@@ -1768,7 +1768,7 @@ dist_patch_DATA = \
%D%/packages/patches/ripperx-missing-file.patch \
%D%/packages/patches/rpcbind-CVE-2017-8779.patch \
%D%/packages/patches/rtags-separate-rct.patch \
- %D%/packages/patches/racket-minimal-sh-via-rktio.patch \
+ %D%/packages/patches/racket-rktio-bin-sh.patch \
%D%/packages/patches/remake-impure-dirs.patch \
%D%/packages/patches/restic-0.9.6-fix-tests-for-go1.15.patch \
%D%/packages/patches/retroarch-LIBRETRO_DIRECTORY.patch \
similarity index 54%
rename from gnu/packages/patches/racket-minimal-sh-via-rktio.patch
rename to gnu/packages/patches/racket-rktio-bin-sh.patch
@@ -1,7 +1,7 @@
-From 3574b567c486d264d680a37586436c3b5a8cb978 Mon Sep 17 00:00:00 2001
+From 6a553f24439fe64fd3a2f0b5902f00590ca4241f Mon Sep 17 00:00:00 2001
From: Philip McGrath <philip@philipmcgrath.com>
Date: Thu, 4 Mar 2021 04:11:50 -0500
-Subject: [PATCH] patch rktio_process for "/bin/sh" on Guix
+Subject: [PATCH] rktio: patch rktio_process for "/bin/sh" on Guix
Racket provides the functions `system` and `process`,
which execute shell commands using `sh` (or `cmd` on Windows).
@@ -12,37 +12,38 @@ This patch adds a special case for "/bin/sh" to `rktio_process`,
the C function that implements the core of `system`, `process`,
and related Racket functions.
-Guix should enable the special case by defining the C preprocessor
-macro `GUIX_RKTIO_PATCH_BIN_SH` with the path to `sh` in the store.
If:
- 1. The `GUIX_RKTIO_PATCH_BIN_SH` macro is defined; and
+ 1. The nonstandard but ubiquitous macro `_PATH_BSHELL` from
+ <paths.h> is defined; and
2. `rktio_process` is called with the exact path "/bin/sh"; and
- 3. The path specified by `GUIX_RKTIO_PATCH_BIN_SH` does exists;
+ 3. The file specified by `_PATH_BSHELL` exists;
-then `rktio_process` will execute the file specified
-by `GUIX_RKTIO_PATCH_BIN_SH` instead of "/bin/sh".
+then `rktio_process` will execute the file specified by `_PATH_BSHELL`
+instead of "/bin/sh".
-Compared to previous attempts to patch the Racket sources,
-making this change at the C level is both:
-
- - More comprehensive: it catches all attempts to execute "/bin/sh",
- without having to track down the source of every occurance; and
-
- - Less intrusive: by guarding the special case with a C preprocessor
- conditional and a runtime check that the file in the store exists,
- we make it much less likely that it will "leak" out of Guix.
+Checking that the path specified by `_PATH_BSHELL` exists safeguards
+against obscure errors if attempting to use stand-alone executables
+built by the patched Racket in non-Guix envoronments.
---
- racket/src/rktio/rktio_process.c | 21 ++++++++++++++++++++-
- 1 file changed, 20 insertions(+), 1 deletion(-)
+ racket/src/rktio/rktio_process.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/racket/src/rktio/rktio_process.c b/racket/src/rktio/rktio_process.c
-index 89202436c0..465ebdd5c5 100644
+index fafaf728c1..796ebc59ce 100644
--- a/racket/src/rktio/rktio_process.c
+++ b/racket/src/rktio/rktio_process.c
-@@ -1224,12 +1224,14 @@ int rktio_process_allowed_flags(rktio_t *rktio)
+@@ -9,6 +9,7 @@
+ # include <sys/wait.h>
+ # include <errno.h>
+ # include <unistd.h>
++# include <paths.h> /* PATCHED for Guix */
+ # ifdef USE_ULIMIT
+ # include <ulimit.h>
+ # endif
+@@ -1301,12 +1302,14 @@ int rktio_process_allowed_flags(rktio_t *rktio)
/*========================================================================*/
rktio_process_result_t *rktio_process(rktio_t *rktio,
@@ -58,22 +59,17 @@ index 89202436c0..465ebdd5c5 100644
rktio_process_result_t *result;
intptr_t to_subprocess[2], from_subprocess[2], err_subprocess[2];
int pid;
-@@ -1255,6 +1257,23 @@ rktio_process_result_t *rktio_process(rktio_t *rktio,
+@@ -1333,6 +1336,18 @@ rktio_process_result_t *rktio_process(rktio_t *rktio,
int i;
#endif
+/* BEGIN PATCH for Guix */
-+#if defined(GUIX_RKTIO_PATCH_BIN_SH)
-+# define GUIX_AS_a_STR_HELPER(x) #x
-+# define GUIX_AS_a_STR(x) GUIX_AS_a_STR_HELPER(x)
-+ /* A level of indirection makes `#` work as needed: */
++#if defined(_PATH_BSHELL)
+ command =
+ ((0 == strcmp(_guix_orig_command, "/bin/sh"))
-+ && rktio_file_exists(rktio, GUIX_AS_a_STR(GUIX_RKTIO_PATCH_BIN_SH)))
-+ ? GUIX_AS_a_STR(GUIX_RKTIO_PATCH_BIN_SH)
++ && rktio_file_exists(rktio, _PATH_BSHELL))
++ ? _PATH_BSHELL
+ : _guix_orig_command;
-+# undef GUIX_AS_a_STR
-+# undef GUIX_AS_a_STR_HELPER
+#else
+ command = _guix_orig_command;
+#endif
@@ -82,6 +78,8 @@ index 89202436c0..465ebdd5c5 100644
/* avoid compiler warnings: */
to_subprocess[0] = -1;
to_subprocess[1] = -1;
+
+base-commit: 9d228d16fb99c274c964e5bef93e97333888769f
--
-2.21.1 (Apple Git-122.3)
+2.32.0
@@ -36,7 +36,6 @@ (define-module (gnu packages racket)
#:use-module (ice-9 match)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
- #:use-module (gnu packages bash)
#:use-module (gnu packages chez)
#:use-module (gnu packages compression)
#:use-module (gnu packages databases)
@@ -212,7 +211,7 @@ (define %racket-origin
(sha256
(base32 "0f9zyhdvbh4xsndrqjzl85j5ziz0rmqi676g9s1lw3h3skq2636h"))
(file-name (git-file-name "racket" %racket-version))
- (patches (search-patches "racket-minimal-sh-via-rktio.patch"))
+ (patches (search-patches "racket-rktio-bin-sh.patch"))
(modules '((guix build utils)))
(snippet
#~(begin
@@ -232,8 +231,7 @@ (define %racket-origin
;; Unbundle libffi.
(delete-file-recursively "racket/src/bc/foreign/libffi")))))
-(define (racket-vm-common-configure-flags)
- ;; under a lambda abstraction to avoid evaluating bash-minimal too early.
+(define racket-vm-common-configure-flags
#~`(,@(cond
((false-if-exception
(search-input-file %build-inputs "/bin/libtool"))
@@ -248,8 +246,6 @@ (define (racket-vm-common-configure-flags)
(list (string-append "--enable-racket=" racket))))
(else
'()))
- ,(string-append "CPPFLAGS=-DGUIX_RKTIO_PATCH_BIN_SH="
- #$(file-append bash-minimal "/bin/sh"))
"--disable-strip"
;; Using --enable-origtree lets us distinguish the VM from subsequent
;; layers and produces a build with the shape expected by tools such as
@@ -267,7 +263,6 @@ (define-public racket-vm-cgc
(version %racket-version)
(source %racket-origin)
(inputs (list ncurses ;; <- common to all variants (for #%terminal)
- bash-minimal ;; <- common to all variants (for `system`)
libffi)) ;; <- only for BC variants
(native-inputs (list libtool)) ;; <- only for BC variants
(outputs '("out" "debug"))
@@ -276,7 +271,7 @@ (define-public racket-vm-cgc
(list
#:configure-flags
#~(cons "--enable-cgcdefault"
- #$(racket-vm-common-configure-flags))
+ #$racket-vm-common-configure-flags)
;; Tests are in packages like racket-test-core and
;; main-distribution-test that aren't part of the main
;; distribution.
@@ -359,7 +354,7 @@ (define-public racket-vm-bc
(substitute-keyword-arguments (package-arguments racket-vm-cgc)
((#:configure-flags _ '())
#~(cons "--enable-bconly"
- #$(racket-vm-common-configure-flags)))))
+ #$racket-vm-common-configure-flags))))
(synopsis "Racket BC [3M] implementation")
(description "The Racket BC (``before Chez'' or ``bytecode'')
implementation was the default before Racket 8.0. It uses a compiler written
@@ -405,7 +400,7 @@ (define-public racket-vm-cs
#$(this-package-native-input
"chez-scheme-for-racket")
"/bin/scheme")
- #$(racket-vm-common-configure-flags)))))
+ #$racket-vm-common-configure-flags))))
(synopsis "Racket CS implementation")
(description "The Racket CS implementation, which uses ``Chez Scheme'' as
its core compiler and runtime system, has been the default Racket VM