HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: QEMU: Fix CVE-2020-1711.
[jackhill/guix/guix.git] / gnu / packages / virtualization.scm
CommitLineData
b15fcf9e 1;;; GNU Guix --- Functional package management for GNU
589e3f4e 2;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
ecfe88b7 3;;; Copyright © 2015, 2016, 2017, 2018 Mark H Weaver <mhw@netris.org>
49fe965d 4;;; Copyright © 2016, 2017, 2018. 2019 Efraim Flashner <efraim@flashner.co.il>
fe420383 5;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
f152208b 6;;; Copyright © 2017 Alex Vong <alexvong1995@gmail.com>
b376ec57 7;;; Copyright © 2017 Andy Patterson <ajpatter@uwaterloo.ca>
64b632f8 8;;; Copyright © 2017, 2018, 2019 Rutger Helling <rhelling@mykolab.com>
f17bd3c6 9;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
0def9120 10;;; Copyright © 2018 Danny Milosavljevic <dannym@scratchpost.org>
de7f03ce 11;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org>
f6e55da0 12;;; Copyright © 2018 Julien Lepiller <julien@lepiller.eu>
17043677 13;;; Copyright © 2019 Guy Fleury Iteriteka <hoonandon@gmail.com>
b15fcf9e
LC		 14;;;
15;;; This file is part of GNU Guix.
16;;;
17;;; GNU Guix is free software; you can redistribute it and/or modify it
18;;; under the terms of the GNU General Public License as published by
19;;; the Free Software Foundation; either version 3 of the License, or (at
20;;; your option) any later version.
21;;;
22;;; GNU Guix is distributed in the hope that it will be useful, but
23;;; WITHOUT ANY WARRANTY; without even the implied warranty of
24;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25;;; GNU General Public License for more details.
26;;;
27;;; You should have received a copy of the GNU General Public License
28;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
29
59132b80 30(define-module (gnu packages virtualization)
161ed547 31 #:use-module (gnu packages)
309693e0 32 #:use-module (gnu packages admin)
35e8900d 33 #:use-module (gnu packages assembly)
efcada41 34 #:use-module (gnu packages attr)
309693e0 35 #:use-module (gnu packages autotools)
ecfe88b7 36 #:use-module (gnu packages bison)
a0f6c3b3 37 #:use-module (gnu packages check)
35e8900d 38 #:use-module (gnu packages cmake)
b15fcf9e 39 #:use-module (gnu packages compression)
35e8900d 40 #:use-module (gnu packages cross-base)
309693e0
RW		 41 #:use-module (gnu packages curl)
42 #:use-module (gnu packages cyrus-sasl)
43 #:use-module (gnu packages disk)
8fc7bd23 44 #:use-module (gnu packages dns)
fe420383
RW		 45 #:use-module (gnu packages docbook)
46 #:use-module (gnu packages documentation)
35e8900d
DM		 47 #:use-module (gnu packages figlet)
48 #:use-module (gnu packages firmware)
ecfe88b7 49 #:use-module (gnu packages flex)
fb9472a3 50 #:use-module (gnu packages fontutils)
16a47f23 51 #:use-module (gnu packages freedesktop)
90a8ef8c 52 #:use-module (gnu packages gettext)
efcada41
DC		 53 #:use-module (gnu packages gl)
54 #:use-module (gnu packages glib)
a0f6c3b3 55 #:use-module (gnu packages gnome)
7714a069 56 #:use-module (gnu packages gnupg)
de7f03ce 57 #:use-module (gnu packages golang)
a0f6c3b3 58 #:use-module (gnu packages gtk)
e55354b8 59 #:use-module (gnu packages image)
5d1601ea 60 #:use-module (gnu packages libbsd)
fb9d7865 61 #:use-module (gnu packages libusb)
efcada41
DC		 62 #:use-module (gnu packages linux)
63 #:use-module (gnu packages ncurses)
71d4ba52 64 #:use-module (gnu packages nettle)
fe420383 65 #:use-module (gnu packages networking)
308af634 66 #:use-module (gnu packages onc-rpc)
7714a069 67 #:use-module (gnu packages package-management)
06da1a6b 68 #:use-module (gnu packages perl)
efcada41 69 #:use-module (gnu packages pkg-config)
309693e0 70 #:use-module (gnu packages polkit)
fe420383 71 #:use-module (gnu packages protobuf)
efcada41 72 #:use-module (gnu packages python)
589e3f4e 73 #:use-module (gnu packages python-web)
44d10b1f 74 #:use-module (gnu packages python-xyz)
28e3569f 75 #:use-module (gnu packages pulseaudio)
5d4a8f9b 76 #:use-module (gnu packages selinux)
efcada41 77 #:use-module (gnu packages sdl)
0411aca8 78 #:use-module (gnu packages sphinx)
38b9ce44 79 #:use-module (gnu packages spice)
efcada41 80 #:use-module (gnu packages texinfo)
71d4ba52 81 #:use-module (gnu packages textutils)
309693e0
RW		 82 #:use-module (gnu packages tls)
83 #:use-module (gnu packages web)
35e8900d 84 #:use-module (gnu packages wget)
efcada41 85 #:use-module (gnu packages xdisorg)
309693e0 86 #:use-module (gnu packages xml)
8981465b 87 #:use-module (gnu packages xorg)
6da90719 88 #:use-module (guix build-system cmake)
efcada41 89 #:use-module (guix build-system gnu)
de7f03ce 90 #:use-module (guix build-system go)
cfd9913f 91 #:use-module (guix build-system meson)
7cd2032f 92 #:use-module (guix build-system python)
efcada41 93 #:use-module (guix download)
7714a069 94 #:use-module (guix git-download)
b23b9667 95 #:use-module ((guix licenses) #:prefix license:)
efcada41
DC		 96 #:use-module (guix packages)
97 #:use-module (guix utils)
06da1a6b 98 #:use-module (srfi srfi-1))
b15fcf9e 99
e38a71ee
LC		 100(define (qemu-patch commit file-name sha256)
101 "Return an origin for COMMIT."
102 (origin
103 (method url-fetch)
104 (uri (string-append
105 "http://git.qemu.org/?p=qemu.git;a=commitdiff_plain;h="
106 commit))
107 (sha256 sha256)
108 (file-name file-name)))
109
06da1a6b 110(define-public qemu
b15fcf9e 111 (package
06da1a6b 112 (name "qemu")
3778b3d9 113 (version "4.2.0")
b15fcf9e
LC		 114 (source (origin
115 (method url-fetch)
2de7d137 116 (uri (string-append "https://download.qemu.org/qemu-"
fbd6fb1a 117 version ".tar.xz"))
ca5e404f
LF		 118 (patches (search-patches "qemu-CVE-2020-1711.patch"
119 "qemu-CVE-2020-7039.patch"
3778b3d9
LF		 120 "qemu-CVE-2020-7211.patch"
121 "qemu-fix-documentation-build-failure.patch"))
b15fcf9e
LC		 122 (sha256
123 (base32
3778b3d9 124 "1w38hzlw7xp05gcq1nhga7hxvndxy6dfcnzi7q2il8ff110isj6k"))))
b15fcf9e
LC		 125 (build-system gnu-build-system)
126 (arguments
219b4556
LC		 127 '(;; Running tests in parallel can occasionally lead to failures, like:
128 ;; boot_sector_test: assertion failed (signature == SIGNATURE): (0x00000000 == 0x0000dead)
129 #:parallel-tests? #f
0e5d0f66 130 #:configure-flags (list "--enable-usb-redir" "--enable-opengl"
0411aca8 131 "--enable-docs"
0e5d0f66
RH		 132 (string-append "--smbd="
133 (assoc-ref %outputs "out")
28e3569f
OP		 134 "/libexec/samba-wrapper")
135 "--audio-drv-list=alsa,pa,sdl")
a1570c89
MB		 136 ;; Make build and test output verbose to facilitate investigation upon failure.
137 #:make-flags '("V=1")
05051e8b
LC		 138 #:phases
139 (modify-phases %standard-phases
140 (replace 'configure
141 (lambda* (#:key inputs outputs (configure-flags '())
20c263b0 142 #:allow-other-keys)
05051e8b
LC		 143 ;; The `configure' script doesn't understand some of the
144 ;; GNU options. Thus, add a new phase that's compatible.
145 (let ((out (assoc-ref outputs "out")))
146 (setenv "SHELL" (which "bash"))
b15fcf9e 147
05051e8b
LC		 148 ;; While we're at it, patch for tests.
149 (substitute* "tests/libqtest.c"
150 (("/bin/sh") (which "sh")))
50731c51 151
05051e8b
LC		 152 ;; The binaries need to be linked against -lrt.
153 (setenv "LDFLAGS" "-lrt")
642d2db5
TGR		 154 (apply invoke
155 `("./configure"
156 ,(string-append "--cc=" (which "gcc"))
157 ;; Some architectures insist on using HOST_CC
158 ,(string-append "--host-cc=" (which "gcc"))
159 "--disable-debug-info" ; save build space
160 "--enable-virtfs" ; just to be sure
161 ,(string-append "--prefix=" out)
162 ,(string-append "--sysconfdir=/etc")
163 ,@configure-flags)))))
05051e8b
LC		 164 (add-after 'install 'install-info
165 (lambda* (#:key inputs outputs #:allow-other-keys)
166 ;; Install the Info manual, unless Texinfo is missing.
642d2db5
TGR		 167 (when (assoc-ref inputs "texinfo")
168 (let* ((out (assoc-ref outputs "out"))
169 (dir (string-append out "/share/info")))
170 (invoke "make" "info")
171 (for-each (lambda (info)
172 (install-file info dir))
173 (find-files "." "\\.info"))))
174 #t))
0e5d0f66
RH		 175 ;; Create a wrapper for Samba. This allows QEMU to use Samba without
176 ;; pulling it in as an input. Note that you need to explicitly install
177 ;; Samba in your Guix profile for Samba support.
178 (add-after 'install-info 'create-samba-wrapper
179 (lambda* (#:key inputs outputs #:allow-other-keys)
180 (let* ((out (assoc-ref %outputs "out"))
181 (libexec (string-append out "/libexec")))
182 (call-with-output-file "samba-wrapper"
183 (lambda (port)
184 (format port "#!/bin/sh
185exec smbd $@")))
186 (chmod "samba-wrapper" #o755)
187 (install-file "samba-wrapper" libexec))
188 #t))
04b9b7bb 189 (add-before 'configure 'prevent-network-configuration
05051e8b 190 (lambda _
04b9b7bb
RH		 191 ;; Prevent the build from trying to use git to fetch from the net.
192 (substitute* "Makefile"
193 (("@./config.status")
194 "")) #t))
195 (add-before 'check 'disable-unusable-tests
196 (lambda* (#:key inputs outputs #:allow-other-keys)
43bec6d0 197 (substitute* "tests/Makefile.include"
05051e8b
LC		 198 ;; Comment out the test-qga test, which needs /sys and
199 ;; fails within the build environment.
200 (("check-unit-.* tests/test-qga" all)
201 (string-append "# " all)))
04b9b7bb
RH		 202 (substitute* "tests/Makefile.include"
203 ;; Comment out the test-char test, which needs networking and
204 ;; fails within the build environment.
205 (("check-unit-.* tests/test-char" all)
206 (string-append "# " all)))
05051e8b 207 #t)))))
b15fcf9e 208 (inputs ; TODO: Add optional inputs.
2f042822
DC		 209 `(("alsa-lib" ,alsa-lib)
210 ("attr" ,attr)
b15fcf9e 211 ("glib" ,glib)
90a8ef8c 212 ("gtk+" ,gtk+)
fa65e84a 213 ("libaio" ,libaio)
2f042822
DC		 214 ("libattr" ,attr)
215 ("libcap" ,libcap) ; virtfs support requires libcap & libattr
9a187b39
AP		 216 ("libdrm" ,libdrm)
217 ("libepoxy" ,libepoxy)
513885b5 218 ("libjpeg" ,libjpeg-turbo)
2f042822 219 ("libpng" ,libpng)
34a28c13 220 ("libseccomp" ,libseccomp)
2f042822
DC		 221 ("libusb" ,libusb) ;USB pass-through support
222 ("mesa" ,mesa)
223 ("ncurses" ,ncurses)
224 ;; ("pciutils" ,pciutils)
2b2fdd45 225 ("pixman" ,pixman)
28e3569f 226 ("pulseaudio" ,pulseaudio)
27b52c1f 227 ("sdl2" ,sdl2)
38b9ce44 228 ("spice" ,spice)
b376ec57 229 ("usbredir" ,usbredir)
b15fcf9e 230 ("util-linux" ,util-linux)
1e2640ba 231 ("vde2" ,vde2)
38b9ce44 232 ("virglrenderer" ,virglrenderer)
2f042822 233 ("zlib" ,zlib)))
90a8ef8c
RH		 234 (native-inputs `(("gettext" ,gettext-minimal)
235 ("glib:bin" ,glib "bin") ; gtester, etc.
2f042822 236 ("perl" ,perl)
ecfe88b7
MW		 237 ("flex" ,flex)
238 ("bison" ,bison)
2f042822 239 ("pkg-config" ,pkg-config)
27b52c1f 240 ("python-wrapper" ,python-wrapper)
0411aca8 241 ("python-sphinx" ,python-sphinx)
2f042822 242 ("texinfo" ,texinfo)))
ce9fbae1 243 (home-page "https://www.qemu.org")
06da1a6b 244 (synopsis "Machine emulator and virtualizer")
72b9eebf 245 (description
50731c51 246 "QEMU is a generic machine emulator and virtualizer.
72b9eebf
LC		 247
248When used as a machine emulator, QEMU can run OSes and programs made for one
50731c51
LC		 249machine (e.g. an ARM board) on a different machine---e.g., your own PC. By
250using dynamic translation, it achieves very good performance.
72b9eebf
LC		 251
252When used as a virtualizer, QEMU achieves near native performances by
253executing the guest code directly on the host CPU. QEMU supports
254virtualization when executing under the Xen hypervisor or using
255the KVM kernel module in Linux. When using KVM, QEMU can virtualize x86,
50731c51
LC		 256server and embedded PowerPC, and S390 guests.")
257
258 ;; Many files are GPLv2+, but some are GPLv2-only---e.g., `memory.c'.
b23b9667 259 (license license:gpl2)
f47638a3
LC		 260
261 ;; Several tests fail on MIPS; see <http://hydra.gnu.org/build/117914>.
262 (supported-systems (delete "mips64el-linux" %supported-systems))))
50731c51 263
06da1a6b
LC		 264(define-public qemu-minimal
265 ;; QEMU without GUI support.
266 (package (inherit qemu)
267 (name "qemu-minimal")
268 (synopsis "Machine emulator and virtualizer (without GUI)")
269 (arguments
b376ec57
AP		 270 (substitute-keyword-arguments (package-arguments qemu)
271 ((#:configure-flags _ '(list))
272 ;; Restrict to the targets supported by Guix.
273 ''("--target-list=i386-softmmu,x86_64-softmmu,mips64el-softmmu,arm-softmmu,aarch64-softmmu"))))
06da1a6b
LC		 274
275 ;; Remove dependencies on optional libraries, notably GUI libraries.
90a8ef8c
RH		 276 (native-inputs (fold alist-delete (package-native-inputs qemu)
277 '("gettext")))
06da1a6b 278 (inputs (fold alist-delete (package-inputs qemu)
90a8ef8c 279 '("libusb" "mesa" "sdl2" "spice" "virglrenderer" "gtk+"
1e2640ba 280 "usbredir" "libdrm" "libepoxy" "pulseaudio" "vde2")))))
309693e0 281
27b52c1f
RH		 282;; The GRUB test suite fails with later versions of Qemu, so we
283;; keep it at 2.10 for now. See
284;; <https://lists.gnu.org/archive/html/bug-grub/2018-02/msg00004.html>.
285;; This package is hidden since we do not backport updates to it.
286(define-public qemu-minimal-2.10
287 (hidden-package
288 (package
289 (inherit qemu-minimal)
290 (version "2.10.2")
291 (source (origin
292 (method url-fetch)
293 (uri (string-append "https://download.qemu.org/qemu-"
294 version ".tar.xz"))
295 (sha256
296 (base32
3d5ad159
MW		 297 "17w21spvaxaidi2am5lpsln8yjpyp2zi3s3gc6nsxj5arlgamzgw"))
298 (patches
299 (search-patches "qemu-glibc-2.27.patch"))))
27b52c1f
RH		 300 ;; qemu-minimal-2.10 needs Python 2. Remove below once no longer necessary.
301 (native-inputs `(("python-2" ,python-2)
302 ,@(fold alist-delete (package-native-inputs qemu)
0411aca8 303 '("python-wrapper" "python-sphinx"))))
d100d5d5
MB		 304 (inputs
305 (fold alist-delete (package-inputs qemu)
306 ;; Disable seccomp support, because it's not required for the GRUB
307 ;; test suite, and because it fails with libseccomp 2.4.2 and later.
308 '("libseccomp"))))))
27b52c1f 309
a0f6c3b3
RW		 310(define-public libosinfo
311 (package
312 (name "libosinfo")
cfd9913f 313 (version "1.7.1")
a0f6c3b3
RW		 314 (source
315 (origin
316 (method url-fetch)
d701f8bd 317 (uri (string-append "https://releases.pagure.org/libosinfo/libosinfo-"
cfd9913f 318 version ".tar.xz"))
a0f6c3b3
RW		 319 (sha256
320 (base32
cfd9913f
CB		 321 "1s97sv24bybggjx6hgqba2qdqz3ivfpd4cmkh4zm5y59sim109mv"))))
322 (build-system meson-build-system)
a0f6c3b3 323 (arguments
d701f8bd 324 `(#:configure-flags
cfd9913f 325 (list (string-append "-Dwith-usb-ids-path="
d701f8bd 326 (assoc-ref %build-inputs "usb.ids"))
cfd9913f 327 (string-append "-Dwith-pci-ids-path="
d1e766e5 328 (assoc-ref %build-inputs "pci.ids")))))
a0f6c3b3
RW		 329 (inputs
330 `(("libsoup" ,libsoup)
331 ("libxml2" ,libxml2)
332 ("libxslt" ,libxslt)
333 ("gobject-introspection" ,gobject-introspection)))
334 (native-inputs
d1e766e5 335 `(("glib" ,glib "bin") ; glib-mkenums, etc.
a0f6c3b3
RW		 336 ("gtk-doc" ,gtk-doc)
337 ("vala" ,vala)
338 ("intltool" ,intltool)
339 ("pkg-config" ,pkg-config)
340 ("pci.ids"
341 ,(origin
342 (method url-fetch)
d701f8bd 343 (uri "https://github.com/pciutils/pciids/raw/ad02084f0bc143e3c15e31a6152a3dfb1d7a3156/pci.ids")
a0f6c3b3
RW		 344 (sha256
345 (base32
d701f8bd 346 "0kfhpj5rnh24hz2714qhfmxk281vwc2w50sm73ggw5d15af7zfsw"))))
a0f6c3b3
RW		 347 ("usb.ids"
348 ,(origin
349 (method url-fetch)
0d73f148 350 (uri "https://svn.code.sf.net/p/linux-usb/repo/trunk/htdocs/usb.ids?r=2681")
b02733d4 351 (file-name "usb.ids")
a0f6c3b3
RW		 352 (sha256
353 (base32
0d73f148 354 "1m6yhvz5k8aqzxgk7xj3jkk8frl1hbv0h3vgj4wbnvnx79qnvz3r"))))))
a0f6c3b3
RW		 355 (home-page "https://libosinfo.org/")
356 (synopsis "Operating system information database")
357 (description "libosinfo is a GObject based library API for managing
358information about operating systems, hypervisors and the (virtual) hardware
359devices they can support. It includes a database containing device metadata
360and provides APIs to match/identify optimal devices for deploying an operating
361system on a hypervisor. Via GObject Introspection, the API is available in
362all common programming languages. Vala bindings are also provided.")
363 ;; The library files are released under LGPLv2.1 or later; the source
364 ;; files in the "tools" directory are released under GPLv2+.
b23b9667 365 (license (list license:lgpl2.1+ license:gpl2+))))
a0f6c3b3 366
5d4a8f9b
SB		 367(define-public lxc
368 (package
369 (name "lxc")
cc7058b2 370 (version "3.1.0")
5d4a8f9b
SB		 371 (source (origin
372 (method url-fetch)
373 (uri (string-append
374 "https://linuxcontainers.org/downloads/lxc/lxc-"
375 version ".tar.gz"))
376 (sha256
377 (base32
cc7058b2 378 "1igxqgx8q9cp15mcp1y8j564bl85ijw04jcmgb1s5bmfbg1751sd"))))
5d4a8f9b
SB		 379 (build-system gnu-build-system)
380 (native-inputs
381 `(("pkg-config" ,pkg-config)))
382 (inputs
383 `(("gnutls" ,gnutls)
384 ("libcap" ,libcap)
385 ("libseccomp" ,libseccomp)
386 ("libselinux" ,libselinux)))
387 (arguments
2e625ef7
TGR		 388 `(#:configure-flags
389 (list (string-append "--docdir=" (assoc-ref %outputs "out")
390 "/share/doc/" ,name "-" ,version)
391 "--sysconfdir=/etc"
392 "--localstatedir=/var")
a4c36e65
MB		 393 #:make-flags
394 ;; Treat the kernel headers as system headers to silence
395 ;; compiler warnings from those.
396 (list (string-append "C_INCLUDE_PATH="
397 (assoc-ref %build-inputs "kernel-headers")
398 "/include"))
5d4a8f9b
SB		 399 #:phases
400 (modify-phases %standard-phases
401 (replace 'install
402 (lambda* (#:key outputs #:allow-other-keys)
403 (let* ((out (assoc-ref outputs "out"))
404 (bashcompdir (string-append out "/etc/bash_completion.d")))
d6870d10 405 (invoke "make" "install"
5d4a8f9b
SB		 406 (string-append "bashcompdir=" bashcompdir)
407 ;; Don't install files into /var and /etc.
408 "LXCPATH=/tmp/var/lib/lxc"
409 "localstatedir=/tmp/var"
410 "sysconfdir=/tmp/etc"
d6870d10 411 "sysconfigdir=/tmp/etc/default")))))))
5d4a8f9b
SB		 412 (synopsis "Linux container tools")
413 (home-page "https://linuxcontainers.org/")
414 (description
415 "LXC is a userspace interface for the Linux kernel containment features.
416Through a powerful API and simple tools, it lets Linux users easily create and
417manage system or application containers.")
b23b9667 418 (license license:lgpl2.1+)))
5d4a8f9b 419
309693e0
RW		 420(define-public libvirt
421 (package
422 (name "libvirt")
aa1f0896 423 (version "5.8.0")
41097b2d
TGR		 424 (source
425 (origin
426 (method url-fetch)
427 (uri (string-append "https://libvirt.org/sources/libvirt-"
428 version ".tar.xz"))
429 (sha256
aa1f0896
MÁAV		 430 (base32 "0m8cqaqflvys5kaqpvb0qr4k365j09jc5xk6x70yvg8qkcl2hcz2"))
431 (patches
432 (search-patches "libvirt-create-machine-cgroup.patch"))))
309693e0
RW		 433 (build-system gnu-build-system)
434 (arguments
bd9eb384 435 `(#:configure-flags
ef640db2
SB		 436 (list "--with-qemu"
437 "--with-qemu-user=nobody"
438 "--with-qemu-group=kvm"
439 "--with-polkit"
175047cd
TGR		 440 (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
441 ,name "-" ,version)
a4b93921 442 "--sysconfdir=/etc"
309693e0
RW		 443 "--localstatedir=/var")
444 #:phases
445 (modify-phases %standard-phases
bd9eb384
TGR		 446 (add-before 'configure 'fix-BOURNE_SHELL-definition
447 ;; BOURNE_SHELL is hard-#defined to ‘/bin/sh’, causing test failures.
309693e0 448 (lambda _
bd9eb384 449 (substitute* "config.h.in"
309693e0
RW		 450 (("/bin/sh") (which "sh")))
451 #t))
308af634
MB		 452 (add-before 'configure 'patch-libtirpc-file-names
453 (lambda* (#:key inputs #:allow-other-keys)
454 ;; libvirt uses an m4 macro instead of pkg-config to determine where
455 ;; the RPC headers are located. Tell it to look in the right place.
456 (substitute* "configure"
457 (("/usr/include/tirpc") ;defined in m4/virt-xdr.m4
458 (string-append (assoc-ref inputs "libtirpc")
459 "/include/tirpc")))
460 #t))
bd9eb384
TGR		 461 (add-before 'configure 'disable-broken-tests
462 (lambda _
463 (let ((tests (list "commandtest" ; hangs idly
aa1f0896
MÁAV		 464 "qemuxml2argvtest" ; fails
465 "qemuhotplugtest" ; fails
bd9eb384
TGR		 466 "virnetsockettest" ; tries to network
467 "virshtest"))) ; fails
468 (substitute* "tests/Makefile.in"
469 (((format #f "(~a)\\$\\(EXEEXT\\)" (string-join tests "|")))
470 ""))
471 #t)))
a4b93921
SB		 472 (replace 'install
473 ;; Since the sysconfdir and localstatedir should be /etc and /var
474 ;; at runtime, we must prevent writing to them at installation
475 ;; time.
7aee2f57
TGR		 476 (lambda* (#:key make-flags #:allow-other-keys)
477 (apply invoke "make" "install"
478 "sysconfdir=/tmp/etc"
479 "localstatedir=/tmp/var"
ef640db2 480 make-flags))))))
309693e0
RW		 481 (inputs
482 `(("libxml2" ,libxml2)
8981465b
RH		 483 ("eudev" ,eudev)
484 ("libpciaccess" ,libpciaccess)
309693e0
RW		 485 ("gnutls" ,gnutls)
486 ("dbus" ,dbus)
309693e0
RW		 487 ("libpcap" ,libpcap)
488 ("libnl" ,libnl)
308af634 489 ("libtirpc" ,libtirpc) ;for <rpc/rpc.h>
309693e0 490 ("libuuid" ,util-linux)
308af634 491 ("lvm2" ,lvm2) ;for libdevmapper
309693e0
RW		 492 ("curl" ,curl)
493 ("openssl" ,openssl)
494 ("cyrus-sasl" ,cyrus-sasl)
309693e0 495 ("libyajl" ,libyajl)
8fc7bd23
SB		 496 ("audit" ,audit)
497 ("dmidecode" ,dmidecode)
498 ("dnsmasq" ,dnsmasq)
499 ("ebtables" ,ebtables)
500 ("iproute" ,iproute)
501 ("iptables" ,iptables)))
309693e0 502 (native-inputs
2f110b32 503 `(("xsltproc" ,libxslt)
b8fb94d5
TGR		 504 ("perl" ,perl)
505 ("pkg-config" ,pkg-config)
506 ("polkit" ,polkit)
aa1f0896 507 ("python" ,python-wrapper)))
2e508b6d 508 (home-page "https://libvirt.org")
309693e0
RW		 509 (synopsis "Simple API for virtualization")
510 (description "Libvirt is a C toolkit to interact with the virtualization
511capabilities of recent versions of Linux. The library aims at providing long
512term stable C API initially for the Xen paravirtualization but should be able
513to integrate other virtualization mechanisms if needed.")
b23b9667 514 (license license:lgpl2.1+)))
597ea122
RW		 515
516(define-public libvirt-glib
517 (package
518 (name "libvirt-glib")
7dfda55b 519 (version "2.0.0")
597ea122
RW		 520 (source (origin
521 (method url-fetch)
522 (uri (string-append "ftp://libvirt.org/libvirt/glib/"
523 "libvirt-glib-" version ".tar.gz"))
524 (sha256
525 (base32
7dfda55b 526 "0six9ckmvlwwyavyjkgc262qkpvfqgi8rjij7cyk00bmqq8c9s4l"))))
597ea122 527 (build-system gnu-build-system)
597ea122 528 (inputs
7e2c050a 529 `(("openssl" ,openssl)
597ea122 530 ("cyrus-sasl" ,cyrus-sasl)
7e2c050a 531 ("lvm2" ,lvm2) ; for libdevmapper
597ea122
RW		 532 ("libyajl" ,libyajl)))
533 (native-inputs
534 `(("pkg-config" ,pkg-config)
535 ("intltool" ,intltool)
536 ("glib" ,glib "bin")
537 ("vala" ,vala)))
7e2c050a
TGR		 538 (propagated-inputs
539 ;; ‘Required:’ by the installed .pc files.
540 `(("glib" ,glib)
541 ("libvirt" ,libvirt)
542 ("libxml2" ,libxml2)
543 ("gobject-introspection" ,gobject-introspection)))
b3fee5c1 544 (home-page "https://libvirt.org")
597ea122
RW		 545 (synopsis "GLib wrapper around libvirt")
546 (description "libvirt-glib wraps the libvirt library to provide a
547high-level object-oriented API better suited for glib-based applications, via
548three libraries:
549
550@enumerate
551@item libvirt-glib - GLib main loop integration & misc helper APIs
552@item libvirt-gconfig - GObjects for manipulating libvirt XML documents
553@item libvirt-gobject - GObjects for managing libvirt objects
554@end enumerate
555")
b23b9667 556 (license license:lgpl2.1+)))
7cd2032f
RW		 557
558(define-public python-libvirt
559 (package
560 (name "python-libvirt")
0e00c1c4 561 (version "5.8.0")
cb94ae38
TGR		 562 (source
563 (origin
564 (method url-fetch)
cb94ae38
TGR		 565 (uri (string-append "https://libvirt.org/sources/python/libvirt-python-"
566 version ".tar.gz"))
567 (sha256
0e00c1c4 568 (base32 "0kyz3lx49d8p75mvbzinxc1zgs8g7adn77y9bm15b8b4ad9zl5s6"))))
7cd2032f
RW		 569 (build-system python-build-system)
570 (arguments
571 `(#:phases
572 (modify-phases %standard-phases
573 (add-after 'unpack 'patch-nosetests-path
574 (lambda* (#:key inputs #:allow-other-keys)
575 (substitute* "setup.py"
9271dfdd
SB		 576 (("\"/usr/bin/nosetests\"")
577 (string-append "\"" (which "nosetests") "\""))
578 (("self\\.spawn\\(\\[sys\\.executable, nose\\]\\)")
579 (format #f "self.spawn([\"~a\", nose])" (which "bash"))))
7cd2032f
RW		 580 #t)))))
581 (inputs
482d9591
HG		 582 `(("libvirt" ,libvirt)))
583 (propagated-inputs
584 `(("python-lxml" ,python-lxml)))
7cd2032f
RW		 585 (native-inputs
586 `(("pkg-config" ,pkg-config)
587 ("python-nose" ,python-nose)))
b3fee5c1 588 (home-page "https://libvirt.org")
7cd2032f
RW		 589 (synopsis "Python bindings to libvirt")
590 (description "This package provides Python bindings to the libvirt
591virtualization library.")
b23b9667 592 (license license:lgpl2.1+)))
7cd2032f
RW		 593
594(define-public python2-libvirt
595 (package-with-python2 python-libvirt))
2f82b53b
RW		 596
597(define-public virt-manager
598 (package
599 (name "virt-manager")
845bf4f4 600 (version "2.2.1")
2f82b53b
RW		 601 (source (origin
602 (method url-fetch)
603 (uri (string-append "https://virt-manager.org/download/sources"
604 "/virt-manager/virt-manager-"
605 version ".tar.gz"))
606 (sha256
607 (base32
845bf4f4 608 "06ws0agxlip6p6n3n43knsnjyd91gqhh2dadgc33wl9lx1k8vn6g"))))
2f82b53b
RW		 609 (build-system python-build-system)
610 (arguments
af7014a1 611 `(#:use-setuptools? #f ; uses custom distutils 'install' command
2f82b53b
RW		 612 ;; Some of the tests seem to require network access to install virtual
613 ;; machines.
614 #:tests? #f
f023685d
AP		 615 #:imported-modules ((guix build glib-or-gtk-build-system)
616 ,@%python-build-system-modules)
2f82b53b
RW		 617 #:modules ((ice-9 match)
618 (srfi srfi-26)
619 (guix build python-build-system)
f023685d 620 ((guix build glib-or-gtk-build-system) #:prefix glib-or-gtk:)
2f82b53b
RW		 621 (guix build utils))
622 #:phases
623 (modify-phases %standard-phases
624 (add-after 'unpack 'fix-setup
625 (lambda* (#:key outputs #:allow-other-keys)
845bf4f4 626 (substitute* "virtinst/buildconfig.py"
2f82b53b
RW		 627 (("/usr") (assoc-ref outputs "out")))
628 #t))
845bf4f4
MÁAV		 629 (add-after 'unpack 'fix-qemu-img-reference
630 (lambda* (#:key inputs #:allow-other-keys)
631 (substitute* "virtconv/formats.py"
632 (("/usr(/bin/qemu-img)" _ suffix)
633 (string-append (assoc-ref inputs "qemu") suffix)))
634 #t))
4ad8fbd1
AP		 635 (add-after 'unpack 'fix-default-uri
636 (lambda* (#:key inputs #:allow-other-keys)
af7014a1 637 ;; Xen is not available for now - so only patch qemu.
845bf4f4 638 (substitute* "virtManager/createconn.py"
4ad8fbd1
AP		 639 (("/usr(/bin/qemu-system)" _ suffix)
640 (string-append (assoc-ref inputs "qemu") suffix)))
641 #t))
2f82b53b
RW		 642 (add-before 'wrap 'wrap-with-GI_TYPELIB_PATH
643 (lambda* (#:key inputs outputs #:allow-other-keys)
644 (let* ((bin (string-append (assoc-ref outputs "out") "/bin"))
645 (bin-files (find-files bin ".*"))
646 (paths (map (match-lambda
647 ((output . directory)
648 (let* ((girepodir (string-append
649 directory
650 "/lib/girepository-1.0")))
651 (if (file-exists? girepodir)
652 girepodir #f))))
653 inputs)))
654 (for-each (lambda (file)
655 (format #t "wrapping ~a\n" file)
656 (wrap-program file
657 `("GI_TYPELIB_PATH" ":" prefix
658 ,(filter identity paths))))
659 bin-files))
f023685d
AP		 660 #t))
661 (add-after 'install 'glib-or-gtk-compile-schemas
662 (assoc-ref glib-or-gtk:%standard-phases 'glib-or-gtk-compile-schemas))
663 (add-after 'install 'glib-or-gtk-wrap
664 (assoc-ref glib-or-gtk:%standard-phases 'glib-or-gtk-wrap)))))
2f82b53b 665 (inputs
b1e9837a
AP		 666 `(("dconf" ,dconf)
667 ("gtk+" ,gtk+)
45214efe 668 ("gtk-vnc" ,gtk-vnc)
845bf4f4 669 ("gtksourceview" ,gtksourceview)
2f82b53b
RW		 670 ("libvirt" ,libvirt)
671 ("libvirt-glib" ,libvirt-glib)
672 ("libosinfo" ,libosinfo)
45214efe 673 ("vte" ,vte)
2f82b53b 674 ("gobject-introspection" ,gobject-introspection)
f8be7664
RH		 675 ("python-libvirt" ,python-libvirt)
676 ("python-requests" ,python-requests)
677 ("python-ipaddress" ,python-ipaddress)
678 ("python-pycairo" ,python-pycairo)
679 ("python-pygobject" ,python-pygobject)
680 ("python-libxml2" ,python-libxml2)
8da7f792 681 ("spice-gtk" ,spice-gtk)))
2f82b53b
RW		 682 ;; virt-manager searches for qemu-img or kvm-img in the PATH.
683 (propagated-inputs
684 `(("qemu" ,qemu)))
685 (native-inputs
af7014a1 686 `(("glib" ,glib "bin") ; glib-compile-schemas
e6efcd58 687 ("gtk+" ,gtk+ "bin") ; gtk-update-icon-cache
2f82b53b
RW		 688 ("perl" ,perl) ; pod2man
689 ("intltool" ,intltool)))
690 (home-page "https://virt-manager.org/")
691 (synopsis "Manage virtual machines")
692 (description
693 "The virt-manager application is a desktop user interface for managing
694virtual machines through libvirt. It primarily targets KVM VMs, but also
695manages Xen and LXC (Linux containers). It presents a summary view of running
696domains, their live performance and resource utilization statistics.")
b23b9667 697 (license license:gpl2+)))
fe420383
RW		 698
699(define-public criu
700 (package
701 (name "criu")
5d1601ea 702 (version "3.13")
fe420383
RW		 703 (source (origin
704 (method url-fetch)
705 (uri (string-append "http://download.openvz.org/criu/criu-"
706 version ".tar.bz2"))
707 (sha256
708 (base32
5d1601ea 709 "1yn9ix9lqvqvjrs3a3g6g1wqfniyf9n7giy0mr3jvijmrcm7y0pa"))))
fe420383
RW		 710 (build-system gnu-build-system)
711 (arguments
712 `(#:test-target "test"
713 #:tests? #f ; tests require mounting as root
714 #:make-flags
715 (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
716 (string-append "LIBDIR=" (assoc-ref %outputs "out")
5d1601ea 717 "/lib")
718 (string-append "ASCIIDOC=" (assoc-ref %build-inputs "asciidoc")
719 "/bin/asciidoc")
720 (string-append "XMLTO=" (assoc-ref %build-inputs "xmlto")
721 "/bin/xmlto"))
fe420383
RW		 722 #:phases
723 (modify-phases %standard-phases
724 (replace 'configure
725 (lambda* (#:key inputs #:allow-other-keys)
726 ;; The includes for libnl are located in a sub-directory.
727 (setenv "C_INCLUDE_PATH"
728 (string-append (assoc-ref inputs "libnl")
ab2a1aed 729 "/include/libnl3:"
a46cf184
MB		 730 ;; Also add the kernel headers here so that GCC
731 ;; treats them as "system headers". Otherwise
732 ;; the build fails with -Werror because parasite.c
733 ;; includes both <linux/fs.h> and <sys/mount.h>,
734 ;; which define some of the same constants.
735 (assoc-ref inputs "kernel-headers")
736 "/include"))
5d1601ea 737 #t))
738 (add-after 'configure 'fix-documentation
739 (lambda* (#:key inputs outputs #:allow-other-keys)
fe420383 740 (substitute* "Documentation/Makefile"
5d1601ea 741 (("-m custom.xsl")
742 (string-append
743 "-m custom.xsl --skip-validation -x "
744 (assoc-ref inputs "docbook-xsl") "/xml/xsl/"
745 ,(package-name docbook-xsl) "-"
746 ,(package-version docbook-xsl)
747 "/manpages/docbook.xsl")))
580f33e1
EF		 748 #t))
749 (add-after 'unpack 'hardcode-variables
750 (lambda* (#:key inputs #:allow-other-keys)
751 ;; Hardcode arm version detection
752 (substitute* "Makefile"
753 (("ARMV.*:=.*") "ARMV := 7\n"))
754 ;; We are currently using python-2
755 (substitute* "crit/Makefile"
756 (("\\$\\(PYTHON\\)") "python2"))
757 (substitute* "lib/Makefile"
758 (("\\$\\(PYTHON\\)")
759 (string-append (assoc-ref inputs "python")
760 "/bin/python")))
fe420383
RW		 761 #t))
762 (add-before 'build 'fix-symlink
763 (lambda* (#:key inputs #:allow-other-keys)
764 ;; The file 'images/google/protobuf/descriptor.proto' points to
765 ;; /usr/include/..., which obviously does not exist.
766 (let* ((file "google/protobuf/descriptor.proto")
767 (target (string-append "images/" file))
768 (source (string-append (assoc-ref inputs "protobuf")
769 "/include/" file)))
770 (delete-file target)
771 (symlink source target)
772 #t)))
773 (add-after 'install 'wrap
774 (lambda* (#:key inputs outputs #:allow-other-keys)
775 ;; Make sure 'crit' runs with the correct PYTHONPATH.
776 (let* ((out (assoc-ref outputs "out"))
777 (path (string-append out
778 "/lib/python"
779 (string-take (string-take-right
780 (assoc-ref inputs "python") 5) 3)
781 "/site-packages:"
782 (getenv "PYTHONPATH"))))
783 (wrap-program (string-append out "/bin/crit")
784 `("PYTHONPATH" ":" prefix (,path))))
785 #t)))))
786 (inputs
787 `(("protobuf" ,protobuf)
788 ("python" ,python-2)
789 ("python2-protobuf" ,python2-protobuf)
790 ("python2-ipaddr" ,python2-ipaddr)
791 ("iproute" ,iproute)
792 ("libaio" ,libaio)
793 ("libcap" ,libcap)
794 ("libnet" ,libnet)
5d1601ea 795 ("libnl" ,libnl)
796 ("libbsd" ,libbsd)))
fe420383
RW		 797 (native-inputs
798 `(("pkg-config" ,pkg-config)
3bf94bc8 799 ("perl" ,perl)
fe420383
RW		 800 ("protobuf-c" ,protobuf-c)
801 ("asciidoc" ,asciidoc)
802 ("xmlto" ,xmlto)
803 ("docbook-xml" ,docbook-xml)
804 ("docbook-xsl" ,docbook-xsl)))
805 (home-page "https://criu.org")
806 (synopsis "Checkpoint and restore in user space")
807 (description "Using this tool, you can freeze a running application (or
808part of it) and checkpoint it to a hard drive as a collection of files. You
809can then use the files to restore and run the application from the point it
810was frozen at. The distinctive feature of the CRIU project is that it is
811mainly implemented in user space.")
812 ;; The project is licensed under GPLv2; files in the lib/ directory are
813 ;; LGPLv2.1.
b23b9667 814 (license (list license:gpl2 license:lgpl2.1))))
f46a3523
RH		 815
816(define-public qmpbackup
817 (package
818 (name "qmpbackup")
819 (version "0.2")
820 (source (origin
7be834d5
EF		 821 (method git-fetch)
822 (uri (git-reference
823 (url "https://github.com/abbbi/qmpbackup.git")
824 (commit version)))
825 (file-name (git-file-name name version))
f46a3523
RH		 826 (sha256
827 (base32
7be834d5 828 "0swhp5byz44brhyis1a39p11fyn9q84xz5q6v2fah29r7d71kmmx"))))
f46a3523
RH		 829 (build-system python-build-system)
830 (arguments
831 `(#:python ,python-2))
832 (home-page "https://github.com/abbbi/qmpbackup")
833 (synopsis "Backup and restore QEMU machines")
834 (description "qmpbackup is designed to create and restore full and
835incremental backups of running QEMU virtual machines via QMP, the QEMU
836Machine Protocol.")
b23b9667 837 (license license:gpl3+)))
fb9472a3 838
c9d2d310
RH		 839(define-public looking-glass-client
840 (let ((commit "182c4752d57690da7f99d5e788de9b8baea33895"))
16a47f23 841 (package
c9d2d310 842 (name "looking-glass-client")
16a47f23
RH		 843 (version (string-append "a12-" (string-take commit 7)))
844 (source
845 (origin
846 (method git-fetch)
847 (uri (git-reference (url "https://github.com/gnif/LookingGlass")
848 (commit commit)))
849 (file-name (git-file-name name version))
850 (sha256
851 (base32
43beec19
MB		 852 "02bq46ndmzq9cihazzn7xq1x7q5nzm7iw4l9lqzihxcxp9famkhw"))
853 (modules '((guix build utils)))
854 (snippet
855 '(begin
856 ;; Do not create binaries optimized for the CPU of the build machine,
857 ;; for reproducibility and compatibility. TODO: in the next version
858 ;; of looking glass, this is exposed as a CMake configure option.
859 (substitute* "client/CMakeLists.txt"
860 (("-march=native")
861 ""))
862 #t))))
16a47f23
RH		 863 (build-system cmake-build-system)
864 (inputs `(("fontconfig" ,fontconfig)
865 ("glu" ,glu)
866 ("mesa" ,mesa)
867 ("openssl" ,openssl)
868 ("sdl2" ,sdl2)
869 ("sdl2-ttf" ,sdl2-ttf)
870 ("spice-protocol" ,spice-protocol)
871 ("wayland" ,wayland)))
872 (native-inputs `(("libconfig" ,libconfig)
873 ("nettle" ,nettle)
874 ("pkg-config" ,pkg-config)))
875 (arguments
876 `(#:tests? #f ;; No tests are available.
877 #:make-flags '("CC=gcc")
878 #:phases (modify-phases %standard-phases
879 (add-before 'configure 'chdir-to-client
880 (lambda* (#:key outputs #:allow-other-keys)
881 (chdir "client")
882 #t))
a5ef1bcd
MB		 883 (add-after 'chdir-to-client 'add-missing-include
884 (lambda _
885 ;; Mimic upstream commit b9797529893, required since the
886 ;; update to Mesa 19.2.
887 (substitute* "renderers/egl/shader.h"
888 (("#include <stdbool\\.h>")
889 "#include <stdbool.h>\n#include <stddef.h>"))
890 #t))
16a47f23
RH		 891 (replace 'install
892 (lambda* (#:key outputs #:allow-other-keys)
893 (install-file "looking-glass-client"
894 (string-append (assoc-ref outputs "out")
895 "/bin"))
a5ef1bcd 896 #t)))))
16a47f23
RH		 897 (home-page "https://looking-glass.hostfission.com")
898 (synopsis "KVM Frame Relay (KVMFR) implementation")
899 (description "Looking Glass allows the use of a KVM (Kernel-based Virtual
fb9472a3
RH		 900Machine) configured for VGA PCI Pass-through without an attached physical
901monitor, keyboard or mouse. It displays the VM's rendered contents on your main
902monitor/GPU.")
16a47f23
RH		 903 ;; This package requires SSE instructions.
904 (supported-systems '("i686-linux" "x86_64-linux"))
905 (license license:gpl2+))))
de7f03ce 906
c9d2d310
RH		 907(define-public lookingglass
908 (deprecated-package "lookingglass" looking-glass-client))
909
de7f03ce
SB		 910(define-public runc
911 (package
912 (name "runc")
ce4593ec 913 (version "1.0.0-rc6")
de7f03ce
SB		 914 (source (origin
915 (method url-fetch)
916 (uri (string-append
917 "https://github.com/opencontainers/runc/releases/"
918 "download/v" version "/runc.tar.xz"))
ce4593ec
LF		 919 (file-name (string-append name "-" version ".tar.xz"))
920 (patches (search-patches "runc-CVE-2019-5736.patch"))
de7f03ce
SB		 921 (sha256
922 (base32
ce4593ec 923 "1c7832dq70slkjh8qp2civ1wxhhdd2hrx84pq7db1mmqc9fdr3cc"))))
de7f03ce
SB		 924 (build-system go-build-system)
925 (arguments
926 '(#:import-path "github.com/opencontainers/runc"
927 #:install-source? #f
03e45891
SB		 928 ;; XXX: 20/139 tests fail due to missing /var, cgroups and apparmor in
929 ;; the build environment.
930 #:tests? #f
de7f03ce
SB		 931 #:phases
932 (modify-phases %standard-phases
933 (replace 'unpack
934 (lambda* (#:key source import-path #:allow-other-keys)
935 ;; Unpack the tarball into 'runc' instead of 'runc-1.0.0-rc5'.
936 (let ((dest (string-append "src/" import-path)))
937 (mkdir-p dest)
938 (invoke "tar" "-C" (string-append "src/" import-path)
939 "--strip-components=1"
940 "-xvf" source))))
941 (replace 'build
942 (lambda* (#:key import-path #:allow-other-keys)
943 (chdir (string-append "src/" import-path))
944 ;; XXX: requires 'go-md2man'.
945 ;; (invoke "make" "man")
946 (invoke "make")))
947 ;; (replace 'check
948 ;; (lambda _
949 ;; (invoke "make" "localunittest")))
950 (replace 'install
951 (lambda* (#:key outputs #:allow-other-keys)
952 (let ((out (assoc-ref outputs "out")))
953 (invoke "make" "install" "install-bash"
954 (string-append "PREFIX=" out))))))))
955 (native-inputs
956 `(("pkg-config" ,pkg-config)))
957 (inputs
958 `(("libseccomp" ,libseccomp)))
959 (synopsis "Open container initiative runtime")
960 (home-page "https://www.opencontainers.org/")
961 (description
962 "@command{runc} is a command line client for running applications
963packaged according to the
964@uref{https://github.com/opencontainers/runtime-spec/blob/master/spec.md, Open
965Container Initiative (OCI) format} and is a compliant implementation of the
966Open Container Initiative specification.")
b23b9667 967 (license license:asl2.0)))
efdaf8de
SB		 968
969(define-public umoci
970 (package
971 (name "umoci")
0ccd3c98 972 (version "0.4.5")
efdaf8de
SB		 973 (source (origin
974 (method url-fetch)
975 (uri (string-append
976 "https://github.com/openSUSE/umoci/releases/download/v"
977 version "/umoci.tar.xz"))
978 (file-name (string-append "umoci-" version ".tar.xz"))
979 (sha256
980 (base32
0ccd3c98 981 "0x1yyvpllz6fyy9xip6f7b6c94v984n3faf8p50fr9y4ygkgi15a"))))
efdaf8de
SB		 982 (build-system go-build-system)
983 (arguments
984 '(#:import-path "github.com/openSUSE/umoci"
985 #:install-source? #f
986 #:phases
987 (modify-phases %standard-phases
988 (replace 'unpack
989 (lambda* (#:key source import-path #:allow-other-keys)
990 ;; Unpack the tarball into 'umoci' instead of "runc-${version}".
991 (let ((dest (string-append "src/" import-path)))
992 (mkdir-p dest)
993 (invoke "tar" "-C" (string-append "src/" import-path)
994 "--strip-components=1"
995 "-xvf" source))))
996 (replace 'build
997 (lambda* (#:key import-path #:allow-other-keys)
998 (chdir (string-append "src/" import-path))
999 ;; TODO: build manpages with 'go-md2man'.
1000 (invoke "make" "SHELL=bash")))
1001 (replace 'install
1002 (lambda* (#:key outputs #:allow-other-keys)
1003 (let* ((out (assoc-ref outputs "out"))
1004 (bindir (string-append out "/bin")))
1005 (install-file "umoci" bindir)
1006 #t))))))
1007 (home-page "https://umo.ci/")
1008 (synopsis "Tool for modifying Open Container images")
1009 (description
1010 "@command{umoci} is a tool that allows for high-level modification of an
1011Open Container Initiative (OCI) image layout and its tagged images.")
b23b9667 1012 (license license:asl2.0)))
7714a069
SB		 1013
1014(define-public skopeo
1015 (package
1016 (name "skopeo")
e8156383 1017 (version "0.1.40")
7714a069
SB		 1018 (source (origin
1019 (method git-fetch)
1020 (uri (git-reference
1021 (url "https://github.com/projectatomic/skopeo")
1022 (commit (string-append "v" version))))
1023 (file-name (git-file-name name version))
1024 (sha256
1025 (base32
e8156383 1026 "1bagirzdzjhicn5dr691092ac3q6lhz3xngjzgqiqkxnvpz7p6cn"))))
7714a069
SB		 1027 (build-system go-build-system)
1028 (native-inputs
1029 `(("pkg-config" ,pkg-config)))
1030 (inputs
1031 `(("btrfs-progs" ,btrfs-progs)
1032 ("eudev" ,eudev)
1033 ("libassuan" ,libassuan)
1034 ("libselinux" ,libselinux)
1035 ("libostree" ,libostree)
1036 ("lvm2" ,lvm2)
1037 ("glib" ,glib)
1038 ("gpgme" ,gpgme)))
1039 (arguments
1040 '(#:import-path "github.com/projectatomic/skopeo"
1041 #:install-source? #f
e409879a 1042 #:tests? #f ; The tests require Docker
7714a069
SB		 1043 #:phases
1044 (modify-phases %standard-phases
1045 (replace 'build
1046 (lambda* (#:key import-path #:allow-other-keys)
1047 (chdir (string-append "src/" import-path))
1048 ;; TODO: build manpages with 'go-md2man'.
1049 (invoke "make" "binary-local")))
1050 (replace 'install
1051 (lambda* (#:key outputs #:allow-other-keys)
1052 (let ((out (assoc-ref outputs "out")))
1053 (invoke "make" "install-binary" "install-completions"
1054 (string-append "PREFIX=" out))))))))
1055 (home-page "https://github.com/projectatomic/skopeo")
1056 (synopsis "Interact with container images and container image registries")
1057 (description
1058 "@command{skopeo} is a command line utility providing various operations
1059with container images and container image registries. It can:
1060@enumerate
1061
1062@item Copy container images between various containers image stores,
1063converting them as necessary.
1064
1065@item Convert a Docker schema 2 or schema 1 container image to an OCI image.
1066
1067@item Inspect a repository on a container registry without needlessly pulling
1068the image.
1069
1070@item Sign and verify container images.
1071
1072@item Delete container images from a remote container registry.
1073
1074@end enumerate")
b23b9667 1075 (license license:asl2.0)))
5e95181b
EF		 1076
1077(define-public python-vagrant
1078 (package
1079 (name "python-vagrant")
1080 (version "0.5.15")
1081 (source
1082 (origin
1083 (method url-fetch)
1084 (uri (pypi-uri "python-vagrant" version))
1085 (sha256
1086 (base32
1087 "1ikrh6canhcxg5y7pzmkcnnydikppv7s6sm9prfx90nk0ac8m6mg"))))
1088 (build-system python-build-system)
1089 (arguments
1090 '(#:tests? #f)) ; tests involve running vagrant.
1091 (home-page "https://github.com/todddeluca/python-vagrant")
1092 (synopsis "Python bindings for Vagrant")
1093 (description
1094 "Python-vagrant is a Python module that provides a thin wrapper around the
1095@code{vagrant} command line executable, allowing programmatic control of Vagrant
1096virtual machines.")
1097 (license license:expat)))
f6e55da0
JL		 1098
1099(define-public bubblewrap
1100 (package
1101 (name "bubblewrap")
fd5ccec7 1102 (version "0.4.0")
f6e55da0
JL		 1103 (source (origin
1104 (method url-fetch)
546c9fa6 1105 (uri (string-append "https://github.com/containers/bubblewrap/"
f6e55da0
JL		 1106 "releases/download/v" version "/bubblewrap-"
1107 version ".tar.xz"))
1108 (sha256
1109 (base32
fd5ccec7 1110 "08r0f4c3fjkb4zjrb4kkax1zfcgcgic702vb62sjjw5xfhppvzp5"))))
f6e55da0
JL		 1111 (build-system gnu-build-system)
1112 (arguments
1113 `(#:phases
1114 (modify-phases %standard-phases
1115 (add-after 'unpack 'fix-test
1116 (lambda* (#:key outputs #:allow-other-keys)
1117 ;; Tests try to access /var/tmp, which is not possible in our build
1118 ;; environment. Let's give them another directory.
1119 ;; /tmp gets overriden in some tests, so we need another directory.
1120 ;; the only possibility is the output directory.
1121 (let ((tmp-dir (string-append (assoc-ref outputs "out") "/tmp")))
1122 (mkdir-p tmp-dir)
1123 (substitute* "tests/test-run.sh"
1124 (("/var/tmp") tmp-dir)
1125 ;; Tests create a temporary python script, so fix its shebang.
1126 (("/usr/bin/env python") (which "python"))
1127 ;; Some tests try to access /usr, but that doesn't exist.
1128 ;; Give them /gnu instead.
1129 (("/usr") "/gnu")
2d03201a
MB		 1130 (("--ro-bind /bin /bin") "--ro-bind /gnu /bin")
1131 (("--ro-bind /sbin /sbin") "--ro-bind /gnu /sbin")
1132 (("--ro-bind /lib /lib") "--ro-bind /gnu /lib")
f6e55da0
JL		 1133 ((" */bin/bash") (which "bash"))
1134 (("/bin/sh") (which "sh"))
1135 (("findmnt") (which "findmnt"))))
1136 #t))
1137 ;; Remove the directory we gave to tests to have a clean package.
1138 (add-after 'check 'remove-tmp-dir
1139 (lambda* (#:key outputs #:allow-other-keys)
1140 (delete-file-recursively (string-append (assoc-ref outputs "out") "/tmp"))
1141 #t)))))
1142 (inputs
1143 `(("libcap" ,libcap)))
1144 (native-inputs
1145 `(("python-2" ,python-2)
1146 ("util-linux" ,util-linux)))
546c9fa6 1147 (home-page "https://github.com/containers/bubblewrap")
f6e55da0
JL		 1148 (synopsis "Unprivileged sandboxing tool")
1149 (description "Bubblewrap is aimed at running applications in a sandbox,
7ecd1761
TGR		 1150restricting their access to parts of the operating system or user data such as
1151the home directory. Bubblewrap always creates a new mount namespace, and the
1152user can specify exactly what parts of the file system should be made visible
ef1f1ca7 1153in the sandbox. These directories are mounted with the @code{nodev} option
7ecd1761 1154by default and can be made read-only.")
f6e55da0 1155 (license license:lgpl2.0+)))
17043677 1156
1157(define-public bochs
1158 (package
1159 (name "bochs")
f17bd3c6 1160 (version "2.6.11")
17043677 1161 (source
1162 (origin
1163 (method url-fetch)
1164 (uri (string-append "https://sourceforge.net/projects/bochs/files/bochs/"
1165 version "/bochs-" version ".tar.gz"))
1166 (sha256
f17bd3c6 1167 (base32 "0ql8q6y1k356li1g9gbvl21448mlxphxxi6kjb2b3pxvzd0pp2b3"))))
17043677 1168 (build-system gnu-build-system)
1169 (arguments
f17bd3c6 1170 `(#:tests? #f)) ; no tests exist
17043677 1171 (inputs
1172 `(("libxrandr" ,libxrandr)))
1173 (home-page "http://bochs.sourceforge.net/")
1174 (synopsis "Emulator for x86 PC")
1175 (description
1176 "Bochs is an emulator which can emulate Intel x86 CPU, common I/O
1177devices, and a custom BIOS. It can also be compiled to emulate many different
1178x86 CPUs, from early 386 to the most recent x86-64 Intel and AMD processors.
1179Bochs can run most Operating Systems inside the emulation including Linux,
1180DOS or Microsoft Windows.")
1181 (license license:lgpl2.0+)))
35e8900d 1182
35e8900d
DM		 1183(define-public xen
1184 (package
1185 (name "xen")
1186 (version "4.11.1")
1187 (source (origin
1188 (method git-fetch)
1189 (uri (git-reference
1190 (url "git://xenbits.xenproject.org/xen.git")
1191 (commit (string-append "RELEASE-" version))))
1192 (file-name (git-file-name name version))
1193 (sha256
1194 (base32
1195 "1wv1hyfii14vi9lfjmnv07h2gpm3b7kvh2p55f4yy2b40simksgk"))))
1196 (build-system gnu-build-system)
1197 (arguments
1198 `(#:configure-flags
1199 (list "--enable-rpath"
1200 "--disable-qemu-traditional" ; It tries to do "git clone"
1201 "--disable-rombios" ; would try to "git clone" via etherboot.
35e8900d
DM		 1202 ;; TODO: Re-enable stubdom (it's "more secure" to use it).
1203 "--disable-stubdom" ; tries to "git clone" old patched newlib.
1204 (string-append "--with-initddir="
1205 (assoc-ref %outputs "out")
1206 "/etc/init.d")
1207 (string-append "--with-system-qemu="
1208 (assoc-ref %build-inputs "qemu")
1209 "/bin/qemu-system-i386")
1210 (string-append "--with-system-seabios="
1211 (assoc-ref %build-inputs "seabios")
1212 "/share/firmware/bios.bin")
1213 (string-append "--with-system-ovmf="
1214 (assoc-ref %build-inputs "ovmf")
1215 "/share/firmware/ovmf_ia32.bin"))
1216 #:make-flags (list "-j" "1"
1217 "XEN_BUILD_DATE=Thu Jan 1 01:00:01 CET 1970"
1218 "XEN_BUILD_TIME=01:00:01"
1219 "XEN_BUILD_HOST="
1220 "ETHERBOOT_NICS="
1221 "SMBIOS_REL_DATE=01/01/1970"
1222 "VGABIOS_REL_DATE=01 Jan 1970"
1223 ; QEMU_TRADITIONAL_LOC
1224 ; QEMU_UPSTREAM_LOC
1225 "SYSCONFIG_DIR=/tmp/etc/default"
1226 (string-append "BASH_COMPLETION_DIR="
1227 (assoc-ref %outputs "out")
1228 "/etc/bash_completion.d")
1229 (string-append "BOOT_DIR="
1230 (assoc-ref %outputs "out")
1231 "/boot")
1232 (string-append "DEBUG_DIR="
1233 (assoc-ref %outputs "out")
1234 "/lib/debug")
1235 (string-append "EFI_DIR="
1236 (assoc-ref %outputs "out")
1237 "/lib/efi") ; TODO lib64 ?
1238 "MINIOS_UPSTREAM_URL="
1239 ;(string-append "DISTDIR="
1240 ; (assoc-ref %outputs "out"))
1241)
1242 #:test-target "test"
1243 #:phases
1244 (modify-phases %standard-phases
1245 (add-after 'unpack 'unpack-mini-os
1246 (lambda* (#:key inputs #:allow-other-keys)
1247 (copy-recursively (assoc-ref inputs "mini-os") "extras/mini-os")
1248 #t))
1249 (add-after 'unpack-mini-os 'patch
1250 (lambda* (#:key inputs outputs #:allow-other-keys)
1251 (substitute* "tools/firmware/Rules.mk"
1252 (("override XEN_TARGET_ARCH = x86_32")
1253 (string-append "override XEN_TARGET_ARCH = x86_32
1254override CC = " (assoc-ref inputs "cross-gcc") "/bin/i686-linux-gnu-gcc"))
1255 (("^CFLAGS =$")
1256 (string-append "CFLAGS=-I" (assoc-ref inputs "cross-libc")
1257 "/include\n")))
1258 (substitute* "config/x86_32.mk"
1259 (("CFLAGS += -m32 -march=i686")
1260 (string-append "CFLAGS += -march=i686 -I"
1261 (assoc-ref inputs "cross-libc")
1262 "/include")))
35e8900d
DM		 1263 ;; /var is not in /gnu/store , so don't try to create it.
1264 (substitute* '("tools/Makefile"
1265 "tools/xenstore/Makefile"
1266 "tools/xenpaging/Makefile")
1267 (("\\$\\(INSTALL_DIR\\) .*XEN_(DUMP|LOG|RUN|LIB|PAGING)_DIR.*")
1268 "\n")
1269 (("\\$\\(INSTALL_DIR\\) .*XEN_(RUN|LIB)_STORED.*")
1270 "\n"))
1271 ;; Prevent xen from creating /etc .
1272 (substitute* "tools/examples/Makefile"
1273 ((" install-readmes") "")
1274 ((" install-configs") ""))
1275 ;; Set rpath.
1276 (substitute* "tools/pygrub/setup.py"
1277 (("library_dirs =")
1278 ; TODO: extra_link_args = ['-Wl,-rpath=/opt/foo'],
1279 (string-append "runtime_library_dirs = ['"
1280 (assoc-ref outputs "out")
1281 "/lib'],\nlibrary_dirs =")))
1282 #t))
1283 (add-before 'configure 'patch-xen-script-directory
1284 (lambda* (#:key outputs #:allow-other-keys)
1285 (substitute* '("configure"
1286 "tools/configure"
1287 "docs/configure")
1288 (("XEN_SCRIPT_DIR=.*")
1289 (string-append "XEN_SCRIPT_DIR="
1290 (assoc-ref outputs "out")
1291 "/etc/xen/scripts")))
1292 #t))
1293 (add-before 'configure 'set-environment-up
1294 (lambda* (#:key make-flags #:allow-other-keys)
1295 (define (cross? x)
1296 (string-contains x "cross-i686-linux"))
1297 (define (filter-environment! filter-predicate
1298 environment-variable-names)
1299 (for-each
1300 (lambda (env-name)
1301 (let* ((env-value (getenv env-name))
1302 (search-path (search-path-as-string->list env-value))
1303 (new-search-path (filter filter-predicate
1304 search-path))
1305 (new-env-value (list->search-path-as-string
1306 new-search-path ":")))
1307 (setenv env-name new-env-value)))
1308 environment-variable-names))
1309 (setenv "CROSS_C_INCLUDE_PATH" (getenv "C_INCLUDE_PATH"))
1310 (setenv "CROSS_CPLUS_INCLUDE_PATH" (getenv "CPLUS_INCLUDE_PATH"))
1311 (setenv "CROSS_LIBRARY_PATH" (getenv "LIBRARY_PATH"))
1312 (filter-environment! cross?
1313 '("CROSS_C_INCLUDE_PATH" "CROSS_CPLUS_INCLUDE_PATH"
1314 "CROSS_LIBRARY_PATH"))
1315 (filter-environment! (lambda (e) (not (cross? e)))
1316 '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH"
1317 "LIBRARY_PATH"))
1318 ;; Guix tries to be helpful and automatically adds
1319 ;; mini-os-git-checkout/include to the include path,
1320 ;; but actually we don't want it to be there (yet).
1321 (filter-environment! (lambda (e)
1322 (not
1323 (string-contains e
1324 "mini-os-git-checkout")))
1325 '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH"
1326 "LIBRARY_PATH"))
1327 (setenv "EFI_VENDOR" "guix")
1328 #t))
1329 (replace 'build
1330 (lambda* (#:key make-flags #:allow-other-keys)
1331 (apply invoke "make" "world" make-flags))))))
1332 (inputs
1333 `(("acpica" ,acpica) ; TODO: patch iasl invocation.
1334 ("bridge-utils" ,bridge-utils) ; TODO: patch invocations.
1335 ("glib" ,glib)
1336 ("iproute" ,iproute) ; TODO: patch invocations.
1337 ("libaio" ,libaio)
1338 ("libx11" ,libx11)
1339 ("libyajl" ,libyajl)
1340 ("ncurses" ,ncurses)
1341 ("openssl" ,openssl)
1342 ("ovmf" ,ovmf)
1343 ("pixman" ,pixman)
1344 ("qemu" ,qemu-minimal)
1345 ("seabios" ,seabios)
1346 ("util-linux" ,util-linux) ; uuid
1347 ; TODO: ocaml-findlib, ocaml-nox.
1348 ("xz" ,xz) ; for liblzma
1349 ("zlib" ,zlib)))
1350 (native-inputs
1351 `(("dev86" ,dev86)
1352 ("bison" ,bison)
c69959f0 1353 ("cmake" ,cmake-minimal)
35e8900d
DM		 1354 ("figlet" ,figlet)
1355 ("flex" ,flex)
1356 ("gettext" ,gettext-minimal)
1357 ("libnl" ,libnl)
1358 ("mini-os"
1359 ,(origin
1360 (method git-fetch)
1361 (uri (git-reference
1362 (url "http://xenbits.xen.org/git-http/mini-os.git")
1363 (commit (string-append "xen-RELEASE-" version))))
1364 (sha256
1365 (base32
1366 "1i8pcl19n60i2m9vlg79q3nknpj209c9ic5x10wxaicx45kc107f"))
1367 (file-name "mini-os-git-checkout")))
1368 ("perl" ,perl)
1369 ; TODO: markdown
1370 ("pkg-config" ,pkg-config)
1371 ("python" ,python-2)
1372 ("wget" ,wget)
1373 ("cross-gcc" ,(cross-gcc "i686-linux-gnu"
1374 #:xbinutils (cross-binutils "i686-linux-gnu")
1375 #:libc (cross-libc "i686-linux-gnu")))
1376 ("cross-libc" ,(cross-libc "i686-linux-gnu")) ; header files
1377 ("cross-libc-static" ,(cross-libc "i686-linux-gnu") "static")))
1378 (home-page "https://xenproject.org/")
1379 (synopsis "Xen Virtual Machine Monitor")
1380 (description "This package provides the Xen Virtual Machine Monitor
1381which is a hypervisor.")
1382 ;; TODO: Some files are licensed differently. List those.
1383 (license license:gpl2)
1384 (supported-systems '("i686-linux" "x86_64-linux" "armhf-linux"))))
jackhill's copy of GNU Guix: https://guix.gnu.org/