Allowing system-wide package replacements with 'guix system'

  • Open
  • quality assurance status badge
Details
2 participants
  • Ludovic Courtès
  • Rutger Helling
Owner
unassigned
Submitted by
Rutger Helling
Severity
normal
R
R
Rutger Helling wrote on 31 May 2018 16:44
'guix system' enhancements
(address . bug-guix@gnu.org)
20180531164438.1e7a6976@mykolab.com
Hi Guix,

This isn't really a bug, but I noticed that 'guix system' right now cannot use certain common build
options like 'with-input'. I don't know how hard it would be to add
that, because I think it could be pretty useful for something like the
following for example:

guix system reconfigure --with-input=openssl=libressl system.scm

WDYT?
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEAVThuRzJ2e93ZI3n86cn20T8yjYFAlsQClYACgkQ86cn20T8
yjYgkQf+MiPomwMgqRVgv6nMn+rNDMDq8EQnIEedyRC6FBU79iV7cz1hPP2kckFr
jbTL9tbwLSvXW1Yc6vkO6PPXe2+qh+/s6tzcx0HcP8DwKc5T9n5mfOq0JblWDoO6
pM1uu7AvO1UPXJMVQltE5nZHyCbbpdcRo2WNprGpe9N+kvDaxN105fFulEHJqOoU
vrQOmH7q2HPCVJ7Q5FNoPfyEqdBZzfNEB/A7iqsu2/12h8eQNDaF+p4f/my9tMRX
kyGBbSQM3TXbYzckx8xiBud8GhdnO+LK9nT6j3heDYzk80UQDkDIx6uUZNz1xOWd
M3vuG1Lrge/vFJDB02fD0F2kk+cx/g==
=v+jS
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 1 Jun 2018 14:58
(name . Rutger Helling)(address . rhelling@mykolab.com)(address . 31669@debbugs.gnu.org)
87bmcuackk.fsf@gnu.org
Hello,

Rutger Helling <rhelling@mykolab.com> skribis:

Toggle quote (7 lines)
> This isn't really a bug, but I noticed that 'guix system' right now cannot use certain common build
> options like 'with-input'. I don't know how hard it would be to add
> that, because I think it could be pretty useful for something like the
> following for example:
>
> guix system reconfigure --with-input=openssl=libressl system.scm

Note that ‘--with-input’ & co. are *package* transformation options, so
the question is which packages we’d apply them to.

We could take those options as applying to all the packages in the
global profile, but it may not be exactly what people would expect
because it would not apply to packages used by Shepherd services.

WDYT?

Ludo’.
R
R
Rutger Helling wrote on 1 Jun 2018 16:40
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 31669@debbugs.gnu.org)
20180601164052.584cbd4d@mykolab.com
Hi Ludo,

That might cause confusion like you said, so I'm not sure if that would
be an improvement.

I guess I was wondering whether there was an easy way to do something
like build your entire system with a newer Mesa, or use LibreSSL
instead of OpenSSL as mentioned. Of course you could change your own
git checkout, but that's not as elegant as '--with-input/--with-graft'
etc.

Another option would be to make your own transformed packages and add
those as services instead of the regular versions. Unfortunately a lot
of services right now don't have that option (OpenSSH for example).
Plus you're pretty liable to make a mistake that way.

On Fri, 01 Jun 2018 14:58:03 +0200
ludo@gnu.org (Ludovic Courtès) wrote:

Toggle quote (21 lines)
> Hello,
>
> Rutger Helling <rhelling@mykolab.com> skribis:
>
> > This isn't really a bug, but I noticed that 'guix system' right now
> > cannot use certain common build options like 'with-input'. I don't
> > know how hard it would be to add that, because I think it could be
> > pretty useful for something like the following for example:
> >
> > guix system reconfigure --with-input=openssl=libressl system.scm
>
> Note that ‘--with-input’ & co. are *package* transformation options,
> so the question is which packages we’d apply them to.
>
> We could take those options as applying to all the packages in the
> global profile, but it may not be exactly what people would expect
> because it would not apply to packages used by Shepherd services.
>
> WDYT?
>
> Ludo’.
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEAVThuRzJ2e93ZI3n86cn20T8yjYFAlsRWvUACgkQ86cn20T8
yjaR8wf+P+LR0wF5iWr4qx7hP7n8Y6DhfLE//l3uhMX05RSGyh39rU4KSsZxpnOU
NDr5LpS18m72jiHVhRJaNct8+z3dj3wpxi02l/7pwjzFx1z0Zn2ARdB0g1oN28fe
b/iIGh0T4Ku+XcVx3fq4zFK1dK4vn5SW4/y+5u/mMcH0vXDY4REM4dYgsRvJCUxV
AzDXJrfnV3j+gXLpNjyljxumW6X63L1d/GJ34P+ni2UjXQt5uTSTkhRPHjUKP15f
feRh5NFYeMszxZHcKwXBxdI+w9U1Vyh2GbemsatS09m+CqsRK2TKXneTFZr7j9fK
469E4ZvQVY2vSNNkAN1GBah6NMuI8w==
=d9rE
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 1 Jun 2018 22:35
(name . Rutger Helling)(address . rhelling@mykolab.com)(address . 31669@debbugs.gnu.org)
874lim8ctt.fsf@gnu.org
Hello,

Rutger Helling <rhelling@mykolab.com> skribis:

Toggle quote (9 lines)
> That might cause confusion like you said, so I'm not sure if that would
> be an improvement.
>
> I guess I was wondering whether there was an easy way to do something
> like build your entire system with a newer Mesa, or use LibreSSL
> instead of OpenSSL as mentioned. Of course you could change your own
> git checkout, but that's not as elegant as '--with-input/--with-graft'
> etc.

Another option would be to operate at the derivation level rather than
at the package level. There’s a currently unused procedure called
‘map-derivation’ which is similar to what ‘--with-input’ does, except
that it’s at the derivation level. Example:

Toggle snippet (18 lines)
scheme@(guile-user)> ,use(guix)
scheme@(guile-user)> ,use(gnu)
scheme@(guile-user)> (getcwd)
$2 = "/home/ludo/src/guix/guix"
scheme@(guile-user)> (define os (load "../gnu/system/examples/bare-bones.tmpl"))
scheme@(guile-user)> ,run-in-store (operating-system-derivation os)
$4 = #<derivation /gnu/store/x0ixll4myzk2s2g0lvq29qr5fx1hsgqi-system.drv => /gnu/store/4igvd1ynxjv3hk8qpf0l9bpb2v157hjf-system 4c209b0>
scheme@(guile-user)> ,use(gnu packages tls)
scheme@(guile-user)> ,run-in-store (package->derivation openssl)
$5 = #<derivation /gnu/store/8d4dim068nky5y8dls3p2nijc79jhhv1-openssl-1.0.2o.drv => /gnu/store/yvy6pj9b3rpb3wr98x0sjlxv5g9p5x5l-openssl-1.0.2o-doc /gnu/store/ggrpw6gh2rnqjwyjf99z8cdw5digc4hb-openssl-1.0.2o /gnu/store/9cdb2xydmm012v81l78jliird4f7dy25-openssl-1.0.2o-static 5594370>
scheme@(guile-user)> ,run-in-store (package->derivation libressl)
substitute: updating list of substitutes from 'https://berlin.guixsd.org'... 100.0%
$6 = #<derivation /gnu/store/2wds8bdyl25iqx63p2vv7fy05rbmq4s5-libressl-2.7.3.drv => /gnu/store/d9askfqx719bv3610kd6s3jqjh5rnfsh-libressl-2.7.3 538b1e0>
scheme@(guile-user)> (define s (open-connection))
scheme@(guile-user)> (map-derivation s $4 `((,$5 . ,$6)))
$7 = #<derivation /gnu/store/g9xxa9fkiaij5i9g8s71b04yswi69cig-system.drv => /gnu/store/x5gyjvmq663jhd1pc1pc5w46hpcghvwd-system 618bf00>

It’s a bit of a sledgehammer and ‘map-derivation’ may be buggy on the
edges, but worth exploring. :-)

HTH,
Ludo’.
R
R
Rutger Helling wrote on 2 Jun 2018 14:29
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 31669@debbugs.gnu.org)
20180602142923.048f3cac@mykolab.com
That's neat! I'll play around with it later, thanks for the tip.

On Fri, 01 Jun 2018 22:35:26 +0200
ludo@gnu.org (Ludovic Courtès) wrote:

Toggle quote (51 lines)
> Hello,
>
> Rutger Helling <rhelling@mykolab.com> skribis:
>
> > That might cause confusion like you said, so I'm not sure if that
> > would be an improvement.
> >
> > I guess I was wondering whether there was an easy way to do
> > something like build your entire system with a newer Mesa, or use
> > LibreSSL instead of OpenSSL as mentioned. Of course you could
> > change your own git checkout, but that's not as elegant as
> > '--with-input/--with-graft' etc.
>
> Another option would be to operate at the derivation level rather than
> at the package level. There’s a currently unused procedure called
> ‘map-derivation’ which is similar to what ‘--with-input’ does, except
> that it’s at the derivation level. Example:
>
> --8<---------------cut here---------------start------------->8---
> scheme@(guile-user)> ,use(guix)
> scheme@(guile-user)> ,use(gnu)
> scheme@(guile-user)> (getcwd)
> $2 = "/home/ludo/src/guix/guix"
> scheme@(guile-user)> (define os (load
> "../gnu/system/examples/bare-bones.tmpl"))
> scheme@(guile-user)> ,run-in-store (operating-system-derivation os)
> $4 =
> #<derivation /gnu/store/x0ixll4myzk2s2g0lvq29qr5fx1hsgqi-system.drv
> => /gnu/store/4igvd1ynxjv3hk8qpf0l9bpb2v157hjf-system 4c209b0>
> scheme@(guile-user)> ,use(gnu packages tls)
> scheme@(guile-user)> ,run-in-store (package->derivation openssl) $5 =
> #<derivation /gnu/store/8d4dim068nky5y8dls3p2nijc79jhhv1-openssl-1.0.2o.drv
> => /gnu/store/yvy6pj9b3rpb3wr98x0sjlxv5g9p5x5l-openssl-1.0.2o-doc /gnu/store/ggrpw6gh2rnqjwyjf99z8cdw5digc4hb-openssl-1.0.2o /gnu/store/9cdb2xydmm012v81l78jliird4f7dy25-openssl-1.0.2o-static
> 5594370> scheme@(guile-user)> ,run-in-store (package->derivation
> 5594370> libressl) substitute: updating list of substitutes from
> 5594370> 'https://berlin.guixsd.org'... 100.0% $6 =
> 5594370> #<derivation /gnu/store/2wds8bdyl25iqx63p2vv7fy05rbmq4s5-libressl-2.7.3.drv
> 5594370> => /gnu/store/d9askfqx719bv3610kd6s3jqjh5rnfsh-libressl-2.7.3
> 5594370> 538b1e0> scheme@(guile-user)> (define s (open-connection))
> 5594370> 538b1e0> scheme@(guile-user)> (map-derivation s $4
> 5594370> 538b1e0> `((,$5 . ,$6)))
> $7 =
> #<derivation /gnu/store/g9xxa9fkiaij5i9g8s71b04yswi69cig-system.drv
> => /gnu/store/x5gyjvmq663jhd1pc1pc5w46hpcghvwd-system 618bf00>
> --8<---------------cut here---------------end--------------->8---
>
> It’s a bit of a sledgehammer and ‘map-derivation’ may be buggy on the
> edges, but worth exploring. :-)
>
> HTH,
> Ludo’.
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEAVThuRzJ2e93ZI3n86cn20T8yjYFAlsSjaMACgkQ86cn20T8
yjYv8Af+Oi/qebWjKLmYU0D44+O4o0e3wOKr54t7v+32e8YBrZ6+eBhRSRpUpI5+
FosYfbhMUEft9t7NK7yO+wLkmxOfoy0Yv/CNyC8an5AzXeKKMf69jvh+u2rw8lGu
/c89IoOW67iHfS5FoEIaoHURBmG98oqi/vzriOStk/t5NLx+eOI8FRMQfMh44TDv
Pt+OYQBjSasunm950tBd5vFDy3QGzMs2pYZ93gsDb6hjkoMmm8XN952NaAoU7Kg5
Z/mG0V/2iDG2XjwJY6GblWUXr/EPRwxO3BlCOybXgJ70ZkAGZh8yXFpwFz3b+CuN
eVZODz44XIaslR3+I+WN5vQBkDkNCw==
=ZowF
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 15 Jun 2018 17:30
control message for bug #31669
(address . control@debbugs.gnu.org)
87sh5orrsm.fsf@gnu.org
retitle 31669 Allowing system-wide package replacements with 'guix system'
?