From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Philip Kaludercic <philipk@posteo.net>
Newsgroups: gmane.emacs.devel
Subject: Re: Patches for elpa-admin
Date: Sat, 21 May 2022 11:38:09 +0000
Message-ID: <87y1yv6rq6.fsf@posteo.net>
References: <874k2x8jhb.fsf@posteo.net>
 <jwvfsmf6mrm.fsf-monnier+emacs@gnu.org> <87czhiddc7.fsf@posteo.net>
 <jwv8rs65syi.fsf-monnier+emacs@gnu.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="24533"; mail-complaints-to="usenet@ciao.gmane.io"
Cc: ELPA Maintainers <emacs-devel@gnu.org>
To: Stefan Monnier <monnier@iro.umontreal.ca>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sat May 21 13:40:56 2022
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1nsNTc-0006BK-5R
	for ged-emacs-devel@m.gmane-mx.org; Sat, 21 May 2022 13:40:56 +0200
Original-Received: from localhost ([::1]:39508 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1nsNTa-0006GV-Kw
	for ged-emacs-devel@m.gmane-mx.org; Sat, 21 May 2022 07:40:54 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:44316)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <philipk@posteo.net>)
 id 1nsNR8-0005AI-RG
 for emacs-devel@gnu.org; Sat, 21 May 2022 07:38:22 -0400
Original-Received: from mout02.posteo.de ([185.67.36.66]:56193)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <philipk@posteo.net>)
 id 1nsNR6-000590-Ck
 for emacs-devel@gnu.org; Sat, 21 May 2022 07:38:22 -0400
Original-Received: from submission (posteo.de [185.67.36.169]) 
 by mout02.posteo.de (Postfix) with ESMTPS id A4197240108
 for <emacs-devel@gnu.org>; Sat, 21 May 2022 13:38:16 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1653133096; bh=Fvfxn6FVgAV51++I5FQ6Pj8Mv7p0/LdQKhSlJiXoQAE=;
 h=From:To:Cc:Subject:Autocrypt:Date:From;
 b=K4AIcMatIw6FrMoQtYgEQ/4A7Z0mAzJAm9Yrq2IE1cztsVtl2c4OeAiMj24++LdSr
 r1b0TrK7mJHu9wjchLfrroe03Uv+MEhPsBNYzAb5q/jkwZJ4+jg5gfgWMdpMfUXqKT
 QIRKrruTQkpp0s4THqPm8hE7Mi4zH+GOwxBAUL92WvZP3ChLf9UWwgcQFToSxX36Oe
 /4+9oGvPqsXYas4ax3hhAr5cnHym2TkbUM1L7bayaQKhH+B6hNRy5LY85U+F4DnR+6
 HDr3CB5k2WzMeaJxzaDnhrVuNdiHW7MhI4DGqm+Q4/wAnniSbifNsh+LA0LTo8na+l
 beCAXO5GdKqhQ==
Original-Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4L51n35Pvpz9rxM;
 Sat, 21 May 2022 13:38:15 +0200 (CEST)
X-Hashcash: 1:20:220521:monnier@iro.umontreal.ca::hC/M0s4rWDaqk0Jl:00000000000000000000000000000000000001W+x
X-Hashcash: 1:20:220521:emacs-devel@gnu.org::SOUJu/4TTsjMU2rb:00000000000000000000000000000000000000000067VT
Autocrypt: addr=philipk@posteo.net; prefer-encrypt=nopreference; keydata=
 mDMEYHHqUhYJKwYBBAHaRw8BAQdAp3GdmYJ6tm5McweY6dEvIYIiry+Oz9rU4MH6NHWK0Ee0QlBo
 aWxpcCBLYWx1ZGVyY2ljIChnZW5lcmF0ZWQgYnkgYXV0b2NyeXB0LmVsKSA8cGhpbGlwa0Bwb3N0
 ZW8ubmV0PoiQBBMWCAA4FiEEDM2H44ZoPt9Ms0eHtVrAHPRh1FwFAmBx6lICGwMFCwkIBwIGFQoJ
 CAsCBBYCAwECHgECF4AACgkQtVrAHPRh1FyTkgEAjlbGPxFchvMbxzAES3r8QLuZgCxeAXunM9gh
 io0ePtUBALVhh9G6wIoZhl0gUCbQpoN/UJHI08Gm1qDob5zDxnIHuDgEYHHqUhIKKwYBBAGXVQEF
 AQEHQNcRB+MUimTMqoxxMMUERpOR+Q4b1KgncDZkhrO2ql1tAwEIB4h4BBgWCAAgFiEEDM2H44Zo
 Pt9Ms0eHtVrAHPRh1FwFAmBx6lICGwwACgkQtVrAHPRh1Fw1JwD/Qo7kvtib8jy7puyWrSv0MeTS
 g8qIxgoRWJE/KKdkCLEA/jb9b9/g8nnX+UcwHf/4VfKsjExlnND3FrBviXUW6NcB
In-Reply-To: <jwv8rs65syi.fsf-monnier+emacs@gnu.org> (Stefan Monnier's message
 of "Fri, 15 Apr 2022 10:40:08 -0400")
Received-SPF: pass client-ip=185.67.36.66; envelope-from=philipk@posteo.net;
 helo=mout02.posteo.de
X-Spam_score_int: -43
X-Spam_score: -4.4
X-Spam_bar: ----
X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:290048
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/290048>

--=-=-=
Content-Type: text/plain

Stefan Monnier <monnier@iro.umontreal.ca> writes:

>> I will wait a bit to implement the changes i mentioned.
>
> Looking forward to them, thanks.

I have been experimenting with buffer-env's recent Guix support, and I
think it supersedes everything I had proposed before:


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline; filename=0001-Add-manifest.scm.patch

>From 9179865491899b6863967e0265afc50bf35f1f84 Mon Sep 17 00:00:00 2001
From: Philip Kaludercic <philipk@posteo.net>
Date: Sat, 21 May 2022 13:31:24 +0200
Subject: [PATCH] Add GNU Guix manifest.scm

---
 manifest.scm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 manifest.scm

diff --git a/manifest.scm b/manifest.scm
new file mode 100644
index 0000000000..5dfc19941a
--- /dev/null
+++ b/manifest.scm
@@ -0,0 +1,19 @@
+;; GNU Guix manifest for (Non)GNU ELPA
+;;
+;; This file specifies all the packages that are required for the ELPA
+;; build system to function correctly.  You can either use the "guix
+;; shell" command to create an environment with everything prepared.
+
+(specifications->manifest
+ (list "bubblewrap"
+       "coreutils"
+       "emacs-minimal"
+       "git"
+       "grep"
+       "imagemagick"
+       "lzip"
+       "make"
+       "markdown"
+       "tar"
+       "texinfo"))
+
-- 
2.36.1


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline; filename=0001-Add-GNU-Guix-manifest.scm.patch

>From 6ecb36dbb9c2a87501f4411e29f76f694eca452d Mon Sep 17 00:00:00 2001
From: Philip Kaludercic <philipk@posteo.net>
Date: Sat, 21 May 2022 13:32:04 +0200
Subject: [PATCH] Add GNU Guix manifest.scm

---
 manifest.scm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 manifest.scm

diff --git a/manifest.scm b/manifest.scm
new file mode 100644
index 0000000000..5dfc19941a
--- /dev/null
+++ b/manifest.scm
@@ -0,0 +1,19 @@
+;; GNU Guix manifest for (Non)GNU ELPA
+;;
+;; This file specifies all the packages that are required for the ELPA
+;; build system to function correctly.  You can either use the "guix
+;; shell" command to create an environment with everything prepared.
+
+(specifications->manifest
+ (list "bubblewrap"
+       "coreutils"
+       "emacs-minimal"
+       "git"
+       "grep"
+       "imagemagick"
+       "lzip"
+       "make"
+       "markdown"
+       "tar"
+       "texinfo"))
+
-- 
2.36.1


--=-=-=
Content-Type: text/plain


It might also be possible to add this to the elpa-admin branch, and link
it into elpa/nongnu like like the GNUmakefile.


--=-=-=
Content-Type: text/x-diff; charset=utf-8
Content-Disposition: inline;
 filename=0001-Bind-gnu-directory-as-a-read-only-mount-when-sandbox.patch
Content-Transfer-Encoding: quoted-printable

>From b9127e66e956c94ef30b5f3dd2d9a61d9d2c545b Mon Sep 17 00:00:00 2001
From: Philip Kaludercic <philipk@posteo.net>
Date: Sat, 21 May 2022 13:29:19 +0200
Subject: [PATCH 1/2] Bind /gnu directory as a read-only mount when sandboxi=
ng

This allows for packages installed and made available using GNU Guix
to be used by bubblewrap.
---
 elpa-admin.el | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/elpa-admin.el b/elpa-admin.el
index d570c3c6aa..a546bb63ba 100644
--- a/elpa-admin.el
+++ b/elpa-admin.el
@@ -955,7 +955,7 @@ The INFILE and DISPLAY arguments are fixed as nil."
     "--tmpfs" "/tmp"))
=20
 (defvar elpaa--sandbox-ro-binds
-  '("/lib" "/lib64" "/bin" "/usr" "/etc/alternatives" "/etc/emacs"))
+  '("/lib" "/lib64" "/bin" "/usr" "/etc/alternatives" "/etc/emacs" "/gnu"))
=20
 (defun elpaa--call-sandboxed (destination &rest args)
   "Like =E2=80=98elpaa--call=E2=80=99 but sandboxed.
--=20
2.36.1


--=-=-=
Content-Type: text/plain


With a manifest file, all the packages necessary for the ELPA
build-system to work are provided within the new environment.  All that
has to be changed (see last patch) is to tell bubblewrap that the /gnu
directory should be visible, as "guix shell" adds a profile from within
that directory to the PATH.

I also noticed that there are issues when running "make -B" because
mkdir doesn't want to re-create the "packages" directory.  So this
change should be non-controversial:


--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline;
 filename=0002-Tolerate-if-packages-already-exists.patch

>From 05edc183b771611e2e028d00bdb1de437a52b504 Mon Sep 17 00:00:00 2001
From: Philip Kaludercic <philipk@posteo.net>
Date: Sat, 21 May 2022 13:29:56 +0200
Subject: [PATCH 2/2] Tolerate if packages/ already exists

---
 GNUmakefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index a7d078a1a8..b3d2228900 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -135,7 +135,7 @@ packages/%.elc: packages/%.el
 # $(extra_elcs):; rm $@
 
 packages:
-	mkdir $@
+	mkdir -p $@
 
 include $(PKG_DESCS_MK)
 $(PKG_DESCS_MK): elpa-packages packages
-- 
2.36.1


--=-=-=--