From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:bcc0::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id MNaRNdmcdWBruwAAgWs5BA (envelope-from ) for ; Tue, 13 Apr 2021 15:30:01 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id APlsMNmcdWC8MgAAB5/wlQ (envelope-from ) for ; Tue, 13 Apr 2021 13:30:01 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8DF181318B for ; Tue, 13 Apr 2021 15:30:00 +0200 (CEST) Received: from localhost ([::1]:49270 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lWJ79-00047Y-KO for larch@yhetil.org; Tue, 13 Apr 2021 09:29:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45540) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lWJ2O-0000R6-Nr for bug-guix@gnu.org; Tue, 13 Apr 2021 09:25:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:47772) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lWJ2M-000607-Id for bug-guix@gnu.org; Tue, 13 Apr 2021 09:25:04 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lWJ2M-0004BB-BQ for bug-guix@gnu.org; Tue, 13 Apr 2021 09:25:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#36508: GDM files have incorrect owner after temporarily removing service References: <20190705083620.lbzu7a33awbymh3d@cf0> In-Reply-To: <20190705083620.lbzu7a33awbymh3d@cf0> Resent-From: Brendan Tildesley Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 13 Apr 2021 13:25:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 36508 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: "36508@debbugs.gnu.org" <36508@debbugs.gnu.org> Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 36508-submit@debbugs.gnu.org id=B36508.161832029016039 (code B ref 36508); Tue, 13 Apr 2021 13:25:02 +0000 Received: (at 36508) by debbugs.gnu.org; 13 Apr 2021 13:24:50 +0000 Received: from localhost ([127.0.0.1]:59318 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lWJ29-0004Ad-Mh for submit@debbugs.gnu.org; Tue, 13 Apr 2021 09:24:50 -0400 Received: from mout-p-201.mailbox.org ([80.241.56.171]:18516) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lWJ28-0004AL-Nc for 36508@debbugs.gnu.org; Tue, 13 Apr 2021 09:24:49 -0400 Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4FKRCt4D9fzQjy8; Tue, 13 Apr 2021 15:24:42 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-type:content-type:mime-version:subject:subject :message-id:from:from:date:date:received; s=mail20150812; t= 1618320275; bh=vGJi47T/LMs4Dq1TDG334T1VqMJQEvuDHoTf9xbm4Es=; b=s z4AjoN2cm30nTVBOi9TKwlh7UxRyEVd1UKX/veUqXzwj1cFQtYbeLwsuvo4XdHde UJnJGol21mgnvWwcpot8vqGgMKo/TJ94AfyuNccDTWKG6sVlMer9gq/Z1XhAEJft QVE8VB5TpINxKb7qGdZ4TaB0pJPwZM3wYKB7QhSy1MWhaEYlzQUw7AkPpDS+GnGN et9+kZ1SldJ8FDvUHZ35VIOUIOLjf8M4Vjh+HLDiHKgFhYYH/KrjI/NRtOR+a6J3 X0NuHJBD/zx3CgPPi3n7Q+8ebuxk6wOEfOYwsxEAh4yPHTvTcsJ8ettgtO3DN41M ymNiIArhWaXeuwQ+BsXVA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org; s=mail20150812; t=1618320280; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type; bh=rLiK3gLIJ8/HiIhETWjvw3yfbb0+bZCdmxVmS1tNyss=; b=XeDjmT3S454yytMwJBFE0Odjzj134EtpptfxQZfGP6CLu612oqU36s2EiCqselO+7QOdY6 XP2uEG7naQQBP787VyBUOkj82uVoONLEiF9Y/Kgqx71bx7b5tOdvuYEo+P2MxC+b+OP9JE 5kSf/kflyaiqkMN2jWT5+U3GiKp15ChyzmuJ+pPE28AanxrwWuCMl5E46cFM/JVbTP76DN osyJPbMS2QNeUXPbxrz17vSrMN2Mb9ZYPdMhYDzT0syXy+0yt67wES8pDxuYilTiFYsGET 2euhZ4iAiXVUYB95PdtO8uxT3Csq7Jtp8Hh8B+xeFQtT4T7o9A+9f/iWngiGrA== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter04.heinlein-hosting.de (spamfilter04.heinlein-hosting.de [80.241.56.122]) (amavisd-new, port 10030) with ESMTP id yMGIi3yscDoP; Tue, 13 Apr 2021 15:24:35 +0200 (CEST) Date: Tue, 13 Apr 2021 15:24:35 +0200 (CEST) Message-ID: <1576552162.14721.1618320275616@office.mailbox.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_14719_1225470587.1618320275370" X-Priority: 3 Importance: Normal X-MBO-SPAM-Probability: * X-Rspamd-Score: 1.33 / 15.00 / 15.00 X-Rspamd-Queue-Id: 47E131811 X-Rspamd-UID: 84e62a X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" Reply-to: Brendan Tildesley From: Brendan Tildesley via Bug reports for GNU Guix X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1618320601; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=rLiK3gLIJ8/HiIhETWjvw3yfbb0+bZCdmxVmS1tNyss=; b=lYmAjko/Kde0bqLGOf3s24Q1nq0qMVYfObcm9KthS9uTNv01SdgNlKjjxTT+REzwmS7fyL RE/dqxXxhV/i0uIY691nkmprLliDOJqDjjc9lWCW5JCg0fy13XjRa+bnw6REdpLn9vY49K k/r2uIgWTQk7xg2PeiShvsGafZQQsfNP11XtOGEkZym9EM52wc6DdB+0trUCJzSxyEYNca g5wDsn1OU/bR2UFUdPzr4ST5S3xNuONhDKrW1oz33LAqWdyFw2vT52MVqwqM8p59vHNyRI 1yWG368BlwIpzBjI9IWNrP6SjJxkWvX4Q33avK7zLCGm4AWeBxccbkxIC6upYA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1618320601; a=rsa-sha256; cv=none; b=I3iw9ul69jErh/Y4UDLSYJbjj/yjtC5zxezWbfOgDYi0++TC56kjpnSy4wA0mAyw4Glqpa In8GYXXHruqqhzdy5b82CeP2Z9OA08TuiHPyUjwvzo5FkA/mq+k1sXcNrzrJZCOn5RR9m4 0f1V0KBQDw0Vby2hVx9lYRqIxLaRW/cDh0IykDocRAGngy3NHgkCfVJB3saOhlkuOEEBcF p3/XOpx+nD/lXLRXHjPyJ2PTK8m2LRdjT3Lm/TLta+xeqzbOrZwSJXFMQIMRewVUQdtPz8 EgF67wyVRR5mdyhX1mjlM9sPcm2nb3zwoE18vJZBS76aEguWXCEOXHOgp0N2Lw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=mailbox.org header.s=mail20150812 header.b="s z4AjoN"; dkim=fail ("headers rsa verify failed") header.d=mailbox.org header.s=mail20150812 header.b=XeDjmT3S; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -1.84 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=mailbox.org header.s=mail20150812 header.b="s z4AjoN"; dkim=fail ("headers rsa verify failed") header.d=mailbox.org header.s=mail20150812 header.b=XeDjmT3S; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: 8DF181318B X-Spam-Score: -1.84 X-Migadu-Scanner: scn0.migadu.com X-TUID: Hf7ThYY+V0// ------=_Part_14719_1225470587.1618320275370 Content-Type: multipart/alternative; boundary="----=_Part_14720_877439344.1618320275371" ------=_Part_14720_877439344.1618320275371 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I recently encountered what is likely the same bug. The directory /var/lib/gdm had the correct permissions gdm:gdm, but all the files inside had something like 973:gdm a43e9157ef479e94c19951cc9d228cf153bf78ee is supposed to fix this (duplicate bug 37423) but it only checks the permissions of /var/lib/gdm/ itself. Not all of the files in it. This explains why in my case it failed to fix the permissions, because the directory was gdm:gdm. How it got that way I don't know, and infact it doesn't really matter. The directory is mutable, and thus can theoretically be changed for any number of reasons. Therefore if we wish for Guix to be robust with it's Functional design, and have meaningful rollbacks, we perhaps have no choice but to assert the required invariants like these on mutable files. A better solution may be to make it fully chown -R on reconfigure, but not each time on boot? I've attached an untested patch with a suggested solution of making %gdm-activation operate every single time, instead of just after checking /var/lib/gdm. ------=_Part_14720_877439344.1618320275371 MIME-Version: 1.0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit
I recently encountered what is likely the same bug. The directory /var/lib/gdm
had the correct permissions gdm:gdm, but all the files inside had something like
973:gdm

a43e9157ef479e94c19951cc9d228cf153bf78ee is supposed to fix this (duplicate bug
37423) but it only checks the permissions of /var/lib/gdm/ itself. Not all of
the files in it. This explains why in my case it failed to fix the permissions,
because the directory was gdm:gdm. How it got that way I don't know, and infact
it doesn't really matter. The directory is mutable, and thus can theoretically be
changed for any number of reasons. Therefore if we wish for Guix to be robust
with it's Functional design, and have meaningful rollbacks, we perhaps have no
choice but to assert the required invariants like these on mutable files.

A better solution may be to make it fully chown -R on reconfigure, but not each time
on boot?

I've attached an untested patch with a suggested solution of making
%gdm-activation operate every single time, instead of just after checking
/var/lib/gdm.


------=_Part_14720_877439344.1618320275371-- ------=_Part_14719_1225470587.1618320275370 Content-Type: text/x-patch; charset=ISO-8859-1; name=0001-services-gdm-Correctly-set-ownership-on-var-lib-gdm.patch Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=0001-services-gdm-Correctly-set-ownership-on-var-lib-gdm.patch X-Part-Id: c69ffe53ac4e4a34a93d63e62b794a98 RnJvbSAzMWNiNmRiZDc1NmFmNjk1YmQ2YTFmNGQ0Yzg5YjQyMzY3YjEzMzA3IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBCcmVuZGFuIFRpbGRlc2xleSA8bWFpbEBicmVuZGFuLnNjb3Q+ CkRhdGU6IFR1ZSwgMTMgQXByIDIwMjEgMjM6MDQ6MjggKzEwMDAKU3ViamVjdDogW1BBVENIXSBz ZXJ2aWNlczogZ2RtOiBDb3JyZWN0bHkgc2V0IG93bmVyc2hpcCBvbiAvdmFyL2xpYi9nZG0uCgoq IGdudS9zZXJ2aWNlcy94b3JnLnNjbSAoJWdkbS1hY3RpdmF0aW9uKTogQWx3YXlzIGNob3duIC92 YXIvbGliL2dkbSwKaW5zdGVhZCBvZiBvbmx5IHdoZW4gaXQgYXBwZWFycyB0byBiZSBjb3JyZWN0 LCBiZWNhdXNlIGl0J3Mgc3RpbGwKcG9zc2libGUgdGhlIGZpbGVzIGluc2lkZSBjb3VsZCBiZSB3 cm9uZyBhbmQgYnJlYWsgR0RNLiBJIGVuY291bnRlcmVkCnRoaXMgb25jZTogaHR0cHM6Ly9pc3N1 ZXMuZ3VpeC5nbnUub3JnLzM2NTA4IC4KClBlcmhhcHMgaXQgaXMgd2l0aCBnb29kIGludGVudGlv bnMgdG8gdHJ5IG5vdCBydW5uaW5nIHRoaXMgY29kZSBldmVyeQpzaW5nbGUgdGltZSBvbiBib290 LCBidXQgd2hlbiBpdCBmYWlscywgdGhlIGNvbnNlcXVlbmNlIGlzIHRoYXQgR0RNIGNhbgpicmVh ayBub3QganVzdCBmb3IgdGhlIGN1cnJlbnQgcmV2aXNpb24sIGJ1dCBhbGwgcHJldmlvdXMgcm9s bGJhY2sKc3lzdGVtcyBpbiBHUlVCIHdpbGwgZmFpbCwgYW5kIHN1YnNlcXVlbnQgcmVjb25maWd1 cmUtaW5ncyBmYWlsCnRvby4gVGhhdCB0b3RhbGx5IGRlc3Ryb3lzIGEgZGVza3RvcCBzeXN0ZW0g YW5kIG91ciByb2xsYmFjawpmdW5jdGlvbmFsbHksIHdoaWNoIGlzIG11Y2ggbXVjaCB3b3JzZSEK LS0tCiBnbnUvc2VydmljZXMveG9yZy5zY20gfCAxNSArKysrKy0tLS0tLS0tLS0KIDEgZmlsZSBj aGFuZ2VkLCA1IGluc2VydGlvbnMoKyksIDEwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL2du dS9zZXJ2aWNlcy94b3JnLnNjbSBiL2dudS9zZXJ2aWNlcy94b3JnLnNjbQppbmRleCAxN2Q5ODNm ZjhkLi5hMjA2YzdjOTNhIDEwMDY0NAotLS0gYS9nbnUvc2VydmljZXMveG9yZy5zY20KKysrIGIv Z251L3NlcnZpY2VzL3hvcmcuc2NtCkBAIC04NjEsMTYgKzg2MSwxMSBAQCB0aGUgR05PTUUgZGVz a3RvcCBlbnZpcm9ubWVudC4iKQogCiAgICAgICAgIChsZXQqICgoZ2RtIChnZXRwd25hbSAiZ2Rt IikpCiAgICAgICAgICAgICAgICAodWlkIChwYXNzd2Q6dWlkIGdkbSkpCi0gICAgICAgICAgICAg ICAoZ2lkIChwYXNzd2Q6Z2lkIGdkbSkpCi0gICAgICAgICAgICAgICAoc3QgIChzdGF0ICIvdmFy L2xpYi9nZG0iICNmKSkpCi0gICAgICAgICAgOzsgUmVjdXJzZSBpbnRvIC92YXIvbGliL2dkbSBv bmx5IGlmIGl0IGhhcyB3cm9uZyBvd25lcnNoaXAuCi0gICAgICAgICAgKHdoZW4gKGFuZCBzdAot ICAgICAgICAgICAgICAgICAgICAgKG9yIChub3QgKD0gdWlkIChzdGF0OnVpZCBzdCkpKQotICAg ICAgICAgICAgICAgICAgICAgICAgIChub3QgKD0gZ2lkIChzdGF0OmdpZCBzdCkpKSkpCi0gICAg ICAgICAgICAoZm9yLWVhY2ggKGxhbWJkYSAoZmlsZSkKLSAgICAgICAgICAgICAgICAgICAgICAg IChjaG93biBmaWxlIHVpZCBnaWQpKQotICAgICAgICAgICAgICAgICAgICAgIChmaW5kLWZpbGVz ICIvdmFyL2xpYi9nZG0iCi0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIzpkaXJl Y3Rvcmllcz8gI3QpKSkpKSkpCisgICAgICAgICAgICAgICAoZ2lkIChwYXNzd2Q6Z2lkIGdkbSkp KQorICAgICAgICAgIChmb3ItZWFjaCAobGFtYmRhIChmaWxlKQorICAgICAgICAgICAgICAgICAg ICAgIChjaG93biBmaWxlIHVpZCBnaWQpKQorICAgICAgICAgICAgICAgICAgICAoZmluZC1maWxl cyAiL3Zhci9saWIvZ2RtIgorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAjOmRpcmVj dG9yaWVzPyAjdCkpKSkpKQogCiAoZGVmaW5lIGRidXMtZGFlbW9uLXdyYXBwZXIKICAgKHByb2dy YW0tZmlsZQotLSAKMi4zMS4xCgo= ------=_Part_14719_1225470587.1618320275370--