bug#25852: Users not updating their installations of Guix

[ludo@gnu.org (Ludovic Courtès)]

[-- Attachment #1: Type: text/plain, Size: 1167 bytes --]

Hi there,

Mark H Weaver <mhw@netris.org> skribis:

> ludo@gnu.org (Ludovic Courtès) writes:
>
>> Mark H Weaver <mhw@netris.org> skribis:
>>
>>> We could simply issue a warning if the version of guix currently in use
>>> is more than N hours old, on the assumption that after N hours it's
>>> likely to be stale.  The default value of N might be in the range 48-96
>>> (2-4 days).  A quick perusal through the recent commit log on our master
>>> branch indicates that it's quite rare for 4 days to pass without a
>>> security update.
>>>
>>> What do you think?
>>
>> That sounds like an easy and reasonable approach.
>>
>> I wonder what would be the best place to emit this warning.  Upon ‘guix
>> package -i’ maybe?
>
> Also "guix package -u" and the "guix system" commands that build
> systems.  I suspect that many users run "guix pull" as their normal
> users but never think to run it as root.

If there are no objections, I’ll push the attached patch.  It sets a
default value of 7 days (which I think is already more aggressive that
what many are doing), which can be overridden with
GUIX_DISTRO_AGE_WARNING.

Ludo’.


[-- Attachment #2: Type: text/x-patch, Size: 4364 bytes --]

diff --git a/guix/scripts.scm b/guix/scripts.scm
index da35e71ac..b9fa561f1 100644
--- a/guix/scripts.scm
+++ b/guix/scripts.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2014 Deck Pickard <deck.r.pickard@gmail.com>
 ;;; Copyright © 2015, 2016 Alex Kost <alezost@gmail.com>
 ;;;
@@ -27,13 +27,16 @@
   #:use-module (guix packages)
   #:use-module (guix derivations)
   #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-19)
   #:use-module (srfi srfi-37)
   #:use-module (ice-9 match)
   #:export (args-fold*
             parse-command-line
             maybe-build
             build-package
-            build-package-source))
+            build-package-source
+            %distro-age-warning
+            warn-about-old-distro))
 
 ;;; Commentary:
 ;;;
@@ -136,4 +139,39 @@ Show what and how will/would be built."
                      #:dry-run? dry-run?)
         (return (show-derivation-outputs derivation))))))
 
+(define %distro-age-warning
+  ;; The age (in seconds) above which we warn that the distro is too old.
+  (make-parameter (or (and=> (getenv "GUIX_DISTRO_AGE_WARNING")
+                             (compose time-second
+                                      string->duration))
+                      (* 7 24 3600))))
+
+(define* (warn-about-old-distro #:optional (old (%distro-age-warning))
+                                #:key (suggested-command
+                                       "guix package -u"))
+  "Emit a warning if Guix is older than OLD seconds."
+  (let-syntax ((false-if-not-found
+                (syntax-rules ()
+                  ((_ exp)
+                   (catch 'system-error
+                     (lambda ()
+                       exp)
+                     (lambda args
+                       (if (= ENOENT (system-error-errno args))
+                           #f
+                           (apply throw args))))))))
+    (define age
+      (match (false-if-not-found
+              (lstat (string-append (config-directory) "/latest")))
+        (#f    (* 2 old))
+        (stat  (- (time-second (current-time time-utc))
+                  (stat:mtime stat)))))
+
+    (when (>= age old)
+      (warning (G_ "Your Guix installation is getting old.  Consider
+running 'guix pull' followed by '~a' to get up-to-date
+packages and security updates.\n")
+               suggested-command)
+      (newline (guix-warning-port)))))
+
 ;;; scripts.scm ends here
diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index 92676c222..fbe19d522 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -859,6 +859,9 @@ processed, #f otherwise."
                                   (manifest-transaction-install step2)))))
          (new      (manifest-perform-transaction manifest step3)))
 
+    (unless (null? (manifest-transaction-install step3))
+      (warn-about-old-distro))
+
     (unless (manifest-transaction-null? step3)
       (show-manifest-transaction store manifest step3
                                  #:dry-run? dry-run?)
diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm
index 2872bcae6..9c0976750 100644
--- a/guix/scripts/system.scm
+++ b/guix/scripts/system.scm
@@ -847,6 +847,8 @@ resulting from command-line parsing."
             ((shepherd-graph)
              (export-shepherd-graph os (current-output-port)))
             (else
+             (warn-about-old-distro #:suggested-command
+                                    "guix system reconfigure")
              (perform-action action os
                              #:dry-run? dry?
                              #:derivations-only? (assoc-ref opts
diff --git a/guix/ui.scm b/guix/ui.scm
index e551d48c3..e7cb40927 100644
--- a/guix/ui.scm
+++ b/guix/ui.scm
@@ -1008,6 +1008,7 @@ following patterns: \"1d\", \"1w\", \"1m\"."
            (make-time time-duration 0
                       (string->number (match:substring match 1)))))
         ((string-match "^([0-9]+)h$" str)
+         =>
          (lambda (match)
            (hours->duration 1 match)))
         ((string-match "^([0-9]+)d$" str)