From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:8:6d80::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id SNR1Cd9HgGC0cwAAgWs5BA (envelope-from ) for ; Wed, 21 Apr 2021 17:42:23 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id IJIqBd9HgGCXQQAAB5/wlQ (envelope-from ) for ; Wed, 21 Apr 2021 15:42:23 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5BC001F467 for ; Wed, 21 Apr 2021 17:42:22 +0200 (CEST) Received: from localhost ([::1]:32838 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lZEzd-0007df-55 for larch@yhetil.org; Wed, 21 Apr 2021 11:42:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44206) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lZEzL-0007be-0B for bug-guix@gnu.org; Wed, 21 Apr 2021 11:42:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:47982) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lZEzK-0005zP-C0 for bug-guix@gnu.org; Wed, 21 Apr 2021 11:42:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lZEzK-0004zC-8n for bug-guix@gnu.org; Wed, 21 Apr 2021 11:42:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#46297: nix-service-configuration is missing the default /bin/sh Resent-From: pukkamustard Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 21 Apr 2021 15:42:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 46297 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: John Soo X-Debbugs-Original-Cc: go.wigust@gmail.com, bug-guix@gnu.org, 46297@debbugs.gnu.org Received: via spool by submit@debbugs.gnu.org id=B.161901971819157 (code B ref -1); Wed, 21 Apr 2021 15:42:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Apr 2021 15:41:58 +0000 Received: from localhost ([127.0.0.1]:59528 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lZEzG-0004yv-Hs for submit@debbugs.gnu.org; Wed, 21 Apr 2021 11:41:58 -0400 Received: from lists.gnu.org ([209.51.188.17]:34352) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lZEzF-0004yg-4Z for submit@debbugs.gnu.org; Wed, 21 Apr 2021 11:41:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44164) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lZEzE-0007aO-OD for bug-guix@gnu.org; Wed, 21 Apr 2021 11:41:56 -0400 Received: from mout02.posteo.de ([185.67.36.66]:36919) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lZEzA-0005qg-AK for bug-guix@gnu.org; Wed, 21 Apr 2021 11:41:56 -0400 Received: from submission (posteo.de [89.146.220.130]) by mout02.posteo.de (Postfix) with ESMTPS id 4C138240101 for ; Wed, 21 Apr 2021 17:41:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1619019706; bh=O7Sj2+WUuaQYEVI+fWh78CBeLNjYFazSBcNI7y1I4jw=; h=From:To:Cc:Subject:Date:From; b=Hulq+giNDUttnrXiYFqptetULhTrHW7J7IowWcepu/RvReBlYj8A0SR90dg2HGwU9 9HLFrEcNIJswMMojiXB1HEenaJ+s8XS0hFGIgh4a+wWJRpv5s47TOcMnoJk4uuxajW rPbNjLdMP0WwkCGEWpkCVy4F8wf12SJdOoCIvooxwZDCbQqzH7yjkcVObFQ9TadC9M EmOjmPSP9jxRTxiZadMNSSotpknsP8rN0f6qW9790SorCebBeOjAayjSlKiUbz6ox7 VWea+A3UNsNCmIOX7896h3S2Gu7VH6dZvk6jmN8Piz/Ji7pU5H5dq+VPKH6LEviHj9 7sQTnTbFBSdTw== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4FQPtJ4pwMz9rxN; Wed, 21 Apr 2021 17:41:44 +0200 (CEST) References: <5112f89b-ac41-45bd-931c-bd8a9bde4836@Johns-iPhone> <87im77pssd.fsf@asu.edu> From: pukkamustard Date: Wed, 21 Apr 2021 15:00:09 +0000 In-reply-to: <87im77pssd.fsf@asu.edu> Message-ID: <864kfzir0q.fsf@posteo.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Received-SPF: pass client-ip=185.67.36.66; envelope-from=pukkamustard@posteo.net; helo=mout02.posteo.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 46297@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1619019742; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=JRXy0Z/zN94GazR9uKL+Ongg2qe1ZbfqpDtwNHPI7HQ=; b=REeZtz9GJB9qBY5d9u53QoFF1WMn/GKYv/lnVp+VsXvoROAbRaHUpE0hE7Knk5lJRsxtvm asSw7HQuMIMG1ZGGz72hV11vDoXKLGmTdmGRoPEvXaifU4496P6RVVtYrYTmIRaoLEZksD qsiEkn4R/4i15A9FVvVRmWu8P6lwlR8k46Kt0QceDjJcAy3JSgtaQKiXS1/2PHM8FZbLZ/ gqWXf7WywuLMtGMDkYlSqIvVP0+rhJaDuGt/TMDd/nTkdYx0T8gxzwVZTSvOABxCYPOsgI HpQQ6lX5dWjt2qWIXF6uE935q9Yd56hlsmKKWhPtwTtjNcAz0n/qt6Caan9Xpg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1619019742; a=rsa-sha256; cv=none; b=NIyZVu5YpC+S/46fYLWGISl5By28LWTxshU4EUkZYfYAMaqU6dDpb+2i0N1kdrBcPPfXl9 vC4smSwPMA8mmRcijj3idQqHoohHLigk5UKnVHEx7UV3Hajfwc8GUwVvTqyf26ZpLJPUfJ 9SWwobuoDl/4w6RNT15ky/gqaQ/OFRTDkeKdFYq0rmIYCfiuQo9K+ewRD10lwzd/W05ocg NABqTjTixqryqgAAw5abV+ge61b6hEJXVeitdPp/LVaN5p74wBCWoyHCP89ZW94Ny5xuiJ TFqJD6K7RVc/RJJJpXdBvzneZYu9hydz/9/SCP9WexJSBITUQej1hzvFxbEq4g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=posteo.net header.s=2017 header.b=Hulq+giN; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -1.34 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=posteo.net header.s=2017 header.b=Hulq+giN; dmarc=fail reason="SPF not aligned (strict)" header.from=posteo.net (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: 5BC001F467 X-Spam-Score: -1.34 X-Migadu-Scanner: scn0.migadu.com X-TUID: OtIUVVPFTDz4 --=-=-= Content-Type: text/plain; format=flowed I ran into the same issue and agree with your conclusion that we may not need build-sandbox-paths. Attached a patch that removes the `build-sandbox-paths` option. This causes nix to use the default value which seems to work fine. --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-services-nix-Remove-build-sandbox-items-configuratio.patch >From 886410216c7b1fb6572e7cfdd83dcbd6836e78e4 Mon Sep 17 00:00:00 2001 From: pukkamustard Date: Wed, 21 Apr 2021 17:19:36 +0200 Subject: [PATCH] services: nix: Remove build-sandbox-items configuration. * gnu/services/nix.scm ()[build-sandbox-items]: Remove field. * doc/guix.texi (Miscellaneous Services)[Nix service]: Remove build-sandbox-items. --- doc/guix.texi | 4 ---- gnu/services/nix.scm | 30 ++++++++++-------------------- 2 files changed, 10 insertions(+), 24 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index b9019d5550..44e545952f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -31993,10 +31993,6 @@ The Nix package to use. @item @code{sandbox} (default: @code{#t}) Specifies whether builds are sandboxed by default. -@item @code{build-sandbox-items} (default: @code{'()}) -This is a list of strings or objects appended to the -@code{build-sandbox-items} field of the configuration file. - @item @code{extra-config} (default: @code{'()}) This is a list of strings or objects appended to the configuration file. It is used to pass extra text to be added verbatim to the configuration diff --git a/gnu/services/nix.scm b/gnu/services/nix.scm index 1aef47db0a..537555596c 100644 --- a/gnu/services/nix.scm +++ b/gnu/services/nix.scm @@ -53,8 +53,6 @@ (default nix)) (sandbox nix-configuration-sandbox ;boolean (default #t)) - (build-sandbox-items nix-configuration-build-sandbox-items ;list of strings - (default '())) (extra-config nix-configuration-extra-config ;list of strings (default '())) (extra-options nix-configuration-extra-options ;list of strings @@ -106,24 +104,16 @@ GID." (define nix-service-etc (match-lambda (($ package sandbox build-sandbox-items extra-config) - (let ((ref-file (references-file package))) - `(("nix/nix.conf" - ,(computed-file - "nix.conf" - #~(begin - (use-modules (srfi srfi-26) - (ice-9 format)) - (with-output-to-file #$output - (lambda _ - (define internal-sandbox-paths - (call-with-input-file #$ref-file read)) - - (format #t "sandbox = ~a~%" (if #$sandbox "true" "false")) - ;; config.nix captures store file names. - (format #t "build-sandbox-paths = ~{~a ~}~%" - (append internal-sandbox-paths - '#$build-sandbox-items)) - (for-each (cut display <>) '#$extra-config))))))))))) + `(("nix/nix.conf" + ,(computed-file + "nix.conf" + #~(begin + (use-modules (srfi srfi-26) + (ice-9 format)) + (with-output-to-file #$output + (lambda _ + (format #t "sandbox = ~a~%" (if #$sandbox "true" "false")) + (for-each (cut display <>) '#$extra-config)))))))))) (define nix-shepherd-service ;; Return a for Nix. -- 2.31.1 --=-=-= Content-Type: text/plain; format=flowed CC: Oleg Pykhalov who seems to have worked on this. Thanks, pukkamustard --=-=-=--