Commit | Line | Data |
---|---|---|
568717fd LC |
1 | \input texinfo |
2 | @c -*-texinfo-*- | |
3 | ||
4 | @c %**start of header | |
5 | @setfilename guix.info | |
6 | @documentencoding UTF-8 | |
f8348b91 | 7 | @settitle GNU Guix Reference Manual |
568717fd LC |
8 | @c %**end of header |
9 | ||
10 | @include version.texi | |
7df7a74e NK |
11 | |
12 | @copying | |
4379c35b | 13 | Copyright @copyright{} 2012, 2013, 2014, 2015 Ludovic Courtès@* |
af8a56b8 | 14 | Copyright @copyright{} 2013, 2014 Andreas Enge@* |
7df7a74e NK |
15 | Copyright @copyright{} 2013 Nikita Karetnikov |
16 | ||
17 | Permission is granted to copy, distribute and/or modify this document | |
18 | under the terms of the GNU Free Documentation License, Version 1.3 or | |
19 | any later version published by the Free Software Foundation; with no | |
20 | Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A | |
21 | copy of the license is included in the section entitled ``GNU Free | |
22 | Documentation License''. | |
23 | @end copying | |
568717fd | 24 | |
eeaf4427 | 25 | @dircategory Package management |
568717fd LC |
26 | @direntry |
27 | * guix: (guix). Guix, the functional package manager. | |
e49951eb | 28 | * guix package: (guix)Invoking guix package |
eeaf4427 | 29 | Managing packages with Guix. |
e49951eb | 30 | * guix build: (guix)Invoking guix build |
568717fd | 31 | Building packages with Guix. |
054e8576 LC |
32 | * guix system: (guix)Invoking guix system |
33 | Managing the operating system configuration. | |
568717fd | 34 | @end direntry |
568717fd | 35 | |
372c4bbc DT |
36 | @dircategory Software development |
37 | @direntry | |
38 | * guix environment: (guix)Invoking guix environment | |
39 | Building development environments with Guix. | |
40 | @end direntry | |
41 | ||
568717fd | 42 | @titlepage |
7730d112 LC |
43 | @title GNU Guix Reference Manual |
44 | @subtitle Using the GNU Guix Functional Package Manager | |
568717fd | 45 | @author Ludovic Courtès |
da7cabd4 | 46 | @author Andreas Enge |
acc08466 | 47 | @author Nikita Karetnikov |
568717fd LC |
48 | |
49 | @page | |
50 | @vskip 0pt plus 1filll | |
51 | Edition @value{EDITION} @* | |
52 | @value{UPDATED} @* | |
53 | ||
7df7a74e | 54 | @insertcopying |
568717fd LC |
55 | @end titlepage |
56 | ||
568717fd LC |
57 | @contents |
58 | ||
59 | @c ********************************************************************* | |
60 | @node Top | |
f8348b91 | 61 | @top GNU Guix |
568717fd | 62 | |
f8348b91 LC |
63 | This document describes GNU Guix version @value{VERSION}, a functional |
64 | package management tool written for the GNU system. | |
568717fd LC |
65 | |
66 | @menu | |
67 | * Introduction:: What is Guix about? | |
bd5e766b | 68 | * Installation:: Installing Guix. |
eeaf4427 | 69 | * Package Management:: Package installation, upgrade, etc. |
568717fd LC |
70 | * Programming Interface:: Using Guix in Scheme. |
71 | * Utilities:: Package management commands. | |
a1ba8475 | 72 | * GNU Distribution:: Software for your friendly GNU system. |
9bf3c1a7 | 73 | * Contributing:: Your help needed! |
568717fd LC |
74 | |
75 | * Acknowledgments:: Thanks! | |
76 | * GNU Free Documentation License:: The license of this manual. | |
77 | * Concept Index:: Concepts. | |
a85b83d2 | 78 | * Programming Index:: Data types, functions, and variables. |
aaa3eaa9 LC |
79 | |
80 | @detailmenu | |
81 | --- The Detailed Node Listing --- | |
82 | ||
83 | Installation | |
84 | ||
85 | * Requirements:: Software needed to build and run Guix. | |
ec0339cd | 86 | * Running the Test Suite:: Testing Guix. |
aaa3eaa9 LC |
87 | * Setting Up the Daemon:: Preparing the build daemon's environment. |
88 | * Invoking guix-daemon:: Running the build daemon. | |
89 | ||
90 | Setting Up the Daemon | |
91 | ||
92 | * Build Environment Setup:: Preparing the isolated build environment. | |
93 | * Daemon Offload Setup:: Offloading builds to remote machines. | |
94 | ||
95 | Package Management | |
96 | ||
97 | * Features:: How Guix will make your life brighter. | |
98 | * Invoking guix package:: Package installation, removal, etc. | |
99 | * Emacs Interface:: Package management from Emacs. | |
100 | * Substitutes:: Downloading pre-built binaries. | |
101 | * Packages with Multiple Outputs:: Single source package, multiple outputs. | |
102 | * Invoking guix gc:: Running the garbage collector. | |
103 | * Invoking guix pull:: Fetching the latest Guix and distribution. | |
104 | * Invoking guix archive:: Exporting and importing store files. | |
105 | ||
106 | Programming Interface | |
107 | ||
108 | * Defining Packages:: Defining new packages. | |
109 | * Build Systems:: Specifying how packages are built. | |
110 | * The Store:: Manipulating the package store. | |
111 | * Derivations:: Low-level interface to package derivations. | |
112 | * The Store Monad:: Purely functional interface to the store. | |
113 | * G-Expressions:: Manipulating build expressions. | |
114 | ||
115 | Utilities | |
116 | ||
117 | * Invoking guix build:: Building packages from the command line. | |
118 | * Invoking guix download:: Downloading a file and printing its hash. | |
119 | * Invoking guix hash:: Computing the cryptographic hash of a file. | |
120 | * Invoking guix import:: Importing package definitions. | |
121 | * Invoking guix refresh:: Updating package definitions. | |
122 | * Invoking guix lint:: Finding errors in package definitions. | |
123 | * Invoking guix environment:: Setting up development environments. | |
aff8ce7c | 124 | * Invoking guix publish:: Sharing substitutes. |
aaa3eaa9 LC |
125 | |
126 | GNU Distribution | |
127 | ||
128 | * System Installation:: Installing the whole operating system. | |
35ed9306 | 129 | * System Configuration:: Configuring the operating system. |
aaa3eaa9 LC |
130 | * Installing Debugging Files:: Feeding the debugger. |
131 | * Security Updates:: Deploying security fixes quickly. | |
132 | * Package Modules:: Packages from the programmer's viewpoint. | |
133 | * Packaging Guidelines:: Growing the distribution. | |
134 | * Bootstrapping:: GNU/Linux built from scratch. | |
135 | * Porting:: Targeting another platform or kernel. | |
136 | ||
137 | System Configuration | |
138 | ||
139 | * Using the Configuration System:: Customizing your GNU system. | |
140 | * operating-system Reference:: Detail of operating-system declarations. | |
141 | * File Systems:: Configuring file system mounts. | |
142 | * Mapped Devices:: Block device extra processing. | |
143 | * User Accounts:: Specifying user accounts. | |
598e19dc | 144 | * Locales:: Language and cultural convention settings. |
aaa3eaa9 LC |
145 | * Services:: Specifying system services. |
146 | * Setuid Programs:: Programs running with root privileges. | |
996ed739 | 147 | * Name Service Switch:: Configuring libc's name service switch. |
aaa3eaa9 LC |
148 | * Initial RAM Disk:: Linux-Libre bootstrapping. |
149 | * GRUB Configuration:: Configuring the boot loader. | |
150 | * Invoking guix system:: Instantiating a system configuration. | |
151 | * Defining Services:: Adding new service definitions. | |
152 | ||
153 | Services | |
154 | ||
155 | * Base Services:: Essential system services. | |
156 | * Networking Services:: Network setup, SSH daemon, etc. | |
157 | * X Window:: Graphical display. | |
aa4ed923 | 158 | * Various Services:: Other services. |
aaa3eaa9 LC |
159 | |
160 | Packaging Guidelines | |
161 | ||
ec0339cd LC |
162 | * Software Freedom:: What may go into the distribution. |
163 | * Package Naming:: What's in a name? | |
164 | * Version Numbers:: When the name is not enough. | |
165 | * Python Modules:: Taming the snake. | |
166 | * Perl Modules:: Little pearls. | |
167 | * Fonts:: Fond of fonts. | |
aaa3eaa9 LC |
168 | |
169 | @end detailmenu | |
568717fd LC |
170 | @end menu |
171 | ||
172 | @c ********************************************************************* | |
173 | @node Introduction | |
174 | @chapter Introduction | |
175 | ||
c80e7e55 LC |
176 | GNU Guix@footnote{``Guix'' is pronounced like ``geeks'', or ``ɡiːks'' |
177 | using the international phonetic alphabet (IPA).} is a functional | |
178 | package management tool for the GNU system. Package management consists | |
4bfc4ea3 NK |
179 | of all activities that relate to building packages from sources, |
180 | honoring their build-time and run-time dependencies, | |
c80e7e55 LC |
181 | installing packages in user environments, upgrading installed packages |
182 | to new versions or rolling back to a previous set, removing unused | |
183 | software packages, etc. | |
568717fd LC |
184 | |
185 | @cindex functional package management | |
186 | The term @dfn{functional} refers to a specific package management | |
187 | discipline. In Guix, the package build and installation process is seen | |
4bfc4ea3 NK |
188 | as a function, in the mathematical sense. That function takes inputs, |
189 | such as build scripts, a compiler, and libraries, and | |
190 | returns an installed package. As a pure function, its result depends | |
568717fd LC |
191 | solely on its inputs---for instance, it cannot refer to software or |
192 | scripts that were not explicitly passed as inputs. A build function | |
4bfc4ea3 NK |
193 | always produces the same result when passed a given set of inputs. It |
194 | cannot alter the system's environment in | |
568717fd LC |
195 | any way; for instance, it cannot create, modify, or delete files outside |
196 | of its build and installation directories. This is achieved by running | |
e900c503 | 197 | build processes in isolated environments (or @dfn{containers}), where only their |
4bfc4ea3 | 198 | explicit inputs are visible. |
568717fd | 199 | |
e531ac2a | 200 | @cindex store |
568717fd | 201 | The result of package build functions is @dfn{cached} in the file |
e531ac2a LC |
202 | system, in a special directory called @dfn{the store} (@pxref{The |
203 | Store}). Each package is installed in a directory of its own, in the | |
834129e0 | 204 | store---by default under @file{/gnu/store}. The directory name contains |
568717fd LC |
205 | a hash of all the inputs used to build that package; thus, changing an |
206 | input yields a different directory name. | |
207 | ||
208 | This approach is the foundation of Guix's salient features: support for | |
4bfc4ea3 | 209 | transactional package upgrade and rollback, per-user installation, and |
eeaf4427 | 210 | garbage collection of packages (@pxref{Features}). |
568717fd | 211 | |
4bfc4ea3 | 212 | Guix has a command-line interface, which allows users to build, install, |
568717fd | 213 | upgrade, and remove packages, as well as a Scheme programming interface. |
568717fd | 214 | |
3ca2731c LC |
215 | @cindex Guix System Distribution |
216 | @cindex GSD | |
a1ba8475 | 217 | Last but not least, Guix is used to build a distribution of the GNU |
3ca2731c LC |
218 | system, with many GNU and non-GNU free software packages. The Guix |
219 | System Distribution, or GNU@tie{}GSD, takes advantage of the core | |
220 | properties of Guix at the system level. With GNU@tie{}GSD, users | |
221 | @emph{declare} all aspects of the operating system configuration, and | |
222 | Guix takes care of instantiating that configuration in a reproducible, | |
223 | stateless fashion. @xref{GNU Distribution}. | |
a1ba8475 | 224 | |
bd5e766b LC |
225 | @c ********************************************************************* |
226 | @node Installation | |
227 | @chapter Installation | |
228 | ||
48febeb8 LC |
229 | GNU Guix is available for download from its website at |
230 | @url{http://www.gnu.org/software/guix/}. This section describes the | |
231 | software requirements of Guix, as well as how to install it and get | |
232 | ready to use it. | |
bd5e766b | 233 | |
5af6de3e LC |
234 | Note that this section is concerned with the installation of the package |
235 | manager, which can be done on top of a running GNU/Linux system. If, | |
236 | instead, you want to install the complete GNU operating system, | |
6621cdb6 | 237 | @pxref{System Installation}. |
5af6de3e | 238 | |
b22a12fd | 239 | The build procedure for Guix is the same as for other GNU software, and |
1da983b9 | 240 | is not covered here. Please see the files @file{README} and |
b22a12fd LC |
241 | @file{INSTALL} in the Guix source tree for additional details. |
242 | ||
bd5e766b LC |
243 | @menu |
244 | * Requirements:: Software needed to build and run Guix. | |
ec0339cd | 245 | * Running the Test Suite:: Testing Guix. |
bd5e766b LC |
246 | * Setting Up the Daemon:: Preparing the build daemon's environment. |
247 | * Invoking guix-daemon:: Running the build daemon. | |
248 | @end menu | |
249 | ||
250 | @node Requirements | |
251 | @section Requirements | |
252 | ||
253 | GNU Guix depends on the following packages: | |
254 | ||
255 | @itemize | |
4a328f73 | 256 | @item @url{http://gnu.org/software/guile/, GNU Guile}, version 2.0.5 or later; |
288dca55 | 257 | @item @url{http://gnupg.org/, GNU libgcrypt}; |
8a96bd4b ID |
258 | @end itemize |
259 | ||
260 | The following dependencies are optional: | |
261 | ||
262 | @itemize | |
288dca55 | 263 | @item |
8a96bd4b | 264 | Installing |
288dca55 | 265 | @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will |
2f7d2d91 LC |
266 | allow you to use the @command{guix import pypi} command (@pxref{Invoking |
267 | guix import}). It is of | |
288dca55 | 268 | interest primarily for developers and not for casual users. |
8a96bd4b ID |
269 | @item |
270 | Installing @uref{http://gnutls.org/, GnuTLS-Guile} will | |
271 | allow you to access @code{https} URLs with the @command{guix download} | |
d45dc6da EB |
272 | command (@pxref{Invoking guix download}), the @command{guix import pypi} |
273 | command, and the @command{guix import cpan} command. This is primarily | |
274 | of interest to developers. @xref{Guile Preparations, how to install the | |
275 | GnuTLS bindings for Guile,, gnutls-guile, GnuTLS-Guile}. | |
bd5e766b LC |
276 | @end itemize |
277 | ||
278 | Unless @code{--disable-daemon} was passed to @command{configure}, the | |
279 | following packages are also needed: | |
280 | ||
281 | @itemize | |
282 | @item @url{http://sqlite.org, SQLite 3} | |
283 | @item @url{http://www.bzip.org, libbz2} | |
284 | @item @url{http://gcc.gnu.org, GCC's g++} | |
285 | @end itemize | |
286 | ||
4bfc4ea3 NK |
287 | When a working installation of @url{http://nixos.org/nix/, the Nix package |
288 | manager} is available, you | |
bd5e766b | 289 | can instead configure Guix with @code{--disable-daemon}. In that case, |
4bfc4ea3 | 290 | Nix replaces the three dependencies above. |
bd5e766b | 291 | |
b22a12fd LC |
292 | Guix is compatible with Nix, so it is possible to share the same store |
293 | between both. To do so, you must pass @command{configure} not only the | |
294 | same @code{--with-store-dir} value, but also the same | |
4bfc4ea3 NK |
295 | @code{--localstatedir} value. The latter is essential because it |
296 | specifies where the database that stores metadata about the store is | |
834129e0 | 297 | located, among other things. The default values for Nix are |
b22a12fd | 298 | @code{--with-store-dir=/nix/store} and @code{--localstatedir=/nix/var}. |
4bfc4ea3 NK |
299 | Note that @code{--disable-daemon} is not required if |
300 | your goal is to share the store with Nix. | |
b22a12fd | 301 | |
ec0339cd LC |
302 | @node Running the Test Suite |
303 | @section Running the Test Suite | |
304 | ||
305 | After a successful @command{configure} and @code{make} run, it is a good | |
306 | idea to run the test suite. It can help catch issues with the setup or | |
307 | environment, or bugs in Guix itself---and really, reporting test | |
308 | failures is a good way to help improve the software. To run the test | |
309 | suite, type: | |
310 | ||
311 | @example | |
312 | make check | |
313 | @end example | |
314 | ||
315 | Test cases can run in parallel: you can use the @code{-j} option of | |
316 | GNU@tie{}make to speed things up. The first run may take a few minutes | |
317 | on a recent machine; subsequent runs will be faster because the store | |
318 | that is created for test purposes will already have various things in | |
319 | cache. | |
320 | ||
321 | Upon failure, please email @email{bug-guix@@gnu.org} and attach the | |
322 | @file{test-suite.log} file. When @file{tests/@var{something}.scm} | |
323 | fails, please also attach the @file{@var{something}.log} file available | |
324 | in the top-level build directory. Please specify the Guix version being | |
325 | used as well as version numbers of the dependencies | |
326 | (@pxref{Requirements}) in your message. | |
327 | ||
bd5e766b LC |
328 | @node Setting Up the Daemon |
329 | @section Setting Up the Daemon | |
330 | ||
331 | @cindex daemon | |
332 | Operations such as building a package or running the garbage collector | |
49e6291a | 333 | are all performed by a specialized process, the @dfn{build daemon}, on |
bd5e766b LC |
334 | behalf of clients. Only the daemon may access the store and its |
335 | associated database. Thus, any operation that manipulates the store | |
336 | goes through the daemon. For instance, command-line tools such as | |
e49951eb | 337 | @command{guix package} and @command{guix build} communicate with the |
bd5e766b LC |
338 | daemon (@i{via} remote procedure calls) to instruct it what to do. |
339 | ||
49e6291a | 340 | The following sections explain how to prepare the build daemon's |
225dafde LC |
341 | environment. Also @ref{Substitutes}, for information on how to allow |
342 | the daemon to download pre-built binaries. | |
49e6291a LC |
343 | |
344 | @menu | |
345 | * Build Environment Setup:: Preparing the isolated build environment. | |
346 | * Daemon Offload Setup:: Offloading builds to remote machines. | |
347 | @end menu | |
348 | ||
349 | @node Build Environment Setup | |
350 | @subsection Build Environment Setup | |
351 | ||
bd5e766b LC |
352 | In a standard multi-user setup, Guix and its daemon---the |
353 | @command{guix-daemon} program---are installed by the system | |
834129e0 | 354 | administrator; @file{/gnu/store} is owned by @code{root} and |
bd5e766b LC |
355 | @command{guix-daemon} runs as @code{root}. Unprivileged users may use |
356 | Guix tools to build packages or otherwise access the store, and the | |
357 | daemon will do it on their behalf, ensuring that the store is kept in a | |
358 | consistent state, and allowing built packages to be shared among users. | |
359 | ||
360 | @cindex build users | |
361 | When @command{guix-daemon} runs as @code{root}, you may not want package | |
362 | build processes themselves to run as @code{root} too, for obvious | |
363 | security reasons. To avoid that, a special pool of @dfn{build users} | |
364 | should be created for use by build processes started by the daemon. | |
365 | These build users need not have a shell and a home directory: they will | |
366 | just be used when the daemon drops @code{root} privileges in build | |
367 | processes. Having several such users allows the daemon to launch | |
368 | distinct build processes under separate UIDs, which guarantees that they | |
369 | do not interfere with each other---an essential feature since builds are | |
370 | regarded as pure functions (@pxref{Introduction}). | |
371 | ||
372 | On a GNU/Linux system, a build user pool may be created like this (using | |
373 | Bash syntax and the @code{shadow} commands): | |
374 | ||
091196b3 LC |
375 | @c See http://lists.gnu.org/archive/html/bug-guix/2013-01/msg00239.html |
376 | @c for why `-G' is needed. | |
bd5e766b LC |
377 | @example |
378 | # groupadd guix-builder | |
379 | # for i in `seq 1 10`; | |
380 | do | |
091196b3 LC |
381 | useradd -g guix-builder -G guix-builder \ |
382 | -d /var/empty -s `which nologin` \ | |
4d1a2b50 LC |
383 | -c "Guix build user $i" --system \ |
384 | guix-builder$i; | |
bd5e766b LC |
385 | done |
386 | @end example | |
387 | ||
388 | @noindent | |
389 | The @code{guix-daemon} program may then be run as @code{root} with: | |
390 | ||
391 | @example | |
392 | # guix-daemon --build-users-group=guix-builder | |
393 | @end example | |
394 | ||
e900c503 | 395 | @cindex chroot |
b095792f LC |
396 | @noindent |
397 | This way, the daemon starts build processes in a chroot, under one of | |
398 | the @code{guix-builder} users. On GNU/Linux, by default, the chroot | |
6dc99317 LC |
399 | environment contains nothing but: |
400 | ||
401 | @c Keep this list in sync with libstore/build.cc! ----------------------- | |
402 | @itemize | |
403 | @item | |
4743a4da LC |
404 | a minimal @code{/dev} directory, created mostly independently from the |
405 | host @code{/dev}@footnote{``Mostly'', because while the set of files | |
406 | that appear in the chroot's @code{/dev} is fixed, most of these files | |
407 | can only be created if the host has them.}; | |
408 | ||
409 | @item | |
410 | the @code{/proc} directory; it only shows the container's processes | |
411 | since a separate PID name space is used; | |
6dc99317 LC |
412 | |
413 | @item | |
414 | @file{/etc/passwd} with an entry for the current user and an entry for | |
415 | user @file{nobody}; | |
416 | ||
417 | @item | |
418 | @file{/etc/group} with an entry for the user's group; | |
419 | ||
420 | @item | |
421 | @file{/etc/hosts} with an entry that maps @code{localhost} to | |
422 | @code{127.0.0.1}; | |
423 | ||
424 | @item | |
425 | a writable @file{/tmp} directory. | |
426 | @end itemize | |
b095792f | 427 | |
d43eb499 | 428 | If you are installing Guix as an unprivileged user, it is still |
bd5e766b LC |
429 | possible to run @command{guix-daemon}. However, build processes will |
430 | not be isolated from one another, and not from the rest of the system. | |
431 | Thus, build processes may interfere with each other, and may access | |
432 | programs, libraries, and other files available on the system---making it | |
433 | much harder to view them as @emph{pure} functions. | |
434 | ||
49e6291a LC |
435 | |
436 | @node Daemon Offload Setup | |
437 | @subsection Using the Offload Facility | |
438 | ||
439 | @cindex offloading | |
4ec2e92d LC |
440 | @cindex build hook |
441 | When desired, the build daemon can @dfn{offload} | |
442 | derivation builds to other machines | |
49e6291a LC |
443 | running Guix, using the @code{offload} @dfn{build hook}. When that |
444 | feature is enabled, a list of user-specified build machines is read from | |
445 | @file{/etc/guix/machines.scm}; anytime a build is requested, for | |
446 | instance via @code{guix build}, the daemon attempts to offload it to one | |
447 | of the machines that satisfies the derivation's constraints, in | |
448 | particular its system type---e.g., @file{x86_64-linux}. Missing | |
449 | prerequisites for the build are copied over SSH to the target machine, | |
450 | which then proceeds with the build; upon success the output(s) of the | |
451 | build are copied back to the initial machine. | |
452 | ||
4ec2e92d | 453 | The @file{/etc/guix/machines.scm} file typically looks like this: |
49e6291a LC |
454 | |
455 | @example | |
456 | (list (build-machine | |
457 | (name "eightysix.example.org") | |
458 | (system "x86_64-linux") | |
459 | (user "bob") | |
460 | (speed 2.)) ; incredibly fast! | |
461 | ||
462 | (build-machine | |
463 | (name "meeps.example.org") | |
464 | (system "mips64el-linux") | |
465 | (user "alice") | |
466 | (private-key | |
467 | (string-append (getenv "HOME") | |
468 | "/.ssh/id-rsa-for-guix")))) | |
469 | @end example | |
470 | ||
471 | @noindent | |
472 | In the example above we specify a list of two build machines, one for | |
473 | the @code{x86_64} architecture and one for the @code{mips64el} | |
4ec2e92d LC |
474 | architecture. |
475 | ||
476 | In fact, this file is---not surprisingly!---a Scheme file that is | |
477 | evaluated when the @code{offload} hook is started. Its return value | |
478 | must be a list of @code{build-machine} objects. While this example | |
479 | shows a fixed list of build machines, one could imagine, say, using | |
480 | DNS-SD to return a list of potential build machines discovered in the | |
481 | local network (@pxref{Introduction, Guile-Avahi,, guile-avahi, Using | |
c678a4ee LC |
482 | Avahi in Guile Scheme Programs}). The @code{build-machine} data type is |
483 | detailed below. | |
4ec2e92d | 484 | |
c678a4ee LC |
485 | @deftp {Data Type} build-machine |
486 | This data type represents build machines the daemon may offload builds | |
487 | to. The important fields are: | |
49e6291a LC |
488 | |
489 | @table @code | |
490 | ||
491 | @item name | |
492 | The remote machine's host name. | |
493 | ||
494 | @item system | |
c678a4ee | 495 | The remote machine's system type---e.g., @code{"x86_64-linux"}. |
49e6291a LC |
496 | |
497 | @item user | |
498 | The user account to use when connecting to the remote machine over SSH. | |
499 | Note that the SSH key pair must @emph{not} be passphrase-protected, to | |
500 | allow non-interactive logins. | |
501 | ||
502 | @end table | |
503 | ||
4ec2e92d | 504 | A number of optional fields may be specified: |
49e6291a LC |
505 | |
506 | @table @code | |
507 | ||
cecd72d5 LC |
508 | @item port |
509 | Port number of the machine's SSH server (default: 22). | |
510 | ||
49e6291a LC |
511 | @item private-key |
512 | The SSH private key file to use when connecting to the machine. | |
513 | ||
514 | @item parallel-builds | |
515 | The number of builds that may run in parallel on the machine (1 by | |
516 | default.) | |
517 | ||
518 | @item speed | |
519 | A ``relative speed factor''. The offload scheduler will tend to prefer | |
520 | machines with a higher speed factor. | |
521 | ||
522 | @item features | |
523 | A list of strings denoting specific features supported by the machine. | |
524 | An example is @code{"kvm"} for machines that have the KVM Linux modules | |
525 | and corresponding hardware support. Derivations can request features by | |
526 | name, and they will be scheduled on matching build machines. | |
527 | ||
528 | @end table | |
c678a4ee | 529 | @end deftp |
49e6291a LC |
530 | |
531 | The @code{guix} command must be in the search path on the build | |
532 | machines, since offloading works by invoking the @code{guix archive} and | |
533 | @code{guix build} commands. | |
534 | ||
535 | There's one last thing to do once @file{machines.scm} is in place. As | |
536 | explained above, when offloading, files are transferred back and forth | |
537 | between the machine stores. For this to work, you need to generate a | |
538 | key pair to allow the daemon to export signed archives of files from the | |
539 | store (@pxref{Invoking guix archive}): | |
540 | ||
541 | @example | |
542 | # guix archive --generate-key | |
543 | @end example | |
544 | ||
545 | @noindent | |
546 | Thus, when receiving files, a machine's build daemon can make sure they | |
547 | are genuine, have not been tampered with, and that they are signed by an | |
548 | authorized key. | |
549 | ||
550 | ||
bd5e766b LC |
551 | @node Invoking guix-daemon |
552 | @section Invoking @command{guix-daemon} | |
553 | ||
554 | The @command{guix-daemon} program implements all the functionality to | |
555 | access the store. This includes launching build processes, running the | |
556 | garbage collector, querying the availability of a build result, etc. It | |
557 | is normally run as @code{root} like this: | |
558 | ||
559 | @example | |
560 | # guix-daemon --build-users-group=guix-builder | |
561 | @end example | |
562 | ||
563 | @noindent | |
081145cf | 564 | For details on how to set it up, @pxref{Setting Up the Daemon}. |
bd5e766b | 565 | |
e900c503 LC |
566 | @cindex chroot |
567 | @cindex container, build environment | |
568 | @cindex build environment | |
569 | @cindex reproducible builds | |
bd5e766b LC |
570 | By default, @command{guix-daemon} launches build processes under |
571 | different UIDs, taken from the build group specified with | |
572 | @code{--build-users-group}. In addition, each build process is run in a | |
573 | chroot environment that only contains the subset of the store that the | |
574 | build process depends on, as specified by its derivation | |
575 | (@pxref{Programming Interface, derivation}), plus a set of specific | |
576 | system directories. By default, the latter contains @file{/dev} and | |
e900c503 LC |
577 | @file{/dev/pts}. Furthermore, on GNU/Linux, the build environment is a |
578 | @dfn{container}: in addition to having its own file system tree, it has | |
579 | a separate mount name space, its own PID name space, network name space, | |
580 | etc. This helps achieve reproducible builds (@pxref{Features}). | |
bd5e766b | 581 | |
cbc538fe LC |
582 | When the daemon performs a build on behalf of the user, it creates a |
583 | build directory under @file{/tmp} or under the directory specified by | |
584 | its @code{TMPDIR} environment variable; this directory is shared with | |
585 | the container for the duration of the build. Be aware that using a | |
586 | directory other than @file{/tmp} can affect build results---for example, | |
587 | with a longer directory name, a build process that uses Unix-domain | |
588 | sockets might hit the name length limitation for @code{sun_path}, which | |
589 | it would otherwise not hit. | |
590 | ||
591 | The build directory is automatically deleted upon completion, unless the | |
592 | build failed and the client specified @option{--keep-failed} | |
593 | (@pxref{Invoking guix build, @option{--keep-failed}}). | |
594 | ||
bd5e766b LC |
595 | The following command-line options are supported: |
596 | ||
597 | @table @code | |
598 | @item --build-users-group=@var{group} | |
599 | Take users from @var{group} to run build processes (@pxref{Setting Up | |
600 | the Daemon, build users}). | |
601 | ||
6858f9d1 | 602 | @item --no-substitutes |
b5385b52 | 603 | @cindex substitutes |
6858f9d1 | 604 | Do not use substitutes for build products. That is, always build things |
c4202d60 LC |
605 | locally instead of allowing downloads of pre-built binaries |
606 | (@pxref{Substitutes}). | |
6858f9d1 | 607 | |
b5385b52 LC |
608 | By default substitutes are used, unless the client---such as the |
609 | @command{guix package} command---is explicitly invoked with | |
610 | @code{--no-substitutes}. | |
611 | ||
612 | When the daemon runs with @code{--no-substitutes}, clients can still | |
613 | explicitly enable substitution @i{via} the @code{set-build-options} | |
614 | remote procedure call (@pxref{The Store}). | |
615 | ||
9176607e LC |
616 | @item --substitute-urls=@var{urls} |
617 | Consider @var{urls} the default whitespace-separated list of substitute | |
618 | source URLs. When this option is omitted, @code{http://hydra.gnu.org} | |
619 | is used. | |
620 | ||
621 | This means that substitutes may be downloaded from @var{urls}, as long | |
622 | as they are signed by a trusted signature (@pxref{Substitutes}). | |
623 | ||
4ec2e92d LC |
624 | @cindex build hook |
625 | @item --no-build-hook | |
626 | Do not use the @dfn{build hook}. | |
627 | ||
628 | The build hook is a helper program that the daemon can start and to | |
629 | which it submits build requests. This mechanism is used to offload | |
630 | builds to other machines (@pxref{Daemon Offload Setup}). | |
631 | ||
bd5e766b LC |
632 | @item --cache-failures |
633 | Cache build failures. By default, only successful builds are cached. | |
634 | ||
635 | @item --cores=@var{n} | |
636 | @itemx -c @var{n} | |
637 | Use @var{n} CPU cores to build each derivation; @code{0} means as many | |
638 | as available. | |
639 | ||
6efc160e | 640 | The default value is @code{0}, but it may be overridden by clients, such |
e49951eb MW |
641 | as the @code{--cores} option of @command{guix build} (@pxref{Invoking |
642 | guix build}). | |
bd5e766b LC |
643 | |
644 | The effect is to define the @code{NIX_BUILD_CORES} environment variable | |
645 | in the build process, which can then use it to exploit internal | |
646 | parallelism---for instance, by running @code{make -j$NIX_BUILD_CORES}. | |
647 | ||
648 | @item --max-jobs=@var{n} | |
649 | @itemx -M @var{n} | |
650 | Allow at most @var{n} build jobs in parallel. The default value is | |
f6526eb3 LC |
651 | @code{1}. Setting it to @code{0} means that no builds will be performed |
652 | locally; instead, the daemon will offload builds (@pxref{Daemon Offload | |
653 | Setup}), or simply fail. | |
bd5e766b LC |
654 | |
655 | @item --debug | |
656 | Produce debugging output. | |
657 | ||
658 | This is useful to debug daemon start-up issues, but then it may be | |
659 | overridden by clients, for example the @code{--verbosity} option of | |
e49951eb | 660 | @command{guix build} (@pxref{Invoking guix build}). |
bd5e766b LC |
661 | |
662 | @item --chroot-directory=@var{dir} | |
663 | Add @var{dir} to the build chroot. | |
664 | ||
665 | Doing this may change the result of build processes---for instance if | |
666 | they use optional dependencies found in @var{dir} when it is available, | |
667 | and not otherwise. For that reason, it is not recommended to do so. | |
668 | Instead, make sure that each derivation declares all the inputs that it | |
669 | needs. | |
670 | ||
671 | @item --disable-chroot | |
672 | Disable chroot builds. | |
673 | ||
674 | Using this option is not recommended since, again, it would allow build | |
675 | processes to gain access to undeclared dependencies. | |
676 | ||
677 | @item --disable-log-compression | |
678 | Disable compression of the build logs. | |
679 | ||
1da983b9 LC |
680 | Unless @code{--lose-logs} is used, all the build logs are kept in the |
681 | @var{localstatedir}. To save space, the daemon automatically compresses | |
682 | them with bzip2 by default. This option disables that. | |
683 | ||
ab3893d7 LC |
684 | @item --disable-deduplication |
685 | @cindex deduplication | |
bd5e766b LC |
686 | Disable automatic file ``deduplication'' in the store. |
687 | ||
1da983b9 | 688 | By default, files added to the store are automatically ``deduplicated'': |
ab3893d7 LC |
689 | if a newly added file is identical to another one found in the store, |
690 | the daemon makes the new file a hard link to the other file. This can | |
691 | noticeably reduce disk usage, at the expense of slightly increasde | |
692 | input/output load at the end of a build process. This option disables | |
693 | this optimization. | |
1da983b9 | 694 | |
6e37066e LC |
695 | @item --gc-keep-outputs[=yes|no] |
696 | Tell whether the garbage collector (GC) must keep outputs of live | |
697 | derivations. | |
698 | ||
699 | When set to ``yes'', the GC will keep the outputs of any live derivation | |
700 | available in the store---the @code{.drv} files. The default is ``no'', | |
701 | meaning that derivation outputs are kept only if they are GC roots. | |
702 | ||
703 | @item --gc-keep-derivations[=yes|no] | |
704 | Tell whether the garbage collector (GC) must keep derivations | |
705 | corresponding to live outputs. | |
706 | ||
707 | When set to ``yes'', as is the case by default, the GC keeps | |
708 | derivations---i.e., @code{.drv} files---as long as at least one of their | |
709 | outputs is live. This allows users to keep track of the origins of | |
710 | items in their store. Setting it to ``no'' saves a bit of disk space. | |
711 | ||
712 | Note that when both @code{--gc-keep-derivations} and | |
713 | @code{--gc-keep-outputs} are used, the effect is to keep all the build | |
714 | prerequisites (the sources, compiler, libraries, and other build-time | |
715 | tools) of live objects in the store, regardless of whether these | |
716 | prerequisites are live. This is convenient for developers since it | |
717 | saves rebuilds or downloads. | |
718 | ||
bd5e766b LC |
719 | @item --impersonate-linux-2.6 |
720 | On Linux-based systems, impersonate Linux 2.6. This means that the | |
721 | kernel's @code{uname} system call will report 2.6 as the release number. | |
722 | ||
723 | This might be helpful to build programs that (usually wrongfully) depend | |
724 | on the kernel version number. | |
725 | ||
726 | @item --lose-logs | |
727 | Do not keep build logs. By default they are kept under | |
ce33631f | 728 | @code{@var{localstatedir}/guix/log}. |
bd5e766b LC |
729 | |
730 | @item --system=@var{system} | |
731 | Assume @var{system} as the current system type. By default it is the | |
732 | architecture/kernel pair found at configure time, such as | |
733 | @code{x86_64-linux}. | |
b8d2aa26 LC |
734 | |
735 | @item --listen=@var{socket} | |
736 | Listen for connections on @var{socket}, the file name of a Unix-domain | |
737 | socket. The default socket is | |
738 | @file{@var{localstatedir}/daemon-socket/socket}. This option is only | |
739 | useful in exceptional circumstances, such as if you need to run several | |
740 | daemons on the same machine. | |
bd5e766b LC |
741 | @end table |
742 | ||
743 | ||
eeaf4427 LC |
744 | @c ********************************************************************* |
745 | @node Package Management | |
746 | @chapter Package Management | |
747 | ||
f8348b91 | 748 | The purpose of GNU Guix is to allow users to easily install, upgrade, and |
eeaf4427 LC |
749 | remove software packages, without having to know about their build |
750 | procedure or dependencies. Guix also goes beyond this obvious set of | |
751 | features. | |
752 | ||
753 | This chapter describes the main features of Guix, as well as the package | |
c1941588 LC |
754 | management tools it provides. Two user interfaces are provided for |
755 | routine package management tasks: a command-line interface | |
756 | (@pxref{Invoking guix package, @code{guix package}}), and a visual user | |
757 | interface in Emacs (@pxref{Emacs Interface}). | |
eeaf4427 LC |
758 | |
759 | @menu | |
760 | * Features:: How Guix will make your life brighter. | |
e49951eb | 761 | * Invoking guix package:: Package installation, removal, etc. |
457f60fa | 762 | * Emacs Interface:: Package management from Emacs. |
c4202d60 | 763 | * Substitutes:: Downloading pre-built binaries. |
760c60d6 | 764 | * Packages with Multiple Outputs:: Single source package, multiple outputs. |
e49951eb | 765 | * Invoking guix gc:: Running the garbage collector. |
f651b477 | 766 | * Invoking guix pull:: Fetching the latest Guix and distribution. |
760c60d6 | 767 | * Invoking guix archive:: Exporting and importing store files. |
eeaf4427 LC |
768 | @end menu |
769 | ||
770 | @node Features | |
771 | @section Features | |
772 | ||
773 | When using Guix, each package ends up in the @dfn{package store}, in its | |
774 | own directory---something that resembles | |
9a130e19 AK |
775 | @file{/gnu/store/xxx-package-1.2}, where @code{xxx} is a base32 string |
776 | (note that Guix comes with an Emacs extension to shorten those file | |
081145cf | 777 | names, @pxref{Emacs Prettify}.) |
eeaf4427 LC |
778 | |
779 | Instead of referring to these directories, users have their own | |
780 | @dfn{profile}, which points to the packages that they actually want to | |
821b0015 LC |
781 | use. These profiles are stored within each user's home directory, at |
782 | @code{$HOME/.guix-profile}. | |
eeaf4427 | 783 | |
821b0015 | 784 | For example, @code{alice} installs GCC 4.7.2. As a result, |
eeaf4427 | 785 | @file{/home/alice/.guix-profile/bin/gcc} points to |
834129e0 | 786 | @file{/gnu/store/@dots{}-gcc-4.7.2/bin/gcc}. Now, on the same machine, |
821b0015 LC |
787 | @code{bob} had already installed GCC 4.8.0. The profile of @code{bob} |
788 | simply continues to point to | |
834129e0 | 789 | @file{/gnu/store/@dots{}-gcc-4.8.0/bin/gcc}---i.e., both versions of GCC |
821b0015 | 790 | coexist on the same system without any interference. |
eeaf4427 | 791 | |
e49951eb MW |
792 | The @command{guix package} command is the central tool to manage |
793 | packages (@pxref{Invoking guix package}). It operates on those per-user | |
821b0015 | 794 | profiles, and can be used @emph{with normal user privileges}. |
eeaf4427 LC |
795 | |
796 | The command provides the obvious install, remove, and upgrade | |
797 | operations. Each invocation is actually a @emph{transaction}: either | |
ba55b1cb | 798 | the specified operation succeeds, or nothing happens. Thus, if the |
e49951eb | 799 | @command{guix package} process is terminated during the transaction, |
eeaf4427 LC |
800 | or if a power outage occurs during the transaction, then the user's |
801 | profile remains in its previous state, and remains usable. | |
802 | ||
803 | In addition, any package transaction may be @emph{rolled back}. So, if, | |
804 | for example, an upgrade installs a new version of a package that turns | |
805 | out to have a serious bug, users may roll back to the previous instance | |
4af2447e LC |
806 | of their profile, which was known to work well. Similarly, the global |
807 | system configuration is subject to transactional upgrades and roll-back | |
808 | (@pxref{Using the Configuration System}). | |
eeaf4427 LC |
809 | |
810 | All those packages in the package store may be @emph{garbage-collected}. | |
811 | Guix can determine which packages are still referenced by the user | |
fe8ff028 | 812 | profiles, and remove those that are provably no longer referenced |
e49951eb | 813 | (@pxref{Invoking guix gc}). Users may also explicitly remove old |
fe8ff028 LC |
814 | generations of their profile so that the packages they refer to can be |
815 | collected. | |
eeaf4427 | 816 | |
e900c503 LC |
817 | @cindex reproducibility |
818 | @cindex reproducible builds | |
eeaf4427 LC |
819 | Finally, Guix takes a @dfn{purely functional} approach to package |
820 | management, as described in the introduction (@pxref{Introduction}). | |
834129e0 | 821 | Each @file{/gnu/store} package directory name contains a hash of all the |
eeaf4427 LC |
822 | inputs that were used to build that package---compiler, libraries, build |
823 | scripts, etc. This direct correspondence allows users to make sure a | |
824 | given package installation matches the current state of their | |
e900c503 LC |
825 | distribution. It also helps maximize @dfn{build reproducibility}: |
826 | thanks to the isolated build environments that are used, a given build | |
827 | is likely to yield bit-identical files when performed on different | |
828 | machines (@pxref{Invoking guix-daemon, container}). | |
eeaf4427 | 829 | |
c4202d60 | 830 | @cindex substitutes |
eeaf4427 | 831 | This foundation allows Guix to support @dfn{transparent binary/source |
c4202d60 | 832 | deployment}. When a pre-built binary for a @file{/gnu/store} item is |
18f2887b | 833 | available from an external source---a @dfn{substitute}, Guix just |
c4202d60 LC |
834 | downloads it and unpacks it; |
835 | otherwise, it builds the package from source, locally | |
836 | (@pxref{Substitutes}). | |
eeaf4427 | 837 | |
f5fd4fd2 LC |
838 | Control over the build environment is a feature that is also useful for |
839 | developers. The @command{guix environment} command allows developers of | |
840 | a package to quickly set up the right development environment for their | |
841 | package, without having to manually install the package's dependencies | |
842 | in their profile (@pxref{Invoking guix environment}). | |
843 | ||
e49951eb MW |
844 | @node Invoking guix package |
845 | @section Invoking @command{guix package} | |
eeaf4427 | 846 | |
e49951eb | 847 | The @command{guix package} command is the tool that allows users to |
eeaf4427 LC |
848 | install, upgrade, and remove packages, as well as rolling back to |
849 | previous configurations. It operates only on the user's own profile, | |
850 | and works with normal user privileges (@pxref{Features}). Its syntax | |
851 | is: | |
852 | ||
853 | @example | |
e49951eb | 854 | guix package @var{options} |
eeaf4427 LC |
855 | @end example |
856 | ||
ba55b1cb | 857 | Primarily, @var{options} specifies the operations to be performed during |
eeaf4427 LC |
858 | the transaction. Upon completion, a new profile is created, but |
859 | previous generations of the profile remain available, should the user | |
860 | want to roll back. | |
861 | ||
6447738c MW |
862 | For example, to remove @code{lua} and install @code{guile} and |
863 | @code{guile-cairo} in a single transaction: | |
864 | ||
865 | @example | |
866 | guix package -r lua -i guile guile-cairo | |
867 | @end example | |
868 | ||
b9e5c0a9 | 869 | For each user, a symlink to the user's default profile is automatically |
0ec1af59 | 870 | created in @file{$HOME/.guix-profile}. This symlink always points to the |
b9e5c0a9 LC |
871 | current generation of the user's default profile. Thus, users can add |
872 | @file{$HOME/.guix-profile/bin} to their @code{PATH} environment | |
873 | variable, and so on. | |
874 | ||
4379c35b LC |
875 | In a multi-user setup, user profiles are stored in a place registered as |
876 | a @dfn{garbage-collector root}, which @file{$HOME/.guix-profile} points | |
877 | to (@pxref{Invoking guix gc}). That directory is normally | |
0ec1af59 LC |
878 | @code{@var{localstatedir}/profiles/per-user/@var{user}}, where |
879 | @var{localstatedir} is the value passed to @code{configure} as | |
4379c35b LC |
880 | @code{--localstatedir}, and @var{user} is the user name. The |
881 | @file{per-user} directory is created when @command{guix-daemon} is | |
882 | started, and the @var{user} sub-directory is created by @command{guix | |
883 | package}. | |
0ec1af59 LC |
884 | |
885 | The @var{options} can be among the following: | |
886 | ||
eeaf4427 LC |
887 | @table @code |
888 | ||
6447738c MW |
889 | @item --install=@var{package} @dots{} |
890 | @itemx -i @var{package} @dots{} | |
891 | Install the specified @var{package}s. | |
eeaf4427 | 892 | |
6447738c | 893 | Each @var{package} may specify either a simple package name, such as |
eeaf4427 | 894 | @code{guile}, or a package name followed by a hyphen and version number, |
dc5669cd MW |
895 | such as @code{guile-1.8.8}. If no version number is specified, the |
896 | newest available version will be selected. In addition, @var{package} | |
897 | may contain a colon, followed by the name of one of the outputs of the | |
6e721c4d | 898 | package, as in @code{gcc:doc} or @code{binutils-2.22:lib} |
e7f34eb0 LC |
899 | (@pxref{Packages with Multiple Outputs}). Packages with a corresponding |
900 | name (and optionally version) are searched for among the GNU | |
901 | distribution modules (@pxref{Package Modules}). | |
eeaf4427 | 902 | |
461572cc LC |
903 | @cindex propagated inputs |
904 | Sometimes packages have @dfn{propagated inputs}: these are dependencies | |
905 | that automatically get installed along with the required package. | |
906 | ||
907 | An example is the GNU MPC library: its C header files refer to those of | |
908 | the GNU MPFR library, which in turn refer to those of the GMP library. | |
909 | Thus, when installing MPC, the MPFR and GMP libraries also get installed | |
910 | in the profile; removing MPC also removes MPFR and GMP---unless they had | |
911 | also been explicitly installed independently. | |
912 | ||
ba7ea5ce | 913 | Besides, packages sometimes rely on the definition of environment |
5924080d | 914 | variables for their search paths (see explanation of |
ba7ea5ce | 915 | @code{--search-paths} below). Any missing or possibly incorrect |
5924080d LC |
916 | environment variable definitions are reported here. |
917 | ||
ef010c0f | 918 | @c XXX: keep me up-to-date |
5924080d | 919 | Finally, when installing a GNU package, the tool reports the |
ef010c0f LC |
920 | availability of a newer upstream version. In the future, it may provide |
921 | the option of installing directly from the upstream version, even if | |
922 | that version is not yet in the distribution. | |
923 | ||
5d4b411f LC |
924 | @item --install-from-expression=@var{exp} |
925 | @itemx -e @var{exp} | |
926 | Install the package @var{exp} evaluates to. | |
927 | ||
928 | @var{exp} must be a Scheme expression that evaluates to a | |
929 | @code{<package>} object. This option is notably useful to disambiguate | |
930 | between same-named variants of a package, with expressions such as | |
931 | @code{(@@ (gnu packages base) guile-final)}. | |
932 | ||
933 | Note that this option installs the first output of the specified | |
934 | package, which may be insufficient when needing a specific output of a | |
935 | multiple-output package. | |
936 | ||
6447738c MW |
937 | @item --remove=@var{package} @dots{} |
938 | @itemx -r @var{package} @dots{} | |
939 | Remove the specified @var{package}s. | |
eeaf4427 | 940 | |
6447738c | 941 | As for @code{--install}, each @var{package} may specify a version number |
13ed095c LC |
942 | and/or output name in addition to the package name. For instance, |
943 | @code{-r glibc:debug} would remove the @code{debug} output of | |
944 | @code{glibc}. | |
945 | ||
6447738c MW |
946 | @item --upgrade[=@var{regexp} @dots{}] |
947 | @itemx -u [@var{regexp} @dots{}] | |
948 | Upgrade all the installed packages. If one or more @var{regexp}s are | |
949 | specified, upgrade only installed packages whose name matches a | |
950 | @var{regexp}. | |
eeaf4427 | 951 | |
f651b477 LC |
952 | Note that this upgrades package to the latest version of packages found |
953 | in the distribution currently installed. To update your distribution, | |
954 | you should regularly run @command{guix pull} (@pxref{Invoking guix | |
955 | pull}). | |
956 | ||
24e262f0 LC |
957 | @item --roll-back |
958 | Roll back to the previous @dfn{generation} of the profile---i.e., undo | |
959 | the last transaction. | |
960 | ||
961 | When combined with options such as @code{--install}, roll back occurs | |
962 | before any other actions. | |
963 | ||
d9307267 | 964 | When rolling back from the first generation that actually contains |
4b2bc804 NK |
965 | installed packages, the profile is made to point to the @dfn{zeroth |
966 | generation}, which contains no files apart from its own meta-data. | |
d9307267 | 967 | |
82fe08ed LC |
968 | Installing, removing, or upgrading packages from a generation that has |
969 | been rolled back to overwrites previous future generations. Thus, the | |
970 | history of a profile's generations is always linear. | |
971 | ||
b3bb82f1 AK |
972 | @item --switch-generation=@var{pattern} |
973 | @itemx -S @var{pattern} | |
974 | Switch to a particular generation defined by @var{pattern}. | |
975 | ||
976 | @var{pattern} may be either a generation number or a number prefixed | |
977 | with ``+'' or ``-''. The latter means: move forward/backward by a | |
978 | specified number of generations. For example, if you want to return to | |
979 | the latest generation after @code{--roll-back}, use | |
980 | @code{--switch-generation=+1}. | |
981 | ||
982 | The difference between @code{--roll-back} and | |
983 | @code{--switch-generation=-1} is that @code{--switch-generation} will | |
984 | not make a zeroth generation, so if a specified generation does not | |
985 | exist, the current generation will not be changed. | |
986 | ||
5924080d LC |
987 | @item --search-paths |
988 | @cindex search paths | |
989 | Report environment variable definitions, in Bash syntax, that may be | |
990 | needed in order to use the set of installed packages. These environment | |
991 | variables are used to specify @dfn{search paths} for files used by some | |
992 | of the installed packages. | |
993 | ||
994 | For example, GCC needs the @code{CPATH} and @code{LIBRARY_PATH} | |
995 | environment variables to be defined so it can look for headers and | |
996 | libraries in the user's profile (@pxref{Environment Variables,,, gcc, | |
997 | Using the GNU Compiler Collection (GCC)}). If GCC and, say, the C | |
998 | library are installed in the profile, then @code{--search-paths} will | |
999 | suggest setting these variables to @code{@var{profile}/include} and | |
1000 | @code{@var{profile}/lib}, respectively. | |
1001 | ||
eeaf4427 LC |
1002 | @item --profile=@var{profile} |
1003 | @itemx -p @var{profile} | |
1004 | Use @var{profile} instead of the user's default profile. | |
1005 | ||
70915c1a LC |
1006 | @item --verbose |
1007 | Produce verbose output. In particular, emit the environment's build log | |
1008 | on the standard error port. | |
1009 | ||
eeaf4427 LC |
1010 | @item --bootstrap |
1011 | Use the bootstrap Guile to build the profile. This option is only | |
1012 | useful to distribution developers. | |
1013 | ||
1014 | @end table | |
1015 | ||
e49951eb | 1016 | In addition to these actions @command{guix package} supports the |
733b4130 LC |
1017 | following options to query the current state of a profile, or the |
1018 | availability of packages: | |
eeaf4427 | 1019 | |
733b4130 LC |
1020 | @table @option |
1021 | ||
acc08466 NK |
1022 | @item --search=@var{regexp} |
1023 | @itemx -s @var{regexp} | |
1024 | List the available packages whose synopsis or description matches | |
299112d3 LC |
1025 | @var{regexp}. Print all the meta-data of matching packages in |
1026 | @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, | |
1027 | GNU recutils manual}). | |
acc08466 | 1028 | |
299112d3 LC |
1029 | This allows specific fields to be extracted using the @command{recsel} |
1030 | command, for instance: | |
1031 | ||
1032 | @example | |
e49951eb | 1033 | $ guix package -s malloc | recsel -p name,version |
299112d3 LC |
1034 | name: glibc |
1035 | version: 2.17 | |
1036 | ||
1037 | name: libgc | |
1038 | version: 7.2alpha6 | |
1039 | @end example | |
acc08466 | 1040 | |
a12d92f5 LC |
1041 | Similarly, to show the name of all the packages available under the |
1042 | terms of the GNU@tie{}LGPL version 3: | |
1043 | ||
1044 | @example | |
1045 | $ guix package -s "" | recsel -p name -e 'license ~ "LGPL 3"' | |
1046 | name: elfutils | |
1047 | ||
1048 | name: gmp | |
1049 | @dots{} | |
1050 | @end example | |
1051 | ||
2aa6efb0 CR |
1052 | @item --show=@var{package} |
1053 | Show details about @var{package}, taken from the list of available packages, in | |
1054 | @code{recutils} format (@pxref{Top, GNU recutils databases,, recutils, GNU | |
1055 | recutils manual}). | |
1056 | ||
1057 | @example | |
1058 | $ guix package --show=python | recsel -p name,version | |
1059 | name: python | |
1060 | version: 2.7.6 | |
1061 | ||
1062 | name: python | |
1063 | version: 3.3.5 | |
1064 | @end example | |
1065 | ||
1066 | You may also specify the full name of a package to only get details about a | |
1067 | specific version of it: | |
1068 | @example | |
1069 | $ guix package --show=python-3.3.5 | recsel -p name,version | |
1070 | name: python | |
1071 | version: 3.3.5 | |
1072 | @end example | |
1073 | ||
1074 | ||
1075 | ||
733b4130 LC |
1076 | @item --list-installed[=@var{regexp}] |
1077 | @itemx -I [@var{regexp}] | |
bd9bde1c LC |
1078 | List the currently installed packages in the specified profile, with the |
1079 | most recently installed packages shown last. When @var{regexp} is | |
1080 | specified, list only installed packages whose name matches @var{regexp}. | |
733b4130 LC |
1081 | |
1082 | For each installed package, print the following items, separated by | |
1083 | tabs: the package name, its version string, the part of the package that | |
1084 | is installed (for instance, @code{out} for the default output, | |
1085 | @code{include} for its headers, etc.), and the path of this package in | |
1086 | the store. | |
1087 | ||
64fc89b6 LC |
1088 | @item --list-available[=@var{regexp}] |
1089 | @itemx -A [@var{regexp}] | |
a1ba8475 LC |
1090 | List packages currently available in the software distribution |
1091 | (@pxref{GNU Distribution}). When @var{regexp} is specified, list only | |
1092 | installed packages whose name matches @var{regexp}. | |
64fc89b6 LC |
1093 | |
1094 | For each package, print the following items separated by tabs: its name, | |
6e721c4d LC |
1095 | its version string, the parts of the package (@pxref{Packages with |
1096 | Multiple Outputs}), and the source location of its definition. | |
64fc89b6 | 1097 | |
f566d765 LC |
1098 | @item --list-generations[=@var{pattern}] |
1099 | @itemx -l [@var{pattern}] | |
1100 | Return a list of generations along with their creation dates; for each | |
1101 | generation, show the installed packages, with the most recently | |
4b2bc804 NK |
1102 | installed packages shown last. Note that the zeroth generation is never |
1103 | shown. | |
f566d765 LC |
1104 | |
1105 | For each installed package, print the following items, separated by | |
1106 | tabs: the name of a package, its version string, the part of the package | |
1107 | that is installed (@pxref{Packages with Multiple Outputs}), and the | |
1108 | location of this package in the store. | |
1109 | ||
1110 | When @var{pattern} is used, the command returns only matching | |
1111 | generations. Valid patterns include: | |
1112 | ||
1113 | @itemize | |
1114 | @item @emph{Integers and comma-separated integers}. Both patterns denote | |
1115 | generation numbers. For instance, @code{--list-generations=1} returns | |
1116 | the first one. | |
1117 | ||
1118 | And @code{--list-generations=1,8,2} outputs three generations in the | |
1119 | specified order. Neither spaces nor trailing commas are allowed. | |
1120 | ||
1121 | @item @emph{Ranges}. @code{--list-generations=2..9} prints the | |
1122 | specified generations and everything in between. Note that the start of | |
1123 | a range must be lesser than its end. | |
1124 | ||
1125 | It is also possible to omit the endpoint. For example, | |
1126 | @code{--list-generations=2..}, returns all generations starting from the | |
1127 | second one. | |
1128 | ||
1129 | @item @emph{Durations}. You can also get the last @emph{N}@tie{}days, weeks, | |
1130 | or months by passing an integer along with the first letter of the | |
d7ddb257 LC |
1131 | duration. For example, @code{--list-generations=20d} lists generations |
1132 | that are up to 20 days old. | |
f566d765 LC |
1133 | @end itemize |
1134 | ||
b7884ca3 NK |
1135 | @item --delete-generations[=@var{pattern}] |
1136 | @itemx -d [@var{pattern}] | |
d7ddb257 LC |
1137 | When @var{pattern} is omitted, delete all generations except the current |
1138 | one. | |
b7884ca3 NK |
1139 | |
1140 | This command accepts the same patterns as @option{--list-generations}. | |
d7ddb257 LC |
1141 | When @var{pattern} is specified, delete the matching generations. When |
1142 | @var{pattern} specifies a duration, generations @emph{older} than the | |
1143 | specified duration match. For instance, @code{--delete-generations=1m} | |
1144 | deletes generations that are more than one month old. | |
1145 | ||
391bdd8f LC |
1146 | If the current generation matches, it is @emph{not} deleted. Also, the |
1147 | zeroth generation is never deleted. | |
b7884ca3 | 1148 | |
1bb9900a LC |
1149 | Note that deleting generations prevents roll-back to them. |
1150 | Consequently, this command must be used with care. | |
1151 | ||
733b4130 | 1152 | @end table |
eeaf4427 | 1153 | |
70ee5642 LC |
1154 | Finally, since @command{guix package} may actually start build |
1155 | processes, it supports all the common build options that @command{guix | |
1156 | build} supports (@pxref{Invoking guix build, common build options}). | |
1157 | ||
457f60fa AK |
1158 | @include emacs.texi |
1159 | ||
c4202d60 LC |
1160 | @node Substitutes |
1161 | @section Substitutes | |
1162 | ||
1163 | @cindex substitutes | |
1164 | @cindex pre-built binaries | |
1165 | Guix supports transparent source/binary deployment, which means that it | |
1166 | can either build things locally, or download pre-built items from a | |
1167 | server. We call these pre-built items @dfn{substitutes}---they are | |
1168 | substitutes for local build results. In many cases, downloading a | |
1169 | substitute is much faster than building things locally. | |
1170 | ||
1171 | Substitutes can be anything resulting from a derivation build | |
1172 | (@pxref{Derivations}). Of course, in the common case, they are | |
1173 | pre-built package binaries, but source tarballs, for instance, which | |
1174 | also result from derivation builds, can be available as substitutes. | |
1175 | ||
1176 | The @code{hydra.gnu.org} server is a front-end to a build farm that | |
1177 | builds packages from the GNU distribution continuously for some | |
9176607e LC |
1178 | architectures, and makes them available as substitutes. This is the |
1179 | default source of substitutes; it can be overridden by passing | |
1180 | @command{guix-daemon} the @code{--substitute-urls} option | |
1181 | (@pxref{Invoking guix-daemon}). | |
c4202d60 LC |
1182 | |
1183 | @cindex security | |
1184 | @cindex digital signatures | |
1185 | To allow Guix to download substitutes from @code{hydra.gnu.org}, you | |
1186 | must add its public key to the access control list (ACL) of archive | |
1187 | imports, using the @command{guix archive} command (@pxref{Invoking guix | |
1188 | archive}). Doing so implies that you trust @code{hydra.gnu.org} to not | |
1189 | be compromised and to serve genuine substitutes. | |
1190 | ||
1191 | This public key is installed along with Guix, in | |
1192 | @code{@var{prefix}/share/guix/hydra.gnu.org.pub}, where @var{prefix} is | |
1193 | the installation prefix of Guix. If you installed Guix from source, | |
1194 | make sure you checked the GPG signature of | |
1195 | @file{guix-@value{VERSION}.tar.gz}, which contains this public key file. | |
1196 | Then, you can run something like this: | |
1197 | ||
1198 | @example | |
1199 | # guix archive --authorize < hydra.gnu.org.pub | |
1200 | @end example | |
1201 | ||
1202 | Once this is in place, the output of a command like @code{guix build} | |
1203 | should change from something like: | |
1204 | ||
1205 | @example | |
1206 | $ guix build emacs --dry-run | |
1207 | The following derivations would be built: | |
1208 | /gnu/store/yr7bnx8xwcayd6j95r2clmkdl1qh688w-emacs-24.3.drv | |
1209 | /gnu/store/x8qsh1hlhgjx6cwsjyvybnfv2i37z23w-dbus-1.6.4.tar.gz.drv | |
1210 | /gnu/store/1ixwp12fl950d15h2cj11c73733jay0z-alsa-lib-1.0.27.1.tar.bz2.drv | |
1211 | /gnu/store/nlma1pw0p603fpfiqy7kn4zm105r5dmw-util-linux-2.21.drv | |
1212 | @dots{} | |
1213 | @end example | |
1214 | ||
1215 | @noindent | |
1216 | to something like: | |
1217 | ||
1218 | @example | |
1219 | $ guix build emacs --dry-run | |
1220 | The following files would be downloaded: | |
1221 | /gnu/store/pk3n22lbq6ydamyymqkkz7i69wiwjiwi-emacs-24.3 | |
1222 | /gnu/store/2ygn4ncnhrpr61rssa6z0d9x22si0va3-libjpeg-8d | |
1223 | /gnu/store/71yz6lgx4dazma9dwn2mcjxaah9w77jq-cairo-1.12.16 | |
1224 | /gnu/store/7zdhgp0n1518lvfn8mb96sxqfmvqrl7v-libxrender-0.9.7 | |
1225 | @dots{} | |
1226 | @end example | |
1227 | ||
1228 | @noindent | |
1229 | This indicates that substitutes from @code{hydra.gnu.org} are usable and | |
1230 | will be downloaded, when possible, for future builds. | |
1231 | ||
1232 | Guix ignores substitutes that are not signed, or that are not signed by | |
ef27aa9c | 1233 | one of the keys listed in the ACL. It also detects and raises an error |
c4202d60 LC |
1234 | when attempting to use a substitute that has been tampered with. |
1235 | ||
1236 | The substitute mechanism can be disabled globally by running | |
1237 | @code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoking | |
1238 | guix-daemon}). It can also be disabled temporarily by passing the | |
1239 | @code{--no-substitutes} option to @command{guix package}, @command{guix | |
1240 | build}, and other command-line tools. | |
1241 | ||
1242 | ||
1243 | Today, each individual's control over their own computing is at the | |
1244 | mercy of institutions, corporations, and groups with enough power and | |
1245 | determination to subvert the computing infrastructure and exploit its | |
1246 | weaknesses. While using @code{hydra.gnu.org} substitutes can be | |
1247 | convenient, we encourage users to also build on their own, or even run | |
1248 | their own build farm, such that @code{hydra.gnu.org} is less of an | |
1249 | interesting target. | |
1250 | ||
1251 | Guix has the foundations to maximize build reproducibility | |
1252 | (@pxref{Features}). In most cases, independent builds of a given | |
1253 | package or derivation should yield bit-identical results. Thus, through | |
1254 | a diverse set of independent package builds, we can strengthen the | |
1255 | integrity of our systems. | |
1256 | ||
1257 | In the future, we want Guix to have support to publish and retrieve | |
1258 | binaries to/from other users, in a peer-to-peer fashion. If you would | |
1259 | like to discuss this project, join us on @email{guix-devel@@gnu.org}. | |
1260 | ||
1261 | ||
6e721c4d LC |
1262 | @node Packages with Multiple Outputs |
1263 | @section Packages with Multiple Outputs | |
1264 | ||
1265 | @cindex multiple-output packages | |
1266 | @cindex package outputs | |
1267 | ||
1268 | Often, packages defined in Guix have a single @dfn{output}---i.e., the | |
1269 | source package leads exactly one directory in the store. When running | |
1270 | @command{guix package -i glibc}, one installs the default output of the | |
1271 | GNU libc package; the default output is called @code{out}, but its name | |
1272 | can be omitted as shown in this command. In this particular case, the | |
1273 | default output of @code{glibc} contains all the C header files, shared | |
1274 | libraries, static libraries, Info documentation, and other supporting | |
1275 | files. | |
1276 | ||
1277 | Sometimes it is more appropriate to separate the various types of files | |
1278 | produced from a single source package into separate outputs. For | |
1279 | instance, the GLib C library (used by GTK+ and related packages) | |
1280 | installs more than 20 MiB of reference documentation as HTML pages. | |
1281 | To save space for users who do not need it, the documentation goes to a | |
1282 | separate output, called @code{doc}. To install the main GLib output, | |
1283 | which contains everything but the documentation, one would run: | |
1284 | ||
1285 | @example | |
1286 | guix package -i glib | |
1287 | @end example | |
1288 | ||
1289 | The command to install its documentation is: | |
1290 | ||
1291 | @example | |
1292 | guix package -i glib:doc | |
1293 | @end example | |
1294 | ||
1295 | Some packages install programs with different ``dependency footprints''. | |
1296 | For instance, the WordNet package install both command-line tools and | |
1297 | graphical user interfaces (GUIs). The former depend solely on the C | |
1298 | library, whereas the latter depend on Tcl/Tk and the underlying X | |
1299 | libraries. In this case, we leave the command-line tools in the default | |
1300 | output, whereas the GUIs are in a separate output. This allows users | |
1301 | who do not need the GUIs to save space. | |
1302 | ||
1303 | There are several such multiple-output packages in the GNU distribution. | |
91ef73d4 LC |
1304 | Other conventional output names include @code{lib} for libraries and |
1305 | possibly header files, @code{bin} for stand-alone programs, and | |
1306 | @code{debug} for debugging information (@pxref{Installing Debugging | |
1307 | Files}). The outputs of a packages are listed in the third column of | |
1308 | the output of @command{guix package --list-available} (@pxref{Invoking | |
1309 | guix package}). | |
6e721c4d | 1310 | |
eeaf4427 | 1311 | |
e49951eb MW |
1312 | @node Invoking guix gc |
1313 | @section Invoking @command{guix gc} | |
fe8ff028 LC |
1314 | |
1315 | @cindex garbage collector | |
1316 | Packages that are installed but not used may be @dfn{garbage-collected}. | |
e49951eb | 1317 | The @command{guix gc} command allows users to explicitly run the garbage |
c22eb992 LC |
1318 | collector to reclaim space from the @file{/gnu/store} directory. It is |
1319 | the @emph{only} way to remove files from @file{/gnu/store}---removing | |
1320 | files or directories manually may break it beyond repair! | |
fe8ff028 LC |
1321 | |
1322 | The garbage collector has a set of known @dfn{roots}: any file under | |
834129e0 | 1323 | @file{/gnu/store} reachable from a root is considered @dfn{live} and |
fe8ff028 LC |
1324 | cannot be deleted; any other file is considered @dfn{dead} and may be |
1325 | deleted. The set of garbage collector roots includes default user | |
e49951eb MW |
1326 | profiles, and may be augmented with @command{guix build --root}, for |
1327 | example (@pxref{Invoking guix build}). | |
fe8ff028 | 1328 | |
1bb9900a LC |
1329 | Prior to running @code{guix gc --collect-garbage} to make space, it is |
1330 | often useful to remove old generations from user profiles; that way, old | |
1331 | package builds referenced by those generations can be reclaimed. This | |
1332 | is achieved by running @code{guix package --delete-generations} | |
1333 | (@pxref{Invoking guix package}). | |
1334 | ||
e49951eb | 1335 | The @command{guix gc} command has three modes of operation: it can be |
fe8ff028 LC |
1336 | used to garbage-collect any dead files (the default), to delete specific |
1337 | files (the @code{--delete} option), or to print garbage-collector | |
1338 | information. The available options are listed below: | |
1339 | ||
1340 | @table @code | |
1341 | @item --collect-garbage[=@var{min}] | |
1342 | @itemx -C [@var{min}] | |
834129e0 | 1343 | Collect garbage---i.e., unreachable @file{/gnu/store} files and |
fe8ff028 LC |
1344 | sub-directories. This is the default operation when no option is |
1345 | specified. | |
1346 | ||
1347 | When @var{min} is given, stop once @var{min} bytes have been collected. | |
1348 | @var{min} may be a number of bytes, or it may include a unit as a | |
4a44d7bb LC |
1349 | suffix, such as @code{MiB} for mebibytes and @code{GB} for gigabytes |
1350 | (@pxref{Block size, size specifications,, coreutils, GNU Coreutils}). | |
fe8ff028 LC |
1351 | |
1352 | When @var{min} is omitted, collect all the garbage. | |
1353 | ||
1354 | @item --delete | |
1355 | @itemx -d | |
1356 | Attempt to delete all the store files and directories specified as | |
1357 | arguments. This fails if some of the files are not in the store, or if | |
1358 | they are still live. | |
1359 | ||
1360 | @item --list-dead | |
1361 | Show the list of dead files and directories still present in the | |
1362 | store---i.e., files and directories no longer reachable from any root. | |
1363 | ||
1364 | @item --list-live | |
1365 | Show the list of live store files and directories. | |
ba8b732d LC |
1366 | |
1367 | @end table | |
1368 | ||
1369 | In addition, the references among existing store files can be queried: | |
1370 | ||
1371 | @table @code | |
1372 | ||
1373 | @item --references | |
1374 | @itemx --referrers | |
1375 | List the references (respectively, the referrers) of store files given | |
1376 | as arguments. | |
1377 | ||
8e59fdd5 LC |
1378 | @item --requisites |
1379 | @itemx -R | |
1380 | List the requisites of the store files passed as arguments. Requisites | |
1381 | include the store files themselves, their references, and the references | |
1382 | of these, recursively. In other words, the returned list is the | |
1383 | @dfn{transitive closure} of the store files. | |
1384 | ||
fe8ff028 LC |
1385 | @end table |
1386 | ||
eeaf4427 | 1387 | |
f651b477 LC |
1388 | @node Invoking guix pull |
1389 | @section Invoking @command{guix pull} | |
1390 | ||
1391 | Packages are installed or upgraded to the latest version available in | |
1392 | the distribution currently available on your local machine. To update | |
1393 | that distribution, along with the Guix tools, you must run @command{guix | |
1394 | pull}: the command downloads the latest Guix source code and package | |
1395 | descriptions, and deploys it. | |
1396 | ||
1397 | On completion, @command{guix package} will use packages and package | |
1398 | versions from this just-retrieved copy of Guix. Not only that, but all | |
1399 | the Guix commands and Scheme modules will also be taken from that latest | |
1400 | version. New @command{guix} sub-commands added by the update also | |
1401 | become available. | |
1402 | ||
1403 | The @command{guix pull} command is usually invoked with no arguments, | |
1404 | but it supports the following options: | |
1405 | ||
1406 | @table @code | |
1407 | @item --verbose | |
1408 | Produce verbose output, writing build logs to the standard error output. | |
1409 | ||
ab5d72ad LC |
1410 | @item --url=@var{url} |
1411 | Download the source tarball of Guix from @var{url}. | |
1412 | ||
1413 | By default, the tarball is taken from its canonical address at | |
1414 | @code{gnu.org}, for the stable branch of Guix. | |
1415 | ||
f651b477 LC |
1416 | @item --bootstrap |
1417 | Use the bootstrap Guile to build the latest Guix. This option is only | |
1418 | useful to Guix developers. | |
1419 | @end table | |
1420 | ||
760c60d6 LC |
1421 | |
1422 | @node Invoking guix archive | |
1423 | @section Invoking @command{guix archive} | |
1424 | ||
1425 | The @command{guix archive} command allows users to @dfn{export} files | |
1426 | from the store into a single archive, and to later @dfn{import} them. | |
1427 | In particular, it allows store files to be transferred from one machine | |
1428 | to another machine's store. For example, to transfer the @code{emacs} | |
1429 | package to a machine connected over SSH, one would run: | |
1430 | ||
1431 | @example | |
56607088 | 1432 | guix archive --export -r emacs | ssh the-machine guix archive --import |
760c60d6 LC |
1433 | @end example |
1434 | ||
87236aed | 1435 | @noindent |
56607088 LC |
1436 | Similarly, a complete user profile may be transferred from one machine |
1437 | to another like this: | |
1438 | ||
1439 | @example | |
1440 | guix archive --export -r $(readlink -f ~/.guix-profile) | \ | |
1441 | ssh the-machine guix-archive --import | |
1442 | @end example | |
1443 | ||
1444 | @noindent | |
1445 | However, note that, in both examples, all of @code{emacs} and the | |
1446 | profile as well as all of their dependencies are transferred (due to | |
1447 | @code{-r}), regardless of what is already available in the target | |
1448 | machine's store. The @code{--missing} option can help figure out which | |
1449 | items are missing from the target's store. | |
87236aed | 1450 | |
760c60d6 | 1451 | Archives are stored in the ``Nix archive'' or ``Nar'' format, which is |
0dbd88db LC |
1452 | comparable in spirit to `tar', but with a few noteworthy differences |
1453 | that make it more appropriate for our purposes. First, rather than | |
1454 | recording all Unix meta-data for each file, the Nar format only mentions | |
1455 | the file type (regular, directory, or symbolic link); Unix permissions | |
1456 | and owner/group are dismissed. Second, the order in which directory | |
1457 | entries are stored always follows the order of file names according to | |
1458 | the C locale collation order. This makes archive production fully | |
1459 | deterministic. | |
1460 | ||
1461 | When exporting, the daemon digitally signs the contents of the archive, | |
1462 | and that digital signature is appended. When importing, the daemon | |
1463 | verifies the signature and rejects the import in case of an invalid | |
1464 | signature or if the signing key is not authorized. | |
760c60d6 LC |
1465 | @c FIXME: Add xref to daemon doc about signatures. |
1466 | ||
1467 | The main options are: | |
1468 | ||
1469 | @table @code | |
1470 | @item --export | |
1471 | Export the specified store files or packages (see below.) Write the | |
1472 | resulting archive to the standard output. | |
1473 | ||
56607088 LC |
1474 | Dependencies are @emph{not} included in the output, unless |
1475 | @code{--recursive} is passed. | |
1476 | ||
1477 | @item -r | |
1478 | @itemx --recursive | |
1479 | When combined with @code{--export}, this instructs @command{guix | |
1480 | archive} to include dependencies of the given items in the archive. | |
1481 | Thus, the resulting archive is self-contained: it contains the closure | |
1482 | of the exported store items. | |
1483 | ||
760c60d6 LC |
1484 | @item --import |
1485 | Read an archive from the standard input, and import the files listed | |
1486 | therein into the store. Abort if the archive has an invalid digital | |
f82cc5fd LC |
1487 | signature, or if it is signed by a public key not among the authorized |
1488 | keys (see @code{--authorize} below.) | |
554f26ec | 1489 | |
87236aed LC |
1490 | @item --missing |
1491 | Read a list of store file names from the standard input, one per line, | |
1492 | and write on the standard output the subset of these files missing from | |
1493 | the store. | |
1494 | ||
554f26ec | 1495 | @item --generate-key[=@var{parameters}] |
f82cc5fd | 1496 | @cindex signing, archives |
554f26ec LC |
1497 | Generate a new key pair for the daemons. This is a prerequisite before |
1498 | archives can be exported with @code{--export}. Note that this operation | |
1499 | usually takes time, because it needs to gather enough entropy to | |
1500 | generate the key pair. | |
1501 | ||
1502 | The generated key pair is typically stored under @file{/etc/guix}, in | |
1503 | @file{signing-key.pub} (public key) and @file{signing-key.sec} (private | |
867d8473 LC |
1504 | key, which must be kept secret.) When @var{parameters} is omitted, |
1505 | an ECDSA key using the Ed25519 curve is generated, or, for Libgcrypt | |
1506 | versions before 1.6.0, it is a 4096-bit RSA key. | |
1507 | Alternately, @var{parameters} can specify | |
554f26ec LC |
1508 | @code{genkey} parameters suitable for Libgcrypt (@pxref{General |
1509 | public-key related Functions, @code{gcry_pk_genkey},, gcrypt, The | |
1510 | Libgcrypt Reference Manual}). | |
f82cc5fd LC |
1511 | |
1512 | @item --authorize | |
1513 | @cindex authorizing, archives | |
1514 | Authorize imports signed by the public key passed on standard input. | |
1515 | The public key must be in ``s-expression advanced format''---i.e., the | |
1516 | same format as the @file{signing-key.pub} file. | |
1517 | ||
1518 | The list of authorized keys is kept in the human-editable file | |
1519 | @file{/etc/guix/acl}. The file contains | |
1520 | @url{http://people.csail.mit.edu/rivest/Sexp.txt, ``advanced-format | |
1521 | s-expressions''} and is structured as an access-control list in the | |
1522 | @url{http://theworld.com/~cme/spki.txt, Simple Public-Key Infrastructure | |
1523 | (SPKI)}. | |
760c60d6 LC |
1524 | @end table |
1525 | ||
1526 | To export store files as an archive to the standard output, run: | |
1527 | ||
1528 | @example | |
1529 | guix archive --export @var{options} @var{specifications}... | |
1530 | @end example | |
1531 | ||
1532 | @var{specifications} may be either store file names or package | |
1533 | specifications, as for @command{guix package} (@pxref{Invoking guix | |
1534 | package}). For instance, the following command creates an archive | |
1535 | containing the @code{gui} output of the @code{git} package and the main | |
1536 | output of @code{emacs}: | |
1537 | ||
1538 | @example | |
834129e0 | 1539 | guix archive --export git:gui /gnu/store/...-emacs-24.3 > great.nar |
760c60d6 LC |
1540 | @end example |
1541 | ||
1542 | If the specified packages are not built yet, @command{guix archive} | |
1543 | automatically builds them. The build process may be controlled with the | |
1544 | same options that can be passed to the @command{guix build} command | |
70ee5642 | 1545 | (@pxref{Invoking guix build, common build options}). |
760c60d6 LC |
1546 | |
1547 | ||
568717fd LC |
1548 | @c ********************************************************************* |
1549 | @node Programming Interface | |
1550 | @chapter Programming Interface | |
1551 | ||
3dc1970d LC |
1552 | GNU Guix provides several Scheme programming interfaces (APIs) to |
1553 | define, build, and query packages. The first interface allows users to | |
1554 | write high-level package definitions. These definitions refer to | |
1555 | familiar packaging concepts, such as the name and version of a package, | |
1556 | its build system, and its dependencies. These definitions can then be | |
1557 | turned into concrete build actions. | |
1558 | ||
ba55b1cb | 1559 | Build actions are performed by the Guix daemon, on behalf of users. In a |
3dc1970d | 1560 | standard setup, the daemon has write access to the store---the |
834129e0 | 1561 | @file{/gnu/store} directory---whereas users do not. The recommended |
3dc1970d LC |
1562 | setup also has the daemon perform builds in chroots, under a specific |
1563 | build users, to minimize interference with the rest of the system. | |
1564 | ||
1565 | @cindex derivation | |
1566 | Lower-level APIs are available to interact with the daemon and the | |
1567 | store. To instruct the daemon to perform a build action, users actually | |
1568 | provide it with a @dfn{derivation}. A derivation is a low-level | |
1569 | representation of the build actions to be taken, and the environment in | |
1570 | which they should occur---derivations are to package definitions what | |
49ad317a LC |
1571 | assembly is to C programs. The term ``derivation'' comes from the fact |
1572 | that build results @emph{derive} from them. | |
3dc1970d LC |
1573 | |
1574 | This chapter describes all these APIs in turn, starting from high-level | |
1575 | package definitions. | |
1576 | ||
568717fd | 1577 | @menu |
b860f382 | 1578 | * Defining Packages:: Defining new packages. |
7458bd0a | 1579 | * Build Systems:: Specifying how packages are built. |
b860f382 LC |
1580 | * The Store:: Manipulating the package store. |
1581 | * Derivations:: Low-level interface to package derivations. | |
1582 | * The Store Monad:: Purely functional interface to the store. | |
21b679f6 | 1583 | * G-Expressions:: Manipulating build expressions. |
568717fd LC |
1584 | @end menu |
1585 | ||
1586 | @node Defining Packages | |
1587 | @section Defining Packages | |
1588 | ||
3dc1970d LC |
1589 | The high-level interface to package definitions is implemented in the |
1590 | @code{(guix packages)} and @code{(guix build-system)} modules. As an | |
1591 | example, the package definition, or @dfn{recipe}, for the GNU Hello | |
1592 | package looks like this: | |
1593 | ||
1594 | @example | |
e7f34eb0 LC |
1595 | (define-module (gnu packages hello) |
1596 | #:use-module (guix packages) | |
1597 | #:use-module (guix download) | |
1598 | #:use-module (guix build-system gnu) | |
1599 | #:use-module (guix licenses)) | |
b22a12fd | 1600 | |
79f5dd59 | 1601 | (define-public hello |
3dc1970d LC |
1602 | (package |
1603 | (name "hello") | |
1604 | (version "2.8") | |
1605 | (source (origin | |
1606 | (method url-fetch) | |
1607 | (uri (string-append "mirror://gnu/hello/hello-" version | |
1608 | ".tar.gz")) | |
1609 | (sha256 | |
1610 | (base32 "0wqd8sjmxfskrflaxywc7gqw7sfawrfvdxd9skxawzfgyy0pzdz6")))) | |
1611 | (build-system gnu-build-system) | |
7458bd0a | 1612 | (arguments `(#:configure-flags '("--enable-silent-rules"))) |
3dc1970d | 1613 | (inputs `(("gawk" ,gawk))) |
7458bd0a LC |
1614 | (synopsis "Hello, GNU world: An example GNU package") |
1615 | (description "Guess what GNU Hello prints!") | |
3dc1970d | 1616 | (home-page "http://www.gnu.org/software/hello/") |
b22a12fd | 1617 | (license gpl3+))) |
3dc1970d LC |
1618 | @end example |
1619 | ||
1620 | @noindent | |
1621 | Without being a Scheme expert, the reader may have guessed the meaning | |
e7f34eb0 | 1622 | of the various fields here. This expression binds variable @code{hello} |
3dc1970d LC |
1623 | to a @code{<package>} object, which is essentially a record |
1624 | (@pxref{SRFI-9, Scheme records,, guile, GNU Guile Reference Manual}). | |
1625 | This package object can be inspected using procedures found in the | |
1626 | @code{(guix packages)} module; for instance, @code{(package-name hello)} | |
1627 | returns---surprise!---@code{"hello"}. | |
1628 | ||
2f7d2d91 LC |
1629 | With luck, you may be able to import part or all of the definition of |
1630 | the package you are interested in from another repository, using the | |
1631 | @code{guix import} command (@pxref{Invoking guix import}). | |
1632 | ||
e7f34eb0 LC |
1633 | In the example above, @var{hello} is defined into a module of its own, |
1634 | @code{(gnu packages hello)}. Technically, this is not strictly | |
1635 | necessary, but it is convenient to do so: all the packages defined in | |
1636 | modules under @code{(gnu packages @dots{})} are automatically known to | |
1637 | the command-line tools (@pxref{Package Modules}). | |
1638 | ||
3dc1970d LC |
1639 | There are a few points worth noting in the above package definition: |
1640 | ||
1641 | @itemize | |
1642 | @item | |
1643 | The @code{source} field of the package is an @code{<origin>} object. | |
1644 | Here, the @code{url-fetch} method from @code{(guix download)} is used, | |
1645 | meaning that the source is a file to be downloaded over FTP or HTTP. | |
1646 | ||
1647 | The @code{mirror://gnu} prefix instructs @code{url-fetch} to use one of | |
1648 | the GNU mirrors defined in @code{(guix download)}. | |
1649 | ||
1650 | The @code{sha256} field specifies the expected SHA256 hash of the file | |
1651 | being downloaded. It is mandatory, and allows Guix to check the | |
1652 | integrity of the file. The @code{(base32 @dots{})} form introduces the | |
6c365eca | 1653 | base32 representation of the hash. You can obtain this information with |
210cc920 LC |
1654 | @code{guix download} (@pxref{Invoking guix download}) and @code{guix |
1655 | hash} (@pxref{Invoking guix hash}). | |
3dc1970d | 1656 | |
f9cc8971 LC |
1657 | @cindex patches |
1658 | When needed, the @code{origin} form can also have a @code{patches} field | |
1659 | listing patches to be applied, and a @code{snippet} field giving a | |
1660 | Scheme expression to modify the source code. | |
1661 | ||
3dc1970d LC |
1662 | @item |
1663 | @cindex GNU Build System | |
7458bd0a LC |
1664 | The @code{build-system} field specifies the procedure to build the |
1665 | package (@pxref{Build Systems}). Here, @var{gnu-build-system} | |
1666 | represents the familiar GNU Build System, where packages may be | |
1667 | configured, built, and installed with the usual @code{./configure && | |
1668 | make && make check && make install} command sequence. | |
1669 | ||
1670 | @item | |
1671 | The @code{arguments} field specifies options for the build system | |
1672 | (@pxref{Build Systems}). Here it is interpreted by | |
1673 | @var{gnu-build-system} as a request run @file{configure} with the | |
1674 | @code{--enable-silent-rules} flag. | |
3dc1970d LC |
1675 | |
1676 | @item | |
1677 | The @code{inputs} field specifies inputs to the build process---i.e., | |
1678 | build-time or run-time dependencies of the package. Here, we define an | |
1679 | input called @code{"gawk"} whose value is that of the @var{gawk} | |
1680 | variable; @var{gawk} is itself bound to a @code{<package>} object. | |
1681 | ||
1682 | Note that GCC, Coreutils, Bash, and other essential tools do not need to | |
1683 | be specified as inputs here. Instead, @var{gnu-build-system} takes care | |
7458bd0a | 1684 | of ensuring that they are present (@pxref{Build Systems}). |
3dc1970d LC |
1685 | |
1686 | However, any other dependencies need to be specified in the | |
1687 | @code{inputs} field. Any dependency not specified here will simply be | |
1688 | unavailable to the build process, possibly leading to a build failure. | |
1689 | @end itemize | |
1690 | ||
2f7d2d91 | 1691 | Once a package definition is in place, the |
e49951eb | 1692 | package may actually be built using the @code{guix build} command-line |
7458bd0a | 1693 | tool (@pxref{Invoking guix build}). @xref{Packaging Guidelines}, for |
b4f5e0e8 CR |
1694 | more information on how to test package definitions, and |
1695 | @ref{Invoking guix lint}, for information on how to check a definition | |
1696 | for style conformance. | |
1697 | ||
7458bd0a LC |
1698 | Eventually, updating the package definition to a new upstream version |
1699 | can be partly automated by the @command{guix refresh} command | |
1700 | (@pxref{Invoking guix refresh}). | |
3dc1970d LC |
1701 | |
1702 | Behind the scenes, a derivation corresponding to the @code{<package>} | |
1703 | object is first computed by the @code{package-derivation} procedure. | |
834129e0 | 1704 | That derivation is stored in a @code{.drv} file under @file{/gnu/store}. |
ba55b1cb | 1705 | The build actions it prescribes may then be realized by using the |
3dc1970d LC |
1706 | @code{build-derivations} procedure (@pxref{The Store}). |
1707 | ||
1708 | @deffn {Scheme Procedure} package-derivation @var{store} @var{package} [@var{system}] | |
59688fc4 LC |
1709 | Return the @code{<derivation>} object of @var{package} for @var{system} |
1710 | (@pxref{Derivations}). | |
3dc1970d LC |
1711 | |
1712 | @var{package} must be a valid @code{<package>} object, and @var{system} | |
1713 | must be a string denoting the target system type---e.g., | |
1714 | @code{"x86_64-linux"} for an x86_64 Linux-based GNU system. @var{store} | |
1715 | must be a connection to the daemon, which operates on the store | |
1716 | (@pxref{The Store}). | |
1717 | @end deffn | |
568717fd | 1718 | |
9c1edabd LC |
1719 | @noindent |
1720 | @cindex cross-compilation | |
1721 | Similarly, it is possible to compute a derivation that cross-builds a | |
1722 | package for some other system: | |
1723 | ||
1724 | @deffn {Scheme Procedure} package-cross-derivation @var{store} @ | |
1725 | @var{package} @var{target} [@var{system}] | |
59688fc4 LC |
1726 | Return the @code{<derivation>} object of @var{package} cross-built from |
1727 | @var{system} to @var{target}. | |
9c1edabd LC |
1728 | |
1729 | @var{target} must be a valid GNU triplet denoting the target hardware | |
1730 | and operating system, such as @code{"mips64el-linux-gnu"} | |
1731 | (@pxref{Configuration Names, GNU configuration triplets,, configure, GNU | |
1732 | Configure and Build System}). | |
1733 | @end deffn | |
1734 | ||
1735 | ||
7458bd0a LC |
1736 | @node Build Systems |
1737 | @section Build Systems | |
1738 | ||
1739 | @cindex build system | |
1740 | Each package definition specifies a @dfn{build system} and arguments for | |
1741 | that build system (@pxref{Defining Packages}). This @code{build-system} | |
1742 | field represents the build procedure of the package, as well implicit | |
1743 | dependencies of that build procedure. | |
1744 | ||
1745 | Build systems are @code{<build-system>} objects. The interface to | |
1746 | create and manipulate them is provided by the @code{(guix build-system)} | |
1747 | module, and actual build systems are exported by specific modules. | |
1748 | ||
f5fd4fd2 | 1749 | @cindex bag (low-level package representation) |
0d5a559f LC |
1750 | Under the hood, build systems first compile package objects to |
1751 | @dfn{bags}. A @dfn{bag} is like a package, but with less | |
1752 | ornamentation---in other words, a bag is a lower-level representation of | |
1753 | a package, which includes all the inputs of that package, including some | |
1754 | that were implicitly added by the build system. This intermediate | |
1755 | representation is then compiled to a derivation (@pxref{Derivations}). | |
1756 | ||
7458bd0a LC |
1757 | Build systems accept an optional list of @dfn{arguments}. In package |
1758 | definitions, these are passed @i{via} the @code{arguments} field | |
1759 | (@pxref{Defining Packages}). They are typically keyword arguments | |
1760 | (@pxref{Optional Arguments, keyword arguments in Guile,, guile, GNU | |
1761 | Guile Reference Manual}). The value of these arguments is usually | |
1762 | evaluated in the @dfn{build stratum}---i.e., by a Guile process launched | |
1763 | by the daemon (@pxref{Derivations}). | |
1764 | ||
1765 | The main build system is @var{gnu-build-system}, which implements the | |
1766 | standard build procedure for GNU packages and many other packages. It | |
1767 | is provided by the @code{(guix build-system gnu)} module. | |
1768 | ||
1769 | @defvr {Scheme Variable} gnu-build-system | |
1770 | @var{gnu-build-system} represents the GNU Build System, and variants | |
1771 | thereof (@pxref{Configuration, configuration and makefile conventions,, | |
1772 | standards, GNU Coding Standards}). | |
1773 | ||
1774 | @cindex build phases | |
1775 | In a nutshell, packages using it configured, built, and installed with | |
1776 | the usual @code{./configure && make && make check && make install} | |
1777 | command sequence. In practice, a few additional steps are often needed. | |
1778 | All these steps are split up in separate @dfn{phases}, | |
1779 | notably@footnote{Please see the @code{(guix build gnu-build-system)} | |
1780 | modules for more details about the build phases.}: | |
1781 | ||
1782 | @table @code | |
1783 | @item unpack | |
1784 | Unpack the source tarball, and change the current directory to the | |
1785 | extracted source tree. If the source is actually a directory, copy it | |
1786 | to the build tree, and enter that directory. | |
1787 | ||
1788 | @item patch-source-shebangs | |
1789 | Patch shebangs encountered in source files so they refer to the right | |
1790 | store file names. For instance, this changes @code{#!/bin/sh} to | |
1791 | @code{#!/gnu/store/@dots{}-bash-4.3/bin/sh}. | |
1792 | ||
1793 | @item configure | |
1794 | Run the @file{configure} script with a number of default options, such | |
1795 | as @code{--prefix=/gnu/store/@dots{}}, as well as the options specified | |
1796 | by the @code{#:configure-flags} argument. | |
1797 | ||
1798 | @item build | |
1799 | Run @code{make} with the list of flags specified with | |
1800 | @code{#:make-flags}. If the @code{#:parallel-builds?} argument is true | |
1801 | (the default), build with @code{make -j}. | |
1802 | ||
1803 | @item check | |
1804 | Run @code{make check}, or some other target specified with | |
1805 | @code{#:test-target}, unless @code{#:tests? #f} is passed. If the | |
1806 | @code{#:parallel-tests?} argument is true (the default), run @code{make | |
1807 | check -j}. | |
1808 | ||
1809 | @item install | |
1810 | Run @code{make install} with the flags listed in @code{#:make-flags}. | |
1811 | ||
1812 | @item patch-shebangs | |
1813 | Patch shebangs on the installed executable files. | |
1814 | ||
1815 | @item strip | |
1816 | Strip debugging symbols from ELF files (unless @code{#:strip-binaries?} | |
1817 | is false), copying them to the @code{debug} output when available | |
1818 | (@pxref{Installing Debugging Files}). | |
1819 | @end table | |
1820 | ||
1821 | @vindex %standard-phases | |
1822 | The build-side module @code{(guix build gnu-build-system)} defines | |
1823 | @var{%standard-phases} as the default list of build phases. | |
1824 | @var{%standard-phases} is a list of symbol/procedure pairs, where the | |
1825 | procedure implements the actual phase. | |
1826 | ||
1827 | The list of phases used for a particular package can be changed with the | |
1828 | @code{#:phases} parameter. For instance, passing: | |
1829 | ||
1830 | @example | |
1831 | #:phases (alist-delete 'configure %standard-phases) | |
1832 | @end example | |
1833 | ||
9bf404e9 | 1834 | means that all the phases described above will be used, except the |
7458bd0a LC |
1835 | @code{configure} phase. |
1836 | ||
1837 | In addition, this build system ensures that the ``standard'' environment | |
1838 | for GNU packages is available. This includes tools such as GCC, libc, | |
1839 | Coreutils, Bash, Make, Diffutils, grep, and sed (see the @code{(guix | |
1840 | build-system gnu)} module for a complete list.) We call these the | |
1841 | @dfn{implicit inputs} of a package, because package definitions don't | |
1842 | have to mention them. | |
1843 | @end defvr | |
1844 | ||
1845 | Other @code{<build-system>} objects are defined to support other | |
1846 | conventions and tools used by free software packages. They inherit most | |
1847 | of @var{gnu-build-system}, and differ mainly in the set of inputs | |
1848 | implicitly added to the build process, and in the list of phases | |
1849 | executed. Some of these build systems are listed below. | |
1850 | ||
1851 | @defvr {Scheme Variable} cmake-build-system | |
1852 | This variable is exported by @code{(guix build-system cmake)}. It | |
1853 | implements the build procedure for packages using the | |
1854 | @url{http://www.cmake.org, CMake build tool}. | |
1855 | ||
1856 | It automatically adds the @code{cmake} package to the set of inputs. | |
1857 | Which package is used can be specified with the @code{#:cmake} | |
1858 | parameter. | |
9849cfc1 LC |
1859 | |
1860 | The @code{#:configure-flags} parameter is taken as a list of flags | |
1861 | passed to the @command{cmake} command. The @code{#:build-type} | |
1862 | parameter specifies in abstract terms the flags passed to the compiler; | |
1863 | it defaults to @code{"RelWithDebInfo"} (short for ``release mode with | |
1864 | debugging information''), which roughly means that code is compiled with | |
1865 | @code{-O2 -g}, as is the case for Autoconf-based packages by default. | |
7458bd0a LC |
1866 | @end defvr |
1867 | ||
3afcf52b FB |
1868 | @defvr {Scheme Variable} glib-or-gtk-build-system |
1869 | This variable is exported by @code{(guix build-system glib-or-gtk)}. It | |
1870 | is intended for use with packages making use of GLib or GTK+. | |
1871 | ||
1872 | This build system adds the following two phases to the ones defined by | |
1873 | @var{gnu-build-system}: | |
1874 | ||
1875 | @table @code | |
1876 | @item glib-or-gtk-wrap | |
1877 | The phase @code{glib-or-gtk-wrap} ensures that programs found under | |
1878 | @file{bin/} are able to find GLib's ``schemas'' and | |
1879 | @uref{https://developer.gnome.org/gtk3/stable/gtk-running.html, GTK+ | |
1880 | modules}. This is achieved by wrapping the programs in launch scripts | |
1881 | that appropriately set the @code{XDG_DATA_DIRS} and @code{GTK_PATH} | |
1882 | environment variables. | |
1883 | ||
73aa8ddb LC |
1884 | It is possible to exclude specific package outputs from that wrapping |
1885 | process by listing their names in the | |
1886 | @code{#:glib-or-gtk-wrap-excluded-outputs} parameter. This is useful | |
1887 | when an output is known not to contain any GLib or GTK+ binaries, and | |
1888 | where wrapping would gratuitously add a dependency of that output on | |
1889 | GLib and GTK+. | |
1890 | ||
3afcf52b FB |
1891 | @item glib-or-gtk-compile-schemas |
1892 | The phase @code{glib-or-gtk-compile-schemas} makes sure that all GLib's | |
1893 | @uref{https://developer.gnome.org/gio/stable/glib-compile-schemas.html, | |
1894 | GSettings schemas} are compiled. Compilation is performed by the | |
1895 | @command{glib-compile-schemas} program. It is provided by the package | |
1896 | @code{glib:bin} which is automatically imported by the build system. | |
1897 | The @code{glib} package providing @command{glib-compile-schemas} can be | |
1898 | specified with the @code{#:glib} parameter. | |
1899 | @end table | |
1900 | ||
1901 | Both phases are executed after the @code{install} phase. | |
1902 | @end defvr | |
1903 | ||
7458bd0a LC |
1904 | @defvr {Scheme Variable} python-build-system |
1905 | This variable is exported by @code{(guix build-system python)}. It | |
1906 | implements the more or less standard build procedure used by Python | |
1907 | packages, which consists in running @code{python setup.py build} and | |
1908 | then @code{python setup.py install --prefix=/gnu/store/@dots{}}. | |
1909 | ||
1910 | For packages that install stand-alone Python programs under @code{bin/}, | |
1911 | it takes care of wrapping these programs so their @code{PYTHONPATH} | |
1912 | environment variable points to all the Python libraries they depend on. | |
1913 | ||
1914 | Which Python package is used can be specified with the @code{#:python} | |
1915 | parameter. | |
1916 | @end defvr | |
1917 | ||
1918 | @defvr {Scheme Variable} perl-build-system | |
1919 | This variable is exported by @code{(guix build-system perl)}. It | |
2d2a53fc EB |
1920 | implements the standard build procedure for Perl packages, which either |
1921 | consists in running @code{perl Build.PL --prefix=/gnu/store/@dots{}}, | |
1922 | followed by @code{Build} and @code{Build install}; or in running | |
1923 | @code{perl Makefile.PL PREFIX=/gnu/store/@dots{}}, followed by | |
1924 | @code{make} and @code{make install}; depending on which of | |
1925 | @code{Build.PL} or @code{Makefile.PL} is present in the package | |
1926 | distribution. Preference is given to the former if both @code{Build.PL} | |
1927 | and @code{Makefile.PL} exist in the package distribution. This | |
1928 | preference can be reversed by specifying @code{#t} for the | |
1929 | @code{#:make-maker?} parameter. | |
1930 | ||
1931 | The initial @code{perl Makefile.PL} or @code{perl Build.PL} invocation | |
1932 | passes flags specified by the @code{#:make-maker-flags} or | |
1933 | @code{#:module-build-flags} parameter, respectively. | |
7458bd0a LC |
1934 | |
1935 | Which Perl package is used can be specified with @code{#:perl}. | |
1936 | @end defvr | |
1937 | ||
c08f9818 DT |
1938 | @defvr {Scheme Variable} ruby-build-system |
1939 | This variable is exported by @code{(guix build-system ruby)}. It | |
1940 | implements the RubyGems build procedure used by Ruby packages, which | |
1941 | involves running @code{gem build} followed by @code{gem install}. | |
1942 | ||
1943 | Which Ruby package is used can be specified with the @code{#:ruby} | |
1944 | parameter. | |
1945 | @end defvr | |
7458bd0a | 1946 | |
a677c726 RW |
1947 | @defvr {Scheme Variable} waf-build-system |
1948 | This variable is exported by @code{(guix build-system waf)}. It | |
1949 | implements a build procedure around the @code{waf} script. The common | |
1950 | phases---@code{configure}, @code{build}, and @code{install}---are | |
1951 | implemented by passing their names as arguments to the @code{waf} | |
1952 | script. | |
1953 | ||
1954 | The @code{waf} script is executed by the Python interpreter. Which | |
1955 | Python package is used to run the script can be specified with the | |
1956 | @code{#:python} parameter. | |
1957 | @end defvr | |
1958 | ||
14dfdf2e FB |
1959 | @defvr {Scheme Variable} haskell-build-system |
1960 | This variable is exported by @code{(guix build-system haskell)}. It | |
1961 | implements the Cabal build procedure used by Haskell packages, which | |
1962 | involves running @code{runhaskell Setup.hs configure | |
1963 | --prefix=/gnu/store/@dots{}} and @code{runhaskell Setup.hs build}. | |
1964 | Instead of installing the package by running @code{runhaskell Setup.hs | |
1965 | install}, to avoid trying to register libraries in the read-only | |
1966 | compiler store directory, the build system uses @code{runhaskell | |
1967 | Setup.hs copy}, followed by @code{runhaskell Setup.hs register}. In | |
1968 | addition, the build system generates the package documentation by | |
1969 | running @code{runhaskell Setup.hs haddock}, unless @code{#:haddock? #f} | |
1970 | is passed. Optional Haddock parameters can be passed with the help of | |
1971 | the @code{#:haddock-flags} parameter. If the file @code{Setup.hs} is | |
1972 | not found, the build system looks for @code{Setup.lhs} instead. | |
1973 | ||
1974 | Which Haskell compiler is used can be specified with the @code{#:haskell} | |
1975 | parameter which defaults to @code{ghc}. | |
1976 | @end defvr | |
1977 | ||
7458bd0a LC |
1978 | Lastly, for packages that do not need anything as sophisticated, a |
1979 | ``trivial'' build system is provided. It is trivial in the sense that | |
1980 | it provides basically no support: it does not pull any implicit inputs, | |
1981 | and does not have a notion of build phases. | |
1982 | ||
1983 | @defvr {Scheme Variable} trivial-build-system | |
1984 | This variable is exported by @code{(guix build-system trivial)}. | |
1985 | ||
1986 | This build system requires a @code{#:builder} argument. This argument | |
1987 | must be a Scheme expression that builds the package's output(s)---as | |
1988 | with @code{build-expression->derivation} (@pxref{Derivations, | |
1989 | @code{build-expression->derivation}}). | |
1990 | @end defvr | |
1991 | ||
568717fd LC |
1992 | @node The Store |
1993 | @section The Store | |
1994 | ||
e531ac2a LC |
1995 | @cindex store |
1996 | @cindex store paths | |
1997 | ||
1998 | Conceptually, the @dfn{store} is where derivations that have been | |
834129e0 | 1999 | successfully built are stored---by default, under @file{/gnu/store}. |
e531ac2a LC |
2000 | Sub-directories in the store are referred to as @dfn{store paths}. The |
2001 | store has an associated database that contains information such has the | |
2002 | store paths referred to by each store path, and the list of @emph{valid} | |
2003 | store paths---paths that result from a successful build. | |
2004 | ||
2005 | The store is always accessed by the daemon on behalf of its clients | |
2006 | (@pxref{Invoking guix-daemon}). To manipulate the store, clients | |
2007 | connect to the daemon over a Unix-domain socket, send it requests, and | |
2008 | read the result---these are remote procedure calls, or RPCs. | |
2009 | ||
2010 | The @code{(guix store)} module provides procedures to connect to the | |
2011 | daemon, and to perform RPCs. These are described below. | |
2012 | ||
2013 | @deffn {Scheme Procedure} open-connection [@var{file}] [#:reserve-space? #t] | |
2014 | Connect to the daemon over the Unix-domain socket at @var{file}. When | |
2015 | @var{reserve-space?} is true, instruct it to reserve a little bit of | |
2016 | extra space on the file system so that the garbage collector can still | |
2017 | operate, should the disk become full. Return a server object. | |
2018 | ||
2019 | @var{file} defaults to @var{%default-socket-path}, which is the normal | |
2020 | location given the options that were passed to @command{configure}. | |
2021 | @end deffn | |
2022 | ||
2023 | @deffn {Scheme Procedure} close-connection @var{server} | |
2024 | Close the connection to @var{server}. | |
2025 | @end deffn | |
2026 | ||
2027 | @defvr {Scheme Variable} current-build-output-port | |
2028 | This variable is bound to a SRFI-39 parameter, which refers to the port | |
2029 | where build and error logs sent by the daemon should be written. | |
2030 | @end defvr | |
2031 | ||
2032 | Procedures that make RPCs all take a server object as their first | |
2033 | argument. | |
2034 | ||
2035 | @deffn {Scheme Procedure} valid-path? @var{server} @var{path} | |
2036 | Return @code{#t} when @var{path} is a valid store path. | |
2037 | @end deffn | |
2038 | ||
cfbf9160 | 2039 | @deffn {Scheme Procedure} add-text-to-store @var{server} @var{name} @var{text} [@var{references}] |
e531ac2a LC |
2040 | Add @var{text} under file @var{name} in the store, and return its store |
2041 | path. @var{references} is the list of store paths referred to by the | |
2042 | resulting store path. | |
2043 | @end deffn | |
2044 | ||
874e6874 | 2045 | @deffn {Scheme Procedure} build-derivations @var{server} @var{derivations} |
59688fc4 LC |
2046 | Build @var{derivations} (a list of @code{<derivation>} objects or |
2047 | derivation paths), and return when the worker is done building them. | |
2048 | Return @code{#t} on success. | |
874e6874 LC |
2049 | @end deffn |
2050 | ||
b860f382 LC |
2051 | Note that the @code{(guix monads)} module provides a monad as well as |
2052 | monadic versions of the above procedures, with the goal of making it | |
2053 | more convenient to work with code that accesses the store (@pxref{The | |
2054 | Store Monad}). | |
2055 | ||
e531ac2a LC |
2056 | @c FIXME |
2057 | @i{This section is currently incomplete.} | |
568717fd LC |
2058 | |
2059 | @node Derivations | |
2060 | @section Derivations | |
2061 | ||
874e6874 LC |
2062 | @cindex derivations |
2063 | Low-level build actions and the environment in which they are performed | |
2064 | are represented by @dfn{derivations}. A derivation contain the | |
2065 | following pieces of information: | |
2066 | ||
2067 | @itemize | |
2068 | @item | |
2069 | The outputs of the derivation---derivations produce at least one file or | |
2070 | directory in the store, but may produce more. | |
2071 | ||
2072 | @item | |
2073 | The inputs of the derivations, which may be other derivations or plain | |
2074 | files in the store (patches, build scripts, etc.) | |
2075 | ||
2076 | @item | |
2077 | The system type targeted by the derivation---e.g., @code{x86_64-linux}. | |
2078 | ||
2079 | @item | |
2080 | The file name of a build script in the store, along with the arguments | |
2081 | to be passed. | |
2082 | ||
2083 | @item | |
2084 | A list of environment variables to be defined. | |
2085 | ||
2086 | @end itemize | |
2087 | ||
2088 | @cindex derivation path | |
2089 | Derivations allow clients of the daemon to communicate build actions to | |
2090 | the store. They exist in two forms: as an in-memory representation, | |
2091 | both on the client- and daemon-side, and as files in the store whose | |
2092 | name end in @code{.drv}---these files are referred to as @dfn{derivation | |
2093 | paths}. Derivations paths can be passed to the @code{build-derivations} | |
2094 | procedure to perform the build actions they prescribe (@pxref{The | |
2095 | Store}). | |
2096 | ||
2097 | The @code{(guix derivations)} module provides a representation of | |
2098 | derivations as Scheme objects, along with procedures to create and | |
2099 | otherwise manipulate derivations. The lowest-level primitive to create | |
2100 | a derivation is the @code{derivation} procedure: | |
2101 | ||
1909431c LC |
2102 | @deffn {Scheme Procedure} derivation @var{store} @var{name} @var{builder} @ |
2103 | @var{args} [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
2096ef47 | 2104 | [#:recursive? #f] [#:inputs '()] [#:env-vars '()] @ |
1909431c | 2105 | [#:system (%current-system)] [#:references-graphs #f] @ |
b53be755 | 2106 | [#:allowed-references #f] [#:local-build? #f] |
59688fc4 LC |
2107 | Build a derivation with the given arguments, and return the resulting |
2108 | @code{<derivation>} object. | |
874e6874 | 2109 | |
2096ef47 | 2110 | When @var{hash} and @var{hash-algo} are given, a |
874e6874 | 2111 | @dfn{fixed-output derivation} is created---i.e., one whose result is |
36bbbbd1 LC |
2112 | known in advance, such as a file download. If, in addition, |
2113 | @var{recursive?} is true, then that fixed output may be an executable | |
2114 | file or a directory and @var{hash} must be the hash of an archive | |
2115 | containing this output. | |
5b0c9d16 | 2116 | |
858e9282 | 2117 | When @var{references-graphs} is true, it must be a list of file |
5b0c9d16 LC |
2118 | name/store path pairs. In that case, the reference graph of each store |
2119 | path is exported in the build environment in the corresponding file, in | |
2120 | a simple text format. | |
1909431c | 2121 | |
b53be755 LC |
2122 | When @var{allowed-references} is true, it must be a list of store items |
2123 | or outputs that the derivation's output may refer to. | |
2124 | ||
1909431c LC |
2125 | When @var{local-build?} is true, declare that the derivation is not a |
2126 | good candidate for offloading and should rather be built locally | |
2127 | (@pxref{Daemon Offload Setup}). This is the case for small derivations | |
2128 | where the costs of data transfers would outweigh the benefits. | |
874e6874 LC |
2129 | @end deffn |
2130 | ||
2131 | @noindent | |
2132 | Here's an example with a shell script as its builder, assuming | |
2133 | @var{store} is an open connection to the daemon, and @var{bash} points | |
2134 | to a Bash executable in the store: | |
2135 | ||
2136 | @lisp | |
2137 | (use-modules (guix utils) | |
2138 | (guix store) | |
2139 | (guix derivations)) | |
2140 | ||
59688fc4 LC |
2141 | (let ((builder ; add the Bash script to the store |
2142 | (add-text-to-store store "my-builder.sh" | |
2143 | "echo hello world > $out\n" '()))) | |
2144 | (derivation store "foo" | |
2145 | bash `("-e" ,builder) | |
21b679f6 | 2146 | #:inputs `((,bash) (,builder)) |
59688fc4 | 2147 | #:env-vars '(("HOME" . "/homeless")))) |
834129e0 | 2148 | @result{} #<derivation /gnu/store/@dots{}-foo.drv => /gnu/store/@dots{}-foo> |
874e6874 LC |
2149 | @end lisp |
2150 | ||
21b679f6 LC |
2151 | As can be guessed, this primitive is cumbersome to use directly. A |
2152 | better approach is to write build scripts in Scheme, of course! The | |
2153 | best course of action for that is to write the build code as a | |
2154 | ``G-expression'', and to pass it to @code{gexp->derivation}. For more | |
6621cdb6 | 2155 | information, @pxref{G-Expressions}. |
21b679f6 LC |
2156 | |
2157 | Once upon a time, @code{gexp->derivation} did not exist and constructing | |
2158 | derivations with build code written in Scheme was achieved with | |
2159 | @code{build-expression->derivation}, documented below. This procedure | |
2160 | is now deprecated in favor of the much nicer @code{gexp->derivation}. | |
874e6874 | 2161 | |
dd1a5a15 LC |
2162 | @deffn {Scheme Procedure} build-expression->derivation @var{store} @ |
2163 | @var{name} @var{exp} @ | |
2164 | [#:system (%current-system)] [#:inputs '()] @ | |
2165 | [#:outputs '("out")] [#:hash #f] [#:hash-algo #f] @ | |
36bbbbd1 | 2166 | [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ |
63a42824 LC |
2167 | [#:references-graphs #f] [#:allowed-references #f] @ |
2168 | [#:local-build? #f] [#:guile-for-build #f] | |
874e6874 LC |
2169 | Return a derivation that executes Scheme expression @var{exp} as a |
2170 | builder for derivation @var{name}. @var{inputs} must be a list of | |
2171 | @code{(name drv-path sub-drv)} tuples; when @var{sub-drv} is omitted, | |
2172 | @code{"out"} is assumed. @var{modules} is a list of names of Guile | |
2173 | modules from the current search path to be copied in the store, | |
2174 | compiled, and made available in the load path during the execution of | |
2175 | @var{exp}---e.g., @code{((guix build utils) (guix build | |
2176 | gnu-build-system))}. | |
2177 | ||
2178 | @var{exp} is evaluated in an environment where @code{%outputs} is bound | |
2179 | to a list of output/path pairs, and where @code{%build-inputs} is bound | |
2180 | to a list of string/output-path pairs made from @var{inputs}. | |
2181 | Optionally, @var{env-vars} is a list of string pairs specifying the name | |
2182 | and value of environment variables visible to the builder. The builder | |
2183 | terminates by passing the result of @var{exp} to @code{exit}; thus, when | |
2184 | @var{exp} returns @code{#f}, the build is considered to have failed. | |
2185 | ||
2186 | @var{exp} is built using @var{guile-for-build} (a derivation). When | |
2187 | @var{guile-for-build} is omitted or is @code{#f}, the value of the | |
2188 | @code{%guile-for-build} fluid is used instead. | |
9c629a27 | 2189 | |
63a42824 LC |
2190 | See the @code{derivation} procedure for the meaning of |
2191 | @var{references-graphs}, @var{allowed-references}, and @var{local-build?}. | |
874e6874 LC |
2192 | @end deffn |
2193 | ||
2194 | @noindent | |
2195 | Here's an example of a single-output derivation that creates a directory | |
2196 | containing one file: | |
2197 | ||
2198 | @lisp | |
2199 | (let ((builder '(let ((out (assoc-ref %outputs "out"))) | |
834129e0 | 2200 | (mkdir out) ; create /gnu/store/@dots{}-goo |
874e6874 LC |
2201 | (call-with-output-file (string-append out "/test") |
2202 | (lambda (p) | |
2203 | (display '(hello guix) p)))))) | |
dd1a5a15 | 2204 | (build-expression->derivation store "goo" builder)) |
874e6874 | 2205 | |
834129e0 | 2206 | @result{} #<derivation /gnu/store/@dots{}-goo.drv => @dots{}> |
874e6874 LC |
2207 | @end lisp |
2208 | ||
568717fd | 2209 | |
b860f382 LC |
2210 | @node The Store Monad |
2211 | @section The Store Monad | |
2212 | ||
2213 | @cindex monad | |
2214 | ||
2215 | The procedures that operate on the store described in the previous | |
2216 | sections all take an open connection to the build daemon as their first | |
2217 | argument. Although the underlying model is functional, they either have | |
2218 | side effects or depend on the current state of the store. | |
2219 | ||
2220 | The former is inconvenient: the connection to the build daemon has to be | |
2221 | carried around in all those functions, making it impossible to compose | |
2222 | functions that do not take that parameter with functions that do. The | |
2223 | latter can be problematic: since store operations have side effects | |
2224 | and/or depend on external state, they have to be properly sequenced. | |
2225 | ||
2226 | @cindex monadic values | |
2227 | @cindex monadic functions | |
2228 | This is where the @code{(guix monads)} module comes in. This module | |
2229 | provides a framework for working with @dfn{monads}, and a particularly | |
2230 | useful monad for our uses, the @dfn{store monad}. Monads are a | |
2231 | construct that allows two things: associating ``context'' with values | |
2232 | (in our case, the context is the store), and building sequences of | |
561fb6c3 | 2233 | computations (here computations include accesses to the store.) Values |
b860f382 LC |
2234 | in a monad---values that carry this additional context---are called |
2235 | @dfn{monadic values}; procedures that return such values are called | |
2236 | @dfn{monadic procedures}. | |
2237 | ||
2238 | Consider this ``normal'' procedure: | |
2239 | ||
2240 | @example | |
45adbd62 LC |
2241 | (define (sh-symlink store) |
2242 | ;; Return a derivation that symlinks the 'bash' executable. | |
2243 | (let* ((drv (package-derivation store bash)) | |
2244 | (out (derivation->output-path drv)) | |
2245 | (sh (string-append out "/bin/bash"))) | |
2246 | (build-expression->derivation store "sh" | |
2247 | `(symlink ,sh %output)))) | |
b860f382 LC |
2248 | @end example |
2249 | ||
2250 | Using @code{(guix monads)}, it may be rewritten as a monadic function: | |
2251 | ||
ada3df03 | 2252 | @c FIXME: Find a better example, one that uses 'mlet'. |
b860f382 | 2253 | @example |
45adbd62 | 2254 | (define (sh-symlink) |
b860f382 | 2255 | ;; Same, but return a monadic value. |
ada3df03 LC |
2256 | (gexp->derivation "sh" |
2257 | #~(symlink (string-append #$bash "/bin/bash") #$output))) | |
b860f382 LC |
2258 | @end example |
2259 | ||
2260 | There are two things to note in the second version: the @code{store} | |
2261 | parameter is now implicit, and the monadic value returned by | |
2262 | @code{package-file}---a wrapper around @code{package-derivation} and | |
2263 | @code{derivation->output-path}---is @dfn{bound} using @code{mlet} | |
2264 | instead of plain @code{let}. | |
2265 | ||
2266 | Calling the monadic @code{profile.sh} has no effect. To get the desired | |
2267 | effect, one must use @code{run-with-store}: | |
2268 | ||
2269 | @example | |
2270 | (run-with-store (open-connection) (profile.sh)) | |
834129e0 | 2271 | @result{} /gnu/store/...-profile.sh |
b860f382 LC |
2272 | @end example |
2273 | ||
b9b86078 LC |
2274 | Note that the @code{(guix monad-repl)} module extends Guile's REPL with |
2275 | new ``meta-commands'' to make it easier to deal with monadic procedures: | |
2276 | @code{run-in-store}, and @code{enter-store-monad}. The former, is used | |
2277 | to ``run'' a single monadic value through the store: | |
2278 | ||
2279 | @example | |
2280 | scheme@@(guile-user)> ,run-in-store (package->derivation hello) | |
2281 | $1 = #<derivation /gnu/store/@dots{}-hello-2.9.drv => @dots{}> | |
2282 | @end example | |
2283 | ||
2284 | The latter enters a recursive REPL, where all the return values are | |
2285 | automatically run through the store: | |
2286 | ||
2287 | @example | |
2288 | scheme@@(guile-user)> ,enter-store-monad | |
2289 | store-monad@@(guile-user) [1]> (package->derivation hello) | |
2290 | $2 = #<derivation /gnu/store/@dots{}-hello-2.9.drv => @dots{}> | |
2291 | store-monad@@(guile-user) [1]> (text-file "foo" "Hello!") | |
2292 | $3 = "/gnu/store/@dots{}-foo" | |
2293 | store-monad@@(guile-user) [1]> ,q | |
2294 | scheme@@(guile-user)> | |
2295 | @end example | |
2296 | ||
2297 | @noindent | |
2298 | Note that non-monadic values cannot be returned in the | |
2299 | @code{store-monad} REPL. | |
2300 | ||
e87f0591 LC |
2301 | The main syntactic forms to deal with monads in general are provided by |
2302 | the @code{(guix monads)} module and are described below. | |
b860f382 LC |
2303 | |
2304 | @deffn {Scheme Syntax} with-monad @var{monad} @var{body} ... | |
2305 | Evaluate any @code{>>=} or @code{return} forms in @var{body} as being | |
2306 | in @var{monad}. | |
2307 | @end deffn | |
2308 | ||
2309 | @deffn {Scheme Syntax} return @var{val} | |
2310 | Return a monadic value that encapsulates @var{val}. | |
2311 | @end deffn | |
2312 | ||
2313 | @deffn {Scheme Syntax} >>= @var{mval} @var{mproc} | |
2314 | @dfn{Bind} monadic value @var{mval}, passing its ``contents'' to monadic | |
2315 | procedure @var{mproc}@footnote{This operation is commonly referred to as | |
2316 | ``bind'', but that name denotes an unrelated procedure in Guile. Thus | |
2317 | we use this somewhat cryptic symbol inherited from the Haskell | |
2318 | language.}. | |
2319 | @end deffn | |
2320 | ||
2321 | @deffn {Scheme Syntax} mlet @var{monad} ((@var{var} @var{mval}) ...) @ | |
2322 | @var{body} ... | |
2323 | @deffnx {Scheme Syntax} mlet* @var{monad} ((@var{var} @var{mval}) ...) @ | |
2324 | @var{body} ... | |
2325 | Bind the variables @var{var} to the monadic values @var{mval} in | |
2326 | @var{body}. The form (@var{var} -> @var{val}) binds @var{var} to the | |
2327 | ``normal'' value @var{val}, as per @code{let}. | |
2328 | ||
2329 | @code{mlet*} is to @code{mlet} what @code{let*} is to @code{let} | |
2330 | (@pxref{Local Bindings,,, guile, GNU Guile Reference Manual}). | |
2331 | @end deffn | |
2332 | ||
405a9d4e LC |
2333 | @deffn {Scheme System} mbegin @var{monad} @var{mexp} ... |
2334 | Bind @var{mexp} and the following monadic expressions in sequence, | |
2335 | returning the result of the last expression. | |
2336 | ||
2337 | This is akin to @code{mlet}, except that the return values of the | |
2338 | monadic expressions are ignored. In that sense, it is analogous to | |
2339 | @code{begin}, but applied to monadic expressions. | |
2340 | @end deffn | |
2341 | ||
561fb6c3 LC |
2342 | @cindex state monad |
2343 | The @code{(guix monads)} module provides the @dfn{state monad}, which | |
2344 | allows an additional value---the state---to be @emph{threaded} through | |
2345 | monadic procedure calls. | |
2346 | ||
2347 | @defvr {Scheme Variable} %state-monad | |
2348 | The state monad. Procedures in the state monad can access and change | |
2349 | the state that is threaded. | |
2350 | ||
2351 | Consider the example below. The @code{square} procedure returns a value | |
2352 | in the state monad. It returns the square of its argument, but also | |
2353 | increments the current state value: | |
2354 | ||
2355 | @example | |
2356 | (define (square x) | |
2357 | (mlet %state-monad ((count (current-state))) | |
2358 | (mbegin %state-monad | |
2359 | (set-current-state (+ 1 count)) | |
2360 | (return (* x x))))) | |
2361 | ||
2362 | (run-with-state (sequence %state-monad (map square (iota 3))) 0) | |
2363 | @result{} (0 1 4) | |
2364 | @result{} 3 | |
2365 | @end example | |
2366 | ||
2367 | When ``run'' through @var{%state-monad}, we obtain that additional state | |
2368 | value, which is the number of @code{square} calls. | |
2369 | @end defvr | |
2370 | ||
2371 | @deffn {Monadic Procedure} current-state | |
2372 | Return the current state as a monadic value. | |
2373 | @end deffn | |
2374 | ||
2375 | @deffn {Monadic Procedure} set-current-state @var{value} | |
2376 | Set the current state to @var{value} and return the previous state as a | |
2377 | monadic value. | |
2378 | @end deffn | |
2379 | ||
2380 | @deffn {Monadic Procedure} state-push @var{value} | |
2381 | Push @var{value} to the current state, which is assumed to be a list, | |
2382 | and return the previous state as a monadic value. | |
2383 | @end deffn | |
2384 | ||
2385 | @deffn {Monadic Procedure} state-pop | |
2386 | Pop a value from the current state and return it as a monadic value. | |
2387 | The state is assumed to be a list. | |
2388 | @end deffn | |
2389 | ||
2390 | @deffn {Scheme Procedure} run-with-state @var{mval} [@var{state}] | |
2391 | Run monadic value @var{mval} starting with @var{state} as the initial | |
2392 | state. Return two values: the resulting value, and the resulting state. | |
2393 | @end deffn | |
2394 | ||
e87f0591 LC |
2395 | The main interface to the store monad, provided by the @code{(guix |
2396 | store)} module, is as follows. | |
b860f382 LC |
2397 | |
2398 | @defvr {Scheme Variable} %store-monad | |
561fb6c3 LC |
2399 | The store monad---an alias for @var{%state-monad}. |
2400 | ||
2401 | Values in the store monad encapsulate accesses to the store. When its | |
2402 | effect is needed, a value of the store monad must be ``evaluated'' by | |
2403 | passing it to the @code{run-with-store} procedure (see below.) | |
b860f382 LC |
2404 | @end defvr |
2405 | ||
2406 | @deffn {Scheme Procedure} run-with-store @var{store} @var{mval} [#:guile-for-build] [#:system (%current-system)] | |
2407 | Run @var{mval}, a monadic value in the store monad, in @var{store}, an | |
2408 | open store connection. | |
2409 | @end deffn | |
2410 | ||
ad372953 | 2411 | @deffn {Monadic Procedure} text-file @var{name} @var{text} [@var{references}] |
b860f382 | 2412 | Return as a monadic value the absolute file name in the store of the file |
ad372953 LC |
2413 | containing @var{text}, a string. @var{references} is a list of store items that the |
2414 | resulting text file refers to; it defaults to the empty list. | |
45adbd62 LC |
2415 | @end deffn |
2416 | ||
0a90af15 LC |
2417 | @deffn {Monadic Procedure} interned-file @var{file} [@var{name}] @ |
2418 | [#:recursive? #t] | |
2419 | Return the name of @var{file} once interned in the store. Use | |
2420 | @var{name} as its store name, or the basename of @var{file} if | |
2421 | @var{name} is omitted. | |
2422 | ||
2423 | When @var{recursive?} is true, the contents of @var{file} are added | |
2424 | recursively; if @var{file} designates a flat file and @var{recursive?} | |
2425 | is true, its contents are added, and its permission bits are kept. | |
2426 | ||
2427 | The example below adds a file to the store, under two different names: | |
2428 | ||
2429 | @example | |
2430 | (run-with-store (open-connection) | |
2431 | (mlet %store-monad ((a (interned-file "README")) | |
2432 | (b (interned-file "README" "LEGU-MIN"))) | |
2433 | (return (list a b)))) | |
2434 | ||
2435 | @result{} ("/gnu/store/rwm@dots{}-README" "/gnu/store/44i@dots{}-LEGU-MIN") | |
2436 | @end example | |
2437 | ||
2438 | @end deffn | |
2439 | ||
e87f0591 LC |
2440 | The @code{(guix packages)} module exports the following package-related |
2441 | monadic procedures: | |
2442 | ||
b860f382 | 2443 | @deffn {Monadic Procedure} package-file @var{package} [@var{file}] @ |
4231f05b LC |
2444 | [#:system (%current-system)] [#:target #f] @ |
2445 | [#:output "out"] Return as a monadic | |
b860f382 LC |
2446 | value in the absolute file name of @var{file} within the @var{output} |
2447 | directory of @var{package}. When @var{file} is omitted, return the name | |
4231f05b LC |
2448 | of the @var{output} directory of @var{package}. When @var{target} is |
2449 | true, use it as a cross-compilation target triplet. | |
b860f382 LC |
2450 | @end deffn |
2451 | ||
b860f382 | 2452 | @deffn {Monadic Procedure} package->derivation @var{package} [@var{system}] |
4231f05b LC |
2453 | @deffnx {Monadic Procedure} package->cross-derivation @var{package} @ |
2454 | @var{target} [@var{system}] | |
2455 | Monadic version of @code{package-derivation} and | |
2456 | @code{package-cross-derivation} (@pxref{Defining Packages}). | |
b860f382 LC |
2457 | @end deffn |
2458 | ||
2459 | ||
21b679f6 LC |
2460 | @node G-Expressions |
2461 | @section G-Expressions | |
2462 | ||
2463 | @cindex G-expression | |
2464 | @cindex build code quoting | |
2465 | So we have ``derivations'', which represent a sequence of build actions | |
2466 | to be performed to produce an item in the store (@pxref{Derivations}). | |
2467 | Those build actions are performed when asking the daemon to actually | |
2468 | build the derivations; they are run by the daemon in a container | |
2469 | (@pxref{Invoking guix-daemon}). | |
2470 | ||
2471 | @cindex strata of code | |
2472 | It should come as no surprise that we like to write those build actions | |
2473 | in Scheme. When we do that, we end up with two @dfn{strata} of Scheme | |
2474 | code@footnote{The term @dfn{stratum} in this context was coined by | |
ef4ab0a4 LC |
2475 | Manuel Serrano et al.@: in the context of their work on Hop. Oleg |
2476 | Kiselyov, who has written insightful | |
2477 | @url{http://okmij.org/ftp/meta-programming/#meta-scheme, essays and code | |
2478 | on this topic}, refers to this kind of code generation as | |
2479 | @dfn{staging}.}: the ``host code''---code that defines packages, talks | |
2480 | to the daemon, etc.---and the ``build code''---code that actually | |
2481 | performs build actions, such as making directories, invoking | |
2482 | @command{make}, etc. | |
21b679f6 LC |
2483 | |
2484 | To describe a derivation and its build actions, one typically needs to | |
2485 | embed build code inside host code. It boils down to manipulating build | |
2486 | code as data, and Scheme's homoiconicity---code has a direct | |
2487 | representation as data---comes in handy for that. But we need more than | |
2488 | Scheme's normal @code{quasiquote} mechanism to construct build | |
2489 | expressions. | |
2490 | ||
2491 | The @code{(guix gexp)} module implements @dfn{G-expressions}, a form of | |
2492 | S-expressions adapted to build expressions. G-expressions, or | |
2493 | @dfn{gexps}, consist essentially in three syntactic forms: @code{gexp}, | |
2494 | @code{ungexp}, and @code{ungexp-splicing} (or simply: @code{#~}, | |
2495 | @code{#$}, and @code{#$@@}), which are comparable respectively to | |
2496 | @code{quasiquote}, @code{unquote}, and @code{unquote-splicing} | |
2497 | (@pxref{Expression Syntax, @code{quasiquote},, guile, GNU Guile | |
2498 | Reference Manual}). However, there are major differences: | |
2499 | ||
2500 | @itemize | |
2501 | @item | |
2502 | Gexps are meant to be written to a file and run or manipulated by other | |
2503 | processes. | |
2504 | ||
2505 | @item | |
b39fc6f7 LC |
2506 | When a high-level object such as a package or derivation is unquoted |
2507 | inside a gexp, the result is as if its output file name had been | |
2508 | introduced. | |
ff40e9b7 | 2509 | |
21b679f6 LC |
2510 | @item |
2511 | Gexps carry information about the packages or derivations they refer to, | |
2512 | and these dependencies are automatically added as inputs to the build | |
2513 | processes that use them. | |
2514 | @end itemize | |
2515 | ||
b39fc6f7 LC |
2516 | Actually this mechanism is not limited to package and derivation |
2517 | objects; @dfn{compilers} able to ``lower'' other high-level objects to | |
2518 | derivations can be defined, such that these objects can also be inserted | |
d9ae938f LC |
2519 | into gexps. Another useful type of high-level object that can be |
2520 | inserted in a gexp is @dfn{local files}, which allows files from the | |
2521 | local file system to be added to the store and referred to by | |
2522 | derivations and such (see @code{local-file} below.) | |
b39fc6f7 | 2523 | |
21b679f6 LC |
2524 | To illustrate the idea, here is an example of a gexp: |
2525 | ||
2526 | @example | |
2527 | (define build-exp | |
2528 | #~(begin | |
2529 | (mkdir #$output) | |
2530 | (chdir #$output) | |
aff8ce7c | 2531 | (symlink (string-append #$coreutils "/bin/ls") |
21b679f6 LC |
2532 | "list-files"))) |
2533 | @end example | |
2534 | ||
2535 | This gexp can be passed to @code{gexp->derivation}; we obtain a | |
2536 | derivation that builds a directory containing exactly one symlink to | |
2537 | @file{/gnu/store/@dots{}-coreutils-8.22/bin/ls}: | |
2538 | ||
2539 | @example | |
2540 | (gexp->derivation "the-thing" build-exp) | |
2541 | @end example | |
2542 | ||
e20fd1bf | 2543 | As one would expect, the @code{"/gnu/store/@dots{}-coreutils-8.22"} string is |
21b679f6 LC |
2544 | substituted to the reference to the @var{coreutils} package in the |
2545 | actual build code, and @var{coreutils} is automatically made an input to | |
2546 | the derivation. Likewise, @code{#$output} (equivalent to @code{(ungexp | |
2547 | output)}) is replaced by a string containing the derivation's output | |
667b2508 LC |
2548 | directory name. |
2549 | ||
2550 | @cindex cross compilation | |
2551 | In a cross-compilation context, it is useful to distinguish between | |
2552 | references to the @emph{native} build of a package---that can run on the | |
2553 | host---versus references to cross builds of a package. To that end, the | |
2554 | @code{#+} plays the same role as @code{#$}, but is a reference to a | |
2555 | native package build: | |
2556 | ||
2557 | @example | |
2558 | (gexp->derivation "vi" | |
2559 | #~(begin | |
2560 | (mkdir #$output) | |
2561 | (system* (string-append #+coreutils "/bin/ln") | |
2562 | "-s" | |
2563 | (string-append #$emacs "/bin/emacs") | |
2564 | (string-append #$output "/bin/vi"))) | |
2565 | #:target "mips64el-linux") | |
2566 | @end example | |
2567 | ||
2568 | @noindent | |
2569 | In the example above, the native build of @var{coreutils} is used, so | |
2570 | that @command{ln} can actually run on the host; but then the | |
2571 | cross-compiled build of @var{emacs} is referenced. | |
2572 | ||
2573 | The syntactic form to construct gexps is summarized below. | |
21b679f6 LC |
2574 | |
2575 | @deffn {Scheme Syntax} #~@var{exp} | |
2576 | @deffnx {Scheme Syntax} (gexp @var{exp}) | |
2577 | Return a G-expression containing @var{exp}. @var{exp} may contain one | |
2578 | or more of the following forms: | |
2579 | ||
2580 | @table @code | |
2581 | @item #$@var{obj} | |
2582 | @itemx (ungexp @var{obj}) | |
b39fc6f7 LC |
2583 | Introduce a reference to @var{obj}. @var{obj} may have one of the |
2584 | supported types, for example a package or a | |
21b679f6 LC |
2585 | derivation, in which case the @code{ungexp} form is replaced by its |
2586 | output file name---e.g., @code{"/gnu/store/@dots{}-coreutils-8.22}. | |
2587 | ||
b39fc6f7 LC |
2588 | If @var{obj} is a list, it is traversed and references to supported |
2589 | objects are substituted similarly. | |
21b679f6 LC |
2590 | |
2591 | If @var{obj} is another gexp, its contents are inserted and its | |
2592 | dependencies are added to those of the containing gexp. | |
2593 | ||
2594 | If @var{obj} is another kind of object, it is inserted as is. | |
2595 | ||
b39fc6f7 LC |
2596 | @item #$@var{obj}:@var{output} |
2597 | @itemx (ungexp @var{obj} @var{output}) | |
21b679f6 | 2598 | This is like the form above, but referring explicitly to the |
b39fc6f7 LC |
2599 | @var{output} of @var{obj}---this is useful when @var{obj} produces |
2600 | multiple outputs (@pxref{Packages with Multiple Outputs}). | |
21b679f6 | 2601 | |
667b2508 LC |
2602 | @item #+@var{obj} |
2603 | @itemx #+@var{obj}:output | |
2604 | @itemx (ungexp-native @var{obj}) | |
2605 | @itemx (ungexp-native @var{obj} @var{output}) | |
2606 | Same as @code{ungexp}, but produces a reference to the @emph{native} | |
2607 | build of @var{obj} when used in a cross compilation context. | |
2608 | ||
21b679f6 LC |
2609 | @item #$output[:@var{output}] |
2610 | @itemx (ungexp output [@var{output}]) | |
2611 | Insert a reference to derivation output @var{output}, or to the main | |
2612 | output when @var{output} is omitted. | |
2613 | ||
2614 | This only makes sense for gexps passed to @code{gexp->derivation}. | |
2615 | ||
2616 | @item #$@@@var{lst} | |
2617 | @itemx (ungexp-splicing @var{lst}) | |
2618 | Like the above, but splices the contents of @var{lst} inside the | |
2619 | containing list. | |
2620 | ||
667b2508 LC |
2621 | @item #+@@@var{lst} |
2622 | @itemx (ungexp-native-splicing @var{lst}) | |
2623 | Like the above, but refers to native builds of the objects listed in | |
2624 | @var{lst}. | |
2625 | ||
21b679f6 LC |
2626 | @end table |
2627 | ||
2628 | G-expressions created by @code{gexp} or @code{#~} are run-time objects | |
2629 | of the @code{gexp?} type (see below.) | |
2630 | @end deffn | |
2631 | ||
2632 | @deffn {Scheme Procedure} gexp? @var{obj} | |
2633 | Return @code{#t} if @var{obj} is a G-expression. | |
2634 | @end deffn | |
2635 | ||
2636 | G-expressions are meant to be written to disk, either as code building | |
2637 | some derivation, or as plain files in the store. The monadic procedures | |
2638 | below allow you to do that (@pxref{The Store Monad}, for more | |
2639 | information about monads.) | |
2640 | ||
2641 | @deffn {Monadic Procedure} gexp->derivation @var{name} @var{exp} @ | |
ce45eb4c | 2642 | [#:system (%current-system)] [#:target #f] [#:graft? #t] @ |
21b679f6 LC |
2643 | [#:hash #f] [#:hash-algo #f] @ |
2644 | [#:recursive? #f] [#:env-vars '()] [#:modules '()] @ | |
4684f301 | 2645 | [#:module-path @var{%load-path}] @ |
c8351d9a LC |
2646 | [#:references-graphs #f] [#:allowed-references #f] @ |
2647 | [#:local-build? #f] [#:guile-for-build #f] | |
21b679f6 | 2648 | Return a derivation @var{name} that runs @var{exp} (a gexp) with |
68a61e9f LC |
2649 | @var{guile-for-build} (a derivation) on @var{system}. When @var{target} |
2650 | is true, it is used as the cross-compilation target triplet for packages | |
2651 | referred to by @var{exp}. | |
21b679f6 | 2652 | |
ce45eb4c LC |
2653 | Make @var{modules} available in the evaluation context of @var{exp}; |
2654 | @var{modules} is a list of names of Guile modules searched in | |
2655 | @var{module-path} to be copied in the store, compiled, and made available in | |
21b679f6 LC |
2656 | the load path during the execution of @var{exp}---e.g., @code{((guix |
2657 | build utils) (guix build gnu-build-system))}. | |
2658 | ||
ce45eb4c LC |
2659 | @var{graft?} determines whether packages referred to by @var{exp} should be grafted when |
2660 | applicable. | |
2661 | ||
b53833b2 LC |
2662 | When @var{references-graphs} is true, it must be a list of tuples of one of the |
2663 | following forms: | |
2664 | ||
2665 | @example | |
2666 | (@var{file-name} @var{package}) | |
2667 | (@var{file-name} @var{package} @var{output}) | |
2668 | (@var{file-name} @var{derivation}) | |
2669 | (@var{file-name} @var{derivation} @var{output}) | |
2670 | (@var{file-name} @var{store-item}) | |
2671 | @end example | |
2672 | ||
2673 | The right-hand-side of each element of @var{references-graphs} is automatically made | |
2674 | an input of the build process of @var{exp}. In the build environment, each | |
2675 | @var{file-name} contains the reference graph of the corresponding item, in a simple | |
2676 | text format. | |
2677 | ||
c8351d9a LC |
2678 | @var{allowed-references} must be either @code{#f} or a list of output names and packages. |
2679 | In the latter case, the list denotes store items that the result is allowed to | |
2680 | refer to. Any reference to another store item will lead to a build error. | |
2681 | ||
e20fd1bf | 2682 | The other arguments are as for @code{derivation} (@pxref{Derivations}). |
21b679f6 LC |
2683 | @end deffn |
2684 | ||
d9ae938f LC |
2685 | @deffn {Scheme Procedure} local-file @var{file} [@var{name}] @ |
2686 | [#:recursive? #t] | |
2687 | Return an object representing local file @var{file} to add to the store; this | |
2688 | object can be used in a gexp. @var{file} will be added to the store under @var{name}--by | |
2689 | default the base name of @var{file}. | |
2690 | ||
2691 | When @var{recursive?} is true, the contents of @var{file} are added recursively; if @var{file} | |
2692 | designates a flat file and @var{recursive?} is true, its contents are added, and its | |
2693 | permission bits are kept. | |
2694 | ||
2695 | This is the declarative counterpart of the @code{interned-file} monadic | |
2696 | procedure (@pxref{The Store Monad, @code{interned-file}}). | |
2697 | @end deffn | |
2698 | ||
21b679f6 LC |
2699 | @deffn {Monadic Procedure} gexp->script @var{name} @var{exp} |
2700 | Return an executable script @var{name} that runs @var{exp} using | |
2701 | @var{guile} with @var{modules} in its search path. | |
2702 | ||
2703 | The example below builds a script that simply invokes the @command{ls} | |
2704 | command: | |
2705 | ||
2706 | @example | |
2707 | (use-modules (guix gexp) (gnu packages base)) | |
2708 | ||
2709 | (gexp->script "list-files" | |
2710 | #~(execl (string-append #$coreutils "/bin/ls") | |
2711 | "ls")) | |
2712 | @end example | |
2713 | ||
2714 | When ``running'' it through the store (@pxref{The Store Monad, | |
e20fd1bf | 2715 | @code{run-with-store}}), we obtain a derivation that produces an |
21b679f6 LC |
2716 | executable file @file{/gnu/store/@dots{}-list-files} along these lines: |
2717 | ||
2718 | @example | |
2719 | #!/gnu/store/@dots{}-guile-2.0.11/bin/guile -ds | |
2720 | !# | |
2721 | (execl (string-append "/gnu/store/@dots{}-coreutils-8.22"/bin/ls") | |
2722 | "ls") | |
2723 | @end example | |
2724 | @end deffn | |
2725 | ||
2726 | @deffn {Monadic Procedure} gexp->file @var{name} @var{exp} | |
2727 | Return a derivation that builds a file @var{name} containing @var{exp}. | |
2728 | ||
2729 | The resulting file holds references to all the dependencies of @var{exp} | |
2730 | or a subset thereof. | |
2731 | @end deffn | |
1ed19464 LC |
2732 | |
2733 | @deffn {Monadic Procedure} text-file* @var{name} @var{text} @dots{} | |
2734 | Return as a monadic value a derivation that builds a text file | |
2735 | containing all of @var{text}. @var{text} may list, in addition to | |
d9ae938f LC |
2736 | strings, objects of any type that can be used in a gexp: packages, |
2737 | derivations, local file objects, etc. The resulting store file holds | |
2738 | references to all these. | |
1ed19464 LC |
2739 | |
2740 | This variant should be preferred over @code{text-file} anytime the file | |
2741 | to create will reference items from the store. This is typically the | |
2742 | case when building a configuration file that embeds store file names, | |
2743 | like this: | |
2744 | ||
2745 | @example | |
2746 | (define (profile.sh) | |
2747 | ;; Return the name of a shell script in the store that | |
2748 | ;; initializes the 'PATH' environment variable. | |
2749 | (text-file* "profile.sh" | |
2750 | "export PATH=" coreutils "/bin:" | |
2751 | grep "/bin:" sed "/bin\n")) | |
2752 | @end example | |
2753 | ||
2754 | In this example, the resulting @file{/gnu/store/@dots{}-profile.sh} file | |
2755 | will references @var{coreutils}, @var{grep}, and @var{sed}, thereby | |
2756 | preventing them from being garbage-collected during its lifetime. | |
2757 | @end deffn | |
21b679f6 LC |
2758 | |
2759 | Of course, in addition to gexps embedded in ``host'' code, there are | |
2760 | also modules containing build tools. To make it clear that they are | |
2761 | meant to be used in the build stratum, these modules are kept in the | |
2762 | @code{(guix build @dots{})} name space. | |
2763 | ||
2764 | ||
568717fd LC |
2765 | @c ********************************************************************* |
2766 | @node Utilities | |
2767 | @chapter Utilities | |
2768 | ||
210cc920 LC |
2769 | This section describes tools primarily targeted at developers and users |
2770 | who write new package definitions. They complement the Scheme | |
2771 | programming interface of Guix in a convenient way. | |
2772 | ||
568717fd | 2773 | @menu |
37166310 | 2774 | * Invoking guix build:: Building packages from the command line. |
210cc920 | 2775 | * Invoking guix download:: Downloading a file and printing its hash. |
37166310 | 2776 | * Invoking guix hash:: Computing the cryptographic hash of a file. |
2f7d2d91 | 2777 | * Invoking guix import:: Importing package definitions. |
37166310 | 2778 | * Invoking guix refresh:: Updating package definitions. |
b4f5e0e8 | 2779 | * Invoking guix lint:: Finding errors in package definitions. |
372c4bbc | 2780 | * Invoking guix environment:: Setting up development environments. |
aff8ce7c | 2781 | * Invoking guix publish:: Sharing substitutes. |
568717fd LC |
2782 | @end menu |
2783 | ||
e49951eb MW |
2784 | @node Invoking guix build |
2785 | @section Invoking @command{guix build} | |
568717fd | 2786 | |
e49951eb | 2787 | The @command{guix build} command builds packages or derivations and |
6798a8e4 LC |
2788 | their dependencies, and prints the resulting store paths. Note that it |
2789 | does not modify the user's profile---this is the job of the | |
e49951eb | 2790 | @command{guix package} command (@pxref{Invoking guix package}). Thus, |
6798a8e4 LC |
2791 | it is mainly useful for distribution developers. |
2792 | ||
2793 | The general syntax is: | |
c78bd12b LC |
2794 | |
2795 | @example | |
e49951eb | 2796 | guix build @var{options} @var{package-or-derivation}@dots{} |
c78bd12b LC |
2797 | @end example |
2798 | ||
2799 | @var{package-or-derivation} may be either the name of a package found in | |
5401dd75 LC |
2800 | the software distribution such as @code{coreutils} or |
2801 | @code{coreutils-8.20}, or a derivation such as | |
834129e0 | 2802 | @file{/gnu/store/@dots{}-coreutils-8.19.drv}. In the former case, a |
e7f34eb0 LC |
2803 | package with the corresponding name (and optionally version) is searched |
2804 | for among the GNU distribution modules (@pxref{Package Modules}). | |
2805 | ||
2806 | Alternatively, the @code{--expression} option may be used to specify a | |
2807 | Scheme expression that evaluates to a package; this is useful when | |
2808 | disambiguation among several same-named packages or package variants is | |
2809 | needed. | |
c78bd12b LC |
2810 | |
2811 | The @var{options} may be zero or more of the following: | |
2812 | ||
2813 | @table @code | |
2814 | ||
2815 | @item --expression=@var{expr} | |
2816 | @itemx -e @var{expr} | |
ac5de156 | 2817 | Build the package or derivation @var{expr} evaluates to. |
c78bd12b | 2818 | |
5401dd75 | 2819 | For example, @var{expr} may be @code{(@@ (gnu packages guile) |
c78bd12b LC |
2820 | guile-1.8)}, which unambiguously designates this specific variant of |
2821 | version 1.8 of Guile. | |
2822 | ||
56b82106 LC |
2823 | Alternately, @var{expr} may be a G-expression, in which case it is used |
2824 | as a build program passed to @code{gexp->derivation} | |
2825 | (@pxref{G-Expressions}). | |
2826 | ||
2827 | Lastly, @var{expr} may refer to a zero-argument monadic procedure | |
ac5de156 LC |
2828 | (@pxref{The Store Monad}). The procedure must return a derivation as a |
2829 | monadic value, which is then passed through @code{run-with-store}. | |
2830 | ||
c78bd12b LC |
2831 | @item --source |
2832 | @itemx -S | |
2833 | Build the packages' source derivations, rather than the packages | |
2834 | themselves. | |
2835 | ||
e49951eb | 2836 | For instance, @code{guix build -S gcc} returns something like |
834129e0 | 2837 | @file{/gnu/store/@dots{}-gcc-4.7.2.tar.bz2}, which is GCC's source tarball. |
c78bd12b | 2838 | |
f9cc8971 LC |
2839 | The returned source tarball is the result of applying any patches and |
2840 | code snippets specified in the package's @code{origin} (@pxref{Defining | |
2841 | Packages}). | |
2842 | ||
c78bd12b LC |
2843 | @item --system=@var{system} |
2844 | @itemx -s @var{system} | |
2845 | Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of | |
2846 | the host's system type. | |
2847 | ||
2848 | An example use of this is on Linux-based systems, which can emulate | |
2849 | different personalities. For instance, passing | |
2850 | @code{--system=i686-linux} on an @code{x86_64-linux} system allows users | |
2851 | to build packages in a complete 32-bit environment. | |
2852 | ||
e55ec43d LC |
2853 | @item --target=@var{triplet} |
2854 | @cindex cross-compilation | |
2855 | Cross-build for @var{triplet}, which must be a valid GNU triplet, such | |
2856 | as @code{"mips64el-linux-gnu"} (@pxref{Configuration Names, GNU | |
2857 | configuration triplets,, configure, GNU Configure and Build System}). | |
2858 | ||
7f3673f2 LC |
2859 | @item --with-source=@var{source} |
2860 | Use @var{source} as the source of the corresponding package. | |
2861 | @var{source} must be a file name or a URL, as for @command{guix | |
2862 | download} (@pxref{Invoking guix download}). | |
2863 | ||
2864 | The ``corresponding package'' is taken to be one specified on the | |
2865 | command line whose name matches the base of @var{source}---e.g., if | |
2866 | @var{source} is @code{/src/guile-2.0.10.tar.gz}, the corresponding | |
2867 | package is @code{guile}. Likewise, the version string is inferred from | |
2868 | @var{source}; in the previous example, it's @code{2.0.10}. | |
2869 | ||
2870 | This option allows users to try out versions of packages other than the | |
2871 | one provided by the distribution. The example below downloads | |
2872 | @file{ed-1.7.tar.gz} from a GNU mirror and uses that as the source for | |
2873 | the @code{ed} package: | |
2874 | ||
2875 | @example | |
2876 | guix build ed --with-source=mirror://gnu/ed/ed-1.7.tar.gz | |
2877 | @end example | |
2878 | ||
2879 | As a developer, @code{--with-source} makes it easy to test release | |
2880 | candidates: | |
2881 | ||
2882 | @example | |
2883 | guix build guile --with-source=../guile-2.0.9.219-e1bb7.tar.xz | |
2884 | @end example | |
2885 | ||
05962f29 LC |
2886 | @item --no-grafts |
2887 | Do not ``graft'' packages. In practice, this means that package updates | |
2888 | available as grafts are not applied. @xref{Security Updates}, for more | |
2889 | information on grafts. | |
7f3673f2 | 2890 | |
c78bd12b LC |
2891 | @item --derivations |
2892 | @itemx -d | |
2893 | Return the derivation paths, not the output paths, of the given | |
2894 | packages. | |
2895 | ||
70ee5642 LC |
2896 | @item --root=@var{file} |
2897 | @itemx -r @var{file} | |
2898 | Make @var{file} a symlink to the result, and register it as a garbage | |
2899 | collector root. | |
2900 | ||
2901 | @item --log-file | |
2902 | Return the build log file names for the given | |
2903 | @var{package-or-derivation}s, or raise an error if build logs are | |
2904 | missing. | |
2905 | ||
2906 | This works regardless of how packages or derivations are specified. For | |
2907 | instance, the following invocations are equivalent: | |
2908 | ||
2909 | @example | |
2910 | guix build --log-file `guix build -d guile` | |
2911 | guix build --log-file `guix build guile` | |
2912 | guix build --log-file guile | |
2913 | guix build --log-file -e '(@@ (gnu packages guile) guile-2.0)' | |
2914 | @end example | |
2915 | ||
2916 | ||
2917 | @end table | |
2918 | ||
2919 | @cindex common build options | |
2920 | In addition, a number of options that control the build process are | |
2921 | common to @command{guix build} and other commands that can spawn builds, | |
2922 | such as @command{guix package} or @command{guix archive}. These are the | |
2923 | following: | |
2924 | ||
2925 | @table @code | |
2926 | ||
300868ba LC |
2927 | @item --load-path=@var{directory} |
2928 | @itemx -L @var{directory} | |
2929 | Add @var{directory} to the front of the package module search path | |
2930 | (@pxref{Package Modules}). | |
2931 | ||
2932 | This allows users to define their own packages and make them visible to | |
2933 | the command-line tools. | |
2934 | ||
c78bd12b LC |
2935 | @item --keep-failed |
2936 | @itemx -K | |
2937 | Keep the build tree of failed builds. Thus, if a build fail, its build | |
2938 | tree is kept under @file{/tmp}, in a directory whose name is shown at | |
2939 | the end of the build log. This is useful when debugging build issues. | |
2940 | ||
2941 | @item --dry-run | |
2942 | @itemx -n | |
2943 | Do not build the derivations. | |
2944 | ||
56b1f4b7 LC |
2945 | @item --fallback |
2946 | When substituting a pre-built binary fails, fall back to building | |
2947 | packages locally. | |
2948 | ||
c78bd12b | 2949 | @item --no-substitutes |
b5385b52 | 2950 | Do not use substitutes for build products. That is, always build things |
c4202d60 LC |
2951 | locally instead of allowing downloads of pre-built binaries |
2952 | (@pxref{Substitutes}). | |
c78bd12b | 2953 | |
425b0bfc | 2954 | @item --no-build-hook |
4ec2e92d LC |
2955 | Do not attempt to offload builds @i{via} the daemon's ``build hook'' |
2956 | (@pxref{Daemon Offload Setup}). That is, always build things locally | |
2957 | instead of offloading builds to remote machines. | |
425b0bfc | 2958 | |
969e678e LC |
2959 | @item --max-silent-time=@var{seconds} |
2960 | When the build or substitution process remains silent for more than | |
2961 | @var{seconds}, terminate it and report a build failure. | |
2962 | ||
002622b6 LC |
2963 | @item --timeout=@var{seconds} |
2964 | Likewise, when the build or substitution process lasts for more than | |
2965 | @var{seconds}, terminate it and report a build failure. | |
2966 | ||
2967 | By default there is no timeout. This behavior can be restored with | |
2968 | @code{--timeout=0}. | |
2969 | ||
07ab4bf1 LC |
2970 | @item --verbosity=@var{level} |
2971 | Use the given verbosity level. @var{level} must be an integer between 0 | |
2972 | and 5; higher means more verbose output. Setting a level of 4 or more | |
2973 | may be helpful when debugging setup issues with the build daemon. | |
2974 | ||
70ee5642 LC |
2975 | @item --cores=@var{n} |
2976 | @itemx -c @var{n} | |
2977 | Allow the use of up to @var{n} CPU cores for the build. The special | |
2978 | value @code{0} means to use as many CPU cores as available. | |
bf421152 | 2979 | |
f6526eb3 LC |
2980 | @item --max-jobs=@var{n} |
2981 | @itemx -M @var{n} | |
2982 | Allow at most @var{n} build jobs in parallel. @xref{Invoking | |
2983 | guix-daemon, @code{--max-jobs}}, for details about this option and the | |
2984 | equivalent @command{guix-daemon} option. | |
2985 | ||
c78bd12b LC |
2986 | @end table |
2987 | ||
e49951eb | 2988 | Behind the scenes, @command{guix build} is essentially an interface to |
c78bd12b LC |
2989 | the @code{package-derivation} procedure of the @code{(guix packages)} |
2990 | module, and to the @code{build-derivations} procedure of the @code{(guix | |
01d8ac64 | 2991 | derivations)} module. |
c78bd12b | 2992 | |
16eb115e DP |
2993 | In addition to options explicitly passed on the command line, |
2994 | @command{guix build} and other @command{guix} commands that support | |
2995 | building honor the @code{GUIX_BUILD_OPTIONS} environment variable. | |
2996 | ||
2997 | @defvr {Environment Variable} GUIX_BUILD_OPTIONS | |
2998 | Users can define this variable to a list of command line options that | |
2999 | will automatically be used by @command{guix build} and other | |
3000 | @command{guix} commands that can perform builds, as in the example | |
3001 | below: | |
3002 | ||
3003 | @example | |
3004 | $ export GUIX_BUILD_OPTIONS="--no-substitutes -c 2 -L /foo/bar" | |
3005 | @end example | |
3006 | ||
847391fe DP |
3007 | These options are parsed independently, and the result is appended to |
3008 | the parsed command-line options. | |
16eb115e DP |
3009 | @end defvr |
3010 | ||
3011 | ||
210cc920 LC |
3012 | @node Invoking guix download |
3013 | @section Invoking @command{guix download} | |
3014 | ||
3015 | When writing a package definition, developers typically need to download | |
3016 | the package's source tarball, compute its SHA256 hash, and write that | |
3017 | hash in the package definition (@pxref{Defining Packages}). The | |
3018 | @command{guix download} tool helps with this task: it downloads a file | |
3019 | from the given URI, adds it to the store, and prints both its file name | |
3020 | in the store and its SHA256 hash. | |
3021 | ||
3022 | The fact that the downloaded file is added to the store saves bandwidth: | |
3023 | when the developer eventually tries to build the newly defined package | |
3024 | with @command{guix build}, the source tarball will not have to be | |
3025 | downloaded again because it is already in the store. It is also a | |
3026 | convenient way to temporarily stash files, which may be deleted | |
3027 | eventually (@pxref{Invoking guix gc}). | |
3028 | ||
3029 | The @command{guix download} command supports the same URIs as used in | |
3030 | package definitions. In particular, it supports @code{mirror://} URIs. | |
3031 | @code{https} URIs (HTTP over TLS) are supported @emph{provided} the | |
3032 | Guile bindings for GnuTLS are available in the user's environment; when | |
537c8bb3 LC |
3033 | they are not available, an error is raised. @xref{Guile Preparations, |
3034 | how to install the GnuTLS bindings for Guile,, gnutls-guile, | |
3035 | GnuTLS-Guile}, for more information. | |
210cc920 LC |
3036 | |
3037 | The following option is available: | |
3038 | ||
3039 | @table @code | |
3040 | @item --format=@var{fmt} | |
3041 | @itemx -f @var{fmt} | |
3042 | Write the hash in the format specified by @var{fmt}. For more | |
081145cf | 3043 | information on the valid values for @var{fmt}, @pxref{Invoking guix hash}. |
210cc920 LC |
3044 | @end table |
3045 | ||
6c365eca NK |
3046 | @node Invoking guix hash |
3047 | @section Invoking @command{guix hash} | |
3048 | ||
210cc920 | 3049 | The @command{guix hash} command computes the SHA256 hash of a file. |
6c365eca NK |
3050 | It is primarily a convenience tool for anyone contributing to the |
3051 | distribution: it computes the cryptographic hash of a file, which can be | |
3052 | used in the definition of a package (@pxref{Defining Packages}). | |
3053 | ||
3054 | The general syntax is: | |
3055 | ||
3056 | @example | |
3057 | guix hash @var{option} @var{file} | |
3058 | @end example | |
3059 | ||
3060 | @command{guix hash} has the following option: | |
3061 | ||
3062 | @table @code | |
3063 | ||
3064 | @item --format=@var{fmt} | |
3065 | @itemx -f @var{fmt} | |
210cc920 | 3066 | Write the hash in the format specified by @var{fmt}. |
6c365eca NK |
3067 | |
3068 | Supported formats: @code{nix-base32}, @code{base32}, @code{base16} | |
3069 | (@code{hex} and @code{hexadecimal} can be used as well). | |
3070 | ||
3071 | If the @option{--format} option is not specified, @command{guix hash} | |
3072 | will output the hash in @code{nix-base32}. This representation is used | |
3073 | in the definitions of packages. | |
3074 | ||
3140f2df LC |
3075 | @item --recursive |
3076 | @itemx -r | |
3077 | Compute the hash on @var{file} recursively. | |
3078 | ||
3079 | In this case, the hash is computed on an archive containing @var{file}, | |
3080 | including its children if it is a directory. Some of @var{file}'s | |
3081 | meta-data is part of the archive; for instance, when @var{file} is a | |
3082 | regular file, the hash is different depending on whether @var{file} is | |
3083 | executable or not. Meta-data such as time stamps has no impact on the | |
3084 | hash (@pxref{Invoking guix archive}). | |
3085 | @c FIXME: Replace xref above with xref to an ``Archive'' section when | |
3086 | @c it exists. | |
3087 | ||
6c365eca NK |
3088 | @end table |
3089 | ||
2f7d2d91 LC |
3090 | @node Invoking guix import |
3091 | @section Invoking @command{guix import} | |
3092 | ||
3093 | @cindex importing packages | |
3094 | @cindex package import | |
3095 | @cindex package conversion | |
3096 | The @command{guix import} command is useful for people willing to add a | |
3097 | package to the distribution but who'd rather do as little work as | |
3098 | possible to get there---a legitimate demand. The command knows of a few | |
3099 | repositories from which it can ``import'' package meta-data. The result | |
3100 | is a package definition, or a template thereof, in the format we know | |
3101 | (@pxref{Defining Packages}). | |
3102 | ||
3103 | The general syntax is: | |
3104 | ||
3105 | @example | |
3106 | guix import @var{importer} @var{options}@dots{} | |
3107 | @end example | |
3108 | ||
3109 | @var{importer} specifies the source from which to import package | |
3110 | meta-data, and @var{options} specifies a package identifier and other | |
3111 | options specific to @var{importer}. Currently, the available | |
3112 | ``importers'' are: | |
3113 | ||
3114 | @table @code | |
3115 | @item gnu | |
3116 | Import meta-data for the given GNU package. This provides a template | |
3117 | for the latest version of that GNU package, including the hash of its | |
3118 | source tarball, and its canonical synopsis and description. | |
3119 | ||
3120 | Additional information such as the package's dependencies and its | |
3121 | license needs to be figured out manually. | |
3122 | ||
3123 | For example, the following command returns a package definition for | |
3124 | GNU@tie{}Hello: | |
3125 | ||
3126 | @example | |
3127 | guix import gnu hello | |
3128 | @end example | |
3129 | ||
3130 | Specific command-line options are: | |
3131 | ||
3132 | @table @code | |
3133 | @item --key-download=@var{policy} | |
3134 | As for @code{guix refresh}, specify the policy to handle missing OpenPGP | |
3135 | keys when verifying the package's signature. @xref{Invoking guix | |
3136 | refresh, @code{--key-download}}. | |
3137 | @end table | |
3138 | ||
3139 | @item pypi | |
3140 | @cindex pypi | |
3141 | Import meta-data from the @uref{https://pypi.python.org/, Python Package | |
3142 | Index}@footnote{This functionality requires Guile-JSON to be installed. | |
3143 | @xref{Requirements}.}. Information is taken from the JSON-formatted | |
3144 | description available at @code{pypi.python.org} and usually includes all | |
3145 | the relevant information, including package dependencies. | |
3146 | ||
3147 | The command below imports meta-data for the @code{itsdangerous} Python | |
3148 | package: | |
3149 | ||
3150 | @example | |
3151 | guix import pypi itsdangerous | |
3152 | @end example | |
3153 | ||
d45dc6da EB |
3154 | @item cpan |
3155 | @cindex CPAN | |
3156 | Import meta-data from @uref{https://www.metacpan.org/, MetaCPAN}. | |
3157 | Information is taken from the JSON-formatted meta-data provided through | |
3158 | @uref{https://api.metacpan.org/, MetaCPAN's API} and includes most | |
66392e47 EB |
3159 | relevant information, such as module dependencies. License information |
3160 | should be checked closely. If Perl is available in the store, then the | |
3161 | @code{corelist} utility will be used to filter core modules out of the | |
3162 | list of dependencies. | |
d45dc6da EB |
3163 | |
3164 | The command command below imports meta-data for the @code{Acme::Boolean} | |
3165 | Perl module: | |
3166 | ||
3167 | @example | |
3168 | guix import cpan Acme::Boolean | |
3169 | @end example | |
3170 | ||
2f7d2d91 LC |
3171 | @item nix |
3172 | Import meta-data from a local copy of the source of the | |
3173 | @uref{http://nixos.org/nixpkgs/, Nixpkgs distribution}@footnote{This | |
3174 | relies on the @command{nix-instantiate} command of | |
3175 | @uref{http://nixos.org/nix/, Nix}.}. Package definitions in Nixpkgs are | |
3176 | typically written in a mixture of Nix-language and Bash code. This | |
3177 | command only imports the high-level package structure that is written in | |
3178 | the Nix language. It normally includes all the basic fields of a | |
3179 | package definition. | |
3180 | ||
3181 | When importing a GNU package, the synopsis and descriptions are replaced | |
3182 | by their canonical upstream variant. | |
3183 | ||
3184 | As an example, the command below imports the package definition of | |
3185 | LibreOffice (more precisely, it imports the definition of the package | |
3186 | bound to the @code{libreoffice} top-level attribute): | |
3187 | ||
3188 | @example | |
3189 | guix import nix ~/path/to/nixpkgs libreoffice | |
3190 | @end example | |
3191 | @end table | |
3192 | ||
3193 | The structure of the @command{guix import} code is modular. It would be | |
3194 | useful to have more importers for other package formats, and your help | |
3195 | is welcome here (@pxref{Contributing}). | |
3196 | ||
37166310 LC |
3197 | @node Invoking guix refresh |
3198 | @section Invoking @command{guix refresh} | |
3199 | ||
3200 | The primary audience of the @command{guix refresh} command is developers | |
3201 | of the GNU software distribution. By default, it reports any packages | |
3202 | provided by the distribution that are outdated compared to the latest | |
3203 | upstream version, like this: | |
3204 | ||
3205 | @example | |
3206 | $ guix refresh | |
3207 | gnu/packages/gettext.scm:29:13: gettext would be upgraded from 0.18.1.1 to 0.18.2.1 | |
3208 | gnu/packages/glib.scm:77:12: glib would be upgraded from 2.34.3 to 2.37.0 | |
3209 | @end example | |
3210 | ||
3211 | It does so by browsing each package's FTP directory and determining the | |
3212 | highest version number of the source tarballs | |
3213 | therein@footnote{Currently, this only works for GNU packages.}. | |
3214 | ||
3215 | When passed @code{--update}, it modifies distribution source files to | |
3216 | update the version numbers and source tarball hashes of those packages' | |
3217 | recipes (@pxref{Defining Packages}). This is achieved by downloading | |
3218 | each package's latest source tarball and its associated OpenPGP | |
3219 | signature, authenticating the downloaded tarball against its signature | |
3220 | using @command{gpg}, and finally computing its hash. When the public | |
3221 | key used to sign the tarball is missing from the user's keyring, an | |
3222 | attempt is made to automatically retrieve it from a public key server; | |
3223 | when it's successful, the key is added to the user's keyring; otherwise, | |
3224 | @command{guix refresh} reports an error. | |
3225 | ||
3226 | The following options are supported: | |
3227 | ||
3228 | @table @code | |
3229 | ||
3230 | @item --update | |
3231 | @itemx -u | |
3232 | Update distribution source files (package recipes) in place. | |
081145cf | 3233 | @xref{Defining Packages}, for more information on package definitions. |
37166310 LC |
3234 | |
3235 | @item --select=[@var{subset}] | |
3236 | @itemx -s @var{subset} | |
3237 | Select all the packages in @var{subset}, one of @code{core} or | |
3238 | @code{non-core}. | |
3239 | ||
3240 | The @code{core} subset refers to all the packages at the core of the | |
3241 | distribution---i.e., packages that are used to build ``everything | |
3242 | else''. This includes GCC, libc, Binutils, Bash, etc. Usually, | |
3243 | changing one of these packages in the distribution entails a rebuild of | |
3244 | all the others. Thus, such updates are an inconvenience to users in | |
3245 | terms of build time or bandwidth used to achieve the upgrade. | |
3246 | ||
3247 | The @code{non-core} subset refers to the remaining packages. It is | |
3248 | typically useful in cases where an update of the core packages would be | |
3249 | inconvenient. | |
3250 | ||
3251 | @end table | |
3252 | ||
3253 | In addition, @command{guix refresh} can be passed one or more package | |
3254 | names, as in this example: | |
3255 | ||
3256 | @example | |
3257 | guix refresh -u emacs idutils | |
3258 | @end example | |
3259 | ||
3260 | @noindent | |
3261 | The command above specifically updates the @code{emacs} and | |
3262 | @code{idutils} packages. The @code{--select} option would have no | |
3263 | effect in this case. | |
3264 | ||
7d193ec3 EB |
3265 | When considering whether to upgrade a package, it is sometimes |
3266 | convenient to know which packages would be affected by the upgrade and | |
3267 | should be checked for compatibility. For this the following option may | |
3268 | be used when passing @command{guix refresh} one or more package names: | |
3269 | ||
3270 | @table @code | |
3271 | ||
3272 | @item --list-dependent | |
3273 | @itemx -l | |
3274 | List top-level dependent packages that would need to be rebuilt as a | |
3275 | result of upgrading one or more packages. | |
3276 | ||
3277 | @end table | |
3278 | ||
3279 | Be aware that the @code{--list-dependent} option only | |
3280 | @emph{approximates} the rebuilds that would be required as a result of | |
3281 | an upgrade. More rebuilds might be required under some circumstances. | |
3282 | ||
3283 | @example | |
7779ab61 LC |
3284 | $ guix refresh --list-dependent flex |
3285 | Building the following 120 packages would ensure 213 dependent packages are rebuilt: | |
3286 | hop-2.4.0 geiser-0.4 notmuch-0.18 mu-0.9.9.5 cflow-1.4 idutils-4.6 @dots{} | |
7d193ec3 EB |
3287 | @end example |
3288 | ||
3289 | The command above lists a set of packages that could be built to check | |
3290 | for compatibility with an upgraded @code{flex} package. | |
3291 | ||
f9230085 LC |
3292 | The following options can be used to customize GnuPG operation: |
3293 | ||
3294 | @table @code | |
3295 | ||
f9230085 LC |
3296 | @item --gpg=@var{command} |
3297 | Use @var{command} as the GnuPG 2.x command. @var{command} is searched | |
3298 | for in @code{$PATH}. | |
3299 | ||
2bc53ba9 LC |
3300 | @item --key-download=@var{policy} |
3301 | Handle missing OpenPGP keys according to @var{policy}, which may be one | |
3302 | of: | |
3303 | ||
3304 | @table @code | |
3305 | @item always | |
3306 | Always download missing OpenPGP keys from the key server, and add them | |
3307 | to the user's GnuPG keyring. | |
3308 | ||
3309 | @item never | |
3310 | Never try to download missing OpenPGP keys. Instead just bail out. | |
3311 | ||
3312 | @item interactive | |
3313 | When a package signed with an unknown OpenPGP key is encountered, ask | |
3314 | the user whether to download it or not. This is the default behavior. | |
3315 | @end table | |
3316 | ||
3317 | @item --key-server=@var{host} | |
3318 | Use @var{host} as the OpenPGP key server when importing a public key. | |
3319 | ||
f9230085 LC |
3320 | @end table |
3321 | ||
b4f5e0e8 CR |
3322 | @node Invoking guix lint |
3323 | @section Invoking @command{guix lint} | |
3324 | The @command{guix lint} is meant to help package developers avoid common | |
873c4085 LC |
3325 | errors and use a consistent style. It runs a number of checks on a |
3326 | given set of packages in order to find common mistakes in their | |
3327 | definitions. Available @dfn{checkers} include (see | |
3328 | @code{--list-checkers} for a complete list): | |
3329 | ||
3330 | @table @code | |
3331 | @item synopsis | |
3332 | @itemx description | |
3333 | Validate certain typographical and stylistic rules about package | |
3334 | descriptions and synopses. | |
3335 | ||
3336 | @item inputs-should-be-native | |
3337 | Identify inputs that should most likely be native inputs. | |
3338 | ||
3339 | @item source | |
3340 | @itemx home-page | |
3341 | Probe @code{home-page} and @code{source} URLs and report those that are | |
3342 | invalid. | |
3343 | @end table | |
b4f5e0e8 CR |
3344 | |
3345 | The general syntax is: | |
3346 | ||
3347 | @example | |
3348 | guix lint @var{options} @var{package}@dots{} | |
3349 | @end example | |
3350 | ||
3351 | If no package is given on the command line, then all packages are checked. | |
3352 | The @var{options} may be zero or more of the following: | |
3353 | ||
3354 | @table @code | |
3355 | ||
dd7c013d CR |
3356 | @item --checkers |
3357 | @itemx -c | |
3358 | Only enable the checkers specified in a comma-separated list using the | |
3359 | names returned by @code{--list-checkers}. | |
3360 | ||
b4f5e0e8 CR |
3361 | @item --list-checkers |
3362 | @itemx -l | |
3363 | List and describe all the available checkers that will be run on packages | |
3364 | and exit. | |
3365 | ||
3366 | @end table | |
37166310 | 3367 | |
372c4bbc DT |
3368 | @node Invoking guix environment |
3369 | @section Invoking @command{guix environment} | |
3370 | ||
f5fd4fd2 | 3371 | @cindex reproducible build environments |
372c4bbc DT |
3372 | The purpose of @command{guix environment} is to assist hackers in |
3373 | creating reproducible development environments without polluting their | |
3374 | package profile. The @command{guix environment} tool takes one or more | |
3375 | packages, builds all of the necessary inputs, and creates a shell | |
3376 | environment to use them. | |
3377 | ||
3378 | The general syntax is: | |
3379 | ||
3380 | @example | |
3381 | guix environment @var{options} @var{package}@dots{} | |
3382 | @end example | |
3383 | ||
3384 | The following examples spawns a new shell that is capable of building | |
3385 | the GNU Guile source code: | |
3386 | ||
3387 | @example | |
3388 | guix environment guile | |
3389 | @end example | |
3390 | ||
3391 | If the specified packages are not built yet, @command{guix environment} | |
3392 | automatically builds them. The new shell's environment is an augmented | |
3393 | version of the environment that @command{guix environment} was run in. | |
3394 | It contains the necessary search paths for building the given package | |
3395 | added to the existing environment variables. To create a ``pure'' | |
3396 | environment in which the original environment variables have been unset, | |
3397 | use the @code{--pure} option. | |
3398 | ||
3399 | Additionally, more than one package may be specified, in which case the | |
3400 | union of the inputs for the given packages are used. For example, the | |
3401 | command below spawns a shell where all of the dependencies of both Guile | |
3402 | and Emacs are available: | |
3403 | ||
3404 | @example | |
3405 | guix environment guile emacs | |
3406 | @end example | |
3407 | ||
3408 | Sometimes an interactive shell session is not desired. The | |
3409 | @code{--exec} option can be used to specify the command to run instead. | |
3410 | ||
3411 | @example | |
3412 | guix environment guile --exec=make | |
3413 | @end example | |
3414 | ||
3415 | The following options are available: | |
3416 | ||
3417 | @table @code | |
3418 | @item --expression=@var{expr} | |
3419 | @itemx -e @var{expr} | |
3420 | Create an environment for the package that @var{expr} evaluates to. | |
3421 | ||
3422 | @item --load=@var{file} | |
3423 | @itemx -l @var{file} | |
3424 | Create an environment for the package that the code within @var{file} | |
3425 | evaluates to. | |
3426 | ||
3427 | @item --exec=@var{command} | |
3428 | @item -E @var{command} | |
3429 | Execute @var{command} in the new environment. | |
3430 | ||
3431 | @item --pure | |
3432 | Unset existing environment variables when building the new environment. | |
3433 | This has the effect of creating an environment in which search paths | |
3434 | only contain package inputs. | |
3435 | ||
3436 | @item --search-paths | |
3437 | Display the environment variable definitions that make up the | |
3438 | environment. | |
3439 | @end table | |
3440 | ||
3441 | It also supports all of the common build options that @command{guix | |
3442 | build} supports (@pxref{Invoking guix build, common build options}). | |
3443 | ||
aff8ce7c DT |
3444 | @node Invoking guix publish |
3445 | @section Invoking @command{guix publish} | |
3446 | ||
3447 | The purpose of @command{guix publish} is to enable users to easily share | |
3448 | their store with others. When @command{guix publish} runs, it spawns an | |
3449 | HTTP server which allows anyone with network access to obtain | |
3450 | substitutes from it. This means that any machine running Guix can also | |
3451 | act as if it were a build farm, since the HTTP interface is | |
3452 | Hydra-compatible. | |
3453 | ||
3454 | For security, each substitute is signed, allowing recipients to check | |
3455 | their authenticity and integrity (@pxref{Substitutes}). Because | |
3456 | @command{guix publish} uses the system's signing key, which is only | |
3457 | readable by the system administrator, it must run as root. | |
3458 | ||
3459 | The general syntax is: | |
3460 | ||
3461 | @example | |
3462 | guix publish @var{options}@dots{} | |
3463 | @end example | |
3464 | ||
3465 | Running @command{guix publish} without any additional arguments will | |
3466 | spawn an HTTP server on port 8080: | |
3467 | ||
3468 | @example | |
3469 | guix publish | |
3470 | @end example | |
3471 | ||
3472 | Once a publishing server has been authorized (@pxref{Invoking guix | |
3473 | archive}), the daemon may download substitutes from it: | |
3474 | ||
3475 | @example | |
3476 | guix-daemon --substitute-urls=http://example.org:8080 | |
3477 | @end example | |
3478 | ||
3479 | The following options are available: | |
3480 | ||
3481 | @table @code | |
3482 | @item --port=@var{port} | |
3483 | @itemx -p @var{port} | |
3484 | Listen for HTTP requests on @var{port}. | |
3485 | ||
3486 | @item --repl[=@var{port}] | |
3487 | @itemx -r [@var{port}] | |
3488 | Spawn a Guile REPL server (@pxref{REPL Servers,,, guile, GNU Guile | |
3489 | Reference Manual}) on @var{port} (37146 by default). | |
3490 | @end table | |
3491 | ||
a1ba8475 LC |
3492 | @c ********************************************************************* |
3493 | @node GNU Distribution | |
3494 | @chapter GNU Distribution | |
3495 | ||
3ca2731c LC |
3496 | @cindex Guix System Distribution |
3497 | @cindex GSD | |
3498 | Guix comes with a distribution of the GNU system consisting entirely of | |
3499 | free software@footnote{The term ``free'' here refers to the | |
a1ba8475 | 3500 | @url{http://www.gnu.org/philosophy/free-sw.html,freedom provided to |
3ca2731c | 3501 | users of that software}.}. The |
35ed9306 LC |
3502 | distribution can be installed on its own (@pxref{System Installation}), |
3503 | but it is also possible to install Guix as a package manager on top of | |
3504 | an installed GNU/Linux system (@pxref{Installation}). To distinguish | |
3ca2731c LC |
3505 | between the two, we refer to the standalone distribution as the Guix |
3506 | System Distribution, or GNU@tie{}GSD. | |
35ed9306 LC |
3507 | |
3508 | The distribution provides core GNU packages such as GNU libc, GCC, and | |
3509 | Binutils, as well as many GNU and non-GNU applications. The complete | |
3510 | list of available packages can be browsed | |
d03bb653 LC |
3511 | @url{http://www.gnu.org/software/guix/package-list.html,on-line} or by |
3512 | running @command{guix package} (@pxref{Invoking guix package}): | |
a1ba8475 LC |
3513 | |
3514 | @example | |
e49951eb | 3515 | guix package --list-available |
a1ba8475 LC |
3516 | @end example |
3517 | ||
35ed9306 | 3518 | Our goal has been to provide a practical 100% free software distribution of |
401c53c4 LC |
3519 | Linux-based and other variants of GNU, with a focus on the promotion and |
3520 | tight integration of GNU components, and an emphasis on programs and | |
3521 | tools that help users exert that freedom. | |
3522 | ||
3ca2731c | 3523 | Packages are currently available on the following platforms: |
c320011d LC |
3524 | |
3525 | @table @code | |
3526 | ||
3527 | @item x86_64-linux | |
3528 | Intel/AMD @code{x86_64} architecture, Linux-Libre kernel; | |
3529 | ||
3530 | @item i686-linux | |
3531 | Intel 32-bit architecture (IA32), Linux-Libre kernel; | |
3532 | ||
aa1e1947 MW |
3533 | @item armhf-linux |
3534 | ARMv7-A architecture with hard float, Thumb-2 and VFP3D16 coprocessor, | |
3535 | using the EABI hard-float ABI, and Linux-Libre kernel. | |
3536 | ||
c320011d LC |
3537 | @item mips64el-linux |
3538 | little-endian 64-bit MIPS processors, specifically the Loongson series, | |
3539 | n32 application binary interface (ABI), and Linux-Libre kernel. | |
3540 | ||
3541 | @end table | |
3542 | ||
3ca2731c LC |
3543 | GSD itself is currently only available on @code{i686} and @code{x86_64}. |
3544 | ||
c320011d LC |
3545 | @noindent |
3546 | For information on porting to other architectures or kernels, | |
3547 | @xref{Porting}. | |
3548 | ||
401c53c4 | 3549 | @menu |
5af6de3e | 3550 | * System Installation:: Installing the whole operating system. |
35ed9306 | 3551 | * System Configuration:: Configuring the operating system. |
91ef73d4 | 3552 | * Installing Debugging Files:: Feeding the debugger. |
05962f29 | 3553 | * Security Updates:: Deploying security fixes quickly. |
401c53c4 | 3554 | * Package Modules:: Packages from the programmer's viewpoint. |
da7cabd4 | 3555 | * Packaging Guidelines:: Growing the distribution. |
401c53c4 | 3556 | * Bootstrapping:: GNU/Linux built from scratch. |
8b315a6d | 3557 | * Porting:: Targeting another platform or kernel. |
401c53c4 LC |
3558 | @end menu |
3559 | ||
3560 | Building this distribution is a cooperative effort, and you are invited | |
081145cf | 3561 | to join! @xref{Contributing}, for information about how you can help. |
401c53c4 | 3562 | |
5af6de3e LC |
3563 | @node System Installation |
3564 | @section System Installation | |
3565 | ||
3ca2731c LC |
3566 | @cindex Guix System Distribution |
3567 | This section explains how to install the Guix System Distribution | |
3568 | on a machine. The Guix package manager can | |
35ed9306 LC |
3569 | also be installed on top of a running GNU/Linux system, |
3570 | @pxref{Installation}. | |
5af6de3e LC |
3571 | |
3572 | @ifinfo | |
3573 | @c This paragraph is for people reading this from tty2 of the | |
3574 | @c installation image. | |
3575 | You're reading this documentation with an Info reader. For details on | |
3576 | how to use it, hit the @key{RET} key (``return'' or ``enter'') on the | |
6621cdb6 | 3577 | link that follows: @pxref{Help,,, info, Info: An Introduction}. Hit |
5af6de3e LC |
3578 | @kbd{l} afterwards to come back here. |
3579 | @end ifinfo | |
3580 | ||
8aaaae38 LC |
3581 | @subsection Limitations |
3582 | ||
3ca2731c LC |
3583 | As of version @value{VERSION}, the Guix System Distribution (GSD) is |
3584 | not production-ready. It may contain bugs and lack important | |
8aaaae38 LC |
3585 | features. Thus, if you are looking for a stable production system that |
3586 | respects your freedom as a computer user, a good solution at this point | |
3587 | is to consider @url{http://www.gnu.org/distros/free-distros.html, one of | |
3588 | more established GNU/Linux distributions}. We hope you can soon switch | |
3ca2731c | 3589 | to the GSD without fear, of course. In the meantime, you can |
8aaaae38 LC |
3590 | also keep using your distribution and try out the package manager on top |
3591 | of it (@pxref{Installation}). | |
3592 | ||
3593 | Before you proceed with the installation, be aware of the following | |
3594 | noteworthy limitations applicable to version @value{VERSION}: | |
3595 | ||
3596 | @itemize | |
3597 | @item | |
3598 | The installation process does not include a graphical user interface and | |
3599 | requires familiarity with GNU/Linux (see the following subsections to | |
3600 | get a feel of what that means.) | |
3601 | ||
3602 | @item | |
b1e95eca LC |
3603 | The system does not yet provide GNOME and KDE; it provides Xfce, though, |
3604 | if graphical desktop environments are your thing. | |
8aaaae38 LC |
3605 | |
3606 | @item | |
dbcb0ab1 | 3607 | Support for the Logical Volume Manager (LVM) is missing. |
8aaaae38 LC |
3608 | |
3609 | @item | |
3610 | Few system services are currently supported out-of-the-box | |
3611 | (@pxref{Services}). | |
3612 | ||
3613 | @item | |
b1e95eca | 3614 | On the order of 1,200 packages are available, which means that you may |
8aaaae38 LC |
3615 | occasionally find that a useful package is missing. |
3616 | @end itemize | |
3617 | ||
3618 | You've been warned. But more than a disclaimer, this is an invitation | |
3619 | to report issues (and success stories!), and join us in improving it. | |
3620 | @xref{Contributing}, for more info. | |
5af6de3e LC |
3621 | |
3622 | @subsection USB Stick Installation | |
3623 | ||
3624 | An installation image for USB sticks can be downloaded from | |
ab3872de | 3625 | @code{ftp://alpha.gnu.org/gnu/guix/gsd-usb-install-@value{VERSION}.@var{system}.xz}, |
5af6de3e LC |
3626 | where @var{system} is one of: |
3627 | ||
3628 | @table @code | |
3629 | @item x86_64-linux | |
3630 | for a GNU/Linux system on Intel/AMD-compatible 64-bit CPUs; | |
3631 | ||
3632 | @item i686-linux | |
3633 | for a 32-bit GNU/Linux system on Intel-compatible CPUs. | |
3634 | @end table | |
3635 | ||
3636 | This image contains a single partition with the tools necessary for an | |
3637 | installation. It is meant to be copied @emph{as is} to a large-enough | |
3638 | USB stick. | |
3639 | ||
3640 | To copy the image to a USB stick, follow these steps: | |
3641 | ||
3642 | @enumerate | |
3643 | @item | |
3644 | Decompress the image using the @command{xz} command: | |
3645 | ||
3646 | @example | |
3a5d914b | 3647 | xz -d gsd-usb-install-@value{VERSION}.@var{system}.xz |
5af6de3e LC |
3648 | @end example |
3649 | ||
3650 | @item | |
3651 | Insert a USB stick of 1@tie{}GiB or more in your machine, and determine | |
3652 | its device name. Assuming that USB stick is known as @file{/dev/sdX}, | |
3653 | copy the image with: | |
3654 | ||
3655 | @example | |
3a5d914b | 3656 | dd if=gsd-usb-install-@value{VERSION}.x86_64 of=/dev/sdX |
5af6de3e LC |
3657 | @end example |
3658 | ||
3659 | Access to @file{/dev/sdX} usually requires root privileges. | |
3660 | @end enumerate | |
3661 | ||
3662 | Once this is done, you should be able to reboot the system and boot from | |
3663 | the USB stick. The latter usually requires you to get in the BIOS' boot | |
3664 | menu, where you can choose to boot from the USB stick. | |
3665 | ||
3666 | @subsection Preparing for Installation | |
3667 | ||
3668 | Once you have successfully booted the image on the USB stick, you should | |
3669 | end up with a root prompt. Several console TTYs are configured and can | |
3670 | be used to run commands as root. TTY2 shows this documentation, | |
3671 | browsable using the Info reader commands (@pxref{Help,,, info, Info: An | |
3672 | Introduction}). | |
3673 | ||
3674 | To install the system, you would: | |
3675 | ||
3676 | @enumerate | |
3677 | ||
3678 | @item | |
95c559c1 | 3679 | Configure the network, by running @command{dhclient eno1} (to get an |
5af6de3e | 3680 | automatically assigned IP address from the wired network interface |
95c559c1 LC |
3681 | controller@footnote{ |
3682 | @c http://cgit.freedesktop.org/systemd/systemd/tree/src/udev/udev-builtin-net_id.c#n20 | |
3683 | The name @code{eno1} is for the first on-board Ethernet controller. The | |
3684 | interface name for an Ethernet controller that is in the first slot of | |
3685 | the first PCI bus, for instance, would be @code{enp1s0}. Use | |
3686 | @command{ifconfig -a} to list all the available network interfaces.}), | |
3687 | or using the @command{ifconfig} command. | |
5af6de3e LC |
3688 | |
3689 | The system automatically loads drivers for your network interface | |
3690 | controllers. | |
3691 | ||
3692 | Setting up network access is almost always a requirement because the | |
3693 | image does not contain all the software and tools that may be needed. | |
3694 | ||
3695 | @item | |
3696 | Unless this has already been done, you must partition and format the | |
3697 | target partitions. | |
3698 | ||
7ab44369 LC |
3699 | Preferably, assign partitions a label so that you can easily and |
3700 | reliably refer to them in @code{file-system} declarations (@pxref{File | |
3701 | Systems}). This is typically done using the @code{-L} option of | |
3702 | @command{mkfs.ext4} and related commands. | |
3703 | ||
5af6de3e | 3704 | The installation image includes Parted (@pxref{Overview,,, parted, GNU |
b419c7f5 LC |
3705 | Parted User Manual}), @command{fdisk}, Cryptsetup/LUKS for disk |
3706 | encryption, and e2fsprogs, the suite of tools to manipulate | |
3707 | ext2/ext3/ext4 file systems. | |
5af6de3e | 3708 | |
83a17b62 LC |
3709 | @item |
3710 | Once that is done, mount the target root partition under @file{/mnt}. | |
3711 | ||
3712 | @item | |
3713 | Lastly, run @code{deco start cow-store /mnt}. | |
3714 | ||
3715 | This will make @file{/gnu/store} copy-on-write, such that packages added | |
3716 | to it during the installation phase will be written to the target disk | |
3717 | rather than kept in memory. | |
3718 | ||
5af6de3e LC |
3719 | @end enumerate |
3720 | ||
5af6de3e LC |
3721 | |
3722 | @subsection Proceeding with the Installation | |
3723 | ||
3724 | With the target partitions ready, you now have to edit a file and | |
3725 | provide the declaration of the operating system to be installed. To | |
3726 | that end, the installation system comes with two text editors: GNU nano | |
3727 | (@pxref{Top,,, nano, GNU nano Manual}), and GNU Zile, an Emacs clone. | |
3728 | It is better to store that file on the target root file system, say, as | |
3729 | @file{/mnt/etc/config.scm}. | |
3730 | ||
3731 | A minimal operating system configuration, with just the bare minimum and | |
1dac8566 LC |
3732 | only a root account would look like this (on the installation system, |
3733 | this example is available as @file{/etc/configuration-template.scm}): | |
5af6de3e LC |
3734 | |
3735 | @example | |
931c132a | 3736 | @include os-config.texi |
5af6de3e LC |
3737 | @end example |
3738 | ||
3739 | @noindent | |
3740 | For more information on @code{operating-system} declarations, | |
6621cdb6 | 3741 | @pxref{Using the Configuration System}. |
5af6de3e LC |
3742 | |
3743 | Once that is done, the new system must be initialized (remember that the | |
3744 | target root file system is mounted under @file{/mnt}): | |
3745 | ||
3746 | @example | |
3747 | guix system init /mnt/etc/config.scm /mnt | |
3748 | @end example | |
3749 | ||
3750 | @noindent | |
3751 | This will copy all the necessary files, and install GRUB on | |
3752 | @file{/dev/sdX}, unless you pass the @option{--no-grub} option. For | |
6621cdb6 | 3753 | more information, @pxref{Invoking guix system}. This command may trigger |
5af6de3e LC |
3754 | downloads or builds of missing packages, which can take some time. |
3755 | ||
3756 | Once that command has completed---and hopefully succeeded!---you can | |
ad14d9e7 | 3757 | run @command{reboot} and boot into the new system. Cross fingers, and |
5af6de3e LC |
3758 | join us on @code{#guix} on the Freenode IRC network or on |
3759 | @file{guix-devel@@gnu.org} to share your experience---good or not so | |
3760 | good. | |
3761 | ||
3762 | @subsection Building the Installation Image | |
3763 | ||
3764 | The installation image described above was built using the @command{guix | |
3765 | system} command, specifically: | |
3766 | ||
3767 | @example | |
8a225c66 | 3768 | guix system disk-image --image-size=850MiB gnu/system/install.scm |
5af6de3e LC |
3769 | @end example |
3770 | ||
3771 | @xref{Invoking guix system}, for more information. See | |
3772 | @file{gnu/system/install.scm} in the source tree for more information | |
3773 | about the installation image. | |
3774 | ||
cf4a9129 LC |
3775 | @node System Configuration |
3776 | @section System Configuration | |
b208a005 | 3777 | |
cf4a9129 | 3778 | @cindex system configuration |
3ca2731c | 3779 | The Guix System Distribution supports a consistent whole-system configuration |
cf4a9129 LC |
3780 | mechanism. By that we mean that all aspects of the global system |
3781 | configuration---such as the available system services, timezone and | |
3782 | locale settings, user accounts---are declared in a single place. Such | |
3783 | a @dfn{system configuration} can be @dfn{instantiated}---i.e., effected. | |
91ef73d4 | 3784 | |
cf4a9129 LC |
3785 | One of the advantages of putting all the system configuration under the |
3786 | control of Guix is that it supports transactional system upgrades, and | |
3787 | makes it possible to roll-back to a previous system instantiation, | |
3788 | should something go wrong with the new one (@pxref{Features}). Another | |
3789 | one is that it makes it easy to replicate the exact same configuration | |
3790 | across different machines, or at different points in time, without | |
3791 | having to resort to additional administration tools layered on top of | |
3792 | the system's own tools. | |
3793 | @c Yes, we're talking of Puppet, Chef, & co. here. ↑ | |
91ef73d4 | 3794 | |
cf4a9129 LC |
3795 | This section describes this mechanism. First we focus on the system |
3796 | administrator's viewpoint---explaining how the system is configured and | |
3797 | instantiated. Then we show how this mechanism can be extended, for | |
3798 | instance to support new system services. | |
91ef73d4 | 3799 | |
cf4a9129 LC |
3800 | @menu |
3801 | * Using the Configuration System:: Customizing your GNU system. | |
7313a52e | 3802 | * operating-system Reference:: Detail of operating-system declarations. |
cf4a9129 | 3803 | * File Systems:: Configuring file system mounts. |
510f9d86 | 3804 | * Mapped Devices:: Block device extra processing. |
cf4a9129 | 3805 | * User Accounts:: Specifying user accounts. |
598e19dc | 3806 | * Locales:: Language and cultural convention settings. |
cf4a9129 | 3807 | * Services:: Specifying system services. |
0ae8c15a | 3808 | * Setuid Programs:: Programs running with root privileges. |
996ed739 | 3809 | * Name Service Switch:: Configuring libc's name service switch. |
fd1b1fa2 | 3810 | * Initial RAM Disk:: Linux-Libre bootstrapping. |
88faf933 | 3811 | * GRUB Configuration:: Configuring the boot loader. |
cf4a9129 LC |
3812 | * Invoking guix system:: Instantiating a system configuration. |
3813 | * Defining Services:: Adding new service definitions. | |
3814 | @end menu | |
91ef73d4 | 3815 | |
cf4a9129 LC |
3816 | @node Using the Configuration System |
3817 | @subsection Using the Configuration System | |
64d76fa6 | 3818 | |
cf4a9129 LC |
3819 | The operating system is configured by providing an |
3820 | @code{operating-system} declaration in a file that can then be passed to | |
3821 | the @command{guix system} command (@pxref{Invoking guix system}). A | |
3822 | simple setup, with the default system services, the default Linux-Libre | |
3823 | kernel, initial RAM disk, and boot loader looks like this: | |
91ef73d4 | 3824 | |
cf4a9129 LC |
3825 | @findex operating-system |
3826 | @lisp | |
3827 | (use-modules (gnu) ; for 'user-account', '%base-services', etc. | |
3828 | (gnu packages emacs) ; for 'emacs' | |
3829 | (gnu services ssh)) ; for 'lsh-service' | |
91ef73d4 | 3830 | |
cf4a9129 LC |
3831 | (operating-system |
3832 | (host-name "komputilo") | |
3833 | (timezone "Europe/Paris") | |
598e19dc | 3834 | (locale "fr_FR.utf8") |
cf4a9129 LC |
3835 | (bootloader (grub-configuration |
3836 | (device "/dev/sda"))) | |
a69576ea | 3837 | (file-systems (cons (file-system |
cf4a9129 LC |
3838 | (device "/dev/sda1") ; or partition label |
3839 | (mount-point "/") | |
a69576ea LC |
3840 | (type "ext3")) |
3841 | %base-file-systems)) | |
cf4a9129 LC |
3842 | (users (list (user-account |
3843 | (name "alice") | |
bc73aa43 | 3844 | (group "users") |
cf4a9129 LC |
3845 | (comment "Bob's sister") |
3846 | (home-directory "/home/alice")))) | |
3847 | (packages (cons emacs %base-packages)) | |
21cc905a | 3848 | (services (cons (lsh-service #:port 2222 #:root-login? #t) |
cf4a9129 LC |
3849 | %base-services))) |
3850 | @end lisp | |
401c53c4 | 3851 | |
cf4a9129 LC |
3852 | This example should be self-describing. Some of the fields defined |
3853 | above, such as @code{host-name} and @code{bootloader}, are mandatory. | |
3854 | Others, such as @code{packages} and @code{services}, can be omitted, in | |
3855 | which case they get a default value. | |
e7f34eb0 | 3856 | |
cf4a9129 LC |
3857 | @vindex %base-packages |
3858 | The @code{packages} field lists | |
3859 | packages that will be globally visible on the system, for all user | |
3860 | accounts---i.e., in every user's @code{PATH} environment variable---in | |
3861 | addition to the per-user profiles (@pxref{Invoking guix package}). The | |
3862 | @var{%base-packages} variable provides all the tools one would expect | |
3863 | for basic user and administrator tasks---including the GNU Core | |
3864 | Utilities, the GNU Networking Utilities, the GNU Zile lightweight text | |
3865 | editor, @command{find}, @command{grep}, etc. The example above adds | |
3866 | Emacs to those, taken from the @code{(gnu packages emacs)} module | |
3867 | (@pxref{Package Modules}). | |
e7f34eb0 | 3868 | |
cf4a9129 LC |
3869 | @vindex %base-services |
3870 | The @code{services} field lists @dfn{system services} to be made | |
3871 | available when the system starts (@pxref{Services}). | |
3872 | The @code{operating-system} declaration above specifies that, in | |
3873 | addition to the basic services, we want the @command{lshd} secure shell | |
3874 | daemon listening on port 2222, and allowing remote @code{root} logins | |
3875 | (@pxref{Invoking lshd,,, lsh, GNU lsh Manual}). Under the hood, | |
3876 | @code{lsh-service} arranges so that @code{lshd} is started with the | |
3877 | right command-line options, possibly with supporting configuration files | |
7313a52e LC |
3878 | generated as needed (@pxref{Defining Services}). @xref{operating-system |
3879 | Reference}, for details about the available @code{operating-system} | |
3880 | fields. | |
a1ba8475 | 3881 | |
cf4a9129 LC |
3882 | Assuming the above snippet is stored in the @file{my-system-config.scm} |
3883 | file, the @command{guix system reconfigure my-system-config.scm} command | |
3884 | instantiates that configuration, and makes it the default GRUB boot | |
3885 | entry (@pxref{Invoking guix system}). The normal way to change the | |
3886 | system's configuration is by updating this file and re-running the | |
3887 | @command{guix system} command. | |
b81e1947 | 3888 | |
cf4a9129 LC |
3889 | At the Scheme level, the bulk of an @code{operating-system} declaration |
3890 | is instantiated with the following monadic procedure (@pxref{The Store | |
3891 | Monad}): | |
b81e1947 | 3892 | |
cf4a9129 LC |
3893 | @deffn {Monadic Procedure} operating-system-derivation os |
3894 | Return a derivation that builds @var{os}, an @code{operating-system} | |
3895 | object (@pxref{Derivations}). | |
b81e1947 | 3896 | |
cf4a9129 LC |
3897 | The output of the derivation is a single directory that refers to all |
3898 | the packages, configuration files, and other supporting files needed to | |
3899 | instantiate @var{os}. | |
3900 | @end deffn | |
b81e1947 | 3901 | |
7313a52e LC |
3902 | @node operating-system Reference |
3903 | @subsection @code{operating-system} Reference | |
3904 | ||
3905 | This section summarizes all the options available in | |
3906 | @code{operating-system} declarations (@pxref{Using the Configuration | |
3907 | System}). | |
3908 | ||
3909 | @deftp {Data Type} operating-system | |
3910 | This is the data type representing an operating system configuration. | |
3911 | By that, we mean all the global system configuration, not per-user | |
3912 | configuration (@pxref{Using the Configuration System}). | |
3913 | ||
3914 | @table @asis | |
3915 | @item @code{kernel} (default: @var{linux-libre}) | |
3916 | The package object of the operating system to use@footnote{Currently | |
3917 | only the Linux-libre kernel is supported. In the future, it will be | |
3918 | possible to use the GNU@tie{}Hurd.}. | |
3919 | ||
3920 | @item @code{bootloader} | |
88faf933 | 3921 | The system bootloader configuration object. @xref{GRUB Configuration}. |
7313a52e LC |
3922 | |
3923 | @item @code{initrd} (default: @code{base-initrd}) | |
3924 | A two-argument monadic procedure that returns an initial RAM disk for | |
3925 | the Linux kernel. @xref{Initial RAM Disk}. | |
3926 | ||
f34c56be LC |
3927 | @item @code{firmware} (default: @var{%base-firmware}) |
3928 | @cindex firmware | |
3929 | List of firmware packages loadable by the operating system kernel. | |
3930 | ||
3931 | The default includes firmware needed for Atheros-based WiFi devices | |
3932 | (Linux-libre module @code{ath9k}.) | |
3933 | ||
7313a52e LC |
3934 | @item @code{host-name} |
3935 | The host name. | |
3936 | ||
3937 | @item @code{hosts-file} | |
3938 | @cindex hosts file | |
3939 | A zero-argument monadic procedure that returns a text file for use as | |
3940 | @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library | |
3941 | Reference Manual}). The default is to produce a file with entries for | |
3942 | @code{localhost} and @var{host-name}. | |
3943 | ||
3944 | @item @code{mapped-devices} (default: @code{'()}) | |
3945 | A list of mapped devices. @xref{Mapped Devices}. | |
3946 | ||
3947 | @item @code{file-systems} | |
3948 | A list of file systems. @xref{File Systems}. | |
3949 | ||
3950 | @item @code{swap-devices} (default: @code{'()}) | |
3951 | @cindex swap devices | |
3952 | A list of strings identifying devices to be used for ``swap space'' | |
3953 | (@pxref{Memory Concepts,,, libc, The GNU C Library Reference Manual}). | |
3954 | For example, @code{'("/dev/sda3")}. | |
3955 | ||
3956 | @item @code{users} (default: @code{'()}) | |
3957 | @itemx @code{groups} (default: @var{%base-groups}) | |
3958 | List of user accounts and groups. @xref{User Accounts}. | |
3959 | ||
3960 | @item @code{skeletons} (default: @code{(default-skeletons)}) | |
3961 | A monadic list of pairs of target file name and files. These are the | |
3962 | files that will be used as skeletons as new accounts are created. | |
3963 | ||
3964 | For instance, a valid value may look like this: | |
3965 | ||
3966 | @example | |
3967 | (mlet %store-monad ((bashrc (text-file "bashrc" "\ | |
3968 | export PATH=$HOME/.guix-profile/bin"))) | |
3969 | (return `((".bashrc" ,bashrc)))) | |
3970 | @end example | |
3971 | ||
3972 | @item @code{issue} (default: @var{%default-issue}) | |
3973 | A string denoting the contents of the @file{/etc/issue} file, which is | |
3974 | what displayed when users log in on a text console. | |
3975 | ||
3976 | @item @code{packages} (default: @var{%base-packages}) | |
3977 | The set of packages installed in the global profile, which is accessible | |
3978 | at @file{/run/current-system/profile}. | |
3979 | ||
3980 | The default set includes core utilities, but it is good practice to | |
3981 | install non-core utilities in user profiles (@pxref{Invoking guix | |
3982 | package}). | |
3983 | ||
3984 | @item @code{timezone} | |
3985 | A timezone identifying string---e.g., @code{"Europe/Paris"}. | |
3986 | ||
598e19dc LC |
3987 | @item @code{locale} (default: @code{"en_US.utf8"}) |
3988 | The name of the default locale (@pxref{Locale Names,,, libc, The GNU C | |
3989 | Library Reference Manual}). @xref{Locales}, for more information. | |
3990 | ||
3991 | @item @code{locale-definitions} (default: @var{%default-locale-definitions}) | |
3992 | The list of locale definitions to be compiled and that may be used at | |
3993 | run time. @xref{Locales}. | |
7313a52e | 3994 | |
996ed739 LC |
3995 | @item @code{name-service-switch} (default: @var{%default-nss}) |
3996 | Configuration of libc's name service switch (NSS)---a | |
3997 | @code{<name-service-switch>} object. @xref{Name Service Switch}, for | |
3998 | details. | |
3999 | ||
7313a52e LC |
4000 | @item @code{services} (default: @var{%base-services}) |
4001 | A list of monadic values denoting system services. @xref{Services}. | |
4002 | ||
4003 | @item @code{pam-services} (default: @code{(base-pam-services)}) | |
4004 | @cindex PAM | |
4005 | @cindex pluggable authentication modules | |
4006 | Linux @dfn{pluggable authentication module} (PAM) services. | |
4007 | @c FIXME: Add xref to PAM services section. | |
4008 | ||
4009 | @item @code{setuid-programs} (default: @var{%setuid-programs}) | |
4010 | List of string-valued G-expressions denoting setuid programs. | |
4011 | @xref{Setuid Programs}. | |
4012 | ||
4013 | @item @code{sudoers} (default: @var{%sudoers-specification}) | |
4014 | @cindex sudoers | |
4015 | The contents of the @file{/etc/sudoers} file as a string. | |
4016 | ||
4017 | This file specifies which users can use the @command{sudo} command, what | |
4018 | they are allowed to do, and what privileges they may gain. The default | |
4019 | is that only @code{root} and members of the @code{wheel} group may use | |
4020 | @code{sudo}. | |
4021 | ||
4022 | @end table | |
4023 | @end deftp | |
4024 | ||
cf4a9129 LC |
4025 | @node File Systems |
4026 | @subsection File Systems | |
b81e1947 | 4027 | |
cf4a9129 LC |
4028 | The list of file systems to be mounted is specified in the |
4029 | @code{file-systems} field of the operating system's declaration | |
4030 | (@pxref{Using the Configuration System}). Each file system is declared | |
4031 | using the @code{file-system} form, like this: | |
b81e1947 LC |
4032 | |
4033 | @example | |
cf4a9129 LC |
4034 | (file-system |
4035 | (mount-point "/home") | |
4036 | (device "/dev/sda3") | |
4037 | (type "ext4")) | |
b81e1947 LC |
4038 | @end example |
4039 | ||
cf4a9129 LC |
4040 | As usual, some of the fields are mandatory---those shown in the example |
4041 | above---while others can be omitted. These are described below. | |
b81e1947 | 4042 | |
cf4a9129 LC |
4043 | @deftp {Data Type} file-system |
4044 | Objects of this type represent file systems to be mounted. They | |
4045 | contain the following members: | |
5ff3c4b8 | 4046 | |
cf4a9129 LC |
4047 | @table @asis |
4048 | @item @code{type} | |
4049 | This is a string specifying the type of the file system---e.g., | |
4050 | @code{"ext4"}. | |
5ff3c4b8 | 4051 | |
cf4a9129 LC |
4052 | @item @code{mount-point} |
4053 | This designates the place where the file system is to be mounted. | |
b81e1947 | 4054 | |
cf4a9129 LC |
4055 | @item @code{device} |
4056 | This names the ``source'' of the file system. By default it is the name | |
4057 | of a node under @file{/dev}, but its meaning depends on the @code{title} | |
4058 | field described below. | |
401c53c4 | 4059 | |
cf4a9129 LC |
4060 | @item @code{title} (default: @code{'device}) |
4061 | This is a symbol that specifies how the @code{device} field is to be | |
4062 | interpreted. | |
401c53c4 | 4063 | |
cf4a9129 LC |
4064 | When it is the symbol @code{device}, then the @code{device} field is |
4065 | interpreted as a file name; when it is @code{label}, then @code{device} | |
4066 | is interpreted as a partition label name; when it is @code{uuid}, | |
4067 | @code{device} is interpreted as a partition unique identifier (UUID). | |
da7cabd4 | 4068 | |
cf4a9129 LC |
4069 | The @code{label} and @code{uuid} options offer a way to refer to disk |
4070 | partitions without having to hard-code their actual device name. | |
da7cabd4 | 4071 | |
5f86a66e LC |
4072 | However, when a file system's source is a mapped device (@pxref{Mapped |
4073 | Devices}), its @code{device} field @emph{must} refer to the mapped | |
4074 | device name---e.g., @file{/dev/mapper/root-partition}---and consequently | |
4075 | @code{title} must be set to @code{'device}. This is required so that | |
4076 | the system knows that mounting the file system depends on having the | |
4077 | corresponding device mapping established. | |
4078 | ||
cf4a9129 LC |
4079 | @item @code{flags} (default: @code{'()}) |
4080 | This is a list of symbols denoting mount flags. Recognized flags | |
2c071ce9 LC |
4081 | include @code{read-only}, @code{bind-mount}, @code{no-dev} (disallow |
4082 | access to special files), @code{no-suid} (ignore setuid and setgid | |
4083 | bits), and @code{no-exec} (disallow program execution.) | |
da7cabd4 | 4084 | |
cf4a9129 LC |
4085 | @item @code{options} (default: @code{#f}) |
4086 | This is either @code{#f}, or a string denoting mount options. | |
da7cabd4 | 4087 | |
cf4a9129 LC |
4088 | @item @code{needed-for-boot?} (default: @code{#f}) |
4089 | This Boolean value indicates whether the file system is needed when | |
4090 | booting. If that is true, then the file system is mounted when the | |
4091 | initial RAM disk (initrd) is loaded. This is always the case, for | |
4092 | instance, for the root file system. | |
da7cabd4 | 4093 | |
cf4a9129 LC |
4094 | @item @code{check?} (default: @code{#t}) |
4095 | This Boolean indicates whether the file system needs to be checked for | |
4096 | errors before being mounted. | |
f9cc8971 | 4097 | |
4e469051 LC |
4098 | @item @code{create-mount-point?} (default: @code{#f}) |
4099 | When true, the mount point is created if it does not exist yet. | |
4100 | ||
cf4a9129 LC |
4101 | @end table |
4102 | @end deftp | |
da7cabd4 | 4103 | |
a69576ea LC |
4104 | The @code{(gnu system file-systems)} exports the following useful |
4105 | variables. | |
4106 | ||
4107 | @defvr {Scheme Variable} %base-file-systems | |
4108 | These are essential file systems that are required on normal systems, | |
4109 | such as @var{%devtmpfs-file-system} (see below.) Operating system | |
4110 | declarations should always contain at least these. | |
4111 | @end defvr | |
4112 | ||
4113 | @defvr {Scheme Variable} %devtmpfs-file-system | |
4114 | The @code{devtmpfs} file system to be mounted on @file{/dev}. This is a | |
4115 | requirement for udev (@pxref{Base Services, @code{udev-service}}). | |
4116 | @end defvr | |
4117 | ||
7f239fd3 LC |
4118 | @defvr {Scheme Variable} %pseudo-terminal-file-system |
4119 | This is the file system to be mounted as @file{/dev/pts}. It supports | |
4120 | @dfn{pseudo-terminals} created @i{via} @code{openpty} and similar | |
4121 | functions (@pxref{Pseudo-Terminals,,, libc, The GNU C Library Reference | |
4122 | Manual}). Pseudo-terminals are used by terminal emulators such as | |
4123 | @command{xterm}. | |
4124 | @end defvr | |
4125 | ||
db17ae5c LC |
4126 | @defvr {Scheme Variable} %shared-memory-file-system |
4127 | This file system is mounted as @file{/dev/shm} and is used to support | |
4128 | memory sharing across processes (@pxref{Memory-mapped I/O, | |
4129 | @code{shm_open},, libc, The GNU C Library Reference Manual}). | |
4130 | @end defvr | |
4131 | ||
a69576ea LC |
4132 | @defvr {Scheme Variable} %binary-format-file-system |
4133 | The @code{binfmt_misc} file system, which allows handling of arbitrary | |
4134 | executable file types to be delegated to user space. This requires the | |
4135 | @code{binfmt.ko} kernel module to be loaded. | |
4136 | @end defvr | |
4137 | ||
4138 | @defvr {Scheme Variable} %fuse-control-file-system | |
4139 | The @code{fusectl} file system, which allows unprivileged users to mount | |
4140 | and unmount user-space FUSE file systems. This requires the | |
4141 | @code{fuse.ko} kernel module to be loaded. | |
4142 | @end defvr | |
4143 | ||
510f9d86 LC |
4144 | @node Mapped Devices |
4145 | @subsection Mapped Devices | |
4146 | ||
4147 | @cindex device mapping | |
4148 | @cindex mapped devices | |
4149 | The Linux kernel has a notion of @dfn{device mapping}: a block device, | |
4150 | such as a hard disk partition, can be @dfn{mapped} into another device, | |
4151 | with additional processing over the data that flows through | |
4152 | it@footnote{Note that the GNU@tie{}Hurd makes no difference between the | |
4153 | concept of a ``mapped device'' and that of a file system: both boil down | |
4154 | to @emph{translating} input/output operations made on a file to | |
4155 | operations on its backing store. Thus, the Hurd implements mapped | |
4156 | devices, like file systems, using the generic @dfn{translator} mechanism | |
4157 | (@pxref{Translators,,, hurd, The GNU Hurd Reference Manual}).}. A | |
4158 | typical example is encryption device mapping: all writes to the mapped | |
4159 | device are encrypted, and all reads are deciphered, transparently. | |
4160 | ||
4161 | Mapped devices are declared using the @code{mapped-device} form: | |
4162 | ||
4163 | @example | |
4164 | (mapped-device | |
4165 | (source "/dev/sda3") | |
4166 | (target "home") | |
4167 | (type luks-device-mapping)) | |
4168 | @end example | |
4169 | ||
4170 | @noindent | |
4171 | @cindex disk encryption | |
4172 | @cindex LUKS | |
4173 | This example specifies a mapping from @file{/dev/sda3} to | |
4174 | @file{/dev/mapper/home} using LUKS---the | |
4175 | @url{http://code.google.com/p/cryptsetup,Linux Unified Key Setup}, a | |
4176 | standard mechanism for disk encryption. The @file{/dev/mapper/home} | |
4177 | device can then be used as the @code{device} of a @code{file-system} | |
4178 | declaration (@pxref{File Systems}). The @code{mapped-device} form is | |
4179 | detailed below. | |
4180 | ||
4181 | @deftp {Data Type} mapped-device | |
4182 | Objects of this type represent device mappings that will be made when | |
4183 | the system boots up. | |
4184 | ||
9cb426b8 LC |
4185 | @table @code |
4186 | @item source | |
510f9d86 LC |
4187 | This string specifies the name of the block device to be mapped, such as |
4188 | @code{"/dev/sda3"}. | |
4189 | ||
9cb426b8 | 4190 | @item target |
510f9d86 LC |
4191 | This string specifies the name of the mapping to be established. For |
4192 | example, specifying @code{"my-partition"} will lead to the creation of | |
4193 | the @code{"/dev/mapper/my-partition"} device. | |
4194 | ||
9cb426b8 | 4195 | @item type |
510f9d86 LC |
4196 | This must be a @code{mapped-device-kind} object, which specifies how |
4197 | @var{source} is mapped to @var{target}. | |
4198 | @end table | |
4199 | @end deftp | |
4200 | ||
4201 | @defvr {Scheme Variable} luks-device-mapping | |
4202 | This defines LUKS block device encryption using the @command{cryptsetup} | |
4203 | command, from the same-named package. This relies on the | |
4204 | @code{dm-crypt} Linux kernel module. | |
4205 | @end defvr | |
4206 | ||
cf4a9129 LC |
4207 | @node User Accounts |
4208 | @subsection User Accounts | |
ee85f3db | 4209 | |
cf4a9129 | 4210 | User accounts are specified with the @code{user-account} form: |
ee85f3db | 4211 | |
cf4a9129 LC |
4212 | @example |
4213 | (user-account | |
4214 | (name "alice") | |
4215 | (group "users") | |
24e752c0 LC |
4216 | (supplementary-groups '("wheel" ;allow use of sudo, etc. |
4217 | "audio" ;sound card | |
4218 | "video" ;video devices such as webcams | |
4219 | "cdrom")) ;the good ol' CD-ROM | |
cf4a9129 LC |
4220 | (comment "Bob's sister") |
4221 | (home-directory "/home/alice")) | |
4222 | @end example | |
25083588 | 4223 | |
cf4a9129 LC |
4224 | @deftp {Data Type} user-account |
4225 | Objects of this type represent user accounts. The following members may | |
4226 | be specified: | |
ee85f3db | 4227 | |
cf4a9129 LC |
4228 | @table @asis |
4229 | @item @code{name} | |
4230 | The name of the user account. | |
ee85f3db | 4231 | |
cf4a9129 LC |
4232 | @item @code{group} |
4233 | This is the name (a string) or identifier (a number) of the user group | |
4234 | this account belongs to. | |
ee85f3db | 4235 | |
cf4a9129 LC |
4236 | @item @code{supplementary-groups} (default: @code{'()}) |
4237 | Optionally, this can be defined as a list of group names that this | |
4238 | account belongs to. | |
ee85f3db | 4239 | |
cf4a9129 LC |
4240 | @item @code{uid} (default: @code{#f}) |
4241 | This is the user ID for this account (a number), or @code{#f}. In the | |
4242 | latter case, a number is automatically chosen by the system when the | |
4243 | account is created. | |
ee85f3db | 4244 | |
cf4a9129 LC |
4245 | @item @code{comment} (default: @code{""}) |
4246 | A comment about the account, such as the account's owner full name. | |
c8c871d1 | 4247 | |
cf4a9129 LC |
4248 | @item @code{home-directory} |
4249 | This is the name of the home directory for the account. | |
ee85f3db | 4250 | |
cf4a9129 LC |
4251 | @item @code{shell} (default: Bash) |
4252 | This is a G-expression denoting the file name of a program to be used as | |
4253 | the shell (@pxref{G-Expressions}). | |
ee85f3db | 4254 | |
cf4a9129 LC |
4255 | @item @code{system?} (default: @code{#f}) |
4256 | This Boolean value indicates whether the account is a ``system'' | |
4257 | account. System accounts are sometimes treated specially; for instance, | |
4258 | graphical login managers do not list them. | |
ee85f3db | 4259 | |
cf4a9129 | 4260 | @item @code{password} (default: @code{#f}) |
eb59595c LC |
4261 | You would normally leave this field to @code{#f}, initialize user |
4262 | passwords as @code{root} with the @command{passwd} command, and then let | |
4263 | users change it with @command{passwd}. | |
4264 | ||
4265 | If you @emph{do} want to have a preset password for an account, then | |
4266 | this field must contain the encrypted password, as a string. | |
5d1f1177 LC |
4267 | @xref{crypt,,, libc, The GNU C Library Reference Manual}, for more information |
4268 | on password encryption, and @ref{Encryption,,, guile, GNU Guile Reference | |
eb59595c | 4269 | Manual}, for information on Guile's @code{crypt} procedure. |
c8c871d1 | 4270 | |
cf4a9129 LC |
4271 | @end table |
4272 | @end deftp | |
ee85f3db | 4273 | |
cf4a9129 | 4274 | User group declarations are even simpler: |
ee85f3db | 4275 | |
cf4a9129 LC |
4276 | @example |
4277 | (user-group (name "students")) | |
4278 | @end example | |
ee85f3db | 4279 | |
cf4a9129 LC |
4280 | @deftp {Data Type} user-group |
4281 | This type is for, well, user groups. There are just a few fields: | |
af8a56b8 | 4282 | |
cf4a9129 LC |
4283 | @table @asis |
4284 | @item @code{name} | |
4285 | The group's name. | |
ee85f3db | 4286 | |
cf4a9129 LC |
4287 | @item @code{id} (default: @code{#f}) |
4288 | The group identifier (a number). If @code{#f}, a new number is | |
4289 | automatically allocated when the group is created. | |
ee85f3db | 4290 | |
c8fa3426 LC |
4291 | @item @code{system?} (default: @code{#f}) |
4292 | This Boolean value indicates whether the group is a ``system'' group. | |
4293 | System groups have low numerical IDs. | |
4294 | ||
cf4a9129 LC |
4295 | @item @code{password} (default: @code{#f}) |
4296 | What, user groups can have a password? Well, apparently yes. Unless | |
4297 | @code{#f}, this field specifies the group's password. | |
ee85f3db | 4298 | |
cf4a9129 LC |
4299 | @end table |
4300 | @end deftp | |
401c53c4 | 4301 | |
cf4a9129 LC |
4302 | For convenience, a variable lists all the basic user groups one may |
4303 | expect: | |
401c53c4 | 4304 | |
cf4a9129 LC |
4305 | @defvr {Scheme Variable} %base-groups |
4306 | This is the list of basic user groups that users and/or packages expect | |
4307 | to be present on the system. This includes groups such as ``root'', | |
4308 | ``wheel'', and ``users'', as well as groups used to control access to | |
4309 | specific devices such as ``audio'', ``disk'', and ``cdrom''. | |
4310 | @end defvr | |
401c53c4 | 4311 | |
598e19dc LC |
4312 | @node Locales |
4313 | @subsection Locales | |
4314 | ||
4315 | @cindex locale | |
4316 | A @dfn{locale} defines cultural conventions for a particular language | |
4317 | and region of the world (@pxref{Locales,,, libc, The GNU C Library | |
4318 | Reference Manual}). Each locale has a name that typically has the form | |
4319 | @code{@var{language}_@var{territory}.@var{charset}}---e.g., | |
4320 | @code{fr_LU.utf8} designates the locale for the French language, with | |
4321 | cultural conventions from Luxembourg, and using the UTF-8 encoding. | |
4322 | ||
4323 | @cindex locale definition | |
4324 | Usually, you will want to specify the default locale for the machine | |
4325 | using the @code{locale} field of the @code{operating-system} declaration | |
4326 | (@pxref{operating-system Reference, @code{locale}}). | |
4327 | ||
4328 | That locale must be among the @dfn{locale definitions} that are known to | |
4329 | the system---and these are specified in the @code{locale-definitions} | |
4330 | slot of @code{operating-system}. The default value includes locale | |
4331 | definition for some widely used locales, but not for all the available | |
4332 | locales, in order to save space. | |
4333 | ||
4334 | If the locale specified in the @code{locale} field is not among the | |
4335 | definitions listed in @code{locale-definitions}, @command{guix system} | |
4336 | raises an error. In that case, you should add the locale definition to | |
4337 | the @code{locale-definitions} field. For instance, to add the North | |
4338 | Frisian locale for Germany, the value of that field may be: | |
4339 | ||
4340 | @example | |
4341 | (cons (locale-definition | |
4342 | (name "fy_DE.utf8") (source "fy_DE")) | |
4343 | %default-locale-definitions) | |
4344 | @end example | |
4345 | ||
4346 | Likewise, to save space, one might want @code{locale-definitions} to | |
4347 | list only the locales that are actually used, as in: | |
4348 | ||
4349 | @example | |
4350 | (list (locale-definition | |
4351 | (name "ja_JP.eucjp") (source "ja_JP") | |
4352 | (charset "EUC-JP"))) | |
4353 | @end example | |
4354 | ||
4355 | The @code{locale-definition} form is provided by the @code{(gnu system | |
4356 | locale)} module. Details are given below. | |
4357 | ||
4358 | @deftp {Data Type} locale-definition | |
4359 | This is the data type of a locale definition. | |
4360 | ||
4361 | @table @asis | |
4362 | ||
4363 | @item @code{name} | |
4364 | The name of the locale. @xref{Locale Names,,, libc, The GNU C Library | |
4365 | Reference Manual}, for more information on locale names. | |
4366 | ||
4367 | @item @code{source} | |
4368 | The name of the source for that locale. This is typically the | |
4369 | @code{@var{language}_@var{territory}} part of the locale name. | |
4370 | ||
4371 | @item @code{charset} (default: @code{"UTF-8"}) | |
4372 | The ``character set'' or ``code set'' for that locale, | |
4373 | @uref{http://www.iana.org/assignments/character-sets, as defined by | |
4374 | IANA}. | |
4375 | ||
4376 | @end table | |
4377 | @end deftp | |
4378 | ||
4379 | @defvr {Scheme Variable} %default-locale-definitions | |
4380 | An arbitrary list of commonly used locales, used as the default value of | |
4381 | the @code{locale-definitions} field of @code{operating-system} | |
4382 | declarations. | |
4383 | @end defvr | |
401c53c4 | 4384 | |
cf4a9129 LC |
4385 | @node Services |
4386 | @subsection Services | |
401c53c4 | 4387 | |
cf4a9129 LC |
4388 | @cindex system services |
4389 | An important part of preparing an @code{operating-system} declaration is | |
4390 | listing @dfn{system services} and their configuration (@pxref{Using the | |
4391 | Configuration System}). System services are typically daemons launched | |
4392 | when the system boots, or other actions needed at that time---e.g., | |
d8b94dbd LC |
4393 | configuring network access. |
4394 | ||
4395 | Services are managed by GNU@tie{}dmd (@pxref{Introduction,,, dmd, GNU | |
4396 | dmd Manual}). On a running system, the @command{deco} command allows | |
4397 | you to list the available services, show their status, start and stop | |
4398 | them, or do other specific operations (@pxref{Jump Start,,, dmd, GNU dmd | |
4399 | Manual}). For example: | |
4400 | ||
4401 | @example | |
4402 | # deco status dmd | |
4403 | @end example | |
4404 | ||
4405 | The above command, run as @code{root}, lists the currently defined | |
4406 | services. The @command{deco doc} command shows a synopsis of the given | |
4407 | service: | |
4408 | ||
4409 | @example | |
4410 | # deco doc nscd | |
4411 | Run libc's name service cache daemon (nscd). | |
4412 | @end example | |
4413 | ||
4414 | The @command{start}, @command{stop}, and @command{restart} sub-commands | |
4415 | have the effect you would expect. For instance, the commands below stop | |
4416 | the nscd service and restart the Xorg display server: | |
4417 | ||
4418 | @example | |
4419 | # deco stop nscd | |
4420 | Service nscd has been stopped. | |
4421 | # deco restart xorg-server | |
4422 | Service xorg-server has been stopped. | |
4423 | Service xorg-server has been started. | |
4424 | @end example | |
401c53c4 | 4425 | |
cf4a9129 | 4426 | The following sections document the available services, starting with |
d8b94dbd LC |
4427 | the core services, that may be used in an @code{operating-system} |
4428 | declaration. | |
401c53c4 | 4429 | |
cf4a9129 LC |
4430 | @menu |
4431 | * Base Services:: Essential system services. | |
4432 | * Networking Services:: Network setup, SSH daemon, etc. | |
4433 | * X Window:: Graphical display. | |
aa4ed923 | 4434 | * Various Services:: Other services. |
cf4a9129 | 4435 | @end menu |
401c53c4 | 4436 | |
cf4a9129 LC |
4437 | @node Base Services |
4438 | @subsubsection Base Services | |
a1ba8475 | 4439 | |
cf4a9129 LC |
4440 | The @code{(gnu services base)} module provides definitions for the basic |
4441 | services that one expects from the system. The services exported by | |
4442 | this module are listed below. | |
401c53c4 | 4443 | |
cf4a9129 LC |
4444 | @defvr {Scheme Variable} %base-services |
4445 | This variable contains a list of basic services@footnote{Technically, | |
4446 | this is a list of monadic services. @xref{The Store Monad}.} one would | |
4447 | expect from the system: a login service (mingetty) on each tty, syslogd, | |
4448 | libc's name service cache daemon (nscd), the udev device manager, and | |
4449 | more. | |
401c53c4 | 4450 | |
cf4a9129 LC |
4451 | This is the default value of the @code{services} field of |
4452 | @code{operating-system} declarations. Usually, when customizing a | |
4453 | system, you will want to append services to @var{%base-services}, like | |
4454 | this: | |
401c53c4 | 4455 | |
cf4a9129 | 4456 | @example |
fa1e31b8 | 4457 | (cons* (avahi-service) (lsh-service) %base-services) |
cf4a9129 LC |
4458 | @end example |
4459 | @end defvr | |
401c53c4 | 4460 | |
cf4a9129 LC |
4461 | @deffn {Monadic Procedure} host-name-service @var{name} |
4462 | Return a service that sets the host name to @var{name}. | |
4463 | @end deffn | |
401c53c4 | 4464 | |
cf4a9129 LC |
4465 | @deffn {Monadic Procedure} mingetty-service @var{tty} [#:motd] @ |
4466 | [#:auto-login #f] [#:login-program] [#:login-pause? #f] @ | |
4467 | [#:allow-empty-passwords? #f] | |
4468 | Return a service to run mingetty on @var{tty}. | |
401c53c4 | 4469 | |
cf4a9129 LC |
4470 | When @var{allow-empty-passwords?} is true, allow empty log-in password. When |
4471 | @var{auto-login} is true, it must be a user name under which to log-in | |
4472 | automatically. @var{login-pause?} can be set to @code{#t} in conjunction with | |
4473 | @var{auto-login}, in which case the user will have to press a key before the | |
4474 | login shell is launched. | |
401c53c4 | 4475 | |
cf4a9129 LC |
4476 | When true, @var{login-program} is a gexp or a monadic gexp denoting the name |
4477 | of the log-in program (the default is the @code{login} program from the Shadow | |
4478 | tool suite.) | |
401c53c4 | 4479 | |
cf4a9129 LC |
4480 | @var{motd} is a monadic value containing a text file to use as |
4481 | the ``message of the day''. | |
4482 | @end deffn | |
401c53c4 | 4483 | |
6454b333 LC |
4484 | @cindex name service cache daemon |
4485 | @cindex nscd | |
4aee6e60 LC |
4486 | @deffn {Monadic Procedure} nscd-service [@var{config}] [#:glibc glibc] @ |
4487 | [#:name-services '()] | |
4488 | Return a service that runs libc's name service cache daemon (nscd) with | |
4489 | the given @var{config}---an @code{<nscd-configuration>} object. | |
4490 | Optionally, @code{#:name-services} is a list of packages that provide | |
4491 | name service switch (NSS) modules needed by nscd. | |
cf4a9129 | 4492 | @end deffn |
401c53c4 | 4493 | |
6454b333 LC |
4494 | @defvr {Scheme Variable} %nscd-default-configuration |
4495 | This is the default @code{<nscd-configuration>} value (see below) used | |
4496 | by @code{nscd-service}. This uses the caches defined by | |
4497 | @var{%nscd-default-caches}; see below. | |
4498 | @end defvr | |
4499 | ||
4500 | @deftp {Data Type} nscd-configuration | |
4501 | This is the type representing the name service cache daemon (nscd) | |
4502 | configuration. | |
4503 | ||
4504 | @table @asis | |
4505 | ||
4506 | @item @code{log-file} (default: @code{"/var/log/nscd.log"}) | |
4507 | Name of nscd's log file. This is where debugging output goes when | |
4508 | @code{debug-level} is strictly positive. | |
4509 | ||
4510 | @item @code{debug-level} (default: @code{0}) | |
4511 | Integer denoting the debugging levels. Higher numbers mean more | |
4512 | debugging output is logged. | |
4513 | ||
4514 | @item @code{caches} (default: @var{%nscd-default-caches}) | |
4515 | List of @code{<nscd-cache>} objects denoting things to be cached; see | |
4516 | below. | |
4517 | ||
4518 | @end table | |
4519 | @end deftp | |
4520 | ||
4521 | @deftp {Data Type} nscd-cache | |
4522 | Data type representing a cache database of nscd and its parameters. | |
4523 | ||
4524 | @table @asis | |
4525 | ||
4526 | @item @code{database} | |
4527 | This is a symbol representing the name of the database to be cached. | |
4528 | Valid values are @code{passwd}, @code{group}, @code{hosts}, and | |
4529 | @code{services}, which designate the corresponding NSS database | |
4530 | (@pxref{NSS Basics,,, libc, The GNU C Library Reference Manual}). | |
4531 | ||
4532 | @item @code{positive-time-to-live} | |
4533 | @itemx @code{negative-time-to-live} (default: @code{20}) | |
4534 | A number representing the number of seconds during which a positive or | |
4535 | negative lookup result remains in cache. | |
4536 | ||
4537 | @item @code{check-files?} (default: @code{#t}) | |
4538 | Whether to check for updates of the files corresponding to | |
4539 | @var{database}. | |
4540 | ||
4541 | For instance, when @var{database} is @code{hosts}, setting this flag | |
4542 | instructs nscd to check for updates in @file{/etc/hosts} and to take | |
4543 | them into account. | |
4544 | ||
4545 | @item @code{persistent?} (default: @code{#t}) | |
4546 | Whether the cache should be stored persistently on disk. | |
4547 | ||
4548 | @item @code{shared?} (default: @code{#t}) | |
4549 | Whether the cache should be shared among users. | |
4550 | ||
4551 | @item @code{max-database-size} (default: 32@tie{}MiB) | |
4552 | Maximum size in bytes of the database cache. | |
4553 | ||
4554 | @c XXX: 'suggested-size' and 'auto-propagate?' seem to be expert | |
4555 | @c settings, so leave them out. | |
4556 | ||
4557 | @end table | |
4558 | @end deftp | |
4559 | ||
4560 | @defvr {Scheme Variable} %nscd-default-caches | |
4561 | List of @code{<nscd-cache>} objects used by default by | |
4562 | @code{nscd-configuration} (see above.) | |
4563 | ||
4564 | It enables persistent and aggressive caching of service and host name | |
4565 | lookups. The latter provides better host name lookup performance, | |
4566 | resilience in the face of unreliable name servers, and also better | |
4567 | privacy---often the result of host name lookups is in local cache, so | |
4568 | external name servers do not even need to be queried. | |
4569 | @end defvr | |
4570 | ||
4571 | ||
1bb76f75 AK |
4572 | @deffn {Monadic Procedure} syslog-service [#:config-file #f] |
4573 | Return a service that runs @code{syslogd}. If configuration file name | |
4574 | @var{config-file} is not specified, use some reasonable default | |
cf4a9129 LC |
4575 | settings. |
4576 | @end deffn | |
401c53c4 | 4577 | |
cf4a9129 LC |
4578 | @deffn {Monadic Procedure} guix-service [#:guix guix] @ |
4579 | [#:builder-group "guixbuild"] [#:build-accounts 10] @ | |
02bb6b45 | 4580 | [#:authorize-hydra-key? #t] [#:use-substitutes? #t] @ |
cf4a9129 LC |
4581 | [#:extra-options '()] |
4582 | Return a service that runs the build daemon from @var{guix}, and has | |
4583 | @var{build-accounts} user accounts available under @var{builder-group}. | |
401c53c4 | 4584 | |
cf4a9129 LC |
4585 | When @var{authorize-hydra-key?} is true, the @code{hydra.gnu.org} public key |
4586 | provided by @var{guix} is authorized upon activation, meaning that substitutes | |
4587 | from @code{hydra.gnu.org} are used by default. | |
401c53c4 | 4588 | |
cf4a9129 LC |
4589 | If @var{use-substitutes?} is false, the daemon is run with |
4590 | @option{--no-substitutes} (@pxref{Invoking guix-daemon, | |
4591 | @option{--no-substitutes}}). | |
401c53c4 | 4592 | |
cf4a9129 LC |
4593 | Finally, @var{extra-options} is a list of additional command-line options |
4594 | passed to @command{guix-daemon}. | |
4595 | @end deffn | |
a1ba8475 | 4596 | |
cf4a9129 LC |
4597 | @deffn {Monadic Procedure} udev-service [#:udev udev] |
4598 | Run @var{udev}, which populates the @file{/dev} directory dynamically. | |
4599 | @end deffn | |
401c53c4 | 4600 | |
a69576ea | 4601 | |
cf4a9129 LC |
4602 | @node Networking Services |
4603 | @subsubsection Networking Services | |
401c53c4 | 4604 | |
fa1e31b8 | 4605 | The @code{(gnu services networking)} module provides services to configure |
cf4a9129 | 4606 | the network interface. |
a1ba8475 | 4607 | |
a023cca8 LC |
4608 | @cindex DHCP, networking service |
4609 | @deffn {Monadic Procedure} dhcp-client-service [#:dhcp @var{isc-dhcp}] | |
4610 | Return a service that runs @var{dhcp}, a Dynamic Host Configuration | |
4611 | Protocol (DHCP) client, on all the non-loopback network interfaces. | |
4612 | @end deffn | |
4613 | ||
cf4a9129 LC |
4614 | @deffn {Monadic Procedure} static-networking-service @var{interface} @var{ip} @ |
4615 | [#:gateway #f] [#:name-services @code{'()}] | |
4616 | Return a service that starts @var{interface} with address @var{ip}. If | |
4617 | @var{gateway} is true, it must be a string specifying the default network | |
4618 | gateway. | |
4619 | @end deffn | |
8b315a6d | 4620 | |
b7d0c494 MW |
4621 | @cindex wicd |
4622 | @deffn {Monadic Procedure} wicd-service [#:wicd @var{wicd}] | |
4623 | Return a service that runs @url{https://launchpad.net/wicd,Wicd}, a | |
4624 | network manager that aims to simplify wired and wireless networking. | |
4625 | @end deffn | |
4626 | ||
63854bcb LC |
4627 | @deffn {Monadic Procedure} ntp-service [#:ntp @var{ntp}] @ |
4628 | [#:name-service @var{%ntp-servers}] | |
4629 | Return a service that runs the daemon from @var{ntp}, the | |
4630 | @uref{http://www.ntp.org, Network Time Protocol package}. The daemon will | |
4631 | keep the system clock synchronized with that of @var{servers}. | |
4632 | @end deffn | |
4633 | ||
4634 | @defvr {Scheme Variable} %ntp-servers | |
4635 | List of host names used as the default NTP servers. | |
4636 | @end defvr | |
4637 | ||
cf4a9129 LC |
4638 | @deffn {Monadic Procedure} tor-service [#:tor tor] |
4639 | Return a service to run the @uref{https://torproject.org,Tor} daemon. | |
8b315a6d | 4640 | |
cf4a9129 LC |
4641 | The daemon runs with the default settings (in particular the default exit |
4642 | policy) as the @code{tor} unprivileged user. | |
4643 | @end deffn | |
8b315a6d | 4644 | |
4627a464 LC |
4645 | @deffn {Monadic Procedure} bitlbee-service [#:bitlbee bitlbee] @ |
4646 | [#:interface "127.0.0.1"] [#:port 6667] @ | |
4647 | [#:extra-settings ""] | |
4648 | Return a service that runs @url{http://bitlbee.org,BitlBee}, a daemon that | |
4649 | acts as a gateway between IRC and chat networks. | |
4650 | ||
4651 | The daemon will listen to the interface corresponding to the IP address | |
4652 | specified in @var{interface}, on @var{port}. @code{127.0.0.1} means that only | |
4653 | local clients can connect, whereas @code{0.0.0.0} means that connections can | |
4654 | come from any networking interface. | |
4655 | ||
4656 | In addition, @var{extra-settings} specifies a string to append to the | |
4657 | configuration file. | |
4658 | @end deffn | |
4659 | ||
f4391bec | 4660 | Furthermore, @code{(gnu services ssh)} provides the following service. |
8b315a6d | 4661 | |
cf4a9129 | 4662 | @deffn {Monadic Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @ |
5833bf33 | 4663 | [#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @ |
cf4a9129 LC |
4664 | [#:allow-empty-passwords? #f] [#:root-login? #f] @ |
4665 | [#:syslog-output? #t] [#:x11-forwarding? #t] @ | |
4666 | [#:tcp/ip-forwarding? #t] [#:password-authentication? #t] @ | |
21cc905a | 4667 | [#:public-key-authentication? #t] [#:initialize? #t] |
cf4a9129 LC |
4668 | Run the @command{lshd} program from @var{lsh} to listen on port @var{port-number}. |
4669 | @var{host-key} must designate a file containing the host key, and readable | |
4670 | only by root. | |
72e25e35 | 4671 | |
5833bf33 DP |
4672 | When @var{daemonic?} is true, @command{lshd} will detach from the |
4673 | controlling terminal and log its output to syslogd, unless one sets | |
4674 | @var{syslog-output?} to false. Obviously, it also makes lsh-service | |
4675 | depend on existence of syslogd service. When @var{pid-file?} is true, | |
4676 | @command{lshd} writes its PID to the file called @var{pid-file}. | |
4677 | ||
cf4a9129 LC |
4678 | When @var{initialize?} is true, automatically create the seed and host key |
4679 | upon service activation if they do not exist yet. This may take long and | |
4680 | require interaction. | |
8b315a6d | 4681 | |
20dd519c LC |
4682 | When @var{initialize?} is false, it is up to the user to initialize the |
4683 | randomness generator (@pxref{lsh-make-seed,,, lsh, LSH Manual}), and to create | |
4684 | a key pair with the private key stored in file @var{host-key} (@pxref{lshd | |
4685 | basics,,, lsh, LSH Manual}). | |
4686 | ||
cf4a9129 LC |
4687 | When @var{interfaces} is empty, lshd listens for connections on all the |
4688 | network interfaces; otherwise, @var{interfaces} must be a list of host names | |
4689 | or addresses. | |
9bf3c1a7 | 4690 | |
20dd519c LC |
4691 | @var{allow-empty-passwords?} specifies whether to accept log-ins with empty |
4692 | passwords, and @var{root-login?} specifies whether to accept log-ins as | |
cf4a9129 | 4693 | root. |
4af2447e | 4694 | |
cf4a9129 LC |
4695 | The other options should be self-descriptive. |
4696 | @end deffn | |
4af2447e | 4697 | |
fa0c1d61 LC |
4698 | @defvr {Scheme Variable} %facebook-host-aliases |
4699 | This variable contains a string for use in @file{/etc/hosts} | |
4700 | (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each | |
4701 | line contains a entry that maps a known server name of the Facebook | |
4702 | on-line service---e.g., @code{www.facebook.com}---to the local | |
4703 | host---@code{127.0.0.1} or its IPv6 equivalent, @code{::1}. | |
4704 | ||
4705 | This variable is typically used in the @code{hosts-file} field of an | |
7313a52e LC |
4706 | @code{operating-system} declaration (@pxref{operating-system Reference, |
4707 | @file{/etc/hosts}}): | |
fa0c1d61 LC |
4708 | |
4709 | @example | |
4710 | (use-modules (gnu) (guix)) | |
4711 | ||
4712 | (operating-system | |
4713 | (host-name "mymachine") | |
4714 | ;; ... | |
4715 | (hosts-file | |
4716 | ;; Create a /etc/hosts file with aliases for "localhost" | |
4717 | ;; and "mymachine", as well as for Facebook servers. | |
4718 | (text-file "hosts" | |
4719 | (string-append (local-host-aliases host-name) | |
4720 | %facebook-host-aliases)))) | |
4721 | @end example | |
4722 | ||
4723 | This mechanism can prevent programs running locally, such as Web | |
4724 | browsers, from accessing Facebook. | |
4725 | @end defvr | |
4726 | ||
cf4a9129 LC |
4727 | @node X Window |
4728 | @subsubsection X Window | |
68ad877c | 4729 | |
cf4a9129 LC |
4730 | Support for the X Window graphical display system---specifically |
4731 | Xorg---is provided by the @code{(gnu services xorg)} module. Note that | |
4732 | there is no @code{xorg-service} procedure. Instead, the X server is | |
4733 | started by the @dfn{login manager}, currently SLiM. | |
4af2447e | 4734 | |
cf4a9129 | 4735 | @deffn {Monadic Procedure} slim-service [#:allow-empty-passwords? #f] @ |
0ecc3bf3 LC |
4736 | [#:auto-login? #f] [#:default-user ""] [#:startx] @ |
4737 | [#:theme @var{%default-slim-theme}] @ | |
4bd43bbe | 4738 | [#:theme-name @var{%default-slim-theme-name}] |
cf4a9129 LC |
4739 | Return a service that spawns the SLiM graphical login manager, which in |
4740 | turn starts the X display server with @var{startx}, a command as returned by | |
4741 | @code{xorg-start-command}. | |
4af2447e | 4742 | |
cf4a9129 LC |
4743 | When @var{allow-empty-passwords?} is true, allow logins with an empty |
4744 | password. When @var{auto-login?} is true, log in automatically as | |
4745 | @var{default-user}. | |
0ecc3bf3 LC |
4746 | |
4747 | If @var{theme} is @code{#f}, the use the default log-in theme; otherwise | |
4748 | @var{theme} must be a gexp denoting the name of a directory containing the | |
4749 | theme to use. In that case, @var{theme-name} specifies the name of the | |
4750 | theme. | |
cf4a9129 | 4751 | @end deffn |
4af2447e | 4752 | |
0ecc3bf3 LC |
4753 | @defvr {Scheme Variable} %default-theme |
4754 | @defvrx {Scheme Variable} %default-theme-name | |
4755 | The G-Expression denoting the default SLiM theme and its name. | |
4756 | @end defvr | |
4757 | ||
f703413e | 4758 | @deffn {Monadic Procedure} xorg-start-command [#:guile] @ |
d2e59637 | 4759 | [#:drivers '()] [#:resolutions '()] [#:xorg-server @var{xorg-server}] |
f703413e LC |
4760 | Return a derivation that builds a @var{guile} script to start the X server |
4761 | from @var{xorg-server}. Usually the X server is started by a login manager. | |
4762 | ||
4763 | @var{drivers} must be either the empty list, in which case Xorg chooses a | |
4764 | graphics driver automatically, or a list of driver names that will be tried in | |
4765 | this order---e.g., @code{("modesetting" "vesa")}. | |
d2e59637 LC |
4766 | |
4767 | Likewise, when @var{resolutions} is the empty list, Xorg chooses an | |
4768 | appropriate screen resolution; otherwise, it must be a list of | |
4769 | resolutions---e.g., @code{((1024 768) (640 480))}. | |
f703413e | 4770 | @end deffn |
4af2447e | 4771 | |
aa4ed923 AK |
4772 | @node Various Services |
4773 | @subsubsection Various Services | |
4774 | ||
4775 | The @code{(gnu services lirc)} module provides the following service. | |
4776 | ||
4777 | @deffn {Monadic Procedure} lirc-service [#:lirc lirc] @ | |
4778 | [#:device #f] [#:driver #f] [#:config-file #f] @ | |
4779 | [#:extra-options '()] | |
4780 | Return a service that runs @url{http://www.lirc.org,LIRC}, a daemon that | |
4781 | decodes infrared signals from remote controls. | |
4782 | ||
4783 | Optionally, @var{device}, @var{driver} and @var{config-file} | |
4784 | (configuration file name) may be specified. See @command{lircd} manual | |
4785 | for details. | |
4786 | ||
4787 | Finally, @var{extra-options} is a list of additional command-line options | |
4788 | passed to @command{lircd}. | |
4789 | @end deffn | |
4790 | ||
0ae8c15a LC |
4791 | @node Setuid Programs |
4792 | @subsection Setuid Programs | |
4793 | ||
4794 | @cindex setuid programs | |
4795 | Some programs need to run with ``root'' privileges, even when they are | |
4796 | launched by unprivileged users. A notorious example is the | |
4797 | @command{passwd} programs, which can users can run to change their | |
4798 | password, and which requires write access to the @file{/etc/passwd} and | |
4799 | @file{/etc/shadow} files---something normally restricted to root, for | |
4800 | obvious security reasons. To address that, these executables are | |
4801 | @dfn{setuid-root}, meaning that they always run with root privileges | |
4802 | (@pxref{How Change Persona,,, libc, The GNU C Library Reference Manual}, | |
4803 | for more info about the setuid mechanisms.) | |
4804 | ||
4805 | The store itself @emph{cannot} contain setuid programs: that would be a | |
4806 | security issue since any user on the system can write derivations that | |
4807 | populate the store (@pxref{The Store}). Thus, a different mechanism is | |
4808 | used: instead of changing the setuid bit directly on files that are in | |
4809 | the store, we let the system administrator @emph{declare} which programs | |
4810 | should be setuid root. | |
4811 | ||
4812 | The @code{setuid-programs} field of an @code{operating-system} | |
4813 | declaration contains a list of G-expressions denoting the names of | |
4814 | programs to be setuid-root (@pxref{Using the Configuration System}). | |
4815 | For instance, the @command{passwd} program, which is part of the Shadow | |
4816 | package, can be designated by this G-expression (@pxref{G-Expressions}): | |
4817 | ||
4818 | @example | |
4819 | #~(string-append #$shadow "/bin/passwd") | |
4820 | @end example | |
4821 | ||
4822 | A default set of setuid programs is defined by the | |
4823 | @code{%setuid-programs} variable of the @code{(gnu system)} module. | |
4824 | ||
4825 | @defvr {Scheme Variable} %setuid-programs | |
4826 | A list of G-expressions denoting common programs that are setuid-root. | |
4827 | ||
4828 | The list includes commands such as @command{passwd}, @command{ping}, | |
4829 | @command{su}, and @command{sudo}. | |
4830 | @end defvr | |
4831 | ||
4832 | Under the hood, the actual setuid programs are created in the | |
4833 | @file{/run/setuid-programs} directory at system activation time. The | |
4834 | files in this directory refer to the ``real'' binaries, which are in the | |
4835 | store. | |
4836 | ||
996ed739 LC |
4837 | @node Name Service Switch |
4838 | @subsection Name Service Switch | |
4839 | ||
4840 | @cindex name service switch | |
4841 | @cindex NSS | |
4842 | The @code{(gnu system nss)} module provides bindings to the | |
4843 | configuration file of libc's @dfn{name service switch} or @dfn{NSS} | |
4844 | (@pxref{NSS Configuration File,,, libc, The GNU C Library Reference | |
4845 | Manual}). In a nutshell, the NSS is a mechanism that allows libc to be | |
4846 | extended with new ``name'' lookup methods for system databases, which | |
4847 | includes host names, service names, user accounts, and more (@pxref{Name | |
4848 | Service Switch, System Databases and Name Service Switch,, libc, The GNU | |
4849 | C Library Reference Manual}). | |
4850 | ||
4851 | The NSS configuration specifies, for each system database, which lookup | |
4852 | method is to be used, and how the various methods are chained | |
4853 | together---for instance, under which circumstances NSS should try the | |
4854 | next method in the list. The NSS configuration is given in the | |
4855 | @code{name-service-switch} field of @code{operating-system} declarations | |
4856 | (@pxref{operating-system Reference, @code{name-service-switch}}). | |
4857 | ||
4858 | @c See <http://0pointer.de/lennart/projects/nss-mdns/>. | |
4859 | As an example, the declaration below configures the NSS to use the | |
4860 | @code{nss-mdns} back-end for host name lookups: | |
4861 | ||
4862 | @example | |
4863 | (name-service-switch | |
4864 | (hosts (list %files ;first, check /etc/hosts | |
4865 | ||
4866 | ;; If the above did not succeed, try | |
4867 | ;; with 'mdns_minimal'. | |
4868 | (name-service | |
4869 | (name "mdns_minimal") | |
4870 | ||
4871 | ;; 'mdns_minimal' is authoritative for | |
4872 | ;; '.local'. When it returns "not found", | |
4873 | ;; no need to try the next methods. | |
4874 | (reaction (lookup-specification | |
4875 | (not-found => return)))) | |
4876 | ||
4877 | ;; Then fall back to DNS. | |
4878 | (name-service | |
4879 | (name "dns")) | |
4880 | ||
4881 | ;; Finally, try with the "full" 'mdns'. | |
4882 | (name-service | |
4883 | (name "mdns"))))) | |
4884 | @end example | |
4885 | ||
4886 | The reference for name service switch configuration is given below. It | |
4887 | is a direct mapping of the C library's configuration file format, so | |
4888 | please refer to the C library manual for more information (@pxref{NSS | |
4889 | Configuration File,,, libc, The GNU C Library Reference Manual}). | |
4890 | Compared to libc's NSS configuration file format, it has the advantage | |
4891 | not only of adding this warm parenthetic feel that we like, but also | |
4892 | static checks: you'll know about syntax errors and typos as soon as you | |
4893 | run @command{guix system}. | |
4894 | ||
4895 | @defvr {Scheme Variable} %default-nss | |
4896 | This is the default name service switch configuration, a | |
4897 | @code{name-service-switch} object. | |
4898 | @end defvr | |
4899 | ||
4900 | @deftp {Data Type} name-service-switch | |
4901 | ||
4902 | This is the data type representation the configuration of libc's name | |
4903 | service switch (NSS). Each field below represents one of the supported | |
4904 | system databases. | |
4905 | ||
4906 | @table @code | |
4907 | @item aliases | |
4908 | @itemx ethers | |
4909 | @itemx group | |
4910 | @itemx gshadow | |
4911 | @itemx hosts | |
4912 | @itemx initgroups | |
4913 | @itemx netgroup | |
4914 | @itemx networks | |
4915 | @itemx password | |
4916 | @itemx public-key | |
4917 | @itemx rpc | |
4918 | @itemx services | |
4919 | @itemx shadow | |
4920 | The system databases handled by the NSS. Each of these fields must be a | |
4921 | list of @code{<name-service>} objects (see below.) | |
4922 | @end table | |
4923 | @end deftp | |
4924 | ||
4925 | @deftp {Data Type} name-service | |
4926 | ||
4927 | This is the data type representing an actual name service and the | |
4928 | associated lookup action. | |
4929 | ||
4930 | @table @code | |
4931 | @item name | |
4932 | A string denoting the name service (@pxref{Services in the NSS | |
4933 | configuration,,, libc, The GNU C Library Reference Manual}). | |
4934 | ||
4aee6e60 LC |
4935 | Note that name services listed here must be visible to nscd. This is |
4936 | achieved by passing the @code{#:name-services} argument to | |
4937 | @code{nscd-service} the list of packages providing the needed name | |
4938 | services (@pxref{Base Services, @code{nscd-service}}). | |
4939 | ||
996ed739 LC |
4940 | @item reaction |
4941 | An action specified using the @code{lookup-specification} macro | |
4942 | (@pxref{Actions in the NSS configuration,,, libc, The GNU C Library | |
4943 | Reference Manual}). For example: | |
4944 | ||
4945 | @example | |
4946 | (lookup-specification (unavailable => continue) | |
4947 | (success => return)) | |
4948 | @end example | |
4949 | @end table | |
4950 | @end deftp | |
0ae8c15a | 4951 | |
fd1b1fa2 LC |
4952 | @node Initial RAM Disk |
4953 | @subsection Initial RAM Disk | |
4954 | ||
4955 | @cindex initial RAM disk (initrd) | |
4956 | @cindex initrd (initial RAM disk) | |
4957 | For bootstrapping purposes, the Linux-Libre kernel is passed an | |
4958 | @dfn{initial RAM disk}, or @dfn{initrd}. An initrd contains a temporary | |
4959 | root file system, as well as an initialization script. The latter is | |
4960 | responsible for mounting the real root file system, and for loading any | |
4961 | kernel modules that may be needed to achieve that. | |
4962 | ||
4963 | The @code{initrd} field of an @code{operating-system} declaration allows | |
4964 | you to specify which initrd you would like to use. The @code{(gnu | |
4965 | system linux-initrd)} module provides two ways to build an initrd: the | |
4966 | high-level @code{base-initrd} procedure, and the low-level | |
4967 | @code{expression->initrd} procedure. | |
4968 | ||
4969 | The @code{base-initrd} procedure is intended to cover most common uses. | |
4970 | For example, if you want to add a bunch of kernel modules to be loaded | |
4971 | at boot time, you can define the @code{initrd} field of the operating | |
4972 | system declaration like this: | |
4973 | ||
4974 | @example | |
52ac153e | 4975 | (initrd (lambda (file-systems . rest) |
027981d6 LC |
4976 | ;; Create a standard initrd that has modules "foo.ko" |
4977 | ;; and "bar.ko", as well as their dependencies, in | |
4978 | ;; addition to the modules available by default. | |
52ac153e | 4979 | (apply base-initrd file-systems |
027981d6 | 4980 | #:extra-modules '("foo" "bar") |
52ac153e | 4981 | rest))) |
fd1b1fa2 LC |
4982 | @end example |
4983 | ||
52ac153e LC |
4984 | The @code{base-initrd} procedure also handles common use cases that |
4985 | involves using the system as a QEMU guest, or as a ``live'' system whose | |
4986 | root file system is volatile. | |
fd1b1fa2 LC |
4987 | |
4988 | @deffn {Monadic Procedure} base-initrd @var{file-systems} @ | |
4989 | [#:qemu-networking? #f] [#:virtio? #f] [#:volatile-root? #f] @ | |
52ac153e | 4990 | [#:extra-modules '()] [#:mapped-devices '()] |
fd1b1fa2 LC |
4991 | Return a monadic derivation that builds a generic initrd. @var{file-systems} is |
4992 | a list of file-systems to be mounted by the initrd, possibly in addition to | |
4993 | the root file system specified on the kernel command line via @code{--root}. | |
52ac153e LC |
4994 | @var{mapped-devices} is a list of device mappings to realize before |
4995 | @var{file-systems} are mounted (@pxref{Mapped Devices}). | |
fd1b1fa2 LC |
4996 | |
4997 | When @var{qemu-networking?} is true, set up networking with the standard QEMU | |
4998 | parameters. When @var{virtio?} is true, load additional modules so the initrd can | |
4999 | be used as a QEMU guest with para-virtualized I/O drivers. | |
5000 | ||
5001 | When @var{volatile-root?} is true, the root file system is writable but any changes | |
5002 | to it are lost. | |
5003 | ||
5004 | The initrd is automatically populated with all the kernel modules necessary | |
5005 | for @var{file-systems} and for the given options. However, additional kernel | |
5006 | modules can be listed in @var{extra-modules}. They will be added to the initrd, and | |
5007 | loaded at boot time in the order in which they appear. | |
5008 | @end deffn | |
5009 | ||
5010 | Needless to say, the initrds we produce and use embed a | |
5011 | statically-linked Guile, and the initialization program is a Guile | |
5012 | program. That gives a lot of flexibility. The | |
5013 | @code{expression->initrd} procedure builds such an initrd, given the | |
5014 | program to run in that initrd. | |
5015 | ||
5016 | @deffn {Monadic Procedure} expression->initrd @var{exp} @ | |
5017 | [#:guile %guile-static-stripped] [#:name "guile-initrd"] @ | |
42d10464 | 5018 | [#:modules '()] |
fd1b1fa2 LC |
5019 | Return a derivation that builds a Linux initrd (a gzipped cpio archive) |
5020 | containing @var{guile} and that evaluates @var{exp}, a G-expression, | |
df650fa8 LC |
5021 | upon booting. All the derivations referenced by @var{exp} are |
5022 | automatically copied to the initrd. | |
fd1b1fa2 | 5023 | |
42d10464 LC |
5024 | @var{modules} is a list of Guile module names to be embedded in the |
5025 | initrd. | |
fd1b1fa2 LC |
5026 | @end deffn |
5027 | ||
88faf933 LC |
5028 | @node GRUB Configuration |
5029 | @subsection GRUB Configuration | |
5030 | ||
5031 | @cindex GRUB | |
5032 | @cindex boot loader | |
5033 | ||
5034 | The operating system uses GNU@tie{}GRUB as its boot loader | |
5035 | (@pxref{Overview, overview of GRUB,, grub, GNU GRUB Manual}). It is | |
5036 | configured using @code{grub-configuration} declarations. This data type | |
5037 | is exported by the @code{(gnu system grub)} module, and described below. | |
5038 | ||
5039 | @deftp {Data Type} grub-configuration | |
5040 | The type of a GRUB configuration declaration. | |
5041 | ||
5042 | @table @asis | |
5043 | ||
5044 | @item @code{device} | |
5045 | This is a string denoting the boot device. It must be a device name | |
5046 | understood by the @command{grub-install} command, such as | |
5047 | @code{/dev/sda} or @code{(hd0)} (@pxref{Invoking grub-install,,, grub, | |
5048 | GNU GRUB Manual}). | |
5049 | ||
5050 | @item @code{menu-entries} (default: @code{()}) | |
5051 | A possibly empty list of @code{menu-entry} objects (see below), denoting | |
5052 | entries to appear in the GRUB boot menu, in addition to the current | |
5053 | system entry and the entry pointing to previous system generations. | |
5054 | ||
5055 | @item @code{default-entry} (default: @code{0}) | |
5056 | The index of the default boot menu entry. Index 0 is for the current | |
5057 | system's entry. | |
5058 | ||
5059 | @item @code{timeout} (default: @code{5}) | |
5060 | The number of seconds to wait for keyboard input before booting. Set to | |
5061 | 0 to boot immediately, and to -1 to wait indefinitely. | |
5062 | ||
5063 | @item @code{theme} (default: @var{%default-theme}) | |
5064 | The @code{grub-theme} object describing the theme to use. | |
5065 | @end table | |
5066 | ||
5067 | @end deftp | |
5068 | ||
5069 | Should you want to list additional boot menu entries @i{via} the | |
5070 | @code{menu-entries} field above, you will need to create them with the | |
5071 | @code{menu-entry} form: | |
5072 | ||
5073 | @deftp {Data Type} menu-entry | |
5074 | The type of an entry in the GRUB boot menu. | |
5075 | ||
5076 | @table @asis | |
5077 | ||
5078 | @item @code{label} | |
35ed9306 | 5079 | The label to show in the menu---e.g., @code{"GNU"}. |
88faf933 LC |
5080 | |
5081 | @item @code{linux} | |
5082 | The Linux kernel to boot. | |
5083 | ||
5084 | @item @code{linux-arguments} (default: @code{()}) | |
5085 | The list of extra Linux kernel command-line arguments---e.g., | |
5086 | @code{("console=ttyS0")}. | |
5087 | ||
5088 | @item @code{initrd} | |
5089 | A G-Expression or string denoting the file name of the initial RAM disk | |
5090 | to use (@pxref{G-Expressions}). | |
5091 | ||
5092 | @end table | |
5093 | @end deftp | |
5094 | ||
5095 | @c FIXME: Write documentation once it's stable. | |
5096 | Themes are created using the @code{grub-theme} form, which is not | |
5097 | documented yet. | |
5098 | ||
5099 | @defvr {Scheme Variable} %default-theme | |
5100 | This is the default GRUB theme used by the operating system, with a | |
5101 | fancy background image displaying the GNU and Guix logos. | |
5102 | @end defvr | |
5103 | ||
5104 | ||
cf4a9129 LC |
5105 | @node Invoking guix system |
5106 | @subsection Invoking @code{guix system} | |
0918e64a | 5107 | |
cf4a9129 LC |
5108 | Once you have written an operating system declaration, as seen in the |
5109 | previous section, it can be @dfn{instantiated} using the @command{guix | |
5110 | system} command. The synopsis is: | |
4af2447e | 5111 | |
cf4a9129 LC |
5112 | @example |
5113 | guix system @var{options}@dots{} @var{action} @var{file} | |
5114 | @end example | |
4af2447e | 5115 | |
cf4a9129 LC |
5116 | @var{file} must be the name of a file containing an |
5117 | @code{operating-system} declaration. @var{action} specifies how the | |
5118 | operating system is instantiate. Currently the following values are | |
5119 | supported: | |
4af2447e | 5120 | |
cf4a9129 LC |
5121 | @table @code |
5122 | @item reconfigure | |
5123 | Build the operating system described in @var{file}, activate it, and | |
5124 | switch to it@footnote{This action is usable only on systems already | |
5125 | running GNU.}. | |
4af2447e | 5126 | |
cf4a9129 LC |
5127 | This effects all the configuration specified in @var{file}: user |
5128 | accounts, system services, global package list, setuid programs, etc. | |
4af2447e | 5129 | |
cf4a9129 LC |
5130 | It also adds a GRUB menu entry for the new OS configuration, and moves |
5131 | entries for older configurations to a submenu---unless | |
5132 | @option{--no-grub} is passed. | |
4af2447e | 5133 | |
bf2479c7 LC |
5134 | @c The paragraph below refers to the problem discussed at |
5135 | @c <http://lists.gnu.org/archive/html/guix-devel/2014-08/msg00057.html>. | |
5136 | It is highly recommended to run @command{guix pull} once before you run | |
5137 | @command{guix system reconfigure} for the first time (@pxref{Invoking | |
5138 | guix pull}). Failing to do that you would see an older version of Guix | |
5139 | once @command{reconfigure} has completed. | |
5140 | ||
cf4a9129 LC |
5141 | @item build |
5142 | Build the operating system's derivation, which includes all the | |
5143 | configuration files and programs needed to boot and run the system. | |
5144 | This action does not actually install anything. | |
113daf62 | 5145 | |
cf4a9129 LC |
5146 | @item init |
5147 | Populate the given directory with all the files necessary to run the | |
5148 | operating system specified in @var{file}. This is useful for first-time | |
3ca2731c | 5149 | installations of GSD. For instance: |
113daf62 LC |
5150 | |
5151 | @example | |
cf4a9129 | 5152 | guix system init my-os-config.scm /mnt |
113daf62 LC |
5153 | @end example |
5154 | ||
cf4a9129 LC |
5155 | copies to @file{/mnt} all the store items required by the configuration |
5156 | specified in @file{my-os-config.scm}. This includes configuration | |
5157 | files, packages, and so on. It also creates other essential files | |
5158 | needed for the system to operate correctly---e.g., the @file{/etc}, | |
5159 | @file{/var}, and @file{/run} directories, and the @file{/bin/sh} file. | |
113daf62 | 5160 | |
cf4a9129 LC |
5161 | This command also installs GRUB on the device specified in |
5162 | @file{my-os-config}, unless the @option{--no-grub} option was passed. | |
113daf62 | 5163 | |
cf4a9129 LC |
5164 | @item vm |
5165 | @cindex virtual machine | |
0276f697 | 5166 | @cindex VM |
cf4a9129 LC |
5167 | Build a virtual machine that contain the operating system declared in |
5168 | @var{file}, and return a script to run that virtual machine (VM). | |
810568b3 | 5169 | Arguments given to the script are passed as is to QEMU. |
113daf62 | 5170 | |
cf4a9129 | 5171 | The VM shares its store with the host system. |
113daf62 | 5172 | |
0276f697 LC |
5173 | Additional file systems can be shared between the host and the VM using |
5174 | the @code{--share} and @code{--expose} command-line options: the former | |
5175 | specifies a directory to be shared with write access, while the latter | |
5176 | provides read-only access to the shared directory. | |
5177 | ||
5178 | The example below creates a VM in which the user's home directory is | |
5179 | accessible read-only, and where the @file{/exchange} directory is a | |
5180 | read-write mapping of the host's @file{$HOME/tmp}: | |
5181 | ||
5182 | @example | |
5183 | guix system vm my-config.scm \ | |
5184 | --expose=$HOME --share=$HOME/tmp=/exchange | |
5185 | @end example | |
5186 | ||
6aa260af LC |
5187 | On GNU/Linux, the default is to boot directly to the kernel; this has |
5188 | the advantage of requiring only a very tiny root disk image since the | |
5189 | host's store can then be mounted. | |
5190 | ||
5191 | The @code{--full-boot} option forces a complete boot sequence, starting | |
5192 | with the bootloader. This requires more disk space since a root image | |
5193 | containing at least the kernel, initrd, and bootloader data files must | |
5194 | be created. The @code{--image-size} option can be used to specify the | |
5195 | image's size. | |
ab11f0be | 5196 | |
cf4a9129 LC |
5197 | @item vm-image |
5198 | @itemx disk-image | |
5199 | Return a virtual machine or disk image of the operating system declared | |
5200 | in @var{file} that stands alone. Use the @option{--image-size} option | |
5201 | to specify the size of the image. | |
113daf62 | 5202 | |
cf4a9129 LC |
5203 | When using @code{vm-image}, the returned image is in qcow2 format, which |
5204 | the QEMU emulator can efficiently use. | |
113daf62 | 5205 | |
cf4a9129 LC |
5206 | When using @code{disk-image}, a raw disk image is produced; it can be |
5207 | copied as is to a USB stick, for instance. Assuming @code{/dev/sdc} is | |
5208 | the device corresponding to a USB stick, one can copy the image on it | |
5209 | using the following command: | |
113daf62 | 5210 | |
cf4a9129 LC |
5211 | @example |
5212 | # dd if=$(guix system disk-image my-os.scm) of=/dev/sdc | |
5213 | @end example | |
113daf62 | 5214 | |
cf4a9129 | 5215 | @end table |
113daf62 | 5216 | |
cf4a9129 LC |
5217 | @var{options} can contain any of the common build options provided by |
5218 | @command{guix build} (@pxref{Invoking guix build}). In addition, | |
5219 | @var{options} can contain one of the following: | |
113daf62 | 5220 | |
cf4a9129 LC |
5221 | @table @option |
5222 | @item --system=@var{system} | |
5223 | @itemx -s @var{system} | |
5224 | Attempt to build for @var{system} instead of the host's system type. | |
5225 | This works as per @command{guix build} (@pxref{Invoking guix build}). | |
113daf62 | 5226 | |
cf4a9129 LC |
5227 | @item --image-size=@var{size} |
5228 | For the @code{vm-image} and @code{disk-image} actions, create an image | |
5229 | of the given @var{size}. @var{size} may be a number of bytes, or it may | |
4a44d7bb LC |
5230 | include a unit as a suffix (@pxref{Block size, size specifications,, |
5231 | coreutils, GNU Coreutils}). | |
113daf62 | 5232 | @end table |
113daf62 | 5233 | |
cf4a9129 LC |
5234 | Note that all the actions above, except @code{build} and @code{init}, |
5235 | rely on KVM support in the Linux-Libre kernel. Specifically, the | |
5236 | machine should have hardware virtualization support, the corresponding | |
5237 | KVM kernel module should be loaded, and the @file{/dev/kvm} device node | |
5238 | must exist and be readable and writable by the user and by the daemon's | |
5239 | build users. | |
8451a568 | 5240 | |
cf4a9129 LC |
5241 | @node Defining Services |
5242 | @subsection Defining Services | |
8451a568 | 5243 | |
cf4a9129 LC |
5244 | The @code{(gnu services @dots{})} modules define several procedures that allow |
5245 | users to declare the operating system's services (@pxref{Using the | |
5246 | Configuration System}). These procedures are @emph{monadic | |
5247 | procedures}---i.e., procedures that return a monadic value in the store | |
5248 | monad (@pxref{The Store Monad}). For examples of such procedures, | |
5249 | @xref{Services}. | |
8451a568 | 5250 | |
cf4a9129 LC |
5251 | @cindex service definition |
5252 | The monadic value returned by those procedures is a @dfn{service | |
5253 | definition}---a structure as returned by the @code{service} form. | |
5254 | Service definitions specifies the inputs the service depends on, and an | |
5255 | expression to start and stop the service. Behind the scenes, service | |
5256 | definitions are ``translated'' into the form suitable for the | |
5257 | configuration file of dmd, the init system (@pxref{Services,,, dmd, GNU | |
5258 | dmd Manual}). | |
8451a568 | 5259 | |
cf4a9129 LC |
5260 | As an example, here is what the @code{nscd-service} procedure looks |
5261 | like: | |
8451a568 | 5262 | |
cf4a9129 LC |
5263 | @lisp |
5264 | (define (nscd-service) | |
5265 | (with-monad %store-monad | |
5266 | (return (service | |
5267 | (documentation "Run libc's name service cache daemon.") | |
5268 | (provision '(nscd)) | |
5269 | (activate #~(begin | |
5270 | (use-modules (guix build utils)) | |
5271 | (mkdir-p "/var/run/nscd"))) | |
5272 | (start #~(make-forkexec-constructor | |
5273 | (string-append #$glibc "/sbin/nscd") | |
5274 | "-f" "/dev/null" "--foreground")) | |
5275 | (stop #~(make-kill-destructor)) | |
5276 | (respawn? #f))))) | |
5277 | @end lisp | |
8451a568 | 5278 | |
cf4a9129 LC |
5279 | @noindent |
5280 | The @code{activate}, @code{start}, and @code{stop} fields are G-expressions | |
5281 | (@pxref{G-Expressions}). The @code{activate} field contains a script to | |
5282 | run at ``activation'' time; it makes sure that the @file{/var/run/nscd} | |
5283 | directory exists before @command{nscd} is started. | |
8451a568 | 5284 | |
cf4a9129 LC |
5285 | The @code{start} and @code{stop} fields refer to dmd's facilities to |
5286 | start and stop processes (@pxref{Service De- and Constructors,,, dmd, | |
5287 | GNU dmd Manual}). The @code{provision} field specifies the name under | |
5288 | which this service is known to dmd, and @code{documentation} specifies | |
5289 | on-line documentation. Thus, the commands @command{deco start ncsd}, | |
5290 | @command{deco stop nscd}, and @command{deco doc nscd} will do what you | |
5291 | would expect (@pxref{Invoking deco,,, dmd, GNU dmd Manual}). | |
8451a568 | 5292 | |
8451a568 | 5293 | |
cf4a9129 LC |
5294 | @node Installing Debugging Files |
5295 | @section Installing Debugging Files | |
8451a568 | 5296 | |
cf4a9129 LC |
5297 | @cindex debugging files |
5298 | Program binaries, as produced by the GCC compilers for instance, are | |
5299 | typically written in the ELF format, with a section containing | |
5300 | @dfn{debugging information}. Debugging information is what allows the | |
5301 | debugger, GDB, to map binary code to source code; it is required to | |
5302 | debug a compiled program in good conditions. | |
8451a568 | 5303 | |
cf4a9129 LC |
5304 | The problem with debugging information is that is takes up a fair amount |
5305 | of disk space. For example, debugging information for the GNU C Library | |
5306 | weighs in at more than 60 MiB. Thus, as a user, keeping all the | |
5307 | debugging info of all the installed programs is usually not an option. | |
5308 | Yet, space savings should not come at the cost of an impediment to | |
5309 | debugging---especially in the GNU system, which should make it easier | |
5310 | for users to exert their computing freedom (@pxref{GNU Distribution}). | |
8451a568 | 5311 | |
cf4a9129 LC |
5312 | Thankfully, the GNU Binary Utilities (Binutils) and GDB provide a |
5313 | mechanism that allows users to get the best of both worlds: debugging | |
5314 | information can be stripped from the binaries and stored in separate | |
5315 | files. GDB is then able to load debugging information from those files, | |
5316 | when they are available (@pxref{Separate Debug Files,,, gdb, Debugging | |
5317 | with GDB}). | |
8451a568 | 5318 | |
cf4a9129 LC |
5319 | The GNU distribution takes advantage of this by storing debugging |
5320 | information in the @code{lib/debug} sub-directory of a separate package | |
5321 | output unimaginatively called @code{debug} (@pxref{Packages with | |
5322 | Multiple Outputs}). Users can choose to install the @code{debug} output | |
5323 | of a package when they need it. For instance, the following command | |
5324 | installs the debugging information for the GNU C Library and for GNU | |
5325 | Guile: | |
8451a568 LC |
5326 | |
5327 | @example | |
cf4a9129 | 5328 | guix package -i glibc:debug guile:debug |
8451a568 LC |
5329 | @end example |
5330 | ||
cf4a9129 LC |
5331 | GDB must then be told to look for debug files in the user's profile, by |
5332 | setting the @code{debug-file-directory} variable (consider setting it | |
5333 | from the @file{~/.gdbinit} file, @pxref{Startup,,, gdb, Debugging with | |
5334 | GDB}): | |
8451a568 | 5335 | |
cf4a9129 LC |
5336 | @example |
5337 | (gdb) set debug-file-directory ~/.guix-profile/lib/debug | |
5338 | @end example | |
8451a568 | 5339 | |
cf4a9129 LC |
5340 | From there on, GDB will pick up debugging information from the |
5341 | @code{.debug} files under @file{~/.guix-profile/lib/debug}. | |
8451a568 | 5342 | |
cf4a9129 LC |
5343 | In addition, you will most likely want GDB to be able to show the source |
5344 | code being debugged. To do that, you will have to unpack the source | |
5345 | code of the package of interest (obtained with @code{guix build | |
5346 | --source}, @pxref{Invoking guix build}), and to point GDB to that source | |
5347 | directory using the @code{directory} command (@pxref{Source Path, | |
5348 | @code{directory},, gdb, Debugging with GDB}). | |
8451a568 | 5349 | |
cf4a9129 LC |
5350 | @c XXX: keep me up-to-date |
5351 | The @code{debug} output mechanism in Guix is implemented by the | |
5352 | @code{gnu-build-system} (@pxref{Build Systems}). Currently, it is | |
5353 | opt-in---debugging information is available only for those packages | |
5354 | whose definition explicitly declares a @code{debug} output. This may be | |
5355 | changed to opt-out in the future, if our build farm servers can handle | |
5356 | the load. To check whether a package has a @code{debug} output, use | |
5357 | @command{guix package --list-available} (@pxref{Invoking guix package}). | |
8451a568 | 5358 | |
8451a568 | 5359 | |
05962f29 LC |
5360 | @node Security Updates |
5361 | @section Security Updates | |
5362 | ||
843858b8 LC |
5363 | @quotation Note |
5364 | As of version @value{VERSION}, the feature described in this section is | |
5365 | experimental. | |
5366 | @end quotation | |
05962f29 LC |
5367 | |
5368 | @cindex security updates | |
5369 | Occasionally, important security vulnerabilities are discovered in core | |
5370 | software packages and must be patched. Guix follows a functional | |
5371 | package management discipline (@pxref{Introduction}), which implies | |
5372 | that, when a package is changed, @emph{every package that depends on it} | |
5373 | must be rebuilt. This can significantly slow down the deployment of | |
5374 | fixes in core packages such as libc or Bash, since basically the whole | |
5375 | distribution would need to be rebuilt. Using pre-built binaries helps | |
5376 | (@pxref{Substitutes}), but deployment may still take more time than | |
5377 | desired. | |
5378 | ||
5379 | @cindex grafts | |
5380 | To address that, Guix implements @dfn{grafts}, a mechanism that allows | |
5381 | for fast deployment of critical updates without the costs associated | |
5382 | with a whole-distribution rebuild. The idea is to rebuild only the | |
5383 | package that needs to be patched, and then to ``graft'' it onto packages | |
5384 | explicitly installed by the user and that were previously referring to | |
5385 | the original package. The cost of grafting is typically very low, and | |
5386 | order of magnitudes lower than a full rebuild of the dependency chain. | |
5387 | ||
5388 | @cindex replacements of packages, for grafts | |
5389 | For instance, suppose a security update needs to be applied to Bash. | |
5390 | Guix developers will provide a package definition for the ``fixed'' | |
5391 | Bash, say @var{bash-fixed}, in the usual way (@pxref{Defining | |
5392 | Packages}). Then, the original package definition is augmented with a | |
5393 | @code{replacement} field pointing to the package containing the bug fix: | |
5394 | ||
5395 | @example | |
5396 | (define bash | |
5397 | (package | |
5398 | (name "bash") | |
5399 | ;; @dots{} | |
5400 | (replacement bash-fixed))) | |
5401 | @end example | |
5402 | ||
5403 | From there on, any package depending directly or indirectly on Bash that | |
5404 | is installed will automatically be ``rewritten'' to refer to | |
5405 | @var{bash-fixed} instead of @var{bash}. This grafting process takes | |
5406 | time proportional to the size of the package, but expect less than a | |
5407 | minute for an ``average'' package on a recent machine. | |
5408 | ||
5409 | Currently, the graft and the package it replaces (@var{bash-fixed} and | |
5410 | @var{bash} in the example above) must have the exact same @code{name} | |
5411 | and @code{version} fields. This restriction mostly comes from the fact | |
5412 | that grafting works by patching files, including binary files, directly. | |
5413 | Other restrictions may apply: for instance, when adding a graft to a | |
5414 | package providing a shared library, the original shared library and its | |
5415 | replacement must have the same @code{SONAME} and be binary-compatible. | |
5416 | ||
5417 | ||
cf4a9129 LC |
5418 | @node Package Modules |
5419 | @section Package Modules | |
8451a568 | 5420 | |
cf4a9129 LC |
5421 | From a programming viewpoint, the package definitions of the |
5422 | GNU distribution are provided by Guile modules in the @code{(gnu packages | |
5423 | @dots{})} name space@footnote{Note that packages under the @code{(gnu | |
5424 | packages @dots{})} module name space are not necessarily ``GNU | |
5425 | packages''. This module naming scheme follows the usual Guile module | |
5426 | naming convention: @code{gnu} means that these modules are distributed | |
5427 | as part of the GNU system, and @code{packages} identifies modules that | |
5428 | define packages.} (@pxref{Modules, Guile modules,, guile, GNU Guile | |
5429 | Reference Manual}). For instance, the @code{(gnu packages emacs)} | |
5430 | module exports a variable named @code{emacs}, which is bound to a | |
5431 | @code{<package>} object (@pxref{Defining Packages}). | |
113daf62 | 5432 | |
300868ba | 5433 | The @code{(gnu packages @dots{})} module name space is |
cf4a9129 LC |
5434 | automatically scanned for packages by the command-line tools. For |
5435 | instance, when running @code{guix package -i emacs}, all the @code{(gnu | |
5436 | packages @dots{})} modules are scanned until one that exports a package | |
5437 | object whose name is @code{emacs} is found. This package search | |
5438 | facility is implemented in the @code{(gnu packages)} module. | |
113daf62 | 5439 | |
300868ba | 5440 | @cindex customization, of packages |
8689901f | 5441 | @cindex package module search path |
cf4a9129 | 5442 | Users can store package definitions in modules with different |
60142854 LC |
5443 | names---e.g., @code{(my-packages emacs)}@footnote{Note that the file |
5444 | name and module name must match. @xref{Modules and the File System,,, | |
5445 | guile, GNU Guile Reference Manual}, for details.} These package definitions | |
300868ba LC |
5446 | will not be visible by default. Thus, users can invoke commands such as |
5447 | @command{guix package} and @command{guix build} have to be used with the | |
5448 | @code{-e} option so that they know where to find the package, or use the | |
5449 | @code{-L} option of these commands to make those modules visible | |
8689901f LC |
5450 | (@pxref{Invoking guix build, @code{--load-path}}), or define the |
5451 | @code{GUIX_PACKAGE_PATH} environment variable. This environment | |
5452 | variable makes it easy to extend or customize the distribution and is | |
5453 | honored by all the user interfaces. | |
5454 | ||
5455 | @defvr {Environment Variable} GUIX_PACKAGE_PATH | |
5456 | This is a colon-separated list of directories to search for package | |
5457 | modules. Directories listed in this variable take precedence over the | |
5458 | distribution's own modules. | |
5459 | @end defvr | |
ef5dd60a | 5460 | |
cf4a9129 LC |
5461 | The distribution is fully @dfn{bootstrapped} and @dfn{self-contained}: |
5462 | each package is built based solely on other packages in the | |
5463 | distribution. The root of this dependency graph is a small set of | |
5464 | @dfn{bootstrap binaries}, provided by the @code{(gnu packages | |
5465 | bootstrap)} module. For more information on bootstrapping, | |
081145cf | 5466 | @pxref{Bootstrapping}. |
ef5dd60a | 5467 | |
cf4a9129 LC |
5468 | @node Packaging Guidelines |
5469 | @section Packaging Guidelines | |
ef5dd60a | 5470 | |
cf4a9129 LC |
5471 | The GNU distribution is nascent and may well lack some of your favorite |
5472 | packages. This section describes how you can help make the distribution | |
5473 | grow. @xref{Contributing}, for additional information on how you can | |
5474 | help. | |
ef5dd60a | 5475 | |
cf4a9129 LC |
5476 | Free software packages are usually distributed in the form of |
5477 | @dfn{source code tarballs}---typically @file{tar.gz} files that contain | |
5478 | all the source files. Adding a package to the distribution means | |
5479 | essentially two things: adding a @dfn{recipe} that describes how to | |
5480 | build the package, including a list of other packages required to build | |
5481 | it, and adding @dfn{package meta-data} along with that recipe, such as a | |
5482 | description and licensing information. | |
ef5dd60a | 5483 | |
cf4a9129 LC |
5484 | In Guix all this information is embodied in @dfn{package definitions}. |
5485 | Package definitions provide a high-level view of the package. They are | |
5486 | written using the syntax of the Scheme programming language; in fact, | |
5487 | for each package we define a variable bound to the package definition, | |
5488 | and export that variable from a module (@pxref{Package Modules}). | |
5489 | However, in-depth Scheme knowledge is @emph{not} a prerequisite for | |
5490 | creating packages. For more information on package definitions, | |
081145cf | 5491 | @pxref{Defining Packages}. |
ef5dd60a | 5492 | |
cf4a9129 LC |
5493 | Once a package definition is in place, stored in a file in the Guix |
5494 | source tree, it can be tested using the @command{guix build} command | |
5495 | (@pxref{Invoking guix build}). For example, assuming the new package is | |
5496 | called @code{gnew}, you may run this command from the Guix build tree: | |
ef5dd60a LC |
5497 | |
5498 | @example | |
cf4a9129 | 5499 | ./pre-inst-env guix build gnew --keep-failed |
ef5dd60a | 5500 | @end example |
ef5dd60a | 5501 | |
cf4a9129 LC |
5502 | Using @code{--keep-failed} makes it easier to debug build failures since |
5503 | it provides access to the failed build tree. Another useful | |
5504 | command-line option when debugging is @code{--log-file}, to access the | |
5505 | build log. | |
ef5dd60a | 5506 | |
cf4a9129 LC |
5507 | If the package is unknown to the @command{guix} command, it may be that |
5508 | the source file contains a syntax error, or lacks a @code{define-public} | |
5509 | clause to export the package variable. To figure it out, you may load | |
5510 | the module from Guile to get more information about the actual error: | |
ef5dd60a | 5511 | |
cf4a9129 LC |
5512 | @example |
5513 | ./pre-inst-env guile -c '(use-modules (gnu packages gnew))' | |
5514 | @end example | |
ef5dd60a | 5515 | |
cf4a9129 LC |
5516 | Once your package builds correctly, please send us a patch |
5517 | (@pxref{Contributing}). Well, if you need help, we will be happy to | |
5518 | help you too. Once the patch is committed in the Guix repository, the | |
5519 | new package automatically gets built on the supported platforms by | |
2b1cee21 | 5520 | @url{http://hydra.gnu.org/jobset/gnu/master, our continuous integration |
cf4a9129 | 5521 | system}. |
ef5dd60a | 5522 | |
cf4a9129 LC |
5523 | @cindex substituter |
5524 | Users can obtain the new package definition simply by running | |
5525 | @command{guix pull} (@pxref{Invoking guix pull}). When | |
5526 | @code{hydra.gnu.org} is done building the package, installing the | |
5527 | package automatically downloads binaries from there | |
5528 | (@pxref{Substitutes}). The only place where human intervention is | |
5529 | needed is to review and apply the patch. | |
ef5dd60a | 5530 | |
ef5dd60a | 5531 | |
cf4a9129 | 5532 | @menu |
ec0339cd LC |
5533 | * Software Freedom:: What may go into the distribution. |
5534 | * Package Naming:: What's in a name? | |
5535 | * Version Numbers:: When the name is not enough. | |
5536 | * Python Modules:: Taming the snake. | |
5537 | * Perl Modules:: Little pearls. | |
5538 | * Fonts:: Fond of fonts. | |
cf4a9129 | 5539 | @end menu |
ef5dd60a | 5540 | |
cf4a9129 LC |
5541 | @node Software Freedom |
5542 | @subsection Software Freedom | |
ef5dd60a | 5543 | |
cf4a9129 | 5544 | @c Adapted from http://www.gnu.org/philosophy/philosophy.html. |
c11a6eb1 | 5545 | |
cf4a9129 LC |
5546 | The GNU operating system has been developed so that users can have |
5547 | freedom in their computing. GNU is @dfn{free software}, meaning that | |
5548 | users have the @url{http://www.gnu.org/philosophy/free-sw.html,four | |
5549 | essential freedoms}: to run the program, to study and change the program | |
5550 | in source code form, to redistribute exact copies, and to distribute | |
5551 | modified versions. Packages found in the GNU distribution provide only | |
5552 | software that conveys these four freedoms. | |
c11a6eb1 | 5553 | |
cf4a9129 LC |
5554 | In addition, the GNU distribution follow the |
5555 | @url{http://www.gnu.org/distros/free-system-distribution-guidelines.html,free | |
5556 | software distribution guidelines}. Among other things, these guidelines | |
5557 | reject non-free firmware, recommendations of non-free software, and | |
5558 | discuss ways to deal with trademarks and patents. | |
ef5dd60a | 5559 | |
cf4a9129 LC |
5560 | Some packages contain a small and optional subset that violates the |
5561 | above guidelines, for instance because this subset is itself non-free | |
5562 | code. When that happens, the offending items are removed with | |
5563 | appropriate patches or code snippets in the package definition's | |
5564 | @code{origin} form (@pxref{Defining Packages}). That way, @code{guix | |
5565 | build --source} returns the ``freed'' source rather than the unmodified | |
5566 | upstream source. | |
ef5dd60a | 5567 | |
ef5dd60a | 5568 | |
cf4a9129 LC |
5569 | @node Package Naming |
5570 | @subsection Package Naming | |
ef5dd60a | 5571 | |
cf4a9129 LC |
5572 | A package has actually two names associated with it: |
5573 | First, there is the name of the @emph{Scheme variable}, the one following | |
5574 | @code{define-public}. By this name, the package can be made known in the | |
5575 | Scheme code, for instance as input to another package. Second, there is | |
5576 | the string in the @code{name} field of a package definition. This name | |
5577 | is used by package management commands such as | |
5578 | @command{guix package} and @command{guix build}. | |
ef5dd60a | 5579 | |
cf4a9129 LC |
5580 | Both are usually the same and correspond to the lowercase conversion of |
5581 | the project name chosen upstream, with underscores replaced with | |
5582 | hyphens. For instance, GNUnet is available as @code{gnunet}, and | |
5583 | SDL_net as @code{sdl-net}. | |
927097ef | 5584 | |
cf4a9129 | 5585 | We do not add @code{lib} prefixes for library packages, unless these are |
081145cf | 5586 | already part of the official project name. But @pxref{Python |
cf4a9129 LC |
5587 | Modules} and @ref{Perl Modules} for special rules concerning modules for |
5588 | the Python and Perl languages. | |
927097ef | 5589 | |
1b366ee4 | 5590 | Font package names are handled differently, @pxref{Fonts}. |
7fec52b7 | 5591 | |
ef5dd60a | 5592 | |
cf4a9129 LC |
5593 | @node Version Numbers |
5594 | @subsection Version Numbers | |
ef5dd60a | 5595 | |
cf4a9129 LC |
5596 | We usually package only the latest version of a given free software |
5597 | project. But sometimes, for instance for incompatible library versions, | |
5598 | two (or more) versions of the same package are needed. These require | |
5599 | different Scheme variable names. We use the name as defined | |
5600 | in @ref{Package Naming} | |
5601 | for the most recent version; previous versions use the same name, suffixed | |
5602 | by @code{-} and the smallest prefix of the version number that may | |
5603 | distinguish the two versions. | |
ef5dd60a | 5604 | |
cf4a9129 LC |
5605 | The name inside the package definition is the same for all versions of a |
5606 | package and does not contain any version number. | |
ef5dd60a | 5607 | |
cf4a9129 | 5608 | For instance, the versions 2.24.20 and 3.9.12 of GTK+ may be packaged as follows: |
ef5dd60a | 5609 | |
cf4a9129 LC |
5610 | @example |
5611 | (define-public gtk+ | |
5612 | (package | |
5613 | (name "gtk+") | |
5614 | (version "3.9.12") | |
5615 | ...)) | |
5616 | (define-public gtk+-2 | |
5617 | (package | |
5618 | (name "gtk+") | |
5619 | (version "2.24.20") | |
5620 | ...)) | |
5621 | @end example | |
5622 | If we also wanted GTK+ 3.8.2, this would be packaged as | |
5623 | @example | |
5624 | (define-public gtk+-3.8 | |
5625 | (package | |
5626 | (name "gtk+") | |
5627 | (version "3.8.2") | |
5628 | ...)) | |
5629 | @end example | |
ef5dd60a | 5630 | |
ef5dd60a | 5631 | |
cf4a9129 LC |
5632 | @node Python Modules |
5633 | @subsection Python Modules | |
ef5dd60a | 5634 | |
cf4a9129 LC |
5635 | We currently package Python 2 and Python 3, under the Scheme variable names |
5636 | @code{python-2} and @code{python} as explained in @ref{Version Numbers}. | |
5637 | To avoid confusion and naming clashes with other programming languages, it | |
5638 | seems desirable that the name of a package for a Python module contains | |
5639 | the word @code{python}. | |
ef5dd60a | 5640 | |
cf4a9129 LC |
5641 | Some modules are compatible with only one version of Python, others with both. |
5642 | If the package Foo compiles only with Python 3, we name it | |
5643 | @code{python-foo}; if it compiles only with Python 2, we name it | |
5644 | @code{python2-foo}. If it is compatible with both versions, we create two | |
5645 | packages with the corresponding names. | |
ef5dd60a | 5646 | |
cf4a9129 LC |
5647 | If a project already contains the word @code{python}, we drop this; |
5648 | for instance, the module python-dateutil is packaged under the names | |
5649 | @code{python-dateutil} and @code{python2-dateutil}. | |
113daf62 | 5650 | |
523e4896 | 5651 | |
cf4a9129 LC |
5652 | @node Perl Modules |
5653 | @subsection Perl Modules | |
523e4896 | 5654 | |
cf4a9129 LC |
5655 | Perl programs standing for themselves are named as any other package, |
5656 | using the lowercase upstream name. | |
5657 | For Perl packages containing a single class, we use the lowercase class name, | |
5658 | replace all occurrences of @code{::} by dashes and prepend the prefix | |
5659 | @code{perl-}. | |
5660 | So the class @code{XML::Parser} becomes @code{perl-xml-parser}. | |
5661 | Modules containing several classes keep their lowercase upstream name and | |
5662 | are also prepended by @code{perl-}. Such modules tend to have the word | |
5663 | @code{perl} somewhere in their name, which gets dropped in favor of the | |
5664 | prefix. For instance, @code{libwww-perl} becomes @code{perl-libwww}. | |
523e4896 | 5665 | |
523e4896 | 5666 | |
7fec52b7 AE |
5667 | @node Fonts |
5668 | @subsection Fonts | |
5669 | ||
5670 | For fonts that are in general not installed by a user for typesetting | |
5671 | purposes, or that are distributed as part of a larger software package, | |
5672 | we rely on the general packaging rules for software; for instance, this | |
5673 | applies to the fonts delivered as part of the X.Org system or fonts that | |
5674 | are part of TeX Live. | |
5675 | ||
5676 | To make it easier for a user to search for fonts, names for other packages | |
5677 | containing only fonts are constructed as follows, independently of the | |
5678 | upstream package name. | |
5679 | ||
5680 | The name of a package containing only one font family starts with | |
5681 | @code{font-}; it is followed by the foundry name and a dash @code{-} | |
5682 | if the foundry is known, and the font family name, in which spaces are | |
5683 | replaced by dashes (and as usual, all upper case letters are transformed | |
5684 | to lower case). | |
5685 | For example, the Gentium font family by SIL is packaged under the name | |
5686 | @code{font-sil-gentium}. | |
5687 | ||
5688 | For a package containing several font families, the name of the collection | |
5689 | is used in the place of the font family name. | |
5690 | For instance, the Liberation fonts consist of three families, | |
5691 | Liberation Sans, Liberation Serif and Liberation Mono. | |
5692 | These could be packaged separately under the names | |
5693 | @code{font-liberation-sans} and so on; but as they are distributed together | |
5694 | under a common name, we prefer to package them together as | |
5695 | @code{font-liberation}. | |
5696 | ||
5697 | In the case where several formats of the same font family or font collection | |
5698 | are packaged separately, a short form of the format, prepended by a dash, | |
5699 | is added to the package name. We use @code{-ttf} for TrueType fonts, | |
1b366ee4 | 5700 | @code{-otf} for OpenType fonts and @code{-type1} for PostScript Type 1 |
7fec52b7 AE |
5701 | fonts. |
5702 | ||
5703 | ||
b25937e3 | 5704 | |
cf4a9129 LC |
5705 | @node Bootstrapping |
5706 | @section Bootstrapping | |
b25937e3 | 5707 | |
cf4a9129 | 5708 | @c Adapted from the ELS 2013 paper. |
b25937e3 | 5709 | |
cf4a9129 | 5710 | @cindex bootstrapping |
7889394e | 5711 | |
cf4a9129 LC |
5712 | Bootstrapping in our context refers to how the distribution gets built |
5713 | ``from nothing''. Remember that the build environment of a derivation | |
5714 | contains nothing but its declared inputs (@pxref{Introduction}). So | |
5715 | there's an obvious chicken-and-egg problem: how does the first package | |
5716 | get built? How does the first compiler get compiled? Note that this is | |
5717 | a question of interest only to the curious hacker, not to the regular | |
5718 | user, so you can shamelessly skip this section if you consider yourself | |
5719 | a ``regular user''. | |
72b9d60d | 5720 | |
cf4a9129 LC |
5721 | @cindex bootstrap binaries |
5722 | The GNU system is primarily made of C code, with libc at its core. The | |
5723 | GNU build system itself assumes the availability of a Bourne shell and | |
5724 | command-line tools provided by GNU Coreutils, Awk, Findutils, `sed', and | |
5725 | `grep'. Furthermore, build programs---programs that run | |
5726 | @code{./configure}, @code{make}, etc.---are written in Guile Scheme | |
5727 | (@pxref{Derivations}). Consequently, to be able to build anything at | |
5728 | all, from scratch, Guix relies on pre-built binaries of Guile, GCC, | |
5729 | Binutils, libc, and the other packages mentioned above---the | |
5730 | @dfn{bootstrap binaries}. | |
72b9d60d | 5731 | |
cf4a9129 LC |
5732 | These bootstrap binaries are ``taken for granted'', though we can also |
5733 | re-create them if needed (more on that later). | |
72b9d60d | 5734 | |
cf4a9129 | 5735 | @unnumberedsubsec Preparing to Use the Bootstrap Binaries |
c79d54fe | 5736 | |
cf4a9129 LC |
5737 | @c As of Emacs 24.3, Info-mode displays the image, but since it's a |
5738 | @c large image, it's hard to scroll. Oh well. | |
5739 | @image{images/bootstrap-graph,6in,,Dependency graph of the early bootstrap derivations} | |
523e4896 | 5740 | |
cf4a9129 LC |
5741 | The figure above shows the very beginning of the dependency graph of the |
5742 | distribution, corresponding to the package definitions of the @code{(gnu | |
5743 | packages bootstrap)} module. At this level of detail, things are | |
5744 | slightly complex. First, Guile itself consists of an ELF executable, | |
5745 | along with many source and compiled Scheme files that are dynamically | |
5746 | loaded when it runs. This gets stored in the @file{guile-2.0.7.tar.xz} | |
5747 | tarball shown in this graph. This tarball is part of Guix's ``source'' | |
5748 | distribution, and gets inserted into the store with @code{add-to-store} | |
5749 | (@pxref{The Store}). | |
2e7b5cea | 5750 | |
cf4a9129 LC |
5751 | But how do we write a derivation that unpacks this tarball and adds it |
5752 | to the store? To solve this problem, the @code{guile-bootstrap-2.0.drv} | |
5753 | derivation---the first one that gets built---uses @code{bash} as its | |
5754 | builder, which runs @code{build-bootstrap-guile.sh}, which in turn calls | |
5755 | @code{tar} to unpack the tarball. Thus, @file{bash}, @file{tar}, | |
5756 | @file{xz}, and @file{mkdir} are statically-linked binaries, also part of | |
5757 | the Guix source distribution, whose sole purpose is to allow the Guile | |
5758 | tarball to be unpacked. | |
fb729425 | 5759 | |
cf4a9129 LC |
5760 | Once @code{guile-bootstrap-2.0.drv} is built, we have a functioning |
5761 | Guile that can be used to run subsequent build programs. Its first task | |
5762 | is to download tarballs containing the other pre-built binaries---this | |
5763 | is what the @code{.tar.xz.drv} derivations do. Guix modules such as | |
5764 | @code{ftp-client.scm} are used for this purpose. The | |
5765 | @code{module-import.drv} derivations import those modules in a directory | |
5766 | in the store, using the original layout. The | |
5767 | @code{module-import-compiled.drv} derivations compile those modules, and | |
5768 | write them in an output directory with the right layout. This | |
5769 | corresponds to the @code{#:modules} argument of | |
5770 | @code{build-expression->derivation} (@pxref{Derivations}). | |
fb729425 | 5771 | |
cf4a9129 LC |
5772 | Finally, the various tarballs are unpacked by the |
5773 | derivations @code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, | |
5774 | etc., at which point we have a working C tool chain. | |
fb729425 | 5775 | |
fb729425 | 5776 | |
cf4a9129 | 5777 | @unnumberedsubsec Building the Build Tools |
523e4896 | 5778 | |
cf4a9129 LC |
5779 | @c TODO: Add a package-level dependency graph generated from (gnu |
5780 | @c packages base). | |
df2ce343 | 5781 | |
cf4a9129 LC |
5782 | Bootstrapping is complete when we have a full tool chain that does not |
5783 | depend on the pre-built bootstrap tools discussed above. This | |
5784 | no-dependency requirement is verified by checking whether the files of | |
5785 | the final tool chain contain references to the @file{/gnu/store} | |
5786 | directories of the bootstrap inputs. The process that leads to this | |
5787 | ``final'' tool chain is described by the package definitions found in | |
1f6f57df | 5788 | the @code{(gnu packages commencement)} module. |
df2ce343 | 5789 | |
cf4a9129 LC |
5790 | @c See <http://lists.gnu.org/archive/html/gnu-system-discuss/2012-10/msg00000.html>. |
5791 | The first tool that gets built with the bootstrap binaries is | |
5792 | GNU Make, which is a prerequisite for all the following packages. | |
5793 | From there Findutils and Diffutils get built. | |
523e4896 | 5794 | |
cf4a9129 LC |
5795 | Then come the first-stage Binutils and GCC, built as pseudo cross |
5796 | tools---i.e., with @code{--target} equal to @code{--host}. They are | |
5797 | used to build libc. Thanks to this cross-build trick, this libc is | |
5798 | guaranteed not to hold any reference to the initial tool chain. | |
4af2447e | 5799 | |
cf4a9129 LC |
5800 | From there the final Binutils and GCC are built. GCC uses @code{ld} |
5801 | from the final Binutils, and links programs against the just-built libc. | |
5802 | This tool chain is used to build the other packages used by Guix and by | |
5803 | the GNU Build System: Guile, Bash, Coreutils, etc. | |
4af2447e | 5804 | |
cf4a9129 LC |
5805 | And voilà! At this point we have the complete set of build tools that |
5806 | the GNU Build System expects. These are in the @code{%final-inputs} | |
dd164244 MW |
5807 | variable of the @code{(gnu packages commencement)} module, and are |
5808 | implicitly used by any package that uses @code{gnu-build-system} | |
1f6f57df | 5809 | (@pxref{Build Systems, @code{gnu-build-system}}). |
4af2447e | 5810 | |
4af2447e | 5811 | |
cf4a9129 | 5812 | @unnumberedsubsec Building the Bootstrap Binaries |
4af2447e | 5813 | |
cf4a9129 LC |
5814 | Because the final tool chain does not depend on the bootstrap binaries, |
5815 | those rarely need to be updated. Nevertheless, it is useful to have an | |
5816 | automated way to produce them, should an update occur, and this is what | |
5817 | the @code{(gnu packages make-bootstrap)} module provides. | |
4af2447e | 5818 | |
cf4a9129 LC |
5819 | The following command builds the tarballs containing the bootstrap |
5820 | binaries (Guile, Binutils, GCC, libc, and a tarball containing a mixture | |
5821 | of Coreutils and other basic command-line tools): | |
4b2615e1 | 5822 | |
cf4a9129 LC |
5823 | @example |
5824 | guix build bootstrap-tarballs | |
5825 | @end example | |
5826 | ||
5827 | The generated tarballs are those that should be referred to in the | |
5828 | @code{(gnu packages bootstrap)} module mentioned at the beginning of | |
5829 | this section. | |
5830 | ||
5831 | Still here? Then perhaps by now you've started to wonder: when do we | |
5832 | reach a fixed point? That is an interesting question! The answer is | |
5833 | unknown, but if you would like to investigate further (and have | |
5834 | significant computational and storage resources to do so), then let us | |
5835 | know. | |
5836 | ||
5837 | @node Porting | |
5838 | @section Porting to a New Platform | |
5839 | ||
5840 | As discussed above, the GNU distribution is self-contained, and | |
5841 | self-containment is achieved by relying on pre-built ``bootstrap | |
5842 | binaries'' (@pxref{Bootstrapping}). These binaries are specific to an | |
5843 | operating system kernel, CPU architecture, and application binary | |
5844 | interface (ABI). Thus, to port the distribution to a platform that is | |
5845 | not yet supported, one must build those bootstrap binaries, and update | |
5846 | the @code{(gnu packages bootstrap)} module to use them on that platform. | |
5847 | ||
5848 | Fortunately, Guix can @emph{cross compile} those bootstrap binaries. | |
5849 | When everything goes well, and assuming the GNU tool chain supports the | |
5850 | target platform, this can be as simple as running a command like this | |
5851 | one: | |
5852 | ||
5853 | @example | |
5854 | guix build --target=armv5tel-linux-gnueabi bootstrap-tarballs | |
5855 | @end example | |
5856 | ||
1c0c417d LC |
5857 | For this to work, the @code{glibc-dynamic-linker} procedure in |
5858 | @code{(gnu packages bootstrap)} must be augmented to return the right | |
5859 | file name for libc's dynamic linker on that platform; likewise, | |
5860 | @code{system->linux-architecture} in @code{(gnu packages linux)} must be | |
5861 | taught about the new platform. | |
5862 | ||
cf4a9129 | 5863 | Once these are built, the @code{(gnu packages bootstrap)} module needs |
1c0c417d LC |
5864 | to be updated to refer to these binaries on the target platform. That |
5865 | is, the hashes and URLs of the bootstrap tarballs for the new platform | |
5866 | must be added alongside those of the currently supported platforms. The | |
5867 | bootstrap Guile tarball is treated specially: it is expected to be | |
5868 | available locally, and @file{gnu-system.am} has rules do download it for | |
5869 | the supported architectures; a rule for the new platform must be added | |
5870 | as well. | |
cf4a9129 LC |
5871 | |
5872 | In practice, there may be some complications. First, it may be that the | |
5873 | extended GNU triplet that specifies an ABI (like the @code{eabi} suffix | |
5874 | above) is not recognized by all the GNU tools. Typically, glibc | |
5875 | recognizes some of these, whereas GCC uses an extra @code{--with-abi} | |
5876 | configure flag (see @code{gcc.scm} for examples of how to handle this). | |
5877 | Second, some of the required packages could fail to build for that | |
5878 | platform. Lastly, the generated binaries could be broken for some | |
5879 | reason. | |
4af2447e LC |
5880 | |
5881 | ||
9bf3c1a7 LC |
5882 | @c ********************************************************************* |
5883 | @node Contributing | |
5884 | @chapter Contributing | |
5885 | ||
5886 | This project is a cooperative effort, and we need your help to make it | |
5ff3c4b8 PAR |
5887 | grow! Please get in touch with us on @email{guix-devel@@gnu.org} and |
5888 | @code{#guix} on the Freenode IRC network. We welcome ideas, bug | |
5889 | reports, patches, and anything that may be helpful to the project. We | |
5890 | particularly welcome help on packaging (@pxref{Packaging Guidelines}). | |
a1ba8475 | 5891 | |
9bf3c1a7 LC |
5892 | Please see the |
5893 | @url{http://git.savannah.gnu.org/cgit/guix.git/tree/HACKING, | |
5894 | @file{HACKING} file} that comes with the Guix source code for practical | |
5895 | details about contributions. | |
5896 | ||
c78bd12b | 5897 | |
568717fd LC |
5898 | @c ********************************************************************* |
5899 | @node Acknowledgments | |
5900 | @chapter Acknowledgments | |
5901 | ||
5902 | Guix is based on the Nix package manager, which was designed and | |
4c7ac9aa LC |
5903 | implemented by Eelco Dolstra, with contributions from other people (see |
5904 | the @file{nix/AUTHORS} file in Guix.) Nix pioneered functional package | |
568717fd LC |
5905 | management, and promoted unprecedented features, such as transactional |
5906 | package upgrades and rollbacks, per-user profiles, and referentially | |
5907 | transparent build processes. Without this work, Guix would not exist. | |
5908 | ||
5909 | The Nix-based software distributions, Nixpkgs and NixOS, have also been | |
5910 | an inspiration for Guix. | |
5911 | ||
4c7ac9aa LC |
5912 | GNU@tie{}Guix itself is a collective work with contributions from a |
5913 | number of people. See the @file{AUTHORS} file in Guix for more | |
5914 | information on these fine people. The @file{THANKS} file lists people | |
5915 | who have helped by reporting bugs, taking care of the infrastructure, | |
5916 | providing artwork and themes, making suggestions, and more---thank you! | |
5917 | ||
5918 | ||
568717fd LC |
5919 | @c ********************************************************************* |
5920 | @node GNU Free Documentation License | |
5921 | @appendix GNU Free Documentation License | |
5922 | ||
5923 | @include fdl-1.3.texi | |
5924 | ||
5925 | @c ********************************************************************* | |
5926 | @node Concept Index | |
5927 | @unnumbered Concept Index | |
5928 | @printindex cp | |
5929 | ||
a85b83d2 LC |
5930 | @node Programming Index |
5931 | @unnumbered Programming Index | |
5932 | @syncodeindex tp fn | |
5933 | @syncodeindex vr fn | |
568717fd LC |
5934 | @printindex fn |
5935 | ||
5936 | @bye | |
5937 | ||
5938 | @c Local Variables: | |
5939 | @c ispell-local-dictionary: "american"; | |
5940 | @c End: |