GNU Shepherd 0.9.2 released

["Ludovic Courtès" <ludo@gnu.org>]

[-- Attachment #1: Type: text/plain, Size: 3773 bytes --]

We are pleased to announce the GNU Shepherd version 0.9.2.  This is a
bug-fix release, representing 27 commits by 2 people over 4 months.


• About

  The GNU Daemon Shepherd or GNU Shepherd is a service manager written
  in Guile that looks after the herd of system services.  It provides
  dependency-based management for system services: daemons such as
  ‘sshd’, programs such as Xorg, as well as user-provided actions.  The
  GNU Shepherd may also be used by unprivileged users to manage per-user
  daemons—e.g., tor, privoxy, mcron, etc.  It is written in Guile
  Scheme, and is configured and extended using Guile.

  The GNU Shepherd is developed jointly with the GNU Guix project; it is
  used as the init system of Guix, GNU’s advanced GNU/Linux distribution.

  https://www.gnu.org/software/shepherd/


• Download

  Here are the compressed sources and a GPG detached signature[*]:
    https://ftp.gnu.org/gnu/shepherd/shepherd-0.9.2.tar.gz
    https://ftp.gnu.org/gnu/shepherd/shepherd-0.9.2.tar.gz.sig

  Use a mirror for higher download bandwidth:
    https://ftpmirror.gnu.org/shepherd/shepherd-0.9.2.tar.gz
    https://ftpmirror.gnu.org/shepherd/shepherd-0.9.2.tar.gz.sig

  Here are the SHA1 and SHA256 checksums:

  b8861f58596f0938375d1a13ab4142f6dca50340  shepherd-0.9.2.tar.gz
  e192bbaac3d38e3a1fcb5624c0a925758abfd0b43bac4c88b6770df8fcf08b55  shepherd-0.9.2.tar.gz

  [*] Use a .sig file to verify that the corresponding file (without the
  .sig suffix) is intact.  First, be sure to download both the .sig file
  and the corresponding tarball.  Then, run a command like this:

    gpg --verify shepherd-0.9.2.tar.gz.sig

  If that command fails because you don't have the required public key,
  then run this command to import it:

    gpg --keyserver keys.openpgp.org \
        --recv-keys 3CE464558A84FDC69DB40CFB090B11993D9AEBB5

  and rerun the 'gpg --verify' command.

  This release was bootstrapped with the following tools:
    Autoconf 2.71
    Automake 1.16.5
    Makeinfo 6.7
    Help2man 1.48.5


• Changes since version 0.9.1 (excerpt from the NEWS file)

  ** File descriptors used internally are now all marked as close-on-exec

  Previously, services started indirectly with ‘exec-command’ (which is usually
  the case) would not inherit any file descriptor from shepherd because
  ‘exec-command’ would explicitly close all of them.  However, services started
  with ‘make-system-constructor’ and processes created by some other means, such
  as calling ‘system*’, would inherit some of those descriptors, giving them
  more authority than intended.

  The change here consists in marking all internally-used file descriptors as
  “close-on-exec” (O_CLOEXEC), a feature that’s been available on GNU/Linux and
  GNU/Hurd for years but that so far wasn’t used consistently in shepherd.  This
  is now fixed.  As a side-effect, the file-descriptor-closing loop in
  ‘exec-command’ is now gone.

  ** Client connections with ‘herd’ are non-blocking

  Previously, a misbehaving client could send an incomplete command
  (s-expression), causing shepherd to hang while waiting for completion.  (Note
  that said client is required to run with the same UID as shepherd, so this was
  not a security issue.)

  ** Directory of log file is created if it doesn’t exist

  When a service constructor is passed ‘#:log-file "/var/log/foo/bar.log"’,
  shepherd now created /var/log/foo if it doesn’t exist; previously it would
  fail gracelessly.


Please report bugs to bug-guix@gnu.org.
Join guix-devel@gnu.org for discussions.

Ludovic, on behalf of the Shepherd herd.

[[End of PGP Signed Part]]

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 853 bytes --]