diff mbox

gnu: Add bind

Message ID 1472500613-24093-1-git-send-email-john@darrington.wattle.id.au
State New
Headers show

Commit Message

John Darrington Aug. 29, 2016, 7:56 p.m. UTC
From: John Darrington <jmd@gnu.org>

* gnu/packages/networking.scm (bind): New variable.
---
 gnu/build/install.scm                              |  6 +++-
 gnu/local.mk                                       |  1 -
 gnu/packages/crypto.scm                            | 40 ++++++++++++++++++++++
 gnu/packages/gnunet.scm                            |  4 +--
 gnu/packages/linux.scm                             | 40 +++++++++++++++++++++-
 .../patches/xf86-video-openchrome-glibc-2.20.patch | 15 --------
 gnu/packages/video.scm                             |  4 +--
 gnu/packages/xorg.scm                              | 19 +++++-----
 gnu/tests/base.scm                                 | 36 +++++++++++++++++++
 guix/scripts/lint.scm                              | 13 +++++++
 tests/guix-environment-container.sh                |  2 +-
 tests/lint.scm                                     | 16 ++++++++-
 12 files changed, 162 insertions(+), 34 deletions(-)
 delete mode 100644 gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch

Comments

John Darrington Aug. 29, 2016, 8:08 p.m. UTC | #1
Sorry.  

Somehow this patch ended up with a whole lot of other stuff I didn't intend.

Forget it for now.  I'll send another patch for review when I've figured out
what happened.

J'

On Mon, Aug 29, 2016 at 09:56:53PM +0200, John Darrington wrote:
     From: John Darrington <jmd@gnu.org>
     
     * gnu/packages/networking.scm (bind): New variable.
     ---
      gnu/build/install.scm                              |  6 +++-
      gnu/local.mk                                       |  1 -
      gnu/packages/crypto.scm                            | 40 ++++++++++++++++++++++
      gnu/packages/gnunet.scm                            |  4 +--
      gnu/packages/linux.scm                             | 40 +++++++++++++++++++++-
      .../patches/xf86-video-openchrome-glibc-2.20.patch | 15 --------
      gnu/packages/video.scm                             |  4 +--
      gnu/packages/xorg.scm                              | 19 +++++-----
      gnu/tests/base.scm                                 | 36 +++++++++++++++++++
      guix/scripts/lint.scm                              | 13 +++++++
      tests/guix-environment-container.sh                |  2 +-
      tests/lint.scm                                     | 16 ++++++++-
      12 files changed, 162 insertions(+), 34 deletions(-)
      delete mode 100644 gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
     
     diff --git a/gnu/build/install.scm b/gnu/build/install.scm
     index aebf38c..7431a09 100644
     --- a/gnu/build/install.scm
     +++ b/gnu/build/install.scm
     @@ -1,5 +1,5 @@
      ;;; GNU Guix --- Functional package management for GNU
     -;;; Copyright ?? 2013, 2014, 2015 Ludovic Court??s <ludo@gnu.org>
     +;;; Copyright ?? 2013, 2014, 2015, 2016 Ludovic Court??s <ludo@gnu.org>
      ;;;
      ;;; This file is part of GNU Guix.
      ;;;
     @@ -118,6 +118,10 @@ STORE."
          ("/var/guix/gcroots/booted-system" -> "/run/booted-system")
          ("/var/guix/gcroots/current-system" -> "/run/current-system")
      
     +    ;; XXX: 'guix-register' creates this symlink with a wrong target, so
     +    ;; create it upfront to be sure.
     +    ("/var/guix/gcroots/profiles" -> "/var/guix/profiles")
     +
          (directory "/bin")
          (directory "/tmp" 0 0 #o1777)                 ; sticky bit
          (directory "/var/tmp" 0 0 #o1777)
     diff --git a/gnu/local.mk b/gnu/local.mk
     index 98c8848..7ce8ad0 100644
     --- a/gnu/local.mk
     +++ b/gnu/local.mk
     @@ -857,7 +857,6 @@ dist_patch_DATA =						\
        %D%/packages/patches/xf86-video-intel-glibc-2.20.patch	\
        %D%/packages/patches/xf86-video-mach64-glibc-2.20.patch	\
        %D%/packages/patches/xf86-video-nv-remove-mibstore.patch	\
     -  %D%/packages/patches/xf86-video-openchrome-glibc-2.20.patch	\
        %D%/packages/patches/xf86-video-tga-remove-mibstore.patch	\
        %D%/packages/patches/xfce4-panel-plugins.patch		\
        %D%/packages/patches/xfce4-session-fix-xflock4.patch		\
     diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
     index b982b61..73681b2 100644
     --- a/gnu/packages/crypto.scm
     +++ b/gnu/packages/crypto.scm
     @@ -223,3 +223,43 @@ to provide security against off-line attacks, such as a drive falling into
      the wrong hands.")
          (license (list license:lgpl3+                 ;encfs library
                         license:gpl3+))))              ;command-line tools
     +
     +(define-public keyutils
     +  (package
     +    (name "keyutils")
     +    (version "1.5.9")
     +    (source
     +     (origin
     +       (method url-fetch)
     +       (uri
     +        (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
     +                       version ".tar.bz2"))
     +       (sha256
     +        (base32
     +         "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd"))
     +       (modules '((guix build utils)))
     +       ;; Create relative symbolic links instead of absolute ones to /lib/*
     +       (snippet '(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
     +                                          "$(LNS) ")))))
     +    (build-system gnu-build-system)
     +    (arguments
     +     `(#:phases (modify-phases %standard-phases
     +                  (delete 'configure))          ; no configure script
     +       #:make-flags (list "CC=gcc"
     +                          "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
     +                          (string-append "DESTDIR="
     +                                         (assoc-ref %outputs "out"))
     +                          "INCLUDEDIR=/include"
     +                          "LIBDIR=/lib"
     +                          "MANDIR=/share/man"
     +                          "SHAREDIR=/share/keyutils")
     +       #:test-target "test"))
     +    (home-page "https://people.redhat.com/dhowells/keyutils/")
     +    (synopsis "Linux key managament utilities")
     +    (description
     +     "Keyutils is a set of utilities for managing the key retention facility in
     +the Linux kernel, which can be used by file systems, block devices, and more to
     +gain and retain the authorization and encryption keys required to perform
     +secure operations. ")
     +    (license (list license:lgpl2.1+             ; the files keyutils.*
     +                   license:gpl2+))))            ; the rest
     diff --git a/gnu/packages/gnunet.scm b/gnu/packages/gnunet.scm
     index b08ba74..525cddc 100644
     --- a/gnu/packages/gnunet.scm
     +++ b/gnu/packages/gnunet.scm
     @@ -126,14 +126,14 @@ tool to extract metadata from a file and print the results.")
      (define-public libmicrohttpd
        (package
         (name "libmicrohttpd")
     -   (version "0.9.50")
     +   (version "0.9.51")
         (source (origin
                  (method url-fetch)
                  (uri (string-append "mirror://gnu/libmicrohttpd/libmicrohttpd-"
                                      version ".tar.gz"))
                  (sha256
                   (base32
     -              "1mzbqr6sqisppz88mh73bbh5sw57g8l87qvhcjdx5pmbd183idni"))))
     +              "1ir3ga328zkyynznnw71dj64wsaz7pmbhl82lqp1y1hrl85vn01h"))))
         (build-system gnu-build-system)
         (inputs
          `(("curl" ,curl)
     diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
     index ff6b220..6695ffb 100644
     --- a/gnu/packages/linux.scm
     +++ b/gnu/packages/linux.scm
     @@ -41,6 +41,7 @@
        #:use-module (gnu packages bison)
        #:use-module (gnu packages calendar)
        #:use-module (gnu packages check)
     +  #:use-module (gnu packages crypto)
        #:use-module (gnu packages compression)
        #:use-module (gnu packages databases)
        #:use-module (gnu packages docbook)
     @@ -51,6 +52,7 @@
        #:use-module (gnu packages gcc)
        #:use-module (gnu packages gettext)
        #:use-module (gnu packages glib)
     +  #:use-module (gnu packages gnuzilla)
        #:use-module (gnu packages gperf)
        #:use-module (gnu packages gsasl)
        #:use-module (gnu packages gtk)
     @@ -304,7 +306,6 @@ disk.  It allows for fast, seamless sharing of files across a network.")
          ;; that is what is intended.
          (license license:gpl2)))
      
     -
      (define %boot-logo-patch
        ;; Linux-Libre boot logo featuring Freedo and a gnu.
        (origin
     @@ -2968,3 +2969,40 @@ as used on certified hardware security devices.")
                         (license:non-copyleft "file://nist/packtest.c")
                         license:public-domain        ; nist/dfft.c
                         license:gpl3+))))            ; everything else
     +
     +(define-public ecryptfs-utils
     +  (package
     +    (name "ecryptfs-utils")
     +    (version "111")
     +    (source
     +     (origin
     +       (method url-fetch)
     +       (uri (string-append "https://launchpad.net/ecryptfs/trunk/"
     +                           version "/+download/ecryptfs-utils_"
     +                           version ".orig.tar.gz"))
     +       (sha256
     +        (base32
     +         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))))
     +    (build-system gnu-build-system)
     +    (arguments
     +     `(#:configure-flags (list "--disable-pywrap")))
     +    (native-inputs
     +     `(("intltool" ,intltool)
     +       ("perl" ,perl)                   ; for pod2man
     +       ("pkg-config" ,pkg-config)))
     +    (inputs
     +     `(("keyutils" ,keyutils)
     +       ("linux-pam" ,linux-pam)
     +       ("nss" ,nss)))
     +    (home-page "http://ecryptfs.org/")
     +    (synopsis "eCryptfs cryptographic file system utilities")
     +    (description
     +     "eCryptfs is a POSIX-compliant stacked cryptographic file system for Linux.
     +Each file's cryptographic meta-data is stored inside the file itself, along
     +with the encrypted contents.  This allows individual encrypted files to be
     +copied between hosts and still be decrypted with the proper key.  eCryptfs is a
     +native Linux file system, and has been part of the Linux kernel since version
     +2.6.19.  This package contains the userland utilities to manage it.")
     +    ;; The files src/key_mod/ecryptfs_key_mod_{openssl,pkcs11_helper,tspi}.c
     +    ;; grant additional permission to link with OpenSSL.
     +    (license license:gpl2+)))
     diff --git a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch b/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
     deleted file mode 100644
     index 4ed7ab0..0000000
     --- a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
     +++ /dev/null
     @@ -1,15 +0,0 @@
     -Allow builds with glibc 2.20.
     -Based on a patch by Peter Hutterer <peter.hutterer@who-t.net>.
     -See <https://raw.githubusercontent.com/openembedded/oe-core/master/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/always_include_xorg_server.h.patch>.
     -
     ---- xf86-video-openchrome-0.3.3/src/via_3d.h.~1~	2013-05-23 11:11:28.000000000 -0400
     -+++ xf86-video-openchrome-0.3.3/src/via_3d.h	2014-12-19 01:17:04.000953259 -0500
     -@@ -24,6 +24,8 @@
     - #ifndef VIA_3D_H
     - #define VIA_3D_H
     - 
     -+#include <xorg-server.h>
     -+
     - #include "xf86.h"
     - #include "via_dmabuffer.h"
     - 
     diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
     index 5c59ee2..8d50072 100644
     --- a/gnu/packages/video.scm
     +++ b/gnu/packages/video.scm
     @@ -400,14 +400,14 @@ standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
      (define-public ffmpeg
        (package
          (name "ffmpeg")
     -    (version "3.1.2")
     +    (version "3.1.3")
          (source (origin
                   (method url-fetch)
                   (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                       version ".tar.xz"))
                   (sha256
                    (base32
     -               "0qdxp6r6x47jzi6nmbsv3dhvm073c8n5hpnlmj5gwihgkyva5ljq"))))
     +               "08l8290gipm632dhrqndnphdpkc5ncqc1j3hxdx46r1a3q3mqmzq"))))
          (build-system gnu-build-system)
          (inputs
           `(("fontconfig" ,fontconfig)
     diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
     index 33ebc80..fe14b1c 100644
     --- a/gnu/packages/xorg.scm
     +++ b/gnu/packages/xorg.scm
     @@ -2384,7 +2384,7 @@ devices, thus making direct access unnecessary.")
      (define-public xf86-input-evdev
        (package
          (name "xf86-input-evdev")
     -    (version "2.10.1")
     +    (version "2.10.3")
          (source
            (origin
              (method url-fetch)
     @@ -2394,7 +2394,7 @@ devices, thus making direct access unnecessary.")
                     ".tar.bz2"))
              (sha256
                (base32
     -            "05z05n39v8s2b0hwhcjb1bca7j8gc62bv9jxnibawwmjym3jp75g"))))
     +            "18ijnclnylrr7vkvflalkw4bqfily3scg6baczjjgycdpsj1p8js"))))
          (build-system gnu-build-system)
          (inputs
            `(("udev" ,eudev)
     @@ -2534,7 +2534,7 @@ as USB mice.")
      (define-public xf86-input-synaptics
        (package
          (name "xf86-input-synaptics")
     -    (version "1.8.3")
     +    (version "1.8.99.1")
          (source
            (origin
              (method url-fetch)
     @@ -2544,7 +2544,7 @@ as USB mice.")
                     ".tar.bz2"))
              (sha256
                (base32
     -            "009zx199pilcvlaqm6fx4mg94q81d6vvl5rznmw3frzkfh6117yk"))))
     +            "1apbcwn20p7sy07ghlldmqcnxag2r9sdjqmb4xxzki0hz8wm72ac"))))
          (build-system gnu-build-system)
          (inputs `(("libx11" ,libx11)
                    ("libxi" ,libxi)
     @@ -2646,7 +2646,7 @@ as USB mice.")
      (define-public xf86-video-ati
        (package
          (name "xf86-video-ati")
     -    (version "7.6.1")
     +    (version "7.7.0")
          (source
            (origin
              (method url-fetch)
     @@ -2656,7 +2656,7 @@ as USB mice.")
                     ".tar.bz2"))
              (sha256
                (base32
     -            "0k6kw69mcarlmxlb4jlhz887jxqr94qx2pin04xcv2ysp3pdj5i5"))))
     +            "1hy1n8an98mflfbdcb3q7wv59x971j7nf9zhivf90p0lgdbiqkc4"))))
          (build-system gnu-build-system)
          (inputs `(("mesa" ,mesa)
                    ("xxf86driproto" ,xf86driproto)
     @@ -3072,7 +3072,7 @@ graphics cards.")
      (define-public xf86-video-openchrome
        (package
          (name "xf86-video-openchrome")
     -    (version "0.3.3")
     +    (version "0.5.0")
          (source
            (origin
              (method url-fetch)
     @@ -3081,9 +3081,8 @@ graphics cards.")
                     version
                     ".tar.bz2"))
              (sha256
     -          (base32
     -           "1v8j4i1r268n4fc5gq54zg1x50j0rhw71f3lba7411mcblg2z7p4"))
     -        (patches (search-patches "xf86-video-openchrome-glibc-2.20.patch"))))
     +         (base32
     +          "1fsmr455lk89zl795d6b5ypyqjim40j3h2vjch52lcssjw9xdza9"))))
          (build-system gnu-build-system)
          (inputs `(("libx11" ,libx11)
                    ("libxext" ,libxext)
     diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm
     index 7170ab1..ca6f76c 100644
     --- a/gnu/tests/base.scm
     +++ b/gnu/tests/base.scm
     @@ -190,6 +190,42 @@ info --version")
                                        (setlocale LC_ALL before)))
                                   marionette))
      
     +          (test-assert "/run/current-system is a GC root"
     +            (marionette-eval '(begin
     +                                ;; Make sure the (guix ???) modules are found.
     +                                (eval-when (expand load eval)
     +                                  (set! %load-path
     +                                    (cons
     +                                     (string-append
     +                                      "/run/current-system/profile/share/guile/site/"
     +                                      (effective-version))
     +                                     %load-path))
     +                                  (set! %load-compiled-path
     +                                    (cons
     +                                     (string-append
     +                                      "/run/current-system/profile/share/guile/site/"
     +                                      (effective-version))
     +                                     %load-compiled-path)))
     +
     +                                (use-modules (srfi srfi-34) (guix store))
     +
     +                                (let ((system (readlink "/run/current-system")))
     +                                  (guard (c ((nix-protocol-error? c)
     +                                             (file-exists? system)))
     +                                    (with-store store
     +                                      (delete-paths store (list system))
     +                                      #f))))
     +                             marionette))
     +
     +          ;; This symlink is currently unused, but better have it point to the
     +          ;; right place.  See
     +          ;; <https://lists.gnu.org/archive/html/guix-devel/2016-08/msg01641.html>.
     +          (test-equal "/var/guix/gcroots/profiles is a valid symlink"
     +            "/var/guix/profiles"
     +            (marionette-eval '(readlink "/var/guix/gcroots/profiles")
     +                             marionette))
     +
     +
                (test-assert "screendump"
                  (begin
                    (marionette-control (string-append "screendump " #$output
     diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm
     index 51191e7..eac3214 100644
     --- a/guix/scripts/lint.scm
     +++ b/guix/scripts/lint.scm
     @@ -161,6 +161,18 @@ markup is valid return a plain-text version of DESCRIPTION, otherwise #f."
                            'description)
              #f)))
      
     +  (define (check-trademarks description)
     +    "Check that DESCRIPTION does not contain '???' or '??' characters.  See
     +http://www.gnu.org/prep/standards/html_node/Trademarks.html."
     +    (match (string-index description (char-set #\??? #\??))
     +      ((and (? number?) index)
     +       (emit-warning package
     +                     (format #f (_ "description should not contain ~
     +trademark sign '~a' at ~d")
     +                             (string-ref description index) index)
     +                     'description))
     +      (else #t)))
     +
        (define (check-proper-start description)
          (unless (or (properly-starts-sentence? description)
                      (string-prefix-ci? (package-name package) description))
     @@ -191,6 +203,7 @@ by two spaces; possible infraction~p at ~{~a~^, ~}")
          (if (string? description)
              (begin
                (check-not-empty description)
     +          (check-trademarks description)
                ;; Use raw description for this because Texinfo rendering
                ;; automatically fixes end of sentence space.
                (check-end-of-sentence-space description)
     diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh
     index 12da950..d7c1b70 100644
     --- a/tests/guix-environment-container.sh
     +++ b/tests/guix-environment-container.sh
     @@ -72,7 +72,7 @@ mount_test_code="
                        ;; correspond to a parent file system.
                        ((_ mount (or \"tmpfs\" \"proc\" \"sysfs\" \"devtmpfs\"
                                      \"devpts\" \"cgroup\" \"mqueue\") _ _ _)
     -                   (and (string-prefix? mount (getcwd))
     +                   (and (string-prefix? (getcwd) mount)
      		        mount))
                        ((_ mount _ _ _ _)
                         mount)))
     diff --git a/tests/lint.scm b/tests/lint.scm
     index 770f43e..df69d2b 100644
     --- a/tests/lint.scm
     +++ b/tests/lint.scm
     @@ -1,6 +1,6 @@
      ;;; GNU Guix --- Functional package management for GNU
      ;;; Copyright ?? 2012, 2013 Cyril Roelandt <tipecaml@gmail.com>
     -;;; Copyright ?? 2014, 2015 Eric Bavier <bavier@member.fsf.org>
     +;;; Copyright ?? 2014, 2015, 2016 Eric Bavier <bavier@member.fsf.org>
      ;;; Copyright ?? 2014, 2015, 2016 Ludovic Court??s <ludo@gnu.org>
      ;;; Copyright ?? 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
      ;;;
     @@ -203,6 +203,20 @@ string) on HTTP requests."
                         "E.g. Foo, i.e. Bar resp. Baz (a.k.a. DVD)."))))
             (check-description-style pkg)))))
      
     +(test-assert "description: may not contain trademark signs"
     +  (and (->bool
     +        (string-contains (with-warnings
     +                           (let ((pkg (dummy-package "x"
     +                                        (description "Does The Right Thing???"))))
     +                             (check-description-style pkg)))
     +                         "should not contain trademark sign"))
     +       (->bool
     +        (string-contains (with-warnings
     +                           (let ((pkg (dummy-package "x"
     +                                        (description "Works with Format??"))))
     +                             (check-description-style pkg)))
     +                         "should not contain trademark sign"))))
     +
      (test-assert "synopsis: not a string"
        (->bool
         (string-contains (with-warnings
     -- 
     2.1.4
diff mbox

Patch

diff --git a/gnu/build/install.scm b/gnu/build/install.scm
index aebf38c..7431a09 100644
--- a/gnu/build/install.scm
+++ b/gnu/build/install.scm
@@ -1,5 +1,5 @@ 
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -118,6 +118,10 @@  STORE."
     ("/var/guix/gcroots/booted-system" -> "/run/booted-system")
     ("/var/guix/gcroots/current-system" -> "/run/current-system")
 
+    ;; XXX: 'guix-register' creates this symlink with a wrong target, so
+    ;; create it upfront to be sure.
+    ("/var/guix/gcroots/profiles" -> "/var/guix/profiles")
+
     (directory "/bin")
     (directory "/tmp" 0 0 #o1777)                 ; sticky bit
     (directory "/var/tmp" 0 0 #o1777)
diff --git a/gnu/local.mk b/gnu/local.mk
index 98c8848..7ce8ad0 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -857,7 +857,6 @@  dist_patch_DATA =						\
   %D%/packages/patches/xf86-video-intel-glibc-2.20.patch	\
   %D%/packages/patches/xf86-video-mach64-glibc-2.20.patch	\
   %D%/packages/patches/xf86-video-nv-remove-mibstore.patch	\
-  %D%/packages/patches/xf86-video-openchrome-glibc-2.20.patch	\
   %D%/packages/patches/xf86-video-tga-remove-mibstore.patch	\
   %D%/packages/patches/xfce4-panel-plugins.patch		\
   %D%/packages/patches/xfce4-session-fix-xflock4.patch		\
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index b982b61..73681b2 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -223,3 +223,43 @@  to provide security against off-line attacks, such as a drive falling into
 the wrong hands.")
     (license (list license:lgpl3+                 ;encfs library
                    license:gpl3+))))              ;command-line tools
+
+(define-public keyutils
+  (package
+    (name "keyutils")
+    (version "1.5.9")
+    (source
+     (origin
+       (method url-fetch)
+       (uri
+        (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
+                       version ".tar.bz2"))
+       (sha256
+        (base32
+         "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd"))
+       (modules '((guix build utils)))
+       ;; Create relative symbolic links instead of absolute ones to /lib/*
+       (snippet '(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
+                                          "$(LNS) ")))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases (modify-phases %standard-phases
+                  (delete 'configure))          ; no configure script
+       #:make-flags (list "CC=gcc"
+                          "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
+                          (string-append "DESTDIR="
+                                         (assoc-ref %outputs "out"))
+                          "INCLUDEDIR=/include"
+                          "LIBDIR=/lib"
+                          "MANDIR=/share/man"
+                          "SHAREDIR=/share/keyutils")
+       #:test-target "test"))
+    (home-page "https://people.redhat.com/dhowells/keyutils/")
+    (synopsis "Linux key managament utilities")
+    (description
+     "Keyutils is a set of utilities for managing the key retention facility in
+the Linux kernel, which can be used by file systems, block devices, and more to
+gain and retain the authorization and encryption keys required to perform
+secure operations. ")
+    (license (list license:lgpl2.1+             ; the files keyutils.*
+                   license:gpl2+))))            ; the rest
diff --git a/gnu/packages/gnunet.scm b/gnu/packages/gnunet.scm
index b08ba74..525cddc 100644
--- a/gnu/packages/gnunet.scm
+++ b/gnu/packages/gnunet.scm
@@ -126,14 +126,14 @@  tool to extract metadata from a file and print the results.")
 (define-public libmicrohttpd
   (package
    (name "libmicrohttpd")
-   (version "0.9.50")
+   (version "0.9.51")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnu/libmicrohttpd/libmicrohttpd-"
                                 version ".tar.gz"))
             (sha256
              (base32
-              "1mzbqr6sqisppz88mh73bbh5sw57g8l87qvhcjdx5pmbd183idni"))))
+              "1ir3ga328zkyynznnw71dj64wsaz7pmbhl82lqp1y1hrl85vn01h"))))
    (build-system gnu-build-system)
    (inputs
     `(("curl" ,curl)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index ff6b220..6695ffb 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -41,6 +41,7 @@ 
   #:use-module (gnu packages bison)
   #:use-module (gnu packages calendar)
   #:use-module (gnu packages check)
+  #:use-module (gnu packages crypto)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages databases)
   #:use-module (gnu packages docbook)
@@ -51,6 +52,7 @@ 
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages glib)
+  #:use-module (gnu packages gnuzilla)
   #:use-module (gnu packages gperf)
   #:use-module (gnu packages gsasl)
   #:use-module (gnu packages gtk)
@@ -304,7 +306,6 @@  disk.  It allows for fast, seamless sharing of files across a network.")
     ;; that is what is intended.
     (license license:gpl2)))
 
-
 (define %boot-logo-patch
   ;; Linux-Libre boot logo featuring Freedo and a gnu.
   (origin
@@ -2968,3 +2969,40 @@  as used on certified hardware security devices.")
                    (license:non-copyleft "file://nist/packtest.c")
                    license:public-domain        ; nist/dfft.c
                    license:gpl3+))))            ; everything else
+
+(define-public ecryptfs-utils
+  (package
+    (name "ecryptfs-utils")
+    (version "111")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://launchpad.net/ecryptfs/trunk/"
+                           version "/+download/ecryptfs-utils_"
+                           version ".orig.tar.gz"))
+       (sha256
+        (base32
+         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags (list "--disable-pywrap")))
+    (native-inputs
+     `(("intltool" ,intltool)
+       ("perl" ,perl)                   ; for pod2man
+       ("pkg-config" ,pkg-config)))
+    (inputs
+     `(("keyutils" ,keyutils)
+       ("linux-pam" ,linux-pam)
+       ("nss" ,nss)))
+    (home-page "http://ecryptfs.org/")
+    (synopsis "eCryptfs cryptographic file system utilities")
+    (description
+     "eCryptfs is a POSIX-compliant stacked cryptographic file system for Linux.
+Each file's cryptographic meta-data is stored inside the file itself, along
+with the encrypted contents.  This allows individual encrypted files to be
+copied between hosts and still be decrypted with the proper key.  eCryptfs is a
+native Linux file system, and has been part of the Linux kernel since version
+2.6.19.  This package contains the userland utilities to manage it.")
+    ;; The files src/key_mod/ecryptfs_key_mod_{openssl,pkcs11_helper,tspi}.c
+    ;; grant additional permission to link with OpenSSL.
+    (license license:gpl2+)))
diff --git a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch b/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
deleted file mode 100644
index 4ed7ab0..0000000
--- a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
+++ /dev/null
@@ -1,15 +0,0 @@ 
-Allow builds with glibc 2.20.
-Based on a patch by Peter Hutterer <peter.hutterer@who-t.net>.
-See <https://raw.githubusercontent.com/openembedded/oe-core/master/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/always_include_xorg_server.h.patch>.
-
---- xf86-video-openchrome-0.3.3/src/via_3d.h.~1~	2013-05-23 11:11:28.000000000 -0400
-+++ xf86-video-openchrome-0.3.3/src/via_3d.h	2014-12-19 01:17:04.000953259 -0500
-@@ -24,6 +24,8 @@
- #ifndef VIA_3D_H
- #define VIA_3D_H
- 
-+#include <xorg-server.h>
-+
- #include "xf86.h"
- #include "via_dmabuffer.h"
- 
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 5c59ee2..8d50072 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -400,14 +400,14 @@  standards (MPEG-2, MPEG-4 ASP/H.263, MPEG-4 AVC/H.264, and VC-1/VMW3).")
 (define-public ffmpeg
   (package
     (name "ffmpeg")
-    (version "3.1.2")
+    (version "3.1.3")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                  version ".tar.xz"))
              (sha256
               (base32
-               "0qdxp6r6x47jzi6nmbsv3dhvm073c8n5hpnlmj5gwihgkyva5ljq"))))
+               "08l8290gipm632dhrqndnphdpkc5ncqc1j3hxdx46r1a3q3mqmzq"))))
     (build-system gnu-build-system)
     (inputs
      `(("fontconfig" ,fontconfig)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 33ebc80..fe14b1c 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -2384,7 +2384,7 @@  devices, thus making direct access unnecessary.")
 (define-public xf86-input-evdev
   (package
     (name "xf86-input-evdev")
-    (version "2.10.1")
+    (version "2.10.3")
     (source
       (origin
         (method url-fetch)
@@ -2394,7 +2394,7 @@  devices, thus making direct access unnecessary.")
                ".tar.bz2"))
         (sha256
           (base32
-            "05z05n39v8s2b0hwhcjb1bca7j8gc62bv9jxnibawwmjym3jp75g"))))
+            "18ijnclnylrr7vkvflalkw4bqfily3scg6baczjjgycdpsj1p8js"))))
     (build-system gnu-build-system)
     (inputs
       `(("udev" ,eudev)
@@ -2534,7 +2534,7 @@  as USB mice.")
 (define-public xf86-input-synaptics
   (package
     (name "xf86-input-synaptics")
-    (version "1.8.3")
+    (version "1.8.99.1")
     (source
       (origin
         (method url-fetch)
@@ -2544,7 +2544,7 @@  as USB mice.")
                ".tar.bz2"))
         (sha256
           (base32
-            "009zx199pilcvlaqm6fx4mg94q81d6vvl5rznmw3frzkfh6117yk"))))
+            "1apbcwn20p7sy07ghlldmqcnxag2r9sdjqmb4xxzki0hz8wm72ac"))))
     (build-system gnu-build-system)
     (inputs `(("libx11" ,libx11)
               ("libxi" ,libxi)
@@ -2646,7 +2646,7 @@  as USB mice.")
 (define-public xf86-video-ati
   (package
     (name "xf86-video-ati")
-    (version "7.6.1")
+    (version "7.7.0")
     (source
       (origin
         (method url-fetch)
@@ -2656,7 +2656,7 @@  as USB mice.")
                ".tar.bz2"))
         (sha256
           (base32
-            "0k6kw69mcarlmxlb4jlhz887jxqr94qx2pin04xcv2ysp3pdj5i5"))))
+            "1hy1n8an98mflfbdcb3q7wv59x971j7nf9zhivf90p0lgdbiqkc4"))))
     (build-system gnu-build-system)
     (inputs `(("mesa" ,mesa)
               ("xxf86driproto" ,xf86driproto)
@@ -3072,7 +3072,7 @@  graphics cards.")
 (define-public xf86-video-openchrome
   (package
     (name "xf86-video-openchrome")
-    (version "0.3.3")
+    (version "0.5.0")
     (source
       (origin
         (method url-fetch)
@@ -3081,9 +3081,8 @@  graphics cards.")
                version
                ".tar.bz2"))
         (sha256
-          (base32
-           "1v8j4i1r268n4fc5gq54zg1x50j0rhw71f3lba7411mcblg2z7p4"))
-        (patches (search-patches "xf86-video-openchrome-glibc-2.20.patch"))))
+         (base32
+          "1fsmr455lk89zl795d6b5ypyqjim40j3h2vjch52lcssjw9xdza9"))))
     (build-system gnu-build-system)
     (inputs `(("libx11" ,libx11)
               ("libxext" ,libxext)
diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm
index 7170ab1..ca6f76c 100644
--- a/gnu/tests/base.scm
+++ b/gnu/tests/base.scm
@@ -190,6 +190,42 @@  info --version")
                                   (setlocale LC_ALL before)))
                              marionette))
 
+          (test-assert "/run/current-system is a GC root"
+            (marionette-eval '(begin
+                                ;; Make sure the (guix …) modules are found.
+                                (eval-when (expand load eval)
+                                  (set! %load-path
+                                    (cons
+                                     (string-append
+                                      "/run/current-system/profile/share/guile/site/"
+                                      (effective-version))
+                                     %load-path))
+                                  (set! %load-compiled-path
+                                    (cons
+                                     (string-append
+                                      "/run/current-system/profile/share/guile/site/"
+                                      (effective-version))
+                                     %load-compiled-path)))
+
+                                (use-modules (srfi srfi-34) (guix store))
+
+                                (let ((system (readlink "/run/current-system")))
+                                  (guard (c ((nix-protocol-error? c)
+                                             (file-exists? system)))
+                                    (with-store store
+                                      (delete-paths store (list system))
+                                      #f))))
+                             marionette))
+
+          ;; This symlink is currently unused, but better have it point to the
+          ;; right place.  See
+          ;; <https://lists.gnu.org/archive/html/guix-devel/2016-08/msg01641.html>.
+          (test-equal "/var/guix/gcroots/profiles is a valid symlink"
+            "/var/guix/profiles"
+            (marionette-eval '(readlink "/var/guix/gcroots/profiles")
+                             marionette))
+
+
           (test-assert "screendump"
             (begin
               (marionette-control (string-append "screendump " #$output
diff --git a/guix/scripts/lint.scm b/guix/scripts/lint.scm
index 51191e7..eac3214 100644
--- a/guix/scripts/lint.scm
+++ b/guix/scripts/lint.scm
@@ -161,6 +161,18 @@  markup is valid return a plain-text version of DESCRIPTION, otherwise #f."
                       'description)
         #f)))
 
+  (define (check-trademarks description)
+    "Check that DESCRIPTION does not contain '™' or '®' characters.  See
+http://www.gnu.org/prep/standards/html_node/Trademarks.html."
+    (match (string-index description (char-set #\™ #\®))
+      ((and (? number?) index)
+       (emit-warning package
+                     (format #f (_ "description should not contain ~
+trademark sign '~a' at ~d")
+                             (string-ref description index) index)
+                     'description))
+      (else #t)))
+
   (define (check-proper-start description)
     (unless (or (properly-starts-sentence? description)
                 (string-prefix-ci? (package-name package) description))
@@ -191,6 +203,7 @@  by two spaces; possible infraction~p at ~{~a~^, ~}")
     (if (string? description)
         (begin
           (check-not-empty description)
+          (check-trademarks description)
           ;; Use raw description for this because Texinfo rendering
           ;; automatically fixes end of sentence space.
           (check-end-of-sentence-space description)
diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh
index 12da950..d7c1b70 100644
--- a/tests/guix-environment-container.sh
+++ b/tests/guix-environment-container.sh
@@ -72,7 +72,7 @@  mount_test_code="
                   ;; correspond to a parent file system.
                   ((_ mount (or \"tmpfs\" \"proc\" \"sysfs\" \"devtmpfs\"
                                 \"devpts\" \"cgroup\" \"mqueue\") _ _ _)
-                   (and (string-prefix? mount (getcwd))
+                   (and (string-prefix? (getcwd) mount)
 		        mount))
                   ((_ mount _ _ _ _)
                    mount)))
diff --git a/tests/lint.scm b/tests/lint.scm
index 770f43e..df69d2b 100644
--- a/tests/lint.scm
+++ b/tests/lint.scm
@@ -1,6 +1,6 @@ 
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2012, 2013 Cyril Roelandt <tipecaml@gmail.com>
-;;; Copyright © 2014, 2015 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2014, 2015, 2016 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015, 2016 Mathieu Lirzin <mthl@gnu.org>
 ;;;
@@ -203,6 +203,20 @@  string) on HTTP requests."
                    "E.g. Foo, i.e. Bar resp. Baz (a.k.a. DVD)."))))
        (check-description-style pkg)))))
 
+(test-assert "description: may not contain trademark signs"
+  (and (->bool
+        (string-contains (with-warnings
+                           (let ((pkg (dummy-package "x"
+                                        (description "Does The Right Thingâ„¢"))))
+                             (check-description-style pkg)))
+                         "should not contain trademark sign"))
+       (->bool
+        (string-contains (with-warnings
+                           (let ((pkg (dummy-package "x"
+                                        (description "Works with Format®"))))
+                             (check-description-style pkg)))
+                         "should not contain trademark sign"))))
+
 (test-assert "synopsis: not a string"
   (->bool
    (string-contains (with-warnings