2023-08-03 14:30:43 +00:00
|
|
|
{ lib
|
|
|
|
, stdenv
|
|
|
|
, fetchurl
|
2024-04-10 05:30:37 +00:00
|
|
|
, fetchpatch
|
2023-08-03 14:30:43 +00:00
|
|
|
, autoreconfHook
|
2023-10-27 17:27:00 +00:00
|
|
|
, disarchive
|
2023-08-03 14:30:43 +00:00
|
|
|
, git
|
|
|
|
, glibcLocales
|
|
|
|
, guile
|
|
|
|
, guile-avahi
|
|
|
|
, guile-gcrypt
|
|
|
|
, guile-git
|
|
|
|
, guile-gnutls
|
|
|
|
, guile-json
|
|
|
|
, guile-lib
|
|
|
|
, guile-lzlib
|
|
|
|
, guile-lzma
|
|
|
|
, guile-semver
|
|
|
|
, guile-ssh
|
|
|
|
, guile-sqlite3
|
|
|
|
, guile-zlib
|
|
|
|
, guile-zstd
|
|
|
|
, help2man
|
|
|
|
, makeWrapper
|
|
|
|
, pkg-config
|
|
|
|
, po4a
|
|
|
|
, scheme-bytestructures
|
|
|
|
, texinfo
|
|
|
|
, bzip2
|
|
|
|
, libgcrypt
|
|
|
|
, sqlite
|
2023-10-29 07:03:42 +00:00
|
|
|
|
|
|
|
, stateDir ? "/var"
|
|
|
|
, storeDir ? "/gnu/store"
|
|
|
|
, confDir ? "/etc"
|
2023-08-03 14:30:43 +00:00
|
|
|
}:
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
|
|
|
pname = "guix";
|
|
|
|
version = "1.4.0";
|
|
|
|
|
|
|
|
src = fetchurl {
|
|
|
|
url = "mirror://gnu/guix/guix-${version}.tar.gz";
|
|
|
|
hash = "sha256-Q8dpy/Yy7wVEmsH6SMG6FSwzSUxqvH5HE3u6eyFJ+KQ=";
|
|
|
|
};
|
|
|
|
|
2024-04-10 05:30:37 +00:00
|
|
|
patches = [
|
|
|
|
(fetchpatch {
|
|
|
|
name = "CVE-2024-27297_1.patch";
|
|
|
|
url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143";
|
|
|
|
hash = "sha256-xKo1h2uckC2pYHt+memekagfL6dWcF8gOnTOOW/wJUU=";
|
|
|
|
})
|
|
|
|
(fetchpatch {
|
|
|
|
name = "CVE-2024-27297_2.patch";
|
|
|
|
url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=ff1251de0bc327ec478fc66a562430fbf35aef42";
|
|
|
|
hash = "sha256-f4KWDVrvO/oI+4SCUHU5GandkGtHrlaM1BWygM/Qlao=";
|
|
|
|
})
|
|
|
|
];
|
|
|
|
|
2023-08-03 14:30:43 +00:00
|
|
|
postPatch = ''
|
|
|
|
sed nix/local.mk -i -E \
|
|
|
|
-e "s|^sysvinitservicedir = .*$|sysvinitservicedir = $out/etc/init.d|" \
|
|
|
|
-e "s|^openrcservicedir = .*$|openrcservicedir = $out/etc/openrc|"
|
|
|
|
'';
|
|
|
|
|
|
|
|
strictDeps = true;
|
|
|
|
|
|
|
|
nativeBuildInputs = [
|
|
|
|
autoreconfHook
|
2023-10-27 17:27:00 +00:00
|
|
|
disarchive
|
2023-08-03 14:30:43 +00:00
|
|
|
git
|
|
|
|
glibcLocales
|
|
|
|
guile
|
|
|
|
guile-avahi
|
|
|
|
guile-gcrypt
|
|
|
|
guile-git
|
|
|
|
guile-gnutls
|
|
|
|
guile-json
|
|
|
|
guile-lib
|
|
|
|
guile-lzlib
|
|
|
|
guile-lzma
|
|
|
|
guile-semver
|
|
|
|
guile-ssh
|
|
|
|
guile-sqlite3
|
|
|
|
guile-zlib
|
|
|
|
guile-zstd
|
|
|
|
help2man
|
|
|
|
makeWrapper
|
|
|
|
pkg-config
|
|
|
|
po4a
|
|
|
|
scheme-bytestructures
|
|
|
|
texinfo
|
|
|
|
];
|
|
|
|
|
|
|
|
buildInputs = [
|
|
|
|
bzip2
|
|
|
|
guile
|
|
|
|
libgcrypt
|
|
|
|
sqlite
|
|
|
|
];
|
|
|
|
|
|
|
|
propagatedBuildInputs = [
|
2023-10-27 17:27:00 +00:00
|
|
|
disarchive
|
2023-08-03 14:30:43 +00:00
|
|
|
guile-avahi
|
|
|
|
guile-gcrypt
|
|
|
|
guile-git
|
|
|
|
guile-gnutls
|
|
|
|
guile-json
|
|
|
|
guile-lib
|
|
|
|
guile-lzlib
|
|
|
|
guile-lzma
|
|
|
|
guile-semver
|
|
|
|
guile-ssh
|
|
|
|
guile-sqlite3
|
|
|
|
guile-zlib
|
|
|
|
guile-zstd
|
|
|
|
scheme-bytestructures
|
|
|
|
];
|
|
|
|
|
|
|
|
configureFlags = [
|
2023-10-29 07:03:42 +00:00
|
|
|
"--with-store-dir=${storeDir}"
|
|
|
|
"--localstatedir=${stateDir}"
|
|
|
|
"--sysconfdir=${confDir}"
|
2023-08-03 14:30:43 +00:00
|
|
|
"--with-bash-completion-dir=$(out)/etc/bash_completion.d"
|
|
|
|
];
|
|
|
|
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
|
|
|
|
postInstall = ''
|
|
|
|
for f in $out/bin/*; do
|
|
|
|
wrapProgram $f \
|
|
|
|
--prefix GUILE_LOAD_PATH : "$out/${guile.siteDir}:$GUILE_LOAD_PATH" \
|
|
|
|
--prefix GUILE_LOAD_COMPILED_PATH : "$out/${guile.siteCcacheDir}:$GUILE_LOAD_COMPILED_PATH"
|
|
|
|
done
|
|
|
|
'';
|
|
|
|
|
|
|
|
meta = with lib; {
|
|
|
|
description = "Functional package manager with a Scheme interface";
|
|
|
|
longDescription = ''
|
|
|
|
GNU Guix is a purely functional package manager for the GNU system, and a distribution thereof.
|
|
|
|
In addition to standard package management features, Guix supports
|
|
|
|
transactional upgrades and roll-backs, unprivileged package management,
|
|
|
|
per-user profiles, and garbage collection.
|
|
|
|
It provides Guile Scheme APIs, including high-level embedded
|
|
|
|
domain-specific languages (EDSLs), to describe how packages are built
|
|
|
|
and composed.
|
|
|
|
A user-land free software distribution for GNU/Linux comes as part of
|
|
|
|
Guix.
|
|
|
|
Guix is based on the Nix package manager.
|
|
|
|
'';
|
|
|
|
homepage = "http://www.gnu.org/software/guix";
|
|
|
|
license = licenses.gpl3Plus;
|
|
|
|
mainProgram = "guix";
|
2023-10-30 12:27:54 +00:00
|
|
|
maintainers = with maintainers; [ cafkafk foo-dogsquared ];
|
2023-08-03 14:30:43 +00:00
|
|
|
platforms = platforms.linux;
|
|
|
|
};
|
|
|
|
}
|