From d0a2db47fb550d684c47a0ae3b541a9a71727d9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludovic.courtes@inria.fr>
Date: Thu, 29 Mar 2018 17:54:53 +0200
Subject: [PATCH] ld-wrapper: Allow linking with non-store libraries by
 default.

This was suggested on several occasions, notably
<https://bugs.gnu.org/24544>.

* gnu/packages/ld-wrapper.in (%allow-impurities?): Default to #t and
parse the value of 'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'.
* guix/build/gnu-build-system.scm (set-paths): Set
'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'.
---
 gnu/packages/ld-wrapper.in      | 14 +++++++++++++-
 guix/build/gnu-build-system.scm |  3 +++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/ld-wrapper.in b/gnu/packages/ld-wrapper.in
index c1f2038acb6..16780c58f6c 100644
--- a/gnu/packages/ld-wrapper.in
+++ b/gnu/packages/ld-wrapper.in
@@ -81,7 +81,19 @@ exec @GUILE@ -c "(load-compiled \"@SELF@.go\") (apply $main (cdr (command-line))
 
 (define %allow-impurities?
   ;; Whether to allow references to libraries outside the store.
-  (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES"))
+  ;; Allow them by default for convenience.
+  (let ((value (getenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES")))
+    (or (not value)
+        (let ((value (string-downcase value)))
+          (cond ((member value '("yes" "y" "t" "true" "1"))
+                 #t)
+                ((member value '("no" "n" "f" "false" "0"))
+                 #f)
+                (else
+                 (format (current-error-port)
+                         "ld-wrapper: ~s: invalid value for \
+'GUIX_LD_WRAPPER_ALLOW_IMPURITIES'~%"
+                         value)))))))
 
 (define %debug?
   ;; Whether to emit debugging output.
diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.scm
index a39a884852f..be5ad78b93c 100644
--- a/guix/build/gnu-build-system.scm
+++ b/guix/build/gnu-build-system.scm
@@ -87,6 +87,9 @@ (define native-input-directories
       (#f                                         ; not cross compiling
        '())))
 
+  ;; Tell 'ld-wrapper' to disallow non-store libraries.
+  (setenv "GUIX_LD_WRAPPER_ALLOW_IMPURITIES" "no")
+
   ;; When cross building, $PATH must refer only to native (host) inputs since
   ;; target inputs are not executable.
   (set-path-environment-variable "PATH" '("bin" "sbin")
-- 
GitLab