GNU bug report logs - #25422
GIT_SSL_CAINFO set incorrectly

Previous Next

Package: guix;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Wed, 11 Jan 2017 20:37:02 UTC

Severity: normal

Tags: patch

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 25422 in the body.
You can then email your comments to 25422 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Wed, 11 Jan 2017 20:37:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Wed, 11 Jan 2017 20:37:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: bug-guix <at> gnu.org
Subject: GIT_SSL_CAINFO set incorrectly
Date: Wed, 11 Jan 2017 15:36:31 -0500
[Message part 1 (text/plain, inline)]
Recently, Guix started to set the environment GIT_SSL_CAINFO like a
search path, instead of pointing to single file, which is what it should
be.

This makes Git unable to access remotes over HTTPS. It show a message
like this:

fatal: unable to access 'https://example.com/repo.git': Problem with the
SSL CA cert (path? access rights?)

I think this used to work "out of the box", at least on GuixSD.
[signature.asc (application/pgp-signature, inline)]

Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Sat, 14 Jan 2017 21:22:02 GMT) Full text and rfc822 format available.

Message #8 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Sat, 14 Jan 2017 22:20:59 +0100
Hi!

Leo Famulari <leo <at> famulari.name> skribis:

> Recently, Guix started to set the environment GIT_SSL_CAINFO like a
> search path, instead of pointing to single file, which is what it should
> be.

I don’t think anything has changed, maybe it’s just that your profile
now includes ‘ssl/certs’?

On my GuixSD machine, I still have:

  $ env |grep GIT_
  GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt

but that’s because ~/.guix-profile does not contain certificates.

At any rate, you are right that GIT_SSL_CAINFO should be a single file.
There’s a note in the code:

   (native-search-paths
    ;; For HTTPS access, Git needs a single-file certificate bundle, specified
    ;; with $GIT_SSL_CAINFO.
    ;; FIXME: This variable designates a single file; it is not a search path.
    (list (search-path-specification
           (variable "GIT_SSL_CAINFO")
           (file-type 'regular)
           (files '("etc/ssl/certs/ca-certificates.crt")))))

So we’re abusing the search path mechanism here.

A proper fix might be to add an option in ‘search-path-specification’ to
pick only the first match.

WDYT?

Thanks,
Ludo’.




Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Fri, 20 Jan 2017 04:29:01 GMT) Full text and rfc822 format available.

Message #11 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Mekeor Melire <mekeor.melire <at> gmail.com>
To: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Fri, 20 Jan 2017 05:27:47 +0100
I'm experiencing the same issue. I recently installed GuixSD freshly
and encountered this bug.

Adding an option to `search-path-specification' seems like a good idea.
Still, I wonder what this snippet from (gnu system) does:

    (define (operating-system-environment-variables os)
      "Return the environment variables of OS for
    @var{session-environment-service-type}, to be used in @file{/etc/environment}."
      `(("LANG" . ,(operating-system-locale os))
        ("TZ" . ,(operating-system-timezone os))
        ("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
        ;; Tell 'modprobe' & co. where to look for modules.
        ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
        ;; These variables are honored by OpenSSL (libssl) and Git.
        ("SSL_CERT_DIR" . "/etc/ssl/certs")
        ("SSL_CERT_FILE" . "/etc/ssl/certs/ca-certificates.crt")
        ("GIT_SSL_CAINFO" . "/etc/ssl/certs/ca-certificates.crt")





Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Sun, 22 Jan 2017 21:53:02 GMT) Full text and rfc822 format available.

Message #14 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 25422 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: [PATCH 0/2] Support single-entry search paths
Date: Sun, 22 Jan 2017 22:51:59 +0100
Hi!

These patches for ‘core-updates’ add support for “single-entry” search
paths like ‘GIT_SSL_CAINFO’.  This is achieved by setting ‘separator’ to
#f in the search path spec.

Feedback welcome!

Ludo’.

Ludovic Courtès (2):
  guix package: Honor the order of profiles when -p appears multiple
    times.
  search-paths: Allow specs with #f as their separator.

 Makefile.am                      |  3 ++-
 gnu/packages/version-control.scm |  4 ++--
 guix/build/profiles.scm          | 24 ++++++++++++--------
 guix/build/utils.scm             | 13 ++++++++---
 guix/scripts/package.scm         |  4 ++--
 guix/search-paths.scm            | 28 ++++++++++++++++-------
 tests/guix-package-net.sh        |  4 ++--
 tests/packages.scm               | 49 +++++++++++++++++++++++++++++++++++++++-
 tests/search-paths.scm           | 48 +++++++++++++++++++++++++++++++++++++++
 9 files changed, 148 insertions(+), 29 deletions(-)
 create mode 100644 tests/search-paths.scm

-- 
2.11.0





Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Sun, 22 Jan 2017 21:53:03 GMT) Full text and rfc822 format available.

Message #17 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 25422 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: [PATCH 1/2] guix package: Honor the order of profiles when -p appears
 multiple times.
Date: Sun, 22 Jan 2017 22:52:00 +0100
* guix/scripts/package.scm (process-query): Reverse the order of
PROFILES.
* tests/guix-package-net.sh: Test it with '--search-paths'.
---
 guix/scripts/package.scm  | 4 ++--
 tests/guix-package-net.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index 90e7fa229..79622ac14 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;; Copyright © 2013 Nikita Karetnikov <nikita <at> karetnikov.org>
 ;;; Copyright © 2013, 2015 Mark H Weaver <mhw <at> netris.org>
 ;;; Copyright © 2014, 2016 Alex Kost <alezost <at> gmail.com>
@@ -666,7 +666,7 @@ processed, #f otherwise."
                                         (_              #f))
                                       opts)
                      (() (list %current-profile))
-                     (lst lst)))
+                     (lst (reverse lst))))
          (profile  (match profiles
                      ((head tail ...) head))))
     (match (assoc-ref opts 'query)
diff --git a/tests/guix-package-net.sh b/tests/guix-package-net.sh
index 35ef6ff1a..1eff6abba 100644
--- a/tests/guix-package-net.sh
+++ b/tests/guix-package-net.sh
@@ -1,5 +1,5 @@
 # GNU Guix --- Functional package management for GNU
-# Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo <at> gnu.org>
+# Copyright © 2012, 2013, 2014, 2015, 2017 Ludovic Courtès <ludo <at> gnu.org>
 # Copyright © 2013 Nikita Karetnikov <nikita <at> karetnikov.org>
 #
 # This file is part of GNU Guix.
@@ -165,7 +165,7 @@ guix package --bootstrap -p "$profile_alt" -i gcc-bootstrap
 if guix package -p "$profile" --search-paths | grep LIBRARY_PATH
 then false; fi
 guix package -p "$profile" -p "$profile_alt" --search-paths \
-     | grep "LIBRARY_PATH.*$profile/lib"
+     | grep "LIBRARY_PATH.*$profile/lib.$profile_alt/lib"
 
 #
 # Try with the default profile.
-- 
2.11.0





Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Sun, 22 Jan 2017 21:54:02 GMT) Full text and rfc822 format available.

Message #20 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 25422 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: [PATCH 2/2] search-paths: Allow specs with #f as their separator.
Date: Sun, 22 Jan 2017 22:52:01 +0100
This adds support for single-entry search paths.
Fixes <http://bugs.gnu.org/25422>.
Reported by Leo Famulari <leo <at> famulari.name>.

* guix/search-paths.scm (<search-path-specification>)[separator]:
Document as string or #f.
* guix/search-paths.scm (evaluate-search-paths): Add case for SEPARATOR
as #f.
(environment-variable-definition): Handle SEPARATOR being #f.
* guix/build/utils.scm (list->search-path-as-string): Add case for
SEPARATOR as #f.
(search-path-as-string->list): Likewise.
* guix/build/profiles.scm (abstract-profile): Likewise.
* tests/search-paths.scm: New file.
* Makefile.am (SCM_TESTS): Add it.
* tests/packages.scm ("--search-paths with single-item search path"):
New test.
* gnu/packages/version-control.scm (git)[native-search-paths](separator):
New field.
---
 Makefile.am                      |  3 ++-
 gnu/packages/version-control.scm |  4 ++--
 guix/build/profiles.scm          | 24 ++++++++++++--------
 guix/build/utils.scm             | 13 ++++++++---
 guix/search-paths.scm            | 28 ++++++++++++++++-------
 tests/packages.scm               | 49 +++++++++++++++++++++++++++++++++++++++-
 tests/search-paths.scm           | 48 +++++++++++++++++++++++++++++++++++++++
 7 files changed, 144 insertions(+), 25 deletions(-)
 create mode 100644 tests/search-paths.scm

diff --git a/Makefile.am b/Makefile.am
index 3e147df2e..dd9069ea7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,5 +1,5 @@
 # GNU Guix --- Functional package management for GNU
-# Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo <at> gnu.org>
+# Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo <at> gnu.org>
 # Copyright © 2013 Andreas Enge <andreas <at> enge.fr>
 # Copyright © 2015 Alex Kost <alezost <at> gmail.com>
 # Copyright © 2016 Mathieu Lirzin <mthl <at> gnu.org>
@@ -272,6 +272,7 @@ SCM_TESTS =					\
   tests/nar.scm					\
   tests/union.scm				\
   tests/profiles.scm				\
+  tests/search-paths.scm			\
   tests/syscalls.scm				\
   tests/gremlin.scm				\
   tests/bournish.scm				\
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 7918b90ca..bf1842010 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013 Nikita Karetnikov <nikita <at> karetnikov.org>
 ;;; Copyright © 2013 Cyril Roelandt <tipecaml <at> gmail.com>
-;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;; Copyright © 2013, 2014 Andreas Enge <andreas <at> enge.fr>
 ;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl <at> gnu.org>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw <at> netris.org>
@@ -297,10 +297,10 @@ as well as the classic centralized workflow.")
    (native-search-paths
     ;; For HTTPS access, Git needs a single-file certificate bundle, specified
     ;; with $GIT_SSL_CAINFO.
-    ;; FIXME: This variable designates a single file; it is not a search path.
     (list (search-path-specification
            (variable "GIT_SSL_CAINFO")
            (file-type 'regular)
+           (separator #f)                         ;single entry
            (files '("etc/ssl/certs/ca-certificates.crt")))))
 
    (synopsis "Distributed version control system")
diff --git a/guix/build/profiles.scm b/guix/build/profiles.scm
index 6e316d5d2..42eabfaf1 100644
--- a/guix/build/profiles.scm
+++ b/guix/build/profiles.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2015, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -39,17 +39,21 @@
 'GUIX_PROFILE' environment variable.  This allows users to specify what the
 user-friendly name of the profile is, for instance ~/.guix-profile rather than
 /gnu/store/...-profile."
-  (let ((replacement (string-append "${GUIX_PROFILE:-" profile "}")))
+  (let ((replacement (string-append "${GUIX_PROFILE:-" profile "}"))
+        (crop        (cute string-drop <> (string-length profile))))
     (match-lambda
       ((search-path . value)
-       (let* ((separator (search-path-specification-separator search-path))
-              (items     (string-tokenize* value separator))
-              (crop      (cute string-drop <> (string-length profile))))
-         (cons search-path
-               (string-join (map (lambda (str)
-                                   (string-append replacement (crop str)))
-                                 items)
-                            separator)))))))
+       (match (search-path-specification-separator search-path)
+         (#f
+          (cons search-path
+                (string-append replacement (crop value))))
+         ((? string? separator)
+          (let ((items (string-tokenize* value separator)))
+            (cons search-path
+                  (string-join (map (lambda (str)
+                                      (string-append replacement (crop str)))
+                                    items)
+                               separator)))))))))
 
 (define (write-environment-variable-definition port)
   "Write the given environment variable definition to PORT."
diff --git a/guix/build/utils.scm b/guix/build/utils.scm
index bc6f11415..cf0932639 100644
--- a/guix/build/utils.scm
+++ b/guix/build/utils.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;; Copyright © 2013 Andreas Enge <andreas <at> enge.fr>
 ;;; Copyright © 2013 Nikita Karetnikov <nikita <at> karetnikov.org>
 ;;; Copyright © 2015 Mark H Weaver <mhw <at> netris.org>
@@ -400,10 +400,17 @@ for under the directories designated by FILES.  For example:
               (delete-duplicates input-dirs)))
 
 (define (list->search-path-as-string lst separator)
-  (string-join lst separator))
+  (if separator
+      (string-join lst separator)
+      (match lst
+        ((head rest ...) head)
+        (() ""))))
 
 (define* (search-path-as-string->list path #:optional (separator #\:))
-  (string-tokenize path (char-set-complement (char-set separator))))
+  (if separator
+      (string-tokenize path
+                       (char-set-complement (char-set separator)))
+      (list path)))
 
 (define* (set-path-environment-variable env-var files input-dirs
                                         #:key
diff --git a/guix/search-paths.scm b/guix/search-paths.scm
index 7a6fe6795..4bf0e4438 100644
--- a/guix/search-paths.scm
+++ b/guix/search-paths.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -55,7 +55,7 @@
   search-path-specification?
   (variable     search-path-specification-variable) ;string
   (files        search-path-specification-files)    ;list of strings
-  (separator    search-path-specification-separator ;string
+  (separator    search-path-specification-separator ;string | #f
                 (default ":"))
   (file-type    search-path-specification-file-type ;symbol
                 (default 'directory))
@@ -131,11 +131,23 @@ like `string-tokenize', but SEPARATOR is a string."
 DIRECTORIES, a list of directory names, and return a list of
 specification/value pairs.  Use GETENV to determine the current settings and
 report only settings not already effective."
-  (define search-path-definition
-    (match-lambda
-      ((and spec
-            ($ <search-path-specification> variable files separator
-                                           type pattern))
+  (define (search-path-definition spec)
+    (match spec
+      (($ <search-path-specification> variable files #f type pattern)
+       ;; Separator is #f so return the first match.
+       (match (with-null-error-port
+               (search-path-as-list files directories
+                                    #:type type
+                                    #:pattern pattern))
+         (()
+          #f)
+         ((head . _)
+          (let ((value (getenv variable)))
+            (if (and value (string=? value head))
+                #f                         ;VARIABLE already set appropriately
+                (cons spec head))))))
+      (($ <search-path-specification> variable files separator
+                                      type pattern)
        (let* ((values (or (and=> (getenv variable)
                                  (cut string-tokenize* <> separator))
                           '()))
@@ -164,7 +176,7 @@ current value), or 'suffix (return the definition where VALUE is added as a
 suffix to VARIABLE's current value.)  In the case of 'prefix and 'suffix,
 SEPARATOR is used as the separator between VARIABLE's current value and its
 prefix/suffix."
-  (match kind
+  (match (if (not separator) 'exact kind)
     ('exact
      (format #f "export ~a=\"~a\"" variable value))
     ('prefix
diff --git a/tests/packages.scm b/tests/packages.scm
index 247f75cc4..962f120ea 100644
--- a/tests/packages.scm
+++ b/tests/packages.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo <at> gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -42,6 +42,7 @@
   #:use-module (gnu packages base)
   #:use-module (gnu packages guile)
   #:use-module (gnu packages bootstrap)
+  #:use-module (gnu packages version-control)
   #:use-module (gnu packages xml)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
@@ -979,6 +980,52 @@
                       (guix-package "-p" (derivation->output-path prof)
                                     "--search-paths"))))))
 
+(test-assert "--search-paths with single-item search path"
+  ;; Make sure 'guix package --search-paths' correctly reports environment
+  ;; variables for things like 'GIT_SSL_CAINFO' that have #f as their
+  ;; separator, meaning that the first match wins.
+  (let* ((p1 (dummy-package "foo"
+               (build-system trivial-build-system)
+               (arguments
+                `(#:guile ,%bootstrap-guile
+                  #:modules ((guix build utils))
+                  #:builder (begin
+                              (use-modules (guix build utils))
+                              (let ((out (assoc-ref %outputs "out")))
+                                (mkdir-p (string-append out "/etc/ssl/certs"))
+                                (call-with-output-file
+                                    (string-append
+                                     out "/etc/ssl/certs/ca-certificates.crt")
+                                  (const #t))))))))
+         (p2 (package (inherit p1) (name "bar")))
+         (p3 (dummy-package "git"
+               ;; Provide a fake Git to avoid building the real one.
+               (build-system trivial-build-system)
+               (arguments
+                `(#:guile ,%bootstrap-guile
+                  #:builder (mkdir (assoc-ref %outputs "out"))))
+               (native-search-paths (package-native-search-paths git))))
+         (prof1 (run-with-store %store
+                  (profile-derivation
+                   (packages->manifest (list p1 p3))
+                   #:hooks '()
+                   #:locales? #f)
+                  #:guile-for-build (%guile-for-build)))
+         (prof2 (run-with-store %store
+                  (profile-derivation
+                   (packages->manifest (list p2 p3))
+                   #:hooks '()
+                   #:locales? #f)
+                  #:guile-for-build (%guile-for-build))))
+    (build-derivations %store (list prof1 prof2))
+    (string-match (format #f "^export GIT_SSL_CAINFO=\"~a/etc/ssl/certs/ca-certificates.crt"
+                          (regexp-quote (derivation->output-path prof1)))
+                  (with-output-to-string
+                    (lambda ()
+                      (guix-package "-p" (derivation->output-path prof1)
+                                    "-p" (derivation->output-path prof2)
+                                    "--search-paths"))))))
+
 (test-equal "specification->package when not found"
   'quit
   (catch 'quit
diff --git a/tests/search-paths.scm b/tests/search-paths.scm
new file mode 100644
index 000000000..2a4c18dd7
--- /dev/null
+++ b/tests/search-paths.scm
@@ -0,0 +1,48 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2017 Ludovic Courtès <ludo <at> gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (test-search-paths)
+  #:use-module (guix search-paths)
+  #:use-module (ice-9 match)
+  #:use-module (srfi srfi-64))
+
+(define %top-srcdir
+  (dirname (search-path %load-path "guix.scm")))
+
+
+(test-begin "search-paths")
+
+(test-equal "evaluate-search-paths, separator is #f"
+  (string-append %top-srcdir
+                 "/gnu/packages/bootstrap/armhf-linux")
+
+  ;; The following search path spec should evaluate to a single item: the
+  ;; first directory that matches the "-linux$" pattern in
+  ;; gnu/packages/bootstrap.
+  (let ((spec (search-path-specification
+               (variable "CHBOUIB")
+               (files '("gnu/packages/bootstrap"))
+               (file-type 'directory)
+               (separator #f)
+               (file-pattern "-linux$"))))
+    (match (evaluate-search-paths (list spec)
+                                  (list %top-srcdir))
+      (((spec* . value))
+       (and (eq? spec* spec) value)))))
+
+(test-end "search-paths")
-- 
2.11.0





Added tag(s) patch. Request was from ludo <at> gnu.org (Ludovic Courtès) to control <at> debbugs.gnu.org. (Sun, 22 Jan 2017 21:58:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Mon, 23 Jan 2017 13:02:02 GMT) Full text and rfc822 format available.

Message #25 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: [PATCH 0/2] Support single-entry search paths
Date: Mon, 23 Jan 2017 14:00:58 +0100
Ludovic Courtès <ludo <at> gnu.org> writes:

> Hi!
>
> These patches for ‘core-updates’ add support for “single-entry” search
> paths like ‘GIT_SSL_CAINFO’.  This is achieved by setting ‘separator’ to
> #f in the search path spec.
>
> Feedback welcome!

This looks good and will be useful for the Lua search path as well.

~~ Ricardo




Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Mon, 23 Jan 2017 13:59:02 GMT) Full text and rfc822 format available.

Message #28 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Mekeor Melire <mekeor.melire <at> gmail.com>
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Mon, 23 Jan 2017 14:57:52 +0100
Mekeor Melire <mekeor.melire <at> gmail.com> skribis:

> Adding an option to `search-path-specification' seems like a good idea.
> Still, I wonder what this snippet from (gnu system) does:
>
>     (define (operating-system-environment-variables os)
>       "Return the environment variables of OS for
>     @var{session-environment-service-type}, to be used in @file{/etc/environment}."
>       `(("LANG" . ,(operating-system-locale os))
>         ("TZ" . ,(operating-system-timezone os))
>         ("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
>         ;; Tell 'modprobe' & co. where to look for modules.
>         ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
>         ;; These variables are honored by OpenSSL (libssl) and Git.
>         ("SSL_CERT_DIR" . "/etc/ssl/certs")
>         ("SSL_CERT_FILE" . "/etc/ssl/certs/ca-certificates.crt")
>         ("GIT_SSL_CAINFO" . "/etc/ssl/certs/ca-certificates.crt")

It defines the content of /etc/environment.

Ludo’.




Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Mon, 23 Jan 2017 22:04:01 GMT) Full text and rfc822 format available.

Message #31 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de>
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: [PATCH 0/2] Support single-entry search paths
Date: Mon, 23 Jan 2017 23:02:54 +0100
Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de> skribis:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> Hi!
>>
>> These patches for ‘core-updates’ add support for “single-entry” search
>> paths like ‘GIT_SSL_CAINFO’.  This is achieved by setting ‘separator’ to
>> #f in the search path spec.
>>
>> Feedback welcome!
>
> This looks good and will be useful for the Lua search path as well.

Thanks for your feedback.  I’ve pushed it as
fcd75bdbfa99d14363b905afbf914eec20e69df8.

Ludo’.




Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Fri, 10 Feb 2017 16:23:01 GMT) Full text and rfc822 format available.

Message #34 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: Mekeor Melire <mekeor.melire <at> gmail.com>
To: ludo <at> gnu.org (Ludovic Courtès)
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Fri, 10 Feb 2017 17:22:01 +0100
> > Adding an option to `search-path-specification' seems like a good idea.
> > Still, I wonder what this snippet from (gnu system) does:
> >
> >     (define (operating-system-environment-variables os)
> >       "Return the environment variables of OS for
> >     @var{session-environment-service-type}, to be used in @file{/etc/environment}."
> >       `(("LANG" . ,(operating-system-locale os))
> >         ("TZ" . ,(operating-system-timezone os))
> >         ("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
> >         ;; Tell 'modprobe' & co. where to look for modules.
> >         ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
> >         ;; These variables are honored by OpenSSL (libssl) and Git.
> >         ("SSL_CERT_DIR" . "/etc/ssl/certs")
> >         ("SSL_CERT_FILE" . "/etc/ssl/certs/ca-certificates.crt")
> >         ("GIT_SSL_CAINFO" . "/etc/ssl/certs/ca-certificates.crt")  
> 
> It defines the content of /etc/environment.

Is there any reason why GIT_SSL_CAINFO has to be set without Git being installed?

I mean, I think the variable just shouldn't be set in /etc/environment by default. It should be set as soon as Git is installed, IMHO.




Information forwarded to bug-guix <at> gnu.org:
bug#25422; Package guix. (Fri, 10 Feb 2017 20:53:01 GMT) Full text and rfc822 format available.

Message #37 received at 25422 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Mekeor Melire <mekeor.melire <at> gmail.com>
Cc: 25422 <at> debbugs.gnu.org
Subject: Re: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Fri, 10 Feb 2017 21:51:57 +0100
Mekeor Melire <mekeor.melire <at> gmail.com> skribis:

>> > Adding an option to `search-path-specification' seems like a good idea.
>> > Still, I wonder what this snippet from (gnu system) does:
>> >
>> >     (define (operating-system-environment-variables os)
>> >       "Return the environment variables of OS for
>> >     @var{session-environment-service-type}, to be used in @file{/etc/environment}."
>> >       `(("LANG" . ,(operating-system-locale os))
>> >         ("TZ" . ,(operating-system-timezone os))
>> >         ("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
>> >         ;; Tell 'modprobe' & co. where to look for modules.
>> >         ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
>> >         ;; These variables are honored by OpenSSL (libssl) and Git.
>> >         ("SSL_CERT_DIR" . "/etc/ssl/certs")
>> >         ("SSL_CERT_FILE" . "/etc/ssl/certs/ca-certificates.crt")
>> >         ("GIT_SSL_CAINFO" . "/etc/ssl/certs/ca-certificates.crt")  
>> 
>> It defines the content of /etc/environment.
>
> Is there any reason why GIT_SSL_CAINFO has to be set without Git being installed?
>
> I mean, I think the variable just shouldn't be set in /etc/environment by default. It should be set as soon as Git is installed, IMHO.

You are right in principle.

This variable was added in 78ab0746a5, and I think the justification was
convenience and to have things that work out of the box:

  https://lists.gnu.org/archive/html/guix-devel/2015-03/msg00128.html

That’s also an important property.  :-)

Ludo’.




Reply sent to ludo <at> gnu.org (Ludovic Courtès):
You have taken responsibility. (Sun, 02 Apr 2017 22:23:02 GMT) Full text and rfc822 format available.

Notification sent to Leo Famulari <leo <at> famulari.name>:
bug acknowledged by developer. (Sun, 02 Apr 2017 22:23:02 GMT) Full text and rfc822 format available.

Message #42 received at 25422-done <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de>
Cc: 25422-done <at> debbugs.gnu.org
Subject: Re: bug#25422: [PATCH 0/2] Support single-entry search paths
Date: Mon, 03 Apr 2017 00:22:13 +0200
ludo <at> gnu.org (Ludovic Courtès) skribis:

> Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de> skribis:
>
>> Ludovic Courtès <ludo <at> gnu.org> writes:
>>
>>> Hi!
>>>
>>> These patches for ‘core-updates’ add support for “single-entry” search
>>> paths like ‘GIT_SSL_CAINFO’.  This is achieved by setting ‘separator’ to
>>> #f in the search path spec.
>>>
>>> Feedback welcome!
>>
>> This looks good and will be useful for the Lua search path as well.
>
> Thanks for your feedback.  I’ve pushed it as
> fcd75bdbfa99d14363b905afbf914eec20e69df8.

Now merged in master!

Ludo’.




bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Mon, 01 May 2017 11:24:04 GMT) Full text and rfc822 format available.

This bug report was last modified 6 years and 333 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.