From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
Subject: bug#25852: Users not updating their installations of Guix
Date: Wed, 10 May 2017 15:12:01 +0200
Message-ID: <877f1oua8u.fsf@gnu.org>
References: <20170223211156.GA24382@jasmine> <877f429kju.fsf@gnu.org>
	<87wpc1k0e5.fsf@netris.org> <87efy9gyr5.fsf@gnu.org>
	<87k27wporb.fsf@netris.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:35794)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d8RQQ-0003UN-Jk
	for bug-guix@gnu.org; Wed, 10 May 2017 09:13:11 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d8RQM-0001ne-JO
	for bug-guix@gnu.org; Wed, 10 May 2017 09:13:06 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:60756)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1d8RQM-0001na-G6
	for bug-guix@gnu.org; Wed, 10 May 2017 09:13:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d8RQM-0000tJ-4y
	for bug-guix@gnu.org; Wed, 10 May 2017 09:13:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.25852.B25852.14944219373375@debbugs.gnu.org>
In-Reply-To: <87k27wporb.fsf@netris.org> (Mark H. Weaver's message of "Fri, 10
	Mar 2017 20:48:24 -0500")
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Mark H Weaver <mhw@netris.org>
Cc: 25852@debbugs.gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi there,

Mark H Weaver <mhw@netris.org> skribis:

> ludo@gnu.org (Ludovic Court=C3=A8s) writes:
>
>> Mark H Weaver <mhw@netris.org> skribis:
>>
>>> We could simply issue a warning if the version of guix currently in use
>>> is more than N hours old, on the assumption that after N hours it's
>>> likely to be stale.  The default value of N might be in the range 48-96
>>> (2-4 days).  A quick perusal through the recent commit log on our master
>>> branch indicates that it's quite rare for 4 days to pass without a
>>> security update.
>>>
>>> What do you think?
>>
>> That sounds like an easy and reasonable approach.
>>
>> I wonder what would be the best place to emit this warning.  Upon =E2=80=
=98guix
>> package -i=E2=80=99 maybe?
>
> Also "guix package -u" and the "guix system" commands that build
> systems.  I suspect that many users run "guix pull" as their normal
> users but never think to run it as root.

If there are no objections, I=E2=80=99ll push the attached patch.  It sets a
default value of 7 days (which I think is already more aggressive that
what many are doing), which can be overridden with
GUIX_DISTRO_AGE_WARNING.

Ludo=E2=80=99.


--=-=-=
Content-Type: text/x-patch; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

diff --git a/guix/scripts.scm b/guix/scripts.scm
index da35e71ac..b9fa561f1 100644
--- a/guix/scripts.scm
+++ b/guix/scripts.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright =C2=A9 2013, 2014, 2015 Ludovic Court=C3=A8s <ludo@gnu.org>
+;;; Copyright =C2=A9 2013, 2014, 2015, 2017 Ludovic Court=C3=A8s <ludo@gnu=
.org>
 ;;; Copyright =C2=A9 2014 Deck Pickard <deck.r.pickard@gmail.com>
 ;;; Copyright =C2=A9 2015, 2016 Alex Kost <alezost@gmail.com>
 ;;;
@@ -27,13 +27,16 @@
   #:use-module (guix packages)
   #:use-module (guix derivations)
   #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-19)
   #:use-module (srfi srfi-37)
   #:use-module (ice-9 match)
   #:export (args-fold*
             parse-command-line
             maybe-build
             build-package
-            build-package-source))
+            build-package-source
+            %distro-age-warning
+            warn-about-old-distro))
=20
 ;;; Commentary:
 ;;;
@@ -136,4 +139,39 @@ Show what and how will/would be built."
                      #:dry-run? dry-run?)
         (return (show-derivation-outputs derivation))))))
=20
+(define %distro-age-warning
+  ;; The age (in seconds) above which we warn that the distro is too old.
+  (make-parameter (or (and=3D> (getenv "GUIX_DISTRO_AGE_WARNING")
+                             (compose time-second
+                                      string->duration))
+                      (* 7 24 3600))))
+
+(define* (warn-about-old-distro #:optional (old (%distro-age-warning))
+                                #:key (suggested-command
+                                       "guix package -u"))
+  "Emit a warning if Guix is older than OLD seconds."
+  (let-syntax ((false-if-not-found
+                (syntax-rules ()
+                  ((_ exp)
+                   (catch 'system-error
+                     (lambda ()
+                       exp)
+                     (lambda args
+                       (if (=3D ENOENT (system-error-errno args))
+                           #f
+                           (apply throw args))))))))
+    (define age
+      (match (false-if-not-found
+              (lstat (string-append (config-directory) "/latest")))
+        (#f    (* 2 old))
+        (stat  (- (time-second (current-time time-utc))
+                  (stat:mtime stat)))))
+
+    (when (>=3D age old)
+      (warning (G_ "Your Guix installation is getting old.  Consider
+running 'guix pull' followed by '~a' to get up-to-date
+packages and security updates.\n")
+               suggested-command)
+      (newline (guix-warning-port)))))
+
 ;;; scripts.scm ends here
diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index 92676c222..fbe19d522 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -859,6 +859,9 @@ processed, #f otherwise."
                                   (manifest-transaction-install step2)))))
          (new      (manifest-perform-transaction manifest step3)))
=20
+    (unless (null? (manifest-transaction-install step3))
+      (warn-about-old-distro))
+
     (unless (manifest-transaction-null? step3)
       (show-manifest-transaction store manifest step3
                                  #:dry-run? dry-run?)
diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm
index 2872bcae6..9c0976750 100644
--- a/guix/scripts/system.scm
+++ b/guix/scripts/system.scm
@@ -847,6 +847,8 @@ resulting from command-line parsing."
             ((shepherd-graph)
              (export-shepherd-graph os (current-output-port)))
             (else
+             (warn-about-old-distro #:suggested-command
+                                    "guix system reconfigure")
              (perform-action action os
                              #:dry-run? dry?
                              #:derivations-only? (assoc-ref opts
diff --git a/guix/ui.scm b/guix/ui.scm
index e551d48c3..e7cb40927 100644
--- a/guix/ui.scm
+++ b/guix/ui.scm
@@ -1008,6 +1008,7 @@ following patterns: \"1d\", \"1w\", \"1m\"."
            (make-time time-duration 0
                       (string->number (match:substring match 1)))))
         ((string-match "^([0-9]+)h$" str)
+         =3D>
          (lambda (match)
            (hours->duration 1 match)))
         ((string-match "^([0-9]+)d$" str)

--=-=-=--