |
1211 | The high-level interface to package definitions is implemented in the |
1212 | @code{(guix packages)} and @code{(guix build-system)} modules. As an | |
1213 | example, the package definition, or @dfn{recipe}, for the GNU Hello | |
1214 | package looks like this: | |
1215 | ||
1216 | @example | |
e7f34eb0 LC |
1217 | (define-module (gnu packages hello) |
1218 | #:use-module (guix packages) | |
1219 | #:use-module (guix download) | |
1220 | #:use-module (guix build-system gnu) | |
1221 | #:use-module (guix licenses)) | |
b22a12fd | 1222 | |
3dc1970d LC |
1223 | (define hello |
1224 | (package | |
1225 | (name "hello") | |
1226 | (version "2.8") | |
1227 | (source (origin | |
1228 | (method url-fetch) | |
1229 | (uri (string-append "mirror://gnu/hello/hello-" version | |
1230 | ".tar.gz")) | |
1231 | (sha256 | |
1232 | (base32 "0wqd8sjmxfskrflaxywc7gqw7sfawrfvdxd9skxawzfgyy0pzdz6")))) | |
1233 | (build-system gnu-build-system) | |
1234 | (inputs `(("gawk" ,gawk))) | |
1235 | (synopsis "GNU Hello") | |
1236 | (description "Yeah...") | |
1237 | (home-page "http://www.gnu.org/software/hello/") | |
b22a12fd | 1238 | (license gpl3+))) |
3dc1970d LC |
1239 | @end example |
1240 | ||
1241 | @noindent | |
1242 | Without being a Scheme expert, the reader may have guessed the meaning | |
e7f34eb0 | 1243 | of the various fields here. This expression binds variable @code{hello} |
3dc1970d LC |
1244 | to a @code{<package>} object, which is essentially a record |
1245 | (@pxref{SRFI-9, Scheme records,, guile, GNU Guile Reference Manual}). | |
1246 | This package object can be inspected using procedures found in the | |
1247 | @code{(guix packages)} module; for instance, @code{(package-name hello)} | |
1248 | returns---surprise!---@code{"hello"}. | |
1249 | ||
e7f34eb0 LC |
1250 | In the example above, @var{hello} is defined into a module of its own, |
1251 | @code{(gnu packages hello)}. Technically, this is not strictly | |
1252 | necessary, but it is convenient to do so: all the packages defined in | |
1253 | modules under @code{(gnu packages @dots{})} are automatically known to | |
1254 | the command-line tools (@pxref{Package Modules}). | |
1255 | ||
3dc1970d LC |
1256 | There are a few points worth noting in the above package definition: |
1257 | ||
1258 | @itemize | |
1259 | @item | |
1260 | The @code{source} field of the package is an @code{<origin>} object. | |
1261 | Here, the @code{url-fetch} method from @code{(guix download)} is used, | |
1262 | meaning that the source is a file to be downloaded over FTP or HTTP. | |
1263 | ||
1264 | The @code{mirror://gnu} prefix instructs @code{url-fetch} to use one of | |
1265 | the GNU mirrors defined in @code{(guix download)}. | |
1266 | ||
1267 | The @code{sha256} field specifies the expected SHA256 hash of the file | |
1268 | being downloaded. It is mandatory, and allows Guix to check the | |
1269 | integrity of the file. The @code{(base32 @dots{})} form introduces the | |
6c365eca | 1270 | base32 representation of the hash. You can obtain this information with |
210cc920 LC |
1271 | @code{guix download} (@pxref{Invoking guix download}) and @code{guix |
1272 | hash} (@pxref{Invoking guix hash}). | |
3dc1970d | 1273 | |
f9cc8971 LC |
1274 | @cindex patches |
1275 | When needed, the @code{origin} form can also have a @code{patches} field | |
1276 | listing patches to be applied, and a @code{snippet} field giving a | |
1277 | Scheme expression to modify the source code. | |
1278 | ||
3dc1970d LC |
1279 | @item |
1280 | @cindex GNU Build System | |
1281 | The @code{build-system} field is set to @var{gnu-build-system}. The | |
1282 | @var{gnu-build-system} variable is defined in the @code{(guix | |
1283 | build-system gnu)} module, and is bound to a @code{<build-system>} | |
1284 | object. | |
1285 | ||
1286 | Naturally, @var{gnu-build-system} represents the familiar GNU Build | |
1287 | System, and variants thereof (@pxref{Configuration, configuration and | |
1288 | makefile conventions,, standards, GNU Coding Standards}). In a | |
ba55b1cb | 1289 | nutshell, packages using the GNU Build System may be configured, built, |
3dc1970d LC |
1290 | and installed with the usual @code{./configure && make && make check && |
1291 | make install} command sequence. This is what @var{gnu-build-system} | |
1292 | does. | |
1293 | ||
1294 | In addition, @var{gnu-build-system} ensures that the ``standard'' | |
1295 | environment for GNU packages is available. This includes tools such as | |
1296 | GCC, Coreutils, Bash, Make, Diffutils, and Patch. | |
1297 | ||
1298 | @item | |
1299 | The @code{inputs} field specifies inputs to the build process---i.e., | |
1300 | build-time or run-time dependencies of the package. Here, we define an | |
1301 | input called @code{"gawk"} whose value is that of the @var{gawk} | |
1302 | variable; @var{gawk} is itself bound to a @code{<package>} object. | |
1303 | ||
1304 | Note that GCC, Coreutils, Bash, and other essential tools do not need to | |
1305 | be specified as inputs here. Instead, @var{gnu-build-system} takes care | |
1306 | of ensuring that they are present. | |
1307 | ||
1308 | However, any other dependencies need to be specified in the | |
1309 | @code{inputs} field. Any dependency not specified here will simply be | |
1310 | unavailable to the build process, possibly leading to a build failure. | |
1311 | @end itemize | |
1312 | ||
1313 | There are other fields that package definitions may provide. Of | |
1314 | particular interest is the @code{arguments} field. When specified, it | |
1315 | must be bound to a list of additional arguments to be passed to the | |
1316 | build system. For instance, the above definition could be augmented | |
1317 | with the following field initializer: | |
1318 | ||
1319 | @example | |
1320 | (arguments `(#:tests? #f | |
1321 | #:configure-flags '("--enable-silent-rules"))) | |
1322 | @end example | |
1323 | ||
1324 | @noindent | |
1325 | These are keyword arguments (@pxref{Optional Arguments, keyword | |
1326 | arguments in Guile,, guile, GNU Guile Reference Manual}). They are | |
1327 | passed to @var{gnu-build-system}, which interprets them as meaning ``do | |
1328 | not run @code{make check}'', and ``run @file{configure} with the | |
874e6874 LC |
1329 | @code{--enable-silent-rules} flag''. The value of these keyword |
1330 | parameters is actually evaluated in the @dfn{build stratum}---i.e., by a | |
1331 | Guile process launched by the daemon (@pxref{Derivations}). | |
3dc1970d LC |
1332 | |
1333 | Once a package definition is in place@footnote{Simple package | |
1334 | definitions like the one above may be automatically converted from the | |
e49951eb MW |
1335 | Nixpkgs distribution using the @command{guix import} command.}, the |
1336 | package may actually be built using the @code{guix build} command-line | |
37166310 LC |
1337 | tool (@pxref{Invoking guix build}). Eventually, updating the package |
1338 | definition to a new upstream version can be partly automated by the | |
1339 | @command{guix refresh} command (@pxref{Invoking guix refresh}). | |
3dc1970d LC |
1340 | |
1341 | Behind the scenes, a derivation corresponding to the @code{<package>} | |
1342 | object is first computed by the @code{package-derivation} procedure. | |
1343 | That derivation is stored in a @code{.drv} file under @file{/nix/store}. | |
ba55b1cb | 1344 | The build actions it prescribes may then be realized by using the |
3dc1970d LC |
1345 | @code{build-derivations} procedure (@pxref{The Store}). |
1346 | ||
1347 | @deffn {Scheme Procedure} package-derivation @var{store} @var{package} [@var{system}] | |
59688fc4 LC |
1348 | Return the @code{<derivation>} object of @var{package} for @var{system} |
1349 | (@pxref{Derivations}). | |
3dc1970d LC |
1350 | |
1351 | @var{package} must be a valid @code{<package>} object, and @var{system} | |
1352 | must be a string denoting the target system type---e.g., | |
1353 | @code{"x86_64-linux"} for an x86_64 Linux-based GNU system. @var{store} | |
1354 | must be a connection to the daemon, which operates on the store | |
1355 | (@pxref{The Store}). | |
1356 | @end deffn | |
568717fd | 1357 | |
9c1edabd LC |
1358 | @noindent |
1359 | @cindex cross-compilation | |
1360 | Similarly, it is possible to compute a derivation that cross-builds a | |
1361 | package for some other system: | |
1362 | ||
1363 | @deffn {Scheme Procedure} package-cross-derivation @var{store} @ | |
1364 | @var{package} @var{target} [@var{system}] | |
59688fc4 LC |
1365 | Return the @code{<derivation>} object of @var{package} cross-built from |
1366 | @var{system} to @var{target}. | |
9c1edabd LC |
1367 | |
1368 | @var{target} must be a valid GNU triplet denoting the target hardware | |
1369 | and operating system, such as @code{"mips64el-linux-gnu"} | |
1370 | (@pxref{Configuration Names, GNU configuration triplets,, configure, GNU | |
1371 | Configure and Build System}). | |
1372 | @end deffn | |
1373 | ||
1374 | ||
568717fd LC |
1375 | @node The Store |
1376 | @section The Store | |
1377 | ||
e531ac2a LC |
1378 | @cindex store |
1379 | @cindex store paths | |
1380 | ||
1381 | Conceptually, the @dfn{store} is where derivations that have been | |
1382 | successfully built are stored---by default, under @file{/nix/store}. | |
1383 | Sub-directories in the store are referred to as @dfn{store paths}. The | |
1384 | store has an associated database that contains information such has the | |
1385 | store paths referred to by each store path, and the list of @emph{valid} | |
1386 | store paths---paths that result from a successful build. | |
1387 | ||
1388 | The store is always accessed by the daemon on behalf of its clients | |
1389 | (@pxref{Invoking guix-daemon}). To manipulate the store, clients | |
1390 | connect to the daemon over a Unix-domain socket, send it requests, and | |
1391 | read the result---these are remote procedure calls, or RPCs. | |
1392 | ||
1393 | The @code{(guix store)} module provides procedures to connect to the | |
1394 | daemon, and to perform RPCs. These are described below. | |
1395 | ||
1396 | @deffn {Scheme Procedure} open-connection [@var{file}] [#:reserve-space? #t] | |
1397 | Connect to the daemon over the Unix-domain socket at @var{file}. When | |
1398 | @var{reserve-space?} is true, instruct it to reserve a little bit of | |
1399 | extra space on the file system so that the garbage collector can still | |
1400 | operate, should the disk become full. Return a server object. | |
1401 | ||
1402 | @var{file} defaults to @var{%default-socket-path}, which is the normal | |
1403 | location given the options that were passed to @command{configure}. | |
1404 | @end deffn | |
1405 | ||
1406 | @deffn {Scheme Procedure} close-connection @var{server} | |
1407 | Close the connection to @var{server}. | |
1408 | @end deffn | |
1409 | ||
1410 | @defvr {Scheme Variable} current-build-output-port | |
1411 | This variable is bound to a SRFI-39 parameter, which refers to the port | |
1412 | where build and error logs sent by the daemon should be written. | |
1413 | @end defvr | |
1414 | ||
1415 | Procedures that make RPCs all take a server object as their first | |
1416 | argument. | |
1417 | ||
1418 | @deffn {Scheme Procedure} valid-path? @var{server} @var{path} | |
1419 | Return @code{#t} when @var{path} is a valid store path. | |
1420 | @end deffn | |
1421 | ||
cfbf9160 | 1422 | @deffn {Scheme Procedure} add-text-to-store @var{server} @var{name} @var{text} [@var{references}] |
e531ac2a LC |
1423 | Add @var{text} under file @var{name} in the store, and return its store |
1424 | path. @var{references} is the list of store paths referred to by the | |
1425 | resulting store path. | |
1426 | @end deffn | |
1427 | ||
874e6874 | 1428 | @deffn {Scheme Procedure} build-derivations @var{server} @var{derivations} |
59688fc4 LC |
1429 | Build @var{derivations} (a list of @code{<derivation>} objects or |
1430 | derivation paths), and return when the worker is done building them. | |
1431 | Return @code{#t} on success. | |
874e6874 LC |
1432 | @end deffn |
1433 | ||
b860f382 LC |
1434 | Note that the @code{(guix monads)} module provides a monad as well as |
1435 | monadic versions of the above procedures, with the goal of making it | |
1436 | more convenient to work with code that accesses the store (@pxref{The | |
1437 | Store Monad}). | |
1438 | ||
e531ac2a LC |
1439 | @c FIXME |
1440 | @i{This section is currently incomplete.} | |
568717fd LC |
1441 | |
1442 | @node Derivations | |
1443 | @section Derivations | |
1444 | ||
874e6874 LC |
1445 | @cindex derivations |
1446 | Low-level build actions and the environment in which they are performed | |
1447 | are represented by @dfn{derivations}. A derivation contain the | |
1448 | following pieces of information: | |
1449 | ||
1450 | @itemize | |
1451 | @item | |
1452 | The outputs of the derivation---derivations produce at least one file or | |
1453 | directory in the store, but may produce more. | |
1454 | ||
1455 | @item | |
1456 | The inputs of the derivations, which may be other derivations or plain | |
1457 | files in the store (patches, build scripts, etc.) | |
1458 | ||
1459 | @item | |
1460 | The system type targeted by the derivation---e.g., @code{x86_64-linux}. | |
1461 | ||
1462 | @item | |
1463 | The file name of a build script in the store, along with the arguments | |
1464 | to be passed. | |
1465 | ||
1466 | @item | |
1467 | A list of environment variables to be defined. | |
1468 | ||
1469 | @end itemize | |
1470 | ||
1471 | @cindex derivation path | |
1472 | Derivations allow clients of the daemon to communicate build actions to | |
1473 | the store. They exist in two forms: as an in-memory representation, | |
1474 | both on the client- and daemon-side, and as files in the store whose | |
1475 | name end in @code{.drv}---these files are referred to as @dfn{derivation | |
1476 | paths}. Derivations paths can be passed to the @code{build-derivations} | |
1477 | procedure to perform the build actions they prescribe (@pxref{The | |
1478 | Store}). | |
1479 | ||
1480 | The @code{(guix derivations)} module provides a representation of | |
1481 | derivations as Scheme objects, along with procedures to create and | |
1482 | otherwise manipulate derivations. The lowest-level primitive to create | |
1483 | a derivation is the @code{derivation} procedure: | |
1484 | ||
1909431c LC |
1485 | @deffn {Scheme Procedure} derivation @var{store} @var{name} @var{builder} @ |
1486 | @var{args} [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
2096ef47 | 1487 | [#:recursive? #f] [#:inputs '()] [#:env-vars '()] @ |
1909431c LC |
1488 | [#:system (%current-system)] [#:references-graphs #f] @ |
1489 | [#:local-build? #f] | |
59688fc4 LC |
1490 | Build a derivation with the given arguments, and return the resulting |
1491 | @code{<derivation>} object. | |
874e6874 | 1492 | |
2096ef47 | 1493 | When @var{hash} and @var{hash-algo} are given, a |
874e6874 | 1494 | @dfn{fixed-output derivation} is created---i.e., one whose result is |
36bbbbd1 LC |
1495 | known in advance, such as a file download. If, in addition, |
1496 | @var{recursive?} is true, then that fixed output may be an executable | |
1497 | file or a directory and @var{hash} must be the hash of an archive | |
1498 | containing this output. | |
5b0c9d16 | 1499 | |
858e9282 | 1500 | When @var{references-graphs} is true, it must be a list of file |
5b0c9d16 LC |
1501 | name/store path pairs. In that case, the reference graph of each store |
1502 | path is exported in the build environment in the corresponding file, in | |
1503 | a simple text format. | |
1909431c LC |
1504 | |
1505 | When @var{local-build?} is true, declare that the derivation is not a | |
1506 | good candidate for offloading and should rather be built locally | |
1507 | (@pxref{Daemon Offload Setup}). This is the case for small derivations | |
1508 | where the costs of data transfers would outweigh the benefits. | |
874e6874 LC |
1509 | @end deffn |
1510 | ||
1511 | @noindent | |
1512 | Here's an example with a shell script as its builder, assuming | |
1513 | @var{store} is an open connection to the daemon, and @var{bash} points | |
1514 | to a Bash executable in the store: | |
1515 | ||
1516 | @lisp | |
1517 | (use-modules (guix utils) | |
1518 | (guix store) | |
1519 | (guix derivations)) | |
1520 | ||
59688fc4 LC |
1521 | (let ((builder ; add the Bash script to the store |
1522 | (add-text-to-store store "my-builder.sh" | |
1523 | "echo hello world > $out\n" '()))) | |
1524 | (derivation store "foo" | |
1525 | bash `("-e" ,builder) | |
1526 | #:env-vars '(("HOME" . "/homeless")))) | |
1527 | @result{} #<derivation /nix/store/@dots{}-foo.drv => /nix/store/@dots{}-foo> | |
874e6874 LC |
1528 | @end lisp |
1529 | ||
1530 | As can be guessed, this primitive is cumbersome to use directly. An | |
1531 | improved variant is @code{build-expression->derivation}, which allows | |
1532 | the caller to directly pass a Guile expression as the build script: | |
1533 | ||
dd1a5a15 LC |
1534 | @deffn {Scheme Procedure} build-expression->derivation @var{store} @ |
1535 | @var{name} @var{exp} @ | |
1536 | [#:system (%current-system)] [#:inputs '()] @ | |
1537 | [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
36bbbbd1 | 1538 | [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ |
1909431c | 1539 | [#:references-graphs #f] [#:local-build? #f] [#:guile-for-build #f] |
874e6874 LC |
1540 | Return a derivation that executes Scheme expression @var{exp} as a |
1541 | builder for derivation @var{name}. @var{inputs} must be a list of | |
1542 | @code{(name drv-path sub-drv)} tuples; when @var{sub-drv} is omitted, | |
1543 | @code{"out"} is assumed. @var{modules} is a list of names of Guile | |
1544 | modules from the current search path to be copied in the store, | |
1545 | compiled, and made available in the load path during the execution of | |
1546 | @var{exp}---e.g., @code{((guix build utils) (guix build | |
1547 | gnu-build-system))}. | |
1548 | ||
1549 | @var{exp} is evaluated in an environment where @code{%outputs} is bound | |
1550 | to a list of output/path pairs, and where @code{%build-inputs} is bound | |
1551 | to a list of string/output-path pairs made from @var{inputs}. | |
1552 | Optionally, @var{env-vars} is a list of string pairs specifying the name | |
1553 | and value of environment variables visible to the builder. The builder | |
1554 | terminates by passing the result of @var{exp} to @code{exit}; thus, when | |
1555 | @var{exp} returns @code{#f}, the build is considered to have failed. | |
1556 | ||
1557 | @var{exp} is built using @var{guile-for-build} (a derivation). When | |
1558 | @var{guile-for-build} is omitted or is @code{#f}, the value of the | |
1559 | @code{%guile-for-build} fluid is used instead. | |
9c629a27 | 1560 | |
1909431c LC |
1561 | See the @code{derivation} procedure for the meaning of @var{references-graphs} |
1562 | and @var{local-build?}. | |
874e6874 LC |
1563 | @end deffn |
1564 | ||
1565 | @noindent | |
1566 | Here's an example of a single-output derivation that creates a directory | |
1567 | containing one file: | |
1568 | ||
1569 | @lisp | |
1570 | (let ((builder '(let ((out (assoc-ref %outputs "out"))) | |
1571 | (mkdir out) ; create /nix/store/@dots{}-goo | |
1572 | (call-with-output-file (string-append out "/test") | |
1573 | (lambda (p) | |
1574 | (display '(hello guix) p)))))) | |
dd1a5a15 | 1575 | (build-expression->derivation store "goo" builder)) |
874e6874 | 1576 | |
59688fc4 | 1577 | @result{} #<derivation /nix/store/@dots{}-goo.drv => @dots{}> |
874e6874 LC |
1578 | @end lisp |
1579 | ||
1580 | @cindex strata of code | |
1581 | Remember that the build expression passed to | |
1582 | @code{build-expression->derivation} is run by a separate Guile process | |
1583 | than the one that calls @code{build-expression->derivation}: it is run | |
1584 | by a Guile process launched by the daemon, typically in a chroot. So, | |
1585 | while there is a single language for both the @dfn{host} and the build | |
1586 | side, there are really two @dfn{strata} of code: the host-side, and the | |
1587 | build-side code@footnote{The term @dfn{stratum} in this context was | |
1588 | coined by Manuel Serrano et al. in the context of their work on Hop.}. | |
1589 | This distinction is important to keep in mind, notably when using | |
1590 | higher-level constructs such as @var{gnu-build-system} (@pxref{Defining | |
1591 | Packages}). For this reason, Guix modules that are meant to be used in | |
1592 | the build stratum are kept in the @code{(guix build @dots{})} name | |
1593 | space. | |
568717fd | 1594 | |
b860f382 LC |
1595 | @node The Store Monad |
1596 | @section The Store Monad | |
1597 | ||
1598 | @cindex monad | |
1599 | ||
1600 | The procedures that operate on the store described in the previous | |
1601 | sections all take an open connection to the build daemon as their first | |
1602 | argument. Although the underlying model is functional, they either have | |
1603 | side effects or depend on the current state of the store. | |
1604 | ||
1605 | The former is inconvenient: the connection to the build daemon has to be | |
1606 | carried around in all those functions, making it impossible to compose | |
1607 | functions that do not take that parameter with functions that do. The | |
1608 | latter can be problematic: since store operations have side effects | |
1609 | and/or depend on external state, they have to be properly sequenced. | |
1610 | ||
1611 | @cindex monadic values | |
1612 | @cindex monadic functions | |
1613 | This is where the @code{(guix monads)} module comes in. This module | |
1614 | provides a framework for working with @dfn{monads}, and a particularly | |
1615 | useful monad for our uses, the @dfn{store monad}. Monads are a | |
1616 | construct that allows two things: associating ``context'' with values | |
1617 | (in our case, the context is the store), and building sequences of | |
1618 | computations (here computations includes accesses to the store.) Values | |
1619 | in a monad---values that carry this additional context---are called | |
1620 | @dfn{monadic values}; procedures that return such values are called | |
1621 | @dfn{monadic procedures}. | |
1622 | ||
1623 | Consider this ``normal'' procedure: | |
1624 | ||
1625 | @example | |
45adbd62 LC |
1626 | (define (sh-symlink store) |
1627 | ;; Return a derivation that symlinks the 'bash' executable. | |
1628 | (let* ((drv (package-derivation store bash)) | |
1629 | (out (derivation->output-path drv)) | |
1630 | (sh (string-append out "/bin/bash"))) | |
1631 | (build-expression->derivation store "sh" | |
1632 | `(symlink ,sh %output)))) | |
b860f382 LC |
1633 | @end example |
1634 | ||
1635 | Using @code{(guix monads)}, it may be rewritten as a monadic function: | |
1636 | ||
1637 | @example | |
45adbd62 | 1638 | (define (sh-symlink) |
b860f382 | 1639 | ;; Same, but return a monadic value. |
45adbd62 LC |
1640 | (mlet %store-monad ((sh (package-file bash "bin"))) |
1641 | (derivation-expression "sh" `(symlink ,sh %output)))) | |
b860f382 LC |
1642 | @end example |
1643 | ||
1644 | There are two things to note in the second version: the @code{store} | |
1645 | parameter is now implicit, and the monadic value returned by | |
1646 | @code{package-file}---a wrapper around @code{package-derivation} and | |
1647 | @code{derivation->output-path}---is @dfn{bound} using @code{mlet} | |
1648 | instead of plain @code{let}. | |
1649 | ||
1650 | Calling the monadic @code{profile.sh} has no effect. To get the desired | |
1651 | effect, one must use @code{run-with-store}: | |
1652 | ||
1653 | @example | |
1654 | (run-with-store (open-connection) (profile.sh)) | |
1655 | @result{} /nix/store/...-profile.sh | |
1656 | @end example | |
1657 | ||
1658 | The main syntactic forms to deal with monads in general are described | |
1659 | below. | |
1660 | ||
1661 | @deffn {Scheme Syntax} with-monad @var{monad} @var{body} ... | |
1662 | Evaluate any @code{>>=} or @code{return} forms in @var{body} as being | |
1663 | in @var{monad}. | |
1664 | @end deffn | |
1665 | ||
1666 | @deffn {Scheme Syntax} return @var{val} | |
1667 | Return a monadic value that encapsulates @var{val}. | |
1668 | @end deffn | |
1669 | ||
1670 | @deffn {Scheme Syntax} >>= @var{mval} @var{mproc} | |
1671 | @dfn{Bind} monadic value @var{mval}, passing its ``contents'' to monadic | |
1672 | procedure @var{mproc}@footnote{This operation is commonly referred to as | |
1673 | ``bind'', but that name denotes an unrelated procedure in Guile. Thus | |
1674 | we use this somewhat cryptic symbol inherited from the Haskell | |
1675 | language.}. | |
1676 | @end deffn | |
1677 | ||
1678 | @deffn {Scheme Syntax} mlet @var{monad} ((@var{var} @var{mval}) ...) @ | |
1679 | @var{body} ... | |
1680 | @deffnx {Scheme Syntax} mlet* @var{monad} ((@var{var} @var{mval}) ...) @ | |
1681 | @var{body} ... | |
1682 | Bind the variables @var{var} to the monadic values @var{mval} in | |
1683 | @var{body}. The form (@var{var} -> @var{val}) binds @var{var} to the | |
1684 | ``normal'' value @var{val}, as per @code{let}. | |
1685 | ||
1686 | @code{mlet*} is to @code{mlet} what @code{let*} is to @code{let} | |
1687 | (@pxref{Local Bindings,,, guile, GNU Guile Reference Manual}). | |
1688 | @end deffn | |
1689 | ||
1690 | The interface to the store monad provided by @code{(guix monads)} is as | |
1691 | follows. | |
1692 | ||
1693 | @defvr {Scheme Variable} %store-monad | |
1694 | The store monad. Values in the store monad encapsulate accesses to the | |
1695 | store. When its effect is needed, a value of the store monad must be | |
1696 | ``evaluated'' by passing it to the @code{run-with-store} procedure (see | |
1697 | below.) | |
1698 | @end defvr | |
1699 | ||
1700 | @deffn {Scheme Procedure} run-with-store @var{store} @var{mval} [#:guile-for-build] [#:system (%current-system)] | |
1701 | Run @var{mval}, a monadic value in the store monad, in @var{store}, an | |
1702 | open store connection. | |
1703 | @end deffn | |
1704 | ||
1705 | @deffn {Monadic Procedure} text-file @var{name} @var{text} | |
1706 | Return as a monadic value the absolute file name in the store of the file | |
45adbd62 LC |
1707 | containing @var{text}, a string. |
1708 | @end deffn | |
1709 | ||
1710 | @deffn {Monadic Procedure} text-file* @var{name} @var{text} @dots{} | |
1711 | Return as a monadic value a derivation that builds a text file | |
1712 | containing all of @var{text}. @var{text} may list, in addition to | |
1713 | strings, packages, derivations, and store file names; the resulting | |
1714 | store file holds references to all these. | |
1715 | ||
1716 | This variant should be preferred over @code{text-file} anytime the file | |
1717 | to create will reference items from the store. This is typically the | |
1718 | case when building a configuration file that embeds store file names, | |
1719 | like this: | |
1720 | ||
1721 | @example | |
1722 | (define (profile.sh) | |
1723 | ;; Return the name of a shell script in the store that | |
1724 | ;; initializes the 'PATH' environment variable. | |
1725 | (text-file* "profile.sh" | |
1726 | "export PATH=" coreutils "/bin:" | |
1727 | grep "/bin:" sed "/bin\n")) | |
1728 | @end example | |
1729 | ||
1730 | In this example, the resulting @file{/nix/store/@dots{}-profile.sh} file | |
1731 | will references @var{coreutils}, @var{grep}, and @var{sed}, thereby | |
1732 | preventing them from being garbage-collected during its lifetime. | |
b860f382 LC |
1733 | @end deffn |
1734 | ||
1735 | @deffn {Monadic Procedure} package-file @var{package} [@var{file}] @ | |
1736 | [#:system (%current-system)] [#:output "out"] Return as a monadic | |
1737 | value in the absolute file name of @var{file} within the @var{output} | |
1738 | directory of @var{package}. When @var{file} is omitted, return the name | |
1739 | of the @var{output} directory of @var{package}. | |
1740 | @end deffn | |
1741 | ||
dd1a5a15 LC |
1742 | @deffn {Monadic Procedure} derivation-expression @var{name} @var{exp} @ |
1743 | [#:system (%current-system)] [#:inputs '()] @ | |
1744 | [#:outputs '("out")] [#:hash #f] @ | |
b860f382 LC |
1745 | [#:hash-algo #f] [#:env-vars '()] [#:modules '()] @ |
1746 | [#:references-graphs #f] [#:guile-for-build #f] | |
1747 | Monadic version of @code{build-expression->derivation} | |
1748 | (@pxref{Derivations}). | |
1749 | @end deffn | |
1750 | ||
1751 | @deffn {Monadic Procedure} package->derivation @var{package} [@var{system}] | |
1752 | Monadic version of @code{package-derivation} (@pxref{Defining | |
1753 | Packages}). | |
1754 | @end deffn | |
1755 | ||
1756 | ||
568717fd LC |
1757 | @c ********************************************************************* |
1758 | @node Utilities | |
1759 | @chapter Utilities | |
1760 | ||
210cc920 LC |
1761 | This section describes tools primarily targeted at developers and users |
1762 | who write new package definitions. They complement the Scheme | |
1763 | programming interface of Guix in a convenient way. | |
1764 | ||
568717fd | 1765 | @menu |
37166310 | 1766 | * Invoking guix build:: Building packages from the command line. |
210cc920 | 1767 | * Invoking guix download:: Downloading a file and printing its hash. |
37166310 LC |
1768 | * Invoking guix hash:: Computing the cryptographic hash of a file. |
1769 | * Invoking guix refresh:: Updating package definitions. | |
568717fd LC |
1770 | @end menu |
1771 | ||
e49951eb MW |
1772 | @node Invoking guix build |
1773 | @section Invoking @command{guix build} | |
568717fd | 1774 | |
e49951eb | 1775 | The @command{guix build} command builds packages or derivations and |
6798a8e4 LC |
1776 | their dependencies, and prints the resulting store paths. Note that it |
1777 | does not modify the user's profile---this is the job of the | |
e49951eb | 1778 | @command{guix package} command (@pxref{Invoking guix package}). Thus, |
6798a8e4 LC |
1779 | it is mainly useful for distribution developers. |
1780 | ||
1781 | The general syntax is: | |
c78bd12b LC |
1782 | |
1783 | @example | |
e49951eb | 1784 | guix build @var{options} @var{package-or-derivation}@dots{} |
c78bd12b LC |
1785 | @end example |
1786 | ||
1787 | @var{package-or-derivation} may be either the name of a package found in | |
5401dd75 LC |
1788 | the software distribution such as @code{coreutils} or |
1789 | @code{coreutils-8.20}, or a derivation such as | |
e7f34eb0 LC |
1790 | @file{/nix/store/@dots{}-coreutils-8.19.drv}. In the former case, a |
1791 | package with the corresponding name (and optionally version) is searched | |
1792 | for among the GNU distribution modules (@pxref{Package Modules}). | |
1793 | ||
1794 | Alternatively, the @code{--expression} option may be used to specify a | |
1795 | Scheme expression that evaluates to a package; this is useful when | |
1796 | disambiguation among several same-named packages or package variants is | |
1797 | needed. | |
c78bd12b LC |
1798 | |
1799 | The @var{options} may be zero or more of the following: | |
1800 | ||
1801 | @table @code | |
1802 | ||
1803 | @item --expression=@var{expr} | |
1804 | @itemx -e @var{expr} | |
ac5de156 | 1805 | Build the package or derivation @var{expr} evaluates to. |
c78bd12b | 1806 | |
5401dd75 | 1807 | For example, @var{expr} may be @code{(@@ (gnu packages guile) |
c78bd12b LC |
1808 | guile-1.8)}, which unambiguously designates this specific variant of |
1809 | version 1.8 of Guile. | |
1810 | ||
ac5de156 LC |
1811 | Alternately, @var{expr} may refer to a zero-argument monadic procedure |
1812 | (@pxref{The Store Monad}). The procedure must return a derivation as a | |
1813 | monadic value, which is then passed through @code{run-with-store}. | |
1814 | ||
c78bd12b LC |
1815 | @item --source |
1816 | @itemx -S | |
1817 | Build the packages' source derivations, rather than the packages | |
1818 | themselves. | |
1819 | ||
e49951eb | 1820 | For instance, @code{guix build -S gcc} returns something like |
6798a8e4 | 1821 | @file{/nix/store/@dots{}-gcc-4.7.2.tar.bz2}, which is GCC's source tarball. |
c78bd12b | 1822 | |
f9cc8971 LC |
1823 | The returned source tarball is the result of applying any patches and |
1824 | code snippets specified in the package's @code{origin} (@pxref{Defining | |
1825 | Packages}). | |
1826 | ||
c78bd12b LC |
1827 | @item --system=@var{system} |
1828 | @itemx -s @var{system} | |
1829 | Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of | |
1830 | the host's system type. | |
1831 | ||
1832 | An example use of this is on Linux-based systems, which can emulate | |
1833 | different personalities. For instance, passing | |
1834 | @code{--system=i686-linux} on an @code{x86_64-linux} system allows users | |
1835 | to build packages in a complete 32-bit environment. | |
1836 | ||
e55ec43d LC |
1837 | @item --target=@var{triplet} |
1838 | @cindex cross-compilation | |
1839 | Cross-build for @var{triplet}, which must be a valid GNU triplet, such | |
1840 | as @code{"mips64el-linux-gnu"} (@pxref{Configuration Names, GNU | |
1841 | configuration triplets,, configure, GNU Configure and Build System}). | |
1842 | ||
c78bd12b LC |
1843 | @item --derivations |
1844 | @itemx -d | |
1845 | Return the derivation paths, not the output paths, of the given | |
1846 | packages. | |
1847 | ||
70ee5642 LC |
1848 | @item --root=@var{file} |
1849 | @itemx -r @var{file} | |
1850 | Make @var{file} a symlink to the result, and register it as a garbage | |
1851 | collector root. | |
1852 | ||
1853 | @item --log-file | |
1854 | Return the build log file names for the given | |
1855 | @var{package-or-derivation}s, or raise an error if build logs are | |
1856 | missing. | |
1857 | ||
1858 | This works regardless of how packages or derivations are specified. For | |
1859 | instance, the following invocations are equivalent: | |
1860 | ||
1861 | @example | |
1862 | guix build --log-file `guix build -d guile` | |
1863 | guix build --log-file `guix build guile` | |
1864 | guix build --log-file guile | |
1865 | guix build --log-file -e '(@@ (gnu packages guile) guile-2.0)' | |
1866 | @end example | |
1867 | ||
1868 | ||
1869 | @end table | |
1870 | ||
1871 | @cindex common build options | |
1872 | In addition, a number of options that control the build process are | |
1873 | common to @command{guix build} and other commands that can spawn builds, | |
1874 | such as @command{guix package} or @command{guix archive}. These are the | |
1875 | following: | |
1876 | ||
1877 | @table @code | |
1878 | ||
c78bd12b LC |
1879 | @item --keep-failed |
1880 | @itemx -K | |
1881 | Keep the build tree of failed builds. Thus, if a build fail, its build | |
1882 | tree is kept under @file{/tmp}, in a directory whose name is shown at | |
1883 | the end of the build log. This is useful when debugging build issues. | |
1884 | ||
1885 | @item --dry-run | |
1886 | @itemx -n | |
1887 | Do not build the derivations. | |
1888 | ||
56b1f4b7 LC |
1889 | @item --fallback |
1890 | When substituting a pre-built binary fails, fall back to building | |
1891 | packages locally. | |
1892 | ||
c78bd12b | 1893 | @item --no-substitutes |
b5385b52 LC |
1894 | Do not use substitutes for build products. That is, always build things |
1895 | locally instead of allowing downloads of pre-built binaries. | |
c78bd12b | 1896 | |
425b0bfc | 1897 | @item --no-build-hook |
4ec2e92d LC |
1898 | Do not attempt to offload builds @i{via} the daemon's ``build hook'' |
1899 | (@pxref{Daemon Offload Setup}). That is, always build things locally | |
1900 | instead of offloading builds to remote machines. | |
425b0bfc | 1901 | |
969e678e LC |
1902 | @item --max-silent-time=@var{seconds} |
1903 | When the build or substitution process remains silent for more than | |
1904 | @var{seconds}, terminate it and report a build failure. | |
1905 | ||
07ab4bf1 LC |
1906 | @item --verbosity=@var{level} |
1907 | Use the given verbosity level. @var{level} must be an integer between 0 | |
1908 | and 5; higher means more verbose output. Setting a level of 4 or more | |
1909 | may be helpful when debugging setup issues with the build daemon. | |
1910 | ||
70ee5642 LC |
1911 | @item --cores=@var{n} |
1912 | @itemx -c @var{n} | |
1913 | Allow the use of up to @var{n} CPU cores for the build. The special | |
1914 | value @code{0} means to use as many CPU cores as available. | |
bf421152 | 1915 | |
c78bd12b LC |
1916 | @end table |
1917 | ||
e49951eb | 1918 | Behind the scenes, @command{guix build} is essentially an interface to |
c78bd12b LC |
1919 | the @code{package-derivation} procedure of the @code{(guix packages)} |
1920 | module, and to the @code{build-derivations} procedure of the @code{(guix | |
1921 | store)} module. | |
1922 | ||
210cc920 LC |
1923 | @node Invoking guix download |
1924 | @section Invoking @command{guix download} | |
1925 | ||
1926 | When writing a package definition, developers typically need to download | |
1927 | the package's source tarball, compute its SHA256 hash, and write that | |
1928 | hash in the package definition (@pxref{Defining Packages}). The | |
1929 | @command{guix download} tool helps with this task: it downloads a file | |
1930 | from the given URI, adds it to the store, and prints both its file name | |
1931 | in the store and its SHA256 hash. | |
1932 | ||
1933 | The fact that the downloaded file is added to the store saves bandwidth: | |
1934 | when the developer eventually tries to build the newly defined package | |
1935 | with @command{guix build}, the source tarball will not have to be | |
1936 | downloaded again because it is already in the store. It is also a | |
1937 | convenient way to temporarily stash files, which may be deleted | |
1938 | eventually (@pxref{Invoking guix gc}). | |
1939 | ||
1940 | The @command{guix download} command supports the same URIs as used in | |
1941 | package definitions. In particular, it supports @code{mirror://} URIs. | |
1942 | @code{https} URIs (HTTP over TLS) are supported @emph{provided} the | |
1943 | Guile bindings for GnuTLS are available in the user's environment; when | |
1944 | they are not available, an error is raised. | |
1945 | ||
1946 | The following option is available: | |
1947 | ||
1948 | @table @code | |
1949 | @item --format=@var{fmt} | |
1950 | @itemx -f @var{fmt} | |
1951 | Write the hash in the format specified by @var{fmt}. For more | |
1952 | information on the valid values for @var{fmt}, @ref{Invoking guix hash}. | |
1953 | @end table | |
1954 | ||
6c365eca NK |
1955 | @node Invoking guix hash |
1956 | @section Invoking @command{guix hash} | |
1957 | ||
210cc920 | 1958 | The @command{guix hash} command computes the SHA256 hash of a file. |
6c365eca NK |
1959 | It is primarily a convenience tool for anyone contributing to the |
1960 | distribution: it computes the cryptographic hash of a file, which can be | |
1961 | used in the definition of a package (@pxref{Defining Packages}). | |
1962 | ||
1963 | The general syntax is: | |
1964 | ||
1965 | @example | |
1966 | guix hash @var{option} @var{file} | |
1967 | @end example | |
1968 | ||
1969 | @command{guix hash} has the following option: | |
1970 | ||
1971 | @table @code | |
1972 | ||
1973 | @item --format=@var{fmt} | |
1974 | @itemx -f @var{fmt} | |
210cc920 | 1975 | Write the hash in the format specified by @var{fmt}. |
6c365eca NK |
1976 | |
1977 | Supported formats: @code{nix-base32}, @code{base32}, @code{base16} | |
1978 | (@code{hex} and @code{hexadecimal} can be used as well). | |
1979 | ||
1980 | If the @option{--format} option is not specified, @command{guix hash} | |
1981 | will output the hash in @code{nix-base32}. This representation is used | |
1982 | in the definitions of packages. | |
1983 | ||
3140f2df LC |
1984 | @item --recursive |
1985 | @itemx -r | |
1986 | Compute the hash on @var{file} recursively. | |
1987 | ||
1988 | In this case, the hash is computed on an archive containing @var{file}, | |
1989 | including its children if it is a directory. Some of @var{file}'s | |
1990 | meta-data is part of the archive; for instance, when @var{file} is a | |
1991 | regular file, the hash is different depending on whether @var{file} is | |
1992 | executable or not. Meta-data such as time stamps has no impact on the | |
1993 | hash (@pxref{Invoking guix archive}). | |
1994 | @c FIXME: Replace xref above with xref to an ``Archive'' section when | |
1995 | @c it exists. | |
1996 | ||
6c365eca NK |
1997 | @end table |
1998 | ||
37166310 LC |
1999 | @node Invoking guix refresh |
2000 | @section Invoking @command{guix refresh} | |
2001 | ||
2002 | The primary audience of the @command{guix refresh} command is developers | |
2003 | of the GNU software distribution. By default, it reports any packages | |
2004 | provided by the distribution that are outdated compared to the latest | |
2005 | upstream version, like this: | |
2006 | ||
2007 | @example | |
2008 | $ guix refresh | |
2009 | gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1 | |
2010 | gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0 | |
2011 | @end example | |
2012 | ||
2013 | It does so by browsing each package's FTP directory and determining the | |
2014 | highest version number of the source tarballs | |
2015 | therein@footnote{Currently, this only works for GNU packages.}. | |
2016 | ||
2017 | When passed @code{--update}, it modifies distribution source files to | |
2018 | update the version numbers and source tarball hashes of those packages' | |
2019 | recipes (@pxref{Defining Packages}). This is achieved by downloading | |
2020 | each package's latest source tarball and its associated OpenPGP | |
2021 | signature, authenticating the downloaded tarball against its signature | |
2022 | using @command{gpg}, and finally computing its hash. When the public | |
2023 | key used to sign the tarball is missing from the user's keyring, an | |
2024 | attempt is made to automatically retrieve it from a public key server; | |
2025 | when it's successful, the key is added to the user's keyring; otherwise, | |
2026 | @command{guix refresh} reports an error. | |
2027 | ||
2028 | The following options are supported: | |
2029 | ||
2030 | @table @code | |
2031 | ||
2032 | @item --update | |
2033 | @itemx -u | |
2034 | Update distribution source files (package recipes) in place. | |
2035 | @ref{Defining Packages}, for more information on package definitions. | |
2036 | ||
2037 | @item --select=[@var{subset}] | |
2038 | @itemx -s @var{subset} | |
2039 | Select all the packages in @var{subset}, one of @code{core} or | |
2040 | @code{non-core}. | |
2041 | ||
2042 | The @code{core} subset refers to all the packages at the core of the | |
2043 | distribution---i.e., packages that are used to build ``everything | |
2044 | else''. This includes GCC, libc, Binutils, Bash, etc. Usually, | |
2045 | changing one of these packages in the distribution entails a rebuild of | |
2046 | all the others. Thus, such updates are an inconvenience to users in | |
2047 | terms of build time or bandwidth used to achieve the upgrade. | |
2048 | ||
2049 | The @code{non-core} subset refers to the remaining packages. It is | |
2050 | typically useful in cases where an update of the core packages would be | |
2051 | inconvenient. | |
2052 | ||
2053 | @end table | |
2054 | ||
2055 | In addition, @command{guix refresh} can be passed one or more package | |
2056 | names, as in this example: | |
2057 | ||
2058 | @example | |
2059 | guix refresh -u emacs idutils | |
2060 | @end example | |
2061 | ||
2062 | @noindent | |
2063 | The command above specifically updates the @code{emacs} and | |
2064 | @code{idutils} packages. The @code{--select} option would have no | |
2065 | effect in this case. | |
2066 | ||
f9230085 LC |
2067 | The following options can be used to customize GnuPG operation: |
2068 | ||
2069 | @table @code | |
2070 | ||
2071 | @item --key-server=@var{host} | |
2072 | Use @var{host} as the OpenPGP key server when importing a public key. | |
2073 | ||
2074 | @item --gpg=@var{command} | |
2075 | Use @var{command} as the GnuPG 2.x command. @var{command} is searched | |
2076 | for in @code{$PATH}. | |
2077 | ||
2078 | @end table | |
2079 | ||
37166310 | 2080 | |
a1ba8475 LC |
2081 | @c ********************************************************************* |
2082 | @node GNU Distribution | |
2083 | @chapter GNU Distribution | |
2084 | ||
2085 | Guix comes with a distribution of free software@footnote{The term | |
2086 | ``free'' here refers to the | |
2087 | @url{http://www.gnu.org/philosophy/free-sw.html,freedom provided to | |
c320011d | 2088 | users of that software}.} that forms the basis of the GNU system. This |
a1ba8475 LC |
2089 | includes core GNU packages such as GNU libc, GCC, and Binutils, as well |
2090 | as many GNU and non-GNU applications. The complete list of available | |
d03bb653 LC |
2091 | packages can be browsed |
2092 | @url{http://www.gnu.org/software/guix/package-list.html,on-line} or by | |
2093 | running @command{guix package} (@pxref{Invoking guix package}): | |
a1ba8475 LC |
2094 | |
2095 | @example | |
e49951eb | 2096 | guix package --list-available |
a1ba8475 LC |
2097 | @end example |
2098 | ||
401c53c4 LC |
2099 | Our goal is to build a practical 100% free software distribution of |
2100 | Linux-based and other variants of GNU, with a focus on the promotion and | |
2101 | tight integration of GNU components, and an emphasis on programs and | |
2102 | tools that help users exert that freedom. | |
2103 | ||
c320011d LC |
2104 | The GNU distribution is currently available on the following platforms: |
2105 | ||
2106 | @table @code | |
2107 | ||
2108 | @item x86_64-linux | |
2109 | Intel/AMD @code{x86_64} architecture, Linux-Libre kernel; | |
2110 | ||
2111 | @item i686-linux | |
2112 | Intel 32-bit architecture (IA32), Linux-Libre kernel; | |
2113 | ||
2114 | @item mips64el-linux | |
2115 | little-endian 64-bit MIPS processors, specifically the Loongson series, | |
2116 | n32 application binary interface (ABI), and Linux-Libre kernel. | |
2117 | ||
2118 | @end table | |
2119 | ||
2120 | @noindent | |
2121 | For information on porting to other architectures or kernels, | |
2122 | @xref{Porting}. | |
2123 | ||
401c53c4 | 2124 | @menu |
91ef73d4 | 2125 | * Installing Debugging Files:: Feeding the debugger. |
401c53c4 | 2126 | * Package Modules:: Packages from the programmer's viewpoint. |
da7cabd4 | 2127 | * Packaging Guidelines:: Growing the distribution. |
401c53c4 | 2128 | * Bootstrapping:: GNU/Linux built from scratch. |
8b315a6d | 2129 | * Porting:: Targeting another platform or kernel. |
4af2447e | 2130 | * System Configuration:: Configuring a GNU system. |
401c53c4 LC |
2131 | @end menu |
2132 | ||
2133 | Building this distribution is a cooperative effort, and you are invited | |
2134 | to join! @ref{Contributing}, for information about how you can help. | |
2135 | ||
b208a005 | 2136 | |
91ef73d4 LC |
2137 | @node Installing Debugging Files |
2138 | @section Installing Debugging Files | |
2139 | ||
2140 | Program binaries, as produced by the GCC compilers for instance, are | |
2141 | typically written in the ELF format, with a section containing | |
2142 | @dfn{debugging information}. Debugging information is what allows the | |
2143 | debugger, GDB, to map binary code to source code; it is required to | |
2144 | debug a compiled program in good conditions. | |
2145 | ||
2146 | The problem with debugging information is that is takes up a fair amount | |
2147 | of disk space. For example, debugging information for the GNU C Library | |
2148 | weighs in at more than 60 MiB. Thus, as a user, keeping all the | |
2149 | debugging info of all the installed programs is usually not an option. | |
2150 | Yet, space savings should not come at the cost of an impediment to | |
2151 | debugging---especially in the GNU system, which should make it easier | |
2152 | for users to exert their computing freedom (@pxref{GNU Distribution}). | |
2153 | ||
2154 | Thankfully, the GNU Binary Utilities (Binutils) and GDB provide a | |
2155 | mechanism that allows users to get the best of both worlds: debugging | |
2156 | information can be stripped from the binaries and stored in separate | |
2157 | files. GDB is then able to load debugging information from those files, | |
2158 | when they are available (@pxref{Separate Debug Files,,, gdb, Debugging | |
2159 | with GDB}). | |
2160 | ||
2161 | The GNU distribution takes advantage of this by storing debugging | |
2162 | information in the @code{lib/debug} sub-directory of a separate package | |
2163 | output unimaginatively called @code{debug} (@pxref{Packages with | |
2164 | Multiple Outputs}). Users can choose to install the @code{debug} output | |
2165 | of a package when they need it. For instance, the following command | |
2166 | installs the debugging information for the GNU C Library and for GNU | |
2167 | Guile: | |
2168 | ||
2169 | @example | |
2170 | guix package -i glibc:debug -i guile:debug | |
2171 | @end example | |
2172 | ||
2173 | GDB must then be told to look for debug files in the user's profile, by | |
2174 | setting the @code{debug-file-directory} variable (consider setting it | |
2175 | from the @file{~/.gdbinit} file, @pxref{Startup,,, gdb, Debugging with | |
2176 | GDB}): | |
2177 | ||
2178 | @example | |
2179 | (gdb) set debug-file-directory ~/.guix-profile/lib/debug | |
2180 | @end example | |
2181 | ||
2182 | From there on, GDB will pick up debugging information from the | |
2183 | @code{.debug} files under @file{~/.guix-profile/lib/debug}. | |
2184 | ||
2185 | @c XXX: keep me up-to-date | |
2186 | The @code{debug} output mechanism in Guix is implemented by the | |
2187 | @code{gnu-build-system} (@pxref{Defining Packages}). Currently, it is | |
2188 | opt-in---debugging information is available only for those packages | |
2189 | whose definition explicitly declares a @code{debug} output. This may be | |
2190 | changed to opt-out in the future, if our build farm servers can handle | |
2191 | the load. To check whether a package has a @code{debug} output, use | |
2192 | @command{guix package --list-available} (@pxref{Invoking guix package}). | |
2193 | ||
2194 | ||
401c53c4 LC |
2195 | @node Package Modules |
2196 | @section Package Modules | |
2197 | ||
2198 | From a programming viewpoint, the package definitions of the | |
e7f34eb0 | 2199 | GNU distribution are provided by Guile modules in the @code{(gnu packages |
7e17f65d LC |
2200 | @dots{})} name space@footnote{Note that packages under the @code{(gnu |
2201 | packages @dots{})} module name space are not necessarily ``GNU | |
2202 | packages''. This module naming scheme follows the usual Guile module | |
2203 | naming convention: @code{gnu} means that these modules are distributed | |
2204 | as part of the GNU system, and @code{packages} identifies modules that | |
2205 | define packages.} (@pxref{Modules, Guile modules,, guile, GNU Guile | |
b81e1947 LC |
2206 | Reference Manual}). For instance, the @code{(gnu packages emacs)} |
2207 | module exports a variable named @code{emacs}, which is bound to a | |
e7f34eb0 LC |
2208 | @code{<package>} object (@pxref{Defining Packages}). |
2209 | ||
2210 | The @code{(gnu packages @dots{})} module name space is special: it is | |
2211 | automatically scanned for packages by the command-line tools. For | |
2212 | instance, when running @code{guix package -i emacs}, all the @code{(gnu | |
2213 | packages @dots{})} modules are scanned until one that exports a package | |
2214 | object whose name is @code{emacs} is found. This package search | |
2215 | facility is implemented in the @code{(gnu packages)} module. | |
2216 | ||
2217 | Users can store package definitions in modules with different | |
2218 | names---e.g., @code{(my-packages emacs)}. In that case, commands such | |
2219 | as @command{guix package} and @command{guix build} have to be used with | |
2220 | the @code{-e} option so that they know where to find the package. | |
a1ba8475 LC |
2221 | |
2222 | The distribution is fully @dfn{bootstrapped} and @dfn{self-contained}: | |
2223 | each package is built based solely on other packages in the | |
2224 | distribution. The root of this dependency graph is a small set of | |
2225 | @dfn{bootstrap binaries}, provided by the @code{(gnu packages | |
b81e1947 LC |
2226 | bootstrap)} module. For more information on bootstrapping, |
2227 | @ref{Bootstrapping}. | |
2228 | ||
da7cabd4 AE |
2229 | @node Packaging Guidelines |
2230 | @section Packaging Guidelines | |
b81e1947 LC |
2231 | |
2232 | The GNU distribution is nascent and may well lack some of your favorite | |
2233 | packages. This section describes how you can help make the distribution | |
c8c871d1 | 2234 | grow. @xref{Contributing}, for additional information on how you can |
b81e1947 LC |
2235 | help. |
2236 | ||
b81e1947 LC |
2237 | Free software packages are usually distributed in the form of |
2238 | @dfn{source code tarballs}---typically @file{tar.gz} files that contain | |
2239 | all the source files. Adding a package to the distribution means | |
2240 | essentially two things: adding a @dfn{recipe} that describes how to | |
2241 | build the package, including a list of other packages required to build | |
2242 | it, and adding @dfn{package meta-data} along with that recipe, such as a | |
2243 | description and licensing information. | |
2244 | ||
2245 | In Guix all this information is embodied in @dfn{package definitions}. | |
2246 | Package definitions provide a high-level view of the package. They are | |
2247 | written using the syntax of the Scheme programming language; in fact, | |
2248 | for each package we define a variable bound to the package definition, | |
2249 | and export that variable from a module (@pxref{Package Modules}). | |
2250 | However, in-depth Scheme knowledge is @emph{not} a prerequisite for | |
2251 | creating packages. For more information on package definitions, | |
2252 | @ref{Defining Packages}. | |
2253 | ||
2254 | Once a package definition is in place, stored in a file in the Guix | |
2255 | source tree, it can be tested using the @command{guix build} command | |
2256 | (@pxref{Invoking guix build}). For example, assuming the new package is | |
2257 | called @code{gnew}, you may run this command from the Guix build tree: | |
2258 | ||
2259 | @example | |
2260 | ./pre-inst-env guix build gnew --keep-failed | |
2261 | @end example | |
2262 | ||
2263 | Using @code{--keep-failed} makes it easier to debug build failures since | |
2264 | it provides access to the failed build tree. | |
2265 | ||
2266 | Once your package builds correctly, please send us a patch | |
2267 | (@pxref{Contributing}). Well, if you need help, we will be happy to | |
2268 | help you too. Once the patch is committed in the Guix repository, the | |
2269 | new package automatically gets built on the supported platforms by | |
2270 | @url{http://hydra.gnu.org/gnu/master, our continuous integration | |
2271 | system}. | |
2272 | ||
2273 | @cindex substituter | |
2274 | Users can obtain the new package definition simply by running | |
2275 | @command{guix pull} (@pxref{Invoking guix pull}). When | |
2276 | @code{hydra.gnu.org} is done building the package, installing the | |
2277 | package automatically downloads binaries from there (except when using | |
2278 | @code{--no-substitutes}). The only place where human intervention is | |
2279 | needed is to review and apply the patch. | |
401c53c4 LC |
2280 | |
2281 | ||
da7cabd4 | 2282 | @menu |
ee85f3db AE |
2283 | * Software Freedom:: What may go into the distribution. |
2284 | * Package Naming:: What's in a name? | |
2285 | * Version Numbers:: When the name is not enough. | |
2286 | * Python Modules:: Taming the snake. | |
da7cabd4 AE |
2287 | @end menu |
2288 | ||
2289 | @node Software Freedom | |
2290 | @subsection Software Freedom | |
2291 | ||
2292 | @c Adapted from http://www.gnu.org/philosophy/philosophy.html. | |
2293 | ||
2294 | The GNU operating system has been developed so that users can have | |
2295 | freedom in their computing. GNU is @dfn{free software}, meaning that | |
2296 | users have the @url{http://www.gnu.org/philosophy/free-sw.html,four | |
2297 | essential freedoms}: to run the program, to study and change the program | |
2298 | in source code form, to redistribute exact copies, and to distribute | |
2299 | modified versions. Packages found in the GNU distribution provide only | |
2300 | software that conveys these four freedoms. | |
2301 | ||
2302 | In addition, the GNU distribution follow the | |
2303 | @url{http://www.gnu.org/distros/free-system-distribution-guidelines.html,free | |
2304 | software distribution guidelines}. Among other things, these guidelines | |
2305 | reject non-free firmware, recommendations of non-free software, and | |
2306 | discuss ways to deal with trademarks and patents. | |
2307 | ||
f9cc8971 LC |
2308 | Some packages contain a small and optional subset that violates the |
2309 | above guidelines, for instance because this subset is itself non-free | |
2310 | code. When that happens, the offending items are removed with | |
2311 | appropriate patches or code snippets in the package definition's | |
2312 | @code{origin} form (@pxref{Defining Packages}). That way, @code{guix | |
2313 | build --source} returns the ``freed'' source rather than the unmodified | |
2314 | upstream source. | |
2315 | ||
da7cabd4 | 2316 | |
ee85f3db AE |
2317 | @node Package Naming |
2318 | @subsection Package Naming | |
2319 | ||
c8c871d1 | 2320 | A package has actually two names associated with it: |
ee85f3db | 2321 | First, there is the name of the @emph{Scheme variable}, the one following |
c8c871d1 AE |
2322 | @code{define-public}. By this name, the package can be made known in the |
2323 | Scheme code, for instance as input to another package. Second, there is | |
2324 | the string in the @code{name} field of a package definition. This name | |
2325 | is used by package management commands such as | |
2326 | @command{guix package} and @command{guix build}. | |
ee85f3db AE |
2327 | |
2328 | Both are usually the same and correspond to the lowercase conversion of the | |
c8c871d1 AE |
2329 | project name chosen upstream. For instance, the GNUnet project is packaged |
2330 | as @code{gnunet}. We do not add @code{lib} prefixes for library packages, | |
2331 | unless these are already part of the official project name. But see | |
2332 | @ref{Python Modules} for special rules concerning modules for | |
ee85f3db AE |
2333 | the Python language. |
2334 | ||
2335 | ||
2336 | @node Version Numbers | |
2337 | @subsection Version Numbers | |
2338 | ||
2339 | We usually package only the latest version of a given free software | |
c8c871d1 AE |
2340 | project. But sometimes, for instance for incompatible library versions, |
2341 | two (or more) versions of the same package are needed. These require | |
2342 | different Scheme variable names. We use the name as defined | |
2343 | in @ref{Package Naming} | |
ee85f3db AE |
2344 | for the most recent version; previous versions use the same name, suffixed |
2345 | by @code{-} and the smallest prefix of the version number that may | |
2346 | distinguish the two versions. | |
2347 | ||
2348 | The name inside the package definition is the same for all versions of a | |
2349 | package and does not contain any version number. | |
2350 | ||
2351 | For instance, the versions 2.24.20 and 3.9.12 of GTK+ may be packaged as follows: | |
c8c871d1 | 2352 | |
ee85f3db AE |
2353 | @example |
2354 | (define-public gtk+ | |
2355 | (package | |
2356 | (name "gtk+") | |
2357 | (version "3.9.12") | |
2358 | ...)) | |
2359 | (define-public gtk+-2 | |
2360 | (package | |
2361 | (name "gtk+") | |
2362 | (version "2.24.20") | |
2363 | ...)) | |
2364 | @end example | |
2365 | If we also wanted GTK+ 3.8.2, this would be packaged as | |
2366 | @example | |
2367 | (define-public gtk+-3.8 | |
2368 | (package | |
2369 | (name "gtk+") | |
2370 | (version "3.8.2") | |
2371 | ...)) | |
2372 | @end example | |
2373 | ||
2374 | ||
2375 | @node Python Modules | |
2376 | @subsection Python Modules | |
2377 | ||
2378 | We currently package Python 2 and Python 3, under the Scheme variable names | |
2379 | @code{python-2} and @code{python} as explained in @ref{Version Numbers}. | |
2380 | To avoid confusion and naming clashes with other programming languages, it | |
2381 | seems desirable that the name of a package for a Python module contains | |
2382 | the word @code{python}. | |
c8c871d1 | 2383 | |
ee85f3db AE |
2384 | Some modules are compatible with only one version of Python, others with both. |
2385 | If the package Foo compiles only with Python 3, we name it | |
2386 | @code{python-foo}; if it compiles only with Python 2, we name it | |
2387 | @code{python2-foo}. If it is compatible with both versions, we create two | |
2388 | packages with the corresponding names. | |
2389 | ||
2390 | If a project already contains the word @code{python}, we drop this; | |
2391 | for instance, the module python-dateutil is packaged under the names | |
2392 | @code{python-dateutil} and @code{python2-dateutil}. | |
2393 | ||
2394 | ||
2395 | ||
2396 | ||
2397 | ||
401c53c4 LC |
2398 | @node Bootstrapping |
2399 | @section Bootstrapping | |
2400 | ||
2401 | @c Adapted from the ELS 2013 paper. | |
2402 | ||
2403 | @cindex bootstrapping | |
2404 | ||
2405 | Bootstrapping in our context refers to how the distribution gets built | |
2406 | ``from nothing''. Remember that the build environment of a derivation | |
2407 | contains nothing but its declared inputs (@pxref{Introduction}). So | |
2408 | there's an obvious chicken-and-egg problem: how does the first package | |
2409 | get built? How does the first compiler get compiled? Note that this is | |
2410 | a question of interest only to the curious hacker, not to the regular | |
2411 | user, so you can shamelessly skip this section if you consider yourself | |
2412 | a ``regular user''. | |
2413 | ||
2414 | @cindex bootstrap binaries | |
2415 | The GNU system is primarily made of C code, with libc at its core. The | |
2416 | GNU build system itself assumes the availability of a Bourne shell and | |
2417 | command-line tools provided by GNU Coreutils, Awk, Findutils, `sed', and | |
2418 | `grep'. Furthermore, build programs---programs that run | |
2419 | @code{./configure}, @code{make}, etc.---are written in Guile Scheme | |
2420 | (@pxref{Derivations}). Consequently, to be able to build anything at | |
2421 | all, from scratch, Guix relies on pre-built binaries of Guile, GCC, | |
2422 | Binutils, libc, and the other packages mentioned above---the | |
2423 | @dfn{bootstrap binaries}. | |
2424 | ||
2425 | These bootstrap binaries are ``taken for granted'', though we can also | |
ba7ea5ce | 2426 | re-create them if needed (more on that later). |
401c53c4 LC |
2427 | |
2428 | @unnumberedsubsec Preparing to Use the Bootstrap Binaries | |
2429 | ||
2430 | @c As of Emacs 24.3, Info-mode displays the image, but since it's a | |
2431 | @c large image, it's hard to scroll. Oh well. | |
29f66ddd | 2432 | @image{images/bootstrap-graph,6in,,Dependency graph of the early bootstrap derivations} |
401c53c4 LC |
2433 | |
2434 | The figure above shows the very beginning of the dependency graph of the | |
2435 | distribution, corresponding to the package definitions of the @code{(gnu | |
2436 | packages bootstrap)} module. At this level of detail, things are | |
2437 | slightly complex. First, Guile itself consists of an ELF executable, | |
2438 | along with many source and compiled Scheme files that are dynamically | |
2439 | loaded when it runs. This gets stored in the @file{guile-2.0.7.tar.xz} | |
2440 | tarball shown in this graph. This tarball is part of Guix's ``source'' | |
2441 | distribution, and gets inserted into the store with @code{add-to-store} | |
2442 | (@pxref{The Store}). | |
a1ba8475 | 2443 | |
401c53c4 LC |
2444 | But how do we write a derivation that unpacks this tarball and adds it |
2445 | to the store? To solve this problem, the @code{guile-bootstrap-2.0.drv} | |
2446 | derivation---the first one that gets built---uses @code{bash} as its | |
2447 | builder, which runs @code{build-bootstrap-guile.sh}, which in turn calls | |
2448 | @code{tar} to unpack the tarball. Thus, @file{bash}, @file{tar}, | |
2449 | @file{xz}, and @file{mkdir} are statically-linked binaries, also part of | |
2450 | the Guix source distribution, whose sole purpose is to allow the Guile | |
2451 | tarball to be unpacked. | |
2452 | ||
2453 | Once @code{guile-bootstrap-2.0.drv} is built, we have a functioning | |
2454 | Guile that can be used to run subsequent build programs. Its first task | |
2455 | is to download tarballs containing the other pre-built binaries---this | |
2456 | is what the @code{.tar.xz.drv} derivations do. Guix modules such as | |
2457 | @code{ftp-client.scm} are used for this purpose. The | |
2458 | @code{module-import.drv} derivations import those modules in a directory | |
2459 | in the store, using the original layout. The | |
2460 | @code{module-import-compiled.drv} derivations compile those modules, and | |
2461 | write them in an output directory with the right layout. This | |
2462 | corresponds to the @code{#:modules} argument of | |
2463 | @code{build-expression->derivation} (@pxref{Derivations}). | |
2464 | ||
2465 | Finally, the various tarballs are unpacked by the | |
2466 | derivations @code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, | |
2467 | etc., at which point we have a working C tool chain. | |
2468 | ||
2469 | ||
2470 | @unnumberedsubsec Building the Build Tools | |
2471 | ||
2472 | @c TODO: Add a package-level dependency graph generated from (gnu | |
2473 | @c packages base). | |
2474 | ||
2475 | Bootstrapping is complete when we have a full tool chain that does not | |
2476 | depend on the pre-built bootstrap tools discussed above. This | |
2477 | no-dependency requirement is verified by checking whether the files of | |
2478 | the final tool chain contain references to the @file{/nix/store} | |
2479 | directories of the bootstrap inputs. The process that leads to this | |
2480 | ``final'' tool chain is described by the package definitions found in | |
2481 | the @code{(gnu packages base)} module. | |
2482 | ||
2483 | @c See <http://lists.gnu.org/archive/html/gnu-system-discuss/2012-10/msg00000.html>. | |
2484 | The first tool that gets built with the bootstrap binaries is | |
2485 | GNU Make, which is a prerequisite for all the following packages. | |
2486 | From there Findutils and Diffutils get built. | |
2487 | ||
2488 | Then come the first-stage Binutils and GCC, built as pseudo cross | |
2489 | tools---i.e., with @code{--target} equal to @code{--host}. They are | |
2490 | used to build libc. Thanks to this cross-build trick, this libc is | |
2491 | guaranteed not to hold any reference to the initial tool chain. | |
2492 | ||
2493 | From there the final Binutils and GCC are built. GCC uses @code{ld} | |
2494 | from the final Binutils, and links programs against the just-built libc. | |
2495 | This tool chain is used to build the other packages used by Guix and by | |
2496 | the GNU Build System: Guile, Bash, Coreutils, etc. | |
2497 | ||
2498 | And voilà! At this point we have the complete set of build tools that | |
2499 | the GNU Build System expects. These are in the @code{%final-inputs} | |
2500 | variables of the @code{(gnu packages base)} module, and are implicitly | |
2501 | used by any package that uses @code{gnu-build-system} (@pxref{Defining | |
2502 | Packages}). | |
2503 | ||
2504 | ||
2505 | @unnumberedsubsec Building the Bootstrap Binaries | |
2506 | ||
2507 | Because the final tool chain does not depend on the bootstrap binaries, | |
2508 | those rarely need to be updated. Nevertheless, it is useful to have an | |
2509 | automated way to produce them, should an update occur, and this is what | |
2510 | the @code{(gnu packages make-bootstrap)} module provides. | |
2511 | ||
2512 | The following command builds the tarballs containing the bootstrap | |
2513 | binaries (Guile, Binutils, GCC, libc, and a tarball containing a mixture | |
2514 | of Coreutils and other basic command-line tools): | |
a1ba8475 | 2515 | |
401c53c4 LC |
2516 | @example |
2517 | guix build bootstrap-tarballs | |
2518 | @end example | |
2519 | ||
2520 | The generated tarballs are those that should be referred to in the | |
2521 | @code{(gnu packages bootstrap)} module mentioned at the beginning of | |
2522 | this section. | |
2523 | ||
2524 | Still here? Then perhaps by now you've started to wonder: when do we | |
2525 | reach a fixed point? That is an interesting question! The answer is | |
2526 | unknown, but if you would like to investigate further (and have | |
2527 | significant computational and storage resources to do so), then let us | |
2528 | know. | |
a1ba8475 | 2529 | |
8b315a6d LC |
2530 | @node Porting |
2531 | @section Porting to a New Platform | |
2532 | ||
2533 | As discussed above, the GNU distribution is self-contained, and | |
2534 | self-containment is achieved by relying on pre-built ``bootstrap | |
2535 | binaries'' (@pxref{Bootstrapping}). These binaries are specific to an | |
2536 | operating system kernel, CPU architecture, and application binary | |
2537 | interface (ABI). Thus, to port the distribution to a platform that is | |
2538 | not yet supported, one must build those bootstrap binaries, and update | |
2539 | the @code{(gnu packages bootstrap)} module to use them on that platform. | |
2540 | ||
2541 | Fortunately, Guix can @emph{cross compile} those bootstrap binaries. | |
2542 | When everything goes well, and assuming the GNU tool chain supports the | |
2543 | target platform, this can be as simple as running a command like this | |
2544 | one: | |
2545 | ||
2546 | @example | |
2547 | guix build --target=armv5tel-linux-gnueabi bootstrap-tarballs | |
2548 | @end example | |
2549 | ||
72e25e35 LC |
2550 | Once these are built, the @code{(gnu packages bootstrap)} module needs |
2551 | to be updated to refer to these binaries on the target platform. In | |
2552 | addition, the @code{glibc-dynamic-linker} procedure in that module must | |
2553 | be augmented to return the right file name for libc's dynamic linker on | |
2554 | that platform; likewise, @code{system->linux-architecture} in @code{(gnu | |
2555 | packages linux)} must be taught about the new platform. | |
2556 | ||
8b315a6d LC |
2557 | In practice, there may be some complications. First, it may be that the |
2558 | extended GNU triplet that specifies an ABI (like the @code{eabi} suffix | |
2559 | above) is not recognized by all the GNU tools. Typically, glibc | |
2560 | recognizes some of these, whereas GCC uses an extra @code{--with-abi} | |
ba7ea5ce | 2561 | configure flag (see @code{gcc.scm} for examples of how to handle this). |
8b315a6d LC |
2562 | Second, some of the required packages could fail to build for that |
2563 | platform. Lastly, the generated binaries could be broken for some | |
2564 | reason. | |
2565 | ||
9bf3c1a7 | 2566 | |
4af2447e LC |
2567 | @node System Configuration |
2568 | @section System Configuration | |
2569 | ||
2570 | @emph{This section documents work-in-progress. As such it may be | |
2571 | incomplete, outdated, or open to discussions. Please discuss it on | |
2572 | @email{guix-devel@@gnu.org}.} | |
2573 | ||
2574 | @cindex system configuration | |
2575 | The GNU system supports a consistent whole-system configuration | |
2576 | mechanism. By that we mean that all aspects of the global system | |
2577 | configuration---such as the available system services, timezone and | |
68ad877c | 2578 | locale settings, user accounts---are declared in a single place. Such |
4af2447e LC |
2579 | a @dfn{system configuration} can be @dfn{instantiated}---i.e., effected. |
2580 | ||
68ad877c LC |
2581 | One of the advantages of putting all the system configuration under the |
2582 | control of Guix is that it supports transactional system upgrades, and | |
2583 | makes it possible to roll-back to a previous system instantiation, | |
2584 | should something go wrong with the new one (@pxref{Features}). Another | |
2585 | one is that it makes it easy to replicate the exact same configuration | |
2586 | across different machines, or at different points in time, without | |
2587 | having to resort to additional administration tools layered on top of | |
2588 | the system's own tools. | |
2589 | @c Yes, we're talking of Puppet, Chef, & co. here. ↑ | |
2590 | ||
4af2447e LC |
2591 | This section describes this mechanism. First we focus on the system |
2592 | administrator's viewpoint---explaining how the system is configured and | |
2593 | instantiated. Then we show how this mechanism can be extended, for | |
2594 | instance to support new system services. | |
2595 | ||
2596 | @menu | |
523e4896 LC |
2597 | * Using the Configuration System:: Customizing your GNU system. |
2598 | * Invoking guix system:: Instantiating a system configuration. | |
2599 | * Defining Services:: Adding new service definitions. | |
4af2447e LC |
2600 | @end menu |
2601 | ||
2602 | @node Using the Configuration System | |
2603 | @subsection Using the Configuration System | |
2604 | ||
2605 | The operating system is configured by filling in an | |
2606 | @code{operating-system} structure, as defined by the @code{(gnu system)} | |
2607 | module. A simple setup, with the default system services, the default | |
2608 | Linux-Libre kernel, initial RAM disk, and boot loader looks like this: | |
2609 | ||
2610 | @findex operating-system | |
2611 | @lisp | |
8b198abe | 2612 | (use-modules (gnu services base) ; for '%base-services' |
db4fdc04 | 2613 | (gnu services ssh) ; for 'lsh-service' |
4af2447e | 2614 | (gnu system shadow) ; for 'user-account' |
4af2447e LC |
2615 | (gnu packages base) ; Coreutils, grep, etc. |
2616 | (gnu packages bash) ; Bash | |
4eaad71d | 2617 | (gnu packages admin) ; dmd, Inetutils |
4af2447e LC |
2618 | (gnu packages zile) ; Zile |
2619 | (gnu packages less) ; less | |
2620 | (gnu packages guile) ; Guile | |
2621 | (gnu packages linux)) ; procps, psmisc | |
2622 | ||
68ad877c | 2623 | (define komputilo |
4af2447e LC |
2624 | (operating-system |
2625 | (host-name "komputilo") | |
2626 | (timezone "Europe/Paris") | |
2627 | (locale "fr_FR.UTF-8") | |
2628 | (users (list (user-account | |
2629 | (name "alice") | |
2630 | (password "") | |
2631 | (uid 1000) (gid 100) | |
2632 | (comment "Bob's sister") | |
2633 | (home-directory "/home/alice")))) | |
2634 | (packages (list coreutils bash guile-2.0 | |
2635 | guix dmd | |
2636 | inetutils | |
2637 | findutils grep sed | |
2638 | procps psmisc | |
2639 | zile less)) | |
2640 | (services (cons (lsh-service #:port 2222 #:allow-root-login? #t) | |
8b198abe | 2641 | %base-services)))) |
4af2447e LC |
2642 | @end lisp |
2643 | ||
2644 | This example should be self-describing. The @code{packages} field lists | |
68ad877c LC |
2645 | packages provided by the various @code{(gnu packages ...)} modules above |
2646 | (@pxref{Package Modules}). These are the packages that will be globally | |
2647 | visible on the system, for all user accounts---i.e., in every user's | |
2648 | @code{PATH} environment variable---in addition to the per-user profiles | |
2649 | (@pxref{Invoking guix package}). | |
4af2447e | 2650 | |
8b198abe | 2651 | @vindex %base-services |
4af2447e | 2652 | The @code{services} field lists @dfn{system services} to be made |
8b198abe | 2653 | available when the system starts. The @var{%base-services} list, |
db4fdc04 | 2654 | from the @code{(gnu services base)} module, provides the basic services one |
4af2447e LC |
2655 | would expect from a GNU system: a login service (mingetty) on each tty, |
2656 | syslogd, libc's name service cache daemon (nscd), etc. | |
2657 | ||
2658 | The @code{operating-system} declaration above specifies that, in | |
2659 | addition to those services, we want the @command{lshd} secure shell | |
2660 | daemon listening on port 2222, and allowing remote @code{root} logins | |
2661 | (@pxref{Invoking lshd,,, lsh, GNU lsh Manual}). Under the hood, | |
2662 | @code{lsh-service} arranges so that @code{lshd} is started with the | |
2663 | right command-line options, possibly with supporting configuration files | |
2664 | generated as needed (@pxref{Defining Services}). | |
2665 | ||
4af2447e | 2666 | Assuming the above snippet is stored in the @file{my-system-config.scm} |
523e4896 LC |
2667 | file, the @command{guix system boot my-system-config.scm} command |
2668 | instantiates that configuration, and makes it the default GRUB boot | |
2669 | entry (@pxref{Invoking guix system}). The normal way to change the | |
2670 | system's configuration is by updating this file and re-running the | |
2671 | @command{guix system} command. | |
4af2447e LC |
2672 | |
2673 | At the Scheme level, the bulk of an @code{operating-system} declaration | |
2674 | is instantiated with the following monadic procedure (@pxref{The Store | |
2675 | Monad}): | |
2676 | ||
2677 | @deffn {Monadic Procedure} operating-system-derivation os | |
2678 | Return a derivation that builds @var{os}, an @code{operating-system} | |
2679 | object (@pxref{Derivations}). | |
2680 | ||
2681 | The output of the derivation is a single directory that refers to all | |
2682 | the packages, configuration files, and other supporting files needed to | |
2683 | instantiate @var{os}. | |
2684 | @end deffn | |
2685 | ||
523e4896 LC |
2686 | @node Invoking guix system |
2687 | @subsection Invoking @code{guix system} | |
2688 | ||
2689 | Once you have written an operating system declaration, as seen in the | |
2690 | previous section, it can be @dfn{instantiated} using the @command{guix | |
2691 | system} command. The synopsis is: | |
2692 | ||
2693 | @example | |
2694 | guix system @var{options}@dots{} @var{action} @var{file} | |
2695 | @end example | |
2696 | ||
2697 | @var{file} must be the name of a file containing an | |
2698 | @code{operating-system} declaration. @var{action} specifies how the | |
2699 | operating system is instantiate. Currently only one value is supported: | |
2700 | ||
2701 | @table @code | |
2702 | @item vm | |
2703 | @cindex virtual machine | |
2704 | Build a virtual machine that contain the operating system declared in | |
2705 | @var{file}, and return a script to run that virtual machine (VM). | |
2706 | ||
2707 | The VM shares its store with the host system. | |
2708 | @end table | |
2709 | ||
2710 | @var{options} can contain any of the common build options provided by | |
2711 | @command{guix build} (@pxref{Invoking guix build}). | |
2712 | ||
4af2447e LC |
2713 | |
2714 | @node Defining Services | |
2715 | @subsection Defining Services | |
2716 | ||
db4fdc04 | 2717 | The @code{(gnu services @dots{})} modules define several procedures that allow |
4af2447e LC |
2718 | users to declare the operating system's services (@pxref{Using the |
2719 | Configuration System}). These procedures are @emph{monadic | |
2720 | procedures}---i.e., procedures that return a monadic value in the store | |
2721 | monad (@pxref{The Store Monad}). Examples of such procedures include: | |
2722 | ||
2723 | @table @code | |
2724 | @item mingetty-service | |
2725 | return the definition of a service that runs @command{mingetty} to | |
2726 | offer a login service on the given console tty; | |
2727 | ||
2728 | @item nscd-service | |
2729 | return a definition for libc's name service cache daemon (nscd); | |
2730 | ||
2731 | @item guix-service | |
2732 | return a definition for a service that runs @command{guix-daemon} | |
2733 | (@pxref{Invoking guix-daemon}). | |
2734 | @end table | |
2735 | ||
2736 | @cindex service definition | |
2737 | The monadic value returned by those procedures is a @dfn{service | |
2738 | definition}---a structure as returned by the @code{service} form. | |
2739 | Service definitions specifies the inputs the service depends on, and an | |
2740 | expression to start and stop the service. Behind the scenes, service | |
2741 | definitions are ``translated'' into the form suitable for the | |
2742 | configuration file of dmd, the init system (@pxref{Services,,, dmd, GNU | |
2743 | dmd Manual}). | |
2744 | ||
2745 | As an example, here is what the @code{nscd-service} procedure looks | |
2746 | like: | |
2747 | ||
2748 | @lisp | |
2749 | (define (nscd-service) | |
2750 | (mlet %store-monad ((nscd (package-file glibc "sbin/nscd"))) | |
2751 | (return (service | |
2752 | (documentation "Run libc's name service cache daemon.") | |
2753 | (provision '(nscd)) | |
2754 | (start `(make-forkexec-constructor ,nscd "-f" "/dev/null" | |
2755 | "--foreground")) | |
2756 | (stop `(make-kill-destructor)) | |
2757 | ||
2758 | (respawn? #f) | |
2759 | (inputs `(("glibc" ,glibc))))))) | |
2760 | @end lisp | |
2761 | ||
2762 | @noindent | |
2763 | The @code{inputs} field specifies that this service depends on the | |
2764 | @var{glibc} package---the package that contains the @command{nscd} | |
2765 | program. The @code{start} and @code{stop} fields are expressions that | |
2766 | make use of dmd's facilities to start and stop processes (@pxref{Service | |
2767 | De- and Constructors,,, dmd, GNU dmd Manual}). The @code{provision} | |
2768 | field specifies the name under which this service is known to dmd, and | |
2769 | @code{documentation} specifies on-line documentation. Thus, the | |
2770 | commands @command{deco start ncsd}, @command{deco stop nscd}, and | |
2771 | @command{deco doc nscd} will do what you would expect (@pxref{Invoking | |
2772 | deco,,, dmd, GNU dmd Manual}). | |
2773 | ||
2774 | ||
9bf3c1a7 LC |
2775 | @c ********************************************************************* |
2776 | @node Contributing | |
2777 | @chapter Contributing | |
2778 | ||
2779 | This project is a cooperative effort, and we need your help to make it | |
63f6004b | 2780 | grow! Please get in touch with us on @email{guix-devel@@gnu.org}. We |
a1ba8475 | 2781 | welcome ideas, bug reports, patches, and anything that may be helpful to |
da7cabd4 AE |
2782 | the project. We particularly welcome help on packaging |
2783 | (@pxref{Packaging Guidelines}). | |
a1ba8475 | 2784 | |
9bf3c1a7 LC |
2785 | Please see the |
2786 | @url{http://git.savannah.gnu.org/cgit/guix.git/tree/HACKING, | |
2787 | @file{HACKING} file} that comes with the Guix source code for practical | |
2788 | details about contributions. | |
2789 | ||
c78bd12b | 2790 | |
568717fd LC |
2791 | @c ********************************************************************* |
2792 | @node Acknowledgments | |
2793 | @chapter Acknowledgments | |
2794 | ||
2795 | Guix is based on the Nix package manager, which was designed and | |
2796 | implemented by Eelco Dolstra. Nix pioneered functional package | |
2797 | management, and promoted unprecedented features, such as transactional | |
2798 | package upgrades and rollbacks, per-user profiles, and referentially | |
2799 | transparent build processes. Without this work, Guix would not exist. | |
2800 | ||
2801 | The Nix-based software distributions, Nixpkgs and NixOS, have also been | |
2802 | an inspiration for Guix. | |
2803 | ||
2804 | @c ********************************************************************* | |
2805 | @node GNU Free Documentation License | |
2806 | @appendix GNU Free Documentation License | |
2807 | ||
2808 | @include fdl-1.3.texi | |
2809 | ||
2810 | @c ********************************************************************* | |
2811 | @node Concept Index | |
2812 | @unnumbered Concept Index | |
2813 | @printindex cp | |
2814 | ||
2815 | @node Function Index | |
2816 | @unnumbered Function Index | |
2817 | @printindex fn | |
2818 | ||
2819 | @bye | |
2820 | ||
2821 | @c Local Variables: | |
2822 | @c ispell-local-dictionary: "american"; | |
2823 | @c End: |