From d0a2db47fb550d684c47a0ae3b541a9a71727d9e Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Thu, 29 Mar 2018 17:54:53 +0200 Subject: ld-wrapper: Allow linking with non-store libraries by default. This was suggested on several occasions, notably . * gnu/packages/ld-wrapper.in (%allow-impurities?): Default to #t and parse the value of 'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'. * guix/build/gnu-build-system.scm (set-paths): Set 'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'. --- gnu/packages/ld-wrapper.in | 14 +++++++++++++- guix/build/gnu-build-system.scm | 3 +++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in index c1f2038acb..16780c58f6 100644 --- a/gnu/packages/ld-wrapper.in +++ b/gnu/packages/ld-wrapper.in @@ -81,7 +81,19 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line)) (define %allow-impurities? ;; Whether to allow references to libraries outside the store. - (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES")) + ;; Allow them by default for convenience. + (let ((value (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES"))) + (or (not value) + (let ((value (string-downcase value))) + (cond ((member value '("yes" "y" "t" "true" "1")) + #t) + ((member value '("no" "n" "f" "false" "0")) + #f) + (else + (format (current-error-port) + "ld-wrapper: ~s: invalid value for \ +'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'~%" + value))))))) (define %debug? ;; Whether to emit debugging output. diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm index a39a884852..be5ad78b93 100644 --- a/guix/build/gnu-build-system.scm +++ b/guix/build/gnu-build-system.scm @@ -87,6 +87,9 @@ See https://reproducible-builds.org/specs/source-date-epoch/." (#f ; not cross compiling '()))) + ;; Tell 'ld-wrapper' to disallow non-store libraries. + (setenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES" "no") + ;; When cross building, $PATH must refer only to native (host) inputs since ;; target inputs are not executable. (set-path-environment-variable "PATH" '("bin" "sbin") -- cgit v1.2.3