Guix—like other GNU/Linux distributions—is traditionally bootstrapped from a set of bootstrap binaries: Bourne shell, command-line tools provided by GNU Coreutils, Awk, Findutils, ‘sed’, and ‘grep’ and Guile, GCC, Binutils, and the GNU C Library (see Inicializando). Usually, these bootstrap binaries are “taken for granted.”
Taking the bootstrap binaries for granted means that we consider them to be a correct and trustworthy “seed” for building the complete system. Therein lies a problem: the combined size of these bootstrap binaries is about 250MB (see Bootstrappable Builds in GNU Mes). Auditing or even inspecting these is next to impossible.
x86_64-linux, Guix now features a “Reduced
Binary Seed” bootstrap 35.
The Reduced Binary Seed bootstrap removes the most critical tools—from a
trust perspective—from the bootstrap binaries: GCC, Binutils and the GNU C
Library are replaced by:
bootstrap-mescc-tools (a tiny assembler and
bootstrap-mes (a small Scheme Interpreter and a C
compiler written in Scheme and the Mes C Library, built for TinyCC and for
Using these new binary seeds the “missing” Binutils, GCC, and the GNU C Library are built from source. From here on the more traditional bootstrap process resumes. This approach has reduced the bootstrap binaries in size to about 145MB in Guix v1.1.
The next step that Guix has taken is to replace the shell and all its utilities with implementations in Guile Scheme, the Scheme-only bootstrap. Gash (see Gash in The Gash manual) is a POSIX-compatible shell that replaces Bash, and it comes with Gash Utils which has minimalist replacements for Awk, the GNU Core Utilities, Grep, Gzip, Sed, and Tar. The rest of the bootstrap binary seeds that were removed are now built from source.
Building the GNU System from source is currently only possible by adding
some historical GNU packages as intermediate steps36. As Gash and Gash Utils mature, and
GNU packages become more bootstrappable again (e.g., new releases of GNU Sed
will also ship as gzipped tarballs again, as alternative to the hard to
xz-compression), this set of added packages can hopefully
be reduced again.
The graph below shows the resulting dependency graph for
gcc-core-mesboot0, the bootstrap compiler used for the traditional
bootstrap of the rest of the Guix System.
This further reduction has brought down the size of the binary seed to about
Work is ongoing to remove all binary blobs from our free software bootstrap
stack, working towards a Full Source Bootstrap. Also ongoing is work to
bring these bootstraps to the
architectures and to the Hurd.
We would like to say: “Full Source Bootstrap” and while we are working towards that goal it would be hyperbole to use that term for what we do now.
Packages such as
tar-1.22, and some others. For details, see
mescc-tools; that will be removed later, together with
Not shown in this graph are the static binaries for
xz that are used to get Guile running.