bug#50697: [core-updates-frozen] ca-certificate-bundle generation is broken.

2021-09-21 Thread Mathieu Othacehe 


Hey,

> With this patch I think the 'install-keystore' phase of icedtea-7 will
> also have to be updated to search for the ".pem" files instead of the
> ".crt" ones.

Right, thanks for the heads up. I pushed the original two patches plus a
new one to fix icedtea-7.

Thanks,

Mathieu

bug#50597: different fixed-output when using ’--with-source’ transformation

2021-09-21 Thread zimoun 
Hi Ludo,

On Sat, 18 Sep 2021 at 18:06, Ludovic Courtès  wrote:
> zimoun  skribis:
>
>> Why the store item of source tarball is it different when applying the
>> transformation?
>>
>> Maxime provided a clue [1].
>
> Maxime is right: ‘--with-source’ passes #:recursive? #t unconditionally,
> whereas it’s usually #f for a ‘url-fetch’ kind of URI.

Thanks for confirming.  Why is it different?


> What we could do is make it #t if and only if the URL denotes a local
> file and that file is a directory.  I think that would achieve what you
> want without any observable regression in practice.

What I expect is that 2 (fixed-output) files with the same hash
(0ssi1w…) lives at the same store location…

--8<---cut here---start->8---
$ guix hash /gnu/store/chariqd6k0sli3s7vcl4q3al0crirz5v-hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i

$ guix hash /gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i
--8<---cut here---end--->8---

…whatever if these (fixed-output) files come from “guix download”, “guix
build -S” or “--with-source=https://” or etc.

The mapping from hash (0ssi1w…) to store location should be 1:1 for
fixed-output, IMHO.

Cheers,
simon

bug#50696: [core-updates-frozen] Wrong output hashes computed since cb06f7c61e4b839

2021-09-21 Thread Ludovic Courtès 
Ludovic Courtès  skribis:

> Fixed upstream:
>
>   
> https://git.savannah.gnu.org/cgit/guile.git/commit/?id=74abae04aa68dc18676bd84c4a73324b0613475d

And here’s the clever workaroud, in all modesty:

  
https://git.savannah.gnu.org/cgit/guix.git/commit/?h=core-updates-frozen&id=68933659cb191774872d8ff71503844b92dc7355

:-)

Ludo’.

bug#50617: [core-updates-frozen] CMake fails to build on i686-linux

2021-09-21 Thread Ludovic Courtès 
Hi,

Guillaume Le Vaillant  skribis:

> Ludovic Courtès  skribis:
>
>> On ‘core-updates-frozen’, CMake has one test failure on i686-linux when
>> building on berlin (e.g., ):
>>
>> --8<---cut here---start->8---
>> 545/558 Test #518: RunCMake.CPack_TXZ 
>> ***Failed3.79 sec
>> [...]
>> --8<---cut here---end--->8---
>>
>> I cannot reproduce it on hardware with 32 cores.  I suspect it has to do
>> with the number of threads used for xz compression, which defaults to
>> the number of cores, and some of the build machines on berlin have way
>> more cores.
>>
>> Ludo’.
>
> I tried a few times on a machine with 16 cores, and I can't reproduce
> either. The build succeeded every time.

Since the bug only seems to manifest on specific machines for reasons
that escape me, I went ahead and arranged to just skip it in commit
f762d63ec072500cd327ec5342c2f5434c267222.

Ludo’.

bug#48238: Julia 'Pkg.add' is broken

2021-09-21 Thread zimoun 
Hi,

Using Guix fb32a38.

On Wed, 05 May 2021 at 15:22, zimoun  wrote:

> Packaging Julia stuff, I note something as a bug, I guess.  Julia seems
> to keep references to the build directory in the output.

The consequence is that Julia is somehow broken.

--8<---cut here---start->8---
$ rm -fr ~/.julia
$ guix environment --pure --ad-hoc julia \
   -- julia -e 'using Pkg; Pkg.add("GZip"); using GZip'
WARNING: failed to select UTF-8 encoding, using ASCII
  Installing known registries into `~/.julia`
ERROR: could not download 
https://pkg.julialang.org/registry/23338594-aafe-5451-b93e-139f81909106/18e4ba1e8fb9c86ed483b99c8260fcac80578dd9
Stacktrace:
  [1] pkgerror(msg::String)
@ Pkg.Types 
/tmp/guix-build-julia-1.6.2.drv-0/julia-1.6.2/usr/share/julia/stdlib/v1.6/Pkg/src/Types.jl:55
  [2] (::Pkg.Types.var"#82#85"{Pkg.Types.Context, String, 
Pkg.Types.RegistrySpec})(tmp::String)
@ Pkg.Types 
/tmp/guix-build-julia-1.6.2.drv-0/julia-1.6.2/usr/share/julia/stdlib/v1.6/Pkg/src/Types.jl:1035

[...]


caused by: IOError: could not spawn setenv(`7z x /tmp/jl_bcay5W-download.gz 
-so`,["PATH=:/gnu/store/b3gxgz9bpj3wyzcr423sib7mhkrlvzfs-profile/bin", 
"PWD=/home/simon/src/my-conf", "DISPLAY=:0", 
"LD_LIBRARY_PATH=/gnu/store/wdsw2l1wyxlbgn0bpm0wgbp8cs95xa3d-julia-1.6.2/bin/../lib/julia:/gnu/store/wdsw2l1wyxlbgn0bpm0wgbp8cs95xa3d-julia-1.6.2/bin/../lib",
 "XAUTHORITY=/run/user/1001/gdm/Xauthority", 
"GUIX_ENVIRONMENT=/gnu/store/b3gxgz9bpj3wyzcr423sib7mhkrlvzfs-profile", 
"LOGNAME=simon", "SHLVL=0", "JULIA_LOAD_PATH=:", "PAGER=cat", "USER=simon", 
"HOME=/home/simon", "TERM=ansi", 
"JULIA_DEPOT_PATH=:/gnu/store/b3gxgz9bpj3wyzcr423sib7mhkrlvzfs-profile/share/julia/:/gnu/store/b3gxgz9bpj3wyzcr423sib7mhkrlvzfs-profile/share/julia/",
 "OPENBLAS_MAIN_FREE=1"]): no such file or directory (ENOENT)
Stacktrace:

[...]

  [9] download_verify_unpack(url::String, hash::Nothing, dest::String; 
tarball_path::Nothing, ignore_existence::Bool, force::Bool, verbose::Bool, 
quiet_download::Bool, io::Base.TTY)
@ Pkg.PlatformEngines 
/tmp/guix-build-julia-1.6.2.drv-0/julia-1.6.2/usr/share/julia/stdlib/v1.6/Pkg/src/PlatformEngines.jl:511

[...]

 [25] add(pkg::String)
@ Pkg.API 
/tmp/guix-build-julia-1.6.2.drv-0/julia-1.6.2/usr/share/julia/stdlib/v1.6/Pkg/src/API.jl:75
 [26] top-level scope
@ none:1
--8<---cut here---end--->8---


All the best,
simon

bug#50568: Missing source code

2021-09-21 Thread pelzflorian (Florian Pelz) 
On Mon, Sep 20, 2021 at 09:25:27AM +0200, Ludovic Courtès wrote:
> The thing is that this code is used by the internal ‘guix
> perform-download’ command, invoked by ‘guix-daemon’ when performing a
> source download.

Thank you for enlightening me; I had not expected guix-daemon.

Success!  After

./bootstrap
./configure --localstatedir=/var
make
GUIX_ALLOW_ME_TO_USE_PRIVATE_COMMIT=y make update-guix-package

and git commit -a, guix pull, reconfigure and reboot, your
web.archive.org patch downloads from web.archive.org with the steps
from before:

"pelzflorian (Florian Pelz)"  skribis:
> I guix pull with the patch applied, add the IP from
>
> guix environment --ad-hoc bind:utils -- dig web.archive.org
>
> to /etc/hosts, set my DNS server to a non-existing 10.0.0.50, disable
> IPv6, then “sudo herd stop nscd”, re-connect Network Manager (ping
> gnu.org fails now) and LC_ALL=en_US.utf8 guix install hello.

/var/log/guix/drvs/wy/24jyd0mm2jlgpzsxxlip03df065g35-hello-2.10.tar.gz.drv.bz2
says after various failures in name resolution it got downloaded from
web.archive.org.  I enjoy GNU Hello now.  Thank you for making
reproducibility easier.

> To test it, you can first start the new daemon, along these lines:
> 
>   sudo herd stop guix-daemon
>   sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild

No, going back one generation and guix gc -D’ing the
/gnu/store/*hello-2.10* after adding web.archive.org to /etc/hosts
again, I for some reason get a

florian@florianacer ~$ bzcat 
/var/log/guix/drvs/wy/24jyd0mm2jlgpzsxxlip03df065g35-hello-2.10.tar.gz.drv.bz2
error: failed to run download program '/home/florian/src/guix/scripts/guix': 
Keine Berechtigung

(Keine Berechtigung is German for Permission denied) but it does not
matter, since the reconfigure and reboot works when and only when
adding web.archive.org to /etc/hosts.

Actually I will later take another look at this, because the manual
says ./pre-inst-env guix-daemon should work.

> Another option is to call ‘url-fetch’ manually at the REPL.

This I didn’t try.

Regards,
Florian

bug#50705: emacs-guix fails to list packages

2021-09-21 Thread Ludovic Courtès 
Hi Simon,

Simon Streit  skribis:

> I just pulled Guix up to 6eded1a04186e3118b293486b038c994e05efedf, and
> unfortunately emacs-guix fails to list any installed packages of a given
> profile.

This (long) command works for me:

  guix time-machine --commit=6eded1a04186e3118b293486b038c994e05efedf -- \
environment -E ^TERM -CP --ad-hoc emacs emacs-guix guile guix -- \
emacs

Could it be that something else is interfering, in your ~/.emacs, Guile
load path or something?

HTH,
Ludo’.

bug#50672: python-pytorch is not reproducible

2021-09-21 Thread Ludovic Courtès 
Ludovic Courtès  skribis:

> $ guix challenge python-pytorch
> /gnu/store/dgdswx4vvf07xmhih21n4fnr68dh3fhd-python-pytorch-1.9.0 contents 
> differ:
>   no local build for 
> '/gnu/store/dgdswx4vvf07xmhih21n4fnr68dh3fhd-python-pytorch-1.9.0'
>   
> https://ci.guix.gnu.org/nar/lzip/dgdswx4vvf07xmhih21n4fnr68dh3fhd-python-pytorch-1.9.0:
>  0i55iwy3z4da4lhn93dnrmz775s9ga5kyfli6cmrchacacf9xfpq
>   
> https://bordeaux.guix.gnu.org/nar/lzip/dgdswx4vvf07xmhih21n4fnr68dh3fhd-python-pytorch-1.9.0:
>  1fl2v4pd0gcw7wp5k662q0zd4lvvzsggcm5ii8b4kq4v6synhkic
>   differing file:
> /lib/python3.8/site-packages/torch/lib/libtorch_cpu.so
>
> 1 store items were analyzed:
>   - 0 (0.0%) were identical
>   - 1 (100.0%) differed
>   - 0 (0.0%) were inconclusive
> $ guix describe 
> Generacio 189   Aug 30 2021 12:09:27(nuna)
>   guix f91ae94
> repository URL: https://git.savannah.gnu.org/git/guix.git
> branch: master
> commit: f91ae9425bb385b60396a544afe27933896b8fa3

Reported upstream: .

Ludo’.

bug#50723: [core-updates-frozen] installer crashes on timezone selection

2021-09-21 Thread Jonathan Brielmaier 



Hi,

the graphical installer on core-updates-frozen crashes directly after
selecting the city of timezone:

Reproducer (other combinations are also broken, maybe all):
Locale -> Deutsch
Locale-Area -> Deutschland
Graphical installation
Timezone -> Europe/Berlin

The backtrace can be found here:
https://bpa.st/NVGQ

The installation image comes from
a3324e57531186a42feb3aa488556faa67386e9c. Its built with '--no-grafts'
due to https://issues.guix.gnu.org/50676.

~Jonathan

bug#50568: Missing source code

2021-09-21 Thread pelzflorian (Florian Pelz) 
On Tue, Sep 21, 2021 at 12:28:50PM +0200, pelzflorian (Florian Pelz) wrote:
> On Mon, Sep 20, 2021 at 09:25:27AM +0200, Ludovic Courtès wrote:
> > To test it, you can first start the new daemon, along these lines:
> > 
> >   sudo herd stop guix-daemon
> >   sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild
> 
> No, going back one generation and guix gc -D’ing the
> /gnu/store/*hello-2.10* after adding web.archive.org to /etc/hosts
> again, I for some reason get a
> 
> florian@florianacer ~$ bzcat 
> /var/log/guix/drvs/wy/24jyd0mm2jlgpzsxxlip03df065g35-hello-2.10.tar.gz.drv.bz2
> error: failed to run download program '/home/florian/src/guix/scripts/guix': 
> Keine Berechtigung
> 
> (Keine Berechtigung is German for Permission denied) but it does not
> matter, since the reconfigure and reboot works when and only when
> adding web.archive.org to /etc/hosts.
> 
> Actually I will later take another look at this, because the manual
> says ./pre-inst-env guix-daemon should work.

There is no regression.  Without the web.archive.org patch,
`guix install hello' via

sudo -E ./pre-inst-env guix-daemon --build-users-group=guixbuild

always shows the same error, regardless of whether I misdirected DNS
lookups or not.  The patch is not at fault.  Though I don’t know why.

sudo -E strace -f ./pre-inst-env guix-daemon --build-users-group=guixbuild

shows

[pid  1854] execve("/home/florian/src/guix/scripts/guix", ["guix", 
"perform-download", "/gnu/store/wy24jyd0mm2jlgpzsxxli"..., 
"/gnu/store/hbdalsf5lpf01x4dcknwx"...], 0x1d8f9a0 /* 80 vars */) = -1 EACCES 
(Keine Berechtigung)

 says:
> The exec functions shall fail if:
> …
> [EACCES]
> The new process image file is not a regular file and the implementation 
> does not support execution of files of its type.
> The exec functions, except for fexecve(), shall fail if:
> [EACCES]
> Search permission is denied for a directory listed in the new process 
> image file's path prefix, or the new process image file denies execution 
> permission.

I run:
florian@florianacer ~$ ls -ahl /home/florian/src/guix/scripts/guix
-r-xr-xr-x 1 florian users 2,0K 21. Sep 07:30 
/home/florian/src/guix/scripts/guix
florian@florianacer ~$ ls -ahl /home/florian/src/guix | grep scripts
drwxr-xr-x  2 florian users 4,0K 21. Sep 07:30 scripts/
florian@florianacer ~$ lsattr /home/florian/src/guix/scripts/guix
--e- /home/florian/src/guix/scripts/guix
florian@florianacer ~ [env]$ cat test-execv.c
#include 

int main ()
{
  const char *const argv[] =
{
  "guix", "perform-download",
  "/gnu/store/wy24jyd0mm2jlgpzsxxlip03df065g35-hello-2.10.tar.gz.drv",
  "/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz.lock",
  NULL
};

  execv ("/home/florian/src/guix/scripts/guix", (char *const *) argv);

  return 0;
}
florian@florianacer ~ [env]$ gcc test-execv.c -o test-execv
florian@florianacer ~ [env]$ LC_ALL=en_US.utf8 ~/test-execv

Starting download of 
/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz.lock
>From https://ftpmirror.gnu.org/gnu/hello/hello-2.10.tar.gz...
following redirection to `https://ftp.wayne.edu/gnu/hello/hello-2.10.tar.gz'...
In procedure open-file: Read-only file system: 
"/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz.lock"
[and more expected failures …]

Whatever.  It is not important.

Regards,
Florian

bug#50723: [core-updates-frozen] installer crashes on timezone selection

2021-09-21 Thread Mathieu Othacehe 


Hello Jonathan,

Thanks for the complete bug report, this is fixed with
d58e52b0713648dd30d41b41277854a935d8d15a.

> The installation image comes from
> a3324e57531186a42feb3aa488556faa67386e9c. Its built with '--no-grafts'
> due to https://issues.guix.gnu.org/50676.

This one looks more tricky :(.

Mathieu

bug#50728: Update Pandoc (just on my machine)

2021-09-21 Thread vidak 
I know that there is this issue:

http://issues.guix.gnu.org/39798

And it was closed because Guix wants to stay with the LTS version of
Haskell.

But I need to use some features that come in later versions of pandoc.

A few of my static site generator projects break because I need features
that come after 2.7.x, which is the version that Guix packages.

Can someone explain to me how to package the latest pandoc just on my
own computer?

Thanks.

~vidak