(address . guix-patches@gnu.org)
Apparently, during grafting, Guix can somehow mangle compiled
Racket CS files (.zo) such that Racket will refuse to load them.
(Maybe it has something to do with compression?)
So, we stop patching Racket sources with absolute paths to store
files (i.e. for foreign libraries to dlopen).
Instead, we put them in a data file that doesn't get compiled or,
in one case, embed it in C.
* gnu/packages/patches/racket-sh-via-rktio.patch: New file.
Adds a special case at the C level, controlled by a preprocessor macro,
to handle attempts to execute "/bin/sh".
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/scheme.scm (racket)[source](patches): Apply it.
(racket)[arguments](#:configure-flags): Add the CPP flag to enable it.
(racket)[arguments](#:modules): Use srfi-1.
(racket)[arguments](#:phases): Remove 'patch-/bin/sh and 'pre-configure.
Change 'pre-configure-minimal to just change directory.
Add 'patch-config.rktd-lib-search-dirs after 'build and before 'install
to configure Racket's "lib-search-dirs".
(racket, racket-minimal)[inputs]: Add bash-minimal as an explicit input.
(racket-minimal)[source]: Adjust to inherit patches from racket.
---
gnu/local.mk | 2 +
.../patches/racket-sh-via-rktio.patch | 91 +++++++++
gnu/packages/scheme.scm | 190 ++++++++----------
3 files changed, 179 insertions(+), 104 deletions(-)
create mode 100644 gnu/packages/patches/racket-sh-via-rktio.patch
Toggle diff (354 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index cf8849cf59..51dcf4e6e6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -40,6 +40,7 @@
# Copyright © 2020 Malte Frank Gerdes <mate.f.gerdes@gmail.com>
# Copyright © 2020 Vinicius Monego <monego@posteo.net>
# Copyright © 2021 Björn Höfling <bjoern.hoefling@bjoernhoefling.de>
+# Copyright © 2021 Philip McGrath <philip@philipmcgrath.com>
#
# This file is part of GNU Guix.
#
@@ -1629,6 +1630,7 @@ dist_patch_DATA = \
%D%/packages/patches/ripperx-missing-file.patch \
%D%/packages/patches/rpcbind-CVE-2017-8779.patch \
%D%/packages/patches/rtags-separate-rct.patch \
+ %D%/packages/patches/racket-sh-via-rktio.patch \
%D%/packages/patches/racket-store-checksum-override.patch \
%D%/packages/patches/remake-impure-dirs.patch \
%D%/packages/patches/retroarch-LIBRETRO_DIRECTORY.patch \
diff --git a/gnu/packages/patches/racket-sh-via-rktio.patch b/gnu/packages/patches/racket-sh-via-rktio.patch
new file mode 100644
index 0000000000..870e8eb5f2
--- /dev/null
+++ b/gnu/packages/patches/racket-sh-via-rktio.patch
@@ -0,0 +1,91 @@
+From 34fd01842d5211e73260721b7a516487e982497c Mon Sep 17 00:00:00 2001
+From: Philip McGrath <philip@philipmcgrath.com>
+Date: Thu, 4 Mar 2021 04:11:50 -0500
+Subject: [PATCH] patch rktio_process for "/bin/sh" on Guix
+
+Racket provides the functions `system` and `process`,
+which execute shell commands using `sh` (or `cmd` on Windows).
+Racket assumes that `sh` can be found at "/bin/sh",
+which is not necessarily true on Guix.
+
+This patch adds a special case for "/bin/sh" to `rktio_process`,
+the C function that implements the core of `system`, `process`,
+and related Racket functions.
+
+Guix should enable the special case by defining the C preprocessor
+macro `GUIX_RKTIO_PATCH_BIN_SH` with the path to `sh` in the store.
+If:
+
+ 1. The `GUIX_RKTIO_PATCH_BIN_SH` macro is defined; and
+
+ 2. `rktio_process` is called with the exact path "/bin/sh"; and
+
+ 3. "/bin/sh" does not exist (if it does, we don't want to change
+ the expected behavior); and
+
+ 4. The path specified by `GUIX_RKTIO_PATCH_BIN_SH` does exists;
+
+then `rktio_process` will execute the file specified
+by `GUIX_RKTIO_PATCH_BIN_SH` instead of "/bin/sh".
+
+Compared to previous attempts to patch the Racket sources,
+making this change at the C level is both:
+
+ - More comprehensive: it catches all attempts to execute "/bin/sh",
+ without having to track down the source of every occurance; and
+
+ - Less intrusive: by guarding the special case with a C preprocessor
+ conditional and a runtime check that the file in the store exists,
+ we make it much less likely that it will "leak" out of Guix.
+---
+ src/rktio/rktio_process.c | 22 +++++++++++++++++++++-
+ 1 file changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/src/rktio/rktio_process.c b/src/rktio/rktio_process.c
+index 89202436c0..ff65a434e2 100644
+--- a/src/rktio/rktio_process.c
++++ b/src/rktio/rktio_process.c
+@@ -1224,12 +1224,14 @@ int rktio_process_allowed_flags(rktio_t *rktio)
+ /*========================================================================*/
+
+ rktio_process_result_t *rktio_process(rktio_t *rktio,
+- const char *command, int argc, rktio_const_string_t *argv,
++ /* PATCHED for Guix (next line) */
++ const char *_guix_orig_command, int argc, rktio_const_string_t *argv,
+ rktio_fd_t *stdout_fd, rktio_fd_t *stdin_fd, rktio_fd_t *stderr_fd,
+ rktio_process_t *group_proc,
+ const char *current_directory, rktio_envvars_t *envvars,
+ int flags)
+ {
++ const char *command; /* PATCHED for Guix */
+ rktio_process_result_t *result;
+ intptr_t to_subprocess[2], from_subprocess[2], err_subprocess[2];
+ int pid;
+@@ -1255,6 +1257,24 @@ rktio_process_result_t *rktio_process(rktio_t *rktio,
+ int i;
+ #endif
+
++/* BEGIN PATCH for Guix */
++#if defined(GUIX_RKTIO_PATCH_BIN_SH)
++# define GUIX_AS_a_STR_HELPER(x) #x
++# define GUIX_AS_a_STR(x) GUIX_AS_a_STR_HELPER(x)
++ /* A level of indirection makes `#` work as needed: */
++ command =
++ ((0 == strcmp(_guix_orig_command, "/bin/sh"))
++ && (! rktio_file_exists(rktio, "/bin/sh"))
++ && rktio_file_exists(rktio, GUIX_AS_a_STR(GUIX_RKTIO_PATCH_BIN_SH)))
++ ? GUIX_AS_a_STR(GUIX_RKTIO_PATCH_BIN_SH)
++ : _guix_orig_command;
++# undef GUIX_AS_a_STR
++# undef GUIX_AS_a_STR_HELPER
++#else
++ command = _guix_orig_command;
++#endif
++/* END PATCH for Guix */
++
+ /* avoid compiler warnings: */
+ to_subprocess[0] = -1;
+ to_subprocess[1] = -1;
+--
+2.25.1
+
diff --git a/gnu/packages/scheme.scm b/gnu/packages/scheme.scm
index 10be0aa28a..8656fef1ab 100644
--- a/gnu/packages/scheme.scm
+++ b/gnu/packages/scheme.scm
@@ -43,6 +43,7 @@
#:use-module (guix build-system trivial)
#:use-module (gnu packages autotools)
#:use-module (gnu packages bdw-gc)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages compression)
#:use-module (gnu packages databases)
#:use-module (gnu packages libevent)
@@ -411,94 +412,26 @@ implementation techniques and as an expository tool.")
(base32
"047wpjblfzmf1msz7snrp2c2h0zxyzlmbsqr9bwsyvz3frcg0888"))
(patches (search-patches
+ "racket-sh-via-rktio.patch"
+ ;; TODO: If we're no longer patching Racket source
+ ;; files with store paths, we may also fix the
+ ;; issue that necessitated the following patch:
"racket-store-checksum-override.patch"))))
(build-system gnu-build-system)
(arguments
- '(#:configure-flags
- '("--enable-libz"
+ `(#:configure-flags
+ `(,(string-append "CPPFLAGS=-DGUIX_RKTIO_PATCH_BIN_SH="
+ (assoc-ref %build-inputs "sh")
+ "/bin/sh")
+ "--enable-libz"
"--enable-liblz4")
+ #:modules
+ ((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-1))
#:phases
(modify-phases %standard-phases
- (add-before 'configure 'pre-configure-minimal
- (lambda* (#:key inputs #:allow-other-keys)
- ;; Patch dynamically loaded libraries with their absolute paths.
- (let* ((library-path (search-path-as-string->list
- (getenv "LIBRARY_PATH")))
- (find-so (lambda (soname)
- (search-path
- library-path
- (format #f "~a.so" soname)))))
- (substitute* "collects/db/private/sqlite3/ffi.rkt"
- (("ffi-lib sqlite-so")
- (format #f "ffi-lib \"~a\"" (find-so "libsqlite3"))))
- (substitute* "collects/openssl/libssl.rkt"
- (("ffi-lib libssl-so")
- (format #f "ffi-lib \"~a\"" (find-so "libssl"))))
- (substitute* "collects/openssl/libcrypto.rkt"
- (("ffi-lib libcrypto-so")
- (format #f "ffi-lib \"~a\"" (find-so "libcrypto")))))
- (chdir "src")
- #t))
- (add-before 'pre-configure-minimal 'pre-configure
- (lambda* (#:key inputs #:allow-other-keys)
- ;; Patch dynamically loaded libraries with their absolute paths.
- (let* ((library-path (search-path-as-string->list
- (getenv "LIBRARY_PATH")))
- (find-so (lambda (soname)
- (search-path
- library-path
- (format #f "~a.so" soname))))
- (patch-ffi-libs (lambda (file libs)
- (for-each
- (lambda (lib)
- (substitute* file
- (((format #f "\"~a\"" lib))
- (format #f "\"~a\"" (find-so lib)))))
- libs))))
- (substitute* "share/pkgs/math-lib/math/private/bigfloat/gmp.rkt"
- (("ffi-lib libgmp-so")
- (format #f "ffi-lib \"~a\"" (find-so "libgmp"))))
- (substitute* "share/pkgs/math-lib/math/private/bigfloat/mpfr.rkt"
- (("ffi-lib libmpfr-so")
- (format #f "ffi-lib \"~a\"" (find-so "libmpfr"))))
- (substitute* "share/pkgs/readline-lib/readline/rktrl.rkt"
- (("\\(getenv \"PLT_READLINE_LIB\"\\)")
- (format #f "\"~a\"" (find-so "libedit"))))
- (for-each
- (lambda (x) (apply patch-ffi-libs x))
- '(("share/pkgs/draw-lib/racket/draw/unsafe/cairo-lib.rkt"
- ("libfontconfig" "libcairo"))
- ("share/pkgs/draw-lib/racket/draw/unsafe/glib.rkt"
- ("libglib-2.0" "libgmodule-2.0" "libgobject-2.0"))
- ("share/pkgs/draw-lib/racket/draw/unsafe/jpeg.rkt"
- ("libjpeg"))
- ("share/pkgs/draw-lib/racket/draw/unsafe/pango.rkt"
- ("libpango-1.0" "libpangocairo-1.0"))
- ("share/pkgs/draw-lib/racket/draw/unsafe/png.rkt"
- ("libpng"))
- ("share/pkgs/db-lib/db/private/odbc/ffi.rkt"
- ("libodbc"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/x11.rkt"
- ("libX11"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/gsettings.rkt"
- ("libgio-2.0"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/gtk3.rkt"
- ("libgdk-3" "libgtk-3"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/unique.rkt"
- ("libunique-1.0"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/utils.rkt"
- ("libgdk-x11-2.0" "libgdk_pixbuf-2.0" "libgtk-x11-2.0"))
- ("share/pkgs/gui-lib/mred/private/wx/gtk/gl-context.rkt"
- ("libGL"))
- ("share/pkgs/sgl/gl.rkt"
- ("libGL" "libGLU")))))
- #t))
- (add-after 'unpack 'patch-/bin/sh
- (lambda _
- (substitute* "collects/racket/system.rkt"
- (("/bin/sh") (which "sh")))
- #t))
- (add-after 'patch-/bin/sh 'patch-chez-configure
+ (add-after 'unpack 'patch-chez-configure
(lambda* (#:key inputs outputs #:allow-other-keys)
(substitute* "src/cs/c/Makefile.in"
(("/bin/sh") (which "sh")))
@@ -526,12 +459,69 @@ implementation techniques and as an expository tool.")
(("/bin/cp") (which "cp"))
(("/bin/echo") (which "echo")))
(substitute* "makefiles/installsh"
- (("/bin/true") (which "true")))))))
+ (("/bin/true") (which "true"))))
+ #t))
+ (add-before 'configure 'pre-configure-minimal
+ (lambda* (#:key inputs #:allow-other-keys)
+ (chdir "src")
+ #t))
+ (add-after 'build 'patch-config.rktd-lib-search-dirs
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ ;; We do this between the `build` and `install` phases
+ ;; so that we have racket to read and write the hash table,
+ ;; but it comes before `raco setup`, when foreign libraries
+ ;; are needed to build the documentation.
+ (define out (assoc-ref outputs "out"))
+ (apply invoke
+ "./cs/c/racketcs"
+ "-e"
+ ,(format #f
+ "~s"
+ '(let* ((args
+ (vector->list
+ (current-command-line-arguments)))
+ (file (car args))
+ (extra-lib-search-dirs (cdr args)))
+ (write-to-file
+ (hash-update
+ (file->value file)
+ 'lib-search-dirs
+ (lambda (dirs)
+ (append dirs extra-lib-search-dirs))
+ null)
+ #:exists 'truncate/replace
+ file)))
+ "--"
+ "../etc/config.rktd"
+ (filter-map (lambda (lib)
+ (cond
+ ((assoc-ref inputs lib)
+ => (lambda (pth)
+ (string-append pth "/lib")))
+ (else
+ #f)))
+ '("cairo"
+ "fontconfig"
+ "glib"
+ "glu"
+ "gmp"
+ "gtk+"
+ "libjpeg"
+ "libpng"
+ "libx11"
+ "mesa"
+ "mpfr"
+ "openssl"
+ "pango"
+ "sqlite"
+ "unixodbc"
+ "libedit")))
+ #t)))
;; XXX: how to run them?
#:tests? #f))
(inputs
- `(;; Hardcode dynamically loaded libraries for better functionality.
- ;; sqlite and libraries for `racket/draw' are needed to build the doc.
+ `(;; sqlite and libraries for `racket/draw' are needed to build the doc.
+ ("sh" ,bash-minimal)
("zlib" ,zlib)
("zlib:static" ,zlib "static")
("lz4" ,lz4)
@@ -571,29 +561,21 @@ of languages such as Typed Racket, R5RS and R6RS Scheme, and Datalog.")
(inherit racket)
(name "racket-minimal")
(version (package-version racket))
- (source (origin
- (method url-fetch)
- (uri (list (string-append "https://mirror.racket-lang.org/installers/"
- version "/racket-minimal-src.tgz")
- ;; this mirror seems to have broken HTTPS:
- (string-append
- "http://mirror.informatik.uni-tuebingen.de/mirror/racket/"
- version "/racket-minimal-src.tgz")))
- (sha256
- (base32
- "0mwyffw4gcci8wmzxa3j28h03h0gsz55aard8qrk3lri8r2xyg21"))
- (patches (search-patches
- "racket-store-checksum-override.patch"))))
+ (source
+ (origin
+ (inherit (package-source racket))
+ (uri (list (string-append "https://mirror.racket-lang.org/installers/"
+ version "/racket-minimal-src.tgz")
+ ;; this mirror seems to have broken HTTPS:
+ (string-append
+ "http://mirror.informatik.uni-tuebingen.de/mirror/racket/"
+ version "/racket-minimal-src.tgz")))
+ (sha256 "0mwyffw4gcci8wmzxa3j28h03h0gsz55aard8qrk3lri8r2xyg21")))
(synopsis "Racket without bundled packages such as Dr. Racket")
- (arguments
- (substitute-keyword-arguments (package-arguments racket)
- ((#:phases phases)
- `(modify-phases ,phases
- ;; Delete fix that applies to files not included in the minimal package.
- (delete 'pre-configure)))))
(inputs
`(("openssl" ,openssl)
("sqlite" ,sqlite)
+ ("sh" ,bash-minimal)
("zlib" ,zlib)
("zlib:static" ,zlib "static")
("lz4" ,lz4)
--
2.21.1 (Apple Git-122.3)